| Server IP : 172.67.187.206 / Your IP : 172.71.28.155 Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586 User : SYSTEM ( 0) PHP Version : 5.6.30 Disable Function : NONE MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /Inetpub/www/supply_system/supplies/ |
Upload File : |
<?php
include_once __DIR__ . '/../config.php';
include_once __DIR__ . '/../functions.php';
include_once __DIR__ . '/../includes/auth_check.php';
// requireRole(['admin', 'supply_manager']);
$message = '';
$message_type = 'danger'; // Default to error
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// --- Get and Sanitize Data ---
$supply_code = isset($_POST['supply_code']) ? sanitize_input($conn, strtoupper($_POST['supply_code'])) : ''; // Convert code to uppercase
$supply_name = isset($_POST['supply_name']) ? sanitize_input($conn, $_POST['supply_name']) : '';
$category_id = isset($_POST['category_id']) ? intval($_POST['category_id']) : 0;
$unit = isset($_POST['unit']) ? sanitize_input($conn, $_POST['unit']) : '';
$min_stock_level = isset($_POST['min_stock_level']) ? intval($_POST['min_stock_level']) : 0;
$description = isset($_POST['description']) ? sanitize_input($conn, $_POST['description']) : '';
// --- Validate Data ---
if (empty($supply_code) || empty($supply_name) || $category_id <= 0 || empty($unit)) {
$message = "กรุณากรอกข้อมูลที่จำเป็นให้ครบถ้วน (รหัส, ชื่อ, หมวดหมู่, หน่วยนับ)";
} elseif ($min_stock_level < 0) {
$message = "จุดสั่งซื้อขั้นต่ำต้องไม่ติดลบ";
} else {
// --- Check if supply_code already exists ---
$sql_check = "SELECT id FROM supplies WHERE supply_code = '$supply_code'";
$result_check = mysqli_query($conn, $sql_check);
if ($result_check && mysqli_num_rows($result_check) > 0) {
$message = "รหัสพัสดุ '$supply_code' นี้มีอยู่ในระบบแล้ว กรุณาใช้รหัสอื่น";
mysqli_free_result($result_check);
} else {
mysqli_free_result($result_check); // Free result even if no rows found
// --- Prepare SQL INSERT Statement ---
// Note: quantity_in_stock, average_unit_price, total_value default to 0 in the database schema
$sql_insert = "INSERT INTO supplies (supply_code, supply_name, category_id, unit, min_stock_level, description, status)
VALUES ('$supply_code', '$supply_name', $category_id, '$unit', $min_stock_level, '$description', 'active')";
if (mysqli_query($conn, $sql_insert)) {
$new_supply_id = mysqli_insert_id($conn); // Get the ID of the newly inserted supply
$message = "เพิ่มรายการพัสดุ '" . htmlspecialchars($supply_name) . "' (รหัส: $supply_code) สำเร็จแล้ว";
$message_type = 'success';
// Store message in session and redirect to avoid form resubmission
$_SESSION['message'] = $message;
$_SESSION['message_type'] = $message_type;
mysqli_close($conn);
redirect('index.php'); // Redirect back to the supply list
} else {
$message = "เกิดข้อผิดพลาดในการบันทึกข้อมูล: " . mysqli_error($conn);
// Optional: Log the error
// error_log("Error inserting supply: " . mysqli_error($conn));
}
}
}
} else {
// If accessed directly without POST, redirect
redirect('supply_add.php');
}
// --- Display Error Message if Redirect Failed ---
if (!empty($message)) {
$page_title = "ผลการบันทึก";
include_once __DIR__ . '/../includes/header.php';
include_once __DIR__ . '/../includes/sidebar_supply.php';
?>
<div class="container-fluid">
<h1 class="mt-4">ผลการบันทึก</h1>
<div class="alert alert-<?php echo $message_type; ?>" role="alert">
<?php echo $message; ?>
</div>
<a href="supply_add.php" class="btn btn-primary">เพิ่มรายการใหม่</a>
<a href="index.php" class="btn btn-secondary">กลับไปรายการพัสดุ</a>
</div>
<?php
include_once __DIR__ . '/../includes/footer.php';
mysqli_close($conn); // Close connection if not closed already
}
?>