Home Explore Help
Register Sign In
igamebox
/
mtb_crm_asp
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

fix: save cs error

igb 1 week ago
parent
96e6e2cff7
commit
0ce09610ce
2 changed files with 71 additions and 63 deletions
Split View Show Diff Stats
  1. 20 18
      customerSave.php
  2. 51 45
      system/customers.php

+ 20 - 18
customerSave.php
View File 

@@ -238,25 +238,27 @@ foreach ($contacts as $contact) {
 
         if (!empty($contact[$wechat_field])) {
 
             $wechat = $contact[$wechat_field];
 
 
-            $checkStr .= " OR cc.wechat_1 LIKE '%" . $conn->real_escape_string($wechat) . "%'" .
 
-                            " OR cc.wechat_2 LIKE '%" . $conn->real_escape_string($wechat) . "%'" .
 
-                            " OR cc.wechat_3 LIKE '%" . $conn->real_escape_string($wechat) . "%'" .
 
-                            " OR cc.tel_1_format LIKE '%" . $conn->real_escape_string($wechat) . "%'" .
 
-                            " OR cc.tel_2_format LIKE '%" . $conn->real_escape_string($wechat) . "%'" .
 
-                            " OR cc.tel_3_format LIKE '%" . $conn->real_escape_string($wechat) . "%'";
 
+            $checkStr .= " OR cc.wechat_1 LIKE '%" . textEncode($conn->real_escape_string($wechat)) . "%'" .
 
+                            " OR cc.wechat_2 LIKE '%" .  textEncode($conn->real_escape_string($wechat)) . "%'" .
 
+                            " OR cc.wechat_3 LIKE '%" . textEncode( $conn->real_escape_string($wechat)) . "%'" .
 
+                            " OR cc.tel_1_format LIKE '%" .  $conn->real_escape_string($wechat) . "%'" .
 
+                            " OR cc.tel_2_format LIKE '%" .  $conn->real_escape_string($wechat). "%'" .
 
+                            " OR cc.tel_3_format LIKE '%" .  $conn->real_escape_string($wechat) . "%'";
 
+
 
 
             $Dupli .= "微信" . $i . ":" . $contact[$wechat_field] . " ";
 
         }
 
     }
 
 
+
 
     // Check all LinkedIn accounts
 
     for ($i = 1; $i <= 3; $i++) {
 
         $linkedin_field = 'linkedin_' . $i;
 
         if (!empty($contact[$linkedin_field])) {
 
             $linkedin = strtolower($contact[$linkedin_field]);
 
-            $checkStr .= " OR LOWER(cc.linkedin_1) LIKE '%" . $conn->real_escape_string($linkedin) . "%'" .
 
-                        " OR LOWER(cc.linkedin_2) LIKE '%" . $conn->real_escape_string($linkedin) . "%'" .
 
-                        " OR LOWER(cc.linkedin_3) LIKE '%" . $conn->real_escape_string($linkedin) . "%'";
 
+            $checkStr .= " OR LOWER(cc.linkedin_1) LIKE '%" . textEncode($conn->real_escape_string($linkedin)) . "%'" .
 
+                        " OR LOWER(cc.linkedin_2) LIKE '%" . textEncode($conn->real_escape_string($linkedin)) . "%'" .
 
+                        " OR LOWER(cc.linkedin_3) LIKE '%" . textEncode($conn->real_escape_string($linkedin)) . "%'";
 
             $Dupli .= "LinkedIn" . $i . ":" . $contact[$linkedin_field] . " ";
 
         }
 
     }
 
@@ -266,9 +268,9 @@ foreach ($contacts as $contact) {
 
         $facebook_field = 'facebook_' . $i;
 
         if (!empty($contact[$facebook_field])) {
 
             $facebook = strtolower($contact[$facebook_field]);
 
-            $checkStr .= " OR LOWER(cc.facebook_1) LIKE '%" . $conn->real_escape_string($facebook) . "%'" .
 
-                        " OR LOWER(cc.facebook_2) LIKE '%" . $conn->real_escape_string($facebook) . "%'" .
 
-                        " OR LOWER(cc.facebook_3) LIKE '%" . $conn->real_escape_string($facebook) . "%'";
 
+            $checkStr .= " OR LOWER(cc.facebook_1) LIKE '%" . textEncode($conn->real_escape_string($facebook)) . "%'" .
 
+                        " OR LOWER(cc.facebook_2) LIKE '%" . textEncode($conn->real_escape_string($facebook)) . "%'" .
 
+                        " OR LOWER(cc.facebook_3) LIKE '%" . textEncode($conn->real_escape_string($facebook)) . "%'";
 
             $Dupli .= "Facebook" . $i . ":" . $contact[$facebook_field] . " ";
 
         }
 
     }
 
@@ -280,16 +282,16 @@ foreach ($contacts as $contact) {
 
             $alibaba = strtolower($contact[$alibaba_field]);
 
           
             if (strlen($alibaba) < 10) {
 
-                $checkStr .= " OR LOWER(cc.alibaba_1) LIKE '" . $conn->real_escape_string($alibaba) . "'" .
 
-                            " OR LOWER(cc.alibaba_2) LIKE '" . $conn->real_escape_string($alibaba) . "'" .
 
-                            " OR LOWER(cc.alibaba_3) LIKE '" . $conn->real_escape_string($alibaba) . "'";
 
+                $checkStr .= " OR LOWER(cc.alibaba_1) LIKE '" . textEncode($conn->real_escape_string($alibaba)) . "'" .
 
+                            " OR LOWER(cc.alibaba_2) LIKE '" . textEncode($conn->real_escape_string($alibaba)) . "'" .
 
+                            " OR LOWER(cc.alibaba_3) LIKE '" . textEncode($conn->real_escape_string($alibaba)) . "'";
 
             } else {
 
                 // 修改正则表达式,仅移除特殊符号,保留中文和英文字母数字
 
                 $alibaba_clean = preg_replace('/[^\p{Han}0-9a-zA-Z]/u', '', $alibaba);
 
                 
-                $checkStr .= " OR LOWER(cc.alibaba_1) LIKE '%" . mb_substr($alibaba_clean, -9) . "%'" .
 
-                            " OR LOWER(cc.alibaba_2) LIKE '%" . mb_substr($alibaba_clean, -9) . "%'" .
 
-                            " OR LOWER(cc.alibaba_3) LIKE '%" . mb_substr($alibaba_clean, -9) . "%'";
 
+                $checkStr .= " OR LOWER(cc.alibaba_1) LIKE '%" . textEncode(mb_substr($alibaba_clean, -9)) . "%'" .
 
+                            " OR LOWER(cc.alibaba_2) LIKE '%" . textEncode(mb_substr($alibaba_clean, -9)) . "%'" .
 
+                            " OR LOWER(cc.alibaba_3) LIKE '%" . textEncode(mb_substr($alibaba_clean, -9)) . "%'";
 
             }
 
             $Dupli .= "阿里旺旺" . $i . ":" . $contact[$alibaba_field] . " ";
 
         }

+ 51 - 45
system/customers.php
View File 

@@ -150,11 +150,58 @@ if ($act == "save") {
 
     }
 
 }
 
 
+
 
 // If we have output from processing, we'll show it instead of the normal page
 
 if (!empty($output)) {
 
     echo $output;
 
     exit;
 
 }
 
+
 
+
 
+// 批量操作
 
+if ($act == "postchk") {
 
+    $keys = urlencode($_GET['Keys'] ?? '');
 
+    $page = $_GET['Page'] ?? '';
 
+    $chkact = $_POST['chkact'] ?? '';
 
+    
+    if (isset($_POST['chkbox']) && is_array($_POST['chkbox'])) {
 
+        $ids = array_map('intval', $_POST['chkbox']);
 
+        $idList = implode(',', $ids);
 
+        
+        if (!empty($idList)) {
 
+            switch($chkact) {
 
+                case "0":
 
+                case "1":
 
+                    $sql = "UPDATE customer SET cs_state=$chkact WHERE id IN ($idList)";
 
+                    break;
 
+                default:
 
+                    // In delete case, let's use transactions to ensure both tables are updated
 
+                    $conn->begin_transaction();
 
+                    try {
 
+                        // Delete from customer_contact first (due to foreign key constraint)
 
+                        $sql = "DELETE FROM customer_contact WHERE customer_id IN ($idList)";
 
+                        $conn->query($sql);
 
+                        
+                        // Then delete from customer table
 
+                        $sql = "DELETE FROM customer WHERE id IN ($idList)";
 
+                        $conn->query($sql);
 
+                        
+                        $conn->commit();
 
+                    } catch (Exception $e) {
 
+                        $conn->rollback();
 
+                        echo "<script>alert('删除失败: " . $e->getMessage() . "');</script>";
 
+                    }
 
+            }
 
+            if ($chkact == "0" || $chkact == "1") {
 
+                $conn->query($sql);
 
+            }
 
+        }
 
+    }
 
+    
+    header("Location: ?Keys=$keys&Page=$page");
 
+    exit;
 
+}
 
+
 
 ?>
 
 <!DOCTYPE html>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 
@@ -725,49 +772,7 @@ if ($act == "edit" || $act == "add") {
 
     exit;
 
 }
 
 
-// 批量操作
 
-if ($act == "postchk") {
 
-    $keys = urlencode($_GET['Keys'] ?? '');
 
-    $page = $_GET['Page'] ?? '';
 
-    $chkact = $_POST['chkact'] ?? '';
 
-    
-    if (isset($_POST['chkbox']) && is_array($_POST['chkbox'])) {
 
-        $ids = array_map('intval', $_POST['chkbox']);
 
-        $idList = implode(',', $ids);
 
-        
-        if (!empty($idList)) {
 
-            switch($chkact) {
 
-                case "0":
 
-                case "1":
 
-                    $sql = "UPDATE customer SET cs_state=$chkact WHERE id IN ($idList)";
 
-                    break;
 
-                default:
 
-                    // In delete case, let's use transactions to ensure both tables are updated
 
-                    $conn->begin_transaction();
 
-                    try {
 
-                        // Delete from customer_contact first (due to foreign key constraint)
 
-                        $sql = "DELETE FROM customer_contact WHERE customer_id IN ($idList)";
 
-                        $conn->query($sql);
 
-                        
-                        // Then delete from customer table
 
-                        $sql = "DELETE FROM customer WHERE id IN ($idList)";
 
-                        $conn->query($sql);
 
-                        
-                        $conn->commit();
 
-                    } catch (Exception $e) {
 
-                        $conn->rollback();
 
-                        echo "<script>alert('删除失败: " . $e->getMessage() . "');</script>";
 
-                    }
 
-            }
 
-            if ($chkact == "0" || $chkact == "1") {
 
-                $conn->query($sql);
 
-            }
 
-        }
 
-    }
 
-    
-    header("Location: ?Keys=$keys&Page=$page");
 
-    exit;
 
-}
 
+
 
 
 // 主列表页面
 
 $fliterQudao = $_GET['fliterQudao'] ?? '';
 
@@ -845,6 +850,7 @@ $sql = "SELECT c.id, c.cs_code, c.cs_company, c.cs_country, c.cs_address,
 
         OR cc.email_1 LIKE '%".$conn->real_escape_string($keyscode)."%'
 
         OR cc.email_2 LIKE '%".$conn->real_escape_string($keyscode)."%'
 
         OR cc.email_3 LIKE '%".$conn->real_escape_string($keyscode)."%') 
+        AND c.cs_state=1
 
         $filterStr 
         ORDER BY c.cs_updatetime DESC";
 
 
@@ -980,7 +986,7 @@ $tempNum = $pageSize * ($page - 1);
 
                 $tempNum++;
 
                 ?>
 
                 <tr onMouseOver="this.style.background='#F7FCFF'" onMouseOut="this.style.background='#FFFFFF'">
 
-                    <td align="center"><input type="checkbox" name="chkbox" value="<?php echo $row['id'] ?? ''; ?>" /></td>
 
+                    <td align="center"><input type="checkbox" name="chkbox[]" value="<?php echo $row['id'] ?? ''; ?>" /></td>
 
                     <td align="center"><?php echo $tempNum; ?></td>
 
                     <td align="center" class="code" data-id="<?php echo $row['id'] ?? ''; ?>">
 
                         <?php
 
@@ -1171,7 +1177,7 @@ $tempNum = $pageSize * ($page - 1);
 
                             <option value="0">隐藏</option>
 
                             <option value="-1">删除</option>
 
                         </select>
 
-                        <input type="button" value="执行" onClick="postchk(1)" class="btn1" />
 
+                        <input type="button" value="执行" onClick="postchk_new(1)" class="btn1" />
 
                         <input type="button" value="新增" onClick="location.href='?act=add'" class="btn1" />
 
                     </div>
 
                 </td>