mtb_crm_asp/delete_relationship.php

<?php
require_once 'conn.php';
checkLogin();

header('Content-Type: application/json');

if (!isset($_POST['id']) || !is_numeric($_POST['id'])) {
    echo json_encode(['success' => false, 'message' => '参数错误']);
    exit;
}

$id = intval($_POST['id']);
$isAdmin = checkIfAdmin();

// 验证权限
if (!$isAdmin) {
    // 检查当前用户是否是源客户或目标客户的负责人
    $sql = "SELECT cr.source_customer_id, cr.target_customer_id 
            FROM customer_relationship cr
            WHERE cr.id = $id";
    $result = mysqli_query($conn, $sql);
    
    if ($row = mysqli_fetch_assoc($result)) {
        $sourceId = $row['source_customer_id'];
        $targetId = $row['target_customer_id'];
        $employeeId = $_SESSION['employee_id'];
        
        $customerSql = "SELECT id FROM customer WHERE (id = $sourceId OR id = $targetId) AND cs_belong = $employeeId";
        $customerResult = mysqli_query($conn, $customerSql);
        
        if (mysqli_num_rows($customerResult) == 0) {
            echo json_encode(['success' => false, 'message' => '您没有权限删除此客户关系']);
            exit;
        }
    } else {
        echo json_encode(['success' => false, 'message' => '未找到客户关系']);
        exit;
    }
}

// 执行删除
$deleteSql = "DELETE FROM customer_relationship WHERE id = $id";
$result = mysqli_query($conn, $deleteSql);

if ($result) {
    echo json_encode(['success' => true, 'message' => '客户关系已删除']);
} else {
    echo json_encode(['success' => false, 'message' => '删除失败: ' . mysqli_error($conn)]);
}
?>