alert('阿里旺旺为必填项');history.back();"; exit; } // Website source validation if (strpos($cs_code, '官网') !== false) { $cs_from = 3; } if ($cs_from == 3 && empty($tel_1) && empty($whatsapp_1) && empty($wechat_1)) { echo ""; exit; } // Market customer validation if ($cs_from == 8 && empty($wechat_1)) { echo ""; exit; } // Facebook validation if ($cs_from == 12 && empty($facebook_1)) { echo ""; exit; } } // Determine action type $act = empty($id) || !is_numeric($id) ? 'addSave' : 'editSave'; if ($act === 'editSave') { // Verify customer ownership - 将bind_param改为SQL拼接 $id = intval($id); // 确保ID是整数，防止SQL注入 $sql = "SELECT cs_belong FROM customer WHERE id = " . $id; $result = $conn->query($sql); if ($row = $result->fetch_assoc()) { if ($row['cs_belong'] != $cs_belong) { echo ""; exit; } } else { echo ""; exit; } } // Validate customer code if (empty($cs_code)) { echo ""; exit; } // Check for duplicate customer information $checkStr = "SELECT c.*, cc.* FROM customer c LEFT JOIN customer_contact cc ON c.id = cc.customer_id WHERE c.cs_belong != " . $_SESSION['employee_id'] . " AND (c.id = 0 "; $Dupli = ""; // Company name similarity check if (!empty($cs_company)) { $companyWords = explode(' ', strtolower($cs_company)); foreach ($companyWords as $word) { if (strlen($word) > 3) { // Only check words longer than 3 characters $checkStr .= " OR LOWER(c.cs_company) LIKE '%" . $conn->real_escape_string($word) . "%'"; } } } // Address similarity check if (!empty($cs_address)) { $addressWords = explode(' ', strtolower($cs_address)); foreach ($addressWords as $word) { if (strlen($word) > 3) { // Only check words longer than 3 characters $checkStr .= " OR LOWER(c.cs_address) LIKE '%" . $conn->real_escape_string($word) . "%'"; } } } // Check all contacts for duplicates foreach ($contacts as $contact) { // Check all phone numbers for ($i = 1; $i <= 3; $i++) { $tel_field = 'tel_' . $i; if (!empty($contact[$tel_field])) { $tel_format = numFormat($contact[$tel_field]); // Remove country code and spaces for better matching $tel_clean = preg_replace('/[^0-9]/', '', $tel_format); $checkStr .= " OR cc.tel_1_format LIKE '%" . substr($tel_clean, -9) . "%'" . " OR cc.tel_2_format LIKE '%" . substr($tel_clean, -9) . "%'" . " OR cc.tel_3_format LIKE '%" . substr($tel_clean, -9) . "%'" . " OR cc.wechat_1 LIKE '%" . substr($tel_clean, -9) . "%'" . " OR cc.wechat_2 LIKE '%" . substr($tel_clean, -9) . "%'" . " OR cc.wechat_3 LIKE '%" . substr($tel_clean, -9) . "%'"; $Dupli .= "电话" . $i . ":" . $contact[$tel_field] . " "; } } // Check all email addresses for ($i = 1; $i <= 3; $i++) { $email_field = 'email_' . $i; if (!empty($contact[$email_field])) { $email = strtolower($contact[$email_field]); $checkStr .= " OR LOWER(cc.email_1) = '" . $conn->real_escape_string($email) . "'" . " OR LOWER(cc.email_2) = '" . $conn->real_escape_string($email) . "'" . " OR LOWER(cc.email_3) = '" . $conn->real_escape_string($email) . "'"; $Dupli .= "邮箱" . $i . ":" . $contact[$email_field] . " "; } } // Check all WhatsApp numbers for ($i = 1; $i <= 3; $i++) { $whatsapp_field = 'whatsapp_' . $i; if (!empty($contact[$whatsapp_field])) { $whatsapp_format = numFormat($contact[$whatsapp_field]); $whatsapp_clean = preg_replace('/[^0-9]/', '', $whatsapp_format); $checkStr .= " OR cc.whatsapp_1_format LIKE '%" . substr($whatsapp_clean, -9) . "%'" . " OR cc.whatsapp_2_format LIKE '%" . substr($whatsapp_clean, -9) . "%'" . " OR cc.whatsapp_3_format LIKE '%" . substr($whatsapp_clean, -9) . "%'" . " OR cc.tel_1_format LIKE '%" . substr($whatsapp_clean, -9) . "%'" . " OR cc.tel_2_format LIKE '%" . substr($whatsapp_clean, -9) . "%'" . " OR cc.tel_3_format LIKE '%" . substr($whatsapp_clean, -9) . "%'"; $Dupli .= "WhatsApp" . $i . ":" . $contact[$whatsapp_field] . " "; } } // Check all WeChat accounts for ($i = 1; $i <= 3; $i++) { $wechat_field = 'wechat_' . $i; if (!empty($contact[$wechat_field])) { $wechat = $contact[$wechat_field]; if (strlen($wechat) < 10) { $checkStr .= " OR cc.wechat_1 LIKE '%" . $conn->real_escape_string($wechat) . "%'" . " OR cc.wechat_2 LIKE '%" . $conn->real_escape_string($wechat) . "%'" . " OR cc.wechat_3 LIKE '%" . $conn->real_escape_string($wechat) . "%'" . " OR cc.tel_1_format LIKE '%" . $conn->real_escape_string($wechat) . "%'" . " OR cc.tel_2_format LIKE '%" . $conn->real_escape_string($wechat) . "%'" . " OR cc.tel_3_format LIKE '%" . $conn->real_escape_string($wechat) . "%'"; } else { $wechat_clean = preg_replace('/[^0-9]/', '', $wechat); $checkStr .= " OR cc.wechat_1 LIKE '%" . substr($wechat_clean, -9) . "%'" . " OR cc.wechat_2 LIKE '%" . substr($wechat_clean, -9) . "%'" . " OR cc.wechat_3 LIKE '%" . substr($wechat_clean, -9) . "%'" . " OR cc.tel_1_format LIKE '%" . substr($wechat_clean, -9) . "%'" . " OR cc.tel_2_format LIKE '%" . substr($wechat_clean, -9) . "%'" . " OR cc.tel_3_format LIKE '%" . substr($wechat_clean, -9) . "%'"; } $Dupli .= "微信" . $i . ":" . $contact[$wechat_field] . " "; } } // Check all LinkedIn accounts for ($i = 1; $i <= 3; $i++) { $linkedin_field = 'linkedin_' . $i; if (!empty($contact[$linkedin_field])) { $linkedin = strtolower($contact[$linkedin_field]); $checkStr .= " OR LOWER(cc.linkedin_1) LIKE '%" . $conn->real_escape_string($linkedin) . "%'" . " OR LOWER(cc.linkedin_2) LIKE '%" . $conn->real_escape_string($linkedin) . "%'" . " OR LOWER(cc.linkedin_3) LIKE '%" . $conn->real_escape_string($linkedin) . "%'"; $Dupli .= "LinkedIn" . $i . ":" . $contact[$linkedin_field] . " "; } } // Check all Facebook accounts for ($i = 1; $i <= 3; $i++) { $facebook_field = 'facebook_' . $i; if (!empty($contact[$facebook_field])) { $facebook = strtolower($contact[$facebook_field]); $checkStr .= " OR LOWER(cc.facebook_1) LIKE '%" . $conn->real_escape_string($facebook) . "%'" . " OR LOWER(cc.facebook_2) LIKE '%" . $conn->real_escape_string($facebook) . "%'" . " OR LOWER(cc.facebook_3) LIKE '%" . $conn->real_escape_string($facebook) . "%'"; $Dupli .= "Facebook" . $i . ":" . $contact[$facebook_field] . " "; } } // Check all Alibaba accounts for ($i = 1; $i <= 3; $i++) { $alibaba_field = 'alibaba_' . $i; if (!empty($contact[$alibaba_field])) { $alibaba = strtolower($contact[$alibaba_field]); if (strlen($alibaba) < 10) { $checkStr .= " OR LOWER(cc.alibaba_1) LIKE '" . $conn->real_escape_string($alibaba) . "'" . " OR LOWER(cc.alibaba_2) LIKE '" . $conn->real_escape_string($alibaba) . "'" . " OR LOWER(cc.alibaba_3) LIKE '" . $conn->real_escape_string($alibaba) . "'"; } else { $alibaba_clean = preg_replace('/[^0-9a-zA-Z]/', '', $alibaba); $checkStr .= " OR LOWER(cc.alibaba_1) LIKE '%" . substr($alibaba_clean, -9) . "%'" . " OR LOWER(cc.alibaba_2) LIKE '%" . substr($alibaba_clean, -9) . "%'" . " OR LOWER(cc.alibaba_3) LIKE '%" . substr($alibaba_clean, -9) . "%'"; } $Dupli .= "阿里旺旺" . $i . ":" . $contact[$alibaba_field] . " "; } } } $checkStr .= " ) ORDER BY c.id ASC"; if ($allowedit != 1) { $result = $conn->query($checkStr); if ($result && $result->num_rows > 0) { $row = $result->fetch_assoc(); // Get owner name $ownerResult = $conn->query("SELECT em_user FROM employee WHERE id = " . $row['cs_belong']); $ownerRow = $ownerResult->fetch_assoc(); $owner = textUncode($ownerRow['em_user']); // Determine who entered first if (strtotime($cs_addtime) > strtotime($row['cs_addtime'])) { $tstr = "INSERT INTO logrecord (loginName, loginIp, loginTime, loginAct) VALUES ('" . $_SESSION['employee_name'] . "', '" . getIp() . "', '" . date('Y-m-d H:i:s') . "', '" . $_SESSION['employee_name'] . "编辑客户\"" . $cs_code . "\"，该客户与\"" . textUncode($row['cs_code']) . "\"高度类似，
重复项为:" . $Dupli . "
客户由:" . $_SESSION['employee_name'] . $cs_addtime . "首次录入')"; } else { $tstr = "INSERT INTO logrecord (loginName, loginIp, loginTime, loginAct) VALUES ('" . $_SESSION['employee_name'] . "', '" . getIp() . "', '" . date('Y-m-d H:i:s') . "', '" . $_SESSION['employee_name'] . "编辑客户\"" . $cs_code . "\"，该客户与\"" . textUncode($row['cs_code']) . "\"高度类似，
重复项为:" . $Dupli . "
客户由:" . $owner . $row['cs_addtime'] . "首次录入')"; } $conn->query($tstr); echo ""; exit; } } // Save or update customer data if ($act == "editSave" || $allowedit == 1) { $hrefstr = "/customers.php?Keys=" . $keys . "&fliterBusiness=" . $fliterBusiness . "&fliterDeal=" . $fliterDeal . "&Page=" . $page; // 更新客户基本信息 $updateSql = "UPDATE customer SET cs_code='" . $conn->real_escape_string($cs_code) . "', cs_company='" . $conn->real_escape_string($cs_company) . "', cs_country=" . $cs_country . ", cs_from=" . $cs_from . ", cs_address='" . $conn->real_escape_string($cs_address) . "', cs_updatetime='" . $cs_updatetime . "', cs_belong=" . $cs_belong . ", cs_belongclient=" . $cs_belongClient . ", cs_state=" . $cs_state . ", cs_deal=" . $cs_deal . ", cs_note='" . $conn->real_escape_string($cs_note) . "'"; // 处理cs_dealdate if ($cs_deal == 3) { $updateSql .= ", cs_dealdate = CASE WHEN cs_dealdate IS NULL THEN NOW() ELSE cs_dealdate END"; } $updateSql .= " WHERE id=" . intval($id); $conn->query($updateSql); // 处理联系人信息 - 首先删除已有的不在提交列表中的联系人 $existingContactIds = []; foreach ($contacts as $contact) { if (!empty($contact['id'])) { $existingContactIds[] = (int)$contact['id']; } } if (!empty($existingContactIds)) { $idsToKeep = implode(',', $existingContactIds); $deleteContactsSql = "DELETE FROM customer_contact WHERE customer_id = " . intval($id) . " AND id NOT IN (" . $idsToKeep . ")"; } else { $deleteContactsSql = "DELETE FROM customer_contact WHERE customer_id = " . intval($id); } $conn->query($deleteContactsSql); // 处理联系人信息 - 更新或添加联系人 foreach ($contacts as $contact) { $contact_id = !empty($contact['id']) ? (int)$contact['id'] : 0; $contact_name = textEncode($contact['contact_name'] ?? ''); // 准备SQL字段和值 $fields = ['contact_name']; $values = ["'" . $conn->real_escape_string($contact_name) . "'"]; $updates = ["contact_name = '" . $conn->real_escape_string($contact_name) . "'"]; // 处理所有联系方式类型 $methodTypes = ['tel', 'email', 'whatsapp', 'wechat', 'linkedin', 'facebook', 'alibaba']; foreach ($methodTypes as $type) { for ($i = 1; $i <= 3; $i++) { $field = $type . '_' . $i; $format_field = $field . '_format'; $bu_field = $field . '_bu'; $value = textEncode($contact[$field] ?? ''); $format_value = ($type == 'tel' || $type == 'whatsapp') ? numFormat($value) : ''; $bu_value = textEncode($contact[$bu_field] ?? $value); // 添加字段名 $fields[] = $field; $fields[] = $bu_field; if ($type == 'tel' || $type == 'whatsapp') { $fields[] = $format_field; } // 添加值 $values[] = "'" . $conn->real_escape_string($value) . "'"; $values[] = "'" . $conn->real_escape_string($bu_value) . "'"; if ($type == 'tel' || $type == 'whatsapp') { $values[] = "'" . $conn->real_escape_string($format_value) . "'"; } // 添加更新语句 $updates[] = $field . " = '" . $conn->real_escape_string($value) . "'"; $updates[] = $bu_field . " = '" . $conn->real_escape_string($bu_value) . "'"; if ($type == 'tel' || $type == 'whatsapp') { $updates[] = $format_field . " = '" . $conn->real_escape_string($format_value) . "'"; } } } if ($contact_id > 0) { // 更新已有联系人 $updateContactSql = "UPDATE customer_contact SET " . implode(", ", $updates) . ", updated_at = NOW() " . "WHERE id = " . $contact_id . " AND customer_id = " . intval($id); $conn->query($updateContactSql); } else { // 添加新联系人 $insertContactSql = "INSERT INTO customer_contact (" . implode(", ", $fields) . ", customer_id, created_at, updated_at) VALUES (" . implode(", ", $values) . ", " . intval($id) . ", NOW(), NOW())"; $conn->query($insertContactSql); } } // Update tags $conn->query("DELETE FROM tagtable WHERE customerId = " . intval($id)); foreach ($mytag as $tag) { if (!empty(trim($tag))) { $tagSql = "INSERT INTO tagtable (tagName, employeeId, customerId) VALUES ('" . $conn->real_escape_string($tag) . "', " . intval($_SESSION['employee_id']) . ", " . intval($id) . ")"; $conn->query($tagSql); } } echo ""; } else { // Insert new customer record $insertSql = "INSERT INTO customer ( cs_code, cs_company, cs_country, cs_from, cs_address, cs_type, cs_addtime, cs_updatetime, cs_belong, cs_belongClient, cs_state, cs_deal, cs_note, cs_chain, is_silent, cs_dealdate ) VALUES ( '" . $conn->real_escape_string($cs_code) . "', '" . $conn->real_escape_string($cs_company) . "', " . $cs_country . ", " . $cs_from . ", '" . $conn->real_escape_string($cs_address) . "', " . $cs_type . ", NOW(), NOW(), " . $cs_belong . ", " . $cs_belongClient . ", " . $cs_state . ", " . $cs_deal . ", '" . $conn->real_escape_string($cs_note) . "', " . $cs_belong . ", 0, " . ($cs_deal == 3 ? "NOW()" : "NULL") . " )"; $conn->query($insertSql); $new_customer_id = $conn->insert_id; // Insert contact information for all contacts if ($new_customer_id > 0) { foreach ($contacts as $contact) { $contact_name = textEncode($contact['contact_name'] ?? ''); // 准备SQL字段和值 $fields = ['contact_name']; $values = ["'" . $conn->real_escape_string($contact_name) . "'"]; // 处理所有联系方式类型 $methodTypes = ['tel', 'email', 'whatsapp', 'wechat', 'linkedin', 'facebook', 'alibaba']; foreach ($methodTypes as $type) { for ($i = 1; $i <= 3; $i++) { $field = $type . '_' . $i; $format_field = $field . '_format'; $bu_field = $field . '_bu'; $value = textEncode($contact[$field] ?? ''); $format_value = ($type == 'tel' || $type == 'whatsapp') ? numFormat($value) : ''; $bu_value = textEncode($contact[$bu_field] ?? $value); // 添加字段名 $fields[] = $field; $fields[] = $bu_field; if ($type == 'tel' || $type == 'whatsapp') { $fields[] = $format_field; } // 添加值 $values[] = "'" . $conn->real_escape_string($value) . "'"; $values[] = "'" . $conn->real_escape_string($bu_value) . "'"; if ($type == 'tel' || $type == 'whatsapp') { $values[] = "'" . $conn->real_escape_string($format_value) . "'"; } } } // 添加新联系人 $insertContactSql = "INSERT INTO customer_contact (" . implode(", ", $fields) . ", customer_id, created_at, updated_at) VALUES (" . implode(", ", $values) . ", " . $new_customer_id . ", NOW(), NOW())"; $conn->query($insertContactSql); } // Save tags for new customer foreach ($mytag as $tag) { if (!empty(trim($tag))) { $tagSql = "INSERT INTO tagtable (tagName, employeeId, customerId) VALUES ('" . $conn->real_escape_string($tag) . "', " . intval($_SESSION['employee_id']) . ", " . intval($new_customer_id) . ")"; $conn->query($tagSql); } } } echo ""; } ?>