Tul xxx Tul

Viewing: update_delivery.php

<?php
header('Content-Type: application/json; charset=utf-8');
include '../components/connect.php';

session_start();

$admin_id = $_SESSION['admin_id'] ?? null;
if(!$admin_id){
   http_response_code(401);
   echo json_encode(['success' => false, 'message' => 'No autorizado']);
   exit();
}

if($_SERVER['REQUEST_METHOD'] !== 'POST'){
   http_response_code(405);
   echo json_encode(['success' => false, 'message' => 'Método no permitido']);
   exit();
}

function respond_error($msg, $code = 400){
   http_response_code($code);
   echo json_encode(['success' => false, 'message' => $msg]);
   exit();
}

$order_id       = (int)($_POST['order_id'] ?? 0);
$customer_name  = trim($_POST['customer_name'] ?? '');
$phone          = trim($_POST['phone'] ?? '');
$address        = trim($_POST['address'] ?? '');
$payment_method = trim($_POST['payment_method'] ?? '');
$notes          = trim($_POST['notes'] ?? '');
$status         = trim($_POST['status'] ?? 'pendiente');
$order_items    = $_POST['order_items'] ?? '';
$total_amount   = (float)($_POST['total_amount'] ?? 0);

$preparer_id_raw = $_POST['preparer_id'] ?? '';
$preparer_id = null;
if($preparer_id_raw !== '' && ctype_digit((string)$preparer_id_raw)){
   $preparer_id = (int)$preparer_id_raw;
   if($preparer_id <= 0){
      $preparer_id = null;
   }
}

$preparer_ids_raw = $_POST['preparer_ids'] ?? '';
if(is_array($preparer_ids_raw)){
   $preparer_ids_raw = implode(',', $preparer_ids_raw);
}
$preparer_ids = [];
if(is_string($preparer_ids_raw) && $preparer_ids_raw !== ''){
   foreach(explode(',', $preparer_ids_raw) as $pidStr){
      $pid = (int)trim($pidStr);
      if($pid > 0){
         $preparer_ids[$pid] = $pid;
      }
   }
}
if($preparer_id !== null && empty($preparer_ids)){
   $preparer_ids[$preparer_id] = $preparer_id;
}

if($order_id <= 0){
   respond_error('Pedido inválido', 404);
}

$valid_methods = ['efectivo','transferencia'];
$valid_status = ['pendiente','en_preparacion','en_camino','entregado','cancelado'];

if($customer_name === '' || $phone === '' || $address === '' || $payment_method === ''){
   respond_error('Datos incompletos');
}

if(!in_array($payment_method, $valid_methods, true)){
   respond_error('Método de pago no válido');
}

if(!in_array($status, $valid_status, true)){
   respond_error('Estado no válido');
}

$items = json_decode($order_items, true);
if(!is_array($items) || count($items) === 0){
   respond_error('El pedido debe contener productos');
}

try {
   // Validar que el pedido exista y obtener su fecha original
   $check_order = $conn->prepare("SELECT id, created_at, inventory_deducted FROM `delivery_orders` WHERE id = ?");
   $check_order->execute([$order_id]);
   $order_data = $check_order->fetch(PDO::FETCH_ASSOC);
   if(!$order_data){
      respond_error('Pedido no encontrado', 404);
   }
   $original_created_at = $order_data['created_at'];

   // Recalcular total usando precios actuales
   $ids = array_values(array_unique(array_map(function($it){ return (int)($it['id'] ?? 0); }, $items)));
   if(empty($ids)) respond_error('Productos inválidos');

   $placeholders = implode(',', array_fill(0, count($ids), '?'));
   $stmt = $conn->prepare("SELECT id, name, price, sale_price FROM products WHERE id IN ($placeholders)");
   $stmt->execute($ids);
   $dbProducts = $stmt->fetchAll(PDO::FETCH_ASSOC);
   $byId = [];
   foreach($dbProducts as $p){
      $byId[(int)$p['id']] = $p;
   }

   $cleanItems = [];
   $serverTotal = 0.0;
   foreach($items as $item){
      $pid = (int)($item['id'] ?? 0);
      $qty = (int)($item['cantidad'] ?? 0);
      if($pid <= 0 || $qty <= 0 || !isset($byId[$pid])) continue;
      $pname = $byId[$pid]['name'];
      $costPrice = (float)$byId[$pid]['price'];
      $salePrice = isset($byId[$pid]['sale_price']) && (float)$byId[$pid]['sale_price'] > 0
         ? (float)$byId[$pid]['sale_price']
         : $costPrice;
      $subtotal = $salePrice * $qty;
      $serverTotal += $subtotal;
      $cleanItems[] = [
         'id' => $pid,
         'nombre' => $pname,
         'precio' => $salePrice,
         'coste' => $costPrice,
         'cantidad' => $qty
      ];
   }

   if(empty($cleanItems)) respond_error('Productos inválidos');

   if(!empty($preparer_ids)){
      $placeholdersPrep = implode(',', array_fill(0, count($preparer_ids), '?'));
      $prepStmt = $conn->prepare("SELECT id FROM preparers WHERE id IN ($placeholdersPrep)");
      $prepStmt->execute(array_values($preparer_ids));
      $validIds = [];
      foreach($prepStmt->fetchAll(PDO::FETCH_COLUMN, 0) as $vid){
         $vid = (int)$vid;
         if($vid > 0){
            $validIds[$vid] = $vid;
         }
      }
      $preparer_ids = $validIds;
   }

   $primary_preparer_id = null;
   if(!empty($preparer_ids)){
      $values = array_values($preparer_ids);
      $primary_preparer_id = (int)$values[0];
   }
   $preparer_id = $primary_preparer_id;

   if(empty($preparer_ids)){
      $placeholdersProd = implode(',', array_fill(0, count($ids), '?'));
      $prepByProductStmt = $conn->prepare(
         "SELECT product_id, preparer_id, is_primary FROM product_preparers WHERE product_id IN ($placeholdersProd) ORDER BY is_primary DESC, preparer_id ASC"
      );
      $prepByProductStmt->execute($ids);
      $derived = [];
      $primaryByProduct = [];
      foreach($prepByProductStmt->fetchAll(PDO::FETCH_ASSOC) as $row){
         $pId = (int)$row['product_id'];
         $prepId = (int)$row['preparer_id'];
         if($prepId <= 0){
            continue;
         }
         $derived[$prepId] = $prepId;
         if((int)$row['is_primary'] === 1 && !isset($primaryByProduct[$pId])){
            $primaryByProduct[$pId] = $prepId;
         }
      }
      $preparer_ids = $derived;
      if(!empty($preparer_ids)){
         $primaryFromProducts = [];
         foreach($ids as $pid){
            if(isset($primaryByProduct[(int)$pid])){
               $primaryFromProducts[$primaryByProduct[(int)$pid]] = $primaryByProduct[(int)$pid];
            }
         }
         if(!empty($primaryFromProducts)){
            $values = array_values($primaryFromProducts);
            $preparer_id = (int)$values[0];
         }
      }
   }

   $shouldSetDelivered = $status === 'entregado';

   $conn->beginTransaction();

   $lockStmt = $conn->prepare("SELECT status, payment_method, total_amount, inventory_deducted FROM `delivery_orders` WHERE id = ? FOR UPDATE");
   $lockStmt->execute([$order_id]);
   $locked = $lockStmt->fetch(PDO::FETCH_ASSOC);
   if(!$locked){
      $conn->rollBack();
      respond_error('Pedido no encontrado', 404);
   }
   $alreadyDeducted = !empty($locked['inventory_deducted']);
   $wasDelivered = (isset($locked['status']) && $locked['status'] === 'entregado');

   $update_order = $conn->prepare("UPDATE `delivery_orders` SET customer_name = ?, phone = ?, address = ?, payment_method = ?, notes = ?, order_items = ?, total_amount = ?, status = ?, preparer_id = ? WHERE id = ?");
   $update_order->execute([
      $customer_name,
      $phone,
      $address,
      $payment_method,
      $notes,
      json_encode($cleanItems, JSON_UNESCAPED_UNICODE|JSON_UNESCAPED_SLASHES),
      $serverTotal,
      $status,
      $preparer_id,
      $order_id
   ]);

   // Restaurar la fecha de creación original si la tabla la actualiza automáticamente
   if($original_created_at !== null){
      $restore_created = $conn->prepare("UPDATE `delivery_orders` SET created_at = ? WHERE id = ?");
      $restore_created->execute([$original_created_at, $order_id]);
   }

   $delete_items = $conn->prepare("DELETE FROM `delivery_order_items` WHERE order_id = ?");
   $delete_items->execute([$order_id]);

   $insert_item = $conn->prepare("INSERT INTO `delivery_order_items` (order_id, product_id, product_name, quantity, price, cost_price, subtotal) VALUES (?,?,?,?,?,?,?)");
   foreach($cleanItems as $ci){
      $insert_item->execute([
         $order_id,
         $ci['id'],
         $ci['nombre'],
         $ci['cantidad'],
         $ci['precio'],
         $ci['coste'],
         $ci['precio'] * $ci['cantidad']
      ]);
   }

   $delete_preps = $conn->prepare("DELETE FROM `delivery_order_preparers` WHERE order_id = ?");
   $delete_preps->execute([$order_id]);

   if(!empty($preparer_ids)){
      $insertPrep = $conn->prepare("INSERT INTO `delivery_order_preparers` (order_id, preparer_id) VALUES (?,?)");
      foreach($preparer_ids as $pid){
         $insertPrep->execute([$order_id, $pid]);
      }
   }

   if($shouldSetDelivered && !$alreadyDeducted){
      $productQtyById = [];
      foreach($cleanItems as $ci){
         $pid = (int)($ci['id'] ?? 0);
         $qty = (int)($ci['cantidad'] ?? 0);
         if($pid <= 0 || $qty <= 0){
            continue;
         }
         if(!isset($productQtyById[$pid])){
            $productQtyById[$pid] = 0;
         }
         $productQtyById[$pid] += $qty;
      }

      recordInventoryConsumption($conn, (int)$admin_id, 'Pedido domicilio', (int)$order_id, $productQtyById);
      $mark = $conn->prepare("UPDATE `delivery_orders` SET inventory_deducted = 1 WHERE id = ?");
      $mark->execute([$order_id]);
   }

   if (!$wasDelivered && $shouldSetDelivered) {
       require_once '../components/cash_register_functions.php';
       recordCashTransaction($conn, 'income', $serverTotal, $payment_method, "Pedido Domicilio #{$order_id} - Cliente: {$customer_name}", 'delivery', $order_id, $admin_id);
   }

   $conn->commit();
   echo json_encode(['success' => true, 'order_id' => $order_id, 'total' => $serverTotal]);
} catch (Throwable $e){
   if($conn->inTransaction()) $conn->rollBack();
   respond_error('Error al actualizar el pedido');
}
User / IP	: 216.73.216.146
Host / Server	: 45.84.207.204 / aircan.me
System	: Linux lt-bnk-web1726.main-hosting.eu 5.14.0-611.36.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 3 11:23:52 EST 2026 x86_64