|
|
@@ -1027,31 +1027,59 @@ class CostAccounting extends Api
|
|
|
if (empty($param)) {
|
|
|
$this->error('参数错误');
|
|
|
}
|
|
|
+
|
|
|
+// 参数过滤和安全处理
|
|
|
+ $param = array_map(function($value) {
|
|
|
+ return is_string($value) ? trim($value) : $value;
|
|
|
+ }, $param);
|
|
|
+
|
|
|
$where = [];
|
|
|
- if (isset($param['code'])) {
|
|
|
- $where['b.成品代号'] = ['like',$param['code'].'%'];
|
|
|
+
|
|
|
+// 精确查询成品代号
|
|
|
+ if (!empty($param['code'])) {
|
|
|
+ $code = htmlspecialchars($param['code'], ENT_QUOTES);
|
|
|
+ $where['b.成品代号'] = ['like', $code . '%'];
|
|
|
}
|
|
|
- $page = $this->request->param('page', 1);
|
|
|
- $pageSize = $this->request->param('limit', 30);
|
|
|
- if (isset($search)){
|
|
|
- $where['a.工单编号|b.成本名称'] = ['like','%'.$search.'%'];
|
|
|
+
|
|
|
+ // 分页参数处理
|
|
|
+ $page = max(1, intval($param['page'] ?? 1));
|
|
|
+ $pageSize = max(1, min(100, intval($param['limit'] ?? 30))); // 限制最大100条
|
|
|
+
|
|
|
+ // 搜索条件处理
|
|
|
+ if (!empty($param['search'])) {
|
|
|
+ $search = htmlspecialchars($param['search'], ENT_QUOTES);
|
|
|
+ $where['a.工单编号|b.成品名称'] = ['like', $search . '%'];
|
|
|
}
|
|
|
- $list = db('成本v23_完工工单车间成本汇总')
|
|
|
+
|
|
|
+ // 获取总数用于分页(性能优化)
|
|
|
+ $totalQuery = db('成本v23_完工工单车间成本汇总')
|
|
|
->alias('a')
|
|
|
->join('工单_基本资料 b', 'a.工单编号 = b.Gd_gdbh')
|
|
|
- ->field('a.*, TRIM(b.成品代号) as 成品代号, TRIM(b.成品名称) as 成品名称')
|
|
|
- ->where($where)
|
|
|
- ->page($page, $pageSize)
|
|
|
- ->select();
|
|
|
+ ->where($where);
|
|
|
+
|
|
|
+ $total = $totalQuery->count();
|
|
|
+
|
|
|
+ // 分页查询数据
|
|
|
+ $list = [];
|
|
|
+ if ($total > 0) {
|
|
|
+ $offset = ($page - 1) * $pageSize;
|
|
|
+
|
|
|
+ $list = db('成本v23_完工工单车间成本汇总')
|
|
|
+ ->alias('a')
|
|
|
+ ->join('工单_基本资料 b', 'a.工单编号 = b.Gd_gdbh')
|
|
|
+ ->field([
|
|
|
+ 'a.*',
|
|
|
+ 'TRIM(b.成品代号) as 成品代号',
|
|
|
+ 'TRIM(b.成品名称) as 成品名称',
|
|
|
+ ])
|
|
|
+ ->where($where)
|
|
|
+ ->order('a.工单编号 DESC') // 添加排序,避免分页混乱
|
|
|
+ ->limit($offset, $pageSize)
|
|
|
+ ->select();
|
|
|
+ }
|
|
|
if (empty($list)) {
|
|
|
$this->error('未找到完工成本数据');
|
|
|
}
|
|
|
- $total = db('成本v23_完工工单车间成本汇总')
|
|
|
- ->alias('a')
|
|
|
- ->join('工单_基本资料 b', 'a.工单编号 = b.Gd_gdbh')
|
|
|
- ->where($where)
|
|
|
- ->count();
|
|
|
-
|
|
|
$data = [
|
|
|
'total' => $total,
|
|
|
'list' => $list,
|
