| <?php |
| session_start(); |
| if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) { |
| header('Location: ../../index.php'); |
| exit; |
| } |
|
|
| require_once '../../db.php'; |
| require_once 'agent_claim.php'; |
|
|
| header('Content-Type: application/json'); |
|
|
| $response = ['success' => false, 'message' => '']; |
|
|
| try { |
| $database = new Database(); |
| $db = $database->getConnection(); |
| $claim = new AgentClaim($db); |
|
|
| $action = $_POST['action'] ?? ''; |
|
|
| switch ($action) { |
| case 'submit_claim': |
| |
| $required_fields = ['claim_type', 'amount', 'description']; |
| foreach ($required_fields as $field) { |
| if (empty($_POST[$field])) { |
| throw new Exception("Missing required field: $field"); |
| } |
| } |
|
|
| $claim->user_id = $_SESSION['user_id']; |
| $claim->username = $_SESSION['username']; |
| $claim->email = $_SESSION['email']; |
| $claim->claim_type = $_POST['claim_type']; |
| $claim->amount = floatval($_POST['amount']); |
| $claim->description = $_POST['description']; |
| $claim->evidence_file = $_POST['evidence_file'] ?? null; |
|
|
| |
| if ($claim->amount <= 0) { |
| throw new Exception("Invalid claim amount"); |
| } |
|
|
| |
| if ($claim->hasPendingClaims($claim->user_id)) { |
| throw new Exception("You already have a pending claim. Please wait for it to be processed."); |
| } |
|
|
| $claim_id = $claim->create(); |
| if ($claim_id) { |
| $response['success'] = true; |
| $response['message'] = 'Claim submitted successfully! It will be reviewed within 3-5 business days.'; |
| $response['claim_id'] = $claim_id; |
| } else { |
| throw new Exception("Failed to submit claim"); |
| } |
| break; |
|
|
| case 'approve_claim': |
| |
| if ($_SESSION['role'] !== 'admin') { |
| throw new Exception("Insufficient permissions"); |
| } |
|
|
| $claim_id = $_POST['claim_id'] ?? 0; |
| if (!$claim_id) { |
| throw new Exception("Invalid claim ID"); |
| } |
|
|
| if ($claim->updateStatus($claim_id, 'approved', $_SESSION['user_id'])) { |
| $response['success'] = true; |
| $response['message'] = 'Claim approved successfully'; |
| } else { |
| throw new Exception("Failed to approve claim"); |
| } |
| break; |
|
|
| case 'reject_claim': |
| |
| if ($_SESSION['role'] !== 'admin') { |
| throw new Exception("Insufficient permissions"); |
| } |
|
|
| $claim_id = $_POST['claim_id'] ?? 0; |
| $rejection_reason = $_POST['rejection_reason'] ?? ''; |
|
|
| if (!$claim_id) { |
| throw new Exception("Invalid claim ID"); |
| } |
|
|
| if (empty($rejection_reason)) { |
| throw new Exception("Rejection reason is required"); |
| } |
|
|
| if ($claim->updateStatus($claim_id, 'rejected', null, $rejection_reason)) { |
| $response['success'] = true; |
| $response['message'] = 'Claim rejected successfully'; |
| } else { |
| throw new Exception("Failed to reject claim"); |
| } |
| break; |
|
|
| default: |
| throw new Exception("Invalid action"); |
| } |
|
|
| } catch (Exception $e) { |
| $response['message'] = $e->getMessage(); |
| error_log("Process Claim Error: " . $e->getMessage()); |
| } |
|
|
| echo json_encode($response); |
| ?> |
