|
From: itronics <itr...@us...> - 2008-08-24 18:19:54
|
Update of /cvsroot/frontaccounting/frontaccount/includes In directory sc8-pr-cvs17.sourceforge.net:/tmp/cvs-serv28347/includes Modified Files: banking.inc current_user.inc data_checks.inc date_functions.inc errors.inc main.inc reserved.inc session.inc systypes.inc types.inc ui.inc Added Files: JsHttpRequest.php ajax.inc Log Message: Moving 2.0 development version to main trunk. Index: current_user.inc =================================================================== RCS file: /cvsroot/frontaccounting/frontaccount/includes/current_user.inc,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** current_user.inc 12 Apr 2007 22:54:02 -0000 1.1 --- current_user.inc 24 Aug 2008 18:17:42 -0000 1.2 *************** *** 5,9 **** //-------------------------------------------------------------------------- ! class current_user { --- 5,9 ---- //-------------------------------------------------------------------------- ! class current_user { *************** *** 46,59 **** $myrow = db_fetch($Auth_Result); ! $this->access = $myrow["full_access"]; ! $this->name = $myrow["real_name"]; ! $this->loginname = $loginname; ! $this->username = $this->loginname; ! $this->prefs = new user_prefs($myrow); ! update_user_visitdate($loginname); ! $this->logged = true; ! } ! else { $this->logged = false; --- 46,60 ---- $myrow = db_fetch($Auth_Result); ! $this->access = $myrow["full_access"]; ! $this->name = $myrow["real_name"]; ! $this->loginname = $loginname; ! $this->username = $this->loginname; ! $this->prefs = new user_prefs($myrow); ! update_user_visitdate($loginname); ! $this->logged = true; ! ! } ! else { $this->logged = false; *************** *** 72,76 **** { global $security_groups; ! return isset($page_level) && in_array($page_level, $security_groups[$this->access]); } --- 73,79 ---- { global $security_groups; ! // first registered company has site admin privileges ! return isset($page_level) && in_array($page_level, $security_groups[$this->access]) ! && ($this->company == 0 || $page_level != 20); } *************** *** 86,100 **** $connection["dbuser"], $connection["dbpassword"]); mysql_select_db($connection["dbname"],$db); ! if (!defined('TB_PREF')) define('TB_PREF', $connection["tbpref"]); ! return $db; } function update_prefs($price_dec, $qty_dec, $exrate_dec, $percent_dec, $showgl, $showcodes, ! $date_format, $date_sep, $tho_sep, $dec_sep, $theme, $pagesize) { update_user_display_prefs($this->username, $price_dec, $qty_dec, $exrate_dec, $percent_dec, $showgl, ! $showcodes, $date_format, $date_sep, $tho_sep, $dec_sep, $theme, $pagesize); // re-read the prefs --- 89,103 ---- $connection["dbuser"], $connection["dbpassword"]); mysql_select_db($connection["dbname"],$db); ! if (!defined('TB_PREF')) define('TB_PREF', $connection["tbpref"]); ! return $db; } function update_prefs($price_dec, $qty_dec, $exrate_dec, $percent_dec, $showgl, $showcodes, ! $date_format, $date_sep, $tho_sep, $dec_sep, $theme, $pagesize, $show_hints) { update_user_display_prefs($this->username, $price_dec, $qty_dec, $exrate_dec, $percent_dec, $showgl, ! $showcodes, $date_format, $date_sep, $tho_sep, $dec_sep, $theme, $pagesize, $show_hints); // re-read the prefs *************** *** 106,110 **** //-------------------------------------------------------------------------- ! function number_format2($number, $decimals=0) { global $thoseps, $decseps; --- 109,113 ---- //-------------------------------------------------------------------------- ! function number_format2($number, $decimals=0) { global $thoseps, $decseps; *************** *** 114,198 **** } ! function user_company() { return $_SESSION["wa_current_user"]->company; } ! function user_language() { return $_SESSION["wa_current_user"]->prefs->language(); } ! function user_qty_dec() { return $_SESSION["wa_current_user"]->prefs->qty_dec(); } ! function user_price_dec() { return $_SESSION["wa_current_user"]->prefs->price_dec(); } ! function user_exrate_dec() { return $_SESSION["wa_current_user"]->prefs->exrate_dec(); } ! function user_percent_dec() { return $_SESSION["wa_current_user"]->prefs->percent_dec(); } ! function user_show_gl_info() { return $_SESSION["wa_current_user"]->prefs->show_gl_info(); } ! function user_show_codes() { return $_SESSION["wa_current_user"]->prefs->show_codes(); } ! function user_date_format() { return $_SESSION["wa_current_user"]->prefs->date_format(); } ! function user_date_display() { return $_SESSION["wa_current_user"]->prefs->date_display(); } ! function user_date_sep() { return $_SESSION["wa_current_user"]->prefs->date_sep(); } ! function user_tho_sep() { return $_SESSION["wa_current_user"]->prefs->tho_sep(); } ! function user_dec_sep() { return $_SESSION["wa_current_user"]->prefs->dec_sep(); } ! function user_theme() { return $_SESSION["wa_current_user"]->prefs->get_theme(); } ! function user_pagesize() { return $_SESSION["wa_current_user"]->prefs->get_pagesize(); } function set_user_prefs($price_dec, $qty_dec, $exrate_dec, $percent_dec, $showgl, $showcodes, ! $date_format, $date_sep, $tho_sep, $dec_sep, $theme, $pagesize) { $_SESSION["wa_current_user"]->update_prefs($price_dec, $qty_dec, $exrate_dec, $percent_dec, $showgl, $showcodes, ! $date_format, $date_sep, $tho_sep, $dec_sep, $theme, $pagesize); } --- 117,275 ---- } ! function price_format($number) { ! return number_format2($number, ! $_SESSION["wa_current_user"]->prefs->price_dec()); ! } ! // 2008-06-15. Added extra parameter $stock_id and reference for $dec ! //-------------------------------------------------------------------- ! function qty_format($number, $stock_id=null, &$dec) { ! $dec = get_qty_dec($stock_id); ! return number_format2($number, $dec); ! } ! // and get_qty_dec ! function get_qty_dec($stock_id=null) ! { ! global $path_to_root; ! include_once($path_to_root."/inventory/includes/db/items_units_db.inc"); ! if ($stock_id != null) ! $dec = get_unit_dec($stock_id); ! if ($stock_id == null || $dec == -1 || $dec == null) ! $dec = $_SESSION["wa_current_user"]->prefs->qty_dec(); ! return $dec; ! } ! //------------------------------------------------------------------- ! function exrate_format($number) { ! return number_format2($number, ! $_SESSION["wa_current_user"]->prefs->exrate_dec()); ! } ! ! function percent_format($number) { ! return number_format2($number, ! $_SESSION["wa_current_user"]->prefs->percent_dec()); ! } ! ! function user_numeric($input) { ! global $decseps, $thoseps; ! ! $num = trim($input); ! $sep = $thoseps[user_tho_sep()]; ! if($sep!='') $num = str_replace( $sep, '', $num); ! str_replace($sep, '', $num); ! $sep = $decseps[user_dec_sep()]; ! if($sep!='.') $num = str_replace( $sep, '.', $num); ! ! if (!is_numeric($num)) ! return false; ! $num = (float)$num; ! if ($num == (int)$num) ! return (int)$num; ! else ! return $num; ! } ! ! function user_company() { return $_SESSION["wa_current_user"]->company; } ! function user_language() { return $_SESSION["wa_current_user"]->prefs->language(); } ! function user_qty_dec() { return $_SESSION["wa_current_user"]->prefs->qty_dec(); } ! function user_price_dec() { return $_SESSION["wa_current_user"]->prefs->price_dec(); } ! function user_exrate_dec() { return $_SESSION["wa_current_user"]->prefs->exrate_dec(); } ! function user_percent_dec() { return $_SESSION["wa_current_user"]->prefs->percent_dec(); } ! function user_show_gl_info() { return $_SESSION["wa_current_user"]->prefs->show_gl_info(); } ! function user_show_codes() { return $_SESSION["wa_current_user"]->prefs->show_codes(); } ! function user_date_format() { return $_SESSION["wa_current_user"]->prefs->date_format(); } ! function user_date_display() { return $_SESSION["wa_current_user"]->prefs->date_display(); } ! function user_date_sep() { return $_SESSION["wa_current_user"]->prefs->date_sep(); } ! function user_tho_sep() { return $_SESSION["wa_current_user"]->prefs->tho_sep(); } ! function user_dec_sep() { return $_SESSION["wa_current_user"]->prefs->dec_sep(); } ! function user_theme() { return $_SESSION["wa_current_user"]->prefs->get_theme(); } ! function user_pagesize() { return $_SESSION["wa_current_user"]->prefs->get_pagesize(); } + function user_hints() + { + return $_SESSION["wa_current_user"]->prefs->show_hints(); + } + function set_user_prefs($price_dec, $qty_dec, $exrate_dec, $percent_dec, $showgl, $showcodes, ! $date_format, $date_sep, $tho_sep, $dec_sep, $theme, $pagesize, $show_hints) { $_SESSION["wa_current_user"]->update_prefs($price_dec, $qty_dec, $exrate_dec, $percent_dec, $showgl, $showcodes, ! $date_format, $date_sep, $tho_sep, $dec_sep, $theme, $pagesize, $show_hints); ! } ! ! function add_user_js_data() { ! global $path_to_root, $thoseps, $decseps; ! ! $ts = $thoseps[user_tho_sep()]; ! $ds = $decseps[user_dec_sep()]; ! ! $js = "\n<script type=\"text/javascript\">\n" ! . "<!--\n" ! . "var user = {\n" ! . "theme: '". $path_to_root . '/themes/'. 'default' /*user_theme()*/.'/'."',\n" ! . "loadtxt: '"._('Requesting data...')."',\n" ! . "ts: '$ts',\n" ! . "ds: '$ds',\n" ! . "pdec : " . user_price_dec() . "}\n--></script>"; ! ! add_js_source($js); } Index: main.inc =================================================================== RCS file: /cvsroot/frontaccounting/frontaccount/includes/main.inc,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** main.inc 12 Apr 2007 22:54:03 -0000 1.1 --- main.inc 24 Aug 2008 18:17:43 -0000 1.2 *************** *** 9,41 **** include_once($path_to_root . "/includes/references.inc"); include_once($path_to_root . "/includes/prefs/sysprefs.inc"); ! include_once($path_to_root . "/includes/db/comments_db.inc"); ! include_once($path_to_root . "/includes/db/sql_functions.inc"); ! ! include_once($path_to_root . "/reporting/includes/form_types.inc"); ! ! include_once($path_to_root . "/admin/db/users_db.inc"); ! ! function page($title, $no_menu=false, $is_index=false, $onload="", $js="") { ! global $path_to_root; ! $hide_menu = $no_menu; ! include($path_to_root . "/includes/page/header.inc"); ! page_header($title, $no_menu, $is_index, $onload, $js); ! } ! ! function end_page($no_menu=false, $is_index=false) { ! global $path_to_root; ! $hide_menu = $no_menu; ! include($path_to_root . "/includes/page/footer.inc"); ! ! page_footer($no_menu, $is_index); } ?> \ No newline at end of file --- 9,251 ---- include_once($path_to_root . "/includes/references.inc"); include_once($path_to_root . "/includes/prefs/sysprefs.inc"); ! include_once($path_to_root . "/includes/db/comments_db.inc"); ! include_once($path_to_root . "/includes/db/sql_functions.inc"); ! ! include_once($path_to_root . "/admin/db/users_db.inc"); ! include_once($path_to_root . "/includes/ui/ui_view.inc"); ! include_once($path_to_root . "/includes/ui/ui_controls.inc"); ! ! function page($title, $no_menu=false, $is_index=false, $onload="", $js="", $script_only=false) { ! global $path_to_root; ! $hide_menu = $no_menu; ! include($path_to_root . "/includes/page/header.inc"); ! page_header($title, $no_menu, $is_index, $onload, $js); ! error_box(); ! if($script_only) { ! echo '<noscript>'; ! echo display_heading(_('This page is usable only with javascript enabled browsers.')); ! echo '</noscript>'; ! div_start('_page_body', null, true); ! } else { ! div_start('_page_body'); // whole page content for ajax reloading ! } ! } ! ! function end_page($no_menu=false, $is_index=false) { ! global $path_to_root, $Ajax; ! $hide_menu = $no_menu; ! ! div_end(); // _page_body section include($path_to_root . "/includes/page/footer.inc"); ! ! page_footer($no_menu, $is_index); } + function flush_dir($path) { + $dir = opendir($path); + while(false !== ($fname = readdir($dir))) { + if($fname=='.' || $fname=='..') continue; + if(is_dir($path.'/'.$fname)) { + flush_dir($path.'/'.$fname); + @rmdir($path.'/'.$fname); + } else + @unlink($path.'/'.$fname); + } + } + + function cache_js_file($fpath, $text) + { + global $go_debug; + + if(!$go_debug) $text = js_compress($text); + + $file = fopen($fpath, 'w'); + if (!$file) return false; + if (!fwrite($file, $text)) return false; + return fclose($file); + + } + + function add_js_file($filename) + { + global $js_static; + + $search = array_search($filename, $js_static); + if ($search === false || $search === null) // php>4.2.0 returns null + $js_static[] = $filename; + } + + function add_js_ufile($filename) + { + global $js_userlib; + + $search = array_search($filename, $js_userlib); + if ($search === false || $search === null) // php>4.2.0 returns null + $js_userlib[] = $filename; + } + + function add_js_source($text) + { + global $js_lib; + + $search = array_search($text, $js_lib); + if ($search === false || $search === null) // php>4.2.0 returns null + $js_lib[] = $text; + } + + /** + * Compresses the Javascript code for more efficient delivery. + * copyright (c) 2005 by Jared White & J. Max Wilson + * http://www.xajaxproject.org + * Added removing comments from output. + * Warning: Fails on RegExp with quotes - use new RegExp() in this case. + */ + function js_compress($sJS) + { + //remove windows cariage returns + $sJS = str_replace("\r","",$sJS); + + //array to store replaced literal strings + $literal_strings = array(); + + //explode the string into lines + $lines = explode("\n",$sJS); + //loop through all the lines, building a new string at the same time as removing literal strings + $clean = ""; + $inComment = false; + $literal = ""; + $inQuote = false; + $escaped = false; + $quoteChar = ""; + + for($i=0;$i<count($lines);$i++) + { + $line = $lines[$i]; + $inNormalComment = false; + + //loop through line's characters and take out any literal strings, replace them with ___i___ where i is the index of this string + for($j=0;$j<strlen($line);$j++) + { + $c = substr($line,$j,1); + $d = substr($line,$j,2); + + //look for start of quote + if(!$inQuote && !$inComment) + { + //is this character a quote or a comment + if(($c=="\"" || $c=="'") && !$inComment && !$inNormalComment) + { + $inQuote = true; + $inComment = false; + $escaped = false; + $quoteChar = $c; + $literal = $c; + } + else if($d=="/*" && !$inNormalComment) + { + $inQuote = false; + $inComment = true; + $escaped = false; + $quoteChar = $d; + $literal = $d; + $j++; + } + else if($d=="//") //ignore string markers that are found inside comments + { + $inNormalComment = true; + $clean .= $c; + } + else + { + $clean .= $c; + } + } + else //allready in a string so find end quote + { + if($c == $quoteChar && !$escaped && !$inComment) + { + $inQuote = false; + $literal .= $c; + + //subsitute in a marker for the string + $clean .= "___" . count($literal_strings) . "___"; + + //push the string onto our array + array_push($literal_strings,$literal); + + } + else if($inComment && $d=="*/") + { + $inComment = false; + $literal .= $d; + + //subsitute in a marker for the string + $clean .= "___" . count($literal_strings) . "___"; + + //push the string onto our array + array_push($literal_strings,$literal); + + $j++; + } + else if($c == "\\" && !$escaped) + $escaped = true; + else + $escaped = false; + + $literal .= $c; + } + } + if($inComment) $literal .= "\n"; + $clean .= "\n"; + } + //explode the clean string into lines again + $lines = explode("\n",$clean); + + //now process each line at a time + for($i=0;$i<count($lines);$i++) + { + $line = $lines[$i]; + + //remove comments + $line = preg_replace("/\/\/(.*)/","",$line); + + //strip leading and trailing whitespace + $line = trim($line); + + //remove all whitespace with a single space + $line = preg_replace("/\s+/"," ",$line); + + //remove any whitespace that occurs after/before an operator + $line = preg_replace("/\s*([!\}\{;,&=\|\-\+\*\/\)\(:])\s*/","\\1",$line); + + $lines[$i] = $line; + } + + //implode the lines + $sJS = implode("\n",$lines); + + //make sure there is a max of 1 \n after each line + $sJS = preg_replace("/[\n]+/","\n",$sJS); + + //strip out line breaks that immediately follow a semi-colon + $sJS = preg_replace("/;\n/",";",$sJS); + + //curly brackets aren't on their own + $sJS = preg_replace("/[\n]*\{[\n]*/","{",$sJS); + + //finally loop through and replace all the literal strings: + for($i=0;$i<count($literal_strings);$i++) { + if (strpos($literal_strings[$i],"/*")!==false) + $literal_strings[$i]= ''; + $sJS = str_replace("___".$i."___",$literal_strings[$i],$sJS); + } + return $sJS; + } ?> \ No newline at end of file --- NEW FILE: JsHttpRequest.php --- <?php /** * JsHttpRequest: PHP backend for JavaScript DHTML loader. * (C) Dmitry Koterov, http://en.dklab.ru * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either * version 2.1 of the License, or (at your option) any later version. * See http://www.gnu.org/copyleft/lesser.html * * Do not remove this comment if you want to use the script! * Íå óäàëÿéòå äàííûé êîììåíòàðèé, åñëè âû õîòèòå èñïîëüçîâàòü ñêðèïò! * * This backend library also supports POST requests additionally to GET. * * @author Dmitry Koterov * @version 5.x $Id: JsHttpRequest.php,v 1.2 2008/08/24 18:17:40 itronics Exp $ */ class JsHttpRequest { var $SCRIPT_ENCODING = "windows-1251"; var $SCRIPT_DECODE_MODE = ''; var $LOADER = null; var $ID = null; var $RESULT = null; // Internal; uniq value. var $_uniqHash; // Magic number for display_error checking. var $_magic = 14623; // Previous display_errors value. var $_prevDisplayErrors = null; // Internal: response content-type depending on loader type. var $_contentTypes = array( "script" => "text/javascript", "xml" => "text/plain", // In XMLHttpRequest mode we must return text/plain - stupid Opera 8.0. :( "form" => "text/html", "" => "text/plain", // for unknown loader ); // Internal: conversion to UTF-8 JSON cancelled because of non-ascii key. var $_toUtfFailed = false; // Internal: list of characters 128...255 (for strpbrk() ASCII check). var $_nonAsciiChars = ''; // Which Unicode conversion function is available? var $_unicodeConvMethod = null; // Emergency memory buffer to be freed on memory_limit error. var $_emergBuffer = null; /** * Constructor. * * Create new JsHttpRequest backend object and attach it * to script output buffer. As a result - script will always return * correct JavaScript code, even in case of fatal errors. * * QUERY_STRING is in form of: PHPSESSID=<sid>&a=aaa&b=bbb&JsHttpRequest=<id>-<loader> * where <id> is a request ID, <loader> is a loader name, <sid> - a session ID (if present), * PHPSESSID - session parameter name (by default = "PHPSESSID"). * * If an object is created WITHOUT an active AJAX query, it is simply marked as * non-active. Use statuc method isActive() to check. */ function JsHttpRequest($enc) { global $JsHttpRequest_Active; // To be on a safe side - do not allow to drop reference counter on ob processing. $GLOBALS['_RESULT'] =& $this->RESULT; // Parse QUERY_STRING. if (preg_match('/^(.*)(?:&|^)JsHttpRequest=(?:(\d+)-)?([^&]+)((?:&|$).*)$/s', @$_SERVER['QUERY_STRING'], $m)) { $this->ID = $m[2]; $this->LOADER = strtolower($m[3]); $_SERVER['QUERY_STRING'] = preg_replace('/^&+|&+$/s', '', preg_replace('/(^|&)'.session_name().'=[^&]*&?/s', '&', $m[1] . $m[4])); unset( $_GET['JsHttpRequest'], $_REQUEST['JsHttpRequest'], $_GET[session_name()], $_POST[session_name()], $_REQUEST[session_name()] ); // Detect Unicode conversion method. $this->_unicodeConvMethod = function_exists('mb_convert_encoding')? 'mb' : (function_exists('iconv')? 'iconv' : null); // Fill an emergency buffer. We erase it at the first line of OB processor // to free some memory. This memory may be used on memory_limit error. $this->_emergBuffer = str_repeat('a', 1024 * 200); // Intercept fatal errors via display_errors (seems it is the only way). $this->_uniqHash = md5('JsHttpRequest' . microtime() . getmypid()); $this->_prevDisplayErrors = ini_get('display_errors'); ini_set('display_errors', $this->_magic); // ini_set('error_prepend_string', $this->_uniqHash . ini_get('error_prepend_string')); ini_set('error_append_string', ini_get('error_append_string') . $this->_uniqHash); // Start OB handling early. ob_start(array(&$this, "_obHandler")); $JsHttpRequest_Active = true; // Set up the encoding. $this->setEncoding($enc); // Check if headers are already sent (see Content-Type library usage). // If true - generate a debug message and exit. $file = $line = null; $headersSent = version_compare(PHP_VERSION, "4.3.0") < 0? headers_sent() : headers_sent($file, $line); if ($headersSent) { trigger_error( "HTTP headers are already sent" . ($line !== null? " in $file on line $line" : " somewhere in the script") . ". " . "Possibly you have an extra space (or a newline) before the first line of the script or any library. " . "Please note that JsHttpRequest uses its own Content-Type header and fails if " . "this header cannot be set. See header() function documentation for more details", E_USER_ERROR ); exit(); } } else { $this->ID = 0; $this->LOADER = 'unknown'; $JsHttpRequest_Active = false; } } /** * Static function. * Returns true if JsHttpRequest output processor is currently active. * * @return boolean True if the library is active, false otherwise. */ function isActive() { return !empty($GLOBALS['JsHttpRequest_Active']); } /** * string getJsCode() * * Return JavaScript part of the library. */ function getJsCode() { return file_get_contents(dirname(__FILE__) . '/JsHttpRequest.js'); } /** * void setEncoding(string $encoding) * * Set an active script encoding & correct QUERY_STRING according to it. * Examples: * "windows-1251" - set plain encoding (non-windows characters, * e.g. hieroglyphs, are totally ignored) * "windows-1251 entities" - set windows encoding, BUT additionally replace: * "&" -> "&" * hieroglyph -> &#XXXX; entity */ function setEncoding($enc) { // Parse an encoding. preg_match('/^(\S*)(?:\s+(\S*))$/', $enc, $p); $this->SCRIPT_ENCODING = strtolower(!empty($p[1])? $p[1] : $enc); $this->SCRIPT_DECODE_MODE = !empty($p[2])? $p[2] : ''; // Manually parse QUERY_STRING because of damned Unicode's %uXXXX. $this->_correctSuperglobals(); } /** * string quoteInput(string $input) * * Quote a string according to the input decoding mode. * If entities are used (see setEncoding()), no '&' character is quoted, * only '"', '>' and '<' (we presume that '&' is already quoted by * an input reader function). * * Use this function INSTEAD of htmlspecialchars() for $_GET data * in your scripts. */ function quoteInput($s) { if ($this->SCRIPT_DECODE_MODE == 'entities') return str_replace(array('"', '<', '>'), array('"', '<', '>'), $s); else return htmlspecialchars($s); } /** * Convert a PHP scalar, array or hash to JS scalar/array/hash. This function is * an analog of json_encode(), but it can work with a non-UTF8 input and does not * analyze the passed data. Output format must be fully JSON compatible. * * @param mixed $a Any structure to convert to JS. * @return string JavaScript equivalent structure. */ function php2js($a=false) { if (is_null($a)) return 'null'; if ($a === false) return 'false'; if ($a === true) return 'true'; if (is_scalar($a)) { if (is_float($a)) { // Always use "." for floats. $a = str_replace(",", ".", strval($a)); } // All scalars are converted to strings to avoid indeterminism. // PHP's "1" and 1 are equal for all PHP operators, but // JS's "1" and 1 are not. So if we pass "1" or 1 from the PHP backend, // we should get the same result in the JS frontend (string). // Character replacements for JSON. static $jsonReplaces = array( array("\\", "/", "\n", "\t", "\r", "\b", "\f", '"'), array('\\\\', '\\/', '\\n', '\\t', '\\r', '\\b', '\\f', '\"') ); return '"' . str_replace($jsonReplaces[0], $jsonReplaces[1], $a) . '"'; } $isList = true; for ($i = 0, reset($a); $i < count($a); $i++, next($a)) { if (key($a) !== $i) { $isList = false; break; } } $result = array(); if ($isList) { foreach ($a as $v) { $result[] = JsHttpRequest::php2js($v); } return '[ ' . join(', ', $result) . ' ]'; } else { foreach ($a as $k => $v) { $result[] = JsHttpRequest::php2js($k) . ': ' . JsHttpRequest::php2js($v); } return '{ ' . join(', ', $result) . ' }'; } } /** * Internal methods. */ /** * Parse & decode QUERY_STRING. */ function _correctSuperglobals() { // In case of FORM loader we may go to nirvana, everything is already parsed by PHP. if ($this->LOADER == 'form') return; // ATTENTION!!! // HTTP_RAW_POST_DATA is only accessible when Content-Type of POST request // is NOT default "application/x-www-form-urlencoded"!!! // Library frontend sets "application/octet-stream" for that purpose, // see JavaScript code. In PHP 5.2.2.HTTP_RAW_POST_DATA is not set sometimes; // in such cases - read the POST data manually from the STDIN stream. $rawPost = strcasecmp($_SERVER['REQUEST_METHOD'], 'POST') == 0? (isset($GLOBALS['HTTP_RAW_POST_DATA'])? $GLOBALS['HTTP_RAW_POST_DATA'] : @file_get_contents("php://input")) : null; $source = array( '_GET' => !empty($_SERVER['QUERY_STRING'])? $_SERVER['QUERY_STRING'] : null, '_POST'=> $rawPost, ); foreach ($source as $dst=>$src) { // First correct all 2-byte entities. $s = preg_replace('/%(?!5B)(?!5D)([0-9a-f]{2})/si', '%u00\\1', $src); // Now we can use standard parse_str() with no worry! $data = null; parse_str($s, $data); $GLOBALS[$dst] = $this->_ucs2EntitiesDecode($data); } $GLOBALS['HTTP_GET_VARS'] = $_GET; // deprecated vars $GLOBALS['HTTP_POST_VARS'] = $_POST; $_REQUEST = (isset($_COOKIE)? $_COOKIE : array()) + (isset($_POST)? $_POST : array()) + (isset($_GET)? $_GET : array()); if (ini_get('register_globals')) { // TODO? } } /** * Called in case of error too! */ function _obHandler($text) { unset($this->_emergBuffer); // free a piece of memory for memory_limit error unset($GLOBALS['JsHttpRequest_Active']); // Check for error & fetch a resulting data. if (preg_match("/{$this->_uniqHash}(.*?){$this->_uniqHash}/sx", $text, $m)) { if (!ini_get('display_errors') || (!$this->_prevDisplayErrors && ini_get('display_errors') == $this->_magic)) { // Display_errors: // 1. disabled manually after the library initialization, or // 2. was initially disabled and is not changed $text = str_replace($m[0], '', $text); // strip whole error message } else { $text = str_replace($this->_uniqHash, '', $text); } } if ($m && preg_match('/\bFatal error(<.*?>)?:/i', $m[1])) { // On fatal errors - force null result (generate 500 error). $this->RESULT = null; } else { // Make a resulting hash. if (!isset($this->RESULT)) { global $_RESULT; $this->RESULT = $_RESULT; } } $result = array( 'id' => $this->ID, 'js' => $this->RESULT, 'text' => $text, ); $text = null; $encoding = $this->SCRIPT_ENCODING; $status = $this->RESULT !== null? 200 : 500; // Try to use very fast json_encode: 3-4 times faster than a manual encoding. if (function_exists('array_walk_recursive') && function_exists('json_encode') && $this->_unicodeConvMethod) { $this->_nonAsciiChars = join("", array_map('chr', range(128, 255))); $this->_toUtfFailed = false; $resultUtf8 = $result; array_walk_recursive($resultUtf8, array(&$this, '_toUtf8_callback'), $this->SCRIPT_ENCODING); if (!$this->_toUtfFailed) { // If some key contains non-ASCII character, convert everything manually. $text = json_encode($resultUtf8); $encoding = "UTF-8"; } } // On failure, use manual encoding. if ($text === null) { $text = $this->php2js($result); } if ($this->LOADER != "xml") { // In non-XML mode we cannot use plain JSON. So - wrap with JS function call. // If top.JsHttpRequestGlobal is not defined, loading is aborted and // iframe is removed, so - do not call dataReady(). $text = "" . ($this->LOADER == "form"? 'top && top.JsHttpRequestGlobal && top.JsHttpRequestGlobal' : 'JsHttpRequest') . ".dataReady(" . $text . ")\n" . ""; if ($this->LOADER == "form") { $text = '<script type="text/javascript" language="JavaScript"><!--' . "\n$text" . '//--></script>'; } // Always return 200 code in non-XML mode (else SCRIPT does not work in FF). // For XML mode, 500 code is okay. $status = 200; } // Status header. To be safe, display it only in error mode. In case of success // termination, do not modify the status (""HTTP/1.1 ..." header seems to be not // too cross-platform). if ($this->RESULT === null) { if (php_sapi_name() == "cgi") { header("Status: $status"); } else { header("HTTP/1.1 $status"); } } // In XMLHttpRequest mode we must return text/plain - damned stupid Opera 8.0. :( $ctype = !empty($this->_contentTypes[$this->LOADER])? $this->_contentTypes[$this->LOADER] : $this->_contentTypes['']; header("Content-type: $ctype; charset=$encoding"); return $text; } /** * Internal function, used in array_walk_recursive() before json_encode() call. * If a key contains non-ASCII characters, this function sets $this->_toUtfFailed = true, * becaues array_walk_recursive() cannot modify array keys. */ function _toUtf8_callback(&$v, $k, $fromEnc) { if ($v === null || is_bool($v)) return; if ($this->_toUtfFailed || !is_scalar($v) || strpbrk($k, $this->_nonAsciiChars) !== false) { $this->_toUtfFailed = true; } else { $v = $this->_unicodeConv($fromEnc, 'UTF-8', $v); } } /** * Decode all %uXXXX entities in string or array (recurrent). * String must not contain %XX entities - they are ignored! */ function _ucs2EntitiesDecode($data) { if (is_array($data)) { $d = array(); foreach ($data as $k=>$v) { $d[$this->_ucs2EntitiesDecode($k)] = $this->_ucs2EntitiesDecode($v); } return $d; } else { if (strpos($data, '%u') !== false) { // improve speed $data = preg_replace_callback('/%u([0-9A-F]{1,4})/si', array(&$this, '_ucs2EntitiesDecodeCallback'), $data); } return $data; } } /** * Decode one %uXXXX entity (RE callback). */ function _ucs2EntitiesDecodeCallback($p) { $hex = $p[1]; $dec = hexdec($hex); if ($dec === "38" && $this->SCRIPT_DECODE_MODE == 'entities') { // Process "&" separately in "entities" decode mode. $c = "&"; } else { if ($this->_unicodeConvMethod) { $c = @$this->_unicodeConv('UCS-2BE', $this->SCRIPT_ENCODING, pack('n', $dec)); } else { $c = $this->_decUcs2Decode($dec, $this->SCRIPT_ENCODING); } if (!strlen($c)) { if ($this->SCRIPT_DECODE_MODE == 'entities') { $c = '&#' . $dec . ';'; } else { $c = '?'; } } } return $c; } /** * Wrapper for iconv() or mb_convert_encoding() functions. * This function will generate fatal error if none of these functons available! * * @see iconv() */ function _unicodeConv($fromEnc, $toEnc, $v) { if ($this->_unicodeConvMethod == 'iconv') { return iconv($fromEnc, $toEnc, $v); } return mb_convert_encoding($v, $toEnc, $fromEnc); } /** * If there is no ICONV, try to decode 1-byte characters manually * (for most popular charsets only). */ /** * Convert from UCS-2BE decimal to $toEnc. */ function _decUcs2Decode($code, $toEnc) { if ($code < 128) return chr($code); if (isset($this->_encTables[$toEnc])) { // TODO: possible speedup by using array_flip($this->_encTables) and later hash access in the constructor. $p = array_search($code, $this->_encTables[$toEnc]); if ($p !== false) return chr(128 + $p); } return ""; } /** * UCS-2BE -> 1-byte encodings (from #128). */ var $_encTables = array( 'windows-1251' => array( 0x0402, 0x0403, 0x201A, 0x0453, 0x201E, 0x2026, 0x2020, 0x2021, 0x20AC, 0x2030, 0x0409, 0x2039, 0x040A, 0x040C, 0x040B, 0x040F, 0x0452, 0x2018, 0x2019, 0x201C, 0x201D, 0x2022, 0x2013, 0x2014, 0x0098, 0x2122, 0x0459, 0x203A, 0x045A, 0x045C, 0x045B, 0x045F, 0x00A0, 0x040E, 0x045E, 0x0408, 0x00A4, 0x0490, 0x00A6, 0x00A7, 0x0401, 0x00A9, 0x0404, 0x00AB, 0x00AC, 0x00AD, 0x00AE, 0x0407, 0x00B0, 0x00B1, 0x0406, 0x0456, 0x0491, 0x00B5, 0x00B6, 0x00B7, 0x0451, 0x2116, 0x0454, 0x00BB, 0x0458, 0x0405, 0x0455, 0x0457, 0x0410, 0x0411, 0x0412, 0x0413, 0x0414, 0x0415, 0x0416, 0x0417, 0x0418, 0x0419, 0x041A, 0x041B, 0x041C, 0x041D, 0x041E, 0x041F, 0x0420, 0x0421, 0x0422, 0x0423, 0x0424, 0x0425, 0x0426, 0x0427, 0x0428, 0x0429, 0x042A, 0x042B, 0x042C, 0x042D, 0x042E, 0x042F, 0x0430, 0x0431, 0x0432, 0x0433, 0x0434, 0x0435, 0x0436, 0x0437, 0x0438, 0x0439, 0x043A, 0x043B, 0x043C, 0x043D, 0x043E, 0x043F, 0x0440, 0x0441, 0x0442, 0x0443, 0x0444, 0x0445, 0x0446, 0x0447, 0x0448, 0x0449, 0x044A, 0x044B, 0x044C, 0x044D, 0x044E, 0x044F, ), 'koi8-r' => array( 0x2500, 0x2502, 0x250C, 0x2510, 0x2514, 0x2518, 0x251C, 0x2524, 0x252C, 0x2534, 0x253C, 0x2580, 0x2584, 0x2588, 0x258C, 0x2590, 0x2591, 0x2592, 0x2593, 0x2320, 0x25A0, 0x2219, 0x221A, 0x2248, 0x2264, 0x2265, 0x00A0, 0x2321, 0x00B0, 0x00B2, 0x00B7, 0x00F7, 0x2550, 0x2551, 0x2552, 0x0451, 0x2553, 0x2554, 0x2555, 0x2556, 0x2557, 0x2558, 0x2559, 0x255A, 0x255B, 0x255C, 0x255d, 0x255E, 0x255F, 0x2560, 0x2561, 0x0401, 0x2562, 0x2563, 0x2564, 0x2565, 0x2566, 0x2567, 0x2568, 0x2569, 0x256A, 0x256B, 0x256C, 0x00A9, 0x044E, 0x0430, 0x0431, 0x0446, 0x0434, 0x0435, 0x0444, 0x0433, 0x0445, 0x0438, 0x0439, 0x043A, 0x043B, 0x043C, 0x043d, 0x043E, 0x043F, 0x044F, 0x0440, 0x0441, 0x0442, 0x0443, 0x0436, 0x0432, 0x044C, 0x044B, 0x0437, 0x0448, 0x044d, 0x0449, 0x0447, 0x044A, 0x042E, 0x0410, 0x0411, 0x0426, 0x0414, 0x0415, 0x0424, 0x0413, 0x0425, 0x0418, 0x0419, 0x041A, 0x041B, 0x041C, 0x041d, 0x041E, 0x041F, 0x042F, 0x0420, 0x0421, 0x0422, 0x0423, 0x0416, 0x0412, 0x042C, 0x042B, 0x0417, 0x0428, 0x042d, 0x0429, 0x0427, 0x042A ), ); } Index: reserved.inc =================================================================== RCS file: /cvsroot/frontaccounting/frontaccount/includes/reserved.inc,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** reserved.inc 12 Apr 2007 22:54:03 -0000 1.1 --- reserved.inc 24 Aug 2008 18:17:43 -0000 1.2 *************** *** 5,9 **** $any_item = 'AN'; $any_number = -1; ! $all_option = "___ALL___"; $all_option_numeric = -1; --- 5,9 ---- $any_item = 'AN'; $any_number = -1; ! $all_option = ''; $all_option_numeric = -1; --- NEW FILE: ajax.inc --- <?php require_once($path_to_root. "/includes/JsHttpRequest.php"); class Ajax extends JsHttpRequest { var $aCommands = array(); var $triggers = array(); function Ajax() { $this->JsHttpRequest($_SESSION['language']->encoding); } // // This function is used in ctrl routines to activate // update of ajaxified html element selected by given name/id. // function activate($trigname) { if (in_ajax()) { $this->triggers[$trigname] = true; } } // // Javascript clientside redirection. // This is the last command added to reponse (if any). // function redirect($url) { if(in_ajax()) { $this->_addCommand(true, array('n'=>'rd'),$url); $this->run(); } } // // Adds an executable Javascript code. // function addScript($trigger, $sJS) { $this->_addCommand($trigger, array('n'=>'js'),$sJS); return $this; } // // Assign target attribute with data. // function addAssign($trigger, $sTarget,$sAttribute,$sData) { $this->_addCommand($trigger, array('n'=>'as','t'=>$sTarget,'p'=>$sAttribute),$sData); return $this; } // // Updates input element or label with data. // function addUpdate($trigger, $sTarget, $sData) { $this->_addCommand($trigger, array('n'=>'up','t'=>$sTarget),$sData); return $this; } // // Set disable state of element. // function addDisable($trigger, $sTarget, $sData=true) { $this->_addCommand($trigger, array('n'=>'di','t'=>$sTarget),$sData); return $this; } // // Set state of element to enabled. // function addEnable($trigger, $sTarget, $sData=true) { $this->_addCommand($trigger, array('n'=>'di','t'=>$sTarget), !$sData); return $this; } // // Set current focus. // function addFocus($trigger, $sTarget) { $this->_addCommand($trigger, array('n'=>'fc'),$sTarget); return $this; } // // Internal procedure adding command to response. // function _addCommand($trigger, $aAttributes, $mData) { if ($this->isActive() && ($trigger !== false)) { // display_error('adding '.$trigger.':'.htmlentities($mData)); $aAttributes['why'] = $trigger; $aAttributes['data'] = $mData; $this->aCommands[] = $aAttributes; } } /* * Register binds function with ajax call parameter function register($trigger, $function) { if (isset($_REQUEST[$trigger])) { $function(&$this); } } */ function run() { if (!$this->isActive()) return; // remove not active commands foreach ($this->aCommands as $idx => $com) { // If we should reload whole page content ignore all commands but the update. // This is page repost equivalent, although header and footer are not reloaded. if ($com['why'] !== true && !isset($this->triggers[$com['why']])) { unset($this->aCommands[$idx]); // display_error('unset '.$com['t']); } else if($com['n'] == 'up' && $com['t'] == '_page_body') { $cmds = array($com); foreach( $this->aCommands as $k=> $cmd) { if ($cmd['n'] == 'fc') { // save focus $cmds[] = $cmd; break; } } $this->aCommands = $cmds; break; } } // display_error('Activate:'.htmlentities(print_r($this->triggers, true))); // display_error('Commands :'.htmlentities(print_r($this->aCommands, true))); $GLOBALS['_RESULT'] = $this->aCommands; // exit(); } } function in_ajax() { global $Ajax; return $Ajax->isActive(); } ?> Index: session.inc =================================================================== RCS file: /cvsroot/frontaccounting/frontaccount/includes/session.inc,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** session.inc 12 Apr 2007 22:54:03 -0000 1.1 --- session.inc 24 Aug 2008 18:17:44 -0000 1.2 *************** *** 10,14 **** \--------------------------------------------------*/ ! if (!isset($path_to_root)) { $path_to_root = "."; --- 10,28 ---- \--------------------------------------------------*/ ! function output_html($text) ! { ! global $before_box, $Ajax, $messages; ! // Fatal errors are not send to error_handler, ! // so we must check the output ! if ($text && preg_match('/\bFatal error(<.*?>)?:(.*)/i', $text, $m)) { ! $Ajax->aCommands = array(); // Don't update page on errors ! ! $messages[] = array(E_ERROR, $m[0], null, null); ! } ! $Ajax->run(); ! return in_ajax() ? fmt_errors() : ($before_box.fmt_errors().$text); ! } ! ! if (!isset($path_to_root)) { $path_to_root = "."; *************** *** 17,27 **** include_once($path_to_root . "/includes/current_user.inc"); ! include_once($path_to_root . "/config.php"); ! include_once($path_to_root . "/includes/main.inc"); //---------------------------------------------------------------------------------------- ! function kill_login() { session_unset(); --- 31,61 ---- include_once($path_to_root . "/includes/current_user.inc"); ! /* ! // Make sure this directory exists and is writable! ! $session_save_path = dirname(__FILE__).'/tmp/'; ! */ ! $session_save_path = session_save_path(); ! if (strpos($session_save_path, ";") !== false) ! $session_save_path = substr($session_save_path, strpos($session_save_path, ";") + 1); ! ! if (isset($session_save_path)) ! { ! session_save_path($session_save_path); ! unset($session_save_path); ! } ! if (!isset($path_to_root) || isset($_GET['path_to_root']) || isset($_POST['path_to_root'])) ! die("Restricted access"); ! include_once($path_to_root . "/includes/lang/language.php"); ! include_once($path_to_root . "/config_db.php"); ! include_once($path_to_root . "/config.php"); ! include_once($path_to_root . "/includes/ajax.inc"); ! $Ajax =& new Ajax(); ! ! include_once($path_to_root . "/includes/main.inc"); //---------------------------------------------------------------------------------------- ! function kill_login() { session_unset(); *************** *** 31,35 **** //---------------------------------------------------------------------------------------- ! function login_fail() { echo "<center><br><br><font size='5' color='red'><b>" . _("Incorrect Password") . "<b></font><br><br>"; --- 65,69 ---- //---------------------------------------------------------------------------------------- ! function login_fail() { echo "<center><br><br><font size='5' color='red'><b>" . _("Incorrect Password") . "<b></font><br><br>"; *************** *** 46,52 **** //---------------------------------------------------------------------------------------- ! function check_page_security($page_security) { ! if (!$_SESSION["wa_current_user"]->check_user_access()) { echo "<br><br><br><center>"; --- 80,86 ---- //---------------------------------------------------------------------------------------- ! function check_page_security($page_security) { ! if (!$_SESSION["wa_current_user"]->check_user_access()) { echo "<br><br><br><center>"; *************** *** 58,62 **** } ! if (!$_SESSION["wa_current_user"]->can_access_page($page_security)) { page(_("Access denied")); --- 92,96 ---- } ! if (!$_SESSION["wa_current_user"]->can_access_page($page_security)) { page(_("Access denied")); *************** *** 64,69 **** echo _("The security settings on your account do not permit you to access this function"); echo "</b>"; ! echo "<br><br><a href='javascript:history.go(-1)'>" . _("Back") . "</a>"; ! echo "<br><br><br><br>"; //echo '<script type="text/javascript">'; //echo 'alert("' . _("The security settings on your account do not permit you to access this function") . '");'; --- 98,102 ---- echo _("The security settings on your account do not permit you to access this function"); echo "</b>"; ! echo "<br><br><br><br></center>"; //echo '<script type="text/javascript">'; //echo 'alert("' . _("The security settings on your account do not permit you to access this function") . '");'; *************** *** 77,83 **** //---------------------------------------------------------------------------------------- - if (!isset($_SESSION["wa_current_user"]) || ! (isset($_SESSION["wa_current_user"]) && !$_SESSION["wa_current_user"]->logged_in())) { --- 110,115 ---- //---------------------------------------------------------------------------------------- if (!isset($_SESSION["wa_current_user"]) || ! (isset($_SESSION["wa_current_user"]) && !$_SESSION["wa_current_user"]->logged_in())) { *************** *** 85,96 **** // Show login screen ! if (!isset($_POST["user_name_entry_field"]) or $_POST["user_name_entry_field"] == "") { include($path_to_root . "/access/login.php"); exit; } } ! if (isset($_POST["user_name_entry_field"])) { $succeed = $_SESSION["wa_current_user"]->login($_POST["company_login_name"], --- 117,135 ---- // Show login screen ! if (!isset($_POST["user_name_entry_field"]) or $_POST["user_name_entry_field"] == "") { include($path_to_root . "/access/login.php"); + $Ajax->redirect($path_to_root . "/access/login.php"); exit; } } + include_once($path_to_root . "/includes/ui/ui_msgs.inc"); + // intercept all output to destroy it in case of ajax call + register_shutdown_function('ob_end_flush'); + ob_start('output_html',0); + // colect all error msgs + set_error_handler('error_handler' /*, errtypes */); ! if (isset($_POST["user_name_entry_field"])) { $succeed = $_SESSION["wa_current_user"]->login($_POST["company_login_name"], *************** *** 98,102 **** md5($_POST["password"])); ! if (!$succeed) { // Incorrect password --- 137,141 ---- md5($_POST["password"])); ! if (!$succeed) { // Incorrect password *************** *** 105,110 **** } - check_page_security($page_security); - // Run with debugging messages for the system administrator(s) but not anyone else /*if (in_array(15, $security_groups[$_SESSION["AccessLevel"]])) { --- 144,147 ---- *************** *** 115,117 **** --- 152,159 ---- //---------------------------------------------------------------------------------------- + + check_page_security($page_security); + + + ?> \ No newline at end of file Index: banking.inc =================================================================== RCS file: /cvsroot/frontaccounting/frontaccount/includes/banking.inc,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** banking.inc 12 Apr 2007 22:54:02 -0000 1.1 --- banking.inc 24 Aug 2008 18:17:41 -0000 1.2 *************** *** 105,109 **** { $ex_rate = get_exchange_rate_to_home_currency($currency_code, $date_); ! return $amount / $ex_rate; } --- 105,109 ---- { $ex_rate = get_exchange_rate_to_home_currency($currency_code, $date_); ! return round($amount / $ex_rate, user_price_dec()); } Index: data_checks.inc =================================================================== RCS file: /cvsroot/frontaccounting/frontaccount/includes/data_checks.inc,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** data_checks.inc 12 Apr 2007 22:54:02 -0000 1.1 --- data_checks.inc 24 Aug 2008 18:17:42 -0000 1.2 *************** *** 1,4 **** <?php - function db_has_customers() { --- 1,3 ---- *************** *** 131,135 **** function db_customer_has_branches($customer_id) { ! return check_empty_result("SELECT COUNT(*) FROM ".TB_PREF."cust_branch WHERE debtor_no=$customer_id"); } --- 130,134 ---- function db_customer_has_branches($customer_id) { ! return check_empty_result("SELECT COUNT(*) FROM ".TB_PREF."cust_branch WHERE debtor_no='$customer_id'"); } *************** *** 429,432 **** --- 428,464 ---- return $myrow[0] > 0; } + // + // Integer input check + // Return 1 if number has proper form and is within <min, max> range + // + function check_int($postname, $min=null, $max=null) { + if(!isset($_POST[$postname])) + return 0; + $num = input_num($postname); + if(!is_int($num)) + return 0; + if (isset($min) && ($num<$min)) + return 0; + if (isset($max) && ($num>$max)) + return 0; + return 1; + } + // + // Numeric input check. + // Return 1 if number has proper form and is within <min, max> range + // + function check_num($postname, $min=null, $max=null) { + if(!isset($_POST[$postname])) + return 0; + $num = input_num($postname); + if ($num === false) + return 0; + if (isset($min) && ($num<$min)) + return 0; + if (isset($max) && ($num>$max)) + return 0; + return 1; + } + ?> \ No newline at end of file Index: systypes.inc =================================================================== RCS file: /cvsroot/frontaccounting/frontaccount/includes/systypes.inc,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** systypes.inc 12 Apr 2007 22:54:03 -0000 1.1 --- systypes.inc 24 Aug 2008 18:17:44 -0000 1.2 *************** *** 15,19 **** $next_number = $myrow[0] + 1; ! $sql = "UPDATE ".TB_PREF."sys_types SET type_no = $next_number WHERE type_id = $trans_type"; db_query($sql,"The next transaction number for $trans_type could not be updated"); --- 15,20 ---- $next_number = $myrow[0] + 1; ! $sql = "UPDATE ".TB_PREF."sys_types SET type_no = $next_number WHERE type_id = $trans_type ! AND type_no = ". $myrow[0]; //concurrency paranoic protection db_query($sql,"The next transaction number for $trans_type could not be updated"); *************** *** 36,39 **** --- 37,41 ---- case 11 : return array("".TB_PREF."debtor_trans", "type", "trans_no", "reference", "tran_date"); case 12 : return array("".TB_PREF."debtor_trans", "type", "trans_no", "reference", "tran_date"); + case 13 : return array("".TB_PREF."debtor_trans", "type", "trans_no", "reference", "tran_date"); case 16 : return array("".TB_PREF."stock_moves", "type", "trans_no", "reference", "tran_date"); case 17 : return array("".TB_PREF."stock_moves", "type", "trans_no", "reference", "tran_date"); *************** *** 47,50 **** --- 49,53 ---- case 29 : return array("".TB_PREF."wo_manufacture", null, "id", "reference", "date_"); case 30 : return array("".TB_PREF."sales_orders", null, "order_no", "customer_ref", "ord_date"); + case 31 : return array("".TB_PREF."service_orders", null, "order_no", "cust_ref", "date"); case 40 : return array("".TB_PREF."dimensions", null, "id", "reference", "date_"); case 35 : return null; Index: errors.inc =================================================================== RCS file: /cvsroot/frontaccounting/frontaccount/includes/errors.inc,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** errors.inc 12 Apr 2007 22:54:02 -0000 1.1 --- errors.inc 24 Aug 2008 18:17:43 -0000 1.2 *************** *** 1,4 **** --- 1,73 ---- <?php + $messages = array(); // container for system messages + $before_box = ''; // temporary container for output html data before error box + + $msg_colors = array( + E_USER_ERROR => array('bg'=>'#ffcccc', 'txt'=>'#dd2200', 'bd'=>'#cc3300'), + E_USER_WARNING => array('bg'=>'#ffcccc', 'txt'=>'#dd2200', 'bd'=>'#cc3300'), + E_USER_NOTICE => array('bg'=>'#ccffcc', 'txt'=>'#007700', 'bd'=>'#33cc00')); + + //----------------------------------------------------------------------------- + // Error handler - collects all php/user messages for + // display in message box. + // FIX: fatal errors ? + + function error_handler($errno, $errstr, $file, $line) { + global $messages; + + // error_reporting==0 when messages are set off with @ + if ($errno & error_reporting()) + $messages[] = array($errno, $errstr, $file, $line); + + return true; + } + //------------------------------------------------------------------------------ + // Formats system messages before insert them into message <div> + // FIX center is unused now + function fmt_errors($center=true) { + global $messages, $msg_colors; + + $type = E_USER_NOTICE; + + if (count($messages)) { + $content = ''; + foreach($messages as $msg) { + if ($msg[0]>$type) continue; + if ($msg[0]<$type && $type>E_USER_ERROR) { + $content = ''; // clean notices when we have errors + $type = E_USER_ERROR; // php or user errors + } + $str = $msg[1]; + $c = $msg_colors[$type]; + if ($msg[0]<E_USER_ERROR && $msg[2]!=null) + $str .= ' '._('in file').': '.$msg[2].' '._('at line ').$msg[3]; + $content .= "<tr><td " . ($center?"align='center' ":""). + " width='100%' bgcolor='{$c['bg']}'><font color='{$c['txt']}'>" + .$str."</font></td></tr>"; + } + + $str = "<center><table border='1' cellpadding='3' cellspacing='0' style='border-collapse: collapse' bordercolor='{$c['bd']}' width='98%'>" + . $content . "</table></center><br>\n"; + + } + else + $str = ''; + + return $str; + } + //----------------------------------------------------------------------------- + // Error box <div> element. + // + function error_box() { + global $before_box; + + echo "<div id='msgbox'>"; + $before_box = ob_get_clean(); // save html content before error box + // Necessary restart instead of get_contents/clean calls due to a bug in php 4.3.2 + ob_start('output_html'); + echo "</div>"; + } + function display_db_error($msg, $sql_statement=null, $exit=true) { *************** *** 6,24 **** $db_error = db_error_no(); ! echo "<span class='errortext'><b>" . _("DATABASE ERROR :") . "</b> $msg</span><br>"; if ($db_error != 0) { ! echo "error code : " . $db_error . "<br>"; ! echo "error message : " . db_error_msg($db) . "<br>"; } if ($debug == 1) { ! echo "sql that failed was : " . $sql_statement . "<br>"; } ! echo "<br><br>"; ! if ($exit) exit; --- 75,95 ---- $db_error = db_error_no(); ! $str = "<span class='errortext'><b>" . _("DATABASE ERROR :") . "</b> $msg</span><br>"; if ($db_error != 0) { ! $str .= "error code : " . $db_error . "<br>"; ! $str .= "error message : " . db_error_msg($db) . "<br>"; } if ($debug == 1) { ! $str .= "sql that failed was : " . $sql_statement . "<br>"; } ! $str .= "<br><br>"; ! ! trigger_error($str, E_USER_ERROR); ! if ($exit) exit; *************** *** 31,36 **** if ($db_error == $db_duplicate_error_code) { ! display_error(_("The entered information is a duplicate. Please go back and enter different values.") ! . "<br><a href='javascript:history.go(-1)'>" . _("Back") . "</a>", true); return true; } --- 102,106 ---- if ($db_error == $db_duplicate_error_code) { ! display_error(_("The entered information is a duplicate. Please go back and enter different values.")); return true; } Index: date_functions.inc =================================================================== RCS file: /cvsroot/frontaccounting/frontaccount/includes/date_functions.inc,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** date_functions.inc 21 Jul 2007 09:06:27 -0000 1.2 --- date_functions.inc 24 Aug 2008 18:17:43 -0000 1.3 *************** *** 84,88 **** } } ! if ((int)$year > 9999) { return 0; --- 84,88 ---- } } ! if (!isset($year)|| (int)$year > 9999) { return 0; Index: types.inc =================================================================== RCS file: /cvsroot/frontaccounting/frontaccount/includes/types.inc,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** types.inc 12 Apr 2007 22:54:03 -0000 1.1 --- types.inc 24 Aug 2008 18:17:44 -0000 1.2 *************** *** 11,14 **** --- 11,15 ---- 11=> array ('name' => _("Customer Credit Note")), 12=> array ('name' => _("Customer Payment")), + 13=> array ('name' => _("Delivery Note")), 16=> array ('name' => _("Location Transfer")), 17=> array ('name' => _("Inventory Adjustment")), *************** *** 53,56 **** --- 54,62 ---- } + function cust_dispatch() + { + return 13; + } + function location_transfer() { Index: ui.inc =================================================================== RCS file: /cvsroot/frontaccounting/frontaccount/includes/ui.inc,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** ui.inc 12 Apr 2007 22:54:03 -0000 1.1 --- ui.inc ... [truncated message content] |
