'sel_hint' => null,
'search_box' => false, // name or true/false
'type' => 0, // type of extended selector:
- // 0 - with (optional) visible search box, search by id
+ // 0 - with (optional) visible search box, search by fragment inside id
// 1 - with hidden search box, search by option text
- // 2 - TODO reverse: box with hidden selector available via enter; this
+ // 2 - with (optional) visible search box, search by fragment at the start of id
+ // 3 - TODO reverse: box with hidden selector available via enter; this
// would be convenient for optional ad hoc adding of new item
'search_submit' => true, //search submit button: true/false
'size' => 8, // size and max of box tag
$select_submit = $opts['select_submit'];
$spec_id = $opts['spec_id'];
$spec_option = $opts['spec_option'];
- $by_id = ($opts['type'] == 0);
- $class = $by_id ? 'combo':'combo2';
+ if ($opts['type'] == 0) {
+ $by_id = true;
+ $class = 'combo';
+ } elseif($opts['type'] == 1) {
+ $by_id = false;
+ $class = 'combo2';
+ } else {
+ $by_id = true;
+ $class = 'combo3';
+ }
+
$disabled = $opts['disabled'] ? "disabled" : '';
$multi = $opts['multi'];
if ($spec_option === false && $selected_id == array())
$limit = ' LIMIT 1';
else
- $opts['where'][] = $valfield . "='". get_post($name, $spec_id)."'";
+ $opts['where'][] = $valfield . "=". db_escape(get_post($name, $spec_id));
}
else
if ($txt != '*') {
foreach($opts['search'] as $i=> $s)
- $opts['search'][$i] = $s . " LIKE '%{$txt}%'";
+ $opts['search'][$i] = $s . " LIKE "
+ .db_escape(($class=='combo3' ? '' : '%').$txt.'%');
$opts['where'][] = '('. implode($opts['search'], ' OR ') . ')';
}
}
global $all_items;
$sql = "SELECT branch_code, branch_ref FROM ".TB_PREF."cust_branch
- WHERE debtor_no='" . $customer_id . "' ";
+ WHERE debtor_no=" . db_escape($customer_id)." ";
if ($editkey)
set_editor('branch', $name, $editkey);
//-----------------------------------------------------------------------------------------------
// Payment type selector for current user.
//
-function sale_payment_list($name, $selected_id=null, $submit_on_change=true)
+function sale_payment_list($name, $category, $selected_id=null, $submit_on_change=true)
{
$sql = "SELECT terms_indicator, terms, inactive FROM ".TB_PREF."payment_terms";
- $paym = get_sales_point(user_pos());
-
- if (!$paym['cash_sale'] || !$paym['credit_sale']) {
- if ($paym['cash_sale']) // only cash
+
+ if ($category == PM_CASH) // only cash
$sql .= " WHERE days_before_due=0 AND day_in_following_month=0";
- else
+ if ($category == PM_CREDIT) // only delayed payments
$sql .= " WHERE days_before_due!=0 OR day_in_following_month!=0";
- }
return combo_input($name, $selected_id, $sql, 'terms_indicator', 'terms',
array(
}
-function sale_payment_list_cells($label, $name, $selected_id=null, $submit_on_change=true)
+function sale_payment_list_cells($label, $name, $category, $selected_id=null, $submit_on_change=true)
{
if ($label != null)
echo "<td class='label'>$label</td>\n";
echo "<td>";
- echo sale_payment_list($name, $selected_id, $submit_on_change);
+ echo sale_payment_list($name, $category, $selected_id, $submit_on_change);
echo "</td>\n";
}
return combo_input($name, $selected_id, $sql, 'id', 'name',
array(
+ 'format' => '_format_account',
'order' => array('class_id', 'id', 'parent'),
'spec_option' =>$all_option,
'spec_id' => $all_items
'format' => '_format_account',
'spec_option' => $all_option===true ? _("Use Item Sales Accounts") : $all_option,
'spec_id' => '',
+ 'type' => 2,
'order' => array('type.class_id','type.id','account_code'),
'search_box' => $cells,
'search_submit' => false,
$sqldir = opendir($path);
while (false !== ($fname = readdir($sqldir)))
{
- if (is_file($path.$fname) && substr($fname,-4)=='.sql' && substr($fname,0,5)!='alter')
+ if (is_file($path.$fname) && substr($fname,-4)=='.sql' && @($fname[2] == '_'))
{
$ext = array_search_value($fname, $installed_extensions, 'sql');
if ($ext!=null) {