first commit

application/admin/controller/Deliver.php

@@ -655,6 +655,7 @@ class Deliver extends Backend
         }
         $id = input('id');
         $good_list = $goods->where('_id',$id)->find();
+
         if ($good_list){
             if (strpos($good_list['export_id'],',') === false){
                 $export_id[0] = $good_list['export_id'];
@@ -685,6 +686,7 @@ class Deliver extends Backend
             if ($good_list['note'] == 'NULL'){
                 $good_list['note'] = '';
             }
+
             return json(['code'=>1,'data'=>$good_list]);
         }
     }

application/admin/controller/QcodeBach.php

@@ -71,18 +71,30 @@ class QcodeBach extends Backend
 
             // 获取前端传参
             $req = input();
-            $sort = $req['sort'] == 'id' ? '_id' : $req['sort'];
-            $order = $req['order'] ?? 'desc';
+
+            // 安全处理排序字段和排序方式
+            $sort = $req['sort'] ?? 'id';
+            $sort = $sort == 'id' ? '_id' : $sort;
+
+            // 定义允许排序的字段，防止注入
+            $allowedSortFields = ['_id', 'create_time', 'update_time', 'name']; // 按实际情况添加
+            if (!in_array($sort, $allowedSortFields)) {
+                $sort = '_id';
+            }
+
+            $orderStr = strtolower($req['order'] ?? 'desc');
+            $order = $orderStr === 'asc' ? 1 : -1; // MongoDB 排序必须是 1 或 -1
+
             $offset = $req['offset'] ?? 0;
             $limit = $req['limit'] ?? 20;
 
             // 解析 filter 筛选条件
-            $filter = json_decode($req['filter'], true);
-            if (is_array($filter)) {
-                foreach ($filter as $k => $v) {
-                    $where[$k] = new \MongoDB\BSON\Regex($v);
-                }
-            }
+//        $filter = json_decode($req['filter'], true);
+//        if (is_array($filter)) {
+//            foreach ($filter as $k => $v) {
+//                $where[$k] = new \MongoDB\BSON\Regex($v);
+//            }
+//        }
 
             $list = [];
 
@@ -99,7 +111,7 @@ class QcodeBach extends Backend
                     $cid = $row['company'];
                     $rows = $this->model->name($cid . '_qcode_bach')
                         ->where($where)
-                        ->select(); // 不分页，后面统一处理
+                        ->select(); // 不分页，后续统一处理
 
                     foreach ($rows as &$item) {
                         $oid = $item['_id']->jsonSerialize();
@@ -113,23 +125,21 @@ class QcodeBach extends Backend
                 usort($list, function ($a, $b) use ($sort, $order) {
                     $valA = $a[$sort] ?? 0;
                     $valB = $b[$sort] ?? 0;
-                    return $order === 'asc' ? ($valA <=> $valB) : ($valB <=> $valA);
+                    return $order === 1 ? ($valA <=> $valB) : ($valB <=> $valA);
                 });
 
                 // 总数与分页
                 $total = count($list);
                 $list = array_slice($list, $offset, $limit);
+
             } else {
                 // 普通用户：只查本公司
-                $model = $this->model->name($company_id . '_qcode_bach');
-                $total = $model->where($where)->count();
-
-                $list = $model->where($where)
+                $total = $this->model->name($company_id . '_qcode_bach')->where($where)->count();
+                $list = $this->model->name($company_id . '_qcode_bach')->where($where)
                     ->order([$sort => $order])
                     ->limit($limit)
                     ->skip($offset)
                     ->select();
-
                 foreach ($list as &$item) {
                     $oid = $item['_id']->jsonSerialize();
                     $item['id'] = $oid['$oid'];

application/admin/view/qcode_add/index.html

@@ -74,6 +74,7 @@
                     <select name="tray_num" id="tray_num" style="width: 200px;padding: 5px;">
                         <option value="1">========>选择<========</option>
                         <option value="5">========>5层<========</option>
+                        <option value="20">========>20箱<========</option>
                         <option value="24">========>24箱<========</option>
                         <option value="28">========>28箱<========</option>
                         <option value="32">========>32箱<========</option>

application/admin/view/qcode_bach/index.html

@@ -51,9 +51,9 @@
 
                         </div>
                         <table id="table1" class="table table-striped table-bordered table-hover"
-                               data-show-toggle="false"
-                               data-show-columns="false"
-                               data-show-export="false"
+                               data-search="false" data-show-toggle="false"
+                               data-show-columns="false" data-show-export="false"
+                               data-common-search="false"
                                width="100%">
 
                         </table>

application/extra/global.php

@@ -3,12 +3,14 @@
 use think\Session;
 
 /**
- * 判断是否为超级管理员（admin 或 zzhjysy）
+ * 批次列表中
+ * return in_array(填入用户账号与管理员权限一致可查看全部数据)
+ * 不填入用户账号只能查看本账号数据
  * @return bool
  */
 function isSuperAdmin()
 {
     $userInfo = Session::get('admin');
     $username = $userInfo['username'] ?? '';
-    return in_array($username, ['admin', 'zzhjysy']);
+    return in_array($username, ['admin', 'zzhjysy','jyyy']);
 }

public/assets/js/backend/qcode_bach.js

@@ -505,8 +505,11 @@ define(['jquery', 'bootstrap', 'backend', 'table', 'form', 'LodopFuncs'], functi
                     pageSize: 8,
                     pageList: [8, 20, 50, 'All'],
                     search: false,
-                    showExport: false,
+                    showExport: true,
                     singleSelect: true,
+
+
+
                     columns: [
                         [
                             {checkbox: true},