alert('阿里旺旺为必填项');history.back();"; exit; } // Website source validation if (strpos($cs_code, '官网') !== false) { $cs_from = 3; } if ($cs_from == 3 && empty($tel_1) && empty($whatsapp_1) && empty($wechat_1)) { echo ""; exit; } // Market customer validation if ($cs_from == 8 && empty($wechat_1)) { echo ""; exit; } // Facebook validation if ($cs_from == 12 && empty($facebook_1)) { echo ""; exit; } } // Determine action type $act = empty($id) || !is_numeric($id) ? 'addSave' : 'editSave'; if ($act === 'editSave') { // Verify customer ownership - 将bind_param改为SQL拼接 $id = intval($id); // 确保ID是整数，防止SQL注入 $sql = "SELECT cs_belong FROM customer WHERE id = " . $id; $result = $conn->query($sql); if ($row = $result->fetch_assoc()) { if ($row['cs_belong'] != $cs_belong) { echo ""; exit; } } else { echo ""; exit; } } // Validate customer code if (empty($cs_code)) { echo ""; exit; } // Check for duplicate customer information $checkStr = "SELECT c.*, cc.* FROM customer c LEFT JOIN customer_contact cc ON c.id = cc.customer_id WHERE c.cs_belong != " . $_SESSION['employee_id'] . " AND (c.id = 0 "; $Dupli = ""; // Check all contacts for duplicates foreach ($contacts as $contact) { // Check all phone numbers for ($i = 1; $i <= 3; $i++) { $tel_field = 'tel_' . $i; if (!empty($contact[$tel_field])) { $tel_format = numFormat($contact[$tel_field]); $checkStr .= " OR cc.tel_1_format LIKE '%" . substr($tel_format, 3, 9) . "%'" . " OR cc.tel_2_format LIKE '%" . substr($tel_format, 3, 9) . "%'" . " OR cc.tel_3_format LIKE '%" . substr($tel_format, 3, 9) . "%'" . " OR cc.wechat_1 LIKE '%" . substr($tel_format, 3, 9) . "%'" . " OR cc.wechat_2 LIKE '%" . substr($tel_format, 3, 9) . "%'" . " OR cc.wechat_3 LIKE '%" . substr($tel_format, 3, 9) . "%'"; $Dupli .= "电话" . $i . ":" . $contact[$tel_field] . " "; } } // Check all email addresses for ($i = 1; $i <= 3; $i++) { $email_field = 'email_' . $i; if (!empty($contact[$email_field])) { $checkStr .= " OR cc.email_1 = '" . $conn->real_escape_string($contact[$email_field]) . "'" . " OR cc.email_2 = '" . $conn->real_escape_string($contact[$email_field]) . "'" . " OR cc.email_3 = '" . $conn->real_escape_string($contact[$email_field]) . "'"; $Dupli .= "邮箱" . $i . ":" . $contact[$email_field] . " "; } } // Check all WhatsApp numbers for ($i = 1; $i <= 3; $i++) { $whatsapp_field = 'whatsapp_' . $i; if (!empty($contact[$whatsapp_field])) { $whatsapp_format = numFormat($contact[$whatsapp_field]); $checkStr .= " OR cc.whatsapp_1_format LIKE '%" . substr($whatsapp_format, 3, 9) . "%'" . " OR cc.whatsapp_2_format LIKE '%" . substr($whatsapp_format, 3, 9) . "%'" . " OR cc.whatsapp_3_format LIKE '%" . substr($whatsapp_format, 3, 9) . "%'" . " OR cc.tel_1_format LIKE '%" . substr($whatsapp_format, 3, 9) . "%'" . " OR cc.tel_2_format LIKE '%" . substr($whatsapp_format, 3, 9) . "%'" . " OR cc.tel_3_format LIKE '%" . substr($whatsapp_format, 3, 9) . "%'"; $Dupli .= "WhatsApp" . $i . ":" . $contact[$whatsapp_field] . " "; } } // Check all WeChat accounts for ($i = 1; $i <= 3; $i++) { $wechat_field = 'wechat_' . $i; if (!empty($contact[$wechat_field])) { if (strlen($contact[$wechat_field]) < 10) { $checkStr .= " OR cc.wechat_1 LIKE '%" . $conn->real_escape_string($contact[$wechat_field]) . "%'" . " OR cc.wechat_2 LIKE '%" . $conn->real_escape_string($contact[$wechat_field]) . "%'" . " OR cc.wechat_3 LIKE '%" . $conn->real_escape_string($contact[$wechat_field]) . "%'" . " OR cc.tel_1_format LIKE '%" . $conn->real_escape_string($contact[$wechat_field]) . "%'" . " OR cc.tel_2_format LIKE '%" . $conn->real_escape_string($contact[$wechat_field]) . "%'" . " OR cc.tel_3_format LIKE '%" . $conn->real_escape_string($contact[$wechat_field]) . "%'"; } else { $checkStr .= " OR cc.wechat_1 LIKE '%" . substr($contact[$wechat_field], 2, 12) . "%'" . " OR cc.wechat_2 LIKE '%" . substr($contact[$wechat_field], 2, 12) . "%'" . " OR cc.wechat_3 LIKE '%" . substr($contact[$wechat_field], 2, 12) . "%'" . " OR cc.tel_1_format LIKE '%" . substr($contact[$wechat_field], 2, 12) . "%'" . " OR cc.tel_2_format LIKE '%" . substr($contact[$wechat_field], 2, 12) . "%'" . " OR cc.tel_3_format LIKE '%" . substr($contact[$wechat_field], 2, 12) . "%'"; } $Dupli .= "微信" . $i . ":" . $contact[$wechat_field] . " "; } } // Check all LinkedIn accounts for ($i = 1; $i <= 3; $i++) { $linkedin_field = 'linkedin_' . $i; if (!empty($contact[$linkedin_field])) { $checkStr .= " OR cc.linkedin_1 LIKE '%" . $conn->real_escape_string($contact[$linkedin_field]) . "%'" . " OR cc.linkedin_2 LIKE '%" . $conn->real_escape_string($contact[$linkedin_field]) . "%'" . " OR cc.linkedin_3 LIKE '%" . $conn->real_escape_string($contact[$linkedin_field]) . "%'"; $Dupli .= "LinkedIn" . $i . ":" . $contact[$linkedin_field] . " "; } } // Check all Facebook accounts for ($i = 1; $i <= 3; $i++) { $facebook_field = 'facebook_' . $i; if (!empty($contact[$facebook_field])) { $checkStr .= " OR cc.facebook_1 LIKE '%" . $conn->real_escape_string($contact[$facebook_field]) . "%'" . " OR cc.facebook_2 LIKE '%" . $conn->real_escape_string($contact[$facebook_field]) . "%'" . " OR cc.facebook_3 LIKE '%" . $conn->real_escape_string($contact[$facebook_field]) . "%'"; $Dupli .= "Facebook" . $i . ":" . $contact[$facebook_field] . " "; } } // Check all Alibaba accounts for ($i = 1; $i <= 3; $i++) { $alibaba_field = 'alibaba_' . $i; if (!empty($contact[$alibaba_field])) { if (strlen($contact[$alibaba_field]) < 10) { $checkStr .= " OR cc.alibaba_1 LIKE '" . $conn->real_escape_string($contact[$alibaba_field]) . "'" . " OR cc.alibaba_2 LIKE '" . $conn->real_escape_string($contact[$alibaba_field]) . "'" . " OR cc.alibaba_3 LIKE '" . $conn->real_escape_string($contact[$alibaba_field]) . "'"; } else { $checkStr .= " OR cc.alibaba_1 LIKE '%" . substr($contact[$alibaba_field], 3, 12) . "%'" . " OR cc.alibaba_2 LIKE '%" . substr($contact[$alibaba_field], 3, 12) . "%'" . " OR cc.alibaba_3 LIKE '%" . substr($contact[$alibaba_field], 3, 12) . "%'"; } $Dupli .= "阿里旺旺" . $i . ":" . $contact[$alibaba_field] . " "; } } } $checkStr .= " ) ORDER BY c.id ASC"; if ($allowedit != 1) { $result = $conn->query($checkStr); if ($result && $result->num_rows > 0) { $row = $result->fetch_assoc(); // Get owner name $ownerResult = $conn->query("SELECT em_user FROM employee WHERE id = " . $row['cs_belong']); $ownerRow = $ownerResult->fetch_assoc(); $owner = textUncode($ownerRow['em_user']); // Determine who entered first if (strtotime($cs_addtime) > strtotime($row['cs_addtime'])) { $tstr = "INSERT INTO logrecord (loginName, loginIp, loginTime, loginAct) VALUES ('" . $_SESSION['employee_name'] . "', '" . getIp() . "', '" . date('Y-m-d H:i:s') . "', '" . $_SESSION['employee_name'] . "编辑客户\"" . $cs_code . "\"，该客户与\"" . textUncode($row['cs_code']) . "\"高度类似，
重复项为:" . $Dupli . "
客户由:" . $_SESSION['employee_name'] . $cs_addtime . "首次录入')"; } else { $tstr = "INSERT INTO logrecord (loginName, loginIp, loginTime, loginAct) VALUES ('" . $_SESSION['employee_name'] . "', '" . getIp() . "', '" . date('Y-m-d H:i:s') . "', '" . $_SESSION['employee_name'] . "编辑客户\"" . $cs_code . "\"，该客户与\"" . textUncode($row['cs_code']) . "\"高度类似，
重复项为:" . $Dupli . "
客户由:" . $owner . $row['cs_addtime'] . "首次录入')"; } $conn->query($tstr); echo ""; exit; } } // Save or update customer data if ($act == "editSave" || $allowedit == 1) { $hrefstr = "/customers.php?Keys=" . $keys . "&fliterBusiness=" . $fliterBusiness . "&fliterDeal=" . $fliterDeal . "&Page=" . $page; // 更新客户基本信息 $updateSql = "UPDATE customer SET cs_code='" . $conn->real_escape_string($cs_code) . "', cs_company='" . $conn->real_escape_string($cs_company) . "', cs_country=" . $cs_country . ", cs_from=" . $cs_from . ", cs_address='" . $conn->real_escape_string($cs_address) . "', cs_updatetime='" . $cs_updatetime . "', cs_belong=" . $cs_belong . ", cs_belongclient=" . $cs_belongClient . ", cs_state=" . $cs_state . ", cs_deal=" . $cs_deal . ", cs_note='" . $conn->real_escape_string($cs_note) . "'"; // 处理cs_dealdate if ($cs_deal == 3) { $updateSql .= ", cs_dealdate = CASE WHEN cs_dealdate IS NULL THEN NOW() ELSE cs_dealdate END"; } $updateSql .= " WHERE id=" . intval($id); $conn->query($updateSql); // 处理联系人信息 - 首先删除已有的不在提交列表中的联系人 $existingContactIds = []; foreach ($contacts as $contact) { if (!empty($contact['id'])) { $existingContactIds[] = (int)$contact['id']; } } if (!empty($existingContactIds)) { $idsToKeep = implode(',', $existingContactIds); $deleteContactsSql = "DELETE FROM customer_contact WHERE customer_id = " . intval($id) . " AND id NOT IN (" . $idsToKeep . ")"; } else { $deleteContactsSql = "DELETE FROM customer_contact WHERE customer_id = " . intval($id); } $conn->query($deleteContactsSql); // 处理联系人信息 - 更新或添加联系人 foreach ($contacts as $contact) { $contact_id = !empty($contact['id']) ? (int)$contact['id'] : 0; $contact_name = textEncode($contact['contact_name'] ?? ''); // 准备SQL字段和值 $fields = ['contact_name']; $values = ["'" . $conn->real_escape_string($contact_name) . "'"]; $updates = ["contact_name = '" . $conn->real_escape_string($contact_name) . "'"]; // 处理所有联系方式类型 $methodTypes = ['tel', 'email', 'whatsapp', 'wechat', 'linkedin', 'facebook', 'alibaba']; foreach ($methodTypes as $type) { for ($i = 1; $i <= 3; $i++) { $field = $type . '_' . $i; $format_field = $field . '_format'; $bu_field = $field . '_bu'; $value = textEncode($contact[$field] ?? ''); $format_value = ($type == 'tel' || $type == 'whatsapp') ? numFormat($value) : ''; $bu_value = textEncode($contact[$bu_field] ?? $value); // 添加字段名 $fields[] = $field; $fields[] = $bu_field; if ($type == 'tel' || $type == 'whatsapp') { $fields[] = $format_field; } // 添加值 $values[] = "'" . $conn->real_escape_string($value) . "'"; $values[] = "'" . $conn->real_escape_string($bu_value) . "'"; if ($type == 'tel' || $type == 'whatsapp') { $values[] = "'" . $conn->real_escape_string($format_value) . "'"; } // 添加更新语句 $updates[] = $field . " = '" . $conn->real_escape_string($value) . "'"; $updates[] = $bu_field . " = '" . $conn->real_escape_string($bu_value) . "'"; if ($type == 'tel' || $type == 'whatsapp') { $updates[] = $format_field . " = '" . $conn->real_escape_string($format_value) . "'"; } } } if ($contact_id > 0) { // 更新已有联系人 $updateContactSql = "UPDATE customer_contact SET " . implode(", ", $updates) . ", updated_at = NOW() " . "WHERE id = " . $contact_id . " AND customer_id = " . intval($id); $conn->query($updateContactSql); } else { // 添加新联系人 $insertContactSql = "INSERT INTO customer_contact (" . implode(", ", $fields) . ", customer_id, created_at, updated_at) VALUES (" . implode(", ", $values) . ", " . intval($id) . ", NOW(), NOW())"; $conn->query($insertContactSql); } } // Update tags $conn->query("DELETE FROM tagtable WHERE customerId = " . intval($id)); foreach ($mytag as $tag) { if (!empty(trim($tag))) { $tagSql = "INSERT INTO tagtable (tagName, employeeId, customerId) VALUES ('" . $conn->real_escape_string($tag) . "', " . intval($_SESSION['employee_id']) . ", " . intval($id) . ")"; $conn->query($tagSql); } } echo ""; } else { // Insert new customer record $insertSql = "INSERT INTO customer ( cs_code, cs_company, cs_country, cs_from, cs_address, cs_type, cs_addtime, cs_updatetime, cs_belong, cs_belongClient, cs_state, cs_deal, cs_note, cs_chain, is_silent, cs_dealdate ) VALUES ( '" . $conn->real_escape_string($cs_code) . "', '" . $conn->real_escape_string($cs_company) . "', " . $cs_country . ", " . $cs_from . ", '" . $conn->real_escape_string($cs_address) . "', " . $cs_type . ", NOW(), NOW(), " . $cs_belong . ", " . $cs_belongClient . ", " . $cs_state . ", " . $cs_deal . ", '" . $conn->real_escape_string($cs_note) . "', " . $cs_belong . ", 0, " . ($cs_deal == 3 ? "NOW()" : "NULL") . " )"; $conn->query($insertSql); $new_customer_id = $conn->insert_id; // Insert contact information for all contacts if ($new_customer_id > 0) { foreach ($contacts as $contact) { $contact_name = textEncode($contact['contact_name'] ?? ''); // 准备SQL字段和值 $fields = ['contact_name']; $values = ["'" . $conn->real_escape_string($contact_name) . "'"]; // 处理所有联系方式类型 $methodTypes = ['tel', 'email', 'whatsapp', 'wechat', 'linkedin', 'facebook', 'alibaba']; foreach ($methodTypes as $type) { for ($i = 1; $i <= 3; $i++) { $field = $type . '_' . $i; $format_field = $field . '_format'; $bu_field = $field . '_bu'; $value = textEncode($contact[$field] ?? ''); $format_value = ($type == 'tel' || $type == 'whatsapp') ? numFormat($value) : ''; $bu_value = textEncode($contact[$bu_field] ?? $value); // 添加字段名 $fields[] = $field; $fields[] = $bu_field; if ($type == 'tel' || $type == 'whatsapp') { $fields[] = $format_field; } // 添加值 $values[] = "'" . $conn->real_escape_string($value) . "'"; $values[] = "'" . $conn->real_escape_string($bu_value) . "'"; if ($type == 'tel' || $type == 'whatsapp') { $values[] = "'" . $conn->real_escape_string($format_value) . "'"; } } } // 添加新联系人 $insertContactSql = "INSERT INTO customer_contact (" . implode(", ", $fields) . ", customer_id, created_at, updated_at) VALUES (" . implode(", ", $values) . ", " . $new_customer_id . ", NOW(), NOW())"; $conn->query($insertContactSql); } // Save tags for new customer foreach ($mytag as $tag) { if (!empty(trim($tag))) { $tagSql = "INSERT INTO tagtable (tagName, employeeId, customerId) VALUES ('" . $conn->real_escape_string($tag) . "', " . intval($_SESSION['employee_id']) . ", " . intval($new_customer_id) . ")"; $conn->query($tagSql); } } } echo ""; } ?>