From 8b575d2926358b5a01bf5555490ce6528df5e902 Mon Sep 17 00:00:00 2001 From: Patrick Alvin Alcala Date: Tue, 14 Oct 2025 10:14:22 +0800 Subject: [PATCH] Updated backend --- backend/main.go | 96 ++++++++++++++++++++++++------------------------- 1 file changed, 46 insertions(+), 50 deletions(-) diff --git a/backend/main.go b/backend/main.go index 51b2349..751706c 100644 --- a/backend/main.go +++ b/backend/main.go @@ -41,7 +41,8 @@ func connect() { //DEV router.Use(cors.New(cors.Config{ - AllowOrigins: []string{"http://localhost:5173"}, + AllowOrigins: []string{"http://localhost:5173"}, + // AllowAllOrigins: true, AllowMethods: []string{"GET", "POST"}, AllowHeaders: []string{"Origin", "OCBO-ShieldConnection"}, ExposeHeaders: []string{"Content-Length"}, @@ -662,31 +663,15 @@ func connect() { // array7 := []string{} // array8 := []string{} - err := db.QueryRow(`SELECT DISTINCT IFNULL(el.electricalNo, '') AS result, IFNULL(op.opDate, '') AS result2, IFNULL(el.locationofinstallation, '') AS result3, IFNULL(occ.occupancy, '') AS result4, IFNULL(u.occupancyoruse, '') AS result5, IFNULL(el.noofUnits, '') AS result6, IFNULL(e.employeename, '') AS result7, IF(cu.firstName IS NULL OR cu.firstName = '', cu.lastName, CONCAT(cu.firstName, ' ', IF(cu.middleInitial IS NULL OR cu.middleInitial = '', '', CONCAT(cu.middleInitial, '. ')), cu.lastName) ) AS result8 - FROM electrical el, electrical_orderofpayment_new op, ref_occupancy occ, ref_elec_occupancy u, customer cu, employee e - WHERE el.customerid = cu.customerid AND el.ref_elec_occupancyid = u.ref_elec_occupancyid AND u.ref_occupancyid = occ.ref_occupancyid AND op.assessedbyid = e.employeeid - AND el.electricalid = op.electricalid AND op.is_approve = 0 AND op.for_approval = 1 AND op.is_release = 0 AND is_paid = 0 AND popstransmitted = 0 AND el.electricalid = ?`, data).Scan(&result, &result2, &result3, &result4, &result5, &result6, &result7, &result8) + err := db.QueryRow(`SELECT DISTINCT IFNULL(el.electricalNo, '') AS result, IFNULL(op.opDate, '') AS result2, IFNULL(el.locationofinstallation, '') AS result3, IFNULL(occ.occupancy, '') AS result4, IFNULL(u.occupancyoruse, '') AS result5, IFNULL(el.noofUnits, '') AS result6, IFNULL(e.employeename, '') AS result7, IF(cu.firstName IS NULL OR cu.firstName = '', cu.lastName, CONCAT(cu.firstName, ' ', IF(cu.middleInitial IS NULL OR cu.middleInitial = '', '', CONCAT(cu.middleInitial, '. ')), cu.lastName) ) AS result8 + FROM electrical el, electrical_orderofpayment_new op, ref_occupancy occ, ref_elec_occupancy u, customer cu, employee e + WHERE el.customerid = cu.customerid AND el.ref_elec_occupancyid = u.ref_elec_occupancyid AND u.ref_occupancyid = occ.ref_occupancyid AND op.assessedbyid = e.employeeid + AND el.electricalid = op.electricalid AND op.is_approve = 1 AND op.for_approval = 1 AND op.is_release = 0 AND is_paid = 0 AND popstransmitted = 0 AND el.electricalid = ?`, data).Scan(&result, &result2, &result3, &result4, &result5, &result6, &result7, &result8) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } - // for results.Next() { - // err = results.Scan(&result, &result2, &result3, &result4, &result5, &result6, &result7, &result8) - // if err != nil { - // c.AbortWithError(http.StatusBadRequest, err) - // c.String(http.StatusBadRequest, err.Error()) - // return - // } - // array = append(array, result) - // array2 = append(array2, result2) - // array3 = append(array3, result3) - // array4 = append(array4, result4) - // array5 = append(array5, result5) - // array6 = append(array6, result6) - // array7 = append(array7, result7) - // array8 = append(array8, result8) - // } c.JSON(http.StatusOK, gin.H{ "result": result, "result2": result2, @@ -705,7 +690,7 @@ func connect() { array3 := []string{} results, err := db.Query(`SELECT IFNULL(ref.accountdescription, '') AS result, IFNULL(ref.accountcode, '') AS result2, IFNULL(op.amount, '') AS result3 FROM electrical_orderofpayment_new op, ref_bldgcomputationsheet ref, electrical el - WHERE op.is_approve = 0 AND op.for_approval = 1 AND op.is_release = 0 AND op.is_paid = 0 AND op.popstransmitted = 0 AND op.is_delete <> 1 AND op.ref_bldgcomputationsheetid = ref.ref_bldgcomputationsheetid + WHERE op.is_approve = 1 AND op.for_approval = 1 AND op.is_release = 0 AND op.is_paid = 0 AND op.popstransmitted = 0 AND op.is_delete <> 1 AND op.ref_bldgcomputationsheetid = ref.ref_bldgcomputationsheetid AND el.electricalid = op.electricalid AND op.electricalid = ?`, data) if err != nil { c.AbortWithError(http.StatusBadRequest, err) @@ -729,6 +714,44 @@ func connect() { "result3": array3, }) + case "get-signatureimage": + err := db.QueryRow("SELECT IFNULL(image, '') AS result FROM esign WHERE employeeid = ?", data).Scan(&result) + if err != nil { + c.AbortWithError(http.StatusBadRequest, err) + c.String(http.StatusBadRequest, err.Error()) + return + } + c.JSON(http.StatusOK, gin.H{ + "result": result, + }) + + } + }) + + router.GET("/api/:method/:data/:data2", func(c *gin.Context) { + var result string + method := c.Param("method") + data := c.Param("data") + data2 := c.Param("data2") + + c.Writer.Header().Set("X-XSS-Protection", "1; mode=block") + c.Writer.Header().Set("X-Content-Type-Options", "nosniff") + c.Writer.Header().Set("X-DNS-Prefetch-Control", "off") + c.Writer.Header().Set("X-Frame-Options", "DENY") + c.Writer.Header().Set("X-Download-Options", "noopen") + c.Writer.Header().Set("Referrer-Policy", "no-referrer") + + switch method { + case "check-access": + err = db.QueryRow("SELECT COUNT(accessid) AS result FROM access a JOIN ref_access ra ON a.ref_accessid = ra.ref_accessid AND ra.access = ? and employeeid = ?", data, data2).Scan(&result) + if err != nil { + c.AbortWithError(http.StatusBadRequest, err) + c.String(http.StatusBadRequest, err.Error()) + return + } + c.JSON(http.StatusOK, gin.H{ + "result": result, + }) } }) @@ -776,33 +799,6 @@ func connect() { }) - router.GET("/api/:method/:data/:data2", func(c *gin.Context) { - var result string - method := c.Param("method") - data := c.Param("data") - data2 := c.Param("data2") - - c.Writer.Header().Set("X-XSS-Protection", "1; mode=block") - c.Writer.Header().Set("X-Content-Type-Options", "nosniff") - c.Writer.Header().Set("X-DNS-Prefetch-Control", "off") - c.Writer.Header().Set("X-Frame-Options", "DENY") - c.Writer.Header().Set("X-Download-Options", "noopen") - c.Writer.Header().Set("Referrer-Policy", "no-referrer") - - switch method { - case "check-access": - err = db.QueryRow("SELECT COUNT(accessid) AS result FROM access a JOIN ref_access ra ON a.ref_accessid = ra.ref_accessid AND ra.access = ? and employeeid = ?", data, data2).Scan(&result) - if err != nil { - c.AbortWithError(http.StatusBadRequest, err) - c.String(http.StatusBadRequest, err.Error()) - return - } - c.JSON(http.StatusOK, gin.H{ - "result": result, - }) - } - }) - router.POST("/api/post-newstatus-electrical", func(c *gin.Context) { type RegistrationData struct { Data int `json:"data"` @@ -907,7 +903,7 @@ func connect() { c.Writer.Header().Set("X-Download-Options", "noopen") c.Writer.Header().Set("Referrer-Policy", "no-referrer") - dbpost, err := db.Prepare("UPDATE electrical_orderofpayment_new SET popstransmitted = 1 WHERE electricalid = ? AND for_approval = 1 AND is_release = 0 AND is_paid = 0 AND is_approve = 1") + dbpost, err := db.Prepare("UPDATE electrical_orderofpayment_new SET popstransmitted = 1, is_release = 1 WHERE electricalid = ? AND for_approval = 1 AND is_paid = 0 AND is_approve = 1") if err != nil { panic(err.Error()) }