From: <tim...@us...> - 2010-01-07 13:07:50
|
Revision: 3279 http://web-erp.svn.sourceforge.net/web-erp/?rev=3279&view=rev Author: tim_schofield Date: 2010-01-07 13:07:43 +0000 (Thu, 07 Jan 2010) Log Message: ----------- Change to only allow authorised staff to release invoices from hold Modified Paths: -------------- trunk/PO_AuthorisationLevels.php trunk/SupplierInquiry.php trunk/doc/Change.log.html trunk/sql/mysql/upgrade3.11.1-3.12.sql Modified: trunk/PO_AuthorisationLevels.php =================================================================== --- trunk/PO_AuthorisationLevels.php 2010-01-06 22:39:34 UTC (rev 3278) +++ trunk/PO_AuthorisationLevels.php 2010-01-07 13:07:43 UTC (rev 3279) @@ -12,31 +12,61 @@ echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/group_add.png" title="' . _('Search') . '" alt="">' . ' ' . $title.'</p><br>'; $User=''; $Currency=''; -$CanCreate=0; +$CanCreate=1; +$OffHold=1; $AuthLevel=0; if (isset($_POST['Submit'])) { - if ($_POST['cancreate']=='on') { + if (isset($_POST['cancreate']) and $_POST['cancreate']=='on') { $cancreate=0; } else { $cancreate=1; } - $sql='INSERT INTO purchorderauth VALUES( - "'.$_POST['userid'].'", - "'.$_POST['currabrev'].'", - '.$cancreate.', - '.$_POST['authlevel'].')'; - $ErrMsg = _('The authentication details cannot be inserted because'); - $Result=DB_query($sql,$db,$ErrMsg); + if (isset($_POST['offhold']) and $_POST['offhold']=='on') { + $offhold=0; + } else { + $offhold=1; + } + $sql='SELECT COUNT(*) + FROM purchorderauth + WHERE userid="'.$_POST['userid'].'" + AND currabrev="'.$_POST['currabrev'].'"'; + $result=DB_query($sql, $db); + $myrow=DB_fetch_array($result); + if ($myrow[0]==0) { + $sql='INSERT INTO purchorderauth ( + userid, + currabrev, + cancreate, + offhold, + authlevel) + VALUES( + "'.$_POST['userid'].'", + "'.$_POST['currabrev'].'", + '.$cancreate.', + '.$offhold.', + '.$_POST['authlevel'].')'; + $ErrMsg = _('The authentication details cannot be inserted because'); + $Result=DB_query($sql,$db,$ErrMsg); + } else { + prnMsg(_('There already exists an entry for this user/currency combination'), 'error'); + echo '<br />'; + } } if (isset($_POST['Update'])) { - if ($_POST['cancreate']=='on') { + if (isset($_POST['cancreate']) and $_POST['cancreate']=='on') { $cancreate=0; } else { $cancreate=1; } + if (isset($_POST['offhold']) and $_POST['offhold']=='on') { + $offhold=0; + } else { + $offhold=1; + } $sql='UPDATE purchorderauth SET cancreate='.$cancreate.', + offhold='.$offhold.', authlevel='.$_POST['authlevel'].' WHERE userid="'.$_POST['userid'].'" AND currabrev="'.$_POST['currabrev'].'"'; @@ -46,7 +76,7 @@ } if (isset($_GET['Delete'])) { - $sql='DELETE FROM purchorderauth + $sql='DELETE FROM purchorderauth WHERE userid="'.$_GET['UserID'].'" AND currabrev="'.$_GET['Currency'].'"'; @@ -56,8 +86,9 @@ if (isset($_GET['Edit'])) { $sql='SELECT cancreate, - authlevel - FROM purchorderauth + offhold, + authlevel + FROM purchorderauth WHERE userid="'.$_GET['UserID'].'" AND currabrev="'.$_GET['Currency'].'"'; $ErrMsg = _('The authentication details cannot be retrieved because'); @@ -66,17 +97,19 @@ $UserID=$_GET['UserID']; $Currency=$_GET['Currency']; $CanCreate=$myrow['cancreate']; + $OffHold=$myrow['offhold']; $AuthLevel=$myrow['authlevel']; } -$sql='SELECT - purchorderauth.userid, +$sql='SELECT + purchorderauth.userid, www_users.realname, currencies.currabrev, currencies.currency, purchorderauth.cancreate, - purchorderauth.authlevel - FROM (purchorderauth + purchorderauth.offhold, + purchorderauth.authlevel + FROM (purchorderauth LEFT JOIN www_users ON purchorderauth.userid=www_users.userid) LEFT JOIN currencies ON purchorderauth.currabrev=currencies.currabrev'; @@ -88,6 +121,7 @@ echo '<th>'._('User Name').'</th>'; echo '<th>'._('Currency').'</th>'; echo '<th>'._('Create Order').'</th>'; +echo '<th>'._('Can Release').'<br />'. _('Invoices').'</th>'; echo '<th>'._('Authority Level').'</th></tr>'; while ($myrow=DB_fetch_array($Result)) { @@ -96,10 +130,16 @@ } else { $cancreate=_('No'); } + if ($myrow['offhold']==0) { + $offhold=_('Yes'); + } else { + $offhold=_('No'); + } echo '<tr><td>'.$myrow['userid'].'</td>'; echo '<td>'.$myrow['realname'].'</td>'; echo '<td>'.$myrow['currency'].'</td>'; echo '<td>'.$cancreate.'</td>'; + echo '<td>'.$offhold.'</td>'; echo '<td class="number">'.number_format($myrow['authlevel'],2).'</td>'; echo '<td><a href="'.$rootpath.'/PO_AuthorisationLevels.php?' . SID . 'Edit=Yes&UserID=' . $myrow['userid'] . '&Currency='.$myrow['currabrev'].'">'._('Edit').'</td>'; @@ -151,11 +191,18 @@ echo '<tr><td>'._('User can create orders').'</td>'; if ($CanCreate==1) { - echo '<td><input type=checkbox name=cancreate></td</tr>'; + echo '<td><input type=checkbox name=cancreate></td></tr>'; } else { - echo '<td><input type=checkbox checked name=cancreate></td</tr>'; -} + echo '<td><input type=checkbox checked name=cancreate></td></tr>'; +} +echo '<tr><td>'._('User can release invoices').'</td>'; +if ($OffHold==1) { + echo '<td><input type=checkbox name=offhold></td></tr>'; +} else { + echo '<td><input type=checkbox checked name=offhold></td></tr>'; +} + echo '<tr><td>'._('User can authorise orders up to :').'</td>'; echo '<td><input type=input name=authlevel size=11 class=number value='.$AuthLevel.'></td</tr>'; echo '</table>'; Modified: trunk/SupplierInquiry.php =================================================================== --- trunk/SupplierInquiry.php 2010-01-06 22:39:34 UTC (rev 3278) +++ trunk/SupplierInquiry.php 2010-01-07 13:07:43 UTC (rev 3279) @@ -16,7 +16,7 @@ // always figure out the SQL required from the inputs available if(!isset($_GET['SupplierID']) AND !isset($_SESSION['SupplierID'])){ - echo '<br>' . _('To display the enquiry a Supplier must first be selected from the Supplier selection screen') . + echo '<br>' . _('To display the enquiry a Supplier must first be selected from the Supplier selection screen') . "<br><div class='centre'>><a href='". $rootpath . "/SelectSupplier.php'>" . _('Select a Supplier to Inquire On') . '</a></div>'; exit; } else { @@ -35,18 +35,19 @@ } -$SQL = 'SELECT suppliers.suppname, - currencies.currency, +$SQL = 'SELECT suppliers.suppname, + suppliers.currcode, + currencies.currency, paymentterms.terms, SUM(supptrans.ovamount + supptrans.ovgst - supptrans.alloc) AS balance, SUM(CASE WHEN paymentterms.daysbeforedue > 0 THEN CASE WHEN (TO_DAYS(Now()) - TO_DAYS(supptrans.trandate)) >= paymentterms.daysbeforedue THEN supptrans.ovamount + supptrans.ovgst - supptrans.alloc ELSE 0 END - ELSE + ELSE CASE WHEN TO_DAYS(Now()) - TO_DAYS(DATE_ADD(DATE_ADD(supptrans.trandate, ' . INTERVAL('1', 'MONTH') . '), ' . INTERVAL('(paymentterms.dayinfollowingmonth - DAYOFMONTH(supptrans.trandate))', 'DAY') . ')) >= 0 THEN supptrans.ovamount + supptrans.ovgst - supptrans.alloc ELSE 0 END END) AS due, - SUM(CASE WHEN paymentterms.daysbeforedue > 0 THEN - CASE WHEN (TO_DAYS(Now()) - TO_DAYS(supptrans.trandate)) > paymentterms.daysbeforedue + SUM(CASE WHEN paymentterms.daysbeforedue > 0 THEN + CASE WHEN (TO_DAYS(Now()) - TO_DAYS(supptrans.trandate)) > paymentterms.daysbeforedue AND (TO_DAYS(Now()) - TO_DAYS(supptrans.trandate)) >= (paymentterms.daysbeforedue + ' . $_SESSION['PastDueDays1'] . ') THEN supptrans.ovamount + supptrans.ovgst - supptrans.alloc ELSE 0 END ELSE @@ -54,7 +55,7 @@ THEN supptrans.ovamount + supptrans.ovgst - supptrans.alloc ELSE 0 END END) AS overdue1, Sum(CASE WHEN paymentterms.daysbeforedue > 0 THEN - CASE WHEN TO_DAYS(Now()) - TO_DAYS(supptrans.trandate) > paymentterms.daysbeforedue AND TO_DAYS(Now()) - TO_DAYS(supptrans.trandate) >= (paymentterms.daysbeforedue + ' . $_SESSION['PastDueDays2'] . ') + CASE WHEN TO_DAYS(Now()) - TO_DAYS(supptrans.trandate) > paymentterms.daysbeforedue AND TO_DAYS(Now()) - TO_DAYS(supptrans.trandate) >= (paymentterms.daysbeforedue + ' . $_SESSION['PastDueDays2'] . ') THEN supptrans.ovamount + supptrans.ovgst - supptrans.alloc ELSE 0 END ELSE CASE WHEN (TO_DAYS(Now()) - TO_DAYS(DATE_ADD(DATE_ADD(supptrans.trandate, ' . INTERVAL('1','MONTH') . '), ' . INTERVAL('(paymentterms.dayinfollowingmonth - DAYOFMONTH(supptrans.trandate))', 'DAY') . ')) >= ' . $_SESSION['PastDueDays2'] . ") @@ -85,8 +86,9 @@ $NIL_BALANCE = True; - $SQL = "SELECT suppliers.suppname, - currencies.currency, + $SQL = "SELECT suppliers.suppname, + suppliers.currcode, + currencies.currency, paymentterms.terms FROM suppliers, paymentterms, @@ -113,8 +115,8 @@ $SupplierRecord['overdue2'] = 0; } -echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/supplier.png" title="' . - _('Supplier') . '" alt="">' . ' ' . _('Supplier') . ' : ' . $SupplierRecord['suppname'] . ' - (' . _('All amounts stated in') . +echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/supplier.png" title="' . + _('Supplier') . '" alt="">' . ' ' . _('Supplier') . ' : ' . $SupplierRecord['suppname'] . ' - (' . _('All amounts stated in') . ' ' . $SupplierRecord['currency'] . ')<br><br>' . _('Terms') . ': ' . $SupplierRecord['terms'] . '</p>'; if (isset($_GET['HoldType']) AND isset($_GET['HoldTrans'])){ @@ -131,43 +133,43 @@ } -echo "<table WIDTH=90% BORDER=1><tr><th>" . _('Total Balance') . - "</th><th>" . _('Current') . - "</th><th>" . _('Now Due') . - "</th><th>" . $_SESSION['PastDueDays1'] . '-' . $_SESSION['PastDueDays2'] . - ' ' . _('Days Overdue') . +echo "<table WIDTH=90% BORDER=1><tr><th>" . _('Total Balance') . + "</th><th>" . _('Current') . + "</th><th>" . _('Now Due') . + "</th><th>" . $_SESSION['PastDueDays1'] . '-' . $_SESSION['PastDueDays2'] . + ' ' . _('Days Overdue') . "</th><th>" . _('Over') . ' ' . $_SESSION['PastDueDays2'] . ' ' . _('Days Overdue') . '</th></tr>'; -echo '<tr><td class=number>' . number_format($SupplierRecord['balance'],2) . - '</td><td class=number>' . number_format(($SupplierRecord['balance'] - $SupplierRecord['due']),2) . - '</td><td class=number>' . number_format(($SupplierRecord['due']-$SupplierRecord['overdue1']),2) . - '</td><td class=number>' . number_format(($SupplierRecord['overdue1']-$SupplierRecord['overdue2']) ,2) . +echo '<tr><td class=number>' . number_format($SupplierRecord['balance'],2) . + '</td><td class=number>' . number_format(($SupplierRecord['balance'] - $SupplierRecord['due']),2) . + '</td><td class=number>' . number_format(($SupplierRecord['due']-$SupplierRecord['overdue1']),2) . + '</td><td class=number>' . number_format(($SupplierRecord['overdue1']-$SupplierRecord['overdue2']) ,2) . '</td><td class=number>' . number_format($SupplierRecord['overdue2'],2) . '</td></tr></table>'; echo "<br><div class='centre'><form action='" . $_SERVER['PHP_SELF'] . "?" . SID . "' method=post>"; -echo _('Show all transactions after') . ': ' ."<input type=text class='date' alt='".$_SESSION['DefaultDateFormat']."' name='TransAfterDate' VALUE='" . +echo _('Show all transactions after') . ': ' ."<input type=text class='date' alt='".$_SESSION['DefaultDateFormat']."' name='TransAfterDate' VALUE='" . $_POST['TransAfterDate'] . "' MAXLENGTH =10 size=10> <input type=submit name='Refresh Inquiry' VALUE='" . _('Refresh Inquiry') . "'></form><br>"; echo '</div>'; $DateAfterCriteria = FormatDateForSQL($_POST['TransAfterDate']); -$SQL = "SELECT supptrans.id, - systypes.typename, - supptrans.type, - supptrans.transno, - supptrans.trandate, - supptrans.suppreference, - supptrans.rate, - (supptrans.ovamount + supptrans.ovgst) AS totalamount, - supptrans.alloc AS allocated, - supptrans.hold, - supptrans.settled, +$SQL = "SELECT supptrans.id, + systypes.typename, + supptrans.type, + supptrans.transno, + supptrans.trandate, + supptrans.suppreference, + supptrans.rate, + (supptrans.ovamount + supptrans.ovgst) AS totalamount, + supptrans.alloc AS allocated, + supptrans.hold, + supptrans.settled, supptrans.transtext, supptrans.supplierno - FROM supptrans, - systypes - WHERE supptrans.type = systypes.typeid - AND supptrans.supplierno = '" . $SupplierID . "' - AND supptrans.trandate >= '$DateAfterCriteria' + FROM supptrans, + systypes + WHERE supptrans.type = systypes.typeid + AND supptrans.supplierno = '" . $SupplierID . "' + AND supptrans.trandate >= '$DateAfterCriteria' ORDER BY supptrans.trandate"; $ErrMsg = _('No transactions were returned by the SQL because'); @@ -186,14 +188,14 @@ echo '<table width="90%" cellpadding="2" colspan="7">'; -$TableHeader = "<tr BGCOLOR =#800000><th>" . _('Trans') . ' #' . - "</th><th>" . _('Type') . - "</th><th>" . _('Supplier Ref') . - "</th><th>" . _('Date') . - "</th><th>" . _('Total') . - "</th><th>" . _('Allocated') . - "</th><th>" . _('Balance') . - "</th><th>" . _('Comments') . +$TableHeader = "<tr BGCOLOR =#800000><th>" . _('Trans') . ' #' . + "</th><th>" . _('Type') . + "</th><th>" . _('Supplier Ref') . + "</th><th>" . _('Date') . + "</th><th>" . _('Total') . + "</th><th>" . _('Allocated') . + "</th><th>" . _('Balance') . + "</th><th>" . _('Comments') . "</th><th>" . _('More Info') . "</th><th>" . _('More Info') . '</td></tr>'; @@ -225,70 +227,48 @@ if ($myrow['type'] == 20){ /*Show a link to allow GL postings to be viewed but no link to allocate */ if ($_SESSION['CompanyRecord']['gllink_creditors'] == True){ - If ($myrow['totalamount'] - $myrow['allocated'] == 0){ + if ($myrow['totalamount'] - $myrow['allocated'] == 0){ /*The trans is settled so don't show option to hold */ - printf("<td>%s</td> - <td>%s</td> - <td>%s</td> - <td>%s</td> - <td class=number>%s</td> - <td class=number>%s</td> - <td class=number>%s</td> - <td align=left>%s</td> - <td><a TARGET='_blank' href='%s/GLTransInquiry.php?%s&TypeID=%s&TransNo=%s'>" . _('View GL Postings') . "</a></td> - <td><a href='%s/PaymentAllocations.php?%sSuppID=%s&InvID=%s'>" . _('View Payments') . '</a></td></tr>', - $myrow['transno'], - $myrow['typename'], - $myrow['suppreference'], - ConvertSQLDate($myrow['trandate']), - number_format($myrow['totalamount'],2), - number_format($myrow['allocated'],2), - number_format($myrow['totalamount']-$myrow['allocated'],2), - $myrow['transtext'], - $rootpath, - SID, - $myrow['type'], - $myrow['transno'], - $rootpath, - SID, - $myrow['supplierno'], - $myrow['suppreference']); - + echo "<td>".$myrow['transno']."</td>"; + echo "<td>".$myrow['typename']."</td>"; + echo "<td>".$myrow['suppreference']."</td>"; + echo "<td>".ConvertSQLDate($myrow['trandate'])."</td>"; + echo "<td class=number>".number_format($myrow['totalamount'],2)."</td>"; + echo "<td class=number>".number_format($myrow['allocated'],2)."</td>"; + echo "<td class=number>".number_format($myrow['totalamount']-$myrow['allocated'],2)."</td>"; + echo "<td align=left>".$myrow['transtext']."</td>"; + echo "<td><a target='_blank' href='".$rootpath."/GLTransInquiry.php?".SID."&TypeID=".$myrow['type']."&TransNo=".$myrow['transno']."'>" . _('View GL Postings') . "</a></td>"; + echo "<td><a href='".$rootpath."/PaymentAllocations.php?".SID."SuppID=".$myrow['supplierno']."&InvID=".$myrow['suppreference']."'>" . _('View Payments') . "</a></td></tr>"; } else { - - printf("<td>%s</td> - <td>%s</td> - <td>%s</td> - <td>%s</td> - <td class=number>%s</td> - <td class=number>%s</td> - <td class=number>%s</td> - <td align=left>%s</td> - <td><a href='%s?%s&HoldType=%s&HoldTrans=%s&HoldStatus=%s&FromDate=%s'>%s</a></td> - <td><a TARGET='_blank' href='%s/GLTransInquiry.php?TypeID=%s&TransNo=%s'>" . - _('View GL Postings') . '</a></td></tr>', - $myrow['transno'], - $myrow['typename'], - $myrow['suppreference'], - ConvertSQLDate($myrow['trandate']), - number_format($myrow['totalamount'],2), - number_format($myrow['allocated'],2), - number_format($myrow['totalamount'] - $myrow['allocated'],2), - $myrow['transtext'], - $_SERVER['PHP_SELF'], - SID, - $myrow['type'], - $myrow['transno'], - $HoldValue, - $_POST['TransAfterDate'], - $HoldValue, - $rootpath, - $myrow['type'], - $myrow['transno']); + echo "<td>".$myrow['transno']."</td>"; + echo "<td>".$myrow['typename']."</td>"; + echo "<td>".$myrow['suppreference']."</td>"; + echo "<td>".ConvertSQLDate($myrow['trandate'])."</td>"; + echo "<td class=number>".number_format($myrow['totalamount'],2)."</td>"; + echo "<td class=number>".number_format($myrow['allocated'],2)."</td>"; + echo "<td class=number>".number_format($myrow['totalamount'] - $myrow['allocated'],2)."</td>"; + echo "<td align=left>".$myrow['transtext']."</td>"; + $authsql='SELECT offhold + FROM purchorderauth + WHERE userid="'.$_SESSION['UserID'] . + '" AND currabrev="'.$SupplierRecord['currcode'].'"'; + $authresult=DB_query($authsql, $db); + $authrow=DB_fetch_array($authresult); + if ($authrow[0]==0) { + echo "<td><a href='".$_SERVER['PHP_SELF']."?".SID."&HoldType=".$myrow['type']."&HoldTrans=".$myrow['transno']. + "&HoldStatus=".$HoldValue."&FromDate=".$_POST['TransAfterDate']."'>".$HoldValue."</a></td>"; + } else { + if ($HoldValue==_('Release')) { + echo "<td>".$HoldValue."</a></td>"; + } else { + echo "<td><a href='".$_SERVER['PHP_SELF']."?".SID."&HoldType=".$myrow['type']."&HoldTrans=".$myrow['transno']. + "&HoldStatus=".$HoldValue."&FromDate=".$_POST['TransAfterDate']."'>".$HoldValue."</a></td>"; + } + } + echo "<td><a target='_blank' href='".$rootpath."/GLTransInquiry.php?TypeID=".$myrow['type']."&TransNo=".$myrow['transno']."'>" ._('View GL Postings') . "</a></td></tr>"; } - } else { if ($myrow['totalamount'] - $myrow['allocated'] == 0){ Modified: trunk/doc/Change.log.html =================================================================== --- trunk/doc/Change.log.html 2010-01-06 22:39:34 UTC (rev 3278) +++ trunk/doc/Change.log.html 2010-01-07 13:07:43 UTC (rev 3279) @@ -1,5 +1,6 @@ <p><font SIZE=4 COLOR=BLUE><b>webERP Change Log</b></font></p> <p> +<p>06/01/10 Tim: Change to only allow authorised staff to release invoices from hold <p>06/01/10 Tim: index.php - Ensure the modules positioning remains consistent. <p>06/01/10 Tim: api_stock.php - Error in sql statement. <p>06/01/10 Tim: index.php - Move the modules selection to the left of the screen Modified: trunk/sql/mysql/upgrade3.11.1-3.12.sql =================================================================== --- trunk/sql/mysql/upgrade3.11.1-3.12.sql 2010-01-06 22:39:34 UTC (rev 3278) +++ trunk/sql/mysql/upgrade3.11.1-3.12.sql 2010-01-07 13:07:43 UTC (rev 3279) @@ -48,3 +48,5 @@ INSERT INTO `config` (`confname`, `confvalue`) VALUES ('LogSeverity', '0'); ALTER TABLE `www_users` ADD COLUMN `pdflanguage` tinyint(1) NOT NULL DEFAULT '0'; + +ALTER TABLE `purchorderauth` ADD COLUMN `offhold` tinyint(1) NOT NULL DEFAULT 0; \ No newline at end of file This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |