Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[6503] trunk
|
From: <ex...@us...> - 2013-12-19 16:16:44
|
Revision: 6503
http://sourceforge.net/p/web-erp/reponame/6503
Author: exsonqu
Date: 2013-12-19 16:16:41 +0000 (Thu, 19 Dec 2013)
Log Message:
-----------
20/12/13 Thumb: Salesman can only review his own customer's data
Modified Paths:
--------------
trunk/AgedDebtors.php
trunk/CounterSales.php
trunk/Credit_Invoice.php
trunk/CustomerAllocations.php
trunk/CustomerBranches.php
trunk/CustomerInquiry.php
trunk/CustomerPurchases.php
trunk/CustomerReceipt.php
trunk/includes/ConstructSQLForUserDefinedSalesReport.inc
Modified: trunk/AgedDebtors.php
===================================================================
--- trunk/AgedDebtors.php 2013-12-18 08:10:33 UTC (rev 6502)
+++ trunk/AgedDebtors.php 2013-12-19 16:16:41 UTC (rev 6503)
@@ -18,6 +18,9 @@
$line_height = 12;
/*Now figure out the aged analysis for the customer range under review */
+ if ($_SESSION['SalesmanLogin'] != '') {
+ $_POST['Salesman'] = $_SESSION['SalesmanLogin'];
+ }
if (trim($_POST['Salesman'])!=''){
$SalesLimit = " AND debtorsmaster.debtorno IN (SELECT DISTINCT debtorno FROM custbranch WHERE salesman = '".$_POST['Salesman']."') ";
} else {
@@ -357,6 +360,9 @@
AND debtortrans.debtorno = '" . $AgedAnalysis['debtorno'] . "'
AND ABS(debtortrans.ovamount + debtortrans.ovgst + debtortrans.ovfreight + debtortrans.ovdiscount - debtortrans.alloc)>0.004";
+ if ($_SESSION['SalesmanLogin'] != '') {
+ $sql .= " AND debtortrans.salesperson='" . $_SESSION['SalesmanLogin'] . "'";
+ }
$DetailResult = DB_query($sql,$db,'','',False,False); /*Dont trap errors */
if (DB_error_no($db) !=0) {
@@ -473,18 +479,24 @@
</td>
</tr>
<tr>
- <td>' . _('Only Show Customers Of') . ':' . '</td>
- <td><select tabindex="4" name="Salesman">';
+ <td>' . _('Only Show Customers Of') . ':' . '</td>';
+ if ($_SESSION['SalesmanLogin'] != '') {
+ echo '<td>';
+ echo $_SESSION['UsersRealName'];
+ echo '</td>';
+ }else{
+ echo '<td><select tabindex="4" name="Salesman">';
- $sql = "SELECT salesmancode, salesmanname FROM salesman";
+ $sql = "SELECT salesmancode, salesmanname FROM salesman";
- $result=DB_query($sql,$db);
- echo '<option value="">' . _('All Sales people') . '</option>';
- while ($myrow=DB_fetch_array($result)){
- echo '<option value="' . $myrow['salesmancode'] . '">' . $myrow['salesmanname'] . '</option>';
+ $result=DB_query($sql,$db);
+ echo '<option value="">' . _('All Sales people') . '</option>';
+ while ($myrow=DB_fetch_array($result)){
+ echo '<option value="' . $myrow['salesmancode'] . '">' . $myrow['salesmanname'] . '</option>';
+ }
+ echo '</select></td>';
}
- echo '</select></td>
- </tr>
+ echo '</tr>
<tr>
<td>' . _('Only show customers trading in') . ':' . '</td>
<td><select tabindex="5" name="Currency">';
@@ -519,4 +531,4 @@
}
include('includes/footer.inc');
} /*end of else not PrintPDF */
-?>
\ No newline at end of file
+?>
Modified: trunk/CounterSales.php
===================================================================
--- trunk/CounterSales.php 2013-12-18 08:10:33 UTC (rev 6502)
+++ trunk/CounterSales.php 2013-12-19 16:16:41 UTC (rev 6503)
@@ -32,7 +32,11 @@
$_SESSION['Items'.$identifier]->DeliverTo = $_POST['DeliverTo'];
$_SESSION['Items'.$identifier]->PhoneNo = $_POST['PhoneNo'];
$_SESSION['Items'.$identifier]->Email = $_POST['Email'];
- $_SESSION['Items'.$identifier]->SalesPerson = $_POST['SalesPerson'];
+ if ($_SESSION['SalesmanLogin'] != '') {
+ $_SESSION['Items' . $identifier]->SalesPerson = $_SESSION['SalesmanLogin'];
+ }else{
+ $_SESSION['Items' . $identifier]->SalesPerson = $_POST['SalesPerson'];
+ }
}
if (isset($_POST['QuickEntry'])){
@@ -877,23 +881,30 @@
</tr>';
echo '<tr>
- <td>' . _('Sales person'). ':</td>
- <td><select name="SalesPerson">';
- $SalesPeopleResult = DB_query("SELECT salesmancode, salesmanname FROM salesman WHERE current=1",$db);
- if (!isset($_POST['SalesPerson']) AND $_SESSION['SalesmanLogin']!=NULL ){
- $_SESSION['Items'.$identifier]->SalesPerson = $_SESSION['SalesmanLogin'];
- }
+ <td>' . _('Sales person'). ':</td>';
- while ($SalesPersonRow = DB_fetch_array($SalesPeopleResult)){
- if ($SalesPersonRow['salesmancode']==$_SESSION['Items'.$identifier]->SalesPerson){
- echo '<option selected="selected" value="' . $SalesPersonRow['salesmancode'] . '">' . $SalesPersonRow['salesmanname'] . '</option>';
- } else {
- echo '<option value="' . $SalesPersonRow['salesmancode'] . '">' . $SalesPersonRow['salesmanname'] . '</option>';
+ if ($_SESSION['SalesmanLogin'] != '') {
+ echo '<td>';
+ echo $_SESSION['UsersRealName'];
+ echo '</td>';
+ }else{
+ echo '<td><select name="SalesPerson">';
+ $SalesPeopleResult = DB_query("SELECT salesmancode, salesmanname FROM salesman WHERE current=1",$db);
+ if (!isset($_POST['SalesPerson']) AND $_SESSION['SalesmanLogin']!=NULL ){
+ $_SESSION['Items'.$identifier]->SalesPerson = $_SESSION['SalesmanLogin'];
}
+
+ while ($SalesPersonRow = DB_fetch_array($SalesPeopleResult)){
+ if ($SalesPersonRow['salesmancode']==$_SESSION['Items'.$identifier]->SalesPerson){
+ echo '<option selected="selected" value="' . $SalesPersonRow['salesmancode'] . '">' . $SalesPersonRow['salesmanname'] . '</option>';
+ } else {
+ echo '<option value="' . $SalesPersonRow['salesmancode'] . '">' . $SalesPersonRow['salesmanname'] . '</option>';
+ }
+ }
+
+ echo '</select></td>';
}
-
- echo '</select></td>
- </tr>';
+ echo '</tr>';
echo '<tr>
<td>' . _('Comments') .':</td>
<td><textarea name="Comments" cols="23" rows="5">' . stripcslashes($_SESSION['Items'.$identifier]->Comments) . '</textarea></td>
@@ -1992,7 +2003,8 @@
ovamount,
alloc,
invtext,
- settled)
+ settled,
+ salesperson)
VALUES ('" . $ReceiptNumber . "',
12,
'" . $_SESSION['Items'.$identifier]->DebtorNo . "',
@@ -2004,7 +2016,8 @@
'" . -filter_number_format($_POST['AmountPaid']) . "',
'" . -filter_number_format($_POST['AmountPaid']) . "',
'" . $_SESSION['Items'.$identifier]->LocationName . ' ' . _('Counter Sale') ."',
- '1')";
+ '1',
+ '" . $_SESSION['Items'.$identifier]->SalesPerson . "')";
$DbgMsg = _('The SQL that failed to insert the customer receipt transaction was');
$ErrMsg = _('Cannot insert a receipt transaction against the customer because') ;
Modified: trunk/Credit_Invoice.php
===================================================================
--- trunk/Credit_Invoice.php 2013-12-18 08:10:33 UTC (rev 6502)
+++ trunk/Credit_Invoice.php 2013-12-19 16:16:41 UTC (rev 6503)
@@ -74,6 +74,9 @@
WHERE debtortrans.transno = '" . intval($_GET['InvoiceNumber']) . "'
AND stockmoves.type=10";
+ if ($_SESSION['SalesmanLogin'] != '') {
+ $sql .= " AND debtortrans.salesperson='" . $_SESSION['SalesmanLogin'] . "'";
+ }
$ErrMsg = _('A credit cannot be produced for the selected invoice') . '. ' . _('The invoice details cannot be retrieved because');
$DbgMsg = _('The SQL used to retrieve the invoice details was');
$GetInvHdrResult = DB_query($InvoiceHeaderSQL,$db,$ErrMsg,$DbgMsg);
@@ -224,11 +227,11 @@
if (isset($_POST['ChargeFreightCost'])){
$_SESSION['CreditItems' . $identifier]->FreightCost = filter_number_format($_POST['ChargeFreightCost']);
}
-
-if (isset($_POST['SalesPerson'])){
- $_SESSION['CreditItems' . $identifier]->SalesPerson = $_POST['SalesPerson'];
+if ($_SESSION['SalesmanLogin'] != '') {}else{
+ if (isset($_POST['SalesPerson'])){
+ $_SESSION['CreditItems' . $identifier]->SalesPerson = $_POST['SalesPerson'];
+ }
}
-
foreach ($_SESSION['CreditItems' . $identifier]->FreightTaxes as $FreightTaxLine) {
if (isset($_POST['FreightTaxRate' . $FreightTaxLine->TaxCalculationOrder])){
$_SESSION['CreditItems' . $identifier]->FreightTaxes[$FreightTaxLine->TaxCalculationOrder]->TaxRate = filter_number_format($_POST['FreightTaxRate' . $FreightTaxLine->TaxCalculationOrder])/100;
@@ -1539,20 +1542,27 @@
$j++;
echo '<tr>
- <td>' . _('Sales person'). ':</td>
- <td><select tabindex="' . $j . '" name="SalesPerson">';
- $SalesPeopleResult = DB_query("SELECT salesmancode, salesmanname FROM salesman WHERE current=1",$db);
- /* SalesPerson will be set because it is an invoice being credited and the order salesperson would/should have been retrieved */
- while ($SalesPersonRow = DB_fetch_array($SalesPeopleResult)){
- if ($SalesPersonRow['salesmancode']==$_SESSION['CreditItems'.$identifier]->SalesPerson){
- echo '<option selected="selected" value="' . $SalesPersonRow['salesmancode'] . '">' . $SalesPersonRow['salesmanname'] . '</option>';
- } else {
- echo '<option value="' . $SalesPersonRow['salesmancode'] . '">' . $SalesPersonRow['salesmanname'] . '</option>';
+ <td>' . _('Sales person'). ':</td>';
+
+ if ($_SESSION['SalesmanLogin'] != '') {
+ echo '<td>';
+ echo $_SESSION['UsersRealName'];
+ echo '</td>';
+ }else{
+ echo '<td><select tabindex="' . $j . '" name="SalesPerson">';
+ $SalesPeopleResult = DB_query("SELECT salesmancode, salesmanname FROM salesman WHERE current=1",$db);
+ /* SalesPerson will be set because it is an invoice being credited and the order salesperson would/should have been retrieved */
+ while ($SalesPersonRow = DB_fetch_array($SalesPeopleResult)){
+ if ($SalesPersonRow['salesmancode']==$_SESSION['CreditItems'.$identifier]->SalesPerson){
+ echo '<option selected="selected" value="' . $SalesPersonRow['salesmancode'] . '">' . $SalesPersonRow['salesmanname'] . '</option>';
+ } else {
+ echo '<option value="' . $SalesPersonRow['salesmancode'] . '">' . $SalesPersonRow['salesmanname'] . '</option>';
+ }
}
+
+ echo '</select></td>';
}
-
- echo '</select></td>
- </tr>';
+ echo '</tr>';
echo '<tr>
<td>' . _('Credit note text') . '</td>
<td><textarea tabindex="' . $j . '" name="CreditText" cols="31" rows="5">' . $_POST['CreditText'] . '</textarea></td>
Modified: trunk/CustomerAllocations.php
===================================================================
--- trunk/CustomerAllocations.php 2013-12-18 08:10:33 UTC (rev 6502)
+++ trunk/CustomerAllocations.php 2013-12-19 16:16:41 UTC (rev 6503)
@@ -237,6 +237,11 @@
INNER JOIN currencies
ON debtorsmaster.currcode=currencies.currabrev
WHERE debtortrans.id='" . $_POST['AllocTrans'] . "'";
+
+ if ($_SESSION['SalesmanLogin'] != '') {
+ $SQL .= " AND debtortrans.salesperson='" . $_SESSION['SalesmanLogin'] . "'";
+ }
+
$Result = DB_query($SQL,$db);
$myrow = DB_fetch_array($Result);
@@ -264,8 +269,14 @@
FROM debtortrans INNER JOIN systypes
ON debtortrans.type = systypes.typeid
WHERE debtortrans.settled=0
- AND debtorno='" . $_SESSION['Alloc']->DebtorNo . "'
- ORDER BY debtortrans.trandate";
+ AND debtorno='" . $_SESSION['Alloc']->DebtorNo . "'";
+
+ if ($_SESSION['SalesmanLogin'] != '') {
+ $SQL .= " AND debtortrans.salesperson='" . $_SESSION['SalesmanLogin'] . "'";
+ }
+
+ $SQL .= " ORDER BY debtortrans.trandate";
+
$Result = DB_query($SQL,$db);
while ($myrow=DB_fetch_array($Result)) {
@@ -299,9 +310,14 @@
INNER JOIN custallocns
ON debtortrans.id=custallocns.transid_allocto
WHERE custallocns.transid_allocfrom='" . $_POST['AllocTrans'] . "'
- AND debtorno='" . $_SESSION['Alloc']->DebtorNo . "'
- ORDER BY debtortrans.trandate";
+ AND debtorno='" . $_SESSION['Alloc']->DebtorNo . "'";
+ if ($_SESSION['SalesmanLogin'] != '') {
+ $SQL .= " AND debtortrans.salesperson='" . $_SESSION['SalesmanLogin'] . "'";
+ }
+
+ $SQL .= " ORDER BY debtortrans.trandate";
+
$Result=DB_query($SQL,$db);
while ($myrow=DB_fetch_array($Result)) {
@@ -464,8 +480,14 @@
ON debtorsmaster.currcode=currencies.currabrev
WHERE debtortrans.debtorno='" . $_GET['DebtorNo'] . "'
AND (debtortrans.type=12 OR debtortrans.type=11)
- AND debtortrans.settled=0
- ORDER BY debtortrans.id";
+ AND debtortrans.settled=0";
+
+ if ($_SESSION['SalesmanLogin'] != '') {
+ $SQL .= " AND debtortrans.salesperson='" . $_SESSION['SalesmanLogin'] . "'";
+ }
+
+ $SQL .= " ORDER BY debtortrans.id";
+
$result = DB_query($SQL,$db);
if (DB_num_rows($result)==0) {
@@ -522,8 +544,14 @@
ON debtorsmaster.currcode=currencies.currabrev
WHERE (debtortrans.type=12 OR debtortrans.type=11)
AND debtortrans.settled=0
- AND debtortrans.ovamount<0
- ORDER BY debtorsmaster.name";
+ AND debtortrans.ovamount<0";
+
+ if ($_SESSION['SalesmanLogin'] != '') {
+ $SQL .= " AND debtortrans.salesperson='" . $_SESSION['SalesmanLogin'] . "'";
+ }
+
+ $SQL .= " ORDER BY debtorsmaster.name";
+
$result = DB_query($SQL,$db);
$NoOfUnallocatedTrans = DB_num_rows($result);
$CurrentTransaction = 1;
Modified: trunk/CustomerBranches.php
===================================================================
--- trunk/CustomerBranches.php 2013-12-18 08:10:33 UTC (rev 6502)
+++ trunk/CustomerBranches.php 2013-12-19 16:16:41 UTC (rev 6503)
@@ -50,6 +50,9 @@
$_POST['BranchCode'] = mb_strtoupper($_POST['BranchCode']);
+ if ($_SESSION['SalesmanLogin'] != '') {
+ $_POST['Salesman'] = $_SESSION['SalesmanLogin'];
+ }
if (ContainsIllegalCharacters($_POST['BranchCode']) OR mb_strstr($_POST['BranchCode'],' ') OR mb_strstr($_POST['BranchCode'],'-')) {
$InputError = 1;
prnMsg(_('The Branch code cannot contain any of the following characters')." - & \' < >",'error');
@@ -169,6 +172,10 @@
deliverblind='" . $_POST['DeliverBlind'] . "'
WHERE branchcode = '".$SelectedBranch."' AND debtorno='".$DebtorNo."'";
+ if ($_SESSION['SalesmanLogin'] != '') {
+ $sql .= " AND custbranch.salesman='" . $_SESSION['SalesmanLogin'] . "'";
+ }
+
$msg = $_POST['BrName'] . ' '._('branch has been updated.');
} else if ($InputError !=1) {
@@ -286,6 +293,7 @@
// PREVENT DELETES IF DEPENDENT RECORDS IN 'DebtorTrans'
$sql= "SELECT COUNT(*) FROM debtortrans WHERE debtortrans.branchcode='".$SelectedBranch."' AND debtorno = '".$DebtorNo."'";
+
$result = DB_query($sql,$db);
$myrow = DB_fetch_row($result);
if ($myrow[0]>0) {
@@ -333,6 +341,9 @@
echo '<br />' . _('There are').' ' . $myrow[0] . ' '._('contracts referring to this branch/customer');
} else {
$sql="DELETE FROM custbranch WHERE branchcode='" . $SelectedBranch . "' AND debtorno='" . $DebtorNo . "'";
+ if ($_SESSION['SalesmanLogin'] != '') {
+ $SQL .= " AND custbranch.salesman='" . $_SESSION['SalesmanLogin'] . "'";
+ }
$ErrMsg = _('The branch record could not be deleted') . ' - ' . _('the SQL server returned the following message');
$result = DB_query($sql,$db,$ErrMsg);
if (DB_error_no($db)==0){
@@ -369,6 +380,10 @@
INNER JOIN taxgroups
ON custbranch.taxgroupid=taxgroups.taxgroupid
WHERE custbranch.debtorno = '".$DebtorNo."'";
+
+ if ($_SESSION['SalesmanLogin'] != '') {
+ $sql .= " AND custbranch.salesman='" . $_SESSION['SalesmanLogin'] . "'";
+ }
$result = DB_query($sql,$db);
$myrow = DB_fetch_row($result);
@@ -516,6 +531,10 @@
FROM custbranch
WHERE branchcode='".$SelectedBranch."'
AND debtorno='".$DebtorNo."'";
+
+ if ($_SESSION['SalesmanLogin'] != '') {
+ $sql .= " AND custbranch.salesman='" . $_SESSION['SalesmanLogin'] . "'";
+ }
$result = DB_query($sql, $db);
$myrow = DB_fetch_array($result);
@@ -605,7 +624,7 @@
echo '<table class="selection">
<tr>
<td>' . _('Branch Code'). ':</td>
- <td><input data-type="no-illegal-chars" ' . (in_array('BranchCode',$Errors) ? 'class="inputerror"' : '' ) . '" tabindex="1" type="text" name="BranchCode" required="required" title ="'._('Up to 10 characters for the branch code. The following characters are prohibited:') . ' \' " + . & \\ > <" placeholder="'._('alpha-numeric').'" size="12" maxlength="10" value="' . $_POST['BranchCode'] . '" /></td>
+ <td><input data-type="no-illegal-chars" ' . (in_array('BranchCode',$Errors) ? 'class="inputerror"' : '' ) . ' tabindex="1" type="text" name="BranchCode" required="required" title ="'._('Up to 10 characters for the branch code. The following characters are prohibited:') . ' \' " + . & \\ > <" placeholder="'._('alpha-numeric').'" size="12" maxlength="10" value="' . $_POST['BranchCode'] . '" /></td>
</tr>';
$_POST['DeliverBlind'] = $_SESSION['DefaultBlindPackNote'];
}
@@ -619,14 +638,13 @@
echo _('Branch Name').':</td>';
if (!isset($_POST['BrName'])) {$_POST['BrName']='';}
echo '<td><input tabindex="2" type="text" autofocus="autofocus" required="required" name="BrName" title="' . _('The branch name should identify the particular delivery address of the customer and must be entered') . '" minlength="5" size="41" maxlength="40" value="'. $_POST['BrName'].'" /></td>
- </tr>
- <tr>
+ </tr>';
+ echo '<tr>
<td>' . _('Branch Contact').':</td>';
if (!isset($_POST['ContactName'])) {$_POST['ContactName']='';}
echo '<td><input tabindex="3" type="text" name="ContactName" required="required" size="41" maxlength="40" value="'. $_POST['ContactName'].'" /></td>
- </tr>
- <tr>
- <td>' . _('Street Address 1 (Street)').':</td>';
+ </tr>';
+ echo '<tr><td>' . _('Street Address 1 (Street)').':</td>';
if (!isset($_POST['BrAddress1'])) {
$_POST['BrAddress1']='';
}
@@ -700,42 +718,49 @@
echo '<td><input ' .(in_array('FwdDate',$Errors) ? 'class="inputerror"' : '' ) .' tabindex="12" class="integer" name="FwdDate" size="4" maxlength="2" value="'. $_POST['FwdDate'].'" /></td>
</tr>';
+ if ($_SESSION['SalesmanLogin'] != '') {
+ echo '<tr>
+ <td>' . _('Salesperson').':</td><td>';
+ echo $_SESSION['UsersRealName'];
+ echo '</td>
+ </tr>';
+ }else{
- //SQL to poulate account selection boxes
- $sql = "SELECT salesmanname,
- salesmancode
- FROM salesman
- WHERE current = 1";
+ //SQL to poulate account selection boxes
+ $sql = "SELECT salesmanname,
+ salesmancode
+ FROM salesman
+ WHERE current = 1";
- $result = DB_query($sql,$db);
+ $result = DB_query($sql,$db);
- if (DB_num_rows($result)==0){
- echo '</table>';
- prnMsg(_('There are no sales people defined as yet') . ' - ' . _('customer branches must be allocated to a sales person') . '. ' . _('Please use the link below to define at least one sales person'),'error');
- echo '<p align="center"><a href="' . $RootPath . '/SalesPeople.php">' . _('Define Sales People') . '</a>';
- include('includes/footer.inc');
- exit;
- }
+ if (DB_num_rows($result)==0){
+ echo '</table>';
+ prnMsg(_('There are no sales people defined as yet') . ' - ' . _('customer branches must be allocated to a sales person') . '. ' . _('Please use the link below to define at least one sales person'),'error');
+ echo '<p align="center"><a href="' . $RootPath . '/SalesPeople.php">' . _('Define Sales People') . '</a>';
+ include('includes/footer.inc');
+ exit;
+ }
- echo '<tr>
- <td>' . _('Salesperson').':</td>
- <td><select tabindex="13" name="Salesman">';
+ echo '<tr>
+ <td>' . _('Salesperson').':</td>
+ <td><select tabindex="13" name="Salesman">';
- while ($myrow = DB_fetch_array($result)) {
- if (isset($_POST['Salesman']) AND $myrow['salesmancode']==$_POST['Salesman']) {
- echo '<option selected="selected" value="';
- } else {
- echo '<option value="';
- }
- echo $myrow['salesmancode'] . '">' . $myrow['salesmanname'] . '</option>';
+ while ($myrow = DB_fetch_array($result)) {
+ if (isset($_POST['Salesman']) AND $myrow['salesmancode']==$_POST['Salesman']) {
+ echo '<option selected="selected" value="';
+ } else {
+ echo '<option value="';
+ }
+ echo $myrow['salesmancode'] . '">' . $myrow['salesmanname'] . '</option>';
- } //end while loop
+ } //end while loop
- echo '</select></td>
- </tr>';
+ echo '</select></td>
+ </tr>';
- DB_data_seek($result,0);
-
+ // DB_data_seek($result,0); //by thumb
+ }
$sql = "SELECT areacode, areadescription FROM areas";
$result = DB_query($sql,$db);
if (DB_num_rows($result)==0){
@@ -797,8 +822,9 @@
$_POST['PhoneNo']='';
}
echo '<td><input tabindex="16" type="tel" name="PhoneNo" pattern="[0-9+()\s-]*" size="22" maxlength="20" value="'. $_POST['PhoneNo'].'" /></td>
- </tr>
- <tr>
+ </tr>';
+
+ echo '<tr>
<td>' . _('Fax Number').':</td>';
if (!isset($_POST['FaxNo'])) {
$_POST['FaxNo']='';
@@ -855,6 +881,8 @@
echo ' </select></td>
</tr>';
+
+
$SQL = "SELECT shipper_id, shippername FROM shippers";
$ShipperResults = DB_query($SQL,$db);
Modified: trunk/CustomerInquiry.php
===================================================================
--- trunk/CustomerInquiry.php 2013-12-18 08:10:33 UTC (rev 6502)
+++ trunk/CustomerInquiry.php 2013-12-19 16:16:41 UTC (rev 6503)
@@ -76,8 +76,13 @@
AND debtorsmaster.currcode = currencies.currabrev
AND debtorsmaster.holdreason = holdreasons.reasoncode
AND debtorsmaster.debtorno = '" . $CustomerID . "'
- AND debtorsmaster.debtorno = debtortrans.debtorno
- GROUP BY debtorsmaster.name,
+ AND debtorsmaster.debtorno = debtortrans.debtorno";
+
+if ($_SESSION['SalesmanLogin'] != '') {
+ $SQL .= " AND debtortrans.salesperson='" . $_SESSION['SalesmanLogin'] . "'";
+}
+
+$SQL .= " GROUP BY debtorsmaster.name,
currencies.currency,
paymentterms.terms,
paymentterms.daysbeforedue,
@@ -95,7 +100,7 @@
$NIL_BALANCE = True;
- $SQL = "SELECT debtorsmaster.name,
+ $SQL = "SELECT debtorsmaster.name,
debtorsmaster.currcode,
currencies.currency,
currencies.decimalplaces,
@@ -105,10 +110,10 @@
holdreasons.reasondescription
FROM debtorsmaster INNER JOIN paymentterms
ON debtorsmaster.paymentterms = paymentterms.termsindicator
+ INNER JOIN holdreasons
+ ON debtorsmaster.holdreason = holdreasons.reasoncode
INNER JOIN currencies
ON debtorsmaster.currcode = currencies.currabrev
- INNER JOIN holdreasons
- ON debtorsmaster.holdreason = holdreasons.reasoncode
WHERE debtorsmaster.debtorno = '" . $CustomerID . "'";
$ErrMsg =_('The customer details could not be retrieved by the SQL because');
@@ -190,9 +195,14 @@
FROM debtortrans INNER JOIN systypes
ON debtortrans.type = systypes.typeid
WHERE debtortrans.debtorno = '" . $CustomerID . "'
- AND debtortrans.trandate >= '" . $DateAfterCriteria . "'
- ORDER BY debtortrans.id";
+ AND debtortrans.trandate >= '" . $DateAfterCriteria . "'";
+if ($_SESSION['SalesmanLogin'] != '') {
+ $SQL .= " AND debtortrans.salesperson='" . $_SESSION['SalesmanLogin'] . "'";
+}
+
+$SQL .= " ORDER BY debtortrans.id";
+
$ErrMsg = _('No transactions were returned by the SQL because');
$TransResult = DB_query($SQL,$db,$ErrMsg);
Modified: trunk/CustomerPurchases.php
===================================================================
--- trunk/CustomerPurchases.php 2013-12-18 08:10:33 UTC (rev 6502)
+++ trunk/CustomerPurchases.php 2013-12-19 16:16:41 UTC (rev 6503)
@@ -1,5 +1,4 @@
<?php
-
include('includes/session.inc');
$Title = _('Customer Purchases');
include('includes/header.inc');
@@ -32,25 +31,34 @@
</p>';
$SQL = "SELECT stockmoves.stockid,
- stockmaster.description,
- systypes.typename,
- transno,
- locations.locationname,
- trandate,
- branchcode,
- price,
- reference,
- qty,
- narrative
- FROM stockmoves
- INNER JOIN stockmaster
- ON stockmaster.stockid=stockmoves.stockid
- INNER JOIN systypes
- ON stockmoves.type=systypes.typeid
- INNER JOIN locations
- ON stockmoves.loccode=locations.loccode
- WHERE debtorno='" . $DebtorNo . "'
- ORDER BY trandate DESC";
+ stockmaster.description,
+ systypes.typename,
+ transno,
+ locations.locationname,
+ trandate,
+ stockmoves.branchcode,
+ price,
+ reference,
+ qty,
+ narrative
+ FROM stockmoves
+ INNER JOIN stockmaster
+ ON stockmaster.stockid=stockmoves.stockid
+ INNER JOIN systypes
+ ON stockmoves.type=systypes.typeid
+ INNER JOIN locations
+ ON stockmoves.loccode=locations.loccode";
+
+$SQLWhere=" WHERE stockmoves.debtorno='" . $DebtorNo . "'";
+
+if ($_SESSION['SalesmanLogin'] != '') {
+ $SQL .= " INNER JOIN custbranch
+ ON stockmoves.branchcode=custbranch.branchcode";
+ $SQLWhere .= " AND custbranch.salesman='" . $_SESSION['SalesmanLogin'] . "'";
+}
+
+$SQL .= $SQLWhere . " ORDER BY trandate DESC";
+
$ErrMsg = _('The stock movement details could not be retrieved by the SQL because');
$StockMovesResult = DB_query($SQL, $db, $ErrMsg);
@@ -100,4 +108,4 @@
echo '<br /><div class="centre"><a href="SelectCustomer.php">' . _('Return to customer selection screen') . '</a></div><br />';
include('includes/footer.inc');
-?>
\ No newline at end of file
+?>
Modified: trunk/CustomerReceipt.php
===================================================================
--- trunk/CustomerReceipt.php 2013-12-18 08:10:33 UTC (rev 6502)
+++ trunk/CustomerReceipt.php 2013-12-19 16:16:41 UTC (rev 6503)
@@ -410,7 +410,8 @@
rate,
ovamount,
ovdiscount,
- invtext)
+ invtext,
+ salesperson)
VALUES (
'" . $_SESSION['ReceiptBatch']->BatchNo . "',
12,
@@ -424,7 +425,8 @@
'" . ($_SESSION['ReceiptBatch']->FunctionalExRate*$_SESSION['ReceiptBatch']->ExRate) . "',
'" . -$ReceiptItem->Amount . "',
'" . -$ReceiptItem->Discount . "',
- '" . $ReceiptItem->Narrative. "'
+ '" . $ReceiptItem->Narrative. "',
+ '" . $_SESSION['SalesmanLogin']. "'
)";
$DbgMsg = _('The SQL that failed to insert the customer receipt transaction was');
$ErrMsg = _('Cannot insert a receipt transaction against the customer because') ;
@@ -604,6 +606,14 @@
WHERE debtortrans.transno " . LIKE . " '%" . $_POST['CustInvNo'] . "%'
AND debtorsmaster.currcode= '" . $_SESSION['ReceiptBatch']->Currency . "'";
}
+
+ if ($_SESSION['SalesmanLogin'] != '') {
+ $SQL .= " AND EXISTS (
+ SELECT *
+ FROM custbranch
+ WHERE custbranch.debtorno = debtorsmaster.debtorno
+ AND custbranch.salesperson='" . $_SESSION['SalesmanLogin'] . "')";
+ }
$CustomerSearchResult = DB_query($SQL,$db,'','',false,false);
if (DB_error_no($db) !=0) {
@@ -674,8 +684,11 @@
ON debtorsmaster.currcode = currencies.currabrev
INNER JOIN debtortrans
ON debtorsmaster.debtorno = debtortrans.debtorno
- WHERE debtorsmaster.debtorno = '" . $_POST['CustomerID'] . "'
- GROUP BY debtorsmaster.name,
+ WHERE debtorsmaster.debtorno = '" . $_POST['CustomerID'] . "'";
+ if ($_SESSION['SalesmanLogin'] != '') {
+ $SQL .= " AND debtortrans.salesperson='" . $_SESSION['SalesmanLogin'] . "'";
+ }
+ $SQL .= " GROUP BY debtorsmaster.name,
debtorsmaster.pymtdiscount,
debtorsmaster.currcode,
currencies.currency,
@@ -754,7 +767,7 @@
INNER JOIN bankaccountusers
ON bankaccounts.accountcode=bankaccountusers.accountcode
WHERE bankaccountusers.userid = '" . $_SESSION['UserID'] ."'
-ORDER BY bankaccountname";
+ ORDER BY bankaccountname";
$ErrMsg = _('The bank accounts could not be retrieved because');
$DbgMsg = _('The SQL used to retrieve the bank accounts was');
Modified: trunk/includes/ConstructSQLForUserDefinedSalesReport.inc
===================================================================
--- trunk/includes/ConstructSQLForUserDefinedSalesReport.inc 2013-12-18 08:10:33 UTC (rev 6502)
+++ trunk/includes/ConstructSQLForUserDefinedSalesReport.inc 2013-12-19 16:16:41 UTC (rev 6503)
@@ -320,6 +320,9 @@
} /* end of loop through defined columns */
+if ($_SESSION['SalesmanLogin'] != '') {
+ $SQLWhereCls .= " AND salesanalysis.salesperson='" . $_SESSION['SalesmanLogin'] . "'";
+}
$SQLTheLot = $SQLSelectCls . ' ' . $SQLFromCls . ' ' . $SQLWhereCls . ' ' . $SQLGroupCls ;
/*For the purposes of debugging */
|
