1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174

<?php
    require_once('check_login.php');

    $customer_info = get_customer();

    //checking data

    $message = "";

    if (!isset($_POST["new_customer"])) {
        $message .= "請選擇新客戶 或 現有客戶。\\n\\n";

        $_POST["new_customer"] = 0;
    }

    if (empty($_POST["identity_id2"])) {
        //$message .= "請輸入證件號碼。\\n\\n";
        $message .= "個人: 請輸入身分證作認證; 商業: 請輸入商業登記證作認證。\\n\\n";
    }

    if (empty($_POST["lastname"])) {
        $message .= "請輸入姓氏。\\n\\n";
    }

    if (empty($_POST["firstname"])) {
        $message .= "請輸入名字。\\n\\n";
    }

    if ($_POST["identity_type"] == "BUSINESS" && empty($_POST["companyname"])) {
        $message .= "請輸入公司名稱。\\n\\n";
    }

    $_POST["email"] = trim($_POST["email"]);
    if (empty($_POST["email"])) {
        //$message .= "請輸入電郵地址。\\n\\n";
    } else {
        if (!filter_var($_POST["email"], FILTER_VALIDATE_EMAIL)) {
            $message .= "請輸入正確的電郵。\\n\\n";
        } else {
            foreach ($customer_info as $customer) {
                if($customer["deleted"] == 1)
                    continue;

                $decrypt_email = rsa_crypt($customer["email"], 2);

                //if ( (!empty($decrypt_email) && $decrypt_email == $_POST["email"] && $_POST["new_customer"] == 1 ) || (!empty($decrypt_email) && $decrypt_email == $_POST["email"] && $_POST["new_customer"] == 0 && $_POST["customer_id"] != $customer["id"])) {
                if ( (!empty($decrypt_email) && $decrypt_email == $_POST["email"] && $_POST["new_customer"] == 1 && $_POST["identity_type"] == $customer["identity_type"]) /*|| (!empty($decrypt_email) && $decrypt_email == $_POST["email"] && $_POST["new_customer"] == 0 && $_POST["customer_id"] != $customer["id"] && $_POST["identity_type"] == $customer["typeid"])*/) {
                    $message .= "此電郵已登記，請使用另一個電郵。\\n\\n";
                    break;
                }
            }
        }
    }

    /*if (empty($_POST["identity_id2"])) {
        $message .= "個人: 請輸入身分證作認證; 商業: 請輸入商業登記證作認證。\\n\\n";
    }*/


    if (empty($_POST["tel"])) {
        $message .= "請輸入電話號碼。\\n\\n";
    } else {
        if (!is_numeric($_POST["tel"])) {
            $message .= "請輸入正確的電話號碼。\\n\\n";
        }else{
            foreach ($customer_info as $customer) {
                if($customer["deleted"] == 1)
                    continue;

                $decrypt_tel = rsa_crypt($customer["tel"], 2);

                //if ( (!empty($decrypt_tel) && $decrypt_tel == $_POST["tel"] && $_POST["new_customer"] == 1) || (!empty($decrypt_tel) && $decrypt_tel == $_POST["tel"] && $_POST["new_customer"] == 0 && $_POST["customer_id"] != $customer["id"])) {
                if ( (!empty($decrypt_tel) && $decrypt_tel == $_POST["tel"] && $_POST["new_customer"] == 1 && $_POST["identity_type"] == $customer["identity_type"])  /*||(!empty($decrypt_tel) && $decrypt_tel == $_POST["tel"] && $_POST["new_customer"] == 0 && $_POST["customer_id"] != $customer["id"] && $_POST["identity_type"] == $customer["typeid"])*/) {
                    $message .= "此電話已登記，請使用另一個電話。\\n\\n";
                    break;
                }
            }
        }
    }

    if (empty($_POST["address"])) {
        $message .= "請輸入聯絡地址。\\n\\n";
    }

    //check if new customer or not
    $identity_id = $_POST["identity_id2"];

    //looping customer info to find if a matched customer exist
    $found = false;
    if (!empty($_POST["identity_id2"])) {
        foreach ($customer_info as $customer) {
            if (!empty($customer)) {

                if($customer["deleted"] == 1)
                    continue;
                
                $decrypt_hkid = rsa_crypt($customer["hkid"], 2);
                $decrypt_hkbr = rsa_crypt($customer["hkbr"], 2);

                if ((!empty($decrypt_hkbr) && strpos($decrypt_hkbr, $identity_id) !== false) || (!empty($decrypt_hkid) && strpos($decrypt_hkid, $identity_id) !== false)) {
                    $found = true;

                    break;
                }
            }
        }
    }


    if(!empty($_POST["identity_id2"]) && $found && $_POST["new_customer"] == 1){
        $message .= "此客戶是現有客戶，請在現在客戶中選取相關客戶。\\n\\n";
    }

    if(!empty($_POST["identity_id2"]) && !$found && $_POST["new_customer"] == 0){
        $message .= "找不到這個現有客戶，請確認是否新客戶。\\n\\n";
    }

    if (!empty($message)) {
        echo "<script>alert('" . $message . "'); history.back();</script>";
        exit;
    }

    //record warehousing order in session
    $_SESSION["warehousing"][1]["new_customer"]  = $_POST["new_customer"];
    $_SESSION["warehousing"][1]["identity_type"] = $_POST["identity_type"];
    $_SESSION["warehousing"][1]["identity_id"]   = $_POST["identity_id2"];
    $_SESSION["warehousing"][1]["title"]         = $_POST["title"];
    $_SESSION["warehousing"][1]["lastname"]      = $_POST["lastname"];
    $_SESSION["warehousing"][1]["firstname"]     = $_POST["firstname"];
    $_SESSION["warehousing"][1]["companyname"]   = $_POST["companyname"];
    $_SESSION["warehousing"][1]["email"]         = $_POST["email"];
    $_SESSION["warehousing"][1]["tel"]           = $_POST["tel"];
    $_SESSION["warehousing"][1]["address"]       = $_POST["address"];
    $_SESSION["warehousing"][1]["pass"]          = true;

    if ($_POST["new_customer"] == 1) {
        $_SESSION["warehousing"][1]["customer_first_order"] = true;

    } else {

        //check if this customer is new customer and first order or not (registered)
        $customer_id = $_POST["customer_id"];
        $_SESSION["warehousing"][1]["customer_id"] = $customer_id;

        $this_customer_info = get_customer($customer_id);
        $_SESSION["warehousing"][1]["customer_code"]          = $this_customer_info["code"];

        //update customer info
        $sql = "update customer set lastupby = ?, lastupdate = ?, typeid = ?, title = ?, firstname = ?, lastname = ?, companyname = ?, address = ? where id = ?";
        $parameters = array(1, $nowdate, $_SESSION["warehousing"][1]["identity_type"], $_SESSION["warehousing"][1]["title"], rsa_crypt($_SESSION["warehousing"][1]["firstname"], 1), rsa_crypt($_SESSION["warehousing"][1]["lastname"], 1), $_SESSION["warehousing"][1]["companyname"], rsa_crypt($_SESSION["warehousing"][1]["address"], 1), $customer_id );
        $result = bind_pdo($sql, $parameters);
        

        $customer_order = customer_first_order($customer_id);

        if (!empty($customer_order)) {
            $_SESSION["warehousing"][1]["customer_first_order"] = false;
        } else {
            $_SESSION["warehousing"][1]["customer_first_order"] = true;
        }
    }

    header("Location: warehousing_step2.php");

    /*if(!empty($customer_id)){
        //$_SESSION["warehousing"][1]["customer_id"] = $customer_id;
        //go to step 2
        header("Location: warehousing_step2.php");
    }else{
        echo "<script>alert('發生錯誤，未能找到有效的客戶編號，請重新嘗試。'); location.href='warehousing_step1.php';</script>";
        exit;
    }*/