Home Explore Help
Register Sign In
igamebox
/
mtb_crm_asp
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: d1f408be7b
Branches Tags
mtb_crm_asp
/
order_save.php

order_save.php 14 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369 
  1. <?php
    2. 

  2. require_once 'conn.php';
    3. 

  3. checkLogin();
    4. 

  4. 

  5. $isedit = false;
    6. 

  6. $id = $_POST['id'] ?? '';
    7. 

  7. if (!empty($id) && is_numeric($id)) {
    8. 

  8.     $isedit = true;
    9. 

  9.     
    10. 

  10.     // 检查是否为管理员,非管理员只能编辑自己的订单
    11. 

  11.     $isAdmin = checkIfAdmin();
    12. 

  12.     if (!$isAdmin) {
    13. 

  13.         // 验证订单所有权
    14. 

  14.         $checkOwnershipQuery = "SELECT id FROM orders WHERE id = $id AND employee_id = " . $_SESSION['employee_id'];
    15. 

  15.         $ownershipResult = mysqli_query($conn, $checkOwnershipQuery);
    16. 

  16.         
    17. 

  17.         if (mysqli_num_rows($ownershipResult) === 0) {
    18. 

  18.             echo "<script>alert('您没有权限编辑此订单!');history.back();</script>";
    19. 

  19.             exit;
    20. 

  20.         }
    21. 

  21.     }
    22. 

  22. }
    23. 

  23. 

  24. // 获取表单数据 - 订单基本信息
    25. 

  25. $order_code = mysqli_real_escape_string($conn, htmlspecialchars($_POST['order_code'], ENT_QUOTES, 'UTF-8'));
    26. 

  26. $customer_id = (int)$_POST['customer_id'];
    27. 

  27. $contact_id = !empty($_POST['contact_id']) ? (int)$_POST['contact_id'] : "NULL";
    28. 

  28. $employee_id = $_SESSION['employee_id'];
    29. 

  29. $order_date = mysqli_real_escape_string($conn, $_POST['order_date']);
    30. 

  30. 

  31. // 设置已删除字段的默认值
    32. 

  32. $delivery_date = "NULL";
    33. 

  33. $actual_delivery_date = "NULL";
    34. 

  34. $order_status = 1; // 默认为"待确认"
    35. 

  35. $payment_status = 0; // 默认为"未付款"
    36. 

  36. $currency = "CNY"; // 默认为人民币
    37. 

  37. $notes = mysqli_real_escape_string($conn, htmlspecialchars($_POST['notes'], ENT_QUOTES, 'UTF-8'));
    38. 

  38. $internal_notes = ""; // 默认为空
    39. 

  39. 

  40. // 获取订单项信息
    41. 

  41. $items = $_POST['items'] ?? [];
    42. 

  42. 

  43. // 计算订单总额
    44. 

  44. $subtotal = 0;
    45. 

  45. $discount_amount = !empty($_POST['discount_amount']) ? (float)$_POST['discount_amount'] : 0;
    46. 

  46. 

  47. foreach ($items as $item) {
    48. 

  48.     $quantity = (int)$item['quantity'];
    49. 

  49.     $unit_price = (float)$item['unit_price'];
    50. 

  50.     $item_total = $quantity * $unit_price;
    51. 

  51.     $subtotal += $item_total;
    52. 

  52. }
    53. 

  53. 

  54. $total_amount = $subtotal - $discount_amount;
    55. 

  55. 

  56. // 验证必填字段
    57. 

  57. if (empty($order_code)) {
    58. 

  58.     echo "<script>alert('销售订单号不能为空');history.back();</script>";
    59. 

  59.     exit;
    60. 

  60. }
    61. 

  61. 

  62. if ($customer_id <= 0) {
    63. 

  63.     echo "<script>alert('请选择客户');history.back();</script>";
    64. 

  64.     exit;
    65. 

  65. }
    66. 

  66. 

  67. if (empty($items)) {
    68. 

  68.     echo "<script>alert('订单必须包含至少一个产品');history.back();</script>";
    69. 

  69.     exit;
    70. 

  70. }
    71. 

  71. 

  72. $customer_country=0;
    73. 

  73. // 检查客户国家和产品销售限制
    74. 

  74. $customer_query = "SELECT cs_country FROM customer WHERE id = $customer_id LIMIT 1";
    75. 

  75. $customer_result = mysqli_query($conn, $customer_query);
    76. 

  76. 

  77. if ($customer_result && mysqli_num_rows($customer_result) > 0) {
    78. 

  78.     $customer_data = mysqli_fetch_assoc($customer_result);
    79. 

  79.     $customer_country = $customer_data['cs_country'];
    80. 

  80.     
    81. 

  81.     if (!empty($customer_country)) {
    82. 

  82.         $restricted_products = [];
    83. 

  83.         
    84. 

  84.         foreach ($items as $item) {
    85. 

  85.             if (empty($item['product_id'])) continue;
    86. 

  86.             
    87. 

  87.             $product_id = (int)$item['product_id'];
    88. 

  88.             
    89. 

  89.             // 获取产品详情,包括nosale字段
    90. 

  90.             $product_query = "SELECT ProductName, nosale FROM products WHERE id = $product_id LIMIT 1";
    91. 

  91.             $product_result = mysqli_query($conn, $product_query);
    92. 

  92.             
    93. 

  93.             if ($product_result && mysqli_num_rows($product_result) > 0) {
    94. 

  94.                 $product_data = mysqli_fetch_assoc($product_result);
    95. 

  95.                 $nosale_countries = $product_data['nosale'];
    96. 

  96.                 
    97. 

  97.                 // 检查客户所在国家是否在销售限制列表中
    98. 

  98.                 if (!empty($nosale_countries)) {
    99. 

  99.                     $restricted_countries = explode(',', $nosale_countries);
    100. 

  100.                     if (in_array($customer_country, $restricted_countries)) {
    101. 

  101.                         $restricted_products[] = $product_data['ProductName'];
    102. 

  102.                     }
    103. 

  103.                 }
    104. 

  104.             }
    105. 

  105.         }
    106. 

  106.         
    107. 

  107.         // 如果有限制销售的产品,显示错误并返回
    108. 

  108.         if (!empty($restricted_products)) {
    109. 

  109.             $restricted_product_names = implode('、', $restricted_products);
    110. 

  110.             echo "<script>alert('以下产品不能销售给所选客户所在的国家/地区: {$restricted_product_names}');history.back();</script>";
    111. 

  111.             exit;
    112. 

  112.         }
    113. 

  113.     }
    114. 

  114. }
    115. 

  115. 

  116. // 处理保存
    117. 

  117. if ($isedit) {
    118. 

  118. 

  119.     //价格判断,不能低于指导价
    120. 

  120.     $price_error = false;
    121. 

  121.     $error_product_name = '';
    122. 

  122.     $error_min_price = 0;
    123. 

  123.     $error_current_price = 0;
    124. 

  124.     
    125. 

  125.     foreach ($items as $item) {
    126. 

  126.         if (empty($item['product_id'])) continue;
    127. 

  127.         
    128. 

  128.         $product_id = (int)$item['product_id'];
    129. 

  129.         $spec_id = isset($item['spec_id']) ? (int)$item['spec_id'] : 0;
    130. 

  130.         $quantity = (int)$item['quantity'];
    131. 

  131.         $unit_price = (float)$item['unit_price'];
    132. 

  132.         
    133. 

  133.         // 查询产品名称,用于错误提示
    134. 

  134.         $product_query = "SELECT ProductName FROM products WHERE id = $product_id";
    135. 

  135.         $product_result = mysqli_query($conn, $product_query);
    136. 

  136.         
    137. 

  137.         // 检查产品是否存在
    138. 

  138.         if (mysqli_num_rows($product_result) === 0) {
    139. 

  139.             echo "<script>alert(\"订单中包含不存在的产品(ID: {$product_id}),请检查订单数据\");history.back();</script>";
    140. 

  140.             exit;
    141. 

  141.         }
    142. 

  142.         
    143. 

  143.         $product_row = mysqli_fetch_assoc($product_result);
    144. 

  144.         $product_name = $product_row['ProductName'];
    145. 

  145.         
    146. 

  146.         // 如果有规格ID,检查规格价格
    147. 

  147.         if ($spec_id > 0) {
    148. 

  148. 

  149.             //先判断是否国家有特殊规格
    150. 

  150. 

  151. 

  152.             $spec_result=null;
    153. 

  153.             if($customer_country>0) {
    154. 

  154.                 $spec_query = "SELECT pcp.price,pcp.min_order_quantity, ps.spec_name, ps.spec_value FROM product_country_price pcp
    155. 

  155.                                     left join product_specifications ps on pcp.specification_id=ps.id
    156. 

  156.                           WHERE pcp.specification_id = $spec_id  AND pcp.country_id = $customer_country
    157. 

  157.                           LIMIT 1";
    158. 

  158.                 $spec_result = mysqli_query($conn, $spec_query);
    159. 

  159.             }
    160. 

  160. 

  161.             if (mysqli_num_rows($spec_result) < 1) {
    162. 

  162.                 $spec_query = "SELECT price, spec_name, spec_value FROM product_specifications 
    163. 

  163.                           WHERE id = $spec_id AND product_id = $product_id 
    164. 

  164.                           LIMIT 1";
    165. 

  165. 

  166.                 $spec_result = mysqli_query($conn, $spec_query);
    167. 

  167.             }
    168. 

  168.             
    169. 

  169.             if (mysqli_num_rows($spec_result) > 0) {
    170. 

  170.                 $spec_row = mysqli_fetch_assoc($spec_result);
    171. 

  171.                 $min_price = (float)$spec_row['price'];
    172. 

  172.                 
    173. 

  173.                 // 如果单价低于规格价格,标记错误
    174. 

  174.                 if ($min_price > 0 && $unit_price < $min_price) {
    175. 

  175.                     $price_error = true;
    176. 

  176.                     $error_product_name = $product_name . " (" . $spec_row['spec_name'] . ": " . $spec_row['spec_value'] . ")";
    177. 

  177.                     $error_min_price = $min_price;
    178. 

  178.                     $error_current_price = $unit_price;
    179. 

  179.                     break;
    180. 

  180.                 }
    181. 

  181.             }
    182. 

  182.         }
    183. 

  183.     }
    184. 

  184.     
    185. 

  185.     // 如果价格低于指导价,显示错误并返回
    186. 

  186.     if ($price_error) {
    187. 

  187.         $error_message = "产品  {$error_product_name} 的价格 ({$error_current_price}) 低于指导价 ({$error_min_price})";
    188. 

  188.         echo "<script>alert(\"{$error_message}\");history.back();</script>";
    189. 

  189.         exit;
    190. 

  190.     }
    191. 

  191. 

  192.     // 更新订单基本信息
    193. 

  193.     $sql = "UPDATE orders SET 
    194. 

  194.             order_code = '$order_code', 
    195. 

  195.             customer_id = $customer_id, 
    196. 

  196.             contact_id = $contact_id, 
    197. 

  197.             employee_id = $employee_id, 
    198. 

  198.             order_date = '$order_date', 
    199. 

  199.             delivery_date = $delivery_date, 
    200. 

  200.             actual_delivery_date = $actual_delivery_date, 
    201. 

  201.             order_status = $order_status, 
    202. 

  202.             payment_status = $payment_status, 
    203. 

  203.             currency = '$currency', 
    204. 

  204.             subtotal = $subtotal, 
    205. 

  205.             discount_amount = $discount_amount, 
    206. 

  206.             total_amount = $total_amount, 
    207. 

  207.             notes = '$notes', 
    208. 

  208.             internal_notes = '$internal_notes', 
    209. 

  209.             updated_at = NOW() 
    210. 

  210.             WHERE id = $id";
    211. 

  211. 

  212.     mysqli_query($conn, $sql);
    213. 

  213. 

  214.     // 删除旧的订单项
    215. 

  215.     $sql = "DELETE FROM order_items WHERE order_id = $id";
    216. 

  216.     mysqli_query($conn, $sql);
    217. 

  217. 

  218.     // 添加新的订单项
    219. 

  219.     foreach ($items as $item) {
    220. 

  220.         if (empty($item['product_id'])) continue; // 跳过没有选择产品的行
    221. 

  221. 

  222.         $product_id = (int)$item['product_id'];
    223. 

  223.         $spec_id = isset($item['spec_id']) ? (int)$item['spec_id'] : 0; // 添加规格ID
    224. 

  224.         $quantity = (int)$item['quantity'];
    225. 

  225.         $unit = mysqli_real_escape_string($conn, htmlspecialchars($item['unit'], ENT_QUOTES, 'UTF-8'));
    226. 

  226.         $unit_price = (float)$item['unit_price'];
    227. 

  227.         $total_price = $quantity * $unit_price;
    228. 

  228.         $item_notes = mysqli_real_escape_string($conn, htmlspecialchars($item['notes'] ?? '', ENT_QUOTES, 'UTF-8'));
    229. 

  229. 

  230.         $sql = "INSERT INTO order_items (
    231. 

  231.                 order_id, product_id, specification_id, quantity, unit, unit_price, 
    232. 

  232.                 total_price, notes, 
    233. 

  233.                 created_at, updated_at
    234. 

  234.             ) VALUES (
    235. 

  235.                 $id, $product_id, $spec_id, $quantity, '$unit', $unit_price, 
    236. 

  236.                 $total_price, '$item_notes', 
    237. 

  237.                 NOW(), NOW()
    238. 

  238.             )";
    239. 

  239. 

  240.         mysqli_query($conn, $sql);
    241. 

  241.     }
    242. 

  242. 

  243.     $message = "订单更新成功!";
    244. 

  244. } else {
    245. 

  245. 

  246.     //价格判断,不能低于指导价
    247. 

  247.     $price_error = false;
    248. 

  248.     $error_product_name = '';
    249. 

  249.     $error_min_price = 0;
    250. 

  250.     $error_current_price = 0;
    251. 

  251.     
    252. 

  252.     foreach ($items as $item) {
    253. 

  253.         if (empty($item['product_id'])) continue;
    254. 

  254.         
    255. 

  255.         $product_id = (int)$item['product_id'];
    256. 

  256.         $spec_id = isset($item['spec_id']) ? (int)$item['spec_id'] : 0;
    257. 

  257.         $quantity = (int)$item['quantity'];
    258. 

  258.         $unit_price = (float)$item['unit_price'];
    259. 

  259.         
    260. 

  260.         // 查询产品名称,用于错误提示
    261. 

  261.         $product_query = "SELECT ProductName FROM products WHERE id = $product_id";
    262. 

  262.         $product_result = mysqli_query($conn, $product_query);
    263. 

  263.         
    264. 

  264.         // 检查产品是否存在
    265. 

  265.         if (mysqli_num_rows($product_result) === 0) {
    266. 

  266.             echo "<script>alert(\"订单中包含不存在的产品(ID: {$product_id}),请检查订单数据\");history.back();</script>";
    267. 

  267.             exit;
    268. 

  268.         }
    269. 

  269.         
    270. 

  270.         $product_row = mysqli_fetch_assoc($product_result);
    271. 

  271.         $product_name = $product_row['ProductName'];
    272. 

  272.         
    273. 

  273.         // 如果有规格ID,检查规格价格
    274. 

  274.         if ($spec_id > 0) {
    275. 

  275. 

  276.             //先判断是否国家有特殊规格
    277. 

  277. 

  278.             $spec_result=null;
    279. 

  279.             if($customer_country>0) {
    280. 

  280.                 $spec_query = "SELECT pcp.price,pcp.min_order_quantity, ps.spec_name, ps.spec_value FROM product_country_price pcp
    281. 

  281.                                     left join product_specifications ps on pcp.specification_id=ps.id
    282. 

  282.                           WHERE pcp.specification_id = $spec_id  AND pcp.country_id = $customer_country
    283. 

  283.                           LIMIT 1";
    284. 

  284.                 $spec_result = mysqli_query($conn, $spec_query);
    285. 

  285.             }
    286. 

  286. 

  287.             if (mysqli_num_rows($spec_result) < 1) {
    288. 

  288.                 $spec_query = "SELECT price, spec_name, spec_value FROM product_specifications 
    289. 

  289.                           WHERE id = $spec_id AND product_id = $product_id 
    290. 

  290.                           LIMIT 1";
    291. 

  291. 

  292.                 $spec_result = mysqli_query($conn, $spec_query);
    293. 

  293.             }
    294. 

  294.             
    295. 

  295.             if (mysqli_num_rows($spec_result) > 0) {
    296. 

  296.                 $spec_row = mysqli_fetch_assoc($spec_result);
    297. 

  297.                 $min_price = (float)$spec_row['price'];
    298. 

  298.                 
    299. 

  299.                 // 如果单价低于规格价格,标记错误
    300. 

  300.                 if ($min_price > 0 && $unit_price < $min_price) {
    301. 

  301.                     $price_error = true;
    302. 

  302.                     $error_product_name = $product_name . " (" . $spec_row['spec_name'] . ": " . $spec_row['spec_value'] . ")";
    303. 

  303.                     $error_min_price = $min_price;
    304. 

  304.                     $error_current_price = $unit_price;
    305. 

  305.                     break;
    306. 

  306.                 }
    307. 

  307.             }
    308. 

  308.         }
    309. 

  309.     }
    310. 

  310.     
    311. 

  311.     // 如果价格低于指导价,显示错误并返回
    312. 

  312.     if ($price_error) {
    313. 

  313.         $error_message = "产品  {$error_product_name}  的价格 ({$error_current_price}) 低于指导价 ({$error_min_price})";
    314. 

  314.         echo "<script>alert(\"{$error_message}\");history.back();</script>";
    315. 

  315.         exit;
    316. 

  316.     }
    317. 

  317. 

  318.     // 创建新订单
    319. 

  319.     $sql = "INSERT INTO orders (
    320. 

  320.             order_code, customer_id, contact_id, employee_id, 
    321. 

  321.             order_date, delivery_date, actual_delivery_date, 
    322. 

  322.             order_status, payment_status, currency, 
    323. 

  323.             subtotal, discount_amount, total_amount, 
    324. 

  324.             notes, internal_notes, created_at, updated_at
    325. 

  325.         ) VALUES (
    326. 

  326.             '$order_code', $customer_id, $contact_id, $employee_id, 
    327. 

  327.             '$order_date', $delivery_date, $actual_delivery_date, 
    328. 

  328.             $order_status, $payment_status, '$currency', 
    329. 

  329.             $subtotal, $discount_amount, $total_amount, 
    330. 

  330.             '$notes', '$internal_notes', NOW(), NOW()
    331. 

  331.         )";
    332. 

  332. 

  333.     mysqli_query($conn, $sql);
    334. 

  334.     $order_id = mysqli_insert_id($conn);
    335. 

  335. 

  336.     // 添加订单项
    337. 

  337.     foreach ($items as $item) {
    338. 

  338.         if (empty($item['product_id'])) continue; // 跳过没有选择产品的行
    339. 

  339. 

  340.         $product_id = (int)$item['product_id'];
    341. 

  341.         $spec_id = isset($item['spec_id']) ? (int)$item['spec_id'] : 0; // 添加规格ID
    342. 

  342.         $quantity = (int)$item['quantity'];
    343. 

  343.         $unit = mysqli_real_escape_string($conn, htmlspecialchars($item['unit'], ENT_QUOTES, 'UTF-8'));
    344. 

  344.         $unit_price = (float)$item['unit_price'];
    345. 

  345.         $total_price = $quantity * $unit_price;
    346. 

  346.         $item_notes = mysqli_real_escape_string($conn, htmlspecialchars($item['notes'] ?? '', ENT_QUOTES, 'UTF-8'));
    347. 

  347. 

  348.         $sql = "INSERT INTO order_items (
    349. 

  349.                 order_id, product_id, specification_id, quantity, unit, unit_price, 
    350. 

  350.                 total_price, notes, 
    351. 

  351.                 created_at, updated_at
    352. 

  352.             ) VALUES (
    353. 

  353.                 $order_id, $product_id, $spec_id, $quantity, '$unit', $unit_price, 
    354. 

  354.                 $total_price, '$item_notes', 
    355. 

  355.                 NOW(), NOW()
    356. 

  356.             )";
    357. 

  357. 

  358.         mysqli_query($conn, $sql);
    359. 

  359.     }
    360. 

  360. 

  361.     $message = "订单创建成功!";
    362. 

  362. }
    363. 

  363. 

  364. // 重定向回订单列表页面
    365. 

  365. $page = $_GET['Page'] ?? '';
    366. 

  366. $keys = urlencode($_GET['Keys'] ?? '');
    367. 

  367. echo "<script>alert('$message');location.href='order.php?keys=$keys&Page=$page';</script>";
    368. 

  368. exit;
    369. 

  369. ?>
    370.