MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
***********************************************************************/
-$path_to_root="..";
-$page_security = 5;
+$page_security = 'SA_VIEWPRINTTRANSACTION';
+$path_to_root = "..";
include($path_to_root . "/includes/db_pager.inc");
include_once($path_to_root . "/includes/session.inc");
$js = "";
if ($use_popup_windows)
$js .= get_js_open_window(800, 500);
-page(_("View or Print Transactions"), false, false, "", $js);
+page(_($help_context = "View or Print Transactions"), false, false, "", $js);
//----------------------------------------------------------------------------------------
function view_link($trans)
function prt_link($row)
{
- if ($row['type'] != 12 && $row['type'] != 2) // customer payment or bank deposit printout not defined yet.
+ if ($row['type'] != ST_CUSTPAYMENT && $row['type'] != ST_BANKDEPOSIT) // customer payment or bank deposit printout not defined yet.
return print_document_link($row['trans_no'], _("Print"), true, $row['type'], ICON_PRINT);
}
ref_cells(_("to #:"), 'ToTransNo');
- submit_cells('ProcessSearch', _("Search"), '', '', true);
+ submit_cells('ProcessSearch', _("Search"), '', '', 'default');
end_row();
end_table(1);
display_error(_("The ending transaction number is expected to be numeric and greater than zero."));
return false;
}
- if (!isset($_POST['filterType']) || $_POST['filterType'] == "")
- return false;
return true;
}
$sql .= " ,$trans_ref ";
$sql .= ", ".$_POST['filterType']." as type FROM $table_name
- WHERE $trans_no_name >= " . $_POST['FromTransNo']. "
- AND $trans_no_name <= " . $_POST['ToTransNo'];
+ WHERE $trans_no_name >= ".db_escape($_POST['FromTransNo']). "
+ AND $trans_no_name <= ".db_escape($_POST['ToTransNo']);
if ($type_name != null)
- $sql .= " AND `$type_name` = " . $_POST['filterType'];
+ $sql .= " AND `$type_name` = ".db_escape($_POST['filterType']);
$sql .= " ORDER BY $trans_no_name";
$print_type = $_POST['filterType'];
- $print_out = ($print_type == 10 || $print_type == 11 || $print_type == systypes::cust_dispatch() ||
- $print_type == systypes::po() || $print_type == systypes::sales_order());
+ $print_out = ($print_type == ST_SALESINVOICE || $print_type == ST_CUSTCREDIT || $print_type == ST_CUSTDELIVERY ||
+ $print_type == ST_PURCHORDER || $print_type == ST_SALESORDER || $print_type == ST_SALESQUOTE);
$cols = array(
_("#"),
}
$table =& new_db_pager('transactions', $sql, $cols);
- if (list_updated('filterType')) {
- $table->set_sql($sql);
- $table->set_columns($cols);
- }
$table->width = "40%";
display_db_pager($table);
}