File size: 3,761 Bytes
0dff816 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 |
<?php
session_start();
if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) {
header('Location: ../../index.php');
exit;
}
require_once '../../db.php';
require_once 'agent_claim.php';
header('Content-Type: application/json');
$response = ['success' => false, 'message' => ''];
try {
$database = new Database();
$db = $database->getConnection();
$claim = new AgentClaim($db);
$action = $_POST['action'] ?? '';
switch ($action) {
case 'submit_claim':
// Validate and submit new claim
$required_fields = ['claim_type', 'amount', 'description'];
foreach ($required_fields as $field) {
if (empty($_POST[$field])) {
throw new Exception("Missing required field: $field");
}
}
$claim->user_id = $_SESSION['user_id'];
$claim->username = $_SESSION['username'];
$claim->email = $_SESSION['email'];
$claim->claim_type = $_POST['claim_type'];
$claim->amount = floatval($_POST['amount']);
$claim->description = $_POST['description'];
$claim->evidence_file = $_POST['evidence_file'] ?? null;
// Validate amount
if ($claim->amount <= 0) {
throw new Exception("Invalid claim amount");
}
// Check for duplicate pending claims
if ($claim->hasPendingClaims($claim->user_id)) {
throw new Exception("You already have a pending claim. Please wait for it to be processed.");
}
$claim_id = $claim->create();
if ($claim_id) {
$response['success'] = true;
$response['message'] = 'Claim submitted successfully! It will be reviewed within 3-5 business days.';
$response['claim_id'] = $claim_id;
} else {
throw new Exception("Failed to submit claim");
}
break;
case 'approve_claim':
// Admin approval
if ($_SESSION['role'] !== 'admin') {
throw new Exception("Insufficient permissions");
}
$claim_id = $_POST['claim_id'] ?? 0;
if (!$claim_id) {
throw new Exception("Invalid claim ID");
}
if ($claim->updateStatus($claim_id, 'approved', $_SESSION['user_id'])) {
$response['success'] = true;
$response['message'] = 'Claim approved successfully';
} else {
throw new Exception("Failed to approve claim");
}
break;
case 'reject_claim':
// Admin rejection
if ($_SESSION['role'] !== 'admin') {
throw new Exception("Insufficient permissions");
}
$claim_id = $_POST['claim_id'] ?? 0;
$rejection_reason = $_POST['rejection_reason'] ?? '';
if (!$claim_id) {
throw new Exception("Invalid claim ID");
}
if (empty($rejection_reason)) {
throw new Exception("Rejection reason is required");
}
if ($claim->updateStatus($claim_id, 'rejected', null, $rejection_reason)) {
$response['success'] = true;
$response['message'] = 'Claim rejected successfully';
} else {
throw new Exception("Failed to reject claim");
}
break;
default:
throw new Exception("Invalid action");
}
} catch (Exception $e) {
$response['message'] = $e->getMessage();
error_log("Process Claim Error: " . $e->getMessage());
}
echo json_encode($response);
?> |