[Web-erp-svn] SF.net SVN: web-erp:[4723] trunk

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 4723
          http://web-erp.svn.sourceforge.net/web-erp/?rev=4723&view=rev
Author:   daintree
Date:     2011-10-17 09:14:05 +0000 (Mon, 17 Oct 2011)
Log Message:
-----------
number_formats

Modified Paths:
--------------
    trunk/Suppliers.php
    trunk/Tax.php
    trunk/TaxAuthorities.php
    trunk/TaxAuthorityRates.php
    trunk/TaxCategories.php
    trunk/TaxGroups.php
    trunk/TaxProvinces.php
    trunk/TopItems.php

Modified: trunk/Suppliers.php
===================================================================

--- trunk/Suppliers.php	2011-10-16 07:24:19 UTC (rev 4722)
+++ trunk/Suppliers.php	2011-10-17 09:14:05 UTC (rev 4723)
@@ -954,13 +954,22 @@
 	echo '</select></td></tr></table>';
 
 	if (isset($_POST['New'])) {
-		echo '<p><div class="centre"><input type="Submit" name="submit" value="' . _('Add These New Supplier Details') . '"></form>';
+		echo '<p><div class="centre"><input type="submit" name="submit" value="' . _('Add These New Supplier Details') . '" /></form>';
 	} else {
-		echo '<br /><p><div class="centre"><input type="Submit" name="submit" value="' . _('Update Supplier') . '"></div><br />';
+		echo '<br />
+				<div class="centre">
+					<input type="Submit" name="submit" value="' . _('Update Supplier') . '" />
+				</div>
+			<br />';
 //		echo '<p><font color=red><b>' . _('WARNING') . ': ' . _('There is no second warning if you hit the delete button below') . '. ' . _('However checks will be made to ensure there are no outstanding purchase orders or existing accounts payable transactions before the deletion is processed') . '<br /></font></b>';
 		prnMsg(_('WARNING') . ': ' . _('There is no second warning if you hit the delete button below') . '. ' . _('However checks will be made to ensure there are no outstanding purchase orders or existing accounts payable transactions before the deletion is processed'), 'Warn');
-		echo '<br /><div class=centre><input type="submit" name="delete" value="' . _('Delete Supplier') . '" onclick=\"return confirm(\'' . _('Are you sure you wish to delete this supplier?') . '\');\"></form>';
-		echo '<br /><a href="' . $rootpath . '/SupplierContacts.php?SupplierID=' . $SupplierID . '">' . _('Review Contact Details') . '</a></div>';
+		echo '<br />
+			<div class=centre>
+				<input type="submit" name="delete" value="' . _('Delete Supplier') . '" onclick=\"return confirm(\'' . _('Are you sure you wish to delete this supplier?') . '\');\">
+		</form>';
+		echo '<br />
+			<a href="' . $rootpath . '/SupplierContacts.php?SupplierID=' . $SupplierID . '">' . _('Review Contact Details') . '</a>
+			</div>';
 	}
 	echo '</div>';
 } // end of main ifs

Modified: trunk/Tax.php
===================================================================
--- trunk/Tax.php	2011-10-16 07:24:19 UTC (rev 4722)
+++ trunk/Tax.php	2011-10-17 09:14:05 UTC (rev 4723)
@@ -34,25 +34,25 @@
       /*Now get the invoices for the tax report */
 
 	$SQL = "SELECT debtortrans.transno,
-			debtortrans.type,
-			systypes.typename,
-			debtortrans.trandate,
-			debtortrans.debtorno,
-			debtorsmaster.name,
-			debtortrans.branchcode,
-			debtortrans.order_,
-			(debtortrans.ovamount+debtortrans.ovfreight)/debtortrans.rate AS netamount,
-			debtortrans.ovfreight/debtortrans.rate AS freightamount,
-			debtortranstaxes.taxamount/debtortrans.rate AS tax
-		FROM debtortrans
-		INNER JOIN debtorsmaster ON debtortrans.debtorno=debtorsmaster.debtorno
-		INNER JOIN systypes ON debtortrans.type=systypes.typeid
-		INNER JOIN debtortranstaxes ON debtortrans.id = debtortranstaxes.debtortransid
-		WHERE debtortrans.prd >= '" . ($_POST['ToPeriod'] - $_POST['NoOfPeriods'] + 1) . "'
-		AND debtortrans.prd <= '" . $_POST['ToPeriod'] . "'
-		AND (debtortrans.type=10 OR debtortrans.type=11)
-		AND debtortranstaxes.taxauthid = '" . $_POST['TaxAuthority'] . "'
-		ORDER BY debtortrans.id";
+					debtortrans.type,
+					systypes.typename,
+					debtortrans.trandate,
+					debtortrans.debtorno,
+					debtorsmaster.name,
+					debtortrans.branchcode,
+					debtortrans.order_,
+					(debtortrans.ovamount+debtortrans.ovfreight)/debtortrans.rate AS netamount,
+					debtortrans.ovfreight/debtortrans.rate AS freightamount,
+					debtortranstaxes.taxamount/debtortrans.rate AS tax
+			FROM debtortrans
+			INNER JOIN debtorsmaster ON debtortrans.debtorno=debtorsmaster.debtorno
+			INNER JOIN systypes ON debtortrans.type=systypes.typeid
+			INNER JOIN debtortranstaxes ON debtortrans.id = debtortranstaxes.debtortransid
+			WHERE debtortrans.prd >= '" . ($_POST['ToPeriod'] - $_POST['NoOfPeriods'] + 1) . "'
+			AND debtortrans.prd <= '" . $_POST['ToPeriod'] . "'
+			AND (debtortrans.type=10 OR debtortrans.type=11)
+			AND debtortranstaxes.taxauthid = '" . $_POST['TaxAuthority'] . "'
+			ORDER BY debtortrans.id";
 
 	$DebtorTransResult = DB_query($SQL,$db,'','',false,false); //don't trap errors in DB_query
 
@@ -91,8 +91,8 @@
 			$LeftOvers = $pdf->addTextWrap(140,$YPos,60,$FontSize,ConvertSQLDate($DebtorTransRow['trandate']),'left');
 			$LeftOvers = $pdf->addTextWrap(200,$YPos,150,$FontSize, $DebtorTransRow['name'],'left');
 			$LeftOvers = $pdf->addTextWrap(350,$YPos,60,$FontSize, $DebtorTransRow['branchcode'],'left');
-			$LeftOvers = $pdf->addTextWrap(410,$YPos,60,$FontSize, locale_number_format($DebtorTransRow['netamount'],2),'right');
-			$LeftOvers = $pdf->addTextWrap(470,$YPos,60,$FontSize, locale_number_format($DebtorTransRow['tax'],2),'right');
+			$LeftOvers = $pdf->addTextWrap(410,$YPos,60,$FontSize, locale_number_format($DebtorTransRow['netamount'],$_SESSION['CompanyRecord']['decimalplaces']),'right');
+			$LeftOvers = $pdf->addTextWrap(470,$YPos,60,$FontSize, locale_number_format($DebtorTransRow['tax'],$_SESSION['CompanyRecord']['decimalplaces']),'right');
 
 			$YPos -=$line_height;
 			if ($YPos < $Bottom_Margin + $line_height){
@@ -118,8 +118,8 @@
 
 	if ($_POST['DetailOrSummary']=='Detail'){
 		/*Print out the outputs totals */
-		$LeftOvers = $pdf->addTextWrap(410,$YPos,60,8, locale_number_format($Outputs,2),'right');
-		$LeftOvers = $pdf->addTextWrap(470,$YPos,60,8, locale_number_format($OutputTax,2),'right');
+		$LeftOvers = $pdf->addTextWrap(410,$YPos,60,8, locale_number_format($Outputs,$_SESSION['CompanyRecord']['decimalplaces']),'right');
+		$LeftOvers = $pdf->addTextWrap(470,$YPos,60,8, locale_number_format($OutputTax,$_SESSION['CompanyRecord']['decimalplaces']),'right');
 
 		/*Rule off under output totals */
 		$pdf->line(410, $YPos-5,530, $YPos-5);
@@ -190,8 +190,8 @@
 			$LeftOvers = $pdf->addTextWrap(140,$YPos,60,$FontSize,ConvertSQLDate($SuppTransRow['trandate']),'left');
 			$LeftOvers = $pdf->addTextWrap(200,$YPos,150,$FontSize, $SuppTransRow['suppname'],'left');
 
-			$LeftOvers = $pdf->addTextWrap(410,$YPos,60,$FontSize, locale_number_format($SuppTransRow['netamount'],2),'right');
-			$LeftOvers = $pdf->addTextWrap(470,$YPos,60,$FontSize, locale_number_format($SuppTransRow['taxamt'],2),'right');
+			$LeftOvers = $pdf->addTextWrap(410,$YPos,60,$FontSize, locale_number_format($SuppTransRow['netamount'],$_SESSION['CompanyRecord']['decimalplaces']),'right');
+			$LeftOvers = $pdf->addTextWrap(470,$YPos,60,$FontSize, locale_number_format($SuppTransRow['taxamt'],$_SESSION['CompanyRecord']['decimalplaces']),'right');
 
 			$YPos -=$line_height;
 			if ($YPos < $Bottom_Margin + $line_height){
@@ -217,8 +217,8 @@
 
 	if ($_POST['DetailOrSummary']=='Detail'){
 		/*Print out the input totals */
-		$LeftOvers = $pdf->addTextWrap(410,$YPos,60,8, locale_number_format($Inputs,2),'right');
-		$LeftOvers = $pdf->addTextWrap(470,$YPos,60,8, locale_number_format($InputTax,2),'right');
+		$LeftOvers = $pdf->addTextWrap(410,$YPos,60,8, locale_number_format($Inputs,$_SESSION['CompanyRecord']['decimalplaces']),'right');
+		$LeftOvers = $pdf->addTextWrap(470,$YPos,60,8, locale_number_format($InputTax,$_SESSION['CompanyRecord']['decimalplaces']),'right');
 
 		/*Rule off under input totals */
 		$pdf->line(410, $YPos-5,530, $YPos-5);
@@ -253,17 +253,17 @@
 	$YPos -= (2*$line_height);
 
 	$LeftOvers = $pdf->addTextWrap(40,$YPos,180,$FontSize,_('Total Sales and Income (incl Tax)'),'left');
-	$LeftOvers = $pdf->addTextWrap(220,$YPos,100,$FontSize,locale_number_format($Outputs+$OutputTax,2),'right');
+	$LeftOvers = $pdf->addTextWrap(220,$YPos,100,$FontSize,locale_number_format($Outputs+$OutputTax,$_SESSION['CompanyRecord']['decimalplaces']),'right');
 
 	$YPos -= $line_height;
 
 	$LeftOvers = $pdf->addTextWrap(40,$YPos,180,$FontSize,_('Tax On Liable Sales'),'left');
-	$LeftOvers = $pdf->addTextWrap(220,$YPos,100,$FontSize,locale_number_format($OutputTax,2),'right');
+	$LeftOvers = $pdf->addTextWrap(220,$YPos,100,$FontSize,locale_number_format($OutputTax,$_SESSION['CompanyRecord']['decimalplaces']),'right');
 
 
 	$YPos -= $line_height;
 	$LeftOvers = $pdf->addTextWrap(40,$YPos,200,$FontSize,_('Tax On Purchases'),'left');
-	$LeftOvers = $pdf->addTextWrap(220,$YPos,100,$FontSize,locale_number_format($InputTax,2),'right');
+	$LeftOvers = $pdf->addTextWrap(220,$YPos,100,$FontSize,locale_number_format($InputTax,$_SESSION['CompanyRecord']['decimalplaces']),'right');
 
 	$YPos -= (2*$line_height);
 	$LeftOvers = $pdf->addTextWrap(40,$YPos,500,$FontSize,_('Adjustments for Tax paid to Customs, FBT, entertainments etc must also be entered'),'left');
@@ -289,7 +289,7 @@
 	echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/maintenance.png" title="' . _('Supplier Types')
 	. '" alt="" />' . $title. '</p>';
 
-	echo '<form action="' . $_SERVER['PHP_SELF'] . '" method="POST">
+	echo '<form action="' . $_SERVER['PHP_SELF'] . '" method="post">
 			<table class="selection">';
 	echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
 
@@ -301,19 +301,21 @@
 		echo '<option Value=' . $myrow['taxid'] . '>' . $myrow['description'] . '</option>';
 	}
 	echo '</select></td></tr>';
-	echo '<tr><td>' . _('Return Covering') . ':</font></td>
+	echo '<tr>
+			<td>' . _('Return Covering') . ':</font></td>
 			<td><select name="NoOfPeriods">
 			<option value=1>' . _('One Month') . '</option>' .
 			'<option selected value=2>' ._('Two Months')  . '</option>' .
 			'<option value=3>' . _('Quarter') . '</option>' .
 			'<option value=6>' . _('Six Months')  . '</option>' .
-			'</select></td></tr>';
+			'</select></td>
+		</tr>';
 
 
-	echo '<tr><td>' . _('Return To') . ':</td>
+	echo '<tr>
+			<td>' . _('Return To') . ':</td>
 			<td><select name="ToPeriod">';
 
-
 	$DefaultPeriod = GetPeriod(Date($_SESSION['DefaultDateFormat'],Mktime(0,0,0,Date('m'),0,Date('Y'))),$db);
 
 	$sql = "SELECT periodno,
@@ -325,23 +327,28 @@
 
 	while ($myrow = DB_fetch_array($Periods,$db)){
 		if ($myrow['periodno']==$DefaultPeriod){
-			echo '<option selected VALUE=' . $myrow['periodno'] . '>' . ConvertSQLDate($myrow['lastdate_in_period']) . '</option>';
+			echo '<option selected value="' . $myrow['periodno'] . '">' . ConvertSQLDate($myrow['lastdate_in_period']) . '</option>';
 		} else {
-			echo '<option VALUE=' . $myrow['periodno'] . '>' . ConvertSQLDate($myrow['lastdate_in_period']) . '</option>';
+			echo '<option value="' . $myrow['periodno'] . '">' . ConvertSQLDate($myrow['lastdate_in_period']) . '</option>';
 		}
 	}
 
-	echo '</select></td></tr>';
+	echo '</select></td>
+		</tr>';
 
-	echo '<tr><td>' . _('Detail Or Summary Only') . ':</font></td>
+	echo '<tr>
+			<td>' . _('Detail Or Summary Only') . ':</font></td>
 			<td><select name="DetailOrSummary">
-			<option Value="Detail">' . _('Detail and Summary') . '</option> 
-			<option selected value="Summary">' . _('Summary Only') . '</option>
-			</select></td></tr>';
+				<option value="Detail">' . _('Detail and Summary') . '</option> 
+				<option selected value="Summary">' . _('Summary Only') . '</option>
+			</select></td>
+		</tr>';
 
 
 	echo '</table>
-		<br /><div class="centre"><input type="submit" name="PrintPDF" value="' . _('Print PDF') . '">
+		<br />
+		<div class="centre">
+			<input type="submit" name="PrintPDF" value="' . _('Print PDF') . '" />
 		</div>
 		</form>';
 

Modified: trunk/TaxAuthorities.php
===================================================================
--- trunk/TaxAuthorities.php	2011-10-16 07:24:19 UTC (rev 4722)
+++ trunk/TaxAuthorities.php	2011-10-17 09:14:05 UTC (rev 4723)
@@ -6,8 +6,10 @@
 $title = _('Tax Authorities');
 include('includes/header.inc');
 
-echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/maintenance.png" title="' . _('Supplier Types')
-	. '" alt="" />' . $title. '</p>';
+echo '<p class="page_title_text">
+		<img src="'.$rootpath.'/css/'.$theme.'/images/maintenance.png" title="' . _('Supplier Types')
+	. '" alt="" />' . $title. '
+	</p>';
 
 if (isset($_POST['SelectedTaxAuthID'])){
 	$SelectedTaxAuthID =$_POST['SelectedTaxAuthID'];
@@ -32,14 +34,14 @@
 		delete code below*/
 
 		$sql = "UPDATE taxauthorities
-				SET taxglcode ='" . $_POST['TaxGLCode'] . "',
-				purchtaxglaccount ='" . $_POST['PurchTaxGLCode'] . "',
-				description = '" . $_POST['Description'] . "',
-				bank = '". $_POST['Bank']."',
-				bankacctype = '". $_POST['BankAccType']."',
-				bankacc = '". $_POST['BankAcc']."',
-				bankswift = '". $_POST['BankSwift']."'
-			WHERE taxid = '" . $SelectedTaxAuthID . "'";
+					SET taxglcode ='" . $_POST['TaxGLCode'] . "',
+					purchtaxglaccount ='" . $_POST['PurchTaxGLCode'] . "',
+					description = '" . DB_escape_string($_POST['Description']) . "',
+					bank = '" . $_POST['Bank'] . "',
+					bankacctype = '". $_POST['BankAccType'] . "',
+					bankacc = '". DB_escape_string($_POST['BankAcc']) . "',
+					bankswift = '". DB_escape_string($_POST['BankSwift']) . "'
+				WHERE taxid = '" . $SelectedTaxAuthID . "'";
 
 		$ErrMsg = _('The update of this tax authority failed because');
 		$result = DB_query($sql,$db,$ErrMsg);
@@ -61,11 +63,11 @@
 			VALUES (
 				'" . $_POST['TaxGLCode'] . "',
 				'" . $_POST['PurchTaxGLCode'] . "',
-				'" .$_POST['Description'] . "',
-				'" .$_POST['Bank'] . "',
-				'" .$_POST['BankAccType'] . "',
-				'" .$_POST['BankAcc'] . "',
-				'" .$_POST['BankSwift'] . "'
+				'" . DB_escape_string($_POST['Description']) . "',
+				'" . $_POST['Bank'] . "',
+				'" . $_POST['BankAccType'] . "',
+				'" . DB_escape_string($_POST['BankAcc']) . "',
+				'" . DB_escape_string($_POST['BankSwift']) . "'
 				)";
 
 		$Errmsg = _('The addition of this tax authority failed because');
@@ -126,30 +128,30 @@
 /* It could still be the second time the page has been run and a record has been selected for modification - SelectedTaxAuthID will exist because it was sent with the new call. If its the first time the page has been displayed with no parameters then none of the above are true and the list of tax authorities will be displayed with links to delete or edit each. These will call the same page again and allow update/input or deletion of the records*/
 
 	$sql = "SELECT taxid,
-			description,
-			taxglcode,
-			purchtaxglaccount,
-			bank,
-			bankacc,
-			bankacctype,
-			bankswift
-		FROM taxauthorities";
+				description,
+				taxglcode,
+				purchtaxglaccount,
+				bank,
+				bankacc,
+				bankacctype,
+				bankswift
+			FROM taxauthorities";
 
 	$ErrMsg = _('CRITICAL ERROR') . '! ' . _('NOTE DOWN THIS ERROR AND SEEK ASSISTANCE') . ': ' . _('The defined tax authorities could not be retrieved because');
 	$DbgMsg = _('The following SQL to retrieve the tax authorities was used');
 	$result = DB_query($sql,$db,$ErrMsg,$DbgMsg);
 
-	echo '<table class=selection>';
-	echo '<tr>
-		<th>' . _('ID') . '</th>
-		<th>' . _('Description') . '</th>
-		<th>' . _('Input Tax') . '<br />' . _('GL Account') . '</th>
-		<th>' . _('Output Tax') . '<br />' . _('GL Account') . '</th>
-		<th>' . _('Bank') . '</th>
-		<th>' . _('Bank Account') . '</th>
-		<th>' . _('Bank Act Type') . '</th>
-		<th>' . _('Bank Swift') . '</th>
-		</tr></font>';
+	echo '<table class="selection">
+			<tr>
+				<th>' . _('ID') . '</th>
+				<th>' . _('Description') . '</th>
+				<th>' . _('Input Tax') . '<br />' . _('GL Account') . '</th>
+				<th>' . _('Output Tax') . '<br />' . _('GL Account') . '</th>
+				<th>' . _('Bank') . '</th>
+				<th>' . _('Bank Account') . '</th>
+				<th>' . _('Bank Act Type') . '</th>
+				<th>' . _('Bank Swift') . '</th>
+			</tr>';
 	$k=0;
 	while ($myrow = DB_fetch_row($result)) {
 
@@ -161,7 +163,7 @@
 			$k++;
 		}
 
-		printf("<td>%s</td>
+		printf('<td>%s</td>
 				<td>%s</td>
 				<td>%s</td>
 				<td>%s</td>
@@ -169,24 +171,24 @@
 				<td>%s</td>
 				<td>%s</td>
 				<td>%s</td>
-				<td><a href=\"%s&SelectedTaxAuthID=%s\">" . _('Edit') . "</a></td>
-				<td><a href=\"%s&SelectedTaxAuthID=%s&delete=yes\">" . _('Delete') . "</a></td>
-				<td><td><a href=\"%s&TaxAuthority=%s\">" . _('Edit Rates') . "</a></td>
-			</tr>",
-			$myrow[0],
-			$myrow[1],
-			$myrow[3],
-			$myrow[2],
-			$myrow[4],
-			$myrow[5],
-			$myrow[6],
-			$myrow[7],
-			$_SERVER['PHP_SELF'] . '?',
-			$myrow[0],
-			$_SERVER['PHP_SELF'] . '?',
-			$myrow[0],
-			$rootpath . '/TaxAuthorityRates.php?',
-			$myrow[0]);
+				<td><a href="%sSelectedTaxAuthID=%s">' . _('Edit') . '</a></td>
+				<td><a href="%sSelectedTaxAuthID=%s&delete=yes" onclick="return confirm(\'' . _('Are you sure you wish to delete this tax authority?') . '\');">' . _('Delete') . '</a></td>
+				<td><td><a href="%sTaxAuthority=%s">' . _('Edit Rates') . '</a></td>
+				</tr>',
+				$myrow[0],
+				$myrow[1],
+				$myrow[3],
+				$myrow[2],
+				$myrow[4],
+				$myrow[5],
+				$myrow[6],
+				$myrow[7],
+				$_SERVER['PHP_SELF'] . '?',
+				$myrow[0],
+				$_SERVER['PHP_SELF'] . '?',
+				$myrow[0],
+				$rootpath . '/TaxAuthorityRates.php?',
+				$myrow[0]);
 
 	}
 	//END WHILE LIST LOOP
@@ -199,7 +201,9 @@
 
 
 if (isset($SelectedTaxAuthID)) {
-	echo '<div class="centre"><a href="' .  $_SERVER['PHP_SELF'] .'">' . _('Review all defined tax authority records') . '</a></div>';
+	echo '<div class="centre">
+			<a href="' .  $_SERVER['PHP_SELF'] .'">' . _('Review all defined tax authority records') . '</a>
+		</div>';
  }
 
 
@@ -210,14 +214,14 @@
 	//editing an existing tax authority
 
 	$sql = "SELECT taxglcode,
-			purchtaxglaccount,
-			description,
-			bank,
-			bankacc,
-			bankacctype,
-			bankswift
-		FROM taxauthorities
-		WHERE taxid='" . $SelectedTaxAuthID . "'";
+				purchtaxglaccount,
+				description,
+				bank,
+				bankacc,
+				bankacctype,
+				bankswift
+			FROM taxauthorities
+			WHERE taxid='" . $SelectedTaxAuthID . "'";
 
 	$result = DB_query($sql, $db);
 	$myrow = DB_fetch_array($result);
@@ -231,56 +235,57 @@
 	$_POST['BankSwift']	= $myrow['bankswift'];
 
 
-	echo "<input type=hidden name='SelectedTaxAuthID' VALUE=" . $SelectedTaxAuthID . '>';
+	echo '<input type="hidden" name="SelectedTaxAuthID" value="' . $SelectedTaxAuthID . '" />';
 
 }  //end of if $SelectedTaxAuthID only do the else when a new record is being entered
 
 
 $SQL = "SELECT accountcode,
-		accountname
-	FROM chartmaster,
-		accountgroups
-	WHERE chartmaster.group_=accountgroups.groupname
-	AND accountgroups.pandl=0
-	ORDER BY accountcode";
+				accountname
+		FROM chartmaster INNER JOIN accountgroups
+		ON chartmaster.group_=accountgroups.groupname
+		WHERE accountgroups.pandl=0
+		ORDER BY accountcode";
 $result = DB_query($SQL,$db);
 
 if (!isset($_POST['Description'])) {
 	$_POST['Description']='';
 }
-echo '<table class=selection>
-<tr><td>' . _('Tax Type Description') . ":</td>
-<td><input type=Text name='Description' size=21 maxlength=20 value='" . $_POST['Description'] . "'></td></tr>";
+echo '<table class="selection">
+		<tr>
+			<td>' . _('Tax Type Description') . ':</td>
+			<td><input type="text" name="Description" size="21" maxlength="20" value="' . $_POST['Description'] . '"></td>
+		</tr>
+		<tr>
+			<td>' . _('Input tax GL Account') . ':</td>
+			<td><select name="PurchTaxGLCode">';
 
-
-echo '<tr><td>' . _('Input tax GL Account') . ':</td>
-	<td><select name="PurchTaxGLCode">';
-
 while ($myrow = DB_fetch_array($result)) {
 	if (isset($_POST['PurchTaxGLCode']) and $myrow['accountcode']==$_POST['PurchTaxGLCode']) {
-		echo '<option selected VALUE=';
+		echo '<option selected value=';
 	} else {
-		echo '<option VALUE=';
+		echo '<option value=';
 	}
 	echo $myrow['accountcode'] . '>' . $myrow['accountname'] . ' ('.$myrow['accountcode'].')' . '</option>';
 
 } //end while loop
 
-echo '</select></td></tr>';
+echo '</select></td>
+	</tr>';
 
 DB_data_seek($result,0);
 
-echo '<tr><td>' . _('Output tax GL Account') . ':</td>
-	<td><select name="TaxGLCode">';
+echo '<tr>
+		<td>' . _('Output tax GL Account') . ':</td>
+		<td><select name="TaxGLCode">';
 
-
 while ($myrow = DB_fetch_array($result)) {
 	if (isset($_POST['TaxGLCode']) and $myrow['accountcode']==$_POST['TaxGLCode']) {
-		echo "<option selected VALUE='";
+		echo '<option selected value="';
 	} else {
-		echo "<option VALUE='";
+		echo '<option value="';
 	}
-	echo $myrow['accountcode'] . "'>" . $myrow['accountname'] . ' ('.$myrow['accountcode'].')' . '</option>';
+	echo $myrow['accountcode'] . '">' . $myrow['accountname'] . ' ('.$myrow['accountcode'].')' . '</option>';
 
 } //end while loop
 
@@ -297,20 +302,32 @@
 	$_POST['BankSwift']='';
 }
 
-echo '</select></td></tr>';
-echo '<tr><td>' . _('Bank Name') . ':</td>';
-echo '<td><input type=Text name="Bank" size=41 maxlength=40 value="' . $_POST['Bank'] . '"></td></tr>';
-echo '<tr><td>' . _('Bank Account Type') . ':</td>';
-echo '<td><input type=Text name="BankAccType" size=15 maxlength=20 value="' . $_POST['BankAccType'] . '"></td></tr>';
-echo '<tr><td>' . _('Bank Account') . ':</td>';
-echo '<td><input type=Text name="BankAcc" size=21 maxlength=20 value="' . $_POST['BankAcc'] . '"></td></tr>';
-echo '<tr><td>' . _('Bank Swift No') . ':</td>';
-echo '<td><input type=Text name="BankSwift" size=15 maxlength=14 value="' . $_POST['BankSwift'] . '"></td></tr>';
+echo '</select></td>
+	</tr>
+	<tr>
+		<td>' . _('Bank Name') . ':</td>
+		<td><input type="text" name="Bank" size="41" maxlength="40" value="' . $_POST['Bank'] . '" /></td>
+	</tr>
+	<tr>
+		<td>' . _('Bank Account Type') . ':</td>
+		<td><input type="text" name="BankAccType" size="15" maxlength="20" value="' . $_POST['BankAccType'] . '" /></td>
+	</tr>
+	<tr>
+		<td>' . _('Bank Account') . ':</td>
+		<td><input type="text" name="BankAcc" size="21" maxlength="20" value="' . $_POST['BankAcc'] . '" /></td>
+	</tr>
+	<tr>
+		<td>' . _('Bank Swift No') . ':</td>
+		<td><input type="text" name="BankSwift" size="15" maxlength="14" value="' . $_POST['BankSwift'] . '" /></td>
+	</tr>
+	</table>';
 
-echo '</table>';
+echo '<br />
+		<div class="centre">
+			<input type="submit" name="submit" value="' . _('Enter Information') . '" />
+		</div>
+	</form>';
 
-echo '<br /><div class="centre"><input type=submit name=submit value=' . _('Enter Information') . '></div></form>';
-
 include('includes/footer.inc');
 
 ?>
\ No newline at end of file

Modified: trunk/TaxAuthorityRates.php
===================================================================
--- trunk/TaxAuthorityRates.php	2011-10-16 07:24:19 UTC (rev 4722)
+++ trunk/TaxAuthorityRates.php	2011-10-17 09:14:05 UTC (rev 4723)
@@ -12,8 +12,10 @@
 $title = _('Tax Rates');
 include('includes/header.inc');
 
-echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/maintenance.png" title="' . _('Supplier Types')
-	. '" alt="" />' . $title. '</p>';
+echo '<p class="page_title_text">
+		<img src="'.$rootpath.'/css/'.$theme.'/images/maintenance.png" title="' . _('Supplier Types')
+	. '" alt="" />' . $title. '
+	</p>';
 
 
 if (!isset($TaxAuthority)){
@@ -34,7 +36,7 @@
 
 	while ($myrow=DB_fetch_array($TaxRatesResult)){
 
-		$sql = "UPDATE taxauthrates SET taxrate=" . ($_POST[$myrow['dispatchtaxprovince'] . '_' . $myrow['taxcatid']]/100) . "
+		$sql = "UPDATE taxauthrates SET taxrate=" . (filter_number_format($_POST[$myrow['dispatchtaxprovince'] . '_' . $myrow['taxcatid']])/100) . "
 						WHERE taxcatid = '" . $myrow['taxcatid'] . "'
 						AND dispatchtaxprovince = '" . $myrow['dispatchtaxprovince'] . "'
 						AND taxauthority = '" . $TaxAuthority . "'";
@@ -49,35 +51,39 @@
 /*Display updated rates
 */
 
-$TaxAuthDetail = DB_query("SELECT description FROM taxauthorities WHERE taxid='" . $TaxAuthority . "'",$db);
+$TaxAuthDetail = DB_query("SELECT description 
+							FROM taxauthorities WHERE taxid='" . $TaxAuthority . "'",$db);
 $myrow = DB_fetch_row($TaxAuthDetail);
 
 echo '<form action="' . $_SERVER['PHP_SELF'] . '" method="post">';
 echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
 
-echo '<input type=hidden name="TaxAuthority" value="' . $TaxAuthority . '">';
+echo '<input type=hidden name="TaxAuthority" value="' . $TaxAuthority . '" />';
 
 $TaxRatesResult = DB_query("SELECT taxauthrates.taxcatid,
 									taxcategories.taxcatname,
 									taxauthrates.taxrate,
 									taxauthrates.dispatchtaxprovince,
 									taxprovinces.taxprovincename
-									FROM taxauthrates INNER JOIN taxauthorities
-										ON taxauthrates.taxauthority=taxauthorities.taxid
-										INNER JOIN taxprovinces
-										ON taxauthrates.dispatchtaxprovince= taxprovinces.taxprovinceid
-										INNER JOIN taxcategories
-										ON taxauthrates.taxcatid=taxcategories.taxcatid
-									WHERE taxauthrates.taxauthority='" . $TaxAuthority . "'
-									ORDER BY taxauthrates.dispatchtaxprovince,
-									taxauthrates.taxcatid",
-								$db);
+							FROM taxauthrates INNER JOIN taxauthorities
+							ON taxauthrates.taxauthority=taxauthorities.taxid
+							INNER JOIN taxprovinces
+							ON taxauthrates.dispatchtaxprovince= taxprovinces.taxprovinceid
+							INNER JOIN taxcategories
+							ON taxauthrates.taxcatid=taxcategories.taxcatid
+							WHERE taxauthrates.taxauthority='" . $TaxAuthority . "'
+							ORDER BY taxauthrates.dispatchtaxprovince,
+							taxauthrates.taxcatid",
+							$db);
 
 if (DB_num_rows($TaxRatesResult)>0){
 
-	echo '<table cellpadding=2 class="selection">';
-	echo '<tr><th colspan=3><font size=3 color=navy>' . _('Update') . ' ' . $myrow[0] . ' ' . _('Rates') . '</font></th></tr>';
-	$TableHeader = '<tr><th>' . _('Deliveries From') . '<br />' . _('Tax Province') . '</th>
+	echo '<table class="selection">';
+	echo '<tr>
+			<th colspan="3"><font size="3" color="navy">' . _('Update') . ' ' . $myrow[0] . ' ' . _('Rates') . '</font></th>
+		</tr>';
+	$TableHeader = '<tr>
+						<th>' . _('Deliveries From') . '<br />' . _('Tax Province') . '</th>
 						<th>' . _('Tax Category') . '</th>
 						<th>' . _('Tax Rate') . ' %</th>
 					</tr>';
@@ -89,7 +95,7 @@
 	while ($myrow = DB_fetch_array($TaxRatesResult)){
 
 		if ($OldProvince!=$myrow['dispatchtaxprovince'] AND $OldProvince!=''){
-			echo '<tr bgcolor="#555555"><font size=1> </font><td colspan=3></td></tr>';
+			echo '<tr bgcolor="#555555"><td colspan="3"></td></tr>';
 		}
 
 		if ($k==1){
@@ -101,13 +107,13 @@
 		}
 
 		printf('<td>%s</td>
-			<td>%s</td>
-			<td><input type="text" class="number" name=%s maxlength=5 size=5 value=%s></td>
-			</tr>',
-			$myrow['taxprovincename'],
-			$myrow['taxcatname'],
-			$myrow['dispatchtaxprovince'] . '_' . $myrow['taxcatid'],
-			$myrow['taxrate']*100 );
+				<td>%s</td>
+				<td><input type="text" class="number" name=%s maxlength="5" size="5" value="%s" /></td>
+				</tr>',
+				$myrow['taxprovincename'],
+				$myrow['taxcatname'],
+				$myrow['dispatchtaxprovince'] . '_' . $myrow['taxcatid'],
+				locale_number_format($myrow['taxrate']*100,2));
 
 		$OldProvince = $myrow['dispatchtaxprovince'];
 
@@ -116,7 +122,7 @@
 echo '</table>';
 echo '<br />
 		<div class="centre">
-		<input type=submit name="UpdateRates" VALUE="' . _('Update Rates') . '">';
+		<input type="submit" name="UpdateRates" value="' . _('Update Rates') . '" />';
 } //end if tax taxcatid/rates to show
 	else {
 	prnMsg(_('There are no tax rates to show - perhaps the dispatch tax province records have not yet been created?'),'warn');
@@ -124,11 +130,16 @@
 
 echo '</form>';
 
-echo '<br /><br /><a href="' . $rootpath . '/TaxAuthorities.php">' . _('Tax Authorities') .  '</a>';
-echo '<br /><a href="' . $rootpath . '/TaxGroups.php">' . _('Tax Groupings') .  '</a>';
-echo '<br /><a href="' . $rootpath . '/TaxCategories.php">' . _('Tax Categories') .  '</a>';
-echo '<br /><a href="' . $rootpath . '/TaxProvinces.php">' . _('Dispatch Tax Provinces') .  '</a>';
-echo '</div>';
+echo '<br />
+	<br />
+	<a href="' . $rootpath . '/TaxAuthorities.php">' . _('Tax Authorities') .  '</a>
+	<br />
+	<a href="' . $rootpath . '/TaxGroups.php">' . _('Tax Groupings') .  '</a>
+	<br />
+	<a href="' . $rootpath . '/TaxCategories.php">' . _('Tax Categories') .  '</a>
+	<br />
+	<a href="' . $rootpath . '/TaxProvinces.php">' . _('Dispatch Tax Provinces') .  '</a>
+	</div>';
 
 include( 'includes/footer.inc' );
 ?>
\ No newline at end of file

Modified: trunk/TaxCategories.php
===================================================================
--- trunk/TaxCategories.php	2011-10-16 07:24:19 UTC (rev 4722)
+++ trunk/TaxCategories.php	2011-10-17 09:14:05 UTC (rev 4723)
@@ -26,9 +26,9 @@
 
 	//first off validate inputs sensible
 
-	if (mb_strpos($_POST['TaxCategoryName'],'&')>0 OR mb_strpos($_POST['TaxCategoryName'],"'")>0) {
+	if (ContainsIllegalCharacters($_POST['TaxCategoryName'])) {
 		$InputError = 1;
-		prnMsg( _('The tax category name cannot contain the character') . " '&' " . _('or the character') ." '",'error');
+		prnMsg( _('The tax category name cannot contain the character') . " '&' " . _('or the character') ." ' " . _('or a space') ,'error');
 	}
 	if (trim($_POST['TaxCategoryName']) == '') {
 		$InputError = 1;
@@ -162,10 +162,10 @@
 	$ErrMsg = _('Could not get tax categories because');
 	$result = DB_query($sql,$db,$ErrMsg);
 
-	echo '<table class=selection>
-		<tr>
-		<th>' . _('Tax Categories') . '</th>
-		</tr>';
+	echo '<table class="selection">
+			<tr>
+				<th>' . _('Tax Categories') . '</th>
+			</tr>';
 
 	$k=0; //row colour counter
 	while ($myrow = DB_fetch_row($result)) {
@@ -178,18 +178,20 @@
 			$k++;
 		}
 
-		echo '<td>' . $myrow[1] . '</td>';
-		echo '<td><a href="' . $_SERVER['PHP_SELF'] . '?SelectedTaxCategory=' . $myrow[0] . '">' . _('Edit') . '</a></td>';
-		echo '<td><a href="' . $_SERVER['PHP_SELF'] . '?SelectedTaxCategory=' . $myrow[0] . '&delete=1" onclick="return confirm(\'' . _('Are you sure you wish to delete this tax category?') . '\');">' . _('Delete') .'</a></td>';
-		echo '</tr>';
+		echo '<td>' . $myrow[1] . '</td>
+				<td><a href="' . $_SERVER['PHP_SELF'] . '?SelectedTaxCategory=' . $myrow[0] . '">' . _('Edit') . '</a></td>
+				<td><a href="' . $_SERVER['PHP_SELF'] . '?SelectedTaxCategory=' . $myrow[0] . '&delete=1" onclick="return confirm(\'' . _('Are you sure you wish to delete this tax category?') . '\');">' . _('Delete') .'</a></td>
+			</tr>';
 
 	} //END WHILE LIST LOOP
-	echo '</table><p>';
+	echo '</table><p />';
 } //end of ifs and buts!
 
 
 if (isset($SelectedTaxCategory)) {
-	echo '<div class="centre"><a href="' . $_SERVER['PHP_SELF'] . '">' . _('Review Tax Categories') . '</a></div>';
+	echo '<div class="centre">
+			<a href="' . $_SERVER['PHP_SELF'] . '">' . _('Review Tax Categories') . '</a>
+		</div>';
 }
 
 echo '<p>';
@@ -216,24 +218,26 @@
 
 			$_POST['TaxCategoryName']  = $myrow['taxcatname'];
 
-			echo '<input type="hidden" name="SelectedTaxCategory" value="' . $myrow['taxcatid'] . '">';
-			echo '<table class=selection>';
+			echo '<input type="hidden" name="SelectedTaxCategory" value="' . $myrow['taxcatid'] . '" />';
+			echo '<table class="selection">';
 		}
 
 	}  else {
 		$_POST['TaxCategoryName']='';
-		echo '<table class=selection>';
+		echo '<table class="selection">';
 	}
 	echo '<tr>
-		<td>' . _('Tax Category Name') . ':' . '</td>
-		<td><input type="text" name="TaxCategoryName" size=30 maxlength=30 value="' . $_POST['TaxCategoryName'] . '"></td>
-		</tr>';
-	echo '</table>';
+			<td>' . _('Tax Category Name') . ':' . '</td>
+			<td><input type="text" name="TaxCategoryName" size=30 maxlength=30 value="' . $_POST['TaxCategoryName'] . '" /></td>
+		</tr>
+		</table>';
 
-	echo '<br /><div class="centre"><input type=Submit name=submit value=' . _('Enter Information') . '></div>';
+	echo '<br />
+			<div class="centre">
+				<input type="submit" name="submit" value="' . _('Enter Information') . '" />
+			</div>
+		</form>';
 
-	echo '</form>';
-
 } //end if record deleted no point displaying form to add record
 
 include('includes/footer.inc');

Modified: trunk/TaxGroups.php
===================================================================
--- trunk/TaxGroups.php	2011-10-16 07:24:19 UTC (rev 4722)
+++ trunk/TaxGroups.php	2011-10-17 09:14:05 UTC (rev 4723)
@@ -22,7 +22,7 @@
 	/* actions to take once the user has clicked the submit button
 	ie the page has called itself with some user input */
 	//first off validate inputs sensible
-	if (isset($_POST['GroupName']) && mb_strlen($_POST['GroupName'])<4){
+	if (isset($_POST['GroupName']) AND mb_strlen($_POST['GroupName'])<4){
 		$InputError = 1;
 		prnMsg(_('The Group description entered must be at least 4 characters long'),'error');
 	}
@@ -38,12 +38,15 @@
 			$SuccessMsg = _('The tax group description was updated to') . ' ' . $_POST['GroupName'];
 		} else { // Add new tax group
 
-			$result = DB_query("SELECT taxgroupid FROM taxgroups WHERE taxgroupdescription='" . $_POST['GroupName'] . "'",$db);
+			$result = DB_query("SELECT taxgroupid 
+								FROM taxgroups 
+								WHERE taxgroupdescription='" . $_POST['GroupName'] . "'",$db);
 			if (DB_num_rows($result)==1){
 				prnMsg( _('A new tax group could not be added because a tax group already exists for') . ' ' . $_POST['GroupName'],'warn');
 				unset($sql);
 			} else {
-				$sql = "INSERT INTO taxgroups (taxgroupdescription) VALUES ('". $_POST['GroupName'] . "')";
+				$sql = "INSERT INTO taxgroups (taxgroupdescription) 
+						VALUES ('". $_POST['GroupName'] . "')";
 				$ErrMsg = _('The addition of the group failed because');
 				$SuccessMsg = _('Added the new tax group') . ' ' . $_POST['GroupName'];
 			}
@@ -54,11 +57,11 @@
 		$TaxAuthority = $_GET['TaxAuthority'];
 		if( isset($_GET['add']) ) { // adding a tax authority to a tax group
 			$sql = "INSERT INTO taxgrouptaxes ( taxgroupid,
-								taxauthid,
-								calculationorder)
+												taxauthid,
+												calculationorder)
 					VALUES ('" . $SelectedGroup . "',
-						'" . $TaxAuthority . "',
-						0)";
+							'" . $TaxAuthority . "',
+							0)";
 
 			$ErrMsg = _('The addition of the tax failed because');
 			$SuccessMsg = _('The tax was added.');
@@ -74,7 +77,7 @@
 		unset($_GET['TaxAuthority']);
 	}
 	// Need to exec the query
-	if (isset($sql) && $InputError != 1 ) {
+	if (isset($sql) AND $InputError != 1 ) {
 		$result = DB_query($sql,$db,$ErrMsg);
 		if( $result ) {
 			prnMsg( $SuccessMsg,'success');
@@ -101,10 +104,10 @@
 
 	//need to do a reality check to ensure that taxontax is relevant only for taxes after the first tax
 	$sql = "SELECT taxauthid,
-			taxontax
-		FROM taxgrouptaxes
-		WHERE taxgroupid='" . $SelectedGroup . "'
-		ORDER BY calculationorder";
+					taxontax
+			FROM taxgrouptaxes
+			WHERE taxgroupid='" . $SelectedGroup . "'
+			ORDER BY calculationorder";
 
 	$Result = DB_query($sql,$db,_('Could not get tax authorities in the selected tax group'));
 
@@ -112,7 +115,9 @@
 		$myrow=DB_fetch_array($Result);
 		if ($myrow['taxontax']==1){
 			prnMsg(_('It is inappropriate to set tax on tax where the tax is the first in the calculation order. The system has changed it back to no tax on tax for this tax authority'),'warning');
-			$Result = DB_query("UPDATE taxgrouptaxes SET taxontax=0 WHERE taxgroupid='" . $SelectedGroup . "' AND taxauthid='" . $myrow['taxauthid'] . "'",$db);
+			$Result = DB_query("UPDATE taxgrouptaxes SET taxontax=0 
+								WHERE taxgroupid='" . $SelectedGroup . "' 
+								AND taxauthid='" . $myrow['taxauthid'] . "'",$db);
 		}
 	}
 } elseif (isset($_GET['Delete'])) {
@@ -126,7 +131,8 @@
 		prnMsg( _('Cannot delete this tax group because some customer branches are setup using it'),'warn');
 		echo '<br />' . _('There are') . ' ' . $myrow[0] . ' ' . _('customer branches referring to this tax group');
 	} else {
-		$sql= "SELECT COUNT(*) FROM suppliers WHERE taxgroupid='" . $_GET['SelectedGroup'] . "'";
+		$sql= "SELECT COUNT(*) FROM suppliers 
+				WHERE taxgroupid='" . $_GET['SelectedGroup'] . "'";
 		$result = DB_query($sql,$db);
 		$myrow = DB_fetch_row($result);
 		if ($myrow[0]>0) {
@@ -134,9 +140,11 @@
 			echo '<br />' . _('There are') . ' ' . $myrow[0] . ' ' . _('suppliers referring to this tax group');
 		} else {
 
-			$sql="DELETE FROM taxgrouptaxes WHERE taxgroupid='" . $_GET['SelectedGroup'] . "'";
+			$sql="DELETE FROM taxgrouptaxes 
+					WHERE taxgroupid='" . $_GET['SelectedGroup'] . "'";
 			$result = DB_query($sql,$db);
-			$sql="DELETE FROM taxgroups WHERE taxgroupid='" . $_GET['SelectedGroup'] . "'";
+			$sql="DELETE FROM taxgroups 
+					WHERE taxgroupid='" . $_GET['SelectedGroup'] . "'";
 			$result = DB_query($sql,$db);
 			prnMsg( $_GET['GroupID'] . ' ' . _('tax group has been deleted') . '!','success');
 		}
@@ -150,8 +158,8 @@
 /* If its the first time the page has been displayed with no parameters then none of the above are true and the list of tax groups will be displayed with links to delete or edit each. These will call the same page again and allow update/input or deletion of tax group taxes*/
 
 	$sql = "SELECT taxgroupid,
-			taxgroupdescription
-		FROM taxgroups";
+					taxgroupdescription
+			FROM taxgroups";
 	$result = DB_query($sql,$db);
 
 	if( DB_num_rows($result) == 0 ) {
@@ -159,9 +167,11 @@
 		prnMsg(_('There are no tax groups configured.'),'info');
 		echo '</div>';
 	} else {
-		echo '<table class=selection>';
-		echo '<tr><th>' . _('Group No') . '</th>
-				<th>' . _('Tax Group') . '</th></tr>';
+		echo '<table class="selection">
+				<tr>
+					<th>' . _('Group No') . '</th>
+					<th>' . _('Tax Group') . '</th>
+				</tr>';
 
 		$k=0; //row colour counter
 		while ($myrow = DB_fetch_array($result)) {
@@ -174,17 +184,17 @@
 			}
 
 			printf('<td>%s</td>
-				<td>%s</td>
-				<td><a href="%s&SelectedGroup=%s">' . _('Edit') . '</a></td>
-				<td><a href="%s&SelectedGroup=%s&Delete=1&GroupID=%s">' . _('Delete') . '</a></td>
-				</tr>',
-				$myrow['taxgroupid'],
-				$myrow['taxgroupdescription'],
-				$_SERVER['PHP_SELF']  . '?',
-				$myrow['taxgroupid'],
-				$_SERVER['PHP_SELF'] . '?',
-				$myrow['taxgroupid'],
-				urlencode($myrow['taxgroupdescription']));
+					<td>%s</td>
+					<td><a href="%s&SelectedGroup=%s">' . _('Edit') . '</a></td>
+					<td><a href="%s&SelectedGroup=%s&Delete=1&GroupID=%s" onclick="return confirm(\'' . _('Are you sure you wish to delete this tax group?') . '\');">' . _('Delete') . '</a></td>
+					</tr>',
+					$myrow['taxgroupid'],
+					$myrow['taxgroupdescription'],
+					$_SERVER['PHP_SELF']  . '?',
+					$myrow['taxgroupid'],
+					$_SERVER['PHP_SELF'] . '?',
+					$myrow['taxgroupid'],
+					urlencode($myrow['taxgroupdescription']));
 
 		} //END WHILE LIST LOOP
 		echo '</table>';
@@ -193,16 +203,18 @@
 
 
 if (isset($SelectedGroup)) {
-	echo '<div class="centre"><a href="' . $_SERVER['PHP_SELF'] . '">' . _('Review Existing Groups') . '</a></div>';
+	echo '<div class="centre">
+			<a href="' . $_SERVER['PHP_SELF'] . '">' . _('Review Existing Groups') . '</a>
+		</div>';
 }
 
 if (isset($SelectedGroup)) {
 	//editing an existing role
 
 	$sql = "SELECT taxgroupid,
-			taxgroupdescription
-		FROM taxgroups
-		WHERE taxgroupid='" . $SelectedGroup . "'";
+					taxgroupdescription
+			FROM taxgroups
+			WHERE taxgroupid='" . $SelectedGroup . "'";
 	$result = DB_query($sql, $db);
 	if ( DB_num_rows($result) == 0 ) {
 		prnMsg( _('The selected tax group is no longer available.'),'warn');
@@ -216,7 +228,7 @@
 echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
 echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
 if( isset($_POST['SelectedGroup'])) {
-	echo '<input type="hidden" name="SelectedGroup" value="' . $_POST['SelectedGroup'] . '">';
+	echo '<input type="hidden" name="SelectedGroup" value="' . $_POST['SelectedGroup'] . '" />';
 }
 echo '<table class="selection">';
 
@@ -224,8 +236,10 @@
 	$_POST['GroupName']='';
 }
 echo '<tr><td>' . _('Tax Group') . ':</td>
-		<td><input type="text" name="GroupName" size=40 maxlength=40 value="' . $_POST['GroupName'] . '"></td>';
-echo '<td><input type="submit" name="submit" value="' . _('Enter Group') . '"></td></tr></form>';
+		<td><input type="text" name="GroupName" size=40 maxlength=40 value="' . $_POST['GroupName'] . '" /></td>';
+echo '<td><input type="submit" name="submit" value="' . _('Enter Group') . '"></td>
+	</tr>
+	</form>';
 
 
 if (isset($SelectedGroup)) {
@@ -260,17 +274,18 @@
 
 	/* the order and tax on tax will only be an issue if more than one tax authority in the group */
 	if (count($TaxAuthsUsed)>0) {
-		echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '?' . SID .'">';
-		echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
-		echo '<input type=hidden name="SelectedGroup" value="' . $SelectedGroup .'">';
-		echo '<table class="selection">';
-		echo '<tr><th colspan=3><font size=3 color=navy>'._('Calculation Order').'</font></th></tr>';
-
-		echo '<tr>
-				<th>'._('Tax Authority').'</th>
-				<th>'._('Order').'</th>
-				<th>'._('Tax on Prior Taxes').'</th>
-			</tr>';
+		echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
+		echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />
+				<input type=hidden name="SelectedGroup" value="' . $SelectedGroup .'" />';
+		echo '<table class="selection">
+				<tr>
+					<th colspan=3><font size="3" color="navy">'._('Calculation Order').'</font></th>
+				</tr>
+				<tr>
+					<th>'._('Tax Authority').'</th>
+					<th>'._('Order').'</th>
+					<th>'._('Tax on Prior Taxes').'</th>
+				</tr>';
 		$k=0; //row colour counter
 		for ($i=1;$i < count($TaxAuthRow)+1;$i++) {
 			if ($k==1){
@@ -285,10 +300,9 @@
 				$TaxAuthRow[$i]['calculationorder'] = $i;
 			}
 
-			echo '<td>' . $TaxAuthRow[$i]['taxname'] . '</td><td>'.
-				'<input type="text" class="number" name="CalcOrder_' . $TaxAuthRow[$i]['taxauthid'] . '" value="' .
-					$TaxAuthRow[$i]['calculationorder'] . '" size=2 maxlength=2 style="width: 100%"></td>';
-			echo '<td><select name="TaxOnTax_' . $TaxAuthRow[$i]['taxauthid'] . '" style="width: 100%">';
+			echo '<td>' . $TaxAuthRow[$i]['taxname'] . '</td>
+				<td><input type="text" class="number" name="CalcOrder_' . $TaxAuthRow[$i]['taxauthid'] . '" value="' . $TaxAuthRow[$i]['calculationorder'] . '" size="2" maxlength="2" style="width: 100%" /></td>
+				<td><select name="TaxOnTax_' . $TaxAuthRow[$i]['taxauthid'] . '" style="width: 100%">';
 			if ($TaxAuthRow[$i]['taxontax']==1){
 				echo '<option selected value=1>' . _('Yes') . '</option>';
 				echo '<option value=0>' . _('No') . '</option>';
@@ -296,35 +310,42 @@
 				echo '<option value=1>' . _('Yes') . '</option>';
 				echo '<option selected value=0>' . _('No') . '</option>';
 			}
-			echo '</select></td></tr>';
+			echo '</select></td>
+				</tr>';
 
 		}
 		echo '</table>';
-		echo '<br /><div class="centre"><input type="submit" name="UpdateOrder" value="' . _('Update Order') . '"></div>';
+		echo '<br />
+			<div class="centre">
+				<input type="submit" name="UpdateOrder" value="' . _('Update Order') . '" />
+			</div>';
 	}
 
 	echo '</form>';
 
 	if (DB_num_rows($Result)>0 ) {
 		echo '<br />';
-		echo '<table class=selection>
+		echo '<table class="selection">
 				<tr>
-					<th colspan=4>'._('Assigned Taxes') . '</th>
+					<th colspan="4">'._('Assigned Taxes') . '</th>
 					<th></th>
-					<th colspan=2>' . _('Available Taxes') . '</th>
+					<th colspan="2">' . _('Available Taxes') . '</th>
+				</tr>
+				<tr>
+					<th>' . _('Tax Auth ID') . '</th>
+					<th>' . _('Tax Authority Name') . '</th>
+					<th>' . _('Calculation Order') . '</th>
+					<th>' . _('Tax on Prior Tax(es)') . '</th>
+					<th></th>
+					<th>' . _('Tax Auth ID') . '</th>
+					<th>' . _('Tax Authority Name') . '</th>
 				</tr>';
-		echo '<tr>
-				<th>' . _('Tax Auth ID') . '</th>
-				<th>' . _('Tax Authority Name') . '</th>
-				<th>' . _('Calculation Order') . '</th>
-				<th>' . _('Tax on Prior Tax(es)') . '</th>
-				<th></th>
-				<th>' . _('Tax Auth ID') . '</th>
-				<th>' . _('Tax Authority Name') . '</th>
-			</tr>';
 
 	} else {
-		echo '<br /><div class="centre">' . _('There are no tax authorities defined to allocate to this tax group').'</div>';
+		echo '<br />
+				<div class="centre">' . 
+					_('There are no tax authorities defined to allocate to this tax group').'
+				</div>';
 	}
 
 	$k=0; //row colour counter
@@ -351,7 +372,7 @@
 				<td>%s</td>
 				<td>%s</td>
 				<td>%s</td>
-				<td><a href="%s&SelectedGroup=%s&remove=1&TaxAuthority=%s">' . _('Remove') . '</a></td>
+				<td><a href="%sSelectedGroup=%s&remove=1&TaxAuthority=%s" onclick="return confirm(\'' . _('Are you sure you wish to remove this tax authority from the group?') . '\');">' . _('Remove') . '</a></td>
 				<td>&nbsp;</td>
 				<td>&nbsp;</td>',
 				$AvailRow['taxid'],
@@ -371,7 +392,7 @@
 				<td>&nbsp;</td>
 				<td>%s</td>
 				<td>%s</td>
-				<td><a href="%s&SelectedGroup=%s&add=1&TaxAuthority=%s">' . _('Add') . '</a></td>',
+				<td><a href="%sSelectedGroup=%s&add=1&TaxAuthority=%s">' . _('Add') . '</a></td>',
 				$AvailRow['taxid'],
 				$AvailRow['taxname'],
 				$_SERVER['PHP_SELF']  . '?',

Modified: trunk/TaxProvinces.php
===================================================================
--- trunk/TaxProvinces.php	2011-10-16 07:24:19 UTC (rev 4722)
+++ trunk/TaxProvinces.php	2011-10-17 09:14:05 UTC (rev 4723)
@@ -7,7 +7,9 @@
 
 include('includes/header.inc');
 
-echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/maintenance.png" title="' . _('Search') . '" alt="" />' . ' ' . $title.'</p>';
+echo '<p class="page_title_text">
+		<img src="'.$rootpath.'/css/'.$theme.'/images/maintenance.png" title="' . _('Search') . '" alt="" />' . ' ' . $title.'
+	</p>';
 
 if ( isset($_GET['SelectedTaxProvince']) )
 	$SelectedTaxProvince = $_GET['SelectedTaxProvince'];
@@ -25,9 +27,9 @@
 
 	//first off validate inputs sensible
 
-	if (mb_strpos($_POST['TaxProvinceName'],'&')>0 OR mb_strpos($_POST['TaxProvinceName'],"'")>0) {
+	if (ContainsIllegalCharacters($_POST['TaxProvinceName'])) {
 		$InputError = 1;
-		prnMsg( _('The tax province name cannot contain the character') . " '&' " . _('or the character') ." '",'error');
+		prnMsg( _('The tax province name cannot contain any of the illegal characters'),'error');
 	}
 	if (trim($_POST['TaxProvinceName']) == '') {
 		$InputError = 1;
@@ -74,22 +76,24 @@
 				WHERE taxprovincename " .LIKE. " '".$_POST['TaxProvinceName'] ."'";
 		$result = DB_query($sql,$db);
 		$myrow = DB_fetch_row($result);
+		
 		if ( $myrow[0] > 0 ) {
+		
 			$InputError = 1;
 			prnMsg( _('The tax province cannot be created because another with the same name already exists'),'error');
+		
 		} else {
-			$sql = "INSERT INTO taxprovinces (
-							taxprovincename )
-				VALUES (
-					'" . $_POST['TaxProvinceName'] ."'
-					)";
+			
+			$sql = "INSERT INTO taxprovinces (taxprovincename )
+					VALUES ('" . $_POST['TaxProvinceName'] ."')";
+					
 			$ErrMsg = _('Could not add tax province');
 			$result = DB_query($sql,$db, $ErrMsg);
 
 			$TaxProvinceID = DB_Last_Insert_ID($db, 'taxprovinces', 'taxprovinceid');
 			$sql = "INSERT INTO taxauthrates (taxauthority, dispatchtaxprovince, taxcatid)
 					SELECT taxauthorities.taxid, '" . $TaxProvinceID . "', taxcategories.taxcatid
-						FROM taxauthorities CROSS JOIN taxcategories";
+					FROM taxauthorities CROSS JOIN taxcategories";
 			$ErrMsg = _('Could not add tax authority rates for the new dispatch tax province. The rates of tax will not be able to be added - manual database interaction will be required to use this dispatch tax province');
 			$result = DB_query($sql,$db, $ErrMsg);
 		}
@@ -156,10 +160,10 @@
 	$ErrMsg = _('Could not get tax categories because');
 	$result = DB_query($sql,$db,$ErrMsg);
 
-	echo "<table class=selection>
-		<tr>
-		<th>" . _('Tax Provinces') . "</th>
-		</tr>";
+	echo '<table class="selection">
+			<tr>
+				<th>' . _('Tax Provinces') . '</th>
+			</tr>';
 
 	$k=0; //row colour counter
 	while ($myrow = DB_fetch_row($result)) {
@@ -172,10 +176,10 @@
 			$k++;
 		}
 
-		echo '<td>' . $myrow[1] . '</td>';
-		echo '<td><a href="' . $_SERVER['PHP_SELF'] . '?' . SID . '&SelectedTaxProvince=' . $myrow[0] . '">' . _('Edit') . '</a></td>';
-		echo '<td><a href="' . $_SERVER['PHP_SELF'] . '?' . SID . '&SelectedTaxProvince=' . $myrow[0] . '&delete=1">' . _('Delete') .'</a></td>';
-		echo '</tr>';
+		echo '<td>' . $myrow[1] . '</td>
+				<td><a href="' . $_SERVER['PHP_SELF'] . '?SelectedTaxProvince=' . $myrow[0] . '">' . _('Edit') . '</a></td>
+				<td><a href="' . $_SERVER['PHP_SELF'] . '?SelectedTaxProvince=' . $myrow[0] . '&delete=1">' . _('Delete') .'</a></td>
+			</tr>';
 
 	} //END WHILE LIST LOOP
 	echo '</table><p>';
@@ -183,7 +187,9 @@
 
 
 if (isset($SelectedTaxProvince)) {
-	echo '<div class="centre"><a href="' . $_SERVER['PHP_SELF'] . '">' . _('Review Tax Provinces') . '</a></div>';
+	echo '<div class="centre">
+			<a href="' . $_SERVER['PHP_SELF'] . '">' . _('Review Tax Provinces') . '</a>
+		</div>';
 }
 
 echo '<p>';
@@ -210,7 +216,7 @@
 
 			$_POST['TaxProvinceName']  = $myrow['taxprovincename'];
 
-			echo '<input type=hidden name="SelectedTaxProvince" value="' . $myrow['taxprovinceid'] . '">';
+			echo '<input type="hidden" name="SelectedTaxProvince" value="' . $myrow['taxprovinceid'] . '" />';
 			echo '<table class="selection">';
 		}
 
@@ -219,22 +225,28 @@
 		echo '<table class="selection">';
 	}
 	echo '<tr>
-		<td>' . _('Tax Province Name') . ':' . '</td>
-		<td><input type="text" name="TaxProvinceName" size="30" maxlength="30" value="' . $_POST['TaxProvinceName'] . '"></td>
-		</tr>';
-	echo '</table>';
+			<td>' . _('Tax Province Name') . ':' . '</td>
+			<td><input type="text" name="TaxProvinceName" size="30" maxlength="30" value="' . $_POST['TaxProvinceName'] . '" /></td>
+		</tr>
+		</table>';
 
-	echo '<br /><div class="centre"><input type=Submit name=submit value=' . _('Enter Information') . '></div>';
+	echo '<br />
+			<div class="centre">
+				<input type=Submit name=submit value="' . _('Enter Information') . '" />
+			</div>';
 
 	echo '</form>';
 
 } //end if record deleted no point displaying form to add record
 
-echo '<div class="centre">';
-echo '<br /><a href="' . $rootpath . '/TaxAuthorities.php">' . _('Edit/Review Tax Authorities') .  '</a>';
-echo '<br /><a href="' . $rootpath . '/TaxGroups.php">' . _('Edit/Review Tax Groupings') .  '</a>';
-echo '<br /><a href="' . $rootpath . '/TaxCategories.php">' . _('Edit/Review Tax Categories') .  '</a>';
-echo '</div>';
+echo '<div class="centre">
+		<br />
+		<a href="' . $rootpath . '/TaxAuthorities.php">' . _('Edit/Review Tax Authorities') .  '</a>
+		<br />
+		<a href="' . $rootpath . '/TaxGroups.php">' . _('Edit/Review Tax Groupings') .  '</a>
+		<br />
+		<a href="' . $rootpath . '/TaxCategories.php">' . _('Edit/Review Tax Categories') .  '</a>
+	</div>';
 
 include('includes/footer.inc');
 ?>
\ No newline at end of file

Modified: trunk/TopItems.php
===================================================================
--- trunk/TopItems.php	2011-10-16 07:24:19 UTC (rev 4722)
+++ trunk/TopItems.php	2011-10-17 09:14:05 UTC (rev 4723)
@@ -11,9 +11,9 @@
 if (!(isset($_POST['Search']))) {
 			
 	echo '<p class="page_title_text"><img src="' . $rootpath . '/css/' . $theme . '/images/magnifier.png" title="' . _('Top Sales Order Search') . '" alt="" />' . ' ' . _('Top Sales Order Search') . '</p>';
-	echo '<form action="' . $_SERVER['PHP_SELF'] . '?name="SelectCustomer" method="POST">';
+	echo '<form action="' . $_SERVER['PHP_SELF'] . '?name="SelectCustomer" method="post">';
 	echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
-	echo '<table cellpadding="3" colspan="4" class="selection">';
+	echo '<table class="selection">';
 	//to view store location
 	echo '<tr>
 			<td width="150">' . _('Select Location') . '  </td>
@@ -21,17 +21,20 @@
 			<td><select name="Location">';
 	$sql = "SELECT loccode,
 					locationname
-				FROM `locations`";
+			FROM locations";
 	$result = DB_query($sql, $db);
 	echo '<option value="All">' . _('All') . '</option>';
 	while ($myrow = DB_fetch_array($result)) {
 		echo '<option value="' . $myrow['loccode'] . '">' . $myrow['loccode'] . ' - ' . $myrow['locationname'] . '</option>';
 	}
-	echo '</select></td></tr>';
+	echo '</select></td>
+		</tr>';
 	//to view list of customer
-	echo '<tr><td width="150">' . _('Select Customer Type') . '</td>
-				<td>:</td>
-				<td><select name="Customers">';
+	echo '<tr>
+			<td width="150">' . _('Select Customer Type') . '</td>
+			<td>:</td>
+			<td><select name="Customers">';
+			
 	$sql = "SELECT typename,
 					typeid
 				FROM debtortype";
@@ -41,17 +44,20 @@
 		echo '<option value="' . $myrow['typeid'] . '">' . $myrow['typename'] . '</option>';
 	}
 	echo '</select></td>
-			</tr>';
+		</tr>';
 	//view order by list to display
-	echo '<tr>	<td width="150">' . _('Select Order By ') . ' </td>
-				<td>:</td>
-				<td><select name="Sequence">';
-	echo '	<option value="totalinvoiced">' . _('Total Pieces') . '</option>';
-	echo '	<option value="valuesales">' . _('Value of Sales') . '</option>';
-	echo '	</select></td>
-				</tr>';
+	echo '<tr>
+			<td width="150">' . _('Select Order By ') . ' </td>
+			<td>:</td>
+			<td><select name="Sequence">
+				<option value="totalinvoiced">' . _('Total Pieces') . '</option>
+				<option value="valuesales">' . _('Value of Sales') . '</option>
+				</select></td>
+		</tr>';
 	//View number of days
-	echo '<tr><td>' . _('Number Of Days') . ' </td><td>:</td>
+	echo '<tr>
+			<td>' . _('Number Of Days') . ' </td>
+			<td>:</td>
 			<td><input class="number" tabindex="3" type="text" name="NumberOfDays" size="8"	maxlength="8" value="0" /></td>
 		 </tr>';
 	//view number of NumberOfTopItems items
@@ -65,8 +71,8 @@
 		</tr>
 	</table>
 	<br />
-	<div class=centre>
-		<input tabindex=5 type="submit" name="Search" value="' . _('Search') . '" />
+	<div class="centre">
+		<input tabindex="5" type="submit" name="Search" value="' . _('Search') . '" />
 	</div>
 	</form>';
 } else {
@@ -164,7 +170,8 @@
 	echo '<form action="PDFTopItems.php"  method="GET">
 		<table class="selection">';
 	echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
-	$TableHeader = '<tr><th>' . _('#') . '</th>
+	$TableHeader = '<tr>
+						<th>' . _('#') . '</th>
 						<th>' . _('Code') . '</th>
 						<th>' . _('Description') . '</th>
 						<th>' . _('Total Invoiced') . '</th>

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.





[Web-erp-svn] SF.net SVN: web-erp:[4723] trunk

Accounting & Best Practice Business Administration System

[Web-erp-svn] SF.net SVN: web-erp:[4723] trunk