Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[5635] trunk
|
From: <dai...@us...> - 2012-09-08 04:24:15
|
Revision: 5635
http://web-erp.svn.sourceforge.net/web-erp/?rev=5635&view=rev
Author: daintree
Date: 2012-09-08 04:24:09 +0000 (Sat, 08 Sep 2012)
Log Message:
-----------
remove REQUEST use
Modified Paths:
--------------
trunk/EmailConfirmation.php
trunk/SelectSalesOrder.php
Modified: trunk/EmailConfirmation.php
===================================================================
--- trunk/EmailConfirmation.php 2012-09-08 04:03:09 UTC (rev 5634)
+++ trunk/EmailConfirmation.php 2012-09-08 04:24:09 UTC (rev 5635)
@@ -211,7 +211,7 @@
}
$MailMessage .= '</table>
<table border="1" width="50%"><tr>';
-if($_REQUEST['POLine'] == 1){
+if($_GET['POLine'] == 1){
$MailMessage .= '<td>' . _('PO Line') . '</td>';
}
$MailMessage .= '<td>' . _('Stock Code') . '</td>
@@ -252,7 +252,7 @@
$ItemDue[$i] = date('M d, Y',strtotime($myrow2['itemdue']));
}
$MailMessage .= '<tr>';
- if($_REQUEST['POLine'] == 1){
+ if($_GET['POLine'] == 1){
$MailMessage .= '<td align="right">' . $POLine[$i] . '</td>';
}
$MailMessage .= '<td>' . $myrow2['stkcode'] . '</td>
Modified: trunk/SelectSalesOrder.php
===================================================================
--- trunk/SelectSalesOrder.php 2012-09-08 04:03:09 UTC (rev 5634)
+++ trunk/SelectSalesOrder.php 2012-09-08 04:24:09 UTC (rev 5635)
@@ -190,8 +190,8 @@
//if the user has authority to authorise the PO then it should be created as authorised
$AuthSQL ="SELECT authlevel
FROM purchorderauth
- WHERE userid='".$_SESSION['UserID']."'
- AND currabrev='".$SuppRow['currcode']."'";
+ WHERE userid='" . $_SESSION['UserID'] . "'
+ AND currabrev='" . $SuppRow['currcode'] . "'";
$AuthResult=DB_query($AuthSQL,$db);
$AuthRow=DB_fetch_array($AuthResult);
@@ -234,7 +234,7 @@
$PO_OrderNo = GetNextTransNo(18, $db); //get the next PO number
$SupplierID = $ItemRow['supplierno'];
- $Order_Value =0;
+ $Order_Value = 0;
/*Now get all the required details for the supplier */
$sql = "SELECT address1,
address2,
@@ -409,15 +409,25 @@
echo '<br /><div class="centre">';
-if (isset($_REQUEST['OrderNumber']) AND $_REQUEST['OrderNumber']!='') {
- $_REQUEST['OrderNumber'] = trim($_REQUEST['OrderNumber']);
- if (!is_numeric($_REQUEST['OrderNumber'])){
- echo '<br /><b>' . _('The Order Number entered MUST be numeric') . '</b><br />';
- unset ($_REQUEST['OrderNumber']);
+if (isset($_GET['OrderNumber'])){
+ $OrderNumber = $_GET['OrderNumber'];
+} elseif (isset($_POST['OrderNumber'])){
+ $OrderNumber = $_POST['OrderNumber'];
+} else {
+ unset($OrderNumber);
+}
+
+if (isset($OrderNumber) AND $OrderNumber!='') {
+ $OrderNumber = trim($OrderNumber);
+ if (!is_numeric($OrderNumber)){
+ echo '<br />
+ <b>' . _('The Order Number entered MUST be numeric') . '</b>
+ <br />';
+ unset ($OrderNumber);
include('includes/footer.inc');
exit;
} else {
- echo _('Order Number') . ' - ' . $_REQUEST['OrderNumber'];
+ echo _('Order Number') . ' - ' . $OrderNumber;
}
} else {
if (isset($SelectedCustomer)) {
@@ -504,7 +514,7 @@
$OrdersAfterDate = Date('d/m/Y',Mktime(0,0,0,Date('m')-2,Date('d'),Date('Y')));
*/
- if (!isset($_REQUEST['OrderNumber']) OR $_REQUEST['OrderNumber']==''){
+ if (!isset($OrderNumber) OR $OrderNumber==''){
echo '<table class="selection">
<tr>
@@ -648,8 +658,8 @@
if(!isset($_POST['StockLocation'])) {
$_POST['StockLocation'] = '';
}
- if (isset($_REQUEST['OrderNumber'])
- AND $_REQUEST['OrderNumber'] !='') {
+ if (isset($OrderNumber)
+ AND $OrderNumber !='') {
$SQL = "SELECT salesorders.orderno,
debtorsmaster.name,
custbranch.brname,
@@ -670,7 +680,7 @@
INNER JOIN currencies
ON debtorsmaster.currcode = currencies.currabrev
WHERE salesorderdetails.completed=0
- AND salesorders.orderno=". $_REQUEST['OrderNumber'] ."
+ AND salesorders.orderno=". $OrderNumber ."
AND salesorders.quotation =" .$Quotations . "
GROUP BY salesorders.orderno,
debtorsmaster.name,
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
