Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[6805] trunk
|
From: <aga...@us...> - 2014-08-08 16:12:50
|
Revision: 6805
http://sourceforge.net/p/web-erp/reponame/6805
Author: agaluski
Date: 2014-08-08 16:12:36 +0000 (Fri, 08 Aug 2014)
Log Message:
-----------
Added Location based security logic to most inventory and manufacturing scripts. Many thanks to Tim for merging my changes with the Trunk.
Modified Paths:
--------------
trunk/BOMExtendedQty.php
trunk/BOMIndented.php
trunk/BOMIndentedReverse.php
trunk/BOMListing.php
trunk/LocationUsers.php
trunk/Locations.php
trunk/PDFGrn.php
trunk/PDFPickingList.php
trunk/PDFStockLocTransfer.php
trunk/PDFStockNegatives.php
trunk/PDFStockTransfer.php
trunk/PDFWOPrint.php
trunk/PO_PDFPurchOrder.php
trunk/PO_SelectOSPurchOrder.php
trunk/PrintCustOrder_generic.php
trunk/ReprintGRN.php
trunk/ReverseGRN.php
trunk/SelectProduct.php
trunk/SelectSalesOrder.php
trunk/SelectWorkOrder.php
trunk/StockAdjustments.php
trunk/StockLocMovements.php
trunk/StockLocStatus.php
trunk/StockQties_csv.php
trunk/StockQuantityByDate.php
trunk/StockSerialItemResearch.php
trunk/StockSerialItems.php
trunk/StockStatus.php
trunk/StockTransfers.php
trunk/StockUsage.php
trunk/StockUsageGraph.php
trunk/WhereUsedInquiry.php
trunk/WorkOrderEntry.php
trunk/WorkOrderIssue.php
trunk/WorkOrderReceive.php
trunk/WorkOrderStatus.php
trunk/includes/InputSerialItemsExisting.php
trunk/includes/PO_ReadInOrder.inc
Modified: trunk/BOMExtendedQty.php
===================================================================
--- trunk/BOMExtendedQty.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/BOMExtendedQty.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -173,12 +173,14 @@
(SELECT
SUM(locstock.quantity) as invqty
FROM locstock
+ INNER JOIN locationusers ON locationusers.loccode=locstock.loccode AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE locstock.stockid = tempbom.component
GROUP BY locstock.stockid) AS qoh,
(SELECT
SUM(purchorderdetails.quantityord - purchorderdetails.quantityrecd) as netqty
FROM purchorderdetails INNER JOIN purchorders
ON purchorderdetails.orderno=purchorders.orderno
+ INNER JOIN locationusers ON locationusers.loccode=purchorders.intostocklocation AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE purchorderdetails.itemcode = tempbom.component
AND purchorderdetails.completed = 0
AND (purchorders.status = 'Authorised' OR purchorders.status='Printed')
@@ -187,11 +189,13 @@
SUM(woitems.qtyreqd - woitems.qtyrecd) as netwoqty
FROM woitems INNER JOIN workorders
ON woitems.wo = workorders.wo
+ INNER JOIN locationusers ON locationusers.loccode=workorders.loccode AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE woitems.stockid = tempbom.component
AND workorders.closed=0
GROUP BY woitems.stockid) AS woqty
FROM tempbom INNER JOIN stockmaster
ON tempbom.component = stockmaster.stockid
+ INNER JOIN locationusers ON locationusers.loccode=tempbom.loccode AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
GROUP BY tempbom.component,
stockmaster.description,
stockmaster.decimalplaces,
Modified: trunk/BOMIndented.php
===================================================================
--- trunk/BOMIndented.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/BOMIndented.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -75,6 +75,7 @@
bom.effectiveto,
bom.quantity
FROM bom
+ INNER JOIN locationusers ON locationusers.loccode=bom.loccode AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE bom.parent ='" . $_POST['Part'] . "'
AND bom.effectiveto >= '" . date('Y-m-d') . "'
AND bom.effectiveafter <= '" . date('Y-m-d') . "'";
@@ -108,6 +109,7 @@
bom.effectiveto,
bom.quantity
FROM bom, passbom
+ INNER JOIN locationusers ON locationusers.loccode=loccode AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE bom.parent = passbom.part
AND bom.effectiveto >= '" . date('Y-m-d') . "' AND bom.effectiveafter <= '" . date('Y-m-d') . "'";
$result = DB_query($sql,$db);
@@ -332,4 +334,4 @@
} // End of PrintHeader function
-?>
+?>
\ No newline at end of file
Modified: trunk/BOMIndentedReverse.php
===================================================================
--- trunk/BOMIndentedReverse.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/BOMIndentedReverse.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -169,6 +169,7 @@
stockmaster.mbflag
FROM tempbom INNER JOIN stockmaster
ON tempbom.parent = stockmaster.stockid
+ INNER JOIN locationusers ON locationusers.loccode=tempbom.loccode AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
ORDER BY sortpart";
$result = DB_query($sql,$db);
Modified: trunk/BOMListing.php
===================================================================
--- trunk/BOMListing.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/BOMListing.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -29,6 +29,7 @@
bom.effectiveafter AS eff_frm
FROM stockmaster INNER JOIN bom
ON stockmaster.stockid=bom.component
+ INNER JOIN locationusers ON locationusers.loccode=bom.loccode AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE bom.parent >= '" . $_POST['FromCriteria'] . "'
AND bom.parent <= '" . $_POST['ToCriteria'] . "'
AND bom.effectiveto >= '" . date('Y-m-d') . "' AND bom.effectiveafter <= '" . date('Y-m-d') . "'
Modified: trunk/LocationUsers.php
===================================================================
--- trunk/LocationUsers.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/LocationUsers.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -1,24 +1,22 @@
<?php
-/* $Id: LocationUsers.php 1 agaluski $*/
include('includes/session.inc');
$Title = _('Maintenance Of Location Authorised Users');
include('includes/header.inc');
-echo '<p class="page_title_text"><img src="'.$RootPath.'/css/'.$Theme.'/images/money_add.png" title="' . _('Location Authorised Users')
- . '" alt="" />' . ' ' . $Title . '</p>';
+echo '<p class="page_title_text"><img src="' . $RootPath . '/css/' . $Theme . '/images/money_add.png" title="' . _('Location Authorised Users') . '" alt="" />' . ' ' . $Title . '</p>';
-if (isset($_POST['SelectedUser'])){
+if (isset($_POST['SelectedUser'])) {
$SelectedUser = mb_strtoupper($_POST['SelectedUser']);
-} elseif (isset($_GET['SelectedUser'])){
+} elseif (isset($_GET['SelectedUser'])) {
$SelectedUser = mb_strtoupper($_GET['SelectedUser']);
} else {
- $SelectedUser='';
+ $SelectedUser = '';
}
-if (isset($_POST['SelectedLocation'])){
+if (isset($_POST['SelectedLocation'])) {
$SelectedLocation = mb_strtoupper($_POST['SelectedLocation']);
-} elseif (isset($_GET['SelectedLocation'])){
+} elseif (isset($_GET['SelectedLocation'])) {
$SelectedLocation = mb_strtoupper($_GET['SelectedLocation']);
}
@@ -29,7 +27,7 @@
if (isset($_POST['Process'])) {
if ($_POST['SelectedLocation'] == '') {
- echo prnMsg(_('You have not selected any Location'),'error');
+ echo prnMsg(_('You have not selected any Location'), 'error');
echo '<br />';
unset($SelectedLocation);
unset($_POST['SelectedLocation']);
@@ -38,33 +36,33 @@
if (isset($_POST['submit'])) {
- $InputError=0;
+ $InputError = 0;
- if ($_POST['SelectedUser']=='') {
- $InputError=1;
- echo prnMsg(_('You have not selected an user to be authorised to use this Location'),'error');
+ if ($_POST['SelectedUser'] == '') {
+ $InputError = 1;
+ echo prnMsg(_('You have not selected an user to be authorised to use this Location'), 'error');
echo '<br />';
unset($SelectedLocation);
}
- if ( $InputError !=1 ) {
+ if ($InputError != 1) {
// First check the user is not being duplicated
- $checkSql = "SELECT count(*)
+ $CheckSql = "SELECT count(*)
FROM locationusers
- WHERE loccode= '" . $_POST['SelectedLocation'] . "'
- AND userid = '" . $_POST['SelectedUser'] . "'";
+ WHERE loccode= '" . $_POST['SelectedLocation'] . "'
+ AND userid = '" . $_POST['SelectedUser'] . "'";
- $checkresult = DB_query($checkSql,$db);
- $checkrow = DB_fetch_row($checkresult);
+ $CheckResult = DB_query($CheckSql);
+ $CheckRow = DB_fetch_row($CheckResult);
- if ( $checkrow[0] >0) {
+ if ($CheckRow[0] > 0) {
$InputError = 1;
- prnMsg( _('The user') . ' ' . $_POST['SelectedUser'] . ' ' ._('already authorised to use this Location'),'error');
+ prnMsg(_('The user') . ' ' . $_POST['SelectedUser'] . ' ' . _('already authorised to use this Location'), 'error');
} else {
// Add new record on submit
- $sql = "INSERT INTO locationusers (loccode,
+ $SQL = "INSERT INTO locationusers (loccode,
userid,
canview,
canupd)
@@ -73,40 +71,39 @@
'1',
'1')";
- $msg = _('User') . ': ' . $_POST['SelectedUser'].' '._('has been authorised to use') .' '. $_POST['SelectedLocation'] . ' ' . _('Location');
- $result = DB_query($sql,$db);
- prnMsg($msg,'success');
+ $msg = _('User') . ': ' . $_POST['SelectedUser'] . ' ' . _('authorisation to use') . ' ' . $_POST['SelectedLocation'] . ' ' . _('Location has been changed');
+ $Result = DB_query($SQL);
+ prnMsg($msg, 'success');
unset($_POST['SelectedUser']);
}
}
-} elseif ( isset($_GET['delete']) ) {
- $sql="DELETE FROM locationusers
- WHERE loccode='".$SelectedLocation."'
- AND userid='".$SelectedUser."'";
+} elseif (isset($_GET['delete'])) {
+ $SQL = "DELETE FROM locationusers
+ WHERE loccode='" . $SelectedLocation . "'
+ AND userid='" . $SelectedUser . "'";
$ErrMsg = _('The Location user record could not be deleted because');
- $result = DB_query($sql,$db,$ErrMsg);
- prnMsg(_('User').' '. $SelectedUser .' '. _('has been un-authorised to use').' '. $SelectedLocation .' '. _('Location') ,'success');
+ $Result = DB_query($SQL, $ErrMsg);
+ prnMsg(_('User') . ' ' . $SelectedUser . ' ' . _('has been un-authorised to use') . ' ' . $SelectedLocation . ' ' . _('Location'), 'success');
unset($_GET['delete']);
-} elseif ( isset($_GET['toggleupd']) ) {
- $sql="UPDATE locationusers
+} elseif (isset($_GET['toggleupd'])) {
+ $SQL = "UPDATE locationusers
SET canupd='" . $_GET['toggleupd'] . "'
- WHERE loccode='".$SelectedLocation."'
- AND userid='".$SelectedUser."'";
+ WHERE loccode='" . $SelectedLocation . "'
+ AND userid='" . $SelectedUser . "'";
$ErrMsg = _('The Location user record could not be deleted because');
- $result = DB_query($sql,$db,$ErrMsg);
- prnMsg(_('User').' '. $SelectedUser .' '. _('has been un-authorised to update').' '. $SelectedLocation .' '. _('Location') ,'success');
- unset($_GET['removeupd']);
+ $Result = DB_query($SQL, $ErrMsg);
+ prnMsg(_('User') . ' ' . $SelectedUser . ' ' . _('has been un-authorised to update') . ' ' . $SelectedLocation . ' ' . _('Location'), 'success');
+ unset($_GET['toggleupd']);
}
-if (!isset($SelectedLocation)){
+if (!isset($SelectedLocation)) {
-/* It could still be the second time the page has been run and a record has been selected for modification - SelectedUser will exist because it was sent with the new call. If its the first time the page has been displayed with no parameters
-then none of the above are true. These will call the same page again and allow update/input or deletion of the records*/
- echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '">';
- echo '<div>
- <input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />
+ /* It could still be the second time the page has been run and a record has been selected for modification - SelectedUser will exist because it was sent with the new call. If its the first time the page has been displayed with no parameters
+ then none of the above are true. These will call the same page again and allow update/input or deletion of the records*/
+ echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '">';
+ echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />
<table class="selection">
<tr>
<td>' . _('Select Location') . ':</td>
@@ -116,51 +113,48 @@
locationname
FROM locations";
- $result = DB_query($SQL,$db);
+ $Result = DB_query($SQL);
echo '<option value="">' . _('Not Yet Selected') . '</option>';
- while ($myrow = DB_fetch_array($result)) {
- if (isset($SelectedLocation) and $myrow['loccode']==$SelectedLocation) {
+ while ($MyRow = DB_fetch_array($Result)) {
+ if (isset($SelectedLocation) and $MyRow['loccode'] == $SelectedLocation) {
echo '<option selected="selected" value="';
} else {
echo '<option value="';
}
- echo $myrow['loccode'] . '">' . $myrow['loccode'] . ' - ' . $myrow['locationname'] . '</option>';
+ echo $MyRow['loccode'] . '">' . $MyRow['loccode'] . ' - ' . $MyRow['locationname'] . '</option>';
} //end while loop
echo '</select></td></tr>';
- echo '</table>'; // close main table
- DB_free_result($result);
+ echo '</table>'; // close main table
+ DB_free_result($Result);
- echo '<br />
- <div class="centre">
+ echo '<div class="centre">
<input type="submit" name="Process" value="' . _('Accept') . '" />
<input type="submit" name="Cancel" value="' . _('Cancel') . '" />
</div>';
- echo '</div>
- </form>';
+ echo '</form>';
}
//end of ifs and buts!
-if (isset($_POST['process'])OR isset($SelectedLocation)) {
+if (isset($_POST['process']) or isset($SelectedLocation)) {
$SQLName = "SELECT locationname
FROM locations
- WHERE loccode='" .$SelectedLocation."'";
- $result = DB_query($SQLName,$db);
- $myrow = DB_fetch_array($result);
- $SelectedBankName = $myrow['locationname'];
-
- echo '<br /><div class="centre"><a href="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '">' . _('Authorised users for') . ' ' .$SelectedBankName . ' ' . _('Location') .'</a></div>';
- echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '">';
- echo '<div>';
+ WHERE loccode='" . $SelectedLocation . "'";
+ $Result = DB_query($SQLName);
+ $MyRow = DB_fetch_array($Result);
+ $SelectedBankName = $MyRow['locationname'];
+
+ echo '<div class="centre"><a href="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '">' . _('Authorised users for') . ' ' . $SelectedBankName . ' ' . _('Location') . '</a></div>';
+ echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
echo '<input type="hidden" name="SelectedLocation" value="' . $SelectedLocation . '" />';
- $sql = "SELECT locationusers.userid,
+ $SQL = "SELECT locationusers.userid,
canview,
canupd,
www_users.realname
@@ -169,56 +163,59 @@
WHERE locationusers.loccode='" . $SelectedLocation . "'
ORDER BY locationusers.userid ASC";
- $result = DB_query($sql,$db);
+ $Result = DB_query($SQL);
- echo '<br />
- <table class="selection">';
- echo '<tr><th colspan="6"><h3>' . _('Authorised users for Location') . ' ' .$SelectedBankName. '</h3></th></tr>';
+ echo '<table class="selection">';
echo '<tr>
+ <th colspan="6"><h3>' . _('Authorised users for Location') . ' ' . $SelectedBankName . '</h3></th>
+ </tr>';
+ echo '<tr>
<th>' . _('User Code') . '</th>
<th>' . _('User Name') . '</th>
<th>' . _('View') . '</th>
<th>' . _('Update') . '</th>
</tr>';
-$k=0; //row colour counter
+ $k = 0; //row colour counter
-while ($myrow = DB_fetch_array($result)) {
- if ($k==1){
- echo '<tr class="EvenTableRows">';
- $k=0;
- } else {
- echo '<tr class="OddTableRows">';
- $k=1;
+ while ($MyRow = DB_fetch_array($Result)) {
+ if ($k == 1) {
+ echo '<tr class="EvenTableRows">';
+ $k = 0;
+ } else {
+ echo '<tr class="OddTableRows">';
+ $k = 1;
+ }
+
+ if ($MyRow['canupd'] == 1) {
+ $ToggleText = '<td><a href="%s?SelectedUser=%s&toggleupd=0&SelectedLocation=' . $SelectedLocation . '" onclick="return confirm(\'' . _('Are you sure you wish to remove Update for this user?') . '\');">' . _('Remove Update') . '</a></td>';
+ } else {
+ $ToggleText = '<td><a href="%s?SelectedUser=%s&toggleupd=1&SelectedLocation=' . $SelectedLocation . '" onclick="return confirm(\'' . _('Are you sure you wish to add Update for this user?') . '\');">' . _('Add Update') . '</a></td>';
+ }
+
+ printf('<td>%s</td>
+ <td>%s</td>
+ <td>%s</td>
+ <td>%s</td>' .
+ $ToggleText . '
+ <td><a href="%s?SelectedUser=%s&delete=yes&SelectedLocation=' . $SelectedLocation . '" onclick="return confirm(\'' . _('Are you sure you wish to un-authorise this user?') . '\');">' . _('Un-authorise') . '</a></td>
+ </tr>',
+ $MyRow['userid'],
+ $MyRow['realname'],
+ $MyRow['canview'],
+ $MyRow['canupd'],
+ htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8'),
+ $MyRow['userid'],
+ htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8'),
+ $MyRow['userid']);
}
- if ($myrow['canupd'] == 1) {
- $ToggleText = '<td><a href="%s?SelectedUser=%s&toggleupd=0&SelectedLocation=' . $SelectedLocation . '" onclick="return confirm(\'' . _('Are you sure you wish to remove Update for this user?') . '\');">' . _('Remove Update') . '</a></td>';
- } else {
- $ToggleText = '<td><a href="%s?SelectedUser=%s&toggleupd=1&SelectedLocation=' . $SelectedLocation . '" onclick="return confirm(\'' . _('Are you sure you wish to add Update for this user?') . '\');">' . _('Add Update') . '</a></td>';
- }
- printf('<td>%s</td>
- <td>%s</td>
- <td>%s</td>
- <td>%s</td>' .
- $ToggleText . '
- <td><a href="%s?SelectedUser=%s&delete=yes&SelectedLocation=' . $SelectedLocation . '" onclick="return confirm(\'' . _('Are you sure you wish to un-authorise this user?') . '\');">' . _('Un-authorise') . '</a></td>
- </tr>',
- $myrow['userid'],
- $myrow['realname'],
- $myrow['canview'],
- $myrow['canupd'],
- htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8'),
- $myrow['userid'],
- htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8'),
- $myrow['userid']);
- }
//END WHILE LIST LOOP
echo '</table>';
- if (! isset($_GET['delete'])) {
+ if (!isset($_GET['delete'])) {
- echo '<br /><table class="selection">'; //Main table
+ echo '<table class="selection">'; //Main table
echo '<tr>
<td>' . _('Select User') . ':</td>
@@ -228,33 +225,36 @@
realname
FROM www_users";
- $result = DB_query($SQL,$db);
- if (!isset($_POST['SelectedUser'])){
+ $Result = DB_query($SQL);
+ if (!isset($_POST['SelectedUser'])) {
echo '<option selected="selected" value="">' . _('Not Yet Selected') . '</option>';
}
- while ($myrow = DB_fetch_array($result)) {
- if (isset($_POST['SelectedUser']) AND $myrow['userid']==$_POST['SelectedUser']) {
+ while ($MyRow = DB_fetch_array($Result)) {
+ if (isset($_POST['SelectedUser']) and $MyRow['userid'] == $_POST['SelectedUser']) {
echo '<option selected="selected" value="';
} else {
echo '<option value="';
}
- echo $myrow['userid'] . '">' . $myrow['userid'] . ' - ' . $myrow['realname'] . '</option>';
+ echo $MyRow['userid'] . '">' . $MyRow['userid'] . ' - ' . $MyRow['realname'] . '</option>';
} //end while loop
- echo '</select></td></tr>';
+ echo '</select>
+ </td>
+ </tr>';
- echo '</table>'; // close main table
- DB_free_result($result);
+ echo '</table>'; // close main table
+ DB_free_result($Result);
- echo '<br /><div class="centre"><input type="submit" name="submit" value="' . _('Accept') . '" />
- <input type="submit" name="Cancel" value="' . _('Cancel') . '" /></div>';
+ echo '<div class="centre">
+ <input type="submit" name="submit" value="' . _('Accept') . '" />
+ <input type="submit" name="Cancel" value="' . _('Cancel') . '" />
+ </div>';
- echo '</div>
- </form>';
+ echo '</form>';
} // end if user wish to delete
}
include('includes/footer.inc');
-?>
+?>
\ No newline at end of file
Modified: trunk/Locations.php
===================================================================
--- trunk/Locations.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/Locations.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -175,8 +175,8 @@
$ErrMsg = _('An error occurred inserting the new location stock records for all pre-existing parts because');
$DbgMsg = _('The SQL used to insert the new stock location records was');
$result = DB_query($sql,$db,$ErrMsg, $DbgMsg);
- prnMsg ('........ ' . _('and new stock locations inserted for all existing stock items for the new location'), 'success');
-
+ prnMsg ('........ ' . _('and new stock locations inserted for all existing stock items for the new location'), 'success');
+
/* Also need to add locationuser records for all existing users*/
$sql = "INSERT INTO locationusers (userid, loccode, canview, canupd)
SELECT www_users.userid,
Modified: trunk/PDFGrn.php
===================================================================
--- trunk/PDFGrn.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/PDFGrn.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -52,6 +52,8 @@
stockmaster.decimalplaces
FROM grns INNER JOIN purchorderdetails
ON grns.podetailitem=purchorderdetails.podetailitem
+ INNER JOIN purchorders on purchorders.orderno = purchorderdetails.orderno
+ INNER JOIN locationusers ON locationusers.loccode=purchorders.intostocklocation AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
LEFT JOIN stockmaster
ON grns.itemcode=stockmaster.stockid
WHERE grnbatch='". $GRNNo ."'";
@@ -98,17 +100,14 @@
$LeftOvers = $pdf->addTextWrap($FormDesign->Data->Column1->x,$Page_Height-$YPos,$FormDesign->Data->Column1->Length,$FormDesign->Data->Column1->FontSize, $myrow['itemcode']);
$LeftOvers = $pdf->addTextWrap($FormDesign->Data->Column2->x,$Page_Height-$YPos,$FormDesign->Data->Column2->Length,$FormDesign->Data->Column2->FontSize, $myrow['itemdescription']);
- /*resmart mods */
/*$LeftOvers = $pdf->addTextWrap($FormDesign->Data->Column3->x,$Page_Height-$YPos,$FormDesign->Data->Column3->Length,$FormDesign->Data->Column3->FontSize, $DeliveryDate);*/
$LeftOvers = $pdf->addTextWrap($FormDesign->Data->Column3->x,$Page_Height-$YPos,$FormDesign->Data->Column3->Length,$FormDesign->Data->Column3->FontSize, $DeliveryDate, 'right');
- /*resmart ends*/
$LeftOvers = $pdf->addTextWrap($FormDesign->Data->Column4->x,$Page_Height-$YPos,$FormDesign->Data->Column4->Length,$FormDesign->Data->Column4->FontSize, $SuppliersQuantity, 'right');
$LeftOvers = $pdf->addTextWrap($FormDesign->Data->Column5->x,$Page_Height-$YPos,$FormDesign->Data->Column5->Length,$FormDesign->Data->Column5->FontSize, $myrow['suppliersunit'], 'left');
$LeftOvers = $pdf->addTextWrap($FormDesign->Data->Column6->x,$Page_Height-$YPos,$FormDesign->Data->Column6->Length,$FormDesign->Data->Column6->FontSize, $OurUnitsQuantity, 'right');
$LeftOvers = $pdf->addTextWrap($FormDesign->Data->Column7->x,$Page_Height-$YPos,$FormDesign->Data->Column7->Length,$FormDesign->Data->Column7->FontSize, $myrow['units'], 'left');
$YPos += $line_height;
- /*resmoart mods*/
/* move to after serial print
if($FooterPrintedInPage == 0){
$LeftOvers = $pdf->addText($FormDesign->ReceiptDate->x,$Page_Height-$FormDesign->ReceiptDate->y,$FormDesign->ReceiptDate->FontSize, _('Date of Receipt: ') . $DeliveryDate);
@@ -116,7 +115,6 @@
$FooterPrintedInPage= 1;
}
*/
- /*resmart ends*/
if ($YPos >= $FormDesign->LineAboveFooter->starty){
/* We reached the end of the page so finsih off the page and start a newy */
@@ -125,13 +123,12 @@
$YPos=$FormDesign->Data->y;
include ('includes/PDFGrnHeader.inc');
} //end if need a new page headed up
-
- /*resmart mods*/
+
$SQL = "SELECT stockmaster.controlled
FROM stockmaster WHERE stockid ='" . $myrow['itemcode'] . "'";
$CheckControlledResult = DB_query($SQL,$db,'<br />' . _('Could not determine if the item was controlled or not because') . ' ');
$ControlledRow = DB_fetch_row($CheckControlledResult);
-
+
if ($ControlledRow[0]==1) { /*Then its a controlled item */
$SQL = "SELECT stockserialmoves.serialno,
stockserialmoves.moveqty
@@ -146,9 +143,9 @@
$LeftOvers = $pdf->addTextWrap($FormDesign->Data->Column2->x,$Page_Height-$YPos,$FormDesign->Data->Column2->Length,$FormDesign->Data->Column2->FontSize, $SerialStockMoves['serialno']);
$LeftOvers = $pdf->addTextWrap($FormDesign->Data->Column2->x,$Page_Height-$YPos,$FormDesign->Data->Column2->Length,$FormDesign->Data->Column2->FontSize, $SerialStockMoves['moveqty'],'right');
$YPos += $line_height;
-
+
if ($YPos >= $FormDesign->LineAboveFooter->starty){
- $FooterPrintedInPage= 0;
+ $FooterPrintedInPage= 0;
$YPos=$FormDesign->Data->y;
include ('includes/PDFGrnHeader.inc');
} //end if need a new page headed up
@@ -156,12 +153,12 @@
$LeftOvers = $pdf->addTextWrap($FormDesign->Data->Column2->x,$Page_Height-$YPos,$FormDesign->Data->Column2->Length,$FormDesign->Data->Column2->FontSize, ' ');
$YPos += $line_height;
if ($YPos >= $FormDesign->LineAboveFooter->starty){
- $FooterPrintedInPage= 0;
+ $FooterPrintedInPage= 0;
$YPos=$FormDesign->Data->y;
include ('includes/PDFGrnHeader.inc');
} //end if need a new page headed up
} //controlled item*/
- /*resmart ends*/
+
if($FooterPrintedInPage == 0){
$LeftOvers = $pdf->addText($FormDesign->ReceiptDate->x,$Page_Height-$FormDesign->ReceiptDate->y,$FormDesign->ReceiptDate->FontSize, _('Date of Receipt: ') . $DeliveryDate);
$LeftOvers = $pdf->addText($FormDesign->SignedFor->x,$Page_Height-$FormDesign->SignedFor->y,$FormDesign->SignedFor->FontSize, _('Signed for ').'______________________');
@@ -179,4 +176,4 @@
echo '<br /><a href="'.$RootPath.'/index.php">' . _('Back to the menu') . '</a>';
include('includes/footer.inc');
}
-?>
\ No newline at end of file
+?>
Modified: trunk/PDFPickingList.php
===================================================================
--- trunk/PDFPickingList.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/PDFPickingList.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -21,9 +21,10 @@
if ((!isset($_GET['TransNo']) or $_GET['TransNo']=='') and !isset($_POST['TransDate'])){
$Title = _('Select Picking Lists');
include('includes/header.inc');
- $sql="SELECT loccode,
+ $sql="SELECT locations.loccode,
locationname
- FROM locations";
+ FROM locations
+ INNER JOIN locationusers ON locationusers.loccode=locations.loccode AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1";
$result=DB_query($sql, $db);
echo '<p class="page_title_text"><img src="'.$RootPath.'/css/'.$Theme.'/images/sales.png" title="' . _('Search') . '" alt="" />' . ' ' . $Title . '</p><br />';
echo '<form action="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '" method="post" name="form">
@@ -268,7 +269,6 @@
}
$LineResult=DB_query($sql,$db, $ErrMsg);
}
-
if ((isset($_GET['TransNo'])
AND $_GET['TransNo'] == 'Preview')
OR (isset($LineResult)
@@ -330,7 +330,7 @@
$LeftOvers = $pdf->addTextWrap($FormDesign->Headings->Column5->x,$Page_Height - $YPos,$FormDesign->Headings->Column5->Length,$FormDesign->Headings->Column5->FontSize,$DisplayPrevDel,'right');
if ($Page_Height-$YPos-$line_height <= 50){
- /* We reached the end of the page so finsih off the page and start a newy */
+ /* We reached the end of the page so finish off the page and start a new */
$PageNumber++;
include ('includes/PDFPickingListHeader.inc');
} //end if need a new page headed up
@@ -353,4 +353,4 @@
$pdf->OutputD($_SESSION['DatabaseName'] . '_PickingLists_' . date('Y-m-d') . '.pdf');
$pdf->__destruct();
}
-?>
+?>
\ No newline at end of file
Modified: trunk/PDFStockLocTransfer.php
===================================================================
--- trunk/PDFStockLocTransfer.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/PDFStockLocTransfer.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -30,6 +30,24 @@
</div>';
echo '</div>
</form>';
+
+ echo '<form method="post" action="' . $RootPath . '/PDFShipLabel.php">';
+ echo '<div>';
+ echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
+ echo '<input type="hidden" name="Type" value="Transfer" />';
+ echo '<table>
+ <tr>
+ <td>' . _('Transfer docket to reprint Shipping Labels') . '</td>
+ <td><input type="text" class="number" size="10" name="ORD" /></td>
+ </tr>
+ </table>';
+ echo '<br />
+ <div class="centre">
+ <input type="submit" name="Print" value="' . _('Print Shipping Labels') .'" />
+ </div>';
+ echo '</div>
+ </form>';
+
include ('includes/footer.inc');
exit;
}
Modified: trunk/PDFStockNegatives.php
===================================================================
--- trunk/PDFStockNegatives.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/PDFStockNegatives.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -26,6 +26,7 @@
ON stockmaster.stockid=locstock.stockid
INNER JOIN locations
ON locstock.loccode = locations.loccode
+ INNER JOIN locationusers ON locationusers.loccode=locations.loccode AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE locstock.quantity < 0
ORDER BY locstock.loccode,
stockmaster.categoryid,
Modified: trunk/PDFStockTransfer.php
===================================================================
--- trunk/PDFStockTransfer.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/PDFStockTransfer.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -35,6 +35,24 @@
</div>
</div>
</form>';
+
+ echo '<form method="post" action="' . $RootPath . '/PDFShipLabel.php">';
+ echo '<div>';
+ echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
+ echo '<input type="hidden" name="Type" value="Transfer" />';
+ echo '<table>
+ <tr>
+ <td>' . _('Transfer docket to reprint Shipping Labels') . '</td>
+ <td><input type="text" class="number" size="10" name="ORD" /></td>
+ </tr>
+ </table>';
+ echo '<br />
+ <div class="centre">
+ <input type="submit" name="Print" value="' . _('Print Shipping Labels') .'" />
+ </div>';
+ echo '</div>
+ </form>';
+
include('includes/footer.inc');
exit();
}
@@ -86,10 +104,7 @@
$Description=$myrow['description'];
$LeftOvers = $pdf->addTextWrap($Left_Margin+1,$YPos-10,300-$Left_Margin,$FontSize, $StockID);
- /*resmoart mods*/
- /*$LeftOvers = $pdf->addTextWrap($Left_Margin+75,$YPos-10,300-$Left_Margin,$FontSize-2, $Description);*/
$LeftOvers = $pdf->addTextWrap($Left_Margin+75,$YPos-10,300-$Left_Margin,$FontSize, $Description);
- /*resmart ends*/
$LeftOvers = $pdf->addTextWrap($Left_Margin+250,$YPos-10,300-$Left_Margin,$FontSize, $From);
$LeftOvers = $pdf->addTextWrap($Left_Margin+350,$YPos-10,300-$Left_Margin,$FontSize, $To);
$LeftOvers = $pdf->addTextWrap($Left_Margin+475,$YPos-10,300-$Left_Margin,$FontSize, $Quantity);
@@ -99,7 +114,7 @@
if ($YPos < $Bottom_Margin + $line_height){
include('includes/PDFStockTransferHeader.inc');
}
- /*resmart mods*/
+
$SQL = "SELECT stockmaster.controlled
FROM stockmaster WHERE stockid ='" . $StockID . "'";
$CheckControlledResult = DB_query($SQL,$db,'<br />' . _('Could not determine if the item was controlled or not because') . ' ');
@@ -131,7 +146,7 @@
include('includes/PDFStockTransferHeader.inc');
} //controlled item*/
}
- /*resmart ends*/
+
}
$LeftOvers = $pdf->addTextWrap($Left_Margin,$YPos-70,300-$Left_Margin,$FontSize, _('Date of transfer: ').$Date);
Modified: trunk/PDFWOPrint.php
===================================================================
--- trunk/PDFWOPrint.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/PDFWOPrint.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -1,7 +1,7 @@
<?php
/* $Id: PDFWOPrint.php 6146 $*/
-/* Currently this file only support one finished items produced work orders. Multiple items not supported yet */
+
include('includes/session.inc');
include('includes/SQL_CommonFunctions.inc');
if (isset($_GET['WO'])) {
@@ -22,13 +22,70 @@
if (isset($_GET['PrintLabels'])) {
$PrintLabels = $_GET['PrintLabels'];
} elseif (isset($_POST['PrintLabels'])){
+ $PrintLabels = $_POST['LabelItem'];
+} else {
+ unset($LabelItem);
+}
+
+if (isset($_GET['LabelItem'])) {
+ $LabelItem = $_GET['LabelItem'];
+} elseif (isset($_POST['LabelItem'])){
+ $LabelItem = $_POST['LabelItem'];
+} else {
+ unset($LabelItem);
+}
+if (isset($_GET['LabelDesc'])) {
+ $LabelDesc = $_GET['LabelDesc'];
+} elseif (isset($_POST['LabelDesc'])){
+ $LabelDesc = $_POST['LabelDesc'];
+} else {
+ unset($LabelDesc);
+}
+if (isset($_GET['LabelLot'])) {
+ $LabelLot = $_GET['LabelLot'];
+} elseif (isset($_POST['LabelLot'])){
+ $LabelLot = $_POST['LabelLot'];
+} else {
+ unset($LabelLot);
+}
+if (isset($_GET['NoOfBoxes'])) {
+ $NoOfBoxes = $_GET['NoOfBoxes'];
+} elseif (isset($_POST['NoOfBoxes'])){
+ $NoOfBoxes = $_POST['NoOfBoxes'];
+} else {
+ unset($NoOfBoxes);
+}
+if (isset($_GET['LabelsPerBox'])) {
+ $LabelsPerBox = $_GET['LabelsPerBox'];
+} elseif (isset($_POST['LabelsPerBox'])){
+ $LabelsPerBox = $_POST['LabelsPerBox'];
+} else {
+ unset($LabelsPerBox);
+}
+if (isset($_GET['QtyPerBox'])) {
+ $QtyPerBox = $_GET['QtyPerBox'];
+} elseif (isset($_POST['QtyPerBox'])){
+ $QtyPerBox = $_POST['QtyPerBox'];
+} else {
+ unset($QtyPerBox);
+}
+if (isset($_GET['LeftOverQty'])) {
+ $LeftOverQty = $_GET['LeftOverQty'];
+} elseif (isset($_POST['LeftOverQty'])){
+ $LeftOverQty = $_POST['LeftOverQty'];
+} else {
+ unset($LeftOverQty);
+}
+if (isset($_GET['PrintLabels'])) {
+ $PrintLabels = $_GET['PrintLabels'];
+} elseif (isset($_POST['PrintLabels'])){
$PrintLabels = $_POST['PrintLabels'];
} else {
$PrintLabels="Yes";
}
-
-if (!isset($SelectedWO)) {
+
+if (!isset($_GET['WO']) AND !isset($_POST['WO'])) {
$Title = _('Select a Work Order');
include('includes/header.inc');
echo '<div class="centre"><br /><br /><br />';
@@ -52,7 +109,12 @@
echo '<br /><a href="' . $RootPath . '/index.php">' . _('Back to the menu') . '</a></div>';
exit;
}
-
+if (isset($_GET['WO'])) {
+ $SelectedWO = $_GET['WO'];
+}
+elseif (isset($_POST['WO'])) {
+ $SelectedWO = $_POST['WO'];
+}
$Title = _('Print Work Order Number') . ' ' . $SelectedWO;
if (isset($_POST['PrintOrEmail']) AND isset($_POST['EmailTo'])) {
if ($_POST['PrintOrEmail'] == 'Email' AND !IsEmailAddress($_POST['EmailTo'])) {
@@ -105,6 +167,7 @@
ON workorders.loccode=locations.loccode
INNER JOIN woitems
ON workorders.wo=woitems.wo
+ INNER JOIN locationusers ON locationusers.loccode=locations.loccode AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
INNER JOIN stockmaster
ON woitems.stockid=stockmaster.stockid
WHERE woitems.stockid='" . $StockID . "'
@@ -179,8 +242,6 @@
$WOHeader['deladd6'] = str_pad('', 15, 'x');
$WOHeader['stockid'] = str_pad('', 15, 'x');
$WOHeader['description'] = str_pad('', 50, 'x');
- $WOHeader['wo'] = '99999999';
- $WOHeader['loccode'] = str_pad('',5,'x');
} // end of If we are previewing the order
@@ -266,7 +327,7 @@
}
}
- if ($SelectedWO == 'Preview' or $i > 0) {
+ if ($SelectedWO == 'Preview' or $i > -1) {
/*Yes there are line items to start the ball rolling with a page header */
include('includes/PDFWOPageHeader.inc');
$YPos = $Page_Height - $FormDesign->Data->y;
@@ -280,7 +341,7 @@
$WOLine[$i]['issued'] = 9999999.99;
$WOLine[$i]['decimalplaces'] = 2;
}
- if ($WOLine[$i]['decimalplaces'] != NULL) {
+ if ($WOLine['decimalplaces'] != NULL) {
$DecimalPlaces = $WOLine[$i]['decimalplaces'];
}
else {
@@ -341,7 +402,7 @@
serialno,
stockserialitems.quantity as qty
FROM locstock LEFT OUTER JOIN stockserialitems
- ON locstock.loccode=stockserialitems.loccode AND locstock.stockid = stockserialitems.stockid
+ ON locstock.loccode=stockserialitems.loccode AND locstock.stockid = stockserialitems.stockid
WHERE locstock.loccode='".$WOHeader['loccode']."'
AND locstock.stockid='".$WOLine[$i]['item']."'",$db);
while ($ToIssue = DB_fetch_array($AvailQty)){
@@ -384,7 +445,6 @@
include('includes/PDFWOPageHeader.inc');
} //end if need a new page headed up
} /*end if there are order details to show on the order - or its a preview*/
- $FooterPrintedInPage = 0;
if($FooterPrintedInPage == 0){
$LeftOvers = $pdf->addText($FormDesign->SignedDate->x,$Page_Height-$FormDesign->SignedDate->y,$FormDesign->SignedDate->FontSize, _('Date : ') . '______________');
$LeftOvers = $pdf->addText($FormDesign->SignedBy->x,$Page_Height-$FormDesign->SignedBy->y,$FormDesign->SignedBy->FontSize, _('Signed for: ').'____________________________________');
@@ -509,7 +569,7 @@
echo '<form action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '" method="post">';
echo '<div>';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
- if (isset($ViewingOnly) and $ViewingOnly == 1) {
+ if ($ViewingOnly == 1) {
echo '<input type="hidden" name="ViewingOnly" value="1" />';
} //$ViewingOnly == 1
echo '<br /><br />';
@@ -523,7 +583,7 @@
if (!isset($_POST['PrintOrEmail'])) {
$_POST['PrintOrEmail'] = 'Print';
}
- if (isset($ViewingOnly) and $ViewingOnly != 0) {
+ if ($ViewingOnly != 0) {
echo '<option selected="selected" value="Print">' . _('Print') . '</option>';
}
else {
@@ -584,12 +644,9 @@
echo '<form action="PDFFGLabel.php" method="post">';
echo '<div>';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
- if (isset($ViewOnly) and $ViewingOnly == 1) {
+ if ($ViewingOnly == 1) {
echo '<input type="hidden" name="ViewingOnly" value="1" />';
} //$ViewingOnly == 1
- if(!isset($EmailTo)){
- $EmailTo='';
- }
echo '<br /><br />';
echo '<input type="hidden" name="WO" value="' . $SelectedWO . '" />';
echo '<input type="hidden" name="StockID" value="' . $StockID . '" />';
@@ -609,7 +666,7 @@
if (!isset($_POST['PrintOrEmail'])) {
$_POST['PrintOrEmail'] = 'Print';
}
- if (isset($ViewingOnly) and $ViewingOnly != 0) {
+ if ($ViewingOnly != 0) {
echo '<option selected="selected" value="Print">' . _('Print') . '</option>';
}
else {
@@ -653,4 +710,4 @@
}
include('includes/footer.inc');
}
-?>
\ No newline at end of file
+?>
Modified: trunk/PO_PDFPurchOrder.php
===================================================================
--- trunk/PO_PDFPurchOrder.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/PO_PDFPurchOrder.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -108,6 +108,7 @@
ON suppliers.currcode=currencies.currabrev
INNER JOIN www_users
ON purchorders.initiator=www_users.userid
+ INNER JOIN locationusers ON locationusers.loccode=purchorders.intostocklocation AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE purchorders.orderno='" . $OrderNo . "'";
$result = DB_query($sql, $db, $ErrMsg);
if (DB_num_rows($result) == 0) {
Modified: trunk/PO_SelectOSPurchOrder.php
===================================================================
--- trunk/PO_SelectOSPurchOrder.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/PO_SelectOSPurchOrder.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -158,7 +158,8 @@
$DateTo = FormatDateForSQL($_POST['DateTo']);
}
- $sql = "SELECT loccode, locationname FROM locations";
+ $sql = "SELECT locations.loccode, locationname FROM locations
+ INNER JOIN locationusers ON locationusers.loccode=locations.loccode AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1";
$resultStkLocs = DB_query($sql, $db);
while ($myrow = DB_fetch_array($resultStkLocs)) {
if (isset($_POST['StockLocation'])) {
@@ -258,7 +259,7 @@
<th class="ascending">' . _('Orders') . '<br />' . _('Outstanding') . '</th>
<th class="ascending">' . _('Units') . '</th>
</tr>';
-
+
$k = 0; //row colour counter
while ($myrow = DB_fetch_array($StockItemsResult)) {
@@ -357,6 +358,7 @@
ON purchorders.supplierno = suppliers.supplierid
INNER JOIN currencies
ON suppliers.currcode=currencies.currabrev
+ INNER JOIN locationusers ON locationusers.loccode=purchorders.intostocklocation AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE purchorderdetails.completed=0
AND orddate>='" . $DateFrom . "'
AND orddate<='" . $DateTo . "'
@@ -393,6 +395,7 @@
ON purchorders.supplierno = suppliers.supplierid
INNER JOIN currencies
ON suppliers.currcode=currencies.currabrev
+ INNER JOIN locationusers ON locationusers.loccode=purchorders.intostocklocation AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE purchorderdetails.completed=0
AND orddate>='" . $DateFrom . "'
AND orddate<='" . $DateTo . "'
@@ -434,6 +437,7 @@
ON purchorders.supplierno = suppliers.supplierid
INNER JOIN currencies
ON suppliers.currcode=currencies.currabrev
+ INNER JOIN locationusers ON locationusers.loccode=purchorders.intostocklocation AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE purchorderdetails.completed=0
AND orddate>='" . $DateFrom . "'
AND orddate<='" . $DateTo . "'
@@ -469,6 +473,7 @@
ON purchorders.supplierno = suppliers.supplierid
INNER JOIN currencies
ON suppliers.currcode=currencies.currabrev
+ INNER JOIN locationusers ON locationusers.loccode=purchorders.intostocklocation AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE purchorderdetails.completed=0
AND orddate>='" . $DateFrom . "'
AND orddate<='" . $DateTo . "'
Modified: trunk/PrintCustOrder_generic.php
===================================================================
--- trunk/PrintCustOrder_generic.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/PrintCustOrder_generic.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -67,6 +67,7 @@
ON salesorders.shipvia=shippers.shipper_id
INNER JOIN locations
ON salesorders.fromstkloc=locations.loccode
+ INNER JOIN locationusers ON locationusers.loccode=locations.loccode AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE salesorders.orderno='" . $_GET['TransNo'] . "'";
if ($_SESSION['SalesmanLogin'] != '') {
@@ -262,4 +263,4 @@
$result = DB_query($sql,$db);
}
-?>
+?>
\ No newline at end of file
Modified: trunk/ReprintGRN.php
===================================================================
--- trunk/ReprintGRN.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/ReprintGRN.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -61,9 +61,11 @@
ON grns.supplierid=suppliers.supplierid
INNER JOIN purchorderdetails
ON grns.podetailitem=purchorderdetails.podetailitem
+ INNER JOIN purchorders on purchorders.orderno=purchorderdetails.orderno
+ INNER JOIN locationusers ON locationusers.loccode=purchorders.intostocklocation AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
LEFT JOIN stockmaster
ON grns.itemcode=stockmaster.stockid
- WHERE orderno='" . $_POST['PONumber'] ."'";
+ WHERE purchorderdetails.orderno='" . $_POST['PONumber'] ."'";
$result=DB_query($sql, $db);
if (DB_num_rows($result)==0) {
echo '<br />';
@@ -86,7 +88,7 @@
<th>' . _('Delivery Date') . '</th>
<th>' . _('Quantity Received') . '</th>
<th>' . _('Action') . '</th>
- </tr>';
+ </tr>';
while ($myrow=DB_fetch_array($result)) {
if ($k==1){
@@ -104,8 +106,8 @@
<td>' . $myrow['deliverydate'] . '</td>
<td class="number">' . locale_number_format($myrow['qtyrecd'], $myrow['decimalplaces']) . '</td>
<td><a href="PDFGrn.php?GRNNo=' . $myrow['grnbatch'] .'&PONo=' . $_POST['PONumber'] . '">' . _('Reprint GRN ') . '</a>
- <a href="PDFQALabel.php?GRNNo=' . $myrow['grnbatch'] .'&PONo=' . $_POST['PONumber'] . '">' . _('Reprint QA Label') . '</a></td>
- </tr>';
+ <a href="PDFQALabel.php?GRNNo=' . $myrow['grnbatch'] .'&PONo=' . $_POST['PONumber'] . '">' . _('Reprint Labels') . '</a></td>
+ </tr>';
}
echo '</table>';
}
Modified: trunk/ReverseGRN.php
===================================================================
--- trunk/ReverseGRN.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/ReverseGRN.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -50,6 +50,7 @@
ON grns.podetailitem=purchorderdetails.podetailitem
INNER JOIN purchorders
ON purchorderdetails.orderno = purchorders.orderno
+ INNER JOIN locationusers ON locationusers.loccode=purchorders.intostocklocation AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canupd=1
WHERE grnno='" . $_GET['GRNNo'] . "'";
$ErrMsg = _('CRITICAL ERROR') . '! ' . _('NOTE DOWN THIS ERROR AND SEEK ASSISTANCE') . ': ' . _('Could not get the details of the GRN selected for reversal because') . ' ';
@@ -364,16 +365,19 @@
$sql = "SELECT grnno,
grnbatch,
- itemcode,
- itemdescription,
- deliverydate,
+ grns.itemcode,
+ grns.itemdescription,
+ grns.deliverydate,
qtyrecd,
quantityinv,
qtyrecd-quantityinv AS qtytoreverse
FROM grns
+ INNER JOIN purchorderdetails ON purchorderdetails.podetailitem=grns.podetailitem
+ INNER JOIN purchorders on purchorders.orderno = purchorderdetails.orderno
+ INNER JOIN locationusers ON locationusers.loccode=purchorders.intostocklocation AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canupd=1
WHERE grns.supplierid = '" . $_POST['SupplierID'] . "'
AND (grns.qtyrecd-grns.quantityinv) >0
- AND deliverydate>='" . FormatDateForSQL($_POST['RecdAfterDate']) ."'";
+ AND grns.deliverydate>='" . FormatDateForSQL($_POST['RecdAfterDate']) ."'";
$ErrMsg = _('An error occurred in the attempt to get the outstanding GRNs for') . ' ' . $_POST['SuppName'] . '. ' . _('The message was') . ':';
$DbgMsg = _('The SQL that failed was') . ':';
Modified: trunk/SelectProduct.php
===================================================================
--- trunk/SelectProduct.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/SelectProduct.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -265,6 +265,7 @@
$QOOSQL="SELECT SUM(purchorderdetails.quantityord -purchorderdetails.quantityrecd) AS QtyOnOrder
FROM purchorders INNER JOIN purchorderdetails
ON purchorders.orderno=purchorderdetails.orderno
+ INNER JOIN locationusers ON locationusers.loccode=purchorders.intostocklocation AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE purchorderdetails.itemcode='" . $StockID . "'
AND purchorderdetails.completed =0
AND purchorders.status<>'Cancelled'
@@ -281,6 +282,7 @@
$sql = "SELECT SUM(woitems.qtyreqd-woitems.qtyrecd) AS qtywo
FROM woitems INNER JOIN workorders
ON woitems.wo=workorders.wo
+ INNER JOIN locationusers ON locationusers.loccode=workorders.loccode AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE workorders.closed=0
AND woitems.stockid='" . $StockID . "'";
$ErrMsg = _('The quantity on work orders for this product cannot be retrieved because');
@@ -296,6 +298,7 @@
$DemResult = DB_query("SELECT SUM(salesorderdetails.quantity-salesorderdetails.qtyinvoiced) AS dem
FROM salesorderdetails INNER JOIN salesorders
ON salesorders.orderno = salesorderdetails.orderno
+ INNER JOIN locationusers ON locationusers.loccode=salesorders.fromstkloc AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE salesorderdetails.completed=0
AND salesorders.quotation=0
AND salesorderdetails.stkcode='" . $StockID . "'", $db);
@@ -306,6 +309,7 @@
ON salesorders.orderno = salesorderdetails.orderno
INNER JOIN bom ON salesorderdetails.stkcode=bom.parent
INNER JOIN stockmaster ON stockmaster.stockid=bom.parent
+ INNER JOIN locationusers ON locationusers.loccode=salesorders.fromstkloc AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE salesorderdetails.quantity-salesorderdetails.qtyinvoiced > 0
AND bom.component='" . $StockID . "'
AND stockmaster.mbflag='A'
@@ -319,6 +323,7 @@
INNER JOIN workorders
ON woitems.wo=workorders.wo
AND woitems.wo=worequirements.wo
+ INNER JOIN locationusers ON locationusers.loccode=workorders.loccode AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canview=1
WHERE worequirements.stockid='" . $StockID . "'
AND workorders.closed=0";
$ErrMsg = _('The workorder component demand for this product cannot be retrieved because');
Modified: trunk/SelectSalesOrder.php
===================================================================
--- trunk/SelectSalesOrder.php 2014-08-08 13:44:43 UTC (rev 6804)
+++ trunk/SelectSalesOrder.php 2014-08-08 16:12:36 UTC (rev 6805)
@@ -170,6 +170,7 @@
tel,
contact
FROM locations
+ INNER JOIN locationusers ON locationusers.loccode=locations.loccode AND locationusers.userid='" . $_SESSION['UserID'] . "' AND locationusers.canupd=1
WHERE loccode = '" .$_SESSION['UserStockLocation'] . "'";
$ErrMsg = _('The delivery address for the order could not be obtained from the user default stock location');
$DelAddResult = DB_query($sql, $db,$ErrMsg);
@@ -220,7 +221,7 @@
prnMsg( _('You do not have permission to authorise this purchase order').'.<br />' . _('This order is for').' '.
$SuppRow['currcode'] . ' '. $Order_Value .'. '.
- $AuthMessage . _('If you think this is a mistake please contact the systems administrator') . '<br />' .
+ $AuthMessage . _('If you think this is a mistake please contact the systems administrator') . '<br />' .
_('The order has been created with a status of pending and will require authorisation'), 'warn');
}
} //end of authorisation status settings
@@ -231,7 +232,7 @@
DB_Txn_Commit($db);
}
- /*Starting a new purchase order with a different supplier */
+ /*Starting a new purchase order with a different supplier */
$result = DB_Txn_Begin($db);
$PO_OrderNo = GetNextTransNo(18, $db); //get the next PO number
@@ -240,16 +241,16 @@
$Order_Value = 0;
/*Now get all the required details for the supplier */
$sql = "SELECT address1,
- address2,
- address3,
- address4,
- address5,
- address6,
- telephone,
- paymentterms,
- currcode,
- rate
- FROM suppliers INNER JOIN currencies
+ address2,
+ address3,
+ address4,
+ address5,
+ address6,
+ telephone,
+ paymentterms,
+ currcode,
+ rate
+ FROM suppliers INNER JOIN currencies
ON suppliers.currcode = currencies.currabrev
WHERE supplierid='" . $SupplierID . "'";
@@ -260,61 +261,61 @@
$StatusComment=date($_SESSION['DefaultDateFormat']).' - ' . _('Order Created by') . ' ' . $UserDetails . ' - '._('Auto created from sales orders') . '<br />';
/*Insert to purchase order header record */
$sql = "INSERT INTO purchorders ( orderno,
- supplierno,
- orddate,
- rate,
- initiator,
- intostocklocation,
- deladd1,
- deladd2,
- deladd3,
- deladd4,
- deladd5,
- deladd6,
- tel,
- suppdeladdress1,
- suppdeladdress2,
- suppdeladdress3,
- suppdeladdress4,
- suppdeladdress5,
- suppdeladdress6,
- supptel,
- version,
- revised,
- deliveryby,
- status,
- stat_comment,
- deliverydate,
- paymentterms,
- allowprint)
- VALUES( '" . $PO_OrderNo . "',
- '" . $SupplierID . "',
- '" . Date('Y-m-d') . "',
- '" . $SuppRow['rate'] . "',
- '" . $_SESSION['UserID'] . "',
- '" . $_SESSION['UserStockLocation'] . "',
- '" . $DelAddRow['locationname'] . "',
- '" . $DelAddRow['deladd1'] . "',
- '" . $DelAddRow['deladd2'] . "',
- '" . $DelAddRow['deladd3'] . "',
- '" . $DelAddRow['deladd4'] . "',
- '" . $DelAddRow['deladd5'] . ' ' . $DelAddRow['deladd6'] . "',
- '" . $DelAddRow['tel'] . "',
- '" . $SuppRow['address1'] . "',
- '" . $SuppRow['address2'] . "',
- '" . $SuppRow['address3'] . "',
- '" . $SuppRow['address4'] . "',
- '" . $SuppRow['address5'] . "',
- '" . $SuppRow['address6'] . "',
- '" . $SuppRow['telephone'] . "',
- '1.0',
- '" . Date('Y-m-d') . "',
- '" . $_SESSION['Default_Shipper'] . "',
- 'Pending',
- '" . $StatusComment . "',
- '" . Date('Y-m-d') . "',
- '" . $SuppRow['paymentterms'] . "',
- 0)";
+ supplierno,
+ orddate,
+ rate,
+ initiator,
+ intostocklocation,
+ deladd1,
+ deladd2,
+ deladd3,
+ deladd4,
+ deladd5,
+ deladd6,
+ tel,
+ suppdeladdress1,
+ suppdeladdress2,
+ suppdeladdress3,
+ suppdeladdress4,
+ suppdeladdress5,
+ suppdeladdress6,
+ supptel,
+ version,
+ revised,
+ deliveryby,
+ status,
+ stat_comment,
+ deliverydate,
+ paymentterms,
+ allowprint)
+ VALUES( '" . $PO_OrderNo . "',
+ '" . $SupplierID . "',
+ '" . Date('Y-m-d') . "',
+ '" . $SuppRow['rate'] . "',
+ '" . $_SESSION['UserID'] . "',
+ '" . $_SESSION['UserStockLocation'] . "',
+ '" . $DelAddRow['locationname'] . "',
+ '" . $DelAddRow['deladd1'] . "',
+ '" . $DelAddRow['deladd2'] . "',
+ '" . $DelAddRow['deladd3'] . "',
+ '" . $DelAddRow['deladd4'] . "',
+ '" . $DelAddRow['deladd5'] . ' ' . $DelAddRow['deladd6'] . "',
+ '" . $DelAddRow['tel'] . "',
+ '" . $SuppRow['address1'] . "',
+ '" . $SuppRow['address2'] . "',
+ '" . $SuppRow['address3'] . "',
+ '" . $SuppRow['address4'] . "',
+ '" . $SuppRow['address5'] . "',
+ '" . $SuppRow['address6'] . "',
+ '" . $SuppRow['telephone'] . "',
+ '1.0',
+ '" . Date('Y-m-d') . "',
+ '" . $_SESSION['Default_Shipper'] . "',
+ 'Pending',
+ '" . $StatusComment . "',
+ '" . Date('Y-m-d') . "',
+ '" . $SuppRow['paymentterms'] . "',
+ 0)";
$ErrMsg = _('The purchase order header record could not be inserted into the database because');
$DbgMsg = _('The SQL statement used to insert the purchase order header record and failed was');
@@ -324,25 +325,25 @@
/*reminder we are in a loop of the total of each item to place a purchase order for based on a selection of sales orders */
$DeliveryDate = DateAdd(Date($_SESSION['DefaultDateFormat']),'d',$ItemRow['leadtime']);
$sql = "INSERT INTO purchorderdetails ( orderno,
- itemcode,
- deliverydate,
- itemdescription,
- glcode,
- unitprice,
- quantityord,
- suppliersunit,
- suppliers_partno,
- conversionfactor )
- VALUES ('" . $PO_OrderNo . "',
- '" . $ItemRow['stockid'] . "',
- '" . FormatDateForSQL($DeliveryDate) . "',
- '" . $ItemRow['suppliers_partno'] . ' ' . $ItemRow['supplierdescription'] . "',
- '" . $ItemRow['stockact'] . "',
- '" . $ItemRow['price'] . "',
- '" . $ItemRow['orderqty'] . "',
- '" . $ItemRow['suppliersuom'] . "',
- '" . $ItemRow['suppliers_partno'] . "',
- '" . $ItemRow['conversionfactor'] . "')";
+ itemcode,
+ deliverydate,
+ itemdescription,
+ glcode,
+ unitprice,
+ quantityord,
+ suppliersunit,
+ suppliers_partno,
+ conversionfactor )
+ VALUES ('" . $PO_OrderNo . "',
+ '" . $ItemRow['stockid'] . "',
+ '" . FormatDateForSQL($DeliveryDate) . "',
+ '" . $ItemRow['suppliers_partno'] . ' ' . $ItemRow['supplierdescription'] . "',
+ '" . $ItemRow['stockact'] . "',
+ '" . $ItemRow['price'] . "',
+ '" . $ItemRow['orderqty'] . "',
+ '" . $ItemRow['suppliersuom'] . "',
+ '" . $ItemRow['suppliers_partno'] . "',
+ '" . $ItemRow['conversionfactor'] . "')";
$ErrMsg =_('One of the purchase order detail records could not be inserted into the database because');
$DbgMsg =_('The SQL statement used to insert the purchase order detail record and failed was');
@@ -363,7 +364,7 @@
$AuthResult=DB_query($AuthSQL,$db);
$AuthRow=DB_fetch_array($AuthResult);
if ($AuthRow['authlevel']=''){
- $AuthRow['authlevel'] = 0;
+ $AuthRow['authlevel'] = 0;
}
if (DB_num_rows($AuthResult) > 0 AND $AuthRow['authlevel'] > $Order_Value) { //user has authority to authrorise as well as create the order
@@ -373,7 +374,7 @@
$result = DB_query("UPDATE purchorders SET allowprint=1,
status='Authorised',
stat_comment='" . $StatusComment . "'
- WHERE orderno='" . $PO_OrderNo . "'",
+ WHERE orderno='" . $PO_OrderNo . "'",
$db,$ErrMsg,$DbgMsg,true);
} else { // no authority to authorise this order
if (DB_num_rows($AuthResult) ==...
[truncated message content] |
