Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[4686] trunk
|
From: <dai...@us...> - 2011-09-12 08:03:30
|
Revision: 4686
http://web-erp.svn.sourceforge.net/web-erp/?rev=4686&view=rev
Author: daintree
Date: 2011-09-12 08:03:20 +0000 (Mon, 12 Sep 2011)
Log Message:
-----------
number_formatting
Modified Paths:
--------------
trunk/PDFBankingSummary.php
trunk/PDFChequeListing.php
trunk/PDFCustTransListing.php
trunk/PDFCustomerList.php
trunk/PDFDIFOT.php
trunk/PcAuthorizeExpenses.php
trunk/PcClaimExpensesFromTab.php
trunk/PcExpenses.php
trunk/PcExpensesTypeTab.php
trunk/PcReportTab.php
trunk/PcTabs.php
trunk/StockLocTransferReceive.php
trunk/doc/Change.log
trunk/includes/LanguageSetup.php
trunk/includes/MiscFunctions.php
trunk/locale/cs_CZ.utf8/LC_MESSAGES/messages.mo
trunk/locale/cs_CZ.utf8/LC_MESSAGES/messages.po
trunk/locale/de_DE.utf8/LC_MESSAGES/messages.mo
trunk/locale/de_DE.utf8/LC_MESSAGES/messages.po
trunk/locale/el_GR.utf8/LC_MESSAGES/messages.mo
trunk/locale/el_GR.utf8/LC_MESSAGES/messages.po
trunk/locale/en_GB.utf8/LC_MESSAGES/messages.pot
trunk/locale/en_US.utf8/LC_MESSAGES/messages.mo
trunk/locale/en_US.utf8/LC_MESSAGES/messages.po
trunk/locale/es_ES.utf8/LC_MESSAGES/messages.mo
trunk/locale/es_ES.utf8/LC_MESSAGES/messages.po
trunk/locale/et_EE.utf8/LC_MESSAGES/messages.mo
trunk/locale/et_EE.utf8/LC_MESSAGES/messages.po
trunk/locale/fa_IR.utf8/LC_MESSAGES/messages.mo
trunk/locale/fa_IR.utf8/LC_MESSAGES/messages.po
trunk/locale/fr_FR.utf8/LC_MESSAGES/messages.mo
trunk/locale/fr_FR.utf8/LC_MESSAGES/messages.po
trunk/locale/hi_IN.utf8/LC_MESSAGES/messages.mo
trunk/locale/hi_IN.utf8/LC_MESSAGES/messages.po
trunk/locale/hr_HR.utf8/LC_MESSAGES/messages.mo
trunk/locale/hr_HR.utf8/LC_MESSAGES/messages.po
trunk/locale/hu_HU.utf8/LC_MESSAGES/messages.mo
trunk/locale/hu_HU.utf8/LC_MESSAGES/messages.po
trunk/locale/id_ID.utf8/LC_MESSAGES/messages.mo
trunk/locale/id_ID.utf8/LC_MESSAGES/messages.po
trunk/locale/it_IT.utf8/LC_MESSAGES/messages.mo
trunk/locale/it_IT.utf8/LC_MESSAGES/messages.po
trunk/locale/ja_JP.utf8/LC_MESSAGES/messages.mo
trunk/locale/ja_JP.utf8/LC_MESSAGES/messages.po
trunk/locale/lv_LV.utf8/LC_MESSAGES/messages.mo
trunk/locale/lv_LV.utf8/LC_MESSAGES/messages.po
trunk/locale/nl_NL.utf8/LC_MESSAGES/messages.mo
trunk/locale/nl_NL.utf8/LC_MESSAGES/messages.po
trunk/locale/pl_PL.utf8/LC_MESSAGES/messages.mo
trunk/locale/pl_PL.utf8/LC_MESSAGES/messages.po
trunk/locale/pt_BR.utf8/LC_MESSAGES/messages.mo
trunk/locale/pt_BR.utf8/LC_MESSAGES/messages.po
trunk/locale/pt_PT.utf8/LC_MESSAGES/messages.mo
trunk/locale/pt_PT.utf8/LC_MESSAGES/messages.po
trunk/locale/ro_RO.utf8/LC_MESSAGES/messages.mo
trunk/locale/ro_RO.utf8/LC_MESSAGES/messages.po
trunk/locale/ru_RU.utf8/LC_MESSAGES/messages.mo
trunk/locale/ru_RU.utf8/LC_MESSAGES/messages.po
trunk/locale/sq_AL.utf8/LC_MESSAGES/messages.mo
trunk/locale/sq_AL.utf8/LC_MESSAGES/messages.po
trunk/locale/sv_SE.utf8/LC_MESSAGES/messages.mo
trunk/locale/sv_SE.utf8/LC_MESSAGES/messages.po
trunk/locale/sw_KE.utf8/LC_MESSAGES/messages.mo
trunk/locale/sw_KE.utf8/LC_MESSAGES/messages.po
trunk/locale/tr_TR.utf8/LC_MESSAGES/messages.mo
trunk/locale/tr_TR.utf8/LC_MESSAGES/messages.po
trunk/locale/vi_VN.utf8/LC_MESSAGES/messages.mo
trunk/locale/vi_VN.utf8/LC_MESSAGES/messages.po
trunk/locale/zh_CN.utf8/LC_MESSAGES/messages.mo
trunk/locale/zh_CN.utf8/LC_MESSAGES/messages.po
trunk/locale/zh_HK.utf8/LC_MESSAGES/messages.mo
trunk/locale/zh_HK.utf8/LC_MESSAGES/messages.po
trunk/sql/mysql/weberp-demo.sql
trunk/sql/mysql/weberp-new.sql
Modified: trunk/PDFBankingSummary.php
===================================================================
--- trunk/PDFBankingSummary.php 2011-09-11 04:06:48 UTC (rev 4685)
+++ trunk/PDFBankingSummary.php 2011-09-12 08:03:20 UTC (rev 4686)
@@ -48,11 +48,13 @@
bankact,
banktrans.exrate,
banktrans.functionalexrate,
- banktrans.currcode
- FROM bankaccounts,
- banktrans
- WHERE bankaccounts.accountcode=banktrans.bankact
- AND banktrans.transno='" . $_POST['BatchNo'] . "'
+ banktrans.currcode,
+ currencies.decimalplaces AS currdecimalplaces
+ FROM bankaccounts INNER JOIN banktrans
+ ON bankaccounts.accountcode=banktrans.bankact
+ INNER JOIN currencies
+ ON bankaccounts.currcode=currencies.currabrev
+ WHERE banktrans.transno='" . $_POST['BatchNo'] . "'
AND banktrans.type=12";
$ErrMsg = _('An error occurred getting the header information about the receipt batch number') . ' ' . $_POST['BatchNo'];
@@ -76,8 +78,8 @@
$BankActName = $myrow['bankaccountname'];
$BankActNumber = $myrow['bankaccountnumber'];
$BankingReference = $myrow['ref'];
-
-
+ $BankCurrDecimalPlaces = $myrow['currdecimalplaces'];
+
$SQL = "SELECT debtorsmaster.name,
ovamount,
invtext,
@@ -117,30 +119,30 @@
include('includes/footer.inc');
exit;
}
-
-
+
+
include('includes/PDFStarter.php');
-
+
/*PDFStarter.php has all the variables for page size and width set up depending on the users default preferences for paper size */
-
+
$pdf->addInfo('Title',_('Banking Summary'));
$pdf->addInfo('Subject',_('Banking Summary Number') . ' ' . $_POST['BatchNo']);
$line_height=12;
$PageNumber = 0;
$TotalBanked = 0;
-
+
include ('includes/PDFBankingSummaryPageHeader.inc');
-
+
while ($myrow=DB_fetch_array($CustRecs)){
-
- $LeftOvers = $pdf->addTextWrap($Left_Margin,$YPos,60,$FontSize,locale_number_format(-$myrow['ovamount'],2), 'right');
+
+ $LeftOvers = $pdf->addTextWrap($Left_Margin,$YPos,60,$FontSize,locale_money_format(-$myrow['ovamount'],$BankCurrDecimalPlaces), 'right');
$LeftOvers = $pdf->addTextWrap($Left_Margin+65,$YPos,150,$FontSize,$myrow['name'], 'left');
$LeftOvers = $pdf->addTextWrap($Left_Margin+215,$YPos,100,$FontSize,$myrow['invtext'], 'left');
$LeftOvers = $pdf->addTextWrap($Left_Margin+315,$YPos,100,$FontSize,$myrow['reference'], 'left');
-
+
$YPos -= ($line_height);
$TotalBanked -= $myrow['ovamount'];
-
+
if ($YPos - (2 *$line_height) < $Bottom_Margin){
/*Then set up a new page */
include ('includes/PDFBankingSummaryPageHeader.inc');
@@ -150,24 +152,24 @@
/* Right now print out the GL receipt entries in the batch */
while ($myrow=DB_fetch_array($GLRecs)){
- $LeftOvers = $pdf->addTextWrap($Left_Margin,$YPos,60,$FontSize,locale_number_format((-$myrow['amount']*$ExRate*$FunctionalExRate),2), 'right');
+ $LeftOvers = $pdf->addTextWrap($Left_Margin,$YPos,60,$FontSize,locale_money_format((-$myrow['amount']*$ExRate*$FunctionalExRate),$BankCurrDecimalPlaces), 'right');
$LeftOvers = $pdf->addTextWrap($Left_Margin+65,$YPos,300,$FontSize,$myrow['narrative'], 'left');
$YPos -= ($line_height);
$TotalBanked += (-$myrow['amount']*$ExRate);
-
+
if ($YPos - (2 *$line_height) < $Bottom_Margin){
/*Then set up a new page */
include ('includes/PDFBankingSummaryPageHeader.inc');
} /*end of new page header */
} /* end of while there are GL receipts in the batch to print */
-
-
+
+
$YPos-=$line_height;
$LeftOvers = $pdf->addTextWrap($Left_Margin,$YPos,60,$FontSize,locale_number_format($TotalBanked,2), 'right');
$LeftOvers = $pdf->addTextWrap($Left_Margin+65,$YPos,300,$FontSize,_('TOTAL') . ' ' . $Currency . ' ' . _('BANKED'), 'left');
-
+
$pdf->OutputD($_SESSION['DatabaseName'] . '_BankingSummary_' . date('Y-m-d').'.pdf');
- $pdf->__destruct();
+ $pdf->__destruct();
}
?>
\ No newline at end of file
Modified: trunk/PDFChequeListing.php
===================================================================
--- trunk/PDFChequeListing.php 2011-09-11 04:06:48 UTC (rev 4685)
+++ trunk/PDFChequeListing.php 2011-09-12 08:03:20 UTC (rev 4686)
@@ -31,7 +31,7 @@
}
echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
-
+
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
echo '<table class=selection>
<tr>
@@ -50,7 +50,7 @@
echo '<select name="BankAccount">';
while ($myrow=DB_fetch_array($result)){
- echo '<option VALUE=' . $myrow['accountcode'] . '>' . $myrow['bankaccountname'] . '</option>';
+ echo '<option value="' . $myrow['accountcode'] . '">' . $myrow['bankaccountname'] . '</option>';
}
@@ -72,12 +72,15 @@
include('includes/ConnectDB.inc');
}
-$SQL = "SELECT bankaccountname
- FROM bankaccounts
+$SQL = "SELECT bankaccountname,
+ decimalplaces AS bankcurrdecimalplaces
+ FROM bankaccounts INNER JOIN currencies
+ ON bankaccounts.currcode=currencies.currabrev
WHERE accountcode = '" .$_POST['BankAccount'] . "'";
$BankActResult = DB_query($SQL,$db);
$myrow = DB_fetch_row($BankActResult);
$BankAccountName = $myrow[0];
+$BankCurrDecimalPlaces = $myrow[1];
$SQL= "SELECT amount,
ref,
@@ -123,7 +126,7 @@
while ($myrow=DB_fetch_array($Result)){
- $LeftOvers = $pdf->addTextWrap($Left_Margin,$YPos,60,$FontSize,locale_number_format(-$myrow['amount'],2), 'right');
+ $LeftOvers = $pdf->addTextWrap($Left_Margin,$YPos,60,$FontSize,locale_money_format(-$myrow['amount'],$BankCurrDecimalPlaces), 'right');
$LeftOvers = $pdf->addTextWrap($Left_Margin+65,$YPos,90,$FontSize,$myrow['ref'], 'left');
$sql = "SELECT accountname,
@@ -148,7 +151,7 @@
}
while ($GLRow=DB_fetch_array($GLTransResult)){
$LeftOvers = $pdf->addTextWrap($Left_Margin+150,$YPos,90,$FontSize,$GLRow['accountname'], 'left');
- $LeftOvers = $pdf->addTextWrap($Left_Margin+245,$YPos,60,$FontSize,locale_number_format($GLRow['amount'],2), 'right');
+ $LeftOvers = $pdf->addTextWrap($Left_Margin+245,$YPos,60,$FontSize,locale_money_format($GLRow['amount'],$_SESSION['CompanyRecord']['decimalplaces']), 'right');
$LeftOvers = $pdf->addTextWrap($Left_Margin+310,$YPos,120,$FontSize,$GLRow['narrative'], 'left');
$YPos -= ($line_height);
if ($YPos - (2 *$line_height) < $Bottom_Margin){
@@ -176,7 +179,7 @@
$ReportFileName = $_SESSION['DatabaseName'] . '_ChequeListing_' . date('Y-m-d').'.pdf';
$pdf->OutputD($ReportFileName);
-$pdf->__destruct();
+$pdf->__destruct();
if ($_POST['Email']=='Yes'){
if (file_exists($_SESSION['reports_dir'] . '/'.$ReportFileName)){
unlink($_SESSION['reports_dir'] . '/'.$ReportFileName);
Modified: trunk/PDFCustTransListing.php
===================================================================
--- trunk/PDFCustTransListing.php 2011-09-11 04:06:48 UTC (rev 4685)
+++ trunk/PDFCustTransListing.php 2011-09-12 08:03:20 UTC (rev 4686)
@@ -26,7 +26,7 @@
echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
- echo '<table class=selection>
+ echo '<table class="selection">
<tr>
<td>' . _('Enter the date for which the transactions are to be listed') . ':</td>
<td><input type="text" name="Date" maxlength="10" size="10" class=date alt="' . $_SESSION['DefaultDateFormat'] . '" value="' . Date($_SESSION['DefaultDateFormat']) . '"></td>
@@ -62,10 +62,10 @@
invtext,
debtortrans.rate,
decimalplaces
- FROM debtortrans INNER JOIN debtorsmaster
- ON debtortrans.debtorno=debtorsmaster.debtorno
- INNER JOIN currencies
- ON debtorsmaster.currcode=currencies.currabrev
+ FROM debtortrans INNER JOIN debtorsmaster
+ ON debtortrans.debtorno=debtorsmaster.debtorno
+ INNER JOIN currencies
+ ON debtorsmaster.currcode=currencies.currabrev
WHERE type='" . $_POST['TransType'] . "'
AND date_format(inputdate, '%Y-%m-%d')='".FormatDateForSQL($_POST['Date'])."'";
@@ -104,15 +104,15 @@
while ($myrow=DB_fetch_array($result)){
$sql="SELECT name FROM debtorsmaster WHERE debtorno='" . $myrow['debtorno'] . "'";
- $supplierresult=DB_query($sql, $db);
- $supplierrow=DB_fetch_array($supplierresult);
+ $CustomerResult=DB_query($sql, $db);
+ $CustomerRow=DB_fetch_array($CustomerResult);
- $LeftOvers = $pdf->addTextWrap($Left_Margin,$YPos,160,$FontSize,$supplierrow['name'], 'left');
+ $LeftOvers = $pdf->addTextWrap($Left_Margin,$YPos,160,$FontSize,$CustomerRow['name'], 'left');
$LeftOvers = $pdf->addTextWrap($Left_Margin+162,$YPos,80,$FontSize,$myrow['transno'], 'left');
$LeftOvers = $pdf->addTextWrap($Left_Margin+242,$YPos,70,$FontSize,ConvertSQLDate($myrow['trandate']), 'left');
- $LeftOvers = $pdf->addTextWrap($Left_Margin+312,$YPos,70,$FontSize,locale_number_format($myrow['ovamount'],$myrow['decimalplaces']), 'right');
- $LeftOvers = $pdf->addTextWrap($Left_Margin+382,$YPos,70,$FontSize,locale_number_format($myrow['ovgst'],$myrow['decimalplaces']), 'right');
- $LeftOvers = $pdf->addTextWrap($Left_Margin+452,$YPos,70,$FontSize,locale_number_format($myrow['ovamount']+$myrow['ovgst'],$myrow['decimalplaces']), 'right');
+ $LeftOvers = $pdf->addTextWrap($Left_Margin+312,$YPos,70,$FontSize,locale_money_format($myrow['ovamount'],$myrow['decimalplaces']), 'right');
+ $LeftOvers = $pdf->addTextWrap($Left_Margin+382,$YPos,70,$FontSize,locale_money_format($myrow['ovgst'],$myrow['decimalplaces']), 'right');
+ $LeftOvers = $pdf->addTextWrap($Left_Margin+452,$YPos,70,$FontSize,locale_money_format($myrow['ovamount']+$myrow['ovgst'],$myrow['decimalplaces']), 'right');
$YPos -= ($line_height);
$TotalAmount = $TotalAmount + ($myrow['ovamount']/$myrow['rate']);
Modified: trunk/PDFCustomerList.php
===================================================================
--- trunk/PDFCustomerList.php 2011-09-11 04:06:48 UTC (rev 4685)
+++ trunk/PDFCustomerList.php 2011-09-12 08:03:20 UTC (rev 4686)
@@ -17,7 +17,7 @@
if (!is_numeric($_POST['ActivityAmount'])){
$title = _('Customer List') . ' - ' . _('Problem Report') . '....';
include('includes/header.inc');
- echo '<p>';
+ echo '<p />';
prnMsg( _('The activity amount is not numeric and you elected to print customer relative to a certain amount of activity') . ' - ' . _('this level of activity must be specified in the local currency') .'.', 'error');
include('includes/footer.inc');
exit;
@@ -230,7 +230,7 @@
$title = _('Customer List') . ' - ' . _('Problem Report') . '....';
include('includes/header.inc');
prnMsg( _('The customer List could not be retrieved by the SQL because') . ' - ' . DB_error_msg($db) );
- echo '<br /><a href="' .$rootpath .'/index.php?' . SID . '">'. _('Back to the menu'). '</a>';
+ echo '<br /><a href="' .$rootpath .'/index.php">'. _('Back to the menu'). '</a>';
if ($debug==1){
echo '<br />'. $SQL;
}
@@ -242,7 +242,7 @@
$title = _('Customer List') . ' - ' . _('Problem Report') . '....';
include('includes/header.inc');
prnMsg( _('This report has no output because there were no customers retrieved'), 'error' );
- echo '<br /><a href="' .$rootpath .'/index.php?' . SID . '">'. _('Back to the menu'). '</a>';
+ echo '<br /><a href="' .$rootpath .'/index.php">'. _('Back to the menu'). '</a>';
include('includes/footer.inc');
exit;
}
@@ -333,7 +333,7 @@
if ($_POST['Activity']!='All'){
$LeftOvers = $pdf->addTextWrap(230,$YPos-20,60,$FontSize,_('Turnover'),'right');
- $LeftOvers = $pdf->addTextWrap(230,$YPos-30,60,$FontSize,locale_number_format($LocalCurrencyTurnover), 'right');
+ $LeftOvers = $pdf->addTextWrap(230,$YPos-30,60,$FontSize,locale_money_format($LocalCurrencyTurnover,0), 'right');
}
$LeftOvers = $pdf->addTextWrap(290,$YPos,150,$FontSize,$Customers['brname']);
@@ -368,11 +368,11 @@
echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/customer.png" title="' .
$title . '" alt="" />' . ' ' . $title . '</p>';
- echo '<form action=' . $_SERVER['PHP_SELF'] . ' method="POST"><table class=selection>';
+ echo '<form action=' . $_SERVER['PHP_SELF'] . ' method="POST"><table class="selection">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
echo '<tr><td>' . _('For Sales Areas') . ':</td><td><select name=Areas[] multiple>';
- $sql='SELECT areacode, areadescription FROM areas';
+ $sql="SELECT areacode, areadescription FROM areas";
$AreasResult= DB_query($sql,$db);
echo '<option selected value="All">' . _('All Areas') . '</option>';
@@ -386,11 +386,11 @@
echo '<option selected value="All">'. _('All sales folk');
- $sql = 'SELECT salesmancode, salesmanname FROM salesman';
+ $sql = "SELECT salesmancode, salesmanname FROM salesman";
$SalesFolkResult = DB_query($sql,$db);
While ($myrow = DB_fetch_array($SalesFolkResult)){
- echo '<option VALUE="' . $myrow['salesmancode'] . '">' . $myrow['salesmanname'];
+ echo '<option value="' . $myrow['salesmancode'] . '">' . $myrow['salesmanname'] . '</option>';
}
echo '</select></td></tr>';
Modified: trunk/PDFDIFOT.php
===================================================================
--- trunk/PDFDIFOT.php 2011-09-11 04:06:48 UTC (rev 4685)
+++ trunk/PDFDIFOT.php 2011-09-12 08:03:20 UTC (rev 4686)
@@ -106,7 +106,7 @@
INNER JOIN salesorders ON salesorderdetails.orderno=salesorders.orderno
WHERE salesorders.deliverydate >='" . FormatDateForSQL($_POST['FromDate']) . "'
AND salesorders.deliverydate <='" . FormatDateForSQL($_POST['ToDate']) . "'
- AND (TO_DAYS(salesorderdetails.actualdispatchdate) - TO_DAYS(salesorders.deliverydate)) >'" . $_POST['DaysAcceptable']."'";
+ AND (TO_DAYS(salesorderdetails.actualdispatchdate) - TO_DAYS(salesorders.deliverydate)) >'" . filter_number_format($_POST['DaysAcceptable']) ."'";
} elseif ($_POST['CategoryID']!='All' AND $_POST['Location']=='All') {
$sql= "SELECT salesorders.orderno,
@@ -126,7 +126,7 @@
AND salesorders.deliverydate <='" . FormatDateForSQL($_POST['ToDate']) . "'
AND stockmaster.categoryid='" . $_POST['CategoryID'] ."'
AND (TO_DAYS(salesorderdetails.actualdispatchdate)
- - TO_DAYS(salesorders.deliverydate)) >'" . $_POST['DaysAcceptable']."'";
+ - TO_DAYS(salesorders.deliverydate)) >'" . filter_number_format($_POST['DaysAcceptable'])."'";
} elseif ($_POST['CategoryID']=='All' AND $_POST['Location']!='All') {
@@ -147,7 +147,7 @@
AND salesorders.deliverydate <='" . FormatDateForSQL($_POST['ToDate']) . "'
AND salesorders.fromstkloc='" . $_POST['Location'] . "'
AND (TO_DAYS(salesorderdetails.actualdispatchdate)
- - TO_DAYS(salesorders.deliverydate)) >'" . $_POST['DaysAcceptable'] . "'";
+ - TO_DAYS(salesorders.deliverydate)) >'" . filter_number_format($_POST['DaysAcceptable']) . "'";
} elseif ($_POST['CategoryID']!='All' AND $_POST['Location']!='All'){
@@ -169,7 +169,7 @@
AND stockmaster.categoryid='" . $_POST['CategoryID'] ."'
AND salesorders.fromstkloc='" . $_POST['Location'] . "'
AND (TO_DAYS(salesorderdetails.actualdispatchdate)
- - TO_DAYS(salesorders.deliverydate)) >'" . $_POST['DaysAcceptable'] . "'";
+ - TO_DAYS(salesorders.deliverydate)) >'" . filter_number_format($_POST['DaysAcceptable']) . "'";
}
Modified: trunk/PcAuthorizeExpenses.php
===================================================================
--- trunk/PcAuthorizeExpenses.php 2011-09-11 04:06:48 UTC (rev 4685)
+++ trunk/PcAuthorizeExpenses.php 2011-09-12 08:03:20 UTC (rev 4686)
@@ -19,9 +19,9 @@
}
if (isset($_POST['Days'])){
- $Days = $_POST['Days'];
+ $Days = filter_number_format($_POST['Days']);
} elseif (isset($_GET['Days'])){
- $Days = $_GET['Days'];
+ $Days = filter_number_format($_GET['Days']);
}
if (isset($_POST['Process'])) {
@@ -73,7 +73,8 @@
pctabs.glaccountpcash,
pctabs.usercode,
pctabs.currency,
- currencies.rate
+ currencies.rate,
+ currencies.decimalplaces
FROM pcashdetails, pctabs, currencies
WHERE pcashdetails.tabcode = pctabs.tabcode
AND pctabs.currency = currencies.currabrev
@@ -98,7 +99,7 @@
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
while ($myrow=DB_fetch_array($result)) {
-
+ $CurrDecimalPlaces = $myrow['decimalplaces'];
//update database if update pressed
if ((isset($_POST['Submit']) AND $_POST['Submit']=='Update') AND isset($_POST[$myrow['counterindex']])){
@@ -107,7 +108,7 @@
if ($myrow['rate'] == 1){ // functional currency
$Amount = $myrow['amount'];
}else{ // other currencies
- $Amount = $myrow['amount']/$myrow['rate'];
+ $Amount = filter_number_format($myrow['amount']/$myrow['rate']);
}
if ($myrow['codeexpense'] == 'ASSIGNCASH'){
@@ -158,7 +159,7 @@
0,
'',
0)";
-
+
$ResultFrom = DB_Query($sqlFrom, $db, '', '', true);
$sqlTo="INSERT INTO `gltrans` (`counterindex`,
@@ -185,7 +186,7 @@
0,
'',
0)";
-
+
$ResultTo = DB_Query($sqlTo, $db, '', '', true);
if ($myrow['codeexpense'] == 'ASSIGNCASH'){
@@ -240,7 +241,7 @@
}
echo'<td>'.ConvertSQLDate($myrow['date']).'</td>
<td>'.$myrow['codeexpense'].'</td>
- <td class="number">'.locale_number_format($myrow['amount'],2).'</td>
+ <td class="number">'.locale_money_format($myrow['amount'],$CurrDecimalPlaces).'</td>
<td>' . $Posted . '</td>
<td>' .$myrow['notes'] . '</td>
<td>' . $myrow['receipt'] . '</td>';
@@ -276,13 +277,13 @@
}
echo '<tr><td colspan=2 class="number">' . _('Current balance') . ':</td>
- <td class=number>'.locale_number_format($Amount['0'],2).'</td></tr>';
+ <td class=number>'.locale_money_format($Amount['0'],$CurrDecimalPlaces).'</td></tr>';
// Do the postings
include ('includes/GLPostings.inc');
echo'</table><br /><div class="centre"><input type="submit" name="Submit" value=' . _('Update') . '></div></form>';
-
+
} else { /*The option to submit was not hit so display form */
Modified: trunk/PcClaimExpensesFromTab.php
===================================================================
--- trunk/PcClaimExpensesFromTab.php 2011-09-11 04:06:48 UTC (rev 4685)
+++ trunk/PcClaimExpensesFromTab.php 2011-09-12 08:03:20 UTC (rev 4686)
@@ -20,9 +20,9 @@
}
if (isset($_POST['Days'])){
- $Days = $_POST['Days'];
+ $Days = filter_number_format($_POST['Days']);
} elseif (isset($_GET['Days'])){
- $Days = $_GET['Days'];
+ $Days = filter_number_format($_GET['Days']);
}
if (isset($_POST['Cancel'])) {
@@ -71,9 +71,9 @@
$sql = "UPDATE pcashdetails
SET date = '".FormatDateForSQL($_POST['Date'])."',
codeexpense = '" . $_POST['SelectedExpense'] . "',
- amount = '" .- $_POST['amount'] . "',
- notes = '" . $_POST['Notes'] . "',
- receipt = '" . $_POST['Receipt'] . "'
+ amount = '" .-filter_number_format($_POST['amount']) . "',
+ notes = '" . DB_escape_string($_POST['Notes']) . "',
+ receipt = '" . DB_escape_string($_POST['Receipt']) . "'
WHERE counterindex = '".$SelectedIndex."'";
$msg = _('The Expense Claim on Tab') . ' ' . $SelectedTabs . ' ' . _('has been updated');
@@ -95,11 +95,11 @@
VALUES ('','" . $_POST['SelectedTabs'] . "',
'".FormatDateForSQL($_POST['Date'])."',
'" . $_POST['SelectedExpense'] . "',
- '" .- $_POST['amount'] . "',
+ '" . -filter_number_format($_POST['amount']) . "',
'',
'',
- '" . $_POST['Notes'] . "',
- '" . $_POST['Receipt'] . "'
+ '" . DB_escape_string($_POST['Notes']) . "',
+ '" . DB_escape_string($_POST['Receipt']) . "'
)";
$msg = _('The Expense Claim on Tab') . ' ' . $_POST['SelectedTabs'] . ' ' . _('has been created');
@@ -181,8 +181,8 @@
echo '<br /><table class=selection>';
echo '<tr><th colspan="8"><font color="navy" size="3">' . _('Petty Cash Tab') . ' ' .$SelectedTabs. '</font></th></tr>';
echo '<tr><th colspan="8">' . _('Detail Of Movements For Last ') .': ';
-
+
if(!isset ($Days)){
$Days=30;
}
@@ -254,7 +254,7 @@
</tr>',
ConvertSQLDate($myrow['2']),
$Description['0'],
- locale_number_format($myrow['4'],2),
+ locale_money_format($myrow['4'],$_SESSION['CompanyRecord']['decimalplaces']),
$AuthorisedDate,
$myrow['7'],
$myrow['8'],
@@ -270,7 +270,7 @@
</tr>',
ConvertSQLDate($myrow['2']),
$Description['0'],
- locale_number_format($myrow['4'],2),
+ locale_money_format($myrow['4'],$_SESSION['CompanyRecord']['decimalplaces']),
$AuthorisedDate,
$myrow['7'],
$myrow['8']);
@@ -290,9 +290,9 @@
if (!isset($Amount['0'])) {
$Amount['0']=0;
}
-
+
echo '<tr><td colspan="2" style="text-align:right" >' . _('Current balance') . ':</td>
- <td class="number">'.locale_number_format($Amount['0'],2) . '</td></tr>';
+ <td class="number">'.locale_money_format($Amount['0'],$_SESSION['CompanyRecord']['decimalplaces']) . '</td></tr>';
echo '</table>';
@@ -302,7 +302,7 @@
echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
-
+
echo '<br /><table class="selection">'; //Main table
@@ -361,7 +361,7 @@
if (!isset($_POST['Amount'])) {
$_POST['Amount']=0;
}
-
+
echo '<tr><td>' . _('Amount') . ':</td>
<td><input type="text" class="number" name="amount" size="12" maxlength="11" value="' . $_POST['Amount'] . '"></td></tr>';
@@ -380,7 +380,7 @@
<td><input type="text" name="Receipt" size="50" maxlength="49" value="' . $_POST['Receipt'] . '"></td></tr>';
echo '<input type="hidden" name="SelectedTabs" value="' . $SelectedTabs . '">';
echo '<input type="hidden" name="Days" value="' .$Days. '">';
-
+
echo '</td></tr></table>'; // close main table
echo '<p><div class="centre"><input type="submit" name="submit" value="' . _('Accept') . '"><input type=submit name="Cancel" value="' . _('Cancel') . '"></div>';
echo '</form>';
Modified: trunk/PcExpenses.php
===================================================================
--- trunk/PcExpenses.php 2011-09-11 04:06:48 UTC (rev 4685)
+++ trunk/PcExpenses.php 2011-09-12 08:03:20 UTC (rev 4686)
@@ -86,7 +86,7 @@
if (isset($SelectedExpense) AND $InputError !=1) {
$sql = "UPDATE pcexpenses
- SET description = '" . $_POST['Description'] . "',
+ SET description = '" . DB_escape_string($_POST['Description']) . "',
glaccount = '" . $_POST['GLAccount'] . "'
WHERE codeexpense = '" . $SelectedExpense . "'";
@@ -113,7 +113,7 @@
(codeexpense,
description,glaccount)
VALUES ('" . $_POST['CodeExpense'] . "',
- '" . $_POST['Description'] . "',
+ '" . DB_escape_string($_POST['Description']) . "',
'" . $_POST['GLAccount'] . "')";
$msg = _('Expense ') . ' ' . $_POST['CodeExpense'] . ' ' . _('has been created');
@@ -154,7 +154,7 @@
} else {
$sql="DELETE FROM pcexpenses
- WHERE codeexpense='" . $SelectedExpense . "'";
+ WHERE codeexpense='" . $SelectedExpense . "'";
$ErrMsg = _('The expense type record could not be deleted because');
$result = DB_query($sql,$db,$ErrMsg);
prnMsg(_('Expense type') . ' ' . $SelectedExpense . ' ' . _('has been deleted') ,'success');
@@ -203,7 +203,7 @@
printf('<td>%s</td>
<td>%s</td>
- <td class=number>%s</td>
+ <td class="number">%s</td>
<td>%s</td>
<td><a href="%sSelectedExpense=%s">' . _('Edit') . '</td>
<td><a href="%sSelectedExpense=%s&delete=yes" onclick="return confirm(\'' . _('Are you sure you wish to delete this expense code and all the details it may have set up?') . '\');">' . _('Delete') . '</td>
@@ -249,7 +249,7 @@
echo '<input type=hidden name="SelectedExpense" value="' . $SelectedExpense . '">';
echo '<input type=hidden name="CodeExpense" VALUE="' . $_POST['CodeExpense']. '">';
// We dont allow the user to change an existing type code
- echo '<table class="selection">
+ echo '<table class="selection">
<tr>
<td>' . _('Code Of Expense') . ':</td>
<td>' . $_POST['CodeExpense'] . '</td></tr>';
@@ -285,9 +285,9 @@
echo '<option value="">' . _('Not Yet Selected') . '</option>';
while ($myrow = DB_fetch_array($result)) {
if (isset($_POST['GLAccount']) and $myrow['accountcode']==$_POST['GLAccount']) {
- echo '<option selected VALUE="';
+ echo '<option selected value="';
} else {
- echo '<option VALUE="';
+ echo '<option value="';
}
echo $myrow['accountcode'] . '">' . $myrow['accountcode'] . ' - ' . $myrow['accountname'] . '</option>';
@@ -297,7 +297,8 @@
echo '</td></tr></table>'; // close main table
- echo '<p><div class="centre"><input type="submit" name=submit VALUE="' . _('Accept') . '"><input type=submit name=Cancel VALUE="' . _('Cancel') . '"></div>';
+ echo '<p><div class="centre"><input type="submit" name="submit" value="' . _('Accept') . '">
+ <input type="submit" name="Cancel" value="' . _('Cancel') . '"></div>';
echo '</form>';
Modified: trunk/PcExpensesTypeTab.php
===================================================================
--- trunk/PcExpensesTypeTab.php 2011-09-11 04:06:48 UTC (rev 4685)
+++ trunk/PcExpensesTypeTab.php 2011-09-12 08:03:20 UTC (rev 4686)
@@ -20,7 +20,7 @@
if (!isset($_GET['delete']) and (ContainsIllegalCharacters($SelectedType) OR mb_strpos($SelectedType,' ')>0)){
$InputError = 1;
prnMsg(_('The petty cash tab type contain any of the following characters " \' - & or a space'),'error');
-}
+}
if (isset($_POST['SelectedTab'])){
$SelectedTab = mb_strtoupper($_POST['SelectedTab']);
@@ -46,7 +46,7 @@
if (isset($_POST['submit'])) {
$InputError=0;
-
+
if ($_POST['SelectedExpense']=='') {
$InputError=1;
echo prnMsg(_('You have not selected an expense to add to this tab'),'error');
@@ -111,7 +111,7 @@
echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
echo '<table class="selection">'; //Main table
-
+
echo '<tr><td>' . _('Select Type of Tab') . ':</td><td><select name="SelectedTab">';
DB_free_result($result);
@@ -136,8 +136,8 @@
echo '</table>'; // close table in first column
echo '</td></tr></table>'; // close main table
- echo '<p><div class="centre"><input type=submit name="Process" value="' . _('Accept') . '">
- <input type=submit name="Cancel" value="' . _('Cancel') . '"></div>';
+ echo '<p><div class="centre"><input type="submit" name="Process" value="' . _('Accept') . '">
+ <input type="submit" name="Cancel" value="' . _('Cancel') . '"></div>';
echo '</form>';
@@ -149,10 +149,10 @@
echo '<p><div class="centre"><a href="' . $_SERVER['PHP_SELF'] . '">' . _('Expense Codes for Type of Tab ') . ' ' .$SelectedTab. '</a></div><p>';
echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
-
+
echo '<input type="hidden" name="SelectedTab" value="' . $SelectedTab . '">';
- $sql = "SELECT pctabexpenses.codeexpense,
+ $sql = "SELECT pctabexpenses.codeexpense,
pcexpenses.description
FROM pctabexpenses INNER JOIN pcexpenses
ON pctabexpenses.codeexpense=pcexpenses.codeexpense
@@ -186,9 +186,9 @@
</tr>',
$myrow['codeexpense'],
$myrow['description'],
- $_SERVER['PHP_SELF'],
+ $_SERVER['PHP_SELF'],
$myrow['codeexpense'],
- $_SERVER['PHP_SELF'],
+ $_SERVER['PHP_SELF'],
$myrow['codeexpense']);
}
//END WHILE LIST LOOP
@@ -196,16 +196,16 @@
if (! isset($_GET['delete'])) {
-
+
echo '<br /><table class="selection">'; //Main table
-
+
echo '<tr><td>' . _('Select Expense Code') . ':</td><td><select name="SelectedExpense">';
-
+
DB_free_result($result);
$SQL = "SELECT codeexpense,
description
FROM pcexpenses";
-
+
$result = DB_query($SQL,$db);
if (!isset($_POST['SelectedExpense'])){
echo '<option selected value="">' . _('Not Yet Selected') . '</option>';
@@ -217,18 +217,18 @@
echo '<option value="';
}
echo $myrow['codeexpense'] . '">' . $myrow['codeexpense'] . ' - ' . $myrow['description'] . '</option>';
-
+
} //end while loop
-
+
echo '</select></td></tr>';
-
+
echo '</td></tr></table>'; // close main table
-
+
echo '<p><div class="centre"><input type=submit name=submit value="' . _('Accept') . '">
<input type=submit name="Cancel" value="' . _('Cancel') . '"></div>';
-
+
echo '</form>';
-
+
} // end if user wish to delete
}
Modified: trunk/PcReportTab.php
===================================================================
--- trunk/PcReportTab.php 2011-09-11 04:06:48 UTC (rev 4685)
+++ trunk/PcReportTab.php 2011-09-12 08:03:20 UTC (rev 4686)
@@ -32,7 +32,7 @@
}
/*Show a form to allow input of criteria for Tabs to show */
- echo '<table class=selection>';
+ echo '<table class="selection">';
echo '<tr><td>' . _('Code Of Petty Cash Tab') . ':</td><td><select name="SelectedTabs">';
if ($_SESSION['AccessLevel'] >= 15){ // superuser can supervise the supervisors
@@ -67,7 +67,7 @@
echo '<tr><td>' . _('To Date:') .'</td><td>';
echo '<input tabindex="3" class="date" alt="'.$_SESSION['DefaultDateFormat'].'" type="text" name="ToDate" maxlength="10" size="11" value="' . $_POST['ToDate'] . '">';
echo '</td></tr></table><br />';
- echo '<div class="centre"><input type=submit Name="ShowTB" Value="' . _('Show HTML') .'">';
+ echo '<div class="centre"><input type="submit" Name="ShowTB" Value="' . _('Show HTML') .'">';
echo '<input type="submit" name="PrintPDF" value="' . _('PrintPDF') . '"></div>';
} else if (isset($_POST['PrintPDF'])) {
@@ -133,7 +133,7 @@
$LeftOvers = $pdf->addTextWrap($Left_Margin,$YPos,60,$FontSize,_('Tab Code :'));
$LeftOvers = $pdf->addTextWrap($Left_Margin+100,$YPos,20,$FontSize,_(': '));
$LeftOvers = $pdf->addTextWrap($Left_Margin+110,$YPos,70,$FontSize,$SelectedTabs);
- $LeftOvers = $pdf->addTextWrap($Left_Margin+290,$YPos,70,$FontSize,_('From '));
+ $LeftOvers = $pdf->addTextWrap($Left_Margin+290,$YPos,70,$FontSize,_('From'). ' ');
$LeftOvers = $pdf->addTextWrap($Left_Margin+320,$YPos,20,$FontSize,_(': '));
$LeftOvers = $pdf->addTextWrap($Left_Margin+340,$YPos,70,$FontSize,$_POST['FromDate']);
@@ -159,7 +159,7 @@
$LeftOvers = $pdf->addTextWrap($Left_Margin,$YPos,40,$FontSize,_('Balance before '));
$LeftOvers = $pdf->addTextWrap($Left_Margin+55,$YPos,70,$FontSize,$_POST['FromDate']);
$LeftOvers = $pdf->addTextWrap($Left_Margin+100,$YPos,20,$FontSize,_(': '));
- $LeftOvers = $pdf->addTextWrap($Left_Margin+110,$YPos,70,$FontSize,locale_number_format($Balance['0'],2));
+ $LeftOvers = $pdf->addTextWrap($Left_Margin+110,$YPos,70,$FontSize,locale_money_format($Balance['0'],$_SESSION['CompanyRecord']['decimalplaces']));
$LeftOvers = $pdf->addTextWrap($Left_Margin+150,$YPos,70,$FontSize,$Tabs['currency']);
$YPos -= (2 * $line_height);
@@ -191,7 +191,7 @@
// Print total for each account
$LeftOvers = $pdf->addTextWrap($Left_Margin,$YPos,70,$FontSize,ConvertSQLDate($myrow['date']));
$LeftOvers = $pdf->addTextWrap($Left_Margin+70,$YPos,130,$FontSize,$Description[0]);
- $LeftOvers = $pdf->addTextWrap($Left_Margin+180,$YPos,50,$FontSize,locale_number_format($myrow['amount'],2),'right');
+ $LeftOvers = $pdf->addTextWrap($Left_Margin+180,$YPos,50,$FontSize,locale_money_format($myrow['amount'],$_SESSION['CompanyRecord']['decimalplaces']),'right');
$LeftOvers = $pdf->addTextWrap($Left_Margin+250,$YPos,100,$FontSize,$myrow['notes']);
$LeftOvers = $pdf->addTextWrap($Left_Margin+350,$YPos,70,$FontSize,$myrow['receipt']);
$LeftOvers = $pdf->addTextWrap($Left_Margin+430,$YPos,70,$FontSize,ConvertSQLDate($myrow['authorized']));
@@ -216,7 +216,7 @@
$LeftOvers = $pdf->addTextWrap($Left_Margin+70,$YPos,100,$FontSize,_('Balance at'));
$LeftOvers = $pdf->addTextWrap($Left_Margin+110,$YPos,70,$FontSize,$_POST['ToDate']);
$LeftOvers = $pdf->addTextWrap($Left_Margin+160,$YPos,20,$FontSize,_(': '));
- $LeftOvers = $pdf->addTextWrap($Left_Margin+160,$YPos,70,$FontSize,locale_number_format($Amount[0],2),'right');
+ $LeftOvers = $pdf->addTextWrap($Left_Margin+160,$YPos,70,$FontSize,locale_money_format($Amount[0],$_SESSION['CompanyRecord']['decimalplaces']),'right');
$LeftOvers = $pdf->addTextWrap($Left_Margin+240,$YPos,70,$FontSize,$Tabs['currency']);
$pdf->line($Page_Width-$Right_Margin, $YPos+$line_height,$Left_Margin, $YPos+$line_height);
@@ -282,7 +282,7 @@
echo '<tr><td>' . _('Balance before ') . ''.$_POST['FromDate'].'</td>
<td>:</td>
- <td>' . ''.$Balance['0'].' '.$Tabs['currency'].'</td>
+ <td>' . locale_money_format($Balance['0'],$_SESSION['CompanyRecord']['decimalplaces']).' '.$Tabs['currency'].'</td>
</tr>';
$SqlBalanceNotAut = "SELECT SUM(amount)
@@ -299,7 +299,7 @@
$BalanceNotAut['0']=0;
}
- echo '<tr><td>' . _('Total not authorised before ') . ''.$_POST['FromDate'].'</td><td>:</td><td>' . ''.$BalanceNotAut['0'].' '.$Tabs['currency'].'</td></tr>';
+ echo '<tr><td>' . _('Total not authorised before ') . ''.$_POST['FromDate'].'</td><td>:</td><td>' . ''.locale_money_format($BalanceNotAut['0'],$_SESSION['CompanyRecord']['decimalplaces']) . ' ' . $Tabs['currency'].'</td></tr>';
echo '</table>';
@@ -362,7 +362,7 @@
</tr>",
ConvertSQLDate($myrow['2']),
$Description['0'],
- locale_number_format($myrow['4'],2),
+ locale_money_format($myrow['4'],$_SESSION['CompanyRecord']['decimalplaces']),
$myrow['7'],
$myrow['8'],
ConvertSQLDate($myrow['5']));
@@ -376,7 +376,7 @@
</tr>",
ConvertSQLDate($myrow['2']),
$Description['0'],
- locale_number_format($myrow['4'],2),
+ locale_money_format($myrow['4'],$_SESSION['CompanyRecord']['decimalplaces']),
$myrow['7'],
$myrow['8'],
' ');
@@ -397,7 +397,7 @@
}
echo '<tr><td colspan=2 style=text-align:right >' . _('Balance At') . ' '.$_POST['ToDate'].':</td>
- <td>'.locale_number_format($Amount[0],2).' </td><td>'.$Tabs['currency'].'</td></tr>';
+ <td>'.locale_money_format($Amount[0],$_SESSION['CompanyRecord']['decimalplaces']).' </td><td>'.$Tabs['currency'].'</td></tr>';
echo '</table>';
echo '<br /><div class="centre"><input type="submit" name="SelectDifferentDate" value="' . _('Select A Different Date') . '"></div>';
Modified: trunk/PcTabs.php
===================================================================
--- trunk/PcTabs.php 2011-09-11 04:06:48 UTC (rev 4685)
+++ trunk/PcTabs.php 2011-09-12 08:03:20 UTC (rev 4686)
@@ -92,7 +92,7 @@
$sql = "UPDATE pctabs SET usercode = '" . $_POST['SelectUser'] . "',
typetabcode = '" . $_POST['SelectTabs'] . "',
currency = '" . $_POST['SelectCurrency'] . "',
- tablimit = '" . $_POST['TabLimit'] . "',
+ tablimit = '" . filter_number_format($_POST['TabLimit']) . "',
assigner = '" . $_POST['SelectAssigner'] . "',
authorizer = '" . $_POST['SelectAuthoriser'] . "',
glaccountassignment = '" . $_POST['GLAccountCash'] . "',
@@ -131,12 +131,12 @@
'" . $_POST['SelectUser'] . "',
'" . $_POST['SelectTabs'] . "',
'" . $_POST['SelectCurrency'] . "',
- '" . $_POST['TabLimit'] . "',
+ '" . filter_number_format($_POST['TabLimit']) . "',
'" . $_POST['SelectAssigner'] . "',
'" . $_POST['SelectAuthoriser'] . "',
'" . $_POST['GLAccountCash'] . "',
'" . $_POST['GLAccountPcashTab'] . "')";
-
+
$msg = _('The Petty Cash Tab') . ' ' . $_POST['tabcode'] . ' ' . _('has been created');
}
@@ -187,9 +187,9 @@
currencies.decimalplaces,
chartmaster1.accountname AS glactassigntname,
chartmaster2.accountname AS glactpcashname
- FROM pctabs INNER JOIN currencies
- ON pctabs.currency=currencies.currabrev
- INNER JOIN pctypetabs
+ FROM pctabs INNER JOIN currencies
+ ON pctabs.currency=currencies.currabrev
+ INNER JOIN pctypetabs
ON pctabs.typetabcode=pctypetabs.typetabcode
INNER JOIN chartmaster AS chartmaster1 ON
pctabs.glaccountassignment = chartmaster1.accountcode
@@ -210,9 +210,9 @@
<th>' . _('GL Account For Cash Assignment') . '</th>
<th>' . _('GL Account Petty Cash Tab') . '</th>
</tr>';
-
+
$k=0; //row colour counter
-
+
while ($myrow = DB_fetch_array($result)) {
if ($k==1){
echo '<tr class="EvenTableRows">';
@@ -221,7 +221,7 @@
echo '<tr class="OddTableRows">';
$k=1;
}
-
+
printf('<td>%s</td>
<td>%s</td>
<td>%s</td>
@@ -329,7 +329,7 @@
DB_free_result($result);
$SQL = "SELECT typetabcode,
typetabdescription
- FROM pctypetabs
+ FROM pctypetabs
ORDER BY typetabcode";
$result = DB_query($SQL,$db);
@@ -420,7 +420,7 @@
<td><select name="GLAccountCash">';
DB_free_result($result);
- $SQL = "SELECT chartmaster.accountcode,
+ $SQL = "SELECT chartmaster.accountcode,
chartmaster.accountname
FROM chartmaster INNER JOIN bankaccounts
ON chartmaster.accountcode = bankaccounts.accountcode
@@ -463,7 +463,7 @@
echo '</select></td></tr>';
echo '</td></tr></table>'; // close main table
- echo '<p><div class="centre"><input type=submit name="Submit" value="' . _('Accept') . '"><input type=submit name="Cancel" value="' . _('Cancel') . '"></div>';
+ echo '<p><div class="centre"><input type=submit name="Submit" value="' . _('Accept') . '" /><input type="submit" name="Cancel" value="' . _('Cancel') . '" /></div>';
echo '</form>';
Modified: trunk/StockLocTransferReceive.php
===================================================================
--- trunk/StockLocTransferReceive.php 2011-09-11 04:06:48 UTC (rev 4685)
+++ trunk/StockLocTransferReceive.php 2011-09-12 08:03:20 UTC (rev 4686)
@@ -4,8 +4,6 @@
include('includes/DefineSerialItems.php');
include('includes/DefineStockTransfers.php');
-//$PageSecurity = 11;
-
include('includes/session.inc');
$title = _('Inventory Transfer') . ' - ' . _('Receiving');
include('includes/header.inc');
@@ -29,14 +27,14 @@
$i=0;
$TotalQuantity = 0;
foreach ($_SESSION['Transfer']->TransferItem AS $TrfLine) {
- if (is_numeric($_POST['Qty' . $i])){
+ if (is_numeric(filter_number_format($_POST['Qty' . $i]))){
/*Update the quantity received from the inputs */
- $_SESSION['Transfer']->TransferItem[$i]->Quantity= $_POST['Qty' . $i];
+ $_SESSION['Transfer']->TransferItem[$i]->Quantity= filter_number_format($_POST['Qty' . $i]);
} else {
prnMsg(_('The quantity entered for'). ' ' . $TrfLine->StockID . ' '. _('is not numeric') . '. ' . _('All quantities must be numeric'),'error');
$InputError = True;
}
- if ($_POST['Qty' . $i]<0){
+ if (filter_number_format($_POST['Qty' . $i])<0){
prnMsg(_('The quantity entered for'). ' ' . $TrfLine->StockID . ' '. _('is negative') . '. ' . _('All quantities must be for positive numbers greater than zero'),'error');
$InputError = True;
}
@@ -44,12 +42,12 @@
prnMsg( _('The Quantity entered plus the Quantity Previously Received can not be greater than the Total Quantity shipped for').' '. $TrfLine->StockID , 'error');
$InputError = True;
}
- if (isset($_POST['CancelBalance' . $i]) and $_POST['CancelBalance' . $i]==1){
- $_SESSION['Transfer']->TransferItem[$i]->CancelBalance=1;
- } else {
- $_SESSION['Transfer']->TransferItem[$i]->CancelBalance=0;
- }
- $TotalQuantity += $TrfLine->Quantity;
+ if (isset($_POST['CancelBalance' . $i]) and $_POST['CancelBalance' . $i]==1){
+ $_SESSION['Transfer']->TransferItem[$i]->CancelBalance=1;
+ } else {
+ $_SESSION['Transfer']->TransferItem[$i]->CancelBalance=0;
+ }
+ $TotalQuantity += filter_number_format($TrfLine->Quantity);
$i++;
} /*end loop to validate and update the SESSION['Transfer'] data */
if ($TotalQuantity < 0){
@@ -80,16 +78,15 @@
}
/* Insert the stock movement for the stock going out of the from location */
- $SQL = "INSERT INTO stockmoves (
- stockid,
- type,
- transno,
- loccode,
- trandate,
- prd,
- reference,
- qty,
- newqoh)
+ $SQL = "INSERT INTO stockmoves (stockid,
+ type,
+ transno,
+ loccode,
+ trandate,
+ prd,
+ reference,
+ qty,
+ newqoh)
VALUES (
'" . $TrfLine->StockID . "',
16,
@@ -98,8 +95,8 @@
'" . $SQLTransferDate . "',
'" . $PeriodNo . "',
'" . _('To') . ' ' . $_SESSION['Transfer']->StockLocationToName . "',
- '" . round(-$TrfLine->Quantity, $TrfLine->DecimalPlaces) . "',
- '" . round($QtyOnHandPrior - $TrfLine->Quantity, $TrfLine->DecimalPlaces) . "'
+ '" . filter_number_format(round(-$TrfLine->Quantity, $TrfLine->DecimalPlaces)) . "',
+ '" . filter_number_format(round($QtyOnHandPrior - $TrfLine->Quantity, $TrfLine->DecimalPlaces)) . "'
)";
$ErrMsg = _('CRITICAL ERROR') . '! ' . _('NOTE DOWN THIS ERROR AND SEEK ASSISTANCE') . ': ' . _('The stock movement record cannot be inserted because');
@@ -122,7 +119,7 @@
WHERE
stockid='" . $TrfLine->StockID . "'
AND loccode='" . $_SESSION['Transfer']->StockLocationFrom . "'
- AND serialno='" . $Item->BundleRef . "'";
+ AND serialno='" . DB_escape_string($Item->BundleRef) . "'";
$Result = DB_query($SQL,$db,'<br />' . _('Could not determine if the serial item exists') );
$SerialItemExistsRow = DB_fetch_row($Result);
@@ -130,11 +127,11 @@
if ($SerialItemExistsRow[0]==1){
$SQL = "UPDATE stockserialitems SET
- quantity= quantity - " . $Item->BundleQty . "
+ quantity= quantity - " . filter_number_format($Item->BundleQty) . "
WHERE
stockid='" . $TrfLine->StockID . "'
AND loccode='" . $_SESSION['Transfer']->StockLocationFrom . "'
- AND serialno='" . $Item->BundleRef . "'";
+ AND serialno='" . DB_escape_string($Item->BundleRef) . "'";
$ErrMsg = _('CRITICAL ERROR') . '! ' . _('NOTE DOWN THIS ERROR AND SEEK ASSISTANCE') . ': ' . _('The serial stock item record could not be updated because');
$DbgMsg = _('The following SQL to update the serial stock item record was used');
@@ -147,8 +144,8 @@
quantity)
VALUES ('" . $TrfLine->StockID . "',
'" . $_SESSION['Transfer']->StockLocationFrom . "',
- '" . $Item->BundleRef . "',
- '" . -$Item->BundleQty . "')";
+ '" . DB_escape_string($Item->BundleRef) . "',
+ '" . -filter_number_format($Item->BundleQty) . "')";
$ErrMsg = _('CRITICAL ERROR') . '! ' . _('NOTE DOWN THIS ERROR AND SEEK ASSISTANCE') . ': ' . _('The serial stock item for the stock being transferred out of the existing location could not be inserted because');
$DbgMsg = _('The following SQL to update the serial stock item record was used');
@@ -166,8 +163,8 @@
) VALUES (
'" . $StkMoveNo . "',
'" . $TrfLine->StockID . "',
- '" . $Item->BundleRef . "',
- '" . -$Item->BundleQty . "'
+ '" . DB_escape_string($Item->BundleRef) . "',
+ '" . -filter_number_format($Item->BundleQty) . "'
)";
$ErrMsg = _('CRITICAL ERROR') . '! ' . _('NOTE DOWN THIS ERROR AND SEEK ASSISTANCE') . ': ' . _('The serial stock movement record could not be inserted because');
$DbgMsg = _('The following SQL to insert the serial stock movement records was used');
@@ -179,9 +176,9 @@
/* Need to get the current location quantity will need it later for the stock movement */
$SQL="SELECT locstock.quantity
- FROM locstock
- WHERE locstock.stockid='" . $TrfLine->StockID . "'
- AND loccode= '" . $_SESSION['Transfer']->StockLocationTo . "'";
+ FROM locstock
+ WHERE locstock.stockid='" . $TrfLine->StockID . "'
+ AND loccode= '" . $_SESSION['Transfer']->StockLocationTo . "'";
$Result = DB_query($SQL, $db, _('Could not retrieve the quantity on hand at the location being transferred to') );
if (DB_num_rows($Result)==1){
@@ -193,16 +190,15 @@
}
// Insert the stock movement for the stock coming into the to location
- $SQL = "INSERT INTO stockmoves (
- stockid,
- type,
- transno,
- loccode,
- trandate,
- prd,
- reference,
- qty,
- newqoh)
+ $SQL = "INSERT INTO stockmoves (stockid,
+ type,
+ transno,
+ loccode,
+ trandate,
+ prd,
+ reference,
+ qty,
+ newqoh)
VALUES (
'" . $TrfLine->StockID . "',
16,
@@ -211,8 +207,8 @@
'" . $SQLTransferDate . "',
'" . $PeriodNo . "',
'" . _('From') . ' ' . $_SESSION['Transfer']->StockLocationFromName ."',
- '" . round($TrfLine->Quantity, $TrfLine->DecimalPlaces) . "',
- '" . round($QtyOnHandPrior + $TrfLine->Quantity, $TrfLine->DecimalPlaces) . "'
+ '" . filter_number_format(round($TrfLine->Quantity, $TrfLine->DecimalPlaces)) . "',
+ '" . filter_number_format(round($QtyOnHandPrior + $TrfLine->Quantity, $TrfLine->DecimalPlaces)) . "'
)";
$ErrMsg = _('CRITICAL ERROR') . '! ' . _('NOTE DOWN THIS ERROR AND SEEK ASSISTANCE') . ': ' . _('The stock movement record for the incoming stock cannot be added because');
@@ -236,7 +232,7 @@
WHERE
stockid='" . $TrfLine->StockID . "'
AND loccode='" . $_SESSION['Transfer']->StockLocationTo . "'
- AND serialno='" . $Item->BundleRef . "'";
+ AND serialno='" . DB_escape_string($Item->BundleRef) . "'";
$Result = DB_query($SQL,$db,'<br />'. _('Could not determine if the serial item exists') );
$SerialItemExistsRow = DB_fetch_row($Result);
@@ -245,11 +241,11 @@
if ($SerialItemExistsRow[0]==1){
$SQL = "UPDATE stockserialitems SET
- quantity= quantity + '" . $Item->BundleQty . "'
+ quantity= quantity + '" . filter_number_format($Item->BundleQty) . "'
WHERE
stockid='" . $TrfLine->StockID . "'
AND loccode='" . $_SESSION['Transfer']->StockLocationTo . "'
- AND serialno='" . $Item->BundleRef . "'";
+ AND serialno='" . DB_escape_string($Item->BundleRef) . "'";
$ErrMsg = _('CRITICAL ERROR') . '! ' . _('NOTE DOWN THIS ERROR AND SEEK ASSISTANCE') . ': ' . _('The serial stock item record could not be updated for the quantity coming in because');
$DbgMsg = _('The following SQL to update the serial stock item record was used');
@@ -262,8 +258,8 @@
quantity)
VALUES ('" . $TrfLine->StockID . "',
'" . $_SESSION['Transfer']->StockLocationTo . "',
- '" . $Item->BundleRef . "',
- '" . $Item->BundleQty . "')";
+ '" . DB_escape_string($Item->BundleRef) . "',
+ '" . filter_number_format($Item->BundleQty) . "')";
$ErrMsg = _('CRITICAL ERROR') . '! ' . _('NOTE DOWN THIS ERROR AND SEEK ASSISTANCE') . ': ' . _('The serial stock item record for the stock coming in could not be added because');
$DbgMsg = _('The following SQL to update the serial stock item record was used');
@@ -280,8 +276,8 @@
moveqty)
VALUES (" . $StkMoveNo . ",
'" . $TrfLine->StockID . "',
- '" . $Item->BundleRef . "',
- '" . $Item->BundleQty . "')";
+ '" . DB_escape_string($Item->BundleRef) . "',
+ '" . filter_number_format($Item->BundleQty) . "')";
$ErrMsg = _('CRITICAL ERROR') . '! ' . _('NOTE DOWN THIS ERROR AND SEEK ASSISTANCE') . ': ' . _('The serial stock movement record could not be inserted because');
$DbgMsg = _('The following SQL to insert the serial stock movement records was used');
$Result = DB_query($SQL, $db, $ErrMsg, $DbgMsg, true);
@@ -290,7 +286,7 @@
} /*end if the transfer item is a controlled item */
$SQL = "UPDATE locstock
- SET quantity = quantity - '" . round($TrfLine->Quantity, $TrfLine->DecimalPlaces) . "'
+ SET quantity = quantity - '" . filter_number_format(round($TrfLine->Quantity, $TrfLine->DecimalPlaces)) . "'
WHERE stockid='" . $TrfLine->StockID . "'
AND loccode='" . $_SESSION['Transfer']->StockLocationFrom . "'";
@@ -299,7 +295,7 @@
$Result = DB_query($SQL, $db, $ErrMsg, $DbgMsg, true);
$SQL = "UPDATE locstock
- SET quantity = quantity + '" . round($TrfLine->Quantity, $TrfLine->DecimalPlaces) . "'
+ SET quantity = quantity + '" . filter_number_format(round($TrfLine->Quantity, $TrfLine->DecimalPlaces)) . "'
WHERE stockid='" . $TrfLine->StockID . "'
AND loccode='" . $_SESSION['Transfer']->StockLocationTo . "'";
@@ -310,13 +306,13 @@
prnMsg(_('A stock transfer for item code'). ' - ' . $TrfLine->StockID . ' ' . $TrfLine->ItemDescription . ' '. _('has been created from').' ' . $_SESSION['Transfer']->StockLocationFromName . ' '. _('to'). ' ' . $_SESSION['Transfer']->StockLocationToName . ' ' . _('for a quantity of'). ' '. $TrfLine->Quantity,'success');
if ($TrfLine->CancelBalance==1){
- $sql = "UPDATE loctransfers SET recqty = recqty + '". round($TrfLine->Quantity, $TrfLine->DecimalPlaces) . "',
- shipqty = recqty + '". round($TrfLine->Quantity, $TrfLine->DecimalPlaces) . "',
+ $sql = "UPDATE loctransfers SET recqty = recqty + '". filter_number_format(round($TrfLine->Quantity, $TrfLine->DecimalPlaces)) . "',
+ shipqty = recqty + '". filter_number_format(round($TrfLine->Quantity, $TrfLine->DecimalPlaces)) . "',
recdate = '".date('Y-m-d H:i:s'). "'
WHERE reference = '". $_SESSION['Transfer']->TrfID . "'
AND stockid = '". $TrfLine->StockID."'";
} else {
- $sql = "UPDATE loctransfers SET recqty = recqty + '". round($TrfLine->Quantity, $TrfLine->DecimalPlaces) . "',
+ $sql = "UPDATE loctransfers SET recqty = recqty + '". filter_number_format(round($TrfLine->Quantity, $TrfLine->DecimalPlaces)) . "',
recdate = '".date('Y-m-d H:i:s'). "'
WHERE reference = '". $_SESSION['Transfer']->TrfID . "'
AND stockid = '". $TrfLine->StockID."'";
@@ -350,25 +346,25 @@
unset($_SESSION['Transfer']);
$sql = "SELECT loctransfers.stockid,
- stockmaster.description,
- stockmaster.units,
- stockmaster.controlled,
- stockmaster.serialised,
- stockmaster.perishable,
- stockmaster.decimalplaces,
- loctransfers.shipqty,
- loctransfers.recqty,
- locations.locationname as shiplocationname,
- reclocations.locationname as reclocationname,
- loctransfers.shiploc,
- loctransfers.recloc
- FROM loctransfers INNER JOIN locations
- ON loctransfers.shiploc=locations.loccode
- INNER JOIN locations as reclocations
- ON loctransfers.recloc = reclocations.loccode
- INNER JOIN stockmaster
- ON loctransfers.stockid=stockmaster.stockid
- WHERE reference ='" . $_GET['Trf_ID'] . "' ORDER BY loctransfers.stockid";
+ stockmaster.description,
+ stockmaster.units,
+ stockmaster.controlled,
+ stockmaster.serialised,
+ stockmaster.perishable,
+ stockmaster.decimalplaces,
+ loctransfers.shipqty,
+ loctransfers.recqty,
+ locations.locationname as shiplocationname,
+ reclocations.locationname as reclocationname,
+ loctransfers.shiploc,
+ loctransfers.recloc
+ FROM loctransfers INNER JOIN locations
+ ON loctransfers.shiploc=locations.loccode
+ INNER JOIN locations as reclocations
+ ON loctransfers.recloc = reclocations.loccode
+ INNER JOIN stockmaster
+ ON loctransfers.stockid=stockmaster.stockid
+ WHERE reference ='" . $_GET['Trf_ID'] . "' ORDER BY loctransfers.stockid";
$ErrMsg = _('The details of transfer number') . ' ' . $_GET['Trf_ID'] . ' ' . _('could not be retrieved because') .' ';
@@ -384,24 +380,22 @@
$myrow=DB_fetch_array($result);
$_SESSION['Transfer']= new StockTransfer($_GET['Trf_ID'],
- $myrow['shiploc'],
- $myrow['shiplocationname'],
- $myrow['recloc'],
- $myrow['reclocationname'],
- Date($_SESSION['DefaultDateFormat'])
- );
+ $myrow['shiploc'],
+ $myrow['shiplocationname'],
+ $myrow['recloc'],
+ $myrow['reclocationname'],
+ Date($_SESSION['DefaultDateFormat']) );
/*Populate the StockTransfer TransferItem s array with the lines to be transferred */
$i = 0;
do {
$_SESSION['Transfer']->TransferItem[$i]= new LineItem ($myrow['stockid'],
- $myrow['description'],
- $myrow['shipqty'],
- $myrow['units'],
- $myrow['controlled'],
- $myrow['serialised'],
- $myrow['perishable'],
- $myrow['decimalplaces']
- );
+ $myrow['description'],
+ $myrow['shipqty'],
+ $myrow['units'],
+ $myrow['controlled'],
+ $myrow['serialised'],
+ $myrow['perishable'],
+ $myrow['decimalplaces'] );
$_SESSION['Transfer']->TransferItem[$i]->PrevRecvQty = $myrow['recqty'];
$_SESSION['Transfer']->TransferItem[$i]->Quantity = $myrow['shipqty']-$myrow['recqty'];
@@ -423,10 +417,9 @@
$i = 0; //Line Item Array pointer
- echo "<br /><table class=selection>";
- echo '<tr><th colspan=7><font size=3 color=blue>' . _('Location Transfer Reference'). ' #' . $_SESSION['Transfer']->TrfID .
- ' '. _('from').' ' . $_SESSION['Transfer']->StockLocationFromName . ' '. _('to'). ' ' .
- $_SESSION['Transfer']->StockLocationToName . '</font></th></tr>';
+ echo '<br />
+ <table class="selection">';
+ echo '<tr><th colspan="7"><font size=3 color=blue>' . _('Location Transfer Reference'). ' #' . $_SESSION['Transfer']->TrfID . ' '. _('from').' ' . $_SESSION['Transfer']->StockLocationFromName . ' '. _('to'). ' ' . $_SESSION['Transfer']->StockLocationToName . '</font></th></tr>';
$tableheader = '<tr>
<th>'. _('Item Code') . '</th>
@@ -453,24 +446,24 @@
<td>' . $TrfLine->ItemDescription . '</td>';
echo '<td class=number>' . locale_number_format($TrfLine->ShipQty, $TrfLine->DecimalPlaces) . '</td>';
- if (isset($_POST['Qty' . $i]) and is_numeric($_POST['Qty' . $i])){
- $_SESSION['Transfer']->TransferItem[$i]->Quantity= $_POST['Qty' . $i];
- $Qty = $_POST['Qty' . $i];
+ if (isset($_POST['Qty' . $i]) AND is_numeric(filter_number_format($_POST['Qty' . $i]))){
+ $_SESSION['Transfer']->TransferItem[$i]->Quantity= filter_number_format($_POST['Qty' . $i]);
+ $Qty = filter_number_format($_POST['Qty' . $i]);
} else if ($TrfLine->Controlled==1) {
if (sizeOf($TrfLine->SerialItems)==0) {
$Qty = 0;
} else {
- $Qty = $TrfLine->Quantity;
+ $Qty = filter_number_format($TrfLine->Quantity);
}
} else {
- $Qty = $TrfLine->Quantity;
+ $Qty = filter_number_format($TrfLine->Quantity);
}
echo '<td class=number>' . locale_number_format($TrfLine->PrevRecvQty, $TrfLine->DecimalPlaces) . '</td>';
if ($TrfLine->Controlled==1){
- echo '<td class=number><input type=hidden name="Qty' . $i . '" VALUE="' . $Qty . '"><a href="' . $rootpath .'/StockTransferControlled.php?' . SID . '&TransferItem=' . $i . '">' . $Qty . '</a></td>';
+ echo '<td class=number><input type=hidden name="Qty' . $i . '" value="' . $Qty . '"><a href="' . $rootpath .'/StockTransferControlled.php?TransferItem=' . $i . '">' . $Qty . '</a></td>';
} else {
- echo '<td><input type="text" class="number" name="Qty' . $i . '" maxlength=10 class="number" size=auto VALUE="' . $Qty . '"></td>';
+ echo '<td><input type="text" class="number" name="Qty' . $i . '" maxlength=10 class="number" size=auto value="' . $Qty . '"></td>';
}
echo '<td>' . $TrfLine->PartUnit . '</td>';
@@ -480,9 +473,9 @@
if ($TrfLine->Controlled==1){
if ($TrfLine->Serialised==1){
- echo '<td><a href="' . $rootpath .'/StockTransferControlled.php?' . SID . '&TransferItem=' . $i . '">' . _('Enter Serial Numbers') . '</a></td>';
+ echo '<td><a href="' . $rootpath .'/StockTransferControlled.php?TransferItem=' . $i . '">' . _('Enter Serial Numbers') . '</a></td>';
} else {
- echo '<td><a href="' . $rootpath .'/StockTransferControlled.php?' . SID . '&TransferItem=' . $i . '">' . _('Enter Batch Refs') . '</a></td>';
+ echo '<td><a href="' . $rootpath .'/StockTransferControlled.php?TransferItem=' . $i . '">' . _('Enter Batch Refs') . '</a></td>';
}
}
@@ -492,34 +485,33 @@
} /*end of foreach TransferItem */
echo '</table><br />
- <div class="centre"><input type=submit name="ProcessTransfer" VALUE="'. _('Process Inventory Transfer'). '"><bR />
+ <div class="centre"><input type="submit" name="ProcessTransfer" value="'. _('Process Inventory Transfer'). '"><br />
</form></div>';
- echo '<a href="'.$_SERVER['PHP_SELF']. '?' . SID . '&NewTransfer=true">'. _('Select A Different Trans...
[truncated message content] |
