From: Alexander Smirnov <fredeom@mail.ru>
Date: Thu, 2 May 2024 13:25:06 +0000 (+0300)
Subject: orders delivery
X-Git-Tag: 1.1~63^2
X-Git-Url: https://gitweb.erp-flowers.ru/?a=commitdiff_plain;h=35c085371669d1d8efd8b59251741454448cb975;p=erp24_rep%2Fyii-erp24%2F.git

orders delivery
---

diff --git a/erp24/controllers/OrdersController.php b/erp24/controllers/OrdersController.php
index 3a0eef92..fee3d2c6 100644
--- a/erp24/controllers/OrdersController.php
+++ b/erp24/controllers/OrdersController.php
@@ -51,6 +51,11 @@ class OrdersController extends Controller
         return $this->render('couriers_stats');
     }
 
+    public function actionAjaxReturnCheck() { return $this->renderPartial('ajax-return-check'); }
+    public function actionAjaxCreateCheck() { return $this->renderPartial('ajax-create-check'); }
+    public function actionAjaxCreateCheckJson() { return $this->renderPartial('ajax-create-check-json'); }
+    public function actionAjaxCheckRemove() { return $this->renderPartial('ajax-check-remove'); }
+
     public function actionDelivery2()
     {
         if (!empty($_REQUEST["umoup"])) {
diff --git a/erp24/inc/base_new.php b/erp24/inc/base_new.php
index 77581d58..7fc3dd9c 100644
--- a/erp24/inc/base_new.php
+++ b/erp24/inc/base_new.php
@@ -742,7 +742,7 @@ $id_db - уникальный номер заказа или номер AUTOINCR
 */
 function create_guid_my($prefix="01",$id_db="") {
  if(empty($id_db)) $id_db=rand(0,99999999);    
-  $id_db=100000000000+$id_db;    
+  $id_db=100000000000+(int)$id_db;
   $str= "$prefix".date("Ym")."-".date("di")."-".date("hs")."-".bin2hex(random_bytes(2))."-".$id_db."";
   return  strtolower($str);
 } 
diff --git a/erp24/modul/orders/ajax_check_remove.php b/erp24/modul/orders/ajax_check_remove.php
index 04cb651c..94dee43f 100644
--- a/erp24/modul/orders/ajax_check_remove.php
+++ b/erp24/modul/orders/ajax_check_remove.php
@@ -1,8 +1,7 @@
-<?
-include_once("startup.php");
-include_once("inc/base_new.php");
-include_once("inc/db2.php");
-include_once("inc/db.php");
+<?php
+include_once(dirname(__DIR__, 2) . "/startup.php");
+include_once(dirname(__DIR__, 2) . "/inc/db.php");
+include_once(dirname(__DIR__, 2) . "/inc/base_new.php");
 
 if(!empty($_REQUEST["order_id"])) {
 $order_id=htmlentities($_REQUEST["order_id"]);
@@ -11,23 +10,20 @@ $order_id=htmlentities($_REQUEST["order_id"]);
      $amo_id=(int)$_SESSION["order_id_dell"][$order_id];
 
     
-     $z="DELETE FROM orders_amo WHERE id=? AND amo_id=? AND amo_id!='' LIMIT 1 ";   
-       $z2="DELETE FROM create_checks WHERE order_id=? AND status=0 order BY date LIMIT 1 "; 
+        $z="DELETE FROM orders_amo WHERE id=? AND amo_id=? AND amo_id!=''";
+       $z2="DELETE FROM create_checks WHERE order_id=? AND status=0";
        
-        $db2::sql("DELETE FROM orders_amo WHERE id=? AND amo_id=? AND amo_id!='' LIMIT 1",[$order_id,$amo_id]);
-         $db::sql("DELETE FROM orders_amo WHERE id=? AND amo_id=? AND amo_id!='' LIMIT 1",[$order_id,$amo_id]);
-       
-       
-       $db2::sql("DELETE FROM create_checks WHERE order_id=? AND status=0 order BY date LIMIT 1",[$order_id]);
-        $db::sql("DELETE FROM create_checks WHERE order_id=? AND status=0 order BY date LIMIT 1",[$order_id]);
-        $db::sql("DELETE FROM create_checks2 WHERE order_id=? AND status=0 order BY date LIMIT 1",[$order_id]);
+        $db::sql("DELETE FROM orders_amo WHERE id=? AND amo_id=? AND amo_id!=''",[$order_id,$amo_id]);
+
+        $db::sql("DELETE FROM create_checks WHERE order_id=? AND status=0",[$order_id]);
+        $db::sql("DELETE FROM create_checks2 WHERE order_id=? AND status=0",[$order_id]);
       
          mess("Заказ можно удалить $amo_id $z $z2");       
     }
     
 
 
-//$db2::sql("UPDATE  create_checks  SET status=1 WHERE  type='Продажа' AND order_id=? order BY date DESC LIMIT 1",[(int)$_REQUEST["order_id"]]);
+//$db::sql("UPDATE  create_checks  SET status=1 WHERE  type='Продажа' AND order_id=? order BY date DESC LIMIT 1",[(int)$_REQUEST["order_id"]]);
 //$db::sql("UPDATE  create_checks  SET status=1 WHERE  type='Продажа' AND order_id=? order BY date DESC LIMIT 1",[(int)$_REQUEST["order_id"]]);
 
 }
diff --git a/erp24/modul/orders/ajax_create_check.php b/erp24/modul/orders/ajax_create_check.php
index 00356e7e..6aaa0147 100644
--- a/erp24/modul/orders/ajax_create_check.php
+++ b/erp24/modul/orders/ajax_create_check.php
@@ -1,9 +1,9 @@
-<?
-include_once("startup.php");
-include_once("inc/base_new.php");
-include_once("inc/db2.php");
-include_once("inc/db.php");
-include_once("inc/checks.php");
+<?php
+include_once(dirname(__DIR__, 2) . "/startup.php");
+include_once(dirname(__DIR__, 2) . "/inc/db.php");
+include_once(dirname(__DIR__, 2) . "/inc/base_new.php");
+include_once(dirname(__DIR__, 2) . "/inc/checks.php");
+
 if(!empty($_REQUEST["order_id"])) {
 $order_id=(int)$_REQUEST["order_id"]; 
 
@@ -11,7 +11,7 @@ $order_id=(int)$_REQUEST["order_id"];
 
 
 
-$amo_id=$db2::getValue("SELECT amo_id FROM orders_amo  WHERE id=?  LIMIT 1",[$order_id]);
+$amo_id=$db::getValue("SELECT amo_id FROM orders_amo  WHERE id=?  LIMIT 1",[$order_id]);
 $lid_id=create_order_from_amo($amo_id);
 
 
@@ -83,10 +83,10 @@ exit();
 
 
 $type="Продажа";  
-$row = $db2::getRow("SELECT * FROM create_checks  WHERE status='0' AND type='$type' AND order_id=? order BY date DESC LIMIT 1",[(int)$_REQUEST["order_id"]]);
+$row = $db::getRow("SELECT * FROM create_checks  WHERE status='0' AND type='$type' AND order_id=? order BY date DESC LIMIT 1",[(int)$_REQUEST["order_id"]]);
 //print_r($row); 
 
-$florist_id = $db2::getValue("SELECT florist_id FROM orders_amo  WHERE id=? LIMIT 1",[(int)$_REQUEST["order_id"]]);
+$florist_id = $db::getValue("SELECT florist_id FROM orders_amo  WHERE id=? LIMIT 1",[(int)$_REQUEST["order_id"]]);
 $seller_id = $db::getValue("SELECT export_val FROM export_import_table  WHERE export_id='1' AND entity_id=? AND entity='admin' LIMIT 1",[$florist_id]);
 
 
@@ -107,7 +107,7 @@ if(empty($seller_id)) $seller_id="00000000-0000-0000-0000-000000000000";
 $new_row["seller_id"]=$seller_id;
 //$new_row["guid"]=create_guid();
 $new_row["check_id"]=create_guid();
-$db2::sql("UPDATE  create_checks  SET check_id=? WHERE  type='$type' AND order_id=? order BY date DESC LIMIT 1",[$new_row["check_id"],(int)$_REQUEST["order_id"]]);
+$db::sql("UPDATE  create_checks  SET check_id=? WHERE  type='$type' AND order_id=? order BY date DESC LIMIT 1",[$new_row["check_id"],(int)$_REQUEST["order_id"]]);
 
 //$q="INSERT IGNORE INTO create_checks2 ($sql0) VALUES ($sqlv)";
 //$db::sql($q,$new_row);
diff --git a/erp24/modul/orders/ajax_create_check_json.php b/erp24/modul/orders/ajax_create_check_json.php
index 64ecdcae..c6857e53 100644
--- a/erp24/modul/orders/ajax_create_check_json.php
+++ b/erp24/modul/orders/ajax_create_check_json.php
@@ -1,8 +1,7 @@
-<?
-include_once("startup.php");
-include_once("inc/base_new.php");
-include_once("inc/db2.php");
-include_once("inc/db.php");
+<?php
+include_once(dirname(__DIR__, 2) . "/startup.php");
+include_once(dirname(__DIR__, 2) . "/inc/db.php");
+include_once(dirname(__DIR__, 2) . "/inc/base_new.php");
 
 if(!empty($_REQUEST["order_id"])) {
 $order_id=(int)$_REQUEST["order_id"]; 
@@ -24,7 +23,7 @@ $payments_array=[
 
 
 try {
-$row = $db2::getRow("SELECT * FROM orders_amo WHERE delivery!='Самовывоз' AND delivery!='Доставка из магазина' AND amo_id=? order by delivery_date DESC LIMIT 1",[$order_id]);
+$row = $db::getRow("SELECT * FROM orders_amo WHERE delivery!='Самовывоз' AND delivery!='Доставка из магазина' AND amo_id=? order by delivery_date DESC LIMIT 1",[$order_id]);
 }
 catch (Exception $e) {
 	var_dump($e);
@@ -85,7 +84,7 @@ foreach($products as $guid => $colors) {
 // ставим в соответствие вид оплаты
 
 
-$date = $db::getValue("SELECT extract(epoch FROM  date) as date FROM create_checks WHERE order_id=?  AND type='Продажа' order by date desc LIMIT 1",[$lid_id]);
+$date = $db::getValue("SELECT extract(epoch FROM  date) as date FROM create_checks WHERE order_id=?  AND type='Продажа' order by date desc LIMIT 1",[$order_id]);
 $error=""; 
 if($date>(time()-60) and !empty($date))  $error="Чек не создан так как чек с таким заказом уже создан";     
 if(!empty($error))    echo($error); 
diff --git a/erp24/modul/orders/ajax_return_check.php b/erp24/modul/orders/ajax_return_check.php
index 341b706b..3e54462a 100644
--- a/erp24/modul/orders/ajax_return_check.php
+++ b/erp24/modul/orders/ajax_return_check.php
@@ -1,9 +1,9 @@
-<?
-include_once("startup.php");
-include_once("inc/base_new.php");
-include_once("inc/db2.php");
-include_once("inc/db.php");
-include_once("inc/checks.php");
+<?php
+include_once(dirname(__DIR__, 2) . "/startup.php");
+include_once(dirname(__DIR__, 2) . "/inc/db.php");
+include_once(dirname(__DIR__, 2) . "/inc/base_new.php");
+include_once(dirname(__DIR__, 2) . "/inc/checks.php");
+
 if(!empty($_REQUEST["sales_check"])) {
  $type="Возврат";   
  $sales_check=htmlentities($_REQUEST["sales_check"]);  
diff --git a/erp24/modul/orders/delivery.php b/erp24/modul/orders/delivery.php
index a7f127ab..9aebb308 100644
--- a/erp24/modul/orders/delivery.php
+++ b/erp24/modul/orders/delivery.php
@@ -575,12 +575,14 @@ $_CONFIG["jscss"]="<script>
 
 function ajax_return_check(sales_check) {
  jQuery('#modal-7').modal('show', {backdrop: 'static'}); $('#modal-7 .modal-title').text('');  
- 
+
+ const param3 = $('meta[name=csrf-param]').attr('content');
+ const token3 = $('meta[name=csrf-token]').attr('content');
 $.ajax({
-	url: '/orders/ajax_return_check/',
+	url: '/orders/ajax-return-check/',
 	method: 'post',       
 	dataType: 'html',        
-	data: { sales_check: ''+sales_check+''},  
+	data: { sales_check: ''+sales_check+'', [param3]: token3},  
 	success: function(data){  
        $('#modal-7 .modal-body').html(data);
        $('#check__'+sales_check+'').remove();  
@@ -589,12 +591,14 @@ $.ajax({
 
 function ajax_create_check(order_id) {
  jQuery('#modal-7').modal('show', {backdrop: 'static'}); $('#modal-7 .modal-title').text('');  
- 
+
+ const param3 = $('meta[name=csrf-param]').attr('content');
+ const token3 = $('meta[name=csrf-token]').attr('content');
 $.ajax({
-	url: '/orders/ajax_create_check/',
+	url: '/orders/ajax-create-check/',
 	method: 'post',       
 	dataType: 'html',        
-	data: { order_id: ''+order_id+'', create_check: '2' },  
+	data: { order_id: ''+order_id+'', create_check: '2', [param3]: token3 },  
 	success: function(data){  
        $('#modal-7 .modal-body').html(data);
        $('.btn__'+order_id+'').hide();
@@ -606,12 +610,14 @@ $.ajax({
 
 function ajax_create_check_json(order_id) {
  jQuery('#modal-7').modal('show', {backdrop: 'static'}); $('#modal-7 .modal-title').text('');  
- 
+
+ const param3 = $('meta[name=csrf-param]').attr('content');
+ const token3 = $('meta[name=csrf-token]').attr('content');
 $.ajax({
-	url: '/orders/ajax_create_check_json/',
+	url: '/orders/ajax-create-check-json/',
 	method: 'post',       
 	dataType: 'html',        
-	data: { order_id: ''+order_id+'', create_check: '2' },  
+	data: { order_id: ''+order_id+'', create_check: '2', [param3]: token3 },  
 	success: function(data){  
        $('#modal-7 .modal-body').html(data);
        $('.btn__'+order_id+'').hide();
@@ -620,12 +626,14 @@ $.ajax({
 
 function ajax_check_remove(order_id) {
  jQuery('#modal-7').modal('show', {backdrop: 'static'}); $('#modal-7 .modal-title').text('');  
- 
+
+ const param3 = $('meta[name=csrf-param]').attr('content');
+ const token3 = $('meta[name=csrf-token]').attr('content');
 $.ajax({
-	url: '/orders/ajax_check_remove/',
+	url: '/orders/ajax-check-remove/',
 	method: 'post',       
 	dataType: 'html',        
-	data: { order_id: ''+order_id+''},  
+	data: { order_id: ''+order_id+'', [param3]: token3},  
 	success: function(data){  
        $('#modal-7 .modal-body').html(data);
 	}}); 
diff --git a/erp24/views/orders/ajax-check-remove.php b/erp24/views/orders/ajax-check-remove.php
new file mode 100644
index 00000000..dc14e9a7
--- /dev/null
+++ b/erp24/views/orders/ajax-check-remove.php
@@ -0,0 +1,5 @@
+<?php
+
+chdir(__DIR__ . '/../../');
+
+include 'modul/orders/ajax_check_remove.php';
diff --git a/erp24/views/orders/ajax-create-check-json.php b/erp24/views/orders/ajax-create-check-json.php
new file mode 100644
index 00000000..85e3a690
--- /dev/null
+++ b/erp24/views/orders/ajax-create-check-json.php
@@ -0,0 +1,5 @@
+<?php
+
+chdir(__DIR__ . '/../../');
+
+include 'modul/orders/ajax_create_check_json.php';
diff --git a/erp24/views/orders/ajax-create-check.php b/erp24/views/orders/ajax-create-check.php
new file mode 100644
index 00000000..2f2455de
--- /dev/null
+++ b/erp24/views/orders/ajax-create-check.php
@@ -0,0 +1,5 @@
+<?php
+
+chdir(__DIR__ . '/../../');
+
+include 'modul/orders/ajax_create_check.php';
diff --git a/erp24/views/orders/ajax-return-check.php b/erp24/views/orders/ajax-return-check.php
new file mode 100644
index 00000000..aa84a2f6
--- /dev/null
+++ b/erp24/views/orders/ajax-return-check.php
@@ -0,0 +1,5 @@
+<?php
+
+chdir(__DIR__ . '/../../');
+
+include 'modul/orders/ajax_return_check.php';