.db_escape($trans_no).",".db_escape($description).", "
.db_escape($filename).", ".db_escape($unique_name).", ".db_escape($filesize)
.", ".db_escape($filetype).", '$date')";
- db_query($sql, "Attachment could not be inserted");
+ db_query($sql, "Attachment could not be inserted");
}
//----------------------------------------------------------------------------------------
filetype=".db_escape($filetype).",";
}
$sql .= "tran_date='$date' WHERE id=".db_escape($selected_id);
- db_query($sql, "Attachment could not be updated");
+ db_query($sql, "Attachment could not be updated");
}
//----------------------------------------------------------------------------------------
//----------------------------------------------------------------------------------------
-function get_attached_documents($type)
+function get_attached_documents($type, $trans_no=false)
{
- $sql = "SELECT * FROM ".TB_PREF."attachments WHERE type_no=".db_escape($type)
- ." ORDER BY trans_no";
+ $sql = "SELECT * FROM ".TB_PREF."attachments WHERE type_no=".db_escape($type);
+ if ($trans_no)
+ $sql .= " AND trans_no=".db_escape($trans_no);
+ $sql .= " ORDER BY trans_no";
return db_query($sql, "Could not retrieve attachments");
}
return $myrow['id'];
}
-function get_sql_for_attached_documents($type)
+function get_sql_for_attached_documents($type, $id_no)
{
- return "SELECT trans_no, description, filename, filesize, filetype, tran_date, id, type_no FROM ".TB_PREF."attachments WHERE type_no=".db_escape($type)
- ." ORDER BY trans_no DESC";
+ // $_POST['trans_no'] will be used to store the customer_id or supplier_id for them
+ $sql = "SELECT trans_no, description, filename, filesize, filetype, tran_date, id, type_no FROM ".TB_PREF."attachments WHERE type_no=".db_escape($type);
+
+ if(($type == ST_CUSTOMER || $type == ST_SUPPLIER) && $id_no != null)
+ $sql .=" AND trans_no = ".db_escape($id_no);
+
+ $sql .= " ORDER BY trans_no DESC";
+
+ return $sql;
}
function move_trans_attachments($type, $trans_from, $trans_to)