migrate to new git

2025-08-29 01:27:25 +08:00
parent 946eb9961e
commit af2c152ef6
8623 changed files with 1000453 additions and 1 deletions
--- a/web/App_Code/api/FilesController.cs
+++ b/web/App_Code/api/FilesController.cs
@@ -0,0 +1,66 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using System.IO;
+using System.Web;
+//using System.Web.Helpers;
+using System.Web.Hosting;
+using System.Net.Http.Headers;
+using System.Threading.Tasks;
+//using System.Web.Mvc;
+
+
+[Route("files")]
+public class FilesController : ApiController
+{
+    // GET api/<controller>
+    public IEnumerable<string> Get()
+    {
+        return new string[] { "value1", "value2" };
+    }
+
+    [Route("upload/{*url}")]
+    public async Task<HttpResponseMessage> get_upload(string url)
+    {
+        var path = Sites.get_url("upload", url);
+        if (!System.IO.File.Exists(path))
+        {
+            throw new HttpResponseException(HttpStatusCode.NotFound);
+        }
+        string mimeType = MimeMapping.GetMimeMapping(path);
+
+        HttpResponseMessage response = new HttpResponseMessage();
+        response.Content = new StreamContent(new FileStream(path, FileMode.Open));
+        response.Content.Headers.ContentType = new MediaTypeHeaderValue(mimeType);
+        response.Headers.CacheControl = new CacheControlHeaderValue()
+        {
+            Public = true,
+            MaxAge = TimeSpan.FromSeconds(Sites.MaxAge)
+        }; 
+
+        return response;
+    }
+    [Route("public/{*url}")]
+    public string get_public (string url)
+    {
+        return "public:" + url;
+    }
+
+    // POST api/<controller>
+    public void Post([FromBody] string value)
+    {
+    }
+
+    // PUT api/<controller>/5
+    public void Put(int id, [FromBody] string value)
+    {
+    }
+
+    // DELETE api/<controller>/5
+    public void Delete(int id)
+    {
+    }
+}
--- a/web/App_Code/api/FilesSetController.cs
+++ b/web/App_Code/api/FilesSetController.cs
@@ -0,0 +1,182 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using PagedList;
+using Newtonsoft.Json;
+using System.Collections;
+
+
+// api/FilesSet
+//[ezAuthorize(Roles = "admin")]//群組:*
+[ezAuthorize]
+public class FilesSetController : ApiController
+{
+    private Model.ezEntities _db = new Model.ezEntities();
+    // GET api/<controller>
+    public IEnumerable<Model.file> Get()
+    {
+        var list = _db.files.ToList();
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    public IEnumerable<Model.file> Get(int page, int pageSize = 10, 
+        string sortBy="", bool sortDesc=false)
+    {
+        var list = _db.files.OrderBy(o=>o.num).ToPagedList(page, pageSize);
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    // GET api/<controller>/5
+    public Model.file Get(int id)
+    {
+        var item = _db.files.Where(q => q.num == id).FirstOrDefault();
+        //if (item == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return item;
+    }
+
+    // POST api/<controller>
+    public void Post([FromBody] Model.file item)
+    {
+    }
+
+    // PUT api/<controller>/5
+    public void Put(int id, [FromBody] Model.file item)
+    {
+    }
+
+    // DELETE api/<controller>/5
+    public void Delete(int id)
+    {
+        var prod = _db.files.AsEnumerable().Where(q => q.num == id).FirstOrDefault(); //刪除該筆資料
+        if (prod != null)
+        {
+            //var prod2 = _db.actItem_files.AsEnumerable().Where(q => q.files_num == id).ToList(); //刪除品項的相關文件
+            //if (prod2.Count > 0)
+            //{
+            //    //查詢結果全部刪除
+            //    _db.actItem_files.RemoveRange(prod2);
+            //}
+            _db.actItem_files.RemoveRange(prod.actItem_files);
+
+
+            _db.files.Remove(prod);
+            _db.SaveChanges();//執行
+
+            Model.admin_log admin_log = new Model.admin_log();
+            MyWeb.admin admin = new MyWeb.admin();//api裡不可以用MyWeb
+            if (admin.isLoign())
+            {
+                admin_log.writeLog(admin.info.u_id, (int)Model.admin_log.Systems.Files, (int)Model.admin_log.Status.Delete, prod.subject);
+            }
+
+        }
+    }
+
+
+    [HttpDelete]
+    [Route("api/FilesSet/Delete/{nums}")]
+    public void Delete(string nums)
+    {
+        if (!string.IsNullOrEmpty(nums))
+        {
+            var ids = nums.TrimEnd(',').Split(',').Select(s => int.Parse(s));
+
+            var prod = _db.files.AsEnumerable().Where(q => ids.Contains(q.num)).ToList();
+            if (prod.Count() > 0)
+            {
+                //刪除品項的相關文件
+                var prod2 = _db.actItem_files.AsEnumerable().Where(q => ids.Contains(Convert.ToInt32(q.files_num))).ToList();
+                if (prod2.Count > 0)
+                {
+                    _db.actItem_files.RemoveRange(prod2);
+                }
+
+                _db.files.RemoveRange(prod);
+                _db.SaveChanges();
+
+                Model.admin_log admin_log = new Model.admin_log();
+                MyWeb.admin admin = new MyWeb.admin();//api裡不可以用MyWeb
+                if (admin.isLoign())
+                {
+                    admin_log.writeLog(admin.info.u_id, (int)Model.admin_log.Systems.Files, (int)Model.admin_log.Status.Delete, admin_log.LogViewBtn(prod.Select(x => x.subject).ToList()));
+                }
+            }
+        }
+        
+    }
+
+
+    [HttpGet]
+    [Route("api/FilesSet/count")]
+    public int Count()
+    {
+        var count = _db.files.Count();
+        return count;
+    }
+    [HttpPost]
+    [Route("api/FilesSet/GetList")]
+    public IHttpActionResult GetList([FromBody] Model.ViewModel.files q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.files.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.subject))
+            qry = qry.Where(o => o.subject.Contains(q.subject));
+     
+        if (q.reg_time1.HasValue)
+            qry = qry.Where(o => o.reg_time >= q.reg_time1.Value);
+        if (q.reg_time2.HasValue)
+            qry = qry.Where(o => o.reg_time < Convert.ToDateTime(q.reg_time2.Value).AddDays(1));
+
+        if (sortBy.Equals("subject"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.subject);
+            else
+                qry = qry.OrderBy(o => o.subject);
+        }
+        else if (sortBy.Equals("start_date"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.reg_time);
+            else
+                qry = qry.OrderBy(o => o.reg_time);
+        }
+        else if (sortBy.Equals("end_date"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.modify_time);
+            else
+                qry = qry.OrderBy(o => o.modify_time);
+        }
+        else
+            qry = qry.OrderByDescending(o => o.num);
+
+        var ret = new
+        {
+             list = qry.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                 subject = x.subject,
+                 reg_time = x.reg_time,
+                 modify_time = x.modify_time,
+                 word = x.word,
+               
+            }),
+            count = qry.Count()
+
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+    
+
+}
--- a/web/App_Code/api/FollowerController.cs
+++ b/web/App_Code/api/FollowerController.cs
@@ -0,0 +1,690 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using PagedList;
+using Newtonsoft.Json;
+using System.Collections;
+using DocumentFormat.OpenXml.Office2010.Excel;
+using MyWeb;
+using System.Data.Entity;
+
+// api/Follower
+//[ezAuthorize(Roles = "admin")]//群組:*
+[ezAuthorize]
+//[RoutePrefix("api/follower")]
+public class FollowerController : ApiController
+{
+    private Model.ezEntities _db = new Model.ezEntities();
+    // GET api/<controller>
+    public IEnumerable<Model.follower> Get()
+    {
+        var list = _db.followers.ToList();
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    public IEnumerable<Model.follower> Get(int page, int pageSize = 10, 
+        string sortBy="", bool sortDesc=false)
+    {
+        var list = _db.followers.OrderBy(o=>o.f_number).ToPagedList(page, pageSize);
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    // GET api/<controller>/5
+    public Model.follower Get(int id)
+    {
+        var item = _db.followers.Where(q => q.num == id).FirstOrDefault();
+        //if (item == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return item;
+    }
+
+    // POST api/<controller>
+    public void Post([FromBody] Model.follower item)
+    {
+    }
+
+    // PUT api/<controller>/5
+    public void Put(int id, [FromBody] Model.follower item)
+    {
+    }
+
+    // DELETE api/<controller>/5
+    public void Delete(int id)
+    {
+        var prod = _db.followers.AsEnumerable().Where(q => q.num == id).FirstOrDefault(); //刪除該筆資料
+        /*if (prod != null)
+        {
+
+            prod.pro_order_detail.Clear(); // Clear 方法來清除相關聯的 Child 資料，針對選擇性關聯欄位，它就會自動將欄位值更新成 null。
+            prod.pro_order.Clear();
+                        
+            prod.leader = null;//清空leader
+
+            _db.followers.Remove(prod);
+            _db.SaveChanges();//執行
+
+            Model.admin_log admin_log = new Model.admin_log();
+            MyWeb.admin admin = new MyWeb.admin();//api裡不可以用MyWeb
+            if (admin.isLoign())
+            {
+                admin_log.writeLog(admin.info.u_id, (int)Model.admin_log.Systems.Follower, (int)Model.admin_log.Status.Delete, prod.f_number+prod.u_name);
+            }
+
+        }*/
+        if (prod != null)
+        {
+            ////prod.IsDel = true; ////不確定是否新增欄位? 先註解
+            _db.SaveChanges();
+            Model.admin_log admin_log = new Model.admin_log();
+            MyWeb.admin admin = new MyWeb.admin();//api裡不可以用MyWeb
+            if (admin.isLoign())
+            {
+                admin_log.writeLog(admin.info.u_id, (int)Model.admin_log.Systems.Follower, (int)Model.admin_log.Status.Delete, prod.f_number + prod.u_name);
+            }
+        }
+    }
+
+    [HttpDelete]
+    [Route("api/follower/Delete/{nums}")]
+    public void Delete(string nums)
+    {
+        if (!string.IsNullOrEmpty(nums))
+        {
+            var getDelItem = nums.TrimEnd(',').Split(',').Select(s => int.Parse(s));
+
+            var prod = _db.followers.AsEnumerable().Where(q => getDelItem.Contains(q.num)).ToList();
+            if (prod.Count() > 0)
+            {               
+                foreach (var item in prod)
+                {
+                    foreach (var item2 in item.pro_order_detail1)
+                        item2.from_id = null; //清空訂單明細的陽上報恩者from_id //f_num設定串聯刪除
+
+                    foreach (var item2 in item.pro_order)
+                        item2.introducer = null; 
+
+                    item.leader = null;//清空leader
+
+                }
+
+                _db.followers.RemoveRange(prod);
+                _db.SaveChanges();
+
+                Model.admin_log admin_log = new Model.admin_log();
+                MyWeb.admin admin = new MyWeb.admin();//api裡不可以用MyWeb
+                if (admin.isLoign())
+                {
+                    admin_log.writeLog(admin.info.u_id, (int)Model.admin_log.Systems.Follower, (int)Model.admin_log.Status.Delete, admin_log.LogViewBtn(prod.Select(x => x.f_number + x.u_name).ToList()));
+                }
+
+            }
+        }
+        
+    }
+
+
+    [HttpGet]
+    [Route("api/follower/count")]
+    public int Count()
+    {
+        var count = _db.followers.Count();
+        return count;
+    }
+    [HttpPost]
+    [Route("api/follower/GetList")]
+    public IHttpActionResult GetList([FromBody] Model.ViewModel.follower q, 
+        int page, int pageSize = 10, string sortBy = "", bool sortDesc = false)
+    {
+        ////var qry = _db.followers.Where(a => a.IsDel == false).AsEnumerable();////不確定是否新增欄位? 先註解
+        var qry = _db.followers.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.f_number))
+            qry = qry.Where(o => o.f_number.Contains(q.f_number.Trim()));
+        if (!string.IsNullOrEmpty(q.u_name))
+            qry = qry.Where(o => o.u_name.Contains(q.u_name.Trim()));
+        if (q.birthday.HasValue)
+            qry = qry.Where(o => o.birthday >= q.birthday.Value);
+        if (q.birthday2.HasValue) 
+            qry = qry.Where(o => o.birthday < Convert.ToDateTime(q.birthday2.Value).AddDays(1));
+        if (!string.IsNullOrEmpty(q.address))
+            qry = qry.Where(o => o.address !=null &&  o.address.Contains(q.address?.Trim()));
+        //if (q.num.HasValue && q.num.Value>0)
+        //    qry = qry.Where(o => o.num==q.num.Value);
+        if (q.ept_self.HasValue && q.ept_self.Value )//排除自己
+        {
+            qry = qry.Where(o => o.num != q.num.Value);
+        }
+        if (!string.IsNullOrEmpty(q.country))
+            qry = qry.Where(o => o.country== q.country);
+        if (!string.IsNullOrEmpty(q.country2))
+        {
+            if (q.country2 == "1")
+            {
+                qry = qry.Where(o => o.country == "158");
+            }else if (q.country2 == "2")
+            {
+                qry = qry.Where(o => o.country != "158");
+
+            }
+        }
+
+
+        if (sortBy.Equals("f_number"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.f_number);            
+            else
+                qry = qry.OrderBy(o => o.f_number);
+        }
+        else if (sortBy.Equals("u_name"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.u_name);
+            else
+                    qry = qry.OrderBy(o => o.u_name);            
+        }
+        else if (sortBy.Equals("identity_type_desc"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.identity_type);            
+            else
+                qry = qry.OrderBy(o => o.identity_type);
+        }
+        else if (sortBy.Equals("sex"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.sex);            
+            else
+                qry = qry.OrderBy(o => o.sex);
+        }
+        else if (sortBy.Equals("birthday"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.birthday);            
+            else
+                qry = qry.OrderBy(o => o.birthday);
+        }
+        else
+            qry = qry.OrderByDescending(o => o.num);
+
+            MyWeb.encrypt encrypt = new MyWeb.encrypt();
+
+        var tdesc = publicFun.enum_desc<Model.follower.type>();
+        var count = qry.Count(); //pageSize = count;//一次取回??
+        var ret = new
+        {
+            list = qry.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                f_number = x.f_number,
+                u_name = x.u_name,
+                sex = x.sex,
+                birthday = x.birthday, //?.ToString("yyyy/MM/dd"),
+                birthday2 = publicFun.chagenDate(x.birthday), //?.ToString("yyyy/MM/dd"),
+                sign = Model.follower.chagenSign(x.birthday), //NULL??
+                sexagenary = Model.follower.sexagenary(x.birthday),
+                identity_type = x.identity_type,
+                //identity_type_string = Enum.GetName( typeof(Model.follower.type), x.identity_type),
+                //identity_type_string1 = ((Model.follower.type)(x.identity_type??0)).ToString(),
+                identity_type_desc = tdesc[x.identity_type ?? 1] ,//TryGetValue..
+
+                    phone = x.phone,
+                    phoneDes =  encrypt.DecryptAutoKey(x.phone), //--MyWeb.function X
+                    refugedate=x.refugedate,
+                    refuge_name = x.refuge_name,
+                    email = x.email,
+                    address = x.address,
+                    cellphone = x.cellphone,
+                    cellphoneDes = encrypt.DecryptAutoKey(x.cellphone),
+
+                }),
+            count = count
+
+        };
+
+
+
+        /* SQL: 
+            SELECT 
+            [Extent1].[num] AS [num], 
+            [Extent1].[f_number] AS [f_number], 
+            [Extent1].[u_name] AS [u_name], 
+            [Extent1].[sex] AS [sex], 
+            [Extent1].[identity_type] AS [identity_type], 
+            [Extent1].[birthday] AS [birthday], 
+            [Extent1].[phone] AS [phone], 
+            [Extent1].[email] AS [email], 
+            [Extent1].[refugedate] AS [refugedate], 
+            [Extent1].[refuge_name] AS [refuge_name], 
+            [Extent1].[address] AS [address], 
+            [Extent1].[demo] AS [demo], 
+            [Extent1].[nation] AS [nation], 
+            [Extent1].[leader] AS [leader]
+            FROM [dbo].[followers] AS [Extent1]
+
+        */
+        //LINQ查詢必需要寫成: 能轉成SQL指令的查詢, 故小心呼叫自訂函數(或無法)
+        //要學會用原生的寫法, 新式的寫法, 東西都往 MyWeb.function 裡塞, 是錯的, 要思考其合理性
+        //API應該儘量提供資料而不是"格式"
+        //日期轉字串: 如要用VUE做, 傳回date而不要tostring, 用filter + moment.js做
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+    /*
+     write a post action: checkHashFollower
+        input: phone, idcode
+        pass to encrypt.cs: followerHash, get hash
+        query db: followers where follower_hash==hash to follower        
+        output: follower (or null)
+     */
+
+    [HttpPost]
+    [Route("api/follower/GetFamilyList")]
+    public IHttpActionResult GetFamilyList([FromBody] Model.ViewModel.follower q,
+        int page, int pageSize = 10, string sortBy = "", bool sortDesc = false)
+    {
+        int _follower = q.num.HasValue && q.num.Value > 0 ? q.num.Value : 0;
+        if (_follower > 0)
+        {
+            //家族 : 家長是我的人,跟我同家長的人,我的家長本人,我本人
+            //var cc = _db.followers.AsEnumerable().Where(x => x.num == 103 || x.leader == 103).Select(x => x.num);
+            //var aa = _db.followers.Where(x => x.num == 103 || x.leader == 103).Select(x => x.num);
+            //var bb = _db.followers.Where(i => aa.Any(x => x == i.num) || aa.Any(x => x == i.leader)).ToList();
+
+            int myLeader = _db.followers.Where(x => x.num == _follower).Select(x => x.leader??0).FirstOrDefault();  //我的家長
+            
+            var cc = _db.followers.Where(x => x.num == _follower || x.leader == _follower).Select(x => x.num);
+
+            //var qry =
+            //from c in foDt
+            //where c.leader == _follower ||
+            //    ((from o in foDt
+            //      where o.num == _follower
+            //     select o.leader).Contains(c.leader) && c.leader != null) ||
+            //    (from o in foDt
+            //     where o.num == _follower
+            //     select o.leader).Contains(c.num) ||
+            //        c.num == _follower 
+            //select c;
+
+            if (q.ept_self.HasValue && q.ept_self.Value) //排除自己
+            {
+                //qry =
+                //from c in foDt
+                //where c.leader == _follower ||
+                //    ((from o in foDt
+                //      where o.num == _follower
+                //      select o.leader).Contains(c.leader) && c.leader != null)
+                //      && c.num != _follower
+                //select c;
+
+                if (myLeader > 0)//有家長
+                {
+                    //跟我同家長的人
+                    cc = _db.followers.Where(x => x.num != _follower &&  (x.leader == _follower || x.leader == myLeader)).Select(x => x.num);
+                }
+                else
+                {
+                    cc = _db.followers.Where(x => x.num != _follower && x.leader == _follower).Select(x => x.num);
+
+                }
+
+            }
+          
+            //int ccc = cc.Count();
+
+           
+
+            var qry = _db.followers.AsEnumerable().Where(f => cc.Any(x => x == f.num) || cc.Any(x => x == f.leader));
+
+
+
+            if (!string.IsNullOrEmpty(q.f_number))
+                qry = qry.Where(o => o.f_number.Contains(q.f_number.Trim()));
+            if (!string.IsNullOrEmpty(q.u_name))
+                qry = qry.Where(o => o.u_name.Contains(q.u_name.Trim()));
+            if (q.birthday.HasValue)
+                qry = qry.Where(o => o.birthday >= q.birthday.Value);
+            if (q.birthday2.HasValue)
+                qry = qry.Where(o => o.birthday < Convert.ToDateTime(q.birthday2.Value).AddDays(1));
+            if (!string.IsNullOrEmpty(q.address))
+                qry = qry.Where(o => o.address.Contains(q.address.Trim()));
+
+            qry = qry.OrderByDescending(o => o.num);
+            MyWeb.encrypt encrypt = new MyWeb.encrypt();
+            var tdesc = publicFun.enum_desc<Model.follower.type>();
+            int i = 1;
+            var count = qry.Count(); //pageSize = count;//一次取回??
+            var ret = new
+            {
+                list = qry.ToPagedList(page, pageSize).Select(x => new
+                {
+                    id = i++,
+                    num = x.num,
+                    f_number = x.f_number,
+                    u_name = x.u_name,
+                    address = x.address,
+                    birthday = x.birthday,
+                    phone = x.phone,
+                    phoneDes = encrypt.DecryptAutoKey(x.phone),
+                    demo = x.demo,
+                    identity_type_desc = tdesc[x.identity_type ?? 1],                    
+                    f_num_selected = new
+                    {
+                        text = x.u_name,
+                        val = x.num,
+                    },
+                    //data_tmp = new //tmp 暫存用
+                    //{
+                    //    f_num_selected = new
+                    //    {
+                    //        text = x.u_name,
+                    //        val = x.num,
+                    //    },
+                    //    identity_type_desc = tdesc[x.identity_type ?? 1],
+                    //    birthday = x.birthday,
+                    //    phoneDes = encrypt.DecryptAutoKey(x.phone),
+                    //    demo = x.demo,
+                    //},
+                    appellation_id_selected = new
+                    {
+                        text = x.appellation?.title,
+                        val = x.appellation_id,
+                    },
+
+                }),
+                count = count
+
+            };
+
+            if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+            return Ok(ret);
+        }
+        else
+        {
+            return Ok("此訂單沒有姓名/名稱");
+        }
+
+    }
+
+    [HttpPost]
+    [Route("api/follower/familySave")]
+    public IHttpActionResult SaveDetailData([FromBody] Model.ViewModel.follower item)
+    {
+        if (item.leader.HasValue && item.leader.Value > 0 && item.f_num.HasValue && item.f_num.Value > 0)
+        {          
+            if (item.num.HasValue && item.num.Value > 0)
+            {
+                //原先就有設定家長 , -> 家人 :不變 or 變更
+                if (item.num.Value == item.f_num.Value)
+                {
+                    //變更其家人稱謂                 
+                    Model.follower _data = _db.followers.Where(q => q.num == item.f_num.Value).FirstOrDefault();//修改
+                    if (_data != null)
+                    {
+                        _data.appellation_id = item.appellation_id.Value;
+                        _db.SaveChanges();
+                        var ret = _data.num;
+                        return Ok(ret);
+                    }
+                    else
+                        return NotFound();
+                }
+                else
+                {
+                    //移除原先的家長設定
+                    Model.follower _data2 = _db.followers.Where(q => q.num == item.num.Value).FirstOrDefault();//修改
+                    if (_data2 != null)
+                    {
+                        _data2.leader = null;
+                        _data2.appellation_id = null;
+                        _db.SaveChanges();
+                    }
+
+                    //變更其家長設定                    
+                    Model.follower _data = _db.followers.Where(q => q.num == item.f_num.Value).FirstOrDefault();//修改
+                    if (_data != null)
+                    {
+                        _data.leader = item.leader.Value;
+                        _data.appellation_id = item.appellation_id.Value;
+                        _db.SaveChanges();
+                        var ret = _data.num;
+                        return Ok(ret);
+                    }
+                    else
+                        return NotFound();
+                }                
+            }
+            else
+            {
+                //新增家人              
+                //變更其家長設定                
+                Model.follower _data = _db.followers.Where(q => q.num == item.f_num.Value).FirstOrDefault();//修改
+                if (_data != null)
+                {
+                    _data.leader = item.leader.Value;
+                    _data.appellation_id = item.appellation_id.Value;
+                    _db.SaveChanges();
+
+                    var ret = _data.num;
+                    return Ok(ret);
+                }
+                else
+                    return NotFound();            
+
+            }
+        }
+        else
+        {
+            return NotFound();
+        }
+
+    }
+
+
+    [HttpPost]
+    [Route("api/follower/familyDelete")]
+    public IHttpActionResult familyDelete([FromBody] Model.ViewModel.follower item)
+    {
+        if (item.leader.HasValue && item.leader.Value > 0 && item.num.HasValue && item.num.Value > 0)
+        {
+            //移除原先的家長設定
+            Model.follower _data2 = _db.followers.Where(q => q.num == item.num.Value).FirstOrDefault();//修改
+            if (_data2 != null)
+            {
+                _data2.leader = null;
+                _db.SaveChanges();
+                return Ok();
+            }
+            else
+                return NotFound();
+
+        }
+        else
+        {
+            return NotFound();
+        }
+
+    }
+
+
+    [HttpPost]
+    [Route("api/follower/GetTabletList")]
+    public IHttpActionResult GetTabletList([FromBody] Model.follower q,
+        int page, int pageSize = 10, string sortBy = "", bool sortDesc = false)
+    {
+        int _follower = q.num;
+        pageSize = (pageSize < 0) ? 0 : pageSize;
+        if (_follower > 0)
+        {
+                      
+            var qry = _db.followers_tablet.AsEnumerable().Where(x=>( x.f_num??0) == _follower);
+            qry = qry.OrderByDescending(o => o.num);
+            var count = qry.Count(); //pageSize = count;//一次取回??
+            int i = 1;
+            var ret = new
+            {
+                list = qry.ToPagedList(page, pageSize).Select(x => new
+                {
+                    id = i++,
+                    num = x.num,
+                    f_num = x.f_num,
+                    type = x.type,
+                    title = x.title,                  
+                }),
+                count = count
+
+            };
+
+            if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+            
+            return Ok(ret);
+        
+        }
+
+        return NotFound();
+        
+
+    }
+
+    [HttpPost]
+    [Route("api/follower/tabletSave")]
+    public IHttpActionResult tabletSave([FromBody] Model.ViewModel.followers_tablet item)
+    {
+        if (item.num.HasValue && item.num.Value > 0)
+        {
+            //變更        
+            Model.followers_tablet _data = _db.followers_tablet.Where(q => q.num == item.num.Value).FirstOrDefault();//修改
+            if (_data != null)
+            {
+                _data.type = item.type;
+                _data.title = item.title;
+                _db.SaveChanges();
+                var ret = _data.num;
+                return Ok(ret);
+            }
+            else
+                return NotFound();
+
+        }
+        else
+        {
+            //新增
+            Model.followers_tablet _data = new Model.followers_tablet();
+            _data.f_num = item.f_num;
+            _data.type = item.type;
+            _data.title = item.title;
+            _db.followers_tablet.Add(_data);
+            _db.SaveChanges();
+            var ret = _data.num;
+            return Ok(ret);
+        }
+
+    }
+
+
+    [HttpDelete]
+    [Route("api/follower/tabletDelete/{id}")]
+    public void tabletDelete(int id)
+    {
+        var prod = _db.followers_tablet.AsEnumerable().Where(q => q.num == id).FirstOrDefault(); //刪除該筆資料
+        if (prod != null)
+        {
+            _db.followers_tablet.Remove(prod);
+            _db.SaveChanges();//執行
+
+        }
+    }
+
+    [HttpPost]
+    [Route("api/follower/checkHashFollower")]
+    public IHttpActionResult CheckHashFollower([FromBody] dynamic request)
+    {
+        if (request == null || request.phone == null || request.id_code == null)
+        {
+            return BadRequest("Invalid input");
+        }
+
+        string phone = request.phone;
+        string id_code = request.id_code;
+
+        // Pass phone and idcode to encrypt.cs to get the followerHash
+        encrypt enc = new encrypt();
+        string followerHash = enc.followerHash(phone, id_code);
+
+        // Query the database for followers where follower_hash == followerHash
+        var follower = _db.followers.FirstOrDefault(f => f.follower_hash == followerHash);
+
+        // Return the follower or null
+        return Ok(follower);
+    }
+    [HttpPost]
+    [Route("api/follower/orderrecord")]
+    public IHttpActionResult GetOrderRecord(int id = 0)
+    {
+        //獲取信眾報名活動記錄
+        if (id == 0)
+        {
+            return Ok();
+        }
+        var orderrecord = _db.pro_order.Where(x => x.f_num == id).Include(x => x.pro_order_detail).Include(x => x.follower).ToList();
+        var data = new
+        {
+            list = orderrecord.Select(x => new
+            {
+                orderno = x.order_no,
+                startdate = x.reg_time,
+                endtime = x.up_time,
+                pwcount = x.pro_order_detail.Where(a => a.actItem.act_bom.Where(b => b.item_num == a.actItem_num && b.package_num == null).Count() == 0).Count(),
+                amount = x.pro_order_detail.Select(o => (float?)o.price).Sum(),
+                activityname = x.activity.subject,
+                category = x.activity.activity_category_kind.kind,
+                order_item = x.pro_order_detail.Where(b => b.parent_num == null).Select(c => c.actItem.subject).Distinct().ToList(),
+            })
+        };
+        return Ok(data);
+    }
+    [HttpPost]
+    [Route("api/follower/totalorderamount")]
+    public IHttpActionResult GetTotalOrderCount(int id)
+    {
+        //獲取信眾的報名次數和報名總功德金
+        var orderList = _db.pro_order.Where(x => x.f_num == id).Select(x => x.order_no).ToList();
+        var totalprice = _db.pro_order_detail.Where(d => orderList.Contains(d.order_no)).Sum(d => (float?)d.price) ?? 0;
+        /*var totalPrice = (from d in _db.pro_order_detail
+                          join o in _db.pro_order on d.order_no equals o.order_no
+                          where  o.f_num == id
+                  select d.price).Sum();*/
+        var activityTimes = _db.pro_order.Where(x => x.f_num == id).Count();
+        return Ok(new { totalamount = totalprice, activity_times = activityTimes });
+    }
+    [HttpPost]
+    [Route("api/follower/orderreordpwlist")]
+    public IHttpActionResult GetPwList([FromUri] string orderno)
+    {
+        if (string.IsNullOrEmpty(orderno))
+        {
+            return Ok();
+        }
+        var pwlist = _db.pro_order_detail.Where(x => x.order_no == orderno).OrderBy(k => k.actItem_num).ToList();
+        var data = new
+        {
+            list = pwlist.Select(j => new
+            {
+                id = j.num,
+                orderno = j.order_no,
+                printid = j.print_id,
+                price = j.price,
+                pwname = j.actItem.subject,
+            })
+        };
+        return Ok(data);
+    }
+}
+
--- a/web/App_Code/api/LocationController.cs
+++ b/web/App_Code/api/LocationController.cs
@@ -0,0 +1,32 @@
+using Model;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+
+public class LocationController : ApiController
+{
+    private ezEntities _db = new ezEntities();
+
+    [HttpGet]
+    [Route("api/location/cities")]
+    public IHttpActionResult GetCities()
+    {
+        var cities = _db.PostCitiy.Select(c => c.city).Distinct().ToList();
+        return Ok(cities);
+    }
+
+    [HttpGet]
+    [Route("api/location/areas/{city}")]
+    public IHttpActionResult GetAreas(string city)
+    {
+        var areas = _db.PostNumber
+            .Where(p => p.City == city)
+            .Select(p => p.Area)
+            .Distinct()
+            .ToList();
+        return Ok(areas);
+    }
+}
--- a/web/App_Code/api/ShuWenController.cs
+++ b/web/App_Code/api/ShuWenController.cs
@@ -0,0 +1,388 @@
+using Model;
+using Newtonsoft.Json;
+using Newtonsoft.Json.Linq;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Web;
+using System.Web.Http;
+using DocumentFormat.OpenXml.Packaging;
+using DocumentFormat.OpenXml.Wordprocessing;
+using System.IO;
+using System.Net.Http;
+using System.Net;
+using DocumentFormat.OpenXml;
+using static Model.admin_log;
+using DocumentFormat.OpenXml.Bibliography;
+using PagedList;
+
+/// <summary>
+/// ShuWenController 的摘要描述
+/// </summary>
+public class ShuWenController : ApiController
+{
+    private Model.ezEntities _db = new Model.ezEntities();
+    public ShuWenController()
+    {
+        //
+        // TODO: 在這裡新增建構函式邏輯
+        //
+    }
+    [HttpGet]
+    [Route("api/shuwen/getshuwen")]
+    public IHttpActionResult GetShuWen(int? activitynum)
+    {
+        if (!activitynum.HasValue)
+        {
+            return BadRequest("請提供有效的 activitynum 參數。");
+        }
+        var shuwen = _db.ShuWens.Where(a => a.ActivityNum == activitynum).FirstOrDefault();
+        if(shuwen == null)
+        {
+            return Ok(new { message = "1", data = shuwen, latest = false });
+        }
+        var latest = _db.pro_order_detail.Where(b => b.pro_order.activity_num == activitynum)
+            .Where(c => c.UpdateTime > shuwen.UpdateTime).Count() > 0 ? false : true;
+        return Ok(new { message = "1", data = shuwen , latest= latest});
+    }
+    [HttpGet]
+    [Route("api/shuwen/StartGenerate")]
+    public IHttpActionResult CreateShuWen(int? activitynum)
+    {
+        if (!activitynum.HasValue)
+        {
+            return BadRequest("請提供有效的 activitynum 參數。");
+        }
+        var shuwen = _db.ShuWens.Where(a => a.ActivityNum == activitynum).FirstOrDefault();
+        if (shuwen == null)
+        {
+            var now = DateTime.Now;
+            shuwen = new Model.ShuWen();
+            shuwen.ActivityNum = activitynum.Value;
+            shuwen.CreateTime = now;
+            shuwen.UpdateTime = now;
+            shuwen.IsGenerating = true;
+            _db.ShuWens.Add(shuwen);
+        }
+        else if (shuwen.IsGenerating)
+        {
+            return Ok("任务正在处理中");
+        }
+        shuwen.IsGenerating = true;
+        _db.SaveChanges();
+        try
+        {
+            shuwen.ShuWenList = ProcessDesserts2(_db.pro_order_detail.Where(a => a.pro_order.activity_num == activitynum.Value).ToList());
+        }
+        catch
+        {
+
+        }
+        shuwen.IsGenerating = false;
+        shuwen.UpdateTime = DateTime.Now;
+        _db.SaveChanges();
+        return Ok("已啟動生成任務");
+    }
+    public string ProcessDesserts2(List<pro_order_detail> items)
+    {
+        var xiaozai = new List<Dictionary<string, Dictionary<string, object>>>();
+        var chaodu = new List<Dictionary<string, Dictionary<string, object>>>();
+
+        foreach (var item in items)
+        {
+            string json = item.f_num_tablet;
+            try
+            {
+                JObject obj = JObject.Parse(json);
+                var midItems = obj["mid_items"] as JArray;
+                var famNames = new List<string>();
+
+                foreach (var mid in midItems ?? new JArray())
+                {
+                    bool isShuWen = mid["IsShuWen"]?.Value<bool>() == true;
+                    string famName = mid["fam_name"]?.ToString();
+
+                    if (isShuWen && !string.IsNullOrWhiteSpace(famName))
+                    {
+                        famNames.Add(famName.Trim());
+                    }
+                }
+
+                if (famNames.Count == 0) continue;
+
+                string orderNo = item.order_no;
+                var userObject = new
+                {
+                    name = item.pro_order.follower.u_name,
+
+                };
+
+                if (item.actItem.subject.Contains("消"))
+                {
+                    var existing = xiaozai.FirstOrDefault(d => d.ContainsKey(orderNo));
+                    if (existing != null)
+                    {
+                        var data = (List<string>)existing[orderNo]["biaoti"];
+                        data.AddRange(famNames);
+                        existing[orderNo]["biaoti"] = data.Distinct().ToList();
+                    }
+                    else
+                    {
+                        xiaozai.Add(new Dictionary<string, Dictionary<string, object>>
+                    {
+                        {
+                            orderNo,
+                            new Dictionary<string, object>
+                            {
+                                { "user", userObject },
+                                { "biaoti", new List<string>(famNames) }
+                            }
+                        }
+                    });
+                    }
+                }
+                else if (item.actItem.subject.Contains("超"))
+                {
+                    var leftNames = new List<string>();
+                    if (obj["left_items"] != null && obj["left_items"].HasValues)
+                    {
+                        var leftItems = obj["left_items"] as JArray;
+                        foreach (var left in leftItems ?? new JArray())
+                        {
+                            leftNames.Add(left["fam_name"]?.ToString());
+                        }
+                    }
+                    else
+                    {
+                        continue;
+                    }
+                    if(leftNames.Count() == 0) continue;
+                    var existing = chaodu.FirstOrDefault(d => d.ContainsKey(orderNo));
+                    string leftFamName = string.Join(" ", leftNames).Trim();
+                    if (existing != null)
+                    {
+                        var entryList = (List<Dictionary<string, object>>)existing[orderNo]["entry"];
+                        var existingYangshang = entryList.FirstOrDefault(e => IsSamePeople(e["yangshang"]?.ToString(), leftFamName));
+                        if (existingYangshang != null)
+                        {
+                            var oldBiaoti = (List<string>)existingYangshang["biaoti"];
+                            oldBiaoti.AddRange(famNames);
+                            existingYangshang["biaoti"] = oldBiaoti.Distinct().ToList();
+                        }
+                        else
+                        {
+                            entryList.Add(new Dictionary<string, object>
+                        {
+                            { "yangshang", leftFamName },
+                            { "biaoti", new List<string>(famNames) }
+                        });
+                        }
+                    }
+                    else
+                    {
+                        chaodu.Add(new Dictionary<string, Dictionary<string, object>>
+                    {
+                        {
+                            orderNo,
+                            new Dictionary<string, object>
+                            {
+                                { "user", userObject },
+                                {
+                                    "entry",
+                                    new List<Dictionary<string, object>>
+                                    {
+                                        new Dictionary<string, object>
+                                        {
+                                            { "yangshang", leftFamName },
+                                            { "biaoti", new List<string>(famNames) }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    });
+                    }
+                }
+            }
+            catch (JsonReaderException)
+            {
+            }
+        }
+
+        var result = new
+        {
+            xiaozai = xiaozai,
+            chaodu = chaodu
+        };
+
+        return JsonConvert.SerializeObject(result, Formatting.None);
+    }
+
+    [HttpGet]
+    [Route("api/shuwen/download")]
+    public HttpResponseMessage DownloadShuWenWord(int? activitynum)
+    {
+        var data = _db.ShuWens.Where(a => a.ActivityNum == activitynum).FirstOrDefault();
+        if (data == null)
+        {
+            //return;
+        }
+        string json = data.ShuWenList;
+        string ActivityName = _db.activities.Where(a => a.num == data.ActivityNum).FirstOrDefault().subject;
+        if (json == null)
+        {
+            //return;
+        }
+        string fileName = $"疏文名單_{DateTime.Now:yyyyMMddHHmmss}.docx";
+
+        var stream = new MemoryStream();
+        GenerateShuWenWord_OpenXml(json, stream, ActivityName);
+        stream.Position = 0;
+        var response = new HttpResponseMessage(HttpStatusCode.OK)
+        {
+            Content = new StreamContent(stream)
+        };
+        response.Content.Headers.ContentType =
+            new System.Net.Http.Headers.MediaTypeHeaderValue("application/vnd.openxmlformats-officedocument.wordprocessingml.document");
+        response.Content.Headers.ContentDisposition =
+            new System.Net.Http.Headers.ContentDispositionHeaderValue("attachment")
+            {
+                FileName = fileName
+            };
+        return response;
+    }
+
+    public void GenerateShuWenWord_OpenXml(string json, Stream outputStream, string ActivityName ="")
+    {
+        JObject root = JObject.Parse(json);
+
+        using (var doc = WordprocessingDocument.Create(outputStream, WordprocessingDocumentType.Document, true))
+        {
+            var mainPart = doc.AddMainDocumentPart();
+            mainPart.Document = new Document(new Body());
+            var body = mainPart.Document.Body;
+            var sectionProps = new SectionProperties(
+            new PageSize() { Orient = PageOrientationValues.Landscape },
+            new TextDirection() { Val = TextDirectionValues.TopToBottomRightToLeft }
+        );
+            mainPart.Document.Body.Append(sectionProps);
+            // === 處理 xiaozai ===
+            var xiaozai = root["xiaozai"] as JArray;
+            if (xiaozai != null)
+            {
+                foreach (var item in xiaozai.Children<JObject>())
+                {
+                    foreach (var prop in item.Properties())
+                    {
+                        string orderNo = prop.Name;
+                        //var names = prop.Value.ToObject<List<string>>();
+                        var detail = prop.Value as JObject;
+                        string username = detail?["user"]?["name"]?.ToString();
+                        var biaotiList = detail?["biaoti"]?.ToObject<List<string>>() ?? new List<string>();
+
+                        AddPageBreak(body);
+                        var orderActItem = _db.pro_order_detail.Where(a => a.order_no == orderNo && a.actItem.act_bom.Where(b => b.package_num == null && b.item_num == a.actItem_num).Count() == 1).FirstOrDefault();
+                        if(orderActItem != null)
+                        {
+                            username = orderActItem.actItem.subject;
+                        }
+                        body.Append(CreateHeading($"{ActivityName}  {username}  消災祈福名單"));
+                        /*foreach (var name in biaotiList)
+                        {
+                            body.Append(CreateParagraph("　" + name));
+                        }*/
+                        var combinedNames = string.Join("   ", biaotiList);
+                        combinedNames = combinedNames.Replace(" ", "    ");
+                        body.Append(CreateParagraph(combinedNames));
+                    }
+                }
+            }
+
+            // === 處理 chaodu ===
+            var chaodu = root["chaodu"] as JArray;
+            if (chaodu != null)
+            {
+                foreach (var item in chaodu.Children<JObject>())
+                {
+                    foreach (var prop in item.Properties())
+                    {
+                        string orderNo = prop.Name;
+                        //var persons = prop.Value as JArray;
+                        var detail = prop.Value as JObject;
+                        string username = detail?["user"]?["name"]?.ToString();
+                        var entries = detail?["entry"] as JArray;
+                        var orderActItem = _db.pro_order_detail.Where(a => a.order_no == orderNo && a.actItem.act_bom.Where(b => b.package_num == null && b.item_num == a.actItem_num).Count() == 1).FirstOrDefault();
+                        if (orderActItem != null)
+                        {
+                            username = orderActItem.actItem.subject;
+                        }
+                        AddPageBreak(body);
+                        body.Append(CreateHeading($"{ActivityName}  {username}  超薦名單"));
+
+                        foreach (var person in entries)
+                        {
+                            string yangshang = person["yangshang"]?.ToString();
+                            var biaotiList = person["biaoti"]?.ToObject<List<string>>() ?? new List<string>();
+
+                            foreach (var b in biaotiList)
+                            {
+                                body.Append(CreateParagraph("   " + b));
+                            }
+                            body.Append(CreateParagraph("陽上報恩人：" + yangshang));
+                        }
+                    }
+                }
+            }
+        }
+    }
+    private Paragraph CreateHeading(string text)
+    {
+        return new Paragraph(
+            new Run(new RunProperties(
+                new FontSize() { Val = "50" }
+            ), new Text(text))
+        )
+        {
+            ParagraphProperties = new ParagraphProperties(
+                new Justification() { Val = JustificationValues.Start },
+                new Bold(),
+                new SpacingBetweenLines() { After = "200" },
+                 new TextDirection() { Val = TextDirectionValues.TopToBottomRightToLeft }
+            )
+        };
+    }
+
+    private Paragraph CreateParagraph(string text)
+    {
+        return new Paragraph(
+            new Run(new RunProperties(
+                new FontSize() { Val = "40" }
+            ),
+            new Text(text))
+            )
+        {
+            ParagraphProperties = new ParagraphProperties(
+            new TextDirection() { Val = TextDirectionValues.TopToBottomRightToLeft }
+        )
+        }
+            ;
+    }
+
+    private void AddPageBreak(Body body)
+    {
+        if (body.Elements<Paragraph>().Any())
+        {
+            body.Append(new Paragraph(new Run(new DocumentFormat.OpenXml.Wordprocessing.Break() { Type = BreakValues.Page })));
+        }
+    }
+
+    bool IsSamePeople(string a, string b)
+    {
+        var listA = a.Split(new[] { ' ' }, StringSplitOptions.RemoveEmptyEntries).Distinct().OrderBy(x => x).ToList();
+        var listB = b.Split(new[] { ' ' }, StringSplitOptions.RemoveEmptyEntries).Distinct().OrderBy(x => x).ToList();
+
+        return listA.SequenceEqual(listB);
+    }
+
+
+}
--- a/web/App_Code/api/WebApiConfig.cs
+++ b/web/App_Code/api/WebApiConfig.cs
@@ -0,0 +1,50 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Web;
+using System.Web.Http;
+
+/// <summary>
+/// WebApiConfig 的摘要描述
+/// </summary>
+public class WebApiConfig
+{
+    public static string UrlPrefixRelative { get { return "~/api"; } }
+    public static void Register(HttpConfiguration config)
+    {
+        // TODO: Add any additional configuration code.
+
+        // Web API routes
+        config.MapHttpAttributeRoutes();
+
+        //config.Routes.MapHttpRoute(
+        //    name: "AppFollowerApi",
+        //    routeTemplate: "api/appfollower/{id}",
+        //    defaults: new { controller = "appFollower", id = RouteParameter.Optional }
+        //);
+        //config.Routes.MapHttpRoute(
+        //    name: "AppApi",
+        //    routeTemplate: "appapi/{controller}/{id}",
+        //    defaults: new { id = RouteParameter.Optional }
+        //);
+        config.Routes.MapHttpRoute(
+            name: "DefaultApi",
+            routeTemplate: "api/{controller}/{id}",
+            defaults: new { id = RouteParameter.Optional }
+        );
+        // Configure route for controllers under app_code/appapi
+        //config.Routes.MapHttpRoute(
+        //    name: "AppApi",
+        //    routeTemplate: "appapi/{controller}/{id}",
+        //    defaults: new { controller = "app{controller}", id = RouteParameter.Optional }
+        //);
+
+
+        // WebAPI when dealing with JSON & JavaScript!
+        // Setup json serialization to serialize classes to camel (std. Json format)
+        //var formatter = GlobalConfiguration.Configuration.Formatters.JsonFormatter;
+        var formatter = config.Formatters.JsonFormatter;
+        formatter.SerializerSettings.ContractResolver =
+            new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver();
+    }
+}
--- a/web/App_Code/api/accountingController.cs
+++ b/web/App_Code/api/accountingController.cs
@@ -0,0 +1,489 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using PagedList;
+using Newtonsoft.Json;
+using System.Collections;
+using System.IO;
+using System.Web;
+using System.Threading.Tasks;
+using static TreeView;
+
+
+[ezAuthorize]
+public class accountingController : BaseApiController
+{
+    // GET api/<controller>
+    public IEnumerable<Model.accounting> Get()
+    {
+        var list = _db.accountings.ToList();
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    // GET api/<controller>/5
+    public Model.accounting Get(int id)
+    {
+        var item = _db.accountings.Where(q => q.num == id).FirstOrDefault();
+        if (item == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return item;
+    }
+
+    // GET api/<controller>/5
+    public IEnumerable<Model.accounting> GetPage(int page)
+    {
+        var accounting = _db.accountings.Where(q => q.num < 10).ToList();
+        return accounting;
+    }
+
+    // POST api/<controller>
+    public void Post([FromBody] string value)
+    {
+    }
+
+    // PUT api/<controller>/5
+    public void Put(int id, [FromBody] string value)
+    {
+    }
+
+    // DELETE api/<controller>/5
+    public void Delete(int id)
+    {
+        var prod = _db.accountings.AsEnumerable().Where(q => q.num == id).FirstOrDefault(); //刪除該筆資料
+        if (prod != null)
+        {
+            var prod2 = prod.accounting_files;
+            if (prod2.Count > 0)
+            {
+                publicFun publicFun = new publicFun();
+                foreach (var item in prod2)
+                {
+                    if (!string.IsNullOrEmpty(item.pic1))
+                    {
+                        publicFun.DeleteFile(Model.accounting.Dir + "/" + item.pic1);
+                    }
+                }
+
+
+            }
+
+            _db.accountings.Remove(prod);
+            _db.SaveChanges(); //執行
+
+            Model.admin_log admin_log = new Model.admin_log();
+            MyWeb.admin admin = new MyWeb.admin();//api裡不可以用MyWeb
+            if (admin.isLoign())
+            {
+                admin_log.writeLog(admin.info.u_id, (int)Model.admin_log.Systems.Accounting, (int)Model.admin_log.Status.Delete, prod.uptime.Value.ToString("yyyy/MM/dd")   );
+            }
+        }
+
+    }
+
+    [HttpDelete]
+    [Route("api/accounting/Delete/{nums}")]
+    public void Delete(string nums)
+    {
+        if (!string.IsNullOrEmpty(nums))
+        {
+            var getDelItem = nums.TrimEnd(',').Split(',').Select(s => int.Parse(s));
+
+            var prod = _db.accountings.AsEnumerable().Where(q => getDelItem.Contains(q.num)).ToList();
+            if (prod.Count() > 0)
+            {
+                var prod2 = _db.accounting_files.AsEnumerable().Where(q => q.accounting_num.HasValue && getDelItem.Contains(q.accounting_num.Value)).ToList();
+                if (prod2.Count() > 0)
+                {
+                    publicFun publicFun = new publicFun();
+                    foreach (var item in prod2)
+                    {
+                        if (!string.IsNullOrEmpty(item.pic1))
+                        {
+                            publicFun.DeleteFile(Model.accounting.Dir + "/" + item.pic1);
+                        }
+                    }
+                }
+
+                _db.accountings.RemoveRange(prod);
+                _db.SaveChanges();
+
+
+                Model.admin_log admin_log = new Model.admin_log();
+                MyWeb.admin admin = new MyWeb.admin();//api裡不可以用MyWeb
+                if (admin.isLoign())
+                {
+                    admin_log.writeLog(admin.info.u_id, (int)Model.admin_log.Systems.Accounting, (int)Model.admin_log.Status.Delete, admin_log.LogViewBtn(prod.Select(x => x.uptime.Value.ToString("yyyy/MM/dd")).ToList()));
+                }
+            }
+        }
+
+    }
+    [HttpPost]
+    [Route("api/accounting/GetList")]
+    public IHttpActionResult GetList([FromBody] Model.ViewModel.accounting q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.accountings.AsEnumerable();
+       
+        if (q.category.HasValue)
+            qry = qry.Where(o => o.category == q.category.Value);
+        if (q.kind.HasValue)
+        {
+            var _subKinds = new TreeView().subKinds(_db.accounting_kind.Select(o => new TreeItem()
+            {
+                num = o.num,
+                root = o.root,
+            }).ToList(), q.kind.Value);
+
+            qry = qry.Where(o => o.kind == q.kind.Value || _subKinds.Any(s => s == o.kind));
+        }
+        if (q.kind2.HasValue)
+        {
+            var _subKinds = new TreeView().subKinds(_db.accounting_kind2.Select(o => new TreeItem()
+            {
+                num = o.num,
+                root = o.root,
+            }).ToList(), q.kind2.Value);
+
+            qry = qry.Where(o => o.kind2 == q.kind2.Value || _subKinds.Any(s => s == o.kind2));
+        }
+        if (q.uptime1.HasValue)
+            qry = qry.Where(o => o.uptime >= q.uptime1.Value);
+        if (q.uptime2.HasValue)
+            qry = qry.Where(o => o.uptime < Convert.ToDateTime(q.uptime2.Value).AddDays(1));
+        if (!string.IsNullOrEmpty(q.activity_num_txt))
+            qry = qry.Where(o => o.activity_num.HasValue && o.activity.subject.Contains(q.activity_num_txt.Trim()));
+        if (!string.IsNullOrEmpty(q.mem_num_txt))
+            qry = qry.Where(o => o.mem_num.HasValue && o.member.u_name.Contains(q.mem_num_txt.Trim()));
+        if (!string.IsNullOrEmpty(q.debtor))
+            qry = qry.Where(o => (o.debtor ?? "").Contains(q.debtor.Trim()));
+
+
+        if (sortBy.Equals("category_Txt"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.category);
+            else
+                qry = qry.OrderBy(o => o.category);
+        }
+        else if (sortBy.Equals("kindsTxt"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.kind);
+            else
+                qry = qry.OrderBy(o => o.kind);
+        }
+        else if (sortBy.Equals("kinds2Txt"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.kind2);
+            else
+                qry = qry.OrderBy(o => o.kind2);
+        }
+        else if (sortBy.Equals("uptime"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.uptime);
+            else
+                qry = qry.OrderBy(o => o.uptime);
+        }
+        else if (sortBy.Equals("price"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.price);
+            else
+                qry = qry.OrderBy(o => o.price);
+        }
+        else if (sortBy.Equals("tax"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.tax);
+            else
+                qry = qry.OrderBy(o => o.tax);
+        }
+        else if (sortBy.Equals("total"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.price??0+o.tax??0);
+            else
+                qry = qry.OrderBy(o => o.price ?? 0 + o.tax ?? 0);
+        }
+        else
+            qry = qry.OrderByDescending(o => o.num);
+
+        var tdesc = publicFun.enum_desc<Model.accounting.type>();
+
+        var ret = new
+        {
+            list = qry.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                category = x.category,
+                category_Txt = tdesc[x.category ?? 1],
+                kind = x.kind,
+                kindTxt = x.kind.HasValue? x.accounting_kind.kind :"",
+                kindsTxt = x.kind.HasValue ? new TreeView().kindText(_db.accounting_kind.Select(o => new TreeItem()
+                {
+                    kind = o.kind,
+                    num = o.num,
+                    root = o.root,
+                }).ToList(), x.kind) : "",
+                kind2 = x.kind2,
+                kind2Txt = x.kind2.HasValue? x.accounting_kind2.kind :"",
+                kinds2Txt = x.kind2.HasValue ? new TreeView().kindText(_db.accounting_kind2.Select(o => new TreeItem()
+                {
+                    kind = o.kind,
+                    num = o.num,
+                    root = o.root,
+                }).ToList(), x.kind2) : "",
+                uptime = x.uptime,
+                price = x.price,
+                tax = x.tax?? 0,
+                total =(x.price ?? 0)+( x.tax?? 0),
+
+            }),
+            count = qry.Count()
+
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+    [HttpPost]
+    [Route("api/accounting/GetTitleKindList")]
+    public IHttpActionResult GetTitleKindList([FromBody] Model.ViewModel.accounting_kind q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.accounting_kind.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.kind))
+            qry = qry.Where(o => o.kind.Contains(q.kind));
+
+
+
+        var qry2 = new TreeView().get_data2(qry.Select(o => new TreeItem()
+        {
+            kind = o.kind,
+            num = o.num,
+            root = o.root,
+            range = o.range,
+        }).OrderBy(x => x.root).ThenBy(x => x.kind).ToList(), 0, 0);
+
+
+
+        var ret = new
+        {
+            list = qry2.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                kind = new TreeView().RptDash(x.Level) + x.kind,
+
+            }),
+            count = qry.Count()
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+    [HttpPost]
+    [Route("api/accounting/GetAccountKindList")]
+    public IHttpActionResult GetAccountKindList([FromBody] Model.ViewModel.accounting_kind2 q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.accounting_kind2.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.kind))
+            qry = qry.Where(o => o.kind.Contains(q.kind));
+        if (!string.IsNullOrEmpty(q.record_payment))
+            qry = qry.Where(o => o.record_payment !=null && o.record_payment==q.record_payment);
+
+        var qry2 = new TreeView().get_data2(qry.Select(o => new TreeItem()
+        {
+            kind = o.kind,
+            num = o.num,
+            root = o.root,
+            range = o.range,
+        }).OrderBy(x => x.root).ThenBy(x => x.kind).ToList(), 0, 0);
+
+
+
+
+        var ret = new
+        {
+            list = qry2.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                kind = new TreeView().RptDash(x.Level) + x.kind,
+
+            }),
+            count = qry.Count()
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+
+
+    [HttpPost]
+    [Route("api/accounting/GetAccFiles")]
+    public IHttpActionResult GetItemFiles([FromBody] Model.accounting_files q, int page, int pageSize = 10,
+    string sortBy = "", bool sortDesc = false)
+    {
+        if (q.accounting_num.HasValue && q.accounting_num.Value > 0)
+        {
+            //檢查
+            var qry = _db.accounting_files.AsEnumerable();
+            qry = qry.Where(o => o.accounting_num == q.accounting_num.Value);
+            qry.OrderByDescending(x => x.num);
+
+            int i = 1;
+            //已有值
+            var ret = new
+            {
+                list = qry.ToPagedList(page, pageSize).Select(x => new
+                {
+                    id = i++,
+                    num = x.num,
+                    accounting_num = x.accounting_num,
+                    pic1 = x.pic1,
+                    pic1_name = x.pic1_name,
+                }),
+                count = qry.Count(),
+            };
+
+            if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+            return Ok(ret);
+
+        }
+        else
+        {
+            return NotFound();
+        }
+
+
+    }
+
+
+    [HttpPost]
+    [Route("api/accounting/uploadFiles")]
+    public async Task<IHttpActionResult> uploadFiles()
+    {
+        if (!Request.Content.IsMimeMultipartContent())
+        {
+            return BadRequest("無效的請求。");
+        }
+
+
+        string uploadFolder = Path.Combine(HttpContext.Current.Server.MapPath("~/upload"), "accounting");
+        Directory.CreateDirectory(uploadFolder);
+
+        var provider = new MultipartFormDataStreamProvider(HttpContext.Current.Server.MapPath(Model.accounting.Dir));
+        await Request.Content.ReadAsMultipartAsync(provider);
+
+        if (provider.FileData.Count == 0)
+        {
+            return BadRequest("缺少檔案。");
+        }
+        else
+        {
+
+            string tempFilePath = provider.FileData[0].LocalFileName;
+            string fileName = provider.FileData[0].Headers.ContentDisposition.FileName.Trim('\"');
+            //string Dir = provider.FormData[0];
+
+            //re-name
+            string[] n = Path.GetFileName(fileName).Split('.');
+            fileName = DateTime.Now.ToString("yyyyMMddHHmmss") + "." + n[n.Length - 1];
+
+            bool isAllowed = false;
+            string[] type = {
+                             "jpg",
+                             "jpeg",
+                             "png",
+                             "pdf"
+             };
+
+            for (int i = 0; i <= type.Length - 1; i++)
+            {
+                if (n[n.Length - 1].ToLower() == type[i])
+                {
+                    isAllowed = true;
+                }
+            }
+            if (isAllowed)
+            {
+                //計算檔案大小
+                long result = -1;
+                System.Net.WebRequest req = System.Net.WebRequest.Create(tempFilePath);
+                req.Method = "HEAD";
+                using (System.Net.WebResponse resp = req.GetResponse())
+                {
+                    if (long.TryParse(resp.Headers.Get("Content-Length"), out long ContentLength))
+                    {
+                        result = ContentLength;//位元組
+                    }
+                }
+
+                //result / 1024 = kB
+
+                if (result / 1000 / 1000 <= 2)
+                {
+
+                    string filePath = Path.Combine(uploadFolder, fileName);
+                    File.Move(tempFilePath, filePath);
+
+                    return Ok(fileName);
+                }
+                else
+                {
+                    return BadRequest("檔案限制 2 MB 以內");
+                }
+
+            }
+            else
+            {
+                return BadRequest("格式不符。");
+            }
+        }
+
+    }
+
+    [HttpPost]
+    [Route("api/accounting/SaveFileData")]
+    public IHttpActionResult SaveFileData([FromBody] Model.accounting_files item)
+    {
+        item.reg_time = DateTime.Now;
+        _db.accounting_files.Add(item);
+        _db.SaveChanges();
+        return Ok(item.num);
+
+    }
+
+
+    [HttpDelete]
+    [Route("api/accounting/DeleteFilesItem/{id}")]//刪除相關檔案
+    public void DeleteFilesItem(int id)
+    {
+        var prod = _db.accounting_files.AsEnumerable().Where(q => q.num == id).FirstOrDefault(); //刪除該筆資料
+        if (prod != null)
+        {
+            if (!string.IsNullOrEmpty(prod.pic1))
+            {
+                publicFun publicFun = new publicFun();
+                publicFun.DeleteFile(Model.accounting.Dir + "/" + prod.pic1);
+            }
+            _db.accounting_files.Remove(prod);
+            _db.SaveChanges(); //執行
+        }
+    }
+
+}
--- a/web/App_Code/api/activityController.cs
+++ b/web/App_Code/api/activityController.cs
--- a/web/App_Code/api/activity_kindController.cs
+++ b/web/App_Code/api/activity_kindController.cs
@@ -0,0 +1,111 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using PagedList;
+using Newtonsoft.Json;
+using System.Collections;
+using static TreeView;
+
+[ezAuthorize]
+public class activity_kindController : ApiController
+{
+    private Model.ezEntities _db = new Model.ezEntities();
+    // GET api/<controller>
+    public IEnumerable<Model.actItem_kind> Get()
+    {
+        var list = _db.actItem_kind.OrderBy(q=>q.kind).ToList();
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    // GET api/<controller>/5
+    public Model.actItem_kind Get(int id)
+    {
+        var item = _db.actItem_kind.Where(q => q.num == id).FirstOrDefault();
+        return item;
+    }
+
+    // POST api/<controller>
+    public void Post([FromBody] string value)
+    {
+    }
+
+    // PUT api/<controller>/5
+    public void Put(int id, [FromBody] string value)
+    {
+    }
+
+    // DELETE api/<controller>/5
+    public void Delete(int id)
+    {
+    }
+    [HttpGet]
+    [Route("api/actItem_kind/count")]
+    public int Count()
+    {
+        var count = _db.actItem_kind.Count();
+        return count;
+    }
+    [HttpPost]
+    [Route("api/actItem_kind/GetList")]
+    public IHttpActionResult GetList([FromBody] Model.ViewModel.actItem_kind q,
+    int page, int pageSize = 10, string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.actItem_kind.AsEnumerable();
+        if (!string.IsNullOrEmpty(q.kind))
+            qry = qry.Where(o => o.kind.Contains(q.kind));
+        if (!string.IsNullOrEmpty(q.status))
+            qry = qry.Where(o => o.status.Contains(q.status));
+        //qry = qry.OrderBy(o => o.kind);
+
+        var qry2 = new TreeView().get_data2(qry.Select(o => new TreeItem()
+        {
+            kind = o.kind,
+            num = o.num,
+            root = o.root,
+            range = o.range,
+        }).OrderBy(x => x.root).ThenBy(x => x.kind).ToList(), 0, 0);
+
+
+        var ret = new
+        {
+            list = qry2.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                kind = new TreeView().RptDash(x.Level) + x.kind,
+                //status = x.status,              
+
+            }),
+            count = qry.Count()
+
+        };
+        return Ok(ret);
+    }
+
+    [HttpGet]
+    [Route("api/actItem_kind/GetAll")]
+    public IHttpActionResult GetAll()
+    {
+        //var list = _db.actItem_kind.OrderBy(q => q.kind).ToList();
+        var list = new TreeView().get_data2(_db.actItem_kind.Select(o => new TreeItem()
+        {
+            kind = o.kind,
+            num = o.num,
+            root = o.root,
+            range = o.range,
+        }).OrderBy(x => x.root).ThenBy(x => x.kind).ToList(), 0, 0)
+            .Select(x => new
+            {
+                num = x.num,
+                kind = new TreeView().RptDash(x.Level) + x.kind,
+
+            });
+
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(list);
+    }
+
+}
--- a/web/App_Code/api/adminUserController.cs
+++ b/web/App_Code/api/adminUserController.cs
@@ -0,0 +1,138 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using PagedList;
+using Newtonsoft.Json;
+using System.Collections;
+
+
+// api/adminUser
+//[ezAuthorize(Roles = "admin")]//群組:*
+[ezAuthorize]
+public class adminUserController : ApiController
+{
+    private Model.ezEntities _db = new Model.ezEntities();
+    // GET api/<controller>
+    public IEnumerable<Model.admin> Get()
+    {
+        var list = _db.admins.ToList();
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    public IEnumerable<Model.admin> Get(int page, int pageSize = 10, 
+        string sortBy="", bool sortDesc=false)
+    {
+        var list = _db.admins.OrderBy(o=>o.num).ToPagedList(page, pageSize);
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    // GET api/<controller>/5
+    public Model.admin Get(int id)
+    {
+        var item = _db.admins.Where(q => q.num == id).FirstOrDefault();
+        //if (item == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return item;
+    }
+
+    // POST api/<controller>
+    public void Post([FromBody] Model.admin item)
+    {
+    }
+
+    // PUT api/<controller>/5
+    public void Put(int id, [FromBody] Model.admin item)
+    {
+    }
+
+    // DELETE api/<controller>/5
+    public void Delete(int id)
+    {
+        var prod = _db.admins.AsEnumerable().Where(q => q.num == id).FirstOrDefault(); //刪除該筆資料
+        if (prod != null)
+        {       
+
+            _db.admins.Remove(prod);
+            _db.SaveChanges();//執行
+
+        }
+    }
+
+
+
+    [HttpGet]
+    [Route("api/adminUser/count")]
+    public int Count()
+    {
+        var count = _db.admins.Count();
+        return count;
+    }
+    [HttpPost]
+    [Route("api/adminUser/GetList")]
+    public IHttpActionResult GetList([FromBody] Model.ViewModel.admin q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.admins.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.u_id))
+            qry = qry.Where(o => o.u_id.Contains(q.u_id));
+
+        if (!string.IsNullOrEmpty(q.u_name))
+            qry = qry.Where(o => o.u_name.Contains(q.u_name));
+
+
+        if (!string.IsNullOrEmpty(q.power))
+            qry = qry.Where(o => o.power == q.power);
+
+        if(q.removeExist.HasValue && q.removeExist.Value)
+        {
+            if (q.num.HasValue && q.num.Value > 0)
+            {
+                qry = qry.Where(o => (!(from b in _db.members.AsEnumerable()
+                                        select b.admin_num)
+                         .Contains(o.num)) || o.num == Convert.ToInt32(q.num.Value));
+            }
+            else
+            {
+                qry = qry.Where(o => (!(from b in _db.members.AsEnumerable()
+                                        select b.admin_num)
+                        .Contains(o.num)));
+            }
+        }
+
+        if (sortBy.Equals("u_id"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.u_id);
+            else
+                qry = qry.OrderBy(o => o.u_id);
+        }      
+        else
+            qry = qry.OrderByDescending(o => o.num);
+
+        var ret = new
+        {
+             list = qry.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                 u_id = x.u_id,
+                 u_name = x.u_name,
+                 power = x.power,
+               
+            }),
+            count = qry.Count()
+
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+    
+
+}
--- a/web/App_Code/api/appellationController.cs
+++ b/web/App_Code/api/appellationController.cs
@@ -0,0 +1,67 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using PagedList;
+using Newtonsoft.Json;
+using System.Collections;
+
+
+[ezAuthorize]
+public class appellationController : BaseApiController
+{
+    // GET api/<controller>
+    public IEnumerable<Model.appellation> Get()
+    {
+        var list = _db.appellations.ToList();
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    // GET api/<controller>/5
+    public Model.appellation Get(int id)
+    {
+        var item = _db.appellations.Where(q => q.num == id).FirstOrDefault();
+        if (item == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return item;
+    }
+
+    // POST api/<controller>
+    public void Post([FromBody] string value)
+    {
+    }
+
+    // PUT api/<controller>/5
+    public void Put(string id, [FromBody] string value)
+    {
+    }
+
+
+    [HttpPost]
+    [Route("api/appellation/GetList")]
+    public IHttpActionResult GetList([FromBody] Model.appellation q,
+       int page, int pageSize = 10, string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.appellations.AsEnumerable();
+
+
+        qry = qry.OrderBy(o => o.num);
+
+        var ret = new
+        {
+            list = qry.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                title = x.title,
+            }),
+            count = qry.Count()
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+}
--- a/web/App_Code/api/authorize/HttpReferrer.cs
+++ b/web/App_Code/api/authorize/HttpReferrer.cs
@@ -0,0 +1,50 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Web;
+using System.Web.Http.Controllers;
+
+/// <summary>
+/// HttpReferrer https://zh.wikipedia.org/wiki/HTTP%E5%8F%83%E7%85%A7%E4%BD%8D%E5%9D%80
+/// HTTP參照位址（referer，或HTTP referer）是HTTP表頭的一個欄位，用來表示從哪兒連結到目前的網頁，採用的格式是URL。換句話說，藉著HTTP參照位址，目前的網頁可以檢查訪客從哪裡而來，這也常被用來對付偽造的跨網站請求。
+/// </summary>
+public class HttpReferrerAttribute : System.Web.Http.AuthorizeAttribute
+{
+    public string Url { get; set; }
+
+    public override void OnAuthorization(HttpActionContext actionContext)
+    {
+        base.OnAuthorization(actionContext);
+    }
+
+    protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
+    {
+        base.HandleUnauthorizedRequest(actionContext);
+    }
+
+    protected override bool IsAuthorized(HttpActionContext actionContext)
+    {
+        if (actionContext.Request.Headers.Referrer == null) return false;
+
+        try
+        {
+            string host = HttpContext.Current.Request.Url.AbsoluteUri.Replace(HttpContext.Current.Request.Url.PathAndQuery, "/");
+            string referrer = actionContext.Request.Headers.Referrer.AbsoluteUri.Replace(actionContext.Request.Headers.Referrer.AbsolutePath, "/");
+
+            if (string.IsNullOrEmpty(this.Url))
+            {
+                return host == referrer;
+            }
+            else
+            {
+                return actionContext.Request.Headers.Referrer.AbsoluteUri.IndexOf(host + Url) > -1;
+            }
+        }
+        catch
+        {
+
+        }
+
+        return false;
+    }
+}
--- a/web/App_Code/api/authorize/MemberIsLogin.cs
+++ b/web/App_Code/api/authorize/MemberIsLogin.cs
@@ -0,0 +1,27 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Web;
+using System.Web.Http.Controllers;
+
+/// <summary>
+/// MemberIsLogin 檢查前台會員是否登入
+/// </summary>
+public class MemberIsLoginAttribute : System.Web.Http.AuthorizeAttribute
+{
+    public override void OnAuthorization(HttpActionContext actionContext)
+    {
+        base.OnAuthorization(actionContext);
+    }
+
+    protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
+    {
+        base.HandleUnauthorizedRequest(actionContext);
+    }
+
+    protected override bool IsAuthorized(HttpActionContext actionContext)
+    {
+        //return new ez.data.member().isLogin();
+        return true;
+    }
+}
--- a/web/App_Code/api/base/BaseApiController.cs
+++ b/web/App_Code/api/base/BaseApiController.cs
@@ -0,0 +1,28 @@
+using Model;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Web;
+using System.Web.Http;
+
+/// <summary>
+/// BaseApiController 的摘要描述
+/// </summary>
+public class BaseApiController : ApiController
+{
+    protected ezEntities _db = new ezEntities();
+    //public member.DataInfo MData { get; private set; }
+    //public function f = new function();
+
+    public BaseApiController()
+    {
+        //member member = new member();
+        //if (member.isLogin())
+        //{
+        //    this.MData = member.Data;
+        //}
+
+        //Homeblock.HomeBlockCol homeblockItem = new Homeblock.HomeBlockCol();
+
+    }
+}
--- a/web/App_Code/api/bedController.cs
+++ b/web/App_Code/api/bedController.cs
@@ -0,0 +1,262 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using PagedList;
+using Newtonsoft.Json;
+using System.Collections;
+
+[ezAuthorize]
+public class bedController : BaseApiController
+{
+    // GET api/<controller>
+    public IEnumerable<Model.bed_order> Get()
+    {
+        var list = _db.bed_order.ToList();
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    // GET api/<controller>/5
+    public Model.bed_order Get(string id)
+    {
+        var item = _db.bed_order.Where(q => q.bed_order_no == id).FirstOrDefault();
+        if (item == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return item;
+    }
+
+   
+
+    // POST api/<controller>
+    public void Post([FromBody] string value)
+    {
+    }
+
+    // PUT api/<controller>/5
+    public void Put(int id, [FromBody] string value)
+    {
+    }
+
+    // DELETE api/<controller>/5
+    public void Delete(string id)
+    {
+        var prod = _db.bed_order.AsEnumerable().Where(q => q.bed_order_no == id).FirstOrDefault(); //刪除該筆資料
+        if (prod != null)
+        {
+            //刪除訂單明細
+            _db.bed_order_detail.RemoveRange(prod.bed_order_detail);
+            //var prod2 = _db.bed_order_detail.AsEnumerable().Where(q => q.bed_order_no == prod.bed_order_no).ToList(); 
+            //if (prod2.Count > 0)
+            //{
+            //    //查詢結果全部刪除
+            //    _db.bed_order_detail.RemoveRange(prod2);
+            //    _db.SaveChanges();
+            //}
+
+            _db.bed_order.Remove(prod);
+            _db.SaveChanges();//執行
+        }
+
+       
+    }
+
+      
+
+    public static readonly object Locker = new object();
+    [HttpPost]
+    [Route("api/bed/CreateBedList")]
+    public IHttpActionResult CreateBedList([FromBody] Model.pro_order_detail item)
+    {
+        string order_no = "";
+
+        if (item.num > 0)
+        {
+            Model.bed_order chkOrder = _db.bed_order.Where(q => q.order_no == item.order_no && q.o_detail_id == item.num).FirstOrDefault();
+            if (chkOrder == null)
+            {
+                lock (Locker)
+                {
+                    order_no = "ED" + DateTime.Now.ToString("yyMMdd");
+
+                    var qry = _db.companies.AsEnumerable();
+                    var prod = qry.Where(q => q.num == 1).FirstOrDefault();
+                    if (prod != null)
+                    {
+                        if (!string.IsNullOrEmpty(prod.bed_order_no) && prod.bed_order_no.Contains(order_no))
+                        {
+                            int tmp = Convert.ToInt32(prod.bed_order_no.Replace(order_no, "")) + 1;
+                            order_no = order_no + tmp.ToString("0000");
+                        }
+                        else
+                            order_no = order_no + "0001";
+
+                        prod.bed_order_no = order_no;
+                        _db.SaveChanges();
+                    }
+                    else
+                        order_no = "";
+                }
+
+                if (order_no != "")
+                {
+                    //建立掛單表單        
+                    Model.bed_order order = new Model.bed_order();//新增
+                    order.bed_order_no = order_no;
+                    order.order_no = item.order_no;
+                    order.o_detail_id = item.num;
+                    order.keyin1 = "A1"; //預設未入住
+                    order.reg_time = DateTime.Now;
+                    _db.bed_order.Add(order);
+
+                    //建立掛單表單明細 count == item.qty    
+                    for (int i = 0; i < item.qty.Value; i++)
+                    {
+                        Model.bed_order_detail detail = new Model.bed_order_detail();//新增
+                        detail.bed_order_no = order_no;
+                        _db.bed_order_detail.Add(detail);
+                    }
+
+                    _db.SaveChanges();
+
+                    return Ok();
+                }
+                else
+                    return NotFound();
+            }
+            else
+            {
+                //check detail qty ?
+                int _needQty = chkOrder.pro_order_detail.qty??0;
+                int _nowQty = chkOrder.bed_order_detail.Count;
+
+                for(int i=0; i< _needQty- _nowQty;i++)
+                {
+                    //建立掛單表單明細 count == item.qty    
+                    Model.bed_order_detail detail = new Model.bed_order_detail();//新增
+                    detail.bed_order_no = chkOrder.bed_order_no;
+                    _db.bed_order_detail.Add(detail);
+                }
+
+                _db.SaveChanges();
+                return Ok(); //已建立
+
+            }
+
+        }
+        else      
+           return  NotFound();
+               
+
+    }
+
+
+    [HttpPost]
+    [Route("api/bed/GetDetailList")]
+    public IHttpActionResult GetDetailList([FromBody] Model.bed_order q,
+   int page, int pageSize = 10, string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.bed_order_detail.AsEnumerable();
+            qry = qry.Where(o => o.bed_order_no == q.bed_order_no);
+
+        qry = qry.OrderBy(o => o.checkIn_date ).ThenBy(o => o.num);
+
+        int i = 1;
+        var tdesc = publicFun.enum_desc<Model.bed_kind.bed_type>();
+        var ret = new
+        {
+            list = qry.ToPagedList(page, pageSize).Select(x => new
+            {
+                id = i++,
+                num = x.num,
+                u_name = x.bed_order.pro_order_detail.f_num.HasValue? (x.bed_order.pro_order_detail.follower.u_name) :"",
+                sex = x.bed_order.pro_order_detail.f_num.HasValue? x.bed_order.pro_order_detail.follower.sex :"",
+                checkIn_date = x.checkIn_date,
+
+                //bed_kind1 -> column
+                //bed_kind2 -> column
+                //bed_kind -> table
+                //bed_kind3 -> table
+
+                bed_kind1_selected = new //樓層
+                {
+                    text = x.bed_kind1.HasValue ? x.bed_kind.kind : "",
+                    val = x.bed_kind1.HasValue ? x.bed_kind1.Value : 0,
+                },
+                bed_kind2_selected = new //房號/房名
+                {
+                    text = x.bed_kind2.HasValue ? x.bed_kind3.kind : "",
+                    val = x.bed_kind2.HasValue ? x.bed_kind2.Value : 0,
+                },             
+                bed_kind_detail_id_selected = new //床位編號
+                {
+                    text = x.bed_kind_detail_id.HasValue ? x.bed_kind_detail.bed_name : "",
+                    val = x.bed_kind_detail_id.HasValue ? x.bed_kind_detail_id.Value : 0,
+                    bed_type = x.bed_kind_detail_id.HasValue ? tdesc[x.bed_kind_detail.bed_type ?? 1] : "",
+                },
+                license = x.license,
+            }),
+            count = qry.Count()
+
+        };
+        return Ok(ret);
+    }
+
+
+
+    [HttpPost]
+    [Route("api/bed/SaveBedDetail")]
+    public IHttpActionResult SaveActKindDetail([FromBody] Model.bed_order_detail item)
+    {
+        if (item.bed_order_no !="")
+        {
+            if (item.num > 0)
+            {
+                Model.bed_order_detail _detail = _db.bed_order_detail.Where(q => q.num == item.num).FirstOrDefault();//修改
+                if (_detail != null)
+                {
+                    if(item.checkIn_date.HasValue) _detail.checkIn_date = item.checkIn_date.Value;
+                    if(item.bed_kind1.HasValue) _detail.bed_kind1 = item.bed_kind1.Value;
+                    if(item.bed_kind2.HasValue) _detail.bed_kind2 = item.bed_kind2.Value;
+                    if(item.bed_kind_detail_id.HasValue) _detail.bed_kind_detail_id = item.bed_kind_detail_id.Value;
+                    _detail.license = item.license;
+
+                    _db.SaveChanges();
+                    var ret = _detail.num;
+                    return Ok(ret);
+
+                }
+                else
+                    return NotFound();
+
+            }
+            else
+            {
+                return NotFound();
+
+            }
+        }
+        else
+        {
+            return NotFound();
+        }
+
+    }
+
+
+
+    [HttpDelete]
+    [Route("api/bed/DeleteBedDetail/{id}")]//刪除detail
+    public void DeleteBedDetail(int id)
+    {
+        var prod = _db.bed_order_detail.AsEnumerable().Where(q => q.num == id).FirstOrDefault(); //刪除該筆資料
+        if (prod != null)
+        {
+            
+            _db.bed_order_detail.Remove(prod);
+            _db.SaveChanges(); //執行
+
+        }
+    }
+}
--- a/web/App_Code/api/bed_kindController.cs
+++ b/web/App_Code/api/bed_kindController.cs
@@ -0,0 +1,218 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using PagedList;
+using Newtonsoft.Json;
+using System.Collections;
+[ezAuthorize]
+public class bed_kindController : ApiController
+{
+    private Model.ezEntities _db = new Model.ezEntities();
+    // GET api/<controller>
+    public IEnumerable<Model.bed_kind> Get()
+    {
+        var list = _db.bed_kind.ToList();
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    // GET api/<controller>/5
+    public Model.bed_kind Get(int id)
+    {
+        var item = _db.bed_kind.Where(q => q.num == id).FirstOrDefault();
+        return item;
+    }
+
+    // POST api/<controller>
+    public void Post([FromBody] string value)
+    {
+    }
+
+    // PUT api/<controller>/5
+    public void Put(int id, [FromBody] string value)
+    {
+    }
+
+    // DELETE api/<controller>/5
+    public void Delete(int id)
+    {
+    }
+    [HttpGet]
+    [Route("api/bed_kind/count")]
+    public int Count()
+    {
+        var count = _db.bed_kind.Count();
+        return count;
+    }
+    [HttpPost]
+    [Route("api/bed_kind/GetList")]
+    public IHttpActionResult GetList([FromBody] Model.ViewModel.bed_kind q,
+    int page, int pageSize = 10, string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.bed_kind.AsEnumerable();
+        if (!string.IsNullOrEmpty(q.kind))
+            qry = qry.Where(o => o.kind.Contains(q.kind));
+        if (!string.IsNullOrEmpty(q.sex))
+            qry = qry.Where(o => o.sex == q.sex);
+        if (q.root.HasValue)
+            qry = qry.Where(o => o.root.Value == q.root.Value);
+        qry = qry.OrderBy(o => o.range).ThenBy(o => o.num);
+        var ret = new
+        {
+            list = qry.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                kind = x.kind,
+                sex = x.sex,
+
+            }),
+            count = qry.Count()
+
+        };
+        return Ok(ret);
+    }
+
+    [HttpPost]
+    [Route("api/bed_kind/GetDetailList")]
+    public IHttpActionResult GetDetailList([FromBody] Model.ViewModel.bed_kind_detail q,
+   int page, int pageSize = 10, string sortBy = "", bool sortDesc = false)
+    {
+        var tdesc = publicFun.enum_desc<Model.bed_kind.bed_type>();
+        //var tdesc2 = tdesc.ToArray().Select(x=>x.Value); //[0]單人床,[1]雙人床
+        //var tdesc3 = tdesc.ToArray().Select(x=>x.Key); //[0]1,[1]2
+        var qry = _db.bed_kind_detail.AsEnumerable();
+        if (q.bed_kind_id.HasValue)
+            qry = qry.Where(o => o.bed_kind_id == q.bed_kind_id);
+        if (!string.IsNullOrEmpty(q.bed_name))
+            qry = qry.Where(o => o.bed_name.Contains(q.bed_name));
+        if (q.bed_type.HasValue)
+            qry = qry.Where(o => o.bed_type == q.bed_type);
+        if (!string.IsNullOrEmpty(q.bed_type_txt))
+        {
+            List<string> _bednums = new List<string>();
+            foreach (var ii in tdesc)         
+                if(ii.Value.IndexOf(q.bed_type_txt) > -1)
+              
+                    _bednums.Add(ii.Key.ToString());
+                
+            qry = qry.Where(o => _bednums.Contains( o.bed_type.Value.ToString()));
+        }
+        if (q.inTime.HasValue )
+        {
+            //判斷日期沒庫存不能選
+            var bedDt = _db.bed_order_detail.AsEnumerable().Where(f => f.checkIn_date.HasValue && f.checkIn_date ==q.inTime.Value ).Select(f => f.bed_kind_detail_id.ToString());//掛單表單明細
+            qry = qry.Where(o => !bedDt.ToArray().Contains(o.num.ToString()));
+
+        }
+        qry = qry.OrderBy(o => o.bed_name);
+        int i = 1;
+
+        if (pageSize > 0) qry = qry.ToPagedList(page, pageSize);
+        var ret = new
+        {
+            list = qry.Select(x => new
+            {
+                id = i++,
+                num = x.num,
+                bed_name = x.bed_name,
+                bed_type = x.bed_type,
+                bed_type_txt = x.bed_type.HasValue? tdesc[x.bed_type ?? 1] : "",
+                demo = x.demo,
+            }),
+            count = qry.Count()
+
+        };
+        return Ok(ret);
+    }
+
+
+
+    [HttpPost]
+    [Route("api/bed_kind/SaveBedKindDetail")]
+    public IHttpActionResult SaveActKindDetail([FromBody] Model.bed_kind_detail item)
+    {
+        if (item.bed_kind_id > 0)
+        {
+            //if有資料-修改 , else 新增
+            if (item.num > 0)
+            {
+                Model.bed_kind_detail _detail = _db.bed_kind_detail.Where(q => q.num == item.num).FirstOrDefault();//修改
+                if (_detail != null)
+                {                    
+                    _detail.bed_name = item.bed_name;
+                    if (item.bed_type.HasValue) { _detail.bed_type = item.bed_type.Value; }
+                    else { _detail.bed_type = null; }
+                    _detail.demo = item.demo;
+
+                    _db.SaveChanges();
+                    var ret = _detail.num;
+                    return Ok(ret);
+
+                }
+                else
+                    return NotFound();
+
+            }
+            else
+            {
+                Model.bed_kind_detail _detail = new Model.bed_kind_detail();//新增
+                _detail.bed_kind_id = item.bed_kind_id; 
+                _detail.bed_name = item.bed_name;
+                if (item.bed_type.HasValue) { _detail.bed_type = item.bed_type.Value; }
+                else { _detail.bed_type = null; }
+                _detail.demo = item.demo;
+
+                _db.bed_kind_detail.Add(_detail);
+                _db.SaveChanges();
+
+                var ret = _detail.num;
+                return Ok(ret);
+
+            }
+        }
+        else
+        {
+            return NotFound();
+        }
+
+    }
+
+
+
+    [HttpDelete]
+    [Route("api/bed_kind/DeleteBedKindDetail/{id}")]//刪除分類的detail
+    public void DeleteActKindDetail(int id)
+    {
+        var prod = _db.bed_kind_detail.AsEnumerable().Where(q => q.num == id).FirstOrDefault(); //刪除該筆資料
+        if (prod != null)
+        {
+
+            //清空掛單資料
+            //way1
+            prod.bed_order_detail.Clear();
+
+            //way2
+            //foreach (var item2 in prod.bed_order_detail)
+            //    item2.bed_kind_detail_id = null;
+
+            //way3
+            //var prod2 = _db.bed_order_detail.AsEnumerable().Where(q => q.bed_kind_detail_id == prod.num).ToList();
+            //if (prod2.Count > 0)
+            //{
+            //    //清空分類
+            //    foreach (var item2 in prod2)
+            //        item2.bed_kind_detail_id = null;
+
+            //}
+
+
+            _db.bed_kind_detail.Remove(prod);
+            _db.SaveChanges(); //執行
+
+        }
+    }
+
+}
--- a/web/App_Code/api/countryController.cs
+++ b/web/App_Code/api/countryController.cs
@@ -0,0 +1,70 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using PagedList;
+using Newtonsoft.Json;
+using System.Collections;
+
+
+[ezAuthorize]
+public class countryController : BaseApiController
+{
+    // GET api/<controller>
+    public IEnumerable<Model.country> Get()
+    {
+        var list = _db.countries.ToList();
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    // GET api/<controller>/5
+    public Model.country Get(string id)
+    {
+        var item = _db.countries.Where(q => q.ID == id).FirstOrDefault();
+        if (item == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return item;
+    }
+
+    // POST api/<controller>
+    public void Post([FromBody] string value)
+    {
+    }
+
+    // PUT api/<controller>/5
+    public void Put(string id, [FromBody] string value)
+    {
+    }
+
+
+    [HttpPost]
+    [Route("api/country/GetList")]
+    public IHttpActionResult GetList([FromBody] Model.ViewModel.country q,
+       int page, int pageSize = 10, string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.countries.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.keyword))
+            qry = qry.Where(o => o.ID.Contains(q.keyword.Trim()) || o.name_en.Contains(q.keyword.Trim()) || o.name_zh.Contains(q.keyword.Trim()));
+      
+        qry = qry.OrderBy(o => o.range).ThenBy(o => o.name_en);
+
+        var ret = new
+        {
+            list = qry.ToPagedList(page, pageSize).Select(x => new
+            {
+                id = x.ID,
+                name_en = x.name_en,
+                name_zh = x.name_zh,
+            }),
+            count = qry.Count()
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+}
--- a/web/App_Code/api/ezAuthorizeAttribute.cs
+++ b/web/App_Code/api/ezAuthorizeAttribute.cs
@@ -0,0 +1,179 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Security.Claims;
+using System.Security.Principal;
+using System.Threading;
+using System.Web;
+using System.Web.Http;
+using System.Web.Http.Controllers;
+
+/// <summary>
+/// Summary description for ezAuthorizeAttribute
+/// </summary>
+public class ezAuthorizeAttribute : AuthorizeAttribute
+{
+    ////Entities context = new Entities(); // my entity  
+    private static readonly string[] _emptyArray = new string[0];
+
+    private readonly object _typeId = new object();
+
+    private string _roles;
+    private string[] _rolesSplit = _emptyArray;
+    private string _users;
+    private string[] _usersSplit = _emptyArray;
+
+    new public string Roles
+    {
+        get { return _roles ?? String.Empty; }
+        set
+        {
+            _roles = value;
+            _rolesSplit = SplitString(value);
+        }
+    }
+
+    new public string Users
+    {
+        get { return _users ?? String.Empty; }
+        set
+        {
+            _users = value;
+            _usersSplit = SplitString(value);
+        }
+    }
+
+    protected override bool IsAuthorized(HttpActionContext actionContext)
+    {
+        MyWeb.admin admin = new MyWeb.admin();
+        bool isLogin = admin.isLoign();
+        //if (admin.chkAdmIP && (admin.chkTwIP || admin.chkAdmIP_Enable)) { }
+        //判斷是否登入
+        if (!isLogin) {
+            return false;
+        }
+        /*
+        if (actionContext == null)
+        {
+            throw new ArgumentNullException("actionContext");
+        }
+
+        IPrincipal user = HttpContext.Current.User;
+        if (user == null || !user.Identity.IsAuthenticated)
+        {
+            return false;
+        }
+        */
+        return true;
+    }
+
+    protected bool IsAllowed(HttpActionContext actionContext)
+    {
+        if (actionContext == null)
+        {
+            throw new ArgumentNullException("actionContext");
+        }
+
+        IPrincipal user = Thread.CurrentPrincipal;
+        if (_usersSplit.Length > 0 && !_usersSplit.Contains(user.Identity.Name, StringComparer.OrdinalIgnoreCase))
+        {
+            return false;
+        }
+
+        if (_rolesSplit.Length > 0 && !_rolesSplit.Any(user.IsInRole))
+        {
+            return false;
+        }
+
+        return true;
+    }
+
+    public override void OnAuthorization(HttpActionContext actionContext)
+    {
+        if (actionContext == null)
+        {
+            throw new ArgumentNullException("actionContext");
+        }
+
+        if (SkipAuthorization(actionContext))
+        {
+            return;
+        }
+
+        if (!IsAuthorized(actionContext))
+        {
+            HandleUnauthorizedRequest(actionContext);
+        }
+
+        if (!IsAllowed(actionContext))
+        {
+            HandleForbiddenRequest(actionContext);
+        }
+    }
+    protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
+    {
+        if (actionContext == null)
+        {
+            throw new ArgumentNullException("actionContext");
+        }
+
+        HttpResponseMessage result = new HttpResponseMessage()
+        {
+            StatusCode = HttpStatusCode.Unauthorized,
+            RequestMessage = actionContext.Request
+        };
+
+        actionContext.Response = result;
+    }
+
+    protected void HandleForbiddenRequest(HttpActionContext actionContext)
+    {
+        if (actionContext == null)
+        {
+            throw new ArgumentNullException("actionContext");
+        }
+
+        HttpResponseMessage result = new HttpResponseMessage()
+        {
+            StatusCode = HttpStatusCode.Forbidden,
+            RequestMessage = actionContext.Request
+        };
+
+        actionContext.Response = result;
+    }
+
+    private static bool SkipAuthorization(HttpActionContext actionContext)
+    {
+        if (actionContext == null)
+        {
+            throw new ArgumentNullException("actionContext");
+        }
+
+        return actionContext.ActionDescriptor.GetCustomAttributes<AllowAnonymousAttribute>().Any()
+               || actionContext.ControllerContext.ControllerDescriptor.GetCustomAttributes<AllowAnonymousAttribute>().Any();
+
+    }
+
+    internal static string[] SplitString(string original)
+    {
+        if (String.IsNullOrEmpty(original))
+        {
+            return _emptyArray;
+        }
+
+        var split = from piece in original.Split(',')
+                    let trimmed = piece.Trim()
+                    where !String.IsNullOrEmpty(trimmed)
+                    select trimmed;
+        return split.ToArray();
+    }
+
+}
+
+/*
+[ezAuthorize(Roles = "admin")]//群組:*
+[ezAuthorize(Users = "admin")]//群組:*
+[ezAuthorize] //檢查有登入
+*/
--- a/web/App_Code/api/familyMembersController.cs
+++ b/web/App_Code/api/familyMembersController.cs
@@ -0,0 +1,272 @@
+using Model;
+using System;
+using System.Collections.Generic;
+using System.Data.Entity.Infrastructure;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using System.Data.Entity;
+//// CHECK Models JSON-Ignore, by: API pending access
+[ezAuthorize]
+public class familyMembersController : ApiController
+{
+        private ezEntities _db = new ezEntities();
+
+        // GET api/familymembers
+        public IHttpActionResult Get()
+        {
+            var familyMembers = _db.family_members.ToList();
+            return Ok(familyMembers);
+        }
+
+        // GET api/familymembers/5
+        public IHttpActionResult Get(int id)
+        {
+            var familyMember = _db.family_members.Find(id);
+            if (familyMember == null)
+            {
+                return NotFound();
+            }
+            return Ok(familyMember);
+        }
+
+        // POST api/familymembers
+        public IHttpActionResult Post([FromBody] family_members familyMember)
+        {
+            if (!ModelState.IsValid)
+            {
+                return BadRequest(ModelState);
+            }
+
+            _db.family_members.Add(familyMember);
+            _db.SaveChanges();
+
+            return CreatedAtRoute("DefaultApi", new { id = familyMember.num }, familyMember);
+        }
+
+        // PUT api/familymembers/5
+        public IHttpActionResult Put(int id, [FromBody] family_members familyMember)
+        {
+            if (!ModelState.IsValid)
+            {
+                return BadRequest(ModelState);
+            }
+
+            if (id != familyMember.num)
+            {
+                return BadRequest();
+            }
+
+            _db.Entry(familyMember).State = EntityState.Modified;
+
+            try
+            {
+                _db.SaveChanges();
+            }
+            catch (DbUpdateConcurrencyException ex)
+            {
+                if (!FamilyMemberExists(id))
+                {
+                    return NotFound();
+                }
+                else
+                {
+                    throw;
+                }
+            }
+            return Ok(familyMember);
+            //return StatusCode(HttpStatusCode.NoContent);
+        }
+
+        // DELETE api/familymembers/5
+        public IHttpActionResult Delete(int id)
+        {
+            var familyMember = _db.family_members.Find(id);
+            if (familyMember == null)
+            {
+                return NotFound();
+            }
+
+            _db.family_members.Remove(familyMember);
+            _db.SaveChanges();
+
+            return Ok(familyMember);
+        }
+
+        // GET api/familymembers/follower/5
+        [Route("api/familymembers/follower/{followerId}")]
+        public IHttpActionResult GetByFollower(int followerId)
+        {
+            var familyMembers = _db.family_members.Where(fm => fm.follower_num == followerId).ToList();
+            return Ok(familyMembers);
+        }
+
+        // GET api/familymembers/GetList
+        [Route("api/familymembers/GetList")]
+        public IHttpActionResult GetList(int page = 1, int pageSize = 10, string sortBy = "num", bool ascending = true)
+        {
+            var query = _db.family_members.AsQueryable();
+
+            // 排序
+            switch (sortBy.ToLower())
+            {
+                case "num":
+                    query = ascending ? query.OrderBy(f => f.num) : query.OrderByDescending(f => f.num);
+                    break;
+                case "fam_name":
+                    query = ascending ? query.OrderBy(f => f.fam_name) : query.OrderByDescending(f => f.fam_name);
+                    break;
+                case "fam_gender":
+                    query = ascending ? query.OrderBy(f => f.fam_gender) : query.OrderByDescending(f => f.fam_gender);
+                    break;
+                case "fam_title":
+                    query = ascending ? query.OrderBy(f => f.fam_title) : query.OrderByDescending(f => f.fam_title);
+                    break;
+                case "birthdate":
+                    query = ascending ? query.OrderBy(f => f.birthdate) : query.OrderByDescending(f => f.birthdate);
+                    break;
+                // 添加其他可能的排序欄位...
+                default:
+                    query = ascending ? query.OrderBy(f => f.num) : query.OrderByDescending(f => f.num);
+                    break;
+            }
+
+            // 分頁
+            var totalCount = query.Count();
+            var totalPages = (int)Math.Ceiling((double)totalCount / pageSize);
+            var familyMembers = query.Skip((page - 1) * pageSize).Take(pageSize).ToList();
+
+            return Ok(new
+            {
+                TotalCount = totalCount,
+                TotalPages = totalPages,
+                Page = page,
+                PageSize = pageSize,
+                Data = familyMembers
+            });
+        }
+
+        // GET api/familymembers/count
+        [Route("api/familymembers/count")]
+        public IHttpActionResult GetCount()
+        {
+            var count = _db.family_members.Count();
+            return Ok(count);
+        }
+
+        // POST api/familymembers/BatchSave
+        [Route("api/familymembers/BatchSave")]
+        public IHttpActionResult BatchSave([FromBody] List<family_members> familyMembers)
+        {
+            if (!ModelState.IsValid)
+            {
+                return BadRequest(ModelState);
+            }
+
+            foreach (var familyMember in familyMembers)
+            {
+                if (familyMember.num == 0)
+                {
+                    _db.family_members.Add(familyMember);
+                }
+                else
+                {
+                    _db.Entry(familyMember).State = EntityState.Modified;
+                }
+            }
+
+            _db.SaveChanges();
+
+            return Ok();
+        }
+
+        // POST api/familymembers/Search
+        [Route("api/familymembers/Search")]
+        public IHttpActionResult Search([FromBody] FamilyMemberSearchModel searchModel)
+        {
+            var query = _db.family_members.AsQueryable();
+
+            if (!string.IsNullOrEmpty(searchModel.Name))
+            {
+                query = query.Where(fm => fm.fam_name.Contains(searchModel.Name));
+            }
+
+            if (!string.IsNullOrEmpty(searchModel.Gender))
+            {
+                query = query.Where(fm => fm.fam_gender == searchModel.Gender);
+            }
+
+            // 添加更多搜索條件...
+
+            var result = query.ToList();
+            return Ok(result);
+        }
+
+        // GET api/familymembers/zodiac/鼠
+        [Route("api/familymembers/zodiac/{zodiac}")]
+        public IHttpActionResult GetByZodiac(string zodiac)
+        {
+            var familyMembers = _db.family_members.Where(fm => fm.zodiac == zodiac).ToList();
+            return Ok(familyMembers);
+        }
+
+        // GET api/familymembers/age-range?minAge=20&maxAge=30
+        [Route("api/familymembers/age-range")]
+        public IHttpActionResult GetByAgeRange(int minAge, int maxAge)
+        {
+            var currentDate = DateTime.Now;
+            var familyMembers = _db.family_members
+                .ToList() // 先獲取所有記錄
+                .Where(fm => fm.birthdate.HasValue &&
+                             fm.birthdate.Value.AddYears(minAge) <= currentDate &&
+                             fm.birthdate.Value.AddYears(maxAge) > currentDate)
+                .ToList();
+
+            return Ok(familyMembers);
+        }
+
+        // GET api/familymembers/deceased
+        [Route("api/familymembers/deceased")]
+        public IHttpActionResult GetDeceased()
+        {
+            var deceasedMembers = _db.family_members.Where(fm => fm.deceased == true).ToList();
+            return Ok(deceasedMembers);
+        }
+
+        // PUT api/familymembers/5/lunar-birthday
+        [Route("api/familymembers/{id}/lunar-birthday")]
+        public IHttpActionResult UpdateLunarBirthday(int id, [FromBody] string lunarBirthday)
+        {
+            var familyMember = _db.family_members.Find(id);
+            if (familyMember == null)
+            {
+                return NotFound();
+            }
+
+            familyMember.lunar_birthday = lunarBirthday;
+            _db.SaveChanges();
+
+            return Ok(familyMember);
+        }
+
+        private bool FamilyMemberExists(int id)
+        {
+            return _db.family_members.Count(e => e.num == id) > 0;
+        }
+
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                _db.Dispose();
+            }
+            base.Dispose(disposing);
+        }
+}
+public class FamilyMemberSearchModel
+{
+    // 搜索條件...
+    public string Name { get; set; }
+    public string Gender { get; set; }
+}
--- a/web/App_Code/api/fileSystemController.cs
+++ b/web/App_Code/api/fileSystemController.cs
@@ -0,0 +1,92 @@
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Threading.Tasks;
+using System.Web;
+using System.Web.Http;
+[ezAuthorize]
+
+public class fileSystemController : ApiController
+{
+    // GET api/<controller>
+    public IEnumerable<string> Get()
+    {
+        return new string[] { "value1", "value2" };
+    }
+
+    // GET api/<controller>/5
+    public string Get(int id)
+    {
+        return "value";
+    }
+
+    // POST api/<controller>
+    public void Post([FromBody] string value)
+    {
+        
+    }
+
+    // PUT api/<controller>/5
+    public void Put(int id, [FromBody] string value)
+    {
+    }
+
+    // DELETE api/<controller>/5
+    public void Delete(int id)
+    {
+    }
+
+    [HttpPost]
+    [Route("api/fileSys/upload")]
+    public async Task<IHttpActionResult> uploadFile()
+    {
+        if (!Request.Content.IsMimeMultipartContent())
+        {
+            throw new HttpResponseException(HttpStatusCode.UnsupportedMediaType);
+        }
+
+        try
+        {
+            var provider = new MultipartMemoryStreamProvider();
+            await Request.Content.ReadAsMultipartAsync(provider);
+            //var path = HttpContext.Current.Server.MapPath("~/upload");
+            //var path = System.Web.HttpContext.Current.Server.MapPath(Model.project.Dir);
+            string dir = "upload/project";
+            //多執行緒之下抓不到HttpContext.Current
+            var path = HttpContext.Current != null? HttpContext.Current.Server.MapPath(Model.project.Dir) : System.IO.Path.Combine(AppDomain.CurrentDomain.BaseDirectory, dir);
+            if (!Directory.Exists(path))
+            {
+                Directory.CreateDirectory(path);
+            }
+
+            string pic1 = "";
+            int ii = 0;
+            foreach (var file in provider.Contents)
+            {
+                var fileName = file.Headers.ContentDisposition.FileName.Trim('\"'); //從header去取得filename的名字
+                string[] n = Path.GetFileName(fileName).Split('.');
+                fileName= DateTime.Now.ToString("yyyyMMddHHmmss") + ii.ToString() + "." + n[n.Length - 1];
+                pic1 += (!string.IsNullOrEmpty(pic1) ? "," : "") + fileName;
+
+                var fullPath = File.Create($"{path}/{fileName}");
+                var buffer = await file.ReadAsByteArrayAsync();
+                await fullPath.WriteAsync(buffer, 0, buffer.Length);
+                ii++;
+
+            }
+
+            return Ok(pic1);
+        }
+        catch(Exception e)
+        {
+            return NotFound();
+        }
+
+        
+    }
+
+
+}
--- a/web/App_Code/api/memberApiController.cs
+++ b/web/App_Code/api/memberApiController.cs
@@ -0,0 +1,36 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+
+public class memberApiController : ApiController
+{
+    // GET api/<controller>
+    public IEnumerable<string> Get()
+    {
+        return new string[] { "value1", "value2" };
+    }
+
+    // GET api/<controller>/5
+    public string Get(int id)
+    {
+        return "value";
+    }
+
+    // POST api/<controller>
+    public void Post([FromBody] string value)
+    {
+    }
+
+    // PUT api/<controller>/5
+    public void Put(int id, [FromBody] string value)
+    {
+    }
+
+    // DELETE api/<controller>/5
+    public void Delete(int id)
+    {
+    }
+}
--- a/web/App_Code/api/memberController.cs
+++ b/web/App_Code/api/memberController.cs
@@ -0,0 +1,434 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using PagedList;
+using Newtonsoft.Json;
+using System.Collections;
+using static TreeView;
+
+[ezAuthorize]
+public class memberController : BaseApiController
+{
+    // GET api/<controller>
+    public IEnumerable<Model.member> Get()
+    {
+        var list = _db.members.ToList();
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    // GET api/<controller>/5
+    public Model.member Get(int id)
+    {
+        var item = _db.members.Where(q => q.num == id).FirstOrDefault();
+        if (item == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return item;
+    }
+
+    // GET api/<controller>/5
+    public IEnumerable<Model.member> GetPage(int page)
+    {
+        var list = _db.members.Where(q => q.num < 10).ToList();
+        return list;
+    }
+
+    // POST api/<controller>
+    public void Post([FromBody] string value)
+    {
+    }
+
+    // PUT api/<controller>/5
+    public void Put(int id, [FromBody] string value)
+    {
+    }
+
+    // DELETE api/<controller>/5
+    public void Delete(int id)
+    {
+        var prod = _db.members.AsEnumerable().Where(q => q.num == id).FirstOrDefault(); //刪除該筆資料
+        if (prod != null)
+        {
+            if(!string.IsNullOrEmpty(prod.pic1))
+            {
+                publicFun publicFun = new publicFun();
+                publicFun.DeleteFile(Model.member.Dir + "/" + prod.pic1);
+            }
+           
+            //刪除考勤資料
+            _db.member_check.RemoveRange(prod.member_check);
+
+            _db.members.Remove(prod);
+            _db.SaveChanges(); //執行
+
+
+            Model.admin_log admin_log = new Model.admin_log();
+            MyWeb.admin admin = new MyWeb.admin();//api裡不可以用MyWeb
+            if (admin.isLoign())
+            {
+                admin_log.writeLog(admin.info.u_id, (int)Model.admin_log.Systems.HR, (int)Model.admin_log.Status.Delete, prod.m_number+ prod.u_name);
+            }
+
+        }
+
+    }
+
+    [HttpDelete]
+    [Route("api/member/DeleteCheck/{id}")]
+    public void DeleteCheck(int id) //刪除考勤資料
+    {
+        var prod = _db.member_check.AsEnumerable().Where(q => q.num == id).FirstOrDefault(); //刪除該筆資料
+        if (prod != null)
+        {
+            _db.member_check.Remove(prod);
+            _db.SaveChanges(); //執行
+        }
+    }
+
+    [HttpDelete]
+    [Route("api/member/Delete/{nums}")]
+    public void Delete(string nums)
+    {
+        if (!string.IsNullOrEmpty(nums))
+        {
+            var getDelItem = nums.TrimEnd(',').Split(',').Select(s => int.Parse(s));
+
+            var prod = _db.members.AsEnumerable().Where(q => getDelItem.Contains(q.num)).ToList();
+            if (prod.Count() > 0)
+            {
+                publicFun publicFun = new publicFun();
+                foreach (var item in prod)
+                {
+                    if (!string.IsNullOrEmpty(item.pic1))
+                    {
+                        publicFun.DeleteFile(Model.member.Dir + "/" + item.pic1);
+                    }
+                }
+
+                var prod2 = _db.member_check.AsEnumerable().Where(q => getDelItem.Contains(Convert.ToInt32(q.mem_num))).ToList();
+                if (prod2.Count > 0)
+                {
+                    _db.member_check.RemoveRange(prod2);
+                    //_db.SaveChanges();
+                }
+
+                _db.members.RemoveRange(prod);
+                _db.SaveChanges();
+
+
+
+                Model.admin_log admin_log = new Model.admin_log();
+                MyWeb.admin admin = new MyWeb.admin();//api裡不可以用MyWeb
+                if (admin.isLoign())
+                {
+                    admin_log.writeLog(admin.info.u_id, (int)Model.admin_log.Systems.HR, (int)Model.admin_log.Status.Delete, admin_log.LogViewBtn(prod.Select(x => x.m_number+x.u_name).ToList()));
+                }
+            }
+        }
+    }
+
+    [HttpDelete]
+    [Route("api/member/DeleteAllCheck/{nums}")]
+    public void DeleteAllCheck(string nums)
+    {
+        if (!string.IsNullOrEmpty(nums))
+        {
+            var ids = nums.TrimEnd(',').Split(',').Select(s => int.Parse(s));
+            var prod = _db.member_check.AsEnumerable().Where(q => ids.Contains(q.num)).ToList();
+            if (prod.Count() > 0)
+            {
+                _db.member_check.RemoveRange(prod);
+                _db.SaveChanges();
+            }
+        }
+    }
+
+    [HttpPost]
+    [Route("api/member/GetList")]
+    public IHttpActionResult GetList([FromBody] Model.ViewModel.member q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.members.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.u_name))
+            qry = qry.Where(o => o.u_name.Contains(q.u_name.Trim()));
+        if (q.group_kind.HasValue && q.group_kind.Value > 0)
+        {
+            var _subKinds = new TreeView().subKinds(_db.member_group.Select(o => new TreeItem()
+            {
+                num = o.num,
+                root = o.root,
+            }).ToList(), q.group_kind.Value);
+
+            qry = qry.Where(o => o.group_kind == q.group_kind.Value || _subKinds.Any(s => s == o.group_kind));
+        }
+        if (q.title_kind.HasValue && q.title_kind.Value > 0)
+            qry = qry.Where(o => o.title_kind == q.title_kind.Value);
+        if (q.starttime.HasValue)
+            qry = qry.Where(o => o.group_kind.HasValue && o.member_group.starttime >= q.starttime.Value);
+        if (q.offtime.HasValue)
+            qry = qry.Where(o => o.group_kind.HasValue && o.member_group.starttime <= q.offtime.Value);
+        if (!string.IsNullOrEmpty(q.sex))
+            qry = qry.Where(o => o.sex==q.sex.Trim());
+        if (!string.IsNullOrEmpty(q.m_number))
+            qry = qry.Where(o => o.m_number.Contains(q.m_number.Trim()));
+
+        if (sortBy.Equals("m_number"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.m_number);
+            else
+                qry = qry.OrderBy(o => o.m_number);
+        }
+        else if (sortBy.Equals("u_name"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.u_name);
+            else
+                qry = qry.OrderBy(o => o.u_name);
+        }
+        else if (sortBy.Equals("sex"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.sex);
+            else
+                qry = qry.OrderBy(o => o.sex);
+        }
+        else if (sortBy.Equals("group_kind"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.group_kind);
+            else
+                qry = qry.OrderBy(o => o.group_kind);
+        }
+        else if (sortBy.Equals("title_kind"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.title_kind);
+            else
+                qry = qry.OrderBy(o => o.title_kind);
+        }
+        else if (sortBy.Equals("starttime"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.member_group.starttime);
+            else
+                qry = qry.OrderBy(o => o.member_group.starttime);
+        }     
+        else
+            qry = qry.OrderByDescending(o => o.num);
+     
+       
+        var ret = new
+        {
+            list = qry.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                m_number = x.m_number,
+                u_name = x.u_name,
+                sex = x.sex,
+                group_kind = x.group_kind,
+                group_kindTxt = x.group_kind.HasValue ? x.member_group.kind : "",
+                group_kindTxt2 = x.group_kind.HasValue ? new TreeView().kindText(_db.member_group.Select(o => new TreeItem()
+                {
+                    kind = o.kind,
+                    num = o.num,
+                    root = o.root,
+                }).ToList(), x.group_kind) : "",
+                title_kind = x.title_kind,
+                title_kindTxt = x.title_kind.HasValue ? x.member_title.kind : "",
+                starttime = x.group_kind.HasValue ? x.member_group.starttime : (object)null,
+                demo = x.demo,
+            }),
+            count = qry.Count()
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+
+    [HttpPost]
+    [Route("api/member/GetCheckList")]
+    public IHttpActionResult GetCheckList([FromBody] Model.ViewModel.member_check q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.member_check.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.u_name))
+            qry = qry.Where(o => o.member.u_name.Contains(q.u_name));
+        if (q.group_kind.HasValue && q.group_kind.Value > 0)
+            qry = qry.Where(o => o.member.group_kind == q.group_kind.Value);
+
+        if (q.check_date_year.HasValue && q.check_date_year.Value > 0 )
+            qry = qry.Where(o => o.check_date.Value.Year == q.check_date_year.Value);
+
+        if (q.check_date_month.HasValue && q.check_date_month.Value > 0)
+            qry = qry.Where(o => o.check_date.Value.Month == q.check_date_month.Value);
+
+
+        if (sortBy.Equals("m_number"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.member.m_number);
+            else
+                qry = qry.OrderBy(o => o.member.m_number);
+        }
+        else if (sortBy.Equals("u_name"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.member.u_name);
+            else
+                qry = qry.OrderBy(o => o.member.u_name);
+        }
+        else if (sortBy.Equals("check_date"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.check_date);
+            else
+                qry = qry.OrderBy(o => o.check_date);
+        }
+        else if (sortBy.Equals("check_time"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.check_time);
+            else
+                qry = qry.OrderBy(o => o.check_time);
+        }
+        else if (sortBy.Equals("check_type"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.check_type);
+            else
+                qry = qry.OrderBy(o => o.check_type);
+        }
+        else if (sortBy.Equals("login_type"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.login_type);
+            else
+                qry = qry.OrderBy(o => o.login_type);
+        }
+        else
+            qry = qry.OrderByDescending(o => o.num);
+
+        var tdesc = publicFun.enum_desc<Model.member.attendances.type>();
+        var tdesc2 = publicFun.enum_desc<Model.member.attendances.login>();
+        var ret = new
+        {
+            list = qry.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                m_number = x.member.m_number,
+                u_name = x.member.u_name,
+                check_date = x.check_date,
+                check_time = x.check_time,
+                check_type = x.check_type,
+                check_type_desc = tdesc[x.check_type ?? 1],
+                login_type = x.login_type,
+                login_type_desc = tdesc2[x.login_type ?? 1]
+               
+            }),
+            count = qry.Count()
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+
+    [HttpPost]
+    [Route("api/member/GetGroupList")]
+    public IHttpActionResult GetGroupList([FromBody] Model.ViewModel.member_group q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.member_group.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.kind))
+            qry = qry.Where(o => o.kind.Contains(q.kind));
+
+
+        //if (sortBy.Equals("kind"))
+        //{
+        //    if (sortDesc)
+        //        qry = qry.OrderByDescending(o => o.kind);
+        //    else
+        //        qry = qry.OrderBy(o => o.kind);
+        //}
+
+        //else
+        //    qry = qry = qry.OrderBy(o => o.kind);
+
+
+
+        var qry2 = new TreeView().get_data2(qry.Select(o => new TreeItem()
+        {
+            kind = o.kind,
+            num = o.num,
+            root = o.root,
+            range = o.range,
+        }).OrderBy(x => x.root).ThenBy(x => x.kind).ToList(), 0, 0);
+
+
+        var ret = new
+        {
+            list = qry2.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                kind = new TreeView().RptDash(x.Level) + x.kind,
+
+            }),
+            count = qry.Count()
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+    [HttpPost]
+    [Route("api/member/GetTitleList")]
+    public IHttpActionResult GetTitleList([FromBody] Model.ViewModel.member_title q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.member_title.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.kind))
+            qry = qry.Where(o => o.kind.Contains(q.kind));
+
+        if (q.inTime)
+            qry = qry.Where(o => o.status == "Y");
+
+
+        if (sortBy.Equals("kind"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.kind);
+            else
+                qry = qry.OrderBy(o => o.kind);
+        }
+       
+        else
+            qry = qry = qry.OrderBy(o => o.kind);
+
+        var tdesc = publicFun.enum_desc<Model.member.attendances.type>();
+        var tdesc2 = publicFun.enum_desc<Model.member.attendances.login>();
+        var ret = new
+        {
+            list = qry.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                kind = x.kind,           
+
+            }),
+            count = qry.Count()
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+}
--- a/web/App_Code/api/member_titleController.cs
+++ b/web/App_Code/api/member_titleController.cs
@@ -0,0 +1,59 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using PagedList;
+using Newtonsoft.Json;
+using System.Collections;
+[ezAuthorize]
+public class member_titleController : ApiController
+{
+    private Model.ezEntities _db = new Model.ezEntities();
+    // GET api/<controller>
+    public IEnumerable<Model.member_title> Get()
+    {
+        var list = _db.member_title.ToList();
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    // GET api/<controller>/5
+    public Model.member_title Get(int id)
+    {
+        var item = _db.member_title.Where(q => q.num == id).FirstOrDefault();
+        return item;
+    }
+
+    // POST api/<controller>
+    public void Post([FromBody] string value)
+    {
+    }
+
+    // PUT api/<controller>/5
+    public void Put(int id, [FromBody] string value)
+    {
+    }
+
+    // DELETE api/<controller>/5
+    public void Delete(int id)
+    {
+    }
+    [HttpGet]
+    [Route("api/member_title/count")]
+    public int Count()
+    {
+        var count = _db.member_title.Count();
+        return count;
+    }
+    [HttpPost]
+    [Route("api/member_title/GetList")]
+    public IHttpActionResult GetList([FromBody] Model.ViewModel.member_title q,
+int page, int pageSize = 10, string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.member_title.AsEnumerable();
+        var ret = new { list = "", count = 0 };
+        return Ok(ret);
+    }
+}
--- a/web/App_Code/api/newsController.cs
+++ b/web/App_Code/api/newsController.cs
@@ -0,0 +1,348 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using PagedList;
+using Newtonsoft.Json;
+using System.Collections;
+using static TreeView;
+using DocumentFormat.OpenXml.Office2010.Excel;
+
+[ezAuthorize]
+public class newsController : BaseApiController
+{
+    // GET api/<controller>
+    public IEnumerable<Model.news> Get()
+    {
+        var list = _db.news.ToList();
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    // GET api/<controller>/5
+    public Model.news Get(int id)
+    {
+        var item = _db.news.Where(q => q.num == id).FirstOrDefault();
+        if (item == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return item;
+    }
+
+    // GET api/<controller>/5
+    public IEnumerable<Model.news> GetPage(int page)
+    {
+        var news = _db.news.Where(q => q.num < 10).ToList();
+        return news;
+    }
+
+    // POST api/<controller>
+    public void Post([FromBody] string value)
+    {
+    }
+
+    // PUT api/<controller>/5
+    public void Put(int id, [FromBody] string value)
+    {
+    }
+
+    // DELETE api/<controller>/5
+    public void Delete(int id)
+    {
+        var prod = _db.news.AsEnumerable().Where(q => q.num == id).FirstOrDefault(); //刪除該筆資料
+        if (prod != null)
+        {
+            //刪除檔案
+            var prod2 = _db.news_files.AsEnumerable().Where(q => q.news_id == id).ToList();
+            if (prod2.Count > 0)
+            {
+                foreach (var item in prod2)
+                {
+                    if (!string.IsNullOrEmpty(item.pic1))
+                    {
+                        //api裡不可以用MyWeb
+                        publicFun publicFun = new publicFun();
+                        publicFun.DeleteFile(Model.news.Dir + "/" + item.pic1);
+                    }
+                }
+
+                //查詢結果全部刪除
+                _db.news_files.RemoveRange(prod2);
+            }
+
+            _db.news.Remove(prod);
+            _db.SaveChanges(); //執行
+
+            Model.admin_log admin_log = new Model.admin_log();
+            MyWeb.admin admin = new MyWeb.admin();//api裡不可以用MyWeb
+            if (admin.isLoign())
+            {
+                admin_log.writeLog(admin.info.u_id, (int)Model.admin_log.Systems.News, (int)Model.admin_log.Status.Delete, prod.subject);
+            }
+
+        }
+
+
+    }
+
+    [HttpDelete]
+    [Route("api/news/Delete/{nums}")]
+    public void Delete(string nums)
+    {
+        if (!string.IsNullOrEmpty(nums))
+        {
+            var getDelItem = nums.TrimEnd(',').Split(',').Select(s => int.Parse(s));
+
+            var prod = _db.news.AsEnumerable().Where(q => getDelItem.Contains(q.num)).ToList();
+            if (prod.Count() > 0)
+            {
+                var prod2 = _db.news_files.AsEnumerable().Where(q => getDelItem.Contains(q.news_id)).ToList();
+                if (prod2.Count > 0)
+                {
+                    publicFun publicFun = new publicFun();
+                    foreach (var item in prod2)
+                    {
+                        if (!string.IsNullOrEmpty(item.pic1))
+                        {
+                            //api裡不可以用MyWeb
+                            //MyWeb.fileSystem fileSystem = new MyWeb.fileSystem();
+                            //fileSystem.Delete(Model.news.Dir + "/" + item.pic1);
+                            publicFun.DeleteFile(Model.news.Dir + "/" + item.pic1);
+                        }
+                    }
+
+                    //查詢結果全部刪除
+                    _db.news_files.RemoveRange(prod2);
+                }
+
+                _db.news.RemoveRange(prod);
+                _db.SaveChanges();
+
+
+                Model.admin_log admin_log = new Model.admin_log();
+                MyWeb.admin admin = new MyWeb.admin();//api裡不可以用MyWeb
+                if (admin.isLoign())
+                {
+                    //List<string> x = new List<string>();
+                    //prod.ForEach(item =>
+                    //{
+                    //    x.Add(item.subject);
+                    //});
+                    admin_log.writeLog(admin.info.u_id, (int)Model.admin_log.Systems.News, (int)Model.admin_log.Status.Delete, admin_log.LogViewBtn(prod.Select(x=>x.subject).ToList()));
+                }
+            }
+        }
+
+    }
+    [HttpPost]
+    [Route("api/news/GetList")]
+    public IHttpActionResult GetList([FromBody] Model.ViewModel.news q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false, bool top = false)
+    {
+        var qry = _db.news.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.subject))
+            qry = qry.Where(o => o.subject.Contains(q.subject.Trim()));
+       
+        if (q.kind.HasValue)//搜尋要包含其分類底下所有分類
+        {
+            var _subKinds = new TreeView().subKinds(_db.news_kind.Select(o => new TreeItem()
+            {              
+                num = o.num,
+                root = o.root,            
+            }).ToList(), q.kind.Value);
+
+            qry = qry.Where(o => o.kind == q.kind.Value || _subKinds.Any(s => s == o.kind));           
+        }
+           
+        if (q.selltime1.HasValue)
+            qry = qry.Where(o => o.selltime1 >= q.selltime1.Value);
+        if (q.selltime2.HasValue)
+            qry = qry.Where(o => o.selltime2 < Convert.ToDateTime(q.selltime2.Value).AddDays(1));
+        if (q.uptime1.HasValue)
+            qry = qry.Where(o => o.uptime >= q.uptime1.Value);
+        if (q.uptime2.HasValue)
+            qry = qry.Where(o => o.uptime < Convert.ToDateTime(q.uptime2.Value).AddDays(1));
+        if (q.activity_num.HasValue)
+            qry = qry.Where(o => o.activity_num == q.activity_num.Value);
+        if (!string.IsNullOrEmpty(q.activity_numTxt))
+            qry = qry.Where(o => o.activity_num.HasValue && o.activity.subject.Contains(q.activity_numTxt.Trim()));
+
+        if (!string.IsNullOrEmpty(q.status))
+            qry = qry.Where(o => o.status==q.status);
+
+        if (!top)
+        {
+            if (sortBy.Equals("subject"))
+            {
+                if (sortDesc)
+                    qry = qry.OrderByDescending(o => o.subject);
+                else
+                    qry = qry.OrderBy(o => o.subject);
+            }
+            else if (sortBy.Equals("kind"))
+            {
+                if (sortDesc)
+                    qry = qry.OrderByDescending(o => o.kind);
+                else
+                    qry = qry.OrderBy(o => o.kind);
+            }
+            else if (sortBy.Equals("status"))
+            {
+                if (sortDesc)
+                    qry = qry.OrderByDescending(o => o.status);
+                else
+                    qry = qry.OrderBy(o => o.status);
+            }
+            else if (sortBy.Equals("author"))
+            {
+                if (sortDesc)
+                    qry = qry.OrderByDescending(o => o.author);
+                else
+                    qry = qry.OrderBy(o => o.author);
+            }
+            else if (sortBy.Equals("selltime1"))
+            {
+                if (sortDesc)
+                    qry = qry.OrderByDescending(o => o.selltime1);
+                else
+                    qry = qry.OrderBy(o => o.selltime1);
+            }
+            else if (sortBy.Equals("selltime2"))
+            {
+                if (sortDesc)
+                    qry = qry.OrderByDescending(o => o.selltime2);
+                else
+                    qry = qry.OrderBy(o => o.selltime2);
+            }
+            else if (sortBy.Equals("uptime"))
+            {
+                if (sortDesc)
+                    qry = qry.OrderByDescending(o => o.uptime);
+                else
+                    qry = qry.OrderBy(o => o.uptime);
+            }
+            else if (sortBy.Equals("topping"))
+            {
+                if (sortDesc)
+                    qry = qry.OrderBy(o => o.topping);
+                else
+                    qry = qry.OrderByDescending(o => o.topping);
+            }
+            else
+                qry = qry.OrderByDescending(o => o.num);
+        }
+        else
+        {
+            if (sortBy.Equals("subject"))
+            {
+                if (sortDesc)
+                    qry = qry.OrderByDescending(o => o.topping).ThenByDescending(o => o.subject);
+                else
+                    qry = qry.OrderByDescending(o => o.topping).ThenBy(o => o.subject);
+            }
+            else if (sortBy.Equals("kind"))
+            {
+                if (sortDesc)
+                    qry = qry.OrderByDescending(o => o.topping).ThenByDescending(o => o.kind);
+                else
+                    qry = qry.OrderByDescending(o => o.topping).ThenBy(o => o.kind);
+            }
+            else if (sortBy.Equals("uptime"))
+            {
+                if (sortDesc)
+                    qry = qry.OrderByDescending(o => o.topping).ThenByDescending(o => o.uptime);
+                else
+                    qry = qry.OrderByDescending(o => o.topping).ThenBy(o => o.uptime);
+            }
+            else
+                qry = qry.OrderByDescending(o => o.topping).ThenByDescending(o => o.num);
+        }
+       
+        var ret = new
+        {
+            list = qry.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                subject = x.subject,
+                kind = x.kind,
+                kindTxt = x.kind.HasValue? x.news_kind.kind :"",
+                kindsTxt = x.kind.HasValue ? new TreeView().kindText(_db.news_kind.Select(o => new TreeItem()
+                {
+                    kind = o.kind,
+                    num = o.num,
+                    root = o.root,
+                }).ToList(), x.kind ) :"",
+                status = x.status,
+                author = x.author,
+                authorName = x.author.HasValue? x.admin.u_name :"",
+                selltime1 = x.selltime1,
+                selltime2 = x.selltime2,
+                uptime = x.uptime,
+                topping = x.topping
+
+            }),
+            count = qry.Count()
+
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+    [HttpPost]
+    [Route("api/news/GetKindList")]
+    public IHttpActionResult GetKindList([FromBody] Model.ViewModel.news_kind q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+      
+
+        var qry = _db.news_kind.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.kind))         
+            qry = qry.Where(o => o.kind.Contains(q.kind));
+
+       
+        if (q.inTime)      
+            qry = qry.Where(o => o.status=="Y");
+       
+
+            //qry = qry.OrderBy(o=>o.root).ThenBy(o => o.kind);
+                  
+
+        var qry2 = new TreeView().get_data2(qry.Select(o => new TreeItem()
+        {
+            kind = o.kind,
+            num = o.num,
+            root = o.root,
+            range = o.range,
+        }).OrderBy(x => x.root).ThenBy(x => x.kind).ToList(), 0, 0);
+
+
+
+        var ret = new
+        {
+            list = qry2.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                kind = new TreeView().RptDash(x.Level) + x.kind,            
+
+            }),
+            count = qry.Count()
+        };
+      
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+}
+
+/*
+http://localhost:53442/api/news
+http://localhost:53442/api/news?id=1
+http://localhost:53442/api/news/1
+http://localhost:53442/api/news/2
+ 
+*/
--- a/web/App_Code/api/orderController.cs
+++ b/web/App_Code/api/orderController.cs
--- a/web/App_Code/api/orderdetailController.cs
+++ b/web/App_Code/api/orderdetailController.cs
@@ -0,0 +1,138 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using PagedList;
+using Newtonsoft.Json;
+using System.Collections;
+using static TreeView;
+using System.Data.Entity;
+
+/// <summary>
+/// orderdetail 的摘要说明
+/// </summary>
+public class orderdetailController:ApiController
+{
+    private Model.ezEntities _db = new Model.ezEntities();
+
+    [HttpPost]
+    [Route("api/orderdetail/GetList")]
+    public IHttpActionResult GetList([FromBody] Model.ViewModel.pro_order q, int page, int pageSize = 10, string sortBy = "", bool sortDesc = false)
+    {
+        int activity_num = Convert.ToInt32(q.activity_num);
+
+        //var aIDt = _db.actItems.AsEnumerable().Where(f => f.subject.Contains(q.actItemTxt.Trim())).Select(f => f.num);//品項
+        var OrderList = _db.pro_order.Where(u => u.activity_num == activity_num).Select(j => j.order_no).ToList();
+        var gdzOrderList = _db.pro_order_detail.Where(o => OrderList.Contains(o.order_no) && o.print_id.Contains("主")).Select(o => o.order_no).Distinct().ToList();
+        var qry = _db.pro_order.Where(u => gdzOrderList.Contains(u.order_no)).AsEnumerable();
+        if (!string.IsNullOrEmpty(q.order_no))
+            qry = qry.Where(o => o.order_no.Contains(q.order_no.Trim()));
+        if (!string.IsNullOrEmpty(q.keyin1))
+            qry = qry.Where(o => o.keyin1.Contains(q.keyin1));
+        if (q.f_num.HasValue && q.f_num > 0)
+            qry = qry.Where(o => o.f_num == q.f_num);
+        if (q.activity_num.HasValue && q.activity_num > 0)
+            qry = qry.Where(o => o.activity_num == q.activity_num);
+        if (q.up_time1.HasValue)
+            qry = qry.Where(o => o.up_time >= q.up_time1.Value);
+        if (q.up_time2.HasValue)
+            qry = qry.Where(o => o.up_time < Convert.ToDateTime(q.up_time2.Value).AddDays(1));
+        if (!string.IsNullOrEmpty(q.address))
+            qry = qry.Where(o => o.address.Contains(q.address.Trim()));
+        if (!string.IsNullOrEmpty(q.subject))
+            qry = qry.Where(o => o.activity_num.HasValue && o.activity.subject.Contains(q.subject?.Trim()));
+        if (!string.IsNullOrEmpty(q.u_name))
+            qry = qry.Where(o => o.f_num.HasValue && o.follower.u_name.Contains(q.u_name?.Trim()));
+        if (!string.IsNullOrEmpty(q.introducerTxt))
+            qry = qry.Where(o => o.introducer.HasValue && o.follower1.u_name.Contains(q.introducerTxt?.Trim()));
+
+        if (!string.IsNullOrEmpty(q.actItemTxt))
+        {
+            //qry = qry.Where(o => o.pro_order_detail.Where(f2 => f2.order_no == o.order_no &&  aIDt.ToArray().Contains(f2.actItem_num?.ToString())).Count() > 0);
+            // qry = qry.Where(o => o.pro_order_detail.Where(f2 => f2.order_no == o.order_no && aIDt.Any(x => x == f2.actItem_num)).Count() > 0);
+
+            qry = qry.Where(o => o.pro_order_detail.Where(f2 => f2.actItem_num.HasValue && f2.actItem.subject.Contains(q.actItemTxt?.Trim())).Count() > 0);
+
+        }
+
+        if (!string.IsNullOrEmpty(q.country))
+            qry = qry.Where(o => o.f_num != null && o.follower?.country == q.country);
+        if (!string.IsNullOrEmpty(q.country2))
+        {
+            if (q.country2 == "1")
+            {
+                qry = qry.Where(o => o.f_num != null && o.follower?.country == "158");
+            }
+            else if (q.country2 == "2")
+            {
+                qry = qry.Where(o => o.f_num != null && o.follower?.country != "158");
+
+            }
+        }
+
+
+        if (sortBy.Equals("order_no"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.order_no);
+            else
+                qry = qry.OrderBy(o => o.order_no);
+        }
+        else if (sortBy.Equals("keyin1_txt"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.keyin1);
+            else
+                qry = qry.OrderBy(o => o.keyin1);
+        }
+        else if (sortBy.Equals("up_time"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.up_time);
+            else
+                qry = qry.OrderBy(o => o.up_time);
+        }
+        else if (sortBy.Equals("u_name"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.follower?.u_name);
+            else
+                qry = qry.OrderBy(o => o.follower?.u_name);
+        }
+        else if (sortBy.Equals("subject"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.activity?.subject);
+            else
+                qry = qry.OrderBy(o => o.activity?.subject);
+        }
+        else
+            qry = qry.OrderByDescending(o => o.reg_time);
+
+        var count = qry.Count(); //pageSize = count;//一次取回??
+        var ret = new
+        {
+            list = qry.ToPagedList(page, pageSize).Select(x => new
+            {
+                order_no = x.order_no,
+                f_num = x.f_num,
+                u_name = x.f_num.HasValue ? x.follower.u_name : "",
+                activity_num = x.activity_num,
+                subject = x.activity_num.HasValue ? x.activity.subject : "",
+                keyin1 = x.keyin1,
+                up_time = x.up_time,
+                keyin1_txt = Model.pro_order.keyin1_value_to_text(x.keyin1),
+                //detail = x.pro_order_detail.Where(u => u.printed_files != null)
+                detail = new { count = x.pro_order_detail.Where(u => u.actItem.act_bom.Count() == 0).Count(),
+                    actItem = x.pro_order_detail.Where(u => u.printed_files != null).FirstOrDefault()?.print_id }
+            }),
+            count = count
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+}
--- a/web/App_Code/api/projectController.cs
+++ b/web/App_Code/api/projectController.cs
@@ -0,0 +1,406 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using PagedList;
+using Newtonsoft.Json;
+using System.Collections;
+using static TreeView;
+
+[ezAuthorize]
+public class projectController : BaseApiController
+{
+    // GET api/<controller>
+    public IEnumerable<Model.project> Get()
+    {
+        var list = _db.projects.ToList();
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    // GET api/<controller>/5
+    public Model.project Get(int id)
+    {
+        var item = _db.projects.Where(q => q.num == id).FirstOrDefault();
+        if (item == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return item;
+    }
+
+    // GET api/<controller>/5
+    public IEnumerable<Model.project> GetPage(int page)
+    {
+        var project = _db.projects.Where(q => q.num < 10).ToList();
+        return project;
+    }
+
+    // POST api/<controller>
+    public void Post([FromBody] string value)
+    {
+    }
+
+    // PUT api/<controller>/5
+    public void Put(int id, [FromBody] string value)
+    {
+    }
+
+    // DELETE api/<controller>/5
+    public void Delete(int id)
+    {
+        var prod = _db.projects.AsEnumerable().Where(q => q.num == id).FirstOrDefault(); //刪除該筆資料
+        if (prod != null)
+        {
+            _db.project_sub.RemoveRange(prod.project_sub); //刪除活動資料
+
+            _db.projects.Remove(prod);
+            _db.SaveChanges(); //執行
+
+
+            Model.admin_log admin_log = new Model.admin_log();
+            MyWeb.admin admin = new MyWeb.admin();//api裡不可以用MyWeb
+            if (admin.isLoign())
+            {
+                admin_log.writeLog(admin.info.u_id, (int)Model.admin_log.Systems.Project, (int)Model.admin_log.Status.Delete, prod.subject);
+            }
+
+        }
+
+    }
+
+    [HttpDelete]
+    [Route("api/project/Delete/{nums}")]
+    public void Delete(string nums)
+    {
+        if (!string.IsNullOrEmpty(nums))
+        {
+            var ids = nums.TrimEnd(',').Split(',').Select(s => int.Parse(s));
+            var prod = _db.projects.AsEnumerable().Where(q => ids.Contains(q.num)).ToList();
+            if (prod.Count() > 0)
+            {       
+                foreach (var item in prod)
+                    _db.project_sub.RemoveRange(item.project_sub); //刪除活動資料
+
+                _db.projects.RemoveRange(prod);
+                _db.SaveChanges();
+
+
+
+                Model.admin_log admin_log = new Model.admin_log();
+                MyWeb.admin admin = new MyWeb.admin();//api裡不可以用MyWeb
+                if (admin.isLoign())
+                {
+                    admin_log.writeLog(admin.info.u_id, (int)Model.admin_log.Systems.Project, (int)Model.admin_log.Status.Delete, admin_log.LogViewBtn(prod.Select(x => x.subject).ToList()));
+                }
+            }
+        }
+
+    }
+
+    [HttpDelete]
+    [Route("api/project/DeleteItem/{id}")]
+    public void DeleteDetail(int id) //刪除專案明細
+    {
+        if (id > 0)
+        {
+            var prod = _db.project_sub.AsEnumerable().Where(q => q.num == id).FirstOrDefault(); //刪除該筆資料
+            if (prod != null)
+            {
+                _db.project_sub.Remove(prod);
+                _db.SaveChanges(); //執行
+            }
+        }
+    }
+
+    [HttpPost]
+    [Route("api/project/GetList")]
+    public IHttpActionResult GetList([FromBody] Model.ViewModel.project q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.projects.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.subject))
+            qry = qry.Where(o => o.subject.Contains(q.subject.Trim()));
+        if (q.kind.HasValue)
+        {
+            var _subKinds = new TreeView().subKinds(_db.project_kind.Select(o => new TreeItem()
+            {
+                num = o.num,
+                root = o.root,
+            }).ToList(), q.kind.Value);
+
+            qry = qry.Where(o => o.kind == q.kind.Value || _subKinds.Any(s => s == o.kind));
+
+        }
+        if (q.actItem_num.HasValue)
+            qry = qry.Where(o => o.actItem_num == q.actItem_num.Value);
+
+        if (sortBy.Equals("subject"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.subject);
+            else
+                qry = qry.OrderBy(o => o.subject);
+        }
+        else if (sortBy.Equals("kind"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.kind);
+            else
+                qry = qry.OrderBy(o => o.kind);
+        }      
+        else if (sortBy.Equals("actItem_num"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.actItem_num);
+            else
+                qry = qry.OrderBy(o => o.actItem_num);
+        }       
+        else
+            qry = qry.OrderByDescending(o => o.num);
+
+
+        var ret = new
+        {
+            list = qry.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                subject = x.subject,
+                kind = x.kind,
+                kindTxt = x.kind.HasValue? x.project_kind.kind :"",
+                kindsTxt = x.kind.HasValue ? new TreeView().kindText(_db.project_kind.Select(o => new TreeItem()
+                {
+                    kind = o.kind,
+                    num = o.num,
+                    root = o.root,
+                }).ToList(), x.kind) : "",
+                actItem_num = x.actItem_num,
+                actItem_Txt = x.actItem_num.HasValue ? x.actItem.subject : "",            
+
+            }),
+            count = qry.Count()
+
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+    [HttpPost]
+    [Route("api/project/GetKindList")]
+    public IHttpActionResult GetKindList([FromBody] Model.ViewModel.project_kind q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.project_kind.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.kind))
+            qry = qry.Where(o => o.kind.Contains(q.kind));
+
+
+        //if (sortBy.Equals("kind"))
+        //{
+        //    if (sortDesc)
+        //        qry = qry.OrderByDescending(o => o.kind);
+        //    else
+        //        qry = qry.OrderBy(o => o.kind);
+        //}
+
+        //else
+        //    qry = qry.OrderBy(o => o.kind);
+
+
+
+        var qry2 = new TreeView().get_data2(qry.Select(o => new TreeItem()
+        {
+            kind = o.kind,
+            num = o.num,
+            root = o.root,
+            range = o.range,
+        }).OrderBy(x => x.root).ThenBy(x => x.kind).ToList(), 0, 0);
+
+
+
+
+        var ret = new
+        {
+            list = qry2.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                kind = new TreeView().RptDash(x.Level) + x.kind,
+
+            }),
+            count = qry.Count()
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+
+    [HttpPost]
+    [Route("api/project/GetItemList")]
+    public IHttpActionResult GetItemList([FromBody] Model.ViewModel.project q, int page, int pageSize = 10,
+    string sortBy = "", bool sortDesc = false)
+    {
+       
+        if (q.num.HasValue)
+        {
+            var qry = _db.project_sub.AsEnumerable();
+
+            qry = qry.Where(o => o.pro_id == q.num.Value);
+
+            if (!string.IsNullOrEmpty(q.subject))
+                qry = qry.Where(o => o.subject.Contains(q.subject.Trim()));           
+            
+                qry = qry.OrderByDescending(o => o.num);
+
+
+            var ret = new
+            {
+                list = qry.ToPagedList(page, pageSize).Select(x => new
+                {
+                    num = x.num,
+                    subject = x.subject,
+                    uptime = x.uptime,
+                    pic1 = x.pic1,
+                    pro_id = x.pro_id,
+                    word = x.word,                  
+                }),
+                count = qry.Count()
+
+            };
+
+
+            if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+            return Ok(ret);
+        }
+        else
+        {
+            return NotFound();
+        }
+        
+    }
+
+    [HttpPost]
+    [Route("api/project/SaveDetailData")]
+    public IHttpActionResult SaveDetailData([FromBody] Model.project_sub item)
+    {
+        if (item.pro_id.HasValue)
+        {
+            //if有資料-修改 , else 新增
+            if (item.num > 0)
+            {
+                Model.project_sub sub = _db.project_sub.Where(q => q.num == item.num).FirstOrDefault();//修改
+                if (sub != null)
+                {
+                    sub.pro_id = item.pro_id;
+                    sub.subject = item.subject;
+                    sub.word = item.word;
+                    sub.pic1 = item.pic1;
+                    if (item.uptime.HasValue) { sub.uptime = item.uptime.Value; }
+
+                    _db.SaveChanges();
+                    return Ok(sub.num);
+                }
+                else
+                    return NotFound();
+
+            }
+            else
+            {
+                Model.project_sub sub = new Model.project_sub();//新增
+                sub.pro_id = item.pro_id;
+                sub.subject = item.subject;
+                sub.word = item.word;
+                sub.pic1 = item.pic1;
+                if (item.uptime.HasValue ) { sub.uptime = item.uptime.Value; }            
+
+                _db.project_sub.Add(sub);
+                _db.SaveChanges();
+
+                return Ok(sub.num);
+
+            }
+        }
+        else
+        {
+            return NotFound();
+        }
+
+    }
+
+
+    [HttpPost]
+    [Route("api/project/GetPatronizeList")]
+    public IHttpActionResult GetPatronizeList([FromBody] Model.ViewModel.pro_order_detail q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+        var projectDt = _db.projects.AsEnumerable(); ;//專案
+
+        try
+        {
+            var qry = _db.pro_order_detail.AsEnumerable();
+            qry = qry.Where(o => (int?)o.actItem.category == (int)Model.activity.category.Patronize);
+
+            if (q.f_num.HasValue)
+                qry = qry.Where(o => o.f_num == q.f_num.Value);
+            if (q.actItem_num.HasValue)
+                qry = qry.Where(o => o.actItem_num == q.actItem_num.Value);
+            if (!string.IsNullOrEmpty(q.f_num_txt))
+                qry = qry.Where(o => o.f_num != null && o.follower.u_name.Contains(q.f_num_txt));
+
+            if (sortBy.Equals("f_num"))
+            {
+                if (sortDesc)
+                    qry = qry.OrderByDescending(o => o.f_num);
+                else
+                    qry = qry.OrderBy(o => o.f_num);
+            }
+            else if (sortBy.Equals("actItem_num"))
+            {
+                if (sortDesc)
+                    qry = qry.OrderByDescending(o => o.actItem_num);
+                else
+                    qry = qry.OrderBy(o => o.actItem_num);
+            }
+            else
+                qry = qry.OrderByDescending(o => o.num);
+
+
+            var ret = new
+            {
+                list = qry.ToPagedList(page, pageSize).Select(x => new
+                {
+                    f_num = x.f_num,
+                    f_num_Txt = x.f_num.HasValue ? x.follower.u_name : "",
+                    actItem_num = x.actItem_num,
+                    actItem_Txt = x.actItem_num.HasValue ? x.actItem.subject : "",
+                    price = x.price ?? 0,
+                    qty = x.qty ?? 0,
+                    //projects = projectDt.Where(o => o.actItem_num == x.actItem_num ).Select(o => o.subject),
+                    projects =
+                         from s in projectDt
+                         where s.actItem_num == x.actItem_num
+                         select new
+                         {
+                             subject = s.subject,
+                             num = s.num,
+                         }
+                }),
+                count = qry.Count()
+            };
+
+
+            if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+            return Ok(ret);
+        }
+        catch(Exception ex)
+        {
+            return NotFound();
+        }
+
+        
+    }
+}
--- a/web/App_Code/api/statisticsController.cs
+++ b/web/App_Code/api/statisticsController.cs
@@ -0,0 +1,135 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Web;
+using System.Web.Http;
+
+/// <summary>
+/// statisticsController 的摘要描述
+/// </summary>
+public class statisticsController: ApiController
+{
+    //獲取於活動統計相關的數據
+
+    private Model.ezEntities _db = new Model.ezEntities();
+    public statisticsController()
+    {
+        //
+        // TODO: 在這裡新增建構函式邏輯
+        //
+    }
+    [HttpPost]
+    [Route("api/statistics/activitylist")]
+    public IHttpActionResult GetStatisticsActivityList()
+    {
+        //獲取活動列表
+        var activityList = _db.activities.OrderByDescending(x => x.reg_time).ToList();
+        return Ok(activityList);
+    }
+    [HttpPost]
+    [Route("api/statistics/activitycountlist")]
+    public IHttpActionResult GetActivityCountList(int page=1,int pagesize=10, [FromUri] string[] sortby = null, [FromUri] bool[] sortdesc = null )
+    {
+        //獲取多個活動統計列表，如果一個獲取超過五十個，則返回空
+        if (pagesize > 50)
+        {
+            return Ok();
+        }
+        var qry = _db.activities.OrderByDescending(x => x.reg_time);
+        var data = qry.Skip((page - 1) * pagesize).Take(pagesize).ToList();
+        var list = new
+        {
+            items = data.Select(x => new
+            {
+                id = x.num,
+                order_count = x.pro_order.Count(),
+                pw_count = x.pro_order.SelectMany(b => b.pro_order_detail).Count(),
+                activity_name = x.subject,
+                receivable = x.pro_order.SelectMany(a => a.pro_order_detail).Select(c => c.price).Sum(),
+                startdate = x.startDate_solar,
+                enddate = x.endDate_solar,
+                //register_status = EnumHelper.GetDescription((ActivityRegisterStatus)x.ActivityRegisterStatus),
+                //hold_status = EnumHelper.GetDescription((ActivityHoldStatus)x.ActivityHoldStatus),
+                //gdz_peoples = x.pro_order.SelectMany(a => a.pro_order_detail).Where(b => b.actItem?.actItem_kind?.IsGDZ == true).Count(),
+            }),
+            count =qry.Count()
+        };
+        return Ok(list);
+    }
+    [HttpPost]
+    [Route("api/statistics/activitycount")]
+    public IHttpActionResult GetActivityCount(int id)
+    {
+        //獲取單個活動統計數據
+        var qry = _db.activities.Where(a => a.num == id);
+        if (qry == null)
+        {
+            return Ok();
+        }
+        var data = new
+        {
+            list = qry.Select(a => new
+            {
+                id = a.num,
+                order_count = a.pro_order.Count(),
+                order_price_total = a.pro_order.SelectMany(b => b.pro_order_detail).Select(c => c.price).Sum()
+            })
+
+
+        };
+        return Ok(data);
+    }
+
+    [HttpPost]
+    [Route("api/statistics/GDZCount")]
+    public IHttpActionResult GetActivityGDZCount(int activity_num)
+    {
+        var qry = _db.pro_order_detail.Include("follower").Where(a => a.pro_order.activity_num == activity_num);
+        if (qry == null)
+        {
+            return Ok();
+        }
+        var data = new
+        {
+            all_count = _db.pro_order.Where(a => a.activity_num == activity_num).Count(),
+            all_gdz_count = qry
+                            .Where(a => a.actItem.act_bom.Any(b => b.package_num == null && b.item_num == a.actItem_num))
+                            .Select(a => a.order_no)
+                            .Distinct()
+                            .Count(),
+            gdz_item_counts = qry.Where(a => !a.actItem.subject.Contains("大牌位"))       
+                .GroupBy(a => new
+                {
+                    item_num = a.actItem.num,
+                    item_name = a.actItem.subject,
+                    price = a.actItem.price
+                })
+                .Select(g => new
+                {
+                    item_num = g.Key.item_num,
+                    item_name = g.Key.item_name,
+                    price = g.Key.price,
+                    count = g.Count(),//功德項目的數量
+                    total_price = g.Where(x => x.price != null).Sum(x => x.price),
+                    followers = _db.pro_order
+                             .Where(h => g.Select(x => x.order_no).Distinct().ToList().Contains(h.order_no))
+                             .Select(k => k.follower.u_name)
+                             .Distinct()
+                             .ToList(),
+
+                    amountsByFollower = g
+                                        .GroupBy(x => x.pro_order.follower.u_name)
+                                        .Select(fg => new
+                                        {
+                                            follower = fg.Key,
+                                            amount = fg.Where(x => x.price != null).Sum(x => x.price)
+                                        })
+                                        .ToList()
+                })
+                .OrderByDescending(x => x.price)
+                .ToList()
+
+        };
+        return Ok(data);
+    }
+}
--- a/web/App_Code/api/stockController.cs
+++ b/web/App_Code/api/stockController.cs
@@ -0,0 +1,484 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using PagedList;
+using Newtonsoft.Json;
+using System.Collections;
+using static TreeView;
+using System.IO;
+using System.Web;
+using System.Threading.Tasks;
+using System.Diagnostics;
+using DocumentFormat.OpenXml.Wordprocessing;
+using DocumentFormat.OpenXml.Office2010.Excel;
+
+[ezAuthorize]
+public class stockController : BaseApiController
+{
+    // GET api/<controller>
+    public IEnumerable<Model.stock> Get()
+    {
+        var list = _db.stocks.ToList();
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    // GET api/<controller>/5
+    public Model.stock Get(int id)
+    {
+        var item = _db.stocks.Where(q => q.num == id).FirstOrDefault();
+        if (item == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return item;
+    }
+
+    // GET api/<controller>/5
+    public IEnumerable<Model.stock> GetPage(int page)
+    {
+        var stock = _db.stocks.Where(q => q.num < 10).ToList();
+        return stock;
+    }
+
+    // POST api/<controller>
+    public void Post([FromBody] string value)
+    {
+    }
+
+    // PUT api/<controller>/5
+    public void Put(int id, [FromBody] string value)
+    {
+    }
+
+    // DELETE api/<controller>/5
+    public void Delete(int id)
+    {
+        var prod = _db.stocks.AsEnumerable().Where(q => q.num == id).FirstOrDefault(); //刪除該筆資料
+        if (prod != null)
+        {
+            var prod2 = prod.stock_files;
+            if (prod2.Count > 0)
+            {
+                publicFun publicFun = new publicFun();
+                foreach (var item in prod2)
+                {
+                    if (!string.IsNullOrEmpty(item.pic1))
+                    {
+                        publicFun.DeleteFile(Model.stock.Dir + "/" + item.pic1);
+                    }
+                }
+              
+
+            }
+            
+
+            _db.stocks.Remove(prod);
+            _db.SaveChanges(); //執行
+        }
+
+    }
+
+    [HttpDelete]
+    [Route("api/stock/Delete/{nums}")]
+    public void Delete(string nums)
+    {
+        if (!string.IsNullOrEmpty(nums))
+        {
+            var getDelItem = nums.TrimEnd(',').Split(',').Select(s => int.Parse(s));
+            var prod = _db.stocks.AsEnumerable().Where(q => getDelItem.Contains(q.num)).ToList();
+            if (prod.Count() > 0)
+            {
+                var prod2 = _db.stock_files.AsEnumerable().Where(q => q.stock_num.HasValue && getDelItem.Contains(q.stock_num.Value)).ToList();
+                if (prod2.Count() > 0)
+                {
+                    publicFun publicFun = new publicFun();
+                    foreach (var item in prod2)
+                    {
+                        if (!string.IsNullOrEmpty(item.pic1))
+                        {
+                            publicFun.DeleteFile(Model.stock.Dir + "/" + item.pic1);
+                        }
+                    }
+                }
+
+
+                _db.stocks.RemoveRange(prod);
+                _db.SaveChanges();
+            }
+        }
+
+    }
+    [HttpPost]
+    [Route("api/stock/GetList")]
+    public IHttpActionResult GetList([FromBody] Model.ViewModel.stock q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.stocks.AsEnumerable();
+       
+        if (q.category.HasValue)
+            qry = qry.Where(o => o.category == q.category.Value);
+        if (q.kind.HasValue)
+        {
+            var _subKinds = new TreeView().subKinds(_db.stock_kind.Select(o => new TreeItem()
+            {
+                num = o.num,
+                root = o.root,
+            }).ToList(), q.kind.Value);
+            qry = qry.Where(o => o.kind == q.kind.Value || _subKinds.Any(s => s == o.kind));
+        }
+        if (q.reason.HasValue)
+        {
+            var _subKinds = new TreeView().subKinds(_db.stock_reason.Select(o => new TreeItem()
+            {
+                num = o.num,
+                root = o.root,
+            }).ToList(), q.reason.Value);
+            qry = qry.Where(o => o.reason == q.reason.Value || _subKinds.Any(s => s == o.reason));
+        }
+        if (q.activity_num.HasValue)
+            qry = qry.Where(o => o.activity_num == q.activity_num.Value);
+        if (q.actItem_num.HasValue)
+            qry = qry.Where(o => o.actItem_num == q.actItem_num.Value);
+        if (q.uptime1.HasValue)
+            qry = qry.Where(o => o.uptime >= q.uptime1.Value);
+        if (q.uptime2.HasValue)
+            qry = qry.Where(o => o.uptime < Convert.ToDateTime(q.uptime2.Value).AddDays(1));
+        if (!string.IsNullOrEmpty(q.activity_num_txt))
+            qry = qry.Where(o => o.activity_num.HasValue && o.activity.subject.Contains(q.activity_num_txt.Trim()));
+        if (!string.IsNullOrEmpty(q.mem_num_txt))
+            qry = qry.Where(o => o.mem_num.HasValue && o.member.u_name.Contains(q.mem_num_txt.Trim()));
+        if (!string.IsNullOrEmpty(q.debtor))
+            qry = qry.Where(o => (o.debtor??"").Contains(q.debtor.Trim()));
+
+
+        if (sortBy.Equals("category_Txt"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.category);
+            else
+                qry = qry.OrderBy(o => o.category);
+        }
+        else if (sortBy.Equals("kindsTxt"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.kind);
+            else
+                qry = qry.OrderBy(o => o.kind);
+        }
+        else if (sortBy.Equals("reasonsTxt"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.reason);
+            else
+                qry = qry.OrderBy(o => o.reason);
+        }
+        else if (sortBy.Equals("activity_Txt"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.activity_num);
+            else
+                qry = qry.OrderBy(o => o.activity_num);
+        }
+        else if (sortBy.Equals("actItem_Txt"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.actItem_num);
+            else
+                qry = qry.OrderBy(o => o.actItem_num);
+        }
+        else if (sortBy.Equals("uptime"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.uptime);
+            else
+                qry = qry.OrderBy(o => o.uptime);
+        }
+        else
+            qry = qry.OrderByDescending(o => o.num);
+
+        var tdesc = publicFun.enum_desc<Model.stock.type>();
+
+        var ret = new
+        {
+            list = qry.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                category = x.category,
+                category_Txt = tdesc[x.category ?? 1],
+                kind = x.kind,
+                kindTxt = x.kind.HasValue? x.stock_kind.kind :"",
+                kindsTxt = x.kind.HasValue ? new TreeView().kindText(_db.stock_kind.Select(o => new TreeItem()
+                {
+                    kind = o.kind,
+                    num = o.num,
+                    root = o.root,
+                }).ToList(), x.kind) : "",
+                reason = x.reason,
+                reasonsTxt = x.reason.HasValue ? new TreeView().kindText(_db.stock_reason.Select(o => new TreeItem()
+                {
+                    kind = o.kind,
+                    num = o.num,
+                    root = o.root,
+                }).ToList(), x.reason) : "",
+                actItem_num = x.actItem_num,
+                actItem_Txt = x.actItem_num.HasValue ? x.actItem.subject : "",
+                activity_num = x.activity_num,
+                activity_Txt = x.activity_num.HasValue? x.activity.subject :"",          
+                uptime = x.uptime,
+                qty = x.qty,
+                price = x.price,
+
+            }),
+            count = qry.Count()
+
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+    [HttpPost]
+    [Route("api/stock/GetKindList")]
+    public IHttpActionResult GetKindList([FromBody] Model.ViewModel.stock_kind q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.stock_kind.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.kind))
+            qry = qry.Where(o => o.kind.Contains(q.kind));
+
+
+        //if (sortBy.Equals("kind"))
+        //{
+        //    if (sortDesc)
+        //        qry = qry.OrderByDescending(o => o.kind);
+        //    else
+        //        qry = qry.OrderBy(o => o.kind);
+        //}
+
+        //else
+        //    qry = qry.OrderBy(o => o.kind);
+
+        var qry2 = new TreeView().get_data2(qry.Select(o => new TreeItem()
+        {
+            kind = o.kind,
+            num = o.num,
+            root = o.root,
+            range = o.range,
+        }).OrderBy(x => x.root).ThenBy(x => x.kind).ToList(), 0, 0);
+
+
+
+
+        var ret = new
+        {
+            list = qry2.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                kind = new TreeView().RptDash(x.Level) + x.kind,
+
+            }),
+            count = qry.Count()
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+    [HttpPost]
+    [Route("api/stock/GetReasonList")]
+    public IHttpActionResult GetReasonList([FromBody] Model.ViewModel.stock_reason q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.stock_reason.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.kind))
+            qry = qry.Where(o => o.kind.Contains(q.kind));
+
+        if (q.category.HasValue && Convert.ToInt32(q.category)>0)
+            qry = qry.Where(o => o.category == q.category);
+
+        var qry2 = new TreeView().get_data2(qry.Select(o => new TreeItem()
+        {
+            kind = o.kind,
+            num = o.num,
+            root = o.root,
+            range = o.range,
+        }).OrderBy(x => x.root).ThenBy(x => x.kind).ToList(), 0, 0);
+
+
+        var ret = new
+        {
+            list = qry2.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                kind = new TreeView().RptDash(x.Level) + x.kind,
+            }),
+            count = qry.Count()
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+
+
+    [HttpPost]
+    [Route("api/stock/GetStockFiles")]
+    public IHttpActionResult GetItemFiles([FromBody] Model.stock_files q, int page, int pageSize = 10,
+    string sortBy = "", bool sortDesc = false)
+    {
+        if (q.stock_num.HasValue && q.stock_num.Value>0)
+        {
+            //檢查
+            var qry = _db.stock_files.AsEnumerable();
+            qry = qry.Where(o => o.stock_num == q.stock_num.Value);
+            qry.OrderByDescending(x => x.num);
+
+            int i = 1;
+            //已有值
+            var ret = new
+            {
+                list = qry.ToPagedList(page, pageSize).Select(x => new
+                {
+                    id = i++,
+                    num = x.num,
+                    stock_num = x.stock_num,
+                    pic1 = x.pic1,
+                    pic1_name = x.pic1_name,
+                }),
+                count = qry.Count(),
+            };
+
+            if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+            return Ok(ret);
+
+        }
+        else
+        {
+            return NotFound();
+        }
+
+
+    }
+
+    [HttpPost]
+    [Route("api/stock/uploadFiles")]
+    public async Task<IHttpActionResult> uploadFiles()
+    {
+        if (!Request.Content.IsMimeMultipartContent())
+        {
+            return BadRequest("無效的請求。");
+        }
+
+  
+        string uploadFolder = Path.Combine(HttpContext.Current.Server.MapPath("~/upload"), "stock");
+        Directory.CreateDirectory(uploadFolder);
+
+        var provider = new MultipartFormDataStreamProvider(HttpContext.Current.Server.MapPath(Model.stock.Dir));
+        await Request.Content.ReadAsMultipartAsync(provider);
+
+        if (provider.FileData.Count == 0)
+        {
+            return BadRequest("缺少檔案。");
+        }
+        else
+        {
+
+            string tempFilePath = provider.FileData[0].LocalFileName;
+            string fileName = provider.FileData[0].Headers.ContentDisposition.FileName.Trim('\"');
+            //string Dir = provider.FormData[0];
+
+            //re-name
+            string[] n = Path.GetFileName(fileName).Split('.');
+            fileName = DateTime.Now.ToString("yyyyMMddHHmmss") + "." + n[n.Length - 1];
+
+            bool isAllowed = false;
+            string[] type = {
+                             "jpg",
+                             "jpeg",
+                             "png",                         
+                             "pdf"
+             };
+
+            for (int i = 0; i <= type.Length - 1; i++)
+            {
+                if (n[n.Length - 1].ToLower() == type[i])
+                {
+                    isAllowed= true;
+                }
+            }
+            if (isAllowed)
+            {
+                //計算檔案大小
+                long result = -1;
+                System.Net.WebRequest req = System.Net.WebRequest.Create(tempFilePath);
+                req.Method = "HEAD";
+                using (System.Net.WebResponse resp = req.GetResponse())
+                {
+                    if (long.TryParse(resp.Headers.Get("Content-Length"), out long ContentLength))
+                    {
+                        result = ContentLength;//位元組
+                    }
+                }
+
+                //result / 1024 = kB
+
+                if(result/1000/1000<= 2)
+                {
+
+                    string filePath = Path.Combine(uploadFolder, fileName);
+                    File.Move(tempFilePath, filePath);
+
+                    return Ok(fileName);
+                }
+                else
+                {
+                    return BadRequest("檔案限制 2 MB 以內");
+                }
+
+            }
+            else
+            {
+                return BadRequest("格式不符。");
+            }
+        }      
+
+    }
+
+    [HttpPost]
+    [Route("api/stock/SaveFileData")]
+    public IHttpActionResult SaveFileData([FromBody] Model.stock_files item)
+    {
+        item.reg_time = DateTime.Now;
+        _db.stock_files.Add(item);
+        _db.SaveChanges();
+        return Ok(item.num);
+
+    }
+
+
+    [HttpDelete]
+    [Route("api/stock/DeleteFilesItem/{id}")]//刪除相關檔案
+    public void DeleteFilesItem(int id)
+    {
+        var prod = _db.stock_files.AsEnumerable().Where(q => q.num == id).FirstOrDefault(); //刪除該筆資料
+        if (prod != null)
+        {
+            if (!string.IsNullOrEmpty(prod.pic1))
+            {
+                publicFun publicFun = new publicFun();
+                publicFun.DeleteFile(Model.stock.Dir + "/" + prod.pic1);
+            }
+
+            _db.stock_files.Remove(prod);
+            _db.SaveChanges(); //執行
+        }
+    }
+
+
+}
--- a/web/App_Code/api/supplierController.cs
+++ b/web/App_Code/api/supplierController.cs
@@ -0,0 +1,226 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using PagedList;
+using Newtonsoft.Json;
+using System.Collections;
+using static TreeView;
+using System.Web;
+using iTextSharp.text.pdf.qrcode;
+
+[ezAuthorize]
+public class supplierController : BaseApiController
+{
+    // GET api/<controller>
+    public IEnumerable<Model.supplier> Get()
+    {
+        var list = _db.suppliers.ToList();
+        if (list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return list;
+    }
+
+    // GET api/<controller>/5
+    public Model.supplier Get(int id)
+    {
+        var item = _db.suppliers.Where(q => q.num == id).FirstOrDefault();
+        if (item == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return item;
+    }
+
+    // GET api/<controller>/5
+    public IEnumerable<Model.supplier> GetPage(int page)
+    {
+        var supplier = _db.suppliers.Where(q => q.num < 10).ToList();
+        return supplier;
+    }
+
+    // POST api/<controller>
+    public void Post([FromBody] string value)
+    {
+    }
+
+    // PUT api/<controller>/5
+    public void Put(int id, [FromBody] string value)
+    {
+    }
+
+    // DELETE api/<controller>/5
+    public void Delete(int id)
+    {
+        var prod = _db.suppliers.AsEnumerable().Where(q => q.num == id).FirstOrDefault(); //刪除該筆資料
+        if (prod != null)
+        {
+            if (!string.IsNullOrEmpty(prod.pic1))
+            {
+                publicFun publicFun = new publicFun();
+                publicFun.DeleteFile(Model.supplier.Dir + "/" + prod.pic1);
+            }
+
+            _db.suppliers.Remove(prod);
+            _db.SaveChanges(); //執行
+
+
+            Model.admin_log admin_log = new Model.admin_log();
+            MyWeb.admin admin = new MyWeb.admin();//api裡不可以用MyWeb
+            if (admin.isLoign())
+            {
+                admin_log.writeLog(admin.info.u_id, (int)Model.admin_log.Systems.Supplier, (int)Model.admin_log.Status.Delete, prod.s_number + prod.u_name);
+            }
+        }
+
+       
+    }
+
+    [HttpDelete]
+    [Route("api/supplier/Delete/{nums}")]
+    public void Delete(string nums)
+    {
+        if (!string.IsNullOrEmpty(nums))
+        {
+            var ids = nums.TrimEnd(',').Split(',').Select(s => int.Parse(s));
+            var prod = _db.suppliers.AsEnumerable().Where(q => ids.Contains(q.num)).ToList();
+            if (prod.Count() > 0)
+            {
+                publicFun publicFun = new publicFun();
+                foreach (var row in prod)
+                {
+                    if (!string.IsNullOrEmpty(row.pic1))
+                    {
+                        publicFun.DeleteFile(Model.supplier.Dir + "/" + row.pic1);
+                    }
+                }
+
+                _db.suppliers.RemoveRange(prod);
+                _db.SaveChanges();
+
+
+                Model.admin_log admin_log = new Model.admin_log();
+                MyWeb.admin admin = new MyWeb.admin();//api裡不可以用MyWeb
+                if (admin.isLoign())
+                {
+                    admin_log.writeLog(admin.info.u_id, (int)Model.admin_log.Systems.Supplier, (int)Model.admin_log.Status.Delete, admin_log.LogViewBtn(prod.Select(x => x.s_number + x.u_name).ToList()));
+                }
+
+            }
+        }
+
+    }
+    [HttpPost]
+    [Route("api/supplier/GetList")]
+    public IHttpActionResult GetList([FromBody] Model.ViewModel.supplier q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+        var qry = _db.suppliers.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.u_name))
+            qry = qry.Where(o => o.u_name.Contains(q.u_name.Trim()));
+        if (!string.IsNullOrEmpty(q.s_number))
+            qry = qry.Where(o => o.s_number.Contains(q.s_number.Trim()));
+
+        if (q.kind.HasValue)//搜尋要包含其分類底下所有分類
+        {
+            var _subKinds = new TreeView().subKinds(_db.supplier_kind.Select(o => new TreeItem()
+            {
+                num = o.num,
+                root = o.root,
+            }).ToList(), q.kind.Value);
+
+            qry = qry.Where(o => o.kind == q.kind.Value || _subKinds.Any(s => s == o.kind));
+        }
+        if (!string.IsNullOrEmpty(q.kindTxt))
+            qry = qry.Where(o => o.kind != null && o.supplier_kind.kind.Contains(q.kindTxt));
+
+
+        if (sortBy.Equals("u_name"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.u_name);
+            else
+                qry = qry.OrderBy(o => o.u_name);
+        }
+        else if(sortBy.Equals("s_number"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.s_number);
+            else
+                qry = qry.OrderBy(o => o.s_number);
+        }
+        else if (sortBy.Equals("kind"))
+        {
+            if (sortDesc)
+                qry = qry.OrderByDescending(o => o.kind);
+            else
+                qry = qry.OrderBy(o => o.kind);
+        }
+       
+        else
+            qry = qry.OrderByDescending(o => o.num);
+
+        var ret = new
+        {
+            list = qry.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                u_name = x.u_name,
+                s_number = x.s_number,
+                kind = x.kind,
+                kindTxt = x.kind.HasValue ? x.supplier_kind.kind : "",
+                kindsTxt = x.kind.HasValue ? new TreeView().kindText(_db.supplier_kind.Select(o => new TreeItem()
+                {
+                    kind = o.kind,
+                    num = o.num,
+                    root = o.root,
+                }).ToList(), x.kind) : "",
+
+            }),
+            count = qry.Count()
+
+        };
+
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+    [HttpPost]
+    [Route("api/supplier/GetKindList")]
+    public IHttpActionResult GetKindList([FromBody] Model.ViewModel.supplier_kind q, int page, int pageSize = 10,
+     string sortBy = "", bool sortDesc = false)
+    {
+      
+
+        var qry = _db.supplier_kind.AsEnumerable();
+
+        if (!string.IsNullOrEmpty(q.kind))         
+            qry = qry.Where(o => o.kind.Contains(q.kind));
+
+        var qry2 = new TreeView().get_data2(qry.Select(o => new TreeItem()
+        {
+            kind = o.kind,
+            num = o.num,
+            root = o.root,
+            range = o.range,
+        }).OrderBy(x => x.root).ThenBy(x => x.kind).ToList(), 0, 0);
+
+
+
+        var ret = new
+        {
+            list = qry2.ToPagedList(page, pageSize).Select(x => new
+            {
+                num = x.num,
+                kind = new TreeView().RptDash(x.Level) + x.kind,            
+
+            }),
+            count = qry.Count()
+        };
+      
+
+        if (ret.list == null) throw new HttpResponseException(HttpStatusCode.NotFound);
+        return Ok(ret);
+    }
+
+}
--- a/web/App_Code/api/transfer_registerController.cs
+++ b/web/App_Code/api/transfer_registerController.cs