[Web-erp-svn] SF.net SVN: web-erp:[4541] trunk

[<dai...@us...>]

Revision: 4541
          http://web-erp.svn.sourceforge.net/web-erp/?rev=4541&view=rev
Author:   daintree
Date:     2011-04-07 10:23:55 +0000 (Thu, 07 Apr 2011)

Log Message:
-----------
various

Modified Paths:
--------------
    trunk/Tax.php
    trunk/TaxAuthorities.php
    trunk/TaxGroups.php
    trunk/TopItems.php

Modified: trunk/Tax.php
===================================================================
--- trunk/Tax.php	2011-04-06 10:01:30 UTC (rev 4540)
+++ trunk/Tax.php	2011-04-07 10:23:55 UTC (rev 4541)
@@ -2,7 +2,6 @@
 
 /* $Id$*/
 
-//$PageSecurity = 2;
 include('includes/session.inc');
 
 if (isset($_POST['TaxAuthority']) AND
@@ -12,15 +11,15 @@
 
 	include('includes/PDFStarter.php');
 
-	$sql = 'SELECT lastdate_in_period
-		FROM periods
-		WHERE periodno=' . $_POST['ToPeriod'];
+	$sql = "SELECT lastdate_in_period
+			FROM periods
+			WHERE periodno='" . $_POST['ToPeriod'] . "'";
 	$ErrMsg = _('Could not determine the last date of the period selected') . '. ' . _('The sql returned the following error');
 	$PeriodEndResult = DB_query($sql,$db,$ErrMsg);
 	$PeriodEndRow = DB_fetch_row($PeriodEndResult);
 	$PeriodEnd = ConvertSQLDate($PeriodEndRow[0]);
 
-	$result = DB_query('SELECT description FROM taxauthorities WHERE taxid=' . $_POST['TaxAuthority'],$db);
+	$result = DB_query("SELECT description FROM taxauthorities WHERE taxid='" . $_POST['TaxAuthority'] . "'",$db);
 	$TaxAuthDescription = DB_fetch_row($result);
 	$TaxAuthorityName =  $TaxAuthDescription[0];
 
@@ -61,22 +60,14 @@
 		$title = _('Taxation Reporting Error');
 		include('includes/header.inc');
 		prnMsg(_('The accounts receivable transaction details could not be retrieved because') . ' ' . DB_error_msg($db),'error');
-		echo "<br><a href='$rootpath/index.php?" . SID . "'>" . _('Back to the menu') . '</a>';
+		echo '<br /><a href="' . $rootpath . '/index.php">' . _('Back to the menu') . '</a>';
 		if ($debug==1){
-			echo "<br>$SQL";
+			echo '<br />' . $SQL;
 		}
 		include('includes/footer.inc');
 		exit;
 	}
-//	if (DB_num_rows($DebtorTransResult)==0){
-//		$title = _('Taxation Reporting Error');
-//		include('includes/header.inc');
-//		prnMsg (_('There are no tax entries to list'),'info');
-//		echo "<br><a href='$rootpath/index.php?" . SID . "'>" . _('Back to the menu') . '</a>';
-//		include('includes/footer.inc');
-//		exit;
-//	}
-//
+
 	if ($_POST['DetailOrSummary']=='Detail'){
 		include ('includes/PDFTaxPageHeader.inc');
 		$LeftOvers = $pdf->addTextWrap($Left_Margin,$YPos,120,$FontSize+2, _('Tax On Sales'),'left');
@@ -174,9 +165,9 @@
 		$title = _('Taxation Reporting Error');
 		include('includes/header.inc');
 		echo _('The accounts payable transaction details could not be retrieved because') . ' ' . DB_error_msg($db);
-		echo "<br><a href='$rootpath/index.php?" . SID . "'>" . _('Back to the menu') . '</a>';
+		echo '<br /><a href="' . $rootpath . '/index.php?">' . _('Back to the menu') . '</a>';
 		if ($debug==1){
-			echo "<br>$SQL";
+			echo '<br />' . $SQL;
 		}
 		include('includes/footer.inc');
 		exit;
@@ -283,7 +274,7 @@
 		$title = _('Taxation Reporting Error');
 		include('includes/header.inc');
 		prnMsg (_('There are no tax entries to list'),'info');
-		echo "<br><a href='$rootpath/index.php?" . SID . "'>" . _('Back to the menu') . '</a>';
+		echo '<br /><a href="' . $rootpath . '/index.php">' . _('Back to the menu') . '</a>';
 		include('includes/footer.inc');
 		exit;
     } else {
@@ -298,60 +289,61 @@
 	echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/maintenance.png" title="' . _('Supplier Types')
 	. '" alt="" />' . $title. '</p>';
 
-	echo '<form action=' . $_SERVER['PHP_SELF'] . " method='POST'><table class=selection>";
+	echo '<form action="' . $_SERVER['PHP_SELF'] . '" method="POST">
+			<table class="selection">';
 	echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
 
 	echo '<tr><td>' . _('Tax Authority To Report On:') . ':</font></td>
-			<td><select name=TaxAuthority>';
+			<td><select name="TaxAuthority">';
 
-	$result = DB_query('SELECT taxid, description FROM taxauthorities',$db);
+	$result = DB_query("SELECT taxid, description FROM taxauthorities",$db);
 	while ($myrow = DB_fetch_array($result)){
-		echo '<option Value=' . $myrow['taxid'] . '>' . $myrow['description'];
+		echo '<option Value=' . $myrow['taxid'] . '>' . $myrow['description'] . '</option>';
 	}
 	echo '</select></td></tr>';
 	echo '<tr><td>' . _('Return Covering') . ':</font></td>
-			<td><select name=NoOfPeriods>
-			<option Value=1>' . _('One Month') .
-			'<option selected Value=2>' ._('Two Months') .
-			'<option VALUE=3>' . _('Quarter') .
-			'<option VALUE=6>' . _('Six Months') .
+			<td><select name="NoOfPeriods">
+			<option value=1>' . _('One Month') . '</option>' .
+			'<option selected value=2>' ._('Two Months')  . '</option>' .
+			'<option value=3>' . _('Quarter') . '</option>' .
+			'<option value=6>' . _('Six Months')  . '</option>' .
 			'</select></td></tr>';
 
 
-	echo '<tr><td>' . _('Return To') . ":</td>
-			<td><select Name='ToPeriod'>";
+	echo '<tr><td>' . _('Return To') . ':</td>
+			<td><select name="ToPeriod">';
 
 
 	$DefaultPeriod = GetPeriod(Date($_SESSION['DefaultDateFormat'],Mktime(0,0,0,Date('m'),0,Date('Y'))),$db);
 
-	$sql = 'SELECT periodno,
+	$sql = "SELECT periodno,
 			lastdate_in_period
-		FROM periods';
+		FROM periods";
 
 	$ErrMsg = _('Could not retrieve the period data because');
 	$Periods = DB_query($sql,$db,$ErrMsg);
 
 	while ($myrow = DB_fetch_array($Periods,$db)){
 		if ($myrow['periodno']==$DefaultPeriod){
-			echo '<option selected VALUE=' . $myrow['periodno'] . '>' . ConvertSQLDate($myrow['lastdate_in_period']);
+			echo '<option selected VALUE=' . $myrow['periodno'] . '>' . ConvertSQLDate($myrow['lastdate_in_period']) . '</option>';
 		} else {
-			echo '<option VALUE=' . $myrow['periodno'] . '>' . ConvertSQLDate($myrow['lastdate_in_period']);
+			echo '<option VALUE=' . $myrow['periodno'] . '>' . ConvertSQLDate($myrow['lastdate_in_period']) . '</option>';
 		}
 	}
 
 	echo '</select></td></tr>';
 
-	echo '<tr><td>' . _('Detail Or Summary Only') . ":</font></td>
-			<td><select name='DetailOrSummary'>
-			<option Value='Detail'>" . _('Detail and Summary') .
-			"<option selected Value='Summary'>" . _('Summary Only') .
-			"</select></td></tr>";
+	echo '<tr><td>' . _('Detail Or Summary Only') . ':</font></td>
+			<td><select name="DetailOrSummary">
+			<option Value="Detail">' . _('Detail and Summary') . '</option> 
+			<option selected value="Summary">' . _('Summary Only') . '</option>
+			</select></td></tr>';
 
 
-	echo "</table>
-		<br /><div class='centre'><input type=Submit Name='PrintPDF' Value='" . _('Print PDF') . "'>
+	echo '</table>
+		<br /><div class="centre"><input type="submit" name="PrintPDF" value="' . _('Print PDF') . '">
 		</div>
-		</form>";
+		</form>';
 
 	include('includes/footer.inc');
 } /*end of else not PrintPDF */

Modified: trunk/TaxAuthorities.php
===================================================================
--- trunk/TaxAuthorities.php	2011-04-06 10:01:30 UTC (rev 4540)
+++ trunk/TaxAuthorities.php	2011-04-07 10:23:55 UTC (rev 4541)
@@ -2,7 +2,6 @@
 
 /* $Id$*/
 
-//$PageSecurity=15;
 include('includes/session.inc');
 $title = _('Tax Authorities');
 include('includes/header.inc');
@@ -126,7 +125,7 @@
 
 /* It could still be the second time the page has been run and a record has been selected for modification - SelectedTaxAuthID will exist because it was sent with the new call. If its the first time the page has been displayed with no parameters then none of the above are true and the list of tax authorities will be displayed with links to delete or edit each. These will call the same page again and allow update/input or deletion of the records*/
 
-	$sql = 'SELECT taxid,
+	$sql = "SELECT taxid,
 			description,
 			taxglcode,
 			purchtaxglaccount,
@@ -134,23 +133,23 @@
 			bankacc,
 			bankacctype,
 			bankswift
-		FROM taxauthorities';
+		FROM taxauthorities";
 
 	$ErrMsg = _('CRITICAL ERROR') . '! ' . _('NOTE DOWN THIS ERROR AND SEEK ASSISTANCE') . ': ' . _('The defined tax authorities could not be retrieved because');
 	$DbgMsg = _('The following SQL to retrieve the tax authorities was used');
 	$result = DB_query($sql,$db,$ErrMsg,$DbgMsg);
 
 	echo '<table class=selection>';
-	echo "<tr>
-		<th>" . _('ID') . "</th>
-		<th>" . _('Description') . "</th>
-		<th>" . _('Input Tax') . '<br>' . _('GL Account') . "</th>
-		<th>" . _('Output Tax') . '<br>' . _('GL Account') . "</th>
-		<th>" . _('Bank') . "</th>
-		<th>" . _('Bank Account') . "</th>
-		<th>" . _('Bank Act Type') . "</th>
-		<th>" . _('Bank Swift') . "</th>
-		</tr></font>";
+	echo '<tr>
+		<th>' . _('ID') . '</th>
+		<th>' . _('Description') . '</th>
+		<th>' . _('Input Tax') . '<br>' . _('GL Account') . '</th>
+		<th>' . _('Output Tax') . '<br>' . _('GL Account') . '</th>
+		<th>' . _('Bank') . '</th>
+		<th>' . _('Bank Account') . '</th>
+		<th>' . _('Bank Act Type') . '</th>
+		<th>' . _('Bank Swift') . '</th>
+		</tr></font>';
 	$k=0;
 	while ($myrow = DB_fetch_row($result)) {
 
@@ -182,11 +181,11 @@
 			$myrow[5],
 			$myrow[6],
 			$myrow[7],
-			$_SERVER['PHP_SELF'] . '?' . SID,
+			$_SERVER['PHP_SELF'] . '?',
 			$myrow[0],
-			$_SERVER['PHP_SELF'] . '?' . SID,
+			$_SERVER['PHP_SELF'] . '?',
 			$myrow[0],
-			$rootpath . '/TaxAuthorityRates.php?' . SID,
+			$rootpath . '/TaxAuthorityRates.php?',
 			$myrow[0]);
 
 	}
@@ -200,11 +199,11 @@
 
 
 if (isset($SelectedTaxAuthID)) {
-	echo "<div class='centre'><a href='" .  $_SERVER['PHP_SELF'] . '?' . SID ."'>" . _('Review all defined tax authority records') . '</a></div>';
+	echo '<div class="centre"><a href="' .  $_SERVER['PHP_SELF'] .'">' . _('Review all defined tax authority records') . '</a></div>';
  }
 
 
-echo "<p><form method='post' action=" . $_SERVER['PHP_SELF'] . '?' . SID .'>';
+echo '<p><form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
 echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
 
 if (isset($SelectedTaxAuthID)) {
@@ -237,13 +236,13 @@
 }  //end of if $SelectedTaxAuthID only do the else when a new record is being entered
 
 
-$SQL = 'SELECT accountcode,
+$SQL = "SELECT accountcode,
 		accountname
 	FROM chartmaster,
 		accountgroups
 	WHERE chartmaster.group_=accountgroups.groupname
 	AND accountgroups.pandl=0
-	ORDER BY accountcode';
+	ORDER BY accountcode";
 $result = DB_query($SQL,$db);
 
 if (!isset($_POST['Description'])) {
@@ -255,7 +254,7 @@
 
 
 echo '<tr><td>' . _('Input tax GL Account') . ':</td>
-	<td><select name=PurchTaxGLCode>';
+	<td><select name="PurchTaxGLCode">';
 
 while ($myrow = DB_fetch_array($result)) {
 	if (isset($_POST['PurchTaxGLCode']) and $myrow['accountcode']==$_POST['PurchTaxGLCode']) {
@@ -263,7 +262,7 @@
 	} else {
 		echo '<option VALUE=';
 	}
-	echo $myrow['accountcode'] . '>' . $myrow['accountname'] . ' ('.$myrow['accountcode'].')';
+	echo $myrow['accountcode'] . '>' . $myrow['accountname'] . ' ('.$myrow['accountcode'].')' . '</option>';
 
 } //end while loop
 
@@ -272,7 +271,7 @@
 DB_data_seek($result,0);
 
 echo '<tr><td>' . _('Output tax GL Account') . ':</td>
-	<td><select name=TaxGLCode>';
+	<td><select name="TaxGLCode">';
 
 
 while ($myrow = DB_fetch_array($result)) {
@@ -281,7 +280,7 @@
 	} else {
 		echo "<option VALUE='";
 	}
-	echo $myrow['accountcode'] . "'>" . $myrow['accountname'] . ' ('.$myrow['accountcode'].')';
+	echo $myrow['accountcode'] . "'>" . $myrow['accountname'] . ' ('.$myrow['accountcode'].')' . '</option>';
 
 } //end while loop
 

Modified: trunk/TaxGroups.php
===================================================================
--- trunk/TaxGroups.php	2011-04-06 10:01:30 UTC (rev 4540)
+++ trunk/TaxGroups.php	2011-04-07 10:23:55 UTC (rev 4541)
@@ -1,6 +1,5 @@
 <?php
 /* $Id$*/
-//PageSecurity=15;
 
 include('includes/session.inc');
 
@@ -125,14 +124,14 @@
 	$myrow = DB_fetch_row($result);
 	if ($myrow[0]>0) {
 		prnMsg( _('Cannot delete this tax group because some customer branches are setup using it'),'warn');
-		echo '<br>' . _('There are') . ' ' . $myrow[0] . ' ' . _('customer branches referring to this tax group');
+		echo '<br />' . _('There are') . ' ' . $myrow[0] . ' ' . _('customer branches referring to this tax group');
 	} else {
 		$sql= "SELECT COUNT(*) FROM suppliers WHERE taxgroupid='" . $_GET['SelectedGroup'] . "'";
 		$result = DB_query($sql,$db);
 		$myrow = DB_fetch_row($result);
 		if ($myrow[0]>0) {
 			prnMsg( _('Cannot delete this tax group because some suppliers are setup using it'),'warn');
-			echo '<br>' . _('There are') . ' ' . $myrow[0] . ' ' . _('suppliers referring to this tax group');
+			echo '<br />' . _('There are') . ' ' . $myrow[0] . ' ' . _('suppliers referring to this tax group');
 		} else {
 
 			$sql="DELETE FROM taxgrouptaxes WHERE taxgroupid='" . $_GET['SelectedGroup'] . "'";
@@ -161,8 +160,8 @@
 		echo '</div>';
 	} else {
 		echo '<table class=selection>';
-		echo "<tr><th>" . _('Group No') . "</th>
-			<th>" . _('Tax Group') . "</th></tr>";
+		echo '<tr><th>' . _('Group No') . '</th>
+				<th>' . _('Tax Group') . '</th></tr>';
 
 		$k=0; //row colour counter
 		while ($myrow = DB_fetch_array($result)) {
@@ -181,9 +180,9 @@
 				</tr>",
 				$myrow['taxgroupid'],
 				$myrow['taxgroupdescription'],
-				$_SERVER['PHP_SELF']  . "?" . SID,
+				$_SERVER['PHP_SELF']  . '?',
 				$myrow['taxgroupid'],
-				$_SERVER['PHP_SELF'] . "?" . SID,
+				$_SERVER['PHP_SELF'] . '?',
 				$myrow['taxgroupid'],
 				urlencode($myrow['taxgroupdescription']));
 
@@ -194,7 +193,7 @@
 
 
 if (isset($SelectedGroup)) {
-	echo '<div class="centre"><a href="' . $_SERVER['PHP_SELF'] ."?" . SID . '">' . _('Review Existing Groups') . '</a></div>';
+	echo '<div class="centre"><a href="' . $_SERVER['PHP_SELF'] . '">' . _('Review Existing Groups') . '</a></div>';
 }
 
 if (isset($SelectedGroup)) {
@@ -213,7 +212,7 @@
 		$_POST['GroupName'] = $myrow['taxgroupdescription'];
 	}
 }
-echo '<br>';
+echo '<br />';
 echo "<form method='post' action=" . $_SERVER['PHP_SELF'] . "?" . SID . ">";
 echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
 if( isset($_POST['SelectedGroup'])) {
@@ -230,7 +229,7 @@
 
 
 if (isset($SelectedGroup)) {
-	echo '</table><br>';
+	echo '</table><br />';
 
 	$sql = 'SELECT taxid,
 			description as taxname
@@ -299,31 +298,31 @@
 
 		}
 		echo '</table>';
-		echo '<br><div class="centre"><input type="submit" name="UpdateOrder" value="' . _('Update Order') . '"></div>';
+		echo '<br /><div class="centre"><input type="submit" name="UpdateOrder" value="' . _('Update Order') . '"></div>';
 	}
 
 	echo '</form>';
 
 	if (DB_num_rows($Result)>0 ) {
-		echo '<br>';
-		echo '<table class=selection><tr>';
-		echo "<th colspan=4>"._('Assigned Taxes')."</th>";
-		echo '<th></th>';
-		echo "<th colspan=2>"._('Available Taxes')."</th>";
-		echo '</tr>';
+		echo '<br />';
+		echo '<table class=selection>
+				<tr>
+					<th colspan=4>'._('Assigned Taxes') . '</th>
+					<th></th>
+					<th colspan=2>' . _('Available Taxes') . '</th>
+				</tr>';
+		echo '<tr>
+				<th>' . _('Tax Auth ID') . '</th>
+				<th>' . _('Tax Authority Name') . '</th>
+				<th>' . _('Calculation Order') . '</th>
+				<th>' . _('Tax on Prior Tax(es)') . '</th>
+				<th></th>
+				<th>' . _('Tax Auth ID') . '</th>
+				<th>' . _('Tax Authority Name') . '</th>
+			</tr>';
 
-		echo '<tr>';
-		echo "<th>" . _('Tax Auth ID') . '</th>';
-		echo "<th>" . _('Tax Authority Name') . '</th>';
-		echo "<th>" . _('Calculation Order') . '</th>';
-		echo "<th>" . _('Tax on Prior Tax(es)') . '</th>';
-		echo '<th></th>';
-		echo "<th>" . _('Tax Auth ID') . '</th>';
-		echo "<th>" . _('Tax Authority Name') . '</th>';
-		echo '</tr>';
-
 	} else {
-		echo '<br><div class="centre">' . _('There are no tax authorities defined to allocate to this tax group').'</div>';
+		echo '<br /><div class="centre">' . _('There are no tax authorities defined to allocate to this tax group').'</div>';
 	}
 
 	$k=0; //row colour counter
@@ -357,7 +356,7 @@
 				$AvailRow['taxname'],
 				$TaxAuthRow[$TaxAuthUsedPointer]['calculationorder'],
 				$TaxOnTax,
-				$_SERVER['PHP_SELF']  . "?" . SID,
+				$_SERVER['PHP_SELF']  . '?',
 				$SelectedGroup,
 				$AvailRow['taxid']
 				);
@@ -373,7 +372,7 @@
 				<td><a href=\"%s&SelectedGroup=%s&add=1&TaxAuthority=%s\">" . _('Add') . "</a></td>",
 				$AvailRow['taxid'],
 				$AvailRow['taxname'],
-				$_SERVER['PHP_SELF']  . "?" . SID,
+				$_SERVER['PHP_SELF']  . '?',
 				$SelectedGroup,
 				$AvailRow['taxid']
 				);

Modified: trunk/TopItems.php
===================================================================
--- trunk/TopItems.php	2011-04-06 10:01:30 UTC (rev 4540)
+++ trunk/TopItems.php	2011-04-07 10:23:55 UTC (rev 4541)
@@ -1,6 +1,7 @@
 <?php
-/* $Revision: 1.3 $ */
-//$PageSecurity = 2; Now from db
+
+/* $Id$*/
+
 /* Session started in session.inc for password checking and authorisation level check
 config.php is in turn included in session.inc*/
 include ('includes/session.inc');
@@ -15,24 +16,26 @@
 	echo '<table cellpadding=3 colspan=4 class=selection>';
 	//to view store location
 	echo '<tr><td width="150">' . _('Select Location') . '  </td><td>:</td><td><select name=Location>';
-	$sql = 'SELECT loccode,
+	$sql = "SELECT loccode,
 					locationname
-				FROM `locations`';
+				FROM `locations`";
 	$result = DB_query($sql, $db);
 	echo '<option value="All">' . _('All') . '</option>';
 	while ($myrow = DB_fetch_array($result)) {
-		echo "<option VALUE='" . $myrow['loccode'] . "'>" . $myrow['loccode'] . " - " . $myrow['locationname'] . '</option>';
+		echo '<option value="' . $myrow['loccode'] . '">' . $myrow['loccode'] . ' - ' . $myrow['locationname'] . '</option>';
 	}
 	echo '</select></td></tr>';
 	//to view list of customer
-	echo '<tr><td width="150">' . _('Select Customer Type') . '   </td><td>:</td><td><select name=Customers>';
-	$sql = 'SELECT typename,
+	echo '<tr><td width="150">' . _('Select Customer Type') . '</td>
+				<td>:</td>
+				<td><select name="Customers">';
+	$sql = "SELECT typename,
 					typeid
-				FROM debtortype';
+				FROM debtortype";
 	$result = DB_query($sql, $db);
-	echo "<option value='All'>" . _('All') . '</option>';
+	echo '<option value="All">' . _('All') . '</option>';
 	while ($myrow = DB_fetch_array($result)) {
-		echo "<option VALUE='" . $myrow['typeid'] . "'>" . $myrow['typename'] . '</option>';
+		echo '<option value="' . $myrow['typeid'] . '">' . $myrow['typename'] . '</option>';
 	}
 	echo '</select></td>
 			</tr>';
@@ -40,18 +43,18 @@
 	echo '<tr>	<td width="150">' . _('Select Order By ') . ' </td>
 				<td>:</td>
 				<td><select name="Sequence">';
-	echo '	<option value="TotalInvoiced">' . _('Total Pieces') . '';
-	echo '	<option value="ValueSales">' . _('Value of Sales') . '';
+	echo '	<option value="TotalInvoiced">' . _('Total Pieces') . '</option>';
+	echo '	<option value="ValueSales">' . _('Value of Sales') . '</option>';
 	echo '	</select></td>
 				</tr>';
 	//View number of days
 	echo '<tr><td>' . _('Number Of Days') . ' </td><td>:</td>
-			<td><input class="number" tabindex="3" type="Text" name=NumberOfDays size="8"	maxlength="8" value=0></td>
+			<td><input class="number" tabindex="3" type="Text" name="NumberOfDays" size="8"	maxlength="8" value=0></td>
 		 </tr>';
 	//view number of NumberOfTopItems items
 	echo '<tr>
 			<td>' . _('Number Of Top Items') . ' </td><td>:</td>
-			<td><input class="number" tabindex="4" type="Text" name=NumberOfTopItems size="8"	maxlength="8" value=1></td>
+			<td><input class="number" tabindex="4" type="Text" name="NumberOfTopItems" size="8"	maxlength="8" value=1></td>
 		 </tr>
 		 <tr>
 			<td></td>
@@ -82,7 +85,7 @@
 						AND debtorsmaster.currcode = currencies.currabrev
 						AND salesorderdetails.ActualDispatchDate >= '" . $FromDate . "' 
 				GROUP BY salesorderdetails.stkcode
-				ORDER BY " . $_POST['Sequence'] . " DESC
+				ORDER BY '" . $_POST['Sequence'] . "' DESC
 				LIMIT " . $_POST['NumberOfTopItems'] . "";
 	} else { //the situation if only location type selected "All"
 		if ($_POST['Location'] == 'All') {
@@ -103,11 +106,11 @@
 						AND debtorsmaster.typeid = '" . $_POST['Customers'] . "'
 						AND salesorderdetails.ActualDispatchDate >= '" . $FromDate . "'
 				GROUP BY salesorderdetails.stkcode
-				ORDER BY " . $_POST['Sequence'] . " DESC
+				ORDER BY '" . $_POST['Sequence'] . "' DESC
 				LIMIT " . $_POST[NumberOfTopItems] . "";
 		} else {
 			//the situation if the customer type selected "All"
-			if ($_POST['Customers'] == "All") {
+			if ($_POST['Customers'] == 'All') {
 				$SQL = "SELECT 	salesorderdetails.stkcode,
 						SUM(salesorderdetails.qtyinvoiced) TotalInvoiced,
 						SUM(salesorderdetails.qtyinvoiced * salesorderdetails.unitprice ) AS ValueSales,
@@ -145,7 +148,7 @@
 						AND debtorsmaster.typeid = '" . $_POST['Customers'] . "'
 						AND salesorderdetails.ActualDispatchDate >= '" . $FromDate . "'
 					GROUP BY salesorderdetails.stkcode
-					ORDER BY " . $_POST['Sequence'] . " DESC
+					ORDER BY '" . $_POST['Sequence'] . "' DESC
 					LIMIT " . $_POST['NumberOfTopItems'] . "";
 			}
 		}
@@ -163,13 +166,11 @@
 								<th>' . _('Value Sales') . '</th>
 								<th>' . _('On Hand') . '</th>';
 	echo $TableHeader;
-	echo '
-			<input type="hidden" value=' . $_POST['Location'] . ' name="Location" />
+	echo '<input type="hidden" value=' . $_POST['Location'] . ' name="Location" />
 			<input type="hidden" value=' . $_POST['Sequence'] . ' name="Sequence" />
 			<input type="hidden" value=' . $_POST['NumberOfDays'] . ' name="NumberOfDays" />
 			<input type="hidden" value=' . $_POST['Customers'] . ' name="Customers" />
-			<input type="hidden" value=' . $_POST['NumberOfTopItems'] . ' name="NumberOfTopItems" />
-			';
+			<input type="hidden" value=' . $_POST['NumberOfTopItems'] . ' name="NumberOfTopItems" />';
 	$k = 0; //row colour counter
 	$i = 1;
 	while ($myrow = DB_fetch_array($result)) {


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.