<?php
// modules/avans-giris.php
session_start();
require_once '../config/db.php';
require_once '../config/functions.php';
// Yetkiler: Root, Yönetici, Muhasebe, İK
yetkiKontrol(['root', 'yonetici', 'muhasebe', 'insan_kaynaklari']);
include '../includes/header.php';
include '../includes/menu.php';
$mesaj = '';
$kullanici_id = $_SESSION['kullanici_id'];
$rol = $_SESSION['rol'];
// --- DÖNEM FİLTRESİ ---
$varsayilan_tarih = new DateTime();
$yil = guvenlik($_GET['yil'] ?? $varsayilan_tarih->format('Y'));
$ay = guvenlik($_GET['ay'] ?? $varsayilan_tarih->format('m'));
$ay_baslangici = date('Y-m-01', strtotime("$yil-$ay-01"));
$ay_sonu = date('Y-m-t', strtotime("$yil-$ay-01"));
// ----------------------
// Tüm çalışanlar (root hariç)
$tum_calisanlar = $pdo->query("SELECT id, ad, soyad, rol, aylik_net_maas FROM kullanicilar WHERE durum=1 AND rol != 'root' ORDER BY ad ASC")->fetchAll();
// --- SİLME İŞLEMİ (YENİ) ---
if (isset($_GET['sil_id'])) {
$sil_id = (int)$_GET['sil_id'];
// Sadece onaylı avansları silmeye izin veriyoruz, direkt silme (iptal) işlemi yapılır.
$sql_sil = "SELECT * FROM avans_hareketleri WHERE id = ?";
$kontrol_stmt = $pdo->prepare($sql_sil);
$kontrol_stmt->execute([$sil_id]);
$kayit = $kontrol_stmt->fetch();
if ($kayit) {
// Avansı sil
$pdo->prepare("DELETE FROM avans_hareketleri WHERE id = ?")->execute([$sil_id]);
// Log Kaydı
logKaydet($pdo, $kullanici_id, 'silme', "Avans kaydı silindi/iptal edildi: {$kayit['avans_miktari']} TL (Personel ID: {$kayit['calisan_id']})", 'avans_hareketleri', $sil_id);
$mesaj = '<div class="alert alert-warning shadow-sm border-start border-warning border-5"><i class="fas fa-trash-alt me-2"></i> Avans kaydı başarıyla silindi (iptal edildi).</div>';
} else {
$mesaj = '<div class="alert alert-danger shadow-sm border-0"><i class="fas fa-times-circle me-2"></i> Hata: Kayıt bulunamadı.</div>';
}
}
// KAYIT EKLEME
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
csrfKontrol($_POST['csrf_token']);
$calisan_id = (int)$_POST['calisan_id'];
$tarih = $_POST['tarih'];
$miktar = (float)$_POST['avans_miktari'];
$aciklama = !empty($_POST['aciklama']) ? guvenlik($_POST['aciklama']) : 'Avans ödemesi';
// Personelin Maaşını Kontrol Et
$stmt_maas = $pdo->prepare("SELECT aylik_net_maas FROM kullanicilar WHERE id = ?");
$stmt_maas->execute([$calisan_id]);
$personel_maas = $stmt_maas->fetchColumn();
if ($miktar <= 0) {
$mesaj = '<div class="alert alert-danger shadow-sm border-0">Hata: Avans miktarı sıfırdan büyük olmalıdır.</div>';
} elseif ($miktar > $personel_maas) {
$mesaj = '<div class="alert alert-warning shadow-sm border-0">Uyarı: Girilen avans miktarı personelin net maaşından yüksektir. Yine de kaydedildi.</div>';
} else {
// Kayıt
$sql = "INSERT INTO avans_hareketleri (calisan_id, islem_tarihi, avans_miktari, aciklama, durum)
VALUES (?, ?, ?, ?, 'onaylandi')"; // Yüksek yetki girdiği için direkt onaylı
try {
$pdo->prepare($sql)->execute([$calisan_id, $tarih, $miktar, $aciklama]);
// Log Kaydı
logKaydet($pdo, $kullanici_id, 'ekleme', "Avans girişi: {$miktar} TL (Personel ID: {$calisan_id})", 'avans_hareketleri', $pdo->lastInsertId());
$mesaj = '<div class="alert alert-success shadow-sm border-start border-success border-5"><h5 class="alert-heading h6 fw-bold"><i class="fas fa-check-circle me-2"></i>Başarılı!</h5> Avans kaydı başarıyla eklendi.</div>';
} catch (PDOException $e) {
$mesaj = '<div class="alert alert-danger shadow-sm border-0">Hata: ' . $e->getMessage() . '</div>';
}
}
}
// --- GEÇMİŞ AVANSLAR (Seçilen Ayın) ---
$gecmis_avanslar = $pdo->query("
SELECT ah.*, k.ad, k.soyad
FROM avans_hareketleri ah
JOIN kullanicilar k ON ah.calisan_id = k.id
WHERE ah.islem_tarihi BETWEEN '$ay_baslangici' AND '$ay_sonu'
ORDER BY ah.islem_tarihi DESC
")->fetchAll();
$ay_isimleri_tr = ['01'=>'Ocak','02'=>'Şubat','03'=>'Mart','04'=>'Nisan','05'=>'Mayıs','06'=>'Haziran','07'=>'Temmuz','08'=>'Ağustos','09'=>'Eylül','10'=>'Ekim','11'=>'Kasım','12'=>'Aralık'];
?>
<div class="container-fluid px-3">
<h3 class="mb-4"><i class="fas fa-money-bill-transfer text-primary"></i> Avans Yönetim Modülü</h3>
<div class="row g-4">
<div class="col-12 col-md-6 col-lg-5">
<div class="card border-0 shadow-sm h-100">
<div class="card-header bg-primary text-white py-3">
<h5 class="mb-0 fw-bold"><i class="fas fa-hand-holding-dollar me-2"></i> Avans Ödemesi Girişi</h5>
</div>
<div class="card-body p-4">
<?php echo $mesaj; ?>
<form method="POST">
<input type="hidden" name="csrf_token" value="<?php echo csrfTokenOlustur(); ?>">
<div class="mb-3">
<label class="form-label fw-bold text-dark small">PERSONEL SEÇİNİZ <span class="text-danger">*</span></label>
<select name="calisan_id" class="form-select form-select-lg bg-light border-warning fw-bold" required>
<option value="">Seçiniz...</option>
<?php foreach($tum_calisanlar as $c): ?>
<option value="<?php echo $c['id']; ?>">
<?php echo $c['ad'].' '.$c['soyad'].' ('.number_format($c['aylik_net_maas'], 2).' TL)'; ?>
</option>
<?php endforeach; ?>
</select>
</div>
<div class="mb-3">
<label class="form-label fw-bold text-muted small">İŞLEM TARİHİ <span class="text-danger">*</span></label>
<input type="date" name="tarih" class="form-control form-control-lg bg-light border-0 fw-bold" required value="<?php echo date('Y-m-d'); ?>">
</div>
<div class="mb-4">
<label class="form-label fw-bold text-muted small">AVANS MİKTARI (TL) <span class="text-danger">*</span></label>
<div class="input-group input-group-lg">
<span class="input-group-text bg-light border-0"><i class="fas fa-lira-sign"></i></span>
<input type="number" name="avans_miktari" class="form-control bg-light border-0 fw-bold" step="0.01" min="0.01" required>
</div>
</div>
<div class="mb-4">
<label class="form-label fw-bold text-muted small">AÇIKLAMA (İsteğe Bağlı)</label>
<textarea name="aciklama" class="form-control bg-light border-0" rows="2" placeholder="Ödeme nedeni..."></textarea>
</div>
<div class="d-grid">
<button type="submit" class="btn btn-primary btn-lg fw-bold shadow-sm py-3">
<i class="fas fa-save me-2"></i> AVANSI KAYDET
</button>
</div>
</form>
</div>
</div>
</div>
<div class="col-12 col-md-6 col-lg-7">
<div class="card border-0 shadow-sm h-100">
<div class="card-header bg-white py-3 border-bottom">
<div class="d-flex justify-content-between align-items-center">
<h5 class="mb-0 fw-bold text-dark">
<i class="fas fa-history me-2"></i> <?php echo $ay_isimleri_tr[$ay] . ' ' . $yil; ?> Ayı Avans Hareketleri
</h5>
<div class="btn-group">
<button type="button" onclick="submitReport('excel')" class="btn btn-sm btn-success" title="Excel İndir"><i class="fas fa-file-excel"></i> XLS</button>
<button type="button" onclick="submitReport('pdf')" class="btn btn-sm btn-danger" title="PDF İndir"><i class="fas fa-file-pdf"></i> PDF</button>
</div>
</div>
</div>
<div class="card-body p-3 border-bottom">
<form method="GET" class="row g-2 align-items-end" id="filterForm">
<div class="col-6 col-md-4">
<label class="small">Yıl</label>
<select name="yil" class="form-select form-select-sm">
<?php for($y=2024; $y<=date('Y'); $y++): ?>
<option value='<?php echo $y; ?>' <?php echo ($y == $yil) ? 'selected' : ''; ?>><?php echo $y; ?></option>
<?php endfor; ?>
</select>
</div>
<div class="col-6 col-md-4">
<label class="small">Ay</label>
<select name="ay" class="form-select form-select-sm">
<?php foreach($ay_isimleri_tr as $k=>$v): ?>
<option value='<?php echo $k; ?>' <?php echo ($k == $ay) ? 'selected' : ''; ?>><?php echo $v; ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="col-12 col-md-4">
<button type="submit" class="btn btn-primary btn-sm w-100"><i class="fas fa-filter"></i> Filtrele</button>
</div>
<input type="hidden" name="reportFormat" id="reportFormat" value="">
</form>
</div>
<div class="table-responsive">
<table class="table table-hover align-middle mb-0">
<thead class="table-light small text-muted text-uppercase">
<tr>
<th class="ps-4">Personel</th>
<th>Tarih</th>
<th>Miktar (TL)</th>
<th>İşlem</th>
</tr>
</thead>
<tbody class="border-top-0">
<?php foreach($gecmis_avanslar as $a): ?>
<tr>
<td class="ps-4 fw-bold text-dark">
<?php echo $a['ad'].' '.$a['soyad']; ?>
</td>
<td class="text-muted small">
<?php echo tarihTurkce($a['islem_tarihi']); ?>
</td>
<td>
<span class="badge bg-danger text-white border">-<?php echo number_format($a['avans_miktari'], 2); ?> ₺</span>
</td>
<td>
<a href="?sil_id=<?php echo $a['id']; ?>&yil=<?php echo $yil; ?>&ay=<?php echo $ay; ?>"
class="btn btn-sm btn-danger"
onclick="return confirm('Bu avansı iptal etmek istediğinizden emin misiniz? Bu işlem geri alınamaz ve bordro hesaplamasını etkiler.');"
title="Avansı İptal Et">
<i class="fas fa-trash-alt"></i> İptal
</a>
</td>
</tr>
<?php endforeach; ?>
<?php if(empty($gecmis_avanslar)): ?>
<tr><td colspan="4" class="text-center py-5 text-muted">Seçilen ayda ödenmiş avans bulunmuyor.</td></tr>
<?php endif; ?>
</tbody>
</table>
</div>
</div>
</div>
</div>
</div>
<script>
function submitReport(type) {
const yil = document.querySelector('select[name="yil"]').value;
const ay = document.querySelector('select[name="ay"]').value;
// Raporlama aksiyonunu avans-rapor.php dosyasına yönlendir
let url = 'avans-rapor.php?yil=' + yil + '&ay=' + ay + '&format=' + type;
window.open(url, '_blank');
}
</script>
<?php include '../includes/footer.php'; ?>