}
if (isset($_FILES['pic']) && $_FILES['pic']['name'] != '')
{
- $user_comp = user_company();
$result = $_FILES['pic']['error'];
- $filename = $comp_path . "/$user_comp/images";
+ $filename = company_path()."/images";
if (!file_exists($filename))
{
mkdir($filename);
}
- $filename .= "/".$_FILES['pic']['name'];
+ $filename .= "/".clean_file_name($_FILES['pic']['name']);
//But check for the worst
- if (!in_array((substr(trim($_FILES['pic']['name']),-3)),
- array('jpg','JPG','png','PNG')))
+ if (!in_array( substr($filename,-3), array('jpg','JPG','png','PNG')))
{
display_error(_('Only jpg and png files are supported - a file extension of .jpg or .png is expected'));
$input_error = 1;
if ($input_error != 1)
{
$result = move_uploaded_file($_FILES['pic']['tmp_name'], $filename);
- $_POST['coy_logo'] = $_FILES['pic']['name'];
+ $_POST['coy_logo'] = clean_file_name($_FILES['pic']['name']);
if(!$result)
display_error(_('Error uploading logo file'));
}
}
if (check_value('del_coy_logo'))
{
- $user_comp = user_company();
- $filename = $comp_path . "/$user_comp/images/".$_POST['coy_logo'];
+ $filename = company_path()."/images/".clean_file_name($_POST['coy_logo']);
if (file_exists($filename))
{
$result = unlink($filename);
$_POST['round_to'] = 1;
if ($input_error != 1)
{
- update_company_setup($_POST['coy_name'], $_POST['coy_no'],
- $_POST['gst_no'], $_POST['tax_prd'], $_POST['tax_last'],
- $_POST['postal_address'], $_POST['phone'], $_POST['fax'],
- $_POST['email'], $_POST['coy_logo'], $_POST['domicile'],
- $_POST['use_dimension'], $_POST['curr_default'], $_POST['f_year'],
- check_value('no_item_list'), check_value('no_customer_list'),
- check_value('no_supplier_list'), $_POST['base_sales'],
- check_value('time_zone'), $_POST['add_pct'], $_POST['round_to'],
- $_POST['login_tout']);
+ update_company_prefs(
+ get_post( array('coy_name','coy_no','gst_no','tax_prd','tax_last',
+ 'postal_address','phone', 'fax', 'email', 'coy_logo', 'domicile',
+ 'use_dimension', 'curr_default', 'f_year',
+ 'no_item_list' => 0, 'no_customer_list' => 0,
+ 'no_supplier_list' =>0, 'base_sales',
+ 'time_zone' => 0, 'add_pct', 'round_to', 'login_tout', 'auto_curr_reval'))
+ );
+
$_SESSION['wa_current_user']->timeout = $_POST['login_tout'];
display_notification_centered(_("Company setup has been updated."));
}
if ($_POST['add_pct'] == -1)
$_POST['add_pct'] = "";
$_POST['round_to'] = $myrow['round_to'];
+$_POST['auto_curr_reval'] = $myrow['auto_curr_reval'];
$_POST['del_coy_logo'] = 0;
-start_outer_table($table_style2);
+start_outer_table(TABLESTYLE2);
table_section(1);
currencies_list_row(_("Home Currency:"), 'curr_default', $_POST['curr_default']);
fiscalyears_list_row(_("Fiscal Year:"), 'f_year', $_POST['f_year']);
-
-table_section(2);
-
text_row_ex(_("Tax Periods:"), 'tax_prd', 10, 10, '', null, null, _('Months.'));
text_row_ex(_("Tax Last Period:"), 'tax_last', 10, 10, '', null, null, _('Months back.'));
+table_section(2);
+
label_row(_("Company Logo:"), $_POST['coy_logo']);
file_row(_("New Company Logo (.jpg)") . ":", 'pic', 'pic');
check_row(_("Delete Company Logo:"), 'del_coy_logo', $_POST['del_coy_logo']);
text_row_ex(_("Add Price from Std Cost:"), 'add_pct', 10, 10, '', null, null, "%");
$curr = get_currency($_POST['curr_default']);
text_row_ex(_("Round to nearest:"), 'round_to', 10, 10, '', null, null, $curr['hundreds_name']);
+label_row("", " ");
check_row(_("Search Item List"), 'no_item_list', null);
check_row(_("Search Customer List"), 'no_customer_list', null);
check_row(_("Search Supplier List"), 'no_supplier_list', null);
label_row("", " ");
+check_row(_("Automatic Revaluation Currency Accounts"), 'auto_curr_reval', $_POST['auto_curr_reval']);
check_row(_("Time Zone on Reports"), 'time_zone', $_POST['time_zone']);
text_row_ex(_("Login Timeout:"), 'login_tout', 10, 10, '', null, null, _('seconds'));
label_row(_("Version Id"), $_POST['version_id']);
projects / fa-stable.git / blobdiff