[Web-erp-svn] SF.net SVN: web-erp:[7288] trunk/PO_SelectOSPurchOrder.php

[<ex...@us...>]

Revision: 7288
          http://sourceforge.net/p/web-erp/reponame/7288
Author:   exsonqu
Date:     2015-05-04 06:54:44 +0000 (Mon, 04 May 2015)
Log Message:
-----------
04/05/15 Exson: Make PO number searching also in compliance with location authority rules and make default search result as all if users have full location authority.

Modified Paths:
--------------
    trunk/PO_SelectOSPurchOrder.php

Modified: trunk/PO_SelectOSPurchOrder.php
===================================================================
--- trunk/PO_SelectOSPurchOrder.php	2015-05-04 03:26:00 UTC (rev 7287)
+++ trunk/PO_SelectOSPurchOrder.php	2015-05-04 06:54:44 UTC (rev 7288)
@@ -176,6 +176,9 @@
 	$UserLocations = DB_num_rows($resultStkLocs);
 	$AllListed = false;
 	while ($myrow = DB_fetch_array($resultStkLocs)) {
+		if(!isset($LocQty)){
+			$LocQty = $myrow['total'];
+		}
 		if (isset($_POST['StockLocation'])) {//The user has selected location
 			if ($_POST['StockLocation'] == 'ALLLOC'){//user have selected all locations
 				if($AllListed === false) {//it's the first loop
@@ -364,6 +367,9 @@
 						SUM(purchorderdetails.unitprice*purchorderdetails.quantityord) AS ordervalue
 				FROM purchorders INNER JOIN purchorderdetails
 				ON purchorders.orderno=purchorderdetails.orderno
+				INNER JOIN locationusers 
+				ON purchorders.intostocklocation=locationusers.loccode
+				AND userid='" . $_SESSION['UserID'] . "' AND canview = 1
 				INNER JOIN suppliers
 				ON purchorders.supplierno = suppliers.supplierid
 				INNER JOIN currencies
@@ -382,8 +388,12 @@
 		//$OrderNumber is not set
 		if (isset($SelectedSupplier)) {
 			if (!isset($_POST['StockLocation'])) {
-				$_POST['StockLocation'] = $_SESSION['UserStockLocation'];
-				$WhereStockLocation = " AND purchorders.intostocklocation ='" . $_POST['StockLocation'] . "' ";
+				if (isset($UserLocations) AND isset($LocQty) AND $UserLocations == $LocQty) {
+					$WhereStockLocation = " AND purchorders.intostocklocation ='" . $_POST['StockLocation'] . "' ";
+				} else {
+					$_POST['StockLocation'] = $_SESSION['UserStockLocation'];
+					$WhereStockLocation = " AND purchorders.intostocklocation ='" . $_POST['StockLocation'] . "' ";
+				}
 			} else {
 				if ($_POST['StockLocation'] == 'ALLLOC'){
 					$WhereStockLocation = ' ';
@@ -469,8 +479,13 @@
 		} //isset($SelectedSupplier)
 		else { //no supplier selected
 			if (!isset($_POST['StockLocation'])) {
-				$_POST['StockLocation'] = $_SESSION['UserStockLocation'];
-				$WhereStockLocation = " AND purchorders.intostocklocation = '" . $_POST['StockLocation'] . "'";
+				if (isset($UserLocations) AND isset($LocQty) AND $UserLocations == $LocQty) {
+					$WhereStockLocation = " ";
+					$_POST['StockLocation'] = 'ALLLOC';
+				} else {
+					$_POST['StockLocation'] = $_SESSION['UserStockLocation'];
+					$WhereStockLocation = " AND purchorders.intostocklocation ='" . $_POST['StockLocation'] . "' ";
+				}
 			} else {
 				if ($_POST['StockLocation'] == 'ALLLOC'){
 					$WhereStockLocation = ' ';