|
|
@@ -598,7 +598,7 @@ if ($act == "edit" || $act == "add") {
|
|
|
<table width="100%" border="0" cellpadding="3" cellspacing="1" class="contact-table">
|
|
|
<tr>
|
|
|
<th width="8%">联系人</th>
|
|
|
- <td><input type="text" name="contact[<?php echo $index; ?>][contact_name]" value="<?php echo htmlspecialchars($contact['contact_name']); ?>" class="txt1" placeholder="联系人姓名"/></td>
|
|
|
+ <td><input type="text" name="contact[<?php echo $index; ?>][contact_name]" value="<?php echo htmlspecialcharsFix($contact['contact_name']); ?>" class="txt1" placeholder="联系人姓名"/></td>
|
|
|
</tr>
|
|
|
</table>
|
|
|
<div class="contact-methods-container" id="contact-methods-<?php echo $index; ?>">
|
|
|
@@ -627,13 +627,13 @@ if ($act == "edit" || $act == "add") {
|
|
|
}
|
|
|
|
|
|
echo '</select>';
|
|
|
- echo '<input type="text" class="txt1 method-input" style="width:60%;" name="contact[' . $index . '][' . $fieldName . ']" value="' . htmlspecialchars($contact[$fieldName]) . '">';
|
|
|
+ echo '<input type="text" class="txt1 method-input" style="width:60%;" name="contact[' . $index . '][' . $fieldName . ']" value="' . htmlspecialcharsFix($contact[$fieldName]) . '">';
|
|
|
|
|
|
if ($type === 'tel' || $type === 'whatsapp') {
|
|
|
- echo '<input type="hidden" class="format-input" name="contact[' . $index . '][' . $fieldName . '_format]" value="' . htmlspecialchars($contact[$fieldName . '_format']) . '">';
|
|
|
+ echo '<input type="hidden" class="format-input" name="contact[' . $index . '][' . $fieldName . '_format]" value="' . htmlspecialcharsFix($contact[$fieldName . '_format']) . '">';
|
|
|
}
|
|
|
|
|
|
- echo '<input type="hidden" class="backup-input" name="contact[' . $index . '][' . $fieldName . '_bu]" value="' . htmlspecialchars($contact[$fieldName . '_bu']) . '">';
|
|
|
+ echo '<input type="hidden" class="backup-input" name="contact[' . $index . '][' . $fieldName . '_bu]" value="' . htmlspecialcharsFix($contact[$fieldName . '_bu']) . '">';
|
|
|
echo '</div>';
|
|
|
}
|
|
|
}
|
|
|
@@ -677,7 +677,7 @@ if ($act == "edit" || $act == "add") {
|
|
|
$sql = "SELECT id,tagName FROM tagtable WHERE customerId = " . (int)$id;
|
|
|
$result = $conn->query($sql);
|
|
|
while($row = $result->fetch_assoc()) {
|
|
|
- echo htmlspecialchars($row['tagName']) . ',';
|
|
|
+ echo htmlspecialcharsFix($row['tagName']) . ',';
|
|
|
}
|
|
|
}
|
|
|
?>
|
|
|
@@ -989,14 +989,14 @@ $tempNum = $pageSize * ($page - 1);
|
|
|
<img src="../images/yijiao.png" class="handover">
|
|
|
<?php endif; ?>
|
|
|
</td>
|
|
|
- <td align="center"><?php echo htmlspecialchars($row['cs_name'] ?? ''); ?></td>
|
|
|
+ <td align="center"><?php echo htmlspecialcharsFix($row['cs_name'] ?? ''); ?></td>
|
|
|
<td align="center">
|
|
|
<?php
|
|
|
$countryId = intval($row['cs_country'] ?? 0);
|
|
|
$sql = "SELECT countryName FROM country WHERE id = $countryId";
|
|
|
$countryResult = $conn->query($sql);
|
|
|
if ($countryResult && $countryRow = $countryResult->fetch_assoc()) {
|
|
|
- echo htmlspecialchars($countryRow['countryName']);
|
|
|
+ echo htmlspecialcharsFix($countryRow['countryName']);
|
|
|
} else {
|
|
|
echo "未选择";
|
|
|
}
|
|
|
@@ -1008,7 +1008,7 @@ $tempNum = $pageSize * ($page - 1);
|
|
|
$sql = "SELECT ch_name FROM qudao WHERE id = $fromId";
|
|
|
$fromResult = $conn->query($sql);
|
|
|
if ($fromResult && $fromRow = $fromResult->fetch_assoc()) {
|
|
|
- echo htmlspecialchars($fromRow['ch_name']);
|
|
|
+ echo htmlspecialcharsFix($fromRow['ch_name']);
|
|
|
} else {
|
|
|
echo "未选择";
|
|
|
}
|
|
|
@@ -1017,7 +1017,7 @@ $tempNum = $pageSize * ($page - 1);
|
|
|
<td align="center">
|
|
|
<?php
|
|
|
if (($row['cs_deal'] ?? 0) == 3) {
|
|
|
- echo "<span style='color:red;font-size:10px;'>" . htmlspecialchars($row['cs_dealdate'] ?? '') . "成交</span>";
|
|
|
+ echo "<span style='color:red;font-size:10px;'>" . htmlspecialcharsFix($row['cs_dealdate'] ?? '') . "成交</span>";
|
|
|
} elseif (($row['cs_deal'] ?? 0) == 2) {
|
|
|
echo "明确需求";
|
|
|
} elseif (($row['cs_deal'] ?? 0) == 1) {
|
|
|
@@ -1033,7 +1033,7 @@ $tempNum = $pageSize * ($page - 1);
|
|
|
$sql = "SELECT em_user FROM employee WHERE id = $belongId";
|
|
|
$empResult = $conn->query($sql);
|
|
|
if ($empResult && $empRow = $empResult->fetch_assoc()) {
|
|
|
- echo htmlspecialchars($empRow['em_user']);
|
|
|
+ echo htmlspecialcharsFix($empRow['em_user']);
|
|
|
} else {
|
|
|
echo "未选择";
|
|
|
}
|
|
|
@@ -1047,8 +1047,8 @@ $tempNum = $pageSize * ($page - 1);
|
|
|
<td colspan="2"></td>
|
|
|
<td colspan="7" class="cs_detail">
|
|
|
<ul>
|
|
|
- <li class="cs_detail_addtime">录入时间:<?php echo htmlspecialchars($row['cs_addtime'] ?? ''); ?></li>
|
|
|
- <li class="cs_detail_addtime">更新时间:<?php echo htmlspecialchars($row['cs_updatetime'] ?? ''); ?></li>
|
|
|
+ <li class="cs_detail_addtime">录入时间:<?php echo htmlspecialcharsFix($row['cs_addtime'] ?? ''); ?></li>
|
|
|
+ <li class="cs_detail_addtime">更新时间:<?php echo htmlspecialcharsFix($row['cs_updatetime'] ?? ''); ?></li>
|
|
|
<li class="cs_detail_addtime">
|
|
|
流转记录:
|
|
|
<?php
|
|
|
@@ -1063,7 +1063,7 @@ $tempNum = $pageSize * ($page - 1);
|
|
|
$chainResult = $conn->query($sql);
|
|
|
$chain_users = [];
|
|
|
while($chainRow = $chainResult->fetch_assoc()) {
|
|
|
- $chain_users[] = htmlspecialchars($chainRow['em_user']);
|
|
|
+ $chain_users[] = htmlspecialcharsFix($chainRow['em_user']);
|
|
|
}
|
|
|
echo implode(' > ', $chain_users);
|
|
|
}
|
|
|
@@ -1071,31 +1071,31 @@ $tempNum = $pageSize * ($page - 1);
|
|
|
?>
|
|
|
</li>
|
|
|
<?php if(!empty($row['cs_tel'] ?? '')): ?>
|
|
|
- <li class="tel"><?php echo htmlspecialchars($row['cs_tel']); ?></li>
|
|
|
+ <li class="tel"><?php echo htmlspecialcharsFix($row['cs_tel']); ?></li>
|
|
|
<?php endif; ?>
|
|
|
<?php if(!empty($row['cs_email'] ?? '')): ?>
|
|
|
- <li class="mail"><?php echo htmlspecialchars($row['cs_email']); ?></li>
|
|
|
+ <li class="mail"><?php echo htmlspecialcharsFix($row['cs_email']); ?></li>
|
|
|
<?php endif; ?>
|
|
|
<?php if(!empty($row['cs_whatsapp'] ?? '')): ?>
|
|
|
- <li class="whatsapp"><?php echo htmlspecialchars($row['cs_whatsapp']); ?></li>
|
|
|
+ <li class="whatsapp"><?php echo htmlspecialcharsFix($row['cs_whatsapp']); ?></li>
|
|
|
<?php endif; ?>
|
|
|
<?php if(!empty($row['cs_wechat'] ?? '')): ?>
|
|
|
- <li class="wechat"><?php echo htmlspecialchars($row['cs_wechat']); ?></li>
|
|
|
+ <li class="wechat"><?php echo htmlspecialcharsFix($row['cs_wechat']); ?></li>
|
|
|
<?php endif; ?>
|
|
|
<?php if(!empty($row['cs_linkedin'] ?? '')): ?>
|
|
|
- <li class="linkedin"><?php echo htmlspecialchars($row['cs_linkedin']); ?></li>
|
|
|
+ <li class="linkedin"><?php echo htmlspecialcharsFix($row['cs_linkedin']); ?></li>
|
|
|
<?php endif; ?>
|
|
|
<?php if(!empty($row['cs_facebook'] ?? '')): ?>
|
|
|
- <li class="facebook"><?php echo htmlspecialchars($row['cs_facebook']); ?></li>
|
|
|
+ <li class="facebook"><?php echo htmlspecialcharsFix($row['cs_facebook']); ?></li>
|
|
|
<?php endif; ?>
|
|
|
<?php if(!empty($row['cs_alibaba'] ?? '')): ?>
|
|
|
- <li class="alibaba"><?php echo htmlspecialchars($row['cs_alibaba']); ?></li>
|
|
|
+ <li class="alibaba"><?php echo htmlspecialcharsFix($row['cs_alibaba']); ?></li>
|
|
|
<?php endif; ?>
|
|
|
<?php if(!empty($row['cs_address'] ?? '')): ?>
|
|
|
- <li class="address"><?php echo htmlspecialchars($row['cs_address']); ?></li>
|
|
|
+ <li class="address"><?php echo htmlspecialcharsFix($row['cs_address']); ?></li>
|
|
|
<?php endif; ?>
|
|
|
</ul>
|
|
|
- <div class="cs_detail_note"><?php echo htmlspecialchars($row['cs_note'] ?? ''); ?></div>
|
|
|
+ <div class="cs_detail_note"><?php echo htmlspecialcharsFix($row['cs_note'] ?? ''); ?></div>
|
|
|
</td>
|
|
|
</tr>
|
|
|
<?php
|
|
|
@@ -1103,7 +1103,7 @@ $tempNum = $pageSize * ($page - 1);
|
|
|
} else {
|
|
|
// 没有搜索结果的情况
|
|
|
if (!empty($keyscode)) {
|
|
|
- echo '<tr><td colspan="9" align="center">没有找到 "' . htmlspecialchars($keyscode) . '" 相关的客户信息</td></tr>';
|
|
|
+ echo '<tr><td colspan="9" align="center">没有找到 "' . htmlspecialcharsFix($keyscode) . '" 相关的客户信息</td></tr>';
|
|
|
} else {
|
|
|
echo '<tr><td colspan="9" align="center">暂无客户信息</td></tr>';
|
|
|
}
|
igb