Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[4543] trunk
|
From: <dai...@us...> - 2011-04-09 06:12:14
|
Revision: 4543
http://web-erp.svn.sourceforge.net/web-erp/?rev=4543&view=rev
Author: daintree
Date: 2011-04-09 06:12:05 +0000 (Sat, 09 Apr 2011)
Log Message:
-----------
SQL and xhtml quoting
Modified Paths:
--------------
trunk/ShipmentCosting.php
trunk/Z_CreateCompanyTemplateFile.php
trunk/Z_CurrencyDebtorsBalances.php
trunk/Z_CurrencySuppliersBalances.php
trunk/Z_DataExport.php
trunk/Z_DeleteCreditNote.php
trunk/Z_DeleteInvoice.php
trunk/Z_ImportFixedAssets.php
trunk/Z_ImportGLAccountGroups.php
trunk/Z_ImportGLAccountSections.php
trunk/Z_ImportPartCodes.php
trunk/Z_MakeStockLocns.php
trunk/Z_PriceChanges.php
trunk/Z_ReApplyCostToSA.php
trunk/Z_RePostGLFromPeriod.php
trunk/Z_ReverseSuppPaymentRun.php
trunk/Z_SalesIntegrityCheck.php
trunk/Z_UpdateChartDetailsBFwd.php
trunk/api/api_debtortransactions.php
trunk/api/api_glgroups.php
trunk/api/api_glsections.php
trunk/api/api_locations.php
trunk/api/api_login.php
trunk/api/api_purchdata.php
trunk/api/api_salestypes.php
trunk/api/api_stockcategories.php
trunk/includes/SQL_CommonFunctions.inc
Modified: trunk/ShipmentCosting.php
===================================================================
--- trunk/ShipmentCosting.php 2011-04-08 23:37:01 UTC (rev 4542)
+++ trunk/ShipmentCosting.php 2011-04-09 06:12:05 UTC (rev 4543)
@@ -321,8 +321,9 @@
if ($TotalQuantityOnHand>0) {
$CostIncrement = ($myrow['totqtyinvoiced'] *($ItemShipmentCost - $StdCostUnit) - $WriteOffToVariances) / $TotalQuantityOnHand;
- $sql = 'UPDATE stockmaster SET lastcost=materialcost+overheadcost+labourcost,
- materialcost=materialcost+' . $CostIncrement . " WHERE stockid='" . $myrow['itemcode'] . "'";
+ $sql = "UPDATE stockmaster SET lastcost=materialcost+overheadcost+labourcost,
+ materialcost=materialcost+" . $CostIncrement . "
+ WHERE stockid='" . $myrow['itemcode'] . "'";
$Result = DB_query($sql, $db, $ErrMsg, $DbgMsg,'',TRUE);
} else {
$sql = "UPDATE stockmaster SET lastcost=materialcost+overheadcost+labourcost,
@@ -385,7 +386,7 @@
if ($_SESSION['CompanyRecord']['gllink_stock']==1){
$CostUpdateNo = GetNextTransNo(35, $db);
- $PeriodNo = GetPeriod(Date("d/m/Y"), $db);
+ $PeriodNo = GetPeriod(Date('d/m/Y'), $db);
$ValueOfChange = $QOH * ($ItemShipmentCost - $StdCostUnit);
Modified: trunk/Z_CreateCompanyTemplateFile.php
===================================================================
--- trunk/Z_CreateCompanyTemplateFile.php 2011-04-08 23:37:01 UTC (rev 4542)
+++ trunk/Z_CreateCompanyTemplateFile.php 2011-04-09 06:12:05 UTC (rev 4543)
@@ -1,8 +1,6 @@
<?php
/* $Id$*/
-//$PageSecurity =15;
-
include ('includes/session.inc');
$title = _('Create Database Template File');
include ('includes/header.inc');
@@ -15,20 +13,20 @@
}
if ($InputError==false){
- $CurrResult = DB_query( 'SELECT currabrev,
- currency,
- country,
- debtorsact,
- creditorsact,
- payrollact,
- grnact,
- exchangediffact,
- purchasesexchangediffact,
- retainedearnings,
- freightact
- FROM currencies INNER JOIN companies
- ON companies.currencydefault=currencies.currabrev
- WHERE coycode=1',$db);
+ $CurrResult = DB_query( "SELECT currabrev,
+ currency,
+ country,
+ debtorsact,
+ creditorsact,
+ payrollact,
+ grnact,
+ exchangediffact,
+ purchasesexchangediffact,
+ retainedearnings,
+ freightact
+ FROM currencies INNER JOIN companies
+ ON companies.currencydefault=currencies.currabrev
+ WHERE coycode='1'",$db);
$CurrRow = DB_fetch_array($CurrResult);
@@ -46,7 +44,7 @@
purchasesexchangediffact=" . $CurrRow['purchasesexchangediffact'] . ",
retainedearnings=" . $CurrRow['retainedearnings'] . ",
freightact=" . $CurrRow['freightact'] . "
- WHERE coycode=1;\n";
+ WHERE coycode='1';\n";
/*empty out any existing records in
chartmaster,
@@ -67,12 +65,12 @@
$SQLScript .= "TRUNCATE TABLE taxcategories;\n";
$SQLScript .= "TRUNCATE TABLE taxprovinces;\n";
- $GroupsResult = DB_query('SELECT groupname,
- sectioninaccounts,
- pandl,
- sequenceintb,
- parentgroupname
- FROM accountgroups',$db);
+ $GroupsResult = DB_query("SELECT groupname,
+ sectioninaccounts,
+ pandl,
+ sequenceintb,
+ parentgroupname
+ FROM accountgroups",$db);
while ($GroupRow = DB_fetch_array($GroupsResult)){
$SQLScript .= "INSERT INTO accountgroups (groupname,sectioninaccounts,pandl, sequenceintb, parentgroupname)
@@ -83,13 +81,15 @@
'" . $GroupRow['parentgroupname'] . "');\n";
}
- $ChartResult = DB_query('SELECT accountcode, accountname, group_ FROM chartmaster',$db);
+ $ChartResult = DB_query("SELECT accountcode, accountname, group_ FROM chartmaster",$db);
$i=0;
while ($ChartRow = DB_fetch_array($ChartResult)){
if ($_POST['IncludeAccount_' .$i]=='on'){
$SQLScript .= "INSERT INTO chartmaster (accountcode,accountname,group_)
- VALUES (" . $ChartRow['accountcode'] . ", '" . $ChartRow['accountname'] . "', '" . $ChartRow['group_'] . "');\n";
+ VALUES ('" . $ChartRow['accountcode'] . "',
+ '" . $ChartRow['accountname'] . "',
+ '" . $ChartRow['group_'] . "');\n";
}
$i++;
}
@@ -98,14 +98,14 @@
/*Tax Authorities table */
$TaxAuthoritiesResult = DB_query("SELECT taxid,
- description,
- taxglcode,
- purchtaxglaccount,
- bank,
- bankacctype,
- bankacc,
- bankswift
- FROM taxauthorities",$db);
+ description,
+ taxglcode,
+ purchtaxglaccount,
+ bank,
+ bankacctype,
+ bankacc,
+ bankswift
+ FROM taxauthorities",$db);
while ($TaxAuthoritiesRow = DB_fetch_array($TaxAuthoritiesResult)){
$SQLScript .= "INSERT INTO taxauthorities (taxid,
@@ -127,11 +127,11 @@
}
/*taxauthrates table */
- $TaxAuthRatesResult = DB_query('SELECT taxauthority,
- dispatchtaxprovince,
- taxcatid,
- taxrate
- FROM taxauthrates',$db);
+ $TaxAuthRatesResult = DB_query("SELECT taxauthority,
+ dispatchtaxprovince,
+ taxcatid,
+ taxrate
+ FROM taxauthrates",$db);
while ($TaxAuthRatesRow = DB_fetch_array($TaxAuthRatesResult)){
$SQLScript .= "INSERT INTO taxauthrates (taxauthority,
@@ -145,20 +145,20 @@
}
/*taxgroups table */
- $TaxGroupsResult = DB_query('SELECT taxgroupid,
- taxgroupdescription
- FROM taxgroups',$db);
+ $TaxGroupsResult = DB_query("SELECT taxgroupid,
+ taxgroupdescription
+ FROM taxgroups",$db);
while ($TaxGroupsRow = DB_fetch_array($TaxGroupsResult)){
$SQLScript .= "INSERT INTO taxgroups (taxgroupid,
taxgroupdescription)
- VALUES (" . $TaxGroupsRow['taxgroupid'] . ",
+ VALUES ('" . $TaxGroupsRow['taxgroupid'] . "',
'" . $TaxGroupsRow['taxgroupdescription'] . "');\n";
}
/*tax categories table */
- $TaxCategoriesResult = DB_query('SELECT taxcatid,
- taxcatname
- FROM taxcategories',$db);
+ $TaxCategoriesResult = DB_query("SELECT taxcatid,
+ taxcatname
+ FROM taxcategories",$db);
while ($TaxCategoriesRow = DB_fetch_array($TaxCategoriesResult)){
$SQLScript .= "INSERT INTO taxcategories (taxcatid,
@@ -167,9 +167,9 @@
'" . $TaxCategoriesRow['taxcatname'] . "');\n";
}
/*tax provinces table */
- $TaxProvincesResult = DB_query('SELECT taxprovinceid,
- taxprovincename
- FROM taxprovinces',$db);
+ $TaxProvincesResult = DB_query("SELECT taxprovinceid,
+ taxprovincename
+ FROM taxprovinces",$db);
while ($TaxProvincesRow = DB_fetch_array($TaxProvincesResult)){
$SQLScript .= "INSERT INTO taxprovinces (taxprovinceid,
@@ -178,11 +178,11 @@
'" . $TaxProvincesRow['taxprovincename'] . "');\n";
}
/*taxgroup taxes table */
- $TaxGroupTaxesResult = DB_query('SELECT taxgroupid,
- taxauthid,
- calculationorder,
- taxontax
- FROM taxgrouptaxes',$db);
+ $TaxGroupTaxesResult = DB_query("SELECT taxgroupid,
+ taxauthid,
+ calculationorder,
+ taxontax
+ FROM taxgrouptaxes",$db);
while ($TaxGroupTaxesRow = DB_fetch_array($TaxGroupTaxesResult)){
$SQLScript .= "INSERT INTO taxgrouptaxes (taxgroupid,
@@ -194,7 +194,7 @@
" . $TaxGroupTaxesRow['calculationorder'] . ",
" . $TaxGroupTaxesRow['taxontax'] . ");\n";
}
- $SQLScript .= 'SET FOREIGN_KEY_CHECKS=1;';
+ $SQLScript .= "SET FOREIGN_KEY_CHECKS=1;";
/*Now write $SQLScript to a file */
$FileHandle = fopen("./companies/" . $_SESSION['DatabaseName'] . "/reports/" . $_POST['TemplateName'] .".sql","w");
fwrite ($FileHandle, $SQLScript);
@@ -225,10 +225,10 @@
echo '<table>';
/*Show the chart of accounts to be exported for deslection of company specific ones */
-$ChartResult = DB_query('SELECT accountcode, accountname, group_ FROM chartmaster',$db);
+$ChartResult = DB_query("SELECT accountcode, accountname, group_ FROM chartmaster",$db);
$TableHeadings = '<tr><th>' . _('Account Code') . '</th>
- <th>' . _('Account Name') . '</th></tr>';
+ <th>' . _('Account Name') . '</th></tr>';
$i = 0;
while ($ChartRow = DB_fetch_array($ChartResult)){
echo '<tr><td>' . $ChartRow['accountcode'] . '</td>
Modified: trunk/Z_CurrencyDebtorsBalances.php
===================================================================
--- trunk/Z_CurrencyDebtorsBalances.php 2011-04-08 23:37:01 UTC (rev 4542)
+++ trunk/Z_CurrencyDebtorsBalances.php 2011-04-09 06:12:05 UTC (rev 4543)
@@ -1,6 +1,5 @@
<?php
/* $Id$*/
-//$PageSecurity=15;
include('includes/session.inc');
$title=_('Currency Debtor Balances');
@@ -8,12 +7,12 @@
echo '<font size=4><b>' . _('Debtors Balances By Currency Totals') . '</b></font>';
-$sql = 'SELECT SUM(ovamount+ovgst+ovdiscount+ovfreight-alloc) AS currencybalance,
+$sql = "SELECT SUM(ovamount+ovgst+ovdiscount+ovfreight-alloc) AS currencybalance,
currcode,
SUM((ovamount+ovgst+ovdiscount+ovfreight-alloc)/rate) AS localbalance
FROM debtortrans INNER JOIN debtorsmaster
ON debtortrans.debtorno=debtorsmaster.debtorno
- WHERE (ovamount+ovgst+ovdiscount+ovfreight-alloc)<>0 GROUP BY currcode';
+ WHERE (ovamount+ovgst+ovdiscount+ovfreight-alloc)<>0 GROUP BY currcode";
$result = DB_query($sql,$db);
Modified: trunk/Z_CurrencySuppliersBalances.php
===================================================================
--- trunk/Z_CurrencySuppliersBalances.php 2011-04-08 23:37:01 UTC (rev 4542)
+++ trunk/Z_CurrencySuppliersBalances.php 2011-04-09 06:12:05 UTC (rev 4543)
@@ -1,6 +1,5 @@
<?php
/* $Id$*/
-//$PageSecurity=15;
include('includes/session.inc');
$title=_('Currency Debtor Balances');
@@ -8,11 +7,11 @@
echo '<font size=4><b>' . _('Suppliers Balances By Currency Totals') . '</b></font>';
-$sql = 'SELECT SUM(ovamount+ovgst-alloc) AS currencybalance,
+$sql = "SELECT SUM(ovamount+ovgst-alloc) AS currencybalance,
currcode,
SUM((ovamount+ovgst-alloc)/rate) AS localbalance
FROM supptrans INNER JOIN suppliers ON supptrans.supplierno=suppliers.supplierid
- WHERE (ovamount+ovgst-alloc)<>0 GROUP BY currcode';
+ WHERE (ovamount+ovgst-alloc)<>0 GROUP BY currcode";
$result = DB_query($sql,$db);
Modified: trunk/Z_DataExport.php
===================================================================
--- trunk/Z_DataExport.php 2011-04-08 23:37:01 UTC (rev 4542)
+++ trunk/Z_DataExport.php 2011-04-09 06:12:05 UTC (rev 4543)
@@ -2,7 +2,6 @@
/* $Id$*/
-//$PageSecurity=15;
include('includes/session.inc');
@@ -70,9 +69,9 @@
$title = _('Price List Export Problem ....');
include('includes/header.inc');
prnMsg( _('The Price List could not be retrieved by the SQL because'). ' - ' . DB_error_msg($db), 'error');
- echo '<br><a href="' .$rootpath .'/index.php?' . SID . '">'. _('Back to the menu'). '</a>';
+ echo '<br /><a href="' .$rootpath .'/index.php?' . SID . '">'. _('Back to the menu'). '</a>';
if ($debug==1){
- echo '<br>'. $SQL;
+ echo '<br />'. $SQL;
}
include('includes/footer.inc');
exit;
@@ -166,9 +165,9 @@
$title = _('Customer List Export Problem ....');
include('includes/header.inc');
prnMsg( _('The Customer List could not be retrieved by the SQL because'). ' - ' . DB_error_msg($db), 'error');
- echo '<br><a href="' .$rootpath .'/index.php?' . SID . '">'. _('Back to the menu'). '</a>';
+ echo '<br /><a href="' .$rootpath .'/index.php">'. _('Back to the menu'). '</a>';
if ($debug==1){
- echo '<br>'. $SQL;
+ echo '<br />'. $SQL;
}
include('includes/footer.inc');
exit;
@@ -257,9 +256,9 @@
$title = _('Salesman List Export Problem ....');
include('includes/header.inc');
prnMsg( _('The Salesman List could not be retrieved by the SQL because'). ' - ' . DB_error_msg($db), 'error');
- echo '<br><a href="' .$rootpath .'/index.php?' . SID . '">'. _('Back to the menu'). '</a>';
+ echo '<br /><a href="' .$rootpath .'/index.php">'. _('Back to the menu'). '</a>';
if ($debug==1){
- echo '<br>'. $SQL;
+ echo '<br />'. $SQL;
}
include('includes/footer.inc');
exit;
@@ -306,9 +305,9 @@
$title = _('Security Token List Export Problem ....');
include('includes/header.inc');
prnMsg( _('The Image List could not be retrieved by the SQL because'). ' - ' . DB_error_msg($db), 'error');
- echo '<br><a href="' .$rootpath .'/index.php?' . SID . '">'. _('Back to the menu'). '</a>';
+ echo '<br /><a href="' .$rootpath .'/index.php">'. _('Back to the menu'). '</a>';
if ($debug==1){
- echo '<br>'. $SQL;
+ echo '<br />'. $SQL;
}
include('includes/footer.inc');
exit;
@@ -345,9 +344,9 @@
$title = _('Security Token List Export Problem ....');
include('includes/header.inc');
prnMsg( _('The Security Token List could not be retrieved by the SQL because'). ' - ' . DB_error_msg($db), 'error');
- echo '<br><a href="' .$rootpath .'/index.php?' . SID . '">'. _('Back to the menu'). '</a>';
+ echo '<br /><a href="' .$rootpath .'/index.php?' . SID . '">'. _('Back to the menu'). '</a>';
if ($debug==1){
- echo '<br>'. $SQL;
+ echo '<br />'. $SQL;
}
include('includes/footer.inc');
exit;
@@ -381,9 +380,9 @@
$title = _('Security Role List Export Problem ....');
include('includes/header.inc');
prnMsg( _('The Security Role List could not be retrieved by the SQL because'). ' - ' . DB_error_msg($db), 'error');
- echo '<br><a href="' .$rootpath .'/index.php?' . SID . '">'. _('Back to the menu'). '</a>';
+ echo '<br /><a href="' .$rootpath .'/index.php">'. _('Back to the menu'). '</a>';
if ($debug==1){
- echo '<br>'. $SQL;
+ echo '<br />'. $SQL;
}
include('includes/footer.inc');
exit;
@@ -417,9 +416,9 @@
$title = _('Security Group List Export Problem ....');
include('includes/header.inc');
prnMsg( _('The Security Group List could not be retrieved by the SQL because'). ' - ' . DB_error_msg($db), 'error');
- echo '<br><a href="' .$rootpath .'/index.php?' . SID . '">'. _('Back to the menu'). '</a>';
+ echo '<br /><a href="' .$rootpath .'/index.php?' . SID . '">'. _('Back to the menu'). '</a>';
if ($debug==1){
- echo '<br>'. $SQL;
+ echo '<br />'. $SQL;
}
include('includes/footer.inc');
exit;
@@ -469,9 +468,9 @@
$title = _('Security User List Export Problem ....');
include('includes/header.inc');
prnMsg( _('The Security User List could not be retrieved by the SQL because'). ' - ' . DB_error_msg($db), 'error');
- echo '<br><a href="' .$rootpath .'/index.php?' . SID . '">'. _('Back to the menu'). '</a>';
+ echo '<br /><a href="' .$rootpath .'/index.php">'. _('Back to the menu'). '</a>';
if ($debug==1){
- echo '<br>'. $SQL;
+ echo '<br />'. $SQL;
}
include('includes/footer.inc');
exit;
@@ -532,8 +531,8 @@
// SELECT EXPORT FOR PRICE LIST
- echo "<br>";
- echo "<form method='post' action=" . $_SERVER['PHP_SELF'] . "?" . SID . ">";
+ echo '<br />';
+ echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
echo '<table>';
echo '<tr><th colspan=2>' . _('Price List Export') . '</th></tr>';
@@ -554,16 +553,16 @@
echo '<option Value="' . $myrow['loccode'] . '">' . $myrow['locationname'];
}
echo '</select></td></tr>';
- echo "</table>";
+ echo '</table>';
echo "<div class='centre'><input type='Submit' name='pricelist' value='" . _('Export') . "'></div>";
- echo "</form><br>";
+ echo '</form><br />';
// SELECT EXPORT FOR CUSTOMER LIST
- echo "<br>";
+ echo "<br />";
// Export Stock For Location
- echo "<form method='post' action=" . $_SERVER['PHP_SELF'] . "?" . SID . ">";
+ echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
echo '<table>';
echo '<tr><th colspan=2>' . _('Customer List Export') . '</th></tr>';
@@ -576,66 +575,66 @@
echo '<option Value="' . $myrow['loccode'] . '">' . $myrow['locationname'];
}
echo '</select></td></tr>';
- echo "</table>";
+ echo '</table>';
echo "<div class='centre'><input type='Submit' name='custlist' value='" . _('Export') . "'></div>";
- echo "</form><br>";
+ echo '</form><br />';
// SELECT EXPORT FOR SALES MAN
- echo "<br>";
+ echo "<br />";
// Export Stock For Location
- echo "<form method='post' action=" . $_SERVER['PHP_SELF'] . "?" . SID . ">";
+ echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
echo '<table>';
echo '<tr><th colspan=2>' . _('Salesman List Export') . '</th></tr>';
- echo "</table>";
+ echo '</table>';
echo "<div class='centre'><div class='centre'><input type='Submit' name='salesmanlist' value='" . _('Export') . "'></div>";
- echo "</form><br>";
+ echo '</form><br />';
// SELECT EXPORT FOR IMAGES
- echo "<form method='post' action=" . $_SERVER['PHP_SELF'] . "?" . SID . ">";
+ echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
echo '<table>';
echo '<tr><th colspan=2>' . _('Image List Export') . '</th></tr>';
- echo "</table>";
+ echo '</table>';
echo "<div class='centre'><input type='Submit' name='imagelist' value='" . _('Export') . "'></div>";
- echo "</form><br>";
+ echo '</form><br />';
// SELECT EXPORT SECURITY TOKENS
- echo "<form method='post' action=" . $_SERVER['PHP_SELF'] . "?" . SID . ">";
+ echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
echo '<table>';
echo '<tr><th colspan=2>' . _('Security Token List Export') . '</th></tr>';
- echo "</table>";
+ echo '</table>';
echo "<div class='centre'><input type='Submit' name='sectokenlist' value='" . _('Export') . "'></div>";
- echo "</form><br>";
+ echo '</form><br />';
// SELECT EXPORT SECURITY ROLES
- echo "<form method='post' action=" . $_SERVER['PHP_SELF'] . "?" . SID . ">";
+ echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
echo '<table>';
echo '<tr><th colspan=2>' . _('Security Role List Export') . '</th></tr>';
- echo "</table>";
+ echo '</table>';
echo "<div class='centre'><input type='Submit' name='secrolelist' value='" . _('Export') . "'></div>";
- echo "</form><br>";
+ echo '</form><br />';
// SELECT EXPORT SECURITY GROUPS
- echo "<form method='post' action=" . $_SERVER['PHP_SELF'] . "?" . SID . ">";
+ echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
echo '<table>';
echo '<tr><th colspan=2>' . _('Security Group List Export') . '</th></tr>';
- echo "</table>";
+ echo '</table>';
echo "<div class='centre'><input type='Submit' name='secgrouplist' value='" . _('Export') . "'></div>";
- echo "</form><br>";
+ echo '</form><br />';
// SELECT EXPORT SECURITY USERS
- echo "<form method='post' action=" . $_SERVER['PHP_SELF'] . "?" . SID . ">";
+ echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
echo '<table>';
echo '<tr><th colspan=2>' . _('Security User List Export') . '</th></tr>';
- echo "</table>";
- echo "<div class='centre'><input type='Submit' name='secuserlist' value='" . _('Export') . "'></div>";
- echo "</form><br>";
+ echo '</table>';
+ echo '<div class="centre"><input type="Submit" name="secuserlist" value="' . _('Export') . '"></div>';
+ echo '</form><br />';
include('includes/footer.inc');
Modified: trunk/Z_DeleteCreditNote.php
===================================================================
--- trunk/Z_DeleteCreditNote.php 2011-04-08 23:37:01 UTC (rev 4542)
+++ trunk/Z_DeleteCreditNote.php 2011-04-09 06:12:05 UTC (rev 4543)
@@ -5,11 +5,12 @@
/* Script to delete a credit note - it expects and credit note number to delete
not included on any menu for obvious reasons
+STRONGLY RECOMMEND NOT USING THIS - RE INVOICE INSTEAD
+
must be called directly with path/DeleteCreditnote.php?CreditNoteNo=???????
!! */
-//$PageSecurity=15;
include ('includes/session.inc');
$title = _('Delete Credit Note');
@@ -21,7 +22,7 @@
}
/*get the order number that was credited */
-$SQL = 'SELECT order_ FROM debtortrans WHERE transno=' . $_GET['CreditNoteNo'] . ' AND type=11';
+$SQL = "SELECT order_ FROM debtortrans WHERE transno='" . $_GET['CreditNoteNo'] . "' AND type='11'";
$Result = DB_query($SQL, $db);
$myrow = DB_fetch_row($Result);
@@ -29,14 +30,14 @@
/*Now get the stock movements that were credited into an array */
-$SQL = 'SELECT stockid,
- loccode,
- debtorno,
- branchcode,
- prd,
- qty
- FROM stockmoves
- WHERE transno =' .$_GET['CreditNoteNo'] . ' AND type=11';
+$SQL = "SELECT stockid,
+ loccode,
+ debtorno,
+ branchcode,
+ prd,
+ qty
+ FROM stockmoves
+ WHERE transno ='" .$_GET['CreditNoteNo'] . "' AND type='11'";
$Result = DB_query($SQL,$db);
$i=0;
@@ -72,8 +73,8 @@
/*reverse the update to LocStock */
$SQL = "UPDATE locstock SET locstock.quantity = locstock.quantity + " . $CreditLine['qty'] . "
- WHERE locstock.stockid = '" . $CreditLine['stockid'] . "'
- AND loccode = '" . $CreditLine['loccode'] . "'";
+ WHERE locstock.stockid = '" . $CreditLine['stockid'] . "'
+ AND loccode = '" . $CreditLine['loccode'] . "'";
$ErrMsg = _('SQL to reverse update to the location stock records failed with the error');
@@ -100,7 +101,7 @@
$ErrMsg = _('SQL to delete the stock movement record failed with the message');
$Result = DB_query($SQL, $db,$ErrMsg,$DbgMsg,true);
prnMsg(_('Deleted the credit note stock movements').'info');
-echo '<br><br>';
+echo '<br /><br />';
$result = DB_Txn_Commit($db);
prnMsg(_('Credit note number') . ' ' . $_GET['CreditNoteNo'] . ' ' . _('has been completely deleted') . '. ' . _('To ensure the integrity of the general ledger transactions must be reposted from the period the credit note was created'),'info');
Modified: trunk/Z_DeleteInvoice.php
===================================================================
--- trunk/Z_DeleteInvoice.php 2011-04-08 23:37:01 UTC (rev 4542)
+++ trunk/Z_DeleteInvoice.php 2011-04-09 06:12:05 UTC (rev 4543)
@@ -4,9 +4,12 @@
/* Script to delete an invoice expects and invoice number to delete
not included on any menu for obvious reasons
+*
+* STRONGLY RECOMMEND NOT USING THIS -CREDIT THE INVOICE AND RE INVOICE
+* *
+*
This page must be called directly using path/Z_DeleteInvoice.php?InvoiceNo=????? !! */
-//$PageSecurity=15;
include ('includes/session.inc');
$title = _('Delete Invoice');
@@ -19,9 +22,10 @@
}
/*Get the order number that was invoiced */
-$SQL = 'SELECT order_
- FROM debtortrans
- WHERE debtortrans.type = 10 and transno = ' . $_GET['InvoiceNo'];
+$SQL = "SELECT order_
+ FROM debtortrans
+ WHERE debtortrans.type = 10
+ AND transno = '" . $_GET['InvoiceNo'] . "'";
$Result = DB_query($SQL,$db);
$myrow = DB_fetch_row($Result);
@@ -40,7 +44,7 @@
// mbflag
// We now use fully qualified column names
-$SQL = 'SELECT stockmoves.stockid,
+$SQL = "SELECT stockmoves.stockid,
stockmoves.loccode,
stockmoves.debtorno,
stockmoves.branchcode,
@@ -49,7 +53,7 @@
stockmaster.mbflag
FROM stockmoves INNER JOIN stockmaster
ON stockmoves.stockid = stockmaster.stockid
- WHERE transno =' .$_GET['InvoiceNo'] . ' AND type=10';
+ WHERE transno ='" .$_GET['InvoiceNo'] . "' AND type=10";
$Result = DB_query($SQL,$db);
@@ -77,9 +81,9 @@
/*Now delete the DebtorTrans */
-$SQL = 'DELETE FROM debtortrans
- WHERE transno =' . $_GET['InvoiceNo'] . '
- AND debtortrans.type=10';
+$SQL = "DELETE FROM debtortrans
+ WHERE transno ='" . $_GET['InvoiceNo'] . "'
+ AND debtortrans.type=10";
$DbgMsg = _('The SQL that failed was');
$ErrMsg = _('The debtorTrans record could not be deleted') . ' - ' . _('the sql server returned the following error');
$Result = DB_query($SQL,$db,$ErrMsg,$DbgMsg,true);
Modified: trunk/Z_ImportFixedAssets.php
===================================================================
--- trunk/Z_ImportFixedAssets.php 2011-04-08 23:37:01 UTC (rev 4542)
+++ trunk/Z_ImportFixedAssets.php 2011-04-09 06:12:05 UTC (rev 4543)
@@ -2,7 +2,6 @@
/* $Id: $*/
/* Script to import fixed assets into a specified period*/
-//$PageSecurity = 15;
include('includes/session.inc');
$title = _('Import Fixed Assets');
include('includes/header.inc');
@@ -122,57 +121,57 @@
if (strlen($Description)==0 OR strlen($Description)>50){
prnMsg('The description of the asset is expected to be more than 3 characters long and less than 50 characters long','error');
- echo '<br>' . _('Row:') . $Row . ' - ' . _('Invalid Description:') . ' ' . $Description;
+ echo '<br />' . _('Row:') . $Row . ' - ' . _('Invalid Description:') . ' ' . $Description;
$InputError=true;
}
if (!is_numeric($DepnRate)){
prnMsg(_('The depreciation rate is expected to be numeric'),'error');
- echo '<br>' . _('Row:') . $Row . ' - ' . _('Invalid Depreciation Rate:') . ' ' . $DepnRate;
+ echo '<br />' . _('Row:') . $Row . ' - ' . _('Invalid Depreciation Rate:') . ' ' . $DepnRate;
$InputError=true;
}elseif ($DepnRate<0 OR $DepnRate>100){
prnMsg(_('The depreciation rate is expected to be a number between 0 and 100'),'error');
- echo '<br>' . _('Row:') . $Row . ' - ' ._('Invalid Depreciation Rate:') . ' ' . $DepnRate;
+ echo '<br />' . _('Row:') . $Row . ' - ' ._('Invalid Depreciation Rate:') . ' ' . $DepnRate;
$InputError=true;
}
if (!is_numeric($AccumDepn)){
prnMsg(_('The accumulated depreciation is expected to be numeric'),'error');
- echo '<br>' . _('Row:') . $Row . ' - ' . _('Invalid Accumulated Depreciation:') . ' ' . $AccumDepn;
+ echo '<br />' . _('Row:') . $Row . ' - ' . _('Invalid Accumulated Depreciation:') . ' ' . $AccumDepn;
$InputError=true;
} elseif ($AccumDepn<0){
prnMsg(_('The accumulated depreciation is expected to be either zero or a positive number'),'error');
- echo '<br>' . _('Row:') . $Row . ' - ' . _('Invalid Accumulated Depreciation:') . ' ' . $AccumDepn;
+ echo '<br />' . _('Row:') . $Row . ' - ' . _('Invalid Accumulated Depreciation:') . ' ' . $AccumDepn;
$InputError=true;
}
if (!is_numeric($Cost)){
prnMsg(_('The cost is expected to be numeric'),'error');
- echo '<br>' . _('Row:') . $Row . ' - ' . _('Invalid Cost:') . ' ' . $Cost;
+ echo '<br />' . _('Row:') . $Row . ' - ' . _('Invalid Cost:') . ' ' . $Cost;
$InputError=true;
} elseif ($Cost<=0){
prnMsg(_('The cost is expected to be a positive number'),'error');
- echo '<br>' . _('Row:') . $Row . ' - ' . _('Invalid Cost:') . ' ' . $AccumDepn;
+ echo '<br />' . _('Row:') . $Row . ' - ' . _('Invalid Cost:') . ' ' . $AccumDepn;
$InputError=true;
}
if ($DepnType !='SL' AND $DepnType!='DV'){
prnMsg(_('The depreciation type must be either "SL" - Straight Line or "DV" - Diminishing Value'),'error');
- echo '<br>' . _('Row:') . $Row . ' - ' . _('Invalid depreciation type:') . ' ' . $DepnType;
+ echo '<br />' . _('Row:') . $Row . ' - ' . _('Invalid depreciation type:') . ' ' . $DepnType;
$InputError = true;
}
- $result = DB_query('SELECT categoryid FROM fixedassetcategories WHERE categoryid="' . $AssetCategoryID . '"', $db);
+ $result = DB_query("SELECT categoryid FROM fixedassetcategories WHERE categoryid='" . $AssetCategoryID . "'", $db);
if (DB_num_rows($result)==0){
$InputError = true;
prnMsg(_('The asset category code entered must be exist in the assetcategories table'),'error');
- echo '<br>' . _('Row:') . $Row . ' - ' . _('Invalid asset category:') . ' ' . $AssetCategoryID;
+ echo '<br />' . _('Row:') . $Row . ' - ' . _('Invalid asset category:') . ' ' . $AssetCategoryID;
}
- $result = DB_query('SELECT locationid FROM fixedassetlocations WHERE locationid="' . $AssetLocationCode . '"', $db);
+ $result = DB_query("SELECT locationid FROM fixedassetlocations WHERE locationid='" . $AssetLocationCode . "'", $db);
if (DB_num_rows($result)==0){
$InputError = true;
prnMsg(_('The asset location code entered must be exist in the asset locations table'),'error');
- echo '<br>' . _('Row:') . $Row . ' - ' . _('Invalid asset location code:') . ' ' . $AssetLocationCode;
+ echo '<br />' . _('Row:') . $Row . ' - ' . _('Invalid asset location code:') . ' ' . $AssetLocationCode;
}
if (!Is_Date($DatePurchased)){
$InputError = true;
prnMsg(_('The date purchased must be entered in the format:') . ' ' . $_SESSION['DefaultDateFormat'],'error');
- echo '<br>' . _('Row:') . $Row . ' - ' . _('Invalid date format:') . ' ' . $DatePurchased;
+ echo '<br />' . _('Row:') . $Row . ' - ' . _('Invalid date format:') . ' ' . $DatePurchased;
}
if ($DepnType=='DV'){
$DepnType=1;
@@ -187,27 +186,27 @@
//attempt to insert the stock item
$sql = "INSERT INTO fixedassets (description,
- longdescription,
- assetcategoryid,
- serialno,
- barcode,
- assetlocation,
- cost,
- accumdepn,
- depntype,
- depnrate,
- datepurchased)
- VALUES ('" . $Description . "',
- '" . $LongDescription . "',
- '" . $AssetCategoryID . "',
- '" . $SerialNo . "',
- '" . $BarCode . "',
- '" . $AssetLocationCode . "',
- '" . $Cost . "',
- '" . $AccumDepn . "',
- '" . $DepnType . "',
- '" . $DepnRate . "',
- '" . FormatDateForSQL($DatePurchased) . "')";
+ longdescription,
+ assetcategoryid,
+ serialno,
+ barcode,
+ assetlocation,
+ cost,
+ accumdepn,
+ depntype,
+ depnrate,
+ datepurchased)
+ VALUES ('" . $Description . "',
+ '" . $LongDescription . "',
+ '" . $AssetCategoryID . "',
+ '" . $SerialNo . "',
+ '" . $BarCode . "',
+ '" . $AssetLocationCode . "',
+ '" . $Cost . "',
+ '" . $AccumDepn . "',
+ '" . $DepnType . "',
+ '" . $DepnRate . "',
+ '" . FormatDateForSQL($DatePurchased) . "')";
$ErrMsg = _('The asset could not be added because');
$DbgMsg = _('The SQL that was used to add the asset and failed was');
@@ -218,43 +217,43 @@
$AssetID = DB_Last_Insert_ID($db, 'fixedassets','assetid');
$sql = "INSERT INTO fixedassettrans ( assetid,
- transtype,
- transno,
- transdate,
- periodno,
- inputdate,
- fixedassettranstype,
- amount)
- VALUES ( '" . $AssetID . "',
- '49',
- '" . $TransNo . "',
- '" . $_POST['DateToEnter'] . "',
- '" . $PeriodNo . "',
- '" . Date('Y-m-d') . "',
- 'cost',
- '" . $Cost . "')";
+ transtype,
+ transno,
+ transdate,
+ periodno,
+ inputdate,
+ fixedassettranstype,
+ amount)
+ VALUES ( '" . $AssetID . "',
+ '49',
+ '" . $TransNo . "',
+ '" . $_POST['DateToEnter'] . "',
+ '" . $PeriodNo . "',
+ '" . Date('Y-m-d') . "',
+ 'cost',
+ '" . $Cost . "')";
$ErrMsg = _('The transaction for the cost of the asset could not be added because');
$DbgMsg = _('The SQL that was used to add the fixedasset trans record that failed was');
$InsResult = DB_query($sql,$db,$ErrMsg,$DbgMsg);
$sql = "INSERT INTO fixedassettrans ( assetid,
- transtype,
- transno,
- transdate,
- periodno,
- inputdate,
- fixedassettranstype,
- amount)
- VALUES ( '" . $AssetID . "',
- '49',
- '" . $TransNo . "',
- '" . $_POST['DateToEnter'] . "',
- '" . $PeriodNo . "',
- '" . Date('Y-m-d') . "',
- 'depn',
- '" . $AccumDepn . "')";
-
+ transtype,
+ transno,
+ transdate,
+ periodno,
+ inputdate,
+ fixedassettranstype,
+ amount)
+ VALUES ( '" . $AssetID . "',
+ '49',
+ '" . $TransNo . "',
+ '" . $_POST['DateToEnter'] . "',
+ '" . $PeriodNo . "',
+ '" . Date('Y-m-d') . "',
+ 'depn',
+ '" . $AccumDepn . "')";
+
$ErrMsg = _('The transaction for the cost of the asset could not be added because');
$DbgMsg = _('The SQL that was used to add the fixedasset trans record that failed was');
$InsResult = DB_query($sql,$db,$ErrMsg,$DbgMsg);
@@ -285,7 +284,7 @@
echo '
<br />
- <a href="Z_ImportFixedAssets.php?gettemplate=1">Get Import Template</a>
+ <a href="Z_ImportFixedAssets.php?gettemplate=1">' . _('Get Import Template') . '</a>
<br />
<br />
';
@@ -296,17 +295,16 @@
echo '<table class="selection">
<tr><td>' . _('Select Date to Upload B/Fwd Assets To:') . '</td>
<td><select name="DateToEnter">';
- $PeriodsResult = DB_query('SELECT lastdate_in_period FROM periods ORDER BY periodno',$db);
+ $PeriodsResult = DB_query("SELECT lastdate_in_period FROM periods ORDER BY periodno",$db);
while ($PeriodRow = DB_fetch_row($PeriodsResult)){
echo '<option value="' . $PeriodRow[0] . '">' . ConvertSQLDate($PeriodRow[0]) . '</option>';
}
echo '</select></td></tr>';
echo '<tr><td>' . _('Fixed Assets Upload file:') . '</td><td><input name="SelectedAssetFile" type="file"></tr></table>
- <input type="submit" VALUE="' . _('Send File') . '">
+ <input type="submit" value="' . _('Send File') . '">
</form>';
}
-
include('includes/footer.inc');
?>
\ No newline at end of file
Modified: trunk/Z_ImportGLAccountGroups.php
===================================================================
--- trunk/Z_ImportGLAccountGroups.php 2011-04-08 23:37:01 UTC (rev 4542)
+++ trunk/Z_ImportGLAccountGroups.php 2011-04-09 06:12:05 UTC (rev 4543)
@@ -1,8 +1,6 @@
<?php
/* $Id$*/
-//$PageSecurity = 11;
-
include('includes/session.inc');
$title = _('Import Chart of Accounts');
include('includes/header.inc');
@@ -10,7 +8,7 @@
include('api/api_errorcodes.php');
$weberpuser = $_SESSION['UserID'];
-$sql='SELECT password FROM www_users WHERE userid="'.$weberpuser.'"';
+$sql="SELECT password FROM www_users WHERE userid='" . $weberpuser . "'";
$result=DB_query($sql, $db);
$myrow=DB_fetch_array($result);
$weberppassword = $myrow[0];
Modified: trunk/Z_ImportGLAccountSections.php
===================================================================
--- trunk/Z_ImportGLAccountSections.php 2011-04-08 23:37:01 UTC (rev 4542)
+++ trunk/Z_ImportGLAccountSections.php 2011-04-09 06:12:05 UTC (rev 4543)
@@ -1,21 +1,19 @@
<?php
/* $Id$*/
-//$PageSecurity = 11;
-
include('includes/session.inc');
$title = _('Import Chart of Accounts');
include('includes/header.inc');
include('xmlrpc/lib/xmlrpc.inc');
include('api/api_errorcodes.php');
-$weberpuser = $_SESSION['UserID'];
-$sql='SELECT password FROM www_users WHERE userid="'.$weberpuser.'"';
+$webERPUser = $_SESSION['UserID'];
+$sql="SELECT password FROM www_users WHERE userid='" . $webERPUser ."'";
$result=DB_query($sql, $db);
$myrow=DB_fetch_array($result);
$weberppassword = $myrow[0];
-$ServerURL = "http://". $_SERVER['HTTP_HOST'].$rootpath."/api/api_xml-rpc.php";
+$ServerURL = 'http://'. $_SERVER['HTTP_HOST'] . $rootpath . '/api/api_xml-rpc.php';
$DebugLevel = 0; //Set to 0,1, or 2 with 2 being the highest level of debug info
@@ -25,7 +23,11 @@
$FieldNames = explode(',', $buffer);
$SuccessStyle='style="color:green; font-weight:bold"';
$FailureStyle='style="color:red; font-weight:bold"';
- echo '<table><tr><th>'. _('Account Section') .'</th><th>'. _('Result') . '</th><th>'. _('Comments') .'</th></tr>';
+ echo '<table>
+ <tr><th>'. _('Account Section') .'</th>
+ <th>'. _('Result') . '</th>
+ <th>'. _('Comments') .'</th>
+ </tr>';
$successes=0;
$failures=0;
while (!feof ($fp)) {
@@ -36,7 +38,7 @@
$AccountSectionDetails[$FieldNames[$i]]=$FieldValues[$i];
}
$accountsection = php_xmlrpc_encode($AccountSectionDetails);
- $user = new xmlrpcval($weberpuser);
+ $user = new xmlrpcval($webERPUser);
$password = new xmlrpcval($weberppassword);
$msg = new xmlrpcmsg("weberp.xmlrpc_InsertGLAccountSection", array($accountsection, $user, $password));
@@ -75,7 +77,5 @@
echo '<div class= "centre"><input type="submit" name="update" value="Process"></div>';
echo '</form>';
}
-
include('includes/footer.inc');
-
?>
\ No newline at end of file
Modified: trunk/Z_ImportPartCodes.php
===================================================================
--- trunk/Z_ImportPartCodes.php 2011-04-08 23:37:01 UTC (rev 4542)
+++ trunk/Z_ImportPartCodes.php 2011-04-09 06:12:05 UTC (rev 4543)
@@ -1,7 +1,6 @@
<?php
/* $Id$*/
-//$PageSecurity = 11;
include('includes/session.inc');
$title = _('Import Stock Items');
@@ -9,13 +8,13 @@
include('xmlrpc/lib/xmlrpc.inc');
include('api/api_errorcodes.php');
-$weberpuser = $_SESSION['UserID'];
-$sql='SELECT password FROM www_users WHERE userid="'.$weberpuser.'"';
+$webERPUser = $_SESSION['UserID'];
+$sql="SELECT password FROM www_users WHERE userid='" . $webERPUser."'";
$result=DB_query($sql, $db);
$myrow=DB_fetch_array($result);
$weberppassword = $myrow[0];
-$ServerURL = "http://". $_SERVER['HTTP_HOST'].$rootpath."/api/api_xml-rpc.php";
+$ServerURL = 'http://'. $_SERVER['HTTP_HOST'] . $rootpath . '/api/api_xml-rpc.php';
$DebugLevel = 0; //Set to 0,1, or 2 with 2 being the highest level of debug info
@@ -25,7 +24,12 @@
$FieldNames = explode(',', $buffer);
$SuccessStyle='style="color:green; font-weight:bold"';
$FailureStyle='style="color:red; font-weight:bold"';
- echo '<table><tr><th>'. _('Part Code') .'</th><th>'. _('Result') . '</th><th>'. _('Comments') .'</th></tr>';
+ echo '<table>
+ <tr>
+ <th>'. _('Part Code') .'</th>
+ <th>'. _('Result') . '</th>
+ <th>'. _('Comments') .'</th>
+ </tr>';
$successes=0;
$failures=0;
while (!feof ($fp)) {
@@ -36,7 +40,7 @@
$ItemDetails[$FieldNames[$i]]=$FieldValues[$i];
}
$stockitem = php_xmlrpc_encode($ItemDetails);
- $user = new xmlrpcval($weberpuser);
+ $user = new xmlrpcval($webERPUser);
$password = new xmlrpcval($weberppassword);
$msg = new xmlrpcmsg("weberp.xmlrpc_InsertStockItem", array($stockitem, $user, $password));
@@ -65,7 +69,7 @@
echo '</table>';
fclose ($fp);
} else {
- $sql = 'select * from locations';
+ $sql = "select * from locations";
$result = DB_query($sql,$db);
if (DB_num_rows($result)==0) {
prnMsg( _('No locations have been set up. At least one location should be set up first'), "error");
Modified: trunk/Z_MakeStockLocns.php
===================================================================
--- trunk/Z_MakeStockLocns.php 2011-04-08 23:37:01 UTC (rev 4542)
+++ trunk/Z_MakeStockLocns.php 2011-04-09 06:12:05 UTC (rev 4543)
@@ -2,30 +2,25 @@
/* $Id$*/
/* Script to make stock locations for all parts that do not have stock location records set up*/
-
-//$PageSecurity=15;
include ('includes/session.inc');
$title = _('Make LocStock Records');
include('includes/header.inc');
+echo '<br /><br />' . _('This script makes stock location records for parts where they do not already exist');
-echo '<br><br>' . _('This script makes stock location records for parts where they do not already exist');
-
-$sql = 'INSERT INTO locstock (stockid, loccode)
+$sql = "INSERT INTO locstock (stockid, loccode)
SELECT stockmaster.stockid,
locations.loccode
FROM stockmaster CROSS JOIN locations
LEFT JOIN locstock
ON stockmaster.stockid = locstock.stockid
AND locations.loccode = locstock.loccode
- WHERE locstock.stockid IS NULL';
+ WHERE locstock.stockid IS NULL";
$ErrMsg = _('The items/locations that need stock location records created cannot be retrieved because');
$Result = DB_query($sql,$db,$ErrMsg);
-
-
-echo '<p>';
+echo '<p />';
prnMsg(_('Any stock items that may not have had stock location records have now been given new location stock records'),'info');
include('includes/footer.inc');
Modified: trunk/Z_PriceChanges.php
===================================================================
--- trunk/Z_PriceChanges.php 2011-04-08 23:37:01 UTC (rev 4542)
+++ trunk/Z_PriceChanges.php 2011-04-09 06:12:05 UTC (rev 4543)
@@ -1,43 +1,41 @@
<?php
/* $Id$*/
-//$PageSecurity=15;
-
include('includes/session.inc');
$title=_('Update Pricing');
include('includes/header.inc');
-echo '<br>' . _('This page updates already existing prices for a specified sales type (price list)') . '. ' . _('Choose between updating only customer special prices where the customer is set up under the price list selected, or all prices under the sales type or just specific prices for a customer for the stock category selected');
+echo '<br />' . _('This page updates already existing prices for a specified sales type (price list)') . '. ' . _('Choose between updating only customer special prices where the customer is set up under the price list selected, or all prices under the sales type or just specific prices for a customer for the stock category selected');
prnMsg (_('This script takes no account of start and end dates of prices and updates all historical prices as well as current prices - better to use new scripts under Inventory -> Maintenance'),'warn');
-echo "<form method='POST' action='" . $_SERVER['PHP_SELF'] . '?' . SID . "'>";
+echo '<form method="POST" action="' . $_SERVER['PHP_SELF'] . '">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
-$SQL = 'SELECT sales_type, typeabbrev FROM salestypes';
+$SQL = "SELECT sales_type, typeabbrev FROM salestypes";
$result = DB_query($SQL,$db);
echo '<p><table>
<tr>
- <td>' . _('Select the Price List to update the costs for') .":</td>
- <td><select name='PriceList'>";
+ <td>' . _('Select the Price List to update the costs for') .':</td>
+ <td><select name="PriceList">';
if (!isset($_POST['PriceList'])){
- echo '<option selected VALUE=0>' . _('No Price List Selected');
+ echo '<option selected value=0>' . _('No Price List Selected') . '</option>';
}
while ($PriceLists=DB_fetch_array($result)){
- echo "<option VALUE='" . $PriceLists['typeabbrev'] . "'>" . $PriceLists['sales_type'];
+ echo '<option value="' . $PriceLists['typeabbrev'] . '">' . $PriceLists['sales_type'] . '</option>';
}
echo '</select></td></tr>';
-echo '<tr><td>' . _('Category') . ":</td>
- <td><select name='StkCat'>";
+echo '<tr><td>' . _('Category') . ':</td>
+ <td><select name="StkCat">';
-$sql = 'SELECT categoryid, categorydescription FROM stockcategory';
+$sql = "SELECT categoryid, categorydescription FROM stockcategory";
$ErrMsg = _('The stock categories could not be retrieved because');
$DbgMsg = _('The SQL used to retrieve stock categories and failed was');
@@ -45,19 +43,19 @@
while ($myrow=DB_fetch_array($result)){
if ($myrow['categoryid']==$_POST['StkCat']){
- echo "<option selected VALUE='". $myrow['categoryid'] . "'>" . $myrow['categorydescription'];
+ echo '<option selected value="'. $myrow['categoryid'] . '">' . $myrow['categorydescription'] . '</option>';
} else {
- echo "<option VALUE='". $myrow['categoryid'] . "'>" . $myrow['categorydescription'];
+ echo '<option value="'. $myrow['categoryid'] . '">' . $myrow['categorydescription'] . '</option>';
}
}
echo '</select></td></tr>';
echo '<tr><td>' . _('Which Prices to update') . ":</td>
<td><select name='WhichPrices'>";
- echo "<option VALUE='Only Non-customer special prices'>" . _('Only Non-customer special prices');
- echo "<option VALUE='Only customer special prices'>" . _('Only customer special prices');
- echo "<option VALUE='Both customer special prices and non-customer special prices'>" . _('Both customer special prices and non-customer special prices');
- echo "<option VALUE='Selected customer special prices only'>" . $_SESSION['CustomerID'] . ' ' . _('customer special prices only');
+ echo "<option value='Only Non-customer special prices'>" . _('Only Non-customer special prices') . '</option>';
+ echo "<option value='Only customer special prices'>" . _('Only customer special prices') . '</option>';
+ echo "<option value='Both customer special prices and non-customer special prices'>" . _('Both customer special prices and non-customer special prices') . '</option>';
+ echo "<option value='Selected customer special prices only'>" . $_SESSION['CustomerID'] . ' ' . _('customer special prices only') . '</option>';
echo '</select></td></tr>';
if (!isset($_POST['IncreasePercent'])){
@@ -65,28 +63,28 @@
}
echo '<tr><td>' . _('Percentage Increase (positive) or decrease (negative)') . "</td>
- <td><input name='IncreasePercent' size=4 maxlength=4 VALUE=" . $_POST['IncreasePercent'] . "></td></tr></table>";
+ <td><input name='IncreasePercent' size=4 maxlength=4 value=" . $_POST['IncreasePercent'] . "></td></tr></table>";
-echo "<div class='centre'><p><input type=submit name='UpdatePrices' VALUE='" . _('Update Prices') . '\' onclick="return confirm(\'' . _('Are you sure you wish to update all the prices according to the criteria selected?') . '\');"></div>';
+echo "<div class='centre'><p><input type=submit name='UpdatePrices' value='" . _('Update Prices') . '\' onclick="return confirm(\'' . _('Are you sure you wish to update all the prices according to the criteria selected?') . '\');"></div>';
echo '</form>';
if (isset($_POST['UpdatePrices']) AND isset($_POST['StkCat'])){
- echo '<br>' . _('So we are using a price list/sales type of') .' : ' . $_POST['PriceList'];
- echo '<br>' . _('and a stock category code of') . ' : ' . $_POST['StkCat'];
- echo '<br>' . _('and a increase percent of') . ' : ' . $_POST['IncreasePercent'];
+ echo '<br />' . _('So we are using a price list/sales type of') .' : ' . $_POST['PriceList'];
+ echo '<br />' . _('and a stock category code of') . ' : ' . $_POST['StkCat'];
+ echo '<br />' . _('and a increase percent of') . ' : ' . $_POST['IncreasePercent'];
if ($_POST['PriceList']=='0'){
- echo '<br>' . _('The price list/sales type to be updated must be selected first');
+ echo '<br />' . _('The price list/sales type to be updated must be selected first');
include ('includes/footer.inc');
exit;
}
if (ABS($_POST['IncreasePercent']) < 0.5 OR ABS($_POST['IncreasePercent'])>40 OR !is_numeric($_POST['IncreasePercent'])){
- echo '<br>' . _('The increase or decrease to be applied is expected to be an integer between 1 and 40 it is not necessary to enter the').' '. '%'.' '. _('sign') . ' - ' . _('the amount is assumed to be a percentage');
+ echo '<br />' . _('The increase or decrease to be applied is expected to be an integer between 1 and 40 it is not necessary to enter the').' '. '%'.' '. _('sign') . ' - ' . _('the amount is assumed to be a percentage');
include ('includes/footer.inc');
exit;
}
@@ -102,7 +100,7 @@
if ($_POST['WhichPrices'] == 'Only Non-customer special prices'){
- $sql = 'UPDATE prices SET price=price*(1+' . $IncrementPercentage . ")
+ $sql = "UPDATE prices SET price=price*(1+" . $IncrementPercentage . ")
WHERE typeabbrev='" . $_POST['PriceList'] . "'
AND stockid='" . $myrow['stockid'] . "'
AND typeabbrev='" . $_POST['PriceList'] . "'
@@ -125,7 +123,7 @@
} else if ($_POST['WhichPrices'] == 'Selected customer special prices only'){
- $sql = 'UPDATE prices SET price=price*(1+' . $IncrementPercentage . ")
+ $sql = "UPDATE prices SET price=price*(1+" . $IncrementPercentage . ")
WHERE typeabbrev='" . $_POST['PriceList'] . "'
AND stockid='" . $myrow['stockid'] . "'
AND typeabbrev='" . $_POST['PriceList'] . "'
Modified: trunk/Z_ReApplyCostToSA.php
===================================================================
--- trunk/Z_ReApplyCostToSA.php 2011-04-08 23:37:01 UTC (rev 4542)
+++ trunk/Z_ReApplyCostToSA.php 2011-04-09 06:12:05 UTC (rev 4543)
@@ -2,8 +2,6 @@
/* $Id$*/
-//$PageSecurity=15;
-
include('includes/session.inc');
$title=_('Apply Current Cost to Sales Analysis');
include('includes/header.inc');
@@ -13,33 +11,33 @@
echo "<form method='POST' action='" . $_SERVER['PHP_SELF'] . '?' . SID . "'>";
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
-$SQL = 'SELECT MonthName(lastdate_in_period) AS mnth,
+$SQL = "SELECT MonthName(lastdate_in_period) AS mnth,
YEAR(lastdate_in_period) AS yr,
periodno
- FROM periods';
-echo '<p><div class="centre">' . _('Select the Period to update the costs for') . ":<select name='PeriodNo'>";
+ FROM periods";
+echo '<p><div class="centre">' . _('Select the Period to update the costs for') . ':<select name="PeriodNo">';
$result = DB_query($SQL,$db);
-echo '<option selected VALUE=0>' . _('No Period Selected');
+echo '<option selected value=0>' . _('No Period Selected') . '</option>';
while ($PeriodInfo=DB_fetch_array($result)){
- echo '<option VALUE=' . $PeriodInfo['periodno'] . '>' . $PeriodInfo['mnth'] . ' ' . $PeriodInfo['Yr'];
+ echo '<option value=' . $PeriodInfo['periodno'] . '>' . $PeriodInfo['mnth'] . ' ' . $PeriodInfo['Yr'] . '</option>';
}
echo '</select>';
-echo "<p><input type=submit name='UpdateSalesAnalysis' VALUE='" . _('Update Sales Analysis Costs') ."'></div>";
+echo '<p><input type=submit name="UpdateSalesAnalysis" value="' . _('Update Sales Analysis Costs') .'"></div>';
echo '</form>';
if (isset($_POST['UpdateSalesAnalysis']) AND $_POST['PeriodNo']!=0){
- $sql = 'SELECT stockmaster.stockid,
+ $sql = "SELECT stockmaster.stockid,
materialcost+overheadcost+labourcost AS standardcost,
stockmaster.mbflag
FROM salesanalysis INNER JOIN stockmaster
ON salesanalysis.stockid=stockmaster.stockid
- WHERE periodno=' . $_POST['PeriodNo'] . "
+ WHERE periodno='" . $_POST['PeriodNo'] . "'
AND stockmaster.mbflag<>'D'
GROUP BY stockmaster.stockid,
stockmaster.materialcost,
Modified: trunk/Z_RePostGLFromPeriod.php
===================================================================
--- trunk/Z_RePostGLFromPeriod.php 2011-04-08 23:37:01 UTC (rev 4542)
+++ trunk/Z_RePostGLFromPeriod.php 2011-04-09 06:12:05 UTC (rev 4543)
@@ -2,13 +2,11 @@
/* $Id$*/
-//$PageSecurity=15;
-
include ('includes/session.inc');
$title = _('Recalculation of GL Balances in Chart Details Table');
include('includes/header.inc');
-echo '<form method="POST" action="' . $_SERVER['PHP_SELF'] . '?' . SID . '">';
+echo '<form method="POST" action="' . $_SERVER['PHP_SELF'] . '">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
if (!isset($_POST['FromPeriod'])){
@@ -16,39 +14,37 @@
/*Show a form to allow input of criteria for TB to show */
echo '<table>
<tr>
- <td>' . _('Select Period From') . ":</td>
- <td><select Name='FromPeriod'>";
+ <td>' . _('Select Period From') . ':</td>
+ <td><select Name="FromPeriod">';
- $sql = 'SELECT periodno,
+ $sql = "SELECT periodno,
lastdate_in_period
- FROM periods ORDER BY periodno';
+ FROM periods ORDER BY periodno";
$Periods = DB_query($sql,$db);
while ($myrow=DB_fetch_array($Periods,$db)){
- echo '<option VALUE=' . $myrow['periodno'] . '>' . MonthAndYearFromSQLDate($myrow['lastdate_in_period']);
+ echo '<option VALUE=' . $myrow['periodno'] . '>' . MonthAndYearFromSQLDate($myrow['lastdate_in_period']) . '</option>';
}
echo '</select></td>
</tr>
</table>';
- echo "<div class='centre'><input type=submit Name='recalc' Value='" . _('Do the Recalculation') . "'
- onclick=\"return confirm('" . _('Are you sure you wish to re-post all general ledger transactions since the selected period
- .... this can take some time?') . '\');"></div></form>';
+ echo "<div class='centre'><input type=submit Name='recalc' value='" . _('Do the Recalculation') . "' onclick=\"return confirm('" . _('Are you sure you wish to re-post all general ledger transactions since the selected period this can take some time?') . '\');"></div></form>';
} else { /*OK do the updates */
/* Make the posted flag on all GL entries including and after the period selected = 0 */
- $sql = 'UPDATE gltrans SET posted=0 WHERE periodno >='. $_POST['FromPeriod'];
+ $sql = "UPDATE gltrans SET posted=0 WHERE periodno >='" . $_POST['FromPeriod'] . "'";
$UpdGLTransPostedFlag = DB_query($sql,$db);
/* Now make all the actuals 0 for all periods including and after the period from */
- $sql = 'UPDATE chartdetails SET actual =0 WHERE period >= ' . $_POST['FromPeriod'];
+ $sql = "UPDATE chartdetails SET actual =0 WHERE period >= '" . $_POST['FromPeriod'] . "'";
$UpdActualChartDetails = DB_query($sql,$db);
- $ChartDetailBFwdResult = DB_query('SELECT accountcode, bfwd FROM chartdetails WHERE period=' . $_POST['FromPeriod'],$db);
+ $ChartDetailBFwdResult = DB_query("SELECT accountcode, bfwd FROM chartdetails WHERE period='" . $_POST['FromPeriod'] . "'",$db);
while ($ChartRow=DB_fetch_array($ChartDetailBFwdResult)){
- $sql = 'UPDATE chartdetails SET bfwd =' . $ChartRow['bfwd'] . ' WHERE period > ' . $_POST['FromPeriod'] . ' AND accountcode=' . $ChartRow['accountcode'];
+ $sql = "UPDATE chartdetails SET bfwd ='" . $ChartRow['bfwd'] . "' WHERE period > '" . $_POST['FromPeriod'] . "' AND accountcode='" . $ChartRow['accountcode'] . "'";
$UpdActualChartDetails = DB_query($sql,$db);
}
Modified: trunk/Z_ReverseSuppPaymentRun.php
===================================================================
--- trunk/Z_ReverseSuppPaymentRun.php 2011-04-08 23:37:01 UTC (rev 4542)
+++ trunk/Z_ReverseSuppPaymentRun.php 2011-04-09 06:12:05 UTC (rev 4543)
@@ -4,7 +4,7 @@
/* Script to delete all supplier payments entered or created from a payment run on a specified day
*/
-//$PageSecurity=15;
+
include ('includes/session.inc');
$title = _('Reverse and Delete Supplier Payments');
include('includes/header.inc');
@@ -83,10 +83,10 @@
}
-echo "<form method=post action='" . $_SERVER['PHP_SELF'] . '?' . SID . "'>";
- echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
+echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
+echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
echo '<br>' . _('Enter the date of the payment run') . ": <input type=text name='PaytDate' maxlength=11 size=11 value='" . $_POST['PaytDate'] . "'>";
-echo "<input type=submit name='RevPayts' value='" . _('Reverse Supplier Payments on the Date Entered') . "'>";
+echo '<input type="submit" name="RevPayts" value="' . _('Reverse Supplier Payments on the Date Entered') . '">';
echo '</form>';
include('includes/footer.inc');
Modified: trunk/Z_SalesIntegrityCheck...
[truncated message content] |
