78 lines
2.6 KiB
PHP
78 lines
2.6 KiB
PHP
<?php
|
|
session_start();
|
|
if (!isset($_SESSION['user_id'])) {
|
|
http_response_code(403);
|
|
echo json_encode(['success' => false, 'message' => 'No autorizado']);
|
|
exit;
|
|
}
|
|
|
|
$user_role = $_SESSION['user_role'] ?? '';
|
|
if ($user_role !== 'Administrador' && $user_role !== 'admin') {
|
|
http_response_code(403);
|
|
echo json_encode(['success' => false, 'message' => 'No autorizado']);
|
|
exit;
|
|
}
|
|
|
|
require_once 'db/config.php';
|
|
|
|
$data = json_decode(file_get_contents('php://input'), true);
|
|
|
|
if (!$data) {
|
|
http_response_code(400);
|
|
echo json_encode(['success' => false, 'message' => 'No se recibieron datos']);
|
|
exit;
|
|
}
|
|
|
|
$action = $data['action'] ?? '';
|
|
$pdo = db();
|
|
|
|
try {
|
|
if ($action === 'create') {
|
|
$stmt = $pdo->prepare("INSERT INTO operaciones_provincia (cliente) VALUES ('')");
|
|
$stmt->execute();
|
|
echo json_encode(['success' => true, 'id' => $pdo->lastInsertId()]);
|
|
} elseif ($action === 'update') {
|
|
$id = $data['id'];
|
|
$column = $data['column'];
|
|
$value = $data['value'];
|
|
|
|
$allowed_columns = [
|
|
'cliente', 'celular', 'producto', 'monto_total',
|
|
'monto_debe', 'nro_operacion', 'banco', 'fecha_completado', 'asesor'
|
|
];
|
|
|
|
if (!in_array($column, $allowed_columns)) {
|
|
throw new Exception("Columna no permitida");
|
|
}
|
|
|
|
// Convert date format if column is fecha_completado
|
|
if ($column === 'fecha_completado' && !empty($value)) {
|
|
// Try to parse d/m/Y H:i:s
|
|
$d = DateTime::createFromFormat('d/m/Y H:i:s', $value);
|
|
if ($d && $d->format('d/m/Y H:i:s') === $value) {
|
|
$value = $d->format('Y-m-d H:i:s');
|
|
} else {
|
|
// Try d/m/Y
|
|
$d = DateTime::createFromFormat('d/m/Y', $value);
|
|
if ($d && $d->format('d/m/Y') === $value) {
|
|
$value = $d->format('Y-m-d 00:00:00');
|
|
}
|
|
}
|
|
}
|
|
|
|
$stmt = $pdo->prepare("UPDATE operaciones_provincia SET $column = :value WHERE id = :id");
|
|
$stmt->execute(['value' => $value, 'id' => $id]);
|
|
echo json_encode(['success' => true]);
|
|
} elseif ($action === 'delete') {
|
|
$id = $data['id'];
|
|
$stmt = $pdo->prepare("DELETE FROM operaciones_provincia WHERE id = :id");
|
|
$stmt->execute(['id' => $id]);
|
|
echo json_encode(['success' => true]);
|
|
} else {
|
|
throw new Exception("Acción no válida");
|
|
}
|
|
} catch (Exception $e) {
|
|
http_response_code(500);
|
|
echo json_encode(['success' => false, 'message' => $e->getMessage()]);
|
|
}
|
|
?>
|