Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[4713] trunk
|
From: <dai...@us...> - 2011-10-06 07:52:45
|
Revision: 4713
http://web-erp.svn.sourceforge.net/web-erp/?rev=4713&view=rev
Author: daintree
Date: 2011-10-06 07:52:38 +0000 (Thu, 06 Oct 2011)
Log Message:
-----------
number_formats
Modified Paths:
--------------
trunk/PricesByCost.php
trunk/PrintCheque.php
trunk/PrintCustOrder.php
trunk/PrintCustOrder_generic.php
trunk/PrintCustStatements.php
trunk/PrintCustTrans.php
Modified: trunk/PricesByCost.php
===================================================================
--- trunk/PricesByCost.php 2011-10-05 07:26:06 UTC (rev 4712)
+++ trunk/PricesByCost.php 2011-10-06 07:52:38 UTC (rev 4713)
@@ -163,7 +163,7 @@
echo '<form action="' .$_SERVER['PHP_SELF'] .'" method="POST" name="update">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
echo'<input type="hidden" value=' . $_POST['StockCat'] . ' name="StockCat">
- <input type="hidden" value=' . filter_number_format($_POST['Margin']) . ' name="Margin">
+ <input type="hidden" value=' . $_POST['Margin'] . ' name="Margin">
<input type="hidden" value=' . $_POST['CurrCode'] . ' name="CurrCode">
<input type="hidden" value=' . $_POST['Comparator'] . ' name="Comparator">
<input type="hidden" value=' . $_POST['SalesType'] . ' name="SalesType">';
@@ -213,7 +213,7 @@
<td class="number">' . locale_number_format($Cost, $_SESSION['CompanyRecord']['decimalplaces']) . '</td>
<td class="number">' . locale_number_format($CurrentGP, 1) . '%</td>
<td class="number">' . locale_number_format($ProposedPrice, $myrow['decimalplaces']) . '</td>
- <td><input type="text" class="number" name="Price_' . $PriceCounter . '" maxlength=14 size=10 value="' . locale_number_format($myrow['price'],$myrow['decimalplaces']) . '"></td>
+ <td><input type="text" class="number" name="Price_' . $PriceCounter . '" maxlength="14" size="10" value="' . locale_number_format($myrow['price'],$myrow['decimalplaces']) . '"></td>
</tr> ';
$PriceCounter++;
} //end of looping
@@ -227,7 +227,10 @@
}
} else { /*The option to submit was not hit so display form */
echo '<div class="page_help_text">' . _('Use this report to display price list with the cost.') . '</div><br />';
- echo '<br /><br /><form action="' . $_SERVER['PHP_SELF'] . '" method="post"><table class=selection>';
+ echo '<br />
+ <br />
+ <form action="' . $_SERVER['PHP_SELF'] . '" method="post">
+ <table class="selection">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
$SQL = "SELECT categoryid, categorydescription
@@ -243,9 +246,9 @@
}
echo '</select></td></tr>';
echo '<tr><td>' . _('Price') . '
- <select name="Comparator">';
- echo '<option value="1">' . _('Less than or equal to') . '</option>';
- echo '<option value="2">' . _('Greater than or equal to') . '</option>';
+ <select name="Comparator">
+ <option value="1">' . _('Less than or equal to') . '</option>
+ <option value="2">' . _('Greater than or equal to') . '</option>';
if ($_SESSION['WeightedAverageCosting']==1) {
echo '</select>'.' '. _('Average Cost') . ' x </td>';
} else {
Modified: trunk/PrintCheque.php
===================================================================
--- trunk/PrintCheque.php 2011-10-05 07:26:06 UTC (rev 4712)
+++ trunk/PrintCheque.php 2011-10-06 07:52:38 UTC (rev 4713)
@@ -13,7 +13,10 @@
$PageNumber=1;
$line_height=12;
-$result = db_query("SELECT hundredsname, decimalplaces FROM currencies WHERE currabrev='" . $_SESSION['PaymentDetail']->Currency . "'",$db);
+$result = db_query("SELECT hundredsname,
+ decimalplaces
+ FROM currencies
+ WHERE currabrev='" . $_SESSION['PaymentDetail']->Currency . "'",$db);
If (DB_num_rows($result) == 0){
include ('includes/header.inc');
Modified: trunk/PrintCustOrder.php
===================================================================
--- trunk/PrintCustOrder.php 2011-10-05 07:26:06 UTC (rev 4712)
+++ trunk/PrintCustOrder.php 2011-10-06 07:52:38 UTC (rev 4713)
@@ -7,15 +7,28 @@
include('includes/SQL_CommonFunctions.inc');
//Get Out if we have no order number to work with
-If (!isset($_GET['TransNo']) || $_GET['TransNo']==""){
+If (!isset($_GET['TransNo']) OR $_GET['TransNo']==''){
$title = _('Select Order To Print');
include('includes/header.inc');
- echo '<div class=centre><br /><br /><br />';
+ echo '<div class="centre">
+ <br />
+ <br />
+ <br />';
prnMsg( _('Select an Order Number to Print before calling this page') , 'error');
- echo '<br /><br /><br /><table class="table_index"><tr><td class="menu_group_item">
- <li><a href="'. $rootpath . '/SelectSalesOrder.php?'. SID .'">' . _('Outstanding Sales Orders') . '</a></li>
- <li><a href="'. $rootpath . '/SelectCompletedOrder.php?'. SID .'">' . _('Completed Sales Orders') . '</a></li>
- </td></tr></table></div><br /><br /><br />';
+ echo '<br />
+ <br />
+ <br />
+ <table class="table_index">
+ <tr><td class="menu_group_item">
+ <li><a href="'. $rootpath . '/SelectSalesOrder.php?'. SID .'">' . _('Outstanding Sales Orders') . '</a></li>
+ <li><a href="'. $rootpath . '/SelectCompletedOrder.php?'. SID .'">' . _('Completed Sales Orders') . '</a></li>
+ </td>
+ </tr>
+ </table>
+ </div>
+ <br />
+ <br />
+ <br />';
include('includes/footer.inc');
exit;
}
@@ -52,7 +65,7 @@
ON salesorders.shipvia=shippers.shipper_id
INNER JOIN locations
ON salesorders.fromstkloc=locations.loccode
- WHERE salesorders.orderno='" . filter_number_format($_GET['TransNo']). "'";
+ WHERE salesorders.orderno='" . $_GET['TransNo'] . "'";
$result=DB_query($sql,$db, $ErrMsg);
@@ -122,7 +135,7 @@
stockmaster.decimalplaces
FROM salesorderdetails INNER JOIN stockmaster
ON salesorderdetails.stkcode=stockmaster.stockid
- WHERE salesorderdetails.orderno='" . filter_number_format($_GET['TransNo']) . "'";
+ WHERE salesorderdetails.orderno='" . $_GET['TransNo'] . "'";
$result=DB_query($sql, $db, $ErrMsg);
if (DB_num_rows($result)>0){
@@ -195,9 +208,9 @@
$pdf->OutputD($_SESSION['DatabaseName'] . '_Customer_Order_' . $_GET['TransNo'] . '_' . Date('Y-m-d') .'.pdf');
$pdf-> __destruct();
- $sql = "UPDATE salesorders SET printedpackingslip=1,
- datepackingslipprinted='" . Date('Y-m-d') . "'
- WHERE salesorders.orderno='" .filter_number_format($_GET['TransNo']) . "'";
+ $sql = "UPDATE salesorders SET printedpackingslip=1,
+ datepackingslipprinted='" . Date('Y-m-d') . "'
+ WHERE salesorders.orderno='" . $_GET['TransNo'] . "'";
$result = DB_query($sql,$db);
} else {
$title = _('Print Packing Slip Error');
Modified: trunk/PrintCustOrder_generic.php
===================================================================
--- trunk/PrintCustOrder_generic.php 2011-10-05 07:26:06 UTC (rev 4712)
+++ trunk/PrintCustOrder_generic.php 2011-10-06 07:52:38 UTC (rev 4713)
@@ -65,7 +65,7 @@
WHERE salesorders.debtorno=debtorsmaster.debtorno
AND salesorders.shipvia=shippers.shipper_id
AND salesorders.fromstkloc=locations.loccode
- AND salesorders.orderno='" . filter_number_format($_GET['TransNo']) . "'";
+ AND salesorders.orderno='" . $_GET['TransNo'] . "'";
$result=DB_query($sql,$db, $ErrMsg);
@@ -166,7 +166,7 @@
stockmaster.decimalplaces
FROM salesorderdetails INNER JOIN stockmaster
ON salesorderdetails.stkcode=stockmaster.stockid
- WHERE salesorderdetails.orderno='" . filter_number_format($_GET['TransNo']) . "'";
+ WHERE salesorderdetails.orderno='" . $_GET['TransNo'] . "'";
$result=DB_query($sql,$db, $ErrMsg);
if (DB_num_rows($result)>0){
@@ -248,7 +248,7 @@
$pdf->__destruct();
$sql = "UPDATE salesorders SET printedpackingslip=1,
datepackingslipprinted='" . Date('Y-m-d') . "'
- WHERE salesorders.orderno='" . filter_number_format($_GET['TransNo']) . "'";
+ WHERE salesorders.orderno='" . $_GET['TransNo'] . "'";
$result = DB_query($sql,$db);
}
Modified: trunk/PrintCustStatements.php
===================================================================
--- trunk/PrintCustStatements.php 2011-10-05 07:26:06 UTC (rev 4712)
+++ trunk/PrintCustStatements.php 2011-10-06 07:52:38 UTC (rev 4713)
@@ -79,7 +79,7 @@
if (DB_Num_Rows($StatementResults) == 0){
$title = _('Print Statements') . ' - ' . _('No Customers Found');
- require('includes/header.inc');
+ require('includes/header.inc');
echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/printer.png" title="' . _('Print') . '" alt="" />' . ' ' . _('Print Customer Account Statements') . '</p>';
prnMsg( _('There were no Customers matching your selection of '). $_POST['FromCust']. ' - '.
$_POST['ToCust'].'.' , 'error');
Modified: trunk/PrintCustTrans.php
===================================================================
--- trunk/PrintCustTrans.php 2011-10-05 07:26:06 UTC (rev 4712)
+++ trunk/PrintCustTrans.php 2011-10-06 07:52:38 UTC (rev 4713)
@@ -7,7 +7,7 @@
if (isset($_GET['FromTransNo'])) {
$FromTransNo = trim($_GET['FromTransNo']);
} elseif (isset($_POST['FromTransNo'])) {
- $FromTransNo = trim($_POST['FromTransNo']);
+ $FromTransNo = filter_number_format($_POST['FromTransNo']);
} else {
$FromTransNo = '';
}
@@ -25,8 +25,8 @@
}
if (!isset($_POST['ToTransNo'])
- or trim($_POST['ToTransNo'])==''
- or $_POST['ToTransNo'] < $FromTransNo) {
+ OR trim($_POST['ToTransNo'])==''
+ OR filter_number_format($_POST['ToTransNo']) < $FromTransNo) {
$_POST['ToTransNo'] = $FromTransNo;
}
@@ -72,7 +72,7 @@
$FirstPage = true;
$line_height=16;
- while ($FromTransNo <= $_POST['ToTransNo']){
+ while ($FromTransNo <= filter_number_format($_POST['ToTransNo'])){
/* retrieve the invoice details from the database to print
notice that salesorder record must be present to print the invoice purging of sales orders will
@@ -127,22 +127,22 @@
debtortrans.debtorno,
debtortrans.branchcode,
currencies.decimalplaces
- FROM debtortrans INNER JOIN debtorsmaster
- ON debtortrans.debtorno=debtorsmaster.debtorno
- INNER JOIN custbranch
- ON debtortrans.debtorno=custbranch.debtorno
+ FROM debtortrans INNER JOIN debtorsmaster
+ ON debtortrans.debtorno=debtorsmaster.debtorno
+ INNER JOIN custbranch
+ ON debtortrans.debtorno=custbranch.debtorno
AND debtortrans.branchcode=custbranch.branchcode
- INNER JOIN salesorders
+ INNER JOIN salesorders
ON debtortrans.order_ = salesorders.orderno
- INNER JOIN shippers
- ON debtortrans.shipvia=shippers.shipper_id
- INNER JOIN salesman
- ON custbranch.salesman=salesman.salesmancode
- INNER JOIN locations
- ON salesorders.fromstkloc=locations.loccode
- INNER JOIN paymentterms
+ INNER JOIN shippers
+ ON debtortrans.shipvia=shippers.shipper_id
+ INNER JOIN salesman
+ ON custbranch.salesman=salesman.salesmancode
+ INNER JOIN locations
+ ON salesorders.fromstkloc=locations.loccode
+ INNER JOIN paymentterms
ON debtorsmaster.paymentterms=paymentterms.termsindicator
- INNER JOIN currencies
+ INNER JOIN currencies
ON debtorsmaster.currcode=currencies.currabrev
WHERE debtortrans.type=10
AND debtortrans.transno='" . $FromTransNo . "'";
@@ -186,16 +186,16 @@
debtortrans.branchcode,
paymentterms.terms,
currencies.decimalplaces
- FROM debtortrans INNER JOIN debtorsmaster
- ON debtortrans.debtorno=debtorsmaster.debtorno
- INNER JOIN custbranch
- ON debtortrans.debtorno=custbranch.debtorno
+ FROM debtortrans INNER JOIN debtorsmaster
+ ON debtortrans.debtorno=debtorsmaster.debtorno
+ INNER JOIN custbranch
+ ON debtortrans.debtorno=custbranch.debtorno
AND debtortrans.branchcode=custbranch.branchcode
- INNER JOIN salesman
- ON custbranch.salesman=salesman.salesmancode
- INNER JOIN paymentterms
+ INNER JOIN salesman
+ ON custbranch.salesman=salesman.salesmancode
+ INNER JOIN paymentterms
ON debtorsmaster.paymentterms=paymentterms.termsindicator
- INNER JOIN currencies
+ INNER JOIN currencies
ON debtorsmaster.currcode=currencies.currabrev
WHERE debtortrans.type=11
AND debtortrans.transno='" . $FromTransNo . "'";
@@ -460,10 +460,10 @@
if (isset($_GET['FromTransNo'])) {
$FromTransNo = trim($_GET['FromTransNo']);
} elseif (isset($_POST['FromTransNo'])) {
- $FromTransNo = trim($_POST['FromTransNo']);
+ $FromTransNo = filter_number_format($_POST['FromTransNo']);
}
-
-
+
+
if (isset($_GET['Email'])){ //email the invoice to address supplied
include('includes/header.inc');
@@ -471,7 +471,7 @@
$FileName = $_SESSION['reports_dir'] . '/' . $_SESSION['DatabaseName'] . '_' . $InvOrCredit . '_' . $_GET['FromTransNo'] . '.pdf';
$pdf->Output($FileName,'F');
$mail = new htmlMimeMail();
-
+
$Attachment = $mail->getFile($FileName);
$mail->setText(_('Please find attached') . ' ' . $InvOrCredit . ' ' . $_GET['FromTransNo'] );
$mail->SetSubject($InvOrCredit . ' ' . $_GET['FromTransNo']);
@@ -489,7 +489,7 @@
} else { //its not an email just print the invoice to PDF
$pdf->OutputD($_SESSION['DatabaseName'] . '_' . $InvOrCredit . '_' . $FromTransNo . '.pdf');
-
+
}
$pdf->__destruct();
@@ -503,7 +503,7 @@
/* if FromTransNo is not set then show a form to allow input of either a single invoice number or a range of invoices to be printed. Also get the last invoice number created to show the user where the current range is up to */
echo '<form action="' . $_SERVER['PHP_SELF'] . '" method="post">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
-
+
echo '<div class="centre"><p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/printer.png" title="' . _('Print') . '" alt="">' . ' ' . _('Print Invoices or Credit Notes (Landscape Mode)') . '</div>';
echo '<table class="table1">
<tr><td>' . _('Print Invoices or Credit Notes') . '</td><td><select name=InvOrCredit>';
@@ -532,12 +532,12 @@
echo '</select></td></tr>';
echo '<tr><td>' . _('Start invoice/credit note number to print') . '</td>
- <td><input Type=text class=number max=6 size=7 name=FromTransNo></td></tr>';
+ <td><input type="text" class="number" maxlength="6" size="7" name="FromTransNo" /></td></tr>';
echo '<tr><td>' . _('End invoice/credit note number to print') . '</td>
- <td><input Type=text class=number max=6 size=7 name="ToTransNo"></td></tr>
+ <td><input type="text" class="number" maxlength="6" size="7" name="ToTransNo" /></td></tr>
</table>';
- echo '<div class="centre"><input type="submit" name="Print" value="' . _('Print') . '"><p>';
- echo '<input type="submit" name="PrintPDF" value="' . _('Print PDF') . '"></div>';
+ echo '<div class="centre"><input type="submit" name="Print" value="' . _('Print') . '" /><p>';
+ echo '<input type="submit" name="PrintPDF" value="' . _('Print PDF') . '" /></div>';
$sql = "SELECT typeno FROM systypes WHERE typeid=10";
@@ -551,11 +551,13 @@
$result = DB_query($sql,$db);
$myrow = DB_fetch_row($result);
- echo '<br /><b>' . _('The last credit note created was number') . ' ' . $myrow[0] . '</b><br />' . _('A sequential range can be printed using the same method as for invoices above') . '. ' . _('A single credit note can be printed by only entering a start transaction number') . '</DIV';
+ echo '<br /><b>' . _('The last credit note created was number') . ' ' . $myrow[0] . '</b>
+ <br />' . _('A sequential range can be printed using the same method as for invoices above') . '. ' . _('A single credit note can be printed by only entering a start transaction number') .
+ '</div>';
} else {
- while ($FromTransNo <= $_POST['ToTransNo']) {
+ while ($FromTransNo <= filter_number_format($_POST['ToTransNo'])) {
/*retrieve the invoice details from the database to print
notice that salesorder record must be present to print the invoice purging of sales orders will
@@ -600,22 +602,22 @@
salesman.salesmanname,
debtortrans.debtorno,
currencies.decimalplaces
- FROM debtortrans INNER JOIN debtorsmaster
- ON debtortrans.debtorno=debtorsmaster.debtorno
- INNER JOIN custbranch
- ON debtortrans.debtorno=custbranch.debtorno
+ FROM debtortrans INNER JOIN debtorsmaster
+ ON debtortrans.debtorno=debtorsmaster.debtorno
+ INNER JOIN custbranch
+ ON debtortrans.debtorno=custbranch.debtorno
AND debtortrans.branchcode=custbranch.branchcode
- INNER JOIN salesorders
+ INNER JOIN salesorders
ON debtortrans.order_ = salesorders.orderno
- INNER JOIN shippers
- ON debtortrans.shipvia=shippers.shipper_id
- INNER JOIN salesman
- ON custbranch.salesman=salesman.salesmancode
- INNER JOIN locations
- ON salesorders.fromstkloc=locations.loccode
- INNER JOIN paymentterms
+ INNER JOIN shippers
+ ON debtortrans.shipvia=shippers.shipper_id
+ INNER JOIN salesman
+ ON custbranch.salesman=salesman.salesmancode
+ INNER JOIN locations
+ ON salesorders.fromstkloc=locations.loccode
+ INNER JOIN paymentterms
ON debtorsmaster.paymentterms=paymentterms.termsindicator
- INNER JOIN currencies
+ INNER JOIN currencies
ON debtorsmaster.currcode=currencies.currabrev
WHERE debtortrans.type=10
AND debtortrans.transno='" . $FromTransNo . "'";
@@ -646,16 +648,16 @@
salesman.salesmanname,
debtortrans.debtorno,
currencies.decimalplaces
- FROM debtortrans INNER JOIN debtorsmaster
- ON debtortrans.debtorno=debtorsmaster.debtorno
- INNER JOIN custbranch
- ON debtortrans.debtorno=custbranch.debtorno
+ FROM debtortrans INNER JOIN debtorsmaster
+ ON debtortrans.debtorno=debtorsmaster.debtorno
+ INNER JOIN custbranch
+ ON debtortrans.debtorno=custbranch.debtorno
AND debtortrans.branchcode=custbranch.branchcode
- INNER JOIN salesman
- ON custbranch.salesman=salesman.salesmancode
- INNER JOIN paymentterms
+ INNER JOIN salesman
+ ON custbranch.salesman=salesman.salesmancode
+ INNER JOIN paymentterms
ON debtorsmaster.paymentterms=paymentterms.termsindicator
- INNER JOIN currencies
+ INNER JOIN currencies
ON debtorsmaster.currcode=currencies.currabrev
WHERE debtortrans.type=11
AND debtortrans.transno='" . $FromTransNo . "'";
@@ -674,8 +676,11 @@
$myrow = DB_fetch_array($result);
/* Then there's an invoice (or credit note) to print. So print out the invoice header and GST Number from the company record */
- if (count($_SESSION['AllowedPageSecurityTokens'])==1 AND in_array(1, $_SESSION['AllowedPageSecurityTokens']) AND $myrow['debtorno'] != $_SESSION['CustomerID']){
- echo '<p><font color=RED size=4>' . _('This transaction is addressed to another customer and cannot be displayed for privacy reasons') . '. ' . _('Please select only transactions relevant to your company');
+ if (count($_SESSION['AllowedPageSecurityTokens'])==1
+ AND in_array(1, $_SESSION['AllowedPageSecurityTokens'])
+ AND $myrow['debtorno'] != $_SESSION['CustomerID']){
+
+ echo '<p><font color="red" size="4">' . _('This transaction is addressed to another customer and cannot be displayed for privacy reasons') . '. ' . _('Please select only transactions relevant to your company');
exit;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
