<?php

	include $_SERVER["DOCUMENT_ROOT"].'/common/lib/comm.php';
	include $_SERVER['DOCUMENT_ROOT'].'/common/aap_chk_m.php';

	$table_name = "aap_master";

	$PageNo = trim(avoid_crack($_REQUEST["PageNo"]));

	$mode = trim(avoid_crack($_POST["mode"]));

	$cd_dealer  		= trim(avoid_crack($_POST["cd_dealer"]));
	$cd_dealerid  		= trim(avoid_crack($_POST["cd_dealerid"]));
	$cd_dealer_p  		= trim(avoid_crack($_POST["cd_dealer_p"]));
	$nm_pass  			= trim(avoid_crack($_POST["nm_pass"]));
	$ds_type  			= trim(avoid_crack($_POST["ds_type"]));
	$ds_usertype  		= trim(avoid_crack($_POST["ds_usertype"]));
	$ds_level  			= trim(avoid_crack($_POST["ds_level"]));
	$nm_company  		= trim(avoid_crack($_POST["nm_company"]));
	$nm_name  			= trim(avoid_crack($_POST["nm_name"]));
	$nm_birth  			= trim(avoid_crack($_POST["nm_birth"]));
	$nm_tel_01  		= trim(avoid_crack($_POST["nm_tel_01"]));
	$nm_tel_02  		= trim(avoid_crack($_POST["nm_tel_02"]));
	$nm_tel_03  		= trim(avoid_crack($_POST["nm_tel_03"]));
	$nm_hp				= trim(avoid_crack($_POST["nm_hp"]));
	$nm_hp_01  			= trim(avoid_crack($_POST["nm_hp1"]));
	$nm_hp_02  			= trim(avoid_crack($_POST["nm_hp2"]));
	$nm_hp_03  			= trim(avoid_crack($_POST["nm_hp3"]));
	$nm_fax_01  		= trim(avoid_crack($_POST["nm_fax_01"]));
	$nm_fax_02  		= trim(avoid_crack($_POST["nm_fax_02"]));
	$nm_fax_03  		= trim(avoid_crack($_POST["nm_fax_03"]));
	$nm_email  			= trim(avoid_crack($_POST["nm_email"]));
	$nm_zip  			= trim(avoid_crack($_POST["nm_zip"]));
	$nm_addr  			= trim(avoid_crack($_POST["nm_addr"]));
	$nm_addr_sub  		= trim(avoid_crack($_POST["nm_addr_sub"]));
	$nm_etc_01  		= trim(avoid_crack($_POST["nm_etc_01"]));
	$nm_etc_02  		= trim(avoid_crack($_POST["nm_etc_02"]));
	$nm_etc_03  		= trim(avoid_crack($_POST["nm_etc_03"]));
	$ds_status  		= trim(avoid_crack($_POST["ds_status"]));
	$nm_company_biz  	= trim(avoid_crack($_POST["nm_company_biz"]));
	$nm_name_biz  		= trim(avoid_crack($_POST["nm_name_biz"]));
	$nm_no_biz  		= trim(avoid_crack($_POST["nm_no_biz"]));
	$nm_date_biz  		= trim(avoid_crack($_POST["nm_date_biz"]));
	$nm_type_biz  		= trim(avoid_crack($_POST["nm_type_biz"]));
	$nm_condition_biz 	= trim(avoid_crack($_POST["nm_condition_biz"]));
	$nm_tel_biz_01  	= trim(avoid_crack($_POST["nm_tel_biz_01"]));
	$nm_tel_biz_02  	= trim(avoid_crack($_POST["nm_tel_biz_02"]));
	$nm_tel_biz_03  	= trim(avoid_crack($_POST["nm_tel_biz_03"]));
	$nm_hp_biz_01  		= trim(avoid_crack($_POST["nm_hp_biz_01"]));
	$nm_hp_biz_02  		= trim(avoid_crack($_POST["nm_hp_biz_02"]));
	$nm_hp_biz_03  		= trim(avoid_crack($_POST["nm_hp_biz_03"]));
	$nm_fax_biz_01  	= trim(avoid_crack($_POST["nm_fax_biz_01"]));
	$nm_fax_biz_02  	= trim(avoid_crack($_POST["nm_fax_biz_02"]));
	$nm_fax_biz_03  	= trim(avoid_crack($_POST["nm_fax_biz_03"]));
	$nm_email_biz  		= trim(avoid_crack($_POST["nm_email_biz"]));
	$nm_zip_biz  		= trim(avoid_crack($_POST["nm_zip_biz"]));
	$nm_addr_biz  		= trim(avoid_crack($_POST["nm_addr_biz"]));
	$nm_addr_sub_biz  	= trim(avoid_crack($_POST["nm_addr_sub_biz"]));
	$ds_company_bp1 	= trim(avoid_crack($_POST["ds_company_bp1"]));
	$ds_branch1 		= trim(avoid_crack($_POST["ds_branch1"]));
	$ds_company_bp2 	= trim(avoid_crack($_POST["ds_company_bp2"]));
	$ds_branch2 		= trim(avoid_crack($_POST["ds_branch2"]));
	$ds_company_bp3 	= trim(avoid_crack($_POST["ds_company_bp3"]));
	$ds_branch3 		= trim(avoid_crack($_POST["ds_branch3"]));
//	$nm_area  = trim(avoid_crack($_POST["nm_area"]));
if ($mode == "UpdateDealer"){
	$nm_area  = trim(avoid_crack(implode(",",$_POST["nm_area"])));
}else{
	$nm_area  = trim(avoid_crack($_POST["nm_area"]));
}
	$nm_title  = trim(avoid_crack($_POST["nm_title"]));
	$nm_file  = trim(avoid_crack($_POST["nm_file"]));
	$nm_etc  = trim(avoid_crack($_POST["nm_etc"]));
	$dt_insert  = trim(avoid_crack($_POST["dt_insert"]));
	$nm_insert  = trim(avoid_crack($_POST["nm_insert"]));
	$dt_update  = trim(avoid_crack($_POST["dt_update"]));
	$nm_update  = trim(avoid_crack($_POST["nm_update"]));
	$ds_delind  = trim(avoid_crack($_POST["ds_delind"]));

	$cd_sale  = trim(avoid_crack($_POST["cd_sale"]));
	$nm_price  = trim(avoid_crack($_POST["nm_price"]));
	$nm_score_postscript  = trim(avoid_crack($_POST["nm_score_postscript"]));
	$nm_cont_postscript  = trim(avoid_crack($_POST["nm_cont_postscript"]));

	// $cd_procid = $_SESSION[admin_cd_dealerid];
	$cd_procid = $_SESSION['s_cd_dealerid'];


//	$PageNo = trim(avoid_crack($_POST["PageNo"]));

	$upload_path =  $_SERVER['DOCUMENT_ROOT'].UPLOAD_PATH."dealer/";

	$RES = array('CODE'=>'9999', 'MSG'=>'');
	try {

		switch($mode) {
			//저장하기
			case "Add" :

				$s_cd_dealer = $_SESSION['s_cd_dealer'];

				$check_id=@mysql_result(mysql_query("select count(*) from $table_name where cd_dealerid = '". $cd_dealerid . "' "),0,0);
				if($check_id>0) {
					throw new Exception("이미 사용중인 아이디입니다.다시 한번 확인하세요.", "9990");
				}


				$cnt=@mysql_result(mysql_query("select count(*) from $table_name where ds_delind='N' And ds_type='D1' And cd_dealer_p = '". $s_cd_dealer . "' "),0,0);
				if($cnt >= 2 ) {
					// throw new Exception("부 관리자는 2명 까지 등록 가능합니다.", "9990");
				}
				//
				// $cnt = $dbCon->getOneDAO("count(*)",$table_name, $_whereis, 1);
				// if($cnt >=2 ) {
				// 	throw new Exception("부 관리자는 2명 까지 등록 가능합니다.", "9990");
				// }


				$upload_file_name = '';
				if (is_uploaded_file($_FILES['nm_file']['tmp_name'])) {
					if($_FILES['nm_file']['size'] > 0 ){
						$upload_file_name = upload($_FILES['nm_file'],$upload_path."nm_file/", 800, array('gif',  'jpeg', 'jpg','png','bmp' ,'ttif'));
						if($upload_file_name==false){
							throw new Exception("첨부파일 업로드 실패 하였습니다.", "9990");
						}
					}
				}
				$file_sql = '';
				if(!empty($upload_file_name)) {
					$file_sql = " , nm_file = '$upload_file_name'";
				}
				$ds_status = 'Z0';

				$sql = "INSERT INTO $table_name SET
							cd_dealerid 		= '$cd_dealerid'
							, cd_dealer_p 		= '$s_cd_dealer'
							, nm_pass 			= password('".$nm_pass."')
							, ds_type 			= '$ds_type'
							, ds_usertype 		= '$ds_usertype'
							, ds_level 			= '$ds_level'
							, nm_company		= '$nm_company'
							, nm_name 			= '$nm_name'
							, nm_birth 			= '$nm_birth'
							, nm_tel_01 		= '$nm_tel_01'
							, nm_tel_02 		= '$nm_tel_02'
							, nm_tel_03 		= '$nm_tel_03'
							, nm_hp 			= '$nm_hp'
							, nm_hp_01 			= '$nm_hp_01'
							, nm_hp_02 			= '$nm_hp_02'
							, nm_hp_03 			= '$nm_hp_03'
							, nm_fax_01 		= '$nm_fax_01'
							, nm_fax_02 		= '$nm_fax_02'
							, nm_fax_03 		= '$nm_fax_03'
							, nm_email 			= '$nm_email'
							, nm_zip 			= '$nm_zip'
							, nm_addr 			= '$nm_addr'
							, nm_addr_sub 		= '$nm_addr_sub'
							, nm_etc_01 		= '$nm_etc_01'
							, nm_etc_02 		= '$nm_etc_02'
							, nm_etc_03 		= '$nm_etc_03'
							, ds_status 		= '$ds_status'
							, nm_company_biz 	= '$nm_company_biz'
							, nm_name_biz 		= '$nm_name_biz'
							, nm_no_biz 		= '$nm_no_biz'
							, nm_date_biz 		= '$nm_date_biz'
							, nm_type_biz 		= '$nm_type_biz'
							, nm_condition_biz 	= '$nm_condition_biz'
							, nm_tel_biz_01 	= '$nm_tel_biz_01'
							, nm_tel_biz_02 	= '$nm_tel_biz_02'
							, nm_tel_biz_03 	= '$nm_tel_biz_03'
							, nm_hp_biz_01 		= '$nm_hp_biz_01'
							, nm_hp_biz_02 		= '$nm_hp_biz_02'
							, nm_hp_biz_03 		= '$nm_hp_biz_03'
							, nm_fax_biz_01 	= '$nm_fax_biz_01'
							, nm_fax_biz_02 	= '$nm_fax_biz_02'
							, nm_fax_biz_03 	= '$nm_fax_biz_03'
							, nm_email_biz 		= '$nm_email_biz'
							, nm_zip_biz 		= '$nm_zip_biz'
							, nm_addr_biz 		= '$nm_addr_biz'
							, nm_addr_sub_biz 	= '$nm_addr_sub_biz'
							, ds_company_bp1 	= '$ds_company_bp1'
							, ds_branch1 		= '$ds_branch1'
							, ds_company_bp2 	= '$ds_company_bp2'
							, ds_branch2 		= '$ds_branch2'
							, ds_company_bp3 	= '$ds_company_bp3'
							, ds_branch3 		= '$ds_branch3'
							, nm_area 			= '$nm_area'
							, nm_title 			= '$nm_title'
							, nm_etc 			= '$nm_etc'
							, dt_insert 		= now()
							, nm_insert 		= '$cd_procid'
							, dt_update 		= now()
							, nm_update 		= '$cd_procid'
							, ds_delind 		= 'N'
							$file_sql

				";
				// echo $sql;
				// exit;
				$result  = mysql_query($sql,$connect);

				if(!$result) {
					throw new Exception("관리자 등록에 실패 하였습니다.잠시후 다시 시도해 주세요.", "9990");
				}
		//echo $result;
		//echo "<BR>";
				$cd_dealer  = mysql_insert_id();

				// $sqlPwd="UPDATE aap_master set nm_pass = password('".$nm_pass."'), cd_dealer_p = '".$s_cd_dealer."' where cd_dealer = '".$cd_dealer."'";
				// $result  = $dbCon->query($sqlPwd);

				$RES['CODE'] = "0000";
	 			$RES['MSG'] = "관리자 등록이 완료되었습니다.";
		//echo $result;
		//echo "<BR>";
		//exit;
			break;

			//수정하기
			case "Update":
				$upload_file_name = '';
				if (is_uploaded_file($_FILES['nm_file']['tmp_name'])) {
					if($_FILES['nm_file']['size'] > 0 ){
						$upload_file_name = upload($_FILES['nm_file'],$upload_path."nm_file/", 800, array('gif',  'jpeg', 'jpg','png','bmp' ,'ttif'));
						if($upload_file_name==false){
							AlertBack("첨부파일 업로드 실패 하였습니다.");
							die();
						}
					}
				}

				$file_sql = '';
				if(!empty($upload_file_name)) {
					$file_sql = " , nm_file = '$upload_file_name'";
				}

				$add_pwd_sql = "";
				if(!empty($nm_pass)) {
					$add_pwd_sql = " , nm_pass = password('".$nm_pass."') ";
				}


				$sql = "UPDATE $table_name SET
							 nm_name 	= '$nm_name'
							, nm_hp 	= '$nm_hp'
							, nm_hp_01 	= '$nm_hp1'
							, nm_hp_02 	= '$nm_hp2'
							, nm_hp_03 	= '$nm_hp3'
							, nm_title 	= '$nm_title'
							, dt_update = now()
							, nm_update = '$cd_procid'
							$file_sql
							$add_pwd_sql
						WHERE cd_dealerid = '$cd_dealerid'
				";
				// exit;
				// echo $sql;
				// exit;
				$result  = mysql_query($sql,$connect);

				if(!$result) {
					throw new Exception("정보 수정에 실패 하였습니다.잠시후 다시 시도해 주세요.", "9990");
				}
				$RES['CODE'] = "0000";
	 			$RES['MSG'] = "관리자 수정이 완료되었습니다.";


			break;


			//삭제하기
			case "Delete" :
				$sql = "UPDATE $table_name SET
							 ds_delind 	= 'Y'
							, dt_update = now()
							, nm_update = '$cd_procid'
						WHERE cd_dealerid = '$cd_dealerid'
				";
				// echo $sql;
				// exit;
				$result  = mysql_query($sql,$connect);

				if (!$result) {
					throw new Exception("관리자 삭제에 실패 하였습니다.잠시후 다시 시도해 주세요.", "9990");

				}

				$RES['CODE'] = "0000";
 	 			$RES['MSG'] = "관리자 삭제가 완료되었습니다.";
			break;

			case "IdChk":

				$_whereis = "  cd_dealerid = '". $cd_dealerid . "'";

				$cnt = $dbCon->getOneDAO("count(*)",$table_name, $_whereis, 1);
				if($cnt==0) {
					echo("Y");
					exit;
				} else {
					echo("N");
					exit;
				}
			break;

			case "IdSearch":

				$_whereis = " ds_delind='N' And nm_name = '". $nm_name . "' AND nm_email = '". $nm_email . "'";

				$userid = $dbCon->getOneDAO("cd_dealerid",$table_name, $_whereis, 1);
				if($userid) {
					echo($userid);
					exit;
				} else {
					echo("");
					exit;
				}
			break;

			case "PwSearch":

				$_whereis = " ds_delind='N' And cd_dealerid = '".$cd_dealerid."' And nm_name = '". $nm_name . "' AND nm_email = '". $nm_email . "'";

				$userid = $dbCon->getOneDAO("cd_dealer",$table_name, $_whereis, 1);
				if($userid) {
					$new_passwd = generatePassword(8);

					$sqlPwd="UPDATE aap_master set nm_pass = password('".$new_passwd."')  where cd_dealer = '".$userid."'";
					$result  = $dbCon->query($sqlPwd);

					echo($new_passwd);
					exit;
				} else {
					echo("");
					exit;
				}
			break;

			default :
				AlertBack("지정되지않은 요청입니다");
			break;
		}
	}catch(Exception $e){
		$RES['CODE'] = $e->getCode();
		$RES['MSG'] = $e->getMessage();
	}
	@mysql_close($connect);

	echo json_encode($RES);
	exit;
?>