101 lines
3.3 KiB
PHP
101 lines
3.3 KiB
PHP
<?php
|
|
/**
|
|
* Upload Image to Batch
|
|
* POST /v1/batches/upload-image
|
|
*
|
|
* Uploads a single image to an existing batch.
|
|
* Supports multipart/form-data with 'image' file and 'batch_id'.
|
|
*/
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Core\Database;
|
|
use App\Middleware\AuthMiddleware;
|
|
|
|
$decoded = AuthMiddleware::check();
|
|
$tenantId = $decoded['tenant_id'];
|
|
$userId = $decoded['user_id'];
|
|
|
|
// 1. Validate request
|
|
$batchId = $_POST['batch_id'] ?? null;
|
|
$imageOrder = (int)($_POST['image_order'] ?? 0);
|
|
|
|
if (!$batchId || !isset($_FILES['image']) || $_FILES['image']['error'] !== UPLOAD_ERR_OK) {
|
|
$uploadError = $_FILES['image']['error'] ?? 'No file';
|
|
json_error("معرّف الدفعة وصورة الفاتورة مطلوبان (كود: {$uploadError})", 422);
|
|
}
|
|
|
|
// 2. Verify batch belongs to this user and tenant
|
|
$db = Database::getInstance();
|
|
$stmt = $db->prepare("
|
|
SELECT id, tenant_id, company_id, status, total_images
|
|
FROM invoice_batches
|
|
WHERE id = ? AND uploaded_by = ?
|
|
");
|
|
$stmt->execute([$batchId, $userId]);
|
|
$batch = $stmt->fetch();
|
|
|
|
if (!$batch || ($decoded['role'] !== 'super_admin' && $batch['tenant_id'] !== $tenantId)) {
|
|
json_error('الدفعة غير موجودة أو ليس لديك صلاحية', 404);
|
|
}
|
|
|
|
// Override tenantId with the actual batch's tenantId
|
|
$tenantId = $batch['tenant_id'];
|
|
|
|
if ($batch['status'] !== 'uploading') {
|
|
json_error('لا يمكن إضافة صور لدفعة تمت معالجتها', 400);
|
|
}
|
|
|
|
// 3. Validate file type
|
|
$allowedTypes = ['image/jpeg', 'image/png', 'image/webp', 'image/heic', 'image/heif'];
|
|
$mimeType = $_FILES['image']['type'];
|
|
if (!in_array($mimeType, $allowedTypes)) {
|
|
json_error('نوع الملف غير مدعوم. المسموح: JPEG, PNG, WebP, HEIC', 422);
|
|
}
|
|
|
|
// 4. Validate file size (max 10MB)
|
|
$maxSize = 10 * 1024 * 1024;
|
|
if ($_FILES['image']['size'] > $maxSize) {
|
|
json_error('حجم الصورة أكبر من 10 ميغابايت', 422);
|
|
}
|
|
|
|
// 5. Save file
|
|
$companyId = $batch['company_id'];
|
|
$uploadDir = STORAGE_PATH . '/invoices/' . $tenantId . '/' . $companyId . '/batches/' . $batchId;
|
|
if (!is_dir($uploadDir)) {
|
|
mkdir($uploadDir, 0755, true);
|
|
}
|
|
|
|
$extension = pathinfo($_FILES['image']['name'], PATHINFO_EXTENSION) ?: 'jpg';
|
|
$fileName = sprintf('img_%03d_%s.%s', $imageOrder, bin2hex(random_bytes(4)), $extension);
|
|
$targetPath = $uploadDir . '/' . $fileName;
|
|
|
|
if (!move_uploaded_file($_FILES['image']['tmp_name'], $targetPath)) {
|
|
json_error('فشل في حفظ الصورة', 500);
|
|
}
|
|
|
|
// 6. Add to processing queue
|
|
$stmt = $db->prepare("
|
|
INSERT INTO invoice_processing_queue (batch_id, tenant_id, company_id, image_path, image_order, status)
|
|
VALUES (?, ?, ?, ?, ?, 'pending')
|
|
");
|
|
$stmt->execute([$batchId, $tenantId, $companyId, $targetPath, $imageOrder]);
|
|
|
|
// 7. Update batch image count
|
|
$stmt = $db->prepare("
|
|
UPDATE invoice_batches
|
|
SET total_images = total_images + 1, updated_at = NOW()
|
|
WHERE id = ?
|
|
");
|
|
$stmt->execute([$batchId]);
|
|
|
|
// Count uploaded so far
|
|
$stmt = $db->prepare("SELECT COUNT(*) FROM invoice_processing_queue WHERE batch_id = ?");
|
|
$stmt->execute([$batchId]);
|
|
$uploadedCount = (int)$stmt->fetchColumn();
|
|
|
|
json_success([
|
|
'uploaded' => $uploadedCount,
|
|
'file_name' => $fileName,
|
|
], "تم رفع الصورة بنجاح ({$uploadedCount} صور في الدفعة)");
|