gary_wms/wms/contract/api/postContractNewApplyData.php

<?php

use function Symfony\Component\String\s;

require_once("../conn.php");
include_once("./upload_chk.php");
ini_set('date.timezone', 'Asia/Taipei');
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
    exit();
}
//暫存、送審
if (isset($_POST['vol_no']) && !empty($_POST['vol_no']) && ($_POST['status'] == 0 || $_POST['status'] == 1) && $_POST['progress'] <= 1) {
    if ($_POST['regulations'] < 10) {
        header("HTTP/1.1 500 傳送失敗!!試車時間不得低於10天");
        exit;
    }
    $mid = $_POST['mid'];
    $vol_no = $_POST['vol_no'];
    $salesman = $_POST['salesman'];
    $salesmanname = $_POST['salesmanname'];
    $apply_date = $_POST['apply_date'];
    $apply_type = $_POST['apply_type'];
    $case_name = $_POST['case_name'];
    $customer = $_POST['company'];
    $manager = $_POST['manager'];
    $vat = $_POST['vat'];
    $total_price = $_POST['total_price'];
    $total_items = $_POST['total_items'];
    $buy_fee = $_POST['price_a'];
    $install_fee = $_POST['price_b'];
    $contact_address = $_POST['address'];
    $workdeadline_a = $_POST['workdeadline_a'];
    $workdeadline_b = $_POST['workdeadline_b'];
    $workdeadline_note = $_POST['workdeadline_note'];
    $test_time = $_POST['regulations'];
    $freedeadline = $_POST['freedeadline'];
    $trade_address = $_POST['tradeaddress'];
    $tradedeadline = $_POST['tradedeadline'];
    $secondPayDeadline = $_POST['secondPayDeadline'];
    $pays = $_POST['pays'];
    $description = $_POST['description'];
    $status = $_POST['status']; // 0:暫存 1:送審 2:退回 3:完成
    $pays = json_decode($pays, true);

    $files = !empty($_FILES['files']) ? $_FILES['files'] : null;


    $submit_date = ($status == 1) ? date("Y-m-d H:i:s") : null;

    $progress = 0;
    $status = $_POST['status'];
    $created_at = date('Y-m-d H:i:s');
    $updated_at = date('Y-m-d H:i:s');
    $created_by = $_POST['user_id'];
    $updated_by = $_POST['user_id'];
    $isFirst = $_POST['isFirst'];
    $conn->beginTransaction();
    try {
        if ($isFirst == 1) {
            $sql_str = "INSERT INTO contract_new_apply (mid,  contractno, sales_man, apply_date, apply_type, case_name, customer, manager, vat, total_price, total_items, buy_fee, install_fee, contact_address, workdeadline_a, workdeadline_b, test_time, freedeadline, trade_address, tradedeadline, secondPayDeadline, progress, status, person, personname, submit_date, created_at, created_by, description) VALUES (:mid, :contractno, :sales_man, :apply_date, :apply_type, :case_name, :customer, :manager, :vat, :total_price, :total_items, :buy_fee, :install_fee, :contact_address, :workdeadline_a, :workdeadline_b, :test_time, :freedeadline, :trade_address, :tradedeadline, :secondPayDeadline, :progress, :status, :person, :personname, :submit_date, :created_at, :created_by, :description)";
            $stmt = $conn->prepare($sql_str);
            $stmt->bindParam(':mid', $mid);
            $stmt->bindParam(':contractno', $vol_no);
            $stmt->bindParam(':sales_man', $salesman);
            $stmt->bindParam(':apply_date', $apply_date);
            $stmt->bindParam(':apply_type', $apply_type);
            $stmt->bindParam(':case_name', $case_name);
            $stmt->bindParam(':customer', $customer);
            $stmt->bindParam(':manager', $manager);
            $stmt->bindParam(':vat', $vat);
            $stmt->bindParam(':total_price', $total_price);
            $stmt->bindParam(':total_items', $total_items);
            $stmt->bindParam(':buy_fee', $buy_fee);
            $stmt->bindParam(':install_fee', $install_fee);
            $stmt->bindParam(':contact_address', $contact_address);
            $stmt->bindParam(':workdeadline_a', $workdeadline_a);
            $stmt->bindParam(':workdeadline_b', $workdeadline_b);
            $stmt->bindParam(':test_time', $test_time);
            $stmt->bindParam(':freedeadline', $freedeadline);
            $stmt->bindParam(':trade_address', $trade_address);
            $stmt->bindParam(':tradedeadline', $tradedeadline);
            $stmt->bindParam(':secondPayDeadline', $secondPayDeadline);
            $stmt->bindParam(':progress', $progress);
            $stmt->bindParam(':status', $status);
            $stmt->bindParam(':person', $salesman);
            $stmt->bindParam(':personname', $salesmanname);
            $stmt->bindParam(':submit_date', $submit_date);
            $stmt->bindParam(':created_at', $created_at);
            $stmt->bindParam(':created_by', $created_by);
            $stmt->bindParam(':description', $description);
            $stmt->execute();
            $contract_apply_id = $conn->lastInsertId();
            foreach ($pays as $idx => $pay) {
                $kind = $idx;
                $sql_str = "INSERT INTO contract_new_apply_pays (contract_apply_id, mid, pay_kind, pay_scale, pay_amount, pay_period, condition_date, created_at, created_by) VALUES (:contract_apply_id, :mid, :pay_kind, :pay_scale, :pay_amount, :pay_period, :condition_date, :created_at, :created_by)";
                $stmt = $conn->prepare($sql_str);
                $stmt->bindParam(':contract_apply_id', $contract_apply_id);
                $stmt->bindParam(':mid', $mid);
                $stmt->bindParam(':pay_kind', $kind);
                $stmt->bindParam(':pay_scale', $pay['scale']);
                $stmt->bindParam(':pay_amount', $pay['amount']);
                $stmt->bindParam(':pay_period', $pay['pay_period']);
                $stmt->bindParam(':condition_date', $pay['condition_date']);
                $stmt->bindParam(':created_at', $created_at);
                $stmt->bindParam(':created_by', $created_by);
                $stmt->execute();
            }
            // -----處理檔案上傳 START-----
            if (!empty($files)) {
                $englisharr = range('a', 'z');
                $files = $_FILES['files'];
                $newfiles = [];
                foreach ($files as $file) {
                    $i = 0;  //新陣列的索引編號
                    foreach ($file as $key => $val) {
                        $newfiles[$i]['name']     = $files['name'][$key];
                        $newfiles[$i]['type']     = $files['type'][$key];
                        $newfiles[$i]['tmp_name'] = $files['tmp_name'][$key];
                        $newfiles[$i]['error']    = $files['error'][$key];
                        $newfiles[$i]['size']     = $files['size'][$key];
                        $i++;
                    } //foreach 第2層 end
                }
                $max_size  = 4096 * 4096;                     //設定允許上傳檔案容量的最大值(1M)
                $allow_ext = array('jpeg', 'jpg', 'png', 'JPG', 'JPEG', 'PNG', 'GIF', 'docx', 'doc', 'pdf');   //設定允許上傳檔案的類型
                $path      = '../images/contracts_new_files/';
                if (!file_exists($path)) : mkdir($path);
                endif;
                $msg_result = '';  //負責接收所有檔案檢測後的回傳訊息
                $datetime = (string)date('YmdHis');
                $files_id = 'm' . $datetime; // 保養=>b + 日期時間
                foreach ($newfiles as $key => $file) {
                    $randNum = rand(1000, 9999);
                    $randEnglish = $englisharr[rand(0, 25)];
                    $file_name = 'm' . (string)date('YmdHis') . $randNum . $randEnglish . $randNum . $file['name'];
                    $msg = upload_chk($file, $path, $max_size, $allow_ext,  $file_name);
                    if ($msg == 1) {
                        $msg = '檔案傳送成功！';
                        $sql_str = "INSERT INTO contract_apply_files (contract_id, contract_type, file_name, file_mime, file_size, created_at, created_by) VALUES (:contract_id, :contract_type, :file_name, :file_mime, :file_size, :created_at, :created_by)";
                        $stmt = $conn->prepare($sql_str);
                        $stmt->bindParam(':contract_id', $contract_apply_id);
                        $stmt->bindParam(':contract_type', $contract_type);
                        $stmt->bindParam(':file_name', $file_name);
                        $stmt->bindParam(':file_mime', $file['type']);
                        $stmt->bindParam(':file_size', $file['size']);
                        $stmt->bindParam(':created_at', $created_at);
                        $stmt->bindParam(':created_by', $created_by);
                        $stmt->execute();
                    } else {
                        throw new PDOException('檔案上傳失敗:' . $msg);
                    }
                    $msg_result .= '第' . ($key + 1) . '個上傳檔案的結果：' . $msg . '<br/>';
                    $src_name = $path . $file['name'];
                    if (file_exists($src_name)) {
                        //副檔名
                        $extname  = pathinfo($src_name, PATHINFO_EXTENSION);
                        //主檔名
                        $basename = basename($src_name, '.' . $extname);
                    }
                }
            }
            // -----處理檔案上傳 END-----
            header("HTTP/1.1 201 success!");
            $conn->commit();
        } else {
            $sql_str = "UPDATE contract_new_apply SET status = :status, apply_date=:apply_date, apply_type=:apply_type, case_name=:case_name, customer=:customer, manager=:manager, vat=:vat, total_price=:total_price, total_items=:total_items, buy_fee=:buy_fee, install_fee=:install_fee, contact_address=:contact_address, trade_address=:trade_address, workdeadline_a=:workdeadline_a, workdeadline_b=:workdeadline_b, workdeadline_note=:workdeadline_note, test_time=:test_time, freedeadline=:freedeadline, trade_address=:trade_address, trade_address=:trade_address, tradedeadline=:tradedeadline, secondPayDeadline=:secondPayDeadline, progress=:progress, person=:person, personname=:personname, submit_date=:submit_date, updated_at=:updated_at, updated_by=:updated_by, description=:description  WHERE mid = :mid";
            $stmt = $conn->prepare($sql_str);
            $stmt->bindParam(':mid', $mid);
            $stmt->bindParam(':status', $status);
            $stmt->bindParam(':apply_date', $apply_date);
            $stmt->bindParam(':apply_type', $apply_type);
            $stmt->bindParam(':case_name', $case_name);
            $stmt->bindParam(':customer', $customer);
            $stmt->bindParam(':manager', $manager);
            $stmt->bindParam(':vat', $vat);
            $stmt->bindParam(':total_price', $total_price);
            $stmt->bindParam(':total_items', $total_items);
            $stmt->bindParam(':buy_fee', $buy_fee);
            $stmt->bindParam(':install_fee', $install_fee);
            $stmt->bindParam(':contact_address', $contact_address);
            $stmt->bindParam(':workdeadline_a', $workdeadline_a);
            $stmt->bindParam(':workdeadline_b', $workdeadline_b);
            $stmt->bindParam(':workdeadline_note', $workdeadline_note);
            $stmt->bindParam(':test_time', $test_time);
            $stmt->bindParam(':freedeadline', $freedeadline);
            $stmt->bindParam(':trade_address', $trade_address);
            $stmt->bindParam(':tradedeadline', $tradedeadline);
            $stmt->bindParam(':secondPayDeadline', $secondPayDeadline);
            $stmt->bindParam(':progress', $progress);
            $stmt->bindParam(':person', $salesman);
            $stmt->bindParam(':personname', $salesmanname);
            $stmt->bindParam(':submit_date', $submit_date);
            $stmt->bindParam(':updated_at', $updated_at);
            $stmt->bindParam(':updated_by', $updated_by);
            $stmt->bindParam(':description', $description);
            $stmt->execute();

            foreach ($pays as $idx => $pay) {
                $kind = $idx;
                $sql_str = "UPDATE contract_new_apply_pays SET pay_scale = :pay_scale, pay_amount = :pay_amount, pay_period = :pay_period, condition_date = :condition_date, updated_at = :updated_at, updated_by = :updated_by  WHERE mid = :mid AND pay_kind = :pay_kind";
                $stmt = $conn->prepare($sql_str);
                $stmt->bindParam(':mid', $mid);
                $stmt->bindParam(':pay_kind', $kind);
                $stmt->bindParam(':pay_scale', $pay['scale']);
                $stmt->bindParam(':pay_amount', $pay['amount']);
                $stmt->bindParam(':pay_period', $pay['pay_period']);
                $stmt->bindParam(':condition_date', $pay['condition_date']);
                $stmt->bindParam(':updated_at', $updated_at);
                $stmt->bindParam(':updated_by', $updated_by);
                $stmt->execute();
            }
            $deleted_at = date("Y-m-d H:i:s");
            $removefiles = isset($_POST['removefiles']) ? json_decode($_POST['removefiles'], true) : [];
            print_r($removefiles);
            if(count($removefiles) > 0){
                foreach($removefiles as $file){
                    $sql_str = "UPDATE contract_apply_files SET deleted_at = :deleted_at WHERE id = :fileid";
                    $stmt = $conn -> prepare($sql_str);
                    $stmt ->bindParam(':deleted_at', $deleted_at);
                    $stmt ->bindParam(':fileid', $file);
                    $stmt ->execute();
                }
            }
            header("HTTP/1.1 201 success!");
            $conn->commit();
        }
    } catch (PDOException $e) {
        $conn->rollback();
        header("HTTP/1.1 500 failed!");
        echo $e->getMessage();
        die('Error!:' . $e->getMessage());
    }
}
//業務部承辦人同意
if (isset($_POST['vol_no']) && !empty($_POST['vol_no']) && ($_POST['status'] == 1) && $_POST['progress'] == 2) {
    $status = $_POST['status'];
    $vol_no = $_POST['vol_no'];
    $contract_new_apply_id = $_POST['contract_new_apply_id'];
    $progress = $_POST['progress'];
    $review_comment = $_POST['review_comment'];
    $user_id = $_POST['review_person_id'];
    $review_date = date('Y-m-d H:i:s');
    $conn->beginTransaction();
    try {
        $sql_str = "UPDATE contract_new_apply SET status = :status, progress = :progress, review_comment=:review_comment, review_person_id=:review_person_id, review_date=:review_date WHERE id = :contract_new_apply_id";
        $stmt = $conn->prepare($sql_str);
        $stmt->bindParam(':status', $status);
        $stmt->bindParam(':progress', $progress);
        $stmt->bindParam(':contract_new_apply_id', $contract_new_apply_id);
        $stmt->bindParam(':review_comment', $review_comment);
        $stmt->bindParam(':review_person_id', $user_id);
        $stmt->bindParam(':review_date', $review_date);
        $stmt->execute();
        header("HTTP/1.1 200 success!");
        $conn->commit();
    } catch (PDOException $e) {
        $conn->rollback();
        header("HTTP/1.1 500 failed!");
        echo $e->getMessage();
        die('Error!:' . $e->getMessage());
    }
}
//結案同意
if (isset($_POST['vol_no']) && !empty($_POST['vol_no']) && ($_POST['status'] == 3)) {
    $status = $_POST['status'];
    $vol_no = $_POST['vol_no'];
    $contract_new_apply_id = $_POST['contract_new_apply_id'];
    $progress = $_POST['progress'];
    $review_comment = $_POST['review_comment'];
    $user_id = $_POST['review_person_id'];
    $review_date = date('Y-m-d H:i:s');
    $conn->beginTransaction();
    try {
        $sql_str = "UPDATE contract_new_apply SET status = :status, progress = :progress, review_final_comment=:review_comment, review_final_person_id=:review_person_id, review_final_date=:review_date WHERE id = :contract_new_apply_id";
        $stmt = $conn->prepare($sql_str);
        $stmt->bindParam(':status', $status);
        $stmt->bindParam(':progress', $progress);
        $stmt->bindParam(':contract_new_apply_id', $contract_new_apply_id);
        $stmt->bindParam(':review_comment', $review_comment);
        $stmt->bindParam(':review_person_id', $user_id);
        $stmt->bindParam(':review_date', $review_date);
        $stmt->execute();
        header("HTTP/1.1 200 success!");
        $conn->commit();
    } catch (PDOException $e) {
        $conn->rollback();
        header("HTTP/1.1 500 failed!");
        echo $e->getMessage();
        die('Error!:' . $e->getMessage());
    }
}
//結案不同意(退回)
if (isset($_POST['vol_no']) && !empty($_POST['vol_no']) && ($_POST['status'] == 2)) {
    $status = $_POST['status'];
    $vol_no = $_POST['vol_no'];
    $contract_new_apply_id = $_POST['contract_new_apply_id'];
    $progress = $_POST['progress'];
    $review_comment = $_POST['review_comment'];
    $user_id = $_POST['review_person_id'];
    echo $user_id;
    $review_date = date('Y-m-d H:i:s');
    $conn->beginTransaction();
    try {
        $sql_str = "UPDATE contract_new_apply SET status = :status, progress = :progress, review_comment=:review_comment, review_person_id=:review_person_id, review_date=:review_date WHERE id = :contract_new_apply_id";
        $stmt = $conn->prepare($sql_str);
        $stmt->bindParam(':status', $status);
        $stmt->bindParam(':progress', $progress);
        $stmt->bindParam(':contract_new_apply_id', $contract_new_apply_id);
        $stmt->bindParam(':review_comment', $review_comment);
        $stmt->bindParam(':review_person_id', $user_id);
        $stmt->bindParam(':review_date', $review_date);
        $stmt->execute();
        header("HTTP/1.1 200 success!");
        $conn->commit();
    } catch (PDOException $e) {
        $conn->rollback();
        header("HTTP/1.1 500 failed!");
        echo $e->getMessage();
        die('Error!:' . $e->getMessage());
    }
}