Menu
▾
▴
[Weberp-cvs] SF.net SVN: web-erp:[3646] trunk
|
From: <tim...@us...> - 2010-07-19 20:49:32
|
Revision: 3646
http://web-erp.svn.sourceforge.net/web-erp/?rev=3646&view=rev
Author: tim_schofield
Date: 2010-07-19 20:49:25 +0000 (Mon, 19 Jul 2010)
Log Message:
-----------
Layout changes and sql quoting, proper checks for deletion of location
Modified Paths:
--------------
trunk/FixedAssetLocations.php
trunk/doc/Change.log.html
Modified: trunk/FixedAssetLocations.php
===================================================================
--- trunk/FixedAssetLocations.php 2010-07-19 18:30:33 UTC (rev 3645)
+++ trunk/FixedAssetLocations.php 2010-07-19 20:49:25 UTC (rev 3646)
@@ -1,6 +1,5 @@
<?php
-/* $Id$*/
$PageSecurity = 11;
include('includes/session.inc');
@@ -9,7 +8,7 @@
echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/maintenance.png" title="' .
_('Search') . '" alt="">' . ' ' . $title;
-if (isset($_POST['submit'])) {
+if (isset($_POST['submit']) and !isset($_POST['delete'])) {
$InputError=0;
if (!isset($_POST['locationid']) or strlen($_POST['locationid'])<1) {
prnMsg(_('You must enter at least one character in the location ID'),'error');
@@ -38,40 +37,74 @@
} else {
$locationid='';
- $locdesc='';
+ $locdesc='';
}
-//Batman: Attempting to update fields
+//Batman: Attempting to update fields
-if (isset($_POST['update'])) {
- $InputError=0;
- /*Batman: Removing the ID
+if (isset($_POST['update']) and !isset($_POST['delete'])) {
+ $InputError=0;
+ /*Batman: Removing the ID
if (!isset($_POST['locationid']) or strlen($_POST['locationid'])<1) {
- prnMsg(_('You must enter at least one character in the location ID'),'error');
- $InputError=1;
- }*/
- if (!isset($_POST['locdesc']) or strlen($_POST['locdesc'])<1) {
- prnMsg(_('You must enter at least one character in the location description'),'error');
- $InputError=1;
- }
- if ($InputError==0) {
- $sql='UPDATE fixedassetlocations SET
- locationdescription="'.$_POST['locdesc'].'",
+ prnMsg(_('You must enter at least one character in the location ID'),'error');
+ $InputError=1;
+ }*/
+ if (!isset($_POST['locdesc']) or strlen($_POST['locdesc'])<1) {
+ prnMsg(_('You must enter at least one character in the location description'),'error');
+ $InputError=1;
+ }
+ if ($InputError==0) {
+ $sql='UPDATE fixedassetlocations SET
+ locationdescription="'.$_POST['locdesc'].'",
parentlocationid="'.$_POST['parentlocationid'].'"
- WHERE locationid ="'.$_POST['locationid'].'"';
- $result=DB_query($sql,$db);
+ WHERE locationid ="'.$_POST['locationid'].'"';
+ $result=DB_query($sql,$db);
//Batman: Testing leaking sql echo $sql;
echo '<meta http-equiv="Refresh" content="0; url="'.$_SERVER['PHP_SELF'].'">';
}
-}
+} else {
+ // if you are not updating then you want to delete but lets be sure first.
+ if (isset($_POST['delete'])) {
+ $InputError=0;
+ if (!isset($_POST['locdesc']) or strlen($_POST['locdesc'])<1) {
+ prnMsg(_('You must enter at least one character in the location description'),'error');
+ $InputError=1;
+ }
+
+ $sql="SELECT COUNT(locationid) FROM fixedassetlocations WHERE parentlocationid='" . $_POST['locationid']."'";
+ $result = DB_query($sql,$db);
+ $myrow=DB_fetch_row($result);
+ if ($myrow[0]>0) {
+ prnMsg(_('This location has child locations so cannot be removed'), 'warning');
+ $InputError=1;
+ }
+ $sql="SELECT COUNT(id) FROM assetmanager WHERE location='" . $_POST['locationid']."'";
+ $result = DB_query($sql,$db);
+ $myrow=DB_fetch_row($result);
+ if ($myrow[0]>0) {
+ prnMsg(_('You have assets in this location location so cannot be removed'), 'warning');
+ $InputError=1;
+ }
+ if ($InputError==0) {
+ $sql = "DELETE FROM fixedassetlocations WHERE locationid = '".$_POST['locationid']."'";
+ $result = DB_query($sql,$db);
+ prnMsg(_('The location has been deleted successfully'), 'success');
+ }
+ }
+}
+
$sql='SELECT * FROM fixedassetlocations';
$result=DB_query($sql, $db);
-echo '<table><tr>';
-echo '<th>'._('Location ID').'</th><th>'._('Location Description').'</th><th>'._('Parent Location').'</th></tr>';
+if (DB_num_rows($result) > 0) {
+ echo '<table class=selection><tr>';
+ echo '<th>'._('Location ID').'</th>
+ <th>'._('Location Description').'</th>
+ <th>'._('Parent Location').'</th></tr>';
+}
+while ($myrow=DB_fetch_array($result)) {
-while ($myrow=DB_fetch_array($result)) {
- $parentsql='select locationdescription from fixedassetlocations where locationid="'.$myrow['parentlocationid'].'"';
+ $parentsql="select locationdescription from fixedassetlocations where locationid='".$myrow['parentlocationid']."'";
$parentresult=DB_query($parentsql, $db);
$parentrow=DB_fetch_array($parentresult);
echo '<tr><td>'.$myrow['locationid'].'</td>';
@@ -79,20 +112,20 @@
echo '<td>'.$parentrow['locationdescription'].'</td>';
echo '<td><a href="'.$_SERVER['PHP_SELF'] . '?' . SID.'SelectedLocation='.$myrow['locationid'].'">' .
_('Edit') . '</td>'; //Batman: added '; and duplicated line as below
- echo '<td><a href="'.$_SERVER['PHP_SELF'] . '?' . SID.'SelectedLocation='.$myrow['locationid'].'">' .
- _('Delete') . '</td></tr>';
//Batman: Just hashed this out</tr>';
}
-//Batman: Captureing the location ID before the update process
+//Batman: Capturing the location ID before the update process
//echo $loc = "'.$_POST['locationid'].'";
echo '</table><br>';
-echo '<form name="LocationForm" method="post" action="' . $_SERVER['PHP_SELF'] . '?' . SID . '"><table>';
+echo '<form name="LocationForm" method="post" action="' . $_SERVER['PHP_SELF'] . '?' . SID . '"><table class=selection>';
echo '<tr><th style="text-align:left">'._('Location ID').'</th>';
-if (isset($_GET['SelectedLocation']))
- echo '<td><b><input type=text name=locationid size=6 value="'.$locationid.'"></b></td>';
-else
+if (isset($_GET['SelectedLocation'])) {
+ echo '<input type=hidden name=locationid value="'.$locationid.'">';
+ echo '<td>'.$locationid.'</td>';
+} else {
echo '<td><input type=text name=locationid size=6 value="'.$locationid.'"></td></tr>';
+}
echo '<tr><th style="text-align:left">'._('Location Description').'</th>';
echo '<td><input type=text name=locdesc size=20 value="'.$locdesc.'"></td></tr>';
@@ -118,15 +151,19 @@
echo '</table><br>';
-//Batman: parentlocationid checking the location ID
+//Batman: parentlocationid checking the location ID
//echo $locationid;
echo '<div class="centre">';
-if (isset($_GET['SelectedLocation']))
- echo '<input type="Submit" name="update" value="' . _('Update Information') . '">';
-else echo '<input type="submit" name="submit" value="' . _('Enter Information') . '">';
+if (isset($_GET['SelectedLocation'])) {
+ echo '<input type="Submit" name="update" value="' . _('Update Information') . '">';
+ echo '<p>';
+ echo '<p><center><input type="Submit" name="delete" value="' . _('Delete This Location') . '">';
+} else {
+ echo '<input type="submit" name="submit" value="' . _('Enter Information') . '">';
+}
echo '</div>';
echo '</form>';
include('includes/footer.inc');
-?>
+?>
\ No newline at end of file
Modified: trunk/doc/Change.log.html
===================================================================
--- trunk/doc/Change.log.html 2010-07-19 18:30:33 UTC (rev 3645)
+++ trunk/doc/Change.log.html 2010-07-19 20:49:25 UTC (rev 3646)
@@ -1,5 +1,6 @@
<p><font SIZE=4 COLOR=BLUE><b>webERP Change Log</b></font></p>
<p></p>
+<p>19/07/10 Tim: FixedassetLocations.php - Layout changes and sql quoting, proper checks for deletion of location</p>
<p>19/07/10 Tim: PO_SelectOSPurchOrder.php - Remove order values when security token 12 is not set</p>
<p>19/07/10 Tim: SelectProduct.php - Change prices security to token 12</p>
<p>19/07/10 Tim: FixedAssetCategories.php - Layout changes and sql quoting</p>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
