filled('search')) { $search = $request->search; $query->where(function ($q) use ($search) { $q->where('name', 'like', "%{$search}%") ->orWhere('code', 'like', "%{$search}%") ->orWhere('brand', 'like', "%{$search}%"); }); } if ($request->filled('category_id') && $request->category_id !== 'all') { $query->where('category_id', $request->category_id); } $perPage = $request->input('per_page', 10); if (!in_array($perPage, [10, 20, 50, 100])) { $perPage = 10; } $sortField = $request->input('sort_field', 'id'); $sortDirection = $request->input('sort_direction', 'desc'); // Define allowed sort fields to prevent SQL injection $allowedSorts = ['id', 'code', 'name', 'category_id', 'base_unit', 'conversion_rate']; if (!in_array($sortField, $allowedSorts)) { $sortField = 'id'; } if (!in_array(strtolower($sortDirection), ['asc', 'desc'])) { $sortDirection = 'desc'; } // Handle relation sorting (category name) separately if needed, or simple join if ($sortField === 'category_id') { // Join categories for sorting by name? Or just by ID? // Simple approach: sort by ID for now, or join if user wants name sort. // Let's assume standard field sorting first. $query->orderBy('category_id', $sortDirection); } else { $query->orderBy($sortField, $sortDirection); } $products = $query->paginate($perPage)->withQueryString(); $categories = \App\Models\Category::where('is_active', true)->get(); return Inertia::render('Product/Index', [ 'products' => $products, 'categories' => $categories, 'filters' => $request->only(['search', 'category_id', 'per_page', 'sort_field', 'sort_direction']), ]); } /** * Store a newly created resource in storage. */ public function store(Request $request) { $validated = $request->validate([ 'name' => 'required|string|max:255', 'category_id' => 'required|exists:categories,id', 'brand' => 'nullable|string|max:255', 'specification' => 'nullable|string', 'base_unit' => 'required|string|max:50', 'large_unit' => 'nullable|string|max:50', 'conversion_rate' => 'required_with:large_unit|nullable|numeric|min:0.0001', 'purchase_unit' => 'nullable|string|max:50', ], [ 'name.required' => '商品名稱為必填', 'category_id.required' => '請選擇分類', 'category_id.exists' => '所選分類不存在', 'base_unit.required' => '基本庫存單位為必填', 'conversion_rate.required_with' => '填寫大單位時，換算率為必填', 'conversion_rate.numeric' => '換算率必須為數字', 'conversion_rate.min' => '換算率最小為 0.0001', ]); // Auto-generate code $prefix = 'P'; $lastProduct = Product::withTrashed()->latest('id')->first(); $nextId = $lastProduct ? $lastProduct->id + 1 : 1; $code = $prefix . str_pad($nextId, 5, '0', STR_PAD_LEFT); $validated['code'] = $code; $product = Product::create($validated); return redirect()->back()->with('success', '商品已建立'); } /** * Update the specified resource in storage. */ public function update(Request $request, Product $product) { $validated = $request->validate([ 'name' => 'required|string|max:255', 'category_id' => 'required|exists:categories,id', 'brand' => 'nullable|string|max:255', 'specification' => 'nullable|string', 'base_unit' => 'required|string|max:50', 'large_unit' => 'nullable|string|max:50', 'conversion_rate' => 'required_with:large_unit|nullable|numeric|min:0.0001', ]); $product->update($validated); return redirect()->back()->with('success', '商品已更新'); } /** * Remove the specified resource from storage. */ public function destroy(Product $product) { $product->delete(); return redirect()->back()->with('success', '商品已刪除'); } }