trim($v) !== '');
$codes = array_map('trim', $codes);
$codesStr = implode("\n", $codes);
$attachment = '';
if ($content === '') {
$msg = '工单内容不能为空
';
} elseif (empty($codes)) {
$msg = '请至少关联一个兑换码
';
} elseif (count($codes) > 10) {
$msg = '最多关联10个兑换码
';
} elseif (count(array_unique($codes)) !== count($codes)) {
$msg = '关联的兑换码不能重复
';
} else {
$userId = getCurrentUserId();
$pid = getCurrentProductId();
$placeholders = implode(',', array_fill(0, count($codes), '?'));
$stmt = $pdo->prepare("SELECT code, status FROM claim_records WHERE user_id = ? AND product_id = ? AND code IN ($placeholders)");
$stmt->execute(array_merge([$userId, $pid], $codes));
$foundCodes = $stmt->fetchAll();
$expiredCodes = array_map(fn($r) => $r['code'], array_filter($foundCodes, fn($r) => (int)$r['status'] === 3));
$invalidCodes = array_diff($codes, array_column($foundCodes, 'code'));
if (!empty($expiredCodes)) {
$msg = '以下兑换码已过期,无法提交工单:' . h(implode(', ', $expiredCodes)) . '
';
} elseif (!empty($invalidCodes)) {
$msg = '以下兑换码不在您的领取记录中:' . h(implode(', ', $invalidCodes)) . '
';
} else {
// 检查是否已在未处理工单中
$stmt = $pdo->prepare("SELECT code FROM work_orders WHERE creator_id = ? AND product_id = ? AND status = '未处理'");
$stmt->execute([$userId, $pid]);
$pendingOrderCodes = [];
while ($row = $stmt->fetch()) {
$pendingOrderCodes = array_merge($pendingOrderCodes, array_filter(explode("\n", $row['code'] ?? '')));
}
$pendingOrderCodes = array_map('trim', $pendingOrderCodes);
$inPending = array_intersect($codes, $pendingOrderCodes);
if (!empty($inPending)) {
$msg = '以下兑换码已在未处理的工单中,请处理后再提交:' . h(implode(', ', $inPending)) . '
';
} else {
if (isset($_FILES['attachment']) && $_FILES['attachment']['error'] === UPLOAD_ERR_OK) {
$ext = strtolower(pathinfo($_FILES['attachment']['name'], PATHINFO_EXTENSION));
$allowed = ['jpg', 'jpeg', 'png', 'gif', 'pdf', 'doc', 'docx', 'xls', 'xlsx', 'zip', 'rar', 'txt'];
if (!in_array($ext, $allowed)) {
$msg = '不支持的文件格式
';
} elseif ($_FILES['attachment']['size'] > 10 * 1024 * 1024) {
$msg = '文件大小不能超过10MB
';
} else {
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mime = finfo_file($finfo, $_FILES['attachment']['tmp_name']);
finfo_close($finfo);
if (!in_array($mime, ['image/jpeg','image/png','image/gif','application/pdf','application/msword','application/vnd.openxmlformats-officedocument.wordprocessingml.document','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip','application/x-rar-compressed','text/plain'])) {
$msg = '不支持的文件格式
';
} else {
$filename = bin2hex(random_bytes(16)) . '.' . $ext;
$dest = __DIR__ . '/uploads/' . $filename;
if (move_uploaded_file($_FILES['attachment']['tmp_name'], $dest)) {
$attachment = 'uploads/' . $filename;
}
}
}
}
if (!$msg) {
try {
$stmt = $pdo->prepare('INSERT INTO work_orders (product_id, content, code, attachment, creator_id, created_at, status) VALUES (?, ?, ?, ?, ?, NOW(), ?)');
$stmt->execute([$pid, $content, $codesStr ?: null, $attachment ?: null, getCurrentUserId(), '未处理']);
$_SESSION['flash_msg'] = '工单提交成功';
$_SESSION['flash_type'] = 'success';
header('Location: work_order_records.php');
exit;
} catch (Exception $e) {
$msg = '提交失败,请重试
';
}
}
}
}
}
}
$pageTitle = '发起工单';
require __DIR__ . '/includes/header.php';
?>