[Web-erp-svn] SF.net SVN: web-erp:[5834] trunk

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 5834
          http://sourceforge.net/p/web-erp/reponame/5834
Author:   tim_schofield
Date:     2013-04-05 21:57:44 +0000 (Fri, 05 Apr 2013)
Log Message:
-----------
Fix problems with ampersand and apostrophes in Supplier codes

Modified Paths:
--------------
    trunk/SelectSupplier.php
    trunk/Suppliers.php

Modified: trunk/SelectSupplier.php
===================================================================

--- trunk/SelectSupplier.php	2013-04-05 20:42:38 UTC (rev 5833)
+++ trunk/SelectSupplier.php	2013-04-05 21:57:44 UTC (rev 5834)
@@ -4,20 +4,20 @@
 include ('includes/session.inc');
 $Title = _('Search Suppliers');
 
-/* webERP manual links before header.inc */
+/* KwaMoja manual links before header.inc */
 $ViewTopic= 'AccountsPayable';
 $BookMark = 'SelectSupplier';
 
 include ('includes/header.inc');
 include ('includes/SQL_CommonFunctions.inc');
 if (!isset($_SESSION['SupplierID'])) {
-	echo '<p class="page_title_text"><img src="' . $RootPath . '/css/' . $Theme . '/images/supplier.png" title="' . _('Search') . '" alt="" />' . ' ' . _('Suppliers') . '</p>';
+	echo '<p class="page_title_text noPrint" ><img src="' . $RootPath . '/css/' . $Theme . '/images/supplier.png" title="' . _('Search') . '" alt="" />' . ' ' . _('Suppliers') . '</p>';
 }
 if (isset($_GET['SupplierID'])) {
 	$_SESSION['SupplierID']=$_GET['SupplierID'];
 }
 // only get geocode information if integration is on, and supplier has been selected
-if ($_SESSION['geocode_integration'] == 1 AND isset($_SESSION['SupplierID'])) {
+if ($_SESSION['geocode_integration'] == 1 and isset($_SESSION['SupplierID'])) {
 	$sql = "SELECT * FROM geocode_param WHERE 1";
 	$ErrMsg = _('An error occurred in retrieving the information');;
 	$result = DB_query($sql, $db, $ErrMsg);
@@ -82,10 +82,10 @@
 	OR isset($_POST['Next'])
 	OR isset($_POST['Previous'])) {
 
-	if (mb_strlen($_POST['Keywords']) > 0 AND mb_strlen($_POST['SupplierCode']) > 0) {
+	if (mb_strlen($_POST['Keywords']) > 0 and mb_strlen($_POST['SupplierCode']) > 0) {
 		prnMsg( _('Supplier name keywords have been used in preference to the Supplier code extract entered'), 'info' );
 	}
-	if ($_POST['Keywords'] == '' AND $_POST['SupplierCode'] == '') {
+	if ($_POST['Keywords'] == '' and $_POST['SupplierCode'] == '') {
 		$SQL = "SELECT supplierid,
 					suppname,
 					currcode,
@@ -151,8 +151,8 @@
 		$myrow = DB_fetch_row($SupplierNameResult);
 		$SupplierName = $myrow[0];
 	}
-	echo '<p class="page_title_text"><img src="' . $RootPath . '/css/' . $Theme . '/images/supplier.png" title="' . _('Supplier') . '" alt="" />' . ' ' . _('Supplier') . ' : <b>' . $_SESSION['SupplierID'] . ' - ' . $SupplierName . '</b> ' . _('has been selected') . '.</p>';
-	echo '<div class="page_help_text">' . _('Select a menu option to operate using this supplier.') . '</div>';
+	echo '<p class="page_title_text noPrint" ><img src="' . $RootPath . '/css/' . $Theme . '/images/supplier.png" title="' . _('Supplier') . '" alt="" />' . ' ' . _('Supplier') . ' : <b>' . stripslashes($_SESSION['SupplierID']) . ' - ' . $SupplierName . '</b> ' . _('has been selected') . '.</p>';
+	echo '<div class="page_help_text noPrint">' . _('Select a menu option to operate using this supplier.') . '</div>';
 	echo '<br />
 		<table width="90%" cellpadding="4">
 		<tr>
@@ -161,35 +161,34 @@
 			<th style="width:33%">' . _('Supplier Maintenance') . '</th>
 		</tr>';
 	echo '<tr><td valign="top" class="select">'; /* Inquiry Options */
-	echo '<a href="' . $RootPath . '/SupplierInquiry.php?SupplierID=' . $_SESSION['SupplierID'] . '">' . _('Supplier Account Inquiry') . '</a>
+	echo '<a href="' . $RootPath . '/SupplierInquiry.php?SupplierID=' . urlencode(stripslashes($_SESSION['SupplierID'])) . '">' . _('Supplier Account Inquiry') . '</a>
 		<br />
 		<br />';
 
-	echo '<br /><a href="' . $RootPath . '/PO_SelectOSPurchOrder.php?SelectedSupplier=' . $_SESSION['SupplierID'] . '">' . _('Add / Receive / View Outstanding Purchase Orders') . '</a>';
-	echo '<br /><a href="' . $RootPath . '/PO_SelectPurchOrder.php?SelectedSupplier=' . $_SESSION['SupplierID'] . '">' . _('View All Purchase Orders') . '</a><br />';
-	wikiLink('Supplier', $_SESSION['SupplierID']);
-	echo '<br /><a href="' . $RootPath . '/ShiptsList.php?SupplierID=' . $_SESSION['SupplierID'] . '&amp;SupplierName=' . urlencode($SupplierName) . '">' . _('List all open shipments for') .' '.$SupplierName. '</a>';
-	echo '<br /><a href="' . $RootPath . '/Shipt_Select.php?SelectedSupplier=' . $_SESSION['SupplierID'] . '">' . _('Search / Modify / Close Shipments') . '</a>';
-	echo '<br /><a href="' . $RootPath . '/SuppPriceList.php?SelectedSupplier=' . $_SESSION['SupplierID'] . '">' . _('Supplier Price List') . '</a>';
+	echo '<br /><a href="' . $RootPath . '/PO_SelectOSPurchOrder.php?SelectedSupplier=' . urlencode(stripslashes($_SESSION['SupplierID'])) . '">' . _('Add / Receive / View Outstanding Purchase Orders') . '</a>';
+	echo '<br /><a href="' . $RootPath . '/PO_SelectPurchOrder.php?SelectedSupplier=' . urlencode(stripslashes($_SESSION['SupplierID'])) . '">' . _('View All Purchase Orders') . '</a><br />';
+	wikiLink('Supplier', urlencode(stripslashes($_SESSION['SupplierID'])));
+	echo '<br /><a href="' . $RootPath . '/ShiptsList.php?SupplierID=' . urlencode(stripslashes($_SESSION['SupplierID'])) . '&amp;SupplierName=' . urlencode($SupplierName) . '">' . _('List all open shipments for') .' '.$SupplierName. '</a>';
+	echo '<br /><a href="' . $RootPath . '/Shipt_Select.php?SelectedSupplier=' . urlencode(stripslashes($_SESSION['SupplierID'])) . '">' . _('Search / Modify / Close Shipments') . '</a>';
+	echo '<br /><a href="' . $RootPath . '/SuppPriceList.php?SelectedSupplier=' . urlencode(stripslashes($_SESSION['SupplierID'])) . '">' . _('Supplier Price List') . '</a>';
 	echo '</td><td valign="top" class="select">'; /* Supplier Transactions */
-	echo '<a href="' . $RootPath . '/PO_Header.php?NewOrder=Yes&amp;SupplierID=' . $_SESSION['SupplierID'] . '">' . _('Enter a Purchase Order for This Supplier') . '</a><br />';
-	echo '<a href="' . $RootPath . '/SupplierInvoice.php?SupplierID=' . $_SESSION['SupplierID'] . '">' . _('Enter a Suppliers Invoice') . '</a><br />';
-	echo '<a href="' . $RootPath . '/SupplierCredit.php?New=true&amp;SupplierID=' . $_SESSION['SupplierID'] . '">' . _('Enter a Suppliers Credit Note') . '</a><br />';
-	echo '<a href="' . $RootPath . '/Payments.php?SupplierID=' . $_SESSION['SupplierID'] . '">' . _('Enter a Payment to, or Receipt from the Supplier') . '</a><br />';
+	echo '<a href="' . $RootPath . '/PO_Header.php?NewOrder=Yes&amp;SupplierID=' . urlencode(stripslashes($_SESSION['SupplierID'])) . '">' . _('Enter a Purchase Order for This Supplier') . '</a><br />';
+	echo '<a href="' . $RootPath . '/SupplierInvoice.php?SupplierID=' . urlencode(stripslashes($_SESSION['SupplierID'])) . '">' . _('Enter a Suppliers Invoice') . '</a><br />';
+	echo '<a href="' . $RootPath . '/SupplierCredit.php?New=true&amp;SupplierID=' . urlencode(stripslashes($_SESSION['SupplierID'])) . '">' . _('Enter a Suppliers Credit Note') . '</a><br />';
+	echo '<a href="' . $RootPath . '/Payments.php?SupplierID=' . urlencode(stripslashes($_SESSION['SupplierID'])) . '">' . _('Enter a Payment to, or Receipt from the Supplier') . '</a><br />';
 	echo '<br />';
-	echo '<br /><a href="' . $RootPath . '/ReverseGRN.php?SupplierID=' . $_SESSION['SupplierID'] . '">' . _('Reverse an Outstanding Goods Received Note (GRN)') . '</a>';
+	echo '<br /><a href="' . $RootPath . '/ReverseGRN.php?SupplierID=' . urlencode(stripslashes($_SESSION['SupplierID'])) . '">' . _('Reverse an Outstanding Goods Received Note (GRN)') . '</a>';
 	echo '</td><td valign="top" class="select">'; /* Supplier Maintenance */
 	echo '<a href="' . $RootPath . '/Suppliers.php">' . _('Add a New Supplier') . '</a>
-		<br /><a href="' . $RootPath . '/Suppliers.php?SupplierID=' . $_SESSION['SupplierID'] . '">' . _('Modify Or Delete Supplier Details') . '</a>
-		<br /><a href="' . $RootPath . '/SupplierContacts.php?SupplierID=' . $_SESSION['SupplierID'] . '">' . _('Add/Modify/Delete Supplier Contacts') . '</a>
+		<br /><a href="' . $RootPath . '/Suppliers.php?SupplierID=' . urlencode(stripslashes($_SESSION['SupplierID'])) . '">' . _('Modify Or Delete Supplier Details') . '</a>
+		<br /><a href="' . $RootPath . '/SupplierContacts.php?SupplierID=' . urlencode(stripslashes($_SESSION['SupplierID'])) . '">' . _('Add/Modify/Delete Supplier Contacts') . '</a>
 		<br />
-		<br /><a href="' . $RootPath . '/SellThroughSupport.php?SupplierID=' . $_SESSION['SupplierID'] . '">' . _('Set Up Sell Through Support Deals') . '</a>
+		<br /><a href="' . $RootPath . '/SellThroughSupport.php?SupplierID=' . urlencode(stripslashes($_SESSION['SupplierID'])) . '">' . _('Set Up Sell Through Support Deals') . '</a>
 		<br /><a href="' . $RootPath . '/Shipments.php?NewShipment=Yes">' . _('Set Up A New Shipment') . '</a>
 		<br /><a href="' . $RootPath . '/SuppLoginSetup.php">' . _('Supplier Login Configuration') . '</a>
 		</td>
 		</tr>
 		</table>';
-} else {
 	// Supplier is not selected yet
 	echo '<br />';
 	echo '<table width="90%" cellpadding="4">
@@ -207,10 +206,10 @@
 		</tr>
 		</table>';
 }
-echo '<form action="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '" method="post">';
+echo '<form action="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '" method="post" class="noPrint">';
 echo '<div>';
 echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
-echo '<p class="page_title_text"><img src="' . $RootPath . '/css/' . $Theme . '/images/magnifier.png" title="' . _('Search') . '" alt="" />' . ' ' . _('Search for Suppliers') . '</p>
+echo '<p class="page_title_text noPrint" ><img src="' . $RootPath . '/css/' . $Theme . '/images/magnifier.png" title="' . _('Search') . '" alt="" />' . ' ' . _('Search for Suppliers') . '</p>
 	<table cellpadding="3" class="selection">
 	<tr>
 		<td>' . _('Enter a partial Name') . ':</td>
@@ -232,7 +231,7 @@
 echo '</td></tr>
 		</table>
 		<br /><div class="centre"><input type="submit" name="Search" value="' . _('Search Now') . '" /></div>';
-//if (isset($result) AND !isset($SingleSupplierReturned)) {
+//if (isset($result) and !isset($SingleSupplierReturned)) {
 if (isset($_POST['Search'])) {
 	$ListCount = DB_num_rows($result);
 	$ListPageMax = ceil($ListCount / $_SESSION['DisplayRecordsMax']);
@@ -287,7 +286,7 @@
 	if (DB_num_rows($result) <> 0) {
 		DB_data_seek($result, ($_POST['PageOffset'] - 1) * $_SESSION['DisplayRecordsMax']);
 	}
-	while (($myrow = DB_fetch_array($result)) AND ($RowIndex <> $_SESSION['DisplayRecordsMax'])) {
+	while (($myrow = DB_fetch_array($result)) and ($RowIndex <> $_SESSION['DisplayRecordsMax'])) {
 		if ($k == 1) {
 			echo '<tr class="EvenTableRows">';
 			$k = 0;

Modified: trunk/Suppliers.php
===================================================================
--- trunk/Suppliers.php	2013-04-05 20:42:38 UTC (rev 5833)
+++ trunk/Suppliers.php	2013-04-05 21:57:44 UTC (rev 5834)
@@ -5,14 +5,14 @@
 include('includes/session.inc');
 
 $Title = _('Supplier Maintenance');
-/* webERP manual links before header.inc */
+/* KwaMoja manual links before header.inc */
 $ViewTopic= 'AccountsPayable';
 $BookMark = 'NewSupplier';
 include('includes/header.inc');
 include('includes/SQL_CommonFunctions.inc');
 include('includes/CountriesArray.php');
 
-Function Is_ValidAccount ($ActNo) {
+function Is_ValidAccount ($ActNo) {
 
 	if (mb_strlen($ActNo) < 16) {
 		echo _('NZ account numbers must have 16 numeric characters in it');
@@ -43,7 +43,7 @@
 		}
 		break;
 	case '02':
-		If (!(($BranchNumber >= 1 and $BranchNumber <= 999) or ($BranchNumber >= 1200 and $BranchNumber <= 1299))) {
+		if (!(($BranchNumber >= 1 and $BranchNumber <= 999) or ($BranchNumber >= 1200 and $BranchNumber <= 1299))) {
 		echo _('Bank Of New Zealand branches must be between 0001 and 0999 or between 1200 and 1299') . '. ' . _('The branch number used is invalid');
 		return False;
 		exit;
@@ -139,7 +139,7 @@
 
 	default:
 	echo _('The prefix') . ' - ' . $BankPrefix . ' ' . _('is not a valid New Zealand Bank') . '.<br />' .
-			_('If you are using webERP outside New Zealand error trapping relevant to your country should be used');
+			_('if you are using KwaMoja outside New Zealand error trapping relevant to your country should be used');
 	return False;
 	exit;
 
@@ -216,7 +216,7 @@
 		if ($BankPrefix == '08'){
 			$CheckSum = $CheckSum + $DigitVal * 4;
 		} elseif ($BankPrefix == '09') {
-			If (($DigitVal * 5) > 9) {
+			if (($DigitVal * 5) > 9) {
 				$CheckSum = $CheckSum + (int) mb_substr((string)($DigitVal * 5),0,1) + (int) mb_substr((string)($DigitVal * 5),mb_strlen((string)($DigitVal *5))-1, 1);
 			} else {
 				$CheckSum = $CheckSum + $DigitVal * 5;
@@ -260,7 +260,7 @@
 
 	case 13:
 		if ($BankPrefix == '09') {
-			If (($DigitVal * 2) > 9) {
+			if (($DigitVal * 2) > 9) {
 				$CheckSum = $CheckSum + (int) mb_substr(($DigitVal * 2),0,1) + (int) mb_substr(($DigitVal * 2),mb_strlen($DigitVal * 2)-1, 1);
 			} else {
 				$CheckSum = $CheckSum + $DigitVal * 2;
@@ -291,7 +291,7 @@
 		}
 	}
 
-} //End Function
+} //End function
 
 
 if (isset($_GET['SupplierID'])){
@@ -302,14 +302,14 @@
 	unset($SupplierID);
 }
 
-echo '<p class="page_title_text"><img src="'.$RootPath.'/css/'.$Theme.'/images/supplier.png" title="' . _('Search') . '" alt="" />' . ' ' . _('Suppliers') . '</p>';
+echo '<p class="page_title_text noPrint" ><img src="'.$RootPath.'/css/'.$Theme.'/images/supplier.png" title="' . _('Search') . '" alt="" />' . ' ' . _('Suppliers') . '</p>';
 
 $InputError = 0;
 
 if (isset($Errors)) {
 	unset($Errors);
 }
-$Errors=Array();
+$Errors=array();
 if (isset($_POST['submit'])) {
 
 	//initialise no input errors assumed initially before we test
@@ -328,8 +328,8 @@
 		$i++;
 	}
 	if (mb_strlen($_POST['SuppName']) > 40
-		OR mb_strlen($_POST['SuppName']) == 0
-		OR $_POST['SuppName'] == '') {
+		or mb_strlen($_POST['SuppName']) == 0
+		or $_POST['SuppName'] == '') {
 
 		$InputError = 1;
 		prnMsg(_('The supplier name must be entered and be forty characters or less long'),'error');
@@ -342,12 +342,12 @@
 		$Errors[$i]='ID';
 		$i++;
 	}
-	if (ContainsIllegalCharacters($SupplierID)) {
-		$InputError = 1;
-		prnMsg(_('The supplier code cannot contain any of the illegal characters') ,'error');
-		$Errors[$i]='ID';
-		$i++;
-	}
+//	if (ContainsIllegalCharacters($SupplierID)) {
+//		$InputError = 1;
+//		prnMsg(_('The supplier code cannot contain any of the illegal characters') ,'error');
+//		$Errors[$i]='ID';
+//		$i++;
+//	}
 	if (mb_strlen($_POST['Phone']) >25) {
 		$InputError = 1;
 		prnMsg(_('The telephone number must be 25 characters or less long'),'error');
@@ -366,7 +366,7 @@
 		$Errors[$i] = 'Email';
 		$i++;
 	}
-	if (mb_strlen($_POST['Email'])>0 AND !IsEmailAddress($_POST['Email'])) {
+	if (mb_strlen($_POST['Email'])>0 and !IsEmailAddress($_POST['Email'])) {
 		$InputError = 1;
 		prnMsg(_('The email address is not correctly formed'),'error');
 		$Errors[$i] = 'Email';
@@ -411,7 +411,7 @@
 			define('KEY', $api_key);
 			// check that some sane values are setup already in geocode tables, if not skip the geocoding but add the record anyway.
 			if ($map_host=="") {
-			echo '<div class="warn">' . _('Warning - Geocode Integration is enabled, but no hosts are setup.  Go to Geocode Setup') . '</div>';
+				echo '<div class="warn">' . _('Warning - Geocode Integration is enabled, but no hosts are setup.  Go to Geocode Setup') . '</div>';
 			} else {
 			$address = $_POST['Address1'] . ', ' . $_POST['Address2'] . ', ' . $_POST['Address3'] . ', ' . $_POST['Address4'] . ', ' . $_POST['Address5']. ', ' . $_POST['Address6'];
 
@@ -608,7 +608,7 @@
 
 	}
 
-} elseif (isset($_POST['delete']) AND $_POST['delete'] != '') {
+} elseif (isset($_POST['delete']) and $_POST['delete'] != '') {
 
 //the link to delete a selected record was clicked instead of the submit button
 
@@ -657,10 +657,10 @@
 
 if (!isset($SupplierID)) {
 
-/*If the page was called without $SupplierID passed to page then assume a new supplier is to be entered show a form with a Supplier Code field other wise the form showing the fields with the existing entries against the supplier will show for editing with only a hidden SupplierID field*/
+/*if the page was called without $SupplierID passed to page then assume a new supplier is to be entered show a form with a Supplier Code field other wise the form showing the fields with the existing entries against the supplier will show for editing with only a hidden SupplierID field*/
 
-	echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '">';
-    echo '<div>';
+	echo '<form method="post" class="noPrint" action="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '">';
+	echo '<div>';
 	echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
 
 	echo '<input type="hidden" name="New" value="Yes" />';
@@ -692,9 +692,9 @@
 			<td>' . _('Country') . ':</td>
 			<td><select name="Address6">';
 	foreach ($CountriesArray as $CountryEntry => $CountryName){
-		if (isset($_POST['Address6']) AND ($_POST['Address6'] == $CountryName)){
+		if (isset($_POST['Address6']) and ($_POST['Address6'] == $CountryName)){
 			echo '<option selected="selected" value="' . $CountryName . '">' . $CountryName .'</option>';
-		}elseif (!isset($_POST['Address6']) AND $CountryName == "") {
+		}elseif (!isset($_POST['Address6']) and $CountryName == "") {
 			echo '<option selected="selected" value="' . $CountryName . '">' . $CountryName .'</option>';
 		} else {
 			echo '<option value="' . $CountryName . '">' . $CountryName .'</option>';
@@ -742,7 +742,7 @@
 		echo '<option value="'. $myrow['termsindicator'] . '">' . $myrow['terms'] .'</option>';
 	} //end while loop
 	DB_data_seek($result, 0);
-    echo '</select></td></tr>';
+	echo '</select></td></tr>';
 
 	$result=DB_query("SELECT id, coyname FROM factorcompanies", $db);
 
@@ -750,10 +750,10 @@
 			<td><select name="FactorID">';
 	echo '<option value="0">' . _('None') . '</option>';
 	while ($myrow = DB_fetch_array($result)) {
-		if (isset($_POST['FactorID']) AND $_POST['FactorID'] == $myrow['id']){
-		echo '<option selected="selected" value="' . $myrow['id'] . '">' . $myrow['coyname'] .'</option>';
+		if (isset($_POST['FactorID']) and $_POST['FactorID'] == $myrow['id']){
+			echo '<option selected="selected" value="' . $myrow['id'] . '">' . $myrow['coyname'] .'</option>';
 		} else {
-		echo '<option value="' . $myrow['id'] . '">' . $myrow['coyname'] .'</option>';
+			echo '<option value="' . $myrow['id'] . '">' . $myrow['coyname'] .'</option>';
 		}
 	} //end while loop
 	DB_data_seek($result, 0);
@@ -806,16 +806,16 @@
 	echo '</select></td></tr>
 		</table>
 		<br />
-        <div class="centre"><input type="submit" name="submit" value="' . _('Insert New Supplier') . '" /></div>';
+		<div class="centre"><input type="submit" name="submit" value="' . _('Insert New Supplier') . '" /></div>';
 	echo '</div>
-          </form>';
+		  </form>';
 
 } else {
 
 //SupplierID exists - either passed when calling the form or from the form itself
 
-	echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '">';
-    echo '<div>';
+	echo '<form method="post" class="noPrint" action="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '">';
+	echo '<div>';
 	echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
 	echo '<table class="selection">';
 
@@ -896,9 +896,9 @@
 			<td>' . _('Country') . ':</td>
 			<td><select name="Address6">';
 	foreach ($CountriesArray as $CountryEntry => $CountryName){
-		if (isset($_POST['Address6']) AND ($_POST['Address6'] == $CountryName)){
+		if (isset($_POST['Address6']) and ($_POST['Address6'] == $CountryName)){
 			echo '<option selected="selected" value="' . $CountryName . '">' . $CountryName .'</option>';
-		}elseif (!isset($_POST['Address6']) AND $CountryName == "") {
+		}elseif (!isset($_POST['Address6']) and $CountryName == "") {
 			echo '<option selected="selected" value="' . $CountryName . '">' . $CountryName .'</option>';
 		} else {
 			echo '<option value="' . $CountryName . '">' . $CountryName .'</option>';
@@ -947,7 +947,7 @@
 		}
 	} //end while loop
 	DB_data_seek($result, 0);
-    echo '</select></td></tr>';
+	echo '</select></td></tr>';
 
 	$result=DB_query("SELECT id, coyname FROM factorcompanies", $db);
 
@@ -962,7 +962,7 @@
 		}
 	} //end while loop
 	DB_data_seek($result, 0);
-    echo '</select></td></tr>';
+	echo '</select></td></tr>';
 	echo '<tr><td>' . _('Tax Reference') . ':</td>
 			<td><input type="text" name="TaxRef" size="21" maxlength="20" value="' . $_POST['TaxRef'] .'" /></td></tr>';
 
@@ -1015,9 +1015,9 @@
 
 	if (isset($_POST['New'])) {
 		echo '<br />
-                <div class="centre">
-                     <input type="submit" name="submit" value="' . _('Add These New Supplier Details') . '" />
-                </div>';
+				<div class="centre">
+					 <input type="submit" name="submit" value="' . _('Add These New Supplier Details') . '" />
+				</div>';
 	} else {
 		echo '<br />
 				<div class="centre">
@@ -1030,11 +1030,11 @@
 			<div class="centre">
 				<input type="submit" name="delete" value="' . _('Delete Supplier') . '" onclick="return confirm(\'' . _('Are you sure you wish to delete this supplier?') . '\');" />';
 		echo '<br />
-			<a href="' . $RootPath . '/SupplierContacts.php?SupplierID=' . $SupplierID . '">' . _('Review Contact Details') . '</a>
+			<a href="' . $RootPath . '/SupplierContacts.php?SupplierID=' . urlencode($SupplierID) . '">' . _('Review Contact Details') . '</a>
 			</div>';
 	}
 	echo '</div>
-          </form>';
+		  </form>';
 } // end of main ifs
 
 include('includes/footer.inc');





[Web-erp-svn] SF.net SVN: web-erp:[5834] trunk

Accounting & Best Practice Business Administration System

[Web-erp-svn] SF.net SVN: web-erp:[5834] trunk