Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[6338] trunk
|
From: <dai...@us...> - 2013-09-28 05:10:50
|
Revision: 6338
http://sourceforge.net/p/web-erp/reponame/6338
Author: daintree
Date: 2013-09-28 05:10:46 +0000 (Sat, 28 Sep 2013)
Log Message:
-----------
trap illegal characters allowing other char sets
Modified Paths:
--------------
trunk/AccountGroups.php
trunk/BOMIndented.php
trunk/BOMListing.php
trunk/ConfirmDispatch_Invoice.php
trunk/Contracts.php
trunk/CounterReturns.php
trunk/CounterSales.php
trunk/CustomerReceipt.php
trunk/Customers.php
trunk/DebtorsAtPeriodEnd.php
trunk/DiscountCategories.php
trunk/FixedAssetCategories.php
trunk/FixedAssetLocations.php
trunk/GLAccounts.php
trunk/Locations.php
trunk/OutstandingGRNs.php
trunk/PcTypeTabs.php
trunk/PricesBasedOnMarkUp.php
trunk/PurchData.php
trunk/StockCategories.php
trunk/StockStatus.php
trunk/Stocks.php
trunk/SuppTransGLAnalysis.php
trunk/Suppliers.php
trunk/WWW_Users.php
trunk/doc/Change.log
trunk/includes/Login.php
trunk/includes/MainMenuLinksArray.php
trunk/includes/session.inc
trunk/javascripts/MiscFunctions.js
trunk/sql/mysql/upgrade4.11-4.12.sql
Added Paths:
-----------
trunk/PurchaseByPrefSupplier.php
trunk/Z_ImportPriceList.php
Modified: trunk/AccountGroups.php
===================================================================
--- trunk/AccountGroups.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/AccountGroups.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -401,7 +401,7 @@
}
echo '<tr>
<td>' . _('Account Group Name') . ':' . '</td>
- <td><input tabindex="1" autofocus="autofocus" required="required" pattern="[a-zA-Z0-9_\-\ ]*" placeholder="' . _('Enter the account group name') . '" ' . (in_array('GroupName',$Errors) ? '"class=inputerror"' : '' ) . ' type="text" name="GroupName" size="30" minlength="3" maxlength="30" value="' . $_POST['GroupName'] . '" title="' . _('A unique name for the account group must be entered - at least 3 characters long and less than 30 characters long. Only alpha numeric characters can be used.') . '" /></td>
+ <td><input tabindex="1" autofocus="autofocus" required="required" data-type="no-illegal-chars" placeholder="' . _('Enter the account group name') . '" ' . (in_array('GroupName',$Errors) ? '"class=inputerror"' : '' ) . ' type="text" name="GroupName" size="30" minlength="3" maxlength="30" value="' . $_POST['GroupName'] . '" title="' . _('A unique name for the account group must be entered - at least 3 characters long and less than 30 characters long. Only alpha numeric characters can be used.') . '" /></td>
</tr>
<tr>
<td>' . _('Parent Group') . ':' . '</td>
Modified: trunk/BOMIndented.php
===================================================================
--- trunk/BOMIndented.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/BOMIndented.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -251,7 +251,7 @@
<table class="selection">';
echo '<tr>
<td>' . _('Part') . ':</td>
- <td><input type="text" name="Part" autofocus="autofocus" required="required" pattern="[0-9a-zA-Z\-_]*" title="' . _('Enter the item code of parent item to list the bill of material for') . '" size="20" /></td>
+ <td><input type="text" name="Part" autofocus="autofocus" required="required" data-type="no-illegal-chars" title="' . _('Enter the item code of parent item to list the bill of material for') . '" size="20" /></td>
</tr>
<tr>
<td>' . _('Levels') . ':</td>
@@ -332,4 +332,4 @@
} // End of PrintHeader function
-?>
\ No newline at end of file
+?>
Modified: trunk/BOMListing.php
===================================================================
--- trunk/BOMListing.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/BOMListing.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -118,11 +118,11 @@
<table class="selection">';
echo '<tr><td>' . _('From Inventory Part Code') . ':' . '</td>
- <td><input tabindex="1" type="text" autofocus="autofocus" required="required" pattern="[0-9a-zA-Z\-_]*" title="' . _('Enter the lowest alpha code of parent bom items to list the bill of material for') . '" name="FromCriteria" size="20" maxlength="20" value="1" /></td>
+ <td><input tabindex="1" type="text" autofocus="autofocus" required="required" data-type="no-illegal-chars" title="' . _('Enter the lowest alpha code of parent bom items to list the bill of material for') . '" name="FromCriteria" size="20" maxlength="20" value="1" /></td>
</tr>';
echo '<tr><td>' . _('To Inventory Part Code') . ':' . '</td>
- <td><input tabindex="2" type="text" required="required" pattern="[0-9a-zA-Z\-_]*" title="' . _('Enter the end alpha numeric code of any parent bom items to list the bill of material for') . '" name="ToCriteria" size="20" maxlength="20" value="zzzzzzz" /></td>
+ <td><input tabindex="2" type="text" required="required"data-type="no-illegal-chars" title="' . _('Enter the end alpha numeric code of any parent bom items to list the bill of material for') . '" name="ToCriteria" size="20" maxlength="20" value="zzzzzzz" /></td>
</tr>';
@@ -135,4 +135,4 @@
} /*end of else not PrintPDF */
-?>
\ No newline at end of file
+?>
Modified: trunk/ConfirmDispatch_Invoice.php
===================================================================
--- trunk/ConfirmDispatch_Invoice.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/ConfirmDispatch_Invoice.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -1661,7 +1661,7 @@
$j++;
echo '<tr>
<td>' . _('Consignment Note Ref'). ':</td>
- <td><input tabindex="'.$j.'" type="text" pattern="[a-zA-Z0-9_\-\ ]*" title="' . _('Enter the consignment note reference to enable tracking of the delivery in the event of customer proof of delivery issues') . '" maxlength="15" size="15" name="Consignment" value="' . $_POST['Consignment'] . '" /></td>
+ <td><input tabindex="'.$j.'" type="text" data-type="no-illegal-chars" title="' . _('Enter the consignment note reference to enable tracking of the delivery in the event of customer proof of delivery issues') . '" maxlength="15" size="15" name="Consignment" value="' . $_POST['Consignment'] . '" /></td>
</tr>';
$j++;
echo '<tr>
Modified: trunk/Contracts.php
===================================================================
--- trunk/Contracts.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/Contracts.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -758,7 +758,7 @@
<td><input tabindex="1" type="text" name="CustKeywords" autofocus="autofocus" size="20" maxlength="25" /></td>
<td><h2><b>' . _('OR') . '</b></h2></td>
<td><h5>' . _('Part of the Customer Branch Code'). ':</h5></td>
- <td><input tabindex="2" type="text" name="CustCode" pattern="[a-zA-Z0-9_\-]*" title="' . _('Enter an extract of the customer code to search for. Customer codes can only contain alpha-numeric characters, underscore or hyphens') . '" size="15" maxlength="18" /></td>
+ <td><input tabindex="2" type="text" name="CustCode" data-type="no-illegal-chars" title="' . _('Enter an extract of the customer code to search for. Customer codes can only contain alpha-numeric characters, underscore or hyphens') . '" size="15" maxlength="18" /></td>
<td><h2><b>' . _('OR') . '</b></h2></td>
<td><h5>' . _('Part of the Branch Phone Number') . ':</h5></td>
<td><input tabindex="3" type="tel" name="CustPhone" size="15" maxlength="18" /></td>
@@ -841,10 +841,10 @@
<td>';
if ($_SESSION['Contract'.$identifier]->Status==0) {
/*Then the contract has not become an order yet and we can allow changes to the ContractRef */
- echo '<input type="text" name="ContractRef" autofocus="autofocus" required="required" size="21" title="' . _('Enter the contract reference. This reference will be used as the item code so no more than 20 alpha-numeric characters or underscore') . '" pattern="[a-zA-Z0-9_]*" maxlength="20" value="' . $_SESSION['Contract'.$identifier]->ContractRef . '" />';
+ echo '<input type="text" name="ContractRef" autofocus="autofocus" required="required" size="21" title="' . _('Enter the contract reference. This reference will be used as the item code so no more than 20 alpha-numeric characters or underscore') . '" data-type="no-illegal-chars" maxlength="20" value="' . $_SESSION['Contract'.$identifier]->ContractRef . '" />';
} else {
/*Just show the contract Ref - dont allow modification */
- echo '<input type="hidden" name="ContractRef" title="' . _('Enter the contract reference. This reference will be used as the item code so no more than 20 alpha-numeric characters or underscore') . '" pattern="[a-zA-Z0-9_]*" value="' . $_SESSION['Contract'.$identifier]->ContractRef . '" />' . $_SESSION['Contract'.$identifier]->ContractRef;
+ echo '<input type="hidden" name="ContractRef" title="' . _('Enter the contract reference. This reference will be used as the item code so no more than 20 alpha-numeric characters or underscore') . '" data-type="no-illegal-chars" value="' . $_SESSION['Contract'.$identifier]->ContractRef . '" />' . $_SESSION['Contract'.$identifier]->ContractRef;
}
echo '</td>
</tr>
@@ -1085,4 +1085,4 @@
} /*end of if customer selected and entering contract header*/
include('includes/footer.inc');
-?>
\ No newline at end of file
+?>
Modified: trunk/CounterReturns.php
===================================================================
--- trunk/CounterReturns.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/CounterReturns.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -1813,7 +1813,7 @@
echo '<tr class="OddTableRow">';
/* Do not display colum unless customer requires po line number by sales order line*/
- echo '<td><input type="text" name="part_' . $i . '" ' . ($i==1 ? 'autofocus="autofocus" ': '') . 'size="21" pattern="[a-zA-Z0-9_\-]*" title="' . _('Enter a part code to be returned. Part codes can contain any alpha-numeric characters underscore or hyphen.') . '" maxlength="20" /></td>
+ echo '<td><input type="text" name="part_' . $i . '" ' . ($i==1 ? 'autofocus="autofocus" ': '') . 'size="21" data-type="no-illegal-chars" title="' . _('Enter a part code to be returned. Part codes can contain any alpha-numeric characters underscore or hyphen.') . '" maxlength="20" /></td>
<td><input type="text" class="number" name="qty_' . $i . '" size="6" maxlength="6" />
<input type="hidden" class="date" name="ItemDue_' . $i . '" value="' . $ReturnDate . '" /></td>
</tr>';
Modified: trunk/CounterSales.php
===================================================================
--- trunk/CounterSales.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/CounterSales.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -2420,7 +2420,7 @@
echo '<tr class="OddTableRow">';
/* Do not display colum unless customer requires po line number by sales order line*/
- echo '<td><input type="text" name="part_' . $i . '"' . ($i==1 ? ' autofocus="autofocus"':'') . ' pattern="[a-zA-Z0-9_\-]*" title="' . _('Enter a part code to be sold. Part codes can contain any alpha-numeric characters underscore or hyphen.') . '"size="21" maxlength="20" /></td>
+ echo '<td><input type="text" name="part_' . $i . '"' . ($i==1 ? ' autofocus="autofocus"':'') . ' data-type="no-illegal-chars" title="' . _('Enter a part code to be sold. Part codes can contain any alpha-numeric characters underscore or hyphen.') . '"size="21" maxlength="20" /></td>
<td><input type="text" class="number" name="qty_' . $i . '" size="6" maxlength="6" />
<input type="hidden" class="date" name="ItemDue_' . $i . '" value="' . $DefaultDeliveryDate . '" /></td></tr>';
}
Modified: trunk/CustomerReceipt.php
===================================================================
--- trunk/CustomerReceipt.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/CustomerReceipt.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -846,7 +846,7 @@
}
echo '<tr>
<td>' . _('Receipt Exchange Rate') . ':</td>
- <td><input tabindex="4" type="text" name="ExRate" required="required" maxlength="10" size="12" pattern="[0-9\.,]*" class="number" value="' . locale_number_format($_SESSION['ReceiptBatch']->ExRate,6) . '" /></td>
+ <td><input tabindex="4" type="text" name="ExRate" required="required" maxlength="10" size="12" class="number" value="' . locale_number_format($_SESSION['ReceiptBatch']->ExRate,6) . '" /></td>
<td>' . $SuggestedExRateText . ' <i>' . _('The exchange rate between the currency of the bank account currency and the currency of the receipt') . '. 1 ' . $_SESSION['ReceiptBatch']->AccountCurrency . ' = ? ' . $_SESSION['ReceiptBatch']->Currency . '</i></td>
</tr>';
}
@@ -1128,7 +1128,7 @@
<td><input tabindex="9" type="text" name="Keywords" size="15" maxlength="25" /></td>
<td><b>' . _('OR') . '</b></td>
<td>' . _('Text extract in the Customer') . ' ' . '<b>' . _('code') . '</b>:</td>
- <td><input tabindex="10" type="text" name="CustCode" pattern="[0-9a-zA-Z_]*" title="' . _('Enter an extract of the customer code to search for. Customer codes can contain any alpha-numeric character or underscore') . '" size="10" maxlength="18" /></td>
+ <td><input tabindex="10" type="text" name="CustCode" data-type="no-illegal-chars" title="' . _('Enter an extract of the customer code to search for. Customer codes can contain any alpha-numeric character or underscore') . '" size="10" maxlength="18" /></td>
<td><b>' . _('OR') . '</b></td>
<td>' . _('Customer invoice number') . ':</td>
<td><input tabindex="11" type="text" name="CustInvNo" class="integer" size="8" maxlength="8" /></td>
Modified: trunk/Customers.php
===================================================================
--- trunk/Customers.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/Customers.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -747,7 +747,7 @@
if ($_SESSION['AutoDebtorNo']== 0 ) {
echo '<tr>
<td>' . _('Customer Code') . ':</td>
- <td><input ' . (in_array('DebtorNo',$Errors) ? 'class="inputerror"' : '' ) .' type="text" name="DebtorNo" required="required" pattern=[0-9a-zA-Z_]*" title="' . _('The customer code can be up to 10 alpha-numeric characters long or underscore') . '" value="' . $DebtorNo . '" size="12" maxlength="10" /></td></tr>';
+ <td><input ' . (in_array('DebtorNo',$Errors) ? 'class="inputerror"' : '' ) .' type="text" name="DebtorNo" required="required" data-type="no-illegal-chars" title="' . _('The customer code can be up to 10 alpha-numeric characters long or underscore') . '" value="' . $DebtorNo . '" size="12" maxlength="10" /></td></tr>';
}
}
if (isset($_GET['Modify'])) {
Modified: trunk/DebtorsAtPeriodEnd.php
===================================================================
--- trunk/DebtorsAtPeriodEnd.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/DebtorsAtPeriodEnd.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -140,11 +140,11 @@
echo '<table class="selection">';
echo '<tr>
<td>' . _('From Customer Code') .':</td>
- <td><input tabindex="1" type="text" maxlength="10" size="8" name="FromCriteria" required="required" pattern="[0-9a-zA-Z_]*" title="' . _('Enter a portion of the code of first customer to report') . '" value="1" /></td>
+ <td><input tabindex="1" type="text" maxlength="10" size="8" name="FromCriteria" required="required" data-type="no-illegal-chars" title="' . _('Enter a portion of the code of first customer to report') . '" value="1" /></td>
</tr>
<tr>
<td>' . _('To Customer Code') . ':</td>
- <td><input tabindex="2" type="text" maxlength="10" size="8" name="ToCriteria" required="required" pattern="[0-9a-zA-Z_]*" title="' . _('Enter a portion of the code of last customer to report') . '" value="zzzzzz" /></td>
+ <td><input tabindex="2" type="text" maxlength="10" size="8" name="ToCriteria" required="required" data-type="no-illegal-chars" title="' . _('Enter a portion of the code of last customer to report') . '" value="zzzzzz" /></td>
</tr>
<tr>
<td>' . _('Balances As At') . ':</td>
@@ -173,4 +173,4 @@
include('includes/footer.inc');
} /*end of else not PrintPDF */
-?>
\ No newline at end of file
+?>
Modified: trunk/DiscountCategories.php
===================================================================
--- trunk/DiscountCategories.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/DiscountCategories.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -108,13 +108,13 @@
<td>';
if (isset($_POST['DiscCat'])) {
- echo '<input type="text" required="required" name="DiscountCategory" pattern="[0-9a-zA-Z_]*" title="' . _('Enter the discount category up to 2 alpha-numeric characters') . '" maxlength="2" size="2" value="' . $_POST['DiscCat'] .'" /></td>
+ echo '<input type="text" required="required" name="DiscountCategory" data-type="no-illegal-chars" title="' . _('Enter the discount category up to 2 alpha-numeric characters') . '" maxlength="2" size="2" value="' . $_POST['DiscCat'] .'" /></td>
<td>' . _('OR') . '</td>
<td></td>
<td>' . _('OR') . '</td>
</tr>';
} else {
- echo '<input type="text" name="DiscountCategory" required="required" name="DiscountCategory" pattern="[0-9a-zA-Z_]*" title="' . _('Enter the discount category up to 2 alpha-numeric characters') . '" maxlength="2" size="2" /></td>
+ echo '<input type="text" name="DiscountCategory" required="required" name="DiscountCategory" data-type="no-illegal-chars" title="' . _('Enter the discount category up to 2 alpha-numeric characters') . '" maxlength="2" size="2" /></td>
<td>' ._('OR') . '</td>
<td></td>
<td>' . _('OR') . '</td>
@@ -132,9 +132,9 @@
}
echo '<tr>
<td>' . _('Enter Stock Code') .':</td>
- <td><input type="text" name="StockID" name="DiscountCategory" pattern="[0-9a-zA-Z_]*" title="' . _('Enter the stock code of the item in this discount category up to 20 alpha-numeric characters') . '" size="20" maxlength="20" value="' . $_POST['StockID'] . '" /></td>
+ <td><input type="text" name="StockID" name="DiscountCategory" data-type="no-illegal-chars" title="' . _('Enter the stock code of the item in this discount category up to 20 alpha-numeric characters') . '" size="20" maxlength="20" value="' . $_POST['StockID'] . '" /></td>
<td>' . _('Partial code') . ':</td>
- <td><input type="text" name="PartID" pattern="[0-9a-zA-Z_]*" title="' . _('Enter a portion of the item code only alpha-numeric characters') . '" size="10" maxlength="10" value="' . $_POST['PartID'] . '" /></td>
+ <td><input type="text" name="PartID" data-type="no-illegal-chars" title="' . _('Enter a portion of the item code only alpha-numeric characters') . '" size="10" maxlength="10" value="' . $_POST['PartID'] . '" /></td>
<td>' . _('Partial description') . ':</td>
<td><input type="text" name="PartDesc" size="10" value="' . $_POST['PartDesc'] .'" maxlength="10" /></td>
<td><input type="submit" name="search" value="' . _('Search') .'" /></td>
@@ -167,7 +167,7 @@
echo '<table class="selection">
<tr>
<td>' . _('Assign discount category') . '</td>';
- echo '<td><input type="text" required="required" name="DiscountCategory" pattern="[0-9a-zA-Z_]*" title="' . _('Enter the discount category up to 2 alpha-numeric characters') . '" maxlength="2" size="2" /></td>';
+ echo '<td><input type="text" required="required" name="DiscountCategory" data-type="no-illegal-chars" title="' . _('Enter the discount category up to 2 alpha-numeric characters') . '" maxlength="2" size="2" /></td>';
echo '<td>' . _('to all items in stock category') . '</td>';
$sql = "SELECT categoryid,
categorydescription
@@ -264,4 +264,4 @@
}
include('includes/footer.inc');
-?>
\ No newline at end of file
+?>
Modified: trunk/FixedAssetCategories.php
===================================================================
--- trunk/FixedAssetCategories.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/FixedAssetCategories.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -252,7 +252,7 @@
echo '<table class="selection">
<tr>
<td>' . _('Category Code') . ':</td>
- <td><input type="text" name="CategoryID" required="required" title="' . _('Enter the asset category code. Up to 6 alpha-numeric characters are allowed') . '" pattern="[0-9a-zA-Z_]*" size="7" maxlength="6" value="' . $_POST['CategoryID'] . '" /></td>
+ <td><input type="text" name="CategoryID" required="required" title="' . _('Enter the asset category code. Up to 6 alpha-numeric characters are allowed') . '" data-type="no-illegal-chars" size="7" maxlength="6" value="' . $_POST['CategoryID'] . '" /></td>
</tr>';
}
@@ -353,4 +353,4 @@
</form>';
include('includes/footer.inc');
-?>
\ No newline at end of file
+?>
Modified: trunk/FixedAssetLocations.php
===================================================================
--- trunk/FixedAssetLocations.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/FixedAssetLocations.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -123,7 +123,7 @@
echo '<input type="hidden" name="LocationID" value="'.$LocationID.'" />';
echo '<td>' . $LocationID . '</td>';
} else {
- echo '<td><input type="text" name="LocationID" required="required" title="' . _('Enter the location code of the fixed asset location. Up to six alpha-numeric characters') . '" pattern="[0-9a-zA-Z_]*" size="6" value="'.$LocationID.'" /></td>
+ echo '<td><input type="text" name="LocationID" required="required" title="' . _('Enter the location code of the fixed asset location. Up to six alpha-numeric characters') . '" data-type="no-illegal-chars" size="6" value="'.$LocationID.'" /></td>
</tr>';
}
Modified: trunk/GLAccounts.php
===================================================================
--- trunk/GLAccounts.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/GLAccounts.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -232,7 +232,7 @@
echo '<table class="selection">';
echo '<tr>
<td>' . _('Account Code') . ':</td>
- <td><input type="text" name="AccountCode" required="required" autofocus="autofocus" pattern="[0-9a-zA-Z_-]*" title="' . _('Enter up to 20 alpha-numeric characters for the general ledger account code') . '" size="20" maxlength="20" /></td>
+ <td><input type="text" name="AccountCode" required="required" autofocus="autofocus" data-type="no-illegal-chars" title="' . _('Enter up to 20 alpha-numeric characters for the general ledger account code') . '" size="20" maxlength="20" /></td>
</tr>';
}
Modified: trunk/Locations.php
===================================================================
--- trunk/Locations.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/Locations.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -497,7 +497,7 @@
</tr>';
echo '<tr>
<td>' . _('Location Code') . ':</td>
- <td><input type="text" autofocus="autofocus" required="required" title="' . _('Enter up to five characters for the inventory location code') . '" pattern="[0-9a-zA-Z_]*" name="LocCode" value="' . $_POST['LocCode'] . '" size="5" maxlength="5" /></td>
+ <td><input type="text" autofocus="autofocus" required="required" title="' . _('Enter up to five characters for the inventory location code') . '" data-type="no-illegal-chars" name="LocCode" value="' . $_POST['LocCode'] . '" size="5" maxlength="5" /></td>
</tr>';
}
if (!isset($_POST['LocationName'])) {
@@ -604,11 +604,11 @@
</tr>
<tr>
<td>' . _('Default Counter Sales Customer Code') . ':' . '</td>
- <td><input type="text" name="CashSaleCustomer" pattern="[0-9a-zA-Z_]*" title="' . _('If counter sales are being used for this location then an existing customer account code needs to be entered here. All sales created from the counter sales will be recorded against this customer account') . '" value="' . $_POST['CashSaleCustomer'] . '" size="11" maxlength="10" /></td>
+ <td><input type="text" name="CashSaleCustomer" data-type="no-illegal-chars" title="' . _('If counter sales are being used for this location then an existing customer account code needs to be entered here. All sales created from the counter sales will be recorded against this customer account') . '" value="' . $_POST['CashSaleCustomer'] . '" size="11" maxlength="10" /></td>
</tr>
<tr>
<td>' . _('Counter Sales Branch Code') . ':' . '</td>
- <td><input type="text" name="CashSaleBranch" pattern="[0-9a-zA-Z_]*" title="' . _('If counter sales are being used for this location then an existing customer branch code for the customer account code entered above needs to be entered here. All sales created from the counter sales will be recorded against this branch') . '" value="' . $_POST['CashSaleBranch'] . '" size="11" maxlength="10" /></td>
+ <td><input type="text" name="CashSaleBranch" data-type="no-illegal-chars" title="' . _('If counter sales are being used for this location then an existing customer branch code for the customer account code entered above needs to be entered here. All sales created from the counter sales will be recorded against this branch') . '" value="' . $_POST['CashSaleBranch'] . '" size="11" maxlength="10" /></td>
</tr>';
echo '<tr>
<td>' . _('Allow internal requests?') . ':</td>
@@ -640,4 +640,4 @@
} //end if record deleted no point displaying form to add record
include('includes/footer.inc');
-?>
\ No newline at end of file
+?>
Modified: trunk/OutstandingGRNs.php
===================================================================
--- trunk/OutstandingGRNs.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/OutstandingGRNs.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -265,11 +265,11 @@
echo '<tr>
<td>' . _('From Supplier Code') . ':</td>
- <td><input type="text" name="FromCriteria" required="required" autofocus="autofocus" pattern="[0-9a-zA-Z]*" value="0" /></td>
+ <td><input type="text" name="FromCriteria" required="required" autofocus="autofocus" data-type="no-illegal-chars" value="0" /></td>
</tr>
<tr>
<td>' . _('To Supplier Code'). ':</td>
- <td><input type="text" name="ToCriteria" required="required" pattern="[0-9a-zA-Z]*" value="zzzzzzz" /></td>
+ <td><input type="text" name="ToCriteria" required="required" data-type="no-illegal-chars" value="zzzzzzz" /></td>
</tr>
</table>
<br />
@@ -284,4 +284,4 @@
} /*end of else not PrintPDF */
-?>
\ No newline at end of file
+?>
Modified: trunk/PcTypeTabs.php
===================================================================
--- trunk/PcTypeTabs.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/PcTypeTabs.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -234,7 +234,7 @@
echo '<table class="selection">
<tr>
<td>' . _('Code Of Type Of Tab') . ':</td>
- <td><input type="text" ' . (in_array('TypeTabCode',$Errors) ? 'class="inputerror"' : '' ) .' required="required" autofocus="autofocus" pattern="[0-9a-zA-Z_]*" name="TypeTabCode" title="' . _('Only alpha-numeric characters and the underscore character are allowed') . '" /></td>
+ <td><input type="text" ' . (in_array('TypeTabCode',$Errors) ? 'class="inputerror"' : '' ) .' required="required" autofocus="autofocus" data-type="no-illegal-chars" name="TypeTabCode" title="' . _('Only alpha-numeric characters and the underscore character are allowed') . '" size="20" maxlength="20" /></td>
</tr>';
}
@@ -259,4 +259,4 @@
} // end if user wish to delete
include('includes/footer.inc');
-?>
\ No newline at end of file
+?>
Modified: trunk/PricesBasedOnMarkUp.php
===================================================================
--- trunk/PricesBasedOnMarkUp.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/PricesBasedOnMarkUp.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -103,7 +103,7 @@
echo '<tr><td>' . _('Stock Category From') . ':</td>
<td><select name="StkCatFrom">';
-$sql = "SELECT categoryid, categorydescription FROM stockcategory";
+$sql = "SELECT categoryid, categorydescription FROM stockcategory ORDER BY categoryid";
$ErrMsg = _('The stock categories could not be retrieved because');
$DbgMsg = _('The SQL used to retrieve stock categories and failed was');
@@ -134,7 +134,7 @@
echo '</select></td></tr>';
if (!isset($_POST['RoundingFactor'])){
- $_POST['RoundingFactor']=1;
+ $_POST['RoundingFactor']=0.01;
}
if (!isset($_POST['PriceStartDate'])) {
@@ -145,21 +145,25 @@
$_POST['PriceEndDate']=DateAdd(date($_SESSION['DefaultDateFormat']), 'y', 1);
}
-echo '<tr><td>' . _('Rounding Factor') . ':</td>
- <td><input type="text" class="number" name="RoundingFactor" size="6" maxlength="6" value="' . $_POST['RoundingFactor'] . '" /></td></tr>';
+echo '<tr>
+ <td>' . _('Rounding Factor') . ':</td>
+ <td><input type="text" class="number" name="RoundingFactor" size="6" title="' . _('To round to the nearest cent enter 0.01. To round to the nearest whole dollar enter 1. To round to the nearest 5 dollars enter 5 etc') . '" maxlength="6" value="' . $_POST['RoundingFactor'] . '" /></td></tr>';
-echo '<tr><td>' . _('New Price To Be Effective From') . ':</td>
- <td><input type="text" class="date" alt="' . $_SESSION['DefaultDateFormat'] . '" name="PriceStartDate" size="10" maxlength="10" value="' . $_POST['PriceStartDate'] . '" /></td></tr>';
+echo '<tr>
+ <td>' . _('New Price To Be Effective From') . ':</td>
+ <td><input type="text" class="date" alt="' . $_SESSION['DefaultDateFormat'] . '" name="PriceStartDate" size="10" maxlength="10" value="' . $_POST['PriceStartDate'] . '" /></td></tr>';
-echo '<tr><td>' . _('New Price To Be Effective To (Blank = No End Date)') . ':</td>
- <td><input type="text" class="date" alt="' . $_SESSION['DefaultDateFormat'] . '" name="PriceEndDate" size="10" maxlength="10" value="' . $_POST['PriceEndDate'] . '" /></td></tr>';
+echo '<tr>
+ <td>' . _('New Price To Be Effective To (Blank = No End Date)') . ':</td>
+ <td><input type="text" class="date" alt="' . $_SESSION['DefaultDateFormat'] . '" name="PriceEndDate" size="10" maxlength="10" value="' . $_POST['PriceEndDate'] . '" /></td></tr>';
if (!isset($_POST['IncreasePercent'])){
$_POST['IncreasePercent']=0;
}
-echo '<tr><td>' . _('Percentage Increase (positive) or decrease (negative)') . '</td>
- <td><input type="text" name="IncreasePercent" class="number" size="4" maxlength="4" value="' . $_POST['IncreasePercent'] . '" /></td></tr></table>';
+echo '<tr>
+ <td>' . _('Percentage Increase (positive) or decrease (negative)') . '</td>
+ <td><input type="text" name="IncreasePercent" class="number" size="4" maxlength="4" value="' . $_POST['IncreasePercent'] . '" /></td></tr></table>';
echo '<br /><div class="centre"><input type="submit" name="UpdatePrices" value="' . _('Update Prices') . '" onclick="return confirm(\'' . _('Are you sure you wish to update or add all the prices according to the criteria selected?') . '\');" /></div>';
@@ -358,4 +362,4 @@
}
}
include('includes/footer.inc');
-?>
\ No newline at end of file
+?>
Modified: trunk/PurchData.php
===================================================================
--- trunk/PurchData.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/PurchData.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -382,7 +382,7 @@
<td><input type="text" name="Keywords" size="20" maxlength="25" /></td>
<td><b>' . _('OR') . '</b></td>
<td>' . _('Text in Supplier') . ' <b>' . _('CODE') . '</b>:</td>
- <td><input type="text" name="SupplierCode" pattern="[0-9a-zA-Z_\-]*" size="20" maxlength="50" /></td>
+ <td><input type="text" name="SupplierCode" data-type="no-illegal-chars" size="20" maxlength="50" /></td>
</tr>
</table>
<br />
Added: trunk/PurchaseByPrefSupplier.php
===================================================================
--- trunk/PurchaseByPrefSupplier.php (rev 0)
+++ trunk/PurchaseByPrefSupplier.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -0,0 +1,575 @@
+<?php
+
+/* $Id: PrefSupplierOrdering.php 5785 2012-12-29 04:47:42Z daintree $ */
+
+include('includes/session.inc');
+$Title=_('Preferred Supplier Purchasing');
+include('includes/header.inc');
+
+if (isset($_POST['CreatePO']) AND isset($_POST['Supplier'])){
+ include('includes/SQL_CommonFunctions.inc');
+ $InputError =0; //Always hope for the best
+
+ //Make an array of the Items to purchase
+ $PurchItems = array();
+ $OrderValue =0;
+ foreach ($_POST as $FormVariable => $Quantity) {
+ if (mb_strpos($FormVariable,'OrderQty')!==false) {
+ if ($Quantity > 0) {
+ $StockID = $_POST['StockID' . mb_substr($FormVariable,8)];
+ $PurchItems[$StockID]['Quantity'] = filter_number_format($Quantity);
+
+ $sql = "SELECT description,
+ units,
+ stockact
+ FROM stockmaster INNER JOIN stockcategory
+ ON stockcategory.categoryid = stockmaster.categoryid
+ WHERE stockmaster.stockid = '". $StockID . "'";
+
+ $ErrMsg = _('The item details for') . ' ' . $StockID . ' ' . _('could not be retrieved because');
+ $DbgMsg = _('The SQL used to retrieve the item details but failed was');
+ $ItemResult = DB_query($sql,$db,$ErrMsg,$DbgMsg);
+ if (DB_num_rows($ItemResult)==1){
+ $ItemRow = DB_fetch_array($ItemResult);
+
+ $sql = "SELECT price,
+ conversionfactor,
+ supplierdescription,
+ suppliersuom,
+ suppliers_partno,
+ leadtime,
+ MAX(purchdata.effectivefrom) AS latesteffectivefrom
+ FROM purchdata
+ WHERE purchdata.supplierno = '" . $_POST['Supplier'] . "'
+ AND purchdata.effectivefrom <='" . Date('Y-m-d') . "'
+ AND purchdata.stockid = '". $StockID . "'
+ GROUP BY purchdata.price,
+ purchdata.conversionfactor,
+ purchdata.supplierdescription,
+ purchdata.suppliersuom,
+ purchdata.suppliers_partno,
+ purchdata.leadtime
+ ORDER BY latesteffectivefrom DESC";
+
+ $ErrMsg = _('The purchasing data for') . ' ' . $StockID . ' ' . _('could not be retrieved because');
+ $DbgMsg = _('The SQL used to retrieve the purchasing data but failed was');
+ $PurchDataResult = DB_query($sql,$db,$ErrMsg,$DbgMsg);
+ if (DB_num_rows($PurchDataResult)>0){ //the purchasing data is set up
+ $PurchRow = DB_fetch_array($PurchDataResult);
+
+ /* Now to get the applicable discounts */
+ $sql = "SELECT discountpercent,
+ discountamount
+ FROM supplierdiscounts
+ WHERE supplierno= '" . $_POST['Supplier'] . "'
+ AND effectivefrom <='" . Date('Y-m-d') . "'
+ AND (effectiveto >='" . Date('Y-m-d') . "'
+ OR effectiveto ='0000-00-00')
+ AND stockid = '". $StockID . "'";
+
+ $ItemDiscountPercent = 0;
+ $ItemDiscountAmount = 0;
+ $ErrMsg = _('Could not retrieve the supplier discounts applicable to the item');
+ $DbgMsg = _('The SQL used to retrive the supplier discounts that failed was');
+ $DiscountResult = DB_query($sql,$db,$ErrMsg,$DbgMsg);
+ while ($DiscountRow = DB_fetch_array($DiscountResult)) {
+ $ItemDiscountPercent += $DiscountRow['discountpercent'];
+ $ItemDiscountAmount += $DiscountRow['discountamount'];
+ }
+ if ($ItemDiscountPercent != 0) {
+ prnMsg(_('Taken accumulated supplier percentage discounts of') . ' ' . locale_number_format($ItemDiscountPercent*100,2) . '%','info');
+ }
+ $PurchItems[$StockID]['Price'] = ($PurchRow['price']*(1-$ItemDiscountPercent) - $ItemDiscountAmount)/$PurchRow['conversionfactor'];
+ $PurchItems[$StockID]['ConversionFactor'] = $PurchRow['conversionfactor'];
+ $PurchItems[$StockID]['GLCode'] = $ItemRow['stockact'];
+
+ $PurchItems[$StockID]['SupplierDescription'] = $PurchRow['suppliers_partno'] .' - ';
+ if (mb_strlen($PurchRow['supplierdescription'])>2){
+ $PurchItems[$StockID]['SupplierDescription'] .= $PurchRow['supplierdescription'];
+ } else {
+ $PurchItems[$StockID]['SupplierDescription'] .= $ItemRow['description'];
+ }
+ $PurchItems[$StockID]['UnitOfMeasure'] = $PurchRow['suppliersuom'];
+ $PurchItems[$StockID]['SuppliersPartNo'] = $PurchRow['suppliers_partno'];
+ $LeadTime = $PurchRow['leadtime'];
+ /* Work out the delivery date based on today + lead time */
+ $PurchItems[$StockID]['DeliveryDate'] = DateAdd(Date($_SESSION['DefaultDateFormat']),'d',$LeadTime);
+ } else { // no purchasing data setup
+ $PurchItems[$StockID]['Price'] = 0;
+ $PurchItems[$StockID]['ConversionFactor'] = 1;
+ $PurchItems[$StockID]['SupplierDescription'] = $ItemRow['description'];
+ $PurchItems[$StockID]['UnitOfMeasure'] = $ItemRow['units'];
+ $PurchItems[$StockID]['SuppliersPartNo'] = 'each';
+ $LeadTime = 1;
+ $PurchItems[$StockID]['DeliveryDate'] = Date($_SESSION['DefaultDateFormat']);
+ }
+ $OrderValue += $PurchItems[$StockID]['Quantity']*$PurchItems[$StockID]['Price'];
+ } else { //item could not be found
+ $InputError =1;
+ prnmsg(_('An item where a quantity was entered could not be retrieved from the database. The order cannot proceed. The item code was:') . ' ' . $StockID,'error');
+ }
+ } //end if the quantity entered into the form is positive
+ } //end if the form variable name is OrderQtyXXX
+ }//end loop around the form variables
+
+ if ($InputError==0) { //only if all continues smoothly
+
+ $sql = "SELECT suppliers.suppname,
+ suppliers.currcode,
+ currencies.decimalplaces,
+ currencies.rate,
+ suppliers.paymentterms,
+ suppliers.address1,
+ suppliers.address2,
+ suppliers.address3,
+ suppliers.address4,
+ suppliers.address5,
+ suppliers.address6,
+ suppliers.telephone
+ FROM suppliers INNER JOIN currencies
+ ON suppliers.currcode=currencies.currabrev
+ WHERE supplierid='" . $_POST['Supplier'] . "'";
+ $SupplierResult = DB_query($sql, $db);
+ $SupplierRow = DB_fetch_array($SupplierResult);
+
+ $sql = "SELECT deladd1,
+ deladd2,
+ deladd3,
+ deladd4,
+ deladd5,
+ deladd6,
+ tel,
+ contact
+ FROM locations
+ WHERE loccode='" . $_SESSION['UserStockLocation'] . "'";
+ $LocnAddrResult = DB_query($sql, $db);
+ if (DB_num_rows($LocnAddrResult) == 1) {
+ $LocnRow = DB_fetch_array($LocnAddrResult);
+ } else {
+ prnMsg(_('Your default inventory location is set to a non-existant inventory location. This purchase order cannot proceed'), 'error');
+ $InputError =1;
+ }
+ if (IsEmailAddress($_SESSION['UserEmail'])){
+ $UserDetails = ' <a href="mailto:' . $_SESSION['UserEmail'] . '">' . $_SESSION['UsersRealName']. '</a>';
+ } else {
+ $UserDetails = ' ' . $_SESSION['UsersRealName'] . ' ';
+ }
+ if ($_SESSION['AutoAuthorisePO']==1) {
+ //if the user has authority to authorise the PO then it will automatically be authorised
+ $AuthSQL ="SELECT authlevel
+ FROM purchorderauth
+ WHERE userid='" . $_SESSION['UserID'] . "'
+ AND currabrev='" . $SupplierRow['currcode'] ."'";
+
+ $AuthResult=DB_query($AuthSQL,$db);
+ $AuthRow=DB_fetch_array($AuthResult);
+
+ if (DB_num_rows($AuthResult) > 0 AND $AuthRow['authlevel'] > $OrderValue) { //user has authority to authrorise as well as create the order
+ $StatusComment=date($_SESSION['DefaultDateFormat']).' - ' . _('Order Created and Authorised by') . $UserDetails;
+ $AllowPrintPO=1;
+ $Status = 'Authorised';
+ } else { // no authority to authorise this order
+ if (DB_num_rows($AuthResult) ==0){
+ $AuthMessage = _('Your authority to approve purchase orders in') . ' ' . $SupplierRow['currcode'] . ' ' . _('has not yet been set up') . '<br />';
+ } else {
+ $AuthMessage = _('You can only authorise up to') . ' ' . $SupplierRow['currcode'] . ' '.$AuthRow['authlevel'] .'.<br />';
+ }
+
+ prnMsg( _('You do not have permission to authorise this purchase order').'.<br />' . _('This order is for') . ' ' . $SupplierRow['currcode'] . ' '. $OrderValue . ' ' .
+ $AuthMessage .
+ _('If you think this is a mistake please contact the systems administrator') . '<br />'.
+ _('The order will be created with a status of pending and will require authorisation'), 'warn');
+
+ $AllowPrintPO=0;
+ $StatusComment=date($_SESSION['DefaultDateFormat']).' - ' . _('Order Created by') . ' ' . $UserDetails;
+ $Status = 'Pending';
+ }
+ } else { //auto authorise is set to off
+ $AllowPrintPO=0;
+ $StatusComment=date($_SESSION['DefaultDateFormat']).' - ' . _('Order Created by') . ' ' . $UserDetails;
+ $Status = 'Pending';
+ }
+
+ /*Get the order number */
+ $OrderNo = GetNextTransNo(18, $db);
+
+ /*Insert to purchase order header record */
+ $sql = "INSERT INTO purchorders ( orderno,
+ supplierno,
+ orddate,
+ rate,
+ initiator,
+ intostocklocation,
+ deladd1,
+ deladd2,
+ deladd3,
+ deladd4,
+ deladd5,
+ deladd6,
+ tel,
+ suppdeladdress1,
+ suppdeladdress2,
+ suppdeladdress3,
+ suppdeladdress4,
+ suppdeladdress5,
+ suppdeladdress6,
+ supptel,
+ contact,
+ revised,
+ deliveryby,
+ status,
+ stat_comment,
+ deliverydate,
+ paymentterms,
+ allowprint)
+ VALUES( '" . $OrderNo . "',
+ '" . $_POST['Supplier'] . "',
+ '" . Date('Y-m-d') . "',
+ '" . $SupplierRow['rate'] . "',
+ '" . $_SESSION['UserID'] . "',
+ '" . $_SESSION['UserStockLocation'] . "',
+ '" . $LocnRow['deladd1'] . "',
+ '" . $LocnRow['deladd2'] . "',
+ '" . $LocnRow['deladd3'] . "',
+ '" . $LocnRow['deladd4'] . "',
+ '" . $LocnRow['deladd5'] . "',
+ '" . $LocnRow['deladd6'] . "',
+ '" . $LocnRow['tel'] . "',
+ '" . $SupplierRow['address1'] . "',
+ '" . $SupplierRow['address2'] . "',
+ '" . $SupplierRow['address3'] . "',
+ '" . $SupplierRow['address4'] . "',
+ '" . $SupplierRow['address5'] . "',
+ '" . $SupplierRow['address6'] . "',
+ '" . $SupplierRow['telephone']. "',
+ '" . $LocnRow['contact'] . "',
+ '" . Date('Y-m-d') . "',
+ '" . Date('Y-m-d',mktime(0,0,0,Date('m'),Date('d')+1,Date('Y'))) . "',
+ '" . $Status . "',
+ '" . htmlspecialchars($StatusComment,ENT_QUOTES,'UTF-8') . "',
+ '" . Date('Y-m-d',mktime(0,0,0,Date('m'),Date('d')+1,Date('Y'))) . "',
+ '" . $SupplierRow['paymentterms'] . "',
+ '" . $AllowPrintPO . "' )";
+
+ $ErrMsg = _('The purchase order header record could not be inserted into the database because');
+ $DbgMsg = _('The SQL statement used to insert the purchase order header record and failed was');
+ $result = DB_query($sql,$db,$ErrMsg,$DbgMsg,true);
+
+ /*Insert the purchase order detail records */
+ foreach ($PurchItems as $StockID=>$POLine) {
+
+ //print_r($POLine);
+
+ $sql = "INSERT INTO purchorderdetails (orderno,
+ itemcode,
+ deliverydate,
+ itemdescription,
+ glcode,
+ unitprice,
+ quantityord,
+ shiptref,
+ jobref,
+ suppliersunit,
+ suppliers_partno,
+ assetid,
+ conversionfactor )
+ VALUES ('" . $OrderNo . "',
+ '" . $StockID . "',
+ '" . FormatDateForSQL($POLine['DeliveryDate']) . "',
+ '" . DB_escape_string($POLine['SupplierDescription']) . "',
+ '" . $POLine['GLCode'] . "',
+ '" . $POLine['Price'] . "',
+ '" . $POLine['Quantity'] . "',
+ '0',
+ '0',
+ '" . $POLine['UnitOfMeasure'] . "',
+ '" . $POLine['SuppliersPartNo'] . "',
+ '0',
+ '" . $POLine['ConversionFactor'] . "')";
+ $ErrMsg =_('One of the purchase order detail records could not be inserted into the database because');
+ $DbgMsg =_('The SQL statement used to insert the purchase order detail record and failed was');
+
+ $result =DB_query($sql,$db,$ErrMsg,$DbgMsg,true);
+ } /* end of the loop round the detail line items on the order */
+ echo '<p />';
+ prnMsg(_('Purchase Order') . ' ' . $OrderNo . ' ' . _('has been created.') . ' ' . _('Total order value of') . ': ' . locale_number_format($OrderValue,$SupplierRow['decimalplaces']) . ' ' . $SupplierRow['currcode'] ,'success');
+ echo '<br /><a href="' . $RootPath . '/PO_PDFPurchOrder.php?OrderNo=' . $OrderNo . '">' . _('Print Order') . '</a>
+ <br /><a href="' . $RootPath . '/PO_Header.php?ModifyOrderNumber=' . $OrderNo . '">' . _('Edit Order') . '</a>';
+ exit;
+ } else {
+ prnMsg(_('Unable to create the order'),'error');
+ }
+}
+
+
+echo '<p class="page_title_text"><img src="'.$RootPath.'/css/'.$Theme.'/images/inventory.png" title="' . _('Search') . '" alt="" />' . ' ' . $Title.'</p><br />
+ <form id="SupplierPurchasing" action="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '" method="post">
+ <div>
+ <input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />
+ <table class="selection">
+ <tr>
+ <td>' . _('For Supplier') . ':</td>
+ <td><select name="Supplier">';
+
+$sql = "SELECT supplierid, suppname FROM suppliers WHERE supptype<>7 ORDER BY suppname";
+$SuppResult=DB_query($sql,$db);
+
+echo '<option value="">' . _('Not Yet Selected') . '</option>';
+
+while ($myrow=DB_fetch_array($SuppResult)){
+ if (isset($_POST['Supplier']) AND $_POST['Supplier']==$myrow['supplierid']){
+ echo '<option selected="selected" value="' . $myrow['supplierid'] . '">' . $myrow['suppname'] . '</option>';
+ } else {
+ echo '<option value="' . $myrow['supplierid'] . '">' . $myrow['suppname'] . '</option>';
+ }
+}
+echo '</select></td></tr>';
+
+/*
+echo '<tr>
+ <td>' . _('Months Buffer Stock to Hold') . ':</td>
+ <td><select name="NumberMonthsHolding">';
+
+if (!isset($_POST['NumberMonthsHolding'])){
+ $_POST['NumberMonthsHolding']=1;
+}
+if ($_POST['NumberMonthsHolding']==0.5){
+ echo '<option selected="selected" value="0.5">' . _('Two Weeks') . '</option>';
+} else {
+ echo '<option value="0.5">' . _('Two Weeks') . '</option>';
+}
+if ($_POST['NumberMonthsHolding']==1){
+ echo '<option selected="selected" value="1">' . _('One Month') . '</option>';
+} else {
+ echo '<option selected="selected" value="1">' . _('One Month') . '</option>';
+}
+if ($_POST['NumberMonthsHolding']==1.5){
+ echo '<option selected="selected" value="1.5">' . _('Six Weeks') . '</option>';
+} else {
+ echo '<option value="1.5">' . _('Six Weeks') . '</option>';
+}
+if ($_POST['NumberMonthsHolding']==2){
+ echo '<option selected="selected" value="2">' . _('Two Months') . '</option>';
+} else {
+ echo '<option value="2">' . _('Two Months') . '</option>';
+}
+echo '</select></td>
+ </tr>';
+*/
+echo '</table>
+ <br />
+ <div class="centre">
+ <input type="submit" name="ShowItems" value="' . _('Show Items') . '" />
+ </div>';
+
+if (isset($_POST['Supplier']) AND isset($_POST['ShowItems']) AND $_POST['Supplier']!=''){
+
+ $SQL = "SELECT stockmaster.description,
+ stockmaster.eoq,
+ stockmaster.decimalplaces,
+ locstock.stockid,
+ purchdata.supplierno,
+ suppliers.suppname,
+ purchdata.leadtime/30 AS monthsleadtime,
+ locstock.bin,
+ SUM(locstock.quantity) AS qoh
+ FROM locstock,
+ stockmaster,
+ purchdata,
+ suppliers
+ WHERE locstock.stockid=stockmaster.stockid
+ AND purchdata.supplierno=suppliers.supplierid
+ AND (stockmaster.mbflag='B' OR stockmaster.mbflag='M')
+ AND purchdata.stockid=stockmaster.stockid
+ AND purchdata.preferred=1
+ AND purchdata.supplierno='" . $_POST['Supplier'] . "'
+ AND locstock.loccode='" . $_SESSION['UserStockLocation'] . "'
+ GROUP BY
+ purchdata.supplierno,
+ stockmaster.description,
+ stockmaster.eoq,
+ locstock.stockid
+ ORDER BY purchdata.supplierno,
+ stockmaster.stockid";
+
+ $ItemsResult = DB_query($SQL, $db, '', '', false, false);
+ $ListCount = DB_num_rows($ItemsResult);
+
+ if (DB_error_no($db) !=0) {
+ $Title = _('Supplier Ordering') . ' - ' . _('Problem Report') . '....';
+ include('includes/header.inc');
+ prnMsg(_('The supplier inventory quantities could not be retrieved by the SQL because') . ' - ' . DB_error_msg($db),'error');
+ echo '<br /><a href="' .$RootPath .'/index.php">' . _('Back to the menu') . '</a>';
+ if ($debug==1){
+ echo '<br />' . $SQL;
+ }
+ include('includes/footer.inc');
+ exit;
+ } else {
+ //head up a new table
+ echo '<table>
+ <tr>
+ <th class="ascending">' . _('Item Code') . '</th>
+ <th class="ascending">' . _('Item Description') . '</th>
+ <th class="ascending">' . _('Bin') . '</th>
+ <th class="ascending">' . _('On Hand') . '</th>
+ <th class="ascending">' . _('Demand') . '</th>
+ <th class="ascending">' . _('Supp Ords') . '</th>
+ <th class="ascending">' . _('Previous') . '<br />' ._('Month') . '</th>
+ <th class="ascending">' . _('Last') . '<br />' ._('Month') . '</th>
+ <th class="ascending">' . _('Week') . '<br />' ._('3') . '</th>
+ <th class="ascending">' . _('Week') . '<br />' ._('2') . '</th>
+ <th class="ascending">' . _('Last') . '<br />' ._('Week') . '</th>
+ <th>' . _('Order Qty') . '</th>
+ </tr>';
+
+ $i=0;
+
+ while ($ItemRow = DB_fetch_array($ItemsResult,$db)){
+
+
+ $SQL = "SELECT SUM(CASE WHEN (trandate>='" . Date('Y-m-d',mktime(0,0,0, date('m')-2, date('d'), date('Y'))) . "' AND
+ trandate<='" . Date('Y-m-d',mktime(0,0,0, date('m')-1, date('d'), date('Y'))) . "') THEN -qty ELSE 0 END) AS previousmonth,
+ SUM(CASE WHEN (trandate>='" . Date('Y-m-d',mktime(0,0,0, date('m')-1, date('d'), date('Y'))) . "' AND
+ trandate<='" . Date('Y-m-d') . "') THEN -qty ELSE 0 END) AS lastmonth,
+ SUM(CASE WHEN (trandate>='" . Date('Y-m-d',mktime(0,0,0, date('m'), date('d')-(3*7), date('Y'))) . "' AND
+ trandate<='" . Date('Y-m-d',mktime(0,0,0, date('m'), date('d')-(2*7), date('Y'))) . "') THEN -qty ELSE 0 END) AS wk3,
+ SUM(CASE WHEN (trandate>='" . Date('Y-m-d',mktime(0,0,0, date('m'), date('d')-(2*7), date('Y'))) . "' AND
+ trandate<='" . Date('Y-m-d',mktime(0,0,0, date('m'), date('d')-7, date('Y'))) . "') THEN -qty ELSE 0 END) AS wk2,
+ SUM(CASE WHEN (trandate>='" . Date('Y-m-d',mktime(0,0,0, date('m'), date('d')-7, date('Y'))) . "' AND
+ trandate<='" . Date('Y-m-d') . "') THEN -qty ELSE 0 END) AS wk1
+ FROM stockmoves
+ WHERE stockid='" . $ItemRow['stockid'] . "'
+ AND (type=10 OR type=11)";
+ $SalesResult=DB_query($SQL,$db,'','',FALSE,FALSE);
+
+ if (DB_error_no($db) !=0) {
+ $Title = _('Preferred supplier purchasing') . ' - ' . _('Problem Report') . '....';
+ include('includes/header.inc');
+ prnMsg( _('The sales quantities could not be retrieved by the SQL because') . ' - ' . DB_error_msg($db),'error');
+ echo '<br /><a href="' .$RootPath .'/index.php">' . _('Back to the menu') . '</a>';
+ if ($debug==1){
+ echo '<br />'. $SQL;
+ }
+ include('includes/footer.inc');
+ exit;
+ }
+
+ $SalesRow = DB_fetch_array($SalesResult);
+
+ $SQL = "SELECT SUM(salesorderdetails.quantity - salesorderdetails.qtyinvoiced) AS qtydemand
+ FROM salesorderdetails INNER JOIN salesorders
+ ON salesorderdetails.orderno=salesorders.orderno
+ WHERE salesorderdetails.stkcode = '" . $ItemRow['stockid'] . "'
+ AND salesorderdetails.completed = 0
+ AND salesorders.quotation=0";
+
+ $DemandResult = DB_query($SQL, $db, '', '', false, false);
+
+
+ if (DB_error_no($db) !=0) {
+ $Title = _('Preferred supplier purchasing') . ' - ' . _('Problem Report') . '....';
+ include('includes/header.inc');
+ prnMsg( _('The sales order demand quantities could not be retrieved by the SQL because') . ' - ' . DB_error_msg($db),'error');
+ echo '<br /><a href="' .$RootPath .'/index.php">' . _('Back to the menu') . '</a>';
+ if ($debug==1){
+ echo '<br />'.$SQL;
+ }
+ include('includes/footer.inc');
+ exit;
+ }
+
+ // Also need to add in the demand as a component of an assembly items if this items has any assembly parents.
+
+ $SQL = "SELECT SUM((salesorderdetails.quantity-salesorderdetails.qtyinvoiced)*bom.quantity) AS dem
+ FROM salesorderdetails INNER JOIN bom
+ ON salesorderdetails.stkcode=bom.parent
+ INNER JOIN stockmaster
+ ON stockmaster.stockid=bom.parent
+ INNER JOIN salesorders
+ ON salesorders.orderno = salesorderdetails.orderno
+ WHERE salesorderdetails.quantity-salesorderdetails.qtyinvoiced > 0
+ AND bom.component='" . $ItemRow['stockid'] . "'
+ AND stockmaster.mbflag='A'
+ AND salesorderdetails.completed=0
+ AND salesorders.quotation=0";
+
+ $BOMDemandResult = DB_query($SQL,$db,'','',false,false);
+
+ if (DB_error_no($db) !=0) {
+ $Title = _('Preferred supplier purchasing') . ' - ' . _('Problem Report') . '....';
+ include('includes/header.inc');
+ prnMsg( _('The sales order demand quantities from parent assemblies could not be retrieved by the SQL because') . ' - ' . DB_error_msg($db),'error');
+ echo '<br /><a href="' .$RootPath .'/index.php">' . _('Back to the menu') . '</a>';
+ if ($debug==1){
+ echo '<br />'.$SQL;
+ }
+ include('includes/footer.inc');
+ exit;
+ }
+
+ $SQL = "SELECT SUM(purchorderdetails.quantityord- purchorderdetails.quantityrecd) as qtyonorder
+ FROM purchorderdetails
+ LEFT JOIN purchorders
+ ON purchorderdetails.orderno = purchorders.orderno
+ LEFT JOIN purchdata
+ ON purchorders.supplierno=purchdata.supplierno
+ AND purchorderdetails.itemcode=purchdata.stockid
+ WHERE purchorderdetails.itemcode = '" . $ItemRow['stockid'] . "'
+ AND purchorderdetails.completed = 0
+ AND purchorders.status <> 'Cancelled'
+ AND purchorders.status <> 'Rejected'
+ AND purchorders.status <> 'Pending'
+ AND purchorders.status <> 'Completed'";
+
+ $DemandRow = DB_fetch_array($DemandResult);
+ $BOMDemandRow = DB_fetch_array($BOMDemandResult);
+ $TotalDemand = $DemandRow['qtydemand'] + $BOMDemandRow['dem'];
+
+ $OnOrdResult = DB_query($SQL, $db, '', '', false, false);
+ if (DB_error_no($db) !=0) {
+ $Title = _('Preferred supplier purchasing') . ' - ' . _('Problem Report') . '....';
+ include('includes/header.inc');
+ prnMsg( _('The purchase order quantities could not be retrieved by the SQL because') . ' - ' . DB_error_msg($db),'error');
+ echo '<br /><a href="' .$RootPath .'/index.php">' . _('Back to the menu') . '</a>';
+ if ($debug==1){
+ echo '<br />'. $SQL;
+ }
+ include('includes/footer.inc');
+ exit;
+ }
+
+ $OnOrdRow = DB_fetch_array($OnOrdResult);
+ if (!isset($_POST['OrderQty' . $i])){
+ $_POST['OrderQty' . $i] =0;
+ }
+ echo '<tr>
+ <td>' . $ItemRow['stockid'] . '</td>
+ <td>' . $ItemRow['description'] . '</td>
+ <td>' . $ItemRow['bin'] . '</td>
+ <td class="number">' . round($ItemRow['qoh'],$ItemRow['decimalplaces']) . '</td>
+ <td class="number">' . round($TotalDemand,$ItemRow['decimalplaces']) . '</td>
+ <td class="number">' . round($OnOrdRow['qtyonorder'],$ItemRow['decimalplaces']) . '</td>
+ <td class="number">' . round($SalesRow['previousmonth'],$ItemRow['decimalplaces']) . '</td>
+ <td class="number">' . round($SalesRow['lastmonth'],$ItemRow['decimalplaces']) . '</td>
+ <td class="number">' . round($SalesRow['wk3'],$ItemRow['decimalplaces']) . '</td>
+ <td class="number">' . round($SalesRow['wk2'],$ItemRow['decimalplaces']) . '</td>
+ <td class="number">' . round($SalesRow['wk1'],$ItemRow['decimalplaces']) . '</td>
+ <td><input type="hidden" name="StockID' . $i . '" value="' . $ItemRow['stockid'] . '" /><input type="text" class="number" name="OrderQty' . $i . '" value="' . $_POST['OrderQty' . $i] . '" title="' . _('Enter the quantity to purchase of this item') . '" size="6" maxlength="6" /></td>
+ </tr>';
+ $i++;
+ } /*end preferred supplier items while loop */
+ echo '<tr>
+ <td colspan="7"><input type="submit" name="CreatePO" value="' . _('Create Purchase Order') . '" onclick="return confirm(\'' . _('Clicking this button will create a purchase order for all the quantities in the grid above for immediate delivery. Are you sure?') . '\');"/></td>
+ </tr>
+ </table>';
+
+ }
+}
+
+echo '</div>
+ </form>';
+
+include('includes/footer.inc');
+
+?>
Modified: trunk/StockCategories.php
===================================================================
--- trunk/StockCategories.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/StockCategories.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -344,7 +344,7 @@
echo '<table class="selection">
<tr>
<td>' . _('Category Code') . ':</td>
- <td><input type="text" name="CategoryID" required="required" autofocus="autofocus" pattern="[0-9a-zA-Z_]{1,6}" title="' . _('Enter up to six alphanumeric characters or underscore as a code for this stock category') . '" size="7" maxlength="6" value="' . $_POST['CategoryID'] . '" /></td>
+ <td><input type="text" name="CategoryID" required="required" autofocus="autofocus" data-type="no-illegal-chars" title="' . _('Enter up to six alphanumeric characters or underscore as a code for this stock category') . '" size="7" maxlength="6" value="' . $_POST['CategoryID'] . '" /></td>
</tr>';
}
Modified: trunk/StockStatus.php
===================================================================
--- trunk/StockStatus.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/StockStatus.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -59,7 +59,7 @@
echo '<form action="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '" method="post">';
echo '<div class="centre"><input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
-echo _('Stock Code') . ':<input type="text" pattern="[0-9a-zA-Z_\-]{1,20}" title ="'._('Input the stock code to inquire upon. Only alpha-numeric characters are allowed in stock codes with no spaces punctuation or special characters. Underscore or dashes are allowed.').'" placeholder="'._('Alpha-numeric only').'" required="required" name="StockID" size="21" value="' . $StockID . '" maxlength="20" />';
+echo _('Stock Code') . ':<input type="text" data-type="no-illegal-chars" title ="'._('Input the stock code to inquire upon. Only alpha-numeric characters are allowed in stock codes with no spaces punctuation or special characters. Underscore or dashes are allowed.').'" placeholder="'._('Alpha-numeric only').'" required="required" name="StockID" size="21" value="' . $StockID . '" maxlength="20" />';
echo ' <input type="submit" name="ShowStatus" value="' . _('Show Stock Status') . '" />';
Modified: trunk/Stocks.php
===================================================================
--- trunk/Stocks.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/Stocks.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -803,14 +803,14 @@
/*and cascade delete the bill of material if any */
$sql = "DELETE FROM bom WHERE parent='".$StockID."'";
$result=DB_query($sql,$db,_('Could not delete the bill of material because'),'',true);
- $sql="DELETE FROM stockmaster WHERE stockid='".$StockID."'";
- $result=DB_query($sql,$db, _('Could not delete the item record'),'',true);
//and cascade delete the item properties
$sql="DELETE FROM stockitemproperties WHERE stockid='".$StockID."'";
$result=DB_query($sql,$db, _('Could not delete the item properties'),'',true);
//and cascade delete the item descriptions in other languages
$sql = "DELETE FROM stockdescriptiontranslations WHERE stockid='" . $StockID . "'";
$result=DB_query($sql,$db,_('Could not delete the item language descriptions'),'',true);
+ $sql="DELETE FROM stockmaster WHERE stockid='".$StockID."'";
+ $result=DB_query($sql,$db, _('Could not delete the item record'),'',true);
$result = DB_Txn_Commit($db);
Modified: trunk/SuppTransGLAnalysis.php
===================================================================
--- trunk/SuppTransGLAnalysis.php 2013-09-13 00:58:50 UTC (rev 6337)
+++ trunk/SuppTransGLAnalysis.php 2013-09-28 05:10:46 UTC (rev 6338)
@@ -187,7 +187,7 @@
echo '<tr>
<td>' . _('Account Code') . ':</td>
- <td><input type="text" pattern="[a-zA-Z0-9_-]{0,20}" title="'._('The input must be alpha-numeric characters').'" placeholder="'._('less than 20 alpha-numeric characters').'" name="GLCode" size="21" maxlength="20" value="' . $_POST['GLCode'] . '" />
+ <td><input type="text" data-type="no-illegal-chars" title="'._('The input must be alpha-numeri...
[truncated message content] |
