fleat:php 初始版本

abnormal.php

@@ -0,0 +1,226 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+<?php
+$act = $_GET['act'] ?? '';
+$page = $_GET['Page'] ?? '';
+$keys = urlencode($_GET['Keys'] ?? '');
+$hrefstr = "?keys=" . $keys;
+?>
+    <form id="form1" method="post" action="?act=postchk&Keys=<?= $keys ?>&Page=<?= $page ?>" onSubmit="return false">
+    <div class="fastSelect clear">
+        <H1>异常客户</H1>
+    </div>
+
+    <div width="100%" border="0" cellpadding="3" cellspacing="1" class="table2 em<?= $_SESSION['employee_id'] ?>">
+        <div class="theader">
+            <div class="col1"><input type="checkbox" name="chkall" id="chkall" onClick="chkboxall(this,'chkbox')" /></div>
+            <div class="col2">序号</div>
+            <div class="col3">客户编号</div>
+            <div class="col4">渠道来源</div>
+            <div class="col5">区域</div>
+            <div class="col6">客户类型</div>
+            <div class="col6">跟进阶段</div>
+            <div class="colmark">颜色标记</div>
+            <div class="col6">录入时间</div>
+            <div class="col9">操作</div>
+        </div>
+
+<?php
+$sqlStr = "SELECT id, cs_code, cs_from, cs_country, cs_type, cs_deal, cs_addtime, cs_tel, cs_email, 
+           cs_whatsapp, cs_wechat, cs_linkedin, cs_facebook, cs_alibaba, colortag, cs_note, cs_claimFrom 
+           FROM customer 
+           WHERE (cs_alibaba = '' AND (cs_code LIKE '%阿里%' OR cs_code LIKE '%1688%') AND cs_belong = " . $_SESSION['employee_id'] . ") 
+           OR (cs_from = 8 AND cs_wechat = '' AND cs_belong = " . $_SESSION['employee_id'] . ") 
+           ORDER BY colortag DESC, id DESC";
+
+$result = $conn->query($sqlStr);
+
+if ($result && $result->num_rows > 0) {
+    $pageSize = 20;
+    $page = empty($page) ? 1 : $page;
+    $page = $page === 'end' ? ceil($result->num_rows / $pageSize) : $page;
+    $page = !is_numeric($page) || $page < 1 ? 1 : (int)$page;
+    $totalPages = ceil($result->num_rows / $pageSize);
+    $page = $page > $totalPages ? $totalPages : $page;
+    $offset = $pageSize * ($page - 1);
+    
+    // Store all results in array
+    $rows = [];
+    while ($row = $result->fetch_assoc()) {
+        $rows[] = $row;
+    }
+    
+    // Get paginated results
+    $paginatedRows = array_slice($rows, $offset, $pageSize);
+    $tempNum = $offset;
+    
+    foreach ($paginatedRows as $row) {
+        $tempNum++;
+?>
+        <div class="tline color<?= $row['colorTag'] ?>">
+            <div class="col1" align="center"><input type="checkbox" name="chkbox" value="<?= $row['id'] ?>" /></div>
+            <div class="col2"><?= $tempNum ?></div>
+            <div class="col3 slidepanel"><?= $row['cs_code'] ?><?php if ($row['cs_claimFrom'] > 0): ?><img src="../images/yijiao.png" class="handover" title="来自认领"><?php endif; ?></div>
+            <div class="col4">
+                <?php
+                $qudaoResult = $conn->query("SELECT ch_name FROM qudao WHERE id = " . $row['cs_from']);
+                if ($qudaoRow = $qudaoResult->fetch_assoc()) {
+                    echo $qudaoRow['ch_name'];
+                } else {
+                    echo "未填写";
+                }
+                ?>
+            </div>
+            <div class="col5">
+                <?php
+                $countryResult = $conn->query("SELECT countryName FROM country WHERE id = " . $row['cs_country']);
+                if ($countryRow = $countryResult->fetch_assoc()) {
+                    echo $countryRow['countryName'];
+                } else {
+                    echo "未填写";
+                }
+                ?>
+            </div>
+            <div class="col6">
+                <?php
+                $typeResult = $conn->query("SELECT businessType FROM clientType WHERE id = " . $row['cs_type']);
+                if ($typeRow = $typeResult->fetch_assoc()) {
+                    echo $typeRow['businessType'];
+                } else {
+                    echo "未填写";
+                }
+                ?>
+            </div>
+            <div class="col6">
+                <?php
+                switch ($row['cs_deal']) {
+                    case 3:
+                        echo '<span style="color:red;">成交</span>';
+                        break;
+                    case 2:
+                        echo '明确需求';
+                        break;
+                    case 1:
+                        echo '背景调查';
+                        break;
+                    default:
+                        echo '无响应';
+                }
+                ?>
+            </div>
+            <div class="colmark colormark">
+                <ul class="colorlist" data-id="<?= $row['id'] ?>">
+                    <li value="1" class="color1"></li>
+                    <li value="2" class="color2"></li>
+                    <li value="3" class="color3"></li>
+                    <li value="4" class="color4"></li>
+                    <li value="0" class="color0"></li>
+                </ul>
+            </div>
+            <div class="col6"><?= $row['cs_addtime'] ?></div>
+            <div class="col9"><a href="customerEdit.php?Keys=<?= $keys ?>&fliterDeal=<?= $_GET['fliterDeal'] ?? '' ?>&fliterBusiness=<?= $_GET['fliterBusiness'] ?? '' ?>&Page=<?= $page ?>&act=edit&id=<?= $row['id'] ?>" class="ico_edit ico">修改</a></div>
+        </div>
+        <div class="notepanel clear">
+            <div class="noteItem">联系方式</div>
+            <div class="lx">
+                <div class="tel"><?= $row['cs_tel'] ?></div>
+                <div class="mail"><a href="mailto:<?= $row['cs_email'] ?>"><?= $row['cs_email'] ?></a></div>
+                <div class="whatsapp"><?= $row['cs_whatsapp'] ?></div>
+                <div class="wechat"><?= $row['cs_wechat'] ?></div>
+                <div class="linkedin"><?= $row['cs_linkedin'] ?></div>
+                <div class="facebook"><?= $row['cs_facebook'] ?></div>
+                <div class="alibaba"><?= $row['cs_alibaba'] ?></div>
+            </div>
+            <div class="noteItem2">备注</div>
+            <div class="notecontent"><?= htmlUnCode($row['cs_note']) ?></div>
+        </div>
+<?php
+    }
+} else {
+    if (empty($keys)) {
+?>
+        <tr>
+            <div align="center" colspan="9">Sorry，当前暂无信息</div>
+        </tr>
+<?php
+    } else {
+?>
+        <tr>
+            <div align="center" colspan="9"><a href="?">Sorry，没有找到"<?= $keyscode ?? '' ?>"相关的信息，点击返回</a></div>
+        </tr>
+<?php
+    }
+}
+?>
+        <div colspan="9">
+            <div class="showpagebox">
+<?php
+if (isset($totalPages) && $totalPages > 1) {
+    $pageName = "?Keys=" . $keys . ($urlStr ?? '') . "&";
+    $pagelen = 3;
+
+    // First page and Previous page
+    if ($page > 1) {
+        echo "<a href=\"{$pageName}Page=1\">首页</a>";
+        echo "<a href=\"{$pageName}Page=" . ($page - 1) . "\">上一页</a>";
+    }
+
+    // Calculate page range
+    if ($pagelen * 2 + 1 >= $totalPages) {
+        $startPage = 1;
+        $endPage = $totalPages;
+    } else {
+        if ($page <= $pagelen + 1) {
+            $startPage = 1;
+            $endPage = $pagelen * 2 + 1;
+        } else {
+            $startPage = $page - $pagelen;
+            $endPage = $page + $pagelen;
+        }
+        if ($page + $pagelen > $totalPages) {
+            $startPage = $totalPages - $pagelen * 2;
+            $endPage = $totalPages;
+        }
+    }
+
+    // Page numbers
+    for ($i = $startPage; $i <= $endPage; $i++) {
+        if ($i == $page) {
+            echo "<a class=\"current\">{$i}</a>";
+        } else {
+            echo "<a href=\"{$pageName}Page={$i}\">{$i}</a>";
+        }
+    }
+
+    // Next page and Last page
+    if ($page < $totalPages) {
+        if ($totalPages - $page > $pagelen) {
+            echo "<a href=\"{$pageName}Page={$totalPages}\">...{$totalPages}</a>";
+        }
+        echo "<a href=\"{$pageName}Page=" . ($page + 1) . "\">下一页</a>";
+        echo "<a href=\"{$pageName}Page={$totalPages}\">尾页</a>";
+    }
+}
+?>
+            </div>
+        </div>
+    </div>
+    </form>
+</div>
+</body>
+</html> 

bindTag.php

@@ -0,0 +1,35 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+
+$cid = $_GET['cid'] ?? '';
+$eid = $_GET['eid'] ?? '';
+
+if (!is_numeric($cid) || !is_numeric($eid)) {
+    echo "<script>alert('参数错误');</script>";
+    exit;
+}
+
+$tagvalue = urldecode($_GET['tagvalue'] ?? '');
+
+$sql = "SELECT * FROM tagTable WHERE customerId = " . $conn->real_escape_string($cid) . 
+       " AND employeeId = " . $conn->real_escape_string($eid) . 
+       " AND tagName = '" . $conn->real_escape_string($tagvalue) . "'";
+
+$result = $conn->query($sql);
+
+if ($result && $result->num_rows > 0) {
+    // Tag exists, delete it
+    $sql = "DELETE FROM tagTable WHERE customerId = " . $conn->real_escape_string($cid) . 
+           " AND employeeId = " . $conn->real_escape_string($eid) . 
+           " AND tagName = '" . $conn->real_escape_string($tagvalue) . "'";
+} else {
+    // Tag doesn't exist, add it
+    $sql = "INSERT INTO tagTable (tagName, employeeId, customerId) VALUES ('" . 
+           $conn->real_escape_string($tagvalue) . "', " . 
+           $conn->real_escape_string($eid) . ", " . 
+           $conn->real_escape_string($cid) . ")";
+}
+
+$conn->query($sql);
+?> 

claimCustomer.php

@@ -0,0 +1,76 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+
+$cid = $_GET['cid'] ?? '';
+if (empty($cid) || !is_numeric($cid)) {
+    $cid = 0;
+}
+
+// Check claim limit for today
+$sqlstr = "SELECT COUNT(id) as claimcount FROM customer WHERE cs_belong = " . $_SESSION['employee_id'] . 
+          " AND cs_claimdate > '" . date('Y-m-d') . "'";
+
+$result = $conn->query($sqlstr);
+$row = $result->fetch_assoc();
+$reachedLimit = ($row['claimcount'] > 10);
+
+// Get employee code
+$result = $conn->query("SELECT em_code FROM employee WHERE id = " . $_SESSION['employee_id']);
+$row = $result->fetch_assoc();
+$em_code = $row['em_code'];
+
+if ($reachedLimit) {
+    echo "-1";
+} else {
+    // Get customer info and update
+    $sql = "SELECT employee.id as originalId, cs_code, em_user, cs_belong, cs_updatetime, cs_claimdate, 
+            cs_claimFrom, cs_chain, is_silent 
+            FROM customer 
+            LEFT JOIN employee ON customer.cs_belong = employee.id 
+            WHERE customer.id = " . $conn->real_escape_string($cid);
+    
+    $result = $conn->query($sql);
+    
+    if ($row = $result->fetch_assoc()) {
+        $oldCode = $row['cs_code'];
+        $originalEmp = $row['em_user'];
+        $newCode = str_replace("-", "/0" . substr($em_code, 1) . "-", $oldCode);
+        
+        // Update chain and check circulation
+        $newChain = $row['cs_chain'] . "," . $_SESSION['employee_id'];
+        $circulation = substr_count($newChain, ',');
+        $is_silent = ($circulation > 3) ? 1 : 0;
+        
+        // Update customer
+        $updateSql = "UPDATE customer SET 
+            cs_belong = " . $_SESSION['employee_id'] . ",
+            cs_claimdate = NOW(),
+            cs_code = '" . $conn->real_escape_string($newCode) . "',
+            cs_updatetime = NOW(),
+            cs_claimFrom = " . $row['originalId'] . ",
+            cs_chain = '" . $conn->real_escape_string($newChain) . "',
+            is_silent = " . $is_silent . "
+            WHERE id = " . $cid;
+            
+        $conn->query($updateSql);
+        
+        // Insert claim record
+        $insertSql = "INSERT INTO claimRecord (oldCode, originalEmp, newEmp, cs_id, claimTime, isread) 
+                     VALUES (
+                         '" . $conn->real_escape_string($oldCode) . "',
+                         '" . $conn->real_escape_string($originalEmp) . "',
+                         '" . $conn->real_escape_string($_SESSION['employee_name']) . "',
+                         " . $cid . ",
+                         NOW(),
+                         0
+                     )";
+        $conn->query($insertSql);
+        
+        // Delete tags
+        $conn->query("DELETE FROM tagTable WHERE customerId = " . $cid);
+        
+        echo "1";
+    }
+}
+?> 

claimRecord.php

@@ -0,0 +1,197 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+    <script>
+    function goSearch() {
+        var keys = document.getElementById("keys").value;
+        var myselect = document.getElementById("searcheType");
+        var index = myselect.selectedIndex;
+        var searcheType = myselect.options[index].value;
+        location.href = '?Keys=' + escape(keys) + '&searcheType=' + searcheType;
+    }
+
+    function keyDownSearch() {
+        var e = window.event || event;
+        if (e.keyCode == 13) {
+            var keys = document.getElementById("keys").value;
+            var myselect = document.getElementById("searcheType");
+            var index = myselect.selectedIndex;
+            var searcheType = myselect.options[index].value;
+            location.href = '?Keys=' + escape(keys) + '&searcheType=' + searcheType;
+        }
+    }
+    </script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<?php
+$page = $_GET['Page'] ?? '';
+$keys = $_GET['Keys'] ?? '';
+$keyscode = textEncode($keys);
+$searcheType = $_GET['searcheType'] ?? '';
+
+switch ($searcheType) {
+    case "1":
+        $filterStr = "WHERE originalEmp LIKE '%" . $conn->real_escape_string($keyscode) . "%'";
+        break;
+    case "2":
+        $filterStr = "WHERE newEmp LIKE '%" . $conn->real_escape_string($keyscode) . "%'";
+        break;
+    case "3":
+        $filterStr = "WHERE oldCode LIKE '%" . $conn->real_escape_string($keyscode) . "%'";
+        break;
+    case "4":
+        $filterStr = "WHERE cs_id IN (SELECT id FROM customer WHERE cs_code LIKE '%" . $conn->real_escape_string($keyscode) . "%')";
+        break;
+    default:
+        $filterStr = "";
+}
+?>
+<div id="man_zone">
+    <form id="form1" method="post" action="?Keys=<?= $keyscode ?>&Page=<?= $page ?>&searcheType=<?= $searcheType ?>" onSubmit="return false">
+    <div class="fastSelect clear">
+        <H1>搜索条件</H1>
+        <div class="inputSearch">
+            <select name="searcheType" id="searcheType">
+                <option value="">未筛选</option>
+                <option value="1" <?= ($searcheType == "1") ? 'selected="selected"' : '' ?>>原属业务员</option>
+                <option value="2" <?= ($searcheType == "2") ? 'selected="selected"' : '' ?>>新跟进业务员</option>
+                <option value="3" <?= ($searcheType == "3") ? 'selected="selected"' : '' ?>>原编号</option>
+                <option value="4" <?= ($searcheType == "4") ? 'selected="selected"' : '' ?>>新编号</option>
+            </select>
+            <input type="text" id="keys" class="inputTxt" 
+                value="<?= empty($keyscode) ? '请输入搜索关键词' : $keyscode ?>" 
+                onFocus="if(this.value == '<?= empty($keyscode) ? '请输入搜索关键词' : $keyscode ?>'){this.value='';}" 
+                onBlur="if(this.value == ''){this.value='<?= empty($keyscode) ? '请输入搜索关键词' : $keyscode ?>';}" 
+                onKeyDown="keyDownSearch();" />
+            <input type="button" id="searchgo" class="searchgo" value="go" onClick="goSearch();" />
+        </div>
+    </div>
+
+    <table class="teamStatistics table1" border="1px" bordercollapse="collapse" cellspacing="0" cellpadding="5" bordercolor="#DDD">
+        <tr class="theader">
+            <th>序号</th>
+            <th>时间</th>
+            <th>记录</th>
+            <th>新编号</th>
+        </tr>
+        <tbody>
+<?php
+$sql = "SELECT * FROM claimRecord " . $filterStr . " ORDER BY claimTime DESC";
+$result = $conn->query($sql);
+
+if ($result && $result->num_rows > 0) {
+    $pageSize = 20;
+    $page = empty($page) ? 1 : $page;
+    $page = $page === 'end' ? ceil($result->num_rows / $pageSize) : $page;
+    $page = !is_numeric($page) || $page < 1 ? 1 : (int)$page;
+    $totalPages = ceil($result->num_rows / $pageSize);
+    $page = $page > $totalPages ? $totalPages : $page;
+    $offset = $pageSize * ($page - 1);
+    
+    // Store all results in array
+    $rows = [];
+    while ($row = $result->fetch_assoc()) {
+        $rows[] = $row;
+    }
+    
+    // Get paginated results
+    $paginatedRows = array_slice($rows, $offset, $pageSize);
+    $tempNum = $offset;
+    
+    foreach ($paginatedRows as $row) {
+        $tempNum++;
+        
+        // Get new customer code
+        $customerResult = $conn->query("SELECT cs_code FROM customer WHERE id = " . $row['cs_id']);
+        $customerCode = ($customerRow = $customerResult->fetch_assoc()) ? $customerRow['cs_code'] : '';
+?>
+        <tr>
+            <td><?= $tempNum ?></td>
+            <td><?= $row['claimTime'] ?></td>
+            <td><span style="color:#0099CC;"><?= $row['newEmp'] ?></span> 认领了 
+                <span style="color:#0099CC;"><?= $row['originalEmp'] ?></span> 的客户（<?= $row['oldCode'] ?>）</td>
+            <td><?= $customerCode ?></td>
+        </tr>
+<?php
+    }
+} else {
+?>
+        <tr>
+            <td colspan="4">当前暂无认领记录</td>
+        </tr>
+<?php
+}
+?>
+        </tbody>
+        <tfoot>
+            <tr>
+                <td colspan="4">
+                    <div class="showpagebox">
+<?php
+if (isset($totalPages) && $totalPages > 1) {
+    $pageName = "?Keys=" . $keys . ($urlStr ?? '') . "&searcheType=" . $searcheType . "&";
+    $pagelen = 3;
+
+    // First page and Previous page
+    if ($page > 1) {
+        echo "<a href=\"{$pageName}Page=1\">首页</a>";
+        echo "<a href=\"{$pageName}Page=" . ($page - 1) . "\">上一页</a>";
+    }
+
+    // Calculate page range
+    if ($pagelen * 2 + 1 >= $totalPages) {
+        $startPage = 1;
+        $endPage = $totalPages;
+    } else {
+        if ($page <= $pagelen + 1) {
+            $startPage = 1;
+            $endPage = $pagelen * 2 + 1;
+        } else {
+            $startPage = $page - $pagelen;
+            $endPage = $page + $pagelen;
+        }
+        if ($page + $pagelen > $totalPages) {
+            $startPage = $totalPages - $pagelen * 2;
+            $endPage = $totalPages;
+        }
+    }
+
+    // Page numbers
+    for ($i = $startPage; $i <= $endPage; $i++) {
+        if ($i == $page) {
+            echo "<a class=\"current\">{$i}</a>";
+        } else {
+            echo "<a href=\"{$pageName}Page={$i}\">{$i}</a>";
+        }
+    }
+
+    // Next page and Last page
+    if ($page < $totalPages) {
+        if ($totalPages - $page > $pagelen) {
+            echo "<a href=\"{$pageName}Page={$totalPages}\">...{$totalPages}</a>";
+        }
+        echo "<a href=\"{$pageName}Page=" . ($page + 1) . "\">下一页</a>";
+        echo "<a href=\"{$pageName}Page={$totalPages}\">尾页</a>";
+    }
+}
+?>
+                    </div>
+                </td>
+            </tr>
+        </tfoot>
+    </table>
+    </form>
+</div>
+</body>
+</html> 

colorTag.php

@@ -0,0 +1,20 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+
+$colorid = $_GET['colorid'] ?? '';
+$cid = $_GET['cid'] ?? '';
+
+if (!is_numeric($colorid)) {
+    $colorid = 0;
+}
+if (!is_numeric($cid)) {
+    $cid = 0;
+}
+
+$sql = "UPDATE customer SET colortag = " . $conn->real_escape_string($colorid) . 
+       " WHERE id = " . $conn->real_escape_string($cid) . 
+       " AND cs_belong = " . $_SESSION['employee_id'];
+
+$conn->query($sql);
+?> 

conn.asp

@@ -11,7 +11,7 @@ Set Conn=Server.CreateObject("ADODB.Connection")
 Conn.Open "PROVIDER=SQLOLEDB;server=127.0.0.1,1435;uid=crm;pwd=Qweasdzxc;database=crm"
 
 Function Checklogin()
-	if Session("employee_id")="" Then Response.Write "<script>top.location.href='index.asp'</script>":Response.End
+	if Session("employee_id")="" Then Response.Write "<script>top.location.href='index.php'</script>":Response.End
 End Function
 
 Function GetIp

conn.php

@@ -0,0 +1,304 @@
+<?php
+// 设置编码
+session_start();
+header('Content-Type: text/html; charset=utf-8');
+header('Cache-Control: no-cache');
+
+// 数据库连接
+$conn = new mysqli("127.0.0.1", "crm", "Qweasdzxc", "crm");
+if ($conn->connect_error) {
+    die("Connection failed: " . $conn->connect_error);
+}
+$conn->set_charset("utf8");
+
+// 检查登录
+function checkLogin() {
+    if (empty($_SESSION['employee_id'])) {
+        echo "<script>top.location.href='index.php'</script>";
+        exit;
+    }
+}
+
+// 获取IP
+function getIp() {
+    $ip = $_SERVER['HTTP_X_FORWARDED_FOR'] ?? $_SERVER['REMOTE_ADDR'];
+    if (strlen($ip) > 15) {
+        $ip = "UnKnow";
+    }
+    return htmlspecialchars($ip);
+}
+
+// 移除HTML
+function removeHTML($t0) {
+    if (empty($t0)) {
+        return "";
+    }
+
+    $t0 = preg_replace("/<script.+?\/script>/is", "", $t0);
+    $t0 = preg_replace("/<iframe.+?\/iframe>/is", "", $t0);
+    $t0 = str_replace(["&lt;", "&gt;", "&nbsp;"], ["<", ">", ""], $t0);
+    $t0 = preg_replace("/<.+?>/", "", $t0);
+    return str_replace(["\r\n", "\t", "\r", "\n"], "", $t0);
+}
+
+// Text转HTML
+function txt2HTML($t0) {
+    if (empty($t0) || is_array($t0)) {
+        return "";
+    }
+
+    return str_replace(
+        ["&", "\"", "<", ">", " "],
+        ["&amp;", "&quot;", "&lt;", "&gt;", "&nbsp;"],
+        $t0
+    );
+}
+
+// HTML转Text
+function html2Txt($t0) {
+    if (empty($t0) || is_array($t0)) {
+        return "";
+    }
+
+    return str_replace(
+        ["&quot;", "&lt;", "&gt;", "&nbsp;", "&amp;"],
+        ["\"", "<", ">", " ", "&"],
+        $t0
+    );
+}
+
+// HTML编码
+function htmlEncode($t0) {
+    if (empty($t0) || is_array($t0)) {
+        return "";
+    }
+
+    $replacements = [
+        chr(38) => "&#38;", chr(9) => "&#9;", chr(11) => "&#11;",
+        chr(10) => "&#10;", chr(13) => "&#13;", chr(32) => "&#32;",
+        chr(34) => "&#34;", chr(37) => "&#37;", chr(39) => "&#39;",
+        chr(40) => "&#40;", chr(41) => "&#41;", chr(60) => "&#60;",
+        chr(62) => "&#62;", chr(91) => "&#91;", chr(93) => "&#93;",
+        chr(94) => "&#94;", chr(95) => "&#95;", chr(123) => "&#123;",
+        chr(124) => "&#124;", chr(125) => "&#125;"
+    ];
+
+    return strtr($t0, $replacements);
+}
+
+// HTML解码
+function htmlUnCode($t0) {
+    if (empty($t0) || is_array($t0)) {
+        return "";
+    }
+
+    $replacements = [
+        "&#9;" => chr(9), "&#11;" => chr(11), "&#10;" => chr(10),
+        "&#13;" => chr(13), "&#32;" => chr(32), "&#34;" => chr(34),
+        "&#37;" => chr(37), "&#39;" => chr(39), "&#40;" => chr(40),
+        "&#41;" => chr(41), "&#60;" => chr(60), "&#62;" => chr(62),
+        "&#91;" => chr(91), "&#93;" => chr(93), "&#94;" => chr(94),
+        "&#95;" => chr(95), "&#123;" => chr(123), "&#124;" => chr(124),
+        "&#125;" => chr(125), "&#38;" => chr(38)
+    ];
+
+    return strtr($t0, $replacements);
+}
+
+// 文本编码
+function textEncode($t0) {
+    if (empty($t0) || is_array($t0)) {
+        return "";
+    }
+
+    $t0 = trim($t0);
+    $remove = [chr(8), chr(9), chr(11), chr(12), chr(10), chr(13)];
+    $t0 = str_replace($remove, "", $t0);
+
+    $replacements = [
+        chr(38) => "&#38;", chr(47) => "&#47;", chr(32) => "&#32;",
+        chr(34) => "&#34;", chr(37) => "&#37;", chr(39) => "&#39;",
+        chr(40) => "&#40;", chr(41) => "&#41;", "（" => "&#40;",
+        "）" => "&#41;", chr(60) => "&#60;", chr(62) => "&#62;",
+        chr(91) => "&#91;", chr(93) => "&#93;", chr(94) => "&#94;",
+        chr(95) => "&#95;", chr(123) => "&#123;", chr(124) => "&#124;",
+        chr(125) => "&#125;"
+    ];
+
+    return strtr($t0, $replacements);
+}
+
+// 数字格式化
+function numFormat($t0) {
+    if (empty($t0) || is_array($t0)) {
+        return "";
+    }
+
+    $t0 = trim($t0);
+    $remove = ["-", "+", "&#32;", "&", " ", chr(34), "*", "%", "'", "(", ")", "<", ">",
+        "[", "]", "^", "_", "{", "\\", "/", "|", "}", "（", "）"];
+    return str_replace($remove, "", $t0);
+}
+
+// 文本解码
+function textUncode($t0) {
+    if (empty($t0) || is_array($t0)) {
+        return "";
+    }
+
+    $replacements = [
+        "&#32;" => chr(32), "&#34;" => chr(34), "&#37;" => chr(37),
+        "&#39;" => chr(39), "&#40;" => chr(40), "&#41;" => chr(41),
+        "&#60;" => chr(60), "&#62;" => chr(62), "&#91;" => chr(91),
+        "&#93;" => chr(93), "&#94;" => chr(94), "&#95;" => chr(95),
+        "&#123;" => chr(123), "&#124;" => chr(124), "&#125;" => chr(125),
+        "&#47;" => chr(47), "&#38;" => chr(38)
+    ];
+
+    return strtr($t0, $replacements);
+}
+
+// HTML解码1
+function htmlUnCode1($t0) {
+    if (empty($t0) || is_array($t0)) {
+        return "";
+    }
+
+    $replacements = [
+        "&#9;" => chr(9), "&#11;" => chr(11), "&#13;&#10;" => "<br />",
+        "&#10;" => "<br />", "&#13;" => "<br />", "&#32;" => "&nbsp;",
+        "&#38;" => chr(38)
+    ];
+
+    return strtr($t0, $replacements);
+}
+
+// 格式化时间
+function formatTime($ttime, $tparam) {
+    if (!strtotime($ttime)) {
+        return "";
+    }
+
+    $date = new DateTime($ttime);
+    $tsrt = $tparam;
+
+    $replacements = [
+        "yyyy" => $date->format("Y"),
+        "yy" => $date->format("y"),
+        "mm" => $date->format("m"),
+        "dd" => $date->format("d"),
+        "hh" => $date->format("H"),
+        "ff" => $date->format("i"),
+        "ss" => $date->format("s"),
+        "m" => $date->format("n"),
+        "d" => $date->format("j"),
+        "h" => $date->format("G"),
+        "f" => $date->format("i"),
+        "s" => $date->format("s")
+    ];
+
+    return strtr($tsrt, $replacements);
+}
+
+// 英文月份
+function enMonth($m) {
+    $months = [
+        "1" => "Jan", "2" => "Feb", "3" => "Mar", "4" => "Apr",
+        "5" => "May", "6" => "Jun", "7" => "Jul", "8" => "Aug",
+        "9" => "Sep", "10" => "Oct", "11" => "Nov", "12" => "Dec"
+    ];
+
+    return $months[$m] ?? "Dec";
+}
+
+// 字符串截取
+function strLeft($str, $strLen) {
+    if (empty($str)) {
+        return "";
+    }
+
+    $length = 0;
+    $result = "";
+
+    for ($i = 0; $i < mb_strlen($str); $i++) {
+        $char = mb_substr($str, $i, 1);
+        $length += (mb_ord($char) > 255) ? 2 : 1;
+
+        if ($length > $strLen) {
+            return $result . "..";
+        }
+        $result .= $char;
+    }
+
+    return $result;
+}
+
+
+// 验证邮箱
+function isValidEmail($email) {
+    $names = explode("@", $email);
+    if (count($names) !== 2) {
+        return false;
+    }
+
+    foreach ($names as $name) {
+        if (empty($name)) {
+            return false;
+        }
+
+        if (preg_match("/[^a-z0-9_.-]/", strtolower($name))) {
+            return false;
+        }
+
+        if (str_starts_with($name, ".") || str_ends_with($name, ".")) {
+            return false;
+        }
+    }
+
+    $domainParts = explode(".", $names[1]);
+    if (count($domainParts) < 2) {
+        return false;
+    }
+
+    $tldLength = strlen(end($domainParts));
+    if ($tldLength !== 2 && $tldLength !== 3) {
+        return false;
+    }
+
+    if (str_contains($email, "..")) {
+        return false;
+    }
+
+    return true;
+}
+
+// 站点链接替换
+function sitelink_replace($t0, $t1, $t2, $t3) {
+    if (empty($t0)) {
+        return "";
+    }
+
+    $t4 = $t0;
+    $pattern = "/(\<a[^<>]+\>.+?\<\/a\>)|(\<img[^<>]+\>)|(\<h[1-6]+[\s]*\>.+?\<\/h[1-6]+\>)/i";
+    preg_match_all($pattern, $t4, $matches);
+
+    $myarray = [];
+    if (count($matches[0]) > 0) {
+        foreach ($matches[0] as $i => $match) {
+            $myarray[$i] = $match;
+            $t4 = str_replace($match, "[$i]", $t4, $t3);
+        }
+    }
+
+    if (empty($myarray)) {
+        return str_replace($t1, $t2, $t0, $t3);
+    }
+
+    $t4 = str_replace($t1, $t2, $t4, $t3);
+    foreach ($myarray as $i => $value) {
+        $t4 = str_replace("[$i]", $value, $t4, $t3);
+    }
+
+    return $t4;
+}
+?>

customerAdd.php

@@ -0,0 +1,194 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <script src="js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+    <script src="js/xheditor-1.1.9/xheditor-1.1.9-zh-cn.min.js"></script>
+    <script src="js/Hz2Py-szm-min.js"></script>
+    <script src="js/ySearchSelect.js"></script>
+    <script>
+    $(document).ready(function(){
+        $('.txt2').xheditor({
+            tools:'full',
+            hoverExecDelay:-1,
+            urlBase:'system',
+            upLinkUrl:"upload.php",
+            upLinkExt:"zip,rar,txt,pdf",
+            upImgUrl:"upload.php",
+            upImgExt:"jpg,jpeg,gif,png",
+            upFlashUrl:"upload.php",
+            upFlashExt:"swf",
+            upMediaUrl:"upload.php",
+            upMediaExt:"wmv,avi,wma,mp3,mid"
+        });
+    });
+    </script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+    <form name="form1" id="form1" method="post" action="customerSave.php<?= $hrefstr ?? '' ?>" onSubmit="return checkInput();">
+        <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+            <tbody>
+                <tr>
+                    <th width="8%">客户编号</th>
+                    <td>
+                        <input type="text" id="cs_code" name="cs_code" value="" class="txt1" />
+                        <input type="hidden" name="cs_addtime" value="<?= date('Y-m-d H:i:s') ?>" />
+                    </td>
+                </tr>
+                <tr>
+                    <th width="8%">公司名称</th>
+                    <td><input type="text" id="cs_company" name="cs_company" value="" class="txt1" /></td>
+                </tr>
+                <tr>
+                    <th width="8%">联系人</th>
+                    <td><input type="text" id="cs_name" name="cs_name" value="" class="txt1" /></td>
+                </tr>
+                <tr>
+                    <th width="8%">地区</th>
+                    <td>
+                        <div class="layui-input-inline">
+                            <div class="layui-form-select ySearchSelect y1">
+                                <div class="layui-input">请选择客户区域</div>
+                                <input name="cs_country" id="cs_country" type="hidden">
+                                <i class="layui-edge"></i>
+                                <ul>
+                                    <?php
+                                    $result = $conn->query("SELECT id, countryCode, countryName FROM country");
+                                    while ($row = $result->fetch_assoc()) {
+                                        echo "<li class=\"on\" data-c=\"{$row['id']}\">(+{$row['countryCode']}){$row['countryName']}</li>";
+                                    }
+                                    ?>
+                                    <p>无匹配项</p>
+                                </ul>
+                            </div>
+                        </div>
+                        <script>
+                            $(function () {
+                                $(".y1").ySearchSelect();  
+                            })
+                        </script>
+                    </td>
+                </tr>
+                <tr>
+                    <th width="8%">来源</th>
+                    <td>
+                        <select id="cs_from" name="cs_from">
+                            <option value="0">请选择来源</option>
+                            <?php
+                            $result = $conn->query("SELECT id, ch_name FROM qudao");
+                            while ($row = $result->fetch_assoc()) {
+                                echo "<option value=\"{$row['id']}\">{$row['ch_name']}</option>";
+                            }
+                            ?>
+                        </select>
+                    </td>
+                </tr>
+                <tr>
+                    <th rowspan="7">联系方式</th>
+                    <td><input type="text" id="cs_tel" name="cs_tel" value="" class="txt1 tel" placeholder="电话格式:区号+号码 如:+86 15012345678" /></td>
+                </tr>
+                <tr>
+                    <td><input type="text" id="cs_wechat" name="cs_wechat" value="" class="txt1 wechat" placeholder="微信"/></td>
+                </tr>
+                <tr>
+                    <td>
+                        <input type="text" id="cs_whatsapp" name="cs_whatsapp" value="" class="txt-short2 whatsapp" placeholder="Whatsapp 格式:区号+号码 如:+86 15012345678"/>
+                        <span class="syncphone">同步到电话联方式</span>
+                    </td>
+                </tr>
+                <tr>
+                    <td><input type="text" id="cs_email" name="cs_email" value="" class="txt1 mail" placeholder="邮件" /></td>
+                </tr>
+                <tr>
+                    <td><input type="text" id="cs_linkedin" name="cs_linkedin" value="" class="txt1 linkedin" placeholder="领英链接"/></td>
+                </tr>
+                <tr>
+                    <td><input type="text" id="cs_facebook" name="cs_facebook" value="" class="txt1 facebook" placeholder="Facebook" /></td>
+                </tr>
+                <tr>
+                    <td><input type="text" id="cs_alibaba" name="cs_alibaba" value="" class="txt1 alibaba" placeholder="阿里巴巴会员名" /></td>
+                </tr>
+                <tr>
+                    <th>地址</th>
+                    <td><input type="text" id="cs_address" name="cs_address" value="" class="txt1" /></td>
+                </tr>
+                <tr>
+                    <th>业务类型</th>
+                    <td>
+                        <?php
+                        $result = $conn->query("SELECT id, businessType FROM clientType");
+                        while ($row = $result->fetch_assoc()) {
+                            echo "<input type=\"radio\" name=\"cs_type\" value=\"{$row['id']}\" id=\"fortype{$row['id']}\">
+                                  <label for=\"fortype{$row['id']}\">{$row['businessType']}</label>";
+                        }
+                        ?>
+                    </td>
+                </tr>
+                <tr>
+                    <th>跟进阶段</th>
+                    <td>
+                        <input type="radio" id="fordeal1" class="cs_deal" name="cs_deal" value="0"><label for="fordeal1">无响应</label>
+                        <input type="radio" id="fordeal2" class="cs_deal" name="cs_deal" value="1" checked="checked"><label for="fordeal2">背景调查</label>
+                        <input type="radio" id="fordeal3" class="cs_deal" name="cs_deal" value="2"><label for="fordeal3">明确需求</label>
+                        <input type="radio" id="fordeal4" class="cs_deal" name="cs_deal" value="3"><label for="fordeal4">已成交</label>
+                    </td>
+                </tr>
+                <tr>
+                    <th>其他</th>
+                    <td>
+                        <input type="checkbox" id="belongClient" class="cs_belongClient" name="cs_belongClient" value="1">
+                        <label for="belongClient">客户的客户</label>
+                    </td>
+                </tr>
+                <tr>
+                    <th>自定义标签</th>
+                    <td>
+                        <div class="taglist"></div>
+                        <input type="hidden" id="mytag" name="mytag" value="">
+                        <div class="commontag clear">
+                            <i class="tag">美特柏品牌客户</i>,
+                            <i class="tag">OEM定制客户</i>，
+                            <i class="tag">小型B端客户</i>，
+                            <i class="tag">C端客户</i>，
+                            <i class="tag">贸易公司</i>，
+                            <i class="tag">档口客户</i>
+                            <?php
+                            $stmt = $conn->prepare("SELECT DISTINCT tagName FROM tagTable WHERE employeeId = ?");
+                            $stmt->bind_param("i", $_SESSION['employee_id']);
+                            $stmt->execute();
+                            $result = $stmt->get_result();
+                            
+                            while ($row = $result->fetch_assoc()) {
+                                echo "<i class=\"tag\">" . htmlspecialchars(textUncode($row['tagName'])) . "</i>,";
+                            }
+                            ?>
+                        </div>
+                        <input type="text" id="tapinput" class="txt-short" placeholder="添加新标签，按Enter添加">
+                    </td>
+                </tr>
+                <tr>
+                    <th width="8%">备注</th>
+                    <td><textarea name="cs_note" class="txt2" placeholder=""></textarea></td>
+                </tr>
+                <tr>
+                    <th></th>
+                    <td>
+                        <input type="button" name="save" id="save" value="确定" class="btn1" onclick="subform();" />
+                        <input type="button" value="返回" class="btn1" onClick="location.href='customers.php'" />
+                    </td>
+                </tr>
+            </tbody>
+        </table>
+    </form>
+</div>
+</body>
+</html> 

customerEdit.php

@@ -0,0 +1,276 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+
+$id = $_GET['id'] ?? '';
+$page = $_GET['Page'] ?? '';
+$keys = urlencode($_GET['Keys'] ?? '');
+
+$hrefstr = "?keys=$keys&Page=$page";
+
+// Validate and fetch customer data
+if (!empty($id) && is_numeric($id)) {
+    $stmt = $conn->prepare("SELECT * FROM customer WHERE cs_belong = ? AND id = ?");
+    $stmt->bind_param("ii", $_SESSION['employee_id'], $id);
+    $stmt->execute();
+    $result = $stmt->get_result();
+    
+    if ($row = $result->fetch_assoc()) {
+        $customer = [
+            'cs_company' => textUncode($row['cs_company']),
+            'cs_name' => textUncode($row['cs_name']),
+            'cs_country' => $row['cs_country'],
+            'cs_tel' => textUncode($row['cs_tel']),
+            'cs_email' => textUncode($row['cs_email']),
+            'cs_whatsapp' => textUncode($row['cs_whatsapp']),
+            'cs_wechat' => textUncode($row['cs_wechat']),
+            'cs_linkedin' => textUncode($row['cs_linkedin']),
+            'cs_facebook' => textUncode($row['cs_facebook']),
+            'cs_address' => textUncode($row['cs_address']),
+            'cs_alibaba' => textUncode($row['cs_alibaba']),
+            'cs_code' => textUncode($row['cs_code']),
+            'cs_deal' => textUncode($row['cs_deal']),
+            'cs_addtime' => $row['cs_addtime'],
+            'cs_belongclient' => $row['cs_belongclient'],
+            'cs_updatetime' => $row['cs_updatetime'],
+            'cs_from' => $row['cs_from'],
+            'cs_type' => $row['cs_type'],
+            'cs_note' => htmlUnCode($row['cs_note']),
+            'cs_claimFrom' => $row['cs_claimFrom'],
+            'allowedit' => $row['allowedit']
+        ];
+    } else {
+        echo "<script>alert('客户不存在或你没权限查看！');history.back();</script>";
+        exit;
+    }
+} else {
+    echo "<script>alert('客户不存在!');history.back();</script>";
+    header("Location: $hrefstr");
+    exit;
+}
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+    <script src="js/xheditor-1.1.9/xheditor-1.1.9-zh-cn.min.js"></script>
+    <script src="js/Hz2Py-szm-min.js"></script>
+    <script src="js/ySearchSelect.js"></script>
+    <script>
+    $(document).ready(function(){
+        $('.txt2').xheditor({
+            tools:'full',
+            hoverExecDelay:-1,
+            urlBase:'system',
+            upLinkUrl:"upload.php",
+            upLinkExt:"zip,rar,txt,pdf",
+            upImgUrl:"upload.php",
+            upImgExt:"jpg,jpeg,gif,png",
+            upFlashUrl:"upload.php",
+            upFlashExt:"swf",
+            upMediaUrl:"upload.php",
+            upMediaExt:"wmv,avi,wma,mp3,mid"
+        });
+    });
+    </script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+    <form name="form1" id="form1" method="post" action="customerSave.php<?= $hrefstr ?>" onSubmit="return checkInput();">
+        <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+            <tbody>
+                <tr>
+                    <th width="8%">客户编号</th>
+                    <td>
+                        <input type="text" id="cs_code" name="cs_code" value="<?= htmlspecialchars($customer['cs_code']) ?>" 
+                            <?= !empty($customer['cs_claimFrom']) ? 'readonly' : '' ?> class="txt1" />
+                        <input type="hidden" name="id" value="<?= $id ?>" />
+                        <input type="hidden" name="cs_addtime" value="<?= $customer['cs_addtime'] ?>" />
+                        <input type="hidden" name="Permissions" value="<?= $customer['allowedit'] ?>" />
+                    </td>
+                </tr>
+                <tr>
+                    <th width="8%">公司名称</th>
+                    <td><input type="text" id="cs_company" name="cs_company" value="<?= htmlspecialchars($customer['cs_company']) ?>" class="txt1" /></td>
+                </tr>
+                <tr>
+                    <th width="8%">联系人</th>
+                    <td><input type="text" id="cs_name" name="cs_name" value="<?= htmlspecialchars($customer['cs_name']) ?>" class="txt1" /></td>
+                </tr>
+                <tr>
+                    <th width="8%">地区</th>
+                    <td>
+                        <div class="layui-input-inline">
+                            <div class="layui-form-select ySearchSelect y1">
+                                <div class="layui-input">
+                                    <?php
+                                    $stmt = $conn->prepare("SELECT id, countryCode, countryName FROM country WHERE id = ?");
+                                    $stmt->bind_param("i", $customer['cs_country']);
+                                    $stmt->execute();
+                                    $countryResult = $stmt->get_result();
+                                    if ($countryRow = $countryResult->fetch_assoc()) {
+                                        $countryId = $countryRow['id'];
+                                        echo htmlspecialchars($countryRow['countryName']);
+                                    } else {
+                                        echo "请选择";
+                                    }
+                                    ?>
+                                </div>
+                                <ul>
+                                    <?php
+                                    $result = $conn->query("SELECT id, countryCode, countryName FROM country");
+                                    while ($row = $result->fetch_assoc()) {
+                                        echo "<li class=\"on\" data-c=\"{$row['id']}\">(+{$row['countryCode']}){$row['countryName']}</li>";
+                                    }
+                                    ?>
+                                    <p>无匹配项</p>
+                                </ul>
+                                <input name="cs_country" id="cs_country" value="<?= $countryId ?? '' ?>" type="hidden">
+                            </div>
+                        </div>
+                        <script>
+                            $(function () {
+                                $(".y1").ySearchSelect();  
+                            })
+                        </script>
+                    </td>
+                </tr>
+                <tr>
+                    <th width="8%">客户来源</th>
+                    <td>
+                        <select id="cs_from" name="cs_from">
+                            <option value="0">请选择来源</option>
+                            <?php
+                            $result = $conn->query("SELECT id, ch_name FROM qudao");
+                            while ($row = $result->fetch_assoc()) {
+                                $selected = ($customer['cs_from'] == $row['id']) ? ' selected="selected"' : '';
+                                echo "<option value=\"{$row['id']}\"$selected>{$row['ch_name']}</option>";
+                            }
+                            ?>
+                        </select>
+                    </td>
+                </tr>
+                <tr>
+                    <th rowspan="7">联系方式</th>
+                    <td><input type="text" id="cs_tel" name="cs_tel" value="<?= htmlspecialchars($customer['cs_tel']) ?>" class="txt1 tel" placeholder="电话格式:区号+号码 如:+86 15012345678" /></td>
+                </tr>
+                <tr>
+                    <td><input type="text" id="cs_wechat" name="cs_wechat" value="<?= htmlspecialchars($customer['cs_wechat']) ?>" class="txt1 wechat" placeholder="微信"/></td>
+                </tr>
+                <tr>
+                    <td><input type="text" id="cs_whatsapp" name="cs_whatsapp" value="<?= htmlspecialchars($customer['cs_whatsapp']) ?>" class="txt1 whatsapp" placeholder="Whatsapp 格式:区号+号码 如:+86 15012345678"/></td>
+                </tr>
+                <tr>
+                    <td><input type="text" id="cs_email" name="cs_email" value="<?= htmlspecialchars($customer['cs_email']) ?>" class="txt1 mail" placeholder="邮件" /></td>
+                </tr>
+                <tr>
+                    <td><input type="text" id="cs_linkedin" name="cs_linkedin" value="<?= htmlspecialchars($customer['cs_linkedin']) ?>" class="txt1 linkedin" placeholder="领英链接"/></td>
+                </tr>
+                <tr>
+                    <td><input type="text" id="cs_facebook" name="cs_facebook" value="<?= htmlspecialchars($customer['cs_facebook']) ?>" class="txt1 facebook" placeholder="Facebook" /></td>
+                </tr>
+                <tr>
+                    <td><input type="text" id="cs_alibaba" name="cs_alibaba" value="<?= htmlspecialchars($customer['cs_alibaba']) ?>" class="txt1 alibaba" placeholder="alibaba" /></td>
+                </tr>
+                <tr>
+                    <th width="8%">地址</th>
+                    <td><input type="text" id="cs_address" name="cs_address" value="<?= htmlspecialchars($customer['cs_address']) ?>" class="txt1" /></td>
+                </tr>
+                <tr>
+                    <th>业务类型</th>
+                    <td>
+                        <?php
+                        $result = $conn->query("SELECT id, businessType FROM clientType");
+                        while ($row = $result->fetch_assoc()) {
+                            $checked = ($row['id'] == $customer['cs_type']) ? ' checked="checked"' : '';
+                            echo "<input type=\"radio\" name=\"cs_type\" value=\"{$row['id']}\" id=\"fortype{$row['id']}\"$checked>
+                                  <label for=\"fortype{$row['id']}\">{$row['businessType']}</label>";
+                        }
+                        ?>
+                    </td>
+                </tr>
+                <tr>
+                    <th>跟进阶段</th>
+                    <td>
+                        <?php
+                        $dealOptions = [
+                            ['id' => '0', 'label' => '无响应'],
+                            ['id' => '1', 'label' => '背景调查'],
+                            ['id' => '2', 'label' => '明确需求'],
+                            ['id' => '3', 'label' => '已成交']
+                        ];
+                        
+                        foreach ($dealOptions as $option) {
+                            $checked = ($customer['cs_deal'] == $option['id']) ? ' checked="checked"' : '';
+                            $disabled = ($customer['cs_deal'] == '3' && $option['id'] != '3') ? ' disabled="disabled"' : '';
+                            echo "<input type=\"radio\" id=\"fordeal{$option['id']}\" class=\"cs_deal\" name=\"cs_deal\" 
+                                  value=\"{$option['id']}\"$checked$disabled><label for=\"fordeal{$option['id']}\">{$option['label']}</label>";
+                        }
+                        ?>
+                    </td>
+                </tr>
+                <tr>
+                    <th>其他</th>
+                    <td>
+                        <input type="checkbox" id="belongClient" class="cs_belongClient" name="cs_belongClient" 
+                            value="1"<?= $customer['cs_belongclient'] == 1 ? ' checked="checked"' : '' ?>>
+                        <label for="belongClient">客户的客户</label>
+                    </td>
+                </tr>
+                <tr>
+                    <th>自定义标签</th>
+                    <td>
+                        <div class="taglist">
+                            <?php
+                            $stmt = $conn->prepare("SELECT id, tagName FROM tagTable WHERE customerId = ?");
+                            $stmt->bind_param("i", $id);
+                            $stmt->execute();
+                            $result = $stmt->get_result();
+                            while ($row = $result->fetch_assoc()) {
+                                echo "<span>" . htmlspecialchars($row['tagName']) . "</span>";
+                            }
+                            ?>
+                        </div>
+                        <div class="commontag">
+                            <i class="tag">美特柏品牌客户</i>,
+                            <i class="tag">OEM定制客户</i>,
+                            <i class="tag">小型B端客户</i>,
+                            <i class="tag">C端客户</i>,
+                            <i class="tag">贸易公司</i>，
+                            <i class="tag">档口客户</i>
+                            <?php
+                            $stmt = $conn->prepare("SELECT DISTINCT tagName FROM tagTable WHERE employeeId = ?");
+                            $stmt->bind_param("i", $_SESSION['employee_id']);
+                            $stmt->execute();
+                            $result = $stmt->get_result();
+                            while ($row = $result->fetch_assoc()) {
+                                echo "<i class=\"tag\">" . htmlspecialchars(textUncode($row['tagName'])) . "</i>,";
+                            }
+                            ?>
+                        </div>
+                        <input type="text" id="tapinput" class="txt-short" placeholder="自定义标签，按Enter添加">
+                        <input type="hidden" id="mytag" name="mytag" value="">
+                    </td>
+                </tr>
+                <tr>
+                    <th width="8%">备注</th>
+                    <td><textarea name="cs_note" class="txt2"><?= htmlspecialchars($customer['cs_note']) ?></textarea></td>
+                </tr>
+                <tr>
+                    <th></th>
+                    <td>
+                        <input type="button" name="save" id="save" value="确定" class="btn1" onclick="subform();">
+                        <input type="button" value="返回" class="btn1" onClick="location.href='customers.php<?= $hrefstr ?>'" />
+                    </td>
+                </tr>
+            </tbody>
+        </table>
+    </form>
+</div>
+</body>
+</html> 

customerSave.php

@@ -0,0 +1,331 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="system/css/common.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+</head>
+<body class="clear">
+<?php
+// Get query parameters
+$page = $_GET['Page'] ?? '';
+$keys = urlencode($_GET['Keys'] ?? '');
+$fliterBusiness = $_GET['fliterBusiness'] ?? '';
+$fliterDeal = $_GET['Deal'] ?? '';
+
+// Get form data
+$id = $_POST['id'] ?? '';
+$cs_code = textEncode($_POST['cs_code'] ?? '');
+$cs_company = textEncode($_POST['cs_company'] ?? '');
+$cs_name = textEncode($_POST['cs_name'] ?? '');
+$cs_country = $_POST['cs_country'] ?? '';
+$cs_from = $_POST['cs_from'] ?? '';
+$cs_tel = textEncode($_POST['cs_tel'] ?? '');
+$cs_wechat = textEncode($_POST['cs_wechat'] ?? '');
+$cs_whatsapp = textEncode($_POST['cs_whatsapp'] ?? '');
+$cs_email = textEncode($_POST['cs_email'] ?? '');
+$cs_linkedin = textEncode($_POST['cs_linkedin'] ?? '');
+$cs_facebook = textEncode($_POST['cs_facebook'] ?? '');
+$cs_alibaba = textEncode($_POST['cs_alibaba'] ?? '');
+$cs_alibaba = str_replace(':', ':', $cs_alibaba);
+$cs_alibaba = str_replace('ID:', '', $cs_alibaba);
+$cs_address = textEncode($_POST['cs_address'] ?? '');
+$cs_type = textEncode($_POST['cs_type'] ?? '');
+$cs_belongclient = $_POST['cs_belongclient'] ?? '';
+$cs_addtime = $_POST['cs_addtime'] ?? '';
+$cs_updatetime = date('Y-m-d H:i:s');
+$cs_belong = $_SESSION['employee_id'];
+$cs_state = 1;
+$cs_deal = $_POST['cs_deal'] ?? '';
+$cs_telformat = numFormat($_POST['cs_tel'] ?? '');
+$cs_whatsappformat = numFormat($_POST['cs_whatsapp'] ?? '');
+$allowedit = $_POST['Permissions'] ?? '0';
+
+// Validate numeric values
+$allowedit = is_numeric($allowedit) ? $allowedit : 0;
+$cs_country = (is_numeric($cs_country) && $cs_country !== '') ? $cs_country : 0;
+$cs_from = (is_numeric($cs_from) && $cs_from !== '') ? $cs_from : 0;
+$cs_deal = (is_numeric($cs_deal) && $cs_deal !== '') ? $cs_deal : 1;
+$cs_type = (is_numeric($cs_type) && $cs_type !== '') ? $cs_type : 5;
+$cs_belongClient = (is_numeric($cs_belongclient) && $cs_belongclient !== '') ? $cs_belongclient : 0;
+
+$cs_note = htmlEncode($_POST['cs_note'] ?? '');
+$mytag = textEncode($_POST['mytag'] ?? '');
+$mytag = str_replace(['&#60;&#47;span&#62;&#60;span&#62;', '&#60;&#47;span&#62;', '&#60;span&#62;'], [',', '', ''], $mytag);
+$mytag = explode(',', $mytag);
+
+// Auto-detect source from code
+if (strpos($cs_code, ';1688') !== false) {
+    $cs_from = 1; // 1688
+}
+if (strpos($cs_code, ';阿里') !== false) {
+    $cs_from = 2; // International station
+}
+
+// Validation checks
+if ($allowedit != 1) {
+    // Alibaba validation
+    if (($cs_from == 1 || $cs_from == 2) && empty($cs_alibaba)) {
+        echo "<script>alert('阿里旺旺为必填项');history.back();</script>";
+        exit;
+    }
+
+    // Website source validation
+    if (strpos($cs_code, '官网') !== false) {
+        $cs_from = 3;
+    }
+
+    if ($cs_from == 3 && empty($cs_tel) && empty($cs_whatsapp) && empty($cs_wechat)) {
+        echo "<script>alert('电话和WhatsApp为必填项');history.back();</script>";
+        exit;
+    }
+
+    // Market customer validation
+    if ($cs_from == 8 && empty($cs_wechat)) {
+        echo "<script>alert('微信为必填项');history.back();</script>";
+        exit;
+    }
+
+    // Facebook validation
+    if ($cs_from == 12 && empty($cs_facebook)) {
+        echo "<script>alert('Facebook为必填项');history.back();</script>";
+        exit;
+    }
+}
+
+// Determine action type
+$act = empty($id) || !is_numeric($id) ? 'addSave' : 'editSave';
+
+if ($act === 'editSave') {
+    // Verify customer ownership
+    $stmt = $conn->prepare("SELECT cs_belong FROM Customer WHERE id = ?");
+    $stmt->bind_param("i", $id);
+    $stmt->execute();
+    $result = $stmt->get_result();
+    
+    if ($row = $result->fetch_assoc()) {
+        if ($row['cs_belong'] != $cs_belong) {
+            echo "<script>alert('抱歉，该客户属于另一业务,你没有权限修改');history.back();</script>";
+            exit;
+        }
+    } else {
+        echo "<script>alert('没有此客户!');history.back();</script>";
+        exit;
+    }
+}
+
+// Validate customer code
+if (empty($cs_code)) {
+    echo "<script>alert('客户编码不能为空');history.back();</script>";
+    exit;
+}
+
+// Check for duplicate customer information
+$checkStr = "SELECT * FROM Customer WHERE cs_belong != " . $_SESSION['employee_id'] . " AND (id = 0 ";
+
+$Dupli = "";
+
+if (!empty($cs_tel)) {
+    $checkStr .= " OR cs_telformat LIKE '%" . substr($cs_telformat, 3, 9) . "%'" . 
+                 " OR cs_wechat LIKE '%" . substr($cs_telformat, 3, 9) . "%'" . 
+                 " OR cs_whatsappformat LIKE '%" . $cs_telformat . "%'";
+    $Dupli .= "电话:" . $cs_tel;
+}
+
+if (!empty($cs_email)) {
+    $checkStr .= " OR cs_email = '" . $conn->real_escape_string($cs_email) . "'";
+    $Dupli .= "邮箱:" . $cs_email;
+}
+
+if (!empty($cs_whatsapp)) {
+    $checkStr .= " OR cs_whatsappformat LIKE '%" . substr($cs_whatsappformat, 3, 9) . "%'" . 
+                 " OR cs_telformat LIKE '%" . substr($cs_whatsappformat, 3, 9) . "%'";
+    $Dupli .= "WhatsApp:" . $cs_whatsapp;
+}
+
+if (!empty($cs_wechat)) {
+    if (strlen($cs_wechat) < 10) {
+        $checkStr .= " OR cs_wechat LIKE '%" . $conn->real_escape_string($cs_wechat) . "%'" . 
+                    " OR cs_telformat LIKE '%" . $conn->real_escape_string($cs_wechat) . "%'";
+    } else {
+        $checkStr .= " OR cs_wechat LIKE '%" . substr($cs_wechat, 2, 12) . "%'" . 
+                    " OR cs_telformat LIKE '%" . substr($cs_wechat, 2, 12) . "%'";
+    }
+    $Dupli .= "微信:" . $cs_wechat;
+}
+
+if (!empty($cs_linkedin)) {
+    $checkStr .= " OR cs_linkedin LIKE '%" . $conn->real_escape_string($cs_linkedin) . "%'";
+    $Dupli .= "Linked:" . $cs_linkedin;
+}
+
+if (!empty($cs_facebook)) {
+    $checkStr .= " OR cs_facebook LIKE '%" . $conn->real_escape_string($cs_facebook) . "%'";
+    $Dupli .= "Facebook:" . $cs_facebook;
+}
+
+if (!empty($cs_alibaba)) {
+    if (strlen($cs_alibaba) < 10) {
+        $checkStr .= " OR cs_alibaba LIKE '" . $conn->real_escape_string($cs_alibaba) . "'";
+    } else {
+        $checkStr .= " OR cs_alibaba LIKE '%" . substr($cs_alibaba, 3, 12) . "%'";
+    }
+    $Dupli .= "阿里旺旺:" . $cs_alibaba;
+}
+
+$checkStr .= " ) ORDER BY id ASC";
+
+if ($allowedit != 1) {
+    $result = $conn->query($checkStr);
+    if ($result && $result->num_rows > 0) {
+        $row = $result->fetch_assoc();
+        
+        // Get owner name
+        $ownerResult = $conn->query("SELECT em_user FROM employee WHERE id = " . $row['cs_belong']);
+        $ownerRow = $ownerResult->fetch_assoc();
+        $owner = textUncode($ownerRow['em_user']);
+        
+        // Determine who entered first
+        if (strtotime($cs_addtime) > strtotime($row['cs_addtime'])) {
+            $tstr = "INSERT INTO logRecord (loginName, loginIp, loginTime, loginAct) VALUES ('" .
+                   $_SESSION['employee_name'] . "', '" . getIp() . "', '" . date('Y-m-d H:i:s') . "', '" .
+                   $_SESSION['employee_name'] . "编辑客户\"" . $cs_code . "\"，该客户与\"" . 
+                   textUncode($row['cs_code']) . "\"高度类似，<br>重复项为:" . $Dupli . "<br>客户由:" .
+                   $_SESSION['employee_name'] . $cs_addtime . "首次录入')";
+        } else {
+            $tstr = "INSERT INTO logRecord (loginName, loginIp, loginTime, loginAct) VALUES ('" .
+                   $_SESSION['employee_name'] . "', '" . getIp() . "', '" . date('Y-m-d H:i:s') . "', '" .
+                   $_SESSION['employee_name'] . "编辑客户\"" . $cs_code . "\"，该客户与\"" . 
+                   textUncode($row['cs_code']) . "\"高度类似，<br>重复项为:" . $Dupli . "<br>客户由:" .
+                   $owner . $row['cs_addtime'] . "首次录入')";
+        }
+        
+        $conn->query($tstr);
+        echo "<script>alert('录入信息\\n与" . $owner . "客户编号:" . textUncode($row['cs_code']) . 
+             "\\n高度类似，未能保存，请联系管理员核实！');history.back();</script>";
+        exit;
+    }
+}
+
+// Save or update customer data
+if ($act == "editSave" || $allowedit == 1) {
+    $hrefstr = "/customers.php?Keys=" . $keys . "&fliterBusiness=" . $fliterBusiness . 
+               "&fliterDeal=" . $fliterDeal . "&Page=" . $page;
+    
+    // 直接使用SQL拼接，与ASP版本保持一致
+    $updateSql = "UPDATE Customer SET 
+        cs_code='" . $conn->real_escape_string($cs_code) . "',
+        cs_company='" . $conn->real_escape_string($cs_company) . "',
+        cs_name='" . $conn->real_escape_string($cs_name) . "',
+        cs_country=" . $cs_country . ",
+        cs_from=" . $cs_from . ",
+        cs_tel='" . $conn->real_escape_string($cs_tel) . "',
+        cs_wechat='" . $conn->real_escape_string($cs_wechat) . "',
+        cs_whatsapp='" . $conn->real_escape_string($cs_whatsapp) . "',
+        cs_email='" . $conn->real_escape_string($cs_email) . "',
+        cs_linkedin='" . $conn->real_escape_string($cs_linkedin) . "',
+        cs_facebook='" . $conn->real_escape_string($cs_facebook) . "',
+        cs_address='" . $conn->real_escape_string($cs_address) . "',
+        cs_type=" . $cs_type . ",
+        cs_alibaba='" . $conn->real_escape_string($cs_alibaba) . "',
+        cs_updatetime='" . $cs_updatetime . "',
+        cs_belong=" . $cs_belong . ",
+        cs_belongclient=" . $cs_belongClient . ",
+        cs_state=" . $cs_state . ",
+        cs_telformat='" . $conn->real_escape_string($cs_telformat) . "',
+        cs_whatsappformat='" . $conn->real_escape_string($cs_whatsappformat) . "',
+        cs_deal=" . $cs_deal . ",
+        cs_note='" . $conn->real_escape_string($cs_note) . "'";
+
+    // 处理cs_dealdate
+    if ($cs_deal == 3) {
+        $updateSql .= ", cs_dealdate = CASE WHEN cs_dealdate IS NULL THEN NOW() ELSE cs_dealdate END";
+    }
+    
+    $updateSql .= " WHERE id=" . intval($id);
+
+    $conn->query($updateSql);
+
+    // Update tags
+    $conn->query("DELETE FROM tagTable WHERE customerId = " . intval($id));
+    foreach ($mytag as $tag) {
+        if (!empty(trim($tag))) {
+            $tagSql = "INSERT INTO tagTable (tagName, employeeId, customerId) VALUES ('" . 
+                     $conn->real_escape_string($tag) . "', " . 
+                     intval($_SESSION['employee_id']) . ", " . 
+                     intval($id) . ")";
+            $conn->query($tagSql);
+        }
+    }
+
+    echo "<script>location.href='$hrefstr';</script>";
+} else {
+    // Insert new customer using direct SQL
+    $insertSql = "INSERT INTO Customer (
+        cs_code, cs_company, cs_name, cs_country, cs_from, cs_tel, cs_wechat, 
+        cs_whatsapp, cs_email, cs_linkedin, cs_facebook, cs_alibaba, cs_address,
+        cs_telBu, cs_wechatBu, cs_whatsappBu, cs_emailBu, cs_linkedinBu, 
+        cs_facebookBu, cs_alibabaBu, cs_type, cs_addtime, cs_updatetime, 
+        cs_belong, cs_belongClient, cs_state, cs_telformat, cs_whatsappformat,
+        cs_deal, cs_note, cs_chain, is_silent, cs_dealdate
+    ) VALUES (
+        '" . $conn->real_escape_string($cs_code) . "',
+        '" . $conn->real_escape_string($cs_company) . "',
+        '" . $conn->real_escape_string($cs_name) . "',
+        " . $cs_country . ",
+        " . $cs_from . ",
+        '" . $conn->real_escape_string($cs_tel) . "',
+        '" . $conn->real_escape_string($cs_wechat) . "',
+        '" . $conn->real_escape_string($cs_whatsapp) . "',
+        '" . $conn->real_escape_string($cs_email) . "',
+        '" . $conn->real_escape_string($cs_linkedin) . "',
+        '" . $conn->real_escape_string($cs_facebook) . "',
+        '" . $conn->real_escape_string($cs_alibaba) . "',
+        '" . $conn->real_escape_string($cs_address) . "',
+        '" . $conn->real_escape_string($cs_tel) . "',
+        '" . $conn->real_escape_string($cs_wechat) . "',
+        '" . $conn->real_escape_string($cs_whatsapp) . "',
+        '" . $conn->real_escape_string($cs_email) . "',
+        '" . $conn->real_escape_string($cs_linkedin) . "',
+        '" . $conn->real_escape_string($cs_facebook) . "',
+        '" . $conn->real_escape_string($cs_alibaba) . "',
+        " . $cs_type . ",
+        NOW(),
+        NOW(),
+        " . $cs_belong . ",
+        " . $cs_belongClient . ",
+        " . $cs_state . ",
+        '" . $conn->real_escape_string($cs_telformat) . "',
+        '" . $conn->real_escape_string($cs_whatsappformat) . "',
+        " . $cs_deal . ",
+        '" . $conn->real_escape_string($cs_note) . "',
+        " . $cs_belong . ",
+        0,
+        " . ($cs_deal == 3 ? "NOW()" : "NULL") . "
+    )";
+
+    $conn->query($insertSql);
+    $id = $conn->insert_id;
+
+    // Save tags for new customer
+    foreach ($mytag as $tag) {
+        if (!empty(trim($tag))) {
+            $tagSql = "INSERT INTO tagTable (tagName, employeeId, customerId) VALUES ('" . 
+                     $conn->real_escape_string($tag) . "', " . 
+                     intval($_SESSION['employee_id']) . ", " . 
+                     intval($id) . ")";
+            $conn->query($tagSql);
+        }
+    }
+
+    echo "<script>location.href='customerAdd.php';</script>";
+}
+?>
+</body>
+</html> 

customerView.php

@@ -0,0 +1,155 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+    <script src="system/xheditor-1.1.9/xheditor-1.1.9-zh-cn.min.js"></script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+<?php
+$id = $_GET['id'] ?? '';
+$page = $_GET['Page'] ?? '';
+$keys = urlencode($_GET['Keys'] ?? '');
+$ord = urlencode($_GET['Ord'] ?? '');
+$hrefstr = "?keys=" . $keys . "&Ord=" . $ord . "&Page=" . $page;
+
+if (!empty($id) && is_numeric($id)) {
+    $sql = "SELECT * FROM customer 
+            WHERE cs_belong IN (SELECT id FROM employee WHERE em_role=" . $_SESSION['employee_id'] . ") 
+            AND customer.id=" . (int)$id;
+            
+    $result = $conn->query($sql);
+    
+    if ($result && $row = $result->fetch_assoc()) {
+        $cs_company = textUncode($row['cs_company']);
+        $cs_name = textUncode($row['cs_name']);
+        $cs_country = textUncode($row['cs_country']);
+        $cs_tel = textUncode($row['cs_tel']);
+        $cs_email = textUncode($row['cs_email']);
+        $cs_whatsapp = textUncode($row['cs_whatsapp']);
+        $cs_wechat = textUncode($row['cs_wechat']);
+        $cs_linkedin = textUncode($row['cs_linkedin']);
+        $cs_facebook = textUncode($row['cs_facebook']);
+        $cs_alibaba = textUncode($row['cs_alibaba']);
+        $cs_address = textUncode($row['cs_address']);
+        $cs_code = textUncode($row['cs_code']);
+        $cs_deal = textUncode($row['cs_deal']);
+        $cs_addtime = $row['cs_addtime'];
+        $cs_updatetime = $row['cs_updatetime'];
+        $cs_from = $row['cs_from'];
+        $cs_note = $row['cs_note'];
+?>
+    <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+        <tbody>
+            <tr>
+                <th width="8%">客户编号</th>
+                <td><?= htmlspecialchars($cs_code) ?></td>
+            </tr>
+            <tr>
+                <th width="8%">公司名称</th>
+                <td><?= htmlspecialchars($cs_company) ?></td>
+            </tr>
+            <tr>
+                <th width="8%">联系人</th>
+                <td><?= htmlspecialchars($cs_name) ?></td>
+            </tr>
+            <tr>
+                <th width="8%">地区</th>
+                <td>
+                    <?php
+                    $countryResult = $conn->query("SELECT countryCode, countryName FROM country WHERE countryCode='" . 
+                                                $conn->real_escape_string($cs_country) . "'");
+                    if ($countryRow = $countryResult->fetch_assoc()) {
+                        echo "(+" . htmlspecialchars($countryRow['countryCode']) . ")" . 
+                             htmlspecialchars($countryRow['countryName']);
+                    }
+                    ?>
+                </td>
+            </tr>
+            <tr>
+                <th width="8%">客户来源</th>
+                <td>
+                    <?php
+                    $qudaoResult = $conn->query("SELECT id, ch_name FROM qudao WHERE id=" . (int)$cs_from);
+                    if ($qudaoRow = $qudaoResult->fetch_assoc()) {
+                        echo htmlspecialchars($qudaoRow['ch_name']);
+                    }
+                    ?>
+                </td>
+            </tr>
+            <tr>
+                <th rowspan="7">联系方式</th>
+                <td><?= htmlspecialchars($cs_tel) ?></td>
+            </tr>
+            <tr>
+                <td><span class="wechat"><?= htmlspecialchars($cs_wechat) ?></span></td>
+            </tr>
+            <tr>
+                <td><span class="whatsapp"><?= htmlspecialchars($cs_whatsapp) ?></span></td>
+            </tr>
+            <tr>
+                <td><span class="mail"><?= htmlspecialchars($cs_email) ?></span></td>
+            </tr>
+            <tr>
+                <td><span class="linkedin"><?= htmlspecialchars($cs_linkedin) ?></span></td>
+            </tr>
+            <tr>
+                <td><span class="facebook"><?= htmlspecialchars($cs_facebook) ?></span></td>
+            </tr>
+            <tr>
+                <td><span class="alibaba"><?= htmlspecialchars($cs_alibaba) ?></span></td>
+            </tr>
+            <tr>
+                <th width="8%">地址</th>
+                <td><?= htmlspecialchars($cs_address) ?></td>
+            </tr>
+            <tr>
+                <th>是否成交</th>
+                <td>
+                    <?php
+                    if ($cs_deal == 1) {
+                        echo "<span style='color:red;'>已经成交</span>";
+                    } elseif ($cs_deal == 2) {
+                        echo "无响应";
+                    } else {
+                        echo "未成交";
+                    }
+                    ?>
+                </td>
+            </tr>
+            <tr>
+                <th width="8%">备注</th>
+                <td><?= htmlUnCode($cs_note) ?></td>
+            </tr>
+            <tr>
+                <th></th>
+                <td>
+                    <input type="button" value="返回" class="btn1" 
+                           onClick="location.href='subcustomers.php<?= $hrefstr ?>'" />
+                </td>
+            </tr>
+        </tbody>
+    </table>
+<?php
+    } else {
+        echo "<script>alert('客户不存在或你没权限查看！');history.back();</script>";
+        exit;
+    }
+} else {
+    echo "<script>alert('客户不存在!');history.back();</script>";
+    header("Location: " . $hrefstr);
+    exit;
+}
+?>
+</div>
+</body>
+</html> 

customers.php

@@ -0,0 +1,590 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+
+// 辅助函数
+function textEncode($str) {
+    return htmlspecialchars($str, ENT_QUOTES, 'UTF-8');
+}
+
+function textDecode($str) {
+    return htmlspecialchars_decode($str, ENT_QUOTES);
+}
+
+function htmlEncode($str) {
+    return htmlspecialchars($str, ENT_QUOTES, 'UTF-8');
+}
+
+function htmlDecode($str) {
+    return htmlspecialchars_decode($str, ENT_QUOTES);
+}
+
+$act = $_GET['act'] ?? '';
+$urlStr = '';
+
+// 处理保存操作
+if ($act == "save") {
+    $isedit = false;
+    $id = $_POST['id'] ?? '';
+    if (!empty($id) && is_numeric($id)) {
+        $isedit = true;
+    }
+    
+    // 获取表单数据
+    $cs_code = textEncode($_POST['cs_code']);
+    $cs_company = textEncode($_POST['cs_company']);
+    $cs_name = textEncode($_POST['cs_name']);
+    $cs_belong = $_POST['cs_belong'];
+    $cs_country = $_POST['cs_country'];
+    $cs_from = $_POST['cs_from'];
+    $cs_tel = textEncode($_POST['cs_tel']);
+    $cs_email = textEncode($_POST['cs_email']);
+    $cs_whatsapp = textEncode($_POST['cs_whatsapp']);
+    $cs_wechat = textEncode($_POST['cs_wechat']);
+    $cs_linkedin = textEncode($_POST['cs_linkedin']);
+    $cs_facebook = textEncode($_POST['cs_facebook']);
+    $cs_alibaba = textEncode($_POST['cs_alibaba']);
+    $cs_state = $_POST['cs_state'];
+    $cs_deal = $_POST['cs_deal'];
+    $no_content = htmlEncode($_POST['no_content']);
+    $allowedit = isset($_POST['allowedit']) ? 1 : 0;
+
+    if ($isedit) {
+        // 更新现有记录
+        $sql = "SELECT cs_chain FROM customer WHERE id = $id";
+        $result = mysqli_query($conn, $sql);
+        if ($row = mysqli_fetch_assoc($result)) {
+            $cs_chain = $row['cs_chain'];
+            $chain_array = explode(',', $cs_chain);
+            $last_item = end($chain_array);
+            
+            if ($last_item != $cs_belong) {
+                $cs_chain .= ",$cs_belong";
+            }
+            
+            $sql = "UPDATE customer SET 
+                    cs_code = '$cs_code',
+                    cs_company = '$cs_company',
+                    cs_name = '$cs_name',
+                    cs_belong = '$cs_belong',
+                    cs_country = '$cs_country',
+                    cs_from = '$cs_from',
+                    cs_tel = '$cs_tel',
+                    cs_email = '$cs_email',
+                    cs_whatsapp = '$cs_whatsapp',
+                    cs_wechat = '$cs_wechat',
+                    cs_linkedin = '$cs_linkedin',
+                    cs_facebook = '$cs_facebook',
+                    cs_alibaba = '$cs_alibaba',
+                    cs_state = '$cs_state',
+                    cs_deal = '$cs_deal',
+                    cs_note = '$no_content',
+                    allowedit = $allowedit,
+                    cs_chain = '$cs_chain',
+                    cs_updatetime = NOW()
+                    WHERE id = $id";
+                    
+            mysqli_query($conn, $sql);
+            
+            $page = $_GET['Page'] ?? '';
+            $keys = urlencode($_GET['Keys'] ?? '');
+            header("Location: ?keys=$keys&Page=$page$urlStr");
+            exit;
+        }
+    }
+}
+
+// 处理编辑操作
+if ($act == "edit") {
+    $id = $_GET['id'] ?? '';
+    $isedit = false;
+    if (!empty($id) && is_numeric($id)) {
+        $isedit = true;
+    }
+    
+    if ($isedit) {
+        $sql = "SELECT c.*, n.c_code FROM customer c 
+                LEFT JOIN myNote n ON c.cs_code = n.c_code 
+                WHERE c.id = $id";
+        $result = mysqli_query($conn, $sql);
+        if ($row = mysqli_fetch_assoc($result)) {
+            $cs_code = textDecode($row['cs_code']);
+            $cs_company = textDecode($row['cs_company']);
+            $cs_name = textDecode($row['cs_name']);
+            $cs_country = $row['cs_country'];
+            $cs_from = $row['cs_from'];
+            $cs_tel = textDecode($row['cs_tel']);
+            $cs_telBu = textDecode($row['cs_telBu']);
+            $cs_email = textDecode($row['cs_email']);
+            $cs_emailBu = textDecode($row['cs_emailBu']);
+            $cs_whatsapp = textDecode($row['cs_whatsapp']);
+            $cs_whatsappBu = textDecode($row['cs_whatsappBu']);
+            $cs_wechat = textDecode($row['cs_wechat']);
+            $cs_wechatBu = textDecode($row['cs_wechatBu']);
+            $cs_linkedin = textDecode($row['cs_linkedin']);
+            $cs_linkedinBu = textDecode($row['cs_linkedinBu']);
+            $cs_facebook = textDecode($row['cs_facebook']);
+            $cs_facebookBu = textDecode($row['cs_facebookBu']);
+            $cs_alibaba = textDecode($row['cs_alibaba']);
+            $cs_alibabaBu = textDecode($row['cs_alibabaBu']);
+            $cs_address = textDecode($row['cs_address']);
+            $cs_addtime = $row['cs_addtime'];
+            $cs_updatetime = $row['cs_updatetime'];
+            $cs_belong = $row['cs_belong'];
+            $cs_state = $row['cs_state'];
+            $cs_deal = $row['cs_deal'];
+            $cs_note = htmlDecode($row['cs_note']);
+            $allowedit = $row['allowedit'];
+        }
+    }
+}
+
+// 处理批量操作
+if ($act == "postchk") {
+    if (isset($_POST['chkbox']) && isset($_POST['chkact'])) {
+        $chkact = $_POST['chkact'];
+        $ids = implode(',', array_map('intval', $_POST['chkbox']));
+        
+        switch($chkact) {
+            case "0":
+            case "1":
+                $sql = "UPDATE customer SET cs_state = $chkact WHERE id IN ($ids)";
+                break;
+            case "-1":
+                $sql = "DELETE FROM customer WHERE id IN ($ids)";
+                break;
+        }
+        
+        if (isset($sql)) {
+            mysqli_query($conn, $sql);
+        }
+        
+        $keys = urlencode($_GET['Keys'] ?? '');
+        $page = $_GET['Page'] ?? '';
+        header("Location: ?keys=$keys&Page=$page$urlStr");
+        exit;
+    }
+}
+
+// 处理筛选条件
+$fliterQudao = $_GET['fliterQudao'] ?? '';
+$fliterDeal = $_GET['fliterDeal'] ?? '';
+$fliterTeam = $_GET['fliterTeam'] ?? '';
+$fliterContact = $_GET['fliterContact'] ?? '';
+$fliterEmployee = $_GET['fliterEmployee'] ?? '';
+
+$fliterStr = "";
+
+if (!empty($fliterQudao)) {
+    $fliterStr .= " AND cs_from = " . intval($fliterQudao);
+    $urlStr .= "&fliterQudao=" . $fliterQudao;
+}
+
+if (!empty($fliterDeal)) {
+    $fliterStr .= " AND cs_deal = " . intval($fliterDeal);
+    $urlStr .= "&fliterDeal=" . $fliterDeal;
+}
+
+if (!empty($fliterTeam)) {
+    $fliterStr .= " AND (cs_belong = " . intval($fliterTeam) . 
+                  " OR cs_belong IN (SELECT id FROM employee WHERE em_role = " . intval($fliterTeam) . "))";
+    $urlStr .= "&fliterTeam=" . $fliterTeam;
+}
+
+if (!empty($fliterEmployee)) {
+    $fliterStr .= " AND cs_belong = " . intval($fliterEmployee);
+    $urlStr .= "&fliterEmployee=" . $fliterEmployee;
+}
+
+if (!empty($fliterContact)) {
+    switch($fliterContact) {
+        case "1": $fliterStr .= " AND cs_tel != ''"; break;
+        case "2": $fliterStr .= " AND cs_wechat != ''"; break;
+        case "3": $fliterStr .= " AND cs_whatsapp != ''"; break;
+        case "4": $fliterStr .= " AND cs_email != ''"; break;
+        case "5": $fliterStr .= " AND cs_linkedin != ''"; break;
+        case "6": $fliterStr .= " AND cs_facebook != ''"; break;
+        case "7": $fliterStr .= " AND cs_alibaba != ''"; break;
+    }
+    $urlStr .= "&fliterContact=" . $fliterContact;
+}
+
+// 搜索和排序
+$keys = $_GET['Keys'] ?? '';
+$keyscode = textEncode($keys);
+$page = $_GET['Page'] ?? 1;
+$ord = $_GET['Ord'] ?? '';
+
+$ordStr = !empty($ord) ? "$ord," : "";
+
+// 构建查询SQL
+$sqlStr = "SELECT id, cs_code, cs_name, cs_country, cs_address, cs_tel, cs_email, 
+           cs_whatsapp, cs_wechat, cs_linkedin, cs_facebook, cs_addtime, cs_alibaba,
+           cs_from, cs_deal, cs_updatetime, cs_belong, cs_note, cs_claimFrom, cs_chain, 
+           cs_dealdate 
+           FROM customer 
+           WHERE (cs_code LIKE '%$keyscode%' 
+           OR cs_name LIKE '%$keyscode%' 
+           OR cs_wechat LIKE '%$keyscode%' 
+           OR cs_alibaba LIKE '%$keyscode%' 
+           OR cs_telformat LIKE '%$keyscode%' 
+           OR cs_whatsappformat LIKE '%$keyscode%' 
+           OR cs_email LIKE '%$keyscode%') 
+           $fliterStr 
+           ORDER BY ${ordStr}cs_updatetime DESC";
+
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+    <script language="javascript" src="js/jquery-1.7.2.min.js"></script>
+    <script type="text/javascript" src="js/js.js"></script>
+    <script type="text/javascript" src="xheditor-1.1.9/xheditor-1.1.9-zh-cn.min.js"></script>
+    <script>
+    $(document).ready(function(){
+        $('.txt2').xheditor({
+            tools:'full',
+            hoverExecDelay:-1,
+            urlBase:'system/',
+            upLinkUrl:"upload.php",
+            upLinkExt:"zip,rar,txt,pdf",
+            upImgUrl:"upload.php",
+            upImgExt:"jpg,jpeg,gif,png",
+            upFlashUrl:"upload.php",
+            upFlashExt:"swf",
+            upMediaUrl:"upload.php",
+            upMediaExt:"wmv,avi,wma,mp3,mid"
+        });
+    });
+    </script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+<?php
+$keys = $_GET['Keys'] ?? '';
+$keys = str_replace([" ", "+"], "", $keys);
+$keyscode = textEncode($keys);
+$page = $_GET['Page'] ?? 1;
+
+$filters = [
+    'Country' => $_GET['fliterCountry'] ?? '',
+    'Qudao' => $_GET['fliterQudao'] ?? '',
+    'Deal' => $_GET['fliterDeal'] ?? '',
+    'Business' => $_GET['fliterBusiness'] ?? '',
+    'Contact' => $_GET['fliterContact'] ?? ''
+];
+
+$filterStr = "";
+$urlStr = "";
+
+// Build filter conditions
+if (!empty($filters['Country'])) {
+    $filterStr .= " AND cs_country=" . (int)$filters['Country'];
+    $urlStr .= "&fliterCountry=" . $filters['Country'];
+}
+
+if (!empty($filters['Qudao'])) {
+    $filterStr .= " AND cs_from=" . (int)$filters['Qudao'];
+    $urlStr .= "&fliterQudao=" . $filters['Qudao'];
+}
+
+if (!empty($filters['Deal'])) {
+    $filterStr .= " AND cs_deal=" . (int)$filters['Deal'];
+    $urlStr .= "&fliterDeal=" . $filters['Deal'];
+}
+
+if (!empty($filters['Business'])) {
+    $filterStr .= " AND cs_type=" . (int)$filters['Business'];
+    $urlStr .= "&fliterBusiness=" . $filters['Business'];
+}
+
+if (!empty($filters['Contact'])) {
+    switch ($filters['Contact']) {
+        case "1": $filterStr .= " AND cs_tel<>''"; break;
+        case "2": $filterStr .= " AND cs_wechat<>''"; break;
+        case "3": $filterStr .= " AND cs_whatsapp<>''"; break;
+        case "4": $filterStr .= " AND cs_email<>''"; break;
+        case "5": $filterStr .= " AND cs_linkedin<>''"; break;
+        case "6": $filterStr .= " AND cs_facebook<>''"; break;
+        default: $filterStr .= " AND cs_alibaba<>''";
+    }
+    $urlStr .= "&fliterContact=" . $filters['Contact'];
+}
+
+$keys = urlencode($keys);
+$hrefstr = "?keys=" . $keys;
+?>
+
+<form id="form1" method="post" action="?act=postchk&Keys=<?= $keys ?>&Page=<?= $page ?>" onSubmit="return false">
+    <div class="fastSelect clear">
+        <H1>搜索条件</H1>
+        <div class="selectItem">
+            <label>区域</label>
+            <select name="fliterCountry" class="filterSearch">
+                <option value="">请选择国家地区</option>
+                <?php
+                $result = $conn->query("SELECT id, countryName FROM country");
+                while ($row = $result->fetch_assoc()) {
+                    $selected = ($filters['Country'] == $row['id']) ? ' selected' : '';
+                    echo "<option value=\"{$row['id']}\"$selected>{$row['countryName']}</option>";
+                }
+                ?>
+            </select>
+        </div>
+        <div class="selectItem">
+            <label>来源渠道</label>
+            <select name="fliterQudao" class="filterSearch">
+                <option value="">请选择渠道</option>
+                <?php
+                $result = $conn->query("SELECT id, ch_name FROM qudao");
+                while ($row = $result->fetch_assoc()) {
+                    $selected = ($filters['Qudao'] == $row['id']) ? ' selected' : '';
+                    echo "<option value=\"{$row['id']}\"$selected>{$row['ch_name']}</option>";
+                }
+                ?>
+            </select>
+        </div>
+        <div class="selectItem">
+            <label>跟进阶段</label>
+            <select name="fliterDeal" class="filterSearch">
+                <option value="">请选择</option>
+                <option value="1"<?= ($filters['Deal'] == "1") ? ' selected' : '' ?>>背景调查</option>
+                <option value="2"<?= ($filters['Deal'] == "2") ? ' selected' : '' ?>>明确需求</option>
+                <option value="3"<?= ($filters['Deal'] == "3") ? ' selected' : '' ?>>已成交</option>
+            </select>
+        </div>
+        <div class="selectItem">
+            <label>客户类型</label>
+            <select name="fliterBusiness" class="filterSearch">
+                <option value="">请选择</option>
+                <?php
+                $result = $conn->query("SELECT id, businessType FROM clientType");
+                while ($row = $result->fetch_assoc()) {
+                    $selected = ($filters['Business'] == $row['id']) ? ' selected' : '';
+                    echo "<option value=\"{$row['id']}\"$selected>{$row['businessType']}</option>";
+                }
+                ?>
+            </select>
+        </div>
+        <div class="selectItem">
+            <label>联系方式</label>
+            <select name="fliterContact" class="filterSearch">
+                <option value="">请选择</option>
+                <option value="1"<?= ($filters['Contact'] == "1") ? ' selected' : '' ?>>电话</option>
+                <option value="2"<?= ($filters['Contact'] == "2") ? ' selected' : '' ?>>微信</option>
+                <option value="3"<?= ($filters['Contact'] == "3") ? ' selected' : '' ?>>WhatsApp</option>
+                <option value="4"<?= ($filters['Contact'] == "4") ? ' selected' : '' ?>>邮箱</option>
+                <option value="5"<?= ($filters['Contact'] == "5") ? ' selected' : '' ?>>领英</option>
+                <option value="6"<?= ($filters['Contact'] == "6") ? ' selected' : '' ?>>Facebook</option>
+                <option value="7"<?= ($filters['Contact'] == "7") ? ' selected' : '' ?>>阿里巴巴</option>
+            </select>
+        </div>
+        <div class="inputSearch">
+            <input type="text" id="keys" class="inputTxt" 
+                value="<?= empty($keyscode) ? '请输入搜索关键词' : $keyscode ?>" 
+                onFocus="if(this.value == '<?= empty($keyscode) ? '请输入搜索关键词' : $keyscode ?>'){this.value='';}" 
+                onBlur="if(this.value == ''){this.value='<?= empty($keyscode) ? '请输入搜索关键词' : $keyscode ?>';}" 
+                onKeyDown="if(event.keyCode==13){location.href='?Keys='+escape(document.getElementById('keys').value)}" />
+            <input type="button" id="searchgo" class="searchgo" value="go" 
+                onClick="location.href='?Keys='+escape(document.getElementById('keys').value)" />
+        </div>
+    </div>
+
+    <div class="table2 em<?= $_SESSION['employee_id'] ?>">
+        <div class="theader">
+            <div class="col1"><input type="checkbox" name="chkall" id="chkall" onClick="chkboxall(this,'chkbox')" /></div>
+            <div class="col2">序号</div>
+            <div class="col3">客户编号</div>
+            <div class="col4">渠道来源</div>
+            <div class="col5">区域</div>
+            <div class="col6">客户类型</div>
+            <div class="col6">跟进阶段</div>
+            <div class="colmark">颜色标记</div>
+            <div class="col6">录入时间</div>
+            <div class="col9">操作</div>
+        </div>
+
+        <?php
+        $sql = "SELECT id, cs_code, cs_from, cs_country, cs_type, cs_deal, cs_addtime, 
+                cs_tel, cs_email, cs_whatsapp, cs_wechat, cs_linkedin, cs_facebook, 
+                cs_alibaba, colortag, cs_note, cs_claimFrom 
+                FROM customer 
+                WHERE is_silent=0 AND cs_deal>0 AND cs_belong=? 
+                AND (cs_code LIKE ? OR cs_name LIKE ? OR cs_email LIKE ? 
+                OR cs_wechat LIKE ? OR cs_telformat LIKE ? 
+                OR cs_whatsappformat LIKE ? OR cs_code LIKE ?) 
+                $filterStr 
+                ORDER BY colortag DESC, id DESC";
+
+        $stmt = $conn->prepare($sql);
+        $searchPattern = "%$keyscode%";
+        $stmt->bind_param("isssssss", 
+            $_SESSION['employee_id'],
+            $searchPattern, $searchPattern, $searchPattern,
+            $searchPattern, $searchPattern, $searchPattern,
+            $searchPattern
+        );
+
+        $stmt->execute();
+        $result = $stmt->get_result();
+
+        // Pagination logic
+        $perPage = 20;
+        $totalRecords = $result->num_rows;
+        $totalPages = ceil($totalRecords / $perPage);
+        $page = min(max(1, $page), $totalPages);
+        $offset = ($page - 1) * $perPage;
+
+        $sql .= " LIMIT $offset, $perPage";
+        $stmt = $conn->prepare($sql);
+        $stmt->bind_param("isssssss", 
+            $_SESSION['employee_id'],
+            $searchPattern, $searchPattern, $searchPattern,
+            $searchPattern, $searchPattern, $searchPattern,
+            $searchPattern
+        );
+        $stmt->execute();
+        $result = $stmt->get_result();
+
+        if ($result->num_rows > 0) {
+            $tempNum = $offset;
+            while ($row = $result->fetch_assoc()) {
+                $tempNum++;
+                ?>
+                <div class="tline color<?= $row['colortag'] ?>">
+                    <div class="col1" align="center"><input type="checkbox" name="chkbox[]" value="<?= $row['id'] ?>" /></div>
+                    <div class="col2"><?= $tempNum ?></div>
+                    <div class="col3 slidepanel"><?= $row['cs_code'] ?>
+                        <?php if ($row['cs_claimFrom'] > 0): ?>
+                            <img src="../images/yijiao.png" class="handover" title="来自认领">
+                        <?php endif; ?>
+                    </div>
+                    <div class="col4">
+                        <?php
+                        $qudao = $conn->query("SELECT ch_name FROM qudao WHERE id=" . (int)$row['cs_from']);
+                        echo $qudao->num_rows > 0 ? $qudao->fetch_assoc()['ch_name'] : '未填写';
+                        ?>
+                    </div>
+                    <div class="col5">
+                        <?php
+                        $country = $conn->query("SELECT countryName FROM country WHERE id=" . (int)$row['cs_country']);
+                        echo $country->num_rows > 0 ? $country->fetch_assoc()['countryName'] : '未填写';
+                        ?>
+                    </div>
+                    <div class="col6">
+                        <?php
+                        $clientType = $conn->query("SELECT businessType FROM clientType WHERE id=" . (int)$row['cs_type']);
+                        echo $clientType->num_rows > 0 ? $clientType->fetch_assoc()['businessType'] : '未填写';
+                        ?>
+                    </div>
+                    <div class="col6">
+                        <?php
+                        switch ($row['cs_deal']) {
+                            case 3: echo '<span style="color:red;">成交</span>'; break;
+                            case 2: echo '明确需求'; break;
+                            case 1: echo '背景调查'; break;
+                            default: echo '无响应';
+                        }
+                        ?>
+                    </div>
+                    <div class="colmark colormark">
+                        <ul class="colorlist" data-id="<?= $row['id'] ?>">
+                            <li value="1" class="color1"></li>
+                            <li value="2" class="color2"></li>
+                            <li value="3" class="color3"></li>
+                            <li value="4" class="color4"></li>
+                            <li value="0" class="color0"></li>
+                        </ul>
+                    </div>
+                    <div class="col6"><?= $row['cs_addtime'] ?></div>
+                    <div class="col9">
+                        <a href="customerEdit.php?Keys=<?= $keys ?>&fliterDeal=<?= $filters['Deal'] ?>&fliterBusiness=<?= $filters['Business'] ?>&Page=<?= $page ?>&act=edit&id=<?= $row['id'] ?>" class="ico_edit ico">修改</a>
+                    </div>
+                </div>
+                <div class="notepanel clear">
+                    <div class="noteItem">联系方式</div>
+                    <div class="lx">
+                        <div class="tel"><?= $row['cs_tel'] ?></div>
+                        <div class="mail"><a href="mailto:<?= $row['cs_email'] ?>"><?= $row['cs_email'] ?></a></div>
+                        <div class="whatsapp"><?= $row['cs_whatsapp'] ?></div>
+                        <div class="wechat"><?= $row['cs_wechat'] ?></div>
+                        <div class="linkedin"><?= $row['cs_linkedin'] ?></div>
+                        <div class="facebook"><?= $row['cs_facebook'] ?></div>
+                        <div class="alibaba"><?= $row['cs_alibaba'] ?></div>
+                    </div>
+                    <div class="noteItem2">备注</div>
+                    <div class="notecontent"><?= htmlUnCode($row['cs_note']) ?></div>
+                </div>
+                <?php
+            }
+        } else {
+            if (empty($keys)) {
+                echo '<tr><div align="center" colspan="9">Sorry，当前暂无信息</div></tr>';
+            } else {
+                echo '<tr><div align="center" colspan="9"><a href="?">Sorry，没有找到"' . 
+                     htmlspecialchars($keyscode) . '"相关的信息，点击返回</a></div></tr>';
+            }
+        }
+        ?>
+
+        <div colspan="9">
+            <div class="showpagebox">
+                <?php
+                if ($totalPages > 1) {
+                    $pageName = "?Keys=$keys$urlStr&";
+                    $pageLen = 3;
+
+                    if ($page > 1) {
+                        echo "<a href=\"{$pageName}Page=1\">首页</a>";
+                        echo "<a href=\"{$pageName}Page=" . ($page - 1) . "\">上一页</a>";
+                    }
+
+                    if ($pageLen * 2 + 1 >= $totalPages) {
+                        $startPage = 1;
+                        $endPage = $totalPages;
+                    } else {
+                        if ($page <= $pageLen + 1) {
+                            $startPage = 1;
+                            $endPage = $pageLen * 2 + 1;
+                        } else {
+                            $startPage = $page - $pageLen;
+                            $endPage = $page + $pageLen;
+                        }
+                        if ($page + $pageLen > $totalPages) {
+                            $startPage = $totalPages - $pageLen * 2;
+                            $endPage = $totalPages;
+                        }
+                    }
+
+                    for ($i = $startPage; $i <= $endPage; $i++) {
+                        if ($i == $page) {
+                            echo "<a class=\"current\">$i</a>";
+                        } else {
+                            echo "<a href=\"{$pageName}Page=$i\">$i</a>";
+                        }
+                    }
+
+                    if ($page < $totalPages) {
+                        if ($totalPages - $page > $pageLen) {
+                            echo "<a href=\"{$pageName}Page=$totalPages\">...$totalPages</a>";
+                        }
+                        echo "<a href=\"{$pageName}Page=" . ($page + 1) . "\">下一页</a>";
+                        echo "<a href=\"{$pageName}Page=$totalPages\">尾页</a>";
+                    }
+                }
+                ?>
+            </div>
+            <?php require_once 'postchkbox.php'; ?>
+        </div>
+    </div>
+</form>
+</div>
+</body>
+</html> 

customersFollow.php

@@ -0,0 +1,369 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+<?php
+$act = $_GET['act'] ?? '';
+
+if ($act == "postchk") {
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $page = $_GET['Page'] ?? '';
+    $chkact = $_POST['chkact'] ?? '';
+    
+    if (!empty($_POST['chkbox'])) {
+        $sqlStr = "";
+        foreach ($_POST['chkbox'] as $id) {
+            $sqlStr .= ($sqlStr ? " OR id=" : " WHERE id=") . (int)$id;
+        }
+        
+        switch ($chkact) {
+            case "0":
+            case "1":
+            case "2":
+            case "3":
+                $sqlStr = "UPDATE customer SET cs_deal=" . $chkact . $sqlStr;
+                break;
+            default:
+                $sqlStr = "UPDATE customer SET cs_belong=" . str_replace("t", "", $chkact) . $sqlStr;
+        }
+        
+        $conn->query($sqlStr);
+        header("Location: ?Keys=" . $keys . "&Page=" . $page);
+        exit;
+    }
+}
+
+$keys = $_GET['Keys'] ?? '';
+$keyscode = textEncode($keys);
+$page = $_GET['Page'] ?? '';
+
+$filterCountry = $_GET['fliterCountry'] ?? '';
+$filterQudao = $_GET['fliterQudao'] ?? '';
+$filterDeal = $_GET['fliterDeal'] ?? '';
+$filterBusiness = $_GET['fliterBusiness'] ?? '';
+$filterContact = $_GET['fliterContact'] ?? '';
+
+$filterStr = "";
+$urlStr = "";
+
+if (!empty($filterCountry)) {
+    $filterStr .= " AND cs_country=" . (int)$filterCountry;
+    $urlStr .= "&fliterCountry=" . $filterCountry;
+}
+
+if (!empty($filterQudao)) {
+    $filterStr .= " AND cs_from=" . (int)$filterQudao;
+    $urlStr .= "&fliterQudao=" . $filterQudao;
+}
+
+if (!empty($filterDeal)) {
+    $filterStr .= " AND cs_deal=" . (int)$filterDeal;
+    $urlStr .= "&fliterDeal=" . $filterDeal;
+}
+
+if (!empty($filterBusiness)) {
+    $filterStr .= " AND cs_type=" . (int)$filterBusiness;
+    $urlStr .= "&fliterBusiness=" . $filterBusiness;
+}
+
+if (!empty($filterContact)) {
+    switch ($filterContact) {
+        case "1": $filterStr .= " AND cs_tel<>''"; break;
+        case "2": $filterStr .= " AND cs_wechat<>''"; break;
+        case "3": $filterStr .= " AND cs_whatsapp<>''"; break;
+        case "4": $filterStr .= " AND cs_email<>''"; break;
+        case "5": $filterStr .= " AND cs_linkedin<>''"; break;
+        case "6": $filterStr .= " AND cs_facebook<>''"; break;
+        default: $filterStr .= " AND cs_alibaba<>''";
+    }
+    $urlStr .= "&fliterContact=" . $filterContact;
+}
+
+$keys = urlencode($keys);
+$hrefstr = "?keys=" . $keys;
+?>
+<form id="form1" method="post" action="?act=postchk&Keys=<?= $keys ?>&Page=<?= $page ?>" onSubmit="return false">
+    <div class="fastSelect clear">
+        <H1>搜索条件</H1>
+        <div class="selectItem">
+            <label>区域</label>
+            <select name="fliterCountry" class="filterSearch">
+                <option value="">请选择国家地区</option>
+                <?php
+                $result = $conn->query("SELECT id, countryName FROM country");
+                while ($row = $result->fetch_assoc()) {
+                    $selected = ($filterCountry == $row['id']) ? ' selected="selected"' : '';
+                    echo "<option value=\"{$row['id']}\"{$selected}>{$row['countryName']}</option>";
+                }
+                ?>
+            </select>
+        </div>
+        <div class="selectItem">
+            <label>来源渠道</label>
+            <select name="fliterQudao" class="filterSearch">
+                <option value="">请选择渠道</option>
+                <?php
+                $result = $conn->query("SELECT id, ch_name FROM qudao");
+                while ($row = $result->fetch_assoc()) {
+                    $selected = ($filterQudao == $row['id']) ? ' selected="selected"' : '';
+                    echo "<option value=\"{$row['id']}\"{$selected}>{$row['ch_name']}</option>";
+                }
+                ?>
+            </select>
+        </div>
+        <div class="selectItem">
+            <label>是否成交</label>
+            <select name="fliterDeal" class="filterSearch">
+                <option value="">请选择</option>
+                <option value="0"<?= ($filterDeal == "0") ? ' selected="selected"' : '' ?>>无响应</option>
+                <option value="1"<?= ($filterDeal == "1") ? ' selected="selected"' : '' ?>>背景调查</option>
+                <option value="2"<?= ($filterDeal == "2") ? ' selected="selected"' : '' ?>>明确需求</option>
+            </select>
+        </div>
+        <div class="selectItem">
+            <label>客户类型</label>
+            <select name="fliterBusiness" class="filterSearch">
+                <option value="">请选择</option>
+                <?php
+                $result = $conn->query("SELECT id, businessType FROM clientType");
+                while ($row = $result->fetch_assoc()) {
+                    $selected = ($filterBusiness == $row['id']) ? ' selected="selected"' : '';
+                    echo "<option value=\"{$row['id']}\"{$selected}>{$row['businessType']}</option>";
+                }
+                ?>
+            </select>
+        </div>
+        <div class="selectItem">
+            <label>联系方式</label>
+            <select name="fliterContact" class="filterSearch">
+                <option value="">请选择</option>
+                <option value="1"<?= ($filterContact == "1") ? ' selected="selected"' : '' ?>>电话</option>
+                <option value="2"<?= ($filterContact == "2") ? ' selected="selected"' : '' ?>>微信</option>
+                <option value="3"<?= ($filterContact == "3") ? ' selected="selected"' : '' ?>>WhatsApp</option>
+                <option value="4"<?= ($filterContact == "4") ? ' selected="selected"' : '' ?>>邮箱</option>
+                <option value="5"<?= ($filterContact == "5") ? ' selected="selected"' : '' ?>>领英</option>
+                <option value="6"<?= ($filterContact == "6") ? ' selected="selected"' : '' ?>>Facebook</option>
+                <option value="7"<?= ($filterContact == "7") ? ' selected="selected"' : '' ?>>阿里巴巴</option>
+            </select>
+        </div>
+        <div class="inputSearch">
+            <input type="text" id="keys" class="inputTxt" 
+                value="<?= empty($keyscode) ? '请输入搜索关键词' : $keyscode ?>" 
+                onFocus="if(this.value == '<?= empty($keyscode) ? '请输入搜索关键词' : $keyscode ?>'){this.value='';}" 
+                onBlur="if(this.value == ''){this.value='<?= empty($keyscode) ? '请输入搜索关键词' : $keyscode ?>';}" 
+                onKeyDown="if(event.keyCode==13){location.href='?Keys='+escape(document.getElementById('keys').value)}" />
+            <input type="button" id="searchgo" class="searchgo" value="go" 
+                onClick="location.href='?Keys='+escape(document.getElementById('keys').value)" />
+        </div>
+    </div>
+
+    <div width="100%" border="0" cellpadding="3" cellspacing="1" class="table2">
+        <div class="theader">
+            <div class="col1"><input type="checkbox" name="chkall" id="chkall" onClick="chkboxall(this,'chkbox')" /></div>
+            <div class="col2">序号</div>
+            <div class="col3">客户编号</div>
+            <div class="col4">渠道来源</div>
+            <div class="col5">区域</div>
+            <div class="col6">客户类型</div>
+            <div class="col6">是否成交</div>
+            <div class="colmark">颜色标记</div>
+            <div class="col6">录入时间</div>
+            <div class="col9">操作</div>
+        </div>
+
+<?php
+$sql = "SELECT id, cs_code, cs_from, cs_country, cs_type, cs_deal, cs_addtime, cs_tel, cs_email, 
+        cs_whatsapp, cs_wechat, cs_linkedin, cs_facebook, cs_alibaba, colortag, cs_note 
+        FROM customer 
+        WHERE cs_deal<>3 AND DATEDIFF(NOW(), cs_updatetime) > 55 AND cs_belong=" . $_SESSION['employee_id'] . "
+        AND (cs_code LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+        OR cs_name LIKE '%" . $conn->real_escape_string($keyscode) . "%'
+        OR cs_email LIKE '%" . $conn->real_escape_string($keyscode) . "%'
+        OR cs_wechat LIKE '%" . $conn->real_escape_string($keyscode) . "%'
+        OR cs_tel LIKE '%" . $conn->real_escape_string($keyscode) . "%'
+        OR cs_whatsapp LIKE '%" . $conn->real_escape_string($keyscode) . "%')" . 
+        $filterStr . " ORDER BY cs_state DESC, id DESC";
+
+$result = $conn->query($sql);
+
+if ($result && $result->num_rows > 0) {
+    $pageSize = 20;
+    $page = empty($page) ? 1 : $page;
+    $page = ($page === 'end') ? ceil($result->num_rows / $pageSize) : $page;
+    $page = (!is_numeric($page) || $page < 1) ? 1 : (int)$page;
+    $totalPages = ceil($result->num_rows / $pageSize);
+    $page = ($page > $totalPages) ? $totalPages : $page;
+    $offset = $pageSize * ($page - 1);
+    
+    // Store results in array for pagination
+    $rows = [];
+    while ($row = $result->fetch_assoc()) {
+        $rows[] = $row;
+    }
+    
+    // Get paginated results
+    $paginatedRows = array_slice($rows, $offset, $pageSize);
+    $tempNum = $offset;
+    
+    foreach ($paginatedRows as $row) {
+        $tempNum++;
+?>
+        <div class="tline color<?= $row['colortag'] ?>">
+            <div class="col1" align="center"><input type="checkbox" name="chkbox[]" value="<?= $row['id'] ?>" /></div>
+            <div class="col2"><?= $tempNum ?></div>
+            <div class="col3 slidepanel"><?= htmlspecialchars($row['cs_code']) ?></div>
+            <div class="col4">
+                <?php
+                $qudaoResult = $conn->query("SELECT ch_name FROM qudao WHERE id=" . (int)$row['cs_from']);
+                echo ($qudaoRow = $qudaoResult->fetch_assoc()) ? htmlspecialchars($qudaoRow['ch_name']) : '未填写';
+                ?>
+            </div>
+            <div class="col5">
+                <?php
+                $countryResult = $conn->query("SELECT countryName FROM country WHERE id=" . (int)$row['cs_country']);
+                echo ($countryRow = $countryResult->fetch_assoc()) ? htmlspecialchars($countryRow['countryName']) : '未填写';
+                ?>
+            </div>
+            <div class="col6">
+                <?php
+                $typeResult = $conn->query("SELECT businessType FROM clientType WHERE id=" . (int)$row['cs_type']);
+                echo ($typeRow = $typeResult->fetch_assoc()) ? htmlspecialchars($typeRow['businessType']) : '未填写';
+                ?>
+            </div>
+            <div class="col6">
+                <?php
+                if ($row['cs_deal'] == 2) {
+                    echo "明确需求";
+                } elseif ($row['cs_deal'] == 1) {
+                    echo "背景调查";
+                } else {
+                    echo "未成交";
+                }
+                ?>
+            </div>
+            <div class="colmark colormark">
+                <ul class="colorlist" data-id="<?= $row['id'] ?>">
+                    <li value="1" class="color1"></li>
+                    <li value="2" class="color2"></li>
+                    <li value="3" class="color3"></li>
+                    <li value="4" class="color4"></li>
+                    <li value="0" class="color0"></li>
+                </ul>
+            </div>
+            <div class="col6"><?= $row['cs_addtime'] ?></div>
+            <div class="col9">
+                <a href="customerEdit.php?Keys=<?= $keys ?>&Page=<?= $page ?>&act=edit&id=<?= $row['id'] ?>" 
+                   class="ico_edit ico">修改</a>
+            </div>
+        </div>
+        <div class="notepanel clear">
+            <div class="noteItem">联系方式</div>
+            <div class="lx">
+                <div class="tel"><?= htmlspecialchars($row['cs_tel']) ?></div>
+                <div class="mail">
+                    <a href="mailto:<?= htmlspecialchars($row['cs_email']) ?>">
+                        <?= htmlspecialchars($row['cs_email']) ?>
+                    </a>
+                </div>
+                <div class="whatapp"><?= htmlspecialchars($row['cs_whatsapp']) ?></div>
+                <div class="wechat"><?= htmlspecialchars($row['cs_wechat']) ?></div>
+                <div class="linkedin"><?= htmlspecialchars($row['cs_linkedin']) ?></div>
+                <div class="facebook"><?= htmlspecialchars($row['cs_facebook']) ?></div>
+                <div class="alibaba"><?= htmlspecialchars($row['cs_alibaba']) ?></div>
+            </div>
+            <div class="noteItem2">备注</div>
+            <div class="notecontent"><?= htmlUnCode($row['cs_note']) ?></div>
+        </div>
+<?php
+    }
+} else {
+    if (empty($keys)) {
+?>
+        <tr>
+            <div align="center" colspan="9">Sorry，当前暂无信息</div>
+        </tr>
+<?php
+    } else {
+?>
+        <tr>
+            <div align="center" colspan="9">
+                <a href="?">Sorry，没有找到"<?= htmlspecialchars($keyscode) ?>"相关的信息，点击返回</a>
+            </div>
+        </tr>
+<?php
+    }
+}
+?>
+        <div colspan="9">
+            <div class="showpagebox">
+<?php
+if (isset($totalPages) && $totalPages > 1) {
+    $pageName = "?Keys=" . $keys . $urlStr . "&";
+    $pagelen = 3;
+    
+    if ($page > 1) {
+        echo "<a href=\"{$pageName}Page=1\">首页</a>";
+        echo "<a href=\"{$pageName}Page=" . ($page - 1) . "\">上一页</a>";
+    }
+    
+    if ($pagelen * 2 + 1 >= $totalPages) {
+        $startPage = 1;
+        $endPage = $totalPages;
+    } else {
+        if ($page <= $pagelen + 1) {
+            $startPage = 1;
+            $endPage = $pagelen * 2 + 1;
+        } else {
+            $startPage = $page - $pagelen;
+            $endPage = $page + $pagelen;
+        }
+        if ($page + $pagelen > $totalPages) {
+            $startPage = $totalPages - $pagelen * 2;
+            $endPage = $totalPages;
+        }
+    }
+    
+    for ($i = $startPage; $i <= $endPage; $i++) {
+        if ($i == $page) {
+            echo "<a class=\"current\">{$i}</a>";
+        } else {
+            echo "<a href=\"{$pageName}Page={$i}\">{$i}</a>";
+        }
+    }
+    
+    if ($page < $totalPages) {
+        if ($totalPages - $page > $pagelen) {
+            echo "<a href=\"{$pageName}Page={$totalPages}\">...{$totalPages}</a>";
+        }
+        echo "<a href=\"{$pageName}Page=" . ($page + 1) . "\">下一页</a>";
+        echo "<a href=\"{$pageName}Page={$totalPages}\">尾页</a>";
+    }
+    
+    echo "<input type=\"text\" id=\"Pagego\" value=\"{$page}\" 
+          onFocus=\"if(this.value == '{$page}'){this.value='';}\" 
+          onBlur=\"if(this.value == ''){this.value='{$page}';}\" 
+          onKeyUp=\"this.value=this.value.replace(/\D/g,'')\" 
+          onKeyDown=\"if(event.keyCode==13){location.href='{$pageName}Page='+document.getElementById('Pagego').value}\" />";
+}
+?>
+            </div>
+            <?php require_once 'postchkbox.php'; ?>
+        </div>
+    </div>
+</form>
+</div>
+</body>
+</html> 

customersNew.php

@@ -0,0 +1,373 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+<?php
+$act = $_GET['act'] ?? '';
+
+if ($act == "postchk") {
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $page = $_GET['Page'] ?? '';
+    $chkact = $_POST['chkact'] ?? '';
+    
+    if (!empty($_POST['chkbox'])) {
+        $sqlStr = "";
+        foreach ($_POST['chkbox'] as $id) {
+            $sqlStr .= ($sqlStr ? " OR id=" : " WHERE id=") . (int)$id;
+        }
+        
+        switch ($chkact) {
+            case "0":
+            case "1":
+            case "2":
+                $sqlStr = "UPDATE Customer SET cs_deal=" . $chkact . $sqlStr;
+                break;
+            default:
+                $sqlStr = "UPDATE Customer SET cs_belong=" . str_replace("t", "", $chkact) . $sqlStr;
+        }
+        
+        $conn->query($sqlStr);
+        header("Location: ?Keys=" . $keys . "&Page=" . $page);
+        exit;
+    }
+}
+
+$keys = $_GET['Keys'] ?? '';
+$keyscode = textEncode($keys);
+$page = $_GET['Page'] ?? '';
+
+$filterCountry = $_GET['fliterCountry'] ?? '';
+$filterQudao = $_GET['fliterQudao'] ?? '';
+$filterDeal = $_GET['fliterDeal'] ?? '';
+$filterBusiness = $_GET['fliterBusiness'] ?? '';
+$filterContact = $_GET['fliterContact'] ?? '';
+
+$filterStr = "";
+$urlStr = "";
+
+if (!empty($filterCountry)) {
+    $filterStr .= " AND cs_country=" . (int)$filterCountry;
+    $urlStr .= "&fliterCountry=" . $filterCountry;
+}
+
+if (!empty($filterQudao)) {
+    $filterStr .= " AND cs_from=" . (int)$filterQudao;
+    $urlStr .= "&fliterQudao=" . $filterQudao;
+}
+
+if (!empty($filterDeal)) {
+    $filterStr .= " AND cs_deal=" . (int)$filterDeal;
+    $urlStr .= "&fliterDeal=" . $filterDeal;
+}
+
+if (!empty($filterBusiness)) {
+    $filterStr .= " AND cs_type=" . (int)$filterBusiness;
+    $urlStr .= "&fliterBusiness=" . $filterBusiness;
+}
+
+if (!empty($filterContact)) {
+    switch ($filterContact) {
+        case "1": $filterStr .= " AND cs_tel<>''"; break;
+        case "2": $filterStr .= " AND cs_wechat<>''"; break;
+        case "3": $filterStr .= " AND cs_whatsapp<>''"; break;
+        case "4": $filterStr .= " AND cs_email<>''"; break;
+        case "5": $filterStr .= " AND cs_linkedin<>''"; break;
+        case "6": $filterStr .= " AND cs_facebook<>''"; break;
+        default: $filterStr .= " AND cs_alibaba<>''";
+    }
+    $urlStr .= "&fliterContact=" . $filterContact;
+}
+
+$keys = urlencode($keys);
+$hrefstr = "?keys=" . $keys;
+?>
+<form id="form1" method="post" action="?act=postchk&Keys=<?= $keys ?>&Page=<?= $page ?>" onSubmit="return false">
+    <div class="fastSelect clear">
+        <H1>当月新增客户</H1>
+        <div class="selectItem">
+            <label>区域</label>
+            <select name="fliterCountry" class="filterSearch">
+                <option value="">请选择国家地区</option>
+                <?php
+                $result = $conn->query("SELECT id, countryName FROM country");
+                while ($row = $result->fetch_assoc()) {
+                    $selected = ($filterCountry == $row['id']) ? ' selected="selected"' : '';
+                    echo "<option value=\"{$row['id']}\"{$selected}>{$row['countryName']}</option>";
+                }
+                ?>
+            </select>
+        </div>
+        <div class="selectItem">
+            <label>来源渠道</label>
+            <select name="fliterQudao" class="filterSearch">
+                <option value="">请选择渠道</option>
+                <?php
+                $result = $conn->query("SELECT id, ch_name FROM qudao");
+                while ($row = $result->fetch_assoc()) {
+                    $selected = ($filterQudao == $row['id']) ? ' selected="selected"' : '';
+                    echo "<option value=\"{$row['id']}\"{$selected}>{$row['ch_name']}</option>";
+                }
+                ?>
+            </select>
+        </div>
+        <div class="selectItem">
+            <label>跟进阶段</label>
+            <select name="fliterDeal" class="filterSearch">
+                <option value="">请选择</option>
+                <option value="0"<?= ($filterDeal == "0") ? ' selected="selected"' : '' ?>>无响应</option>
+                <option value="1"<?= ($filterDeal == "1") ? ' selected="selected"' : '' ?>>背景调查</option>
+                <option value="2"<?= ($filterDeal == "2") ? ' selected="selected"' : '' ?>>明确需求</option>
+                <option value="3"<?= ($filterDeal == "3") ? ' selected="selected"' : '' ?>>已成交</option>
+            </select>
+        </div>
+        <div class="selectItem">
+            <label>客户类型</label>
+            <select name="fliterBusiness" class="filterSearch">
+                <option value="">请选择</option>
+                <?php
+                $result = $conn->query("SELECT id, businessType FROM clientType");
+                while ($row = $result->fetch_assoc()) {
+                    $selected = ($filterBusiness == $row['id']) ? ' selected="selected"' : '';
+                    echo "<option value=\"{$row['id']}\"{$selected}>{$row['businessType']}</option>";
+                }
+                ?>
+            </select>
+        </div>
+        <div class="selectItem">
+            <label>联系方式</label>
+            <select name="fliterContact" class="filterSearch">
+                <option value="">请选择</option>
+                <option value="1"<?= ($filterContact == "1") ? ' selected="selected"' : '' ?>>电话</option>
+                <option value="2"<?= ($filterContact == "2") ? ' selected="selected"' : '' ?>>微信</option>
+                <option value="3"<?= ($filterContact == "3") ? ' selected="selected"' : '' ?>>WhatsApp</option>
+                <option value="4"<?= ($filterContact == "4") ? ' selected="selected"' : '' ?>>邮箱</option>
+                <option value="5"<?= ($filterContact == "5") ? ' selected="selected"' : '' ?>>领英</option>
+                <option value="6"<?= ($filterContact == "6") ? ' selected="selected"' : '' ?>>Facebook</option>
+                <option value="7"<?= ($filterContact == "7") ? ' selected="selected"' : '' ?>>阿里巴巴</option>
+            </select>
+        </div>
+        <div class="inputSearch">
+            <input type="text" id="keys" class="inputTxt" 
+                value="<?= empty($keyscode) ? '请输入搜索关键词' : $keyscode ?>" 
+                onFocus="if(this.value == '<?= empty($keyscode) ? '请输入搜索关键词' : $keyscode ?>'){this.value='';}" 
+                onBlur="if(this.value == ''){this.value='<?= empty($keyscode) ? '请输入搜索关键词' : $keyscode ?>';}" 
+                onKeyDown="if(event.keyCode==13){location.href='?Keys='+escape(document.getElementById('keys').value)}" />
+            <input type="button" id="searchgo" class="searchgo" value="go" 
+                onClick="location.href='?Keys='+escape(document.getElementById('keys').value)" />
+        </div>
+    </div>
+
+    <div width="100%" border="0" cellpadding="3" cellspacing="1" class="table2 em<?= $_SESSION['employee_id'] ?>">
+        <div class="theader">
+            <div class="col1"><input type="checkbox" name="chkall" id="chkall" onClick="chkboxall(this,'chkbox')" /></div>
+            <div class="col2">序号</div>
+            <div class="col3">客户编号</div>
+            <div class="col4">渠道来源</div>
+            <div class="col5">区域</div>
+            <div class="col6">客户类型</div>
+            <div class="col6">是否成交</div>
+            <div class="colmark">颜色标记</div>
+            <div class="col6">录入时间</div>
+            <div class="col9">操作</div>
+        </div>
+
+<?php
+$sql = "SELECT id, cs_code, cs_from, cs_country, cs_type, cs_deal, cs_addtime, cs_tel, cs_email, 
+        cs_whatsapp, cs_wechat, cs_linkedin, cs_facebook, cs_alibaba, colorTag, cs_note 
+        FROM customer 
+        WHERE cs_belong=" . $_SESSION['employee_id'] . " 
+        AND MONTH(cs_addtime) = MONTH(CURRENT_DATE()) 
+        AND YEAR(cs_addtime) = YEAR(CURRENT_DATE())
+        AND (cs_code LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+        OR cs_name LIKE '%" . $conn->real_escape_string($keyscode) . "%'
+        OR cs_email LIKE '%" . $conn->real_escape_string($keyscode) . "%'
+        OR cs_wechat LIKE '%" . $conn->real_escape_string($keyscode) . "%'
+        OR cs_tel LIKE '%" . $conn->real_escape_string($keyscode) . "%'
+        OR cs_whatsapp LIKE '%" . $conn->real_escape_string($keyscode) . "%')" . 
+        $filterStr . " ORDER BY id DESC";
+
+$result = $conn->query($sql);
+
+if ($result && $result->num_rows > 0) {
+    $pageSize = 20;
+    $page = empty($page) ? 1 : $page;
+    $page = ($page === 'end') ? ceil($result->num_rows / $pageSize) : $page;
+    $page = (!is_numeric($page) || $page < 1) ? 1 : (int)$page;
+    $totalPages = ceil($result->num_rows / $pageSize);
+    $page = ($page > $totalPages) ? $totalPages : $page;
+    $offset = $pageSize * ($page - 1);
+    
+    // Store results in array for pagination
+    $rows = [];
+    while ($row = $result->fetch_assoc()) {
+        $rows[] = $row;
+    }
+    
+    // Get paginated results
+    $paginatedRows = array_slice($rows, $offset, $pageSize);
+    $tempNum = $offset;
+    
+    foreach ($paginatedRows as $row) {
+        $tempNum++;
+?>
+        <div class="tline color<?= $row['colorTag'] ?>">
+            <div class="col1" align="center"><input type="checkbox" name="chkbox[]" value="<?= $row['id'] ?>" /></div>
+            <div class="col2"><?= $tempNum ?></div>
+            <div class="col3 slidepanel"><?= htmlspecialchars($row['cs_code']) ?></div>
+            <div class="col4">
+                <?php
+                $qudaoResult = $conn->query("SELECT ch_name FROM qudao WHERE id=" . (int)$row['cs_from']);
+                echo ($qudaoRow = $qudaoResult->fetch_assoc()) ? htmlspecialchars($qudaoRow['ch_name']) : '未填写';
+                ?>
+            </div>
+            <div class="col5">
+                <?php
+                $countryResult = $conn->query("SELECT countryName FROM country WHERE id=" . (int)$row['cs_country']);
+                echo ($countryRow = $countryResult->fetch_assoc()) ? htmlspecialchars($countryRow['countryName']) : '未填写';
+                ?>
+            </div>
+            <div class="col6">
+                <?php
+                $typeResult = $conn->query("SELECT businessType FROM clientType WHERE id=" . (int)$row['cs_type']);
+                echo ($typeRow = $typeResult->fetch_assoc()) ? htmlspecialchars($typeRow['businessType']) : '未填写';
+                ?>
+            </div>
+            <div class="col6">
+                <?php
+                if ($row['cs_deal'] == 3) {
+                    echo "<span style='color:red;'>成交</span>";
+                } elseif ($row['cs_deal'] == 2) {
+                    echo "明确需求";
+                } elseif ($row['cs_deal'] == 1) {
+                    echo "背景调查";
+                } else {
+                    echo "无响应";
+                }
+                ?>
+            </div>
+            <div class="colmark colormark">
+                <ul class="colorlist" data-id="<?= $row['id'] ?>">
+                    <li value="1" class="color1"></li>
+                    <li value="2" class="color2"></li>
+                    <li value="3" class="color3"></li>
+                    <li value="4" class="color4"></li>
+                    <li value="0" class="color0"></li>
+                </ul>
+            </div>
+            <div class="col6"><?= $row['cs_addtime'] ?></div>
+            <div class="col9">
+                <a href="customerEdit.php?Keys=<?= $keys ?>&Page=<?= $page ?>&act=edit&id=<?= $row['id'] ?>" 
+                   class="ico_edit ico">修改</a>
+            </div>
+        </div>
+        <div class="notepanel clear">
+            <div class="noteItem">联系方式</div>
+            <div class="lx">
+                <div class="tel"><?= htmlspecialchars($row['cs_tel']) ?></div>
+                <div class="mail">
+                    <a href="mailto:<?= htmlspecialchars($row['cs_email']) ?>">
+                        <?= htmlspecialchars($row['cs_email']) ?>
+                    </a>
+                </div>
+                <div class="whatsapp"><?= htmlspecialchars($row['cs_whatsapp']) ?></div>
+                <div class="wechat"><?= htmlspecialchars($row['cs_wechat']) ?></div>
+                <div class="linkedin"><?= htmlspecialchars($row['cs_linkedin']) ?></div>
+                <div class="facebook"><?= htmlspecialchars($row['cs_facebook']) ?></div>
+                <div class="alibaba"><?= htmlspecialchars($row['cs_alibaba']) ?></div>
+            </div>
+            <div class="noteItem2">备注</div>
+            <div class="notecontent"><?= htmlUnCode($row['cs_note']) ?></div>
+        </div>
+<?php
+    }
+} else {
+    if (empty($keys)) {
+?>
+        <tr>
+            <div align="center" colspan="9">Sorry，当前暂无信息</div>
+        </tr>
+<?php
+    } else {
+?>
+        <tr>
+            <div align="center" colspan="9">
+                <a href="?">Sorry，没有找到"<?= htmlspecialchars($keyscode) ?>"相关的信息，点击返回</a>
+            </div>
+        </tr>
+<?php
+    }
+}
+?>
+        <div colspan="9">
+            <div class="showpagebox">
+<?php
+if (isset($totalPages) && $totalPages > 1) {
+    $pageName = "?Keys=" . $keys . $urlStr . "&";
+    $pagelen = 3;
+    
+    if ($page > 1) {
+        echo "<a href=\"{$pageName}Page=1\">首页</a>";
+        echo "<a href=\"{$pageName}Page=" . ($page - 1) . "\">上一页</a>";
+    }
+    
+    if ($pagelen * 2 + 1 >= $totalPages) {
+        $startPage = 1;
+        $endPage = $totalPages;
+    } else {
+        if ($page <= $pagelen + 1) {
+            $startPage = 1;
+            $endPage = $pagelen * 2 + 1;
+        } else {
+            $startPage = $page - $pagelen;
+            $endPage = $page + $pagelen;
+        }
+        if ($page + $pagelen > $totalPages) {
+            $startPage = $totalPages - $pagelen * 2;
+            $endPage = $totalPages;
+        }
+    }
+    
+    for ($i = $startPage; $i <= $endPage; $i++) {
+        if ($i == $page) {
+            echo "<a class=\"current\">{$i}</a>";
+        } else {
+            echo "<a href=\"{$pageName}Page={$i}\">{$i}</a>";
+        }
+    }
+    
+    if ($page < $totalPages) {
+        if ($totalPages - $page > $pagelen) {
+            echo "<a href=\"{$pageName}Page={$totalPages}\">...{$totalPages}</a>";
+        }
+        echo "<a href=\"{$pageName}Page=" . ($page + 1) . "\">下一页</a>";
+        echo "<a href=\"{$pageName}Page={$totalPages}\">尾页</a>";
+    }
+    
+    echo "<input type=\"text\" id=\"Pagego\" value=\"{$page}\" 
+          onFocus=\"if(this.value == '{$page}'){this.value='';}\" 
+          onBlur=\"if(this.value == ''){this.value='{$page}';}\" 
+          onKeyUp=\"this.value=this.value.replace(/\D/g,'')\" 
+          onKeyDown=\"if(event.keyCode==13){location.href='{$pageName}Page='+document.getElementById('Pagego').value}\" />";
+}
+?>
+            </div>
+            <?php require_once 'postchkbox.php'; ?>
+        </div>
+    </div>
+</form>
+</div>
+</body>
+</html> 

dashboard.php

@@ -0,0 +1,268 @@
+<?php
+require_once("conn.php");
+checkLogin("信息管理");
+?>
+<!DOCTYPE html>
+<html>
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+    <script>
+    //绘制饼图  
+    function drawCircle(canvasId, data_arr, color_arr, text_arr) {
+        var c = document.getElementById(canvasId);  
+        var ctx = c.getContext("2d");  
+        var ctxw = c.getContext("2d"); 
+        var radius = 140; //半径  
+        var ox = radius + 20, oy = radius + 20; //圆心  
+        var width = 10, height = 10; //图例宽和高  
+        var posX = 500, posY = 50;   //  
+        var textX = posX + width + 5, textY = posY + 10;  
+        var startAngle = 0; //起始弧度  
+        var endAngle = 0;   //结束弧度  
+
+        for (var i = 0; i < data_arr.length; i++) {  
+            //绘制饼图  
+            endAngle = endAngle + data_arr[i] * Math.PI * 2; //结束弧度  
+            ctx.fillStyle = color_arr[i]; 
+            ctx.beginPath();  
+            ctx.moveTo(ox, oy); //移动到到圆心  
+            ctx.arc(ox, oy, radius, startAngle, endAngle, false);  
+            ctx.closePath();  
+            ctx.fill();  
+            startAngle = endAngle; //设置起始弧度  
+            
+            //绘制比例图及文字  
+            ctx.fillStyle = color_arr[i];  
+            ctx.fillRect(posX, posY + 20 * i, width, height);  
+            ctx.moveTo(posX, posY + 20 * i);  
+            ctx.font = 'bold 12px 微软雅黑';    //斜体 30像素 微软雅黑字体  
+            ctx.fillStyle = "#666666";  
+            var icount = 100 * data_arr[i];
+            var percent = text_arr[i] + "：" + icount.toFixed(2) + "%";  
+            ctx.fillText(percent, textX, textY + 20 * i);  
+        }  
+
+        ctxw.fillStyle = "#FFFFFF"; 
+        ctxw.beginPath();  
+        ctxw.moveTo(ox, oy); //移动到到圆心  
+        ctxw.arc(ox, oy, 90, 0, 2* Math.PI, false);  
+        ctxw.closePath();  
+        ctxw.fill(); 
+    }  
+
+    function drawRectangle(canvasId, data_arr, text_arr) {
+        var c = document.getElementById(canvasId); 
+        var ctx = c.getContext("2d");   
+        var space = 20; //间距
+
+        var x = 0, y = 420;
+        for (var i = 0; i < data_arr.length; i++) {
+            x = x + 30 + space;
+            ctx.beginPath(); 
+            ctx.fillStyle = "#00aabb"; 
+            ctx.rect(x, 420-data_arr[i]*0.2, 30, data_arr[i]*0.2);
+            ctx.closePath();  
+            ctx.fill();  	
+            ctx.font = 'bold 10px 微软雅黑';    //斜体 30像素 微软雅黑字体  
+            ctx.fillStyle = "#666666";  
+            ctx.fillText(text_arr[i]+"("+data_arr[i]+")", x+5, 410-data_arr[i]*0.2); 
+        }
+    }
+    </script>
+</head>
+
+<body>
+<div id="man_zone">
+    <div class="dashboard">
+        <h1 class="dashboardHead">数据看板</h1>
+        <?php
+        // 获取客户总数
+        $result = mysqli_query($conn, "SELECT COUNT(DISTINCT cs_code) as CustomerTotal FROM customer");
+        $row = mysqli_fetch_assoc($result);
+        $tn = $row['CustomerTotal'];
+
+        // 获取成交客户数
+        $result = mysqli_query($conn, "SELECT COUNT(DISTINCT cs_code) as CustomerTotal FROM customer WHERE cs_deal=3");
+        $row = mysqli_fetch_assoc($result);
+        $tdn = $row['CustomerTotal'];
+
+        // 获取客户类型数据
+        $data_arr1 = [];
+        $text_arr1 = [];
+        $result = mysqli_query($conn, "SELECT businessType, COUNT(DISTINCT cs_code) as cc FROM customer 
+                                     LEFT JOIN clientType ON customer.cs_type=clientType.id 
+                                     GROUP BY businessType");
+        while($row = mysqli_fetch_assoc($result)) {
+            $data_arr1[] = number_format($row['cc']/$tn, 4);
+            $text_arr1[] = $row['businessType'];
+        }
+        ?>
+        <input type="hidden" id="data_arr1" value="<?= implode(',', $data_arr1) ?>">
+        <input type="hidden" id="text_arr1" value="<?= implode(',', $text_arr1) ?>">
+        <div class="dashPanel1">
+            <h3>客户类型</h3>
+            <canvas id="canvas_circle" width="720" height="360">浏览器不支持canvas</canvas>
+        </div>
+
+        <?php
+        // 获取成交比例数据
+        $data_arr2 = [];
+        $result = mysqli_query($conn, "SELECT cs_deal, COUNT(DISTINCT cs_code) as cc 
+                                     FROM customer GROUP BY cs_deal ORDER BY cs_deal DESC");
+        while($row = mysqli_fetch_assoc($result)) {
+            $data_arr2[] = number_format($row['cc']/$tn, 4);
+        }
+        ?>
+        <input type="hidden" id="data_arr2" value="<?= implode(',', $data_arr2) ?>">
+        <input type="hidden" id="text_arr2" value="成交,明确需求,背景调查,无响应">
+        <div class="dashPanel1">
+            <h3>成交比例</h3>
+            <canvas id="canvas_circle2" width="720" height="360">浏览器不支持canvas</canvas>
+        </div>
+
+        <?php
+        // 获取客户来源数据
+        $data_arr3 = [];
+        $text_arr3 = [];
+        $result = mysqli_query($conn, "SELECT ch_name, COUNT(DISTINCT cs_code) as cc 
+                                     FROM customer LEFT JOIN qudao ON customer.cs_from=qudao.id 
+                                     GROUP BY ch_name");
+        while($row = mysqli_fetch_assoc($result)) {
+            $data_arr3[] = number_format($row['cc']/$tn, 4);
+            $text_arr3[] = $row['ch_name'];
+        }
+        ?>
+        <input type="hidden" id="data_arr3" value="<?= implode(',', $data_arr3) ?>">
+        <input type="hidden" id="text_arr3" value="<?= implode(',', $text_arr3) ?>">
+        <div class="dashPanel1">
+            <h3>客户来源</h3>
+            <canvas id="canvas_circle3" width="720" height="360">浏览器不支持canvas</canvas>
+        </div>
+
+        <?php
+        // 获取已成交客户分布(Top10)数据
+        $data_arr5 = [];
+        $text_arr5 = [];
+        $tp = 1;
+        $result = mysqli_query($conn, "SELECT countryName, COUNT(DISTINCT cs_code) as cc 
+                                     FROM customer LEFT JOIN country ON customer.cs_country=country.id 
+                                     WHERE cs_deal=3 GROUP BY countryName ORDER BY cc DESC LIMIT 9");
+        while($row = mysqli_fetch_assoc($result)) {
+            $value = number_format($row['cc']/$tdn, 4);
+            $data_arr5[] = $value;
+            $text_arr5[] = $row['countryName'];
+            $tp -= $value;
+        }
+        $data_arr5[] = $tp;
+        $text_arr5[] = "其他";
+        ?>
+        <input type="hidden" id="data_arr5" value="<?= implode(',', $data_arr5) ?>">
+        <input type="hidden" id="text_arr5" value="<?= implode(',', $text_arr5) ?>">
+        <div class="dashPanel1">
+            <h3>已成交客户分布(Top10)</h3>
+            <canvas id="canvas_circle5" width="720" height="360">浏览器不支持canvas</canvas>
+        </div>
+
+        <?php
+        // 获取客户分布(Top10)数据
+        $data_arr4 = [];
+        $text_arr4 = [];
+        $tp = 1;
+        $result = mysqli_query($conn, "SELECT countryName, COUNT(DISTINCT cs_code) as cc 
+                                     FROM customer LEFT JOIN country ON customer.cs_country=country.id 
+                                     WHERE cs_deal=3 GROUP BY countryName ORDER BY cc DESC LIMIT 9");
+        while($row = mysqli_fetch_assoc($result)) {
+            $value = number_format($row['cc']/$tn, 4);
+            $data_arr4[] = $value;
+            $text_arr4[] = $row['countryName'];
+            $tp -= $value;
+        }
+        $data_arr4[] = $tp;
+        $text_arr4[] = "其他";
+        ?>
+        <input type="hidden" id="data_arr4" value="<?= implode(',', $data_arr4) ?>">
+        <input type="hidden" id="text_arr4" value="<?= implode(',', $text_arr4) ?>">
+        <div class="dashPanel1">
+            <h3>客户分布(Top10)</h3>
+            <canvas id="canvas_circle4" width="720" height="360">浏览器不支持canvas</canvas>
+        </div>
+
+        <?php
+        // 获取各业务成交客户占比数据
+        $data_arr6 = [];
+        $text_arr6 = [];
+        $result = mysqli_query($conn, "SELECT em_user, COUNT(DISTINCT cs_code) as cc 
+                                     FROM customer LEFT JOIN employee ON customer.cs_belong=employee.id 
+                                     WHERE cs_deal=3 GROUP BY em_user ORDER BY cc DESC");
+        while($row = mysqli_fetch_assoc($result)) {
+            $data_arr6[] = number_format($row['cc']/$tdn, 4);
+            $text_arr6[] = $row['em_user'];
+        }
+        ?>
+        <input type="hidden" id="data_arr6" value="<?= implode(',', $data_arr6) ?>">
+        <input type="hidden" id="text_arr6" value="<?= implode(',', $text_arr6) ?>">
+        <div class="dashPanel1">
+            <h3>各业务成交客户占比</h3>
+            <canvas id="canvas_circle6" width="720" height="360">浏览器不支持canvas</canvas>
+        </div>
+
+        <?php
+        // 获取各业务客户占比数据
+        $data_arr7 = [];
+        $text_arr7 = [];
+        $result = mysqli_query($conn, "SELECT em_user, COUNT(DISTINCT cs_code) as cc 
+                                     FROM customer LEFT JOIN employee ON customer.cs_belong=employee.id 
+                                     WHERE cs_deal>0 GROUP BY em_user ORDER BY cc DESC");
+        while($row = mysqli_fetch_assoc($result)) {
+            $data_arr7[] = $row['cc'];
+            $text_arr7[] = $row['em_user'];
+        }
+        ?>
+        <input type="hidden" id="data_arr7" value="<?= implode(',', $data_arr7) ?>">
+        <input type="hidden" id="text_arr7" value="<?= implode(',', $text_arr7) ?>">
+        <div class="dashPanel2">
+            <h3>各业务客户占比(扣除无响应)</h3>
+            <canvas id="canvas_circle7" width="1200" height="500">浏览器不支持canvas</canvas>
+        </div>
+    </div>
+
+    <script>
+    function init() {  
+        //客户类型
+        var data_arr = $("#data_arr1").val().split(",");  
+        var color_arr = ["#00FF21", "#FFAA00", "#00AABB", "#FF4400","#009942","#02a0e9","#0168b7","#930784","#e5007f","#e50150","#ef0030","#eb6100","#f49600"];  
+        var text_arr = $("#text_arr1").val().split(",");
+        
+        //成交情况
+        var data_arr2 = $("#data_arr2").val().split(",");  
+        var text_arr2 = $("#text_arr2").val().split(",");   
+        var data_arr3 = $("#data_arr3").val().split(",");  
+        var text_arr3 = $("#text_arr3").val().split(",");  
+        var data_arr4 = $("#data_arr4").val().split(",");  
+        var text_arr4 = $("#text_arr4").val().split(",");  
+        var data_arr5 = $("#data_arr5").val().split(",");  
+        var text_arr5 = $("#text_arr5").val().split(",");  
+        var data_arr6 = $("#data_arr6").val().split(",");  
+        var text_arr6 = $("#text_arr6").val().split(","); 
+        var data_arr7 = $("#data_arr7").val().split(",");  
+        var text_arr7 = $("#text_arr7").val().split(","); 
+        
+        drawCircle("canvas_circle", data_arr, color_arr, text_arr);  
+        drawCircle("canvas_circle2", data_arr2, color_arr, text_arr2); 
+        drawCircle("canvas_circle3", data_arr3, color_arr, text_arr3); 
+        drawCircle("canvas_circle4", data_arr4, color_arr, text_arr4); 
+        drawCircle("canvas_circle5", data_arr5, color_arr, text_arr5); 
+        drawCircle("canvas_circle6", data_arr6, color_arr, text_arr6); 
+        drawRectangle("canvas_circle7", data_arr7, text_arr7); 
+    }  
+    window.onload = init;
+    </script>
+</div>
+</body>
+</html>
+<?php mysqli_close($conn); ?> 

editTag.php

@@ -0,0 +1,16 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+
+$originaltag = $_GET['originaltag'] ?? '';
+$newtag = $_GET['newtag'] ?? '';
+
+$originaltag = textEncode(urldecode($originaltag));
+$newtag = textEncode(urldecode($newtag));
+
+$sql = "UPDATE tagTable SET tagName='" . $conn->real_escape_string($newtag) . "' 
+        WHERE tagName='" . $conn->real_escape_string($originaltag) . "' 
+        AND employeeId=" . $_SESSION['employee_id'];
+
+$conn->query($sql);
+?> 

highSeas.php

@@ -0,0 +1,295 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js?ver=0620"></script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+<?php
+$act = $_GET['act'] ?? '';
+$keys = $_GET['Keys'] ?? '';
+$keyscode = textEncode($keys);
+$page = $_GET['Page'] ?? '';
+
+$filterCountry = $_GET['fliterCountry'] ?? '';
+$filterQudao = $_GET['fliterQudao'] ?? '';
+$filterDeal = $_GET['fliterDeal'] ?? '';
+$filterBusiness = $_GET['fliterBusiness'] ?? '';
+$filterBelong = $_GET['fliterBelong'] ?? '';
+
+$filterStr = "";
+$urlStr = "";
+
+if (!empty($filterCountry)) {
+    $filterStr .= " AND cs_country=" . (int)$filterCountry;
+    $urlStr .= "&fliterCountry=" . $filterCountry;
+}
+
+if (!empty($filterQudao)) {
+    $filterStr .= " AND cs_from=" . (int)$filterQudao;
+    $urlStr .= "&fliterQudao=" . $filterQudao;
+}
+
+if (!empty($filterDeal)) {
+    $filterStr .= " AND cs_deal=" . (int)$filterDeal;
+    $urlStr .= "&fliterDeal=" . $filterDeal;
+}
+
+if (!empty($filterBusiness)) {
+    $filterStr .= " AND cs_type=" . (int)$filterBusiness;
+    $urlStr .= "&fliterBusiness=" . $filterBusiness;
+}
+
+if (!empty($filterBelong)) {
+    $filterStr .= " AND cs_belong=" . (int)$filterBelong;
+    $urlStr .= "&fliterBelong=" . $filterBelong;
+}
+
+$keys = urlencode($keys);
+$hrefstr = "?keys=" . $keys;
+?>
+<form id="form1" method="post" action="?act=postchk&Keys=<?= $keys ?>&Page=<?= $page ?>" onSubmit="return false">
+    <div class="fastSelect clear">
+        <H1>搜索条件</H1>
+        <div class="selectItem">
+            <label>区域</label>
+            <select name="fliterCountry" class="filterSearch">
+                <option value="">请选择国家地区</option>
+                <?php
+                $result = $conn->query("SELECT id, countryName FROM country");
+                while ($row = $result->fetch_assoc()) {
+                    $selected = ($filterCountry == $row['id']) ? ' selected="selected"' : '';
+                    echo "<option value=\"{$row['id']}\"{$selected}>{$row['countryName']}</option>";
+                }
+                ?>
+            </select>
+        </div>
+        <div class="selectItem">
+            <label>来源渠道</label>
+            <select name="fliterQudao" class="filterSearch">
+                <option value="">请选择渠道</option>
+                <?php
+                $result = $conn->query("SELECT id, ch_name FROM qudao");
+                while ($row = $result->fetch_assoc()) {
+                    $selected = ($filterQudao == $row['id']) ? ' selected="selected"' : '';
+                    echo "<option value=\"{$row['id']}\"{$selected}>{$row['ch_name']}</option>";
+                }
+                ?>
+            </select>
+        </div>
+        <div class="selectItem">
+            <label>跟进阶段</label>
+            <select name="fliterDeal" class="filterSearch">
+                <option value="">请选择</option>
+                <option value="0"<?= ($filterDeal == "0") ? ' selected="selected"' : '' ?>>无响应</option>
+                <option value="1"<?= ($filterDeal == "1") ? ' selected="selected"' : '' ?>>背景调查</option>
+                <option value="2"<?= ($filterDeal == "2") ? ' selected="selected"' : '' ?>>明确需求</option>
+            </select>
+        </div>
+        <div class="selectItem">
+            <label>客户类型</label>
+            <select name="fliterBusiness" class="filterSearch">
+                <option value="">请选择</option>
+                <?php
+                $result = $conn->query("SELECT id, businessType FROM clientType");
+                while ($row = $result->fetch_assoc()) {
+                    $selected = ($filterBusiness == $row['id']) ? ' selected="selected"' : '';
+                    echo "<option value=\"{$row['id']}\"{$selected}>{$row['businessType']}</option>";
+                }
+                ?>
+            </select>
+        </div>
+        <div class="selectItem">
+            <label>业务员</label>
+            <select name="fliterBelong" class="filterSearch">
+                <option value="">请选择</option>
+                <?php
+                $result = $conn->query("SELECT id, em_user FROM employee");
+                while ($row = $result->fetch_assoc()) {
+                    $selected = ($filterBelong == $row['id']) ? ' selected="selected"' : '';
+                    echo "<option value=\"{$row['id']}\"{$selected}>{$row['em_user']}</option>";
+                }
+                ?>
+            </select>
+        </div>
+    </div>
+
+    <div width="100%" border="0" cellpadding="3" cellspacing="1" class="table2">
+        <div class="theader">
+            <div class="col9">序号</div>
+            <div class="col3">客户编号</div>
+            <div class="col4">渠道来源</div>
+            <div class="col5">区域</div>
+            <div class="col6">客户类型</div>
+            <div class="col6">是否成交</div>
+            <div class="col20">更新日期</div>
+            <div class="col4">操作</div>
+        </div>
+
+<?php
+$sql = "SELECT id, cs_code, cs_from, cs_country, cs_type, cs_deal, cs_addtime, cs_updatetime, cs_note, cs_claimFrom 
+        FROM customer 
+        WHERE cs_deal<>3 AND cs_deal<>0 AND cs_type<>2 AND cs_belong<>13 
+        AND cs_belong<>" . $_SESSION['employee_id'] . " 
+        AND DATEDIFF(NOW(), cs_updatetime) > 120 
+        AND cs_country NOT IN (2, 229, 13, 153) 
+        AND cs_belongclient=0 
+        AND cs_wechat NOT LIKE 'wxid%' 
+        AND (cs_code LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+        OR cs_name LIKE '%" . $conn->real_escape_string($keyscode) . "%'
+        OR cs_email LIKE '%" . $conn->real_escape_string($keyscode) . "%'
+        OR cs_wechat LIKE '%" . $conn->real_escape_string($keyscode) . "%'
+        OR cs_tel LIKE '%" . $conn->real_escape_string($keyscode) . "%'
+        OR cs_whatsapp LIKE '%" . $conn->real_escape_string($keyscode) . "%')" . 
+        $filterStr . " ORDER BY cs_state DESC, id DESC";
+
+$result = $conn->query($sql);
+
+if ($result && $result->num_rows > 0) {
+    $pageSize = 20;
+    $page = empty($page) ? 1 : $page;
+    $page = ($page === 'end') ? ceil($result->num_rows / $pageSize) : $page;
+    $page = (!is_numeric($page) || $page < 1) ? 1 : (int)$page;
+    $totalPages = ceil($result->num_rows / $pageSize);
+    $page = ($page > $totalPages) ? $totalPages : $page;
+    $offset = $pageSize * ($page - 1);
+    
+    // Store results in array for pagination
+    $rows = [];
+    while ($row = $result->fetch_assoc()) {
+        $rows[] = $row;
+    }
+    
+    // Get paginated results
+    $paginatedRows = array_slice($rows, $offset, $pageSize);
+    $tempNum = $offset;
+    
+    foreach ($paginatedRows as $row) {
+        $tempNum++;
+?>
+        <div class="tline">
+            <div class="col9"><?= $tempNum ?></div>
+            <div class="col3 slidepanel"><?= htmlspecialchars($row['cs_code']) ?></div>
+            <div class="col4">
+                <?php
+                $qudaoResult = $conn->query("SELECT ch_name FROM qudao WHERE id=" . (int)$row['cs_from']);
+                echo ($qudaoRow = $qudaoResult->fetch_assoc()) ? htmlspecialchars($qudaoRow['ch_name']) : '未填写';
+                ?>
+            </div>
+            <div class="col5">
+                <?php
+                $countryResult = $conn->query("SELECT countryName FROM country WHERE id=" . (int)$row['cs_country']);
+                echo ($countryRow = $countryResult->fetch_assoc()) ? htmlspecialchars($countryRow['countryName']) : '未填写';
+                ?>
+            </div>
+            <div class="col6">
+                <?php
+                $typeResult = $conn->query("SELECT businessType FROM clientType WHERE id=" . (int)$row['cs_type']);
+                echo ($typeRow = $typeResult->fetch_assoc()) ? htmlspecialchars($typeRow['businessType']) : '未填写';
+                ?>
+            </div>
+            <div class="col6">
+                <?php
+                if ($row['cs_deal'] == 2) {
+                    echo "明确需求";
+                } elseif ($row['cs_deal'] == 1) {
+                    echo "背景调查";
+                }
+                ?>
+            </div>
+            <div class="col20"><?= $row['cs_updatetime'] ?></div>
+            <div class="col4"><span id="claim1" class="claim" data-id="<?= $row['id'] ?>">认领</span></div>
+        </div>
+        <div class="notepanel clear">
+            <div class="noteItem2">备注</div>
+            <div class="notecontent"><?= htmlUnCode($row['cs_note']) ?></div>
+        </div>
+<?php
+    }
+} else {
+    if (empty($keys)) {
+?>
+        <tr>
+            <div align="center" colspan="8">Sorry，当前暂无信息</div>
+        </tr>
+<?php
+    } else {
+?>
+        <tr>
+            <div align="center" colspan="8">
+                <a href="?">Sorry，没有找到"<?= htmlspecialchars($keyscode) ?>"相关的信息，点击返回</a>
+            </div>
+        </tr>
+<?php
+    }
+}
+?>
+        <div colspan="8">
+            <div class="showpagebox">
+<?php
+if (isset($totalPages) && $totalPages > 1) {
+    $pageName = "?Keys=" . $keys . $urlStr . "&";
+    $pagelen = 3;
+    
+    if ($page > 1) {
+        echo "<a href=\"{$pageName}Page=1\">首页</a>";
+        echo "<a href=\"{$pageName}Page=" . ($page - 1) . "\">上一页</a>";
+    }
+    
+    if ($pagelen * 2 + 1 >= $totalPages) {
+        $startPage = 1;
+        $endPage = $totalPages;
+    } else {
+        if ($page <= $pagelen + 1) {
+            $startPage = 1;
+            $endPage = $pagelen * 2 + 1;
+        } else {
+            $startPage = $page - $pagelen;
+            $endPage = $page + $pagelen;
+        }
+        if ($page + $pagelen > $totalPages) {
+            $startPage = $totalPages - $pagelen * 2;
+            $endPage = $totalPages;
+        }
+    }
+    
+    for ($i = $startPage; $i <= $endPage; $i++) {
+        if ($i == $page) {
+            echo "<a class=\"current\">{$i}</a>";
+        } else {
+            echo "<a href=\"{$pageName}Page={$i}\">{$i}</a>";
+        }
+    }
+    
+    if ($page < $totalPages) {
+        if ($totalPages - $page > $pagelen) {
+            echo "<a href=\"{$pageName}Page={$totalPages}\">...{$totalPages}</a>";
+        }
+        echo "<a href=\"{$pageName}Page=" . ($page + 1) . "\">下一页</a>";
+        echo "<a href=\"{$pageName}Page={$totalPages}\">尾页</a>";
+    }
+    
+    echo "<input type=\"text\" id=\"Pagego\" value=\"{$page}\" 
+          onFocus=\"if(this.value == '{$page}'){this.value='';}\" 
+          onBlur=\"if(this.value == ''){this.value='{$page}';}\" 
+          onKeyUp=\"this.value=this.value.replace(/\D/g,'')\" 
+          onKeyDown=\"if(event.keyCode==13){location.href='{$pageName}Page='+document.getElementById('Pagego').value}\" />";
+}
+?>
+            </div>
+        </div>
+    </div>
+</form>
+</div>
+</body>
+</html> 

home.php

@@ -0,0 +1,98 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+    <div class="searchForm homeSearch">
+        <form method="post" action="/searchResult.php" accept-charset="UTF-8">
+            <input class="keywords" id="keyword" name="keywords" placeholder="请输入联系人 / 电话 / 邮箱 / 微信 / WhatsApp.." >
+            <input class="searchSubmit" type="submit" value="客户检索">
+        </form>
+    </div>
+</div>
+
+<?php
+$sql = "SELECT cs_code, em_user, cs_claimdate FROM customer 
+        LEFT JOIN employee ON customer.cs_belong = employee.id 
+        WHERE customer.id IN (
+            SELECT cs_id FROM claimRecord 
+            WHERE isread = 0 AND originalEmp = ?
+        )";
+
+$stmt = $conn->prepare($sql);
+$stmt->bind_param("s", $_SESSION['employee_name']);
+$stmt->execute();
+$result = $stmt->get_result();
+
+if ($result->num_rows > 0) {
+?>
+    <div class="modal" id="modal">
+        <div class="modal-wraper">
+            <div class="modal-content">
+                <div class="popup-title">距离上次登录之后，以下客户已经被认领</div>
+                <div class="popup-content">
+                    <ul>
+                        <?php while ($row = $result->fetch_assoc()) { ?>
+                            <li>
+                                <span class="prominent"><?= textUncode($row['cs_code']) ?></span> 被 
+                                <span class="prominent"><?= textUncode($row['em_user']) ?></span> 于 
+                                <span><?= textUncode($row['cs_claimdate']) ?></span> 认领
+                            </li>
+                        <?php } ?>
+                    </ul>
+                </div>
+                <div class="close" onclick="closePopup()">已读</div>
+            </div>
+        </div>
+    </div>
+<?php
+}
+
+// Update claim records
+$update_sql = "UPDATE claimRecord SET isread = 1 
+               WHERE originalEmp = ? AND isread = 0";
+$update_stmt = $conn->prepare($update_sql);
+$update_stmt->bind_param("s", $_SESSION['employee_name']);
+$update_stmt->execute();
+
+$stmt->close();
+$update_stmt->close();
+?>
+
+<script>
+  // 检查是否首次登陆或是否过期
+  const em = localStorage.getItem('em');
+  const currentTime = new Date().getTime();
+  const expirationTime = 24 * 60 * 60 * 1000; // 24小时的有效时间
+  console.log(em);
+  if (!em || em !== 'em<?= $_SESSION["employee_id"] ?>') {
+    // 如果是首次登陆或已过期，显示弹窗
+    $("#modal").addClass("active");
+    setTimeout(function() {
+        $("#modal").find(".modal-content").addClass("active");
+    }, 0);
+
+    // 存储当前时间戳
+    localStorage.setItem('em', 'em<?= $_SESSION["employee_id"] ?>');
+  }
+
+  // 关闭弹窗的函数
+  function closePopup() {
+    $("#modal").removeClass("active");
+  }
+</script>
+
+</body>
+</html> 

index_not_html.asp

@@ -0,0 +1,103 @@
+<!--#include file="Conn.asp"--><%
+IP=GetIP
+Act = Request.QueryString("act")
+If Act = "logout" Then
+conn.execute("insert into logRecord (loginName,loginTime,loginAct) values ('"&Session("employee_name")&"','"&now()&"','"&Session("employee_name")&" "&now()&"从"&IP&"退出系统')")
+Session.Contents.Remove("employee_id")
+Session.Contents.Remove("employee_name")
+Session.Contents.Remove("t")
+Session.Contents.Remove("t1")
+Session.Contents.Remove("t2")
+Session.Contents.Remove("t3")
+Session.Contents.Remove("t4")
+Session.Contents.Remove("d1")
+Session.Contents.Remove("d2")
+End If
+
+Session.Contents.Remove("employee_id")
+
+If Act = "login" Then
+loginuser=TextEncode(Request.Form("loginuser"))
+loginpwd=TextEncode(Request.Form("loginpwd"))
+logincode=Request.Form("logincode")
+If loginuser="" Then Response.Write "1":Conn.Close:Set Conn=Nothing:Response.End
+If loginpwd="" Then Response.Write "2":Conn.Close:Set Conn=Nothing:Response.End
+If logincode<>Session("zengscode") Then Response.Write "3":Conn.Close:Set Conn=Nothing:Response.End
+
+
+Set Rs=Server.CreateObject("ADODB.RecordSet")
+
+Rs.Open "Select id,em_user,em_password,em_role,em_code,em_email,em_tel,lastIp from employee Where em_user='"&loginuser&"'",conn,1,3
+If Rs.Recordcount=0 Then Response.Write "4":Rs.Close:Set Rs=Nothing:Conn.Close:Set Conn=Nothing:Response.End
+If Rs("em_password")<>MD5(loginpwd) Then Response.Write "5":Rs.Close:Set Rs=Nothing:Conn.Close:Set Conn=Nothing:Response.End
+Session("employee_id")=Cint(Rs("id"))
+Session("employee_name")=Rs("em_user")
+Response.Write "7"
+Rs("lastIp")=GetIp()'记录登陆IP
+Rs.update
+Rs.Close
+
+
+BackToSeaStr="select id,cs_updatetime,cs_claimdate,cs_claimFrom,cs_chain from customer where cs_claimFrom<>'' and cs_claimdate>'2023-01-01' and cs_deal<>3 and cs_belong="&Session("employee_id")
+Rs.Open BackToSeaStr,conn,3,1	
+       Do while Not Rs.bof And not Rs.eof  
+		 If DATEDIFF("d",Rs("cs_claimdate"),now())>4 and DATEDIFF("s",Rs("cs_updatetime"),Rs("cs_claimdate"))=0 Then	'已经认领但是认领后无更新
+	 			myArray=split(Rs("cs_chain"),",")
+				myLen=UBound(myArray)
+				Litem=myArray(myLen)		 
+		 
+			IF Litem+0=Rs("cs_claimFrom")+0 Then
+			   cs_chain=Rs("cs_claimFrom")				
+			Else			    	
+			   cs_chain=Rs("cs_chain")&","&Rs("cs_claimFrom")
+			End If
+			updatestr="update customer set cs_belong="&Rs("cs_claimFrom")&" ,cs_chain='"&cs_chain&"' where id="&Rs("id")
+
+			conn.execute(updatestr)	 
+		 ElseIf DATEDIFF("s",Rs("cs_claimdate"),Rs("cs_updatetime"))>0 Then '认领后更新，不参与判断
+			updatestr="update customer set cs_claimdate='2022-12-31' where id="&Rs("id")
+		    conn.execute(updatestr)	
+	     End If
+	   Rs.moveNext		 
+       Loop	   
+Rs.close
+
+Rs.Open "Select count(id) from customer where cs_belong="&Session("employee_id"),conn,1,1	
+Session("t")=Rs(0)
+Rs.close	
+
+Rs.Open "Select count(id) from customer where cs_type=1 and cs_belong="&Session("employee_id"),conn,1,1	
+Session("t1")=Rs(0)
+Rs.close
+
+Rs.Open "Select count(id) from customer where cs_type=2 and cs_belong="&Session("employee_id"),conn,1,1	
+Session("t2")=Rs(0)
+Rs.close
+
+Rs.Open "Select count(id) from customer where cs_type=3 and cs_belong="&Session("employee_id"),conn,1,1	
+Session("t3")=Rs(0)
+Rs.close
+
+Rs.Open "Select count(id) from customer where cs_type=4 and cs_belong="&Session("employee_id"),conn,1,1	
+Session("t4")=Rs(0)
+Rs.close
+
+Rs.Open "Select count(id) from customer where cs_deal=3 and cs_belong="&Session("employee_id"),conn,1,1	
+Session("d1")=Rs(0)
+Rs.close
+
+Rs.Open "Select count(id) from customer where cs_deal=2 and cs_belong="&Session("employee_id"),conn,1,1	
+Session("d2")=Rs(0)
+Rs.close
+
+Rs.Open "Select count(id) from customer where DATEDIFF(DAY,cs_updatetime,getdate())>120 and cs_belong="&Session("employee_id"),conn,1,1	
+Session("d3")=Rs(0)
+Rs.close
+
+Set Rs=Nothing
+
+conn.execute("insert into logRecord (loginName,loginTime,loginAct) values ('"&Session("employee_name")&"','"&now()&"','"&Session("employee_name")&" "&now()&"从"&IP&"登录')")
+Conn.Close:Set Conn=Nothing:Response.End
+Response.End
+End If
+%>

index_not_html.php

@@ -0,0 +1,129 @@
+<?php
+require_once 'conn.php';
+
+$IP = getIp();
+$Act = $_GET['act'] ?? '';
+
+if ($Act == "logout") {
+    $stmt = $conn->prepare("INSERT INTO logRecord (loginName, loginTime, loginAct) VALUES (?, ?, ?)");
+    $logAct = $_SESSION['employee_name'] . " " . date('Y-m-d H:i:s') . "从" . $IP . "退出系统";
+    $stmt->bind_param("sss", $_SESSION['employee_name'], date('Y-m-d H:i:s'), $logAct);
+    $stmt->execute();
+    
+    // 清除所有session
+    $sessionKeys = ['employee_id', 'employee_name', 't', 't1', 't2', 't3', 't4', 'd1', 'd2'];
+    foreach ($sessionKeys as $key) {
+        unset($_SESSION[$key]);
+    }
+}
+
+unset($_SESSION['employee_id']);
+
+if ($Act == "login") {
+    $loginuser = textEncode($_POST['loginuser'] ?? '');
+    $loginpwd = textEncode($_POST['loginpwd'] ?? '');
+    $logincode = $_POST['logincode'] ?? '';
+    
+    if (empty($loginuser)) {
+        echo "1";
+        exit;
+    }
+    if (empty($loginpwd)) {
+        echo "2";
+        exit;
+    }
+    if ($logincode != $_SESSION['zengscode']) {
+        echo "3";
+        exit;
+    }
+
+    // 查询用户
+    $stmt = $conn->prepare("SELECT id, em_user, em_password, em_role, em_code, em_email, em_tel, lastIp FROM employee WHERE em_user = ?");
+    $stmt->bind_param("s", $loginuser);
+    $stmt->execute();
+    $result = $stmt->get_result();
+    
+    if ($result->num_rows == 0) {
+        echo "4";
+        exit;
+    }
+    
+    $row = $result->fetch_assoc();
+    if ($row['em_password'] != md5($loginpwd)) {
+        echo "5";
+        exit;
+    }
+    
+    $_SESSION['employee_id'] = (int)$row['id'];
+    $_SESSION['employee_name'] = $row['em_user'];
+    echo "7";
+    
+    // 更新最后登录IP
+    $stmt = $conn->prepare("UPDATE employee SET lastIp = ? WHERE id = ?");
+    $stmt->bind_param("si", $IP, $_SESSION['employee_id']);
+    $stmt->execute();
+
+    // 处理回收逻辑
+    $BackToSeaStr = "SELECT id, cs_updatetime, cs_claimdate, cs_claimFrom, cs_chain 
+                     FROM customer 
+                     WHERE cs_claimFrom != '' 
+                     AND cs_claimdate > '2023-01-01' 
+                     AND cs_deal != 3 
+                     AND cs_belong = ?";
+    
+    $stmt = $conn->prepare($BackToSeaStr);
+    $stmt->bind_param("i", $_SESSION['employee_id']);
+    $stmt->execute();
+    $result = $stmt->get_result();
+    
+    while ($row = $result->fetch_assoc()) {
+        $timeDiff = (strtotime('now') - strtotime($row['cs_claimdate'])) / (24 * 3600);
+        $updateDiff = strtotime($row['cs_updatetime']) - strtotime($row['cs_claimdate']);
+        
+        if ($timeDiff > 4 && $updateDiff == 0) {
+            $myArray = explode(",", $row['cs_chain']);
+            $Litem = end($myArray);
+            
+            $cs_chain = ($Litem == $row['cs_claimFrom']) ? 
+                       $row['cs_claimFrom'] : 
+                       $row['cs_chain'] . "," . $row['cs_claimFrom'];
+            
+            $updateStr = "UPDATE customer SET cs_belong = ?, cs_chain = ? WHERE id = ?";
+            $stmt2 = $conn->prepare($updateStr);
+            $stmt2->bind_param("isi", $row['cs_claimFrom'], $cs_chain, $row['id']);
+            $stmt2->execute();
+        } elseif ($updateDiff > 0) {
+            $stmt2 = $conn->prepare("UPDATE customer SET cs_claimdate = '2022-12-31' WHERE id = ?");
+            $stmt2->bind_param("i", $row['id']);
+            $stmt2->execute();
+        }
+    }
+
+    // 统计数据
+    $countQueries = [
+        't' => "SELECT COUNT(id) FROM customer WHERE cs_belong = ?",
+        't1' => "SELECT COUNT(id) FROM customer WHERE cs_type = 1 AND cs_belong = ?",
+        't2' => "SELECT COUNT(id) FROM customer WHERE cs_type = 2 AND cs_belong = ?",
+        't3' => "SELECT COUNT(id) FROM customer WHERE cs_type = 3 AND cs_belong = ?",
+        't4' => "SELECT COUNT(id) FROM customer WHERE cs_type = 4 AND cs_belong = ?",
+        'd1' => "SELECT COUNT(id) FROM customer WHERE cs_deal = 3 AND cs_belong = ?",
+        'd2' => "SELECT COUNT(id) FROM customer WHERE cs_deal = 2 AND cs_belong = ?",
+        'd3' => "SELECT COUNT(id) FROM customer WHERE DATEDIFF(NOW(), cs_updatetime) > 120 AND cs_belong = ?"
+    ];
+
+    foreach ($countQueries as $key => $query) {
+        $stmt = $conn->prepare($query);
+        $stmt->bind_param("i", $_SESSION['employee_id']);
+        $stmt->execute();
+        $result = $stmt->get_result();
+        $_SESSION[$key] = $result->fetch_row()[0];
+    }
+
+    // 记录登录日志
+    $stmt = $conn->prepare("INSERT INTO logRecord (loginName, loginTime, loginAct) VALUES (?, ?, ?)");
+    $logAct = $_SESSION['employee_name'] . " " . date('Y-m-d H:i:s') . "从" . $IP . "登录";
+    $stmt->bind_param("sss", $_SESSION['employee_name'], date('Y-m-d H:i:s'), $logAct);
+    $stmt->execute();
+    
+    exit;
+}

js/js.js

@@ -61,7 +61,7 @@
 		var country=$("#fliterCountry").val();
 		$.ajax({
 			type: "GET",
-			url: "quantitySearch.asp",
+			url: "quantitySearch.php",
 			dataType: "html",
 			contentType: "application/json;charset=utf-8",
 			data: {
@@ -87,7 +87,7 @@
 		var eid = $(this).parent().data("em");
 		var tagvalue = $thistag.text();
 		$.ajax({
-			url: "bindTag.asp",
+			url: "bindTag.php",
 			beforeSend: function() {
 				if ($thistag.hasClass("active")) {
 					$thistag.removeClass("active");
@@ -114,7 +114,7 @@
 		var originaltag = $this.data("originaltag");
 		var newtag = $this.text();
 		$.ajax({
-			url: "editTag.asp",
+			url: "editTag.php",
 			beforeSend: function() {
 				r = confirm("是否编辑标签");
 				if (newtag == "") {
@@ -131,7 +131,7 @@
 				newtag: escape(newtag)
 			},
 			success: function() {
-				window.location.href = "/tag.asp?tagName=" + newtag;
+				window.location.href = "/tag.php?tagName=" + newtag;
 			}
 		});
 
@@ -147,7 +147,7 @@
 		var cid = $this.parent().data("id");
 		$(this).closest(".tline").removeClass().addClass("tline color" + colorid);
 		$.ajax({
-			url: "colorTag.asp",
+			url: "colorTag.php",
 			data: {
 				colorid: colorid,
 				cid: cid
@@ -163,7 +163,7 @@
 		var $this = $(this);
 		var cid = $this.data("id");
 		$.ajax({
-			url: "claimCustomer.asp",
+			url: "claimCustomer.php",
 			data: {
 				cid: cid
 			},

js/loginjs.js

@@ -1,6 +1,6 @@
 $(document).ready(function(){
 	var Webdir="/system/";
-	function loadbmpcode(){document.getElementById("logincodebmp").src = Webdir+"bmpcode.asp?t1=16&temp=" + (new Date().getTime().toString(36));}
+	function loadbmpcode(){document.getElementById("logincodebmp").src = Webdir+"bmpcode.php?t1=16&temp=" + (new Date().getTime().toString(36));}
 	$("#loginuser").focus();
 	$("#logincode").focus(function(){
 	if($("#showlogincode").html()==""){
@@ -27,8 +27,9 @@
 			$("#logincode").focus();
 			return false;
 		}
-		var url="index.asp?act=login";
-		var param="loginuser="+escape(loginuser)+"&loginpwd="+escape(loginpwd)+"&logincode="+escape(logincode);
+
+		var url="index.php?act=login";
+		var param="loginuser="+encodeURIComponent(loginuser)+"&loginpwd="+encodeURIComponent(loginpwd)+"&logincode="+encodeURIComponent(logincode);
 		jqajax(url,param);
 	return false;
 	});
@@ -70,7 +71,7 @@
 					$("#logincode").focus();
 					break;
 				case "7":
-					location.replace("home.asp");
+					location.replace("home.php");
 					break;
 				default:
 					$("#formmsg").html(ajaxmsg);

js/product.js

@@ -10,7 +10,7 @@ $(document).ready(function(){
 	
 	$(".addSubClass").live("click",function(){
 		classLength=$(".class-list ul li").size()+1;
-		var lstr="<li><input type='text' name='subClassName' class='txt3' value=''><input type='text' id='subClassImg"+classLength+"' name='subClassImg' value='' class='txt5'><iframe src='imgUpload.asp?id=subClassImg"+classLength+"' class='upload-frame'></iframe><input type='button' class='addSubClass'><input type='button' class='removeSubClass'></li>"
+		var lstr="<li><input type='text' name='subClassName' class='txt3' value=''><input type='text' id='subClassImg"+classLength+"' name='subClassImg' value='' class='txt5'><iframe src='imgUpload.php?id=subClassImg"+classLength+"' class='upload-frame'></iframe><input type='button' class='addSubClass'><input type='button' class='removeSubClass'></li>"
 		$(".class-list ul").append(lstr);
 	})
 	

nullTag.php

@@ -0,0 +1,111 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+
+$tagStr = "";
+$result = $conn->query("SELECT DISTINCT tagName FROM tagTable WHERE employeeId=" . $_SESSION['employee_id']);
+while ($row = $result->fetch_assoc()) {
+    $tagStr .= "<span>" . htmlspecialchars($row['tagName']) . "</span>,";
+}
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+    <div class="fastSelect clear">
+        <H1>无标签客户</H1>
+    </div>
+
+    <div width="100%" border="0" cellpadding="3" cellspacing="1" class="table2">
+        <div class="theader">
+            <div class="col2">序号</div>
+            <div class="col3">客户编号</div>
+            <div class="col4">渠道来源</div>
+            <div class="col5">区域</div>
+            <div class="col6">客户类型</div>
+            <div class="col7">跟进阶段</div>
+            <div class="col8">录入时间</div>
+            <div class="col10">操作</div>
+        </div>
+
+<?php
+$sqlStr = "SELECT id, cs_code, cs_from, cs_country, cs_type, cs_deal, cs_addtime, cs_tel, cs_email, 
+           cs_whatsapp, cs_wechat, cs_linkedin, cs_facebook, cs_alibaba, cs_note 
+           FROM customer 
+           WHERE cs_belong=" . $_SESSION['employee_id'] . " 
+           AND id NOT IN (SELECT customerId FROM tagTable)";
+
+$result = $conn->query($sqlStr);
+$tempNum = 0;
+
+while ($row = $result->fetch_assoc()) {
+    $tempNum++;
+?>
+        <div class="tline">
+            <div class="col2"><?= $tempNum ?></div>
+            <div class="col3 slidepanel"><?= htmlspecialchars($row['cs_code']) ?></div>
+            <div class="col4">
+                <?php
+                $qudaoResult = $conn->query("SELECT ch_name FROM qudao WHERE id=" . (int)$row['cs_from']);
+                echo ($qudaoRow = $qudaoResult->fetch_assoc()) ? htmlspecialchars($qudaoRow['ch_name']) : '未填写';
+                ?>
+            </div>
+            <div class="col5">
+                <?php
+                $countryResult = $conn->query("SELECT countryName FROM country WHERE id=" . (int)$row['cs_country']);
+                echo ($countryRow = $countryResult->fetch_assoc()) ? htmlspecialchars($countryRow['countryName']) : '未填写';
+                ?>
+            </div>
+            <div class="col6">
+                <?php
+                $typeResult = $conn->query("SELECT businessType FROM clientType WHERE id=" . (int)$row['cs_type']);
+                echo ($typeRow = $typeResult->fetch_assoc()) ? htmlspecialchars($typeRow['businessType']) : '未填写';
+                ?>
+            </div>
+            <div class="col7">
+                <?php
+                if ($row['cs_deal'] == 3) {
+                    echo "<span style='color:red;'>成交</span>";
+                } elseif ($row['cs_deal'] == 2) {
+                    echo "明确需求";
+                } elseif ($row['cs_deal'] == 1) {
+                    echo "明确需求";
+                } else {
+                    echo "无响应";
+                }
+                ?>
+            </div>
+            <div class="col8"><?= $row['cs_addtime'] ?></div>
+            <div class="col10"><a href="customerEdit.php?Keys=<?= $keys ?? '' ?>&Ord=<?= $ord ?? '' ?>&Page=<?= $page ?? '' ?>&act=edit&id=<?= $row['id'] ?>" class="ico_edit ico">修改</a></div>
+        </div>
+        <div class="notepanel clear">
+            <div class="noteItem">联系方式</div>
+            <div class="lx">
+                <div class="tel"><?= htmlspecialchars($row['cs_tel']) ?></div>
+                <div class="mail"><a href="mailto:<?= htmlspecialchars($row['cs_email']) ?>"><?= htmlspecialchars($row['cs_email']) ?></a></div>
+                <div class="whatsapp"><?= htmlspecialchars($row['cs_whatsapp']) ?></div>
+                <div class="wechat"><?= htmlspecialchars($row['cs_wechat']) ?></div>
+                <div class="linkedin"><?= htmlspecialchars($row['cs_linkedin']) ?></div>
+                <div class="facebook"><?= htmlspecialchars($row['cs_facebook']) ?></div>
+                <div class="alibaba"><?= htmlspecialchars($row['cs_alibaba']) ?></div>
+            </div>
+            <div class="noteItem2">备注</div>
+            <div class="notecontent"><?= htmlUnCode($row['cs_note']) ?></div>
+            <div class="coltag mytag" data-id="<?= $row['id'] ?>" data-em="<?= $_SESSION['employee_id'] ?>"><?= $tagStr ?></div>
+        </div>
+<?php
+}
+?>
+    </div>
+</div>
+</body>
+</html> 

panel.asp

@@ -39,7 +39,7 @@
 	<div>
 	<dl>
 		<%if instr(em_code,"BX")=0 Then%>
-		<dt><a href="../home.asp">客户查找</a>	</dt>	
+		<dt><a href="../home.php">客户查找</a>	</dt>
 		<%End if%>
 		<dt><a href="../customerAdd.asp">客户录入</a>	</dt>			
 		<dt id="myCustomer" class="subnav">我的客户
@@ -83,7 +83,7 @@
 		</dt>
 		<%End If%>
 		<dt><a href="../pwdEdit.asp" >修改密码</a>	</dt>
-		<dt><a href="../index.asp?act=logout" onclick="if(!confirm('确认要退出吗？'))return false;">退出登录</a>	</dt>
+		<dt><a href="../index.php?act=logout" onclick="if(!confirm('确认要退出吗？'))return false;">退出登录</a>	</dt>
 	</dl>
 	</div>
 	<div class="copyright">

panel.php

@@ -0,0 +1,87 @@
+<?php
+// Get employee information
+$stmt = $conn->prepare("SELECT * FROM employee WHERE id = ?");
+$stmt->bind_param("i", $_SESSION['employee_id']);
+$stmt->execute();
+$result = $stmt->get_result();
+
+if ($row = $result->fetch_assoc()) {
+    $em_user = textUncode($row['em_user']);
+    $em_role = $row['em_role'];
+    $em_code = textUncode($row['em_code']);
+    $em_email = textUncode($row['em_email']);
+    $em_tel = textUncode($row['em_tel']);
+} else {
+    $stmt->close();
+    $conn->close();
+    header("Location: /");
+    exit;
+}
+$stmt->close();
+?>
+
+<div class="panel">
+    <section>
+        <h3><?= $em_user ?></h3>
+        <div class="role_text"><?= ($em_role == 0) ? "组长" : "组员" ?></div>
+        <ul class="lxfs">
+            <li class="tel"><?= $em_tel ?></li>
+            <li class="mail"><?= $em_email ?></li>
+        </ul>
+    </section>
+    <div>
+        <dl>
+            <?php if (strpos($em_code, "BX") === false): ?>
+                <dt><a href="../home.php">客户查找</a></dt>
+            <?php endif; ?>
+            <dt><a href="../customerAdd.php">客户录入</a></dt>
+            <dt id="myCustomer" class="subnav">我的客户
+                <div class="list-wraper">
+                    <a href="../customers.php">全部客户  (<?= $_SESSION['t'] ?>)</a>
+                    <a href="../customers.php?fliterBusiness=1">经销商  (<?= $_SESSION['t1'] ?>)</a>
+                    <a href="../customers.php?fliterBusiness=2">零售  (<?= $_SESSION['t2'] ?>)</a>
+                    <a href="../customers.php?fliterBusiness=3">连锁店铺  (<?= $_SESSION['t3'] ?>)</a>
+                    <a href="../customers.php?fliterBusiness=4">中间商  (<?= $_SESSION['t4'] ?>)</a>
+                    <a href="../customers.php?fliterDeal=2">明确需求  (<?= $_SESSION['d2'] ?>)</a>
+                    <a href="../customers.php?fliterDeal=3">已经成交  (<?= $_SESSION['d1'] ?>)</a>
+                    <a href="../customersNew.php">本月新增</a>
+                    <?php if (strpos($em_code, "BX") === false): ?>
+                        <a href="../customersFollow.php">即将加入公海 </a>
+                        <a href="../teamSeas.php">小组公海(60天无更新)</a>
+                        <a href="../highSeas.php">公司公海(120天无更新)</a>
+                        <a href="../claimRecord.php">认领记录</a>
+                        <a href="../abnormal.php" class="new">异常客户</a>
+                    <?php endif; ?>
+                </div>
+            </dt>
+            <dt class="subnav">数据
+                <div class="list-wraper">
+                    <a href="../dashboard.php">数据看板</a>
+                    <?php if (strpos($em_code, "BX") === false): ?>
+                        <a href="../team.php">本月小组数据</a>
+                    <?php endif; ?>
+                </div>
+            </dt>
+            <dt><a href="../tagClound.php">标签云</a></dt>
+            <?php if (strpos($em_code, "BX") === false): ?>
+                <dt><a href="../silentCustomer.php">静默客户</a></dt>
+            <?php endif; ?>
+            <?php if ($em_role == 0): ?>
+                <dt class="subnav">我的团队
+                    <div class="list-wraper">
+                        <a href="../subcustomers.php">组员客户</a>
+                        <a href="../subtagClound.php">组员客户分析</a>
+                    </div>
+                </dt>
+            <?php endif; ?>
+            <dt><a href="../pwdEdit.php">修改密码</a></dt>
+            <dt><a href="../index.php?act=logout" onclick="return confirm('确认要退出吗？');">退出登录</a></dt>
+        </dl>
+    </div>
+    <div class="copyright">
+        <p>Version 1.5</p>
+    </div>
+    <?php if (strpos($em_code, "BX") === false): ?>
+        <div class="statement">***注意事项***<br>所有业务务必全面录入客户资料，如发现有客户重复第一时间与前录入人沟通并妥善将与客户沟通的内容交接到原录入人，如故意隐瞒或者选择无视不交接，自愿接受退还客户及停止一个月官网询盘客户推送的惩罚，情节严重者按照违反公司利益进行辞退！</div>
+    <?php endif; ?>
+</div> 

postchkbox.php

@@ -0,0 +1,25 @@
+<?php
+/**
+ * Post checkbox component for customer management
+ * Displays action selection dropdown and execute button
+ */
+?>
+<div class="postchkbox">
+    <select id="chkact" name="chkact">
+        <option value="0">无响应</option>
+        <option value="1">背景调查</option>
+        <option value="2">明确需求</option>
+        <?php
+        // Get team members that current user can transfer customers to
+        $stmt = $conn->prepare("SELECT id, em_user FROM employee WHERE em_role = ?");
+        $stmt->bind_param("i", $_SESSION['employee_id']);
+        $stmt->execute();
+        $result = $stmt->get_result();
+
+        while ($row = $result->fetch_assoc()) {
+            echo "<option value=\"t{$row['id']}\">转给{$row['em_user']}</option>";
+        }
+        ?>
+    </select>
+    <input type="button" value="执行" onClick="postchk(1)" class="btn1" />
+</div> 

price.php

@@ -0,0 +1,69 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+    <form id="form1" method="post" action="?act=postchk&Keys=<?= $keys ?? '' ?>&Page=<?= $page ?? '' ?>" onSubmit="return false">
+        <div class="fastSelect clear">
+            <H1>报价查询</H1>
+            <div class="selectItem">
+                <label>区域</label>
+                <select name="fliterCountry" id="fliterCountry">
+                    <option value="">请选择国家地区</option>
+                    <?php
+                    $result = $conn->query("SELECT id, countryName FROM country WHERE id IN 
+                                          (SELECT DISTINCT cs_country FROM customer WHERE cs_belong=" . $_SESSION['employee_id'] . ")");
+                    while ($row = $result->fetch_assoc()) {
+                        echo "<option value=\"{$row['id']}\">{$row['countryName']}</option>";
+                    }
+                    ?>
+                </select>
+            </div>
+            <div class="selectItem selectProduct">
+                <label>产品</label>
+                <select name="fliterproduct" id="fliterproduct">
+                    <option value="">请选择产品</option>
+                    <?php
+                    $result = $conn->query("SELECT id, ProductName FROM Products");
+                    while ($row = $result->fetch_assoc()) {
+                        echo "<option value=\"{$row['id']}\">{$row['ProductName']}</option>";
+                    }
+                    ?>
+                </select>
+            </div>
+
+            <div class="selectItem selectnum">
+                <label>数量</label>
+                <select name="fliternum" id="fliternum">
+                    <option value="">请选择产品</option>
+                </select>
+            </div>
+        </div>
+
+        <table width="100%" class="table2">
+            <tr class="theader">
+                <th width="15%">产品名称</th>
+                <th width="15%">图片</th>
+                <th width="10%">起订数量</th>
+                <th width="30%">报价管理</th>
+                <th width="20%">备注</th>
+            </tr>
+            <tr id="pricecontrol" class="pricecontrol">
+            </tr>
+        </table>
+    </form>
+</div>
+</body>
+</html> 

pwdEdit.asp

@@ -74,7 +74,7 @@ If act="save" Then
 	If Cint(changeSuccess)=1 Then
 		Response.write "<script>alert('资料修改成功！');history.back();</script>"
 	ElseIf Cint(changeSuccess)=2 Then
-		Response.write "<script>alert('密码修改成功！请退出重新登录');location.href='index.asp?act=logout';</script>"	
+		Response.write "<script>alert('密码修改成功！请退出重新登录');location.href='index.php?act=logout';</script>"
 	Else
 		Response.write "<script>alert('原始密码错误！');history.back();</script>"
 	End If	

pwdEdit.php

@@ -0,0 +1,115 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+
+$id = $_GET['id'] ?? '';
+$page = $_GET['Page'] ?? '';
+$keys = $_GET['Keys'] ?? '';
+$ord = $_GET['Ord'] ?? '';
+$hrefstr = "?keys=" . urlencode($keys) . "&Ord=" . urlencode($ord) . "&Page=" . $page;
+$employee_id = $_SESSION['employee_id'];
+
+$act = $_GET['act'] ?? '';
+
+if ($act == 'save') {
+    $em_tel = textEncode($_POST['em_tel'] ?? '');
+    $em_email = textEncode($_POST['em_email'] ?? '');
+    $em_password = md5($_POST['em_password'] ?? '');
+    $pwd = md5($_POST['pwd'] ?? '');
+    $pwdre = md5($_POST['pwdre'] ?? '');
+    $editpwd = false;
+    
+    if (!is_numeric($employee_id)) {
+        $employee_id = 0;
+    }
+    
+    if ($pwd !== '8f00b204e9800998' && $pwdre !== '8f00b204e9800998') {
+        $editpwd = true;
+        if ($pwd !== $pwdre) {
+            echo "<script>alert('两次密码输入不一致！');history.back();</script>";
+            exit;
+        }
+    }
+    
+    $result = $conn->query("SELECT * FROM employee WHERE id=" . (int)$employee_id);
+    if ($row = $result->fetch_assoc()) {
+        $changeSuccess = 1;
+        
+        $sql = "UPDATE employee SET 
+                em_email='" . $conn->real_escape_string($em_email) . "',
+                em_tel='" . $conn->real_escape_string($em_tel) . "'";
+                
+        if ($editpwd) {
+            if ($em_password === $row['em_password']) {
+                $sql .= ", em_password='" . $conn->real_escape_string($pwd) . "'";
+                $changeSuccess = 2;
+            } else {
+                $changeSuccess = 3;
+            }
+        }
+        
+        $sql .= " WHERE id=" . (int)$employee_id;
+        $conn->query($sql);
+        
+        if ($changeSuccess == 1) {
+            echo "<script>alert('资料修改成功！');history.back();</script>";
+        } elseif ($changeSuccess == 2) {
+            echo "<script>alert('密码修改成功！请退出重新登录');location.href='index.php?act=logout';</script>";
+        } else {
+            echo "<script>alert('原始密码错误！');history.back();</script>";
+        }
+        exit;
+    }
+}
+
+$result = $conn->query("SELECT em_email, em_tel FROM employee WHERE id=" . (int)$_SESSION['employee_id']);
+$row = $result->fetch_assoc();
+$em_tel = $row['em_tel'] ?? '';
+$em_email = $row['em_email'] ?? '';
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+    <script src="system/xheditor-1.1.9/xheditor-1.1.9-zh-cn.min.js"></script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+    <form name="form1" method="post" action="pwdEdit.php<?= $hrefstr ?>&act=save" onSubmit="return checkpwd();">
+        <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+            <tbody>
+                <tr>
+                    <th width="8%">电话：</th>
+                    <td><input type="text" id="em_tel" name="em_tel" value="<?= htmlspecialchars($em_tel) ?>" class="txt1" /></td>
+                </tr>
+                <tr>
+                    <th width="8%">邮箱：</th>
+                    <td><input type="text" id="em_email" name="em_email" value="<?= htmlspecialchars($em_email) ?>" class="txt1" /></td>
+                </tr>
+                <tr>
+                    <th width="8%">原始密码：</th>
+                    <td><input type="password" id="em_password" name="em_password" value="" class="txt1" placeholder="不修改密码请留空" /></td>
+                </tr>
+                <tr>
+                    <th width="8%">新密码：</th>
+                    <td><input type="password" id="pwd" name="pwd" value="" class="txt1" placeholder="不修改密码请留空" /></td>
+                </tr>
+                <tr>
+                    <th width="8%">请再次输入</th>
+                    <td><input type="password" id="pwdre" name="pwdre" value="" class="txt1" placeholder="不修改密码请留空" /></td>
+                </tr>
+                <tr>
+                    <th></th>
+                    <td><input type="submit" name="save" id="save" value="确定" class="btn1" /></td>
+                </tr>
+            </tbody>
+        </table>
+    </form>
+</div>
+</body>
+</html> 

quantitySearch.php

@@ -0,0 +1,57 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+
+$product = $_GET['productId'] ?? '';
+$country = $_GET['country'] ?? '';
+$str = "";
+
+$result = $conn->query("SELECT ProductName, ProductImg, unit, moq, tips FROM Products WHERE id=" . (int)$product);
+if ($row = $result->fetch_assoc()) {
+    $productname = $row['ProductName'];
+    $productImg = $row['ProductImg'];
+    $unit = $row['unit'];
+    $moq = $row['moq'] ?? '无数量限制';
+    $tips = textUnCode($row['tips']);
+    
+    $str = "<td>" . htmlspecialchars($productname) . "</td><td><img src=\"" . htmlspecialchars($productImg) . "\"></td><td>" . htmlspecialchars($moq) . "</td>";
+}
+
+// Check if product can be sold in the region
+$result = $conn->query("SELECT * FROM Products WHERE (nosale LIKE '" . $conn->real_escape_string($country) . "%' 
+                        OR nosale LIKE '%," . $conn->real_escape_string($country) . ",%' 
+                        OR nosale LIKE '%" . $conn->real_escape_string($country) . "') 
+                        AND Id=" . (int)$product);
+
+if ($row = $result->fetch_assoc()) {
+    $str .= "<td class=\"nosale\">产品无法在该地区销售，请勿报价。<br>" . textUnCode($row['note']) . "</td>";
+} else {
+    // Get price information for the specific area
+    $result = $conn->query("SELECT DISTINCT num, price FROM price 
+                           WHERE productId=" . (int)$product . " AND AreaId=" . (int)$country . " 
+                           ORDER BY num ASC");
+    
+    if ($result->num_rows > 0) {
+        $str .= "<td><ul>";
+        while ($row = $result->fetch_assoc()) {
+            $str .= "<li>订单数量:≥" . htmlspecialchars($row['num']) . 
+                   "<span class=\"unit\">" . htmlspecialchars($unit) . "</span>" .
+                   "<span class=\"price\">" . htmlspecialchars($row['price']) . "</span>RMB</li>";
+        }
+        $str .= "</ul></td><td>" . htmlspecialchars($tips) . "</td>";
+    } else {
+        // Get default price information
+        $result = $conn->query("SELECT DISTINCT num, price FROM price 
+                               WHERE productId=" . (int)$product . " AND AreaId=0 
+                               ORDER BY num ASC");
+        $str .= "<td><ul>";
+        while ($row = $result->fetch_assoc()) {
+            $str .= "<li>订单数量:≥" . htmlspecialchars($row['num']) . 
+                   "<span class=\"unit\">" . htmlspecialchars($unit) . "</span>" .
+                   "<span class=\"price\">" . htmlspecialchars($row['price']) . "</span>RMB</li>";
+        }
+        $str .= "</ul></td><td>" . htmlspecialchars($tips) . "</td>";
+    }
+}
+
+echo $str; 

searchResult.asp

@@ -19,7 +19,7 @@
 	keywords=TextEnCode(keywords)
 
 	If keywords="" or len(keywords)<4 Then
-		Response.write "<script>alert('请至少输入4位数字或文字进行查找');window.location.href='/home.asp';</script>"
+		Response.write "<script>alert('请至少输入4位数字或文字进行查找');window.location.href='/home.php';</script>"
 
 	End If
 	

searchResult.php

@@ -0,0 +1,128 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+
+$keywordsNative = $_POST['keywords'] ?? '';
+$keywords = str_replace(['+', ' ', '-', ')', '('], '', $keywordsNative);
+$keywords = textEncode($keywords);
+
+if (empty($keywords) || strlen($keywords) < 4) {
+    echo "<script>alert('请至少输入4位数字或文字进行查找');window.location.href='/home.php';</script>";
+    exit;
+}
+
+$searchStr = "SELECT cs_code, cs_name, cs_country, cs_tel, cs_email, cs_whatsapp, cs_wechat, cs_linkedin, 
+             cs_facebook, cs_addtime, cs_from, cs_belong, cs_deal, cs_alibaba 
+             FROM customer 
+             WHERE (cs_telformat LIKE '%" . $conn->real_escape_string($keywords) . "%' 
+             OR cs_email LIKE '%" . $conn->real_escape_string($keywords) . "%' 
+             OR cs_whatsappformat LIKE '%" . $conn->real_escape_string($keywords) . "%' 
+             OR cs_wechat LIKE '%" . $conn->real_escape_string($keywords) . "%' 
+             OR cs_alibaba LIKE '%" . $conn->real_escape_string($keywords) . "%' 
+             OR cs_linkedin LIKE '%" . $conn->real_escape_string($keywords) . "%' 
+             OR cs_facebook LIKE '%" . $conn->real_escape_string($keywords) . "%' 
+             OR cs_email LIKE '%" . $conn->real_escape_string($keywordsNative) . "%' 
+             OR cs_wechat LIKE '%" . $conn->real_escape_string($keywordsNative) . "%' 
+             OR cs_alibaba LIKE '%" . $conn->real_escape_string($keywordsNative) . "%' 
+             OR cs_linkedin LIKE '%" . $conn->real_escape_string($keywordsNative) . "%' 
+             OR cs_facebook LIKE '%" . $conn->real_escape_string($keywordsNative) . "%')";
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+    <div class="searchForm resultSearch">
+        <form method="post" action="searchResult.php" accept-charset="UTF-8">
+            <input class="keywords" name="keywords" id="keyword" placeholder="请输入电话/邮箱/微信/WhatsApp.." value="<?= htmlspecialchars($keywordsNative) ?>">
+            <input class="searchSubmit" type="submit" value="客户检索">
+        </form>
+    </div>
+    <table width="100%" class="resultForm">
+        <tr class="tableHead">
+            <td align="center">序号</td>
+            <td align="center">客户编号</td>
+            <td align="center">联系人</td>
+            <td align="center">国家</td>
+            <td align="center">来源</td>
+            <td align="center">跟进阶段</td>
+            <td align="center">录入日期</td>
+            <td align="center">所属业务员</td>
+        </tr>
+<?php
+$result = $conn->query($searchStr);
+if ($result && $result->num_rows > 0) {
+    $i = 1;
+    while ($row = $result->fetch_assoc()) {
+?>
+        <tr>
+            <td align="center" rowspan="2"><?= $i ?></td>
+            <td align="center"><?= htmlspecialchars($row['cs_code']) ?></td>
+            <td align="center"><?= htmlspecialchars($row['cs_name']) ?></td>
+            <td align="center">
+                <?php
+                $countryResult = $conn->query("SELECT countryName FROM country WHERE id=" . (int)$row['cs_country']);
+                echo ($countryRow = $countryResult->fetch_assoc()) ? htmlspecialchars($countryRow['countryName']) : '未选择';
+                ?>
+            </td>
+            <td align="center">
+                <?php
+                $qudaoResult = $conn->query("SELECT ch_name FROM qudao WHERE id=" . (int)$row['cs_from']);
+                echo ($qudaoRow = $qudaoResult->fetch_assoc()) ? htmlspecialchars($qudaoRow['ch_name']) : '未选择';
+                ?>
+            </td>
+            <td align="center">
+                <?= ($row['cs_deal'] == 3) ? '<span class="highline">成交</span>' : '未成交' ?>
+            </td>
+            <td align="center"><?= $row['cs_addtime'] ?></td>
+            <td align="center" rowspan="2">
+                <?php
+                $employeeResult = $conn->query("SELECT em_user FROM employee WHERE id=" . (int)$row['cs_belong']);
+                echo ($employeeRow = $employeeResult->fetch_assoc()) ? htmlspecialchars($employeeRow['em_user']) : '系统出错';
+                ?>
+            </td>
+        </tr>
+        <tr>
+            <td colspan="6" class="contacts">
+                <div class="tel"><?= htmlspecialchars($row['cs_tel']) ?></div>
+                <div class="mail"><?= htmlspecialchars($row['cs_email']) ?></div>
+                <div class="whatsapp"><?= htmlspecialchars($row['cs_whatsapp']) ?></div>
+                <div class="wechat"><?= htmlspecialchars($row['cs_wechat']) ?></div>
+                <div class="linkedin"><?= htmlspecialchars($row['cs_linkedin']) ?></div>
+                <div class="facebook"><?= htmlspecialchars($row['cs_facebook']) ?></div>
+                <div class="alibaba"><?= htmlspecialchars($row['cs_alibaba']) ?></div>
+            </td>
+        </tr>
+<?php
+        $i++;
+    }
+} else {
+    if (empty($keywords)) {
+?>
+        <tr>
+            <td colspan="8" align="center">暂无相关记录，可录入该客户,<a href="/customerAdd.php" class="highline">点击录入客户数据</a></td>
+        </tr>
+<?php
+    } else {
+?>
+        <tr>
+            <td colspan="8" align="center">
+                <a href="?">Sorry，没有找到"<?= htmlspecialchars($keywords) ?>"相关的信息，点击返回</a>
+            </td>
+        </tr>
+<?php
+    }
+}
+?>
+    </table>
+</div>
+</body>
+</html> 

silentCustomer.php

@@ -0,0 +1,377 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+
+$act = $_GET['act'] ?? '';
+
+if ($act == 'postchk') {
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $page = $_GET['Page'] ?? '';
+    $chkact = $_POST['chkact'] ?? '';
+    
+    $sqlStr = "";
+    if (isset($_POST['chkbox'])) {
+        foreach ($_POST['chkbox'] as $id) {
+            $sqlStr .= ($sqlStr ? " OR id=" : " WHERE id=") . (int)$id;
+        }
+    }
+    
+    switch ($chkact) {
+        case "0":
+        case "1":
+        case "2":
+            $sqlStr = "UPDATE Customer SET cs_deal=" . (int)$chkact . $sqlStr;
+            break;
+        default:
+            $chkact = str_replace('t', '', $chkact);
+            $sqlStr = "UPDATE Customer SET cs_belong=" . (int)$chkact . $sqlStr;
+    }
+    
+    $conn->query($sqlStr);
+    header("Location: ?Keys=" . $keys . "&Page=" . $page);
+    exit;
+}
+
+$keys = $_GET['Keys'] ?? '';
+$keys = str_replace([' ', '+'], '', $keys);
+$keyscode = textEncode($keys);
+$page = $_GET['Page'] ?? '';
+
+$filterCountry = $_GET['fliterCountry'] ?? '';
+$filterQudao = $_GET['fliterQudao'] ?? '';
+$filterDeal = $_GET['fliterDeal'] ?? '';
+$filterBusiness = $_GET['fliterBusiness'] ?? '';
+$filterContact = $_GET['fliterContact'] ?? '';
+
+$filterStr = "";
+$urlStr = "";
+
+if (!empty($filterCountry)) {
+    $filterStr .= " AND cs_country=" . (int)$filterCountry;
+    $urlStr .= "&fliterCountry=" . $filterCountry;
+}
+
+if (!empty($filterQudao)) {
+    $filterStr .= " AND cs_from=" . (int)$filterQudao;
+    $urlStr .= "&fliterQudao=" . $filterQudao;
+}
+
+if (!empty($filterDeal)) {
+    $filterStr .= " AND cs_deal=" . (int)$filterDeal;
+    $urlStr .= "&fliterDeal=" . $filterDeal;
+}
+
+if (!empty($filterBusiness)) {
+    $filterStr .= " AND cs_type=" . (int)$filterBusiness;
+    $urlStr .= "&fliterBusiness=" . $filterBusiness;
+}
+
+if (!empty($filterContact)) {
+    switch ($filterContact) {
+        case "1": $filterStr .= " AND cs_tel<>''"; break;
+        case "2": $filterStr .= " AND cs_wechat<>''"; break;
+        case "3": $filterStr .= " AND cs_whatsapp<>''"; break;
+        case "4": $filterStr .= " AND cs_email<>''"; break;
+        case "5": $filterStr .= " AND cs_linkedin<>''"; break;
+        case "6": $filterStr .= " AND cs_facebook<>''"; break;
+        default: $filterStr .= " AND cs_alibaba<>''";
+    }
+    $urlStr .= "&fliterContact=" . $filterContact;
+}
+
+$keys = urlencode($keys);
+$hrefstr = "?keys=" . $keys;
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+    <form id="form1" method="post" action="?act=postchk&Keys=<?= $keys ?>&Page=<?= $page ?>" onSubmit="return false">
+        <div class="fastSelect clear">
+            <H1>静默客户</H1>
+            <div class="selectItem">
+                <label>区域</label>
+                <select name="fliterCountry" class="filterSearch">
+                    <option value="">请选择国家地区</option>
+                    <?php
+                    $result = $conn->query("SELECT id, countryName FROM country");
+                    while ($row = $result->fetch_assoc()) {
+                        $selected = ($filterCountry == $row['id']) ? ' selected="selected"' : '';
+                        echo "<option value=\"{$row['id']}\"{$selected}>{$row['countryName']}</option>";
+                    }
+                    ?>
+                </select>
+            </div>
+            <div class="selectItem">
+                <label>来源渠道</label>
+                <select name="fliterQudao" class="filterSearch">
+                    <option value="">请选择渠道</option>
+                    <?php
+                    $result = $conn->query("SELECT id, ch_name FROM qudao");
+                    while ($row = $result->fetch_assoc()) {
+                        $selected = ($filterQudao == $row['id']) ? ' selected="selected"' : '';
+                        echo "<option value=\"{$row['id']}\"{$selected}>{$row['ch_name']}</option>";
+                    }
+                    ?>
+                </select>
+            </div>
+            <div class="selectItem">
+                <label>跟进阶段</label>
+                <select name="fliterDeal" class="filterSearch">
+                    <option value="">请选择</option>
+                    <option value="0"<?= ($filterDeal == "0") ? ' selected="selected"' : '' ?>>无响应</option>
+                    <option value="1"<?= ($filterDeal == "1") ? ' selected="selected"' : '' ?>>背景调查</option>
+                    <option value="2"<?= ($filterDeal == "2") ? ' selected="selected"' : '' ?>>明确需求</option>
+                    <option value="3"<?= ($filterDeal == "3") ? ' selected="selected"' : '' ?>>已成交</option>
+                </select>
+            </div>
+            <div class="selectItem">
+                <label>客户类型</label>
+                <select name="fliterBusiness" class="filterSearch">
+                    <option value="">请选择</option>
+                    <?php
+                    $result = $conn->query("SELECT id, businessType FROM clientType");
+                    while ($row = $result->fetch_assoc()) {
+                        $selected = ($filterBusiness == $row['id']) ? ' selected="selected"' : '';
+                        echo "<option value=\"{$row['id']}\"{$selected}>{$row['businessType']}</option>";
+                    }
+                    ?>
+                </select>
+            </div>
+            <div class="selectItem">
+                <label>联系方式</label>
+                <select name="fliterContact" class="filterSearch">
+                    <option value="">请选择</option>
+                    <option value="1"<?= ($filterContact == "1") ? ' selected="selected"' : '' ?>>电话</option>
+                    <option value="2"<?= ($filterContact == "2") ? ' selected="selected"' : '' ?>>微信</option>
+                    <option value="3"<?= ($filterContact == "3") ? ' selected="selected"' : '' ?>>WhatsApp</option>
+                    <option value="4"<?= ($filterContact == "4") ? ' selected="selected"' : '' ?>>邮箱</option>
+                    <option value="5"<?= ($filterContact == "5") ? ' selected="selected"' : '' ?>>领英</option>
+                    <option value="6"<?= ($filterContact == "6") ? ' selected="selected"' : '' ?>>Facebook</option>
+                    <option value="7"<?= ($filterContact == "7") ? ' selected="selected"' : '' ?>>阿里巴巴</option>
+                </select>
+            </div>
+            <div class="inputSearch">
+                <input type="text" id="keys" class="inputTxt" 
+                       value="<?= empty($keyscode) ? '请输入搜索关键词' : htmlspecialchars($keyscode) ?>" 
+                       onFocus="if(this.value == '<?= empty($keyscode) ? '请输入搜索关键词' : htmlspecialchars($keyscode) ?>'){this.value='';}" 
+                       onBlur="if(this.value == ''){this.value='<?= empty($keyscode) ? '请输入搜索关键词' : htmlspecialchars($keyscode) ?>';}" 
+                       onKeyDown="if(event.keyCode==13){location.href='?Keys='+escape(document.getElementById('keys').value)}" />
+                <input type="button" id="searchgo" class="searchgo" value="go" 
+                       onClick="location.href='?Keys='+escape(document.getElementById('keys').value)" />
+            </div>
+        </div>
+
+        <div width="100%" border="0" cellpadding="3" cellspacing="1" class="table2 em<?= $_SESSION['employee_id'] ?>">
+            <div class="theader">
+                <div class="col2">序号</div>
+                <div class="col3">客户编号</div>
+                <div class="col10">渠道来源</div>
+                <div class="col10">区域</div>
+                <div class="col10">客户类型</div>
+                <div class="col10">跟进阶段</div>
+                <div class="col6">录入时间</div>
+                <div class="col6">操作</div>
+            </div>
+
+<?php
+$sqlStr = "SELECT id, cs_code, cs_from, cs_country, cs_type, cs_deal, cs_addtime, cs_tel, cs_email, 
+           cs_whatsapp, cs_wechat, cs_linkedin, cs_facebook, cs_alibaba, colortag, cs_note, cs_claimFrom, 
+           cs_belong, cs_chain 
+           FROM customer 
+           WHERE (is_silent=1 OR (cs_deal=0 AND cs_belong=" . $_SESSION['employee_id'] . ")) 
+           AND (cs_code LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+           OR cs_name LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+           OR cs_email LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+           OR cs_wechat LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+           OR cs_telformat LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+           OR cs_whatsappformat LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+           OR cs_code LIKE '%" . $conn->real_escape_string($keyscode) . "%')" . 
+           $filterStr . " ORDER BY colortag DESC, id DESC";
+
+$result = $conn->query($sqlStr);
+
+if ($result && $result->num_rows > 0) {
+    $pageSize = 20;
+    $page = empty($page) ? 1 : $page;
+    $page = ($page === 'end') ? ceil($result->num_rows / $pageSize) : $page;
+    $page = (!is_numeric($page) || $page < 1) ? 1 : (int)$page;
+    $totalPages = ceil($result->num_rows / $pageSize);
+    $page = ($page > $totalPages) ? $totalPages : $page;
+    $offset = $pageSize * ($page - 1);
+    
+    $rows = [];
+    while ($row = $result->fetch_assoc()) {
+        $rows[] = $row;
+    }
+    
+    $paginatedRows = array_slice($rows, $offset, $pageSize);
+    $tempNum = $offset;
+    
+    foreach ($paginatedRows as $row) {
+        $tempNum++;
+?>
+        <div class="tline color<?= $row['colortag'] ?>">
+            <div class="col2"><?= $tempNum ?></div>
+            <div class="col3 slidepanel">
+                <?= htmlspecialchars($row['cs_code']) ?>
+                <?php if ($row['cs_claimFrom'] > 0): ?>
+                    <img src="../images/yijiao.png" class="handover" title="来自认领">
+                <?php endif; ?>
+            </div>
+            <div class="col10">
+                <?php
+                $qudaoResult = $conn->query("SELECT ch_name FROM qudao WHERE id=" . (int)$row['cs_from']);
+                echo ($qudaoRow = $qudaoResult->fetch_assoc()) ? htmlspecialchars($qudaoRow['ch_name']) : '未填写';
+                ?>
+            </div>
+            <div class="col10">
+                <?php
+                $countryResult = $conn->query("SELECT countryName FROM country WHERE id=" . (int)$row['cs_country']);
+                echo ($countryRow = $countryResult->fetch_assoc()) ? htmlspecialchars($countryRow['countryName']) : '未填写';
+                ?>
+            </div>
+            <div class="col10">
+                <?php
+                $typeResult = $conn->query("SELECT businessType FROM clientType WHERE id=" . (int)$row['cs_type']);
+                echo ($typeRow = $typeResult->fetch_assoc()) ? htmlspecialchars($typeRow['businessType']) : '未填写';
+                ?>
+            </div>
+            <div class="col10">
+                <?php
+                if ($row['cs_deal'] == 3) {
+                    echo "<span style='color:red;'>成交</span>";
+                } elseif ($row['cs_deal'] == 2) {
+                    echo "明确需求";
+                } elseif ($row['cs_deal'] == 1) {
+                    echo "背景调查";
+                } else {
+                    echo "无响应";
+                }
+                ?>
+            </div>
+            <div class="col6"><?= $row['cs_addtime'] ?></div>
+            <div class="col6">
+                <?php if ($row['cs_belong'] == $_SESSION['employee_id']): ?>
+                    <a href="customerEdit.php?id=<?= $row['id'] ?>" class="ico_edit ico">修改</a>
+                <?php endif; ?>
+            </div>
+        </div>
+        <div class="notepanel clear">
+            <div class="noteItem">联系方式</div>
+            <div class="lx">
+                <div class="tel"><?= htmlspecialchars($row['cs_tel']) ?></div>
+                <div class="mail"><a href="mailto:<?= htmlspecialchars($row['cs_email']) ?>"><?= htmlspecialchars($row['cs_email']) ?></a></div>
+                <div class="whatsapp"><?= htmlspecialchars($row['cs_whatsapp']) ?></div>
+                <div class="wechat"><?= htmlspecialchars($row['cs_wechat']) ?></div>
+                <div class="linkedin"><?= htmlspecialchars($row['cs_linkedin']) ?></div>
+                <div class="facebook"><?= htmlspecialchars($row['cs_facebook']) ?></div>
+                <div class="alibaba"><?= htmlspecialchars($row['cs_alibaba']) ?></div>
+            </div>
+            <div class="noteItem2">备注</div>
+            <div class="notecontent">
+                <div class="chain">
+                    流转记录：
+                    <?php
+                    if (!empty($row['cs_chain'])) {
+                        $myArray = explode(',', $row['cs_chain']);
+                        $sqlStr = "SELECT em_user FROM employee WHERE id=" . (int)$myArray[0];
+                        for ($j = 1; $j < count($myArray); $j++) {
+                            $sqlStr .= " UNION ALL SELECT em_user FROM employee WHERE id=" . (int)$myArray[$j];
+                        }
+                        $chainResult = $conn->query($sqlStr);
+                        while ($chainRow = $chainResult->fetch_assoc()) {
+                            echo htmlspecialchars($chainRow['em_user']) . " > ";
+                        }
+                    }
+                    ?>
+                </div>
+                <?= htmlUnCode($row['cs_note']) ?>
+            </div>
+        </div>
+<?php
+    }
+} else {
+    if (empty($keys)) {
+?>
+        <tr>
+            <div align="center">当前暂无沉默客户</div>
+        </tr>
+<?php
+    } else {
+?>
+        <tr>
+            <div align="center"><a href="?">Sorry，没有找到"<?= htmlspecialchars($keyscode) ?>"相关的信息，点击返回</a></div>
+        </tr>
+<?php
+    }
+}
+?>
+            <div colspan="9">
+                <div class="showpagebox">
+<?php
+if (isset($totalPages) && $totalPages > 1) {
+    $pageName = "?Keys=" . $keys . $urlStr . "&";
+    $pagelen = 3;
+    
+    if ($page > 1) {
+        echo "<a href=\"{$pageName}Page=1\">首页</a>";
+        echo "<a href=\"{$pageName}Page=" . ($page - 1) . "\">上一页</a>";
+    }
+    
+    if ($pagelen * 2 + 1 >= $totalPages) {
+        $startPage = 1;
+        $endPage = $totalPages;
+    } else {
+        if ($page <= $pagelen + 1) {
+            $startPage = 1;
+            $endPage = $pagelen * 2 + 1;
+        } else {
+            $startPage = $page - $pagelen;
+            $endPage = $page + $pagelen;
+        }
+        if ($page + $pagelen > $totalPages) {
+            $startPage = $totalPages - $pagelen * 2;
+            $endPage = $totalPages;
+        }
+    }
+    
+    for ($i = $startPage; $i <= $endPage; $i++) {
+        if ($i == $page) {
+            echo "<a class=\"current\">{$i}</a>";
+        } else {
+            echo "<a href=\"{$pageName}Page={$i}\">{$i}</a>";
+        }
+    }
+    
+    if ($page < $totalPages) {
+        if ($totalPages - $page > $pagelen) {
+            echo "<a href=\"{$pageName}Page={$totalPages}\">...{$totalPages}</a>";
+        }
+        echo "<a href=\"{$pageName}Page=" . ($page + 1) . "\">下一页</a>";
+        echo "<a href=\"{$pageName}Page={$totalPages}\">尾页</a>";
+    }
+    
+    echo "<input type=\"text\" id=\"Pagego\" value=\"{$page}\" 
+          onFocus=\"if(this.value == '{$page}'){this.value='';}\" 
+          onBlur=\"if(this.value == ''){this.value='{$page}';}\" 
+          onKeyUp=\"this.value=this.value.replace(/\D/g,'')\" 
+          onKeyDown=\"if(event.keyCode==13){location.href='{$pageName}Page='+document.getElementById('Pagego').value}\" />";
+}
+?>
+                </div>
+            </div>
+        </div>
+    </form>
+</div>
+</body>
+</html> 

subCustomers.php

@@ -0,0 +1,364 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+
+$act = $_GET['act'] ?? '';
+
+if ($act == 'postchk') {
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $page = $_GET['Page'] ?? '';
+    $chkact = str_replace('t', '', $_POST['chkact'] ?? '');
+    
+    if (isset($_POST['chkbox'])) {
+        $sqlStr = "(" . implode(',', array_map('intval', (array)$_POST['chkbox'])) . ")";
+        
+        if ($chkact == '0') {
+            $sql = "UPDATE Customer SET cs_deal=" . (int)$chkact . " WHERE id IN " . $sqlStr;
+        } else {
+            $sql = "UPDATE Customer SET 
+                    cs_code=REPLACE(cs_code, '-', '/0'+(SELECT SUBSTRING(em_code,2,2) FROM employee WHERE id=" . (int)$chkact . ")+'-'), 
+                    cs_belong=" . (int)$chkact . ", 
+                    cs_chain=CONCAT(cs_chain,'," . (int)$chkact . "') 
+                    WHERE id IN " . $sqlStr;
+        }
+        
+        $deleteTag = "DELETE FROM tagTable WHERE customerId IN " . $sqlStr;
+        
+        $conn->query($sql);
+        $conn->query($deleteTag);
+    }
+    
+    header("Location: ?Keys=" . $keys . "&Page=" . $page);
+    exit;
+}
+
+$keys = $_GET['Keys'] ?? '';
+$keyscode = textEncode($keys);
+$page = $_GET['Page'] ?? '';
+
+$filterCountry = $_GET['fliterCountry'] ?? '';
+$filterQudao = $_GET['fliterQudao'] ?? '';
+$filterDeal = $_GET['fliterDeal'] ?? '';
+$filterBusiness = $_GET['fliterBusiness'] ?? '';
+$filterContact = $_GET['fliterContact'] ?? '';
+
+$filterStr = "";
+$urlStr = "";
+
+if (!empty($filterCountry)) {
+    $filterStr .= " AND cs_country=" . (int)$filterCountry;
+    $urlStr .= "&fliterCountry=" . $filterCountry;
+}
+
+if (!empty($filterQudao)) {
+    $filterStr .= " AND cs_from=" . (int)$filterQudao;
+    $urlStr .= "&fliterQudao=" . $filterQudao;
+}
+
+if (!empty($filterDeal)) {
+    $filterStr .= " AND cs_deal=" . (int)$filterDeal;
+    $urlStr .= "&fliterDeal=" . $filterDeal;
+}
+
+if (!empty($filterBusiness)) {
+    $filterStr .= " AND cs_type=" . (int)$filterBusiness;
+    $urlStr .= "&fliterBusiness=" . $filterBusiness;
+}
+
+if (!empty($filterContact)) {
+    switch ($filterContact) {
+        case "1": $filterStr .= " AND cs_tel<>''"; break;
+        case "2": $filterStr .= " AND cs_wechat<>''"; break;
+        case "3": $filterStr .= " AND cs_whatsapp<>''"; break;
+        case "4": $filterStr .= " AND cs_email<>''"; break;
+        case "5": $filterStr .= " AND cs_linkedin<>''"; break;
+        case "6": $filterStr .= " AND cs_facebook<>''"; break;
+        default: $filterStr .= " AND cs_alibaba<>''";
+    }
+    $urlStr .= "&fliterContact=" . $filterContact;
+}
+
+$keys = urlencode($keys);
+$hrefstr = "?keys=" . $keys;
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+    <form id="form1" method="post" action="?act=postchk&Keys=<?= $keys ?>&Page=<?= $page ?>" onSubmit="return false">
+        <div class="fastSelect clear">
+            <H1>搜索条件</H1>
+            <div class="selectItem">
+                <label>区域</label>
+                <select name="fliterCountry" class="filterSearch">
+                    <option value="">请选择国家地区</option>
+                    <?php
+                    $result = $conn->query("SELECT id, countryName FROM country");
+                    while ($row = $result->fetch_assoc()) {
+                        $selected = ($filterCountry == $row['id']) ? ' selected="selected"' : '';
+                        echo "<option value=\"{$row['id']}\"{$selected}>{$row['countryName']}</option>";
+                    }
+                    ?>
+                </select>
+            </div>
+            <div class="selectItem">
+                <label>来源渠道</label>
+                <select name="fliterQudao" class="filterSearch">
+                    <option value="">请选择渠道</option>
+                    <?php
+                    $result = $conn->query("SELECT id, ch_name FROM qudao");
+                    while ($row = $result->fetch_assoc()) {
+                        $selected = ($filterQudao == $row['id']) ? ' selected="selected"' : '';
+                        echo "<option value=\"{$row['id']}\"{$selected}>{$row['ch_name']}</option>";
+                    }
+                    ?>
+                </select>
+            </div>
+            <div class="selectItem">
+                <label>跟进阶段</label>
+                <select name="fliterDeal" class="filterSearch">
+                    <option value="">请选择</option>
+                    <option value="0"<?= ($filterDeal == "0") ? ' selected="selected"' : '' ?>>无响应</option>
+                    <option value="1"<?= ($filterDeal == "1") ? ' selected="selected"' : '' ?>>背景调查</option>
+                    <option value="2"<?= ($filterDeal == "2") ? ' selected="selected"' : '' ?>>明确需求</option>
+                    <option value="3"<?= ($filterDeal == "3") ? ' selected="selected"' : '' ?>>已成交</option>
+                </select>
+            </div>
+            <div class="selectItem">
+                <label>客户类型</label>
+                <select name="fliterBusiness" class="filterSearch">
+                    <option value="">请选择</option>
+                    <?php
+                    $result = $conn->query("SELECT id, businessType FROM clientType");
+                    while ($row = $result->fetch_assoc()) {
+                        $selected = ($filterBusiness == $row['id']) ? ' selected="selected"' : '';
+                        echo "<option value=\"{$row['id']}\"{$selected}>{$row['businessType']}</option>";
+                    }
+                    ?>
+                </select>
+            </div>
+            <div class="selectItem">
+                <label>联系方式</label>
+                <select name="fliterContact" class="filterSearch">
+                    <option value="">请选择</option>
+                    <option value="1"<?= ($filterContact == "1") ? ' selected="selected"' : '' ?>>电话</option>
+                    <option value="2"<?= ($filterContact == "2") ? ' selected="selected"' : '' ?>>微信</option>
+                    <option value="3"<?= ($filterContact == "3") ? ' selected="selected"' : '' ?>>WhatsApp</option>
+                    <option value="4"<?= ($filterContact == "4") ? ' selected="selected"' : '' ?>>邮箱</option>
+                    <option value="5"<?= ($filterContact == "5") ? ' selected="selected"' : '' ?>>领英</option>
+                    <option value="6"<?= ($filterContact == "6") ? ' selected="selected"' : '' ?>>Facebook</option>
+                    <option value="7"<?= ($filterContact == "7") ? ' selected="selected"' : '' ?>>阿里巴巴</option>
+                </select>
+            </div>
+            <div class="inputSearch">
+                <input type="text" id="keys" class="inputTxt" 
+                       value="<?= empty($keyscode) ? '请输入搜索关键词' : htmlspecialchars($keyscode) ?>" 
+                       onFocus="if(this.value == '<?= empty($keyscode) ? '请输入搜索关键词' : htmlspecialchars($keyscode) ?>'){this.value='';}" 
+                       onBlur="if(this.value == ''){this.value='<?= empty($keyscode) ? '请输入搜索关键词' : htmlspecialchars($keyscode) ?>';}" 
+                       onKeyDown="if(event.keyCode==13){location.href='?Keys='+escape(document.getElementById('keys').value)}" />
+                <input type="button" id="searchgo" class="searchgo" value="go" 
+                       onClick="location.href='?Keys='+escape(document.getElementById('keys').value)" />
+            </div>
+        </div>
+
+        <div width="100%" border="0" cellpadding="3" cellspacing="1" class="table2">
+            <div class="theader">
+                <div class="col1"><input type="checkbox" name="chkall" id="chkall" onClick="chkboxall(this,'chkbox')" /></div>
+                <div class="col2">序号</div>
+                <div class="col3">客户编号</div>
+                <div class="col4">渠道来源</div>
+                <div class="col5">区域</div>
+                <div class="col6">客户类型</div>
+                <div class="col7">跟进阶段</div>
+                <div class="col8">录入时间</div>
+                <div class="col9">组员</div>
+            </div>
+
+<?php
+$sqlStr = "SELECT id, cs_code, cs_from, cs_country, cs_type, cs_deal, cs_addtime, cs_tel, cs_email, 
+           cs_whatsapp, cs_wechat, cs_linkedin, cs_facebook, cs_alibaba, cs_belong, cs_note, cs_claimFrom 
+           FROM customer 
+           WHERE (cs_code LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+           OR cs_name LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+           OR cs_email LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+           OR cs_wechat LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+           OR cs_tel LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+           OR cs_whatsapp LIKE '%" . $conn->real_escape_string($keyscode) . "%') 
+           AND cs_belong IN (SELECT id FROM employee WHERE em_role=" . $_SESSION['employee_id'] . ")" . 
+           $filterStr . " ORDER BY cs_state DESC, id DESC";
+
+$result = $conn->query($sqlStr);
+
+if ($result && $result->num_rows > 0) {
+    $pageSize = 15;
+    $page = empty($page) ? 1 : $page;
+    $page = ($page === 'end') ? ceil($result->num_rows / $pageSize) : $page;
+    $page = (!is_numeric($page) || $page < 1) ? 1 : (int)$page;
+    $totalPages = ceil($result->num_rows / $pageSize);
+    $page = ($page > $totalPages) ? $totalPages : $page;
+    $offset = $pageSize * ($page - 1);
+    
+    $rows = [];
+    while ($row = $result->fetch_assoc()) {
+        $rows[] = $row;
+    }
+    
+    $paginatedRows = array_slice($rows, $offset, $pageSize);
+    $tempNum = $offset;
+    
+    foreach ($paginatedRows as $row) {
+        $tempNum++;
+?>
+        <div class="tline">
+            <div class="col1" align="center"><input type="checkbox" name="chkbox[]" value="<?= $row['id'] ?>" /></div>
+            <div class="col2"><?= $tempNum ?></div>
+            <div class="col3 slidepanel">
+                <?= htmlspecialchars($row['cs_code']) ?>
+                <?php if ($row['cs_claimFrom'] > 0): ?>
+                    <img src="../images/yijiao.png" class="handover">
+                <?php endif; ?>
+            </div>
+            <div class="col4">
+                <?php
+                $qudaoResult = $conn->query("SELECT ch_name FROM qudao WHERE id=" . (int)$row['cs_from']);
+                echo ($qudaoRow = $qudaoResult->fetch_assoc()) ? htmlspecialchars($qudaoRow['ch_name']) : '未填写';
+                ?>
+            </div>
+            <div class="col5">
+                <?php
+                $countryResult = $conn->query("SELECT countryName FROM country WHERE id=" . (int)$row['cs_country']);
+                echo ($countryRow = $countryResult->fetch_assoc()) ? htmlspecialchars($countryRow['countryName']) : '未填写';
+                ?>
+            </div>
+            <div class="col6">
+                <?php
+                $typeResult = $conn->query("SELECT businessType FROM clientType WHERE id=" . (int)$row['cs_type']);
+                echo ($typeRow = $typeResult->fetch_assoc()) ? htmlspecialchars($typeRow['businessType']) : '未填写';
+                ?>
+            </div>
+            <div class="col7">
+                <?php
+                if ($row['cs_deal'] == 3) {
+                    echo "<span style='color:red;'>成交</span>";
+                } elseif ($row['cs_deal'] == 2) {
+                    echo "明确需求";
+                } elseif ($row['cs_deal'] == 1) {
+                    echo "背景调查";
+                } else {
+                    echo "未成交";
+                }
+                ?>
+            </div>
+            <div class="col8"><?= $row['cs_addtime'] ?></div>
+            <div class="col9">
+                <?php
+                $employeeResult = $conn->query("SELECT em_user FROM employee WHERE id=" . (int)$row['cs_belong']);
+                echo ($employeeRow = $employeeResult->fetch_assoc()) ? htmlspecialchars($employeeRow['em_user']) : '未填写';
+                ?>
+            </div>
+        </div>
+        <div class="notepanel clear">
+            <div class="noteItem">联系方式</div>
+            <div class="lx">
+                <div class="tel"><?= htmlspecialchars($row['cs_tel']) ?></div>
+                <div class="mail"><a href="mailto:<?= htmlspecialchars($row['cs_email']) ?>"><?= htmlspecialchars($row['cs_email']) ?></a></div>
+                <div class="whatsapp"><?= htmlspecialchars($row['cs_whatsapp']) ?></div>
+                <div class="wechat"><?= htmlspecialchars($row['cs_wechat']) ?></div>
+                <div class="linkedin"><?= htmlspecialchars($row['cs_linkedin']) ?></div>
+                <div class="facebook"><?= htmlspecialchars($row['cs_facebook']) ?></div>
+                <div class="alibaba"><?= htmlspecialchars($row['cs_alibaba']) ?></div>
+            </div>
+            <div class="noteItem2">备注</div>
+            <div class="notecontent"><?= htmlUnCode($row['cs_note']) ?></div>
+        </div>
+<?php
+    }
+} else {
+    if (empty($keys)) {
+?>
+        <tr>
+            <div align="center" colspan="9">Sorry，当前暂无信息</div>
+        </tr>
+<?php
+    } else {
+?>
+        <tr>
+            <div align="center" colspan="9"><a href="?">Sorry，没有找到"<?= htmlspecialchars($keyscode) ?>"相关的信息，点击返回</a></div>
+        </tr>
+<?php
+    }
+}
+?>
+            <div colspan="9">
+                <div class="showpagebox">
+<?php
+if (isset($totalPages) && $totalPages > 1) {
+    $pageName = "?Keys=" . $keys . $urlStr . "&";
+    $pagelen = 3;
+    
+    if ($page > 1) {
+        echo "<a href=\"{$pageName}Page=1\">首页</a>";
+        echo "<a href=\"{$pageName}Page=" . ($page - 1) . "\">上一页</a>";
+    }
+    
+    if ($pagelen * 2 + 1 >= $totalPages) {
+        $startPage = 1;
+        $endPage = $totalPages;
+    } else {
+        if ($page <= $pagelen + 1) {
+            $startPage = 1;
+            $endPage = $pagelen * 2 + 1;
+        } else {
+            $startPage = $page - $pagelen;
+            $endPage = $page + $pagelen;
+        }
+        if ($page + $pagelen > $totalPages) {
+            $startPage = $totalPages - $pagelen * 2;
+            $endPage = $totalPages;
+        }
+    }
+    
+    for ($i = $startPage; $i <= $endPage; $i++) {
+        if ($i == $page) {
+            echo "<a class=\"current\">{$i}</a>";
+        } else {
+            echo "<a href=\"{$pageName}Page={$i}\">{$i}</a>";
+        }
+    }
+    
+    if ($page < $totalPages) {
+        if ($totalPages - $page > $pagelen) {
+            echo "<a href=\"{$pageName}Page={$totalPages}\">...{$totalPages}</a>";
+        }
+        echo "<a href=\"{$pageName}Page=" . ($page + 1) . "\">下一页</a>";
+        echo "<a href=\"{$pageName}Page={$totalPages}\">尾页</a>";
+    }
+}
+?>
+                </div>
+                <div class="postchkbox">
+                    <select id="chkact" name="chkact">
+                        <?php
+                        $result = $conn->query("SELECT id, em_user FROM employee WHERE em_role=" . $_SESSION['employee_id']);
+                        while ($row = $result->fetch_assoc()) {
+                            echo "<option value=\"t{$row['id']}\">转给" . htmlspecialchars($row['em_user']) . "</option>";
+                        }
+                        ?>
+                    </select>
+                    <input type="button" value="执行" onClick="postchk(1)" class="btn1" />
+                </div>
+            </div>
+        </div>
+    </form>
+</div>
+</body>
+</html> 

subTag.php

@@ -0,0 +1,40 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+    <?php
+    $result = $conn->query("SELECT id, em_user FROM employee WHERE em_role=" . $_SESSION['employee_id']);
+    while ($row = $result->fetch_assoc()) {
+    ?>
+    <div class="tagclound">
+        <h1 class="tagCloundHead2"><?= htmlspecialchars($row['em_user']) ?>的客户画像：</h1>
+        <div class="tagArea">
+        <?php
+        $tagResult = $conn->query("SELECT tagName, COUNT(id) as count FROM tagTable WHERE employeeId=" . (int)$row['id'] . " GROUP BY tagName");
+        while ($tagRow = $tagResult->fetch_assoc()) {
+        ?>
+            <a href="subTag.php?employeeId=<?= $row['id'] ?>&tagName=<?= urlencode($tagRow['tagName']) ?>"><?= htmlspecialchars($tagRow['tagName']) ?>(<?= $tagRow['count'] ?>)</a>
+        <?php
+        }
+        ?>
+        </div>
+    </div>
+    <?php
+    }
+    ?>
+</div>
+</body>
+</html>

subTagClound.php

@@ -0,0 +1,41 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+    <div class="tagclound">
+        <h1 class="tagCloundHead">自定义标签云</h1>
+        <div class="tagArea">
+        <?php
+        $result = $conn->query("SELECT tagName, COUNT(DISTINCT cs_code) as count 
+                               FROM tagTable 
+                               LEFT JOIN customer ON tagTable.customerId=customer.id 
+                               WHERE employeeId=" . $_SESSION['employee_id'] . " 
+                               GROUP BY tagName");
+        
+        while ($row = $result->fetch_assoc()) {
+        ?>
+            <a href="tag.php?tagName=<?= urlencode($row['tagName']) ?>" style="font-size:16px;">
+                <?= htmlspecialchars($row['tagName']) ?>(<?= $row['count'] ?>)
+            </a>
+        <?php
+        }
+        ?>
+            <a href="nullTag.php">无标签客户</a>
+        </div>
+    </div>
+</div>
+</body>
+</html>

system/CCode.php

@@ -0,0 +1,139 @@
+<?php
+/**
+ * Convert string to Unicode HTML entities where necessary
+ * @param string $str Input string
+ * @return string Converted string
+ */
+function unicode($str) {
+    if (empty($str)) {
+        return '';
+    }
+    
+    $unicode = '';
+    $prevType = '';
+    
+    for ($i = 0; $i < mb_strlen($str); $i++) {
+        $c = mb_substr($str, $i, 1);
+        $j = mb_ord($c);
+        
+        if ($j < 0) {
+            $j += 65536;
+        }
+        
+        if ($j >= 0 && $j <= 128) {
+            if ($prevType === 'c') {
+                $unicode .= ' ';
+                $prevType = 'e';
+            }
+            $unicode .= $c;
+        } else {
+            if ($prevType === 'e') {
+                $unicode .= ' ';
+                $prevType = 'c';
+            }
+            $unicode .= '&#' . $j . ';';
+        }
+    }
+    
+    return $unicode;
+}
+
+/**
+ * Cut string into lines with specified length
+ * @param string $str Input string
+ * @param int $lineLen Line length
+ * @return string Formatted string
+ */
+function cutline($str, $lineLen) {
+    $result = '';
+    $j = 0;
+    
+    for ($i = 0; $i < mb_strlen($str); $i++) {
+        $c = mb_substr($str, $i, 1);
+        $ascii = ord($c);
+        
+        if ($ascii < 0 || $ascii > 127) {
+            $k = 2;
+        } else {
+            if ($ascii < 32) {
+                $k = 0;
+                if ($ascii === 13) {
+                    $j = 0;
+                    $result .= "<br/>" . $c;
+                    $c = '';
+                }
+            } else {
+                $k = 1;
+            }
+        }
+        
+        $j += $k;
+        if ($j > $lineLen * 2) {
+            $result .= "<br/>\n" . $c;
+            $j = $k;
+        } else {
+            $result .= $c;
+        }
+    }
+    
+    return $result;
+}
+
+/**
+ * Convert special symbols to HTML entities
+ * @param string $sStr Input string
+ * @return string Converted string
+ */
+function convertsymbol($sStr) {
+    $result = '';
+    
+    for ($i = 0; $i < strlen($sStr); $i++) {
+        $c = $sStr[$i];
+        switch ($c) {
+            case '>':
+                $result .= '&gt;';
+                break;
+            case '<':
+                $result .= '&lt;';
+                break;
+            case "'":
+                $result .= '&apos;';
+                break;
+            case '"':
+                $result .= '&quot;';
+                break;
+            case '&':
+                $result .= '&amp;';
+                break;
+            case '$':
+                $result .= '$$';
+                break;
+            default:
+                $result .= $c;
+        }
+    }
+    
+    return $result;
+}
+
+/**
+ * Convert string to lowercase alphanumeric only
+ * @param string $sStr Input string
+ * @return string Converted string
+ */
+function convertstring($sStr) {
+    $result = '';
+    
+    for ($i = 0; $i < mb_strlen($sStr); $i++) {
+        $c = mb_substr($sStr, $i, 1);
+        $ascTemp = mb_ord($c);
+        
+        if (($ascTemp > 47 && $ascTemp < 58) || 
+            ($ascTemp > 64 && $ascTemp < 91) || 
+            ($ascTemp > 96 && $ascTemp < 123)) {
+            $result .= $c;
+        }
+    }
+    
+    return strtolower($result);
+} 

system/IP.php

@@ -0,0 +1,261 @@
+<?php
+include "conn.php";
+checkLogin("信息管理");
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>管理区域</title>
+<link rel="stylesheet" href="css/common.css" type="text/css" />
+<link rel="stylesheet" href="css/jquery.galpop.css" type="text/css" />
+<script language="javascript" src="js/jquery-1.7.2.min.js"></script>
+<script type="text/javascript" src="js/js.js"></script>
+<script type="text/javascript" src="js/jquery.galpop.min.js"></script>
+</head>
+<body>
+<div id="man_zone">
+<?php
+$act = $_GET['act'] ?? '';
+
+if ($act == "save") {
+    $isedit = false;
+    $id = $_POST['id'] ?? '';
+    if ($id != "" && is_numeric($id)) {
+        $isedit = true;
+    }
+    $IPAddress = textEncode($_POST['IPAddress']);
+
+    if ($isedit) {
+        $sql = "SELECT * FROM allowIp WHERE id = ?";
+        $stmt = $conn->prepare($sql);
+        $stmt->execute([$id]);
+        
+        if ($stmt->rowCount() > 0) {
+            $sql = "UPDATE allowIp SET IPAddress = ? WHERE id = ?";
+            $stmt = $conn->prepare($sql);
+            $stmt->execute([$IPAddress, $id]);
+        } else {
+            $sql = "INSERT INTO allowIp (IPAddress) VALUES (?)";
+            $stmt = $conn->prepare($sql);
+            $stmt->execute([$IPAddress]);
+        }
+
+        $page = $_GET['Page'] ?? '';
+        $keys = urlencode($_GET['Keys'] ?? '');
+        $ord = urlencode($_GET['Ord'] ?? '');
+        header("Location: ?keys=$keys&Ord=$ord&Page=$page");
+        exit;
+    } else {
+        $sql = "INSERT INTO allowIp (IPAddress) VALUES (?)";
+        $stmt = $conn->prepare($sql);
+        $stmt->execute([$IPAddress]);
+        
+        header("Location: ?");
+        exit;
+    }
+}
+
+if ($act == "add" || $act == "edit") {
+    $id = $_GET['id'] ?? '';
+    $isedit = false;
+    $IPAddress = '';
+    
+    if ($id != "" && is_numeric($id)) {
+        $isedit = true;
+        $sql = "SELECT * FROM allowIp WHERE id = ?";
+        $stmt = $conn->prepare($sql);
+        $stmt->execute([$id]);
+        
+        if ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
+            $IPAddress = textUncode($row['IPAddress']);
+        } else {
+            $isedit = false;
+        }
+    }
+
+    $page = $_GET['Page'] ?? '';
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $ord = urlencode($_GET['Ord'] ?? '');
+    $hrefstr = "?keys=$keys&Ord=$ord&Page=$page";
+    ?>
+    <form name="form1" method="post" action="<?php echo $hrefstr; ?>&act=save">
+    <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+        <tbody>
+            <tr>
+                <th width="8%">IP</th>
+                <td><input type="text" id="IPAddress" name="IPAddress" value="<?php echo $IPAddress; ?>" class="txt1" /><input type="hidden" name="id" value="<?php echo $id; ?>" /></td>
+            </tr>
+            <tr>
+                <th></th>
+                <td><input type="submit" name="save" id="save" value="确定" class="btn1" /> <input type="reset" name="save" id="save" value="重置" class="btn1" /> <input type="button" value="返回" class="btn1" onClick="location.href='<?php echo $hrefstr; ?>'" /></td>
+            </tr>
+        </tbody>
+    </table>
+    </form>
+</div>
+</body>
+</html>
+<?php
+    exit;
+}
+
+if ($act == "postchk") {
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $ord = urlencode($_GET['Ord'] ?? '');
+    $page = $_GET['Page'] ?? '';
+    
+    if (isset($_POST['chkbox']) && is_array($_POST['chkbox'])) {
+        $ids = array_map('intval', $_POST['chkbox']);
+        $sql = "DELETE FROM allowIp WHERE id IN (" . implode(',', array_fill(0, count($ids), '?')) . ")";
+        $stmt = $conn->prepare($sql);
+        $stmt->execute($ids);
+    }
+    
+    header("Location: ?Keys=$keys&Ord=$ord&Page=$page");
+    exit;
+}
+
+$keys = $_GET['Keys'] ?? '';
+$keyscode = textEncode($keys);
+$ord = $_GET['Ord'] ?? '';
+$page = $_GET['Page'] ?? '';
+
+$sql = "SELECT * FROM allowIp WHERE IPAddress LIKE ? ORDER BY id DESC";
+$stmt = $conn->prepare($sql);
+$stmt->execute(['%' . $keyscode . '%']);
+$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+$total_records = count($results);
+$records_per_page = 10;
+$total_pages = ceil($total_records / $records_per_page);
+
+if ($page == "") $page = 1;
+if ($page == "end") $page = $total_pages;
+if (!is_numeric($page) || $page < 1) $page = 1;
+$page = (int)$page;
+if ($page > $total_pages) $page = $total_pages;
+
+$start = ($page - 1) * $records_per_page;
+$results = array_slice($results, $start, $records_per_page);
+
+$keys = urlencode($keys);
+$ord = urlencode($ord);
+$hrefstr = "?keys=$keys";
+?>
+<form id="form1" method="post" action="?act=postchk&Keys=<?php echo $keys; ?>&Ord=<?php echo $ord; ?>&Page=<?php echo $page; ?>" onSubmit="return false">
+<table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+    <thead>
+        <tr>
+            <th width="4%"><input type="checkbox" name="chkall" id="chkall" onClick="chkboxall(this,'chkbox')" /></th>
+            <th width="6%">序号</th>
+            <th width="60%">IP</th>
+            <th width="30%">操作</th>
+        </tr>
+    </thead>
+    <tbody>
+    <?php
+    if (!empty($results)) {
+        $tempNum = ($page - 1) * $records_per_page;
+        foreach ($results as $row) {
+            $tempNum++;
+            ?>
+            <tr onMouseOver="this.style.background='#F7FCFF'" onMouseOut="this.style.background='#FFFFFF'">
+                <td align="center"><input type="checkbox" name="chkbox[]" value="<?php echo $row['id']; ?>" /></td>
+                <td align="center"><?php echo $tempNum; ?></td>
+                <td align="center"><?php echo $row['IPAddress']; ?></td>
+                <td align="center"><a href="?Keys=<?php echo $keys; ?>&Ord=<?php echo $ord; ?>&Page=<?php echo $page; ?>&act=edit&id=<?php echo $row['id']; ?>" class="ico_edit ico">修改</a></td>
+            </tr>
+            <?php
+        }
+    } else {
+        if ($keys == "") {
+            ?>
+            <tr>
+                <td align="center" colspan="4">Sorry，当前暂无信息</td>
+            </tr>
+            <?php
+        } else {
+            ?>
+            <tr>
+                <td align="center" colspan="4"><a href="?">Sorry，没有找到"<?php echo $keyscode; ?>"相关的信息，点击返回</a></td>
+            </tr>
+            <?php
+        }
+    }
+    ?>
+    </tbody>
+    <tfoot>
+        <tr>
+            <td colspan="5">
+                <div class="showpagebox">
+                <?php
+                if ($total_pages > 1) {
+                    $pageName = "?Keys=$keys&Ord=$ord&";
+                    $pagelen = 3;
+
+                    if ($page > 1) {
+                        echo "<a href=\"{$pageName}Page=1\">首页</a>";
+                        echo "<a href=\"{$pageName}Page=" . ($page-1) . "\">上一页</a>";
+                    }
+
+                    if ($pagelen * 2 + 1 >= $total_pages) {
+                        $startPage = 1;
+                        $endPage = $total_pages;
+                    } else {
+                        if ($page <= $pagelen + 1) {
+                            $startPage = 1;
+                            $endPage = $pagelen * 2 + 1;
+                        } else {
+                            $startPage = $page - $pagelen;
+                            $endPage = $page + $pagelen;
+                        }
+                        if ($page + $pagelen > $total_pages) {
+                            $startPage = $total_pages - $pagelen * 2;
+                            $endPage = $total_pages;
+                        }
+                    }
+
+                    for ($i = $startPage; $i <= $endPage; $i++) {
+                        if ($i == $page) {
+                            echo "<a class=\"current\">$i</a>";
+                        } else {
+                            echo "<a href=\"{$pageName}Page=$i\">$i</a>";
+                        }
+                    }
+
+                    if ($page < $total_pages) {
+                        if ($total_pages - $page > $pagelen) {
+                            echo "<a href=\"{$pageName}Page=$total_pages\">...$total_pages</a>";
+                        }
+                        echo "<a href=\"{$pageName}Page=" . ($page+1) . "\">下一页</a>";
+                        echo "<a href=\"{$pageName}Page=$total_pages\">尾页</a>";
+                    }
+
+                    echo "<input type=\"text\" id=\"Pagego\" value=\"$page\" onFocus=\"if(this.value == '$page'){this.value='';};\" onBlur=\"if(this.value == ''){this.value='$page';}\" onKeyUp=\"this.value=this.value.replace(/\D/g,'')\" onKeyDown=\"if(event.keyCode==13){location.href='{$pageName}Page='+document.getElementById('Pagego').value}\" />";
+                }
+                ?>
+                </div>
+                <div class="searchbox">
+                    <input type="text" id="keys" value="<?php echo ($keyscode == "") ? "请输入搜索关键词" : $keyscode; ?>" 
+                           onFocus="if(this.value == '<?php echo ($keyscode == "") ? "请输入搜索关键词" : $keyscode; ?>'){this.value='';}" 
+                           onBlur="if(this.value == ''){this.value='<?php echo ($keyscode == "") ? "请输入搜索关键词" : $keyscode; ?>';}" 
+                           onKeyDown="if(event.keyCode==13){location.href='?Keys='+escape(document.getElementById('keys').value)}" />
+                    <input type="button" id="searchgo" value="go" onClick="location.href='?Keys='+escape(document.getElementById('keys').value)" />
+                </div>
+                <div class="postchkbox">
+                    <select id="chkact" name="chkact">
+                        <option value="1">请选择</option>
+                        <option value="-1">删除</option>
+                    </select>
+                    <input type="button" value="执行" onClick="postchk(1)" class="btn1" />
+                    <input type="button" value="新增" onClick="location.href='?act=add'" class="btn1" />
+                </div>
+            </td>
+        </tr>
+    </tfoot>
+</table>
+</form>
+</div>
+</body>
+</html> 

system/SearchArea.php

@@ -0,0 +1,20 @@
+<?php
+include "conn.php";
+checkLogin("信息管理");
+
+$str = textEncode($_GET['str'] ?? '');
+
+$sql = "select id,countryCode,countryName from country where countryCode like '%" . $str . "%' or countryName like '%" . $str . "%'";
+$rs = $conn->query($sql);
+
+while ($row = $rs->fetch()) {
+?>
+    <li data-id="<?php echo $row['id']; ?>">
+        <div class="list-content">
+            <span class="code"><?php echo $row['countryCode']; ?></span>
+            <span class="cname"><?php echo $row['countryName']; ?></span>
+        </div>
+    </li>
+<?php
+}
+?> 

system/Searchproduct.php

@@ -0,0 +1,20 @@
+<?php
+include "conn.php";
+checkLogin("信息管理");
+
+$str = textEncode($_GET['str'] ?? '');
+
+$sql = "select id,ProductImg,ProductName,unit from Products where productName like '%" . $str . "%'";
+$rs = $conn->query($sql);
+
+while ($row = $rs->fetch()) {
+?>
+    <li data-id="<?php echo $row['id']; ?>" data-unit="<?php echo $row['unit']; ?>">
+        <div class="list-content">
+            <div class="pic"><img src="<?php echo $row['ProductImg']; ?>" ></div>
+            <div class="name"><?php echo $row['ProductName']; ?></div>
+        </div>
+    </li>
+<?php
+}
+?> 

system/additional.php

@@ -0,0 +1,187 @@
+<?php
+require_once 'conn.php';
+checkLogin("信息管理");
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>管理区域</title>
+<link rel="stylesheet" href="css/common.css" type="text/css" />
+<link rel="stylesheet" href="css/jquery.galpop.css" type="text/css" />
+<script language="javascript" src="js/jquery-1.7.2.min.js"></script>
+<script type="text/javascript" src="js/js.js"></script>
+<script type="text/javascript" src="xheditor-1.1.9/xheditor-1.1.9-zh-cn.min.js"></script>
+</head>
+<body>
+<div id="man_zone" style="margin:0">
+<?php
+$Keys = $_GET['Keys'] ?? '';
+$Keyscode = textEncode($Keys);
+$Ord = $_GET['Ord'] ?? '';
+$Page = $_GET['Page'] ?? '';
+$qid = $_GET['qid'] ?? '';
+
+if (empty($qid) || !is_numeric($qid)) {
+    $conn->close();
+    header("Location: /");
+    exit;
+}
+
+$OrdStr = !empty($Ord) ? $Ord . "," : "";
+
+// Get product IDs for this question
+$result = $conn->query("SELECT productId FROM productFAQ WHERE questionId=" . (int)$qid);
+$productStr = ",";
+while ($row = $result->fetch_assoc()) {
+    $productStr .= $row['productId'] . ",";
+}
+
+// Get products
+$sql = "SELECT id, productName, productPic, productAddtime FROM product 
+        WHERE productName LIKE '%" . $conn->real_escape_string($Keyscode) . "%' 
+        ORDER BY productAddtime DESC";
+$result = $conn->query($sql);
+
+$Keys = urlencode($Keys);
+$Ord = urlencode($Ord);
+$hrefstr = "?keys=" . $Keys;
+?>
+
+<table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+    <thead>
+        <tr>
+            <th width="4%"></th>
+            <th width="6%">序号</th>
+            <th width="30%">产品名称</th>
+            <th width="30%">图片</th>
+            <th width="20%">添加时间</th>
+        </tr>
+    </thead>
+    <tbody>
+<?php
+if ($result->num_rows > 0) {
+    $pageSize = 7;
+    $totalRows = $result->num_rows;
+    $totalPages = ceil($totalRows / $pageSize);
+    
+    if ($Page == "") $Page = 1;
+    if ($Page == "end") $Page = $totalPages;
+    if (!is_numeric($Page) || $Page < 1) $Page = 1;
+    $Page = (int)$Page;
+    if ($Page > $totalPages) $Page = $totalPages;
+    
+    $offset = $pageSize * ($Page - 1);
+    $sql .= " LIMIT $offset, $pageSize";
+    $result = $conn->query($sql);
+    
+    $TempNum = $offset;
+    
+    while ($row = $result->fetch_assoc()) {
+        $TempNum++;
+        $checked = strpos($productStr, "," . $row['id'] . ",") !== false ? ' checked="checked"' : '';
+?>
+        <tr onMouseOver="this.style.background='#F7FCFF'" onMouseOut="this.style.background='#FFFFFF'">
+            <td align="center"><input type="checkbox"<?php echo $checked; ?> name="chkbox" class="relatedProducts" onChange="relatedProducts(<?php echo $qid; ?>,<?php echo $row['id']; ?>)" /></td>
+            <td align="center"><?php echo $TempNum; ?></td>
+            <td align="center"><?php echo $row['productName']; ?></td>
+            <td align="center"><img src="<?php echo $row['productPic']; ?>" height="60px"></td>
+            <td align="center"><?php echo $row['productAddtime']; ?></td>
+        </tr>
+<?php
+    }
+} else {
+    if (empty($Keys)) {
+?>
+        <tr>
+            <td align="center" colspan="8">Sorry，当前暂无信息</td>
+        </tr>
+<?php
+    } else {
+?>
+        <tr>
+            <td align="center" colspan="8"><a href="?">Sorry，没有找到"<?php echo $Keyscode; ?>"相关的信息，点击返回</a></td>
+        </tr>
+<?php
+    }
+}
+?>
+    </tbody>
+    <tfoot>
+        <tr>
+            <td colspan="8">
+                <div class="showpagebox">
+<?php
+if ($totalPages > 1) {
+    $PageName = "?qid={$qid}&Keys={$Keys}&Ord={$Ord}&";
+    $Pagelen = 3;
+    
+    if ($Page > 1) {
+        echo "<a href=\"{$PageName}Page=1\">首页</a>";
+        echo "<a href=\"{$PageName}Page=" . ($Page-1) . "\">上一页</a>";
+    }
+    
+    if ($Pagelen * 2 + 1 >= $totalPages) {
+        $StartPage = 1;
+        $EndPage = $totalPages;
+    } else {
+        if ($Page <= $Pagelen + 1) {
+            $StartPage = 1;
+            $EndPage = $Pagelen * 2 + 1;
+        } else {
+            $StartPage = $Page - $Pagelen;
+            $EndPage = $Page + $Pagelen;
+        }
+        if ($Page + $Pagelen > $totalPages) {
+            $StartPage = $totalPages - $Pagelen * 2;
+            $EndPage = $totalPages;
+        }
+    }
+    
+    for ($i = $StartPage; $i <= $EndPage; $i++) {
+        if ($i == $Page) {
+            echo "<a class=\"current\">{$i}</a>";
+        } else {
+            echo "<a href=\"{$PageName}Page={$i}\">{$i}</a>";
+        }
+    }
+    
+    if ($Page < $totalPages) {
+        if ($totalPages - $Page > $Pagelen) {
+            echo "<a href=\"{$PageName}Page={$totalPages}\">...{$totalPages}</a>";
+        }
+        echo "<a href=\"{$PageName}Page=" . ($Page+1) . "\">下一页</a>";
+        echo "<a href=\"{$PageName}Page={$totalPages}\">尾页</a>";
+    }
+    
+    $pageInputJs = "if(event.keyCode==13){location.href='{$PageName}Page='+document.getElementById('Pagego').value}";
+    echo "<input type=\"text\" id=\"Pagego\" value=\"{$Page}\" onFocus=\"if(this.value == '{$Page}'){this.value='';}\" onBlur=\"if(this.value == ''){this.value='{$Page}';}\" onKeyUp=\"this.value=this.value.replace(/\\D/g,'')\" onKeyDown=\"{$pageInputJs}\" />";
+}
+?>
+                </div>
+                <div class="searchbox">
+                    <input type="text" id="keys" value="<?php echo empty($Keyscode) ? '请输入搜索关键词' : $Keyscode; ?>" 
+                           onFocus="if(this.value == '<?php echo empty($Keyscode) ? '请输入搜索关键词' : $Keyscode; ?>'){this.value='';}" 
+                           onBlur="if(this.value == ''){this.value='<?php echo empty($Keyscode) ? '请输入搜索关键词' : $Keyscode; ?>';}" 
+                           onKeyDown="if(event.keyCode==13){location.href='?qid=<?php echo $qid; ?>&Keys='+escape(document.getElementById('keys').value)}" />
+                    <input type="button" id="searchgo" value="go" onClick="location.href='?qid=<?php echo $qid; ?>&Keys='+escape(document.getElementById('keys').value)" />
+                </div>
+                <div class="postchkbox">
+                    <select id="chkact" name="chkact">
+                        <option value="1">显示</option>
+                        <option value="0">隐藏</option>
+                        <option value="-1">删除</option>
+                    </select>
+                    <input type="button" value="执行" onClick="postchk(1)" class="btn1" />
+                    <input type="button" value="新增" onClick="location.href='?act=add'" class="btn1" />
+                </div>
+            </td>
+        </tr>
+    </tfoot>
+</table>
+<?php 
+$conn->close();
+?>
+</div>
+</body>
+</html> 

system/bmpcode.php

@@ -0,0 +1,120 @@
+<?php
+session_start();
+
+class CaptchaGenerator {
+    // 配置参数
+    private $config = [
+        'width' => 120,             // 图片宽度
+        'height' => 40,            // 图片高度
+        'charLength' => 5,         // 验证码长度
+        'charSet' => '0123456789', // 字符集
+        'fontSize' => 20,          // 字体大小
+        'noiseDots' => 50,         // 噪点数量
+        'noiseLines' => 3,         // 干扰线数量
+        'sessionKey' => 'zengscode' // Session存储键
+    ];
+
+    private $image;
+    private $code;
+
+    public function __construct($customConfig = []) {
+        $this->config = array_merge($this->config, $customConfig);
+        
+        if (isset($_GET['width']) && is_numeric($_GET['width'])) {
+            $this->config['width'] = (int)$_GET['width'];
+        }
+        if (isset($_GET['height']) && is_numeric($_GET['height'])) {
+            $this->config['height'] = (int)$_GET['height'];
+        }
+    }
+
+    private function generateCode() {
+        $chars = str_split($this->config['charSet']);
+        $this->code = '';
+        for ($i = 0; $i < $this->config['charLength']; $i++) {
+            $this->code .= $chars[array_rand($chars)];
+        }
+        $_SESSION[$this->config['sessionKey']] = $this->code;
+    }
+
+    private function createImage() {
+        $this->image = imagecreatetruecolor($this->config['width'], $this->config['height']);
+        $bgColor = imagecolorallocate($this->image, 255, 255, 255);
+        imagefill($this->image, 0, 0, $bgColor);
+    }
+
+    private function addCharacters() {
+        $charSpacing = $this->config['width'] / ($this->config['charLength'] + 1);
+        
+        // 调整垂直基线，使文字居中且完整显示
+        $baseY = $this->config['height'] - ($this->config['fontSize'] / 2); // 从底部开始计算
+        
+        for ($i = 0; $i < strlen($this->code); $i++) {
+            $textColor = imagecolorallocate($this->image, 
+                rand(0, 150), rand(0, 150), rand(0, 150)
+            );
+            
+            $angle = rand(-20, 20);
+            
+            // 水平位置
+            $x = ($i + 1) * $charSpacing - ($this->config['fontSize'] / 2) + rand(-5, 5);
+            // 垂直位置调整，确保文字完整显示并居中
+            $y = $baseY + rand(-5, 5);
+            
+            // 使用内置字体5，位置从左下角计算
+            imagestring($this->image, 5, $x, $y - $this->config['fontSize'], $this->code[$i], $textColor);
+        }
+    }
+
+    private function addNoiseDots() {
+        for ($i = 0; $i < $this->config['noiseDots']; $i++) {
+            $color = imagecolorallocate($this->image, 
+                rand(0, 255), rand(0, 255), rand(0, 255)
+            );
+            imagesetpixel($this->image, 
+                rand(0, $this->config['width']), 
+                rand(0, $this->config['height']), 
+                $color
+            );
+        }
+    }
+
+    private function addNoiseLines() {
+        for ($i = 0; $i < $this->config['noiseLines']; $i++) {
+            $color = imagecolorallocate($this->image, 
+                rand(0, 255), rand(0, 255), rand(0, 255)
+            );
+            imageline($this->image, 
+                rand(0, $this->config['width']), rand(0, $this->config['height']),
+                rand(0, $this->config['width']), rand(0, $this->config['height']),
+                $color
+            );
+        }
+    }
+
+    public function generate() {
+        $this->generateCode();
+        $this->createImage();
+        $this->addCharacters();
+        $this->addNoiseDots();
+        $this->addNoiseLines();
+        
+        header('Content-Type: image/png');
+        imagepng($this->image);
+        imagedestroy($this->image);
+    }
+
+    public function getCode() {
+        return $this->code;
+    }
+
+    public static function verify($input, $sessionKey = 'captcha_code') {
+        return isset($_SESSION[$sessionKey]) && 
+               strtolower($input) === strtolower($_SESSION[$sessionKey]);
+    }
+}
+
+// 使用示例
+$captcha = new CaptchaGenerator();
+$captcha->generate();
+?>

system/conn.php

@@ -0,0 +1,352 @@
+<?php
+session_start();
+header('Content-Type: text/html; charset=utf-8');
+header('X-Powered-By: PHP/8.0');
+date_default_timezone_set('Asia/Shanghai');
+
+// 数据库连接
+$conn = new mysqli("127.0.0.1", "crm", "Qweasdzxc", "crm");
+if ($conn->connect_error) {
+    die("Connection failed: " . $conn->connect_error);
+}
+$conn->set_charset("utf8");
+
+// Get website settings
+$result = $conn->query("SELECT webname, keywords, description, indexwebname, copyright FROM inc LIMIT 1");
+if ($result) {
+    $row = $result->fetch_assoc();
+    $webname = textUncode($row['webname']);
+    $webkeywords = textUncode($row['keywords']);
+    $webdescription = textUncode($row['description']);
+    $indexwebname = textUncode($row['indexwebname']);
+    $copyright = textUncode($row['copyright']);
+    $result->close();
+}
+
+// Global variables
+$useid = '';
+$usename = '';
+$usesex = '';
+$usecompany = '';
+$usetel = '';
+$useemail = '';
+
+// Session handling functions
+function addSession($key, $value) {
+    $_SESSION['hjunkel.com' . $key] = $value;
+}
+
+function loadSession($key) {
+    return $_SESSION['hjunkel.com' . $key] ?? '';
+}
+
+// Check login function
+function checkLogin($permission = '') {
+    global $conn;
+    
+    $loginId = loadSession('loginid');
+    $loginUser = loadSession('loginuser');
+    $loginName = loadSession('loginname');
+    $loginPower = loadSession('loginpower');
+    
+    if (empty($loginId) || empty($loginUser) || empty($loginName) || empty($loginPower)) {
+        echo "<script>top.location.href='login.php'</script>";
+        exit;
+    }
+    
+    if (!is_numeric($loginId) || !is_numeric($loginPower)) {
+        echo "<script>top.location.href='login.php'</script>";
+        exit;
+    }
+    
+    $loginId = $conn->real_escape_string($loginId);
+    $loginUser = $conn->real_escape_string($loginUser);
+    
+    $result = $conn->query("SELECT loginstate, loginpower FROM login WHERE id=$loginId AND loginuser='$loginUser'");
+    
+    if ($result->num_rows === 0) {
+        echo "<script>alert('登录超时，请重新登录');top.location.href='login.php'</script>";
+        exit;
+    }
+    
+    $row = $result->fetch_assoc();
+    if ($row['loginstate'] == 0) {
+        echo "<script>alert('您的帐号已被系统停用，请联系管理员');top.location.href='login.php'</script>";
+        exit;
+    }
+    
+    if ($row['loginpower'] != (int)$loginPower) {
+        echo "<script>alert('您的权限已被更新，请重新登录');top.location.href='login.php'</script>";
+        exit;
+    }
+    
+    $result = $conn->query("SELECT powerstate, powercontent FROM power WHERE id=$loginPower");
+    
+    if ($result->num_rows === 0) {
+        echo "<script>alert('您的帐号已被系统停用，请联系管理员');top.location.href='login.php'</script>";
+        exit;
+    }
+    
+    $row = $result->fetch_assoc();
+    if ($row['powerstate'] == 0) {
+        echo "<script>alert('您的帐号已被系统停用，请联系管理员');top.location.href='login.php'</script>";
+        exit;
+    }
+    
+    $powerContent = $row['powercontent'];
+    
+    if (!empty($permission) && strpos($powerContent, $permission) === false) {
+        echo "<script>alert('Sorry，您没有操作该功能的权限');history.back();</script>";
+        exit;
+    }
+}
+
+function chkLogin($permission) {
+    global $conn;
+    $loginPower = loadSession('loginpower');
+    
+    $result = $conn->query("SELECT powercontent FROM power WHERE id=" . (int)$loginPower);
+    if ($result->num_rows === 0) {
+        return false;
+    }
+    
+    $row = $result->fetch_assoc();
+    if (!empty($permission) && strpos($row['powercontent'], $permission) === false) {
+        return false;
+    }
+    
+    return true;
+}
+
+function checkPost() {
+    // 可以根据需要实现POST检查
+    // if (!isset($_SERVER['HTTP_REFERER']) || parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) !== $_SERVER['SERVER_NAME']) {
+    //     die("<script>alert('对不起，服务器拒绝您的请求');history.back()</script>");
+    // }
+}
+
+function txt2HTML($text) {
+    if (empty($text) || is_null($text)) {
+        return '';
+    }
+    return htmlspecialchars($text, ENT_QUOTES | ENT_HTML5, 'UTF-8');
+}
+
+function html2Txt($text) {
+    if (empty($text) || is_null($text)) {
+        return '';
+    }
+    return htmlspecialchars_decode($text, ENT_QUOTES);
+}
+
+function htmlEncode($text) {
+    if (empty($text) || is_null($text)) {
+        return '';
+    }
+    
+    $chars = [
+        '&' => '&#38;', "\t" => '&#9;', "\n" => '&#10;', "\r" => '&#13;',
+        ' ' => '&#32;', '"' => '&#34;', '%' => '&#37;', "'" => '&#39;',
+        '(' => '&#40;', ')' => '&#41;', '<' => '&#60;', '>' => '&#62;',
+        '[' => '&#91;', ']' => '&#93;', '^' => '&#94;', '_' => '&#95;',
+        '{' => '&#123;', '|' => '&#124;', '}' => '&#125;'
+    ];
+    
+    return strtr($text, $chars);
+}
+
+function htmlUncode($text) {
+    if (empty($text) || is_null($text)) {
+        return '';
+    }
+    
+    $chars = array_flip([
+        '&' => '&#38;', "\t" => '&#9;', "\n" => '&#10;', "\r" => '&#13;',
+        ' ' => '&#32;', '"' => '&#34;', '%' => '&#37;', "'" => '&#39;',
+        '(' => '&#40;', ')' => '&#41;', '<' => '&#60;', '>' => '&#62;',
+        '[' => '&#91;', ']' => '&#93;', '^' => '&#94;', '_' => '&#95;',
+        '{' => '&#123;', '|' => '&#124;', '}' => '&#125;'
+    ]);
+    
+    return strtr($text, $chars);
+}
+
+function textEncode($text) {
+    if (empty($text) || is_null($text)) {
+        return '';
+    }
+    
+    $text = trim($text);
+    // Remove control characters
+    $text = preg_replace('/[\x00-\x1F\x7F]/', '', $text);
+    return htmlEncode($text);
+}
+
+function textUncode($text) {
+    if (empty($text) || is_null($text)) {
+        return '';
+    }
+    return htmlUncode($text);
+}
+
+function htmlUncode1($text) {
+    if (empty($text) || is_null($text)) {
+        return '';
+    }
+    
+    $replacements = [
+        '&#9;' => "\t",
+        '&#11;' => "\v",
+        '&#13;&#10;' => '<br />',
+        '&#10;' => '<br />',
+        '&#13;' => '<br />',
+        '&#32;' => '&nbsp;',
+        '&#38;' => '&'
+    ];
+    
+    return strtr($text, $replacements);
+}
+
+function strLeft($str, $length) {
+    if (empty($str)) {
+        return '';
+    }
+    
+    $substr = mb_substr($str, 0, $length, 'UTF-8');
+    return ($substr != $str) ? $substr . '..' : $substr;
+}
+
+
+
+function enMonth($m) {
+    $months = [
+        '1' => 'Jan', '2' => 'Feb', '3' => 'Mar',
+        '4' => 'Apr', '5' => 'May', '6' => 'Jun',
+        '7' => 'Jul', '8' => 'Aug', '9' => 'Sep',
+        '10' => 'Oct', '11' => 'Nov', '12' => 'Dec'
+    ];
+    return $months[$m] ?? 'Dec';
+}
+
+function sitelinkReplace($content, $search, $replace, $limit = -1) {
+    if (empty($content) || is_null($content)) {
+        return '';
+    }
+
+    // 保存HTML标签内容
+    $patterns = [
+        '/<a[^<>]+>.+?<\/a>/is',  // 链接
+        '/<img[^<>]+>/is',        // 图片
+        '/<h[1-6]+\s*>.+?<\/h[1-6]+>/is'  // 标题
+    ];
+    
+    $savedTags = [];
+    $i = 0;
+    
+    foreach ($patterns as $pattern) {
+        $content = preg_replace_callback($pattern, function($match) use (&$savedTags, &$i) {
+            $savedTags[$i] = $match[0];
+            $placeholder = "[{$i}]";
+            $i++;
+            return $placeholder;
+        }, $content);
+    }
+    
+    if ($i == 0) {
+        // 如果没有需要保护的HTML标签，直接替换
+        return str_replace($search, $replace, $content, $limit);
+    }
+    
+    // 执行替换
+    $content = str_replace($search, $replace, $content, $limit);
+    
+    // 还原保存的标签
+    for ($j = 0; $j < $i; $j++) {
+        $content = str_replace("[{$j}]", $savedTags[$j], $content);
+    }
+    
+    return $content;
+}
+
+function getIp() {
+    $ip = $_SERVER['HTTP_X_FORWARDED_FOR'] ?? $_SERVER['REMOTE_ADDR'] ?? '';
+    if (strlen($ip) > 15) {
+        $ip = 'Unknown';
+    }
+    return htmlEncode($ip);
+}
+
+function formatTime($time, $format) {
+    if (!strtotime($time)) {
+        return '';
+    }
+    
+    $replacements = [
+        'yyyy' => 'Y',
+        'yy' => 'y',
+        'mm' => 'm',
+        'dd' => 'd',
+        'hh' => 'H',
+        'ff' => 'i',
+        'ss' => 's'
+    ];
+    
+    $phpFormat = strtr($format, $replacements);
+    return date($phpFormat, strtotime($time));
+}
+
+function removeHTML($text) {
+    if (empty($text) || is_null($text)) {
+        return '';
+    }
+    
+    // Remove scripts and iframes
+    $text = preg_replace(['/<script\b[^>]*>(.*?)<\/script>/is', '/<iframe\b[^>]*>(.*?)<\/iframe>/is'], '', $text);
+    
+    // Convert special characters
+    $text = str_replace(['&lt;', '&gt;'], ['<', '>'], $text);
+    
+    // Remove all remaining HTML tags
+    $text = strip_tags($text);
+    
+    // Remove special characters and whitespace
+    $text = str_replace(['&nbsp;', "\r", "\n", "\t", "\x09", "\x0A", "\x0D", "\x16"], '', $text);
+    
+    return trim($text);
+}
+
+function isValidEmail($email) {
+    if (empty($email)) {
+        return false;
+    }
+    
+    $parts = explode('@', $email);
+    if (count($parts) !== 2) {
+        return false;
+    }
+    
+    list($local, $domain) = $parts;
+    if (empty($local) || empty($domain)) {
+        return false;
+    }
+    
+    if (!preg_match('/^[a-zA-Z0-9._-]+$/', $local)) {
+        return false;
+    }
+    
+    if (strpos($domain, '.') === false) {
+        return false;
+    }
+    
+    $tld = substr($domain, strrpos($domain, '.') + 1);
+    if (strlen($tld) < 2 || strlen($tld) > 3) {
+        return false;
+    }
+    
+    if (strpos($email, '..') !== false) {
+        return false;
+    }
+    
+    return true;
+}
+?> 

system/country.php

@@ -0,0 +1,358 @@
+<?php
+require_once 'conn.php';
+checklogin("信息管理");
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>管理区域</title>
+<link rel="stylesheet" href="css/common.css" type="text/css" />
+<link rel="stylesheet" href="css/jquery.galpop.css" type="text/css" />
+<script language="javascript" src="js/jquery-1.7.2.min.js"></script>
+<script type="text/javascript" src="js/js.js"></script>
+<script type="text/javascript" src="xheditor-1.1.9/xheditor-1.1.9-zh-cn.min.js"></script>
+<script type="text/javascript" src="js/Searchproduct.js"></script>
+</head>
+<body>
+<div id="man_zone">
+<?php
+$act = $_GET['act'] ?? '';
+
+if ($act == "save") {
+    $isedit = false;
+    $id = $_POST['id'] ?? '';
+    if ($id != "" && is_numeric($id)) {
+        $isedit = true;
+    }
+
+    $productId = $_POST['productId'] ?? '';
+    $num = $_POST['num'] ?? '';
+    $price = $_POST['price'] ?? '';
+
+    if ($isedit) {
+        $sql = "UPDATE country SET addtime=NOW() WHERE id=$id";
+        $conn->query($sql);
+        
+        $productIds = explode(',', $productId);
+        $nums = explode(',', $num);
+        $prices = explode(',', $price);
+        
+        $conn->query("DELETE FROM price WHERE AreaId=$id");
+        
+        for ($i = 0; $i < count($productIds); $i++) {
+            $numVal = empty($nums[$i]) ? 0 : $nums[$i];
+            $priceVal = empty($prices[$i]) ? 0 : $prices[$i];
+            $sql = "INSERT INTO price (productId, AreaId, num, price) VALUES ($productIds[$i], $id, $numVal, '$priceVal')";
+            $conn->query($sql);
+        }
+
+        $page = $_GET['Page'] ?? '';
+        $keys = urlencode($_GET['Keys'] ?? '');
+        $ord = urlencode($_GET['Ord'] ?? '');
+        header("Location: ?keys=$keys&Ord=$ord&Page=$page");
+        exit;
+    } else {
+        $sql = "INSERT INTO country (addtime) VALUES (NOW())";
+        $conn->query($sql);
+        $id = $conn->insert_id;
+        
+        $productIds = explode(',', $productId);
+        $nums = explode(',', $num);
+        $prices = explode(',', $price);
+        
+        for ($i = 0; $i < count($productIds); $i++) {
+            $numVal = empty($nums[$i]) ? 0 : $nums[$i];
+            $priceVal = empty($prices[$i]) ? 0 : $prices[$i];
+            $sql = "INSERT INTO price (productId, AreaId, num, price) VALUES ($productIds[$i], $id, $numVal, '$priceVal')";
+            $conn->query($sql);
+        }
+
+        header("Location: ?");
+        exit;
+    }
+}
+
+if ($act == "add" || $act == "edit") {
+    $id = $_GET['id'] ?? '';
+    $isedit = false;
+    $countryCode = '';
+    $countryName = '';
+    $addtime = '';
+
+    if ($id != "" && is_numeric($id)) {
+        $isedit = true;
+        $sql = "SELECT * FROM country WHERE id = $id";
+        $result = $conn->query($sql);
+        $row = $result->fetch_assoc();
+        
+        if ($row) {
+            $countryCode = $row['countryCode'];
+            $countryName = $row['countryName'];
+            $addtime = $row['addtime'];
+        } else {
+            $isedit = false;
+        }
+    }
+
+    $page = $_GET['Page'] ?? '';
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $ord = urlencode($_GET['Ord'] ?? '');
+    $hrefstr = "?keys=$keys&Ord=$ord&Page=$page";
+?>
+    <form name="form1" method="post" action="<?= $hrefstr ?>&act=save">
+    <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+        <tbody>
+            <tr>
+                <th width="8%">国家</th>
+                <td><input type="text" id="countryName" name="countryName" readonly value="<?= htmlspecialchars($countryName) ?>" class="txt1" /><input type="hidden" name="id" value="<?= $id ?>" /></td>
+            </tr>
+            <tr>
+                <th width="8%">区号</th>
+                <td><input type="text" id="countryCode" name="countryCode" readonly value="<?= htmlspecialchars($countryCode) ?>" class="txt1" /></td>
+            </tr>
+            <tr>
+                <th width="8%">更新日期</th>
+                <td><?= $addtime ?></td>
+            </tr>           
+            <tr>
+                <th width="8%">售价管理</th>
+                <td>
+                <div class="prowapper">             
+                    <?php
+                    $sql = "SELECT id, ProductName, ProductImg, unit FROM Products WHERE id IN (SELECT productId FROM price WHERE AreaId = $id)";
+                    $result = $conn->query($sql);
+                    while ($row = $result->fetch_assoc()) {
+                    ?>
+                        <div class="proitem">
+                            <div class="prodelet"></div>
+                            <div class="proname"><?= htmlspecialchars($row['ProductName']) ?></div>
+                            <div class="propic"><img src="<?= htmlspecialchars($row['ProductImg']) ?>"></div>      
+                            <div class="proprice">
+                                <?php
+                                $sql2 = "SELECT num, price FROM Price WHERE productId = {$row['id']} AND AreaId = $id ORDER BY num ASC";
+                                $result2 = $conn->query($sql2);
+                                while ($row2 = $result2->fetch_assoc()) {
+                                ?>
+                                    <div class="priceitem">
+                                        <input type="hidden" name="productId" value="<?= $row['id'] ?>">
+                                        <label>≥</label>
+                                        <input type="number" autocomplete="off" class="txt3 num" name="num" value="<?= $row2['num'] ?>">
+                                        <label class='unit'><?= htmlspecialchars($row['unit']) ?></label>
+                                        <label>售价</label>
+                                        <input type="text" class="txt3 price" autocomplete="off" name="price" value="<?= $row2['price'] ?>">
+                                        <label>RMB</label>
+                                        <span class="additem"></span>
+                                        <span class="delitem"></span>
+                                        <span class="note"></span>
+                                    </div>
+                                <?php
+                                }
+                                ?>
+                            </div>      
+                        </div>
+                    <?php
+                    }
+                    ?>
+                </div>                  
+                </td>
+            </tr>
+            <tr>
+                <th width="8%">产品添加</th>
+                <td class="productinput">
+                    <input type="text" id="productSearch" class="fastsearch">
+                    <div id="productlist" class="productlist"><ul></ul></div>
+                </td>
+            </tr>          
+            <tr>
+                <th></th>
+                <td>
+                    <input type="submit" name="save" id="save" value="确定" class="btn1" />
+                    <input type="reset" name="save" id="save" value="重置" class="btn1" />
+                    <input type="button" value="返回" class="btn1" onClick="location.href='<?= $hrefstr ?>'" />
+                </td>
+            </tr>
+        </tbody>
+    </table>
+    </form>
+</div>
+</body>
+</html>
+<?php
+    exit;
+}
+
+if ($act == "postchk") {
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $ord = urlencode($_GET['Ord'] ?? '');
+    $page = $_GET['Page'] ?? '';
+    $chkact = $_POST['chkact'] ?? '';
+    
+    if (isset($_POST['chkbox']) && is_array($_POST['chkbox'])) {
+        $ids = implode(',', array_map('intval', $_POST['chkbox']));
+        $sql = "DELETE FROM country WHERE id IN ($ids)";
+        $conn->query($sql);
+    }
+    
+    header("Location: ?Keys=$keys&Ord=$ord&Page=$page");
+    exit;
+}
+
+// Main list view
+$keys = $_GET['Keys'] ?? '';
+$keyscode = $keys;
+$ord = $_GET['Ord'] ?? '';
+$page = $_GET['Page'] ?? '';
+
+$sql = "SELECT * FROM country WHERE countryName LIKE '%$keyscode%' OR countryCode LIKE '%$keyscode%' ORDER BY id DESC";
+$result = $conn->query($sql);
+$results = [];
+while($row = $result->fetch_assoc()) {
+    $results[] = $row;
+}
+
+$totalRecords = count($results);
+$pageSize = 20;
+$totalPages = ceil($totalRecords / $pageSize);
+
+if ($page == "") $page = 1;
+if ($page == "end") $page = $totalPages;
+if (!is_numeric($page) || $page < 1) $page = 1;
+$page = (int)$page;
+if ($page > $totalPages) $page = $totalPages;
+
+$start = ($page - 1) * $pageSize;
+$currentPageRecords = array_slice($results, $start, $pageSize);
+
+$keys = urlencode($keys);
+$ord = urlencode($ord);
+$hrefstr = "?keys=$keys";
+?>  
+    <form id="form1" method="post" action="?act=postchk&Keys=<?= $keys ?>&Ord=<?= $ord ?>&Page=<?= $page ?>" onSubmit="return false">
+    <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+        <thead>
+            <tr>
+                <th width="4%"><input type="checkbox" name="chkall" id="chkall" onClick="chkboxall(this,'chkbox')" /></th>
+                <th width="6%">序号</th>
+                <th width="30%">国家</th>
+                <th width="30%">区号</th>
+                <th width="30%">操作</th>
+            </tr>
+        </thead>
+        <tbody>
+        <?php
+        if (!empty($currentPageRecords)) {
+            $tempNum = $start;
+            foreach ($currentPageRecords as $row) {
+                $tempNum++;
+        ?>
+            <tr onMouseOver="this.style.background='#F7FCFF'" onMouseOut="this.style.background='#FFFFFF'">
+                <td align="center"><input type="checkbox" name="chkbox[]" value="<?= $row['id'] ?>" /></td>
+                <td align="center"><?= $tempNum ?></td>
+                <td align="center"><?= htmlspecialchars($row['countryName']) ?></td>
+                <td align="center"><?= htmlspecialchars($row['countryCode']) ?></td>
+                <td align="center">
+                    <a href="?Keys=<?= $keys ?>&Ord=<?= $ord ?>&Page=<?= $page ?>&act=edit&id=<?= $row['id'] ?>" class="ico_edit ico">修改</a>
+                </td>
+            </tr>
+        <?php
+            }
+        } else {
+            if ($keys == "") {
+        ?>
+            <tr>
+                <td align="center" colspan="5">Sorry，当前暂无信息</td>
+            </tr>
+        <?php
+            } else {
+        ?>
+            <tr>
+                <td align="center" colspan="5"><a href="?">Sorry，没有找到"<?= htmlspecialchars($keyscode) ?>"相关的信息，点击返回</a></td>
+            </tr>
+        <?php
+            }
+        }
+        ?>
+        </tbody>
+        <tfoot>
+            <tr>
+                <td colspan="5">
+                    <div class="showpagebox">
+                    <?php
+                    if ($totalPages > 1) {
+                        $pageName = "?Keys=$keys&Ord=$ord&";
+                        $pagelen = 3;
+
+                        if ($page > 1) {
+                            echo "<a href=\"{$pageName}Page=1\">首页</a>";
+                            echo "<a href=\"{$pageName}Page=" . ($page-1) . "\">上一页</a>";
+                        }
+
+                        if ($pagelen * 2 + 1 >= $totalPages) {
+                            $startPage = 1;
+                            $endPage = $totalPages;
+                        } else {
+                            if ($page <= $pagelen + 1) {
+                                $startPage = 1;
+                                $endPage = $pagelen * 2 + 1;
+                            } else {
+                                $startPage = $page - $pagelen;
+                                $endPage = $page + $pagelen;
+                            }
+                            if ($page + $pagelen > $totalPages) {
+                                $startPage = $totalPages - $pagelen * 2;
+                                $endPage = $totalPages;
+                            }
+                        }
+
+                        for ($i = $startPage; $i <= $endPage; $i++) {
+                            if ($i == $page) {
+                                echo "<a class=\"current\">$i</a>";
+                            } else {
+                                echo "<a href=\"{$pageName}Page=$i\">$i</a>";
+                            }
+                        }
+
+                        if ($page < $totalPages) {
+                            if ($totalPages - $page > $pagelen) {
+                                echo "<a href=\"{$pageName}Page=$totalPages\">...$totalPages</a>";
+                            }
+                            echo "<a href=\"{$pageName}Page=" . ($page+1) . "\">下一页</a>";
+                            echo "<a href=\"{$pageName}Page=$totalPages\">尾页</a>";
+                        }
+
+                        echo "<input type=\"text\" id=\"Pagego\" value=\"$page\" onFocus=\"if(this.value == '$page'){this.value='';}\""
+                            . " onBlur=\"if(this.value == ''){this.value='$page';}\""
+                            . " onKeyUp=\"this.value=this.value.replace(/\\D/g,'')\""
+                            . " onKeyDown=\"if(event.keyCode==13){location.href='{$pageName}Page='+document.getElementById('Pagego').value}\" />";
+                    }
+                    ?>
+                    </div>
+                    <div class="searchbox">
+                        <input type="text" id="keys" value="<?= $keyscode == "" ? "请输入搜索关键词" : htmlspecialchars($keyscode) ?>"
+                            onFocus="if(this.value == '<?= $keyscode == "" ? "请输入搜索关键词" : htmlspecialchars($keyscode) ?>'){this.value='';}"
+                            onBlur="if(this.value == ''){this.value='<?= $keyscode == "" ? "请输入搜索关键词" : htmlspecialchars($keyscode) ?>';}"
+                            onKeyDown="if(event.keyCode==13){location.href='?Keys='+encodeURIComponent(document.getElementById('keys').value)}" />
+                        <input type="button" id="searchgo" value="go" onClick="location.href='?Keys='+encodeURIComponent(document.getElementById('keys').value)" />
+                    </div>
+                    <div class="postchkbox">
+                        <select id="chkact" name="chkact">
+                            <option value="1">请选择</option>
+                            <option value="-1">删除</option>
+                        </select>
+                        <input type="button" value="执行" onClick="postchk(1)" class="btn1" />
+                        <input type="button" value="新增" onClick="location.href='?act=add'" class="btn1" />
+                    </div>
+                </td>
+            </tr>
+        </tfoot>
+    </table>
+    </form>
+</div>
+<script>
+$('.click-open-iframe').galpop({
+    contentType: 'iframe',
+});
+</script>
+</body>
+</html> 

system/customers.php

@@ -0,0 +1,392 @@
+<?php
+require_once("conn.php");
+include("checklogin.php"); 
+
+// 辅助函数
+function textEncode($str) {
+    return htmlspecialchars($str, ENT_QUOTES, 'UTF-8');
+}
+
+function textDecode($str) {
+    return htmlspecialchars_decode($str, ENT_QUOTES);
+}
+
+function htmlEncode($str) {
+    return htmlspecialchars($str, ENT_QUOTES, 'UTF-8');
+}
+
+function htmlDecode($str) {
+    return htmlspecialchars_decode($str, ENT_QUOTES);
+}
+
+$act = $_GET['act'] ?? '';
+$urlStr = '';
+
+// 处理保存操作
+if ($act == "save") {
+    $isedit = false;
+    $id = $_POST['id'] ?? '';
+    if (!empty($id) && is_numeric($id)) {
+        $isedit = true;
+    }
+    
+    // 获取表单数据
+    $cs_code = textEncode($_POST['cs_code']);
+    $cs_company = textEncode($_POST['cs_company']);
+    $cs_name = textEncode($_POST['cs_name']);
+    $cs_belong = $_POST['cs_belong'];
+    $cs_country = $_POST['cs_country'];
+    $cs_from = $_POST['cs_from'];
+    $cs_tel = textEncode($_POST['cs_tel']);
+    $cs_email = textEncode($_POST['cs_email']);
+    $cs_whatsapp = textEncode($_POST['cs_whatsapp']);
+    $cs_wechat = textEncode($_POST['cs_wechat']);
+    $cs_linkedin = textEncode($_POST['cs_linkedin']);
+    $cs_facebook = textEncode($_POST['cs_facebook']);
+    $cs_alibaba = textEncode($_POST['cs_alibaba']);
+    $cs_state = $_POST['cs_state'];
+    $cs_deal = $_POST['cs_deal'];
+    $no_content = htmlEncode($_POST['no_content']);
+    $allowedit = isset($_POST['allowedit']) ? 1 : 0;
+
+    if ($isedit) {
+        // 更新现有记录
+        $sql = "SELECT cs_chain FROM customer WHERE id = $id";
+        $result = mysqli_query($conn, $sql);
+        if ($row = mysqli_fetch_assoc($result)) {
+            $cs_chain = $row['cs_chain'];
+            $chain_array = explode(',', $cs_chain);
+            $last_item = end($chain_array);
+            
+            if ($last_item != $cs_belong) {
+                $cs_chain .= ",$cs_belong";
+            }
+            
+            $sql = "UPDATE customer SET 
+                    cs_code = '$cs_code',
+                    cs_company = '$cs_company',
+                    cs_name = '$cs_name',
+                    cs_belong = '$cs_belong',
+                    cs_country = '$cs_country',
+                    cs_from = '$cs_from',
+                    cs_tel = '$cs_tel',
+                    cs_email = '$cs_email',
+                    cs_whatsapp = '$cs_whatsapp',
+                    cs_wechat = '$cs_wechat',
+                    cs_linkedin = '$cs_linkedin',
+                    cs_facebook = '$cs_facebook',
+                    cs_alibaba = '$cs_alibaba',
+                    cs_state = '$cs_state',
+                    cs_deal = '$cs_deal',
+                    cs_note = '$no_content',
+                    allowedit = $allowedit,
+                    cs_chain = '$cs_chain',
+                    cs_updatetime = NOW()
+                    WHERE id = $id";
+                    
+            mysqli_query($conn, $sql);
+            
+            $page = $_GET['Page'] ?? '';
+            $keys = urlencode($_GET['Keys'] ?? '');
+            header("Location: ?keys=$keys&Page=$page$urlStr");
+            exit;
+        }
+    }
+}
+
+// 处理编辑操作
+if ($act == "edit") {
+    $id = $_GET['id'] ?? '';
+    $isedit = false;
+    if (!empty($id) && is_numeric($id)) {
+        $isedit = true;
+    }
+    
+    if ($isedit) {
+        $sql = "SELECT c.*, n.c_code FROM customer c 
+                LEFT JOIN myNote n ON c.cs_code = n.c_code 
+                WHERE c.id = $id";
+        $result = mysqli_query($conn, $sql);
+        if ($row = mysqli_fetch_assoc($result)) {
+            $cs_code = textDecode($row['cs_code']);
+            $cs_company = textDecode($row['cs_company']);
+            $cs_name = textDecode($row['cs_name']);
+            $cs_country = $row['cs_country'];
+            $cs_from = $row['cs_from'];
+            $cs_tel = textDecode($row['cs_tel']);
+            $cs_telBu = textDecode($row['cs_telBu']);
+            $cs_email = textDecode($row['cs_email']);
+            $cs_emailBu = textDecode($row['cs_emailBu']);
+            $cs_whatsapp = textDecode($row['cs_whatsapp']);
+            $cs_whatsappBu = textDecode($row['cs_whatsappBu']);
+            $cs_wechat = textDecode($row['cs_wechat']);
+            $cs_wechatBu = textDecode($row['cs_wechatBu']);
+            $cs_linkedin = textDecode($row['cs_linkedin']);
+            $cs_linkedinBu = textDecode($row['cs_linkedinBu']);
+            $cs_facebook = textDecode($row['cs_facebook']);
+            $cs_facebookBu = textDecode($row['cs_facebookBu']);
+            $cs_alibaba = textDecode($row['cs_alibaba']);
+            $cs_alibabaBu = textDecode($row['cs_alibabaBu']);
+            $cs_address = textDecode($row['cs_address']);
+            $cs_addtime = $row['cs_addtime'];
+            $cs_updatetime = $row['cs_updatetime'];
+            $cs_belong = $row['cs_belong'];
+            $cs_state = $row['cs_state'];
+            $cs_deal = $row['cs_deal'];
+            $cs_note = htmlDecode($row['cs_note']);
+            $allowedit = $row['allowedit'];
+        }
+    }
+}
+
+// 处理批量操作
+if ($act == "postchk") {
+    if (isset($_POST['chkbox']) && isset($_POST['chkact'])) {
+        $chkact = $_POST['chkact'];
+        $ids = implode(',', array_map('intval', $_POST['chkbox']));
+        
+        switch($chkact) {
+            case "0":
+            case "1":
+                $sql = "UPDATE customer SET cs_state = $chkact WHERE id IN ($ids)";
+                break;
+            case "-1":
+                $sql = "DELETE FROM customer WHERE id IN ($ids)";
+                break;
+        }
+        
+        if (isset($sql)) {
+            mysqli_query($conn, $sql);
+        }
+        
+        $keys = urlencode($_GET['Keys'] ?? '');
+        $page = $_GET['Page'] ?? '';
+        header("Location: ?keys=$keys&Page=$page$urlStr");
+        exit;
+    }
+}
+
+// ... (第一部分代码续)
+
+// 处理筛选条件
+$fliterQudao = $_GET['fliterQudao'] ?? '';
+$fliterDeal = $_GET['fliterDeal'] ?? '';
+$fliterTeam = $_GET['fliterTeam'] ?? '';
+$fliterContact = $_GET['fliterContact'] ?? '';
+$fliterEmployee = $_GET['fliterEmployee'] ?? '';
+
+$fliterStr = "";
+
+if (!empty($fliterQudao)) {
+    $fliterStr .= " AND cs_from = " . intval($fliterQudao);
+    $urlStr .= "&fliterQudao=" . $fliterQudao;
+}
+
+if (!empty($fliterDeal)) {
+    $fliterStr .= " AND cs_deal = " . intval($fliterDeal);
+    $urlStr .= "&fliterDeal=" . $fliterDeal;
+}
+
+if (!empty($fliterTeam)) {
+    $fliterStr .= " AND (cs_belong = " . intval($fliterTeam) . 
+                  " OR cs_belong IN (SELECT id FROM employee WHERE em_role = " . intval($fliterTeam) . "))";
+    $urlStr .= "&fliterTeam=" . $fliterTeam;
+}
+
+if (!empty($fliterEmployee)) {
+    $fliterStr .= " AND cs_belong = " . intval($fliterEmployee);
+    $urlStr .= "&fliterEmployee=" . $fliterEmployee;
+}
+
+if (!empty($fliterContact)) {
+    switch($fliterContact) {
+        case "1": $fliterStr .= " AND cs_tel != ''"; break;
+        case "2": $fliterStr .= " AND cs_wechat != ''"; break;
+        case "3": $fliterStr .= " AND cs_whatsapp != ''"; break;
+        case "4": $fliterStr .= " AND cs_email != ''"; break;
+        case "5": $fliterStr .= " AND cs_linkedin != ''"; break;
+        case "6": $fliterStr .= " AND cs_facebook != ''"; break;
+        case "7": $fliterStr .= " AND cs_alibaba != ''"; break;
+    }
+    $urlStr .= "&fliterContact=" . $fliterContact;
+}
+
+// 搜索和排序
+$keys = $_GET['Keys'] ?? '';
+$keyscode = textEncode($keys);
+$page = $_GET['Page'] ?? 1;
+$ord = $_GET['Ord'] ?? '';
+
+$ordStr = !empty($ord) ? "$ord," : "";
+
+// 构建查询SQL
+$sqlStr = "SELECT id, cs_code, cs_name, cs_country, cs_address, cs_tel, cs_email, 
+           cs_whatsapp, cs_wechat, cs_linkedin, cs_facebook, cs_addtime, cs_alibaba,
+           cs_from, cs_deal, cs_updatetime, cs_belong, cs_note, cs_claimFrom, cs_chain, 
+           cs_dealdate 
+           FROM customer 
+           WHERE (cs_code LIKE '%$keyscode%' 
+           OR cs_name LIKE '%$keyscode%' 
+           OR cs_wechat LIKE '%$keyscode%' 
+           OR cs_alibaba LIKE '%$keyscode%' 
+           OR cs_telformat LIKE '%$keyscode%' 
+           OR cs_whatsappformat LIKE '%$keyscode%' 
+           OR cs_email LIKE '%$keyscode%') 
+           $fliterStr 
+           ORDER BY ${ordStr}cs_updatetime DESC";
+
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <script language="javascript" src="js/jquery-1.7.2.min.js"></script>
+    <script type="text/javascript" src="js/js.js"></script>
+    <script type="text/javascript" src="xheditor-1.1.9/xheditor-1.1.9-zh-cn.min.js"></script>
+    <script>
+    $(document).ready(function(){
+        $('.txt2').xheditor({
+            tools:'full',
+            hoverExecDelay:-1,
+            urlBase:'system/',
+            upLinkUrl:"upload.php",
+            upLinkExt:"zip,rar,txt,pdf",
+            upImgUrl:"upload.php",
+            upImgExt:"jpg,jpeg,gif,png",
+            upFlashUrl:"upload.php",
+            upFlashExt:"swf",
+            upMediaUrl:"upload.php",
+            upMediaExt:"wmv,avi,wma,mp3,mid"
+        });
+    });
+    </script>
+</head>
+
+<body>
+<div id="man_zone">
+<?php if ($act == "edit"): ?>
+    <form name="form1" method="post" action="<?php echo "?keys=" . urlencode($keys) . "&Page=" . ($page ?? '') . "&act=save" . $urlStr; ?>">
+        <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+            <tbody>
+                <tr>
+                    <th width="8%">客户编号</th>
+                    <td><input type="text" id="cs_code" name="cs_code" value="<?php echo $cs_code ?? ''; ?>" class="txt1" />
+                    <input type="hidden" name="id" value="<?php echo $id ?? ''; ?>" /></td>
+                </tr>
+                <tr>
+                    <th width="8%">公司名称</th>
+                    <td><input type="text" id="cs_company" name="cs_company" value="<?php echo $cs_company ?? ''; ?>" class="txt1" /></td>
+                </tr>
+                <!-- 其他表单字段 -->
+                <tr>
+                    <th width="8%">所属业务</th>
+                    <td>
+                        <select name="cs_belong">
+                            <option value="0">请选择</option>
+                            <?php
+                            $sql = "SELECT id, em_user FROM employee";
+                            $result = mysqli_query($conn, $sql);
+                            while ($row = mysqli_fetch_assoc($result)) {
+                                $selected = ($row['id'] == ($cs_belong ?? '')) ? ' selected="selected"' : '';
+                                echo "<option value=\"{$row['id']}\"$selected>{$row['em_user']}</option>";
+                            }
+                            ?>
+                        </select>
+                    </td>
+                </tr>
+                <!-- 更多表单字段 -->
+            </tbody>
+        </table>
+    </form>
+<?php else: ?>
+    <form id="form1" method="post" action="?act=postchk&keys=<?php echo urlencode($keys); ?>&Page=<?php echo $page; ?>" onSubmit="return false;">
+        <div class="fastSelect clear">
+            <H1>搜索条件</H1>
+            <!-- 筛选条件 -->
+            <div class="selectItem">
+                <label>来源渠道</label>
+                <select name="fliterQudao" class="filterSearch">
+                    <option value="">请选择渠道</option>
+                    <?php
+                    $sql = "SELECT id, ch_name FROM qudao";
+                    $result = mysqli_query($conn, $sql);
+                    while ($row = mysqli_fetch_assoc($result)) {
+                        $selected = ($fliterQudao == $row['id']) ? ' selected="selected"' : '';
+                        echo "<option value=\"{$row['id']}\"$selected>{$row['ch_name']}</option>";
+                    }
+                    ?>
+                </select>
+            </div>
+            <!-- 其他筛选条件 -->
+        </div>
+
+        <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+            <!-- 表头 -->
+            <thead>
+                <tr>
+                    <th width="4%"><input type="checkbox" name="chkall" id="chkall" onClick="chkboxall(this,'chkbox')" /></th>
+                    <th width="6%">序号</th>
+                    <th width="20%">客户编码</th>
+                    <th width="10%">联系人</th>
+                    <th width="10%">国家地区</th>
+                    <th width="7.5%">来源</th>
+                    <th width="7.5%">
+                        <a href="?keys=<?php echo urlencode($keys); ?>&Ord=<?php echo ($ord == 'cs_dealdate') ? 'cs_dealdate DESC' : 'cs_dealdate'; ?>">
+                            是否成交
+                        </a>
+                    </th>
+                    <th width="10%">业务员</th>
+                    <th width="10%">操作</th>
+                </tr>
+            </thead>
+            <tbody>
+            <?php
+            $result = mysqli_query($conn, $sqlStr);
+            if (mysqli_num_rows($result) > 0) {
+                $page_size = 18;
+                $total_records = mysqli_num_rows($result);
+                $total_pages = ceil($total_records / $page_size);
+                
+                if ($page > $total_pages) $page = $total_pages;
+                $start = ($page - 1) * $page_size;
+                
+                mysqli_data_seek($result, $start);
+                $counter = $start;
+                
+                for ($i = 0; $i < $page_size && $row = mysqli_fetch_assoc($result); $i++) {
+                    $counter++;
+                    // 显示数据行
+                    include('customer_row.php'); // 建议将行模板分离到单独文件
+                }
+            } else {
+                echo "<tr><td colspan='9' align='center'>没有找到相关记录</td></tr>";
+            }
+            ?>
+            </tbody>
+            <!-- 分页控件 -->
+            <tfoot>
+                <tr>
+                    <td colspan="9">
+                        <div class="showpagebox">
+                            <?php include('pagination.php'); // 建议将分页逻辑分离到单独文件 ?>
+                        </div>
+                        <div class="postchkbox">
+                            <select id="chkact" name="chkact">
+                                <option value="1">显示</option>
+                                <option value="0">隐藏</option>
+                                <option value="-1">删除</option>
+                            </select>
+                            <input type="button" value="执行" onClick="postchk(1)" class="btn1" />
+                            <input type="button" value="新增" onClick="location.href='?act=add'" class="btn1" />
+                        </div>
+                    </td>
+                </tr>
+            </tfoot>
+        </table>
+    </form>
+<?php endif; ?>
+</div>
+</body>
+</html>

system/dashboard.php

@@ -0,0 +1,267 @@
+<?php
+require_once("conn.php");
+checkLogin("信息管理");
+?>
+<!DOCTYPE html>
+<html>
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <script src="js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+    <script>
+    //绘制饼图  
+    function drawCircle(canvasId, data_arr, color_arr, text_arr) {
+        var c = document.getElementById(canvasId);  
+        var ctx = c.getContext("2d");  
+        var ctxw = c.getContext("2d"); 
+        var radius = 140; //半径  
+        var ox = radius + 20, oy = radius + 20; //圆心  
+        var width = 10, height = 10; //图例宽和高  
+        var posX = 500, posY = 50;   //  
+        var textX = posX + width + 5, textY = posY + 10;  
+        var startAngle = 0; //起始弧度  
+        var endAngle = 0;   //结束弧度  
+
+        for (var i = 0; i < data_arr.length; i++) {  
+            //绘制饼图  
+            endAngle = endAngle + data_arr[i] * Math.PI * 2; //结束弧度  
+            ctx.fillStyle = color_arr[i]; 
+            ctx.beginPath();  
+            ctx.moveTo(ox, oy); //移动到到圆心  
+            ctx.arc(ox, oy, radius, startAngle, endAngle, false);  
+            ctx.closePath();  
+            ctx.fill();  
+            startAngle = endAngle; //设置起始弧度  
+            
+            //绘制比例图及文字  
+            ctx.fillStyle = color_arr[i];  
+            ctx.fillRect(posX, posY + 20 * i, width, height);  
+            ctx.moveTo(posX, posY + 20 * i);  
+            ctx.font = 'bold 12px 微软雅黑';    //斜体 30像素 微软雅黑字体  
+            ctx.fillStyle = "#666666";  
+            var icount = 100 * data_arr[i];
+            var percent = text_arr[i] + "：" + icount.toFixed(2) + "%";  
+            ctx.fillText(percent, textX, textY + 20 * i);  
+        }  
+
+        ctxw.fillStyle = "#FFFFFF"; 
+        ctxw.beginPath();  
+        ctxw.moveTo(ox, oy); //移动到到圆心  
+        ctxw.arc(ox, oy, 90, 0, 2* Math.PI, false);  
+        ctxw.closePath();  
+        ctxw.fill(); 
+    }  
+
+    function drawRectangle(canvasId, data_arr, text_arr) {
+        var c = document.getElementById(canvasId); 
+        var ctx = c.getContext("2d");   
+        var space = 20; //间距
+
+        var x = 0, y = 420;
+        for (var i = 0; i < data_arr.length; i++) {
+            x = x + 30 + space;
+            ctx.beginPath(); 
+            ctx.fillStyle = "#00aabb"; 
+            ctx.rect(x, 420-data_arr[i]*0.2, 30, data_arr[i]*0.2);
+            ctx.closePath();  
+            ctx.fill();  	
+            ctx.font = 'bold 10px 微软雅黑';    //斜体 30像素 微软雅黑字体  
+            ctx.fillStyle = "#666666";  
+            ctx.fillText(text_arr[i]+"("+data_arr[i]+")", x+5, 410-data_arr[i]*0.2); 
+        }
+    }
+    </script>
+</head>
+
+<body>
+<div id="man_zone">
+    <div class="dashboard">
+        <h1 class="dashboardHead">数据看板</h1>
+        <?php
+        // 获取客户总数
+        $result = mysqli_query($conn, "SELECT COUNT(DISTINCT cs_code) as CustomerTotal FROM customer");
+        $row = mysqli_fetch_assoc($result);
+        $tn = $row['CustomerTotal'];
+
+        // 获取成交客户数
+        $result = mysqli_query($conn, "SELECT COUNT(DISTINCT cs_code) as CustomerTotal FROM customer WHERE cs_deal=3");
+        $row = mysqli_fetch_assoc($result);
+        $tdn = $row['CustomerTotal'];
+
+        // 获取客户类型数据
+        $data_arr1 = [];
+        $text_arr1 = [];
+        $result = mysqli_query($conn, "SELECT businessType, COUNT(DISTINCT cs_code) as cc FROM customer 
+                                     LEFT JOIN clientType ON customer.cs_type=clientType.id 
+                                     GROUP BY businessType");
+        while($row = mysqli_fetch_assoc($result)) {
+            $data_arr1[] = number_format($row['cc']/$tn, 4);
+            $text_arr1[] = $row['businessType'];
+        }
+        ?>
+        <input type="hidden" id="data_arr1" value="<?= implode(',', $data_arr1) ?>">
+        <input type="hidden" id="text_arr1" value="<?= implode(',', $text_arr1) ?>">
+        <div class="dashPanel1">
+            <h3>客户类型</h3>
+            <canvas id="canvas_circle" width="720" height="360">浏览器不支持canvas</canvas>
+        </div>
+
+        <?php
+        // 获取成交比例数据
+        $data_arr2 = [];
+        $result = mysqli_query($conn, "SELECT cs_deal, COUNT(DISTINCT cs_code) as cc 
+                                     FROM customer GROUP BY cs_deal ORDER BY cs_deal DESC");
+        while($row = mysqli_fetch_assoc($result)) {
+            $data_arr2[] = number_format($row['cc']/$tn, 4);
+        }
+        ?>
+        <input type="hidden" id="data_arr2" value="<?= implode(',', $data_arr2) ?>">
+        <input type="hidden" id="text_arr2" value="成交,明确需求,背景调查,无响应">
+        <div class="dashPanel1">
+            <h3>成交比例</h3>
+            <canvas id="canvas_circle2" width="720" height="360">浏览器不支持canvas</canvas>
+        </div>
+
+        <?php
+        // 获取客户来源数据
+        $data_arr3 = [];
+        $text_arr3 = [];
+        $result = mysqli_query($conn, "SELECT ch_name, COUNT(DISTINCT cs_code) as cc 
+                                     FROM customer LEFT JOIN qudao ON customer.cs_from=qudao.id 
+                                     GROUP BY ch_name");
+        while($row = mysqli_fetch_assoc($result)) {
+            $data_arr3[] = number_format($row['cc']/$tn, 4);
+            $text_arr3[] = $row['ch_name'];
+        }
+        ?>
+        <input type="hidden" id="data_arr3" value="<?= implode(',', $data_arr3) ?>">
+        <input type="hidden" id="text_arr3" value="<?= implode(',', $text_arr3) ?>">
+        <div class="dashPanel1">
+            <h3>客户来源</h3>
+            <canvas id="canvas_circle3" width="720" height="360">浏览器不支持canvas</canvas>
+        </div>
+
+        <?php
+        // 获取已成交客户分布(Top10)数据
+        $data_arr5 = [];
+        $text_arr5 = [];
+        $tp = 1;
+        $result = mysqli_query($conn, "SELECT countryName, COUNT(DISTINCT cs_code) as cc 
+                                     FROM customer LEFT JOIN country ON customer.cs_country=country.id 
+                                     WHERE cs_deal=3 GROUP BY countryName ORDER BY cc DESC LIMIT 9");
+        while($row = mysqli_fetch_assoc($result)) {
+            $value = number_format($row['cc']/$tdn, 4);
+            $data_arr5[] = $value;
+            $text_arr5[] = $row['countryName'];
+            $tp -= $value;
+        }
+        $data_arr5[] = $tp;
+        $text_arr5[] = "其他";
+        ?>
+        <input type="hidden" id="data_arr5" value="<?= implode(',', $data_arr5) ?>">
+        <input type="hidden" id="text_arr5" value="<?= implode(',', $text_arr5) ?>">
+        <div class="dashPanel1">
+            <h3>已成交客户分布(Top10)</h3>
+            <canvas id="canvas_circle5" width="720" height="360">浏览器不支持canvas</canvas>
+        </div>
+
+        <?php
+        // 获取客户分布(Top10)数据
+        $data_arr4 = [];
+        $text_arr4 = [];
+        $tp = 1;
+        $result = mysqli_query($conn, "SELECT countryName, COUNT(DISTINCT cs_code) as cc 
+                                     FROM customer LEFT JOIN country ON customer.cs_country=country.id 
+                                     WHERE cs_deal=3 GROUP BY countryName ORDER BY cc DESC LIMIT 9");
+        while($row = mysqli_fetch_assoc($result)) {
+            $value = number_format($row['cc']/$tn, 4);
+            $data_arr4[] = $value;
+            $text_arr4[] = $row['countryName'];
+            $tp -= $value;
+        }
+        $data_arr4[] = $tp;
+        $text_arr4[] = "其他";
+        ?>
+        <input type="hidden" id="data_arr4" value="<?= implode(',', $data_arr4) ?>">
+        <input type="hidden" id="text_arr4" value="<?= implode(',', $text_arr4) ?>">
+        <div class="dashPanel1">
+            <h3>客户分布(Top10)</h3>
+            <canvas id="canvas_circle4" width="720" height="360">浏览器不支持canvas</canvas>
+        </div>
+
+        <?php
+        // 获取各业务成交客户占比数据
+        $data_arr6 = [];
+        $text_arr6 = [];
+        $result = mysqli_query($conn, "SELECT em_user, COUNT(DISTINCT cs_code) as cc 
+                                     FROM customer LEFT JOIN employee ON customer.cs_belong=employee.id 
+                                     WHERE cs_deal=3 GROUP BY em_user ORDER BY cc DESC");
+        while($row = mysqli_fetch_assoc($result)) {
+            $data_arr6[] = number_format($row['cc']/$tdn, 4);
+            $text_arr6[] = $row['em_user'];
+        }
+        ?>
+        <input type="hidden" id="data_arr6" value="<?= implode(',', $data_arr6) ?>">
+        <input type="hidden" id="text_arr6" value="<?= implode(',', $text_arr6) ?>">
+        <div class="dashPanel1">
+            <h3>各业务成交客户占比</h3>
+            <canvas id="canvas_circle6" width="720" height="360">浏览器不支持canvas</canvas>
+        </div>
+
+        <?php
+        // 获取各业务客户占比数据
+        $data_arr7 = [];
+        $text_arr7 = [];
+        $result = mysqli_query($conn, "SELECT em_user, COUNT(DISTINCT cs_code) as cc 
+                                     FROM customer LEFT JOIN employee ON customer.cs_belong=employee.id 
+                                     WHERE cs_deal>0 GROUP BY em_user ORDER BY cc DESC");
+        while($row = mysqli_fetch_assoc($result)) {
+            $data_arr7[] = $row['cc'];
+            $text_arr7[] = $row['em_user'];
+        }
+        ?>
+        <input type="hidden" id="data_arr7" value="<?= implode(',', $data_arr7) ?>">
+        <input type="hidden" id="text_arr7" value="<?= implode(',', $text_arr7) ?>">
+        <div class="dashPanel2">
+            <h3>各业务客户占比(扣除无响应)</h3>
+            <canvas id="canvas_circle7" width="1200" height="500">浏览器不支持canvas</canvas>
+        </div>
+    </div>
+
+    <script>
+    function init() {  
+        //客户类型
+        var data_arr = $("#data_arr1").val().split(",");  
+        var color_arr = ["#00FF21", "#FFAA00", "#00AABB", "#FF4400","#009942","#02a0e9","#0168b7","#930784","#e5007f","#e50150","#ef0030","#eb6100","#f49600"];  
+        var text_arr = $("#text_arr1").val().split(",");
+        
+        //成交情况
+        var data_arr2 = $("#data_arr2").val().split(",");  
+        var text_arr2 = $("#text_arr2").val().split(",");   
+        var data_arr3 = $("#data_arr3").val().split(",");  
+        var text_arr3 = $("#text_arr3").val().split(",");  
+        var data_arr4 = $("#data_arr4").val().split(",");  
+        var text_arr4 = $("#text_arr4").val().split(",");  
+        var data_arr5 = $("#data_arr5").val().split(",");  
+        var text_arr5 = $("#text_arr5").val().split(",");  
+        var data_arr6 = $("#data_arr6").val().split(",");  
+        var text_arr6 = $("#text_arr6").val().split(","); 
+        var data_arr7 = $("#data_arr7").val().split(",");  
+        var text_arr7 = $("#text_arr7").val().split(","); 
+        
+        drawCircle("canvas_circle", data_arr, color_arr, text_arr);  
+        drawCircle("canvas_circle2", data_arr2, color_arr, text_arr2); 
+        drawCircle("canvas_circle3", data_arr3, color_arr, text_arr3); 
+        drawCircle("canvas_circle4", data_arr4, color_arr, text_arr4); 
+        drawCircle("canvas_circle5", data_arr5, color_arr, text_arr5); 
+        drawCircle("canvas_circle6", data_arr6, color_arr, text_arr6); 
+        drawRectangle("canvas_circle7", data_arr7, text_arr7); 
+    }  
+    window.onload = init;
+    </script>
+</div>
+</body>
+</html>
+<?php mysqli_close($conn); ?>

system/employee.php

@@ -0,0 +1,319 @@
+<?php
+include "conn.php";
+checkLogin("信息管理");
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>管理区域</title>
+<link rel="stylesheet" href="css/common.css" type="text/css" />
+<script language="javascript" src="js/jquery-1.7.2.min.js"></script>
+<script type="text/javascript" src="js/js.js"></script>
+<script type="text/javascript" src="xheditor-1.1.9/xheditor-1.1.9-zh-cn.min.js"></script>
+</head>
+
+<body>
+<div id="man_zone">
+<?php
+$act = $_GET['act'] ?? '';
+
+if($act == "save") {
+    $isEdit = false;
+    $id = $_POST['id'] ?? '';
+    if($id != '' && is_numeric($id)) {
+        $isEdit = true;
+    }
+    
+    $em_user = textEncode($_POST['em_user']);
+    $em_password = textEncode($_POST['em_password']);
+    $re_password = textEncode($_POST['re_password']);
+    $em_role = $_POST['em_role'];
+    $em_code = textEncode($_POST['em_code']);
+    $em_email = textEncode($_POST['em_email']);
+    $em_tel = textEncode($_POST['em_tel']);
+    $nullPwd = false;
+
+    if(empty($em_password)) {
+        $nullPwd = true;
+    }
+
+    if($em_password != $re_password) {
+        echo "<script>alert('两次密码输入不一致');history.back();</script>";
+        exit;
+    }
+
+    if($isEdit) {
+        $query = "SELECT * FROM employee WHERE id=$id";
+        $result = $conn->query($query);
+        if($result->num_rows > 0) {
+            $password_sql = $nullPwd ? "" : ",em_password='".md5($em_password)."'";
+            $sql = "UPDATE employee SET em_user='$em_user'$password_sql,em_role=$em_role,
+                    em_code='$em_code',em_email='$em_email',em_tel='$em_tel' WHERE id=$id";
+            $conn->query($sql);
+        }
+        
+        $page = $_GET['Page'] ?? '';
+        $keys = urlencode($_GET['Keys'] ?? '');
+        $ord = urlencode($_GET['Ord'] ?? '');
+        header("Location: ?keys=$keys&Ord=$ord&Page=$page");
+        exit;
+    } else {
+        if($nullPwd) {
+            $em_password = "MTB".$em_code;
+        }
+        
+        $sql = "INSERT INTO employee(em_user,em_password,em_role,em_code,em_email,em_tel) 
+                VALUES('$em_user','".md5($em_password)."',$em_role,'$em_code','$em_email','$em_tel')";
+        $conn->query($sql);
+        header("Location: ?");
+        exit;
+    }
+}
+
+if($act == "add" || $act == "edit") {
+    $id = $_GET['id'] ?? '';
+    $isEdit = false;
+    if($id != '' && is_numeric($id)) {
+        $isEdit = true;
+    }
+    
+    if($isEdit) {
+        $query = "SELECT * FROM employee WHERE id=$id";
+        $result = $conn->query($query);
+        if($result->num_rows > 0) {
+            $row = $result->fetch_assoc();
+            $em_user = textUncode($row['em_user']);
+            $em_role = $row['em_role'];
+            $em_code = textUncode($row['em_code']);
+            $em_email = textUncode($row['em_email']);
+            $em_tel = textUncode($row['em_tel']);
+        } else {
+            $isEdit = false;
+        }
+    }
+
+    $page = $_GET['Page'] ?? '';
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $ord = urlencode($_GET['Ord'] ?? '');
+    $hrefstr = "?keys=$keys&Ord=$ord&Page=$page";
+    ?>
+    
+    <form name="form1" method="post" action="<?php echo $hrefstr; ?>&act=save" onSubmit="return subform2();">
+    <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+        <tbody>
+            <tr>
+                <th width="8%">用户名</th>
+                <td><input type="text" id="em_user" name="em_user" value="<?php echo $em_user ?? ''; ?>" required class="txt-short" />
+                <input type="hidden" name="id" value="<?php echo $id; ?>" /></td>
+            </tr>
+            <tr>
+                <th width="8%">密码</th>
+                <td><input type="password" id="em_password" name="em_password" value="" class="txt-short"/></td>
+            </tr>
+            <tr>
+                <th width="8%">重复密码</th>
+                <td><input type="password" id="re_password" name="re_password" value="" class="txt-short"/></td>
+            </tr>
+            <tr>
+                <th width="8%">工号</th>
+                <td><input type="text" id="em_code" name="em_code" value="<?php echo $em_code ?? ''; ?>" class="txt1" /></td>
+            </tr>
+            <tr>
+                <th width="8%">角色</th>
+                <td><select name="em_role">
+                    <option value="0">组长</option>
+                    <?php
+                    $query = "SELECT id,em_user FROM employee WHERE em_role=0";
+                    $result = $conn->query($query);
+                    while($row = $result->fetch_assoc()) {
+                        $selected = ($row['id'] == ($em_role ?? '')) ? ' selected="selected"' : '';
+                        echo "<option value=\"{$row['id']}\"$selected>组长:{$row['em_user']}</option>";
+                    }
+                    ?>
+                    </select>
+                </td>
+            </tr>
+            <tr>
+                <th width="8%">邮箱</th>
+                <td><input type="text" id="em_email" name="em_email" value="<?php echo $em_email ?? ''; ?>" class="txt1" /></td>
+            </tr>
+            <tr>
+                <th width="8%">手机</th>
+                <td><input type="text" id="em_tel" name="em_tel" value="<?php echo $em_tel ?? ''; ?>" class="txt1" /></td>
+            </tr>
+            <tr>
+                <th></th>
+                <td>
+                    <input type="submit" name="save" id="save" value="确定" class="btn1" />
+                    <input type="reset" name="save" id="save" value="重置" class="btn1" />
+                    <input type="button" value="返回" class="btn1" onClick="location.href='<?php echo $hrefstr; ?>'" />
+                </td>
+            </tr>
+        </tbody>
+    </table>
+    </form>
+    </div>
+    </body>
+    </html>
+    <?php
+    exit;
+}
+
+if($act == "postchk") {
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $ord = urlencode($_GET['Ord'] ?? '');
+    $page = $_GET['Page'] ?? '';
+    $chkact = $_POST['chkact'] ?? '';
+    
+    if(isset($_POST['chkbox']) && is_array($_POST['chkbox'])) {
+        $sqlStr = "DELETE FROM employee WHERE id IN (" . implode(',', $_POST['chkbox']) . ")";
+        $conn->query($sqlStr);
+    }
+    
+    header("Location: ?Keys=$keys&Ord=$ord&Page=$page");
+    exit;
+}
+
+$keys = $_GET['Keys'] ?? '';
+$keyscode = textEncode($keys);
+$ord = $_GET['Ord'] ?? '';
+$page = $_GET['Page'] ?? '';
+
+$query = "SELECT id,em_user,em_code,em_role FROM employee 
+          WHERE em_user LIKE '%$keyscode%' OR em_code LIKE '%$keyscode%' 
+          ORDER BY Id DESC";
+$result = $conn->query($query);
+
+$keys = urlencode($keys);
+$ord = urlencode($ord);
+$hrefstr = "?keys=$keys";
+?>
+
+<form id="form1" method="post" action="?act=postchk&Keys=<?php echo $keys; ?>&Ord=<?php echo $ord; ?>&Page=<?php echo $page; ?>" onSubmit="return false">
+<table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+    <thead>
+        <tr>
+            <th width="4%"><input type="checkbox" name="chkall" id="chkall" onClick="chkboxall(this,'chkbox')" /></th>
+            <th width="6%">序号</th>
+            <th>姓名</th>
+            <th>工号</th>
+            <th>角色</th>
+            <th>操作</th>
+        </tr>
+    </thead>
+    <tbody>
+    <?php
+    if($result->num_rows > 0) {
+        $pageSize = 13;
+        $totalRows = $result->num_rows;
+        $totalPages = ceil($totalRows / $pageSize);
+        
+        if($page == '') $page = 1;
+        if($page == 'end') $page = $totalPages;
+        if(!is_numeric($page) || $page < 1) $page = 1;
+        $page = (int)$page;
+        if($page > $totalPages) $page = $totalPages;
+        
+        $offset = ($page - 1) * $pageSize;
+        $query .= " LIMIT $offset, $pageSize";
+        $result = $conn->query($query);
+        
+        $tempNum = $offset;
+        while($row = $result->fetch_assoc()) {
+            $tempNum++;
+            ?>
+            <tr onMouseOver="this.style.background='#F7FCFF'" onMouseOut="this.style.background='#FFFFFF'">
+                <td align="center"><input type="checkbox" name="chkbox[]" value="<?php echo $row['id']; ?>" /></td>
+                <td align="center"><?php echo $tempNum; ?></td>
+                <td align="center"><?php echo $row['em_user']; ?></td>
+                <td align="center"><?php echo $row['em_code']; ?></td>
+                <td align="center"><?php echo $row['em_role'] == 0 ? '组长' : '组员'; ?></td>
+                <th><a class="ico_edit" href="?act=edit&Keys=<?php echo $keys; ?>&Ord=<?php echo $ord; ?>&Page=<?php echo $page; ?>&id=<?php echo $row['id']; ?>">修改</a></th>
+            </tr>
+            <?php
+        }
+    } else {
+        if($keys == '') {
+            echo '<tr><td align="center" colspan="6">Sorry，当前暂无信息</td></tr>';
+        } else {
+            echo '<tr><td align="center" colspan="6"><a href="?">Sorry，没有找到"'.$keyscode.'"相关的信息，点击返回</a></td></tr>';
+        }
+    }
+    ?>
+    </tbody>
+    <tfoot>
+        <tr>
+            <td colspan="6">
+                <div class="showpagebox">
+                <?php
+                if($totalPages > 1) {
+                    $pageName = "?Keys=$keys&Ord=$ord&";
+                    $pageLen = 3;
+                    
+                    if($page > 1) {
+                        echo "<a href=\"{$pageName}Page=1\">首页</a>";
+                        echo "<a href=\"{$pageName}Page=".($page-1)."\">上一页</a>";
+                    }
+                    
+                    if($pageLen * 2 + 1 >= $totalPages) {
+                        $startPage = 1;
+                        $endPage = $totalPages;
+                    } else {
+                        if($page <= $pageLen + 1) {
+                            $startPage = 1;
+                            $endPage = $pageLen * 2 + 1;
+                        } else {
+                            $startPage = $page - $pageLen;
+                            $endPage = $page + $pageLen;
+                        }
+                        if($page + $pageLen > $totalPages) {
+                            $startPage = $totalPages - $pageLen * 2;
+                            $endPage = $totalPages;
+                        }
+                    }
+                    
+                    for($i = $startPage; $i <= $endPage; $i++) {
+                        if($i == $page) {
+                            echo "<a class=\"current\">$i</a>";
+                        } else {
+                            echo "<a href=\"{$pageName}Page=$i\">$i</a>";
+                        }
+                    }
+                    
+                    if($page < $totalPages) {
+                        if($totalPages - $page > $pageLen) {
+                            echo "<a href=\"{$pageName}Page=$totalPages\">...$totalPages</a>";
+                        }
+                        echo "<a href=\"{$pageName}Page=".($page+1)."\">下一页</a>";
+                        echo "<a href=\"{$pageName}Page=$totalPages\">尾页</a>";
+                    }
+                    
+                    echo "<input type=\"text\" id=\"Pagego\" value=\"$page\" onFocus=\"if(this.value == '$page'){this.value='';}\" onBlur=\"if(this.value == ''){this.value='$page';}\" onKeyUp=\"this.value=this.value.replace(/\D/g,'')\" onKeyDown=\"if(event.keyCode==13){location.href='{$pageName}Page='+document.getElementById('Pagego').value}\" />";
+                }
+                ?>
+                </div>
+                <div class="searchbox">
+                    <input type="text" id="keys" value="<?php echo $keyscode == '' ? '请输入搜索关键词' : $keyscode; ?>" 
+                           onFocus="if(this.value == '<?php echo $keyscode == '' ? '请输入搜索关键词' : $keyscode; ?>'){this.value='';}" 
+                           onBlur="if(this.value == ''){this.value='<?php echo $keyscode == '' ? '请输入搜索关键词' : $keyscode; ?>';}" 
+                           onKeyDown="if(event.keyCode==13){location.href='?Keys='+escape(document.getElementById('keys').value)}" />
+                    <input type="button" id="searchgo" value="go" onClick="location.href='?Keys='+escape(document.getElementById('keys').value)" />
+                </div>
+                <div class="postchkbox">
+                    <select id="chkact" name="chkact">
+                        <option value="1">显示</option>
+                        <option value="0">隐藏</option>
+                        <option value="-1">删除</option>
+                    </select>
+                    <input type="button" value="执行" onClick="postchk(1)" class="btn1" />
+                    <input type="button" value="新增" onClick="location.href='?act=add'" class="btn1" />
+                </div>
+            </td>
+        </tr>
+    </tfoot>
+</table>
+</form>
+</div>
+</body>
+</html> 

system/imgUpload.php

@@ -0,0 +1,45 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>管理区域</title>
+<style>
+body{margin:0}
+form{
+margin:0;padding:0;
+}
+input{
+float:left;height:22px;border:1px solid #DBE6E3;background:#FFF;
+width:250px;
+}
+.btn1{
+    width: 50px;
+    border: none;
+    background: url("images/btn1.gif") 0 0 no-repeat;
+    color: #0099CC;
+    cursor: pointer;
+}
+
+input[type="file"] {
+    color:#CCC;
+    font-size:12px;
+}
+
+</style>
+<script>
+function chkuploadfile(){
+    if(document.getElementById("filedata").value == ''){
+        alert('请选择需要上传的文件');
+        return false;
+    }
+    return true;
+}
+</script>
+</head>
+
+<body>
+<form method="post" name="form1" action="imgUploadFile.php?id=<?php echo $_GET['id'] ?? ''; ?>&act=s" enctype="multipart/form-data" onsubmit="return chkuploadfile()">
+<input type="file" name="filedata" id="filedata" /><input type="submit" value="上传" class="btn1" />
+</form>
+</body>
+</html> 

system/imgUploadFile.php

@@ -0,0 +1,136 @@
+<?php
+include "conn.php";
+checkLogin("");
+
+/**
+ * upload demo for PHP
+ * @requires xhEditor
+ * 
+ * @author Original ASP version by Yanis.Wang<yanis.wang@gmail.com>
+ * @author PHP version modified
+ * @site http://xheditor.com/
+ * @licence LGPL(http://www.opensource.org/licenses/lgpl-license.php)
+ * 
+ * @Version: 0.9.3 (build 100504)
+ *
+ * 注1：本程序仅为演示用，请您根据自己需求进行相应修改，或者重开发
+ */
+
+header('Content-Type: application/json; charset=UTF-8');
+
+// 配置参数
+$inputname = 'filedata';  // 表单文件域name
+$attachdir = 'u';         // 上传文件保存路径，结尾不要带/
+$dirtype = 2;            // 1:按天存入目录 2:按月存入目录 3:按扩展名存目录
+$maxattachsize = 5242880; // 最大上传大小，默认是5M
+$upext = 'txt,rar,zip,jpg,jpeg,gif,png,swf,wmv,avi,wma,mp3,mid,pdf'; // 上传扩展名
+$msgtype = 2;            // 返回上传参数的格式：1，只返回url，2，返回参数数组
+$immediate = $_GET['immediate'] ?? ''; // 立即上传模式，仅为演示用
+$id = $_GET['id'] ?? '';
+
+$err = '';
+$msg = "''";
+
+// 检查文件上传
+if (!isset($_FILES[$inputname])) {
+    $err = "无数据提交";
+} else if ($_FILES[$inputname]['error'] > 0) {
+    switch($_FILES[$inputname]['error']) {
+        case 1:
+        case 2:
+            $err = "文件大小超过 " . $maxattachsize . "字节";
+            break;
+        case 3:
+            $err = "文件只有部分被上传";
+            break;
+        case 4:
+            $err = "没有文件被上传";
+            break;
+        case 6:
+            $err = "找不到临时文件夹";
+            break;
+        case 7:
+            $err = "文件写入失败";
+            break;
+        default:
+            $err = "未知上传错误";
+    }
+} else if ($_FILES[$inputname]['size'] > $maxattachsize) {
+    $err = "文件大小超过 " . $maxattachsize . "字节";
+} else {
+    $filename = $_FILES[$inputname]['name'];
+    $tmpfile = $_FILES[$inputname]['tmp_name'];
+    $extension = strtolower(pathinfo($filename, PATHINFO_EXTENSION));
+    
+    // 检查文件类型
+    $allowed_types = explode(',', $upext);
+    if (!in_array($extension, $allowed_types)) {
+        $err = "上传文件扩展名必需为：" . $upext;
+    } else {
+        // 确定存储目录
+        switch($dirtype) {
+            case 1:
+                $attach_subdir = "day_" . date('ymd');
+                break;
+            case 2:
+                $attach_subdir = "m" . date('ym');
+                break;
+            case 3:
+                $attach_subdir = "ext_" . $extension;
+                break;
+        }
+        
+        $attach_dir = $attachdir . '/' . $attach_subdir . '/';
+        
+        // 创建目录
+        if (!file_exists($attach_dir)) {
+            mkdir($attach_dir, 0777, true);
+        }
+        
+        // 生成随机文件名
+        $newfilename = date('dHis') . sprintf("%02d", rand(0, 99)) . '.' . $extension;
+        $target = $attach_dir . $newfilename;
+        
+        // 移动文件
+        if (move_uploaded_file($tmpfile, $target)) {
+            $imgurl = $target;
+            if ($immediate == '1') {
+                $target = '!' . $target;
+            }
+            
+            if ($msgtype == 1) {
+                $msg = "'" . jsonString($target) . "'";
+            } else {
+                $msg = "{" . 
+                       "'url':'" . jsonString($target) . "'," .
+                       "'localname':'" . jsonString($filename) . "'," .
+                       "'id':'1'" .
+                       "}";
+            }
+        } else {
+            $err = "文件上传失败";
+        }
+    }
+}
+
+// 输出结果
+$act = $_GET['act'] ?? '';
+if ($act == 's') {
+    echo "<script>parent.document.getElementById('" . $id . "').value='/System/" . $imgurl . "';location.href='imgUpload.php';</script>";
+} else {
+    echo json_encode([
+        'err' => jsonString($err),
+        'msg' => $msg
+    ]);
+}
+
+/**
+ * JSON字符串转义
+ */
+function jsonString($str) {
+    return str_replace(
+        ['\\', '/', "'"],
+        ['\\\\', '\\/', "\\'"],
+        $str
+    );
+} 

system/inc.asp

@@ -56,7 +56,7 @@ Else
 
 End If
 Rs.Update:Rs.Close:Set Rs=Nothing:Conn.Close:Set Conn=Nothing
-Response.Write "<script>alert('更新成功');top.location.href='index.asp'</script>"
+Response.Write "<script>alert('更新成功');top.location.href='index.php'</script>"
 Response.End
 End If 'end save
 %>

system/inc.php

@@ -0,0 +1,96 @@
+<?php
+include "conn.php";
+checkLogin("系统管理");
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>管理区域</title>
+<link rel="stylesheet" href="css/common.css" type="text/css" />
+<script language="javascript" src="js/jquery-1.7.2.min.js"></script>
+<script type="text/javascript" src="js/js.js"></script>
+<style>
+#jmbox{
+    overflow:auto;zoom:1;margin-top:5px;
+}
+.jmlabel{
+    float:left;
+    width:70px;text-align:right;
+    height:22px;line-height:22px;
+    font-size:14px;font-weight:bold;
+    color:#0099CC;padding-right:4px
+}
+.txt1{float:left;}
+.txtbox{width:820px;height:50px;color: #666;}
+.w726{
+    width:726px;
+}
+</style>
+</head>
+
+<body>
+<div id="man_zone">
+<?php
+$act = $_GET['act'] ?? '';
+if ($act == "save") {
+    $webname = $_POST['webname'] ?? '';
+    $keywords = $_POST['keywords'] ?? '';
+    $description = $_POST['description'] ?? '';
+    $indexwebname = $_POST['indexwebname'] ?? '';
+    $copyright = $_POST['copyright'] ?? '';
+
+    $query = "SELECT webname, keywords, description, indexwebname, copyright FROM inc WHERE id=1";
+    $result = $conn->query($query);
+    
+    if ($result->num_rows > 0) {
+        $sql = "UPDATE inc SET 
+                webname = '$webname',
+                keywords = '$keywords',
+                description = '$description',
+                indexwebname = '$indexwebname',
+                copyright = '$copyright'
+                WHERE id = 1";
+    } else {
+        $sql = "INSERT INTO inc (webname, keywords, description, indexwebname, copyright) 
+                VALUES ('$webname', '$keywords', '$description', '$indexwebname', '$copyright')";
+    }
+    
+    $conn->query($sql);
+    echo "<script>alert('更新成功');top.location.href='index.php'</script>";
+    exit;
+}
+?>
+    <form name="form1" method="post" action="?act=save">
+    <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+        <tbody>
+            <tr>
+                <th width="15%">网站名称</th>
+                <td><input type="text" id="webname" name="webname" value="<?php echo textEncode($webname); ?>" class="txt1" /></td>
+            </tr>
+            <tr>
+                <th width="15%">网站首页title</th>
+                <td><input type="text" id="indexwebname" name="indexwebname" value="<?php echo textEncode($indexwebname); ?>" class="txt1" /></td>
+            </tr>
+            <tr>
+                <th width="15%">网站默认关键词</th>
+                <td><input type="text" id="keywords" name="keywords" value="<?php echo textEncode($webkeywords); ?>" class="txt1" /></td>
+            </tr>
+            <tr>
+                <th width="15%">网站默认描述</th>
+                <td><input type="text" id="description" name="description" value="<?php echo textEncode($webdescription); ?>" class="txt1" /></td>
+            </tr>
+            <tr>
+                <th width="15%">版权信息</th>
+                <td><input type="text" id="copyright" name="copyright" value="<?php echo textEncode($copyright); ?>" class="txt1" /></td>
+            </tr>        
+            <tr>
+                <th></th>
+                <td><input type="submit" name="save" id="save" value="确定" class="btn1" /> <input type="reset" name="save" id="save" value="重置" class="btn1" /></td>
+            </tr>
+        </tbody>
+    </table>
+    </form>
+</div>
+</body>
+</html> 

system/index.asp

@@ -310,7 +310,7 @@ function showInnerText(Id){
 </head>
 <body>
 <div id="nav">
-    <ul><li id="man_nav_1" onclick="list_sub_nav(id,'信息管理')" class="bg_image_onclick">信息管理</li><li id="man_nav_2" onclick="list_sub_nav(id,'其它管理')"  class="bg_image">其它管理</li><li class="bg_image"><a href="index.asp?iframe=man" target="manFrame">回到桌面</a></li><li class="bg_image"><a href="../index.html" target="_blank">打开前台</a></li><%If Chklogin("查看统计") Then%><%If cnzzid<>"" And cnzzpwd<>"" Then%><li class="bg_image"><a href="cnzz.asp" target="_blank">打开统计</a></li><%End If%><%End If%></ul>
+    <ul><li id="man_nav_1" onclick="list_sub_nav(id,'信息管理')" class="bg_image_onclick">信息管理</li><li id="man_nav_2" onclick="list_sub_nav(id,'其它管理')"  class="bg_image">其它管理</li><li class="bg_image"><a href="index.php?iframe=man" target="manFrame">回到桌面</a></li><li class="bg_image"><a href="../index.html" target="_blank">打开前台</a></li><%If Chklogin("查看统计") Then%><%If cnzzid<>"" And cnzzpwd<>"" Then%><li class="bg_image"><a href="cnzz.asp" target="_blank">打开统计</a></li><%End If%><%End If%></ul>
 </div>
 <div id="sub_info">&nbsp;&nbsp;<img src="images/hi.gif" />&nbsp;<span id="show_text">请点击左侧或下面菜单进行网站信息管理</span></div>
 </body>

system/index.php

@@ -0,0 +1,235 @@
+<?php
+include "conn.php";
+checkLogin("");
+
+$iframe = $_GET['iframe'] ?? '';
+
+// 处理不同的框架页面
+switch($iframe) {
+    case 'top':
+        // 顶部框架
+        ?>
+        <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd">
+        <html xmlns="http://www.w3.org/1999/xhtml">
+        <head>
+        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+        <link rel="stylesheet" href="css/common.css" type="text/css" />
+        <title><?php echo $webname; ?> - 网站后台管理</title>
+        </head>
+        <body>
+        <h1 style="padding:0;margin:0;height:50px;line-height:50px;text-indent:20px;font-size:20px;font-family:Arial;color:#0099CC"><?php echo $webname; ?></h1>
+        </body>
+        </html>
+        <?php
+        break;
+
+    case 'left':
+        // 左侧导航栏
+        ?>
+        <!DOCTYPE html>
+        <html>
+        <head>
+        <title>左侧导航栏</title>
+        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+        <link rel="stylesheet" href="css/common.css" type="text/css" />
+        <script type="text/javascript">
+        // 保持原有的 JavaScript 代码不变
+        var preClassName = ""; 
+        function list_sub_detail(Id, item) 
+        { 
+            if(preClassName != "") 
+            { 
+                getObject(preClassName).className = "left_back" 
+            } 
+            if(getObject(Id).className == "left_back") 
+            { 
+                getObject(Id).className = "left_back_onclick"; 
+                outlookbar.getbyitem(item); 
+                preClassName = Id 
+            } 
+        }
+        
+        // ... [保持其他 JavaScript 函数不变]
+
+        var outlookbar = new outlook();
+        var t;
+
+        t = outlookbar.addtitle('信息管理','信息管理',1);
+        <?php if(chkLogin("信息管理")): ?>
+        outlookbar.additem('来源管理',t,'qudao.php');
+        outlookbar.additem('客户列表',t,'customers.php');
+        outlookbar.additem('数据看板',t,'dashboard.php');
+        outlookbar.additem('登录日志',t,'log.php');
+        <?php endif; ?>
+
+        t = outlookbar.addtitle('报价管理','信息管理',1);
+        <?php if(chkLogin("信息管理")): ?>
+        outlookbar.additem('添加产品',t,'products.php');
+        outlookbar.additem('报价管理',t,'country.php');
+        <?php endif; ?>
+
+        t = outlookbar.addtitle('系统管理','其它管理',1);
+        <?php if(chkLogin("系统管理")): ?>
+        outlookbar.additem('查看系统设置',t,'inc.php');
+        <?php endif; ?>
+
+        t = outlookbar.addtitle('权限管理','其它管理',1);
+        <?php if(chkLogin("权限管理")): ?>
+        outlookbar.additem('员工管理',t,'employee.php');
+        <?php endif; ?>
+        </script>
+        </head>
+        <body onload="initinav('信息管理')">
+        <div id="left_content">
+            <div id="user_info">欢迎您，<strong><?php echo loadSession("loginname"); ?></strong><br />
+            [<a href="pwd.php" target="manFrame">个人中心</a>，
+            <a href="login.php?act=logout" target="_top" onClick="if(!confirm('确认要退出吗？'))return false;">退出管理</a>]</div>
+            <div id="main_nav">
+                <div id="left_main_nav"></div>
+                <div id="right_main_nav"></div>
+            </div>
+        </div>
+        </body>
+        </html>
+        <?php
+        break;
+
+    case 'switch':
+        // 切换按钮框架
+        ?>
+        <!DOCTYPE html>
+        <html>
+        <head>
+        <title>显示/隐藏左侧导航栏</title>
+        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+        <link rel="stylesheet" href="css/common.css" type="text/css" />
+        <script language="JavaScript">
+        function Submit_onclick(){
+            if(parent.myFrame.cols == "199,7,*") {
+                parent.myFrame.cols="0,7,*";
+                document.getElementById("ImgArrow").src="images/switch_right.gif";
+                document.getElementById("ImgArrow").alt="打开左侧导航栏";
+            } else {
+                parent.myFrame.cols="199,7,*";
+                document.getElementById("ImgArrow").src="images/switch_left.gif";
+                document.getElementById("ImgArrow").alt="隐藏左侧导航栏";
+            }
+        }
+
+        function MyLoad() {
+            if(window.parent.location.href.indexOf("MainUrl")>0) {
+                window.top.midFrame.document.getElementById("ImgArrow").src="images/switch_right.gif";
+            }
+        }
+        </script>
+        </head>
+        <body onload="MyLoad()">
+        <div id="switchpic"><a href="javascript:Submit_onclick()"><img src="images/switch_left.gif" alt="隐藏左侧导航栏" id="ImgArrow" /></a></div>
+        </body>
+        </html>
+        <?php
+        break;
+
+    case 'main':
+        // 主导航区域
+        ?>
+        <!DOCTYPE html>
+        <html>
+        <head>
+        <title>管理导航区域</title>
+        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+        <link rel="stylesheet" href="css/common.css" type="text/css" />
+        <script type="text/javascript">
+        // 保持原有的 JavaScript 代码
+        var preClassName = "man_nav_1";
+        
+        function list_sub_nav(Id,sortname){
+            if(preClassName != ""){
+                getObject(preClassName).className="bg_image";
+            }
+            if(getObject(Id).className == "bg_image"){
+                getObject(Id).className="bg_image_onclick";
+                preClassName = Id;
+                showInnerText(Id);
+                window.top.frames['leftFrame'].outlookbar.getbytitle(sortname);
+                window.top.frames['leftFrame'].outlookbar.getdefaultnav(sortname);
+            }
+        }
+        // ... [其他 JavaScript 函数保持不变]
+        </script>
+        </head>
+        <body>
+        <div id="nav">
+            <ul>
+                <li id="man_nav_1" onclick="list_sub_nav(id,'信息管理')" class="bg_image_onclick">信息管理</li>
+                <li id="man_nav_2" onclick="list_sub_nav(id,'其它管理')"  class="bg_image">其它管理</li>
+                <li class="bg_image"><a href="index.php?iframe=man" target="manFrame">回到桌面</a></li>
+                <li class="bg_image"><a href="../index.html" target="_blank">打开前台</a></li>
+            </ul>
+        </div>
+        <div id="sub_info">&nbsp;&nbsp;<img src="images/hi.gif" />&nbsp;<span id="show_text">请点击左侧或下面菜单进行网站信息管理</span></div>
+        </body>
+        </html>
+        <?php
+        break;
+
+    case 'man':
+        // 管理区域
+        ?>
+        <!DOCTYPE html>
+        <html>
+        <head>
+        <title>管理区域</title>
+        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+        <link rel="stylesheet" href="css/common.css" type="text/css" />
+        <script type="text/javascript">
+        function golink(t){
+            window.top.frames['mainFrame'].getObject('show_text').innerHTML = t;
+        }
+        // ... [其他 JavaScript 函数保持不变]
+        </script>
+        <style>
+        .menulist li{float:left;width:92px;height:132px;}
+        .menulist li a{display:block;padding:10px 0;padding-top:50px;width:80px;height:15px;color:#A1B5B3;border:1px solid #B4C9C6;margin:5px;text-align:center}
+        .menulist li a:hover{border:2px solid #B4C9C6;width:78px;height:13px;color:#A1B5B3}
+        .png01{background:url(menu/01.png) center 8px no-repeat}
+        .png02{background:url(menu/02.png) center 8px no-repeat}
+        .png03{background:url(menu/03.png) center 8px no-repeat}
+        </style>
+        </head>
+        <body>
+        <div id="man_zone">
+        <ul class="menulist">
+        <li><a href="customers.php" onClick="golink('打开信息列表')" class="png03">客户管理</a></li>
+        </ul>
+        </div>
+        </body>
+        </html>
+        <?php
+        break;
+
+    default:
+        // 主框架页
+        ?>
+        <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd">
+        <html xmlns="http://www.w3.org/1999/xhtml">
+        <head>
+        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+        <title><?php echo $webname; ?> - 网站后台管理</title>
+        </head>
+        <frameset rows="50,*" cols="*" frameborder="no" border="0" framespacing="0">
+            <frame src="?iframe=top" name="topFrame" frameborder="no" scrolling="No" noresize="noresize" id="topFrame" title="topFrame" />
+            <frameset name="myFrame" cols="199,7,*" frameborder="no" border="0" framespacing="0">
+                <frame src="?iframe=left" name="leftFrame" frameborder="no" scrolling="No" noresize="noresize" id="leftFrame" title="leftFrame" />
+                <frame src="?iframe=switch" name="midFrame" frameborder="no" scrolling="No" noresize="noresize" id="midFrame" title="midFrame" />
+                <frameset rows="59,*" cols="*" frameborder="no" border="0" framespacing="0">
+                    <frame src="?iframe=main" name="mainFrame" frameborder="no" scrolling="No"  noresize="noresize" id="mainFrame" title="mainFrame" />
+                    <frame src="?iframe=man" name="manFrame" frameborder="no" id="manFrame" title="manFrame" />
+                </frameset>
+            </frameset>
+        </frameset>
+        <noframes><body></body></noframes>
+        </html>
+        <?php
+}
+?>

system/js/SearchArea.js

@@ -4,7 +4,7 @@ $(document).ready(function() {
 		var str = $(this).val();
 		$.ajax({
 			type: "GET",
-			url: "SearchArea.asp",
+			url: "SearchArea.php",
 			dataType: "html",
 			contentType: "application/json;charset=utf-8",
 			data: {

system/js/Searchproduct.js

@@ -4,7 +4,7 @@ $(document).ready(function() {
 		var str = $(this).val();
 		$.ajax({
 			type: "GET",
-			url: "Searchproduct.asp",
+			url: "Searchproduct.php",
 			dataType: "html",
 			contentType: "application/json;charset=utf-8",
 			data: {

system/js/js.js

@@ -107,7 +107,7 @@ function subform2(){
 function flcountry(){
 	var country=$("#Country").val();
 	if(country==""||country==null)
-		{location.href="customers.asp";}
+		{location.href="customers.php";}
 	else
 		{location.href="?country="+escape(country);}
 }
@@ -115,7 +115,7 @@ function flcountry(){
 function flchanel(){
 	var  chanel=$("#Chanel").val();
 	if(chanel==""||chanel==null)
-		{location.href="customers.asp";}
+		{location.href="customers.php";}
 	else	
 	   {location.href="?chanel="+escape(chanel);}
 }
@@ -123,7 +123,7 @@ function flchanel(){
 function flemployee(){
 	var  employee=$("#Employee").val();
 	if(employee==""||employee==null)
-		{location.href="customers.asp";}
+		{location.href="customers.php";}
 	else
 		{location.href="?employee="+escape(employee);}
 }
@@ -131,7 +131,7 @@ function flemployee(){
 function fldeal(){
 	var  deal=$("#deal").val();
 	if(deal==""||deal==null)
-		{location.href="customers.asp";}
+		{location.href="customers.php";}
 	else
 		{location.href="?deal="+escape(deal);}
 }

system/js/loginjs.js

@@ -2,7 +2,7 @@
 	var Webdir="/system/";
 	var msg_error="<img src=\""+Webdir+"images/msg_error.gif\" align=\"absmiddle\" /> ";
 	var msg_load="<img src=\""+Webdir+"images/msg_load.gif\" align=\"absmiddle\" /> "
-	function loadbmpcode(){document.getElementById("logincodebmp").src = Webdir+"bmpcode.asp?t1=16&temp=" + (new Date().getTime().toString(36));}
+	function loadbmpcode(){document.getElementById("logincodebmp").src = Webdir+"bmpcode.php?t1=16&temp=" + (new Date().getTime().toString(36));}
 	$("#loginuser").focus();
 	$("#logincode").focus(function(){
 	if($("#showlogincode").html()==""){
@@ -29,8 +29,8 @@
 			$("#logincode").focus();
 			return false;
 		}
-		var url=Webdir+"login.asp?act=login";
-		var param="loginuser="+escape(loginuser)+"&loginpwd="+escape(loginpwd)+"&logincode="+escape(logincode);
+		var url=Webdir+"login.php?act=login";
+		var param="loginuser="+encodeURIComponent(loginuser)+"&loginpwd="+escape(loginpwd)+"&logincode="+escape(logincode);
 		jqajax(url,param);
 	return false;
 	});
@@ -72,7 +72,7 @@
 					$("#logincode").focus();
 					break;
 				case "7":
-					location.replace("index.asp");
+					location.replace("index.php");
 					break;
 				default:
 					$("#formmsg").html(ajaxmsg);

system/log.php

@@ -0,0 +1,137 @@
+<?php
+include "conn.php";
+checkLogin("信息管理");
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>管理区域</title>
+<link rel="stylesheet" href="css/common.css" type="text/css" />
+<link rel="stylesheet" href="css/jquery.galpop.css" type="text/css" />
+<script language="javascript" src="js/jquery-1.7.2.min.js"></script>
+<script type="text/javascript" src="js/js.js"></script>
+<script type="text/javascript" src="xheditor-1.1.9/xheditor-1.1.9-zh-cn.min.js"></script>
+<script type="text/javascript" src="js/jquery.galpop.min.js"></script>
+</head>
+<body>
+<div id="man_zone">
+<?php
+$page = $_GET['Page'] ?? '';
+$keys = urlencode($_GET['Keys'] ?? '');
+$keyscode = textEncode($_GET['Keys'] ?? '');
+
+$sql = "SELECT * FROM logRecord WHERE loginAct LIKE ? ORDER BY id DESC";
+$stmt = $conn->prepare($sql);
+$stmt->execute(['%' . $keyscode . '%']);
+$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+$records_per_page = 20;
+$total_records = count($results);
+$total_pages = ceil($total_records / $records_per_page);
+
+if ($page == "") $page = 1;
+if ($page == "end") $page = $total_pages;
+if (!is_numeric($page) || $page < 1) $page = 1;
+$page = (int)$page;
+if ($page > $total_pages) $page = $total_pages;
+
+$start = ($page - 1) * $records_per_page;
+$results = array_slice($results, $start, $records_per_page);
+?>
+<table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+    <thead>
+        <tr>
+            <th width="10%">序号</th>
+            <th width="20%">时间</th>
+            <th width="70%">日志</th>
+        </tr>
+    </thead>
+    <tbody>
+    <?php
+    if (!empty($results)) {
+        $tempNum = ($page - 1) * $records_per_page;
+        foreach ($results as $row) {
+            $tempNum++;
+            ?>
+            <tr onMouseOver="this.style.background='#F7FCFF'" onMouseOut="this.style.background='#FFFFFF'">
+                <td align="center"><?php echo $tempNum; ?></td>
+                <td align="center"><?php echo $row['loginTime']; ?></td>
+                <td align="center"><?php echo $row['loginAct']; ?></td>
+            </tr>
+            <?php
+        }
+    } else {
+        ?>
+        <tr>
+            <td colspan="4">暂无相关记录</td>
+        </tr>
+        <?php
+    }
+    ?>
+    </tbody>
+    <tfoot>
+        <tr>
+            <td colspan="4">
+                <div class="showpagebox">
+                <?php
+                if ($total_pages > 1) {
+                    $pageName = "?Keys=$keys&Ord=&";
+                    $pagelen = 3;
+
+                    if ($page > 1) {
+                        echo "<a href=\"{$pageName}Page=1\">首页</a>";
+                        echo "<a href=\"{$pageName}Page=" . ($page-1) . "\">上一页</a>";
+                    }
+
+                    if ($pagelen * 2 + 1 >= $total_pages) {
+                        $startPage = 1;
+                        $endPage = $total_pages;
+                    } else {
+                        if ($page <= $pagelen + 1) {
+                            $startPage = 1;
+                            $endPage = $pagelen * 2 + 1;
+                        } else {
+                            $startPage = $page - $pagelen;
+                            $endPage = $page + $pagelen;
+                        }
+                        if ($page + $pagelen > $total_pages) {
+                            $startPage = $total_pages - $pagelen * 2;
+                            $endPage = $total_pages;
+                        }
+                    }
+
+                    for ($i = $startPage; $i <= $endPage; $i++) {
+                        if ($i == $page) {
+                            echo "<a class=\"current\">$i</a>";
+                        } else {
+                            echo "<a href=\"{$pageName}Page=$i\">$i</a>";
+                        }
+                    }
+
+                    if ($page < $total_pages) {
+                        if ($total_pages - $page > $pagelen) {
+                            echo "<a href=\"{$pageName}Page=$total_pages\">...$total_pages</a>";
+                        }
+                        echo "<a href=\"{$pageName}Page=" . ($page+1) . "\">下一页</a>";
+                        echo "<a href=\"{$pageName}Page=$total_pages\">尾页</a>";
+                    }
+                }
+                ?>
+                </div>
+                <div class="searchbox">
+                    <input type="text" id="keys" class="inputTxt" 
+                           value="<?php echo ($keyscode == "") ? "请输入搜索关键词" : $keyscode; ?>" 
+                           onFocus="if(this.value == '<?php echo ($keyscode == "") ? "请输入搜索关键词" : $keyscode; ?>'){this.value='';}" 
+                           onBlur="if(this.value == ''){this.value='<?php echo ($keyscode == "") ? "请输入搜索关键词" : $keyscode; ?>';}" 
+                           onKeyDown="if(event.keyCode==13){location.href='?Keys='+escape(document.getElementById('keys').value)+'&Page=<?php echo $page; ?>'}" />
+                    <input type="button" id="searchgo" class="searchgo" value="go" 
+                           onClick="location.href='?Keys='+escape(document.getElementById('keys').value)+'&Page=<?php echo $page; ?>'" />
+                </div>
+            </td>
+        </tr>
+    </tfoot>
+</table>
+</div>
+</body>
+</html> 

system/login.php

@@ -0,0 +1,113 @@
+<?php
+include "conn.php";
+
+$act = $_GET['act'] ?? '';
+
+if ($act == "logout") {
+    // Clear all session variables
+    $_SESSION['loginid'] = "";
+    $_SESSION['loginuser'] = "";
+    $_SESSION['loginname'] = "";
+    $_SESSION['loginpower'] = "";
+    session_destroy();
+}
+
+if ($act == "login") {
+    checkPost();
+    $loginuser = textEncode($_POST['loginuser'] ?? '');
+    $loginpwd = textEncode($_POST['loginpwd'] ?? '');
+    $logincode = $_POST['logincode'] ?? '';
+
+    if ($loginuser == "") {
+        echo "1";
+        exit;
+    }
+    if ($loginpwd == "") {
+        echo "2";
+        exit;
+    }
+    if ($logincode != $_SESSION['zengscode']) {
+        echo "3";
+        exit;
+    }
+
+    $sql = "SELECT id, loginuser, loginpwd, loginstate, loginname, loginlasttime, loginlastip, 
+            loginthistime, loginthisip, loginpower, logincount 
+            FROM login WHERE loginuser = ?";
+    $stmt = $conn->prepare($sql);
+    $stmt->execute([$loginuser]);
+    
+    if ($stmt->rowCount() == 0) {
+        echo "4";
+        exit;
+    }
+    
+    $row = $stmt->fetch(PDO::FETCH_ASSOC);
+    
+    if ($row['loginpwd'] != md5($loginpwd)) {
+        echo "5";
+        exit;
+    }
+    
+    if ($row['loginstate'] < 1) {
+        echo "6";
+        exit;
+    }
+    
+    // Check power status
+    $sql = "SELECT COUNT(powerstate) as count, powerstate FROM power WHERE id = ? GROUP BY powerstate";
+    $stmt = $conn->prepare($sql);
+    $stmt->execute([$row['loginpower']]);
+    $power = $stmt->fetch(PDO::FETCH_ASSOC);
+    
+    if (!$power || $power['count'] == 0 || $power['powerstate'] == 0) {
+        echo "6";
+        exit;
+    }
+
+    $_SESSION['zengscode'] = "";
+    
+    // Update login information
+    $sql = "UPDATE login SET 
+            loginlasttime = loginthistime,
+            loginlastip = loginthisip,
+            loginthistime = NOW(),
+            loginthisip = ?,
+            logincount = logincount + 1
+            WHERE id = ?";
+    $stmt = $conn->prepare($sql);
+    $stmt->execute([getIp(), $row['id']]);
+    
+    // Set session variables
+    $_SESSION['loginid'] = $row['id'];
+    $_SESSION['loginuser'] = $row['loginuser'];
+    $_SESSION['loginname'] = $row['loginname'];
+    $_SESSION['loginpower'] = $row['loginpower'];
+    
+    echo "7";
+    exit;
+}
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" />
+<link href="css/loginlayout.css" type="text/css" rel="stylesheet" />
+<title><?php echo $webname; ?> - 网站后台管理</title>
+<script language="javascript" src="js/jquery-1.7.2.min.js"></script>
+<script type="text/javascript" src="js/loginjs.js"></script>
+</head>
+<body>
+<div id="container">
+    <form id="loginform" name="loginform" method="post">
+        <div class="loginuser"><label for="loginuser">用户帐号：</label><input type="text" id="loginuser" name="loginuser" maxlength="50" /></div>
+        <div class="loginpwd"><label for="loginpwd">用户密码：</label><input type="password" id="loginpwd" name="loginpwd" maxlength="50" /></div>
+        <div class="logincode"><label for="logincode">验 证 码：</label><input type="text" id="logincode" name="logincode" maxlength="5" /><span id="showlogincode"></span></div>
+        <div><input type="submit" id="loginbtn" name="loginbtn" value="登陆" /></div>
+        <div id="formmsg"></div>
+    </form>
+    <div id="copyright">Copyright © Mietubl All Rights Reserved</div>
+</div>
+</body>
+</html> 

system/pic.php

@@ -0,0 +1,123 @@
+<?php
+include "conn.php";
+checkLogin("");
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>管理区域</title>
+<link rel="stylesheet" href="css/common.css" type="text/css" />
+<script language="javascript" src="js/jquery-1.7.2.min.js"></script>
+<script type="text/javascript" src="js/js.js"></script>
+</head>
+
+<body>
+<div id="man_zone">
+<?php
+$act = $_GET['act'] ?? '';
+
+if ($act == "postchk") {
+    $cpid = $_GET['cpid'] ?? '';
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $ord = urlencode($_GET['Ord'] ?? '');
+    $page = $_GET['Page'] ?? '';
+    
+    if (isset($_POST['chkbox']) && is_array($_POST['chkbox'])) {
+        foreach ($_POST['chkbox'] as $id) {
+            $sql = "SELECT picurl FROM pic WHERE id = ?";
+            $stmt = $conn->prepare($sql);
+            $stmt->execute([$id]);
+            $row = $stmt->fetch(PDO::FETCH_ASSOC);
+            
+            if ($row) {
+                if (strpos($row['picurl'], '/System/') === 0) {
+                    $delfile = $_SERVER['DOCUMENT_ROOT'] . $row['picurl'];
+                    if (file_exists($delfile)) {
+                        unlink($delfile);
+                    }
+                }
+                
+                $sql = "DELETE FROM pic WHERE id = ?";
+                $stmt = $conn->prepare($sql);
+                $stmt->execute([$id]);
+            }
+        }
+    }
+    
+    header("Location: ?Keys=$keys&Ord=$ord&Page=$page&cpid=$cpid");
+    exit;
+}
+
+$cpid = $_GET['cpid'] ?? '';
+$page = $_GET['Page'] ?? '';
+$keys = urlencode($_GET['Keys'] ?? '');
+$ord = urlencode($_GET['Ord'] ?? '');
+
+if ($cpid == "" || !is_numeric($cpid)) {
+    header("Location: protector.php");
+    exit;
+}
+
+$sql = "SELECT id, picurl FROM pic WHERE cpid = ? ORDER BY id DESC";
+$stmt = $conn->prepare($sql);
+$stmt->execute([$cpid]);
+$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
+?>
+
+<form method="post" name="form2" style="padding:5px;" action="picupload.php?cpid=<?php echo $cpid; ?>&Page=<?php echo $page; ?>&Keys=<?php echo $keys; ?>&Ord=<?php echo $ord; ?>" 
+      enctype="multipart/form-data" onsubmit="if(this.filedata.value==''){return false;}" style="margin-bottom:10px;">
+    <input type="file" name="filedata" id="filedata" style="float:left;height:20px;border:1px solid #DBE6E3;background:#FFF;width:300px;margin-right:20px;" />
+    <input type="submit" value="上传" class="btn1" style="margin-left:10px" />
+</form>
+
+<form id="form1" method="post" action="?act=postchk&cpid=<?php echo $cpid; ?>&Page=<?php echo $page; ?>&Keys=<?php echo $keys; ?>&Ord=<?php echo $ord; ?>" onSubmit="return false">
+    <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+        <thead>
+            <tr>
+                <th width="4%"><input type="checkbox" name="chkall" id="chkall" onClick="chkboxall(this,'chkbox')" /></th>
+                <th width="6%">序号</th>
+                <th width="35%">缩略图</th>
+            </tr>
+        </thead>
+        <tbody>
+        <?php
+        if (!empty($results)) {
+            $tempNum = 0;
+            foreach ($results as $row) {
+                $tempNum++;
+                ?>
+                <tr onMouseOver="this.style.background='#F7FCFF'" onMouseOut="this.style.background='#FFFFFF'">    
+                    <td align="center"><input type="checkbox" name="chkbox[]" value="<?php echo $row['id']; ?>" /></td>
+                    <td align="center"><?php echo $tempNum; ?></td>
+                    <td align="center"><img src="<?php echo $row['picurl']; ?>" height="50" /></td>
+                </tr>
+                <?php
+            }
+        } else {
+            ?>
+            <tr>
+                <td align="center" colspan="4">当前还没有图片</td>
+            </tr>
+            <?php
+        }
+        ?>
+        </tbody>
+        <tfoot>
+            <tr>
+                <td colspan="4">
+                    <div class="postchkbox">
+                        <select id="chkact" name="chkact">
+                            <option value="-1">删除</option>
+                        </select>
+                        <input type="button" value="执行" onClick="postchk(1)" class="btn1" />            
+                        <input type="button" value="返回" onClick="location.href='product.php?Keys=<?php echo $keys; ?>&Ord=<?php echo $ord; ?>&Page=<?php echo $page; ?>&act=edit&id=<?php echo $cpid; ?>'" class="btn1" />
+                    </div>
+                </td>
+            </tr>
+        </tfoot>
+    </table>
+</form>
+</div>
+</body>
+</html> 

system/picupload.php

@@ -0,0 +1,121 @@
+<?php
+include "conn.php";
+checkLogin("");
+
+// Modern PHP file upload handler
+// @requires xhEditor
+// @author Original: Yanis.Wang<yanis.wang@gmail.com>
+// @site http://xheditor.com/
+// @licence LGPL(http://www.opensource.org/licenses/lgpl-license.php)
+// Converted to PHP8 with improved security and functionality
+
+header('Content-Type: text/html; charset=UTF-8');
+
+$inputname = 'filedata'; // Form file field name
+$attachdir = 'u'; // Upload directory, no trailing slash
+$dirtype = 2; // 1:by day 2:by month 3:by extension
+$maxattachsize = 2097152; // Max upload size, default 2M
+$upext = 'txt,rar,zip,jpg,jpeg,gif,png,swf,wmv,avi,wma,mp3,mid'; // Allowed extensions
+$msgtype = 2; // Return format: 1=only url, 2=parameter array
+$immediate = $_GET['immediate'] ?? ''; // Immediate upload mode (demo only)
+
+$err = '';
+$msg = "''";
+
+// Check if file was uploaded
+if (!isset($_FILES[$inputname])) {
+    $err = "无数据提交";
+} else {
+    $file = $_FILES[$inputname];
+    
+    // Check file size
+    if ($file['size'] > $maxattachsize) {
+        $err = "文件大小超过 " . $maxattachsize . "字节";
+    } else {
+        // Check file extension
+        $extension = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
+        $allowed_extensions = explode(',', $upext);
+        if (!in_array($extension, $allowed_extensions)) {
+            $err = "上传文件扩展名必需为：" . $upext;
+        } else {
+            // Create subdirectory based on dirtype
+            switch ($dirtype) {
+                case 1:
+                    $attach_subdir = "day_" . date("ymd");
+                    break;
+                case 2:
+                    $attach_subdir = "m" . date("ym");
+                    break;
+                case 3:
+                    $attach_subdir = "ext_" . $extension;
+                    break;
+            }
+            
+            $attach_dir = $attachdir . "/" . $attach_subdir . "/";
+            
+            // Create directory if it doesn't exist
+            if (!file_exists($attach_dir)) {
+                mkdir($attach_dir, 0777, true);
+            }
+            
+            // Generate random filename
+            $filename = date("dHis") . rand(10, 99) . "." . $extension;
+            $target = $attach_dir . $filename;
+            
+            // Move uploaded file
+            if (move_uploaded_file($file['tmp_name'], $target)) {
+                // Process image if it's a JPEG
+                if (in_array($extension, ['jpg', 'jpeg']) && extension_loaded('gd')) {
+                    $image = imagecreatefromjpeg($target);
+                    if ($image) {
+                        $orig_width = imagesx($image);
+                        $orig_height = imagesy($image);
+                        
+                        $img_w = 520 / $orig_width;
+                        $img_h = 520 / $orig_height;
+                        
+                        if ($img_w < 1 || $img_h < 1) {
+                            $new_width = $img_w < $img_h ? round($orig_width * $img_h) : 520;
+                            $new_height = $img_w < $img_h ? 520 : round($orig_height * $img_w);
+                            
+                            $new_image = imagecreatetruecolor(520, 520);
+                            imagecopyresampled($new_image, $image, 0, 0, 0, 0, $new_width, $new_height, $orig_width, $orig_height);
+                            
+                            // Crop to square
+                            $final_image = imagecreatetruecolor(520, 520);
+                            imagecopyresampled($final_image, $new_image, 0, 0, 0, 0, 520, 520, 520, 520);
+                            
+                            imagejpeg($final_image, $target, 100);
+                            imagedestroy($final_image);
+                            imagedestroy($new_image);
+                        } else {
+                            imagejpeg($image, $target, 100);
+                        }
+                        imagedestroy($image);
+                    }
+                }
+                
+                // Save to database
+                $cpid = $_GET['cpid'] ?? '';
+                $keys = urlencode($_GET['Keys'] ?? '');
+                $ord = urlencode($_GET['Ord'] ?? '');
+                $page = $_GET['Page'] ?? '';
+                
+                $sql = "INSERT INTO pic (cpid, picurl) VALUES (?, ?)";
+                $stmt = $conn->prepare($sql);
+                $stmt->execute([$cpid, "/System/" . $target]);
+                
+                header("Location: pic.php?cpid=$cpid&Page=$page&Keys=$keys&Ord=$ord");
+                exit;
+            } else {
+                $err = "文件上传失败";
+            }
+        }
+    }
+}
+
+// If there was an error, output it
+if ($err !== '') {
+    echo "<script>alert('$err');</script>";
+}
+?> 

system/power.php

@@ -0,0 +1,306 @@
+<?php
+include "conn.php";
+checkLogin("权限管理");
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>管理区域</title>
+<link rel="stylesheet" href="css/common.css" type="text/css" />
+<script language="javascript" src="js/jquery-1.7.2.min.js"></script>
+<script type="text/javascript" src="js/js.js"></script>
+</head>
+
+<body>
+<div id="man_zone">
+<?php
+$act = $_GET['act'] ?? '';
+
+if ($act == "save") {
+    $isedit = false;
+    $id = $_POST['id'] ?? '';
+    if ($id != "" && is_numeric($id)) {
+        $isedit = true;
+    }
+    $powername = textEncode($_POST['powername'] ?? '');
+    $powercontent = isset($_POST['powercontent']) ? implode(',', $_POST['powercontent']) : '';
+
+    if ($isedit) {
+        // Check if power name exists
+        $sql = "SELECT COUNT(id) as count FROM power WHERE powername = ? AND id != ?";
+        $stmt = $conn->prepare($sql);
+        $stmt->execute([$powername, $id]);
+        if ($stmt->fetch(PDO::FETCH_ASSOC)['count'] > 0) {
+            echo "<script>alert('Sorry，该权限名称已经存在，请检查更换');history.back()</script>";
+            exit;
+        }
+
+        $sql = "UPDATE power SET powername = ?, powercontent = ? WHERE id = ?";
+        $stmt = $conn->prepare($sql);
+        $stmt->execute([$powername, $powercontent, $id]);
+    } else {
+        // Check if power name exists
+        $sql = "SELECT COUNT(id) as count FROM power WHERE powername = ?";
+        $stmt = $conn->prepare($sql);
+        $stmt->execute([$powername]);
+        if ($stmt->fetch(PDO::FETCH_ASSOC)['count'] > 0) {
+            echo "<script>alert('Sorry，该权限名称已经存在，请检查更换');history.back()</script>";
+            exit;
+        }
+
+        $sql = "INSERT INTO power (powername, powercontent, powerstate) VALUES (?, ?, 1)";
+        $stmt = $conn->prepare($sql);
+        $stmt->execute([$powername, $powercontent]);
+    }
+
+    $page = $_GET['Page'] ?? '';
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $ord = urlencode($_GET['Ord'] ?? '');
+    header("Location: ?keys=$keys&Ord=$ord&Page=$page");
+    exit;
+}
+
+if ($act == "add" || $act == "edit") {
+    $id = $_GET['id'] ?? '';
+    $isedit = false;
+    $powername = '';
+    $powercontent = '';
+
+    if ($id != "" && is_numeric($id)) {
+        $isedit = true;
+        $sql = "SELECT powername, powercontent FROM power WHERE id = ?";
+        $stmt = $conn->prepare($sql);
+        $stmt->execute([$id]);
+        if ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
+            $powername = textUncode($row['powername']);
+            $powercontent = $row['powercontent'];
+        } else {
+            $isedit = false;
+        }
+    }
+
+    $page = $_GET['Page'] ?? '';
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $ord = urlencode($_GET['Ord'] ?? '');
+    $hrefstr = "?keys=$keys&Ord=$ord&Page=$page";
+    ?>
+    <form name="form1" method="post" action="<?php echo $hrefstr; ?>&act=save">
+    <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+        <tbody>
+            <tr>
+                <th width="8%">权限名称</th>
+                <td><input type="text" id="powername" name="powername" value="<?php echo $powername; ?>" class="txt1" /><input type="hidden" name="id" value="<?php echo $id; ?>" /></td>
+            </tr>
+            <tr>
+                <th width="8%">可用权限</th>
+                <td>
+                    <fieldset>
+                        <legend>信息管理</legend>
+                        <input type="checkbox" id="powerchk1" name="powercontent[]" value="单页管理" <?php if (strpos($powercontent, "单页管理") !== false) echo 'checked="checked"'; ?> /><label for="powerchk1">单页管理</label>
+                        <input type="checkbox" id="powerchk2" name="powercontent[]" value="分类管理" <?php if (strpos($powercontent, "分类管理") !== false) echo 'checked="checked"'; ?> /><label for="powerchk2">分类管理</label>
+                        <input type="checkbox" id="powerchk3" name="powercontent[]" value="专题管理" <?php if (strpos($powercontent, "专题管理") !== false) echo 'checked="checked"'; ?> /><label for="powerchk3">专题管理</label>
+                        <input type="checkbox" id="powerchk4" name="powercontent[]" value="信息管理" <?php if (strpos($powercontent, "信息管理") !== false) echo 'checked="checked"'; ?> /><label for="powerchk4">信息管理</label><br />
+                    </fieldset>
+
+                    <fieldset>
+                        <legend>售后管理</legend>
+                        <input type="checkbox" id="powerchk21" name="powercontent[]" value="售后_单页" <?php if (strpos($powercontent, "售后_单页") !== false) echo 'checked="checked"'; ?> /><label for="powerchk21">单页管理</label>
+                        <input type="checkbox" id="powerchk22" name="powercontent[]" value="售后_信息" <?php if (strpos($powercontent, "售后_信息") !== false) echo 'checked="checked"'; ?> /><label for="powerchk22">信息管理</label><br />
+                    </fieldset>
+                </td>
+            </tr>
+            <tr>
+                <th></th>
+                <td><input type="submit" name="save" id="save" value="确定" class="btn1" /> <input type="reset" name="save" id="save" value="重置" class="btn1" /> <input type="button" value="返回" class="btn1" onClick="location.href='<?php echo $hrefstr; ?>'" /></td>
+            </tr>
+        </tbody>
+    </table>
+    </form>
+    <?php
+    exit;
+}
+
+if ($act == "postchk") {
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $ord = urlencode($_GET['Ord'] ?? '');
+    $page = $_GET['Page'] ?? '';
+    $chkact = $_POST['chkact'] ?? '';
+
+    if (isset($_POST['chkbox']) && is_array($_POST['chkbox'])) {
+        $ids = array_map('intval', $_POST['chkbox']);
+        $placeholders = str_repeat('?,', count($ids) - 1) . '?';
+        
+        switch ($chkact) {
+            case "0":
+            case "1":
+                $sql = "UPDATE power SET powerstate = ? WHERE id IN ($placeholders)";
+                array_unshift($ids, $chkact);
+                break;
+            default:
+                $sql = "DELETE FROM power WHERE id IN ($placeholders)";
+                break;
+        }
+        
+        $stmt = $conn->prepare($sql);
+        $stmt->execute($ids);
+    }
+    
+    header("Location: ?Keys=$keys&Ord=$ord&Page=$page");
+    exit;
+}
+
+$keys = $_GET['Keys'] ?? '';
+$keyscode = textEncode($keys);
+$ord = $_GET['Ord'] ?? '';
+$page = $_GET['Page'] ?? '';
+
+$orderby = "id DESC";
+if (in_array($ord, ['powername', 'powername Desc', 'powerstate', 'powerstate Desc', 'powercontent', 'powercontent Desc'])) {
+    $orderby = "$ord, id DESC";
+}
+
+$sql = "SELECT id, powername, powercontent, powerstate FROM power 
+        WHERE id <> 1 AND (powername LIKE ? OR powercontent LIKE ?) 
+        ORDER BY $orderby";
+$stmt = $conn->prepare($sql);
+$stmt->execute(["%$keyscode%", "%$keyscode%"]);
+$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+$total_records = count($results);
+$records_per_page = 10;
+$total_pages = ceil($total_records / $records_per_page);
+
+if ($page == "") $page = 1;
+if ($page == "end") $page = $total_pages;
+if (!is_numeric($page) || $page < 1) $page = 1;
+$page = (int)$page;
+if ($page > $total_pages) $page = $total_pages;
+
+$start = ($page - 1) * $records_per_page;
+$results = array_slice($results, $start, $records_per_page);
+
+$keys = urlencode($keys);
+$ord = urlencode($ord);
+$hrefstr = "?keys=$keys";
+?>
+<form id="form1" method="post" action="?act=postchk&Keys=<?php echo $keys; ?>&Ord=<?php echo $ord; ?>&Page=<?php echo $page; ?>" onSubmit="return false">
+<table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+    <thead>
+        <tr>
+            <th width="4%"><input type="checkbox" name="chkall" id="chkall" onClick="chkboxall(this,'chkbox')" /></th>
+            <th width="6%">序号</th>
+            <th width="20%"><a href="<?php echo $hrefstr; ?><?php echo ($ord=="powername" ? "&ord=powername+Desc" : "&ord=powername"); ?>">权限名称<?php echo ($ord=="powername" ? "↓" : ($ord=="powername+Desc" ? "↑" : "")); ?></a></th>
+            <th width="54%"><a href="<?php echo $hrefstr; ?><?php echo ($ord=="powercontent" ? "&ord=powercontent+Desc" : "&ord=powercontent"); ?>">可用权限<?php echo ($ord=="powercontent" ? "↓" : ($ord=="powercontent+Desc" ? "↑" : "")); ?></a></th>
+            <th width="8%"><a href="<?php echo $hrefstr; ?><?php echo ($ord=="powerstate" ? "&ord=powerstate+Desc" : "&ord=powerstate"); ?>">状态<?php echo ($ord=="powerstate" ? "↓" : ($ord=="powerstate+Desc" ? "↑" : "")); ?></a></th>
+            <th width="8%">操作</th>
+        </tr>
+    </thead>
+    <tbody>
+    <?php
+    if (!empty($results)) {
+        $tempNum = ($page - 1) * $records_per_page;
+        foreach ($results as $row) {
+            $tempNum++;
+            ?>
+            <tr onMouseOver="this.style.background='#F7FCFF'" onMouseOut="this.style.background='#FFFFFF'">
+                <td align="center"><input type="checkbox" name="chkbox[]" value="<?php echo $row['id']; ?>" /></td>
+                <td align="center"><?php echo $tempNum; ?></td>
+                <td align="center"><?php echo $row['powername']; ?></td>
+                <td align="center"><?php echo $row['powercontent']; ?></td>
+                <td align="center"><?php echo ($row['powerstate'] == 1 ? "正常" : "停用"); ?></td>
+                <td align="center"><a href="?Keys=<?php echo $keys; ?>&Ord=<?php echo $ord; ?>&Page=<?php echo $page; ?>&act=edit&id=<?php echo $row['id']; ?>" class="ico_edit">修改</a></td>
+            </tr>
+            <?php
+        }
+    } else {
+        if ($keys == "") {
+            ?>
+            <tr>
+                <td align="center" colspan="7">Sorry，当前暂无权限</td>
+            </tr>
+            <?php
+        } else {
+            ?>
+            <tr>
+                <td align="center" colspan="7"><a href="?">Sorry，没有找到"<?php echo $keyscode; ?>"相关的权限，点击返回</a></td>
+            </tr>
+            <?php
+        }
+    }
+    ?>
+    </tbody>
+    <tfoot>
+        <tr>
+            <td colspan="7">
+                <div class="showpagebox">
+                <?php
+                if ($total_pages > 1) {
+                    $pageName = "?Keys=$keys&Ord=$ord&";
+                    $pagelen = 3;
+
+                    if ($page > 1) {
+                        echo "<a href=\"{$pageName}Page=1\">首页</a>";
+                        echo "<a href=\"{$pageName}Page=" . ($page-1) . "\">上一页</a>";
+                    }
+
+                    if ($pagelen * 2 + 1 >= $total_pages) {
+                        $startPage = 1;
+                        $endPage = $total_pages;
+                    } else {
+                        if ($page <= $pagelen + 1) {
+                            $startPage = 1;
+                            $endPage = $pagelen * 2 + 1;
+                        } else {
+                            $startPage = $page - $pagelen;
+                            $endPage = $page + $pagelen;
+                        }
+                        if ($page + $pagelen > $total_pages) {
+                            $startPage = $total_pages - $pagelen * 2;
+                            $endPage = $total_pages;
+                        }
+                    }
+
+                    for ($i = $startPage; $i <= $endPage; $i++) {
+                        if ($i == $page) {
+                            echo "<a class=\"current\">$i</a>";
+                        } else {
+                            echo "<a href=\"{$pageName}Page=$i\">$i</a>";
+                        }
+                    }
+
+                    if ($page < $total_pages) {
+                        if ($total_pages - $page > $pagelen) {
+                            echo "<a href=\"{$pageName}Page=$total_pages\">...$total_pages</a>";
+                        }
+                        echo "<a href=\"{$pageName}Page=" . ($page+1) . "\">下一页</a>";
+                        echo "<a href=\"{$pageName}Page=$total_pages\">尾页</a>";
+                    }
+
+                    echo "<input type=\"text\" id=\"Pagego\" value=\"$page\" onFocus=\"if(this.value == '$page'){this.value='';};\" onBlur=\"if(this.value == ''){this.value='$page';}\" onKeyUp=\"this.value=this.value.replace(/\D/g,'')\" onKeyDown=\"if(event.keyCode==13){location.href='{$pageName}Page='+document.getElementById('Pagego').value}\" />";
+                }
+                ?>
+                </div>
+                <div class="searchbox">
+                    <input type="text" id="keys" value="<?php echo ($keyscode == "") ? "请输入搜索关键词" : $keyscode; ?>" 
+                           onFocus="if(this.value == '<?php echo ($keyscode == "") ? "请输入搜索关键词" : $keyscode; ?>'){this.value='';}" 
+                           onBlur="if(this.value == ''){this.value='<?php echo ($keyscode == "") ? "请输入搜索关键词" : $keyscode; ?>';}" 
+                           onKeyDown="if(event.keyCode==13){location.href='?Keys='+escape(document.getElementById('keys').value)}" />
+                    <input type="button" id="searchgo" value="go" onClick="location.href='?Keys='+escape(document.getElementById('keys').value)" />
+                </div>
+                <div class="postchkbox">
+                    <select id="chkact" name="chkact">
+                        <option value="1">正常</option>
+                        <option value="0">停用</option>
+                        <option value="-1">删除</option>
+                    </select>
+                    <input type="button" value="执行" onClick="postchk(2)" class="btn1" />
+                </div>
+            </td>
+        </tr>
+    </tfoot>
+</table>
+</form>
+</div>
+</body>
+</html> 

system/products.php

@@ -0,0 +1,416 @@
+<?php
+include "conn.php";
+checkLogin("信息管理");
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>产品信息管理</title>
+<link rel="stylesheet" href="css/common.css" type="text/css" />
+<script language="javascript" src="js/jquery-1.7.2.min.js"></script>
+<script type="text/javascript" src="js/js.js"></script>
+<script type="text/javascript" src="js/SearchArea.js"></script>
+<script type="text/javascript" src="xheditor-1.1.9/xheditor-1.1.9-zh-cn.min.js"></script>
+</head>
+
+<body>
+<div id="man_zone">
+<?php
+$act = $_GET['act'] ?? '';
+$productName = textEncode($_POST['ProductName'] ?? '');
+$productImg = textEncode($_POST['ProductImg'] ?? '');
+$unit = textEncode($_POST['unit'] ?? '');
+$moq = textEncode($_POST['moq'] ?? '');
+$nosale = $_POST['nosale'] ?? '';
+$num = $_POST['num'] ?? '';
+$price = $_POST['price'] ?? '';
+$note = textEncode($_POST['note'] ?? '');
+$tips = textEncode($_POST['tips'] ?? '');
+
+if ($act == "save") {
+    $isedit = false;
+    $id = $_POST['id'] ?? '';
+    if ($id != "" && is_numeric($id)) {
+        $isedit = true;
+    }
+
+    if ($isedit) {
+        $sql = "Select * From Products Where id=" . $id;
+        $rs = $conn->query($sql);
+        if ($row = $rs->fetch()) {
+            $sql = "Update Products Set 
+                    ProductName='" . $productName . "',
+                    ProductImg='" . $productImg . "',
+                    Addtime=NOW(),
+                    moq='" . $moq . "',
+                    unit='" . $unit . "',
+                    nosale='" . $nosale . "',
+                    note='" . $note . "',
+                    tips='" . $tips . "'
+                    Where id=" . $id;
+            $conn->query($sql);
+            
+            $conn->query("delete from price where productId=" . $id . " and AreaId=0");
+            
+            $numarr = explode(",", $num);
+            $pricearr = explode(",", $price);
+            
+            for ($i = 0; $i < count($numarr); $i++) {
+                if ($numarr[$i] == "") $numarr[$i] = 0;
+                if ($pricearr[$i] == "") $pricearr[$i] = 0;
+                $conn->query("insert into price (productId,AreaId,num,price) values(" . $id . ",0," . $numarr[$i] . ",'" . $pricearr[$i] . "')");
+            }
+        }
+    } else {
+        $sql = "Insert Into Products(ProductName,ProductImg,Addtime,unit,moq,nosale,note,tips) values(
+                '" . $productName . "',
+                '" . $productImg . "',
+                NOW(),
+                '" . $unit . "',
+                '" . $moq . "',
+                '" . $nosale . "',
+                '" . $note . "',
+                '" . $tips . "'
+                )";
+        $conn->query($sql);
+        
+        $sql = "select top 1 id from Products order by id desc";
+        $rs = $conn->query($sql);
+        $id = $rs->fetch()['id'];
+        
+        $numarr = explode(",", $num);
+        $pricearr = explode(",", $price);
+        
+        for ($i = 0; $i < count($numarr); $i++) {
+            if ($numarr[$i] == "") $numarr[$i] = 0;
+            if ($pricearr[$i] == "") $pricearr[$i] = 0;
+            $conn->query("insert into price (productId,AreaId,num,price) values(" . $id . ",0," . $numarr[$i] . ",'" . $pricearr[$i] . "')");
+        }
+    }
+
+    $page = $_GET['Page'] ?? '';
+    $keys = urlencode($_GET['Keys'] ?? '');
+    header("Location: ?keys=" . $keys . "&Page=" . $page . $urlStr);
+    exit;
+}
+
+if ($act == "add" || $act == "edit") {
+    $id = $_GET['id'] ?? '';
+    $isedit = false;
+    if ($id != "" && is_numeric($id)) {
+        $isedit = true;
+        $sql = "Select ProductName,ProductImg,unit,moq,nosale,note,tips from Products Where id=" . $id;
+        $rs = $conn->query($sql);
+        if ($row = $rs->fetch()) {
+            $productName = textUncode($row['ProductName']);
+            $productImg = textUncode($row['ProductImg']);
+            $unit = $row['unit'];
+            $moq = textUncode($row['moq']);
+            $nosale = $row['nosale'];
+            $note = textUncode($row['note']);
+            $tips = textUncode($row['tips']);
+        } else {
+            $isedit = false;
+        }
+    }
+
+    $page = $_GET['Page'] ?? '';
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $hrefstr = "?keys=" . $keys . "&Page=" . $page;
+?>
+    <form name="form1" method="post" action="<?php echo $hrefstr; ?>&act=save">
+    <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+        <tbody>
+            <tr>
+                <th width="8%">产品名称</th>
+                <td><input type="text" id="ProductName" name="ProductName" value="<?php echo $productName; ?>" class="txt1" />
+                    <input type="hidden" name="id" value="<?php echo $id; ?>" /></td>
+            </tr>
+            <tr>
+                <th width="8%">产品图片</th>
+                <td><input type="text" id="ProductImg" name="ProductImg" placeholder="186x*186px" value="<?php echo $productImg; ?>" class="txt1" style="width:390px;float:left;" />
+                    <iframe src="uploadfile.php" frameborder="0" scrolling="no" style="width:400px;height:22px;float:left;margin-left:10px;"></iframe></td>
+            </tr>
+            <tr>
+                <th width="8%">计价单位</th>
+                <td><input type="text" id="unit" name="unit" value="<?php echo $unit; ?>" class="txt1"/></td>
+            </tr>
+            <tr>
+                <th width="8%">起订数量</th>
+                <td><input type="text" id="moq" name="moq" value="<?php echo $moq; ?>" class="txt1"/></td>
+            </tr>
+            <tr>
+                <th width="8%">默认售价</th>
+                <td>
+                    <div class="Price">
+                    <?php 
+                    if ($isedit) {
+                        $rs = $conn->query("Select num,price from price where AreaId=0 and productId=" . $id . " order by num asc");
+                        if ($rs->rowCount() > 0) {
+                            while ($row = $rs->fetch()) {
+                    ?>
+                        <div class="priceitem">
+                            <label>≥</label>
+                            <input type="number" class="txt3 num" name="num" value="<?php echo $row['num']; ?>">
+                            <label class="unit"><?php echo $unit; ?></label>
+                            <label>售价</label>
+                            <input type="text" class="txt3 price" name="price" value="<?php echo $row['price']; ?>">
+                            <label>RMB</label>
+                            <span class="additem"></span>
+                            <span class="delitem"></span>
+                            <span class="note"></span>
+                        </div>
+                    <?php
+                            }
+                        } else {
+                    ?>
+                        <div class="priceitem">
+                            <label>≥</label>
+                            <input type="number" class="txt3 num" name="num">
+                            <label class="unit"><?php echo $unit; ?></label>
+                            <label>售价</label>
+                            <input type="text" class="txt3 price" name="price">
+                            <label>RMB</label>
+                            <span class="additem"></span>
+                            <span class="delitem"></span>
+                            <span class="note"></span>
+                        </div>
+                    <?php
+                        }
+                    } else {
+                    ?>
+                        <div class="priceitem">
+                            <label>≥</label>
+                            <input type="number" class="txt3 num" name="num">
+                            <label class="unit"><?php echo $unit; ?></label>
+                            <label>售价</label>
+                            <input type="text" class="txt3 price" name="price">
+                            <label>RMB</label>
+                            <span class="additem"></span>
+                            <span class="delitem"></span>
+                            <span class="note"></span>
+                        </div>
+                    <?php
+                    }
+                    ?>
+                    </div>
+                </td>
+            </tr>
+            <tr>
+                <th width="8%">不报价地区</th>
+                <td>
+                    <ul class="areadd">
+                    <?php
+                    if ($nosale != "") {
+                        $rs = $conn->query("select id,countryName from country where id in(" . $nosale . ")");
+                        while ($row = $rs->fetch()) {
+                    ?>
+                        <li>
+                            <input type="hidden" name="nosale" value="<?php echo $row['id']; ?>">
+                            <span class="cname"><?php echo $row['countryName']; ?></span>
+                            <span class="close"></span>
+                        </li>
+                    <?php
+                        }
+                    }
+                    ?>
+                    </ul>
+                    <input type="text" id="AreaSearch" class="fastsearch">
+                    <div id="arealist" class="productlist"><ul></ul></div>
+                </td>
+            </tr>
+            <tr>
+                <th width="8%">不报价处理方式</th>
+                <td><input type="text" id="note" name="note" value="<?php echo $note; ?>" class="txt1"/></td>
+            </tr>
+            <tr>
+                <th width="8%">备注</th>
+                <td><input type="text" id="tips" name="tips" value="<?php echo $tips; ?>" class="txt1"/></td>
+            </tr>
+            <tr>
+                <th></th>
+                <td>
+                    <input type="submit" name="save" value="确定" class="btn1" />
+                    <input type="reset" name="reset" value="重置" class="btn1" />
+                    <input type="button" value="返回" class="btn1" onClick="location.href='<?php echo $hrefstr; ?>'" />
+                </td>
+            </tr>
+        </tbody>
+    </table>
+    </form>
+<?php
+    exit;
+}
+
+if ($act == "postchk") {
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $page = $_GET['Page'] ?? '';
+    $chkact = $_POST['chkact'] ?? '';
+    $sqlStr = "";
+    
+    if (isset($_POST['chkbox'])) {
+        foreach ($_POST['chkbox'] as $value) {
+            if ($sqlStr != "") {
+                $sqlStr .= " Or id=" . $value;
+            } else {
+                $sqlStr = " Where id=" . $value;
+            }
+        }
+
+        switch ($chkact) {
+            case "0":
+                $sqlStr = "Update Products Set cs_state=" . $chkact . $sqlStr;
+                break;
+            case "1":
+                $sqlStr = "Update Products Set cs_state=" . $chkact . $sqlStr;
+                break;
+            default:
+                $sqlStr = "Delete From Products" . $sqlStr;
+        }
+
+        $conn->query($sqlStr);
+    }
+    
+    header("Location: ?Keys=" . $keys . "&Page=" . $page);
+    exit;
+}
+
+// 主列表页面
+$keyscode = textEncode($_GET['Keys'] ?? '');
+$page = $_GET['Page'] ?? '';
+
+$sqlStr = "Select id,ProductName,ProductImg from Products order by id Desc";
+$rs = $conn->query($sqlStr);
+?>
+<form id="form1" method="post" action="?act=postchk&Keys=<?php echo urlencode($_GET['Keys'] ?? ''); ?>&Page=<?php echo $page; ?>" onSubmit="return false">
+<table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+    <thead>
+        <tr>
+            <th width="4%"><input type="checkbox" name="chkall" id="chkall" onClick="chkboxall(this,'chkbox')" /></th>
+            <th width="6%">序号</th>
+            <th width="30%">产品名称</th>
+            <th width="40%">图片</th>
+            <th width="20%">操作</th>
+        </tr>
+    </thead>
+    <tbody>
+    <?php
+    if ($rs->rowCount() > 0) {
+        $rs->setFetchMode(PDO::FETCH_ASSOC);
+        $records_per_page = 18;
+        
+        if ($page == "") $page = 1;
+        if ($page == "end") $page = ceil($rs->rowCount() / $records_per_page);
+        if (!is_numeric($page) || $page < 1) $page = 1;
+        $page = (int)$page;
+        
+        $start = ($page - 1) * $records_per_page;
+        $tempNum = $start;
+        
+        $count = 0;
+        while ($row = $rs->fetch()) {
+            $count++;
+            if ($count > $start && $count <= $start + $records_per_page) {
+                $tempNum++;
+    ?>
+            <tr onMouseOver="this.style.background='#F7FCFF'" onMouseOut="this.style.background='#FFFFFF'">
+                <td align="center"><input type="checkbox" name="chkbox[]" value="<?php echo $row['id']; ?>" /></td>
+                <td align="center"><?php echo $tempNum; ?></td>
+                <td align="center"><?php echo $row['ProductName']; ?></td>
+                <td align="center"><img src="<?php echo $row['ProductImg']; ?>" width="80px"></td>
+                <td align="center">
+                    <a href="?Keys=<?php echo urlencode($_GET['Keys'] ?? ''); ?>&Page=<?php echo $page; ?><?php echo $urlStr ?? ''; ?>&act=edit&id=<?php echo $row['id']; ?>" class="ico_edit ico">修改</a>
+                </td>
+            </tr>
+    <?php
+            }
+        }
+    } else {
+        if ($_GET['Keys'] ?? '' == "") {
+    ?>
+            <tr>
+                <td align="center" colspan="9">Sorry，当前暂无信息</td>
+            </tr>
+    <?php
+        } else {
+    ?>
+            <tr>
+                <td align="center" colspan="9"><a href="?">Sorry，没有找到"<?php echo $keyscode; ?>"相关的信息，点击返回</a></td>
+            </tr>
+    <?php
+        }
+    }
+    ?>
+    </tbody>
+    <tfoot>
+        <tr>
+            <td colspan="9">
+                <div class="showpagebox">
+                <?php
+                if ($rs->rowCount() > 0) {
+                    $total_pages = ceil($rs->rowCount() / $records_per_page);
+                    if ($total_pages > 1) {
+                        $pageName = "?Keys=" . urlencode($_GET['Keys'] ?? '') . ($urlStr ?? '') . "&";
+                        $pagelen = 3;
+
+                        if ($page > 1) {
+                            echo "<a href=\"{$pageName}Page=1\">首页</a>";
+                            echo "<a href=\"{$pageName}Page=" . ($page-1) . "\">上一页</a>";
+                        }
+
+                        if ($pagelen * 2 + 1 >= $total_pages) {
+                            $startPage = 1;
+                            $endPage = $total_pages;
+                        } else {
+                            if ($page <= $pagelen + 1) {
+                                $startPage = 1;
+                                $endPage = $pagelen * 2 + 1;
+                            } else {
+                                $startPage = $page - $pagelen;
+                                $endPage = $page + $pagelen;
+                            }
+                            if ($page + $pagelen > $total_pages) {
+                                $startPage = $total_pages - $pagelen * 2;
+                                $endPage = $total_pages;
+                            }
+                        }
+
+                        for ($i = $startPage; $i <= $endPage; $i++) {
+                            if ($i == $page) {
+                                echo "<a class=\"current\">$i</a>";
+                            } else {
+                                echo "<a href=\"{$pageName}Page=$i\">$i</a>";
+                            }
+                        }
+
+                        if ($page < $total_pages) {
+                            if ($total_pages - $page > $pagelen) {
+                                echo "<a href=\"{$pageName}Page=$total_pages\">...$total_pages</a>";
+                            }
+                            echo "<a href=\"{$pageName}Page=" . ($page+1) . "\">下一页</a>";
+                            echo "<a href=\"{$pageName}Page=$total_pages\">尾页</a>";
+                        }
+
+                        echo "<input type=\"text\" id=\"Pagego\" value=\"$page\" onFocus=\"if(this.value == '$page'){this.value='';};\" onBlur=\"if(this.value == ''){this.value='$page';}\" onKeyUp=\"this.value=this.value.replace(/\D/g,'')\" onKeyDown=\"if(event.keyCode==13){location.href='{$pageName}Page='+document.getElementById('Pagego').value}\" />";
+                    }
+                }
+                ?>
+                </div>
+                <div class="postchkbox">
+                    <select id="chkact" name="chkact">
+                        <option value="1">显示</option>
+                        <option value="0">隐藏</option>
+                        <option value="-1">删除</option>
+                    </select>
+                    <input type="button" value="执行" onClick="postchk(1)" class="btn1" />
+                    <input type="button" value="新增" onClick="location.href='?act=add'" class="btn1" />
+                </div>
+            </td>
+        </tr>
+    </tfoot>
+</table>
+</form>
+</div>
+</body>
+</html> 

system/pwd.asp

@@ -63,7 +63,7 @@ If Not Rs.Bof And Not Rs.Eof Then
 Else
 	Response.Write "<script>alert('好像找不到您的资料呀？还是请您重新登陆一下吧');top.location.href='login.asp'</script>":Rs.Close:Set Rs=Nothing:Conn.Close:Set Conn=Nothing:Response.End
 End If
-Response.Write "<script>alert('更新成功');top.location.href='index.asp'</script>"
+Response.Write "<script>alert('更新成功');top.location.href='index.php'</script>"
 Response.End
 End If 'end save
 

system/pwd.php

@@ -0,0 +1,150 @@
+<?php
+include "conn.php";
+checkLogin("");
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>管理区域</title>
+<link rel="stylesheet" href="css/common.css" type="text/css" />
+<script language="javascript" src="js/jquery-1.7.2.min.js"></script>
+<script type="text/javascript" src="js/js.js"></script>
+<script>
+function chkpwdform(){
+    _loginpwd = document.getElementById("loginpwd"),
+    _loginpwd1 = document.getElementById("loginpwd1"),
+    _loginpwd2 = document.getElementById("loginpwd2"),
+    _loginname = document.getElementById("loginname");
+    _save = document.getElementById("save");
+
+    if(_save.disabled) return false;
+
+    if(_loginpwd.value ==''){
+        alert('请输入原密码');
+        _loginpwd.focus();
+        return false;
+    }
+
+    if(_loginname.value ==''){
+        alert('请输入用户昵称');
+        _loginname.focus();
+        return false;
+    }
+
+    if(_loginpwd1.value != _loginpwd2.value){
+        alert('新密码两次密码输入不相同\n不修改请留空');
+        _loginpwd2.focus();
+        return false;
+    }
+
+    _save.disabled = true;
+}
+</script>
+</head>
+
+<body>
+<div id="man_zone">
+<?php
+$act = $_GET['act'] ?? '';
+if ($act == "save") {
+    $loginpwd = textEncode($_POST['loginpwd'] ?? '');
+    $loginpwd1 = textEncode($_POST['loginpwd1'] ?? '');
+    $loginname = textEncode($_POST['loginname'] ?? '');
+
+    $sql = "Select loginpwd,loginname From login Where id=" . load_Session("loginid");
+    $rs = $conn->query($sql);
+    if ($row = $rs->fetch()) {
+        if (md5($loginpwd) != $row['loginpwd']) {
+            echo "<script>alert('原密码输入错误');history.back()</script>";
+            exit;
+        }
+        
+        if ($loginpwd1 != "") {
+            $sql = "UPDATE login SET loginpwd = '" . md5($loginpwd1) . "', loginname = '" . $loginname . "' 
+                    WHERE id = " . load_Session("loginid");
+            $conn->query($sql);
+            add_Session("loginname", $loginname);
+        }
+    } else {
+        echo "<script>alert('好像找不到您的资料呀？还是请您重新登陆一下吧');top.location.href='login.php'</script>";
+        exit;
+    }
+    
+    echo "<script>alert('更新成功');top.location.href='index.php'</script>";
+    exit;
+}
+
+$sql = "Select loginlasttime,loginlastip,loginthistime,loginthisip,powercontent,logincount 
+        From login Left Join power On power.id=login.loginpower 
+        Where login.id=" . load_Session("loginid");
+$rs = $conn->query($sql);
+if ($row = $rs->fetch()) {
+    $loginlasttime = $row['loginlasttime'];
+    $loginlastip = $row['loginlastip'];
+    $loginthistime = $row['loginthistime'];
+    $loginthisip = $row['loginthisip'];
+    $powercontent = $row['powercontent'];
+    $logincount = $row['logincount'];
+} else {
+    echo "<script>alert('好像找不到您的资料呀？还是请您重新登陆一下吧');top.location.href='login.php'</script>";
+    exit;
+}
+?>
+    <form name="form1" method="post" action="?act=save" onSubmit="return chkpwdform()">
+    <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+        <tbody>
+            <tr>
+                <th width="15%">用户帐号</th>
+                <td><input type="text" id="loginuser" name="loginuser" value="<?php echo load_Session("loginuser"); ?>" class="txt1" disabled="disabled" style="width:300px;" /></td>
+            </tr>
+            <tr>
+                <th width="15%">原密码</th>
+                <td><input type="password" id="loginpwd" name="loginpwd" class="txt1" style="width:300px;" /></td>
+            </tr>
+            <tr>
+                <th width="15%">用户昵称</th>
+                <td><input type="text" id="loginname" name="loginname" value="<?php echo load_Session("loginname"); ?>" class="txt1" style="width:300px;" /></td>
+            </tr>
+            <tr>
+                <th width="15%">新密码</th>
+                <td><input type="password" id="loginpwd1" name="loginpwd1" class="txt1" style="width:300px;" /><span style="color:red">（不修改请留空）</span></td>
+            </tr>
+            <tr>
+                <th width="15%">密码确认</th>
+                <td><input type="password" id="loginpwd2" name="loginpwd2" class="txt1" style="width:300px;" /></td>
+            </tr>
+            <tr>
+                <th width="15%">上次登陆时间</th>
+                <td><input type="text" value="<?php echo $loginlasttime; ?>" class="txt1" disabled="disabled" style="width:300px;" /></td>
+            </tr>
+            <tr>
+                <th width="15%">上次登陆IP</th>
+                <td><input type="text" value="<?php echo $loginlastip; ?>" class="txt1" disabled="disabled" style="width:300px;" /></td>
+            </tr>
+            <tr>
+                <th width="15%">当前登陆时间</th>
+                <td><input type="text" value="<?php echo $loginthistime; ?>" class="txt1" disabled="disabled" style="width:300px;" /></td>
+            </tr>
+            <tr>
+                <th width="15%">当前登陆IP</th>
+                <td><input type="text" value="<?php echo $loginthisip; ?>" class="txt1" disabled="disabled" style="width:300px;" /></td>
+            </tr>
+            <tr>
+                <th width="15%">登陆次数</th>
+                <td><input type="text" value="<?php echo $logincount; ?>" class="txt1" disabled="disabled" style="width:300px;" /></td>
+            </tr>
+            <tr>
+                <th width="15%">可用权限</th>
+                <td><?php echo $powercontent; ?></td>
+            </tr>
+            <tr>
+                <th></th>
+                <td><input type="submit" name="save" id="save" value="确定" class="btn1" /> <input type="reset" name="save" id="save" value="重置" class="btn1" /></td>
+            </tr>
+        </tbody>
+    </table>
+    </form>
+</div>
+</body>
+</html> 

system/qudao.php

@@ -0,0 +1,277 @@
+<?php
+include "conn.php";
+checkLogin("信息管理");
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>管理区域</title>
+<link rel="stylesheet" href="css/common.css" type="text/css" />
+<link rel="stylesheet" href="css/jquery.galpop.css" type="text/css" />
+<script language="javascript" src="js/jquery-1.7.2.min.js"></script>
+<script type="text/javascript" src="js/js.js"></script>
+<script type="text/javascript" src="xheditor-1.1.9/xheditor-1.1.9-zh-cn.min.js"></script>
+<script type="text/javascript" src="js/jquery.galpop.min.js"></script>
+</head>
+<body>
+<div id="man_zone">
+<?php
+$act = $_GET['act'] ?? '';
+
+if ($act == "save") {
+    $isedit = false;
+    $id = $_POST['id'] ?? '';
+    if ($id != "" && is_numeric($id)) {
+        $isedit = true;
+    }
+    $ch_name = textEncode($_POST['ch_name'] ?? '');
+
+    if ($isedit) {
+        $sql = "Select * From qudao Where id=" . $id;
+        $rs = $conn->query($sql);
+        if ($rs->rowCount() == 0) {
+            $sql = "Insert Into qudao(ch_name) values('" . $ch_name . "')";
+        } else {
+            $sql = "Update qudao Set ch_name='" . $ch_name . "' Where id=" . $id;
+        }
+        $conn->query($sql);
+
+        $page = $_GET['Page'] ?? '';
+        $keys = urlencode($_GET['Keys'] ?? '');
+        $ord = urlencode($_GET['Ord'] ?? '');
+        header("Location: ?keys=" . $keys . "&Ord=" . $ord . "&Page=" . $page);
+        exit;
+    } else {
+        $sql = "Insert Into qudao(ch_name) values('" . $ch_name . "')";
+        $conn->query($sql);
+        header("Location: ?");
+        exit;
+    }
+}
+
+if ($act == "add" || $act == "edit") {
+    $id = $_GET['id'] ?? '';
+    $isedit = false;
+    $ch_name = '';
+    
+    if ($id != "" && is_numeric($id)) {
+        $isedit = true;
+        $sql = "Select * From qudao Where id=" . $id;
+        $rs = $conn->query($sql);
+        if ($row = $rs->fetch()) {
+            $ch_name = textUncode($row['ch_name']);
+        } else {
+            $isedit = false;
+        }
+    }
+
+    $page = $_GET['Page'] ?? '';
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $ord = urlencode($_GET['Ord'] ?? '');
+    $hrefstr = "?keys=" . $keys . "&Ord=" . $ord . "&Page=" . $page;
+?>
+    <form name="form1" method="post" action="<?php echo $hrefstr; ?>&act=save">
+    <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+        <tbody>
+            <tr>
+                <th width="8%">来源</th>
+                <td><input type="text" id="ch_name" name="ch_name" value="<?php echo $ch_name; ?>" class="txt1" />
+                    <input type="hidden" name="id" value="<?php echo $id; ?>" /></td>
+            </tr>
+            <tr>
+                <th></th>
+                <td><input type="submit" name="save" id="save" value="确定" class="btn1" /> 
+                    <input type="reset" name="save" id="save" value="重置" class="btn1" /> 
+                    <input type="button" value="返回" class="btn1" onClick="location.href='<?php echo $hrefstr; ?>'" /></td>
+            </tr>
+        </tbody>
+    </table>
+    </form>
+<?php
+    exit;
+}
+
+if ($act == "postchk") {
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $ord = urlencode($_GET['Ord'] ?? '');
+    $page = $_GET['Page'] ?? '';
+    $chkact = $_POST['chkact'] ?? '';
+    $sqlStr = "";
+    
+    if (isset($_POST['chkbox'])) {
+        foreach ($_POST['chkbox'] as $value) {
+            if ($sqlStr != "") {
+                $sqlStr .= " Or id=" . $value;
+            } else {
+                $sqlStr = " Where id=" . $value;
+            }
+        }
+
+        $sqlStr = "Delete From qudao" . $sqlStr;
+        $conn->query($sqlStr);
+    }
+    
+    header("Location: ?Keys=" . $keys . "&Ord=" . $ord . "&Page=" . $page);
+    exit;
+}
+
+$keys = $_GET['Keys'] ?? '';
+$keyscode = textEncode($keys);
+$ord = $_GET['Ord'] ?? '';
+$page = $_GET['Page'] ?? '';
+
+$ordStr = "";
+if ($ord != "") {
+    $ordStr = $ord . ",";
+}
+
+$sql = "Select * From qudao Where ch_name like '%" . $keyscode . "%' Order By id Desc";
+$rs = $conn->query($sql);
+
+$keys = urlencode($keys);
+$ord = urlencode($ord);
+$hrefstr = "?keys=" . $keys;
+?>
+<form id="form1" method="post" action="?act=postchk&Keys=<?php echo $keys; ?>&Ord=<?php echo $ord; ?>&Page=<?php echo $page; ?>" onSubmit="return false">
+<table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
+    <thead>
+        <tr>
+            <th width="4%"><input type="checkbox" name="chkall" id="chkall" onClick="chkboxall(this,'chkbox')" /></th>
+            <th width="6%">序号</th>
+            <th width="60%">渠道来源</th>
+            <th width="30%">操作</th>
+        </tr>
+    </thead>
+    <tbody>
+    <?php
+    if ($rs->rowCount() > 0) {
+        $records_per_page = 10;
+        
+        if ($page == "") $page = 1;
+        if ($page == "end") $page = ceil($rs->rowCount() / $records_per_page);
+        if (!is_numeric($page) || $page < 1) $page = 1;
+        $page = (int)$page;
+        if ($page > ceil($rs->rowCount() / $records_per_page)) {
+            $page = ceil($rs->rowCount() / $records_per_page);
+        }
+        
+        $start = ($page - 1) * $records_per_page;
+        $tempNum = $start;
+        
+        $count = 0;
+        while ($row = $rs->fetch()) {
+            $count++;
+            if ($count > $start && $count <= $start + $records_per_page) {
+                $tempNum++;
+    ?>
+                <tr onMouseOver="this.style.background='#F7FCFF'" onMouseOut="this.style.background='#FFFFFF'">
+                    <td align="center"><input type="checkbox" name="chkbox[]" value="<?php echo $row['id']; ?>" /></td>
+                    <td align="center"><?php echo $tempNum; ?></td>
+                    <td align="center"><?php echo $row['ch_name']; ?></td>
+                    <td align="center">
+                        <a href="?Keys=<?php echo $keys; ?>&Ord=<?php echo $ord; ?>&Page=<?php echo $page; ?>&act=edit&id=<?php echo $row['id']; ?>" class="ico_edit ico">修改</a>
+                    </td>
+                </tr>
+    <?php
+            }
+        }
+    } else {
+        if ($keys == "") {
+    ?>
+            <tr>
+                <td align="center" colspan="4">Sorry，当前暂无信息</td>
+            </tr>
+    <?php
+        } else {
+    ?>
+            <tr>
+                <td align="center" colspan="4"><a href="?">Sorry，没有找到"<?php echo $keyscode; ?>"相关的信息，点击返回</a></td>
+            </tr>
+    <?php
+        }
+    }
+    ?>
+    </tbody>
+    <tfoot>
+        <tr>
+            <td colspan="4">
+                <div class="showpagebox">
+                <?php
+                if ($rs->rowCount() > 0) {
+                    $total_pages = ceil($rs->rowCount() / $records_per_page);
+                    if ($total_pages > 1) {
+                        $pageName = "?Keys=" . $keys . "&Ord=" . $ord . "&";
+                        $pagelen = 3;
+
+                        if ($page > 1) {
+                            echo "<a href=\"{$pageName}Page=1\">首页</a>";
+                            echo "<a href=\"{$pageName}Page=" . ($page-1) . "\">上一页</a>";
+                        }
+
+                        if ($pagelen * 2 + 1 >= $total_pages) {
+                            $startPage = 1;
+                            $endPage = $total_pages;
+                        } else {
+                            if ($page <= $pagelen + 1) {
+                                $startPage = 1;
+                                $endPage = $pagelen * 2 + 1;
+                            } else {
+                                $startPage = $page - $pagelen;
+                                $endPage = $page + $pagelen;
+                            }
+                            if ($page + $pagelen > $total_pages) {
+                                $startPage = $total_pages - $pagelen * 2;
+                                $endPage = $total_pages;
+                            }
+                        }
+
+                        for ($i = $startPage; $i <= $endPage; $i++) {
+                            if ($i == $page) {
+                                echo "<a class=\"current\">$i</a>";
+                            } else {
+                                echo "<a href=\"{$pageName}Page=$i\">$i</a>";
+                            }
+                        }
+
+                        if ($page < $total_pages) {
+                            if ($total_pages - $page > $pagelen) {
+                                echo "<a href=\"{$pageName}Page=$total_pages\">...$total_pages</a>";
+                            }
+                            echo "<a href=\"{$pageName}Page=" . ($page+1) . "\">下一页</a>";
+                            echo "<a href=\"{$pageName}Page=$total_pages\">尾页</a>";
+                        }
+
+                        echo "<input type=\"text\" id=\"Pagego\" value=\"$page\" onFocus=\"if(this.value == '$page'){this.value='';};\" onBlur=\"if(this.value == ''){this.value='$page';}\" onKeyUp=\"this.value=this.value.replace(/\D/g,'')\" onKeyDown=\"if(event.keyCode==13){location.href='{$pageName}Page='+document.getElementById('Pagego').value}\" />";
+                    }
+                }
+                ?>
+                </div>
+                <div class="searchbox">
+                    <input type="text" id="keys" value="<?php echo ($keyscode == "") ? "请输入搜索关键词" : $keyscode; ?>" 
+                           onFocus="if(this.value == '<?php echo ($keyscode == "") ? "请输入搜索关键词" : $keyscode; ?>'){this.value='';}" 
+                           onBlur="if(this.value == ''){this.value='<?php echo ($keyscode == "") ? "请输入搜索关键词" : $keyscode; ?>';}" 
+                           onKeyDown="if(event.keyCode==13){location.href='?Keys='+escape(document.getElementById('keys').value)}" />
+                    <input type="button" id="searchgo" value="go" onClick="location.href='?Keys='+escape(document.getElementById('keys').value)" />
+                </div>
+                <div class="postchkbox">
+                    <select id="chkact" name="chkact">
+                        <option value="1">请选择</option>
+                        <option value="-1">删除</option>
+                    </select>
+                    <input type="button" value="执行" onClick="postchk(1)" class="btn1" />
+                    <input type="button" value="新增" onClick="location.href='?act=add'" class="btn1" />
+                </div>
+            </td>
+        </tr>
+    </tfoot>
+</table>
+</form>
+</div>
+<script>
+$('.click-open-iframe').galpop({
+    contentType: 'iframe',
+});
+</script>
+</body>
+</html> 

system/upload.php

@@ -0,0 +1,103 @@
+<?php
+include "conn.php";
+checkLogin("");
+
+// upload demo for PHP
+// @requires xhEditor
+// 
+// @author Yanis.Wang<yanis.wang@gmail.com>
+// @site http://xheditor.com/
+// @licence LGPL(http://www.opensource.org/licenses/lgpl-license.php)
+// 
+// @Version: 0.9.3 (build 100504)
+//
+// 注1：本程序仅为演示用，请您根据自己需求进行相应修改，或者重开发
+
+header('Content-Type: text/html; charset=utf-8');
+
+$inputname = 'filedata'; // 表单文件域name
+$attach_dir = 'u'; // 上传文件保存路径，结尾不要带/
+$dirtype = 2; // 1:按天存入目录 2:按月存入目录 3:按扩展名存目录 建议使用按天存
+$maxattachsize = 5242880; // 最大上传大小，默认是5M
+$upext = 'txt,rar,zip,jpg,jpeg,gif,png,swf,wmv,avi,wma,mp3,mid,pdf'; // 上传扩展名
+$msgtype = 2; // 返回上传参数的格式：1，只返回url，2，返回参数数组
+$immediate = $_GET['immediate'] ?? ''; // 立即上传模式，仅为演示用
+
+$err = '';
+$msg = "''";
+
+// 检查文件上传
+if (!isset($_FILES[$inputname])) {
+    $err = "无数据提交";
+} else {
+    $file = $_FILES[$inputname];
+    
+    // 检查文件大小
+    if ($file['size'] > $maxattachsize) {
+        $err = "文件大小超过 " . $maxattachsize . "字节";
+    } else {
+        $extension = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
+        
+        // 检查文件类型
+        if (!in_array($extension, explode(',', $upext))) {
+            $err = "上传文件扩展名必需为：" . $upext;
+        } else {
+            // 确定子目录
+            switch ($dirtype) {
+                case 1:
+                    $attach_subdir = 'day_' . date('ymd');
+                    break;
+                case 2:
+                    $attach_subdir = 'm' . date('ym');
+                    break;
+                case 3:
+                    $attach_subdir = 'ext_' . $extension;
+                    break;
+            }
+            
+            $upload_dir = $attach_dir . '/' . $attach_subdir . '/';
+            
+            // 创建目录
+            if (!file_exists($upload_dir)) {
+                mkdir($upload_dir, 0777, true);
+            }
+            
+            // 生成随机文件名
+            $filename = date('dHis') . sprintf('%02d', rand(0, 99)) . '.' . $extension;
+            $target = $upload_dir . $filename;
+            
+            // 移动上传文件
+            if (move_uploaded_file($file['tmp_name'], $target)) {
+                $imgurl = $target;
+                $target = jsonString('/system/' . $target);
+                
+                if ($msgtype == 1) {
+                    $msg = "'" . $target . "'";
+                } else {
+                    $msg = "{'url':'" . $target . "','localname':'" . jsonString($file['name']) . "','id':'1'}";
+                }
+            } else {
+                $err = "文件上传失败";
+            }
+        }
+    }
+}
+
+$act = $_GET['act'] ?? '';
+if ($act == 's') {
+    echo "<script>parent.document.getElementById('ProductImg').value='/System/" . $imgurl . "';location.href='uploadfile.php';</script>";
+} else {
+    echo "{'err':'" . jsonString($err) . "','msg':" . $msg . "}";
+}
+
+function jsonString($str) {
+    $str = str_replace("\\", "\\\\", $str);
+    $str = str_replace("/", "\\/", $str);
+    $str = str_replace("'", "\\'", $str);
+    return $str;
+}
+
+function dateFormat($date, $format) {
+    return date($format, strtotime($date));
+}
+?> 

system/uploadfile.php

@@ -0,0 +1,35 @@
+<?php
+include "conn.php";
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>管理区域</title>
+<style>
+body{margin:0}
+form{
+margin:0;padding:0;
+}
+input{
+float:left;height:22px;border:1px solid #DBE6E3;background:#FFF;
+width:260px;
+}
+.btn1{
+width:60px;height:22px;background:#ECE9D8;
+cursor:pointer;margin-left:10px;
+}
+</style>
+<script>
+function chkuploadfile(){
+if( document.getElementById("filedata").value == '' ){alert('请选择需要上传的文件');return false;}
+}
+</script>
+</head>
+
+<body>
+<form method="post" name="form1" action="upload.php?act=s" enctype="multipart/form-data" onsubmit="return chkuploadfile()">
+<input type="file" name="filedata" id="filedata" /><input type="submit" value="上传" class="btn1" />
+</form>
+</body>
+</html> 

tag.php

@@ -0,0 +1,166 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+
+$act = $_GET['act'] ?? '';
+$tagName = $_GET['tagName'] ?? '';
+
+if (empty($tagName)) {
+    header('Location: customers.php');
+    exit;
+}
+
+if ($act == 'postchk') {
+    $keys = urlencode($_GET['Keys'] ?? '');
+    $chkact = str_replace('t', '', $_POST['chkact'] ?? '');
+
+    if (isset($_POST['chkbox'])) {
+        $sqlStr = "(" . implode(',', array_map('intval', (array)$_POST['chkbox'])) . ")";
+        $updateStr = "UPDATE Customer SET 
+                     cs_updatetime='" . date('Y-m-d H:i:s') . "',
+                     cs_code=REPLACE(cs_code, '-', '/' + (SELECT em_code FROM employee WHERE id=" . (int)$chkact . ") + '-'),
+                     cs_belong=" . (int)$chkact . ",
+                     cs_chain=CONCAT(cs_chain,'," . (int)$chkact . "') 
+                     WHERE id IN " . $sqlStr;
+        $deleteTag = "DELETE FROM tagTable WHERE customerId IN " . $sqlStr;
+        
+        $conn->query($updateStr);
+        $conn->query($deleteTag);
+    }
+    
+    header('Location: tag.php?tagName=' . urlencode($tagName));
+    exit;
+}
+
+// Get all tags for the current employee
+$tagStr = '';
+$result = $conn->query("SELECT DISTINCT tagName FROM tagTable WHERE employeeId=" . $_SESSION['employee_id']);
+while ($row = $result->fetch_assoc()) {
+    $tagStr .= "<span>" . htmlspecialchars($row['tagName']) . "</span>,";
+}
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+    <div class="fastSelect clear">
+        <H1 class="taghead" contenteditable="true" data-originaltag="<?= htmlspecialchars($tagName) ?>" data-em="<?= $_SESSION['employee_id'] ?>"><?= htmlspecialchars($tagName) ?></H1>
+    </div>
+    <form id="form1" method="post" action="?act=postchk&tagName=<?= urlencode($tagName) ?>" onsubmit="return false">
+        <div width="100%" border="0" cellpadding="3" cellspacing="1" class="table2">
+            <div class="theader">
+                <div class="col1"><input type="checkbox" name="chkall" id="chkall" onclick="chkboxall(this,'chkbox')"></div>
+                <div class="col2">序号</div>
+                <div class="col3">客户编号</div>
+                <div class="col4">渠道来源</div>
+                <div class="col5">区域</div>
+                <div class="col7">跟进阶段</div>
+                <div class="col8">录入时间</div>
+                <div class="col10">操作</div>
+            </div>
+
+            <?php
+            $sqlStr = "SELECT id, cs_code, cs_from, cs_country, cs_type, cs_deal, cs_addtime, cs_tel, cs_email, 
+                      cs_whatsapp, cs_wechat, cs_linkedin, cs_facebook, cs_alibaba, cs_note 
+                      FROM customer 
+                      WHERE cs_belong=" . $_SESSION['employee_id'] . " 
+                      AND id IN (SELECT customerId FROM tagTable WHERE tagName='" . $conn->real_escape_string($tagName) . "')";
+
+            $result = $conn->query($sqlStr);
+            $tempNum = 0;
+
+            while ($row = $result->fetch_assoc()) {
+                $tempNum++;
+            ?>
+                <div class="tline">
+                    <div class="col1" align="center"><input type="checkbox" name="chkbox[]" value="<?= $row['id'] ?>"></div>
+                    <div class="col2"><?= $tempNum ?></div>
+                    <div class="col3 slidepanel"><?= htmlspecialchars($row['cs_code']) ?></div>
+                    <div class="col4">
+                        <?php
+                        $qudaoResult = $conn->query("SELECT ch_name FROM qudao WHERE id=" . (int)$row['cs_from']);
+                        echo ($qudaoRow = $qudaoResult->fetch_assoc()) ? htmlspecialchars($qudaoRow['ch_name']) : '未填写';
+                        ?>
+                    </div>
+                    <div class="col5">
+                        <?php
+                        $countryResult = $conn->query("SELECT countryName FROM country WHERE id=" . (int)$row['cs_country']);
+                        echo ($countryRow = $countryResult->fetch_assoc()) ? htmlspecialchars($countryRow['countryName']) : '未填写';
+                        ?>
+                    </div>
+                    <div class="col7">
+                        <?php
+                        if ($row['cs_deal'] == 3) {
+                            echo "<span style='color:red;'>成交</span>";
+                        } elseif ($row['cs_deal'] == 2) {
+                            echo "明确需求";
+                        } elseif ($row['cs_deal'] == 1) {
+                            echo "背景调查";
+                        } else {
+                            echo "无响应";
+                        }
+                        ?>
+                    </div>
+                    <div class="col8"><?= $row['cs_addtime'] ?></div>
+                    <div class="col10"><a href="customerEdit.php?id=<?= $row['id'] ?>" class="ico_edit ico">修改</a></div>
+                </div>
+                <div class="notepanel clear">
+                    <div class="noteItem">联系方式</div>
+                    <div class="lx">
+                        <div class="tel"><?= htmlspecialchars($row['cs_tel']) ?></div>
+                        <div class="mail"><a href="mailto:<?= htmlspecialchars($row['cs_email']) ?>"><?= htmlspecialchars($row['cs_email']) ?></a></div>
+                        <div class="whatsapp"><?= htmlspecialchars($row['cs_whatsapp']) ?></div>
+                        <div class="wechat"><?= htmlspecialchars($row['cs_wechat']) ?></div>
+                        <div class="linkedin"><?= htmlspecialchars($row['cs_linkedin']) ?></div>
+                        <div class="facebook"><?= htmlspecialchars($row['cs_facebook']) ?></div>
+                        <div class="alibaba"><?= htmlspecialchars($row['cs_alibaba']) ?></div>
+                    </div>
+                    <div class="noteItem2">备注</div>
+                    <div class="notecontent"><?= htmlUnCode($row['cs_note']) ?></div>
+                    <div class="coltag mytag" data-id="<?= $row['id'] ?>" data-em="<?= $_SESSION['employee_id'] ?>">
+                        <?php
+                        $tagStr1 = $tagStr;
+                        $tagResult = $conn->query("SELECT tagName FROM tagTable WHERE customerId=" . $row['id']);
+                        while ($tagRow = $tagResult->fetch_assoc()) {
+                            $tagStr1 = str_replace(
+                                "<span>" . htmlspecialchars($tagRow['tagName']) . "</span>",
+                                "<span class=\"active\">" . htmlspecialchars($tagRow['tagName']) . "</span>",
+                                $tagStr1
+                            );
+                        }
+                        echo $tagStr1;
+                        ?>
+                    </div>
+                </div>
+            <?php
+            }
+            ?>
+            <div colspan="9">
+                <div class="showpagebox">
+                </div>
+                <div class="postchkbox">
+                    <select id="chkact" name="chkact">
+                        <?php
+                        $result = $conn->query("SELECT id, em_code, em_user FROM employee ORDER BY em_code ASC");
+                        while ($row = $result->fetch_assoc()) {
+                            echo "<option value=\"t{$row['id']}\">转给" . htmlspecialchars($row['em_user']) . "(" . htmlspecialchars($row['em_code']) . ")</option>";
+                        }
+                        ?>
+                    </select>
+                    <input type="button" value="执行" onclick="postchk(1)" class="btn1">
+                </div>
+            </div>
+        </div>
+    </form>
+</div>
+</body>
+</html>

tagClound.php

@@ -0,0 +1,41 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+    <div class="tagclound">
+        <h1 class="tagCloundHead">自定义标签云</h1>
+        <div class="tagArea">
+        <?php
+        $result = $conn->query("SELECT tagName, COUNT(DISTINCT cs_code) as count 
+                               FROM tagTable 
+                               LEFT JOIN customer ON tagTable.customerId=customer.id 
+                               WHERE employeeId=" . $_SESSION['employee_id'] . " 
+                               GROUP BY tagName");
+        
+        while ($row = $result->fetch_assoc()) {
+        ?>
+            <a href="tag.php?tagName=<?= urlencode($row['tagName']) ?>" style="font-size:16px;">
+                <?= htmlspecialchars($row['tagName']) ?>(<?= $row['count'] ?>)
+            </a>
+        <?php
+        }
+        ?>
+            <a href="nullTag.php">无标签客户</a>
+        </div>
+    </div>
+</div>
+</body>
+</html> 

team.php

@@ -0,0 +1,167 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+
+$datestart = $_POST['start'] ?? '';
+$dateend = $_POST['end'] ?? '';
+$currentMonth = date('Y-m-1 00:00:00');
+
+if (empty($datestart) || !strtotime($datestart)) {
+    $datestart = $currentMonth;
+} else {
+    $datestart = date('Y-m-d 00:00:00', strtotime($datestart));
+}
+
+if (empty($dateend) || !strtotime($dateend)) {
+    $dateend = date('Y-m-d H:i:s');
+} else {
+    $dateend = date('Y-m-d 23:59:59', strtotime($dateend));
+}
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/bootstrap-datepicker3.min.css" type="text/css" />
+    <script src="js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js"></script>
+    <script src="js/bootstrap-datepicker.min.js"></script>
+    <script src="js/bootstrap-datepicker.zh-CN.min.js"></script>
+    <script>
+    $(function(){
+        $('#sandbox-container .input-daterange').datepicker({
+            maxViewMode: 2,
+            language: "zh-CN"
+        });
+    });
+    </script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+    <div class="dashboard">
+        <h1 class="dashboardHead">各组数据</h1>
+        <form method="post" action="team.php">
+            <div class="sandbox-containe" id="sandbox-container">
+                <div class="input-daterange input-group" id="datepicker">
+                    <span class="input-group-addon">日期筛选</span>
+                    <input type="text" class="input-sm form-control" autocomplete="off" value="<?= $datestart ?>" name="start">
+                    <span class="input-group-addon">至</span>
+                    <input type="text" class="input-sm form-control" autocomplete="off" value="<?= $dateend ?>" name="end">
+                </div>
+                <input type="submit" class="submit" value="筛选">
+            </div>
+        </form>
+        <table class="teamStatistics" border="1px" bordercollapse="collapse" cellspacing="0" cellpadding="5" bordercolor="#DDD">
+            <tr>
+                <td>组长</td>
+                <td>组员</td>
+                <td>总客户数量</td>
+                <td width="25%">本月成交</td>
+                <td>进公海客户总数</td>
+                <td>公海认领</td>
+            </tr>
+            <?php
+            $result = $conn->query("SELECT id, em_user FROM employee WHERE em_role=0 AND id<>13");
+            while ($row = $result->fetch_assoc()) {
+                $clstr = "";
+                
+                // Get total customer count
+                $c1Result = $conn->query("SELECT COUNT(DISTINCT cs_code) as c1 FROM customer WHERE cs_belong=" . $row['id']);
+                $c1Row = $c1Result->fetch_assoc();
+                $c1 = $c1Row['c1'];
+
+                // Get customers going to public sea
+                $c2Result = $conn->query("SELECT COUNT(id) as c2 FROM customer 
+                                        WHERE cs_deal<>3 AND cs_deal<>0 AND cs_type<>2 
+                                        AND DATEDIFF(NOW(), cs_updatetime) > 90 
+                                        AND cs_belongclient=0 AND cs_belong=" . $row['id']);
+                $c2Row = $c2Result->fetch_assoc();
+                $c2 = $c2Row['c2'];
+
+                // Get deals in date range
+                $c3Result = $conn->query("SELECT DISTINCT cs_code FROM customer 
+                                        WHERE cs_dealdate > '" . $conn->real_escape_string($datestart) . "' 
+                                        AND cs_dealdate <= '" . $conn->real_escape_string($dateend) . "' 
+                                        AND cs_deal=3 AND cs_belong=" . $row['id']);
+                $c3 = $c3Result->num_rows;
+                while ($c3Row = $c3Result->fetch_assoc()) {
+                    $clstr .= $c3Row['cs_code'] . "<br>";
+                }
+
+                // Get claimed customers count
+                $c4Result = $conn->query("SELECT COUNT(DISTINCT cs_code) as c4 FROM customer 
+                                        WHERE cs_claimdate > '" . $conn->real_escape_string($datestart) . "' 
+                                        AND cs_claimdate <= '" . $conn->real_escape_string($dateend) . "' 
+                                        AND cs_belong=" . $row['id']);
+                $c4Row = $c4Result->fetch_assoc();
+                $c4 = $c4Row['c4'];
+
+                // Get team member count
+                $c5Result = $conn->query("SELECT COUNT(id) as c5 FROM employee WHERE em_role=" . $row['id']);
+                $c5Row = $c5Result->fetch_assoc();
+                $c5 = $c5Row['c5'];
+            ?>
+            <tr>
+                <td rowspan="<?= 1 + $c5 ?>"><?= htmlspecialchars($row['em_user']) ?></td>
+                <td><?= htmlspecialchars($row['em_user']) ?></td>
+                <td><?= $c1 ?></td>
+                <td><?= $clstr ?></td>
+                <td><?= $c2 ?></td>
+                <td><?= $c4 ?></td>
+            </tr>
+            <?php
+                // Get team members data
+                $memberResult = $conn->query("SELECT id, em_user FROM employee WHERE em_role=" . $row['id']);
+                while ($memberRow = $memberResult->fetch_assoc()) {
+                    $clstr = "";
+                    
+                    // Get member's total customer count
+                    $mc1Result = $conn->query("SELECT COUNT(DISTINCT cs_code) as c1 FROM customer WHERE cs_belong=" . $memberRow['id']);
+                    $mc1Row = $mc1Result->fetch_assoc();
+                    $mc1 = $mc1Row['c1'];
+
+                    // Get member's customers going to public sea
+                    $mc2Result = $conn->query("SELECT COUNT(DISTINCT cs_code) as c2 FROM customer 
+                                             WHERE cs_deal<>3 AND cs_deal<>0 AND cs_type<>2 
+                                             AND DATEDIFF(NOW(), cs_updatetime) > 90 
+                                             AND cs_belongclient=0 AND cs_belong=" . $memberRow['id']);
+                    $mc2Row = $mc2Result->fetch_assoc();
+                    $mc2 = $mc2Row['c2'];
+
+                    // Get member's deals in date range
+                    $mc3Result = $conn->query("SELECT DISTINCT cs_code FROM customer 
+                                             WHERE cs_dealdate > '" . $conn->real_escape_string($datestart) . "' 
+                                             AND cs_dealdate <= '" . $conn->real_escape_string($dateend) . "' 
+                                             AND cs_deal=3 AND cs_belong=" . $memberRow['id']);
+                    $mc3 = $mc3Result->num_rows;
+                    while ($mc3Row = $mc3Result->fetch_assoc()) {
+                        $clstr .= $mc3Row['cs_code'] . "<br>";
+                    }
+
+                    // Get member's claimed customers count
+                    $mc4Result = $conn->query("SELECT COUNT(id) as c4 FROM customer 
+                                             WHERE cs_claimdate > '" . $conn->real_escape_string($datestart) . "' 
+                                             AND cs_claimdate <= '" . $conn->real_escape_string($dateend) . "' 
+                                             AND cs_belong=" . $memberRow['id']);
+                    $mc4Row = $mc4Result->fetch_assoc();
+                    $mc4 = $mc4Row['c4'];
+            ?>
+                <tr>
+                    <td><?= htmlspecialchars($memberRow['em_user']) ?></td>
+                    <td><?= $mc1 ?></td>
+                    <td><?= $clstr ?></td>
+                    <td><?= $mc2 ?></td>
+                    <td><?= $mc4 ?></td>
+                </tr>
+            <?php
+                }
+            }
+            ?>
+        </table>
+    </div>
+</div>
+</body>
+</html> 

teamSeas.php

@@ -0,0 +1,296 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+
+$act = $_GET['act'] ?? '';
+$keys = $_GET['Keys'] ?? '';
+$keyscode = textEncode($keys);
+$page = $_GET['Page'] ?? '';
+
+$filterCountry = $_GET['fliterCountry'] ?? '';
+$filterQudao = $_GET['fliterQudao'] ?? '';
+$filterDeal = $_GET['fliterDeal'] ?? '';
+$filterBusiness = $_GET['fliterBusiness'] ?? '';
+$filterBelong = $_GET['fliterBelong'] ?? '';
+
+$filterStr = "";
+$urlStr = "";
+
+if (!empty($filterCountry)) {
+    $filterStr .= " AND cs_country=" . (int)$filterCountry;
+    $urlStr .= "&fliterCountry=" . $filterCountry;
+}
+
+if (!empty($filterQudao)) {
+    $filterStr .= " AND cs_from=" . (int)$filterQudao;
+    $urlStr .= "&fliterQudao=" . $filterQudao;
+}
+
+if (!empty($filterDeal)) {
+    $filterStr .= " AND cs_deal=" . (int)$filterDeal;
+    $urlStr .= "&fliterDeal=" . $filterDeal;
+}
+
+if (!empty($filterBusiness)) {
+    $filterStr .= " AND cs_type=" . (int)$filterBusiness;
+    $urlStr .= "&fliterBusiness=" . $filterBusiness;
+}
+
+if (!empty($filterBelong)) {
+    $filterStr .= " AND cs_belong=" . (int)$filterBelong;
+    $urlStr .= "&fliterBelong=" . $filterBelong;
+}
+
+$keys = urlencode($keys);
+$hrefstr = "?keys=" . $keys;
+
+if ($_SESSION['em_role'] == 0) {
+    $memberStr = "SELECT id FROM employee WHERE em_role=" . $_SESSION['employee_id'] . " OR id=" . $_SESSION['employee_id'];
+} else {
+    $memberStr = "SELECT id FROM employee WHERE em_role=" . $_SESSION['em_role'] . " OR id=" . $_SESSION['em_role'];
+}
+?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>管理区域</title>
+    <link rel="stylesheet" href="css/common.css" type="text/css" />
+    <link rel="stylesheet" href="css/alert.css" type="text/css" />
+    <script src="system/js/jquery-1.7.2.min.js"></script>
+    <script src="js/js.js?ver=0620"></script>
+</head>
+<body class="clear">
+<?php require_once 'panel.php'; ?>
+<div id="man_zone">
+    <form id="form1" method="post" action="?act=postchk&Keys=<?= $keys ?>&Page=<?= $page ?>" onSubmit="return false">
+        <div class="fastSelect clear">
+            <H1>搜索条件</H1>
+            <div class="selectItem">
+                <label>区域</label>
+                <select name="fliterCountry" class="filterSearch">
+                    <option value="">请选择国家地区</option>
+                    <?php
+                    $result = $conn->query("SELECT id, countryName FROM country");
+                    while ($row = $result->fetch_assoc()) {
+                        $selected = ($filterCountry == $row['id']) ? ' selected="selected"' : '';
+                        echo "<option value=\"{$row['id']}\"{$selected}>" . htmlspecialchars($row['countryName']) . "</option>";
+                    }
+                    ?>
+                </select>
+            </div>
+            <div class="selectItem">
+                <label>来源渠道</label>
+                <select name="fliterQudao" class="filterSearch">
+                    <option value="">请选择渠道</option>
+                    <?php
+                    $result = $conn->query("SELECT id, ch_name FROM qudao");
+                    while ($row = $result->fetch_assoc()) {
+                        $selected = ($filterQudao == $row['id']) ? ' selected="selected"' : '';
+                        echo "<option value=\"{$row['id']}\"{$selected}>" . htmlspecialchars($row['ch_name']) . "</option>";
+                    }
+                    ?>
+                </select>
+            </div>
+            <div class="selectItem">
+                <label>跟进阶段</label>
+                <select name="fliterDeal" class="filterSearch">
+                    <option value="">请选择</option>
+                    <option value="0"<?= ($filterDeal == "0") ? ' selected="selected"' : '' ?>>无响应</option>
+                    <option value="1"<?= ($filterDeal == "1") ? ' selected="selected"' : '' ?>>背景调查</option>
+                    <option value="2"<?= ($filterDeal == "2") ? ' selected="selected"' : '' ?>>明确需求</option>
+                </select>
+            </div>
+            <div class="selectItem">
+                <label>客户类型</label>
+                <select name="fliterBusiness" class="filterSearch">
+                    <option value="">请选择</option>
+                    <?php
+                    $result = $conn->query("SELECT id, businessType FROM clientType");
+                    while ($row = $result->fetch_assoc()) {
+                        $selected = ($filterBusiness == $row['id']) ? ' selected="selected"' : '';
+                        echo "<option value=\"{$row['id']}\"{$selected}>" . htmlspecialchars($row['businessType']) . "</option>";
+                    }
+                    ?>
+                </select>
+            </div>
+            <div class="selectItem">
+                <label>业务员</label>
+                <select name="fliterBelong" class="filterSearch">
+                    <option value="">请选择</option>
+                    <?php
+                    $result = $conn->query("SELECT id, em_user FROM employee WHERE id IN (" . $memberStr . ")");
+                    while ($row = $result->fetch_assoc()) {
+                        $selected = ($filterBelong == $row['id']) ? ' selected="selected"' : '';
+                        echo "<option value=\"{$row['id']}\"{$selected}>" . htmlspecialchars($row['em_user']) . "</option>";
+                    }
+                    ?>
+                </select>
+            </div>
+        </div>
+
+        <div width="100%" border="0" cellpadding="3" cellspacing="1" class="table2">
+            <div class="theader">
+                <div class="col9">序号</div>
+                <div class="col3">客户编号</div>
+                <div class="col4">渠道来源</div>
+                <div class="col5">区域</div>
+                <div class="col6">客户类型</div>
+                <div class="col6">是否成交</div>
+                <div class="col20">更新日期</div>
+                <div class="col4">操作</div>
+            </div>
+
+            <?php
+            $sqlStr = "SELECT * FROM customer 
+                      WHERE cs_deal<>3 AND cs_type<>2 
+                      AND DATEDIFF(NOW(), cs_updatetime) > 60 
+                      AND cs_wechat NOT LIKE 'wxid%' 
+                      AND cs_belongclient=0 
+                      AND cs_belong<>" . $_SESSION['employee_id'] . " 
+                      AND cs_belong IN (" . $memberStr . ") 
+                      AND (cs_code LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+                      OR cs_name LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+                      OR cs_email LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+                      OR cs_wechat LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+                      OR cs_tel LIKE '%" . $conn->real_escape_string($keyscode) . "%' 
+                      OR cs_whatsapp LIKE '%" . $conn->real_escape_string($keyscode) . "%')" . 
+                      $filterStr . " ORDER BY cs_state DESC, id DESC";
+
+            $result = $conn->query($sqlStr);
+
+            if ($result && $result->num_rows > 0) {
+                $pageSize = 20;
+                $page = empty($page) ? 1 : $page;
+                $page = ($page === 'end') ? ceil($result->num_rows / $pageSize) : $page;
+                $page = (!is_numeric($page) || $page < 1) ? 1 : (int)$page;
+                $totalPages = ceil($result->num_rows / $pageSize);
+                $page = ($page > $totalPages) ? $totalPages : $page;
+                $offset = $pageSize * ($page - 1);
+                
+                $rows = [];
+                while ($row = $result->fetch_assoc()) {
+                    $rows[] = $row;
+                }
+                
+                $paginatedRows = array_slice($rows, $offset, $pageSize);
+                $tempNum = $offset;
+                
+                foreach ($paginatedRows as $row) {
+                    $tempNum++;
+            ?>
+                    <div class="tline">
+                        <div class="col9"><?= $tempNum ?></div>
+                        <div class="col3 slidepanel">
+                            <?= htmlspecialchars($row['cs_code']) ?>
+                            <?php if ($row['cs_claimFrom'] > 0): ?>
+                                <img src="../images/yijiao.png" class="handover">
+                            <?php endif; ?>
+                        </div>
+                        <div class="col4">
+                            <?php
+                            $qudaoResult = $conn->query("SELECT ch_name FROM qudao WHERE id=" . (int)$row['cs_from']);
+                            echo ($qudaoRow = $qudaoResult->fetch_assoc()) ? htmlspecialchars($qudaoRow['ch_name']) : '未填写';
+                            ?>
+                        </div>
+                        <div class="col5">
+                            <?php
+                            $countryResult = $conn->query("SELECT countryName FROM country WHERE id=" . (int)$row['cs_country']);
+                            echo ($countryRow = $countryResult->fetch_assoc()) ? htmlspecialchars($countryRow['countryName']) : '未填写';
+                            ?>
+                        </div>
+                        <div class="col6">
+                            <?php
+                            $typeResult = $conn->query("SELECT businessType FROM clientType WHERE id=" . (int)$row['cs_type']);
+                            echo ($typeRow = $typeResult->fetch_assoc()) ? htmlspecialchars($typeRow['businessType']) : '未填写';
+                            ?>
+                        </div>
+                        <div class="col6">
+                            <?php
+                            if ($row['cs_deal'] == 2) {
+                                echo "明确需求";
+                            } elseif ($row['cs_deal'] == 1) {
+                                echo "背景调查";
+                            } else {
+                                echo "未成交";
+                            }
+                            ?>
+                        </div>
+                        <div class="col20"><?= $row['cs_updatetime'] ?></div>
+                        <div class="col4"><span id="claim" class="claim" data-id="<?= $row['id'] ?>">认领</span></div>
+                    </div>
+                    <div class="notepanel clear">
+                        <div class="noteItem2">备注</div>
+                        <div class="notecontent"><?= htmlUnCode($row['cs_note']) ?></div>
+                    </div>
+            <?php
+                }
+            } else {
+                if (empty($keys)) {
+            ?>
+                    <tr>
+                        <div align="center" colspan="8">Sorry，当前暂无信息</div>
+                    </tr>
+            <?php
+                } else {
+            ?>
+                    <tr>
+                        <div align="center" colspan="8"><a href="?">Sorry，没有找到"<?= htmlspecialchars($keyscode) ?>"相关的信息，点击返回</a></div>
+                    </tr>
+            <?php
+                }
+            }
+            ?>
+            <div colspan="8">
+                <div class="showpagebox">
+                <?php
+                if (isset($totalPages) && $totalPages > 1) {
+                    $pageName = "?Keys=" . $keys . $urlStr . "&";
+                    $pagelen = 3;
+                    
+                    if ($page > 1) {
+                        echo "<a href=\"{$pageName}Page=1\">首页</a>";
+                        echo "<a href=\"{$pageName}Page=" . ($page - 1) . "\">上一页</a>";
+                    }
+                    
+                    if ($pagelen * 2 + 1 >= $totalPages) {
+                        $startPage = 1;
+                        $endPage = $totalPages;
+                    } else {
+                        if ($page <= $pagelen + 1) {
+                            $startPage = 1;
+                            $endPage = $pagelen * 2 + 1;
+                        } else {
+                            $startPage = $page - $pagelen;
+                            $endPage = $page + $pagelen;
+                        }
+                        if ($page + $pagelen > $totalPages) {
+                            $startPage = $totalPages - $pagelen * 2;
+                            $endPage = $totalPages;
+                        }
+                    }
+                    
+                    for ($i = $startPage; $i <= $endPage; $i++) {
+                        if ($i == $page) {
+                            echo "<a class=\"current\">{$i}</a>";
+                        } else {
+                            echo "<a href=\"{$pageName}Page={$i}\">{$i}</a>";
+                        }
+                    }
+                    
+                    if ($page < $totalPages) {
+                        if ($totalPages - $page > $pagelen) {
+                            echo "<a href=\"{$pageName}Page={$totalPages}\">...{$totalPages}</a>";
+                        }
+                        echo "<a href=\"{$pageName}Page=" . ($page + 1) . "\">下一页</a>";
+                        echo "<a href=\"{$pageName}Page={$totalPages}\">尾页</a>";
+                    }
+                }
+                ?>
+                </div>
+            </div>
+        </div>
+    </form>
+</div>
+</body>
+</html> 

test.php

@@ -0,0 +1,2 @@
+<?php
+phpinfo();

upload.php

@@ -0,0 +1,94 @@
+<?php
+require_once 'conn.php';
+checkLogin();
+
+/**
+ * File upload handler for PHP 8
+ * @author Original ASP version by Yanis.Wang<yanis.wang@gmail.com>
+ * @version 1.0.0
+ */
+
+// Configuration
+$inputName = 'filedata'; // Form file field name
+$attachDir = 'system/u'; // Upload directory path
+$dirType = 2; // 1: by day, 2: by month, 3: by extension
+$maxAttachSize = 5242880; // Max file size (5MB)
+$allowedExt = ['txt', 'rar', 'zip', 'jpg', 'jpeg', 'gif', 'png', 'swf', 'wmv', 'avi', 'wma', 'mp3', 'mid', 'pdf'];
+$msgType = 2; // Return format: 1 = only URL, 2 = parameter array
+$immediate = $_GET['immediate'] ?? '0';
+
+$err = '';
+$msg = "''";
+
+// Check if file was uploaded
+if (!isset($_FILES[$inputName])) {
+    $err = "无数据提交";
+} else {
+    $file = $_FILES[$inputName];
+    
+    // Check file size
+    if ($file['size'] > $maxAttachSize) {
+        $err = "文件大小超过 " . $maxAttachSize . "字节";
+    } else {
+        // Get file extension
+        $extension = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
+        
+        // Check if extension is allowed
+        if (!in_array($extension, $allowedExt)) {
+            $err = "上传文件扩展名必需为：" . implode(',', $allowedExt);
+        } else {
+            // Create subdirectory based on dirType
+            switch ($dirType) {
+                case 1:
+                    $attachSubdir = "day_" . date('ymd');
+                    break;
+                case 2:
+                    $attachSubdir = "m" . date('ym');
+                    break;
+                case 3:
+                    $attachSubdir = "ext_" . $extension;
+                    break;
+            }
+            
+            $attachPath = $attachDir . '/' . $attachSubdir;
+            
+            // Create directory if it doesn't exist
+            if (!file_exists($attachPath)) {
+                mkdir($attachPath, 0777, true);
+            }
+            
+            // Generate random filename
+            $filename = date('dHis') . rand(10000, 99999) . '.' . $extension;
+            $target = $attachPath . '/' . $filename;
+            
+            // Move uploaded file
+            if (move_uploaded_file($file['tmp_name'], $target)) {
+                $imgurl = $target;
+                $target = str_replace('\\', '/', $target);
+                
+                if ($immediate == "1") {
+                    $target = "!" . $target;
+                }
+                
+                if ($msgType == 1) {
+                    $msg = "'" . $target . "'";
+                } else {
+                    $msg = "{
+                        'url': '/" . $target . "',
+                        'localname': '" . addslashes($file['name']) . "',
+                        'id': '1'
+                    }";
+                }
+            } else {
+                $err = "文件上传失败";
+            }
+        }
+    }
+}
+
+// Output response
+if (isset($_GET['act']) && $_GET['act'] == 's') {
+    echo "<script>parent.document.getElementById('infoimgurl').value='/System/" . $imgurl . "';location.href='uploadfile.php'</script>";
+} else {
+    echo "{'err':'" . addslashes($err) . "','msg':" . $msg . "}";
+} 

web.config

@@ -10,7 +10,7 @@
         <defaultDocument>
             <files>
 		<clear />
-                <add value="index.asp" />
+                <add value="index.php" />
             </files>
         </defaultDocument>
         <httpErrors errorMode="Custom">