diff --git a/app/Http/Controllers/Admin/StatisticsController.php b/app/Http/Controllers/Admin/StatisticsController.php
index 01e6238..893cf52 100755
--- a/app/Http/Controllers/Admin/StatisticsController.php
+++ b/app/Http/Controllers/Admin/StatisticsController.php
@@ -428,12 +428,8 @@ class StatisticsController extends CommonController
 
     public function huli(Request $request)
     {
-        $projects = $this->_checkProjects();
-        if (!$projects->count()) {
-            return $this->error($this->noProjects);
-        }
-        $firstProject = $projects->first();
-        $defaultProjectsId = $firstProject ? $firstProject->id : '';
+        $projects = (new StatisticsController())->_checkProjects();
+        $defaultProjectsId = ($projects[0]->id) ?? '';
         $project_id = $request->get('project_id', $defaultProjectsId);
         $month = request()->month ?? date("Y-m");
 
@@ -454,9 +450,9 @@ class StatisticsController extends CommonController
         $buildingId = [];
         if ($hushizhang) {
             $user = auth()->user();
-            $areaId = AdminAreaLink::where(function ($query) use ($project_id) {
+            $areaId = AdminAreaLink::where(function ($qeury) use ($project_id) {
                 if ($project_id) {
-                    $query->where('project_id', $project_id);
+                    $qeury->where('project_id', $project_id);
                 }
             })->where('admin_id', $user->id)->pluck('area_id');
         } elseif ($yuanfang) {
@@ -478,20 +474,16 @@ class StatisticsController extends CommonController
         $data->appends($request->all())->render();
 
         $product = Product::where('project_id', $project_id)->first();
-        if (!$product) {
-            return $this->error("该项目下没有找到产品");
-        }
         $productItem = ProductItems::where('product_id', $product->id)->get();
         $factor = FactorItems::where('factor_id', $product->statistic_factor_id)->get();
         $sumOrderTotal = 0;
         foreach ($data as $item) {
             // 获取所有床位id
             $bedIds = Bed::where('area_id', $item->id)->pluck('id');
-            // 总和 - 使用DATE_FORMAT精确匹配月份
+            // 总和
             $item->order_total = OrderItems::whereIn('product_item_id', $productItem->pluck('id'))
                 ->whereIn("bed_id", $bedIds)
-                ->whereNotNull('paid_at')
-                ->whereRaw("DATE_FORMAT(`paid_at`,'%Y-%m') = '{$month}'")
+                ->where('paid_at', 'like', '%' . $month . '%')
                 ->sum('total');
             $sumOrderTotal += $item->order_total;
             // 子项
@@ -499,15 +491,12 @@ class StatisticsController extends CommonController
         }
         // 获取所有列
         $lie = [];
-        if ($data->total() > 0) {
-            $firstDataItem = $data->items()[0] ?? null;
-            if ($firstDataItem && isset($firstDataItem->lies)) {
-                $lie = array_column($firstDataItem->lies, 'name');
-            }
+        if (isset($data[0]->lies)) {
+            $lie = array_column($data[0]->lies, 'name');
         }
         $months = $this->_getMonths();
 
-        return view($this->bladePath . ".huli", compact("sumOrderTotal", "data", "month", "lie", "projects", "project_id", "months"));
+        return view($this->bladePath . ".huli", compact("sumOrderTotal", "data", "month", "lie", "projects", "project_id"));
     }
 
     /**
@@ -516,23 +505,38 @@ class StatisticsController extends CommonController
     public function getLies($bedIds, $productItem, $factor, $month)
     {
         $list = [];
+
+        // 修复：如果床位ID为空，直接返回空数组，避免 whereIn 空数组导致的SQL错误
+        if (empty($bedIds)) {
+            return $list;
+        }
+
         foreach ($productItem as $item) {
             foreach ($factor as $factor_item) {
                 $query = OrderItems::where('product_item_id', $item->id)
                     ->whereIn("bed_id", $bedIds)
-                    ->whereRaw("factors like '%\"factor_item_id\": {$factor_item->id}%'")
-                    ->whereNotNull('paid_at')
-                    ->whereRaw("DATE_FORMAT(`paid_at`,'%Y-%m') = '{$month}'");
+                    ->where('paid_at', 'like', '%' . $month . '%');
+
+                // 修复：使用参数绑定防止SQL注入，并使用更精确的JSON匹配
+                // 确保 factor_item_id 是整数类型，防止SQL注入
+                $factorItemId = (int) $factor_item->id;
+
+                // 使用更精确的LIKE匹配模式，避免误匹配（如 1 匹配到 10、11 等）
+                // 匹配模式：%"factor_item_id":数字, 或 %"factor_item_id":数字}
+                // 使用 CONCAT 和参数绑定确保完全安全
+                $query->where(function ($q) use ($factorItemId) {
+                    // 使用 CONCAT 函数构建模式，完全参数化，防止SQL注入
+                    $q->whereRaw("factors LIKE CONCAT('%', '\"factor_item_id\":', ?, ',%')", [$factorItemId])
+                        ->orWhereRaw("factors LIKE CONCAT('%', '\"factor_item_id\":', ?, '}%')", [$factorItemId]);
+                });
+
+                // 如果MySQL版本 >= 5.7，也可以使用JSON函数（更精确）
+                // $query->whereRaw("JSON_SEARCH(factors, 'one', ?, NULL, '$[*].factor_item_id') IS NOT NULL", [$factorItemId]);
 
                 $total = $query->sum('total');
-                $count = $query->count();
 
-                // 如果有实际订单数据，使用平均单价；否则使用理论价格
-                if ($count > 0 && $total > 0) {
-                    $totalPrice = round($total / $count, 2);
-                } else {
-                    $totalPrice = $item->price + $factor_item->price;
-                }
+                // 修复：明确计算价格总和，避免运算符优先级问题
+                $totalPrice = (float) $item->price + (float) $factor_item->price;
 
                 $list[] = [
                     'name' => $totalPrice . '元/天',
@@ -562,7 +566,7 @@ class StatisticsController extends CommonController
 
         $month = request()->month ?? date("Y-m");
         $months = $this->_getMonths();
-        // 当月天数1
+        // 当月天数
         $days = date('t', strtotime($month));
         $area = Area::withCount('beds')->where('project_id', $project_id)->get();
         $beds = Bed::whereIn('area_id', $area->pluck('id'))->where('project_id', $project_id)->get();