Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[4998] trunk
|
From: <dai...@us...> - 2012-03-01 09:08:45
|
Revision: 4998
http://web-erp.svn.sourceforge.net/web-erp/?rev=4998&view=rev
Author: daintree
Date: 2012-03-01 09:08:34 +0000 (Thu, 01 Mar 2012)
Log Message:
-----------
made the ability to change prices at order entry a separate security token 13 - so order entry clerks with minimal access cant change prices/discounts
Modified Paths:
--------------
trunk/CounterSales.php
trunk/SelectOrderItems.php
trunk/SystemParameters.php
trunk/sql/mysql/upgrade4.07-4.08.sql
Modified: trunk/CounterSales.php
===================================================================
--- trunk/CounterSales.php 2012-02-29 23:14:53 UTC (rev 4997)
+++ trunk/CounterSales.php 2012-03-01 09:08:34 UTC (rev 4998)
@@ -742,10 +742,12 @@
<th>' . _('Quantity') . '</th>
<th>' . _('QOH') . '</th>
<th>' . _('Unit') . '</th>
- <th>' . _('Price') . '</th>
- <th>' . _('Discount') . '</th>
- <th>' . _('GP %') . '</th>
- <th>' . _('Net') . '</th>
+ <th>' . _('Price') . '</th>';
+ if (in_array(13,$_SESSION['AllowedPageSecurityTokens'])){
+ echo '<th>' . _('Discount') . '</th>
+ <th>' . _('GP %') . '</th>';
+ }
+ echo '<th>' . _('Net') . '</th>
<th>' . _('Tax') . '</th>
<th>' . _('Total') . '<br />' . _('Incl Tax') . '</th>
</tr>';
@@ -787,10 +789,15 @@
echo '</td>
<td class="number">' . locale_number_format($OrderLine->QOHatLoc,$OrderLine->DecimalPlaces) . '</td>
<td>' . $OrderLine->Units . '</td>';
-
- echo '<td><input class="number" type="text" name="Price_' . $OrderLine->LineNumber . '" size="16" maxlength="16" value="' . locale_number_format($OrderLine->Price,$_SESSION['Items'.$identifier]->CurrDecimalPlaces) . '" /></td>
+ if (in_array(13,$_SESSION['AllowedPageSecurityTokens'])){
+ echo '<td><input class="number" type="text" name="Price_' . $OrderLine->LineNumber . '" size="16" maxlength="16" value="' . locale_number_format($OrderLine->Price,$_SESSION['Items'.$identifier]->CurrDecimalPlaces) . '" /></td>
<td><input class="number" type="text" name="Discount_' . $OrderLine->LineNumber . '" size="5" maxlength="4" value="' . locale_number_format(($OrderLine->DiscountPercent * 100),2) . '" /></td>
<td><input class="number" type="text" name="GPPercent_' . $OrderLine->LineNumber . '" size="3" maxlength="40" value="' . locale_number_format($OrderLine->GPPercent,2) . '" /></td>';
+ } else {
+ echo '<td class="number">' . locale_number_format($OrderLine->Price,$_SESSION['Items'.$identifier]->CurrDecimalPlaces) . '<input type="hidden" name="Price_' . $OrderLine->LineNumber . '" value="' . locale_number_format($OrderLine->Price,$_SESSION['Items'.$identifier]->CurrDecimalPlaces) . '" /></td>
+ <input type="hidden" name="Discount_' . $OrderLine->LineNumber . '" value="' . locale_number_format(($OrderLine->DiscountPercent * 100),2) . '" />
+ <input type="hidden" name="GPPercent_' . $OrderLine->LineNumber . '" value="' . locale_number_format($OrderLine->GPPercent,2) . '" />';
+ }
echo '<td class="number">' . locale_number_format($SubTotal,$_SESSION['Items'.$identifier]->CurrDecimalPlaces) . '</td>';
$LineDueDate = $OrderLine->ItemDue;
if (!Is_Date($OrderLine->ItemDue)){
@@ -834,11 +841,16 @@
} /* end of loop around items */
- echo '<tr class="EvenTableRows"><td colspan="8" class="number"><b>' . _('Total') . '</b></td>
- <td class="number">' . locale_number_format(($_SESSION['Items'.$identifier]->total),$_SESSION['Items'.$identifier]->CurrDecimalPlaces) . '</td>
- <td class="number">' . locale_number_format($TaxTotal,$_SESSION['Items'.$identifier]->CurrDecimalPlaces) . '</td>
- <td class="number">' . locale_number_format(($_SESSION['Items'.$identifier]->total+$TaxTotal),$_SESSION['Items'.$identifier]->CurrDecimalPlaces) . '</td>
- </tr>
+ echo '<tr class="EvenTableRows">';
+ if (in_array(13,$_SESSION['AllowedPageSecurityTokens'])){
+ echo '<td colspan="8" class="number"><b>' . _('Total') . '</b></td>';
+ } else {
+ echo '<td colspan="6" class="number"><b>' . _('Total') . '</b></td>';
+ }
+ echo '<td class="number">' . locale_number_format(($_SESSION['Items'.$identifier]->total),$_SESSION['Items'.$identifier]->CurrDecimalPlaces) . '</td>
+ <td class="number">' . locale_number_format($TaxTotal,$_SESSION['Items'.$identifier]->CurrDecimalPlaces) . '</td>
+ <td class="number">' . locale_number_format(($_SESSION['Items'.$identifier]->total+$TaxTotal),$_SESSION['Items'.$identifier]->CurrDecimalPlaces) . '</td>
+ </tr>
</table>';
echo '<input type="hidden" name="TaxTotal" value="'.$TaxTotal.'" />';
echo '<table><tr><td>';
Modified: trunk/SelectOrderItems.php
===================================================================
--- trunk/SelectOrderItems.php 2012-02-29 23:14:53 UTC (rev 4997)
+++ trunk/SelectOrderItems.php 2012-03-01 09:08:34 UTC (rev 4998)
@@ -1336,7 +1336,7 @@
<th>' . _('Unit') . '</th>
<th>' . _('Price') . '</th>';
- if (in_array(2,$_SESSION['AllowedPageSecurityTokens'])){
+ if (in_array(13,$_SESSION['AllowedPageSecurityTokens'])){
echo '<th>' . _('Discount') . '</th>
<th>' . _('GP %') . '</th>';
}
@@ -1384,7 +1384,7 @@
<td class="number">' . locale_number_format($OrderLine->QOHatLoc,$OrderLine->DecimalPlaces) . '</td>
<td>' . $OrderLine->Units . '</td>';
- if (in_array(2,$_SESSION['AllowedPageSecurityTokens'])){
+ if (in_array(13,$_SESSION['AllowedPageSecurityTokens'])){
/*OK to display with discount if it is an internal user with appropriate permissions */
echo '<td><input class="number" type="text" name="Price_' . $OrderLine->LineNumber . '" size="16" maxlength="16" value="' . locale_number_format($OrderLine->Price,$_SESSION['Items'.$identifier]->CurrDecimalPlaces) . '" /></td>
<td><input class="number" type="text" name="Discount_' . $OrderLine->LineNumber . '" size="5" maxlength="4" value="' . locale_number_format(($OrderLine->DiscountPercent * 100),2) . '" /></td>
@@ -1424,13 +1424,13 @@
} /* end of loop around items */
$DisplayTotal = locale_number_format($_SESSION['Items'.$identifier]->total,$_SESSION['Items'.$identifier]->CurrDecimalPlaces);
- if (in_array(2,$_SESSION['AllowedPageSecurityTokens'])){
+ if (in_array(13,$_SESSION['AllowedPageSecurityTokens'])){
$ColSpanNumber = 2;
} else {
$ColSpanNumber = 1;
}
echo '<tr class="EvenTableRows">
- <td class="number" colspan="7"><b>' . _('TOTAL Excl Tax/Freight') . '</b></td>
+ <td class="number" colspan="6"><b>' . _('TOTAL Excl Tax/Freight') . '</b></td>
<td colspan="' . $ColSpanNumber . '" class="number">' . $DisplayTotal . '</td>
</tr>
</table>';
Modified: trunk/SystemParameters.php
===================================================================
--- trunk/SystemParameters.php 2012-02-29 23:14:53 UTC (rev 4997)
+++ trunk/SystemParameters.php 2012-03-01 09:08:34 UTC (rev 4998)
@@ -24,61 +24,61 @@
Note: the X_ in the POST variables, the reason for this is to overcome globals=on replacing
the actial system/overidden variables.
*/
- if (mb_strlen($_POST['X_PastDueDays1']) > 3 || !is_numeric($_POST['X_PastDueDays1']) ) {
+ if (mb_strlen($_POST['X_PastDueDays1']) > 3 OR !is_numeric($_POST['X_PastDueDays1']) ) {
$InputError = 1;
prnMsg(_('First overdue deadline days must be a number'),'error');
- } elseif (mb_strlen($_POST['X_PastDueDays2']) > 3 || !is_numeric($_POST['X_PastDueDays2']) ) {
+ } elseif (mb_strlen($_POST['X_PastDueDays2']) > 3 OR !is_numeric($_POST['X_PastDueDays2']) ) {
$InputError = 1;
prnMsg(_('Second overdue deadline days must be a number'),'error');
- } elseif (mb_strlen($_POST['X_DefaultCreditLimit']) > 12 || !is_numeric($_POST['X_DefaultCreditLimit']) ) {
+ } elseif (mb_strlen($_POST['X_DefaultCreditLimit']) > 12 OR !is_numeric($_POST['X_DefaultCreditLimit']) ) {
$InputError = 1;
prnMsg(_('Default Credit Limit must be a number'),'error');
- } elseif (mb_strstr($_POST['X_RomalpaClause'], "'") || mb_strlen($_POST['X_RomalpaClause']) > 5000) {
+ } elseif (mb_strstr($_POST['X_RomalpaClause'], "'") OR mb_strlen($_POST['X_RomalpaClause']) > 5000) {
$InputError = 1;
prnMsg(_('The Romalpa Clause may not contain single quotes and may not be longer than 5000 chars'),'error');
- } elseif (mb_strlen($_POST['X_QuickEntries']) > 2 || !is_numeric($_POST['X_QuickEntries']) ||
- $_POST['X_QuickEntries'] < 1 || $_POST['X_QuickEntries'] > 99 ) {
+ } elseif (mb_strlen($_POST['X_QuickEntries']) > 2 OR !is_numeric($_POST['X_QuickEntries']) OR
+ $_POST['X_QuickEntries'] < 1 OR $_POST['X_QuickEntries'] > 99 ) {
$InputError = 1;
prnMsg(_('No less than 1 and more than 99 Quick entries allowed'),'error');
- } elseif (mb_strlen($_POST['X_FreightChargeAppliesIfLessThan']) > 12 || !is_numeric($_POST['X_FreightChargeAppliesIfLessThan']) ) {
+ } elseif (mb_strlen($_POST['X_FreightChargeAppliesIfLessThan']) > 12 OR !is_numeric($_POST['X_FreightChargeAppliesIfLessThan']) ) {
$InputError = 1;
prnMsg(_('Freight Charge Applies If Less Than must be a number'),'error');
- } elseif ( !is_numeric($_POST['X_StandardCostDecimalPlaces']) ||
- $_POST['X_StandardCostDecimalPlaces'] < 0 || $_POST['X_StandardCostDecimalPlaces'] > 4 ) {
+ } elseif ( !is_numeric($_POST['X_StandardCostDecimalPlaces']) OR
+ $_POST['X_StandardCostDecimalPlaces'] < 0 OR $_POST['X_StandardCostDecimalPlaces'] > 4 ) {
$InputError = 1;
prnMsg(_('Standard Cost Decimal Places must be a number between 0 and 4'),'error');
- } elseif (mb_strlen($_POST['X_NumberOfPeriodsOfStockUsage']) > 2 || !is_numeric($_POST['X_NumberOfPeriodsOfStockUsage']) ||
- $_POST['X_NumberOfPeriodsOfStockUsage'] < 1 || $_POST['X_NumberOfPeriodsOfStockUsage'] > 12 ) {
+ } elseif (mb_strlen($_POST['X_NumberOfPeriodsOfStockUsage']) > 2 OR !is_numeric($_POST['X_NumberOfPeriodsOfStockUsage']) OR
+ $_POST['X_NumberOfPeriodsOfStockUsage'] < 1 OR $_POST['X_NumberOfPeriodsOfStockUsage'] > 12 ) {
$InputError = 1;
prnMsg(_('Financial period per year must be a number between 1 and 12'),'error');
} elseif (mb_strlen($_POST['X_TaxAuthorityReferenceName']) >25) {
$InputError = 1;
prnMsg(_('The Tax Authority Reference Name must be 25 characters or less long'),'error');
- } elseif (mb_strlen($_POST['X_OverChargeProportion']) > 3 || !is_numeric($_POST['X_OverChargeProportion']) ||
- $_POST['X_OverChargeProportion'] < 0 || $_POST['X_OverChargeProportion'] > 100 ) {
+ } elseif (mb_strlen($_POST['X_OverChargeProportion']) > 3 OR !is_numeric($_POST['X_OverChargeProportion']) OR
+ $_POST['X_OverChargeProportion'] < 0 OR $_POST['X_OverChargeProportion'] > 100 ) {
$InputError = 1;
prnMsg(_('Over Charge Proportion must be a percentage'),'error');
- } elseif (mb_strlen($_POST['X_OverReceiveProportion']) > 3 || !is_numeric($_POST['X_OverReceiveProportion']) ||
- $_POST['X_OverReceiveProportion'] < 0 || $_POST['X_OverReceiveProportion'] > 100 ) {
+ } elseif (mb_strlen($_POST['X_OverReceiveProportion']) > 3 OR !is_numeric($_POST['X_OverReceiveProportion']) OR
+ $_POST['X_OverReceiveProportion'] < 0 OR $_POST['X_OverReceiveProportion'] > 100 ) {
$InputError = 1;
prnMsg(_('Over Receive Proportion must be a percentage'),'error');
- } elseif (mb_strlen($_POST['X_PageLength']) > 3 || !is_numeric($_POST['X_PageLength']) ||
+ } elseif (mb_strlen($_POST['X_PageLength']) > 3 OR !is_numeric($_POST['X_PageLength']) OR
$_POST['X_PageLength'] < 1 ) {
$InputError = 1;
prnMsg(_('Lines per page must be greater than 1'),'error');
- } elseif (mb_strlen($_POST['X_MonthsAuditTrail']) > 2 || !is_numeric($_POST['X_MonthsAuditTrail']) ||
+ } elseif (mb_strlen($_POST['X_MonthsAuditTrail']) > 2 OR !is_numeric($_POST['X_MonthsAuditTrail']) OR
$_POST['X_MonthsAuditTrail'] < 0 ) {
$InputError = 1;
prnMsg(_('The number of months of audit trail to keep must be zero or a positive number less than 100 months'),'error');
- }elseif (mb_strlen($_POST['X_DefaultTaxCategory']) > 1 || !is_numeric($_POST['X_DefaultTaxCategory']) ||
+ }elseif (mb_strlen($_POST['X_DefaultTaxCategory']) > 1 OR !is_numeric($_POST['X_DefaultTaxCategory']) OR
$_POST['X_DefaultTaxCategory'] < 1 ) {
$InputError = 1;
prnMsg(_('DefaultTaxCategory must be between 1 and 9'),'error');
- } elseif (mb_strlen($_POST['X_DefaultDisplayRecordsMax']) > 3 || !is_numeric($_POST['X_DefaultDisplayRecordsMax']) ||
+ } elseif (mb_strlen($_POST['X_DefaultDisplayRecordsMax']) > 3 OR !is_numeric($_POST['X_DefaultDisplayRecordsMax']) OR
$_POST['X_DefaultDisplayRecordsMax'] < 1 ) {
$InputError = 1;
prnMsg(_('Default maximum number of records to display must be between 1 and 500'),'error');
- }elseif (mb_strlen($_POST['X_MaxImageSize']) > 3 || !is_numeric($_POST['X_MaxImageSize']) ||
+ }elseif (mb_strlen($_POST['X_MaxImageSize']) > 3 OR !is_numeric($_POST['X_MaxImageSize']) OR
$_POST['X_MaxImageSize'] < 1 ) {
$InputError = 1;
prnMsg(_('The maximum size of item image files must be between 50 and 500 (NB this figure refers to KB)'),'error');
@@ -91,7 +91,7 @@
}elseif (!IsEmailAddress($_POST['X_InventoryManagerEmail']) AND $_POST['X_InventoryManagerEmail']!=''){
$InputError = 1;
prnMsg(_('The Inventory Manager Email address does not appear to be valid'),'error');
- }elseif (mb_strlen($_POST['X_FrequentlyOrderedItems']) > 2 || !is_numeric($_POST['X_FrequentlyOrderedItems'])) {
+ }elseif (mb_strlen($_POST['X_FrequentlyOrderedItems']) > 2 OR !is_numeric($_POST['X_FrequentlyOrderedItems'])) {
$InputError = 1;
prnMsg(_('The number of frequently ordered items to display must be numeric'),'error');
}
Modified: trunk/sql/mysql/upgrade4.07-4.08.sql
===================================================================
--- trunk/sql/mysql/upgrade4.07-4.08.sql 2012-02-29 23:14:53 UTC (rev 4997)
+++ trunk/sql/mysql/upgrade4.07-4.08.sql 2012-03-01 09:08:34 UTC (rev 4998)
@@ -4,7 +4,7 @@
INSERT INTO `scripts` (`script` ,`pagesecurity` ,`description`) VALUES ('reportwriter/admin/ReportCreator.php', '15', 'Report Writer');
INSERT INTO `scripts` (`script` ,`pagesecurity` ,`description`) VALUES ('RecurringSalesOrdersProcess.php', '1', 'Process Recurring Sales Orders');
-DELETE FROM `scripts` WHERE `script`='Z_CopyBOM.php';
+UPDATE `scripts` SET script='CopyBOM.php' WHERE `script`='Z_CopyBOM.php';
ALTER TABLE `stockcategory` ADD `issueglact` int(11) NOT NULL DEFAULT 0 AFTER `adjglact`;
@@ -43,6 +43,6 @@
UPDATE `stockcategory` SET `issueglact`=`adjglact`;
INSERT INTO `systypes` (`typeid`, `typename`, `typeno`) VALUES (38, 'Stock Requests', 0);
-UPDATE `www_users` SET `modulesallowed` = CONCAT(`modulesallowed`,'0,');
+UPDATE `www_users` SET `modulesallowed` = CONCAT(`modulesallowed`,'0,') WHERE modulesallowed LIKE '_,_,_,_,_,_,_,_,_,_,';
INSERT INTO `config` VALUES ('ShowStockidOnImages','0');
UPDATE config SET confvalue='4.08' WHERE confname='VersionNumber';
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
