igamebox
/
mtb_crm_asp


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102
							<?php
require_once 'conn.php';
checkLogin();

header('Content-Type: application/json');

// 获取返点兑换ID
$redemptionId = isset($_GET['redemption_id']) ? intval($_GET['redemption_id']) : 0;

if ($redemptionId <= 0) {
    echo json_encode(['success' => false, 'message' => '无效的兑换ID']);
    exit;
}

// 验证权限
$employee_id = $_SESSION['employee_id'];
$isAdmin = checkIfAdmin();

// 检查是否为财务角色或管理员
$isFinance = false;
$checkRoleSql = "SELECT em_permission_role_id FROM employee WHERE id = $employee_id";
$roleResult = mysqli_query($conn, $checkRoleSql);
if ($roleResult && $row = mysqli_fetch_assoc($roleResult)) {
    $isFinance = ($row['em_permission_role_id'] == 6 || $row['em_permission_role_id'] == 1);
}

// 获取返点兑换详情
$sql = "SELECT 
            rri.id,
            rri.order_id,
            rri.order_item_id,
            rri.product_id,
            rri.quantity,
            rri.rebate_amount,
            rri.rebate_rule_id,
            p.ProductName AS product_name,
            o.order_code,
            oi.unit,
            (SELECT rr.rebate_amount FROM rebate_rules rr WHERE rr.id = rri.rebate_rule_id) AS rule_amount
        FROM 
            rebate_redemption_items rri
        JOIN 
            products p ON rri.product_id = p.id
        JOIN 
            orders o ON rri.order_id = o.id
        JOIN 
            order_items oi ON rri.order_item_id = oi.id
        JOIN
            rebate_redemptions rr ON rri.redemption_id = rr.id
        JOIN
            customer c ON rr.customer_id = c.id
        WHERE 
            rri.redemption_id = ?";

// 非管理员和非财务只能查看自己客户的数据
if (!$isAdmin && !$isFinance) {
    $sql .= " AND c.cs_belong = $employee_id";
}

$sql .= " ORDER BY o.order_code, p.ProductName";

// 使用预处理语句防止SQL注入
$stmt = $conn->prepare($sql);
$stmt->bind_param("i", $redemptionId);
$stmt->execute();
$result = $stmt->get_result();

if (!$result) {
    echo json_encode(['success' => false, 'message' => '查询失败: ' . $conn->error]);
    exit;
}

// 获取所有返点项目
$items = [];
while ($row = $result->fetch_assoc()) {
    // 使用规则表中的单位返点金额，而不是存储的总返点金额
    $unitRebate = isset($row['rule_amount']) ? $row['rule_amount'] : $row['rebate_amount'];
    
    // 计算每项的总返点金额
    $totalRebate = $row['quantity'] * $unitRebate;
    
    $items[] = [
        'id' => $row['id'],
        'order_id' => $row['order_id'],
        'order_code' => $row['order_code'],
        'product_id' => $row['product_id'],
        'product_name' => htmlspecialcharsFix($row['product_name']),
        'quantity' => $row['quantity'],
        'unit' => $row['unit'],
        'rebate_amount' => number_format($unitRebate, 2),
        'total_rebate' => number_format($totalRebate, 2)
    ];
}

// 返回JSON数据
echo json_encode([
    'success' => true,
    'redemption_id' => $redemptionId,
    'items' => $items,
    'count' => count($items)
]);
?>