refactor: Change collect/unreceive endpoints to use path parameters instead of JSON body

- Update collect() and unreceive() to accept samplenumber as path param
- Improve unreceive logic with better Firebird update handling
- Update routes and frontend to match new endpoint signature

app/Config/Routes.php

@@ -50,13 +50,13 @@ $routes->group('api', function ($routes) {
     $routes->group('samples', function ($routes) {
         // Collect & Show - All Roles
         $routes->group('', ['filter' => 'role:0,1,2,3,4'], function ($routes) {
-            $routes->post('collect/(:any)', 'SamplesController::collect/$1');
+            $routes->post('collect/(:any)/(:any)', 'SamplesController::collect/$1/$2');
             $routes->get('(:any)', 'SamplesController::show/$1');
         });
 
         // Unreceive - Only Superuser (0) and Admin (1)
         $routes->group('', ['filter' => 'role:0,1'], function ($routes) {
-            $routes->delete('receive/(:any)', 'SamplesController::unreceive/$1');
+            $routes->post('unreceive/(:any)/(:any)', 'SamplesController::unreceive/$1/$2');
         });
     });
 

app/Controllers/SamplesController.php

@@ -64,11 +64,9 @@ class SamplesController extends BaseController
     return $this->response->setJSON($resp);
   }
 
-  public function collect($accessnumber)
+  public function collect($accessnumber, $samplenumber)
   {
     $db = \Config\Database::connect();
-    $input = $this->request->getJSON(true);
-    $samplenumber = $input['samplenumber'];
     $userid = session('userid');
     $sql = "update GDC_CMOD.dbo.TUBES set USERID='$userid',STATUS='1', COLLECTIONDATE=getdate() where ACCESSNUMBER='$accessnumber' and TUBENUMBER='$samplenumber'";
     $db->query($sql);
@@ -78,11 +76,16 @@ class SamplesController extends BaseController
     return $this->respondCreated(['status' => 'success', 'message' => 'Data updated successfully', 'data' => "$accessnumber-$samplenumber"], 201);
   }
 
-  public function unreceive($accessnumber)
+  public function unreceive($accessnumber, $samplenumber)
   {
     $db = \Config\Database::connect();
-    $input = $this->request->getJSON(true);
-    $samplenumber = $input['samplenumber'];
+    
+    // Get HOSTORDERNUMBER for Firebird updates
+    $sql = "SELECT r.HOSTORDERNUMBER FROM glendb.dbo.SP_REQUESTS r WHERE r.SP_ACCESSNUMBER='$accessnumber'";
+    $row = $db->query($sql)->getRowArray();
+    $hon = $row['HOSTORDERNUMBER'] ?? '';
+    
+    // Get test codes for this sample
     $sql = "select r.EXTERNALORDERNUMBER, dt.TESTCODE, do.HISCODE from glendb.dbo.TESTS t
       left join glendb.dbo.DICT_TESTS dt on dt.TESTID=t.TESTID
       left join glendb.dbo.REQUESTS r on r.REQUESTID=t.REQUESTID
@@ -95,7 +98,6 @@ class SamplesController extends BaseController
     $his_test = '';
     $lis_test = '';
     foreach ($rows as $row) {
-      $hon = $row['EXTERNALORDERNUMBER'];
       $testcode = $row['TESTCODE'];
       $hiscode = $row['HISCODE'];
       $his_test .= "'$hiscode',";
@@ -103,17 +105,32 @@ class SamplesController extends BaseController
     }
     $his_test = rtrim($his_test, ',');
     $lis_test = rtrim($lis_test, ',');
+    
+    // Update Firebird TDL_ORDERDT
     $conn = odbc_connect('GLENEAGLES', '', '');
-    $sql = "UPDATE TDL_ORDERDT SET ODD_NRECEIVED=NULL , ODD_DTRECEIVE=NULL WHERE ODR_CNOLAB='$hon' and ODD_CPRODUCTCODE IN ($his_test)";
-    $rs = odbc_exec($conn, $sql);
-    if (!$rs) {
-      exit("Error in Update FB");
+    if ($his_test) {
+      $sql = "UPDATE TDL_ORDERDT SET ODD_NRECEIVED=NULL, ODD_DTRECEIVE=NULL WHERE ODR_CNOLAB='$hon' AND ODD_CPRODUCTCODE IN ($his_test)";
+      odbc_exec($conn, $sql);
     }
-
-    $sql = "update SP_TUBES set TUBESTATUS=0 where SP_ACCESSNUMBER='$accessnumber' and SAMPLETYPE='$samplenumber' ";
+    
+    // Audit logging
+    $userid = session('userid') ?? 'system';
+    $sql = "INSERT INTO GDC_CMOD.dbo.AUDIT_REQUESTS(ACCESSNUMBER, STEPDATE, STEPTYPE, USERID) 
+      VALUES('$accessnumber', GETDATE(), 'UNRECV', '$userid')";
     $db->query($sql);
-    $sql = "update SP_TESTS set SP_TESTSTATUS=NULL where SP_ACCESSNUMBER='$accessnumber' and SP_TESTCODE in ($lis_test)";
+    
+    // Update SP_TUBES
+    $sql = "UPDATE SP_TUBES SET TUBESTATUS=0 WHERE SP_ACCESSNUMBER='$accessnumber' AND SAMPLETYPE='$samplenumber'";
     $db->query($sql);
-    return $this->respondCreated(['status' => 'success', 'message' => 'Data updated successfully', 'data' => "$accessnumber-$samplenumber"], 201);
+    
+    // Update SP_TESTS
+    $sql = "UPDATE SP_TESTS SET SP_TESTSTATUS=NULL WHERE SP_ACCESSNUMBER='$accessnumber' AND SP_TESTCODE IN ($lis_test)";
+    $db->query($sql);
+    
+    // Update REQUESTS_RECEIVE
+    $sql = "UPDATE GDC_CMOD.dbo.REQUESTS_RECEIVE SET RECEIVESTATUS=NULL WHERE ACCESSNUMBER='$accessnumber'";
+    $db->query($sql);
+    
+    return $this->respondCreated(['status' => 'success', 'message' => 'Sample unreceived successfully', 'data' => "$accessnumber-$samplenumber"], 201);
   }
 }

app/Views/shared/script_requests.php

@@ -192,9 +192,8 @@ document.addEventListener('alpine:init', () => {
 		},
 
 		collect(sampcode, accessnumber) {
-			fetch(`${BASEURL}/api/samples/collect/${accessnumber}`, {
-				method: 'POST', headers: { 'Content-Type': 'application/json' },
-				body: JSON.stringify({ samplenumber: sampcode, userid: '<?= session('userid'); ?>' })
+			fetch(`${BASEURL}/api/samples/collect/${accessnumber}/${sampcode}`, {
+				method: 'POST', headers: { 'Content-Type': 'application/json' }
 			})
 				.then(res => res.json()).then(data => {
 					this.fetchItem(accessnumber);
@@ -203,9 +202,8 @@ document.addEventListener('alpine:init', () => {
 
 		unreceive(sampcode, accessnumber) {
 			if (!confirm(`Unreceive sample ${sampcode} from request ${accessnumber}?`)) { return; }
-			fetch(`${BASEURL}/api/samples/unreceive/${accessnumber}`, {
-				method: 'POST', headers: { 'Content-Type': 'application/json' },
-				body: JSON.stringify({ samplenumber: sampcode, userid: '<?= session('userid'); ?>' })
+			fetch(`${BASEURL}/api/samples/unreceive/${accessnumber}/${sampcode}`, {
+				method: 'POST', headers: { 'Content-Type': 'application/json' }
 			})
 				.then(res => res.json()).then(data => {
 					this.fetchItem(accessnumber);

docs/unrecv_all.php

@@ -0,0 +1,36 @@
+<pre>
+<?php
+include("../config.php");
+$req = $_GET['req'];
+//$sql = "select r.EXTERNALORDERNUMBER from glendb.dbo.REQUESTS r where r.ACCESSNUMBER='$req'";
+$sql = "select r.HOSTORDERNUMBER from glendb.dbo.SP_REQUESTS r where r.SP_ACCESSNUMBER='$req'";
+$stmt = sqlsrv_query( $conn1, $sql );
+if( $stmt == false) { die( print_r( sqlsrv_errors(), true) ); }
+$row = sqlsrv_fetch_array( $stmt, SQLSRV_FETCH_NUMERIC);
+$hon = $row[0];
+
+$conn=odbc_connect('GLENEAGLES','','');
+$sql="UPDATE TDL_ORDER SET ODR_NRECEIVED=NULL , ODR_DTRECEIVE=NULL WHERE ODR_CNOLAB='$hon'";
+$rs=odbc_exec($conn,$sql);
+if (!$rs) {exit("Error in SQL");}
+$sql="UPDATE TDL_ORDERDT SET ODD_NRECEIVED=NULL , ODD_DTRECEIVE=NULL WHERE ODR_CNOLAB='$hon'";
+$rs=odbc_exec($conn,$sql);
+if (!$rs) {exit("Error in SQL");}
+
+//logging to audit
+$sql = "INSERT INTO GDC_CMOD.dbo.AUDIT_REQUESTS(ACCESSNUMBER, STEPDATE, STEPTYPE) 
+	VALUES('$req', GETDATE(), 'UNRECV')";
+sqlsrv_query( $conn1, $sql ) or die( print_r( sqlsrv_errors(), true) );
+// update sp_tubes
+$sql = "update SP_TUBES set TUBESTATUS=0 where SP_ACCESSNUMBER='$req'";
+echo "<br/>$sql";
+sqlsrv_query( $conn1, $sql ) or die( print_r( sqlsrv_errors(), true) );
+// update sp_tests
+$sql = "update SP_TESTS set SP_TESTSTATUS=NULL where SP_ACCESSNUMBER='$req' ";
+sqlsrv_query( $conn1, $sql ) or die( print_r( sqlsrv_errors(), true) );
+// update sp_tests
+$sql = "update GDC_CMOD.dbo.REQUESTS_RECEIVE set RECEIVESTATUS=NULL where ACCESSNUMBER='$req' ";
+sqlsrv_query( $conn1, $sql ) or die( print_r( sqlsrv_errors(), true) );
+
+?>
+</pre>