false, 'message' => 'POST 요청만 허용됩니다.']); exit; } $wr_id = (int) ($_POST['wr_id'] ?? 0); $new_status = trim($_POST['new_status'] ?? ''); $memo = trim($_POST['memo'] ?? ''); if (!$wr_id || !$new_status) { echo json_encode(['success' => false, 'message' => '필수 파라미터가 누락되었습니다.']); exit; } if (!$is_member) { echo json_encode(['success' => false, 'message' => '로그인이 필요합니다.']); exit; } $is_admin = ($member['mb_level'] ?? 0) >= 8; $is_agent = in_array(($member['mb_level'] ?? 0), [5, 6, 7]); try { sql_query("START TRANSACTION"); $write_table = $g5['write_prefix'] . 'order'; $write = sql_fetch("SELECT * FROM {$write_table} WHERE wr_id = '{$wr_id}'"); if (!$write) { throw new Exception('게시물을 찾을 수 없습니다.'); } $is_owner = ($member['mb_id'] === $write['mb_id']); if (!$is_admin && !$is_owner && !$is_agent) { throw new Exception('권한이 없습니다.'); } $current_estimate = sql_fetch("SELECT * FROM estimate WHERE wr_id = '{$wr_id}'"); $old_status = $current_estimate ? $current_estimate['status'] : '견적신청중'; // 권한별 상태 변경 검증 $allowed = false; if ($is_admin) { $allowed = true; // 관리자는 모든 상태 변경 가능 } elseif ($is_owner && empty($write['wr_parent'])) { // 고객 (원본글 작성자) if ($old_status === '견적신청중' && $new_status === '작성완료') { $allowed = true; } elseif ($old_status === '작성완료' && $new_status === '견적채택') { $allowed = true; } } elseif ($is_agent && !empty($write['wr_parent']) && $write['mb_id'] === $member['mb_id']) { // 대리점 (답글 작성자) if ($old_status === '견적제안' && in_array($new_status, ['견적채택', '견적취소'])) { $allowed = true; } } if (!$allowed) { throw new Exception('해당 상태로 변경할 권한이 없습니다.'); } // 상태 업데이트 if ($current_estimate) { sql_query("UPDATE estimate SET status = '{$new_status}', updated_at = NOW(), updated_by = '{$member['mb_id']}' WHERE wr_id = '{$wr_id}'"); } else { sql_query("INSERT INTO estimate (wr_id, status, created_at, created_by, updated_at, updated_by) VALUES ('{$wr_id}', '{$new_status}', NOW(), '{$member['mb_id']}', NOW(), '{$member['mb_id']}')"); } // 게시판 wr_1 필드도 업데이트 sql_query("UPDATE {$write_table} SET wr_1 = '{$new_status}' WHERE wr_id = '{$wr_id}'"); // 이력 기록 $history_data = json_encode([ 'old_status' => $old_status, 'new_status' => $new_status, 'changed_by' => $member['mb_id'], 'changed_at' => date('Y-m-d H:i:s'), 'memo' => $memo, 'ip' => $_SERVER['REMOTE_ADDR'] ], JSON_UNESCAPED_UNICODE); $estimate = sql_fetch("SELECT id FROM estimate WHERE wr_id = '{$wr_id}'"); $estimate_id = $estimate ? $estimate['id'] : 0; sql_query("INSERT INTO estimate_history ( estimate_id, action, change_details, changed_by, changed_at ) VALUES ( '{$estimate_id}', 'status_change', '{$history_data}', '{$member['mb_id']}', NOW() )"); // 알림 발송 processStatusChangeNotification($write, $old_status, $new_status, $member); // 견적채택 특별 처리 if ($new_status === '견적채택' && !empty($write['wr_parent'])) { handleQuoteSelection($write, $member); } sql_query("COMMIT"); echo json_encode([ 'success' => true, 'message' => '상태가 성공적으로 변경되었습니다.', 'data' => [ 'old_status' => $old_status, 'new_status' => $new_status ] ]); } catch (Exception $e) { sql_query("ROLLBACK"); echo json_encode(['success' => false, 'message' => $e->getMessage()]); } function processStatusChangeNotification($write, $old_status, $new_status, $member) { switch ($new_status) { case '작성완료': notifyAgentsNewRequest($write); break; case '견적제안': notifyCustomerQuoteReceived($write); break; case '입금확인': notifyPaymentConfirmed($write, $member); break; } } function notifyAgentsNewRequest($write) { $agents_sql = "SELECT mb_id, mb_name, mb_email, mb_hp FROM {$GLOBALS['g5']['member_table']} WHERE mb_level IN (5,6,7) AND mb_leave_date = '' AND mb_intercept_date = ''"; $agents = sql_query($agents_sql); while ($agent = sql_fetch_array($agents)) { $subject = "[견적요청] 새로운 견적 요청이 등록되었습니다"; $content = "안녕하세요 {$agent['mb_name']}님,\n\n새로운 견적 요청이 등록되었습니다.\n\n고객명: {$write['wr_name']}\n요청제목: {$write['wr_subject']}\n등록시간: " . date('Y-m-d H:i') . "\n\n확인 URL: " . G5_HTTP_BBS_URL . "/board.php?bo_table=order&wr_id={$write['wr_id']}\n\n감사합니다."; @mailer($agent['mb_name'], $agent['mb_email'], $subject, $content, 1); if ($agent['mb_hp']) { @send_sms($agent['mb_hp'], "[견적요청] {$write['wr_name']}님의 새 견적요청이 등록되었습니다."); } } } function notifyCustomerQuoteReceived($write) { $parent_write = sql_fetch("SELECT * FROM {$GLOBALS['g5']['write_prefix']}order WHERE wr_id = '{$write['wr_parent']}'"); if ($parent_write) { $customer = get_member($parent_write['mb_id']); $agent_name = get_member_name($write['mb_id']); @mailer($parent_write['wr_name'], $customer['mb_email'], "[견적도착] {$agent_name}님이 견적을 제안했습니다", "안녕하세요 {$parent_write['wr_name']}님,\n\n{$agent_name}님이 견적을 제안했습니다.\n\n확인해주세요.", 1); if ($customer['mb_hp']) { @send_sms($customer['mb_hp'], "[견적도착] {$agent_name}님이 견적을 제안했습니다."); } } } function notifyPaymentConfirmed($write, $admin_member) { $customer = get_member($write['mb_id']); @mailer($write['wr_name'], $customer['mb_email'], "[입금확인] 입금이 확인되었습니다", "안녕하세요 {$write['wr_name']}님,\n\n입금이 확인되었습니다.\n\n감사합니다.", 1); if ($customer['mb_hp']) { @send_sms($customer['mb_hp'], "[입금확인] 입금이 확인되었습니다."); } } function handleQuoteSelection($write, $member) { $origin_wr_id = $write['wr_parent']; $write_table = $GLOBALS['g5']['write_prefix'] . 'order'; sql_query("UPDATE estimate SET status = '입금예정' WHERE wr_id = '{$origin_wr_id}'"); sql_query("UPDATE {$write_table} SET wr_1 = '견적취소' WHERE wr_parent = '{$origin_wr_id}' AND wr_id != '{$write['wr_id']}'"); $agent = get_member($write['mb_id']); @mailer($agent['mb_name'], $agent['mb_email'], "[견적채택] 축하합니다!", "견적이 채택되었습니다.", 1); if ($agent['mb_hp']) { @send_sms($agent['mb_hp'], "[견적채택] 축하합니다! 견적이 채택되었습니다."); } } function get_member_name($mb_id) { if (!$mb_id) return ''; $member = sql_fetch("SELECT mb_name FROM {$GLOBALS['g5']['member_table']} WHERE mb_id = '{$mb_id}'"); return $member ? $member['mb_name'] : $mb_id; } function send_sms($phone, $message) { return true; } ?>