Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[4495] trunk
|
From: <dai...@us...> - 2011-02-22 09:45:08
|
Revision: 4495
http://web-erp.svn.sourceforge.net/web-erp/?rev=4495&view=rev
Author: daintree
Date: 2011-02-22 09:45:01 +0000 (Tue, 22 Feb 2011)
Log Message:
-----------
PDF Languages in www_users - PDFTopItems rework - change PageSecurity array name to PageSecurityArray to avoid register globals issue
Modified Paths:
--------------
trunk/PDFTopItems.php
trunk/TopItems.php
trunk/UserSettings.php
trunk/WWW_Users.php
trunk/doc/Change.log.html
trunk/doc/Manual/ManualCurrencies.html
trunk/doc/Manual/ManualSecuritySchema.html
trunk/includes/PDFTopItemsHeader.inc
trunk/includes/class.pdf.php
Modified: trunk/PDFTopItems.php
===================================================================
--- trunk/PDFTopItems.php 2011-02-20 03:52:26 UTC (rev 4494)
+++ trunk/PDFTopItems.php 2011-02-22 09:45:01 UTC (rev 4495)
@@ -1,7 +1,7 @@
<?php
/* $Revision: 1.2 $ */
/* $Id$*/
-//$PageSecurity = 2;
+
include ('includes/session.inc');
include ('includes/PDFStarter.php');
$FontSize = 10;
@@ -10,79 +10,78 @@
$line_height = 12;
include ('includes/PDFTopItemsHeader.inc');
$FontSize = 10;
-$FromDate = FormatDateForSQL(DateAdd(Date($_SESSION['DefaultDateFormat']),'d', -$_POST['NumberOfDays']));
+$FromDate = FormatDateForSQL(DateAdd(Date($_SESSION['DefaultDateFormat']),'d', -$_GET['NumberOfDays']));
//the situation if the location and customer type selected "All"
-if (($_GET["location"] == "All") and ($_GET["customers"] == "All")) {
+if (($_GET['Location'] == 'All') and ($_GET['Customers'] == 'All')) {
$SQL = "SELECT salesorderdetails.stkcode,
- SUM(salesorderdetails.qtyinvoiced) TotalInvoiced,
- SUM(salesorderdetails.qtyinvoiced * salesorderdetails.unitprice ) AS ValueSales,
+ SUM(salesorderdetails.qtyinvoiced) totalinvoiced,
+ SUM(salesorderdetails.qtyinvoiced * salesorderdetails.unitprice ) AS valuesales,
stockmaster.description,
stockmaster.units
FROM salesorderdetails, salesorders, debtorsmaster,stockmaster
WHERE salesorderdetails.orderno = salesorders.orderno
AND salesorderdetails.stkcode = stockmaster.stockid
AND salesorders.debtorno = debtorsmaster.debtorno
- AND salesorderdetails.ActualDispatchDate >='" . $FromDate . "'
+ AND salesorderdetails.actualdispatchdate >='" . $FromDate . "'
GROUP BY salesorderdetails.stkcode
- ORDER BY '" . $_GET['order'] . "' DESC
- LIMIT 0," . $_GET['NumberOfTopItems'] ;
+ ORDER BY '" . $_GET['Sequence'] . "' DESC
+ LIMIT " . $_GET['NumberOfTopItems'] ;
} else { //the situation if only location type selected "All"
- if ($_GET["location"] == "All") {
+ if ($_GET['Location'] == 'All') {
$SQL = "SELECT salesorderdetails.stkcode,
- SUM(salesorderdetails.qtyinvoiced) TotalInvoiced,
- SUM(salesorderdetails.qtyinvoiced * salesorderdetails.unitprice ) AS ValueSales,
+ SUM(salesorderdetails.qtyinvoiced) totalinvoiced,
+ SUM(salesorderdetails.qtyinvoiced * salesorderdetails.unitprice ) AS valuesales,
stockmaster.description,
stockmaster.units
FROM salesorderdetails, salesorders, debtorsmaster,stockmaster
WHERE salesorderdetails.orderno = salesorders.orderno
AND salesorderdetails.stkcode = stockmaster.stockid
AND salesorders.debtorno = debtorsmaster.debtorno
- AND debtorsmaster.typeid = '" . $_GET["customers"] . "'
+ AND debtorsmaster.typeid = '" . $_GET['Customers'] . "'
AND salesorderdetails.ActualDispatchDate >= '" . $FromDate . "'
GROUP BY salesorderdetails.stkcode
- ORDER BY '" . $_GET['order'] . "' DESC
- LIMIT 0," . $_GET['NumberOfTopItems'];
+ ORDER BY '" . $_GET['Sequence'] . "' DESC
+ LIMIT " . $_GET['NumberOfTopItems'];
} else {
//the situation if the customer type selected "All"
- if ($_GET["customers"] == "All") {
- $SQL = "
- SELECT salesorderdetails.stkcode,
- SUM(salesorderdetails.qtyinvoiced) TotalInvoiced,
- SUM(salesorderdetails.qtyinvoiced * salesorderdetails.unitprice ) AS ValueSales,
+ if ($_GET['Customers'] == 'All') {
+ $SQL = "SELECT salesorderdetails.stkcode,
+ SUM(salesorderdetails.qtyinvoiced) totalinvoiced,
+ SUM(salesorderdetails.qtyinvoiced * salesorderdetails.unitprice ) AS valuesales,
stockmaster.description,
stockmaster.units
FROM salesorderdetails, salesorders, debtorsmaster,stockmaster
WHERE salesorderdetails.orderno = salesorders.orderno
AND salesorderdetails.stkcode = stockmaster.stockid
AND salesorders.debtorno = debtorsmaster.debtorno
- AND salesorders.fromstkloc = '" . $_GET['location'] . "'
+ AND salesorders.fromstkloc = '" . $_GET['Location'] . "'
AND salesorderdetails.ActualDispatchDate >= '" . $FromDate . "'
GROUP BY salesorderdetails.stkcode
- ORDER BY '" . $_GET['order'] . "' DESC
+ ORDER BY '" . $_GET['Sequence'] . "' DESC
LIMIT 0," . $_GET['NumberOfTopItems'];
} else {
//the situation if the location and customer type not selected "All"
- $SQL = "
- SELECT salesorderdetails.stkcode,
- SUM(salesorderdetails.qtyinvoiced) TotalInvoiced,
- SUM(salesorderdetails.qtyinvoiced * salesorderdetails.unitprice ) AS ValueSales,
+ $SQL = "SELECT salesorderdetails.stkcode,
+ SUM(salesorderdetails.qtyinvoiced) totalinvoiced,
+ SUM(salesorderdetails.qtyinvoiced * salesorderdetails.unitprice ) AS valuesales,
stockmaster.description,
stockmaster.units
FROM salesorderdetails, salesorders, debtorsmaster,stockmaster
WHERE salesorderdetails.orderno = salesorders.orderno
AND salesorderdetails.stkcode = stockmaster.stockid
AND salesorders.debtorno = debtorsmaster.debtorno
- AND salesorders.fromstkloc = '" . $_GET['location'] . "'
- AND debtorsmaster.typeid = '" . $_GET['customers'] . "'
- AND salesorderdetails.ActualDispatchDate >= '" . $FromDate . "'
+ AND salesorders.fromstkloc = '" . $_GET['Location'] . "'
+ AND debtorsmaster.typeid = '" . $_GET['Customers'] . "'
+ AND salesorderdetails.actualdispatchdate >= '" . $FromDate . "'
GROUP BY salesorderdetails.stkcode
- ORDER BY '" . $_GET['order'] . "' DESC
- LIMIT 0," . $_GET['NumberOfTopItems'];
+ ORDER BY '" . $_GET['Sequence'] . "' DESC
+ LIMIT " . $_GET['NumberOfTopItems'];
}
}
}
$result = DB_query($SQL, $db);
+
$YPos = $YPos - 6;
while ($myrow = DB_fetch_array($result)) {
//find the quantity onhand item
@@ -91,18 +90,12 @@
WHERE stockid='" . $myrow['0'] . "'";
$oh = db_query($sqloh, $db);
$ohRow = db_fetch_row($oh);
- $OnHand = $ohRow[0];
- $ValueSales = number_format($myrow['2'], 2);
- $Code = $myrow['0']; //stkcode
- $Desc = $myrow['3']; //desc
- $TotalInvoice = $myrow['1']; //total invoice here
- $Unit = $myrow['4']; //unit
- $LeftOvers = $pdf->addTextWrap($Left_Margin + 1, $YPos, 300 - $Left_Margin, $FontSize, $Code);
- $LeftOvers = $pdf->addTextWrap($Left_Margin + 100, $YPos, 270 - $Left_Margin, $FontSize, $Desc);
- $LeftOvers = $pdf->addTextWrap($Left_Margin + 330, $YPos, 30, $FontSize, $TotalInvoice, 'right');
- $LeftOvers = $pdf->addTextWrap($Left_Margin + 370, $YPos, 300 - $Left_Margin, $FontSize, $Unit, 'left');
- $LeftOvers = $pdf->addTextWrap($Left_Margin + 400, $YPos, 70, $FontSize, $ValueSales, 'right');
- $LeftOvers = $pdf->addTextWrap($Left_Margin + 490, $YPos, 30, $FontSize, $OnHand, 'right');
+ $LeftOvers = $pdf->addTextWrap($Left_Margin + 1, $YPos, 300 - $Left_Margin, $FontSize, $myrow['stkcode']);
+ $LeftOvers = $pdf->addTextWrap($Left_Margin + 100, $YPos, 270 - $Left_Margin, $FontSize, $myrow['description']);
+ $LeftOvers = $pdf->addTextWrap($Left_Margin + 330, $YPos, 30, $FontSize, $myrow['totalinvoiced'], 'right');
+ $LeftOvers = $pdf->addTextWrap($Left_Margin + 370, $YPos, 300 - $Left_Margin, $FontSize, $myrow['units'], 'left');
+ $LeftOvers = $pdf->addTextWrap($Left_Margin + 400, $YPos, 70, $FontSize, number_format($myrow['valuesales'], 2), 'right');
+ $LeftOvers = $pdf->addTextWrap($Left_Margin + 490, $YPos, 30, $FontSize, $ohRow[0], 'right');
if (strlen($LeftOvers) > 1) {
$LeftOvers = $pdf->addTextWrap($Left_Margin + 1 + 94, $YPos - $line_height, 270, $FontSize, $LeftOvers, 'left');
$YPos-= $line_height;
@@ -122,7 +115,7 @@
$title = _('Print Price List Error');
include ('includes/header.inc');
prnMsg(_('There were no records returned '), 'warn');
- echo '<br><a href="' . $rootpath . '/index.php?' . SID . '">' . _('Back to the menu') . '</a>';
+ echo '<br><a href="' . $rootpath . '/index.php">' . _('Back to the menu') . '</a>';
include ('includes/footer.inc');
exit;
} else {
Modified: trunk/TopItems.php
===================================================================
--- trunk/TopItems.php 2011-02-20 03:52:26 UTC (rev 4494)
+++ trunk/TopItems.php 2011-02-22 09:45:01 UTC (rev 4495)
@@ -7,11 +7,7 @@
$title = _('Top Items Searching');
include ('includes/header.inc');
//check if input already
-if (!(isset($_POST['Location'])
- AND isset($_POST['NumberOfDays'])
- AND isset($_POST['Customers'])
- AND isset($_POST['NumberOfTopItems'])
- AND isset($_POST['Sequence']))) {
+if (!(isset($_POST['Search']))) {
echo '<p class="page_title_text"><img src="' . $rootpath . '/css/' . $theme . '/images/magnifier.png" title="' . _('Top Sales Order Search') . '" alt="" />' . ' ' . _('Top Sales Order Search') . '</p>';
echo "<form action=" . $_SERVER['PHP_SELF'] . '?' . SID . ' name="SelectCustomer" method=POST>';
@@ -44,8 +40,8 @@
echo '<tr> <td width="150">' . _('Select Order By ') . ' </td>
<td>:</td>
<td><select name="Sequence">';
- echo ' <option value=TotalInvoiced>' . _('Total Pieces') . '';
- echo ' <option value=ValueSales>' . _('Value of Sales') . '';
+ echo ' <option value="TotalInvoiced">' . _('Total Pieces') . '';
+ echo ' <option value="ValueSales">' . _('Value of Sales') . '';
echo ' </select></td>
</tr>';
//View number of days
@@ -61,8 +57,10 @@
<td></td>
<td></td>
</tr>
- </form></table>';
- echo '<br /><div class=centre><input tabindex=5 type=submit value="' . _('Search') . '"></div>';
+ </table>
+ <br /><div class=centre>
+ <input tabindex=5 type=submit name="Search" value="' . _('Search') . '">
+ </div></form>';
} else {
// everything below here to view NumberOfTopItems items sale on selected location
$FromDate = FormatDateForSQL(DateAdd(Date($_SESSION['DefaultDateFormat']),'d', -$_POST['NumberOfDays']));
@@ -153,31 +151,32 @@
}
}
$result = DB_query($SQL, $db);
+
echo '<p class="page_title_text" align="center"><strong>' . _('Top Sales Items List') . '</strong></p>';
- echo "<form action=PDFTopItems.php method='GET'><table class='selection'>";
+ echo '<form action="PDFTopItems.php" method="GET"><table class="selection">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
- $TableHeader = '<tr><th><strong>' . _('#') . '</strong></th>
- <th><strong>' . _('Code') . '</strong></th>
- <th><strong>' . _('Description') . '</strong></th>
- <th><strong>' . _('Total Invoiced') . '</strong></th>
- <th><strong>' . _('Units') . '</strong></th>
- <th><strong>' . _('Value Sales') . '</strong></th>
- <th><strong>' . _('On Hand') . '</strong></th>';
+ $TableHeader = '<tr><th>' . _('#') . '</th>
+ <th>' . _('Code') . '</th>
+ <th>' . _('Description') . '</th>
+ <th>' . _('Total Invoiced') . '</th>
+ <th>' . _('Units') . '</th>
+ <th>' . _('Value Sales') . '</th>
+ <th>' . _('On Hand') . '</th>';
echo $TableHeader;
echo '
- <input type="hidden" value=' . $_POST['Location'] . ' name=location />
- <input type="hidden" value=' . $_POST['Sequence'] . ' name=Sequence />
- <input type="hidden" value=' . $_POST['NumberOfDays'] . ' name=numberofdays />
- <input type="hidden" value=' . $_POST['Customers'] . ' name=customers />
- <input type="hidden" value=' . $_POST['NumberOfTopItems'] . ' name=NumberOfTopItems />
+ <input type="hidden" value=' . $_POST['Location'] . ' name="Location" />
+ <input type="hidden" value=' . $_POST['Sequence'] . ' name="Sequence" />
+ <input type="hidden" value=' . $_POST['NumberOfDays'] . ' name="NumberOfDays" />
+ <input type="hidden" value=' . $_POST['Customers'] . ' name="Customers" />
+ <input type="hidden" value=' . $_POST['NumberOfTopItems'] . ' name="NumberOfTopItems" />
';
$k = 0; //row colour counter
$i = 1;
while ($myrow = DB_fetch_array($result)) {
//find the quantity onhand item
$sqloh = "SELECT sum(quantity)as qty
- FROM `locstock`
- WHERE stockid='" . $myrow['0'] . "'";
+ FROM `locstock`
+ WHERE stockid='" . $myrow['0'] . "'";
$oh = db_query($sqloh, $db);
$ohRow = db_fetch_row($oh);
if ($k == 1) {
@@ -194,19 +193,20 @@
<td>%s</td>
<td class="number">%s</td>
<td class="number">%s</td>
- </tr>', $i, $myrow['0'], $myrow['3'], $myrow['1'], //total invoice here
- $myrow['4'], //unit
- number_format($myrow['2']/$myrow['5'],2), //value sales here
- number_format($ohRow[0], $myrow['7']) //on hand
- );
- $i+= 1;
+ </tr>',
+ $i,
+ $myrow['0'],
+ $myrow['3'],
+ $myrow['1'], //total invoice here
+ $myrow['4'], //unit
+ number_format($myrow['2']/$myrow['5'],2), //value sales here
+ number_format($ohRow[0], $myrow['7']) //on hand
+ );
+ $i++;
}
echo '</table>';
- // echo '<td style="text-align:center" colspan=6><a href="javascript:history.go(-1)" title="Return to previous page"><input type=Button Name="Back" Value="' . _('Back') . '"></a></font>   ';
echo '<br /><div class="centre"><input type=Submit Name="PrintPDF" Value="' . _('Print To PDF') . '"></div>';
echo '</form>';
- //end of the else statement
-
}
include ('includes/footer.inc');
?>
\ No newline at end of file
Modified: trunk/UserSettings.php
===================================================================
--- trunk/UserSettings.php 2011-02-20 03:52:26 UTC (rev 4494)
+++ trunk/UserSettings.php 2011-02-22 09:45:01 UTC (rev 4495)
@@ -2,8 +2,6 @@
/* $Id$*/
-//$PageSecurity=1;
-
include('includes/session.inc');
$title = _('User Settings');
include('includes/header.inc');
@@ -93,7 +91,7 @@
$_SESSION['Theme'] = trim($_POST['Theme']); /*already set by session.inc but for completeness */
$theme = $_SESSION['Theme'];
$_SESSION['Language'] = trim($_POST['Language']);
-
+ $_SESSION['PDFLanguage'] = $_POST['PDFLanguage'];
include ('includes/LanguageSetup.php');
}
@@ -137,9 +135,9 @@
AND $LanguageEntry!='.'){
if ($_SESSION['Language'] == $LanguageEntry){
- echo "<option selected VALUE='$LanguageEntry'>$LanguageEntry";
+ echo '<option selected value="' . $LanguageEntry . '">' . $LanguageEntry . '</option>';
} else {
- echo "<option VALUE='$LanguageEntry'>$LanguageEntry";
+ echo '<option value="' . $LanguageEntry . '">' . $LanguageEntry . '</option>';
}
}
}
@@ -159,9 +157,9 @@
if (is_dir("css/$ThemeName") AND $ThemeName != '.' AND $ThemeName != '..' AND $ThemeName != '.svn'){
if ($_SESSION['Theme'] == $ThemeName){
- echo "<option selected VALUE='$ThemeName'>$ThemeName";
+ echo '<option selected value="' . $ThemeName . '">' . $ThemeName . '</option>';
} else {
- echo "<option VALUE='$ThemeName'>$ThemeName";
+ echo '<option value="' . $ThemeName . '">' . $ThemeName . '</option>';
}
}
}
@@ -190,11 +188,11 @@
echo "<td><input type=text name='email' size=40 value='" . $_POST['email'] . "'></td></tr>";
if (!isset($_POST['PDFLanguage'])){
- $_POST['PDFLanguage']=0;
+ $_POST['PDFLanguage']=$_SESSION['PDFLanguage'];
}
echo '<tr><td>' . _('PDF Language Support') . ': </td><td><select name="PDFLanguage">';
-for($i=0;$i<=7;$i++){
+for($i=0;$i<count($PDFLanguages);$i++){
if ($_POST['PDFLanguage']==$i){
echo '<option selected value=' . $i .'>' . $PDFLanguages[$i] . '</option>';
} else {
Modified: trunk/WWW_Users.php
===================================================================
--- trunk/WWW_Users.php 2011-02-20 03:52:26 UTC (rev 4494)
+++ trunk/WWW_Users.php 2011-02-22 09:45:01 UTC (rev 4495)
@@ -23,13 +23,8 @@
_('Setup'));
$PDFLanguages = array(_('Latin Western Languages'),
- _('Eastern European Russian Japanese'),
- _('Chinese'),
- _('Korean'),
- _('Vietnamese'),
- _('Hebrew'),
- _('Arabic'),
- _('Thai'));
+ _('Eastern European Russian Japanese Korean Vietnamese Hebrew Arabic Thai'),
+ _('Chinese'));
$title = _('User Maintenance');
include('includes/header.inc');
@@ -620,7 +615,7 @@
}
echo '<tr><td>' . _('PDF Language Support') . ': </td><td><select name="PDFLanguage">';
-for($i=0;$i<=7;$i++){
+for($i=0;$i<count($PDFLanguages);$i++){
if ($_POST['PDFLanguage']==$i){
echo '<option selected value=' . $i .'>' . $PDFLanguages[$i] . '</option>';
} else {
Modified: trunk/doc/Change.log.html
===================================================================
--- trunk/doc/Change.log.html 2011-02-20 03:52:26 UTC (rev 4494)
+++ trunk/doc/Change.log.html 2011-02-22 09:45:01 UTC (rev 4495)
@@ -1,5 +1,7 @@
<p><font SIZE=4 COLOR=BLUE><b>webERP Change Log</b></font></p>
<p>
+<p>22/2/11: Phil fix PDFTopItems.php for changed variable names - now using CamelCase tried to rework to conform</p>
+<p>22/2/11: Phil remove options for PDFLanguage that are not unique in WWW_Users.php - make it default to the users settings in the SESSION for UserSettings.php</p>
<p>18/2/11: Phil/Don Change PageSecurity array variable name to PageSecurityArray - caused problems with conflict with PageSecurity variable where register_globals = on; </p>
<p>18/2/11: PO_Items.php make number_format variables turn back into numbers for > 1000</p>
<p>16/2/11: FixedAssetItems.php now checks for location before allowing additions</p>
Modified: trunk/doc/Manual/ManualCurrencies.html
===================================================================
--- trunk/doc/Manual/ManualCurrencies.html 2011-02-20 03:52:26 UTC (rev 4494)
+++ trunk/doc/Manual/ManualCurrencies.html 2011-02-22 09:45:01 UTC (rev 4495)
@@ -5,7 +5,7 @@
<br><br>
Any number of currencies can be defined in webERP. Every currency that is transacted with either in sales (AR) or purchasing (AP) needs to be defined in the system. To define currencies go to the Setup tab -> General -> Currency Maintenance. Only a few fields are required to be completed for each currency defined:
<ul>
-<li>The ISO 4217 code for the currency - this is the international standard 3 character code that is used worldwide to represent the currency. If the code entered exists then it is possible for webERP to retrieve exchange rates from either the European Central Bank. webERP is capable of updating exchange rates daily from the ECB if set to do so under Setup->Configuration.
+<li>The ISO 4217 code for the currency - this is the international standard 3 character code that is used worldwide to represent the currency. If the code entered exists then it is possible for webERP to retrieve exchange rates from either the European Central Bank or Oanda.com, if there is no rate maintained for the currency at the ECB. webERP is capable of updating exchange rates daily from the ECB if set to do so under Setup->Configuration ->Auto Update Exchange Rates Daily. If this is set to yes, then when the first user logs in for the day the exchange rates are updated automatically. If it is set to no then exchange rates will only be updated if the user does so manually.
</li>
<li>The name of the currency can be any description that describes the currency</li>
<lI>The country of the currency can be entered</li>
Modified: trunk/doc/Manual/ManualSecuritySchema.html
===================================================================
--- trunk/doc/Manual/ManualSecuritySchema.html 2011-02-20 03:52:26 UTC (rev 4494)
+++ trunk/doc/Manual/ManualSecuritySchema.html 2011-02-22 09:45:01 UTC (rev 4495)
@@ -35,12 +35,9 @@
<br>
</li><li>
PageSecurity values:<br>
-Each webERP page includes a Page Security value from 1 to 15.<br>
-This is hard coded into each page; for example: $PageSecurity = 1;<br>
-For user access Page Security values correspond to 'Security Token' values.<br>
+Each webERP page is given a Page Security value from 1 to 15 in the table scripts. The system reads all the scripts and the PageSecurity value for each into a SESSION array - $_SESSION['PageSecurityArray'] - the key for each element is the script name and the value is the PageSecurity value for that script. The key - the script name is retrieved from the $_SERVER['SCRIPT_NAME'] variable. In this way every time a script is called, the PageSecurity is retrieved from the array.
+++<br>
-There is no webERP tool to change PageSecurity values.<br>
-However, an administrator can edit the pages directly.<br>
+There is a webERP tool to change PageSecurity values, for each script which is accessible from the Setup menu.<br>
<br></ol>
These parts work together as follows. The user name and password combination
entered at log on enables the system to identify the 'Security Role' for the User.
@@ -52,13 +49,11 @@
<u>A more comprehensive description of the security scheme follows:</u><br>
<br>
Each webERP page (script) is assigned a specific PageSecurity value.
-This page security value is hard coded inside each script. At the time
-of writing this is a number between 1 and 15. If more levels of security
+This page security value is stored in the scripts table of the database and read into a SESSION array on login (from the GetConfig.php script). At the time of writing this is a number between 1 and 15. If more levels of security
are necessary then this can be expanded by an administrator or developer.
-The default PageSecurity values for each page are set out in the table
-below.<br>
+The default PageSecurity values for each page can be inspected by browsing the scripts table<br>
<br>
-The user is allowed access to a page if the PageSecurity value of the page
+The user is allowed access to a page if the PageSecurity value of the page/script
is a number contained in the SESSION AllowedPageSecurityTokens array as
determined from the users access level (Security Role). The user access level Security Role) is an integer
that represents the Security Role assigned to the user in the user set up page
@@ -84,7 +79,7 @@
Tokens assigned to each Security Role the security access can
be tailored for all users. When making these changes reference the default
values in the tables below. PageSecurity values must also be known.
-The value of the default settings can be modified as needed.<br>
+The value of the default settings can be modified as needed from the Page Security script accessible from the Setup module<br>
<br>
<u>Security Scheme Tables:</u><br>
<br>
Modified: trunk/includes/PDFTopItemsHeader.inc
===================================================================
--- trunk/includes/PDFTopItemsHeader.inc 2011-02-20 03:52:26 UTC (rev 4494)
+++ trunk/includes/PDFTopItemsHeader.inc 2011-02-22 09:45:01 UTC (rev 4495)
@@ -10,29 +10,24 @@
$XPos=0;
$pdf->addJpegFromFile('companies/' . $_SESSION['DatabaseName'] . '/logo.jpg',$XPos+20,$YPos-50,0,60);
-if ($_GET["customers"]!='All'){
-$SQL="SELECT typename
- FROM `debtortype`
- WHERE typeid=".$_GET["customers"]."";
-
-$result = DB_query($SQL,$db);
-$myrow=DB_fetch_array($result);
-$Customers=$myrow["0"];
+if ($_GET['Customers']!='All'){
+ $SQL="SELECT typename
+ FROM `debtortype`
+ WHERE typeid='".$_GET['Customers']."'";
+
+ $result = DB_query($SQL,$db);
+ $myrow=DB_fetch_array($result);
+ $Customers=$myrow["0"];
}else{
-$Customers="All";
+ $Customers='All';
}
-//searching condition
-$infoa=_('Search On Location')." : ".$_GET["location"]."";
-$infob=_('Customers'). " : ".$Customers."";
-$infoc=_('Number Of Days')." : ".$_GET["numberofdays"]." ";
-$infod=_('Number Of Items')." : ".$_GET['NumberOfTopItems']."";
-$infoe=_('Order By')." : ".$_GET['order']."";
-
//Display the searching condition
-$pdf->addTextWrap($XPos+40,$YPos-70,500,9,$infoa); $pdf->addTextWrap($XPos+240,$YPos-70,500,9,$infob);
-$pdf->addTextWrap($XPos+40,$YPos-90,500,9,$infoc); $pdf->addTextWrap($XPos+240,$YPos-90,500,9,$infod);
-$pdf->addTextWrap($XPos+40,$YPos-110,500,9,$infoe);
+$pdf->addTextWrap($XPos+40,$YPos-70,500,9,_('Search On Location').' : '.$_GET['Location']);
+$pdf->addTextWrap($XPos+240,$YPos-70,500,9,_('Customers'). ' : '.$Customers);
+$pdf->addTextWrap($XPos+40,$YPos-90,500,9,_('Number Of Days')." : ".$_GET['NumberOfDays']." ");
+$pdf->addTextWrap($XPos+240,$YPos-90,500,9,_('Number Of Items')." : ".$_GET['NumberOfTopItems']);
+$pdf->addTextWrap($XPos+40,$YPos-110,500,9,_('Order By')." : ".$_GET['Sequence']);
$LeftOvers = $pdf->addTextWrap($Page_Width-$Right_Margin-140,$YPos,300,$FontSize,$_SESSION['CompanyRecord']['coyname']);
$LeftOvers = $pdf->addTextWrap($Page_Width-$Right_Margin-140,$YPos-($line_height*1.5),550,$FontSize, _('Top Items Sales Search Result') );
@@ -63,6 +58,4 @@
$pdf->Rectangle($Left_Margin, $YPos-$line_height,$Page_Width-$Left_Margin-$Right_Margin,$YPos-$Bottom_Margin);
$YPos -= (1.5 * $line_height);
-//$PageNumber++;
-
?>
\ No newline at end of file
Modified: trunk/includes/class.pdf.php
===================================================================
--- trunk/includes/class.pdf.php 2011-02-20 03:52:26 UTC (rev 4494)
+++ trunk/includes/class.pdf.php 2011-02-22 09:45:01 UTC (rev 4495)
@@ -39,9 +39,15 @@
$UserPdfLang = $_SESSION['PDFLanguage'];
switch ($UserPdfLang) {
- case 0: $UserPdfFont = 'times'; break;
- case 1: $UserPdfFont = 'javierjp'; break;
- case 2: $UserPdfFont = 'javiergb'; break;
+ case 0:
+ $UserPdfFont = 'times';
+ break;
+ case 1:
+ $UserPdfFont = 'javierjp';
+ break;
+ case 2:
+ $UserPdfFont = 'javiergb';
+ break;
}
} else {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
