SamProject/sam-sales
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7853672dfa7fc10d504a521c322cdc868fe14885
sam-sales/salesmanagement/api/sales_members.php
kimbokon 7853672dfa 영업자료 업그레이드
2025-12-24 09:46:07 +09:00

216 lines
11 KiB
PHP
Raw Blame History

<?php
header("Content-Type: application/json; charset=utf-8");
require_once(__DIR__ . "/../../lib/mydb.php");
session_start();
$method = $_SERVER['REQUEST_METHOD'];
$action = $_GET['action'] ?? '';
try {
$pdo = db_connect();
// 테이블 자동 생성 (없을 경우)
$pdo->exec("
CREATE TABLE IF NOT EXISTS `sales_member` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`member_id` varchar(50) NOT NULL COMMENT '로그인 ID',
`password` varchar(255) NOT NULL COMMENT '비밀번호',
`name` varchar(100) NOT NULL COMMENT '성명',
`phone` varchar(20) DEFAULT NULL COMMENT '전화번호',
`email` varchar(100) DEFAULT NULL COMMENT '이메일',
`parent_id` int(11) DEFAULT NULL COMMENT '상위 관리자 ID',
`role` varchar(20) DEFAULT 'manager' COMMENT '역할 (operator, manager)',
`remarks` text DEFAULT NULL COMMENT '비고',
`is_active` tinyint(1) DEFAULT 1 COMMENT '활성화 여부',
`created_at` timestamp DEFAULT CURRENT_TIMESTAMP,
`updated_at` timestamp DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`id`),
UNIQUE KEY `idx_member_id` (`member_id`),
KEY `idx_parent_id` (`parent_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
");
switch ($method) {
case 'GET':
if ($action === 'check_session') {
if (isset($_SESSION['sales_user'])) {
echo json_encode(['success' => true, 'user' => $_SESSION['sales_user']]);
} else {
echo json_encode(['success' => false]);
}
} elseif ($action === 'list') {
if (!isset($_SESSION['sales_user'])) throw new Exception("로그인이 필요합니다.");
$currentUser = $_SESSION['sales_user'];
if ($currentUser['role'] === 'operator') {
// 운영자는 상위/하위 상관없이 모든 활동중인 멤버 조회 (본인 제외)
$stmt = $pdo->prepare("SELECT id, member_id, name, phone, email, role, parent_id, remarks, created_at FROM sales_member WHERE is_active = 1 AND role != 'operator' ORDER BY name ASC");
$stmt->execute();
} else {
// 특정 관리자의 하위 멤버 목록 조회
$parent_id = $_GET['parent_id'] ?? $currentUser['id'];
$stmt = $pdo->prepare("SELECT id, member_id, name, phone, email, role, parent_id, remarks, created_at FROM sales_member WHERE parent_id = ? AND is_active = 1 ORDER BY name ASC");
$stmt->execute([$parent_id]);
}
$members = $stmt->fetchAll(PDO::FETCH_ASSOC);
echo json_encode(['success' => true, 'data' => $members]);
}
break;
case 'POST':
$data = json_decode(file_get_contents('php://input'), true);
if ($action === 'login') {
$member_id = $data['member_id'] ?? '';
$password = $data['password'] ?? '';
$stmt = $pdo->prepare("SELECT * FROM sales_member WHERE member_id = ? AND is_active = 1");
$stmt->execute([$member_id]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if ($user && $password === $user['password']) {
$_SESSION['sales_user'] = $user;
echo json_encode(['success' => true, 'user' => $user]);
} else {
// 수동 초기화용 (개발용: plain text)
if ($member_id === 'admin' && $password === 'admin') {
$pdo->prepare("INSERT IGNORE INTO sales_member (member_id, password, name, role) VALUES ('admin', 'admin', '운영자', 'operator')")->execute();
$stmt = $pdo->prepare("SELECT * FROM sales_member WHERE member_id = 'admin'");
$stmt->execute();
$user = $stmt->fetch(PDO::FETCH_ASSOC);
$_SESSION['sales_user'] = $user;
echo json_encode(['success' => true, 'user' => $user, 'message' => 'Admin reset successful. Logged in.']);
return;
}
if ($member_id === 'sales' && $password === 'sales') {
$pdo->prepare("INSERT IGNORE INTO sales_member (member_id, password, name, role) VALUES ('sales', 'sales', '영업관리자', 'sales_admin')")->execute();
$stmt = $pdo->prepare("SELECT * FROM sales_member WHERE member_id = 'sales'");
$stmt->execute();
$user = $stmt->fetch(PDO::FETCH_ASSOC);
$_SESSION['sales_user'] = $user;
echo json_encode(['success' => true, 'user' => $user, 'message' => 'Sales admin reset successful. Logged in.']);
return;
}
if ($member_id === 'manager' && $password === 'manager') {
$pdo->prepare("INSERT IGNORE INTO sales_member (member_id, password, name, role) VALUES ('manager', 'manager', '매니저', 'manager')")->execute();
$stmt = $pdo->prepare("SELECT * FROM sales_member WHERE member_id = 'manager'");
$stmt->execute();
$user = $stmt->fetch(PDO::FETCH_ASSOC);
$_SESSION['sales_user'] = $user;
echo json_encode(['success' => true, 'user' => $user, 'message' => 'Manager reset successful. Logged in.']);
return;
}
throw new Exception("아이디 또는 비밀번호가 일치하지 않습니다.");
}
} elseif ($action === 'logout') {
session_destroy();
echo json_encode(['success' => true]);
} elseif ($action === 'create') {
if (!isset($_SESSION['sales_user'])) throw new Exception("로그인이 필요합니다.");
$currentUser = $_SESSION['sales_user'];
$member_id = $data['member_id'] ?? '';
$password = $data['password'] ?? '1234';
$name = $data['name'] ?? '';
$phone = $data['phone'] ?? '';
$email = $data['email'] ?? '';
$remarks = $data['remarks'] ?? '';
// 운영자는 parent_id와 role을 직접 지정 가능
if ($currentUser['role'] === 'operator') {
$parent_id = $data['parent_id'] ?: null;
$role = $data['role'] ?? 'manager';
} else {
$parent_id = $currentUser['id'];
$role = 'manager';
}
// 중복 체크
$stmt = $pdo->prepare("SELECT COUNT(*) FROM sales_member WHERE member_id = ?");
$stmt->execute([$member_id]);
if ($stmt->fetchColumn() > 0) throw new Exception("이미 존재하는 아이디입니다.");
$stmt = $pdo->prepare("INSERT INTO sales_member (member_id, password, name, phone, email, parent_id, role, remarks) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
$stmt->execute([$member_id, $password, $name, $phone, $email, $parent_id, $role, $remarks]);
echo json_encode(['success' => true, 'message' => '등록되었습니다.']);
} elseif ($action === 'check_id') {
$member_id = $data['member_id'] ?? '';
if (!$member_id) throw new Exception("아이디를 입력해주세요.");
$stmt = $pdo->prepare("SELECT COUNT(*) FROM sales_member WHERE member_id = ?");
$stmt->execute([$member_id]);
$exists = $stmt->fetchColumn() > 0;
echo json_encode([
'success' => true,
'exists' => $exists,
'message' => $exists ? '이미 사용 중인 아이디입니다.' : '사용 가능한 아이디입니다.'
]);
} elseif ($action === 'delete') {
$id = $data['id'] ?? $_GET['id'] ?? null;
if (!$id) throw new Exception("ID가 누락되었습니다.");
$stmt = $pdo->prepare("UPDATE sales_member SET is_active = 0 WHERE id = ?");
$stmt->execute([$id]);
echo json_encode(['success' => true, 'message' => '삭제되었습니다.']);
return;
}
break;
case 'PUT':
if (!isset($_SESSION['sales_user'])) throw new Exception("로그인이 필요합니다.");
$currentUser = $_SESSION['sales_user'];
$data = json_decode(file_get_contents('php://input'), true);
$id = $data['id'] ?? null;
if (!$id) throw new Exception("ID가 누락되었습니다.");
$updates = [];
$params = [];
$fields = ['name', 'phone', 'email', 'remarks'];
if ($currentUser['role'] === 'operator') {
$fields[] = 'role';
$fields[] = 'parent_id';
}
foreach ($fields as $field) {
if (isset($data[$field])) {
$updates[] = "$field = ?";
$params[] = ($field === 'parent_id' && $data[$field] === '') ? null : $data[$field];
}
}
if (isset($data['password']) && !empty($data['password'])) {
$updates[] = "password = ?";
$params[] = $data['password'];
}
if (empty($updates)) throw new Exception("수정할 내용이 없습니다.");
$params[] = $id;
$stmt = $pdo->prepare("UPDATE sales_member SET " . implode(", ", $updates) . " WHERE id = ?");
$stmt->execute($params);
echo json_encode(['success' => true, 'message' => '수정되었습니다.']);
break;
case 'DELETE':
$id = $_GET['id'] ?? null;
if (!$id) throw new Exception("ID가 누락되었습니다.");
$stmt = $pdo->prepare("UPDATE sales_member SET is_active = 0 WHERE id = ?");
$stmt->execute([$id]);
echo json_encode(['success' => true, 'message' => '삭제되었습니다.']);
break;
}
} catch (Exception $e) {
echo json_encode(['success' => false, 'error' => $e->getMessage()]);
}
Reference in New Issue View Git Blame Copy Permalink