Menu
▾
▴
web-erp-svn
|
From: <tim...@us...> - 2012-02-14 20:40:18
|
Revision: 4898
http://web-erp.svn.sourceforge.net/web-erp/?rev=4898&view=rev
Author: tim_schofield
Date: 2012-02-14 20:40:12 +0000 (Tue, 14 Feb 2012)
Log Message:
-----------
Fix bug in delete log. Merge from Tims branch and bring Phils code in line with coding guidelines
Modified Paths:
--------------
trunk/AddCustomerNotes.php
Modified: trunk/AddCustomerNotes.php
===================================================================
--- trunk/AddCustomerNotes.php 2012-02-14 19:14:41 UTC (rev 4897)
+++ trunk/AddCustomerNotes.php 2012-02-14 20:40:12 UTC (rev 4898)
@@ -20,7 +20,7 @@
echo '<a href="' . $rootpath . '/SelectCustomer.php?DebtorNo=' . $DebtorNo . '">' . _('Back to Select Customer') . '</a>
<br />';
-
+
if ( isset($_POST['submit']) ) {
//initialise no input errors assumed initially before we test
@@ -83,11 +83,10 @@
// PREVENT DELETES IF DEPENDENT RECORDS IN 'SalesOrders'
- $sql="DELETE FROM custnotes
+ $sql="DELETE FROM custnotes
WHERE noteid='".$Id."'
AND debtorno='".$DebtorNo."'";
$result = DB_query($sql,$db);
- //echo '<br />'.$sql;
echo '<br />';
prnMsg( _('The contact note record has been deleted'), 'success');
@@ -96,7 +95,7 @@
}
if (!isset($Id)) {
- $SQLname="SELECT * FROM debtorsmaster
+ $SQLname="SELECT * FROM debtorsmaster
WHERE debtorno='".$DebtorNo."'";
$Result = DB_query($SQLname,$db);
$row = DB_fetch_array($Result);
@@ -110,11 +109,10 @@
note,
date,
priority
- FROM custnotes
- WHERE debtorno='".$DebtorNo."'
- ORDER BY date DESC";
+ FROM custnotes
+ WHERE debtorno='".$DebtorNo."'
+ ORDER BY date DESC";
$result = DB_query($sql,$db);
- //echo '<br />'.$sql;
echo '<table class="selection">
<tr>
@@ -145,12 +143,12 @@
$myrow['href'],
$myrow['href'],
$myrow['priority'],
- htmlspecialchars($_SERVER['PHP_SELF']) . '?',
+ htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '?',
$myrow['noteid'],
$myrow['debtorno'],
- htmlspecialchars($_SERVER['PHP_SELF']) . '?',
+ htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '?',
$myrow['noteid'],
- $myrow['priority']);
+ $myrow['debtorno']);
}
//END WHILE LIST LOOP
@@ -165,21 +163,21 @@
if (!isset($_GET['delete'])) {
- echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF']) . '?DebtorNo='.$DebtorNo.'">';
+ echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '?DebtorNo=' . $DebtorNo . '">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
if (isset($Id)) {
//editing an existing
$sql = "SELECT noteid,
- debtorno,
- href,
- note,
- date,
- priority
- FROM custnotes
- WHERE noteid='".$Id."'
- AND debtorno='".$DebtorNo."'";
+ debtorno,
+ href,
+ note,
+ date,
+ priority
+ FROM custnotes
+ WHERE noteid='".$Id."'
+ AND debtorno='".$DebtorNo."'";
$result = DB_query($sql, $db);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <tim...@us...> - 2012-02-14 20:40:18
|
Revision: 4898
http://web-erp.svn.sourceforge.net/web-erp/?rev=4898&view=rev
Author: tim_schofield
Date: 2012-02-14 20:40:12 +0000 (Tue, 14 Feb 2012)
Log Message:
-----------
Fix bug in delete log. Merge from Tims branch and bring Phils code in line with coding guidelines
Modified Paths:
--------------
trunk/AddCustomerNotes.php
Modified: trunk/AddCustomerNotes.php
===================================================================
--- trunk/AddCustomerNotes.php 2012-02-14 19:14:41 UTC (rev 4897)
+++ trunk/AddCustomerNotes.php 2012-02-14 20:40:12 UTC (rev 4898)
@@ -20,7 +20,7 @@
echo '<a href="' . $rootpath . '/SelectCustomer.php?DebtorNo=' . $DebtorNo . '">' . _('Back to Select Customer') . '</a>
<br />';
-
+
if ( isset($_POST['submit']) ) {
//initialise no input errors assumed initially before we test
@@ -83,11 +83,10 @@
// PREVENT DELETES IF DEPENDENT RECORDS IN 'SalesOrders'
- $sql="DELETE FROM custnotes
+ $sql="DELETE FROM custnotes
WHERE noteid='".$Id."'
AND debtorno='".$DebtorNo."'";
$result = DB_query($sql,$db);
- //echo '<br />'.$sql;
echo '<br />';
prnMsg( _('The contact note record has been deleted'), 'success');
@@ -96,7 +95,7 @@
}
if (!isset($Id)) {
- $SQLname="SELECT * FROM debtorsmaster
+ $SQLname="SELECT * FROM debtorsmaster
WHERE debtorno='".$DebtorNo."'";
$Result = DB_query($SQLname,$db);
$row = DB_fetch_array($Result);
@@ -110,11 +109,10 @@
note,
date,
priority
- FROM custnotes
- WHERE debtorno='".$DebtorNo."'
- ORDER BY date DESC";
+ FROM custnotes
+ WHERE debtorno='".$DebtorNo."'
+ ORDER BY date DESC";
$result = DB_query($sql,$db);
- //echo '<br />'.$sql;
echo '<table class="selection">
<tr>
@@ -145,12 +143,12 @@
$myrow['href'],
$myrow['href'],
$myrow['priority'],
- htmlspecialchars($_SERVER['PHP_SELF']) . '?',
+ htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '?',
$myrow['noteid'],
$myrow['debtorno'],
- htmlspecialchars($_SERVER['PHP_SELF']) . '?',
+ htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '?',
$myrow['noteid'],
- $myrow['priority']);
+ $myrow['debtorno']);
}
//END WHILE LIST LOOP
@@ -165,21 +163,21 @@
if (!isset($_GET['delete'])) {
- echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF']) . '?DebtorNo='.$DebtorNo.'">';
+ echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '?DebtorNo=' . $DebtorNo . '">';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
if (isset($Id)) {
//editing an existing
$sql = "SELECT noteid,
- debtorno,
- href,
- note,
- date,
- priority
- FROM custnotes
- WHERE noteid='".$Id."'
- AND debtorno='".$DebtorNo."'";
+ debtorno,
+ href,
+ note,
+ date,
+ priority
+ FROM custnotes
+ WHERE noteid='".$Id."'
+ AND debtorno='".$DebtorNo."'";
$result = DB_query($sql, $db);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <dai...@us...> - 2012-02-15 06:47:10
|
Revision: 4901
http://web-erp.svn.sourceforge.net/web-erp/?rev=4901&view=rev
Author: daintree
Date: 2012-02-15 06:47:04 +0000 (Wed, 15 Feb 2012)
Log Message:
-----------
more tidying
Modified Paths:
--------------
trunk/AddCustomerNotes.php
Modified: trunk/AddCustomerNotes.php
===================================================================
--- trunk/AddCustomerNotes.php 2012-02-15 06:39:46 UTC (rev 4900)
+++ trunk/AddCustomerNotes.php 2012-02-15 06:47:04 UTC (rev 4901)
@@ -34,21 +34,20 @@
prnMsg( _('The contact priority must be an integer.'), 'error');
} elseif (mb_strlen($_POST['note']) >200) {
$InputError = 1;
- prnMsg( _("The contact's notes must be two hundred characters or less long"), 'error');
+ prnMsg( _('The contact\'s notes must be two hundred characters or less long'), 'error');
} elseif( trim($_POST['note']) == '' ) {
$InputError = 1;
- prnMsg( _("The contact's notes may not be empty"), 'error');
+ prnMsg( _('The contact\'s notes may not be empty'), 'error');
}
if (isset($Id) and $InputError !=1) {
- $sql = "UPDATE custnotes SET
- note='" . $_POST['note'] . "',
- date='" . FormatDateForSQL($_POST['date']) . "',
- href='" . $_POST['href'] . "',
- priority='" . $_POST['priority'] . "'
- WHERE debtorno ='".$DebtorNo."'
- AND noteid='".$Id."'";
+ $sql = "UPDATE custnotes SET note='" . $_POST['note'] . "',
+ date='" . FormatDateForSQL($_POST['date']) . "',
+ href='" . $_POST['href'] . "',
+ priority='" . $_POST['priority'] . "'
+ WHERE debtorno ='".$DebtorNo."'
+ AND noteid='".$Id."'";
$msg = _('Customer Notes') . ' ' . $DebtorNo . ' ' . _('has been updated');
} elseif ($InputError !=1) {
@@ -99,8 +98,7 @@
WHERE debtorno='".$DebtorNo."'";
$Result = DB_query($SQLname,$db);
$row = DB_fetch_array($Result);
- echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/maintenance.png" title="' . _('Search') .
- '" alt="" />' . _('Notes for Customer').': <b>' .$row['name'].'</b></p>
+ echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/maintenance.png" title="' . _('Search') . '" alt="" />' . _('Notes for Customer').': <b>' .$row['name'].'</b></p>
<br />';
$sql = "SELECT noteid,
@@ -156,7 +154,7 @@
}
if (isset($Id)) {
echo '<div class="centre">
- <a href="'.htmlspecialchars($_SERVER['PHP_SELF']) . '?DebtorNo='.$DebtorNo.'">'._('Review all notes for this Customer').'</a>
+ <a href="'.htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '?DebtorNo='.$DebtorNo.'">'._('Review all notes for this Customer').'</a>
</div>';
}
echo '<br />';
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <dai...@us...> - 2012-02-15 06:47:11
|
Revision: 4901
http://web-erp.svn.sourceforge.net/web-erp/?rev=4901&view=rev
Author: daintree
Date: 2012-02-15 06:47:04 +0000 (Wed, 15 Feb 2012)
Log Message:
-----------
more tidying
Modified Paths:
--------------
trunk/AddCustomerNotes.php
Modified: trunk/AddCustomerNotes.php
===================================================================
--- trunk/AddCustomerNotes.php 2012-02-15 06:39:46 UTC (rev 4900)
+++ trunk/AddCustomerNotes.php 2012-02-15 06:47:04 UTC (rev 4901)
@@ -34,21 +34,20 @@
prnMsg( _('The contact priority must be an integer.'), 'error');
} elseif (mb_strlen($_POST['note']) >200) {
$InputError = 1;
- prnMsg( _("The contact's notes must be two hundred characters or less long"), 'error');
+ prnMsg( _('The contact\'s notes must be two hundred characters or less long'), 'error');
} elseif( trim($_POST['note']) == '' ) {
$InputError = 1;
- prnMsg( _("The contact's notes may not be empty"), 'error');
+ prnMsg( _('The contact\'s notes may not be empty'), 'error');
}
if (isset($Id) and $InputError !=1) {
- $sql = "UPDATE custnotes SET
- note='" . $_POST['note'] . "',
- date='" . FormatDateForSQL($_POST['date']) . "',
- href='" . $_POST['href'] . "',
- priority='" . $_POST['priority'] . "'
- WHERE debtorno ='".$DebtorNo."'
- AND noteid='".$Id."'";
+ $sql = "UPDATE custnotes SET note='" . $_POST['note'] . "',
+ date='" . FormatDateForSQL($_POST['date']) . "',
+ href='" . $_POST['href'] . "',
+ priority='" . $_POST['priority'] . "'
+ WHERE debtorno ='".$DebtorNo."'
+ AND noteid='".$Id."'";
$msg = _('Customer Notes') . ' ' . $DebtorNo . ' ' . _('has been updated');
} elseif ($InputError !=1) {
@@ -99,8 +98,7 @@
WHERE debtorno='".$DebtorNo."'";
$Result = DB_query($SQLname,$db);
$row = DB_fetch_array($Result);
- echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/maintenance.png" title="' . _('Search') .
- '" alt="" />' . _('Notes for Customer').': <b>' .$row['name'].'</b></p>
+ echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/maintenance.png" title="' . _('Search') . '" alt="" />' . _('Notes for Customer').': <b>' .$row['name'].'</b></p>
<br />';
$sql = "SELECT noteid,
@@ -156,7 +154,7 @@
}
if (isset($Id)) {
echo '<div class="centre">
- <a href="'.htmlspecialchars($_SERVER['PHP_SELF']) . '?DebtorNo='.$DebtorNo.'">'._('Review all notes for this Customer').'</a>
+ <a href="'.htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '?DebtorNo='.$DebtorNo.'">'._('Review all notes for this Customer').'</a>
</div>';
}
echo '<br />';
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X