Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[5631] trunk
|
From: <dai...@us...> - 2012-09-07 22:46:25
|
Revision: 5631
http://web-erp.svn.sourceforge.net/web-erp/?rev=5631&view=rev
Author: daintree
Date: 2012-09-07 22:46:18 +0000 (Fri, 07 Sep 2012)
Log Message:
-----------
remove use of REQUEST
Modified Paths:
--------------
trunk/SelectSalesOrder.php
trunk/SelectWorkOrder.php
trunk/WorkOrderEntry.php
trunk/WorkOrderStatus.php
Modified: trunk/SelectSalesOrder.php
===================================================================
--- trunk/SelectSalesOrder.php 2012-09-07 11:56:04 UTC (rev 5630)
+++ trunk/SelectSalesOrder.php 2012-09-07 22:46:18 UTC (rev 5631)
@@ -7,10 +7,22 @@
include('includes/header.inc');
include('includes/SQL_CommonFunctions.inc');
-if (isset($_REQUEST['SelectedStockItem'])) {
- $_REQUEST['SelectedStockItem'] = DB_escape_string($_REQUEST['SelectedStockItem']);
+if (isset($_GET['SelectedStockItem'])) {
+ $SelectedStockItem = $_GET['SelectedStockItem'];
+} elseif (isset($_POST['SelectedStockItem'])){
+ $SelectedStockItem = $_POST['SelectedStockItem'];
+} else {
+ unset($SelectedStockItem);
}
+if (isset($_GET['SelectedCustomer'])) {
+ $SelectedCustomer = $_GET['SelectedCustomer'];
+} elseif (isset($_POST['SelectedCustomer'])){
+ $SelectedCustomer = $_POST['SelectedCustomer'];
+} else {
+ unset($SelectedCustomer);
+}
+
if (isset($_POST['PlacePO'])){ /*user hit button to place PO for selected orders */
/*Note the button would not have been displayed if the user had no authority to create purchase orders */
@@ -392,7 +404,7 @@
if (isset($_POST['ResetPart'])){
- unset($_REQUEST['SelectedStockItem']);
+ unset($SelectedStockItem);
}
echo '<br /><div class="centre">';
@@ -408,12 +420,12 @@
echo _('Order Number') . ' - ' . $_REQUEST['OrderNumber'];
}
} else {
- if (isset($_REQUEST['SelectedCustomer'])) {
- echo _('For customer') . ': ' . $_REQUEST['SelectedCustomer'] . ' ' . _('and') . ' ';
- echo '<input type="hidden" name="SelectedCustomer" value="' . $_REQUEST['SelectedCustomer'] . '" />';
+ if (isset($SelectedCustomer)) {
+ echo _('For customer') . ': ' . $SelectedCustomer . ' ' . _('and') . ' ';
+ echo '<input type="hidden" name="SelectedCustomer" value="' . $SelectedCustomer . '" />';
}
- if (isset($_REQUEST['SelectedStockItem'])) {
- echo _('for the part') . ': ' . $_REQUEST['SelectedStockItem'] . ' ' . _('and') . ' <input type="hidden" name="SelectedStockItem" value="' . $_REQUEST['SelectedStockItem'] . '" />';
+ if (isset($SelectedStockItem)) {
+ echo _('for the part') . ': ' . $SelectedStockItem . ' ' . _('and') . ' <input type="hidden" name="SelectedStockItem" value="' . $SelectedStockItem . '" />';
}
}
@@ -492,7 +504,7 @@
$OrdersAfterDate = Date('d/m/Y',Mktime(0,0,0,Date('m')-2,Date('d'),Date('Y')));
*/
- if (!isset($_REQUEST['OrderNumber']) or $_REQUEST['OrderNumber']==''){
+ if (!isset($_REQUEST['OrderNumber']) OR $_REQUEST['OrderNumber']==''){
echo '<table class="selection">
<tr>
@@ -673,9 +685,9 @@
} else {
/* $DateAfterCriteria = FormatDateforSQL($OrdersAfterDate); */
- if (isset($_REQUEST['SelectedCustomer'])) {
+ if (isset($SelectedCustomer)) {
- if (isset($_REQUEST['SelectedStockItem'])) {
+ if (isset($SelectedStockItem)) {
$SQL = "SELECT salesorders.orderno,
debtorsmaster.name,
custbranch.brname,
@@ -697,8 +709,8 @@
ON debtorsmaster.currcode = currencies.currabrev
WHERE salesorderdetails.completed=0
AND salesorders.quotation =" .$Quotations . "
- AND salesorderdetails.stkcode='". $_REQUEST['SelectedStockItem'] ."'
- AND salesorders.debtorno='" . $_REQUEST['SelectedCustomer'] ."'
+ AND salesorderdetails.stkcode='". $SelectedStockItem ."'
+ AND salesorders.debtorno='" . $SelectedCustomer ."'
AND salesorders.fromstkloc = '". $_POST['StockLocation'] . "'
ORDER BY salesorders.orderno";
@@ -725,7 +737,7 @@
ON debtorsmaster.currcode = currencies.currabrev
WHERE salesorders.quotation =" .$Quotations . "
AND salesorderdetails.completed=0
- AND salesorders.debtorno='" . $_REQUEST['SelectedCustomer'] . "'
+ AND salesorders.debtorno='" . $SelectedCustomer . "'
AND salesorders.fromstkloc = '". $_POST['StockLocation'] . "'
GROUP BY salesorders.orderno,
debtorsmaster.name,
@@ -740,7 +752,7 @@
}
} else { //no customer selected
- if (isset($_REQUEST['SelectedStockItem'])) {
+ if (isset($SelectedStockItem)) {
$SQL = "SELECT salesorders.orderno,
debtorsmaster.name,
custbranch.brname,
@@ -762,7 +774,7 @@
ON debtorsmaster.currcode = currencies.currabrev
WHERE salesorderdetails.completed=0
AND salesorders.quotation =" .$Quotations . "
- AND salesorderdetails.stkcode='". $_REQUEST['SelectedStockItem'] . "'
+ AND salesorderdetails.stkcode='". $SelectedStockItem . "'
AND salesorders.fromstkloc = '". $_POST['StockLocation'] . "'
GROUP BY salesorders.orderno,
debtorsmaster.name,
Modified: trunk/SelectWorkOrder.php
===================================================================
--- trunk/SelectWorkOrder.php 2012-09-07 11:56:04 UTC (rev 5630)
+++ trunk/SelectWorkOrder.php 2012-09-07 22:46:18 UTC (rev 5631)
@@ -12,19 +12,36 @@
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
+if (isset($_GET['WO'])) {
+ $SelectedWO = $_GET['WO'];
+} elseif (isset($_POST['WO'])){
+ $SelectedWO = $_POST['WO'];
+} else {
+ unset($SelectedWO);
+}
+
+if (isset($_GET['SelectedStockItem'])) {
+ $SelectedStockItem = $_GET['SelectedStockItem'];
+} elseif (isset($_POST['SelectedStockItem'])){
+ $SelectedStockItem = $_POST['SelectedStockItem'];
+} else {
+ unset($SelectedStockItem);
+}
+
+
if (isset($_POST['ResetPart'])){
- unset($_REQUEST['SelectedStockItem']);
+ unset($SelectedStockItem);
}
-if (isset($_REQUEST['WO']) AND $_REQUEST['WO']!='') {
- $_REQUEST['WO'] = trim($_REQUEST['WO']);
- if (!is_numeric($_REQUEST['WO'])){
+if (isset($SelectedWO) AND $SelectedWO!='') {
+ $SelectedWO = trim($SelectedWO);
+ if (!is_numeric($SelectedWO)){
prnMsg(_('The work order number entered MUST be numeric'),'warn');
- unset ($_REQUEST['WO']);
+ unset ($SelectedWO);
include('includes/footer.inc');
exit;
} else {
- echo _('Work Order Number') . ' - ' . $_REQUEST['WO'];
+ echo _('Work Order Number') . ' - ' . $SelectedWO;
}
}
@@ -108,10 +125,10 @@
$OrdersAfterDate = Date('d/m/Y',Mktime(0,0,0,Date('m')-2,Date('d'),Date('Y')));
*/
- if (!isset($_REQUEST['WO']) or ($_REQUEST['WO']=='')){
+ if (!isset($SelectedWO) or ($SelectedWO=='')){
echo '<table class="selection"><tr><td>';
- if (isset($_REQUEST['SelectedStockItem'])) {
- echo _('For the item') . ': ' . $_REQUEST['SelectedStockItem'] . ' ' . _('and') . ' <input type="hidden" name="SelectedStockItem" value="' . $_REQUEST['SelectedStockItem'] . '" />';
+ if (isset($SelectedStockItem)) {
+ echo _('For the item') . ': ' . $SelectedStockItem . ' ' . _('and') . ' <input type="hidden" name="SelectedStockItem" value="' . $SelectedStockItem . '" />';
}
echo _('Work Order number') . ': <input type="text" name="WO" maxlength="8" size="9" /> ' . _('Processing at') . ':<select name="StockLocation"> ';
@@ -244,7 +261,7 @@
} else {
$ClosedOrOpen = 1;
}
- if (isset($_REQUEST['WO']) AND $_REQUEST['WO'] !='') {
+ if (isset($SelectedWO) AND $SelectedWO !='') {
$SQL = "SELECT workorders.wo,
woitems.stockid,
stockmaster.description,
@@ -257,13 +274,13 @@
INNER JOIN woitems ON workorders.wo=woitems.wo
INNER JOIN stockmaster ON woitems.stockid=stockmaster.stockid
WHERE workorders.closed='" . $ClosedOrOpen . "'
- AND workorders.wo='". $_REQUEST['WO'] ."'
+ AND workorders.wo='". $SelectedWO ."'
ORDER BY workorders.wo,
woitems.stockid";
} else {
/* $DateAfterCriteria = FormatDateforSQL($OrdersAfterDate); */
- if (isset($_REQUEST['SelectedStockItem'])) {
+ if (isset($SelectedStockItem)) {
$SQL = "SELECT workorders.wo,
woitems.stockid,
stockmaster.description,
@@ -276,7 +293,7 @@
INNER JOIN woitems ON workorders.wo=woitems.wo
INNER JOIN stockmaster ON woitems.stockid=stockmaster.stockid
WHERE workorders.closed='" . $ClosedOrOpen . "'
- AND woitems.stockid='". $_REQUEST['SelectedStockItem'] ."'
+ AND woitems.stockid='". $SelectedStockItem ."'
AND workorders.loccode='" . $_POST['StockLocation'] . "'
ORDER BY workorders.wo,
woitems.stockid";
Modified: trunk/WorkOrderEntry.php
===================================================================
--- trunk/WorkOrderEntry.php 2012-09-07 11:56:04 UTC (rev 5630)
+++ trunk/WorkOrderEntry.php 2012-09-07 22:46:18 UTC (rev 5631)
@@ -11,6 +11,15 @@
<img src="'.$rootpath.'/css/'.$theme.'/images/transactions.png" title="' . _('Search') . '" alt="" />' . ' ' . $title.'
</p>';
+
+if (isset($_GET['WO'])) {
+ $SelectedWO = $_GET['WO'];
+} elseif (isset($_POST['WO'])){
+ $SelectedWO = $_POST['WO'];
+} else {
+ unset($SelectedWO);
+}
+
if (isset($_GET['ReqDate'])){
$ReqDate = ConvertSQLDate($_GET['ReqDate']);
} else {
@@ -36,9 +45,9 @@
}
// check for new or modify condition
-if (isset($_REQUEST['WO']) AND$_REQUEST['WO']!=''){
+if (isset($SelectedWO) AND$SelectedWO!=''){
// modify
- $_POST['WO'] = (int)$_REQUEST['WO'];
+ $_POST['WO'] = (int)$SelectedWO;
$EditingExisting = true;
} else {
// new
@@ -274,7 +283,7 @@
echo '<div class="centre"><a href="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') .'">' . _('Enter a new work order') . '</a>';
echo '<br /><a href="' . $rootpath . '/SelectWorkOrder.php">' . _('Select an existing work order') . '</a>';
- echo '<br /><a href="'. $rootpath . '/WorkOrderCosting.php?WO=' . $_REQUEST['WO'] . '">' . _('Go to Costing'). '</a></div>';
+ echo '<br /><a href="'. $rootpath . '/WorkOrderCosting.php?WO=' . $SelectedWO . '">' . _('Go to Costing'). '</a></div>';
$Input_Error = false; //hope for the best
for ($i=1;$i<=$_POST['NumberOfOutputs'];$i++){
Modified: trunk/WorkOrderStatus.php
===================================================================
--- trunk/WorkOrderStatus.php 2012-09-07 11:56:04 UTC (rev 5630)
+++ trunk/WorkOrderStatus.php 2012-09-07 22:46:18 UTC (rev 5631)
@@ -5,117 +5,133 @@
$title = _('Work Order Status Inquiry');
include('includes/header.inc');
- $ErrMsg = _('Could not retrieve the details of the selected work order item');
- $WOResult = DB_query("SELECT workorders.loccode,
- locations.locationname,
- workorders.requiredby,
- workorders.startdate,
- workorders.closed,
- stockmaster.description,
- stockmaster.decimalplaces,
- stockmaster.units,
- woitems.qtyreqd,
- woitems.qtyrecd
- FROM workorders INNER JOIN locations
- ON workorders.loccode=locations.loccode
- INNER JOIN woitems
- ON workorders.wo=woitems.wo
- INNER JOIN stockmaster
- ON woitems.stockid=stockmaster.stockid
- WHERE woitems.stockid='" . $_REQUEST['StockID'] . "'
- AND woitems.wo ='" . $_REQUEST['WO'] . "'",
- $db,
- $ErrMsg);
+if (isset($_GET['WO'])) {
+ $SelectedWO = $_GET['WO'];
+} elseif (isset($_POST['WO'])){
+ $SelectedWO = $_POST['WO'];
+} else {
+ unset($SelectedWO);
+}
+if (isset($_GET['StockID'])) {
+ $StockID = $_GET['StockID'];
+} elseif (isset($_POST['StockID'])){
+ $StockID = $_POST['StockID'];
+} else {
+ unset($StockID);
+}
- if (DB_num_rows($WOResult)==0){
- prnMsg(_('The selected work order item cannot be retrieved from the database'),'info');
- include('includes/footer.inc');
- exit;
- }
- $WORow = DB_fetch_array($WOResult);
- echo '<a href="'. $rootpath . '/SelectWorkOrder.php">' . _('Back to Work Orders'). '</a><br />';
- echo '<a href="'. $rootpath . '/WorkOrderCosting.php?WO=' . $_REQUEST['WO'] . '">' . _('Back to Costing'). '</a><br />';
+$ErrMsg = _('Could not retrieve the details of the selected work order item');
+$WOResult = DB_query("SELECT workorders.loccode,
+ locations.locationname,
+ workorders.requiredby,
+ workorders.startdate,
+ workorders.closed,
+ stockmaster.description,
+ stockmaster.decimalplaces,
+ stockmaster.units,
+ woitems.qtyreqd,
+ woitems.qtyrecd
+ FROM workorders INNER JOIN locations
+ ON workorders.loccode=locations.loccode
+ INNER JOIN woitems
+ ON workorders.wo=woitems.wo
+ INNER JOIN stockmaster
+ ON woitems.stockid=stockmaster.stockid
+ WHERE woitems.stockid='" . $StockID . "'
+ AND woitems.wo ='" . $SelectedWO . "'",
+ $db,
+ $ErrMsg);
- echo '<p class="page_title_text">
- <img src="'.$rootpath.'/css/'.$theme.'/images/group_add.png" title="' .
- _('Search') . '" alt="" />' . ' ' . $title.'
- </p>';
+if (DB_num_rows($WOResult)==0){
+ prnMsg(_('The selected work order item cannot be retrieved from the database'),'info');
+ include('includes/footer.inc');
+ exit;
+}
+$WORow = DB_fetch_array($WOResult);
- echo '<table cellpadding="2" class="selection">
- <tr>
- <td class="label">' . _('Work order Number') . ':</td>
- <td>' . $_REQUEST['WO'] .'</td>
- <td class="label">' . _('Item') . ':</td>
- <td>' . $_REQUEST['StockID'] . ' - ' . $WORow['description'] . '</td>
- </tr>
- <tr>
- <td class="label">' . _('Manufactured at') . ':</td>
- <td>' . $WORow['locationname'] . '</td>
- <td class="label">' . _('Required By') . ':</td>
- <td>' . ConvertSQLDate($WORow['requiredby']) . '</td>
- </tr>
- <tr>
- <td class="label">' . _('Quantity Ordered') . ':</td>
- <td class="number">' . locale_number_format($WORow['qtyreqd'],$WORow['decimalplaces']) . '</td>
- <td colspan="2">' . $WORow['units'] . '</td>
- </tr>
- <tr>
- <td class="label">' . _('Already Received') . ':</td>
- <td class="number">' . locale_number_format($WORow['qtyrecd'],$WORow['decimalplaces']) . '</td>
- <td colspan="2">' . $WORow['units'] . '</td>
- </tr>
- <tr>
- <td class="label">' . _('Start Date') . ':</td>
- <td>' . ConvertSQLDate($WORow['startdate']) . '</td>
- </tr>
- </table>
- <br />';
+echo '<a href="'. $rootpath . '/SelectWorkOrder.php">' . _('Back to Work Orders'). '</a><br />';
+echo '<a href="'. $rootpath . '/WorkOrderCosting.php?WO=' . $SelectedWO . '">' . _('Back to Costing'). '</a><br />';
- //set up options for selection of the item to be issued to the WO
- echo '<table class="selection">
- <tr>
- <th colspan="5"><h3>' . _('Material Requirements For this Work Order') . '</h3></th>
- </tr>';
- echo '<tr>
- <th colspan="2">' . _('Item') . '</th>
- <th>' . _('Qty Required') . '</th>
- <th>' . _('Qty Issued') . '</th>
+echo '<p class="page_title_text">
+ <img src="'.$rootpath.'/css/'.$theme.'/images/group_add.png" title="' .
+ _('Search') . '" alt="" />' . ' ' . $title.'
+ </p>';
+
+echo '<table cellpadding="2" class="selection">
+ <tr>
+ <td class="label">' . _('Work order Number') . ':</td>
+ <td>' . $SelectedWO .'</td>
+ <td class="label">' . _('Item') . ':</td>
+ <td>' . $StockID . ' - ' . $WORow['description'] . '</td>
+ </tr>
+ <tr>
+ <td class="label">' . _('Manufactured at') . ':</td>
+ <td>' . $WORow['locationname'] . '</td>
+ <td class="label">' . _('Required By') . ':</td>
+ <td>' . ConvertSQLDate($WORow['requiredby']) . '</td>
+ </tr>
+ <tr>
+ <td class="label">' . _('Quantity Ordered') . ':</td>
+ <td class="number">' . locale_number_format($WORow['qtyreqd'],$WORow['decimalplaces']) . '</td>
+ <td colspan="2">' . $WORow['units'] . '</td>
+ </tr>
+ <tr>
+ <td class="label">' . _('Already Received') . ':</td>
+ <td class="number">' . locale_number_format($WORow['qtyrecd'],$WORow['decimalplaces']) . '</td>
+ <td colspan="2">' . $WORow['units'] . '</td>
+ </tr>
+ <tr>
+ <td class="label">' . _('Start Date') . ':</td>
+ <td>' . ConvertSQLDate($WORow['startdate']) . '</td>
+ </tr>
+ </table>
+ <br />';
+
+ //set up options for selection of the item to be issued to the WO
+ echo '<table class="selection">
+ <tr>
+ <th colspan="5"><h3>' . _('Material Requirements For this Work Order') . '</h3></th>
</tr>';
+ echo '<tr>
+ <th colspan="2">' . _('Item') . '</th>
+ <th>' . _('Qty Required') . '</th>
+ <th>' . _('Qty Issued') . '</th>
+ </tr>';
- $RequirmentsResult = DB_query("SELECT worequirements.stockid,
- stockmaster.description,
- stockmaster.decimalplaces,
- autoissue,
- qtypu
- FROM worequirements INNER JOIN stockmaster
- ON worequirements.stockid=stockmaster.stockid
- WHERE wo='" . $_REQUEST['WO'] . "'",
- $db);
+ $RequirmentsResult = DB_query("SELECT worequirements.stockid,
+ stockmaster.description,
+ stockmaster.decimalplaces,
+ autoissue,
+ qtypu
+ FROM worequirements INNER JOIN stockmaster
+ ON worequirements.stockid=stockmaster.stockid
+ WHERE wo='" . $SelectedWO . "'",
+ $db);
- while ($RequirementsRow = DB_fetch_array($RequirmentsResult)){
- if ($RequirementsRow['autoissue']==0){
- echo '<tr>
- <td>' . _('Manual Issue') . '</td>
- <td>' . $RequirementsRow['stockid'] . ' - ' . $RequirementsRow['description'] . '</td>';
- } else {
- echo '<tr>
- <td class="notavailable">' . _('Auto Issue') . '</td>
- <td class="notavailable">' .$RequirementsRow['stockid'] . ' - ' . $RequirementsRow['description'] .'</td>';
- }
- $IssuedAlreadyResult = DB_query("SELECT SUM(-qty) FROM stockmoves
- WHERE stockmoves.type=28
- AND stockid='" . $RequirementsRow['stockid'] . "'
- AND reference='" . $_REQUEST['WO'] . "'",
- $db);
- $IssuedAlreadyRow = DB_fetch_row($IssuedAlreadyResult);
-
- echo '<td align="right">' . locale_number_format($WORow['qtyreqd']*$RequirementsRow['qtypu'],$RequirementsRow['decimalplaces']) . '</td>
- <td align="right">' . locale_number_format($IssuedAlreadyRow[0],$RequirementsRow['decimalplaces']) . '</td></tr>';
+ while ($RequirementsRow = DB_fetch_array($RequirmentsResult)){
+ if ($RequirementsRow['autoissue']==0){
+ echo '<tr>
+ <td>' . _('Manual Issue') . '</td>
+ <td>' . $RequirementsRow['stockid'] . ' - ' . $RequirementsRow['description'] . '</td>';
+ } else {
+ echo '<tr>
+ <td class="notavailable">' . _('Auto Issue') . '</td>
+ <td class="notavailable">' .$RequirementsRow['stockid'] . ' - ' . $RequirementsRow['description'] .'</td>';
}
+ $IssuedAlreadyResult = DB_query("SELECT SUM(-qty) FROM stockmoves
+ WHERE stockmoves.type=28
+ AND stockid='" . $RequirementsRow['stockid'] . "'
+ AND reference='" . $SelectedWO . "'",
+ $db);
+ $IssuedAlreadyRow = DB_fetch_row($IssuedAlreadyResult);
- echo '</table>';
+ echo '<td align="right">' . locale_number_format($WORow['qtyreqd']*$RequirementsRow['qtypu'],$RequirementsRow['decimalplaces']) . '</td>
+ <td align="right">' . locale_number_format($IssuedAlreadyRow[0],$RequirementsRow['decimalplaces']) . '</td></tr>';
+ }
+ echo '</table>';
+
include('includes/footer.inc');
?>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
