Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[4697] trunk
|
From: <dai...@us...> - 2011-09-20 10:21:35
|
Revision: 4697
http://web-erp.svn.sourceforge.net/web-erp/?rev=4697&view=rev
Author: daintree
Date: 2011-09-20 10:21:28 +0000 (Tue, 20 Sep 2011)
Log Message:
-----------
number formats
Modified Paths:
--------------
trunk/POReport.php
trunk/PO_AuthoriseMyOrders.php
trunk/PO_Header.php
trunk/PO_OrderDetails.php
trunk/PO_PDFPurchOrder.php
trunk/PO_SelectOSPurchOrder.php
trunk/PO_SelectPurchOrder.php
trunk/Prices.php
trunk/includes/DateFunctions.inc
trunk/includes/LanguageSetup.php
trunk/includes/MiscFunctions.php
Modified: trunk/POReport.php
===================================================================
--- trunk/POReport.php 2011-09-19 09:38:20 UTC (rev 4696)
+++ trunk/POReport.php 2011-09-20 10:21:28 UTC (rev 4697)
@@ -53,7 +53,7 @@
// Had to add supplierid to SummaryType when do summary by name because there could be several accounts
// with the same name. Tried passing 'suppname,supplierid' in form, but it only read 'suppname'
if (isset($_POST['SummaryType']) and $_POST['SummaryType'] == 'suppname') {
- $_POST['SummaryType'] = 'suppname,suppliers.supplierid';
+ $_POST['SummaryType'] = "suppname, suppliers.supplierid";
}
if (isset($_POST['submit'])) {
@@ -566,10 +566,10 @@
<td>%s</td>
<td>%s</td>
<td>%s</td>
- <td class=number>%s</td>
- <td class=number>%s</td>
- <td class=number>%s</td>
- <td class=number>%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
<td>%s</td>
<td>%s</td>
<td>%s</td>
@@ -600,10 +600,10 @@
<td>%s</td>
<td>%s</td>
<td>%s</td>
- <td class=number>%s</td>
- <td class=number>%s</td>
- <td class=number>%s</td>
- <td class=number>%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
<td>%s</td>
<td>%s</td>
</tr>',
@@ -653,10 +653,10 @@
<td>%s</td>
<td>%s</td>
<td>%s</td>
- <td class=number>%s</td>
- <td class=number>%s</td>
- <td class=number>%s</td>
- <td class=number>%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
<td>%s</td>
<td>%s</td>
<td>%s</td>
@@ -681,30 +681,41 @@
$TotalInvQty += $myrow['qtyinvoiced'];
} //END WHILE LIST LOOP
// Print totals
- printf("<tr><td>%s</td><td>%s</td><td>%s</td><td>%s</td><td>%s</td><td class=number>%s</td><td class=number>
- %s</td><td class=number>%s</td><td class=number>%s</td><td>%s</td><td>%s</td></tr>",
- 'Totals',
- _('Lines - ') . $linectr,
- ' ',
- ' ',
- ' ',
- locale_number_format($TotalQty,$LastDecimalPlaces),
- locale_number_format($TotalExtCost,2),
- locale_number_format($TotalExtPrice,2),
- locale_number_format($TotalInvQty,$LastDecimalPlaces),
- ' ',
- ' ');
+ printf('<tr>
+ <td>%s</td>
+ <td>%s</td>
+ <td>%s</td>
+ <td>%s</td>
+ <td>%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
+ <td>%s</td>
+ <td>%s</td>
+ </tr>',
+ _('Totals'),
+ _('Lines - ') . $linectr,
+ ' ',
+ ' ',
+ ' ',
+ locale_number_format($TotalQty,$LastDecimalPlaces),
+ locale_money_format($TotalExtCost,2),
+ locale_money_format($TotalExtPrice,2),
+ locale_money_format($TotalInvQty,$LastDecimalPlaces),
+ ' ',
+ ' ');
}
echo '</table>';
} else {
// Print summary stuff
- echo '<br /><table class=selection width=98%>';
+ echo '<br /><table class="selection" width="98%">';
$summarytype = $_POST['SummaryType'];
// For SummaryType 'suppname' had to add supplierid to it for the GROUP BY in the sql,
// but have to take it away for $myrow[$summarytype] to be valid
// Set up description based on the Summary Type
- if ($summarytype == 'suppname,suppliers.supplierid') {
- $summarytype = 'suppname';
+ if ($summarytype == "suppname,suppliers.supplierid") {
+ $summarytype = "suppname";
$description = 'supplierno';
$summaryheader = _('Supplier Name');
$descriptionheader = _('Supplier Number');
@@ -738,7 +749,14 @@
$summaryheader = _('Month');
$descriptionheader = _('Month');
}
- printf("<tr><th>%s</th><th>%s</th><th>%s</th><th>%s</th><th>%s</th><th>%s</th></tr>",
+ printf('<tr>
+ <th>%s</th>
+ <th>%s</th>
+ <th>%s</th>
+ <th>%s</th>
+ <th>%s</th>
+ <th>%s</th>
+ </tr>',
_($summaryheader),
_($descriptionheader),
_('Quantity'),
@@ -763,10 +781,10 @@
}
printf('<td>%s</td>
<td>%s</td>
- <td class=number>%s</td>
- <td class=number>%s</td>
- <td class=number>%s</td>
- <td class=number>%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
</tr>',
$myrow[$summarytype],
$myrow[$description],
@@ -784,10 +802,10 @@
printf('<tr>
<td>%s</td>
<td>%s</td>
- <td class=number>%s</td>
- <td class=number>%s</td>
- <td class=number>%s</td>
- <td class=number>%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
</tr>',
_('Totals'),
_('Lines - ') . $linectr,
Modified: trunk/PO_AuthoriseMyOrders.php
===================================================================
--- trunk/PO_AuthoriseMyOrders.php 2011-09-19 09:38:20 UTC (rev 4696)
+++ trunk/PO_AuthoriseMyOrders.php 2011-09-20 10:21:28 UTC (rev 4697)
@@ -26,7 +26,7 @@
SET status='".$Status."',
stat_comment='".$Comment."',
allowprint=1
- WHERE orderno='".$OrderNo."'";
+ WHERE orderno='".filter_number_format($OrderNo)."'";
$result=DB_query($sql, $db);
}
}
@@ -39,7 +39,7 @@
suppliers.currcode,
www_users.realname,
www_users.email,
- currencies.decimalplaces
+ currencies.decimalplaces AS currdecimalplaces
FROM purchorders INNER JOIN suppliers
ON suppliers.supplierid=purchorders.supplierno
INNER JOIN currencies
@@ -95,9 +95,10 @@
<option value="Cancelled">'._('Cancelled').'</option>
</select></td>
</tr>';
- echo "<input type='hidden' name='comment' value='".$myrow['stat_comment']."'>";
+ echo '<input type="hidden" name="comment" value="' . $myrow['stat_comment'] . '" />';
$LineSQL="SELECT purchorderdetails.*,
- stockmaster.description
+ stockmaster.description,
+ stockmaster.decimalplaces
FROM purchorderdetails
LEFT JOIN stockmaster
ON stockmaster.stockid=purchorderdetails.itemcode
@@ -116,13 +117,18 @@
<th>'._('Line Total').'</th>
</tr>';
- while ($linerow=DB_fetch_array($LineResult)) {
+ while ($LineRow=DB_fetch_array($LineResult)) {
+ if ($LineRow['decimalplaces']!=NULL){
+ $DecimalPlaces = $LineRow['decimalplaces'];
+ }else {
+ $DecimalPlaces = 2;
+ }
echo '<tr>
- <td>'.$linerow['description'].'</td>
- <td class="number">'.locale_number_format($linerow['quantityord'],2).'</td>
+ <td>'.$LineRow['description'].'</td>
+ <td class="number">'.locale_number_format($LineRow['quantityord'],$DecimalPlaces).'</td>
<td>'.$myrow['currcode'].'</td>
- <td class="number">'.locale_number_format($linerow['unitprice'],$myrow['decimalplaces']).'</td>
- <td class="number">'.locale_number_format($linerow['unitprice']*$linerow['quantityord'],$myrow['decimalplaces']).'</td>
+ <td class="number">'.locale_number_format($LineRow['unitprice'],$myrow['decimalplaces']).'</td>
+ <td class="number">'.locale_number_format($LineRow['unitprice']*$LineRow['quantityord'],$myrow['currdecimalplaces']).'</td>
</tr>';
} // end while order line detail
echo '</table></td></tr>';
Modified: trunk/PO_Header.php
===================================================================
--- trunk/PO_Header.php 2011-09-19 09:38:20 UTC (rev 4696)
+++ trunk/PO_Header.php 2011-09-20 10:21:28 UTC (rev 4697)
@@ -209,7 +209,7 @@
$_SESSION['PO'.$identifier]->Version = $_POST['Version'];
$_SESSION['PO'.$identifier]->DeliveryDate = $_POST['DeliveryDate'];
$_SESSION['PO'.$identifier]->Revised = $_POST['Revised'];
- $_SESSION['PO'.$identifier]->ExRate = $_POST['ExRate'];
+ $_SESSION['PO'.$identifier]->ExRate = filter_number_format($_POST['ExRate']);
$_SESSION['PO'.$identifier]->Comments = $_POST['Comments'];
$_SESSION['PO'.$identifier]->DeliveryBy = $_POST['DeliveryBy'];
if (isset($_POST['StatusComments'])){
@@ -856,7 +856,7 @@
$LocnResult = DB_query($sql,$db);
while ($LocnRow=DB_fetch_array($LocnResult)){
- if (isset($_POST['StkLocation']) and ($_POST['StkLocation'] == $LocnRow['loccode'] OR
+ if (isset($_POST['StkLocation']) AND ($_POST['StkLocation'] == $LocnRow['loccode'] OR
($_POST['StkLocation']=='' AND $LocnRow['loccode']==$_SESSION['UserStockLocation']))){
echo '<option selected value="' . $LocnRow['loccode'] . '">' . $LocnRow['locationname'] . '</option>';
} else {
@@ -1076,7 +1076,7 @@
if ($_SESSION['PO'.$identifier]->CurrCode != $_SESSION['CompanyRecord']['currencydefault']) {
echo '<tr><td>'. _('Exchange Rate').':'.'</td>
- <td><input type="text" name="ExRate" value='.$_POST['ExRate'].' class="number" size=11></td>
+ <td><input type="text" name="ExRate" value='. $_POST['ExRate'].' class="number" size=11></td>
</tr>';
} else {
echo '<input type=hidden name="ExRate" value="1">';
Modified: trunk/PO_OrderDetails.php
===================================================================
--- trunk/PO_OrderDetails.php 2011-09-19 09:38:20 UTC (rev 4696)
+++ trunk/PO_OrderDetails.php 2011-09-20 10:21:28 UTC (rev 4697)
@@ -1,10 +1,7 @@
<?php
/* $Id$*/
-/* $Revision: 1.15 $ */
-//$PageSecurity = 2;
-
include('includes/session.inc');
if (isset($_GET['OrderNo'])) {
@@ -18,16 +15,15 @@
if (isset($_GET['FromGRNNo'])){
$SQL= "SELECT purchorderdetails.orderno
- FROM purchorderdetails,
- grns
- WHERE purchorderdetails.podetailitem=grns.podetailitem
- AND grns.grnno='" . $_GET['FromGRNNo'] ."'";
+ FROM purchorderdetails INNER JOIN grns
+ ON purchorderdetails.podetailitem=grns.podetailitem
+ WHERE grns.grnno='" . $_GET['FromGRNNo'] ."'";
$ErrMsg = _('The search of the GRNs was unsuccessful') . ' - ' . _('the SQL statement returned the error');
- $orderResult = DB_query($SQL, $db, $ErrMsg);
+ $OrderResult = DB_query($SQL, $db, $ErrMsg);
- $orderRow = DB_fetch_row($orderResult);
- $_GET['OrderNo'] = $orderRow[0];
+ $OrderRow = DB_fetch_row($OrderResult);
+ $_GET['OrderNo'] = $OrderRow[0];
echo '<br /><font size=4 color=BLUE>' . _('Order Number') . ' ' . $_GET['OrderNo'] . '</font>';
}
@@ -38,7 +34,7 @@
echo '<table class="table_index">
<tr><td class="menu_group_item">
- <li><a href="'. $rootpath . '/PO_SelectPurchOrder.php?'. SID .'">' . _('Outstanding Purchase Orders') . '</a></li>
+ <li><a href="'. $rootpath . '/PO_SelectPurchOrder.php">' . _('Outstanding Purchase Orders') . '</a></li>
</td></tr></table>';
include('includes/footer.inc');
exit;
@@ -50,15 +46,18 @@
suppliers.suppname,
suppliers.currcode,
www_users.realname,
- locations.locationname
- FROM purchorders
+ locations.locationname,
+ currencies.decimalplaces AS currdecimalplaces
+ FROM purchorders
+ INNER JOIN locations
+ ON locations.loccode=purchorders.intostocklocation
+ INNER JOIN suppliers
+ ON purchorders.supplierno = suppliers.supplierid
+ INNER JOIN currencies
+ ON suppliers.currcode = currencies.currabrev
LEFT JOIN www_users
ON purchorders.initiator=www_users.userid
- LEFT JOIN locations
- ON locations.loccode=purchorders.intostocklocation
- LEFT JOIN suppliers
- ON purchorders.supplierno = suppliers.supplierid
- WHERE purchorders.orderno = '" . $_GET['OrderNo'] ."'";
+ WHERE purchorders.orderno = '" . filter_number_format($_GET['OrderNo']) ."'";
$GetOrdHdrResult = DB_query($OrderHeaderSQL,$db, $ErrMsg);
@@ -71,7 +70,7 @@
}
echo '<table class="table_index">
<tr><td class="menu_group_item">
- <li><a href="'. $rootpath . '/PO_SelectPurchOrder.php?'. SID .'">' . _('Outstanding Sales Orders') . '</a></li>
+ <li><a href="'. $rootpath . '/PO_SelectPurchOrder.php">' . _('Outstanding Sales Orders') . '</a></li>
</td></tr></table>';
include('includes/footer.inc');
@@ -85,8 +84,8 @@
echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/supplier.png" title="' .
_('Purchase Order') . '" alt="" />' . ' ' . $title . '</p>';
-echo '<table class=selection cellpadding=2>';
-echo '<tr><th colspan=8><font size=3 color=navy>'. _('Order Header Details'). '</font></th></tr>';
+echo '<table class="selection" cellpadding="2">';
+echo '<tr><th colspan="8"><font size="3" color="navy">'. _('Order Header Details'). '</font></th></tr>';
echo '<tr><th style="text-align:left">' . _('Supplier Code'). '</td><td><a href="SelectSupplier.php?SupplierID='.$myrow['supplierid'].'">' . $myrow['supplierid'] . '</a></td>
<th style="text-align:left">' . _('Supplier Name'). '</td><td><a href="SelectSupplier.php?SupplierID='.$myrow['supplierid'].'">' . $myrow['suppname'] . '</a></td></tr>';
@@ -126,17 +125,22 @@
echo '</table>';
+$CurrDecimalPlaces = $myrow['currdecimalplaces'];
echo '<br />';
/*Now get the line items */
$ErrMsg = _('The line items of the purchase order could not be retrieved');
-$LineItemsSQL = "SELECT purchorderdetails.* FROM purchorderdetails
- WHERE purchorderdetails.orderno = '" . $_GET['OrderNo'] ."'";
+$LineItemsSQL = "SELECT purchorderdetails.*,
+ stockmaster.decimalplaces
+ FROM purchorderdetails
+ LEFT JOIN stockmaster
+ ON purchorderdetails.itemcode=stockmaster.stockid
+ WHERE purchorderdetails.orderno = '" . filter_number_format($_GET['OrderNo']) ."'";
$LineItemsResult = db_query($LineItemsSQL,$db, $ErrMsg);
-echo '<table colspan=8 class=selection cellpadding=0>';
+echo '<table colspan="8" class="selection" cellpadding="0">';
echo '<tr><th colspan=8><font size=3 color=navy>'. _('Order Line Details'). '</font></th></tr>';
echo '<tr>
<th>' . _('Item Code'). '</td>
@@ -159,7 +163,11 @@
$RecdTotal += ($myrow['quantityrecd'] * $myrow['unitprice']);
$DisplayReqdDate = ConvertSQLDate($myrow['deliverydate']);
-
+ if ($myrow['decimalplaces']!=NULL){
+ $DecimalPlaces = $myrow['decimalplaces'];
+ } else {
+ $DecimalPlaces = 2;
+ }
// if overdue and outstanding quantities, then highlight as so
if (($myrow['quantityord'] - $myrow['quantityrecd'] > 0)
AND Date1GreaterThanDate2(Date($_SESSION['DefaultDateFormat']), $DisplayReqdDate)){
@@ -176,31 +184,31 @@
printf ('<td>%s</td>
<td>%s</td>
- <td class=number>%01.2f</td>
- <td class=number>%01.2f</td>
- <td class=number>%01.2f</td>
- <td class=number>%01.2f</td>
- <td class=number>%01.2f</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
+ <td class="number">%s</td>
<td>%s</td>
</tr>' ,
$myrow['itemcode'],
$myrow['itemdescription'],
- $myrow['quantityord'],
- $myrow['quantityrecd'],
- $myrow['qtyinvoiced'],
- $myrow['unitprice'],
- $myrow['actprice'],
+ locale_number_format($myrow['quantityord'],$DecimalPlaces),
+ locale_number_format($myrow['quantityrecd'],$DecimalPlaces),
+ locale_number_format($myrow['qtyinvoiced'],$DecimalPlaces),
+ locale_money_format($myrow['unitprice'],$CurrDecimalPlaces),
+ locale_money_format($myrow['actprice'],$CurrDecimalPlaces),
$DisplayReqdDate);
}
echo '<tr><td><br /></td>
</tr>
- <tr><td colspan=4 class=number>' . _('Total Order Value Excluding Tax') .'</td>
- <td colspan=2 class=number>' . locale_number_format($OrderTotal,2) . '</td></tr>';
+ <tr><td colspan=4 class="number">' . _('Total Order Value Excluding Tax') .'</td>
+ <td colspan=2 class="number">' . locale_money_format($OrderTotal,$CurrDecimalPlaces) . '</td></tr>';
echo '<tr>
- <td colspan=4 class=number>' . _('Total Order Value Received Excluding Tax') . '</td>
- <td colspan=2 class=number>' . locale_number_format($RecdTotal,2) . '</td></tr>';
+ <td colspan=4 class="number">' . _('Total Order Value Received Excluding Tax') . '</td>
+ <td colspan=2 class="number">' . locale_money_format($RecdTotal,$CurrDecimalPlaces) . '</td></tr>';
echo '</table>';
echo '<br />';
Modified: trunk/PO_PDFPurchOrder.php
===================================================================
--- trunk/PO_PDFPurchOrder.php 2011-09-19 09:38:20 UTC (rev 4696)
+++ trunk/PO_PDFPurchOrder.php 2011-09-20 10:21:28 UTC (rev 4697)
@@ -6,7 +6,7 @@
include('includes/SQL_CommonFunctions.inc');
include('includes/DefinePOClass.php');
-if(!isset($_GET['OrderNo']) && !isset($_POST['OrderNo'])){
+if(!isset($_GET['OrderNo']) AND !isset($_POST['OrderNo'])){
$title = _('Select a Purchase Order');
include('includes/header.inc');
echo '<div class="centre"><br /><br /><br />';
@@ -95,9 +95,12 @@
purchorders.paymentterms,
suppliers.currcode,
purchorders.status,
- purchorders.stat_comment
+ purchorders.stat_comment,
+ currencies.decimalplaces AS currdecimalplaces
FROM purchorders INNER JOIN suppliers
ON purchorders.supplierno = suppliers.supplierid
+ INNER JOIN currencies
+ ON suppliers.currcode=currencies.currabrev
WHERE purchorders.orderno='" . $OrderNo ."'";
$result=DB_query($sql,$db, $ErrMsg);
if (DB_num_rows($result)==0){ /*There is no order header returned */
@@ -215,8 +218,8 @@
include('includes/PO_PDFOrderPageHeader.inc');
$YPos=$Page_Height - $FormDesign->Data->y;
$OrderTotal = 0;
- while ((isset($OrderNo) and $OrderNo=='Preview')
- OR (isset($result) and $POLine=DB_fetch_array($result))) {
+ while ((isset($OrderNo) AND $OrderNo=='Preview')
+ OR (isset($result) AND $POLine=DB_fetch_array($result))) {
/* If we are previewing the order then fill the
* order line with dummy data */
if ($OrderNo=='Preview') {
@@ -230,15 +233,20 @@
$POLine['conversionfactor']=1;
$POLine['decimalplaces']=2;
}
- $DisplayQty = locale_number_format($POLine['quantityord']/$POLine['conversionfactor'],$POLine['decimalplaces']);
+ if ($POLine['decimalplaces']!=NULL){
+ $DecimalPlaces = $POLine['decimalplaces'];
+ } else {
+ $DecimalPlaces = 2;
+ }
+ $DisplayQty = locale_number_format($POLine['quantityord']/$POLine['conversionfactor'],$DecimalPlaces);
if ($_POST['ShowAmounts']=='Yes'){
- $DisplayPrice = locale_number_format($POLine['unitprice']*$POLine['conversionfactor'],2);
+ $DisplayPrice = locale_money_format($POLine['unitprice']*$POLine['conversionfactor'],$POHeader['currdecimalplaces']);
} else {
$DisplayPrice = '----';
}
- $DisplayDelDate = ConvertSQLDate($POLine['deliverydate'],2);
+ $DisplayDelDate = ConvertSQLDate($POLine['deliverydate']);
if ($_POST['ShowAmounts']=='Yes'){
- $DisplayLineTotal = locale_number_format($POLine['unitprice']*$POLine['quantityord'],2);
+ $DisplayLineTotal = locale_money_format($POLine['unitprice']*$POLine['quantityord'],$POHeader['currdecimalplaces']);
} else {
$DisplayLineTotal = '----';
}
@@ -285,7 +293,7 @@
include ('includes/PO_PDFOrderPageHeader.inc');
} //end if need a new page headed up
if ($_POST['ShowAmounts']=='Yes'){
- $DisplayOrderTotal = locale_number_format($OrderTotal,2);
+ $DisplayOrderTotal = locale_money_format($OrderTotal,$POHeader['currdecimalplaces']);
} else {
$DisplayOrderTotal = '----';
}
@@ -330,15 +338,15 @@
$sql = "UPDATE purchorders SET allowprint = 0,
dateprinted = '" . Date('Y-m-d') . "',
status = 'Printed',
- stat_comment = '" . $StatusComment . "'
- WHERE purchorders.orderno = '" . $OrderNo."'";
+ stat_comment = '" . DB_escape_string($StatusComment) . "'
+ WHERE purchorders.orderno = '" . filter_number_format($OrderNo) ."'";
$result = DB_query($sql,$db);
}
include('includes/footer.inc');
} /* There was enough info to either print or email the purchase order */
else { /*the user has just gone into the page need to ask the question whether to print the order or email it to the supplier */
include ('includes/header.inc');
- echo '<form action="' . $_SERVER['PHP_SELF'] . '" method=post>';
+ echo '<form action="' . $_SERVER['PHP_SELF'] . '" method="post">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
if ($ViewingOnly==1){
echo '<input type=hidden name="ViewingOnly" value=1>';
@@ -381,7 +389,7 @@
suppliercontacts.email
FROM suppliercontacts INNER JOIN purchorders
ON suppliercontacts.supplierid=purchorders.supplierno
- WHERE purchorders.orderno='".$OrderNo."'";
+ WHERE purchorders.orderno='".filter_number_format($OrderNo)."'";
$ContactsResult=DB_query($SQL,$db, $ErrMsg);
if (DB_num_rows($ContactsResult)>0){
echo '<tr><td>'. _('Email to') .':</td><td><select name="EmailTo">';
@@ -404,7 +412,7 @@
} else {
echo '</table>';
}
- echo '<br /><div class="centre"><input type=submit name="DoIt" value="' . _('OK') . '"></div>';
+ echo '<br /><div class="centre"><input type="submit" name="DoIt" value="' . _('OK') . '"></div>';
echo '</form>';
include('includes/footer.inc');
}
Modified: trunk/PO_SelectOSPurchOrder.php
===================================================================
--- trunk/PO_SelectOSPurchOrder.php 2011-09-19 09:38:20 UTC (rev 4696)
+++ trunk/PO_SelectOSPurchOrder.php 2011-09-20 10:21:28 UTC (rev 4697)
@@ -18,9 +18,9 @@
}
if (isset($_GET['OrderNumber'])){
- $OrderNumber=trim($_GET['OrderNumber']);
+ $OrderNumber=(filter_number_format($_GET['OrderNumber']));
} elseif (isset($_POST['OrderNumber'])){
- $OrderNumber=trim($_POST['OrderNumber']);
+ $OrderNumber=(filter_number_format($_POST['OrderNumber']));
}
if (isset($_GET['SelectedSupplier'])){
Modified: trunk/PO_SelectPurchOrder.php
===================================================================
--- trunk/PO_SelectPurchOrder.php 2011-09-19 09:38:20 UTC (rev 4696)
+++ trunk/PO_SelectPurchOrder.php 2011-09-20 10:21:28 UTC (rev 4697)
@@ -11,9 +11,9 @@
$SelectedStockItem = $_POST['SelectedStockItem'];
}
if (isset($_GET['OrderNumber'])) {
- $OrderNumber = $_GET['OrderNumber'];
+ $OrderNumber = filter_number_format($_GET['OrderNumber']);
} elseif (isset($_POST['OrderNumber'])) {
- $OrderNumber = $_POST['OrderNumber'];
+ $OrderNumber = filter_number_format($_POST['OrderNumber']);
}
if (isset($_GET['SelectedSupplier'])) {
$SelectedSupplier = $_GET['SelectedSupplier'];
@@ -166,20 +166,20 @@
}
}
echo '</select><td><font size=1>' . _('Enter text extracts in the') . ' <b>' . _('description') . '</b>:</font></td>';
-echo '<td><input type="Text" name="Keywords" size=20 maxlength=25></td></tr><tr><td></td>';
+echo '<td><input type="text" name="Keywords" size=20 maxlength=25></td></tr><tr><td></td>';
echo '<td><font size=3><b>' . _('OR') . ' </b></font><font size=1>' . _('Enter extract of the') . '<b>' . _('Stock Code') . '</b>:</font></td>';
echo '<td><input type="text" name="StockCode" size=15 maxlength=18></td></tr>';
-echo '<tr><td colspan=3><div class=centre><input type=submit name="SearchParts" value="' . _('Search Parts Now') . '">';
+echo '<tr><td colspan=3><div class="centre"><input type=submit name="SearchParts" value="' . _('Search Parts Now') . '">';
echo '<input type=submit name="ResetPart" value="' . _('Show All') . '"></div></td></tr>';
echo '</table><br /><br />';
if (isset($StockItemsResult)) {
echo '<table cellpadding=2 colspan=7 class=selection>';
- $TableHeader = '<tr><td class="tableheader">' . _('Code') . '</td>
- <td class="tableheader">' . _('Description') . '</td>
- <td class="tableheader">' . _('On Hand') . '</td>
- <td class="tableheader">' . _('Orders') . '<br />' . _('Outstanding') . '</td>
- <td class="tableheader">' . _('Units') . '</td>
- </tr>';
+ $TableHeader = '<tr><th>' . _('Code') . '</th>
+ <th>' . _('Description') . '</th>
+ <th>' . _('On Hand') . '</th>
+ <th>' . _('Orders') . '<br />' . _('Outstanding') . '</th>
+ <th>' . _('Units') . '</th>
+ </tr>';
echo $TableHeader;
$j = 1;
$k = 0; //row colour counter
@@ -244,7 +244,7 @@
ON purchorders.supplierno = suppliers.supplierid
INNER JOIN currencies
ON suppliers.currcode=currencies.currabrev
- WHERE purchorders.orderno='" . $OrderNumber . "'
+ WHERE purchorders.orderno='" . filter_number_format($OrderNumber) . "'
GROUP BY purchorders.orderno,
suppliers.suppname,
purchorders.orddate,
@@ -417,7 +417,7 @@
$ViewPurchOrder = $rootpath . '/PO_OrderDetails.php?OrderNo=' . $myrow['orderno'];
$FormatedOrderDate = ConvertSQLDate($myrow['orddate']);
$FormatedDeliveryDate = ConvertSQLDate($myrow['deliverydate']);
- $FormatedOrderValue = locale_number_format($myrow['ordervalue'], $myrow['decimalplaces']);
+ $FormatedOrderValue = locale_money_format($myrow['ordervalue'], $myrow['decimalplaces']);
/* View Supplier Currency Requisition Order Date Initiator Order Total
ModifyPage, $myrow["orderno"], $myrow["suppname"], $myrow["currcode"], $myrow["requisitionno"] $FormatedOrderDate, $myrow["initiator"] $FormatedOrderValue Order Status*/
echo '<td><a href="' . $ViewPurchOrder . '">' . $myrow['orderno'] . '</a></td>
Modified: trunk/Prices.php
===================================================================
--- trunk/Prices.php 2011-09-19 09:38:20 UTC (rev 4696)
+++ trunk/Prices.php 2011-09-20 10:21:28 UTC (rev 4697)
@@ -67,7 +67,7 @@
//first off validate inputs sensible
// This gives some date in 1999?? $ZeroDate = Date($_SESSION['DefaultDateFormat'],Mktime(0,0,0,0,0,0));
- if (!is_double((double) trim($_POST['Price'])) OR $_POST['Price']=='') {
+ if (!is_numeric((double) filter_number_format($_POST['Price'])) OR $_POST['Price']=='') {
$InputError = 1;
prnMsg( _('The price entered must be numeric'),'error');
}
@@ -103,7 +103,7 @@
AND enddate ='" . FormatDateForSQL($_POST['EndDate']) . "'
AND prices.typeabbrev='" . $_POST['TypeAbbrev'] . "'
AND prices.currabrev='" . $_POST['CurrAbrev'] . "'
- AND prices.price='" . $_POST['Price'] . "'
+ AND prices.price='" . filter_number_format($_POST['Price']) . "'
";
$result = DB_query($sql, $db);
@@ -124,7 +124,7 @@
$sql = "UPDATE prices SET
typeabbrev='" . $_POST['TypeAbbrev'] . "',
currabrev='" . $_POST['CurrAbrev'] . "',
- price='" . $_POST['Price'] . "',
+ price='" . filter_number_format($_POST['Price']) . "',
startdate='" . FormatDateForSQL($_POST['StartDate']) . "',
enddate='" . $SQLEndDate . "'
WHERE prices.stockid='".$Item."'
@@ -156,7 +156,7 @@
'" . $_POST['CurrAbrev'] . "',
'" . FormatDateForSQL($_POST['StartDate']) . "',
'" . $SQLEndDate. "',
- '" . $_POST['Price'] . "')";
+ '" . filter_number_format($_POST['Price']) . "')";
$ErrMsg = _('The new price could not be added');
$result = DB_query($sql,$db,$ErrMsg);
@@ -208,11 +208,16 @@
$result = DB_query($sql,$db);
if (DB_num_rows($result) > 0) {
- echo '<table class=selection>';
- echo '<tr><th colspan=7><form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
- echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
- echo _('Pricing for part') . ':<input type="text" name="Item" maxsizee=22 value="' . $Item . '" maxlength=20><input type=submit name="NewPart" value="' . _('Review Prices') . '">';
- echo '</th></tr></form>';
+ echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">
+ <table class=selection>
+ <tr>
+ <th colspan=7>
+ <input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />' .
+ _('Pricing for part') . ':
+ <input type="text" name="Item" size="22" value="' . $Item . '" maxlength="20">
+ <input type=submit name="NewPart" value="' . _('Review Prices') . '"></th>
+ </tr>
+ </form>';
echo '<tr><th>' . _('Currency') . '</th>
<th>' . _('Sales Type') . '</th>
@@ -240,7 +245,7 @@
if (in_array(5,$_SESSION['AllowedPageSecurityTokens'])) {
echo '<td>' . $myrow['currency'] . '</td>
<td>' . $myrow['sales_type'] . '</td>
- <td class=number>' . locale_number_format($myrow['price'],$myrow['decimalplaces']) . '</td>
+ <td class="number">' . locale_number_format($myrow['price'],$myrow['decimalplaces']) . '</td>
<td>' . ConvertSQLDate($myrow['startdate']) . '</td>
<td>' . $EndDateDisplay . '</td>
<td><a href="' . $_SERVER['PHP_SELF'] . '?Item=' . $myrow['stockid'] . '&TypeAbbrev=' .$myrow['typeabbrev'] . '&CurrAbrev=' . $myrow['currabrev'] . '&Price=' . $myrow['price'] . '&StartDate=' . $myrow['startdate'] . '&EndDate=' . $myrow['enddate'] . '&Edit=1">' . _('Edit') . '</td>
@@ -249,7 +254,7 @@
} else {
echo '<td>' . $myrow['currency'] . '</td>
<td>' . $myrow['sales_type'] . '</td>
- <td class=number>' . locale_number_format($myrow['price'],$myrow['decimalplaces']) . '</td>
+ <td class="number">' . locale_number_format($myrow['price'],$myrow['decimalplaces']) . '</td>
<td>' . ConvertSQLDate($myrow['startdate']) . '</td>
<td>' . $EndDateDisplay . '</td></tr>';
}
@@ -270,7 +275,7 @@
echo '<input type=hidden name="OldEndDate" value="' . $_GET['EndDate'] . '">';
$_POST['CurrAbrev'] = $_GET['CurrAbrev'];
$_POST['TypeAbbrev'] = $_GET['TypeAbbrev'];
- $_POST['Price'] = $_GET['Price'];
+ $_POST['Price'] = filter_number_format($_GET['Price']);
$_POST['StartDate'] = ConvertSQLDate($_GET['StartDate']);
if ($_GET['EndDate']=='' OR $_GET['EndDate']=='0000-00-00'){
$_POST['EndDate'] = '';
@@ -282,14 +287,15 @@
$SQL = "SELECT currabrev, currency FROM currencies";
$result = DB_query($SQL,$db);
- echo '<br /><table class=selection>';
+ echo '<br /><table class="selection">';
echo '<tr><th colspan=5><font color=BLUE size=3><b>' . $Item . ' - ' . $PartDescription . '</b></font></th></tr>';
- echo '<tr><td>' . _('Currency') . ':</td><td><select name="CurrAbrev">';
+ echo '<tr><td>' . _('Currency') . ':</td>
+ <td><select name="CurrAbrev">';
while ($myrow = DB_fetch_array($result)) {
if ($myrow['currabrev']==$_POST['CurrAbrev']) {
- echo '<option selected VALUE="';
+ echo '<option selected value="';
} else {
- echo '<option VALUE="';
+ echo '<option value="';
}
echo $myrow['currabrev'] . '">' . $myrow['currency'] . '</option>';
} //end while loop
@@ -305,9 +311,9 @@
while ($myrow = DB_fetch_array($result)) {
if ($myrow['typeabbrev']==$_POST['TypeAbbrev']) {
- echo '<option selected VALUE="';
+ echo '<option selected value="';
} else {
- echo '<option VALUE="';
+ echo '<option value="';
}
echo $myrow['typeabbrev'] . '">' . $myrow['sales_type'] . '</option>';
@@ -319,7 +325,9 @@
if (!isset($_POST['StartDate'])){
$_POST['StartDate'] = Date($_SESSION['DefaultDateFormat']);
}
-
+ if (!isset($_POST['EndDate'])){
+ $_POST['EndDate'] = '';
+ }
echo '<tr><td>' . _('Price Effective From Date') . ':</td>
<td><input type="text" class=date alt="'.$_SESSION['DefaultDateFormat'].'" name="StartDate" size=10 maxlength=10 value="' . $_POST['StartDate'] . '"></td></tr>';
echo '<tr><td>' . _('Price Effective To Date') . ':</td>
@@ -330,16 +338,17 @@
<tr><td><?php echo _('Price'); ?>:</td>
<td>
- <input type="Text" class=number name="Price" size=12 maxlength=11 value=
+ <input type="text" class="number" name="Price" size=12 maxlength=11 value=
<?php if(isset($_POST['Price'])) {
echo $_POST['Price'];
- }?>>
+ }
+ ?> >
</td></tr>
</table>
<br /><div class="centre">
- <input type="Submit" name="submit" value="<?php echo _('Enter') . '/' . _('Amend Price'); ?>">
+ <input type="submit" name="submit" value="<?php echo _('Enter') . '/' . _('Amend Price'); ?>">
</div>
<?php
Modified: trunk/includes/DateFunctions.inc
===================================================================
--- trunk/includes/DateFunctions.inc 2011-09-19 09:38:20 UTC (rev 4696)
+++ trunk/includes/DateFunctions.inc 2011-09-20 10:21:28 UTC (rev 4697)
@@ -385,7 +385,7 @@
/* takes a date in a the format specified in $_SESSION['DefaultDateFormat']
and converts to a yyyy/mm/dd format */
-
+ $DateArray = array();
$DateEntry = trim($DateEntry);
if (mb_strpos($DateEntry,'/')) {
@@ -414,12 +414,13 @@
}
return $Date_Array[0].'-'.$Date_Array[1].'-'.$Date_Array[2];
- }elseif (($_SESSION['DefaultDateFormat']=='d/m/Y') OR $_SESSION['DefaultDateFormat']=='d.m.Y'){
+ }elseif (($_SESSION['DefaultDateFormat']=='d/m/Y')
+ OR $_SESSION['DefaultDateFormat']=='d.m.Y'){
if (mb_strlen($Date_Array[2])==2) {
if ((int)$Date_Array[2] <=60) {
$Date_Array[2] = '20'.$Date_Array[2];
} elseif ((int)$Date_Array[2] >60 AND (int)$Date_Array[2] <100) {
- $Date_Array[2] = '19'.$Date_Array[2];
+ $Date_Array[2] = '19'. $Date_Array[2];
}
}
/* echo '<BR>The date returned is ' . $Date_Array[2].'/'.$Date_Array[1].'/'.$Date_Array[0]; */
Modified: trunk/includes/LanguageSetup.php
===================================================================
--- trunk/includes/LanguageSetup.php 2011-09-19 09:38:20 UTC (rev 4696)
+++ trunk/includes/LanguageSetup.php 2011-09-20 10:21:28 UTC (rev 4697)
@@ -65,13 +65,13 @@
include('includes/LanguagesArray.php');
if (defined('LC_MESSAGES')){ //it's a unix/linux server
- $Locale = setlocale (LC_MESSAGES, $_SESSION['Language']);
- $Locale = setlocale (LC_NUMERIC, $_SESSION['Language']);
+ $LocaleSet = setlocale (LC_MESSAGES, $_SESSION['Language']);
+ $LocaleSet = setlocale (LC_NUMERIC, $_SESSION['Language']);
} else { // it's a windows server
- $Locale = setlocale (LC_ALL, $LanguageArray[$_SESSION['Language']]['WindowsLocale']);
+ $LocaleSet = setlocale (LC_ALL, $LanguageArray[$_SESSION['Language']]['WindowsLocale']);
}
-//for testing number_formats $Locale = setlocale (LC_NUMERIC, 'fr_FR.utf8');
+$LocaleSet = setlocale (LC_NUMERIC, 'nl_NL.utf8');
$LocaleInfo = localeconv();
if ($LocaleInfo['mon_decimal_point']==''){
Modified: trunk/includes/MiscFunctions.php
===================================================================
--- trunk/includes/MiscFunctions.php 2011-09-19 09:38:20 UTC (rev 4696)
+++ trunk/includes/MiscFunctions.php 2011-09-20 10:21:28 UTC (rev 4697)
@@ -328,6 +328,7 @@
function filter_number_format($Number) {
global $LocaleInfo;
+ $Number = trim($Number);
return str_replace($LocaleInfo['decimal_point'],'.',str_replace($LocaleInfo['thousands_sep'],'',$Number));
}
?>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
