[Weberp-svn] SF.net SVN: weberp:[4200] trunk
Brought to you by:
sotandeka,
tim_schofield
Menu
▾
▴
[Weberp-svn] SF.net SVN: weberp:[4200] trunk
|
From: <sot...@us...> - 2011-01-09 13:28:01
|
Revision: 4200
http://weberp.svn.sourceforge.net/weberp/?rev=4200&view=rev
Author: sotandeka
Date: 2011-01-09 13:27:55 +0000 (Sun, 09 Jan 2011)
Log Message:
-----------
Correct the quotes in SQL literals
Modified Paths:
--------------
trunk/FixedAssetDepreciation.php
trunk/FixedAssetItems.php
trunk/FixedAssetList.php
trunk/FixedAssetLocations.php
trunk/FixedAssetRegister.php
trunk/FixedAssetTransfer.php
trunk/FreightCosts.php
Modified: trunk/FixedAssetDepreciation.php
===================================================================
--- trunk/FixedAssetDepreciation.php 2011-01-09 13:15:19 UTC (rev 4199)
+++ trunk/FixedAssetDepreciation.php 2011-01-09 13:27:55 UTC (rev 4200)
@@ -13,12 +13,12 @@
/*Get the last period depreciation (depn is transtype =44) was posted for */
-$result = DB_query('SELECT periods.lastdate_in_period,
+$result = DB_query("SELECT periods.lastdate_in_period,
max(fixedassettrans.periodno)
FROM fixedassettrans INNER JOIN periods
ON fixedassettrans.periodno=periods.periodno
WHERE transtype=44
- GROUP BY periods.lastdate_in_period',$db);
+ GROUP BY periods.lastdate_in_period",$db);
$LastDepnRun = DB_fetch_row($result);
@@ -40,7 +40,7 @@
/* Get list of assets for journal */
-$sql='SELECT fixedassets.assetid,
+$sql="SELECT fixedassets.assetid,
fixedassets.description,
fixedassets.depntype,
fixedassets.depnrate,
@@ -48,14 +48,14 @@
fixedassetcategories.accumdepnact,
fixedassetcategories.depnact,
fixedassetcategories.categorydescription,
- SUM(CASE WHEN fixedassettrans.fixedassettranstype="cost" THEN fixedassettrans.amount ELSE 0 END) AS costtotal,
- SUM(CASE WHEN fixedassettrans.fixedassettranstype="depn" THEN fixedassettrans.amount ELSE 0 END) AS depnbfwd
+ SUM(CASE WHEN fixedassettrans.fixedassettranstype='cost' THEN fixedassettrans.amount ELSE 0 END) AS costtotal,
+ SUM(CASE WHEN fixedassettrans.fixedassettranstype='depn' THEN fixedassettrans.amount ELSE 0 END) AS depnbfwd
FROM fixedassets
INNER JOIN fixedassetcategories
ON fixedassets.assetcategoryid=fixedassetcategories.categoryid
INNER JOIN fixedassettrans
ON fixedassets.assetid=fixedassettrans.assetid
- WHERE fixedassettrans.transdate<="' . FormatDateForSQL($_POST['ProcessDate']) . '"
+ WHERE fixedassettrans.transdate<='" . FormatDateForSQL($_POST['ProcessDate']) . "'
GROUP BY fixedassets.assetid,
fixedassets.description,
fixedassets.depntype,
@@ -64,7 +64,7 @@
fixedassetcategories.accumdepnact,
fixedassetcategories.depnact,
fixedassetcategories.categorydescription
- ORDER BY assetcategoryid, assetid';
+ ORDER BY assetcategoryid, assetid";
$AssetsResult=DB_query($sql, $db);
$InputError = false; //always hope for the best
@@ -261,4 +261,4 @@
echo '</form>';
}
include('includes/footer.inc');
-?>
\ No newline at end of file
+?>
Modified: trunk/FixedAssetItems.php
===================================================================
--- trunk/FixedAssetItems.php 2011-01-09 13:15:19 UTC (rev 4199)
+++ trunk/FixedAssetItems.php 2011-01-09 13:27:55 UTC (rev 4200)
@@ -277,25 +277,25 @@
$CancelDelete = 0;
//what validation is required before allowing deletion of assets .... maybe there should be no deletion option?
- $result = DB_query('SELECT cost,
+ $result = DB_query("SELECT cost,
accumdepn,
accumdepnact,
costact
FROM fixedassets INNER JOIN fixedassetcategories
ON fixedassets.assetcategoryid=fixedassetcategories.categoryid
- WHERE assetid="' . $AssetID . '"', $db);
+ WHERE assetid='" . $AssetID . "'", $db);
$AssetRow = DB_fetch_array($result);
$NBV = $AssetRow['cost'] -$AssetRow['accumdepn'];
if ($NBV!=0) {
$CancelDelete =1; //cannot delete assets where NBV is not 0
prnMsg(_('The asset still has a net book value - only assets with a zero net book value can be deleted'),'error');
}
- $result = DB_query('SELECT * FROM fixedassettrans WHERE assetid="' . $AssetID . '"',$db);
+ $result = DB_query("SELECT * FROM fixedassettrans WHERE assetid='" . $AssetID . "'",$db);
if (DB_num_rows($result) > 0){
$CancelDelete =1; /*cannot delete assets with transactions */
prnMsg(_('The asset has transactions associated with it. The asset can only be deleted when the fixed asset transactions are purged, otherwise the integrity of fixed asset reports may be compromised'),'error');
}
- $result = DB_query('SELECT * FROM purchorderdetails WHERE assetid="' . $AssetID . '"',$db);
+ $result = DB_query("SELECT * FROM purchorderdetails WHERE assetid='" . $AssetID . "'",$db);
if (DB_num_rows($result) > 0){
$CancelDelete =1; /*cannot delete assets where there is a purchase order set up for it */
prnMsg(_('There is a purchase order set up for this asset. The purchase order line must be deleted first'),'error');
@@ -464,7 +464,7 @@
echo '<tr><td>' . _('Asset Category') . ':</td><td><select name="AssetCategoryID">';
-$sql = 'SELECT categoryid, categorydescription FROM fixedassetcategories';
+$sql = "SELECT categoryid, categorydescription FROM fixedassetcategories";
$ErrMsg = _('The asset categories could not be retrieved because');
$DbgMsg = _('The SQL used to retrieve stock categories and failed was');
$result = DB_query($sql,$db,$ErrMsg,$DbgMsg);
@@ -486,7 +486,7 @@
echo '<tr><td>' . _('Date Purchased') . ':</td><td>' . ConvertSQLDate($AssetRow['datepurchased']) . '</td></tr>';
}
-$sql = 'SELECT locationid, locationdescription FROM fixedassetlocations';
+$sql = "SELECT locationid, locationdescription FROM fixedassetlocations";
$ErrMsg = _('The asset locations could not be retrieved because');
$DbgMsg = _('The SQL used to retrieve asset locations and failed was');
$result = DB_query($sql,$db,$ErrMsg,$DbgMsg);
@@ -531,7 +531,7 @@
echo '<tr><td>' . _('Accumulated Depreciation') . ':</td><td class="number">' . number_format($AssetRow['accumdepn'],2) . '</td></tr>';
echo '<tr><td>' . _('Net Book Value') . ':</td><td class="number">' . number_format($AssetRow['cost']-$AssetRow['accumdepn'],2) . '</td></tr>';
-$result = DB_query('SELECT periods.lastdate_in_period, max(fixedassettrans.periodno) FROM fixedassettrans INNER JOIN periods ON fixedassettrans.periodno=periods.periodno WHERE transtype=44 GROUP BY periods.lastdate_in_period',$db);
+$result = DB_query("SELECT periods.lastdate_in_period, max(fixedassettrans.periodno) FROM fixedassettrans INNER JOIN periods ON fixedassettrans.periodno=periods.periodno WHERE transtype=44 GROUP BY periods.lastdate_in_period",$db);
$LastDepnRun = DB_fetch_row($result);
if(DB_num_rows($result)==0){
$LastRunDate = _('Not Yet Run');
@@ -554,4 +554,4 @@
echo '</form></div>';
include('includes/footer.inc');
-?>
\ No newline at end of file
+?>
Modified: trunk/FixedAssetList.php
===================================================================
--- trunk/FixedAssetList.php 2011-01-09 13:15:19 UTC (rev 4199)
+++ trunk/FixedAssetList.php 2011-01-09 13:27:55 UTC (rev 4200)
@@ -7,7 +7,7 @@
echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/maintenance.png" title="' .
_('Search') . '" alt="" />' . ' ' . $title .'</p>';
-$sql='SELECT stockmaster.stockid,
+$sql="SELECT stockmaster.stockid,
assetmanager.serialno,
stockmaster.description,
stockcatproperties.label,
@@ -20,7 +20,7 @@
LEFT JOIN stockitemproperties
ON stockcatproperties.stkcatpropid=stockitemproperties.stkcatpropid
WHERE stockmaster.stockid=stockitemproperties.stockid
- ORDER BY assetmanager.serialno,stockmaster.stockid';
+ ORDER BY assetmanager.serialno,stockmaster.stockid";
$result=DB_query($sql, $db);
echo '<table class=selection>';
@@ -43,4 +43,4 @@
echo '</table>';
include('includes/footer.inc');
-?>
\ No newline at end of file
+?>
Modified: trunk/FixedAssetLocations.php
===================================================================
--- trunk/FixedAssetLocations.php 2011-01-09 13:15:19 UTC (rev 4199)
+++ trunk/FixedAssetLocations.php 2011-01-09 13:27:55 UTC (rev 4200)
@@ -19,16 +19,16 @@
$InputError=1;
}
if ($InputError==0) {
- $sql='INSERT INTO fixedassetlocations
+ $sql="INSERT INTO fixedassetlocations
VALUES (
- "'.$_POST['LocationID'].'",
- "'.$_POST['LocationDescription'].'",
- "'.$_POST['ParentLocationID'].'")';
+ '".$_POST['LocationID']."',
+ '".$_POST['LocationDescription']."',
+ '".$_POST['ParentLocationID']."')";
$result=DB_query($sql, $db);
}
}
if (isset($_GET['SelectedLocation'])) {
- $sql='SELECT * FROM fixedassetlocations WHERE locationid="'.$_GET['SelectedLocation'].'"';
+ $sql="SELECT * FROM fixedassetlocations WHERE locationid='".$_GET['SelectedLocation']."'";
$result = DB_query($sql, $db);
$myrow = DB_fetch_array($result);
$LocationID = $myrow['locationid'];
@@ -49,10 +49,10 @@
$InputError=1;
}
if ($InputError==0) {
- $sql='UPDATE fixedassetlocations SET
- locationdescription="'.$_POST['LocationDescription'].'",
- parentlocationid="'.$_POST['ParentLocationID'].'"
- WHERE locationid ="'.$_POST['LocationID'].'"';
+ $sql="UPDATE fixedassetlocations SET
+ locationdescription='".$_POST['LocationDescription']."',
+ parentlocationid='".$_POST['ParentLocationID']."'
+ WHERE locationid ='".$_POST['LocationID']."'";
$result=DB_query($sql,$db);
echo '<meta http-equiv="Refresh" content="0; url="'.$_SERVER['PHP_SELF'].'">';
}
@@ -83,7 +83,7 @@
}
}
-$sql='SELECT * FROM fixedassetlocations';
+$sql="SELECT * FROM fixedassetlocations";
$result=DB_query($sql, $db);
if (DB_num_rows($result) > 0) {
@@ -119,7 +119,7 @@
echo '<tr><th style="text-align:left">'._('Parent Location').'</th>';
echo '<td><select name=ParentLocationID>';
-$sql='SELECT * FROM fixedassetlocations';
+$sql="SELECT * FROM fixedassetlocations";
$result=DB_query($sql, $db);
echo '<option value=""></option>';
@@ -151,4 +151,4 @@
echo '</form>';
include('includes/footer.inc');
-?>
\ No newline at end of file
+?>
Modified: trunk/FixedAssetRegister.php
===================================================================
--- trunk/FixedAssetRegister.php 2011-01-09 13:15:19 UTC (rev 4199)
+++ trunk/FixedAssetRegister.php 2011-01-09 13:27:55 UTC (rev 4200)
@@ -14,7 +14,7 @@
}
$DateFrom = FormatDateForSQL($_POST['FromDate']);
$DateTo = FormatDateForSQL($_POST['ToDate']);
- $sql = 'SELECT fixedassets.assetid,
+ $sql = "SELECT fixedassets.assetid,
fixedassets.description,
fixedassets.longdescription,
fixedassets.assetcategoryid,
@@ -24,17 +24,17 @@
fixedassetlocations.parentlocationid,
fixedassets.assetlocation,
fixedassets.disposaldate,
- SUM(CASE WHEN (fixedassettrans.transdate <"' . $DateFrom . '" AND fixedassettrans.fixedassettranstype="cost") THEN fixedassettrans.amount ELSE 0 END) AS bfwdcost,
- SUM(CASE WHEN (fixedassettrans.transdate <"' . $DateFrom .'" AND fixedassettrans.fixedassettranstype="depn") THEN fixedassettrans.amount ELSE 0 END) AS bfwddepn,
- SUM(CASE WHEN (fixedassettrans.transdate >="' . $DateFrom .'" AND fixedassettrans.transdate <="' . $DateTo . '" AND fixedassettrans.fixedassettranstype="cost") THEN fixedassettrans.amount ELSE 0 END) AS periodadditions,
- SUM(CASE WHEN fixedassettrans.transdate >="' . $DateFrom . '" AND fixedassettrans.transdate <="' . $DateTo . '" AND fixedassettrans.fixedassettranstype="depn" THEN fixedassettrans.amount ELSE 0 END) AS perioddepn,
- SUM(CASE WHEN fixedassettrans.transdate >="' . $DateFrom . '" AND fixedassettrans.transdate <="' . $DateTo . '" AND fixedassettrans.fixedassettranstype="disposal" THEN fixedassettrans.amount ELSE 0 END) AS perioddisposal
+ SUM(CASE WHEN (fixedassettrans.transdate <'" . $DateFrom . "' AND fixedassettrans.fixedassettranstype='cost') THEN fixedassettrans.amount ELSE 0 END) AS bfwdcost,
+ SUM(CASE WHEN (fixedassettrans.transdate <'" . $DateFrom . "' AND fixedassettrans.fixedassettranstype='depn') THEN fixedassettrans.amount ELSE 0 END) AS bfwddepn,
+ SUM(CASE WHEN (fixedassettrans.transdate >='" . $DateFrom ."' AND fixedassettrans.transdate <='" . $DateTo . "' AND fixedassettrans.fixedassettranstype='cost') THEN fixedassettrans.amount ELSE 0 END) AS periodadditions,
+ SUM(CASE WHEN fixedassettrans.transdate >='" . $DateFrom . "' AND fixedassettrans.transdate <='" . $DateTo . "' AND fixedassettrans.fixedassettranstype='depn' THEN fixedassettrans.amount ELSE 0 END) AS perioddepn,
+ SUM(CASE WHEN fixedassettrans.transdate >='" . $DateFrom . "' AND fixedassettrans.transdate <='" . $DateTo . "' AND fixedassettrans.fixedassettranstype='disposal' THEN fixedassettrans.amount ELSE 0 END) AS perioddisposal
FROM fixedassets
INNER JOIN fixedassetcategories ON fixedassets.assetcategoryid=fixedassetcategories.categoryid
INNER JOIN fixedassetlocations ON fixedassets.assetlocation=fixedassetlocations.locationid
INNER JOIN fixedassettrans ON fixedassets.assetid=fixedassettrans.assetid
- WHERE fixedassets.assetcategoryid ' . LIKE . '"' . $_POST['AssetCategory'] . '"
- AND fixedassets.assetid ' . LIKE . '"' . $_POST['AssetID'] . '"
+ WHERE fixedassets.assetcategoryid " . LIKE . "'" . $_POST['AssetCategory'] . "'
+ AND fixedassets.assetid " . LIKE . "'" . $_POST['AssetID'] . "'
GROUP BY fixedassets.assetid,
fixedassets.description,
fixedassets.longdescription,
@@ -43,7 +43,7 @@
fixedassetlocations.locationdescription,
fixedassets.datepurchased,
fixedassetlocations.parentlocationid,
- fixedassets.assetlocation';
+ fixedassets.assetlocation";
$result = DB_query($sql, $db);
if (isset($_POST['pdf'])) {
$FontSize = 10;
@@ -53,7 +53,7 @@
if ($_POST['AssetCategory']=='%') {
$AssetCategory=_('All');
} else {
- $CategorySQL='SELECT categorydescription FROM fixedassetcategories WHERE categoryid="'.$_POST['AssetCategory'].'"';
+ $CategorySQL="SELECT categorydescription FROM fixedassetcategories WHERE categoryid='".$_POST['AssetCategory']."'";
$CategoryResult=DB_query($CategorySQL, $db);
$CategoryRow=DB_fetch_array($CategoryResult);
$AssetCategory=$CategoryRow['categorydescription'];
@@ -62,7 +62,7 @@
if ($_POST['AssetID']=='%') {
$AssetDescription =_('All');
} else {
- $AssetSQL='SELECT description FROM fixedassets WHERE assetid="'.$_POST['AssetID'].'"';
+ $AssetSQL="SELECT description FROM fixedassets WHERE assetid='".$_POST['AssetID']."'";
$AssetResult=DB_query($AssetSQL, $db);
$AssetRow=DB_fetch_array($AssetResult);
$AssetDescription =$AssetRow['description'];
@@ -231,7 +231,7 @@
include ('includes/header.inc');
echo '<p class="page_title_text"><img src="' . $rootpath . '/css/' . $theme . '/images/magnifier.png" title="' . _('Search') . '" alt="">' . ' ' . $title;
- $result = DB_query('SELECT categoryid,categorydescription FROM fixedassetcategories', $db);
+ $result = DB_query("SELECT categoryid,categorydescription FROM fixedassetcategories", $db);
echo '<form name="RegisterForm" method="post" action="' . $_SERVER['PHP_SELF'] . '?' . SID . '"><table class=selection>';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
echo '<tr><th>' . _('Asset Category') . '</th>';
@@ -245,7 +245,7 @@
}
}
echo '</select></td></tr>';
- $sql = 'SELECT locationid, locationdescription FROM fixedassetlocations';
+ $sql = "SELECT locationid, locationdescription FROM fixedassetlocations";
$result = DB_query($sql, $db);
echo '<tr><th>' . _('Asset Location') . '</th>';
echo '<td><select name=AssetLocation>';
@@ -258,7 +258,7 @@
}
}
echo '</select></td></tr>';
- $sql = 'SELECT assetid, description FROM fixedassets';
+ $sql = "SELECT assetid, description FROM fixedassets";
$result = DB_query($sql, $db);
echo '<tr><th>' . _('Asset') . '</th>';
echo '<td><select name="AssetID">';
@@ -368,4 +368,4 @@
$PageNumber++;
}
-?>
\ No newline at end of file
+?>
Modified: trunk/FixedAssetTransfer.php
===================================================================
--- trunk/FixedAssetTransfer.php 2011-01-09 13:15:19 UTC (rev 4199)
+++ trunk/FixedAssetTransfer.php 2011-01-09 13:27:55 UTC (rev 4200)
@@ -11,9 +11,9 @@
foreach ($_POST as $AssetToMove => $Value) { //Value is not used?
if (substr($AssetToMove,0,4)=='Move') { // the form variable is of the format MoveAssetID so need to strip the move bit off
$AssetID=substr($AssetToMove,4);
- $sql='UPDATE fixedassets
- SET assetlocation="'.$_POST['Location'.$AssetID] .'"
- WHERE assetid="'. $AssetID . '"';
+ $sql="UPDATE fixedassets
+ SET assetlocation='".$_POST['Location'.$AssetID] ."'
+ WHERE assetid='". $AssetID . "'";
$result=DB_query($sql, $db);
}
@@ -24,7 +24,7 @@
} else if (isset($_POST['AssetID'])) {
$AssetID=$_POST['AssetID'];
} else {
- $sql='SELECT categoryid, categorydescription FROM fixedassetcategories';
+ $sql="SELECT categoryid, categorydescription FROM fixedassetcategories";
$result=DB_query($sql, $db);
echo '<form action="'. $_SERVER['PHP_SELF'] . '?' . SID .'" method=post>';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
@@ -87,7 +87,7 @@
$_POST['AssetID']='%';
}
- $sql= 'SELECT fixedassets.assetid,
+ $sql= "SELECT fixedassets.assetid,
fixedassets.cost,
fixedassets.accumdepn,
fixedassets.description,
@@ -99,10 +99,10 @@
FROM fixedassets
INNER JOIN fixedassetlocations
ON fixedassets.assetlocation=fixedassetlocations.locationid
- WHERE fixedassets.assetcategoryid ' . LIKE . '"'.$_POST['AssetCat'].'"
- AND fixedassets.description ' . LIKE . '"'.$_POST['Keywords'].'"
- AND fixedassets.assetid ' . LIKE . '"'.$_POST['AssetID'].'"
- AND fixedassets.serialno ' . LIKE . '"'.$_POST['SerialNumber'].'"';
+ WHERE fixedassets.assetcategoryid " . LIKE . "'".$_POST['AssetCat']."'
+ AND fixedassets.description " . LIKE . "'".$_POST['Keywords']."'
+ AND fixedassets.assetid " . LIKE . "'".$_POST['AssetID']."'
+ AND fixedassets.serialno " . LIKE . "'".$_POST['SerialNumber']."'";
$Result=DB_query($sql, $db);
echo '<form action="'. $_SERVER['PHP_SELF'] . '?' . SID .'" method=post><table class=selection>';
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
@@ -115,7 +115,7 @@
<th>' . _('Move To :') . '</th>
</tr>';
- $locationsql='SELECT locationid, locationdescription from fixedassetlocations';
+ $locationsql="SELECT locationid, locationdescription from fixedassetlocations";
$LocationResult=DB_query($locationsql, $db);
while ($myrow=DB_fetch_array($Result)) {
@@ -149,4 +149,4 @@
include('includes/footer.inc');
-?>
\ No newline at end of file
+?>
Modified: trunk/FreightCosts.php
===================================================================
--- trunk/FreightCosts.php 2011-01-09 13:15:19 UTC (rev 4199)
+++ trunk/FreightCosts.php 2011-01-09 13:27:55 UTC (rev 4200)
@@ -35,7 +35,7 @@
echo "<form method='post' action='" . $_SERVER['PHP_SELF'] . '?' . SID . "'>";
echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
- $sql = 'SELECT shippername, shipper_id FROM shippers';
+ $sql = "SELECT shippername, shipper_id FROM shippers";
$ShipperResults = DB_query($sql,$db);
echo '<table class=selection>
@@ -51,7 +51,7 @@
<td>' . _('Select the warehouse') . ' (' . _('ship from location') . ")</td>
<td><select name='LocationFrom'>";
- $sql = 'SELECT loccode, locationname FROM locations';
+ $sql = "SELECT loccode, locationname FROM locations";
$LocationResults = DB_query($sql,$db);
while ($myrow = DB_fetch_array($LocationResults)){
@@ -346,4 +346,4 @@
} //end if record deleted no point displaying form to add record
include('includes/footer.inc');
-?>
\ No newline at end of file
+?>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
