prepare(" SELECT * FROM kngil.fn_base_cd(:main_cd) "); $stmt->execute([':main_cd' => $main_cd]); echo json_encode([ 'status' => 'success', 'items' => $stmt->fetchAll(PDO::FETCH_ASSOC) ]); break; /* ========================= 1. 사용자 목록 조회 ========================= */ case 'list': // 조회 대상 member_id 결정 $target_member_id = $member_id; // 기본: 세션 기준 // 관리자 / 개발자만 GET member_id 허용 if ($isAdmin && !empty($_GET['member_id'])) { $target_member_id = $_GET['member_id']; } $stmt = $pdo->prepare(" SELECT * FROM kngil.sp_users_r( :member_id, :user_nm, :dept_nm, :use_yn ) "); $stmt->execute([ ':member_id' => $target_member_id, ':user_nm' => $_GET['user_nm'] ?? '', ':dept_nm' => $_GET['dept_nm'] ?? '', ':use_yn' => $_GET['use_yn'] ?? '' ]); $rows = $stmt->fetchAll(PDO::FETCH_ASSOC); foreach ($rows as $i => &$r) { $r['recid'] = $i + 1; } echo json_encode([ 'status' => 'success', 'member_id' => $target_member_id, 'records' => $rows ]); break; /* ========================= 2. 사용자 저장 ========================= */ case 'save': if (!$isAdmin) { throw new Exception('저장 권한이 없습니다.'); } $inserts = $input['inserts'] ?? []; $updates = $input['updates'] ?? []; if (!$inserts && !$updates) { throw new Exception('저장할 데이터가 없습니다.'); } $pdo->beginTransaction(); /* ---------- INSERT ---------- */ if ($inserts) { $stmtI = $pdo->prepare(" SELECT kngil.sp_users_i( :member_id,:user_id,:user_pw,:user_nm,:dept_nm, :posit_nm,:tel_no,:email,:auth_bc,:use_yn,:rmks,:cid ) "); foreach ($inserts as $r) { $stmtI->execute([ ':member_id' => $member_id, ':user_id' => $r['user_id'], ':user_pw' => $r['user_pw'] ?? '0000', ':user_nm' => $r['user_nm'], ':dept_nm' => $r['dept_nm'], ':posit_nm' => $r['posit_nm'] ?? '', ':tel_no' => $r['tel_no'], ':email' => $r['email'], ':auth_bc' => is_array($r['auth_bc']) ? ($r['auth_bc']['id'] ?? '') : $r['auth_bc'], ':use_yn' => is_array($r['use_yn']) ? ($r['use_yn']['id'] ?? 'Y') : $r['use_yn'], ':rmks' => $r['rmks'] ?? '', ':cid' => $user_id ]); } } /* ---------- UPDATE ---------- */ if ($updates) { $stmtChk = $pdo->prepare(" SELECT 1 FROM kngil.users WHERE member_id = :member_id AND user_id = :user_id "); $stmtU = $pdo->prepare(" SELECT kngil.sp_users_u( :member_id,:user_id,NULL,:user_nm,:dept_nm, :posit_nm,:tel_no,:email,:auth_bc,:use_yn,:rmks,:mid ) "); foreach ($updates as $r) { // 회사 탈출 방지 $stmtChk->execute([ ':member_id' => $member_id, ':user_id' => $r['user_id'] ]); if (!$stmtChk->fetchColumn()) { throw new Exception('권한 없는 사용자 수정 시도'); } $stmtU->execute([ ':member_id' => $member_id, ':user_id' => $r['user_id'], ':user_nm' => $r['user_nm'], ':dept_nm' => $r['dept_nm'], ':posit_nm' => $r['posit_nm'] ?? '', ':tel_no' => $r['tel_no'], ':email' => $r['email'], ':auth_bc' => $r['auth_bc'], ':use_yn' => $r['use_yn'], ':rmks' => $r['rmks'] ?? '', ':mid' => $user_id ]); } } $pdo->commit(); echo json_encode(['status' => 'success']); break; /* ========================= 3. 사용자 삭제 (비활성) ========================= */ case 'delete': if (!$isAdmin) { throw new Exception('삭제 권한이 없습니다.'); } $ids = $input['ids'] ?? []; if (!$ids) { throw new Exception('삭제 대상이 없습니다.'); } $stmt = $pdo->prepare(" SELECT kngil.sp_users_d(:member_id, :user_id) "); foreach ($ids as $uid) { $stmt->execute([ ':member_id' => $member_id, ':user_id' => $uid ]); } echo json_encode(['status' => 'success']); break; /* ========================= 4. 회원 총 구매 면적 ========================= */ case 'total_area': $stmt = $pdo->prepare(" SELECT COALESCE(SUM(sum_area),0) FROM kngil.sp_buy_item_history_r(:member_id, '', NULL, NULL) "); $stmt->execute([':member_id' => $member_id]); echo json_encode([ 'status' => 'success', 'total_area' => (int)$stmt->fetchColumn() ]); break; /* ========================= 5. CSV 일괄 계정생성 ========================= */ case 'bulk_create': if (!$isAdmin) { throw new Exception('일괄 생성 권한이 없습니다.'); } $target_member_id = $input['member_id'] ?? ''; $csv_url = $input['csv_url'] ?? ''; if (!$target_member_id || !$csv_url) { throw new Exception('필수 파라미터 누락'); } // CSV 다운로드 $csv = @file_get_contents($csv_url); if ($csv === false) { throw new Exception('CSV 파일을 불러올 수 없습니다.'); } $lines = array_map('str_getcsv', explode("\n", trim($csv))); // 헤더 제거 (첫 줄) array_shift($lines); $success = 0; $fail = 0; $errors = []; $stmt = $pdo->prepare(" SELECT kngil.sp_users_i( :member_id,:user_id,:user_pw,:user_nm,:dept_nm, '',:tel_no,:email,:auth_bc,:use_yn,'', :cid ) "); foreach ($lines as $i => $row) { if (count($row) < 8) { $fail++; $errors[] = "라인 ".($i+2).": 컬럼 수 부족"; continue; } [ $user_id, $user_pw, $user_nm, $tel_no, $email, $dept_nm, $use_txt, $auth_txt ] = array_map('trim', $row); /* ---------- 값 정규화 ---------- */ $use_yn = 'Y'; // 항상 사용 $auth_bc = 'BS100500'; // 일반 권한 /* ---------- 중복 체크 ---------- */ // ID 중복 (대소문자 무시) $chk = $pdo->prepare(" SELECT 1 FROM kngil.users WHERE LOWER(user_id) = LOWER(:uid) "); $chk->execute([':uid' => $user_id]); if ($chk->fetchColumn()) { $fail++; $errors[] = "라인 ".($i+2).": ID 중복 ($user_id)"; continue; } // 전화번호 중복 $chk = $pdo->prepare(" SELECT 1 FROM kngil.users WHERE tel_no = :tel "); $chk->execute([':tel' => $tel_no]); if ($chk->fetchColumn()) { $fail++; $errors[] = "라인 ".($i+2).": 연락처 중복 ($tel_no)"; continue; } /* ---------- 프로시저 호출 ---------- */ try { $stmt->execute([ ':member_id' => $target_member_id, ':user_id' => $user_id, ':user_pw' => $user_pw ?: '0000', ':user_nm' => $user_nm, ':dept_nm' => $dept_nm, ':tel_no' => $tel_no, ':email' => $email, ':auth_bc' => $auth_bc, ':use_yn' => $use_yn, ':cid' => $user_id // 생성자 ]); $result = $stmt->fetchColumn(); // ⭐ 필수 if ($result !== 'SUCCESS') { $fail++; $errors[] = "라인 ".($i+2).": ".$result; continue; } $success++; } catch (Exception $e) { $fail++; $errors[] = "라인 ".($i+2).": ".$e->getMessage(); } } echo json_encode([ 'status' => 'success', 'success_cnt' => $success, 'fail_cnt' => $fail, 'errors' => $errors ]); break; default: throw new Exception('잘못된 요청'); } } catch (Exception $e) { if ($pdo->inTransaction()) { $pdo->rollBack(); } http_response_code(403); echo json_encode([ 'status' => 'error', 'message' => $e->getMessage() ]); }