Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[5755] trunk
|
From: <dai...@us...> - 2012-12-10 08:25:48
|
Revision: 5755
http://sourceforge.net/p/web-erp/reponame/5755
Author: daintree
Date: 2012-12-10 08:25:45 +0000 (Mon, 10 Dec 2012)
Log Message:
-----------
remove hard coding of security tokens in favour of dummy script
Modified Paths:
--------------
trunk/CounterReturns.php
trunk/CounterSales.php
trunk/SelectOrderItems.php
trunk/doc/Change.log
trunk/sql/mysql/upgrade4.09-4.10.sql
Modified: trunk/CounterReturns.php
===================================================================
--- trunk/CounterReturns.php 2012-12-09 15:34:31 UTC (rev 5754)
+++ trunk/CounterReturns.php 2012-12-10 08:25:45 UTC (rev 5755)
@@ -756,11 +756,7 @@
} /* end of loop around items */
echo '<tr class="EvenTableRows">';
- if (in_array(13,$_SESSION['AllowedPageSecurityTokens'])){
- echo '<td colspan="8" class="number"><b>' . _('Total') . '</b></td>';
- } else {
- echo '<td colspan="6" class="number"><b>' . _('Total') . '</b></td>';
- }
+ echo '<td colspan="8" class="number"><b>' . _('Total') . '</b></td>';
echo '<td class="number">' . locale_number_format(($_SESSION['Items'.$identifier]->total),$_SESSION['Items'.$identifier]->CurrDecimalPlaces) . '</td>
<td class="number">' . locale_number_format($TaxTotal,$_SESSION['Items'.$identifier]->CurrDecimalPlaces) . '</td>
<td class="number">' . locale_number_format(($_SESSION['Items'.$identifier]->total+$TaxTotal),$_SESSION['Items'.$identifier]->CurrDecimalPlaces) . '</td>
Modified: trunk/CounterSales.php
===================================================================
--- trunk/CounterSales.php 2012-12-09 15:34:31 UTC (rev 5754)
+++ trunk/CounterSales.php 2012-12-10 08:25:45 UTC (rev 5755)
@@ -746,7 +746,7 @@
<th>' . _('QOH') . '</th>
<th>' . _('Unit') . '</th>
<th>' . _('Price') . '</th>';
- if (in_array(13,$_SESSION['AllowedPageSecurityTokens'])){
+ if (in_array($_SESSION['PageSecurityArray']['OrderEntryDiscountPricing'], $_SESSION['AllowedPageSecurityTokens'])){
echo '<th>' . _('Discount') . '</th>
<th>' . _('GP %') . '</th>';
}
@@ -792,7 +792,7 @@
echo '</td>
<td class="number">' . locale_number_format($OrderLine->QOHatLoc,$OrderLine->DecimalPlaces) . '</td>
<td>' . $OrderLine->Units . '</td>';
- if (in_array(13,$_SESSION['AllowedPageSecurityTokens'])){
+ if (in_array($_SESSION['PageSecurityArray']['OrderEntryDiscountPricing'], $_SESSION['AllowedPageSecurityTokens'])){
echo '<td><input class="number" type="text" name="Price_' . $OrderLine->LineNumber . '" size="16" maxlength="16" value="' . locale_number_format($OrderLine->Price,$_SESSION['Items'.$identifier]->CurrDecimalPlaces) . '" /></td>
<td><input class="number" type="text" name="Discount_' . $OrderLine->LineNumber . '" size="5" maxlength="4" value="' . locale_number_format(($OrderLine->DiscountPercent * 100),2) . '" /></td>
<td><input class="number" type="text" name="GPPercent_' . $OrderLine->LineNumber . '" size="3" maxlength="40" value="' . locale_number_format($OrderLine->GPPercent,2) . '" /></td>';
@@ -845,7 +845,7 @@
} /* end of loop around items */
echo '<tr class="EvenTableRows">';
- if (in_array(13,$_SESSION['AllowedPageSecurityTokens'])){
+ if (in_array($_SESSION['PageSecurityArray']['OrderEntryDiscountPricing'], $_SESSION['AllowedPageSecurityTokens'])){
echo '<td colspan="8" class="number"><b>' . _('Total') . '</b></td>';
} else {
echo '<td colspan="6" class="number"><b>' . _('Total') . '</b></td>';
Modified: trunk/SelectOrderItems.php
===================================================================
--- trunk/SelectOrderItems.php 2012-12-09 15:34:31 UTC (rev 5754)
+++ trunk/SelectOrderItems.php 2012-12-10 08:25:45 UTC (rev 5755)
@@ -278,7 +278,9 @@
$_SESSION['Items'.$identifier] = new cart;
$_SESSION['PrintedPackingSlip'] = 0; /*Of course cos the order aint even started !!*/
- if (in_array(2,$_SESSION['AllowedPageSecurityTokens'])
+
+
+ if (in_array($_SESSION['PageSecurityArray']['ConfirmDispatch_Invoice.php'], $_SESSION['AllowedPageSecurityTokens'])
AND ($_SESSION['Items'.$identifier]->DebtorNo==''
OR !isset($_SESSION['Items'.$identifier]->DebtorNo))){
@@ -300,10 +302,10 @@
}
}
-//Customer logins are not allowed to select other customers hence in_array(2,$_SESSION['AllowedPageSecurityTokens'])
+//Customer logins are not allowed to select other customers hence in_array($_SESSION['PageSecurityArray']['ConfirmDispatch_Invoice.php'], $_SESSION['AllowedPageSecurityTokens'])
if (isset($_POST['SearchCust'])
AND $_SESSION['RequireCustomerSelection']==1
- AND in_array(2,$_SESSION['AllowedPageSecurityTokens'])){
+ AND in_array($_SESSION['PageSecurityArray']['ConfirmDispatch_Invoice.php'], $_SESSION['AllowedPageSecurityTokens'])){
if (($_POST['CustKeywords']=='') AND ($_POST['CustCode']=='') AND ($_POST['CustPhone']=='')) {
$SQL = "SELECT custbranch.brname,
@@ -718,7 +720,7 @@
unset($_SESSION['Items'.$identifier]);
$_SESSION['Items'.$identifier] = new cart;
- if (in_array(2,$_SESSION['AllowedPageSecurityTokens'])){
+ if (in_array($_SESSION['PageSecurityArray']['ConfirmDispatch_Invoice.php'], $_SESSION['AllowedPageSecurityTokens'])){
$_SESSION['RequireCustomerSelection'] = 1;
} else {
$_SESSION['RequireCustomerSelection'] = 0;
@@ -1374,7 +1376,7 @@
<th>' . _('Unit') . '</th>
<th>' . _('Price') . '</th>';
- if (in_array(13,$_SESSION['AllowedPageSecurityTokens'])){
+ if (in_array($_SESSION['PageSecurityArray']['OrderEntryDiscountPricing'], $_SESSION['AllowedPageSecurityTokens'])){
echo '<th>' . _('Discount') . '</th>
<th>' . _('GP %') . '</th>';
}
@@ -1423,7 +1425,7 @@
<td class="number">' . locale_number_format($OrderLine->QOHatLoc,$OrderLine->DecimalPlaces) . '</td>
<td>' . $OrderLine->Units . '</td>';
- if (in_array(13,$_SESSION['AllowedPageSecurityTokens'])){
+ if (in_array($_SESSION['PageSecurityArray']['OrderEntryDiscountPricing'], $_SESSION['AllowedPageSecurityTokens'])){
/*OK to display with discount if it is an internal user with appropriate permissions */
echo '<td><input class="number" type="text" name="Price_' . $OrderLine->LineNumber . '" size="16" maxlength="16" value="' . locale_number_format($OrderLine->Price,$_SESSION['Items'.$identifier]->CurrDecimalPlaces) . '" /></td>
<td><input class="number" type="text" name="Discount_' . $OrderLine->LineNumber . '" size="5" maxlength="4" value="' . locale_number_format(($OrderLine->DiscountPercent * 100),2) . '" /></td>
@@ -1463,7 +1465,7 @@
} /* end of loop around items */
$DisplayTotal = locale_number_format($_SESSION['Items'.$identifier]->total,$_SESSION['Items'.$identifier]->CurrDecimalPlaces);
- if (in_array(13,$_SESSION['AllowedPageSecurityTokens'])){
+ if (in_array($_SESSION['PageSecurityArray']['OrderEntryDiscountPricing'], $_SESSION['AllowedPageSecurityTokens'])){
$ColSpanNumber = 2;
} else {
$ColSpanNumber = 1;
@@ -1695,7 +1697,7 @@
<td style="text-align:center" colspan="1"><input tabindex="4" type="submit" name="Search" value="' . _('Search Now') . '" /></td>
<td style="text-align:center" colspan="1"><input tabindex="5" type="submit" name="QuickEntry" value="' . _('Use Quick Entry') . '" /></td>';
- if (in_array(2,$_SESSION['AllowedPageSecurityTokens'])){ //not a customer entry of own order
+ if (in_array($_SESSION['PageSecurityArray']['ConfirmDispatch_Invoice.php'], $_SESSION['AllowedPageSecurityTokens'])){ //not a customer entry of own order
echo '<td style="text-align:center" colspan="1"><input tabindex="6" type="submit" name="ChangeCustomer" value="' . _('Change Customer') . '" /></td>
<td style="text-align:center" colspan="1"><input tabindex="7" type="submit" name="SelectAsset" value="' . _('Fixed Asset Disposal') . '" /></td>';
}
Modified: trunk/doc/Change.log
===================================================================
--- trunk/doc/Change.log 2012-12-09 15:34:31 UTC (rev 5754)
+++ trunk/doc/Change.log 2012-12-10 08:25:45 UTC (rev 5755)
@@ -1,5 +1,6 @@
webERP Change Log
+10/12/12 Phil: Remove hard coding of security tokens in favour of new OrderEntryDiscountPricing dummy script
8/12/12 Phil: Check user has authority to receive goods before allowing auto receiving
7/12/12 Phil: SupplierInvoice.php add link to pay invoice after invoice input
5/12/12 Phil: Allow auto receiving of purchase orders and populating of purchase invoice when purchase order is authorised.
Modified: trunk/sql/mysql/upgrade4.09-4.10.sql
===================================================================
--- trunk/sql/mysql/upgrade4.09-4.10.sql 2012-12-09 15:34:31 UTC (rev 5754)
+++ trunk/sql/mysql/upgrade4.09-4.10.sql 2012-12-10 08:25:45 UTC (rev 5755)
@@ -4,6 +4,10 @@
ALTER TABLE `salesorderdetails` DROP `commissionrate`;
ALTER TABLE `salesorderdetails` DROP `commissionearned`;
INSERT INTO scripts VALUES ('CounterReturns.php','5','Allows credits and refunds from the default Counter Sale account for an inventory location');
-UPDATE config SET confvalue='4.09.1' WHERE confname='VersionNumber';
+ALTER TABLE purchorders MODIFY `initiator` VARCHAR(20);
+INSERT INTO `weberpdemo`.`scripts` (`script` , `pagesecurity` , `description`)
+VALUES ('OrderEntryDiscountPricing', '13', 'Not a script but an authority level marker - required if the user is allowed to enter discounts against a customer order'
+);
+UPDATE config SET confvalue='4.10.0' WHERE confname='VersionNumber';
-ALTER TABLE purchorders MODIFY `initiator` VARCHAR(20);
+
|
