- if (!$_POST['trans_no'])
- display_error(_("No transaction has been selected."));
- elseif ($Mode == 'ADD_ITEM' && (!isset($_FILES['filename']) || $_FILES['filename']['size'] == 0))
+
+ $filename = basename($_FILES['filename']['name']);
+ if (!transaction_exists($_POST['filterType'], $_POST['trans_no']))
+ display_error(_("Selected transaction does not exists."));
+ elseif ($Mode == 'ADD_ITEM' && !in_array(strtoupper(substr($filename, strlen($filename) - 3)), array('JPG','PNG','GIF', 'PDF', 'DOC', 'ODT')))
+ {
+ display_error(_('Only graphics,pdf,doc and odt files are supported.'));
+ } elseif ($Mode == 'ADD_ITEM' && !isset($_FILES['filename']))