Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[7398] trunk
|
From: <te...@us...> - 2015-11-24 08:50:30
|
Revision: 7398
http://sourceforge.net/p/web-erp/reponame/7398
Author: tehonu
Date: 2015-11-24 08:50:28 +0000 (Tue, 24 Nov 2015)
Log Message:
-----------
Added script to maintain bank accounts authorized for a given user
Modified Paths:
--------------
trunk/includes/MainMenuLinksArray.php
trunk/sql/mysql/upgrade4.12.3-4.13.sql
Added Paths:
-----------
trunk/UserBankAccounts.php
Added: trunk/UserBankAccounts.php
===================================================================
--- trunk/UserBankAccounts.php (rev 0)
+++ trunk/UserBankAccounts.php 2015-11-24 08:50:28 UTC (rev 7398)
@@ -0,0 +1,235 @@
+<?php
+
+include('includes/session.inc');
+$Title = _('Bank Account Users');;// Screen identificator.
+$ViewTopic = 'GeneralLedger';// Filename's id in ManualContents.php's TOC.
+/* To do this section in the manual.
+$BookMark = 'UserBankAccounts';// Anchor's id in the manual's html document.*/
+include('includes/header.inc');
+
+echo '<p class="page_title_text"><img src="' . $RootPath . '/css/' . $Theme . '/images/money_add.png" title="' . _('User Authorised Bank Accounts') . '" alt="" />' . ' ' . $Title . '</p>';
+
+if (isset($_POST['SelectedBankAccount'])) {
+ $SelectedBankAccount = mb_strtoupper($_POST['SelectedBankAccount']);
+} elseif (isset($_GET['SelectedBankAccount'])) {
+ $SelectedBankAccount = mb_strtoupper($_GET['SelectedBankAccount']);
+} else {
+ $SelectedBankAccount = '';
+}
+
+if (isset($_POST['SelectedUser'])) {
+ $SelectedUser = $_POST['SelectedUser'];
+} elseif (isset($_GET['SelectedUser'])) {
+ $SelectedUser = $_GET['SelectedUser'];
+}
+
+if (isset($_POST['Cancel'])) {
+ unset($SelectedUser);
+ unset($SelectedBankAccount);
+}
+
+if (isset($_POST['Process'])) {
+ if ($_POST['SelectedUser'] == '') {
+ prnMsg(_('You have not selected any User'), 'error');
+ echo '<br />';
+ unset($SelectedUser);
+ unset($_POST['SelectedUser']);
+ }
+}
+
+if (isset($_POST['submit'])) {
+
+ $InputError = 0;
+
+ if ($_POST['SelectedBankAccount'] == '') {
+ $InputError = 1;
+ prnMsg(_('You have not selected a bank account to be authorised for this user'), 'error');
+ echo '<br />';
+ unset($SelectedUser);
+ }
+
+ if ($InputError != 1) {
+
+ // First check the user is not being duplicated
+
+ $CheckSql = "SELECT count(*)
+ FROM bankaccountusers
+ WHERE accountcode= '" . $_POST['SelectedBankAccount'] . "'
+ AND userid = '" . $_POST['SelectedUser'] . "'";
+
+ $CheckResult = DB_query($CheckSql);
+ $CheckRow = DB_fetch_row($CheckResult);
+
+ if ($CheckRow[0] > 0) {
+ $InputError = 1;
+ prnMsg(_('The Bank Account') . ' ' . $_POST['SelectedBankAccount'] . ' ' . _('is already authorised for this user'), 'error');
+ } else {
+ // Add new record on submit
+ $SQL = "INSERT INTO bankaccountusers (accountcode,
+ userid)
+ VALUES ('" . $_POST['SelectedBankAccount'] . "',
+ '" . $_POST['SelectedUser'] . "')";
+
+ $msg = _('User') . ': ' . $_POST['SelectedUser'] . ' ' . _('authority to use the') . ' ' . $_POST['SelectedBankAccount'] . ' ' . _('bank account has been changed');
+ $Result = DB_query($SQL);
+ prnMsg($msg, 'success');
+ unset($_POST['SelectedBankAccount']);
+ }
+ }
+} elseif (isset($_GET['delete'])) {
+ $SQL = "DELETE FROM bankaccountusers
+ WHERE accountcode='" . $SelectedBankAccount . "'
+ AND userid='" . $SelectedUser . "'";
+
+ $ErrMsg = _('The Bank account user record could not be deleted because');
+ $Result = DB_query($SQL, $ErrMsg);
+ prnMsg(_('User') . ' ' . $SelectedUser . ' ' . _('has had their authority to use the') . ' ' . $SelectedBankAccount . ' ' . _('bank account removed'), 'success');
+ unset($_GET['delete']);
+}
+
+if (!isset($SelectedUser)) {
+
+ /* It could still be the second time the page has been run and a record has been selected for modification - SelectedBankAccount will exist because it was sent with the new call. If its the first time the page has been displayed with no parameters
+ then none of the above are true. These will call the same page again and allow update/input or deletion of the records*/
+ echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '">';
+ echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />
+ <table class="selection">
+ <tr>
+ <td>' . _('Select User') . ':</td>
+ <td><select name="SelectedUser">';
+
+ $Result = DB_query("SELECT userid,
+ realname
+ FROM www_users
+ ORDER BY userid");
+
+ echo '<option value="">' . _('Not Yet Selected') . '</option>';
+ while ($MyRow = DB_fetch_array($Result)) {
+ if (isset($SelectedUser) and $MyRow['userid'] == $SelectedUser) {
+ echo '<option selected="selected" value="';
+ } else {
+ echo '<option value="';
+ }
+ echo $MyRow['userid'] . '">' . $MyRow['userid'] . ' - ' . $MyRow['realname'] . '</option>';
+
+ } //end while loop
+
+ echo '</select></td></tr>';
+
+ echo '</table>'; // close main table
+ DB_free_result($Result);
+
+ echo '<div class="centre">
+ <input type="submit" name="Process" value="' . _('Accept') . '" />
+ <input type="submit" name="Cancel" value="' . _('Cancel') . '" />
+ </div>';
+
+ echo '</form>';
+
+}
+
+//end of ifs and buts!
+if (isset($_POST['process']) or isset($SelectedUser)) {
+ $SQLName = "SELECT realname
+ FROM www_users
+ WHERE userid='" . $SelectedUser . "'";
+ $Result = DB_query($SQLName);
+ $MyRow = DB_fetch_array($Result);
+ $SelectedUserName = $MyRow['realname'];
+
+ echo '<div class="centre"><a href="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '">' . _('Authorised bank accounts for') . ' ' . $SelectedUserName . '</a></div>
+ <form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '">
+ <input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />
+ <input type="hidden" name="SelectedUser" value="' . $SelectedUser . '" />';
+
+ $SQL = "SELECT bankaccountusers.accountcode,
+ bankaccounts.bankaccountname
+ FROM bankaccountusers INNER JOIN bankaccounts
+ ON bankaccountusers.accountcode=bankaccounts.accountcode
+ WHERE bankaccountusers.userid='" . $SelectedUser . "'
+ ORDER BY bankaccounts.bankaccountname ASC";
+
+ $Result = DB_query($SQL);
+
+ echo '<table class="selection">';
+ echo '<tr>
+ <th colspan="6"><h3>' . _('Authorised bank accounts for User') . ': ' . $SelectedUserName . '</h3></th>
+ </tr>';
+ echo '<tr>
+ <th>' . _('Code') . '</th>
+ <th>' . _('Name') . '</th>
+ </tr>';
+
+ $k = 0; //row colour counter
+
+ while ($MyRow = DB_fetch_array($Result)) {
+ if ($k == 1) {
+ echo '<tr class="EvenTableRows">';
+ $k = 0;
+ } else {
+ echo '<tr class="OddTableRows">';
+ $k = 1;
+ }
+
+ printf('<td>%s</td>
+ <td>%s</td>
+ <td><a href="%s?SelectedBankAccount=%s&delete=yes&SelectedUser=' . $SelectedUser . '" onclick="return confirm(\'' . _('Are you sure you wish to un-authorise this bank account?') . '\');">' . _('Un-authorise') . '</a></td>
+ </tr>',
+ $MyRow['accountcode'],
+ $MyRow['bankaccountname'],
+ htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8'),
+ $MyRow['accountcode'],
+ htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8'),
+ $MyRow['accountcode']);
+ }
+ //END WHILE LIST LOOP
+ echo '</table>';
+
+ if (!isset($_GET['delete'])) {
+
+
+ echo '<table class="selection">'; //Main table
+
+ echo '<tr>
+ <td>' . _('Select Bank Account') . ':</td>
+ <td><select name="SelectedBankAccount">';
+
+ $Result = DB_query("SELECT accountcode,
+ bankaccountname
+ FROM bankaccounts
+ WHERE NOT EXISTS (SELECT bankaccountusers.accountcode
+ FROM bankaccountusers
+ WHERE bankaccountusers.userid='" . $SelectedUser . "'
+ AND bankaccountusers.accountcode=bankaccounts.accountcode)
+ ORDER BY bankaccountname");
+
+ if (!isset($_POST['SelectedBankAccount'])) {
+ echo '<option selected="selected" value="">' . _('Not Yet Selected') . '</option>';
+ }
+ while ($MyRow = DB_fetch_array($Result)) {
+ if (isset($_POST['SelectedBankAccount']) and $MyRow['accountcode'] == $_POST['SelectedBankAccount']) {
+ echo '<option selected="selected" value="';
+ } else {
+ echo '<option value="';
+ }
+ echo $MyRow['accountcode'] . '">' . $MyRow['accountcode'] . ' - ' . $MyRow['bankaccountname'] . '</option>';
+
+ } //end while loop
+
+ echo '</select>
+ </td>
+ </tr>
+ </table>'; // close main table
+ DB_free_result($Result);
+
+ echo '<div class="centre">
+ <input type="submit" name="submit" value="' . _('Accept') . '" />
+ <input type="submit" name="Cancel" value="' . _('Cancel') . '" />
+ </div>
+ </form>';
+
+ } // end if user wish to delete
+}
+
+include('includes/footer.inc');
+?>
Modified: trunk/includes/MainMenuLinksArray.php
===================================================================
--- trunk/includes/MainMenuLinksArray.php 2015-11-21 09:42:58 UTC (rev 7397)
+++ trunk/includes/MainMenuLinksArray.php 2015-11-24 08:50:28 UTC (rev 7398)
@@ -400,7 +400,8 @@
_('User Authorised GL Accounts Maintenance'),
_('Copy Authority GL Accounts from user A to B'),
_('Bank Accounts'),
- _('Bank Account Authorised Users'));
+ _('Bank Account Authorized Users'),
+ _('User Authorized Bank Accounts'));
$MenuItems['GL']['Maintenance']['URL'] = array( '/AccountSections.php',
'/AccountGroups.php',
@@ -411,7 +412,8 @@
'/UserGLAccounts.php',
'/GLAccountUsersCopyAuthority.php',
'/BankAccounts.php',
- '/BankAccountUsers.php');
+ '/BankAccountUsers.php',
+ '/UserBankAccounts.php');
$MenuItems['FA']['Transactions']['Caption'] = array(_('Add a new Asset'),
_('Select an Asset'),
Modified: trunk/sql/mysql/upgrade4.12.3-4.13.sql
===================================================================
--- trunk/sql/mysql/upgrade4.12.3-4.13.sql 2015-11-21 09:42:58 UTC (rev 7397)
+++ trunk/sql/mysql/upgrade4.12.3-4.13.sql 2015-11-24 08:50:28 UTC (rev 7398)
@@ -50,5 +50,8 @@
('UserGLAccounts.php', '15', 'Maintenance of GL Accounts allowed for a user');
ALTER table stockrequest DROP FOREIGN KEY `stockrequest_ibfk_3`;
ALTER table stockrequest DROP FOREIGN KEY `stockrequest_ibfk_4`;
+
+INSERT INTO `scripts` (`script`, `pagesecurity`, `description`) VALUES ('UserBankAccounts.php', '15', 'Maintains table bankaccountusers (Authorized users to work with a bank account in webERP)');
+
-- Update version number:
UPDATE config SET confvalue='4.13' WHERE confname='VersionNumber';
|
