[Web-erp-svn] SF.net SVN: web-erp:[4758] trunk

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Revision: 4758
          http://web-erp.svn.sourceforge.net/web-erp/?rev=4758&view=rev
Author:   daintree
Date:     2011-11-28 09:44:22 +0000 (Mon, 28 Nov 2011)
Log Message:
-----------
fixes to Special Orders and status comments

Modified Paths:
--------------
    trunk/PO_Header.php
    trunk/PO_Items.php
    trunk/PO_PDFPurchOrder.php
    trunk/PO_SelectOSPurchOrder.php
    trunk/SpecialOrder.php
    trunk/includes/PO_ReadInOrder.inc

Modified: trunk/PO_Header.php
===================================================================

--- trunk/PO_Header.php	2011-11-27 09:16:35 UTC (rev 4757)
+++ trunk/PO_Header.php	2011-11-28 09:44:22 UTC (rev 4758)
@@ -152,7 +152,7 @@
 			}
 			$SQL = "UPDATE purchorders SET status='" . $_POST['Status']. "',
 							stat_comment='" . $_SESSION['PO'.$identifier]->StatusComments ."',
-							allowprint='".$AllowPrint."'
+							allowprint='" . $AllowPrint . "'
 					WHERE purchorders.orderno ='" . $_SESSION['ExistingOrder'] ."'";
 		
 			$ErrMsg = _('The order status could not be updated because');
@@ -161,7 +161,6 @@
 	} //end if there is actually a status change the class Status != the POST['Status']
 }
 
-/*New order initiated by user clicking on supplier purchasing data from items page */
 if (isset($_GET['NewOrder']) 
 	AND isset($_GET['StockID']) 
 	AND isset($_GET['SelectedSupplier'])) {
@@ -179,7 +178,7 @@
 		$_SESSION['PO'.$identifier]->GLLink = $_SESSION['CompanyRecord']['gllink_stock'];
 		/* set the SupplierID we got */
 		$_SESSION['PO'.$identifier]->SupplierID = $_GET['SelectedSupplier'];
-		$_SESSION['PO'.$identifier]->DeliveryDate = DateAdd(date($_SESSION['DefaultDateFormat']), 'd', $_GET['LeadTime']);
+		$_SESSION['PO'.$identifier]->DeliveryDate = date($_SESSION['DefaultDateFormat']);
 		
 		$_SESSION['RequireSupplierSelection'] = 0;
 		$_POST['Select'] = $_GET['SelectedSupplier'];
@@ -732,7 +731,7 @@
 	if (isset($_GET['ModifyOrderNumber']) AND $_GET['ModifyOrderNumber'] != '') {
 		$_SESSION['PO'.$identifier]->Version += 1;
 		$_POST['Version'] =  $_SESSION['PO'.$identifier]->Version;
-	} elseif (isset($_SESSION['PO'.$identifier]->Version) and $_SESSION['PO'.$identifier]->Version != '') {
+	} elseif (isset($_SESSION['PO'.$identifier]->Version) AND $_SESSION['PO'.$identifier]->Version != '') {
 		$_POST['Version'] =  $_SESSION['PO'.$identifier]->Version;
 	} else {
 		$_POST['Version']='1';
@@ -762,7 +761,9 @@
 			<td><input type="text" name="Requisition" size="16" maxlength="15" value="' . $_POST['Requisition'] . '" /></td></tr>';
 
 	echo '<tr><td>' . _('Date Printed') . ':</td><td>';
-	if (isset($_SESSION['PO'.$identifier]->DatePurchaseOrderPrinted) AND mb_strlen($_SESSION['PO'.$identifier]->DatePurchaseOrderPrinted)>6){
+	if (isset($_SESSION['PO'.$identifier]->DatePurchaseOrderPrinted) 
+		AND mb_strlen($_SESSION['PO'.$identifier]->DatePurchaseOrderPrinted)>6){
+			
 		echo ConvertSQLDate($_SESSION['PO'.$identifier]->DatePurchaseOrderPrinted);
 		$Printed = True;
 	} else {

Modified: trunk/PO_Items.php
===================================================================
--- trunk/PO_Items.php	2011-11-27 09:16:35 UTC (rev 4757)
+++ trunk/PO_Items.php	2011-11-28 09:44:22 UTC (rev 4758)
@@ -94,7 +94,7 @@
 			$AuthRow=DB_fetch_array($AuthResult);
 			
 			if (DB_num_rows($AuthResult) > 0 AND $AuthRow['authlevel'] > $_SESSION['PO'.$identifier]->Order_Value()) { //user has authority to authrorise as well as create the order
-				$StatusComment=date($_SESSION['DefaultDateFormat']).' - ' . _('Order Created and Authorised by') . $UserDetails . '<br />'.$_SESSION['PO'.$identifier]->StatusComments.'<br />';
+				$StatusComment=date($_SESSION['DefaultDateFormat']).' - ' . _('Order Created and Authorised by') . $UserDetails . '<br />'. $_SESSION['PO'.$identifier]->StatusComments.'<br />';
 				$_SESSION['PO'.$identifier]->AllowPrintPO=1;
 				$_SESSION['PO'.$identifier]->Status = 'Authorised';
 			} else { // no authority to authorise this order
@@ -111,7 +111,7 @@
 					_('The order will be created with a status of pending and will require authorisation'), 'warn');
 					
 				$_SESSION['PO'.$identifier]->AllowPrintPO=0;
-				$StatusComment=date($_SESSION['DefaultDateFormat']).' - ' . _('Order Created by') . $UserDetails . '<br />'.$_SESSION['PO'.$identifier]->StatusComments.'<br />';
+				$StatusComment=date($_SESSION['DefaultDateFormat']).' - ' . _('Order Created by') . $UserDetails . '<br />' . $_SESSION['PO'.$identifier]->StatusComments.'<br />';
 				$_SESSION['PO'.$identifier]->Status = 'Pending';
 			}
 		} else { //auto authorise is set to off
@@ -186,7 +186,7 @@
 									'" . Date('Y-m-d') . "',
 									'" . $_SESSION['PO'.$identifier]->DeliveryBy . "',
 									'" . $_SESSION['PO'.$identifier]->Status . "',
-									'" . $StatusComment . "',
+									'" . htmlentities($StatusComment,ENT_QUOTES,'UTF-8') . "',
 									'" . FormatDateForSQL($_SESSION['PO'.$identifier]->DeliveryDate) . "',
 									'" . $_SESSION['PO'.$identifier]->PaymentTerms. "',
 									'" . $_SESSION['PO'.$identifier]->AllowPrintPO . "' )";
@@ -244,12 +244,9 @@
 			}
 			if ($Completed){
 				$_SESSION['PO'.$identifier]->Status = 'Completed';
-				if (IsEmailAddress($_SESSION['UserEmail'])){
-					$UserChangedStatus = ' <a href="mailto:' . $_SESSION['UserEmail'] . '">' . $_SESSION['UsersRealName']. '</a>';
-				} else {
-					$UserChangedStatus = ' ' . $_SESSION['UsersRealName'] . ' ';
-				}
-				$_SESSION['PO'.$identifier]->StatusComments = date($_SESSION['DefaultDateFormat']).' - ' . _('Order completed by') . $UserChangedStatus  . '<br />' .$_SESSION['PO'.$identifier]->StatusComments;
+				$_SESSION['PO'.$identifier]->StatusComments = date($_SESSION['DefaultDateFormat']).' - ' . _('Order completed by') . $UserDetails  . '<br />' . $_SESSION['PO'.$identifier]->StatusComments;
+			} else {
+				$_SESSION['PO'.$identifier]->StatusComments = date($_SESSION['DefaultDateFormat']).' - ' . _('Order modified by') . $UserDetails  . '<br />' . $_SESSION['PO'.$identifier]->StatusComments;
 			}
 		     /*Update the purchase order header with any changes */
 
@@ -282,7 +279,7 @@
 										paymentterms='" . $_SESSION['PO'.$identifier]->PaymentTerms . "',
 										allowprint='" . $_SESSION['PO'.$identifier]->AllowPrintPO . "',
 										status = '" . $_SESSION['PO'.$identifier]->Status . "',
-										stat_comment = '" . $_SESSION['PO'.$identifier]->StatusComments . "' 
+										stat_comment = '" . htmlentities($_SESSION['PO'.$identifier]->StatusComments,ENT_QUOTES,'UTF-8') . "' 
 										WHERE orderno = '" . $_SESSION['PO'.$identifier]->OrderNo ."'";
 
 			$ErrMsg =  _('The purchase order could not be updated because');
@@ -375,6 +372,7 @@
 			if ($_SESSION['PO'.$identifier]->AllowPrintPO==1 
 					AND ($_SESSION['PO'.$identifier]->Status=='Authorised'
 					OR $_SESSION['PO'.$identifier]->Status=='Printed')){
+						
 				echo '<br /><a target="_blank" href="'.$rootpath.'/PO_PDFPurchOrder.php?OrderNo=' . $_SESSION['PO'.$identifier]->OrderNo . '">' . _('Print Purchase Order') . '</a>';
 			}
 		} /*end of if its a new order or an existing one */

Modified: trunk/PO_PDFPurchOrder.php
===================================================================
--- trunk/PO_PDFPurchOrder.php	2011-11-27 09:16:35 UTC (rev 4757)
+++ trunk/PO_PDFPurchOrder.php	2011-11-28 09:44:22 UTC (rev 4758)
@@ -125,7 +125,9 @@
 
 		$POHeader = DB_fetch_array($result);
 		
-		if ($POHeader['status'] != 'Authorised' AND $POHeader['status'] != 'Printed') {
+		if ($POHeader['status'] != 'Authorised' 
+			AND $POHeader['status'] != 'Printed') {
+				
 			include('includes/header.inc');
 			prnMsg( _('Purchase orders can only be printed once they have been authorised') . '. ' . _('This order is currently at a status of') . ' ' . _($POHeader['status']),'warn');
 			include('includes/footer.inc');
@@ -333,12 +335,12 @@
 		}
 	}
 	if ($ViewingOnly==0 AND $Success==1) {
-		$StatusComment =  date($_SESSION['DefaultDateFormat']) .' - ' . _('Printed by') . '<a href="mailto:'.$_SESSION['UserEmail'] .'">'.$_SESSION['UsersRealName']. '</a><br />' . $POHeader['stat_comment'];
+		$StatusComment =  date($_SESSION['DefaultDateFormat']) .' - ' . _('Printed by') . ' <a href="mailto:'.$_SESSION['UserEmail'] .'">'.$_SESSION['UsersRealName']. '</a><br />' . html_entity_decode($POHeader['stat_comment'],ENT_QUOTES,'UTF-8');
 		
 		$sql = "UPDATE purchorders	SET	allowprint =  0,
 										dateprinted  = '" . Date('Y-m-d') . "',
 										status = 'Printed',
-										stat_comment = '" . DB_escape_string($StatusComment) . "'
+										stat_comment = '" . htmlentities($StatusComment,ENT_QUOTES,'UTF-8') . "'
 				WHERE purchorders.orderno = '" .  $OrderNo ."'";
 		$result = DB_query($sql,$db);
 	}

Modified: trunk/PO_SelectOSPurchOrder.php
===================================================================
--- trunk/PO_SelectOSPurchOrder.php	2011-11-27 09:16:35 UTC (rev 4757)
+++ trunk/PO_SelectOSPurchOrder.php	2011-11-28 09:44:22 UTC (rev 4758)
@@ -293,29 +293,33 @@
 
 	if (isset($OrderNumber) AND $OrderNumber !='') {
 		$SQL = "SELECT purchorders.orderno,
-				suppliers.suppname,
-				purchorders.orddate,
-				purchorders.deliverydate,
-				purchorders.initiator,
-				purchorders.status,
-				purchorders.requisitionno,
-				purchorders.allowprint,
-				suppliers.currcode,
-				SUM(purchorderdetails.unitprice*purchorderdetails.quantityord) AS ordervalue
-			FROM purchorders INNER JOIN purchorderdetails
-			ON purchorders.orderno=purchorderdetails.orderno
-			INNER JOIN suppliers
-			ON purchorders.supplierno = suppliers.supplierid
-			WHERE purchorderdetails.completed=0
-			AND purchorders.orderno='". $OrderNumber ."'
-			GROUP BY purchorders.orderno ASC,
-				suppliers.suppname,
-				purchorders.orddate,
-				purchorders.status,
-				purchorders.initiator,
-				purchorders.requisitionno,
-				purchorders.allowprint,
-				suppliers.currcode";
+						purchorders.realorderno,
+						suppliers.suppname,
+						purchorders.orddate,
+						purchorders.deliverydate,
+						purchorders.initiator,
+						purchorders.status,
+						purchorders.requisitionno,
+						purchorders.allowprint,
+						suppliers.currcode,
+						currencies.decimalplaces AS currdecimalplaces,
+						SUM(purchorderdetails.unitprice*purchorderdetails.quantityord) AS ordervalue
+				FROM purchorders INNER JOIN purchorderdetails
+				ON purchorders.orderno=purchorderdetails.orderno
+				INNER JOIN suppliers
+				ON purchorders.supplierno = suppliers.supplierid
+				INNER JOIN currencies
+				ON suppliers.currcode=currencies.currabrev 
+				WHERE purchorderdetails.completed=0
+				AND purchorders.orderno='". $OrderNumber ."'
+				GROUP BY purchorders.orderno ASC,
+					suppliers.suppname,
+					purchorders.orddate,
+					purchorders.status,
+					purchorders.initiator,
+					purchorders.requisitionno,
+					purchorders.allowprint,
+					suppliers.currcode";
 	} else {
 
 		  /* $DateAfterCriteria = FormatDateforSQL($OrdersAfterDate); */

Modified: trunk/SpecialOrder.php
===================================================================
--- trunk/SpecialOrder.php	2011-11-27 09:16:35 UTC (rev 4757)
+++ trunk/SpecialOrder.php	2011-11-28 09:44:22 UTC (rev 4758)
@@ -302,7 +302,8 @@
 			$AuthResult=DB_query($AuthSQL,$db);
 			$AuthRow=DB_fetch_array($AuthResult);
 			
-			if (DB_num_rows($AuthResult) > 0 AND $AuthRow['authlevel'] > $_SESSION['SPL']->Order_Value()) { //user has authority to authrorise as well as create the order
+			if (DB_num_rows($AuthResult) > 0 
+				AND $AuthRow['authlevel'] > $_SESSION['SPL']->Order_Value()) { //user has authority to authrorise as well as create the order
 				$StatusComment=date($_SESSION['DefaultDateFormat']).' - ' . _('Order Created and Authorised by') . $UserDetails . '<br />';
 				$_SESSION['SPL']->AllowPrintPO=1;
 				$_SESSION['SPL']->Status = 'Authorised';
@@ -373,7 +374,7 @@
 									'" . DB_escape_string($StkLocAddress['deladd6']) . "',
 									'" . DB_escape_string($StkLocAddress['contact']) . "',
 									'" . $_SESSION['SPL']->Status . "',
-									'" . $StatusComment . "',
+									'" . htmlentities($StatusComment, ENT_QUOTES,'UTF-8')  . "',
 									'" . $_SESSION['SPL']->AllowPrintPO . "',
 									'" . Date('Y-m-d') . "',
 									'" . Date('Y-m-d') . "')";

Modified: trunk/includes/PO_ReadInOrder.inc
===================================================================
--- trunk/includes/PO_ReadInOrder.inc	2011-11-27 09:16:35 UTC (rev 4757)
+++ trunk/includes/PO_ReadInOrder.inc	2011-11-28 09:44:22 UTC (rev 4758)
@@ -96,7 +96,7 @@
 			$_SESSION['PO'.$identifier]->Version = $myrow['version'];
 			$_SESSION['PO'.$identifier]->Port = $myrow['port'];
 			$_SESSION['PO'.$identifier]->Status = $myrow['status'];
-			$_SESSION['PO'.$identifier]->StatusComments = $myrow['stat_comment'];
+			$_SESSION['PO'.$identifier]->StatusComments = html_entity_decode($myrow['stat_comment'],ENT_QUOTES,'UTF-8');
 			$_SESSION['PO'.$identifier]->DeliveryDate = ConvertSQLDate($myrow['deliverydate']);
 			$_SESSION['ExistingOrder'] = $_SESSION['PO'.$identifier]->OrderNo;
 			$_SESSION['PO'.$identifier]->PaymentTerms= $myrow['paymentterms'];

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.





[Web-erp-svn] SF.net SVN: web-erp:[4758] trunk

Accounting & Best Practice Business Administration System

[Web-erp-svn] SF.net SVN: web-erp:[4758] trunk