[Web-erp-svn] SF.net SVN: web-erp:[7385] trunk

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 7385
          http://sourceforge.net/p/web-erp/reponame/7385
Author:   tehonu
Date:     2015-11-11 08:03:20 +0000 (Wed, 11 Nov 2015)
Log Message:
-----------
New feature GL accounts - users authority

Modified Paths:
--------------
    trunk/AnalysisHorizontalIncome.php
    trunk/AnalysisHorizontalPosition.php
    trunk/CustomerReceipt.php
    trunk/GLAccountCSV.php
    trunk/GLAccountInquiry.php
    trunk/GLAccountReport.php
    trunk/GLBalanceSheet.php
    trunk/GLJournal.php
    trunk/GLJournalInquiry.php
    trunk/GLProfit_Loss.php
    trunk/GLTagProfit_Loss.php
    trunk/GLTransInquiry.php
    trunk/GLTrialBalance.php
    trunk/PDFChequeListing.php
    trunk/Payments.php
    trunk/SelectGLAccount.php
    trunk/WWW_Users.php
    trunk/includes/MainMenuLinksArray.php
    trunk/sql/mysql/upgrade4.12.3-4.13.sql

Added Paths:
-----------
    trunk/GLAccountUsers.php
    trunk/UserGLAccounts.php

Modified: trunk/AnalysisHorizontalIncome.php
===================================================================

--- trunk/AnalysisHorizontalIncome.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/AnalysisHorizontalIncome.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -183,9 +183,10 @@
 					SUM(CASE WHEN chartdetails.period='" . $_POST['ToPeriod'] . "' THEN chartdetails.bfwd + chartdetails.actual ELSE 0 END) AS lastprdcfwd,
 					SUM(CASE WHEN chartdetails.period='" . ($_POST['FromPeriod'] - 12) . "' THEN chartdetails.bfwd ELSE 0 END) AS firstprdbfwdly,
 					SUM(CASE WHEN chartdetails.period='" . ($_POST['ToPeriod']-12) . "' THEN chartdetails.bfwd + chartdetails.actual ELSE 0 END) AS lastprdcfwdly
-			FROM chartmaster INNER JOIN accountgroups
-			ON chartmaster.group_ = accountgroups.groupname INNER JOIN chartdetails
-			ON chartmaster.accountcode= chartdetails.accountcode
+			FROM chartmaster 
+				INNER JOIN accountgroups ON chartmaster.group_ = accountgroups.groupname 
+				INNER JOIN chartdetails	ON chartmaster.accountcode= chartdetails.accountcode
+				INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" .  $_SESSION['UserID'] . "' AND glaccountusers.canview=1
 			WHERE accountgroups.pandl=1
 			GROUP BY accountgroups.sectioninaccounts,
 					accountgroups.parentgroupname,

Modified: trunk/AnalysisHorizontalPosition.php
===================================================================
--- trunk/AnalysisHorizontalPosition.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/AnalysisHorizontalPosition.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -156,9 +156,10 @@
 			chartmaster.accountname,
 			Sum(CASE WHEN chartdetails.period='" . $_POST['BalancePeriodEnd'] . "' THEN chartdetails.bfwd + chartdetails.actual ELSE 0 END) AS balancecfwd,
 			Sum(CASE WHEN chartdetails.period='" . ($_POST['BalancePeriodEnd'] - 12) . "' THEN chartdetails.bfwd + chartdetails.actual ELSE 0 END) AS balancecfwdly
-		FROM chartmaster INNER JOIN accountgroups
-		ON chartmaster.group_ = accountgroups.groupname INNER JOIN chartdetails
-		ON chartmaster.accountcode= chartdetails.accountcode
+		FROM chartmaster 
+			INNER JOIN accountgroups ON chartmaster.group_ = accountgroups.groupname 
+			INNER JOIN chartdetails	ON chartmaster.accountcode= chartdetails.accountcode
+			INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" .  $_SESSION['UserID'] . "' AND glaccountusers.canview=1
 		WHERE accountgroups.pandl=0
 		GROUP BY accountgroups.groupname,
 			chartdetails.accountcode,

Modified: trunk/CustomerReceipt.php
===================================================================
--- trunk/CustomerReceipt.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/CustomerReceipt.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -1100,7 +1100,11 @@
 			<td>' . _('GL Account') . ':</td>
 			<td><select tabindex="8" name="GLCode">';
 
-	$SQL = "SELECT accountcode, accountname FROM chartmaster ORDER BY accountcode";
+	$SQL = "SELECT chartmaster.accountcode, 
+					chartmaster.accountname 
+			FROM chartmaster 
+				INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" .  $_SESSION['UserID'] . "' AND glaccountusers.canupd=1
+			ORDER BY chartmaster.accountcode";
 	$result=DB_query($SQL);
 	if (DB_num_rows($result)==0){
 		echo '</select>' . _('No General ledger accounts have been set up yet') . ' - ' . _('receipts cannot be entered against GL accounts until the GL accounts are set up') . '</td>

Modified: trunk/GLAccountCSV.php
===================================================================
--- trunk/GLAccountCSV.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/GLAccountCSV.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -34,7 +34,11 @@
 	        <tr>
 	         <td>' . _('Selected Accounts') . ':</td>
 	         <td><select name="Account[]" size="12" multiple="multiple">';
-$sql = "SELECT accountcode, accountname FROM chartmaster ORDER BY accountcode";
+$sql = "SELECT chartmaster.accountcode, 
+			   chartmaster.accountname
+		FROM chartmaster 
+		INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" .  $_SESSION['UserID'] . "' AND glaccountusers.canview=1
+		ORDER BY chartmaster.accountcode";
 $AccountsResult = DB_query($sql);
 $i=0;
 while ($myrow=DB_fetch_array($AccountsResult,$db)){

Modified: trunk/GLAccountInquiry.php
===================================================================
--- trunk/GLAccountInquiry.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/GLAccountInquiry.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -49,7 +49,11 @@
 			<td>' . _('Account').':</td>
 			<td><select name="Account">';
 
-$sql = "SELECT accountcode, accountname FROM chartmaster ORDER BY accountcode";
+$sql = "SELECT chartmaster.accountcode, 
+			   chartmaster.accountname
+		FROM chartmaster 
+		INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" .  $_SESSION['UserID'] . "' AND glaccountusers.canview=1
+		ORDER BY chartmaster.accountcode";
 $Account = DB_query($sql);
 while ($myrow=DB_fetch_array($Account,$db)){
 	if($myrow['accountcode'] == $SelectedAccount){

Modified: trunk/GLAccountReport.php
===================================================================
--- trunk/GLAccountReport.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/GLAccountReport.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -235,7 +235,11 @@
 		        <tr>
 		         <td>' . _('Selected Accounts') . ':</td>
 		         <td><select name="Account[]" multiple="multiple">';
-	$sql = "SELECT accountcode, accountname FROM chartmaster ORDER BY accountcode";
+	$sql = "SELECT chartmaster.accountcode, 
+				   chartmaster.accountname
+			FROM chartmaster 
+			INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" .  $_SESSION['UserID'] . "' AND glaccountusers.canview=1
+			ORDER BY chartmaster.accountcode";
 	$AccountsResult = DB_query($sql);
 	$i=0;
 	while ($myrow=DB_fetch_array($AccountsResult)){

Added: trunk/GLAccountUsers.php
===================================================================
--- trunk/GLAccountUsers.php	                        (rev 0)
+++ trunk/GLAccountUsers.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -0,0 +1,261 @@
+<?php
+/* $Id: glaccountusers.php 6806 2013-09-28 05:10:46Z daintree $*/
+
+include('includes/session.inc');
+$Title = _('GL Account Authorised Users Maintenance');
+include('includes/header.inc');
+
+echo '<p class="page_title_text"><img src="' . $RootPath . '/css/' . $Theme . '/images/money_add.png" title="' . _('GL Account Authorised Users') . '" alt="" />' . ' ' . $Title . '</p>';
+
+if (isset($_POST['SelectedUser'])) {
+	$SelectedUser = mb_strtoupper($_POST['SelectedUser']);
+} elseif (isset($_GET['SelectedUser'])) {
+	$SelectedUser = mb_strtoupper($_GET['SelectedUser']);
+} else {
+	$SelectedUser = '';
+}
+
+if (isset($_POST['SelectedGLAccount'])) {
+	$SelectedGLAccount = mb_strtoupper($_POST['SelectedGLAccount']);
+} elseif (isset($_GET['SelectedGLAccount'])) {
+	$SelectedGLAccount = mb_strtoupper($_GET['SelectedGLAccount']);
+}
+
+if (isset($_POST['Cancel'])) {
+	unset($SelectedGLAccount);
+	unset($SelectedUser);
+}
+
+if (isset($_POST['Process'])) {
+	if ($_POST['SelectedGLAccount'] == '') {
+		prnMsg(_('You have not selected any GL Account'), 'error');
+		echo '<br />';
+		unset($SelectedGLAccount);
+		unset($_POST['SelectedGLAccount']);
+	}
+}
+
+if (isset($_POST['submit'])) {
+
+	$InputError = 0;
+
+	if ($_POST['SelectedUser'] == '') {
+		$InputError = 1;
+		prnMsg(_('You have not selected an user to be authorised to use this GL Account'), 'error');
+		echo '<br />';
+		unset($SelectedGLAccount);
+	}
+
+	if ($InputError != 1) {
+
+		// First check the user is not being duplicated
+
+		$CheckSql = "SELECT count(*)
+			     FROM glaccountusers
+			     WHERE accountcode= '" . $_POST['SelectedGLAccount'] . "'
+				 AND userid = '" . $_POST['SelectedUser'] . "'";
+
+		$CheckResult = DB_query($CheckSql);
+		$CheckRow = DB_fetch_row($CheckResult);
+
+		if ($CheckRow[0] > 0) {
+			$InputError = 1;
+			prnMsg(_('The user') . ' ' . $_POST['SelectedUser'] . ' ' . _('is already authorised to use this GL Account'), 'error');
+		} else {
+			// Add new record on submit
+			$SQL = "INSERT INTO glaccountusers (accountcode,
+												userid,
+												canview,
+												canupd)
+										VALUES ('" . $_POST['SelectedGLAccount'] . "',
+												'" . $_POST['SelectedUser'] . "',
+												'1',
+												'1')";
+
+			$msg = _('User') . ': ' . $_POST['SelectedUser'] . ' ' . _('authority to use the') . ' ' . $_POST['SelectedGLAccount'] . ' ' . _('GL Account has been changed');
+			$Result = DB_query($SQL);
+			prnMsg($msg, 'success');
+			unset($_POST['SelectedUser']);
+		}
+	}
+} elseif (isset($_GET['delete'])) {
+	$SQL = "DELETE FROM glaccountusers
+		WHERE accountcode='" . $SelectedGLAccount . "'
+		AND userid='" . $SelectedUser . "'";
+
+	$ErrMsg = _('The GL Account user record could not be deleted because');
+	$Result = DB_query($SQL, $ErrMsg);
+	prnMsg(_('User') . ' ' . $SelectedUser . ' ' . _('has had their authority to use the') . ' ' . $SelectedGLAccount . ' ' . _('GL Account removed'), 'success');
+	unset($_GET['delete']);
+} elseif (isset($_GET['ToggleUpdate'])) {
+	$SQL = "UPDATE glaccountusers
+			SET canupd='" . $_GET['ToggleUpdate'] . "'
+			WHERE accountcode='" . $SelectedGLAccount . "'
+			AND userid='" . $SelectedUser . "'";
+
+	$ErrMsg = _('The GL Account user record could not be deleted because');
+	$Result = DB_query($SQL, $ErrMsg);
+	prnMsg(_('User') . ' ' . $SelectedUser . ' ' . _('has had their authority to update') . ' ' . $SelectedGLAccount . ' ' . _('GL Account removed'), 'success');
+	unset($_GET['ToggleUpdate']);
+}
+
+if (!isset($SelectedGLAccount)) {
+
+	/* It could still be the second time the page has been run and a record has been selected for modification - SelectedUser will exist because it was sent with the new call. If its the first time the page has been displayed with no parameters
+	then none of the above are true. These will call the same page again and allow update/input or deletion of the records*/
+	echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '">';
+	echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />
+			<table class="selection">
+			<tr>
+				<td>' . _('Select GL Account') . ':</td>
+				<td><select name="SelectedGLAccount">';
+
+	$Result = DB_query("SELECT accountcode,
+								accountname
+						FROM chartmaster
+						ORDER BY accountcode");
+
+	echo '<option value="">' . _('Not Yet Selected') . '</option>';
+	while ($MyRow = DB_fetch_array($Result)) {
+		if (isset($SelectedGLAccount) and $MyRow['accountcode'] == $SelectedGLAccount) {
+			echo '<option selected="selected" value="';
+		} else {
+			echo '<option value="';
+		}
+		echo $MyRow['accountcode'] . '">' . $MyRow['accountcode'] . ' - ' . $MyRow['accountname'] . '</option>';
+
+	} //end while loop
+
+	echo '</select></td></tr>';
+
+	echo '</table>'; // close main table
+	DB_free_result($Result);
+
+	echo '<div class="centre">
+			<input type="submit" name="Process" value="' . _('Accept') . '" />
+			<input type="submit" name="Cancel" value="' . _('Cancel') . '" />
+		</div>';
+
+	echo '</form>';
+
+}
+
+//end of ifs and buts!
+if (isset($_POST['process']) or isset($SelectedGLAccount)) {
+	$SQLName = "SELECT accountname
+			FROM chartmaster
+			WHERE accountcode='" . $SelectedGLAccount . "'";
+	$Result = DB_query($SQLName);
+	$MyRow = DB_fetch_array($Result);
+	$SelectedGLAccountName = $MyRow['accountname'];
+
+	echo '<div class="centre"><a href="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '">' . _('Authorised users for') . ' ' . $SelectedGLAccountName . ' ' . _('GL Account') . '</a></div>
+		<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '">
+		<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />
+		<input type="hidden" name="SelectedGLAccount" value="' . $SelectedGLAccount . '" />';
+
+	$SQL = "SELECT glaccountusers.userid,
+					canview,
+					canupd,
+					www_users.realname
+			FROM glaccountusers INNER JOIN www_users
+			ON glaccountusers.userid=www_users.userid
+			WHERE glaccountusers.accountcode='" . $SelectedGLAccount . "'
+			ORDER BY glaccountusers.userid ASC";
+
+	$Result = DB_query($SQL);
+
+	echo '<table class="selection">';
+	echo '<tr>
+			<th colspan="6"><h3>' . _('Authorised users for GL Acccount') . ': ' . $SelectedGLAccountName . '</h3></th>
+		</tr>';
+	echo '<tr>
+			<th>' . _('User Code') . '</th>
+			<th>' . _('User Name') . '</th>
+			<th>' . _('View') . '</th>
+			<th>' . _('Update') . '</th>
+		</tr>';
+
+	$k = 0; //row colour counter
+
+	while ($MyRow = DB_fetch_array($Result)) {
+		if ($k == 1) {
+			echo '<tr class="EvenTableRows">';
+			$k = 0;
+		} else {
+			echo '<tr class="OddTableRows">';
+			$k = 1;
+		}
+
+		if ($MyRow['canupd'] == 1) {
+			$ToggleText = '<td><a href="%s?SelectedUser=%s&amp;ToggleUpdate=0&amp;SelectedGLAccount=' . $SelectedGLAccount . '" onclick="return confirm(\'' . _('Are you sure you wish to remove Update for this user?') . '\');">' . _('Remove Update') . '</a></td>';
+		} else {
+			$ToggleText = '<td><a href="%s?SelectedUser=%s&amp;ToggleUpdate=1&amp;SelectedGLAccount=' . $SelectedGLAccount . '" onclick="return confirm(\'' . _('Are you sure you wish to add Update for this user?') . '\');">' . _('Add Update') . '</a></td>';
+		}
+
+		printf('<td>%s</td>
+				<td>%s</td>
+				<td>%s</td>
+				<td>%s</td>' .
+				$ToggleText . '
+				<td><a href="%s?SelectedUser=%s&amp;delete=yes&amp;SelectedGLAccount=' . $SelectedGLAccount . '" onclick="return confirm(\'' . _('Are you sure you wish to un-authorise this user?') . '\');">' . _('Un-authorise') . '</a></td>
+				</tr>',
+				$MyRow['userid'],
+				$MyRow['realname'],
+				$MyRow['canview'],
+				$MyRow['canupd'],
+				htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8'),
+				$MyRow['userid'],
+				htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8'),
+				$MyRow['userid']);
+	}
+	//END WHILE LIST LOOP
+	echo '</table>';
+
+	if (!isset($_GET['delete'])) {
+
+
+		echo '<table  class="selection">'; //Main table
+
+		echo '<tr>
+				<td>' . _('Select User') . ':</td>
+				<td><select name="SelectedUser">';
+
+		$Result = DB_query("SELECT userid,
+									realname
+							FROM www_users
+							WHERE NOT EXISTS (SELECT glaccountusers.userid
+											FROM glaccountusers
+											WHERE glaccountusers.accountcode='" . $SelectedGLAccount . "'
+												AND glaccountusers.userid=www_users.userid)");
+
+		if (!isset($_POST['SelectedUser'])) {
+			echo '<option selected="selected" value="">' . _('Not Yet Selected') . '</option>';
+		}
+		while ($MyRow = DB_fetch_array($Result)) {
+			if (isset($_POST['SelectedUser']) and $MyRow['userid'] == $_POST['SelectedUser']) {
+				echo '<option selected="selected" value="';
+			} else {
+				echo '<option value="';
+			}
+			echo $MyRow['userid'] . '">' . $MyRow['userid'] . ' - ' . $MyRow['realname'] . '</option>';
+
+		} //end while loop
+
+		echo '</select>
+					</td>
+				</tr>
+			</table>'; // close main table
+		DB_free_result($Result);
+
+		echo '<div class="centre">
+				<input type="submit" name="submit" value="' . _('Accept') . '" />
+				<input type="submit" name="Cancel" value="' . _('Cancel') . '" />
+			</div>
+			</form>';
+
+	} // end if user wish to delete
+}
+
+include('includes/footer.inc');
+?>

Modified: trunk/GLBalanceSheet.php
===================================================================
--- trunk/GLBalanceSheet.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/GLBalanceSheet.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -130,9 +130,10 @@
 			chartmaster.accountname,
 			Sum(CASE WHEN chartdetails.period='" . $_POST['BalancePeriodEnd'] . "' THEN chartdetails.bfwd + chartdetails.actual ELSE 0 END) AS balancecfwd,
 			Sum(CASE WHEN chartdetails.period='" . ($_POST['BalancePeriodEnd'] - 12) . "' THEN chartdetails.bfwd + chartdetails.actual ELSE 0 END) AS lybalancecfwd
-		FROM chartmaster INNER JOIN accountgroups
-		ON chartmaster.group_ = accountgroups.groupname INNER JOIN chartdetails
-		ON chartmaster.accountcode= chartdetails.accountcode
+		FROM chartmaster 
+			INNER JOIN accountgroups ON chartmaster.group_ = accountgroups.groupname 
+			INNER JOIN chartdetails	ON chartmaster.accountcode= chartdetails.accountcode
+			INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" .  $_SESSION['UserID'] . "' AND glaccountusers.canview=1
 		WHERE accountgroups.pandl=0
 		GROUP BY accountgroups.groupname,
 			chartdetails.accountcode,
@@ -372,9 +373,10 @@
 			chartmaster.accountname,
 			Sum(CASE WHEN chartdetails.period='" . $_POST['BalancePeriodEnd'] . "' THEN chartdetails.bfwd + chartdetails.actual ELSE 0 END) AS balancecfwd,
 			Sum(CASE WHEN chartdetails.period='" . ($_POST['BalancePeriodEnd'] - 12) . "' THEN chartdetails.bfwd + chartdetails.actual ELSE 0 END) AS lybalancecfwd
-		FROM chartmaster INNER JOIN accountgroups
-		ON chartmaster.group_ = accountgroups.groupname INNER JOIN chartdetails
-		ON chartmaster.accountcode= chartdetails.accountcode
+		FROM chartmaster 
+			INNER JOIN accountgroups ON chartmaster.group_ = accountgroups.groupname 
+			INNER JOIN chartdetails	ON chartmaster.accountcode= chartdetails.accountcode
+			INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" .  $_SESSION['UserID'] . "' AND glaccountusers.canview=1
 		WHERE accountgroups.pandl=0
 		GROUP BY accountgroups.groupname,
 			chartdetails.accountcode,

Modified: trunk/GLJournal.php
===================================================================
--- trunk/GLJournal.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/GLJournal.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -324,10 +324,11 @@
 }
 echo '<td><input type="text" autofocus="autofocus" name="GLManualCode" maxlength="12" size="12" onchange="inArray(this, GLCode.options,'.	"'".'The account code '."'".'+ this.value+ '."'".' doesnt exist'."'".')" value="'. $_POST['GLManualCode'] .'"  /></td>';
 
-$sql="SELECT accountcode,
-			accountname
+$sql="SELECT chartmaster.accountcode,
+			chartmaster.accountname
 		FROM chartmaster
-		ORDER BY accountcode";
+			INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" .  $_SESSION['UserID'] . "' AND glaccountusers.canupd=1
+		ORDER BY chartmaster.accountcode";
 
 $result=DB_query($sql);
 echo '<td>

Modified: trunk/GLJournalInquiry.php
===================================================================
--- trunk/GLJournalInquiry.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/GLJournalInquiry.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -102,10 +102,26 @@
 			} else {
 				echo '<tr><td colspan="2"></td>';
 			}
+			
+			// if user is allowed to see the account we show it, other wise we show "OTHERS ACCOUNTS"
+			$CheckSql = "SELECT count(*)
+						 FROM glaccountusers
+						 WHERE accountcode= '" . $myrow['account'] . "'
+							 AND userid = '" . $_SESSION['UserID'] . "'
+							 AND canview = '1'";
+			$CheckResult = DB_query($CheckSql);
+			$CheckRow = DB_fetch_row($CheckResult);
 
-			echo '<td>' . $myrow['account'] . '</td>
-					<td>' . $myrow['accountname'] . '</td>
-					<td>' . $myrow['narrative']  . '</td>
+			if ($CheckRow[0] > 0) {
+				echo '<td>' . $myrow['account'] . '</td>
+						<td>' . $myrow['accountname'] . '</td>';
+			}else{
+				echo '<td>' . _('Others') . '</td>
+						<td>' . _('Other GL Accounts') . '</td>';
+			}
+			
+					
+			echo '<td>' . $myrow['narrative']  . '</td>
 					<td class="number">' . locale_number_format($myrow['amount'],$_SESSION['CompanyRecord']['decimalplaces']) . '</td>
 					<td class="number">' . $myrow['tag'] . ' - ' . $myrow['tagdescription'] . '</td>';
 

Modified: trunk/GLProfit_Loss.php
===================================================================
--- trunk/GLProfit_Loss.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/GLProfit_Loss.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -166,9 +166,10 @@
 					Sum(CASE WHEN chartdetails.period='" . ($_POST['FromPeriod'] - 12) . "' THEN chartdetails.bfwd ELSE 0 END) AS lyfirstprdbfwd,
 					Sum(CASE WHEN chartdetails.period='" . ($_POST['ToPeriod']-12) . "' THEN chartdetails.bfwd + chartdetails.actual ELSE 0 END) AS lylastprdcfwd,
 					Sum(CASE WHEN chartdetails.period='" . $_POST['ToPeriod'] . "' THEN chartdetails.bfwdbudget + chartdetails.budget ELSE 0 END) AS lastprdbudgetcfwd
-				FROM chartmaster INNER JOIN accountgroups
-				ON chartmaster.group_ = accountgroups.groupname INNER JOIN chartdetails
-				ON chartmaster.accountcode= chartdetails.accountcode
+				FROM chartmaster 
+					INNER JOIN accountgroups ON chartmaster.group_ = accountgroups.groupname 
+					INNER JOIN chartdetails ON chartmaster.accountcode= chartdetails.accountcode
+					INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" .  $_SESSION['UserID'] . "' AND glaccountusers.canview=1
 				WHERE accountgroups.pandl=1
 				GROUP BY accountgroups.sectioninaccounts,
 					accountgroups.groupname,
@@ -594,9 +595,10 @@
 					SUM(CASE WHEN chartdetails.period='" . ($_POST['FromPeriod'] - 12) . "' THEN chartdetails.bfwd ELSE 0 END) AS lyfirstprdbfwd,
 					SUM(CASE WHEN chartdetails.period='" . ($_POST['ToPeriod']-12) . "' THEN chartdetails.bfwd + chartdetails.actual ELSE 0 END) AS lylastprdcfwd,
 					SUM(CASE WHEN chartdetails.period='" . $_POST['ToPeriod'] . "' THEN chartdetails.bfwdbudget + chartdetails.budget ELSE 0 END) AS lastprdbudgetcfwd
-			FROM chartmaster INNER JOIN accountgroups
-			ON chartmaster.group_ = accountgroups.groupname INNER JOIN chartdetails
-			ON chartmaster.accountcode= chartdetails.accountcode
+			FROM chartmaster 
+				INNER JOIN accountgroups ON chartmaster.group_ = accountgroups.groupname 
+				INNER JOIN chartdetails	ON chartmaster.accountcode= chartdetails.accountcode
+				INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" .  $_SESSION['UserID'] . "' AND glaccountusers.canview=1
 			WHERE accountgroups.pandl=1
 			GROUP BY accountgroups.sectioninaccounts,
 					accountgroups.parentgroupname,

Modified: trunk/GLTagProfit_Loss.php
===================================================================
--- trunk/GLTagProfit_Loss.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/GLTagProfit_Loss.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -172,9 +172,10 @@
 					chartmaster.accountname,
 					Sum(CASE WHEN (gltrans.periodno>='" . $_POST['FromPeriod'] . "' and gltrans.periodno<='" . $_POST['ToPeriod'] . "') THEN gltrans.amount ELSE 0 END) AS TotalAllPeriods,
 					Sum(CASE WHEN (gltrans.periodno='" . $_POST['ToPeriod'] . "') THEN gltrans.amount ELSE 0 END) AS TotalThisPeriod
-			FROM chartmaster INNER JOIN accountgroups
-			ON chartmaster.group_ = accountgroups.groupname INNER JOIN gltrans
-			ON chartmaster.accountcode= gltrans.account
+			FROM chartmaster 
+				INNER JOIN accountgroups ON chartmaster.group_ = accountgroups.groupname 
+				INNER JOIN gltrans ON chartmaster.accountcode= gltrans.account
+				INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" .  $_SESSION['UserID'] . "' AND glaccountusers.canview=1
 			WHERE accountgroups.pandl=1
 			AND gltrans.tag='" . $_POST['tag'] . "'
 			GROUP BY accountgroups.sectioninaccounts,

Modified: trunk/GLTransInquiry.php
===================================================================
--- trunk/GLTransInquiry.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/GLTransInquiry.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -124,8 +124,23 @@
 					$DetailResult = DB_query($DetailSQL);
 
 			} else {
-					$URL = $RootPath . '/GLAccountInquiry.php?Account=' . $TransRow['account'];
+					// if user is allowed to see the account we show it, other wise we show "OTHERS ACCOUNTS"
+					$CheckSql = "SELECT count(*)
+								 FROM glaccountusers
+								 WHERE accountcode= '" . $TransRow['account'] . "'
+									 AND userid = '" . $_SESSION['UserID'] . "'
+									 AND canview = '1'";
+					$CheckResult = DB_query($CheckSql);
+					$CheckRow = DB_fetch_row($CheckResult);
 
+					if ($CheckRow[0] > 0) {
+						$AccountName = $TransRow['accountname'];
+						$URL = $RootPath . '/GLAccountInquiry.php?Account=' . $TransRow['account'];
+					}else{
+						$AccountName = _('Other GL Accounts');
+						$URL = "";
+					}
+
 					if( mb_strlen($TransRow['narrative'])==0 ) {
 						$TransRow['narrative'] = '&nbsp;';
 					}
@@ -137,11 +152,20 @@
 					    echo '<tr class="EvenTableRows">';
 					    $j++;
 					}
+					
 					echo '	<td>' . MonthAndYearFromSQLDate($TransRow['lastdate_in_period']) . '</td>
-							<td>' . $TranDate . '</td>
-							<td><a href="' . $URL . '">' . $TransRow['accountname'] . '</a></td>
-							<td>' . $TransRow['narrative'] . '</td>
-							<td class="number">' . $DebitAmount . '</td>
+							<td>' . $TranDate . '</td>';
+					
+					if ($URL == ""){
+						// User is not allowed to see this GL account, don't show the details
+						echo '	<td>' . $AccountName . '</td>
+								<td>' . $AccountName . '</td>';
+					}else{
+						echo '	<td><a href="' . $URL . '">' . $AccountName . '</a></td>
+								<td>' . $TransRow['narrative'] . '</td>';
+					}
+					
+					echo '	<td class="number">' . $DebitAmount . '</td>
 							<td class="number">' . $CreditAmount . '</td>
 							<td>' . $Posted . '</td>
 						</tr>';

Modified: trunk/GLTrialBalance.php
===================================================================
--- trunk/GLTrialBalance.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/GLTrialBalance.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -147,8 +147,10 @@
 			Sum(CASE WHEN chartdetails.period='" . $_POST['ToPeriod'] . "' THEN chartdetails.actual ELSE 0 END) AS monthactual,
 			Sum(CASE WHEN chartdetails.period='" . $_POST['ToPeriod'] . "' THEN chartdetails.budget ELSE 0 END) AS monthbudget,
 			Sum(CASE WHEN chartdetails.period='" . $_POST['ToPeriod'] . "' THEN chartdetails.bfwdbudget + chartdetails.budget ELSE 0 END) AS lastprdbudgetcfwd
-		FROM chartmaster INNER JOIN accountgroups ON chartmaster.group_ = accountgroups.groupname
+		FROM chartmaster 
+			INNER JOIN accountgroups ON chartmaster.group_ = accountgroups.groupname
 			INNER JOIN chartdetails ON chartmaster.accountcode= chartdetails.accountcode
+			INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" . $_SESSION['UserID'] . "' AND glaccountusers.canview=1
 		GROUP BY accountgroups.groupname,
 				accountgroups.parentgroupname,
 				accountgroups.pandl,
@@ -417,8 +419,10 @@
 			Sum(CASE WHEN chartdetails.period='" . $_POST['ToPeriod'] . "' THEN chartdetails.actual ELSE 0 END) AS monthactual,
 			Sum(CASE WHEN chartdetails.period='" . $_POST['ToPeriod'] . "' THEN chartdetails.budget ELSE 0 END) AS monthbudget,
 			Sum(CASE WHEN chartdetails.period='" . $_POST['ToPeriod'] . "' THEN chartdetails.bfwdbudget + chartdetails.budget ELSE 0 END) AS lastprdbudgetcfwd
-		FROM chartmaster INNER JOIN accountgroups ON chartmaster.group_ = accountgroups.groupname
+		FROM chartmaster 
+			INNER JOIN accountgroups ON chartmaster.group_ = accountgroups.groupname
 			INNER JOIN chartdetails ON chartmaster.accountcode= chartdetails.accountcode
+			INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" . $_SESSION['UserID'] . "' AND glaccountusers.canview=1
 		GROUP BY accountgroups.groupname,
 				accountgroups.pandl,
 				accountgroups.sequenceintb,

Modified: trunk/PDFChequeListing.php
===================================================================
--- trunk/PDFChequeListing.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/PDFChequeListing.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -137,6 +137,7 @@
 	$LeftOvers = $pdf->addTextWrap($Left_Margin+65,$YPos,90,$FontSize,$myrow['ref'], 'left');
 
 	$sql = "SELECT accountname,
+					accountcode,
 					amount,
 					narrative
 			FROM gltrans INNER JOIN chartmaster
@@ -156,7 +157,21 @@
   		exit;
 	}
 	while ($GLRow=DB_fetch_array($GLTransResult)){
-		$LeftOvers = $pdf->addTextWrap($Left_Margin+150,$YPos,90,$FontSize,$GLRow['accountname'], 'left');
+		// if user is allowed to see the account we show it, other wise we show "OTHERS ACCOUNTS"
+		$CheckSql = "SELECT count(*)
+					 FROM glaccountusers
+					 WHERE accountcode= '" . $GLRow['accountcode'] . "'
+						 AND userid = '" . $_SESSION['UserID'] . "'
+						 AND canview = '1'";
+		$CheckResult = DB_query($CheckSql);
+		$CheckRow = DB_fetch_row($CheckResult);
+
+		if ($CheckRow[0] > 0) {
+			$AccountName = $GLRow['accountname'];
+		}else{
+			$AccountName = _('Other GL Accounts');
+		}
+		$LeftOvers = $pdf->addTextWrap($Left_Margin+150,$YPos,90,$FontSize,$AccountName, 'left');
 		$LeftOvers = $pdf->addTextWrap($Left_Margin+245,$YPos,60,$FontSize,locale_number_format($GLRow['amount'],$_SESSION['CompanyRecord']['decimalplaces']), 'right');
 		$LeftOvers = $pdf->addTextWrap($Left_Margin+310,$YPos,120,$FontSize,$GLRow['narrative'], 'left');
 		$YPos -= ($line_height);

Modified: trunk/Payments.php
===================================================================
--- trunk/Payments.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/Payments.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -1013,16 +1013,18 @@
 	}
 
 	if (isset($_POST['GLGroup']) AND $_POST['GLGroup']!='') {
-		$SQL = "SELECT accountcode,
-						accountname
+		$SQL = "SELECT chartmaster.accountcode,
+						chartmaster.accountname
 				FROM chartmaster
-				WHERE group_='".$_POST['GLGroup']."'
-				ORDER BY accountcode";
+					INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" .  $_SESSION['UserID'] . "' AND glaccountusers.canupd=1
+				WHERE chartmaster.group_='".$_POST['GLGroup']."'
+				ORDER BY chartmaster.accountcode";
 	} else {
-		$SQL = "SELECT accountcode,
-						accountname
+		$SQL = "SELECT chartmaster.accountcode,
+						chartmaster.accountname
 				FROM chartmaster
-				ORDER BY accountcode";
+					INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" .  $_SESSION['UserID'] . "' AND glaccountusers.canupd=1
+				ORDER BY chartmaster.accountcode";
 	}
 
 

Modified: trunk/SelectGLAccount.php
===================================================================
--- trunk/SelectGLAccount.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/SelectGLAccount.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -22,8 +22,12 @@
                     chartmaster.group_,
                     CASE WHEN accountgroups.pandl!=0 THEN '" . _('Profit and Loss') . "' ELSE '" . _('Balance Sheet') ."' END AS pl
                     FROM chartmaster,
-                        accountgroups
-                    WHERE chartmaster.group_=accountgroups.groupname
+                        accountgroups,
+						glaccountusers
+					WHERE glaccountusers.accountcode = chartmaster.accountcode 
+						AND glaccountusers.userid='" .  $_SESSION['UserID'] . "'
+						AND glaccountusers.canview=1 
+						AND chartmaster.group_=accountgroups.groupname
                     ORDER BY chartmaster.accountcode";
     }
 	elseif (mb_strlen($_POST['Keywords'])>0) {
@@ -37,9 +41,13 @@
 						THEN '" . _('Profit and Loss') . "'
 						ELSE '" . _('Balance Sheet') . "' END AS pl
 				FROM chartmaster,
-					accountgroups
-				WHERE chartmaster.group_ = accountgroups.groupname
-				AND accountname " . LIKE  . " '$SearchString'
+					accountgroups,
+					glaccountusers
+				WHERE glaccountusers.accountcode = chartmaster.accountcode 
+					AND glaccountusers.userid='" .  $_SESSION['UserID'] . "'
+					AND glaccountusers.canview=1 
+					AND chartmaster.group_ = accountgroups.groupname
+					AND accountname " . LIKE  . "'". $SearchString ."'
 				ORDER BY accountgroups.sequenceintb,
 					chartmaster.accountcode";
 
@@ -50,8 +58,12 @@
 					chartmaster.group_,
 					CASE WHEN accountgroups.pandl!=0 THEN '" . _('Profit and Loss') . "' ELSE '" . _('Balance Sheet') ."' END AS pl
 					FROM chartmaster,
-						accountgroups
-					WHERE chartmaster.group_=accountgroups.groupname
+						accountgroups, 
+						glaccountusers
+				WHERE glaccountusers.accountcode = chartmaster.accountcode 
+					AND glaccountusers.userid='" .  $_SESSION['UserID'] . "'
+					AND glaccountusers.canview=1 
+					AND chartmaster.group_=accountgroups.groupname
 					AND chartmaster.accountcode >= '" . $_POST['GLCode'] . "'
 					ORDER BY chartmaster.accountcode";
 		}
@@ -78,10 +90,11 @@
 			<td><input type="text" name="Keywords" size="20" maxlength="25" /></td>
 			<td><b>' .  _('OR') . '</b></td>';
 
-	$SQLAccountSelect="SELECT accountcode,
-							accountname
+	$SQLAccountSelect="SELECT chartmaster.accountcode,
+							chartmaster.accountname
 						FROM chartmaster
-						ORDER BY accountcode";
+						INNER JOIN glaccountusers ON glaccountusers.accountcode=chartmaster.accountcode AND glaccountusers.userid='" .  $_SESSION['UserID'] . "' AND glaccountusers.canview=1
+						ORDER BY chartmaster.accountcode";
 
 	$ResultSelection=DB_query($SQLAccountSelect);
 	echo '<td><select name="GLCode">';

Added: trunk/UserGLAccounts.php
===================================================================
--- trunk/UserGLAccounts.php	                        (rev 0)
+++ trunk/UserGLAccounts.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -0,0 +1,262 @@
+<?php
+/* $Id: glaccountusers.php 6806 2013-09-28 05:10:46Z daintree $*/
+
+include('includes/session.inc');
+$Title = _('User Authorised GL Accounts Maintenance');
+include('includes/header.inc');
+
+echo '<p class="page_title_text"><img src="' . $RootPath . '/css/' . $Theme . '/images/money_add.png" title="' . _('User Authorised GL Accounts') . '" alt="" />' . ' ' . $Title . '</p>';
+
+if (isset($_POST['SelectedGLAccount'])) {
+	$SelectedGLAccount = mb_strtoupper($_POST['SelectedGLAccount']);
+} elseif (isset($_GET['SelectedGLAccount'])) {
+	$SelectedGLAccount = mb_strtoupper($_GET['SelectedGLAccount']);
+} else {
+	$SelectedGLAccount = '';
+}
+
+if (isset($_POST['SelectedUser'])) {
+	$SelectedUser = mb_strtoupper($_POST['SelectedUser']);
+} elseif (isset($_GET['SelectedUser'])) {
+	$SelectedUser = mb_strtoupper($_GET['SelectedUser']);
+}
+
+if (isset($_POST['Cancel'])) {
+	unset($SelectedUser);
+	unset($SelectedGLAccount);
+}
+
+if (isset($_POST['Process'])) {
+	if ($_POST['SelectedUser'] == '') {
+		prnMsg(_('You have not selected any User'), 'error');
+		echo '<br />';
+		unset($SelectedUser);
+		unset($_POST['SelectedUser']);
+	}
+}
+
+if (isset($_POST['submit'])) {
+
+	$InputError = 0;
+
+	if ($_POST['SelectedGLAccount'] == '') {
+		$InputError = 1;
+		prnMsg(_('You have not selected an GL Account to be authorised for this user'), 'error');
+		echo '<br />';
+		unset($SelectedUser);
+	}
+
+	if ($InputError != 1) {
+
+		// First check the user is not being duplicated
+
+		$CheckSql = "SELECT count(*)
+			     FROM glaccountusers
+			     WHERE accountcode= '" . $_POST['SelectedGLAccount'] . "'
+				 AND userid = '" . $_POST['SelectedUser'] . "'";
+
+		$CheckResult = DB_query($CheckSql);
+		$CheckRow = DB_fetch_row($CheckResult);
+
+		if ($CheckRow[0] > 0) {
+			$InputError = 1;
+			prnMsg(_('The GL Account') . ' ' . $_POST['SelectedGLAccount'] . ' ' . _('is already authorised for this user'), 'error');
+		} else {
+			// Add new record on submit
+			$SQL = "INSERT INTO glaccountusers (accountcode,
+												userid,
+												canview,
+												canupd)
+										VALUES ('" . $_POST['SelectedGLAccount'] . "',
+												'" . $_POST['SelectedUser'] . "',
+												'1',
+												'1')";
+
+			$msg = _('User') . ': ' . $_POST['SelectedUser'] . ' ' . _('authority to use the') . ' ' . $_POST['SelectedGLAccount'] . ' ' . _('GL Account has been changed');
+			$Result = DB_query($SQL);
+			prnMsg($msg, 'success');
+			unset($_POST['SelectedGLAccount']);
+		}
+	}
+} elseif (isset($_GET['delete'])) {
+	$SQL = "DELETE FROM glaccountusers
+		WHERE accountcode='" . $SelectedGLAccount . "'
+		AND userid='" . $SelectedUser . "'";
+
+	$ErrMsg = _('The GL Account user record could not be deleted because');
+	$Result = DB_query($SQL, $ErrMsg);
+	prnMsg(_('User') . ' ' . $SelectedUser . ' ' . _('has had their authority to use the') . ' ' . $SelectedGLAccount . ' ' . _('GL Account removed'), 'success');
+	unset($_GET['delete']);
+} elseif (isset($_GET['ToggleUpdate'])) {
+	$SQL = "UPDATE glaccountusers
+			SET canupd='" . $_GET['ToggleUpdate'] . "'
+			WHERE accountcode='" . $SelectedGLAccount . "'
+			AND userid='" . $SelectedUser . "'";
+
+	$ErrMsg = _('The GL Account user record could not be deleted because');
+	$Result = DB_query($SQL, $ErrMsg);
+	prnMsg(_('User') . ' ' . $SelectedUser . ' ' . _('has had their authority to update') . ' ' . $SelectedGLAccount . ' ' . _('GL Account removed'), 'success');
+	unset($_GET['ToggleUpdate']);
+}
+
+if (!isset($SelectedUser)) {
+
+	/* It could still be the second time the page has been run and a record has been selected for modification - SelectedGLAccount will exist because it was sent with the new call. If its the first time the page has been displayed with no parameters
+	then none of the above are true. These will call the same page again and allow update/input or deletion of the records*/
+	echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '">';
+	echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />
+			<table class="selection">
+			<tr>
+				<td>' . _('Select User') . ':</td>
+				<td><select name="SelectedUser">';
+
+	$Result = DB_query("SELECT userid,
+								realname
+						FROM www_users
+						ORDER BY userid");
+
+	echo '<option value="">' . _('Not Yet Selected') . '</option>';
+	while ($MyRow = DB_fetch_array($Result)) {
+		if (isset($SelectedUser) and $MyRow['userid'] == $SelectedUser) {
+			echo '<option selected="selected" value="';
+		} else {
+			echo '<option value="';
+		}
+		echo $MyRow['userid'] . '">' . $MyRow['userid'] . ' - ' . $MyRow['realname'] . '</option>';
+
+	} //end while loop
+
+	echo '</select></td></tr>';
+
+	echo '</table>'; // close main table
+	DB_free_result($Result);
+
+	echo '<div class="centre">
+			<input type="submit" name="Process" value="' . _('Accept') . '" />
+			<input type="submit" name="Cancel" value="' . _('Cancel') . '" />
+		</div>';
+
+	echo '</form>';
+
+}
+
+//end of ifs and buts!
+if (isset($_POST['process']) or isset($SelectedUser)) {
+	$SQLName = "SELECT realname
+			FROM www_users
+			WHERE userid='" . $SelectedUser . "'";
+	$Result = DB_query($SQLName);
+	$MyRow = DB_fetch_array($Result);
+	$SelectedUserName = $MyRow['realname'];
+
+	echo '<div class="centre"><a href="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '">' . _('Authorised GL Accounts for') . ' ' . $SelectedUserName . '</a></div>
+		<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '">
+		<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />
+		<input type="hidden" name="SelectedUser" value="' . $SelectedUser . '" />';
+
+	$SQL = "SELECT glaccountusers.accountcode,
+					canview,
+					canupd,
+					chartmaster.accountname
+			FROM glaccountusers INNER JOIN chartmaster
+			ON glaccountusers.accountcode=chartmaster.accountcode
+			WHERE glaccountusers.userid='" . $SelectedUser . "'
+			ORDER BY chartmaster.accountcode ASC";
+
+	$Result = DB_query($SQL);
+
+	echo '<table class="selection">';
+	echo '<tr>
+			<th colspan="6"><h3>' . _('Authorised GL Accounts for User') . ': ' . $SelectedUserName . '</h3></th>
+		</tr>';
+	echo '<tr>
+			<th>' . _('Code') . '</th>
+			<th>' . _('Name') . '</th>
+			<th>' . _('View') . '</th>
+			<th>' . _('Update') . '</th>
+		</tr>';
+
+	$k = 0; //row colour counter
+
+	while ($MyRow = DB_fetch_array($Result)) {
+		if ($k == 1) {
+			echo '<tr class="EvenTableRows">';
+			$k = 0;
+		} else {
+			echo '<tr class="OddTableRows">';
+			$k = 1;
+		}
+
+		if ($MyRow['canupd'] == 1) {
+			$ToggleText = '<td><a href="%s?SelectedGLAccount=%s&amp;ToggleUpdate=0&amp;SelectedUser=' . $SelectedUser . '" onclick="return confirm(\'' . _('Are you sure you wish to remove Update for this GL Account?') . '\');">' . _('Remove Update') . '</a></td>';
+		} else {
+			$ToggleText = '<td><a href="%s?SelectedGLAccount=%s&amp;ToggleUpdate=1&amp;SelectedUser=' . $SelectedUser . '" onclick="return confirm(\'' . _('Are you sure you wish to add Update for this GL Account?') . '\');">' . _('Add Update') . '</a></td>';
+		}
+
+		printf('<td>%s</td>
+				<td>%s</td>
+				<td>%s</td>
+				<td>%s</td>' .
+				$ToggleText . '
+				<td><a href="%s?SelectedGLAccount=%s&amp;delete=yes&amp;SelectedUser=' . $SelectedUser . '" onclick="return confirm(\'' . _('Are you sure you wish to un-authorise this GL Account?') . '\');">' . _('Un-authorise') . '</a></td>
+				</tr>',
+				$MyRow['accountcode'],
+				$MyRow['accountname'],
+				$MyRow['canview'],
+				$MyRow['canupd'],
+				htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8'),
+				$MyRow['accountcode'],
+				htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8'),
+				$MyRow['accountcode']);
+	}
+	//END WHILE LIST LOOP
+	echo '</table>';
+
+	if (!isset($_GET['delete'])) {
+
+
+		echo '<table  class="selection">'; //Main table
+
+		echo '<tr>
+				<td>' . _('Select GL Account') . ':</td>
+				<td><select name="SelectedGLAccount">';
+
+		$Result = DB_query("SELECT accountcode,
+									accountname
+							FROM chartmaster
+							WHERE NOT EXISTS (SELECT glaccountusers.accountcode
+											FROM glaccountusers
+											WHERE glaccountusers.userid='" . $SelectedUser . "'
+												AND glaccountusers.accountcode=chartmaster.accountcode)
+							ORDER BY accountcode");
+
+		if (!isset($_POST['SelectedGLAccount'])) {
+			echo '<option selected="selected" value="">' . _('Not Yet Selected') . '</option>';
+		}
+		while ($MyRow = DB_fetch_array($Result)) {
+			if (isset($_POST['SelectedGLAccount']) and $MyRow['accountcode'] == $_POST['SelectedGLAccount']) {
+				echo '<option selected="selected" value="';
+			} else {
+				echo '<option value="';
+			}
+			echo $MyRow['accountcode'] . '">' . $MyRow['accountcode'] .' - '. $MyRow['accountname'] . '</option>';
+
+		} //end while loop
+
+		echo '</select>
+					</td>
+				</tr>
+			</table>'; // close main table
+		DB_free_result($Result);
+
+		echo '<div class="centre">
+				<input type="submit" name="submit" value="' . _('Accept') . '" />
+				<input type="submit" name="Cancel" value="' . _('Cancel') . '" />
+			</div>
+			</form>';
+
+	} // end if user wish to delete
+}
+
+include('includes/footer.inc');
+?>

Modified: trunk/WWW_Users.php
===================================================================
--- trunk/WWW_Users.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/WWW_Users.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -166,20 +166,6 @@
 		prnMsg( _('The selected user record has been updated'), 'success' );
 	} elseif ($InputError !=1) {
 
-		$LocationSql = "INSERT INTO locationusers (loccode,
-													userid,
-													canview,
-													canupd
-												) VALUES (
-													'" . $_POST['DefaultLocation'] . "',
-													'" . $_POST['UserID'] . "',
-													1,
-													1
-												)";
-		$ErrMsg = _('The default user locations could not be processed because');
-		$DbgMsg = _('The SQL that was used to update the user locations and failed was');
-		$Result = DB_query($LocationSql, $ErrMsg, $DbgMsg);
-
 		$sql = "INSERT INTO www_users (userid,
 						realname,
 						customerid,
@@ -219,6 +205,30 @@
 						'" . $_POST['PDFLanguage'] . "',
 						'" . $_POST['Department'] . "')";
 		prnMsg( _('A new user record has been inserted'), 'success' );
+		
+		$LocationSql = "INSERT INTO locationusers (loccode,
+													userid,
+													canview,
+													canupd
+												) VALUES (
+													'" . $_POST['DefaultLocation'] . "',
+													'" . $_POST['UserID'] . "',
+													1,
+													1
+												)";
+		$ErrMsg = _('The default user locations could not be processed because');
+		$DbgMsg = _('The SQL that was used to create the user locations and failed was');
+		$Result = DB_query($LocationSql, $ErrMsg, $DbgMsg);
+		prnMsg( _('User has been authorized to use and update only his / her default location'), 'success' );
+		
+		$GLAccountsSql = "INSERT INTO glaccountusers (userid, accountcode, canview, canupd)
+						  SELECT '" . $_POST['UserID'] . "', chartmaster.accountcode,1,1
+						  FROM chartmaster;	";
+		
+		$ErrMsg = _('The default user GL Accounts could not be processed because');
+		$DbgMsg = _('The SQL that was used to create the user GL Accounts and failed was');
+		$Result = DB_query($GLAccountsSql, $ErrMsg, $DbgMsg);
+		prnMsg( _('User has been authorized to use and update all GL accounts'), 'success' );
 	}
 
 	if ($InputError!=1){

Modified: trunk/includes/MainMenuLinksArray.php
===================================================================
--- trunk/includes/MainMenuLinksArray.php	2015-11-09 18:25:45 UTC (rev 7384)
+++ trunk/includes/MainMenuLinksArray.php	2015-11-11 08:03:20 UTC (rev 7385)
@@ -1,617 +1,621 @@
-<?php
-
-/* $Id: MainMenuLinksArray.php 6190 2013-08-12 02:12:02Z rchacon $*/
-
-/* webERP menus with Captions and URLs. */
-
-$ModuleLink = array('orders', 'AR', 'PO', 'AP', 'stock', 'manuf',  'GL', 'FA', 'PC', 'system', 'Utilities');
-$ReportList = array('orders'=>'ord',
-					'AR'=>'ar',
-					'PO'=>'prch',
-					'AP'=>'ap',
-					'stock'=>'inv',
-					'manuf'=>'man',
-					'GL'=>'gl',
-					'FA'=>'fa',
-					'PC'=>'pc',
-					'system'=>'sys',
-					'Utilities'=>'utils'
-					);
-
-/*The headings showing on the tabs accross the main index used also in WWW_Users for defining what should be visible to the user */
-$ModuleList = array(_('Sales'),
-					_('Receivables'),
-					_('Purchases'),
-					_('Payables'),
-					_('Inventory'),
-					_('Manufacturing'),
-					_('General Ledger'),
-					_('Asset Manager'),
-					_('Petty Cash'),
-					_('Setup'),
-					_('Utilities'));
-
-$MenuItems['orders']['Transactions']['Caption'] = array(_('New Sales Order or Quotation'),
-														_('Enter Counter Sales'),
-														_('Enter Counter Returns'),
-														_('Print Picking Lists'),
-														_('Outstanding Sales Orders/Quotations'),
-														_('Special Order'),
-														_('Recurring Order Template'),
-														_('Process Recurring Orders'));
-
-$MenuItems['orders']['Transactions']['URL'] = array('/SelectOrderItems.php?NewOrder=Yes',
-													'/CounterSales.php',
-													'/CounterReturns.php',
-													'/PDFPickingList.php',
-													'/SelectSalesOrder.php',
-													'/SpecialOrder.php',
-													'/SelectRecurringSalesOrder.php',
-													'/RecurringSalesOrdersProcess.php');
-
-$MenuItems['orders']['Reports']['Caption'] = array( _('Sales Order Inquiry'),
-													_('Print Price Lists'),
-													_('Order Status Report'),
-													_('Orders Invoiced Reports'),
-													_('Daily Sales Inquiry'),
-													_('Sales By Sales Type Inquiry'),
-													_('Sales By Category Inquiry'),
-													_('Sales By Category By Item Inquiry'),
-													_('Sales Analysis Reports'),
-													_('Sales Graphs'),
-													_('Top Sellers Inquiry'),
-													_('Order Delivery Differences Report'),
-													_('Delivery In Full On Time (DIFOT) Report'),
-													_('Sales Order Detail Or Summary Inquiries'),
-													_('Top Sales Items Inquiry'),
-													_('Top Customers Inquiry'),
-													_('Worst Sales Items Report'),
-													_('Sales With Low Gross Profit Report'),
-													_('Sell Through Support Claims Report'));
-
-$MenuItems['orders']['Reports']['URL'] = array( '/SelectCompletedOrder.php',
-												'/PDFPriceList.php',
-												'/PDFOrderStatus.php',
-												'/PDFOrdersInvoiced.php',
-												'/DailySalesInquiry.php',
-												'/SalesByTypePeriodInquiry.php',
-												'/SalesCategoryPeriodInquiry.php',
-												'/StockCategorySalesInquiry.php',
-												'/SalesAnalRepts.php',
-												'/SalesGraph.php',
-												'/SalesTopItemsInquiry.php',
-												'/PDFDeliveryDifferences.php',
-												'/PDFDIFOT.php',
-												'/SalesInquiry.php',
-												'/TopItems.php',
-												'/SalesTopCustomersInquiry.php',
-												'/NoSalesItems.php',
-												'/PDFLowGP.php',
-												'/PDFSellThroughSupportClaim.php');
-
-$MenuItems['orders']['Maintenance']['Caption'] = array( _('Create Contract'),
-														_('Select Contract'),
-														_('Sell Through Support Deals'));
-
-$MenuItems['orders']['Maintenance']['URL'] = array( '/Contracts.php',
-													'/SelectContract.php',
-													'/SellThroughSupport.php');
-
-$MenuItems['AR']['Transactions']['Caption'] = array(_('Select Order to Invoice'),
-													_('Create A Credit Note'),
-													_('Enter Receipts'),
-													_('Allocate Receipts or Credit Notes'));
-$MenuItems['AR']['Transactions']['URL'] = array('/SelectSalesOrder.php',
-												'/SelectCreditItems.php?NewCredit=Yes',
-												'/CustomerReceipt.php?NewReceipt=Yes&amp;Type=Customer',
-												'/CustomerAllocations.php');
-
-$MenuItems['AR']['Reports']['Caption'] = array(	_('Where Allocated Inquiry'),
-												_('Print Invoices or Credit Notes'),
-												_('Print Statements'),
-												_('Aged Customer Balances/Overdues Report'),
-												_('Re-Print A Deposit Listing'),
-												_('Debtor Balances At A Prior Month End'),
-												_('Customer Listing By Area/Salesperson'),
-												_('List Daily Transactions'),
-												_('Customer Transaction Inquiries'),
-												_('Customer Activity and Balances'));
-
-if ($_SESSION['InvoicePortraitFormat']==0){
-	$PrintInvoicesOrCreditNotesScript = '/PrintCustTrans.php';
-} else {
-	$PrintInvoicesOrCreditNotesScript = '/PrintCustTransPortrait.php';
-}
-
-$MenuItems['AR']['Reports']['URL'] = array(	'/CustWhereAlloc.php',
-											$PrintInvoicesOrCreditNotesScript,
-											'/PrintCustStatements.php',
-											'/AgedDebtors.php',
-											'/PDFBankingSummary.php',
-											'/DebtorsAtPeriodEnd.php',
-											'/PDFCustomerList.php',
-											'/PDFCustTransListing.php',
-											'/CustomerTransInquiry.php',
-											'/CustomerBalancesMovement.php' );
-
-$MenuItems['AR']['Maintenance']['Caption'] = array(	_('Add Customer'),
-													_('Select Customer'));
-$MenuItems['AR']['Maintenance']['URL'] = array(	'/Customers.php',
-												'/SelectCustomer.php');
-
-$MenuItems['AP']['Transactions']['Caption'] = array(_('Select Supplier'),
-													_('Supplier Allocations'));
-$MenuItems['AP']['Transactions']['URL'] = array('/SelectSupplier.php',
-												'/SupplierAllocations.php');
-
-$MenuItems['AP']['Reports']['Caption'] = array(	_('Aged Supplier Report'),
-												_('Payment Run Report'),
-												_('Remittance Advices'),
-												_('Outstanding GRNs Report'),
-												_('Supplier Balances At A Prior Month End'),
-												_('List Daily Transactions'),
-												_('Supplier Transaction Inquiries'));
-
-$MenuItems['AP']['Reports']['URL'] = array(	'/AgedSuppliers.php',
-											'/SuppPaymentRun.php',
-											'/PDFRemittanceAdvice.php',
-											'/OutstandingGRNs.php',
-											'/SupplierBalsAtPeriodEnd.php',
-											'/PDFSuppTransListing.php',
-											'/SupplierTransInquiry.php');
-
-$MenuItems['AP']['Maintenance']['Caption'] = array(	_('Add Supplier'),
-													_('Select Supplier'),
-													_('Maintain Factor Companies'));
-$MenuItems['AP']['Maintenance']['URL'] = array(	'/Suppliers.php',
-												'/SelectSupplier.php',
-												'/Factors.php');
-
-$MenuItems['PO']['Transactions']['Caption'] = array(_('New Purchase Order'),
-													_('Purchase Orders'),
-													_('Purchase Order Grid Entry'),
-													_('Create a New Tender'),
-													_('Edit Existing Tenders'),
-													_('Process Tenders and Offers'),
-													_('Orders to Authorise'),
-													_('Shipment Entry'),
-													_('Select A Shipment'));
-$MenuItems['PO']['Transactions']['URL'] = array(	'/PO_Header.php?NewOrder=Yes',
-													'/PO_SelectOSPurchOrder.php',
-													'/PurchaseByPrefSupplier.php',
-													'/SupplierTenderCreate.php?New=Yes',
-													'/SupplierTenderCreate.php?Edit=Yes',
-													'/OffersReceived.php',
-													'/PO_AuthoriseMyOrders.php',
-													'/SelectSupplier.php',
-													'/Shipt_Select.php');
-
-$MenuItems['PO']['Reports']['Caption'] = array(	_('Purchase Order Inquiry'),
-												_('Purchase Order Detail Or Summary Inquiries'),
-												_('Supplier Price List'));
-
-$MenuItems['PO']['Reports']['URL'] = array(	'/PO_SelectPurchOrder.php',
-											'/POReport.php',
-											'/SuppPriceList.php');
-
-$MenuItems['PO']['Maintenance']['Caption'] = array(_('Maintain Supplier Price Lists'));
-
-$MenuItems['PO']['Maintenance']['URL'] = array('/SupplierPriceList.php');
-
-$MenuItems['stock']['Transactions']['Caption'] = array(	_('Receive Purchase Orders'),
-														_('Inventory Location Transfers'),	//"Inventory Transfer - Item Dispatch"
-														_('Bulk Inventory Transfer') . ' - ' . _('Dispatch'),	//"Inventory Transfer - Bulk Dispatch"
-														_('Bulk Inventory Transfer') . ' - ' . _('Receive'),	//"Inventory Transfer - Receive"
-														_('Inventory Adjustments'),
-														_('Reverse Goods Received'),
-														_('Enter Stock Counts'),
-														_('Create a New Internal Stock Request'),
-														_('Authorise Internal Stock Requests'),
-														_('Fulfill Internal Stock Requests'));
-
-$MenuItems['stock']['Transactions']['URL'] = array(	'/PO_SelectOSPurchOrder.php',
-													'/StockTransfers.php?New=Yes',
-													'/StockLocTransfer.php',
-													'/StockLocTransferReceive.php',
-													'/StockAdjustments.php?NewAdjustment=Yes',
-													'/ReverseGRN.php',
-													'/StockCounts.php',
-													'/InternalStockRequest.php?New=Yes',
-													'/InternalStockRequestAuthorisation.php',
-													'/InternalStockRequestFulfill.php');
-
-$MenuItems['stock']['Reports']['Caption'] = array(	_('Serial Item Research Tool'),
-													_('Print Price Labels'),
-													_('Reprint GRN'),
-													_('Inventory Item Movements'),
-													_('Inventory Item Status'),
-													_('Inventory Item Usage'),
-													_('Inventory Quantities'),
-													_('Reorder Level'),
-													_('Stock Dispatch'),
-													_('Inventory Valuation Report'),
-													_('Mail Inventory Valuation Report'),
-													_('Inventory Planning Report'),
-													_('Inventory Planning Based On Preferred Supplier Data'),
-													_('Inventory Stock Check Sheets'),
-													_('Make Inventory Quantities CSV'),
-													_('Compare Counts Vs Stock Check Data'),
-													_('All Inventory Movements By Location/Date'),
-													_('List Inventory Status By Location/Category'),
-													_('Historical Stock Quantity By Location/Category'),
-													_('List Negative Stocks'),
-													_('Period Stock Transaction Listing'),
-													_('Stock Transfer Note'),
-													_('Aged Controlled Stock Report'));
-
-$MenuItems['stock']['Reports']['URL'] = array(	'/StockSerialItemResearch.php',
-												'/PDFPrintLabel.php',
-												'/ReprintGRN.php',
-												'/StockMovements.php',
-												'/StockStatus.php',
-												'/StockUsage.php',
-												'/InventoryQuantities.php',
-												'/ReorderLevel.php',
-												'/StockDispatch.php',
-												'/InventoryValuation.php',
-												'/MailInventoryValuation.php',
-												'/InventoryPlanning.php',
-												'/InventoryPlanningPrefSupplier.php',
-												'/StockCheck.php',
-												'/StockQties_csv.php',
-												'/PDFStockCheckComparison.php',
-												'/StockLocMovements.php',
-												'/StockLocStatus.php',
-												'/StockQuantityByDate.php',
-												'/PDFStockNegatives.php',
-												'/PDFPeriodStockTransListing.php',
-												'/PDFStockTransfer.php',
-												'/AgedControlledInventory.php');
-
-$MenuItems['stock']['Maintenance']['Caption'] = array(	_('Add A New Item'),
-														_('Select An Item'),
-														_('Review Translated Descriptions'),
-														_('Sales Category Maintenance'),
-														_('Brands Maintenance'),
-														_('Add or Update Prices Based On Costs'),
-														_('View or Update Prices Based On Costs'),
-														_('Reorder Level By Category/Location'));
-
-$MenuItems['stock']['Maintenance']['URL'] = array(	'/Stocks.php',
-													'/SelectProduct.php',
-													'/RevisionTranslations.php',
-													'/SalesCategories.php',
-													'/Manufacturers.php',
-													'/PricesBasedOnMarkUp.php',
-													'/PricesByCost.php',
-													'/ReorderLevelLocation.php');
-
-$MenuItems['manuf']['Transactions']['Caption'] = array(	_('Work Order Entry'),
-														_('Select A Work Order'),
-														_('QA Samples and Test Results'));
-
-$MenuItems['manuf']['Transactions']['URL'] = array(	'/WorkOrderEntry.php',
-													'/SelectWorkOrder.php',
-													'/SelectQASamples.php');
-$MenuItems['manuf']['Reports']['Caption'] = array(	_('Select A Work Order'),
-													_('Costed Bill Of Material Inquiry'),
-													_('Where Used Inquiry'),
-													_('Bill Of Material Listing'),
-													_('Indented Bill Of Material Listing'),
-													_('List Components Required'),
-													_('List Materials Not Used Anywhere'),
-													_('Indented Where Used Listing'),
-													_('WO Items ready to produce'),
-													_('MRP'),
-													_('MRP Shortages'),
-													_('MRP Suggested Purchase Orders'),
-													_('MRP Suggested Work Orders'),
-													_('MRP Reschedules Required'),
-													_('Print Product Specification'),
-													_('Print Certificate of Analysis'),
-													_('Historical QA Test Results'));
-
-$MenuItems['manuf']['Reports']['URL'] = array(	'/SelectWorkOrder.php',
-												'/BOMInquiry.php',
-												'/WhereUsedInquiry.php',
-												'/BOMListing.php',
-												'/BOMIndented.php',
-												'/BOMExtendedQty.php',
-												'/MaterialsNotUsed.php',
-												'/BOMIndentedReverse.php',
-												'/WOCanBeProducedNow.php',
-												'/MRPReport.php',
-												'/MRPShortages.php',
-												'/MRPPlannedPurchaseOrders.php',
-												'/MRPPlannedWorkOrders.php',
-												'/MRPReschedules.php',
-												'/PDFProdSpec.php',
-												'/PDFCOA.php',
-												'/HistoricalTestResults.php');
-
-$MenuItems['manuf']['Maintenance']['Caption'] = array(	_('Work Centre'),
-														_('Bills Of Material'),
-														_('Copy a Bill Of Materials Between Items'),
-														_('Master Schedule'),
-														_('Auto Create Master Schedule')...
 
[truncated message content]

[Web-erp-svn] SF.net SVN: web-erp:[7385] trunk

Accounting & Best Practice Business Administration System

[Web-erp-svn] SF.net SVN: web-erp:[7385] trunk