b24014/kngil_home
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
90dbb86c944e58814e16c62b9373f9c3cc40cc78
kngil_home/kngil/bbs/adm_comp.php
송대일 21b6332c9c commit
2026-01-30 17:20:52 +09:00

394 lines
12 KiB
PHP
Raw Blame History

<?php
ini_set('display_errors', 0);
error_reporting(0);
header('Content-Type: application/json; charset=utf-8');
/* =========================
로그인 / 권한 가드
========================= */
require_once __DIR__ . '/adm_guard.php';
require_once __DIR__ . '/db_conn.php';
/* =========================
세션 기준 값
========================= */
$login = $_SESSION['login'];
$auth_bc = $login['auth_bc']; // 권한코드
$member_id = $login['member_id']; // 회사ID
$user_id = $login['user_id'] ?? 'SYSTEM';
/* =========================
권한 정의 (단순화 버전)
========================= */
$isAdmin = in_array(
$auth_bc,
['BS100100','BS100200','BS100300','BS100400'],
true
);
/* =========================
입력
========================= */
$input = json_decode(file_get_contents('php://input'), true) ?? [];
$action = $_GET['action'] ?? $input['action'] ?? 'list';
try {
switch ($action) {
/* =========================
0. 공통코드 조회
========================= */
case 'base_code':
$main_cd = $_GET['main_cd'] ?? $input['main_cd'] ?? '';
if (!$main_cd) {
throw new Exception('main_cd가 필요합니다.');
}
$stmt = $pdo->prepare("
SELECT *
FROM kngil.fn_base_cd(:main_cd)
");
$stmt->execute([':main_cd' => $main_cd]);
echo json_encode([
'status' => 'success',
'items' => $stmt->fetchAll(PDO::FETCH_ASSOC)
]);
break;
/* =========================
1. 사용자 목록 조회
========================= */
case 'list':
// 조회 대상 member_id 결정
$target_member_id = $member_id; // 기본: 세션 기준
// 관리자 / 개발자만 GET member_id 허용
if ($isAdmin && !empty($_GET['member_id'])) {
$target_member_id = $_GET['member_id'];
}
$stmt = $pdo->prepare("
SELECT *
FROM kngil.sp_users_r(
:member_id,
:user_nm,
:dept_nm,
:use_yn
)
");
$stmt->execute([
':member_id' => $target_member_id,
':user_nm' => $_GET['user_nm'] ?? '',
':dept_nm' => $_GET['dept_nm'] ?? '',
':use_yn' => $_GET['use_yn'] ?? ''
]);
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
foreach ($rows as $i => &$r) {
$r['recid'] = $i + 1;
}
echo json_encode([
'status' => 'success',
'member_id' => $target_member_id,
'records' => $rows
]);
break;
/* =========================
2. 사용자 저장
========================= */
case 'save':
if (!$isAdmin) {
throw new Exception('저장 권한이 없습니다.');
}
$inserts = $input['inserts'] ?? [];
$updates = $input['updates'] ?? [];
if (!$inserts && !$updates) {
throw new Exception('저장할 데이터가 없습니다.');
}
$pdo->beginTransaction();
/* ---------- INSERT ---------- */
if ($inserts) {
$stmtI = $pdo->prepare("
SELECT kngil.sp_users_i(
:member_id,:user_id,:user_pw,:user_nm,:dept_nm,
:posit_nm,:tel_no,:email,:auth_bc,:use_yn,:rmks,:cid
)
");
foreach ($inserts as $r) {
$stmtI->execute([
':member_id' => $member_id,
':user_id' => $r['user_id'],
':user_pw' => $r['user_pw'] ?? '0000',
':user_nm' => $r['user_nm'],
':dept_nm' => $r['dept_nm'],
':posit_nm' => $r['posit_nm'] ?? '',
':tel_no' => $r['tel_no'],
':email' => $r['email'],
':auth_bc' => is_array($r['auth_bc'])
? ($r['auth_bc']['id'] ?? '')
: $r['auth_bc'],
':use_yn' => is_array($r['use_yn'])
? ($r['use_yn']['id'] ?? 'Y')
: $r['use_yn'],
':rmks' => $r['rmks'] ?? '',
':cid' => $user_id
]);
}
}
/* ---------- UPDATE ---------- */
if ($updates) {
$stmtChk = $pdo->prepare("
SELECT 1
FROM kngil.users
WHERE member_id = :member_id
AND user_id = :user_id
");
$stmtU = $pdo->prepare("
SELECT kngil.sp_users_u(
:member_id,:user_id,NULL,:user_nm,:dept_nm,
:posit_nm,:tel_no,:email,:auth_bc,:use_yn,:rmks,:mid
)
");
foreach ($updates as $r) {
// 회사 탈출 방지
$stmtChk->execute([
':member_id' => $member_id,
':user_id' => $r['user_id']
]);
if (!$stmtChk->fetchColumn()) {
throw new Exception('권한 없는 사용자 수정 시도');
}
$stmtU->execute([
':member_id' => $member_id,
':user_id' => $r['user_id'],
':user_nm' => $r['user_nm'],
':dept_nm' => $r['dept_nm'],
':posit_nm' => $r['posit_nm'] ?? '',
':tel_no' => $r['tel_no'],
':email' => $r['email'],
':auth_bc' => $r['auth_bc'],
':use_yn' => $r['use_yn'],
':rmks' => $r['rmks'] ?? '',
':mid' => $user_id
]);
}
}
$pdo->commit();
echo json_encode(['status' => 'success']);
break;
/* =========================
3. 사용자 삭제 (비활성)
========================= */
case 'delete':
if (!$isAdmin) {
throw new Exception('삭제 권한이 없습니다.');
}
$ids = $input['ids'] ?? [];
if (!$ids) {
throw new Exception('삭제 대상이 없습니다.');
}
$stmt = $pdo->prepare("
SELECT kngil.sp_users_d(:member_id, :user_id)
");
foreach ($ids as $uid) {
$stmt->execute([
':member_id' => $member_id,
':user_id' => $uid
]);
}
echo json_encode(['status' => 'success']);
break;
/* =========================
4. 회원 총 구매 면적
========================= */
case 'total_area':
$stmt = $pdo->prepare("
SELECT COALESCE(SUM(sum_area),0)
FROM kngil.sp_buy_item_history_r(:member_id, '', NULL, NULL)
");
$stmt->execute([':member_id' => $member_id]);
echo json_encode([
'status' => 'success',
'total_area' => (int)$stmt->fetchColumn()
]);
break;
/* =========================
5. CSV 일괄 계정생성
========================= */
case 'bulk_create':
if (!$isAdmin) {
throw new Exception('일괄 생성 권한이 없습니다.');
}
$target_member_id = $input['member_id'] ?? '';
$csv_url = $input['csv_url'] ?? '';
if (!$target_member_id || !$csv_url) {
throw new Exception('필수 파라미터 누락');
}
// CSV 다운로드
$csv = @file_get_contents($csv_url);
if ($csv === false) {
throw new Exception('CSV 파일을 불러올 수 없습니다.');
}
$lines = array_map('str_getcsv', explode("\n", trim($csv)));
// 헤더 제거 (첫 줄)
array_shift($lines);
$success = 0;
$fail = 0;
$errors = [];
$stmt = $pdo->prepare("
SELECT kngil.sp_users_i(
:member_id,:user_id,:user_pw,:user_nm,:dept_nm,
'',:tel_no,:email,:auth_bc,:use_yn,'',
:cid
)
");
foreach ($lines as $i => $row) {
if (count($row) < 8) {
$fail++;
$errors[] = "라인 ".($i+2).": 컬럼 수 부족";
continue;
}
[
$user_id,
$user_pw,
$user_nm,
$tel_no,
$email,
$dept_nm,
$use_txt,
$auth_txt
] = array_map('trim', $row);
/* ---------- 값 정규화 ---------- */
$use_yn = 'Y'; // 항상 사용
$auth_bc = 'BS100500'; // 일반 권한
/* ---------- 중복 체크 ---------- */
// ID 중복 (대소문자 무시)
$chk = $pdo->prepare("
SELECT 1 FROM kngil.users
WHERE LOWER(user_id) = LOWER(:uid)
");
$chk->execute([':uid' => $user_id]);
if ($chk->fetchColumn()) {
$fail++;
$errors[] = "라인 ".($i+2).": ID 중복 ($user_id)";
continue;
}
// 전화번호 중복
$chk = $pdo->prepare("
SELECT 1 FROM kngil.users
WHERE tel_no = :tel
");
$chk->execute([':tel' => $tel_no]);
if ($chk->fetchColumn()) {
$fail++;
$errors[] = "라인 ".($i+2).": 연락처 중복 ($tel_no)";
continue;
}
/* ---------- 프로시저 호출 ---------- */
try {
$stmt->execute([
':member_id' => $target_member_id,
':user_id' => $user_id,
':user_pw' => $user_pw ?: '0000',
':user_nm' => $user_nm,
':dept_nm' => $dept_nm,
':tel_no' => $tel_no,
':email' => $email,
':auth_bc' => $auth_bc,
':use_yn' => $use_yn,
':cid' => $user_id // 생성자
]);
$result = $stmt->fetchColumn(); // ⭐ 필수
if ($result !== 'SUCCESS') {
$fail++;
$errors[] = "라인 ".($i+2).": ".$result;
continue;
}
$success++;
} catch (Exception $e) {
$fail++;
$errors[] = "라인 ".($i+2).": ".$e->getMessage();
}
}
echo json_encode([
'status' => 'success',
'success_cnt' => $success,
'fail_cnt' => $fail,
'errors' => $errors
]);
break;
default:
throw new Exception('잘못된 요청');
}
} catch (Exception $e) {
if ($pdo->inTransaction()) {
$pdo->rollBack();
}
http_response_code(403);
echo json_encode([
'status' => 'error',
'message' => $e->getMessage()
]);
}
Reference in New Issue View Git Blame Copy Permalink