|
|
<?php |
|
|
session_start(); |
|
|
if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) { |
|
|
header('Location: ../../index.php'); |
|
|
exit; |
|
|
} |
|
|
|
|
|
require_once '../../db.php'; |
|
|
require_once 'agent_claim.php'; |
|
|
|
|
|
header('Content-Type: application/json'); |
|
|
|
|
|
$response = ['success' => false, 'message' => '']; |
|
|
|
|
|
try { |
|
|
$database = new Database(); |
|
|
$db = $database->getConnection(); |
|
|
$claim = new AgentClaim($db); |
|
|
|
|
|
$action = $_POST['action'] ?? ''; |
|
|
|
|
|
switch ($action) { |
|
|
case 'submit_claim': |
|
|
|
|
|
$required_fields = ['claim_type', 'amount', 'description']; |
|
|
foreach ($required_fields as $field) { |
|
|
if (empty($_POST[$field])) { |
|
|
throw new Exception("Missing required field: $field"); |
|
|
} |
|
|
} |
|
|
|
|
|
$claim->user_id = $_SESSION['user_id']; |
|
|
$claim->username = $_SESSION['username']; |
|
|
$claim->email = $_SESSION['email']; |
|
|
$claim->claim_type = $_POST['claim_type']; |
|
|
$claim->amount = floatval($_POST['amount']); |
|
|
$claim->description = $_POST['description']; |
|
|
$claim->evidence_file = $_POST['evidence_file'] ?? null; |
|
|
|
|
|
|
|
|
if ($claim->amount <= 0) { |
|
|
throw new Exception("Invalid claim amount"); |
|
|
} |
|
|
|
|
|
|
|
|
if ($claim->hasPendingClaims($claim->user_id)) { |
|
|
throw new Exception("You already have a pending claim. Please wait for it to be processed."); |
|
|
} |
|
|
|
|
|
$claim_id = $claim->create(); |
|
|
if ($claim_id) { |
|
|
$response['success'] = true; |
|
|
$response['message'] = 'Claim submitted successfully! It will be reviewed within 3-5 business days.'; |
|
|
$response['claim_id'] = $claim_id; |
|
|
} else { |
|
|
throw new Exception("Failed to submit claim"); |
|
|
} |
|
|
break; |
|
|
|
|
|
case 'approve_claim': |
|
|
|
|
|
if ($_SESSION['role'] !== 'admin') { |
|
|
throw new Exception("Insufficient permissions"); |
|
|
} |
|
|
|
|
|
$claim_id = $_POST['claim_id'] ?? 0; |
|
|
if (!$claim_id) { |
|
|
throw new Exception("Invalid claim ID"); |
|
|
} |
|
|
|
|
|
if ($claim->updateStatus($claim_id, 'approved', $_SESSION['user_id'])) { |
|
|
$response['success'] = true; |
|
|
$response['message'] = 'Claim approved successfully'; |
|
|
} else { |
|
|
throw new Exception("Failed to approve claim"); |
|
|
} |
|
|
break; |
|
|
|
|
|
case 'reject_claim': |
|
|
|
|
|
if ($_SESSION['role'] !== 'admin') { |
|
|
throw new Exception("Insufficient permissions"); |
|
|
} |
|
|
|
|
|
$claim_id = $_POST['claim_id'] ?? 0; |
|
|
$rejection_reason = $_POST['rejection_reason'] ?? ''; |
|
|
|
|
|
if (!$claim_id) { |
|
|
throw new Exception("Invalid claim ID"); |
|
|
} |
|
|
|
|
|
if (empty($rejection_reason)) { |
|
|
throw new Exception("Rejection reason is required"); |
|
|
} |
|
|
|
|
|
if ($claim->updateStatus($claim_id, 'rejected', null, $rejection_reason)) { |
|
|
$response['success'] = true; |
|
|
$response['message'] = 'Claim rejected successfully'; |
|
|
} else { |
|
|
throw new Exception("Failed to reject claim"); |
|
|
} |
|
|
break; |
|
|
|
|
|
default: |
|
|
throw new Exception("Invalid action"); |
|
|
} |
|
|
|
|
|
} catch (Exception $e) { |
|
|
$response['message'] = $e->getMessage(); |
|
|
error_log("Process Claim Error: " . $e->getMessage()); |
|
|
} |
|
|
|
|
|
echo json_encode($response); |
|
|
?> |
