mtb_crm_asp/order_save.php

<?php
require_once 'conn.php';
checkLogin();

$isedit = false;
$id = $_POST['id'] ?? '';
if (!empty($id) && is_numeric($id)) {
    $isedit = true;
}

// 获取表单数据 - 订单基本信息
$order_code = mysqli_real_escape_string($conn, htmlspecialchars($_POST['order_code'], ENT_QUOTES, 'UTF-8'));
$customer_id = (int)$_POST['customer_id'];
$contact_id = !empty($_POST['contact_id']) ? (int)$_POST['contact_id'] : "NULL";
$employee_id = $_SESSION['employee_id'];
$order_date = mysqli_real_escape_string($conn, $_POST['order_date']);

// 设置已删除字段的默认值
$delivery_date = "NULL";
$actual_delivery_date = "NULL";
$order_status = 1; // 默认为"待确认"
$payment_status = 0; // 默认为"未付款"
$currency = "CNY"; // 默认为人民币
$notes = mysqli_real_escape_string($conn, htmlspecialchars($_POST['notes'], ENT_QUOTES, 'UTF-8'));
$internal_notes = ""; // 默认为空

// 获取订单项信息
$items = $_POST['items'] ?? [];

// 计算订单总额
$subtotal = 0;
$discount_amount = !empty($_POST['discount_amount']) ? (float)$_POST['discount_amount'] : 0;

foreach ($items as $item) {
    $quantity = (int)$item['quantity'];
    $unit_price = (float)$item['unit_price'];
    $item_total = $quantity * $unit_price;
    $subtotal += $item_total;
}

$total_amount = $subtotal - $discount_amount;

// 验证必填字段
if (empty($order_code)) {
    echo "<script>alert('订单编号不能为空');history.back();</script>";
    exit;
}

if ($customer_id <= 0) {
    echo "<script>alert('请选择客户');history.back();</script>";
    exit;
}

if (empty($items)) {
    echo "<script>alert('订单必须包含至少一个产品');history.back();</script>";
    exit;
}

// 处理保存
if ($isedit) {
    // 更新订单基本信息
    $sql = "UPDATE orders SET 
            order_code = '$order_code', 
            customer_id = $customer_id, 
            contact_id = $contact_id, 
            employee_id = $employee_id, 
            order_date = '$order_date', 
            delivery_date = $delivery_date, 
            actual_delivery_date = $actual_delivery_date, 
            order_status = $order_status, 
            payment_status = $payment_status, 
            currency = '$currency', 
            subtotal = $subtotal, 
            discount_amount = $discount_amount, 
            total_amount = $total_amount, 
            notes = '$notes', 
            internal_notes = '$internal_notes', 
            updated_at = NOW() 
            WHERE id = $id";

    mysqli_query($conn, $sql);

    // 删除旧的订单项
    $sql = "DELETE FROM order_items WHERE order_id = $id";
    mysqli_query($conn, $sql);

    // 添加新的订单项
    foreach ($items as $item) {
        if (empty($item['product_id'])) continue; // 跳过没有选择产品的行

        $product_id = (int)$item['product_id'];
        $quantity = (int)$item['quantity'];
        $unit = mysqli_real_escape_string($conn, htmlspecialchars($item['unit'], ENT_QUOTES, 'UTF-8'));
        $unit_price = (float)$item['unit_price'];
        $total_price = $quantity * $unit_price;
        $item_notes = mysqli_real_escape_string($conn, htmlspecialchars($item['notes'] ?? '', ENT_QUOTES, 'UTF-8'));

        $sql = "INSERT INTO order_items (
                order_id, product_id, quantity, unit, unit_price, 
                total_price, notes, 
                created_at, updated_at
            ) VALUES (
                $id, $product_id, $quantity, '$unit', $unit_price, 
                $total_price, '$item_notes', 
                NOW(), NOW()
            )";

        mysqli_query($conn, $sql);
    }

    $message = "订单更新成功！";
} else {
    // 创建新订单
    $sql = "INSERT INTO orders (
            order_code, customer_id, contact_id, employee_id, 
            order_date, delivery_date, actual_delivery_date, 
            order_status, payment_status, currency, 
            subtotal, discount_amount, total_amount, 
            notes, internal_notes, created_at, updated_at
        ) VALUES (
            '$order_code', $customer_id, $contact_id, $employee_id, 
            '$order_date', $delivery_date, $actual_delivery_date, 
            $order_status, $payment_status, '$currency', 
            $subtotal, $discount_amount, $total_amount, 
            '$notes', '$internal_notes', NOW(), NOW()
        )";

    mysqli_query($conn, $sql);
    $order_id = mysqli_insert_id($conn);

    // 添加订单项
    foreach ($items as $item) {
        if (empty($item['product_id'])) continue; // 跳过没有选择产品的行

        $product_id = (int)$item['product_id'];
        $quantity = (int)$item['quantity'];
        $unit = mysqli_real_escape_string($conn, htmlspecialchars($item['unit'], ENT_QUOTES, 'UTF-8'));
        $unit_price = (float)$item['unit_price'];
        $total_price = $quantity * $unit_price;
        $item_notes = mysqli_real_escape_string($conn, htmlspecialchars($item['notes'] ?? '', ENT_QUOTES, 'UTF-8'));

        $sql = "INSERT INTO order_items (
                order_id, product_id, quantity, unit, unit_price, 
                total_price, notes, 
                created_at, updated_at
            ) VALUES (
                $order_id, $product_id, $quantity, '$unit', $unit_price, 
                $total_price, '$item_notes', 
                NOW(), NOW()
            )";

        mysqli_query($conn, $sql);
    }

    $message = "订单创建成功！";
}

// 重定向回订单列表页面
$page = $_GET['Page'] ?? '';
$keys = urlencode($_GET['Keys'] ?? '');
echo "<script>alert('$message');location.href='order.php?keys=$keys&Page=$page';</script>";
exit;
?>