diff --git a/FlyCube/MpApi/Controller/AdminController.class.php b/FlyCube/MpApi/Controller/AdminController.class.php
index b331bf8..f1f7164 100644
--- a/FlyCube/MpApi/Controller/AdminController.class.php
+++ b/FlyCube/MpApi/Controller/AdminController.class.php
@@ -432,23 +432,34 @@ class AdminController extends PublicController
 	 */
 	public function deleteMessage()
 	{
-
-		// 权限判断
+		// 权限判断（总管理员可操作所有商铺）
 		if ($this->tokenShop_id != C('powerId')) {
 			$where['shop_id'] = $this->tokenShop_id;
 		}
 
-		if ($_REQUEST['delIdArr']) {
-			$where['id'] = array("in", $_REQUEST['delIdArr']);
-
-			$messageDb = D('message'); // 表名为 message
-			if ($messageDb->where($where)->delete()) {
-				echo json_encode(array('status' => 1, 'msg' => '删除成功'));
+		// 接收参数并校验
+		$delIdArrRaw = isset($_REQUEST['delIdArr']) ? $_REQUEST['delIdArr'] : '';
+		if (!empty($delIdArrRaw)) {
+			// 确保 $delIdArr 是数组（前端传逗号分隔字符串）
+			if (is_string($delIdArrRaw)) {
+				$delIdArr = explode(',', $delIdArrRaw);
+			} elseif (is_array($delIdArrRaw)) {
+				$delIdArr = $delIdArrRaw;
 			} else {
-				echo json_encode(array('status' => 0, 'msg' => '删除失败'));
+				echo json_encode(['status' => 0, 'msg' => '参数格式不正确']);
+				return;
+			}
+
+			$where['id'] = ['in', $delIdArr];
+
+			$messageDb = D('message');
+			if ($messageDb->where($where)->delete()) {
+				echo json_encode(['status' => 1, 'msg' => '删除成功']);
+			} else {
+				echo json_encode(['status' => 0, 'msg' => '删除失败']);
 			}
 		} else {
-			echo json_encode(array('status' => 0, 'msg' => '参数有误'));
+			echo json_encode(['status' => 0, 'msg' => '参数有误']);
 		}
 	}