[Weberp-cvs] SF.net SVN: web-erp:[3610] trunk

[<tim...@us...>]

Revision: 3610
          http://web-erp.svn.sourceforge.net/web-erp/?rev=3610&view=rev
Author:   tim_schofield
Date:     2010-07-12 18:38:26 +0000 (Mon, 12 Jul 2010)

Log Message:
-----------
Bug Fixes, Layout changes, sql quoting corrections

Modified Paths:
--------------
    trunk/Locations.php
    trunk/doc/Change.log.html

Modified: trunk/Locations.php
===================================================================
--- trunk/Locations.php	2010-07-12 09:02:03 UTC (rev 3609)
+++ trunk/Locations.php	2010-07-12 18:38:26 UTC (rev 3610)
@@ -18,7 +18,7 @@
 }
 
 if (isset($_POST['submit'])) {
-
+	$_POST['Managed']='off';
 	//initialise no input errors assumed initially before we test
 	$InputError = 0;
 
@@ -40,10 +40,11 @@
 			$arr = explode('-',$_POST['CashSaleCustomer']);
 			$DebtorNo = $arr[0];
 			$Branch = $arr[1];
-			
-			$sql = "SELECT * FROM custbranch WHERE debtorno='" . $DebtorNo . "' 
-											 AND branchcode='" . $Branch . "'";
-											  		
+
+			$sql = "SELECT * FROM custbranch
+					WHERE debtorno='" . $DebtorNo . "'
+					AND branchcode='" . $Branch . "'";
+
 			// echo $sql;
 			$result = DB_query($sql,$db);
 			if (DB_num_rows($result)==0){
@@ -52,8 +53,8 @@
 			}
 		}
 	} //end of checking the customer - branch code entered
-	
 
+
 	if (isset($SelectedLocation) AND $InputError !=1) {
 
 		/* Set the managed field to 1 if it is checked, otherwise 0 */
@@ -76,10 +77,10 @@
 				fax='" . $_POST['Fax'] . "',
 				email='" . $_POST['Email'] . "',
 				contact='" . $_POST['Contact'] . "',
-				taxprovinceid = " . $_POST['TaxProvince'] . ",
+				taxprovinceid = '" . $_POST['TaxProvince'] . "',
 				cashsalecustomer ='" . $_POST['CashSaleCustomer'] . "',
-				managed = " . $_POST['Managed'] . "
-			WHERE loccode = '$SelectedLocation'";
+				managed = '" . $_POST['Managed'] . "'
+			WHERE loccode = '" . $SelectedLocation . "'";
 
 		$ErrMsg = _('An error occurred updating the') . ' ' . $SelectedLocation . ' ' . _('location record because');
 		$DbgMsg = _('The SQL used to update the location record was');
@@ -146,13 +147,13 @@
 				'" . $_POST['Fax'] . "',
 				'" . $_POST['Email'] . "',
 				'" . $_POST['Contact'] . "',
-				" . $_POST['TaxProvince'] . ",
+				'" . $_POST['TaxProvince'] . "',
 				'" . $_POST['CashSaleCustomer'] . "',
-				" . $_POST['Managed'] . "
+				'" . $_POST['Managed'] . "'
 			)";
 
 		$ErrMsg =  _('An error occurred inserting the new location record because');
-		$Dbgmsg =  _('The SQL used to insert the location record was');
+		$DbgMsg =  _('The SQL used to insert the location record was');
 		$result = DB_query($sql,$db,$ErrMsg,$DbgMsg);
 
 		prnMsg( _('The new location record has been added'),'success');
@@ -174,7 +175,7 @@
 		$DbgMsg =  _('The SQL used to insert the new stock location records was');
 		$result = DB_query($sql,$db,$ErrMsg, $DbgMsg);
 
-		echo '<br>........ ' . _('and new stock locations inserted for all existing stock items for the new location');
+		prnMsg ('........ ' . _('and new stock locations inserted for all existing stock items for the new location'), 'success');
 		unset($_POST['LocCode']);
 		unset($_POST['LocationName']);
 		unset($_POST['DelAdd1']);
@@ -197,31 +198,31 @@
 
 	/* Go through the tax authorities for all Locations deleting or adding TaxAuthRates records as necessary */
 
-	$result = DB_query('SELECT COUNT(taxid) FROM taxauthorities',$db);
+	$result = DB_query("SELECT COUNT(taxid) FROM taxauthorities",$db);
 	$NoTaxAuths =DB_fetch_row($result);
 
-	$DispTaxProvincesResult = DB_query('SELECT taxprovinceid FROM locations',$db);
-	$TaxCatsResult = DB_query('SELECT taxcatid FROM taxcategories',$db);
+	$DispTaxProvincesResult = DB_query("SELECT taxprovinceid FROM locations",$db);
+	$TaxCatsResult = DB_query("SELECT taxcatid FROM taxcategories",$db);
 	if (DB_num_rows($TaxCatsResult) > 0 ) { // This will only work if there are levels else we get an error on seek.
 
 		while ($myrow=DB_fetch_row($DispTaxProvincesResult)){
 			/*Check to see there are TaxAuthRates records set up for this TaxProvince */
-			$NoTaxRates = DB_query('SELECT taxauthority FROM taxauthrates WHERE dispatchtaxprovince=' . $myrow[0], $db);
+			$NoTaxRates = DB_query("SELECT taxauthority FROM taxauthrates WHERE dispatchtaxprovince='" . $myrow[0] . "'", $db);
 
 			if (DB_num_rows($NoTaxRates) < $NoTaxAuths[0]){
 
 				/*First off delete any tax authoritylevels already existing */
-				$DelTaxAuths = DB_query('DELETE FROM taxauthrates WHERE dispatchtaxprovince=' . $myrow[0],$db);
+				$DelTaxAuths = DB_query("DELETE FROM taxauthrates WHERE dispatchtaxprovince='" . $myrow[0] . "'",$db);
 
 				/*Now add the new TaxAuthRates required */
 				while ($CatRow = DB_fetch_row($TaxCatsResult)){
-					$sql = 'INSERT INTO taxauthrates (taxauthority,
+					$sql = "INSERT INTO taxauthrates (taxauthority,
 										dispatchtaxprovince,
 										taxcatid)
 							SELECT taxid,
-								' . $myrow[0] . ',
-								' . $CatRow[0] . '
-							FROM taxauthorities';
+								'" . $myrow[0] . "',
+								'" . $CatRow[0] . "'
+							FROM taxauthorities";
 
 					$InsTaxAuthRates = DB_query($sql,$db);
 				}
@@ -237,7 +238,7 @@
 	$CancelDelete = 0;
 
 // PREVENT DELETES IF DEPENDENT RECORDS
-	$sql= "SELECT COUNT(*) FROM salesorders WHERE fromstkloc='$SelectedLocation'";
+	$sql= "SELECT COUNT(*) FROM salesorders WHERE fromstkloc='". $SelectedLocation . "'";
 	$result = DB_query($sql,$db);
 	$myrow = DB_fetch_row($result);
 	if ($myrow[0]>0) {
@@ -245,7 +246,7 @@
 		prnMsg( _('Cannot delete this location because sales orders have been created delivering from this location'),'warn');
 		echo  _('There are') . ' ' . $myrow[0] . ' ' . _('sales orders with this Location code');
 	} else {
-		$sql= "SELECT COUNT(*) FROM stockmoves WHERE stockmoves.loccode='$SelectedLocation'";
+		$sql= "SELECT COUNT(*) FROM stockmoves WHERE stockmoves.loccode='" . $SelectedLocation . "'";
 		$result = DB_query($sql,$db);
 		$myrow = DB_fetch_row($result);
 		if ($myrow[0]>0) {
@@ -254,7 +255,7 @@
 			echo '<br>' . _('There are') . ' ' . $myrow[0] . ' ' . _('stock movements with this Location code');
 
 		} else {
-			$sql= "SELECT COUNT(*) FROM locstock WHERE locstock.loccode='$SelectedLocation' AND locstock.quantity !=0";
+			$sql= "SELECT COUNT(*) FROM locstock WHERE locstock.loccode='". $SelectedLocation . "' AND locstock.quantity !=0";
 			$result = DB_query($sql,$db);
 			$myrow = DB_fetch_row($result);
 			if ($myrow[0]>0) {
@@ -262,7 +263,7 @@
 				prnMsg(_('Cannot delete this location because location stock records exist that use this location and have a quantity on hand not equal to 0'),'warn');
 				echo '<br> ' . _('There are') . ' ' . $myrow[0] . ' ' . _('stock items with stock on hand at this location code');
 			} else {
-				$sql= "SELECT COUNT(*) FROM www_users WHERE www_users.defaultlocation='$SelectedLocation'";
+				$sql= "SELECT COUNT(*) FROM www_users WHERE www_users.defaultlocation='" . $SelectedLocation . "'";
 				$result = DB_query($sql,$db);
 				$myrow = DB_fetch_row($result);
 				if ($myrow[0]>0) {
@@ -270,7 +271,7 @@
 					prnMsg(_('Cannot delete this location because it is the default location for a user') . '. ' . _('The user record must be modified first'),'warn');
 					echo '<br> ' . _('There are') . ' ' . $myrow[0] . ' ' . _('users using this location as their default location');
 				} else {
-					$sql= "SELECT COUNT(*) FROM bom WHERE bom.loccode='$SelectedLocation'";
+					$sql= "SELECT COUNT(*) FROM bom WHERE bom.loccode='" . $SelectedLocation . "'";
 					$result = DB_query($sql,$db);
 					$myrow = DB_fetch_row($result);
 					if ($myrow[0]>0) {
@@ -278,7 +279,7 @@
 						prnMsg(_('Cannot delete this location because it is the default location for a bill of material') . '. ' . _('The bill of materials must be modified first'),'warn');
 						echo '<br> ' . _('There are') . ' ' . $myrow[0] . ' ' . _('bom components using this location');
 					} else {
-						$sql= "SELECT COUNT(*) FROM workcentres WHERE workcentres.location='$SelectedLocation'";
+						$sql= "SELECT COUNT(*) FROM workcentres WHERE workcentres.location='" . $SelectedLocation . "'";
 						$result = DB_query($sql,$db);
 						$myrow = DB_fetch_row($result);
 						if ($myrow[0]>0) {
@@ -286,7 +287,7 @@
 							prnMsg( _('Cannot delete this location because it is used by some work centre records'),'warn');
 							echo '<br>' . _('There are') . ' ' . $myrow[0] . ' ' . _('works centres using this location');
 						} else {
-							$sql= "SELECT COUNT(*) FROM workorders WHERE workorders.loccode='$SelectedLocation'";
+							$sql= "SELECT COUNT(*) FROM workorders WHERE workorders.loccode='" . $SelectedLocation . "'";
 							$result = DB_query($sql,$db);
 							$myrow = DB_fetch_row($result);
 							if ($myrow[0]>0) {
@@ -294,7 +295,7 @@
 								prnMsg( _('Cannot delete this location because it is used by some work order records'),'warn');
 								echo '<br>' . _('There are') . ' ' . $myrow[0] . ' ' . _('work orders using this location');
 							}else {
-								$sql= "SELECT COUNT(*) FROM custbranch WHERE custbranch.defaultlocation='$SelectedLocation'";
+								$sql= "SELECT COUNT(*) FROM custbranch WHERE custbranch.defaultlocation='" . $SelectedLocation . "'";
 								$result = DB_query($sql,$db);
 								$myrow = DB_fetch_row($result);
 								if ($myrow[0]>0) {
@@ -314,11 +315,11 @@
 		/* need to figure out if this location is the only one in the same tax province */
 		$result = DB_query("SELECT taxprovinceid FROM locations WHERE loccode='" . $SelectedLocation . "'",$db);
 		$TaxProvinceRow = DB_fetch_row($result);
-		$result = DB_query("SELECT COUNT(taxprovinceid) FROM locations WHERE taxprovinceid=" .$TaxProvinceRow[0],$db);
+		$result = DB_query("SELECT COUNT(taxprovinceid) FROM locations WHERE taxprovinceid='" .$TaxProvinceRow[0] . "'",$db);
 		$TaxProvinceCount = DB_fetch_row($result);
 		if ($TaxProvinceCount[0]==1){
 		/* if its the only location in this tax authority then delete the appropriate records in TaxAuthLevels */
-			$result = DB_query('DELETE FROM taxauthrates WHERE dispatchtaxprovince=' . $TaxProvinceRow[0],$db);
+			$result = DB_query("DELETE FROM taxauthrates WHERE dispatchtaxprovince='" . $TaxProvinceRow[0] . "'",$db);
 		}
 
 		$result= DB_query("DELETE FROM locstock WHERE loccode ='" . $SelectedLocation . "'",$db);
@@ -348,8 +349,10 @@
 	if (DB_num_rows($result)==0){
 		prnMsg (_('There are no locations that match up with a tax province record to display. Check that tax provinces are set up for all dispatch locations'),'error');
 	}
+	echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/supplier.png" title="' .
+			_('Inventory') . '" alt="">' . ' ' . $title . '';
 
-	echo '<table border=1>';
+	echo '<table class=selection>';
 	echo '<tr><th>' . _('Location Code') . '</th>
 			<th>' . _('Location Name') . '</th>
 			<th>' . _('Tax Province') . '</th>
@@ -395,27 +398,20 @@
 
 //end of ifs and buts!
 
-?>
+echo "<p>";
+if (isset($SelectedLocation)) {
+	echo '<a href="' . $_SERVER['PHP_SELF'] . '">' . _('Review Records') . '</a>';
+}
+echo "<p>";
 
-<p>
-<?php
-if (isset($SelectedLocation)) {  ?>
-	<div class="centre"><a href="<?php echo $_SERVER['PHP_SELF'];?>"><?php echo _('REVIEW RECORDS'); ?></a></div>
-<?php } ?>
-
-<p>
-
-
-<?php
-
-
-
 if (!isset($_GET['delete'])) {
 
 	echo "<form method='post' action='" . $_SERVER['PHP_SELF'] . '?' . SID . "'>";
 
 	if (isset($SelectedLocation)) {
 		//editing an existing Location
+		echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/supplier.png" title="' .
+			_('Inventory') . '" alt="">' . ' ' . $title . '';
 
 		$sql = "SELECT loccode,
 				locationname,
@@ -433,7 +429,7 @@
 				cashsalecustomer,
 				managed
 			FROM locations
-			WHERE loccode='$SelectedLocation'";
+			WHERE loccode='" . $SelectedLocation . "'";
 
 		$result = DB_query($sql, $db);
 		$myrow = DB_fetch_array($result);
@@ -457,13 +453,16 @@
 
 		echo "<input type=hidden name=SelectedLocation VALUE=" . $SelectedLocation . '>';
 		echo "<input type=hidden name=LocCode VALUE=" . $_POST['LocCode'] . '>';
-		echo '<table> <tr><td>' . _('Location Code') . ':</td><td>';
+		echo '<table class=selection>';
+		echo '<tr><th colspan=2><font size=3 color=blue>'._('Amend Location details').'</font></th></tr>';
+		echo '<tr><td>' . _('Location Code') . ':</td><td>';
 		echo $_POST['LocCode'] . '</td></tr>';
 	} else { //end of if $SelectedLocation only do the else when a new record is being entered
 		if (!isset($_POST['LocCode'])) {
 			$_POST['LocCode'] = '';
 		}
-		echo '<table><tr><td>' . _('Location Code') . ':</td><td><input type="Text" name="LocCode" value="' . $_POST['LocCode'] . '" size=5 maxlength=5></td></tr>';
+		echo '<table class=selection><tr><th colspan=2><font size=3 color=blue>'._('New Location details').'</font></th></tr>';
+		echo '<tr><td>' . _('Location Code') . ':</td><td><input type="Text" name="LocCode" value="' . $_POST['LocCode'] . '" size=5 maxlength=5></td></tr>';
 	}
 	if (!isset($_POST['LocationName'])) {
 		$_POST['LocationName'] = '';
@@ -504,61 +503,57 @@
 	if (!isset($_POST['Managed'])) {
 		$_POST['Managed'] = 0;
 	}
-	?>
 
-	<tr><td><?php echo _('Location Name') . ':'; ?></td>
-	<td><input type="Text" name="LocationName" value="<?php echo $_POST['LocationName']; ?>" size=51 maxlength=50></td></tr>
-	<tr><td><?php echo _('Contact for deliveries') . ':'; ?></td>
-	<td><input type="Text" name="Contact" value="<?php echo $_POST['Contact']; ?>" size=31 maxlength=30></td></tr>
-	<tr><td><?php echo _('Delivery Address 1') . ':'; ?></td>
-	<td><input type="Text" name="DelAdd1" value="<?php echo $_POST['DelAdd1']; ?>" size=41 maxlength=40></td></tr>
-	<tr><td><?php echo _('Delivery Address 2') . ':'; ?></td>
-	<td><input type="Text" name="DelAdd2" value="<?php echo $_POST['DelAdd2']; ?>" size=41 maxlength=40></td></tr>
-	<tr><td><?php echo _('Delivery Address 3') . ':'; ?></td>
-	<td><input type="Text" name="DelAdd3" value="<?php echo $_POST['DelAdd3']; ?>" size=41 maxlength=40></td></tr>
-	<tr><td><?php echo _('Delivery Address 4') . ':'; ?></td>
-	<td><input type="Text" name="DelAdd4" value="<?php echo $_POST['DelAdd4']; ?>" size=41 maxlength=40></td></tr>
-	<tr><td><?php echo _('Delivery Address 5') . ':'; ?></td>
-	<td><input type="Text" name="DelAdd5" value="<?php echo $_POST['DelAdd5']; ?>" size=21 maxlength=20></td></tr>
-	<tr><td><?php echo _('Delivery Address 6') . ':'; ?></td>
-	<td><input type="Text" name="DelAdd6" value="<?php echo $_POST['DelAdd6']; ?>" size=16 maxlength=15></td></tr>
-	<tr><td><?php echo _('Telephone No') . ':'; ?></td>
-	<td><input type="Text" name="Tel" value="<?php echo $_POST['Tel']; ?>" size=31 maxlength=30></td></tr>
-	<tr><td><?php echo _('Facsimile No') . ':'; ?></td>
-	<td><input type="Text" name="Fax" value="<?php echo $_POST['Fax']; ?>" size=31 maxlength=30></td></tr>
-	<tr><td><?php echo _('Email') . ':'; ?></td>
-	<td><input type="Text" name="Email" value="<?php echo $_POST['Email']; ?>" size=31 maxlength=55></td></tr>
+	echo '<tr><td>' .  _('Location Name') . ':' . '</td>';
+	echo '<td><input type="Text" name="LocationName" value="'. $_POST['LocationName'] . '" size=51 maxlength=50></td></tr>';
+	echo '<tr><td>' . _('Contact for deliveries') . ':' . '</td>';
+	echo '<td><input type="Text" name="Contact" value="' . $_POST['Contact'] . '" size=31 maxlength=30></td></tr>';
+	echo '<tr><td>' .  _('Delivery Address 1') . ':' . '</td>';
+	echo '<td><input type="Text" name="DelAdd1" value="' . $_POST['DelAdd1'] . '" size=41 maxlength=40></td></tr>';
+	echo '<tr><td>' . _('Delivery Address 2') . ':' . '</td>';
+	echo '<td><input type="Text" name="DelAdd2" value="' .  $_POST['DelAdd2'] . '" size=41 maxlength=40></td></tr>';
+	echo '<tr><td>' .  _('Delivery Address 3') . ':' . '</td>';
+	echo '<td><input type="Text" name="DelAdd3" value="' .  $_POST['DelAdd3'] . '" size=41 maxlength=40></td></tr>';
+	echo '<tr><td>' .  _('Delivery Address 4') . ':' . '</td>';
+	echo '<td><input type="Text" name="DelAdd4" value="' . $_POST['DelAdd4'] . '" size=41 maxlength=40></td></tr>';
+	echo '<tr><td>' .  _('Delivery Address 5') . ':' . '</td>';
+	echo '<td><input type="Text" name="DelAdd5" value="' . $_POST['DelAdd5'] . '" size=21 maxlength=20></td></tr>';
+	echo '<tr><td>' . _('Delivery Address 6') . ':' . '</td>';
+	echo '<td><input type="Text" name="DelAdd6" value="' . $_POST['DelAdd6'] . '" size=16 maxlength=15></td></tr>';
+	echo '<tr><td>' .  _('Telephone No') . ':' . '</td>';
+	echo '<td><input type="Text" name="Tel" value="' . $_POST['Tel'] . '" size=31 maxlength=30></td></tr>';
+	echo '<tr><td>' .  _('Facsimile No') . ':' . '</td>';
+	echo '<td><input type="Text" name="Fax" value="' . $_POST['Fax'] . '" size=31 maxlength=30></td></tr>';
+	echo '<tr><td>' .  _('Email') . ':' . '</td>';
+	echo '<td><input type="Text" name="Email" value="' . $_POST['Email'] . '" size=31 maxlength=55></td></tr>';
 
-	<td><?php echo _('Tax Province') . ':'; ?></td><td><select name='TaxProvince'>
+	echo '<td>' .  _('Tax Province') . ':' . '</td><td><select name="TaxProvince">';
 
-	<?php
 	$TaxProvinceResult = DB_query('SELECT taxprovinceid, taxprovincename FROM taxprovinces',$db);
 	while ($myrow=DB_fetch_array($TaxProvinceResult)){
 		if ($_POST['TaxProvince']==$myrow['taxprovinceid']){
-			echo '<option selected VALUE=' . $myrow['taxprovinceid'] . '>' . $myrow['taxprovincename'];
+			echo '<option selected value=' . $myrow['taxprovinceid'] . '>' . $myrow['taxprovincename'];
 		} else {
-			echo '<option VALUE=' . $myrow['taxprovinceid'] . '>' . $myrow['taxprovincename'];
+			echo '<option value=' . $myrow['taxprovinceid'] . '>' . $myrow['taxprovincename'];
 		}
 	}
 
-	?>
-	</select></td></tr>
-	<tr><td><?php echo _('Default Counter Sales Customer') . ':'; ?></td>
-	<td><input type="Text" name="CashSaleCustomer" value="<?php echo $_POST['CashSaleCustomer']; ?>" size=25 maxlength=23></td></tr>
-	<?php
+	echo '</select></td></tr>';
+	echo '<tr><td>' . _('Default Counter Sales Customer') . ':' . '</td>';
+	echo '<td><input type="Text" name="CashSaleCustomer" value="' . $_POST['CashSaleCustomer'] .
+		'" size=25 maxlength=23></td></tr>';
 	/*
 	This functionality is not written yet ...
 	<tr><td><?php echo _('Enable Warehouse Management') . ':'; ?></td>
 	<td><input type='checkbox' name='Managed'<?php if($_POST['Managed'] == 1) echo ' checked';?>></td></tr>
 	*/
-	?>
-	</table>
+	echo '</table><br>';
 
-	<div class="centre"><input type="Submit" name="submit" value="<?php echo _('Enter Information'); ?>"></div>
+	echo '<div class="centre"><input type="Submit" name="submit" value="' .  _('Enter Information') . '"></div>';
 
-	</form>
+	echo '</form>';
 
-<?php } //end if record deleted no point displaying form to add record
+} //end if record deleted no point displaying form to add record
 
 include('includes/footer.inc');
-?>
+?>
\ No newline at end of file

Modified: trunk/doc/Change.log.html
===================================================================
--- trunk/doc/Change.log.html	2010-07-12 09:02:03 UTC (rev 3609)
+++ trunk/doc/Change.log.html	2010-07-12 18:38:26 UTC (rev 3610)
@@ -1,5 +1,6 @@
 <p><font SIZE=4 COLOR=BLUE><b>webERP Change Log</b></font></p>
 <p></p>
+<p>12/07/10 Tim: Locations.php - Bug Fixes, Layout changes, sql quoting corrections</p>
 <p>12/07/10 Tim: PDFGrn.php - Correct conversion factor bug</p>
 <p>11/07/10 Tim: InventoryValuation.php - Layout changes</p>
 <p>11/07/10 Tim: InventoryPlanningPrefSupplier.php - Bug fixes, layout changes, sql quoting fixed</p>


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.