From e8f4b2ac6a5655b42448931e5cc8d2270bd84825 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mathias=20Gla=CC=88ser?= <mathias.glaeser@beaufort.ch>
Date: Tue, 16 Jun 2026 15:42:38 +0200
Subject: [PATCH] Fix direct order insert

---
 modules/erp/bestellungen/service.php | 39 +++++++++++++++++++---------
 1 file changed, 27 insertions(+), 12 deletions(-)

diff --git a/modules/erp/bestellungen/service.php b/modules/erp/bestellungen/service.php
index fa6c735..712d45a 100644
--- a/modules/erp/bestellungen/service.php
+++ b/modules/erp/bestellungen/service.php
@@ -130,23 +130,38 @@ function create_direct_sales_order(PDO $pdo, array $fields): array
         throw new RuntimeException('Missing order date');
     }
 
+    $sequenceStmt = $pdo->query("SELECT nextval(pg_get_serial_sequence('sales_order', 'id')) AS id");
+    $sequenceRow = $sequenceStmt !== false ? $sequenceStmt->fetch() : false;
+    if (!is_array($sequenceRow) || !isset($sequenceRow['id'])) {
+        throw new RuntimeException('Could not reserve order id');
+    }
+
+    $orderId = (int) $sequenceRow['id'];
+    $externalRef = sprintf(
+        'DIR-%s-%05d',
+        (new DateTimeImmutable($orderDate))->format('Ymd'),
+        $orderId
+    );
+
     $stmt = $pdo->prepare(
-        "WITH next_id AS (
-            SELECT nextval(pg_get_serial_sequence('sales_order', 'id')) AS id
-         )
-         INSERT INTO sales_order (
+        'INSERT INTO sales_order (
             id, external_ref, party_id, order_source, order_date, order_status, payment_status, payment_method_id,
             amount_net, amount_shipping, amount_tax, amount_discount, total_amount, currency, imported_at, created_at, updated_at
+         ) VALUES (
+            :id, :external_ref, :party_id, \'direct\', :order_date, \'imported\', \'paid\', :payment_method_id,
+            :amount_net, 0, 0, 0, :total_amount, \'CHF\', NOW(), NOW(), NOW()
          )
-         SELECT
-            next_id.id,
-            'DIR-' || TO_CHAR(CAST(:order_date AS timestamp), 'YYYYMMDD') || '-' || LPAD(next_id.id::text, 5, '0'),
-            :party_id, 'direct', :order_date, 'imported', 'paid', :payment_method_id,
-            :amount_net, 0, 0, 0, :total_amount, 'CHF', NOW(), NOW(), NOW()
-         FROM next_id
-         RETURNING id, external_ref"
+         RETURNING id, external_ref'
     );
-    $stmt->execute($fields);
+    $stmt->execute([
+        ':id' => $orderId,
+        ':external_ref' => $externalRef,
+        ':party_id' => $fields[':party_id'] ?? null,
+        ':order_date' => $orderDate,
+        ':payment_method_id' => $fields[':payment_method_id'] ?? null,
+        ':amount_net' => $fields[':amount_net'] ?? null,
+        ':total_amount' => $fields[':total_amount'] ?? null,
+    ]);
 
     $row = $stmt->fetch();
     if ($row === false) {