admin/36573-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
36573-vm/submit_application.php
Flatlogic Bot ab34361c28 Fix bugs related to submitting a new application
2025-12-04 04:55:23 +00:00

250 lines
12 KiB
PHP
Raw Blame History

<?php
session_start();
require_once __DIR__ . '/db/config.php';
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
http_response_code(405);
exit('Method Not Allowed');
}
if (!isset($_SESSION['user'])) {
http_response_code(403);
exit('Unauthorized');
}
$pdo = db();
try {
// Get the role ID for the first approval level
$stmt_role = $pdo->prepare("SELECT id FROM roles WHERE name = 'Approver Level 1'");
$stmt_role->execute();
$approver_role = $stmt_role->fetch(PDO::FETCH_ASSOC);
$approver_role_id = $approver_role ? $approver_role['id'] : null;
$pdo->beginTransaction();
// 1. Insert into customer_applications
$application_id = 'APP-' . strtoupper(uniqid());
$created_by = $_SESSION['user']['username'] ?? 'system';
$stmt = $pdo->prepare(
'INSERT INTO customer_applications (user_id, company_name, company_website, company_phone, sales_owner, payment_terms, tags, notes, declaration_text, signature_path, major_product, capital, capital_currency, main_shareholders, num_employees, payment_terms_ar, pl_year, net_sales, net_income_margin, net_income_margin_ratio, sales_target_this_year, sales_target_next_year, sales_target_after_next, credit_rank, credit_limit, credit_research_status, credit_research_reason, tax_rate_area, billing_type, del_to_code, delivery_abbreviation, del_to_customer_name, del_to_address_1, del_to_address_2, del_to_address_3, del_to_address_4, del_to_postcode, del_to_phone, del_to_area_code, del_to_transportation_code, del_to_stock_point_code, del_to_recipient_section, del_to_country_code, del_to_shipment_flag, del_to_transport_days, del_to_shipment_condition_category, del_to_transport_service_exist, del_to_shipment_condition_place, doc_req_do, doc_req_packing_list, doc_req_invoice, doc_req_export_permit, doc_req_po_do_inv, doc_req_do_inv, doc_req_others, pack_req_one_line_carton, pack_req_one_item_carton, pack_req_one_item_pocket, pack_req_thomson_label, pack_req_contents_label, pack_req_delivery_schedule, forwarder_name, forwarder_code, forwarder_address, forwarder_contact_person, forwarder_phone, forwarder_fax, forwarder_delivery_method, forwarder_delivery_timings, forwarder_delivery_requirements, special_instructions_shipping_mark, special_instructions_fax_documents, special_instructions_details, special_instructions_attention_to, special_instructions_fax_number, remarks) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'
);
$stmt->execute([
$_SESSION['user_id'],
$_POST['company_name'],
$_POST['company_website'],
$_POST['company_phone'],
$_POST['sales_owner'],
$_POST['payment_terms'],
$_POST['tags'],
$_POST['notes'],
$_POST['declaration_text'],
$signature_path,
$_POST['major_product'] ?? null,
$_POST['capital'] ?? null,
$_POST['capital_currency'] ?? null,
$_POST['main_shareholders'] ?? null,
$_POST['num_employees'] ?? null,
$_POST['payment_terms_ar'] ?? null,
$_POST['pl_year'] ?? null,
$_POST['net_sales'] ?? null,
$_POST['net_income_margin'] ?? null,
$_POST['net_income_margin_ratio'] ?? null,
$_POST['sales_target_this_year'] ?? null,
$_POST['sales_target_next_year'] ?? null,
$_POST['sales_target_after_next'] ?? null,
$_POST['credit_rank'] ?? null,
$_POST['credit_limit'] ?? null,
$_POST['credit_research_status'] ?? null,
$_POST['credit_research_reason'] ?? null,
$_POST['tax_rate_area'] ?? null,
$_POST['billing_type'] ?? null,
$_POST['del_to_code'] ?? null,
$_POST['delivery_abbreviation'] ?? null,
$_POST['del_to_customer_name'] ?? null,
$_POST['del_to_address_1'] ?? null,
$_POST['del_to_address_2'] ?? null,
$_POST['del_to_address_3'] ?? null,
$_POST['del_to_address_4'] ?? null,
$_POST['del_to_postcode'] ?? null,
$_POST['del_to_phone'] ?? null,
$_POST['del_to_area_code'] ?? null,
$_POST['del_to_transportation_code'] ?? null,
$_POST['del_to_stock_point_code'] ?? null,
$_POST['del_to_recipient_section'] ?? null,
$_POST['del_to_country_code'] ?? null,
$_POST['del_to_shipment_flag'] ?? null,
$_POST['del_to_transport_days'] ?? null,
$_POST['del_to_shipment_condition_category'] ?? null,
isset($_POST['del_to_transport_service_exist']) ? implode(',', $_POST['del_to_transport_service_exist']) : null,
$_POST['del_to_shipment_condition_place'] ?? null,
$_POST['doc_req_do'] ?? null,
$_POST['doc_req_packing_list'] ?? null,
$_POST['doc_req_invoice'] ?? null,
$_POST['doc_req_export_permit'] ?? null,
$_POST['doc_req_po_do_inv'] ?? null,
$_POST['doc_req_do_inv'] ?? null,
$_POST['doc_req_others'] ?? null,
$_POST['pack_req_one_line_carton'] ?? null,
$_POST['pack_req_one_item_carton'] ?? null,
$_POST['pack_req_one_item_pocket'] ?? null,
$_POST['pack_req_thomson_label'] ?? null,
$_POST['pack_req_contents_label'] ?? null,
$_POST['pack_req_delivery_schedule'] ?? null,
$_POST['forwarder_name'] ?? null,
$_POST['forwarder_code'] ?? null,
$_POST['forwarder_address'] ?? null,
$_POST['forwarder_contact_person'] ?? null,
$_POST['forwarder_phone'] ?? null,
$_POST['forwarder_fax'] ?? null,
$_POST['forwarder_delivery_method'] ?? null,
$_POST['forwarder_delivery_timings'] ?? null,
$_POST['forwarder_delivery_requirements'] ?? null,
$_POST['special_instructions_shipping_mark'] ?? null,
$_POST['special_instructions_fax_documents'] ?? null,
$_POST['special_instructions_details'] ?? null,
$_POST['special_instructions_attention_to'] ?? null,
$_POST['special_instructions_fax_number'] ?? null,
$_POST['remarks'] ?? null
]);
$customer_application_id = $pdo->lastInsertId();
// 2. Insert into customer_contacts
if (isset($_POST['contact']) && is_array($_POST['contact'])) {
$stmt_contact = $pdo->prepare(
'INSERT INTO customer_contacts (customer_application_id, name, email, phone, is_primary) VALUES (?, ?, ?, ?, ?)'
);
foreach ($_POST['contact'] as $index => $contact) {
$is_primary = (isset($contact['is_primary']) && $contact['is_primary'] == '1');
$stmt_contact->execute([
$customer_application_id,
$contact['name'],
$contact['email'],
$contact['phone'],
$is_primary ? 1 : 0
]);
}
}
// 3. Insert into customer_addresses
if (isset($_POST['address']) && is_array($_POST['address'])) {
$stmt_address = $pdo->prepare(
'INSERT INTO customer_addresses (customer_application_id, address_type, address_line_1, address_line_2, city, state, postal_code, country) VALUES (?, ?, ?, ?, ?, ?, ?, ?)'
);
foreach ($_POST['address'] as $address) {
$stmt_address->execute([
$customer_application_id,
$address['type'],
$address['line1'],
$address['line2'],
$address['city'],
$address['state'],
$address['postal_code'],
$address['country']
]);
}
}
// 4. Insert into customer_trade_references
if (isset($_POST['trade_reference']) && is_array($_POST['trade_reference'])) {
$stmt_trade_ref = $pdo->prepare(
'INSERT INTO customer_trade_references (customer_application_id, company_name, contact_person, email, phone, address) VALUES (?, ?, ?, ?, ?, ?)'
);
foreach ($_POST['trade_reference'] as $trade_ref) {
$stmt_trade_ref->execute([
$customer_application_id,
$trade_ref['company_name'],
$trade_ref['contact_person'],
$trade_ref['email'],
$trade_ref['phone'],
$trade_ref['address']
]);
}
}
// 5. Insert into customer_bank_details
if (isset($_POST['bank_name'])) {
$stmt_bank = $pdo->prepare(
'INSERT INTO customer_bank_details (customer_application_id, bank_name, branch, bsb_number, account_number, account_name) VALUES (?, ?, ?, ?, ?, ?)'
);
$stmt_bank->execute([
$customer_application_id,
$_POST['bank_name'],
$_POST['branch'],
$_POST['bsb_number'],
$_POST['account_number'],
$_POST['account_name']
]);
}
// 6. Handle Signature and Declaration
$signature_path = null;
if (isset($_POST['signature']) && !empty($_POST['signature'])) {
$signature_data = $_POST['signature'];
list($type, $data) = explode(';', $signature_data);
list(, $data) = explode(',', $data);
$data = base64_decode($data);
$signature_filename = 'signature_' . $application_id . '_' . time() . '.png';
$signature_path = 'uploads/' . $signature_filename;
file_put_contents($signature_path, $data);
}
$stmt_declar = $pdo->prepare('UPDATE customer_applications SET declaration_text = ?, signature_path = ? WHERE id = ?');
$stmt_declar->execute([
$_POST['declaration_text'],
$signature_path,
$customer_application_id
]);
$pdo->commit();
// Notify approvers
require_once 'mail/MailService.php';
$approver_emails = get_user_emails_by_role('Approver Level 1', $pdo);
if (!empty($approver_emails)) {
// Get Sales Rep name
$stmt_sales_rep = $pdo->prepare('SELECT name FROM users WHERE id = ?');
$stmt_sales_rep->execute([$_SESSION['user_id']]);
$sales_rep_name = $stmt_sales_rep->fetchColumn();
$subject = 'New Credit Application Submitted - ' . $_POST['company_name'];
$submission_date = date('Y-m-d');
$body = "
<p>A new credit application has been submitted and requires your approval.</p>
<p><strong>Customer Name:</strong> {$_POST['company_name']}</p>
<p><strong>Sales Rep:</strong> {$sales_rep_name}</p>
<p><strong>Credit Amount:</strong> $" . number_format($_POST['credit_limit'], 2) . "</p>
<p><strong>Submission Date:</strong> {$submission_date}</p>
<p><a href='http://{$_SERVER['HTTP_HOST']}/view_application.php?id={$customer_application_id}' style='display: inline-block; padding: 10px 20px; background-color: #007bff; color: #fff; text-decoration: none;'>View Application</a></p>
";
MailService::sendMail($approver_emails, $subject, $body);
}
// Redirect to dashboard with success message
$_SESSION['flash_message'] = [
'type' => 'success',
'message' => 'Customer application (' . $application_id . ') submitted successfully!'
];
header('Location: index.php');
exit();
function get_user_emails_by_role($role_name, $pdo) {
$stmt = $pdo->prepare('SELECT u.email FROM users u JOIN user_roles ur ON u.id = ur.user_id JOIN roles r ON ur.role_id = r.id WHERE r.name = ?');
$stmt->execute([$role_name]);
return $stmt->fetchAll(PDO::FETCH_COLUMN);
}
} catch (PDOException $e) {
$pdo->rollBack();
error_log('Application submission failed: ' . $e->getMessage());
// Redirect back to form with error message
$_SESSION['flash_message'] = [
'type' => 'danger',
'message' => 'There was an error submitting your application. Please try again. ' . $e->getMessage()
];
header('Location: new_application.php');
exit();
}
Reference in New Issue View Git Blame Copy Permalink