[Web-erp-svn] SF.net SVN: web-erp:[4628] trunk

[<dai...@us...>]

Revision: 4628
          http://web-erp.svn.sourceforge.net/web-erp/?rev=4628&view=rev
Author:   daintree
Date:     2011-07-08 10:43:09 +0000 (Fri, 08 Jul 2011)

Log Message:
-----------
various

Modified Paths:
--------------
    trunk/Currencies.php
    trunk/Z_ChangeBranchCode.php
    trunk/Z_ImportStocks.php
    trunk/doc/Change.log

Modified: trunk/Currencies.php
===================================================================
--- trunk/Currencies.php	2011-07-08 10:30:40 UTC (rev 4627)
+++ trunk/Currencies.php	2011-07-08 10:43:09 UTC (rev 4628)
@@ -100,7 +100,7 @@
 		$InputError = 1;
 		prnMsg(_('The functional currency cannot be modified or deleted'),'error');
 	}
-	if (mb_strstr($_POST['Abbreviation'],"'") OR mb_strstr($_POST['Abbreviation'],'+') OR mb_strstr($_POST['Abbreviation'],"\"") OR mb_strstr($_POST['Abbreviation'],'&') OR mb_strstr($_POST['Abbreviation'],' ') OR mb_strstr($_POST['Abbreviation'],"\\") OR mb_strstr($_POST['Abbreviation'],'.') OR mb_strstr($_POST['Abbreviation'],'"')) {
+	if (ContainsIllegalCharacters($_POST['Abbreviation'])) {
 		$InputError = 1;
 		prnMsg( _('The currency code cannot contain any of the following characters') . " . - ' & + \" " . _('or a space'),'error');
 		$Errors[$i] = 'Abbreviation';

Modified: trunk/Z_ChangeBranchCode.php
===================================================================
--- trunk/Z_ChangeBranchCode.php	2011-07-08 10:30:40 UTC (rev 4627)
+++ trunk/Z_ChangeBranchCode.php	2011-07-08 10:43:09 UTC (rev 4628)
@@ -1,8 +1,6 @@
 <?php
 /* $Id$*/
-/*Script to Delete all sales transactions*/
 
-//$PageSecurity=15;
 include ('includes/session.inc');
 $title = _('UTILITY PAGE To Changes A Customer Branch Code In All Tables');
 include('includes/header.inc');
@@ -11,29 +9,28 @@
 
 /*First check the customer code exists */
 	$result=DB_query("SELECT debtorno,
-													branchcode
-												FROM custbranch
-												WHERE debtorno='" . $_POST['DebtorNo'] . "'
-												AND branchcode='" . $_POST['OldBranchCode'] . "'",$db);
+							branchcode
+						FROM custbranch
+						WHERE debtorno='" . $_POST['DebtorNo'] . "'
+						AND branchcode='" . $_POST['OldBranchCode'] . "'",$db);
 	if (DB_num_rows($result)==0){
 		prnMsg (_('The customer branch code') . ': ' . $_POST['DebtorNo'] . ' - ' . $_POST['OldBranchCode'] . ' ' . _('does not currently exist as a customer branch code in the system'),'error');
 		include('includes/footer.inc');
 		exit;
 	}
 
-	if ($_POST['NewBranchCode']==""){
+	if ($_POST['NewBranchCode']==''){
 		prnMsg(_('The new customer branch code to change the old code to must be entered as well'),'error');
 		include('includes/footer.inc');
 		exit;
 	}
-	if (mb_strstr($_POST['NewBranchCode'],".")>0 OR  mb_strstr($_POST['NewBranchCode'],"&") OR mb_strstr($_POST['NewBranchCode'],"-") OR mb_strstr($_POST['NewBranchCode']," ")){
+	if (ContainsIllegalCharacters($_POST['NewBranchCode']) OR mb_strstr($_POST['NewBranchCode'],' ')){
 		prnMsg(_('The new customer branch code cannot contain') . ' - & . ' . _('or a space'),'error');
 		include('includes/footer.inc');
 		exit;
 	}
 
 
-
 /*Now check that the new code doesn't already exist */
 	$result=DB_query("SELECT debtorno FROM custbranch WHERE debtorno='" . $_POST['DebtorNo'] . "' AND branchcode ='" . $_POST['NewBranchCode'] . "'",$db);
 	if (DB_num_rows($result)!=0){

Modified: trunk/Z_ImportStocks.php
===================================================================
--- trunk/Z_ImportStocks.php	2011-07-08 10:30:40 UTC (rev 4627)
+++ trunk/Z_ImportStocks.php	2011-07-08 10:43:09 UTC (rev 4628)
@@ -1,8 +1,6 @@
 <?php
 /* $Id$*/
-/* Script to make stock locations for all parts that do not have stock location records set up*/
 
-//$PageSecurity = 15;
 include('includes/session.inc');
 $title = _('Import Items');
 include('includes/header.inc');
@@ -120,7 +118,7 @@
 			$InputError = 1;
 			prnMsg (_('The Stock Item code cannot be empty'),'error');
 		}
-		if (mb_strstr($StockID,' ') OR mb_strstr($StockID,"'") OR mb_strstr($StockID,'+') OR mb_strstr($StockID,"\\") OR mb_strstr($StockID,"\"") OR mb_strstr($StockID,'&') OR mb_strstr($StockID,'"')) {
+		if (ContainsIllegalCharacters($StockID) OR mb_strstr($StockID,' ')) {
 			$InputError = 1;
 			prnMsg(_('The stock item code cannot contain any of the following characters') . " ' & + \" \\ " . _('or a space'). " (". $StockID. ")",'error');
 			$StockID='';

Modified: trunk/doc/Change.log
===================================================================
--- trunk/doc/Change.log	2011-07-08 10:30:40 UTC (rev 4627)
+++ trunk/doc/Change.log	2011-07-08 10:43:09 UTC (rev 4628)
@@ -1,5 +1,6 @@
 webERP Change Log
 
+8/7/11 Phil: Remove duplication of checking for illegal characters - use the same function in MiscFunctions.php ContainsIllegalCharacters in Currencies and the utility scripts
 8/7/11 Phil: Change all strstr occurrences to use multi-byte function mb_strstr
 8/7/11 Phil: Trap codes with decimal point "." in them in the IllegalCharacters function
 8/7/11 Phil: Fix discount matrix calculations on order entry and amendment


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.