php实现多人审批
PHP实现多人审批系统
构建一个多人审批系统需要设计数据库结构、审批流程逻辑以及用户交互界面。以下是实现的关键步骤:
数据库设计
创建必要的数据库表来存储审批流程、审批记录和用户信息:
CREATE TABLE users (
id INT PRIMARY KEY AUTO_INCREMENT,
username VARCHAR(50) NOT NULL,
password VARCHAR(255) NOT NULL,
role VARCHAR(20) NOT NULL
);
CREATE TABLE approval_requests (
id INT PRIMARY KEY AUTO_INCREMENT,
requester_id INT NOT NULL,
title VARCHAR(100) NOT NULL,
description TEXT,
status ENUM('pending', 'approved', 'rejected') DEFAULT 'pending',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (requester_id) REFERENCES users(id)
);
CREATE TABLE approval_steps (
id INT PRIMARY KEY AUTO_INCREMENT,
request_id INT NOT NULL,
approver_id INT NOT NULL,
step_order INT NOT NULL,
status ENUM('pending', 'approved', 'rejected') DEFAULT 'pending',
comments TEXT,
updated_at TIMESTAMP NULL,
FOREIGN KEY (request_id) REFERENCES approval_requests(id),
FOREIGN KEY (approver_id) REFERENCES users(id)
);审批流程逻辑
实现多级审批的核心处理代码:
function submitApprovalRequest($requesterId, $title, $description, $approvers) {
global $db;
// 插入审批请求
$stmt = $db->prepare("INSERT INTO approval_requests (requester_id, title, description) VALUES (?, ?, ?)");
$stmt->execute([$requesterId, $title, $description]);
$requestId = $db->lastInsertId();
// 添加审批步骤
$order = 1;
foreach ($approvers as $approverId) {
$stmt = $db->prepare("INSERT INTO approval_steps (request_id, approver_id, step_order) VALUES (?, ?, ?)");
$stmt->execute([$requestId, $approverId, $order++]);
}
return $requestId;
}
function processApprovalStep($stepId, $approverId, $decision, $comments = '') {
global $db;
// 验证审批权限
$stmt = $db->prepare("SELECT * FROM approval_steps WHERE id = ? AND approver_id = ? AND status = 'pending'");
$stmt->execute([$stepId, $approverId]);
$step = $stmt->fetch();
if (!$step) {
return false;
}
// 更新当前步骤状态
$stmt = $db->prepare("UPDATE approval_steps SET status = ?, comments = ?, updated_at = NOW() WHERE id = ?");
$stmt->execute([$decision, $comments, $stepId]);
// 检查是否所有步骤完成
$stmt = $db->prepare("SELECT COUNT(*) FROM approval_steps WHERE request_id = ? AND status = 'pending'");
$stmt->execute([$step['request_id']]);
$pendingSteps = $stmt->fetchColumn();
if ($pendingSteps == 0) {
// 所有步骤完成,更新请求状态
$finalStatus = $decision == 'approved' ? 'approved' : 'rejected';
$stmt = $db->prepare("UPDATE approval_requests SET status = ? WHERE id = ?");
$stmt->execute([$finalStatus, $step['request_id']]);
}
return true;
}用户界面交互
创建基本的用户界面模板:
// 审批请求表单
<form action="submit_request.php" method="post">
<input type="text" name="title" placeholder="请求标题" required>
<textarea name="description" placeholder="详细说明" required></textarea>
<select name="approvers[]" multiple required>
<?php foreach ($allApprovers as $approver): ?>
<option value="<?= $approver['id'] ?>"><?= $approver['username'] ?></option>
<?php endforeach; ?>
</select>
<button type="submit">提交审批</button>
</form>
// 审批操作界面
function displayApprovalTasks($userId) {
global $db;
$stmt = $db->prepare("SELECT ar.*, as.id as step_id FROM approval_requests ar
JOIN approval_steps as ON ar.id = as.request_id
WHERE as.approver_id = ? AND as.status = 'pending'
ORDER BY as.step_order");
$stmt->execute([$userId]);
$tasks = $stmt->fetchAll();
foreach ($tasks as $task) {
echo "<div class='task'>
<h3>{$task['title']}</h3>
<p>{$task['description']}</p>
<a href='approve.php?step={$task['step_id']}&decision=approved'>批准</a>
<a href='approve.php?step={$task['step_id']}&decision=rejected'>拒绝</a>
</div>";
}
}高级功能扩展
实现更复杂的审批流程功能:
// 条件审批路由
function getNextApproversBasedOnConditions($requestId, $currentStepDecision) {
// 根据业务规则确定下一步审批人
// 例如:金额大于10000需要财务总监审批
}
// 审批超时处理
function checkForOverdueApprovals() {
// 查找超过规定时间未处理的审批步骤
// 发送提醒或自动转交他人处理
}
// 审批历史追踪
function getApprovalHistory($requestId) {
// 获取请求的所有审批步骤及状态变化
}安全注意事项
确保审批系统的安全性:
- 实施严格的权限验证,确保用户只能审批分配给自己的请求
- 对敏感操作记录详细日志
- 使用预处理语句防止SQL注入
- 实施CSRF保护机制
以上实现提供了多人审批系统的基本框架,可根据具体业务需求进行扩展和定制。
