{
$account_name = db_escape($account_name);
$sql = "INSERT INTO ".TB_PREF."chart_master (account_code, account_code2, account_name, account_type)
- VALUES (".db_escape($account_code).", ".db_escape($account_code2).", $account_name, $account_type)";
+ VALUES (".db_escape($account_code).", ".db_escape($account_code2).", "
+ .db_escape($account_name).", ".db_escape($account_type).")";
db_query($sql, "could not add gl account");
}
function update_gl_account($account_code, $account_name, $account_type, $account_code2)
{
$account_name = db_escape($account_name);
- $sql = "UPDATE ".TB_PREF."chart_master SET account_name=$account_name,
- account_type=$account_type, account_code2=".db_escape($account_code2)
- ." WHERE account_code = '$account_code'";
+ $sql = "UPDATE ".TB_PREF."chart_master SET account_name=".db_escape($account_name)
+ .",account_type=".db_escape($account_type).", account_code2=".db_escape($account_code2)
+ ." WHERE account_code = ".db_escape($account_code);
db_query($sql, "could not update gl account");
}
function delete_gl_account($code)
{
- $sql = "DELETE FROM ".TB_PREF."chart_master WHERE account_code='$code'";
+ $sql = "DELETE FROM ".TB_PREF."chart_master WHERE account_code=".db_escape($code);
db_query($sql, "could not delete gl account");
}
FROM ".TB_PREF."chart_master,".TB_PREF."chart_types
WHERE ".TB_PREF."chart_master.account_type=".TB_PREF."chart_types.id";
if ($from != null)
- $sql .= " AND ".TB_PREF."chart_master.account_code >= '$from'";
+ $sql .= " AND ".TB_PREF."chart_master.account_code >= ".db_escape($from);
if ($to != null)
- $sql .= " AND ".TB_PREF."chart_master.account_code <= '$to'";
+ $sql .= " AND ".TB_PREF."chart_master.account_code <= ".db_escape($to);
$sql .= " ORDER BY account_code";
return db_query($sql, "could not get gl accounts");
function get_gl_accounts_all($balance=-1)
{
- $sql = "SELECT ".TB_PREF."chart_master.*,".TB_PREF."chart_types.name AS AccountTypeName,".TB_PREF."chart_types.parent,
- ".TB_PREF."chart_class.class_name AS AccountClassName
- FROM ".TB_PREF."chart_master,".TB_PREF."chart_types, ".TB_PREF."chart_class
- WHERE ".TB_PREF."chart_master.account_type=".TB_PREF."chart_types.id AND
- ".TB_PREF."chart_types.class_id=".TB_PREF."chart_class.cid";
+ if ($balance == 1)
+ $where ="WHERE balance_sheet>0 AND balance_sheet<".CL_INCOME;
+ elseif ($balance == 0)
+ $where ="WHERE balance_sheet>".CL_EQUITY." OR balance_sheet=0"; // backwards compatibility
+ $sql = "SELECT ".TB_PREF."chart_master.account_code, ".TB_PREF."chart_master.account_name, ".TB_PREF."chart_master.account_code2,
+ ".TB_PREF."chart_types.name AS AccountTypeName,".TB_PREF."chart_types.id AS AccountType,
+ ".TB_PREF."chart_types.parent, ".TB_PREF."chart_class.class_name AS AccountClassName, ".TB_PREF."chart_class.cid AS ClassID,
+ ".TB_PREF."chart_class.balance_sheet AS ClassType
+ FROM ".TB_PREF."chart_types INNER JOIN ".TB_PREF."chart_class ON ".TB_PREF."chart_types.class_id=".TB_PREF."chart_class.cid
+ LEFT JOIN ".TB_PREF."chart_master ON ".TB_PREF."chart_master.account_type=".TB_PREF."chart_types.id ";
if ($balance != -1)
- $sql .= " AND ".TB_PREF."chart_class.balance_sheet=$balance";
- $sql .= " ORDER BY ".TB_PREF."chart_class.cid, ".TB_PREF."chart_types.id, ".TB_PREF."chart_master.account_code";
+ $sql .= $where;
+ $sql .= " ORDER BY ".TB_PREF."chart_class.cid, IF(parent > 0,parent,".TB_PREF."chart_types.id),
+ IF(parent > 0,".TB_PREF."chart_types.id, parent), ".TB_PREF."chart_master.account_code";
return db_query($sql, "could not get gl accounts");
}
function get_gl_account($code)
{
- $sql = "SELECT * FROM ".TB_PREF."chart_master WHERE account_code='$code'";
+ $sql = "SELECT * FROM ".TB_PREF."chart_master WHERE account_code=".db_escape($code);
$result = db_query($sql, "could not get gl account");
return db_fetch($result);
function is_account_balancesheet($code)
{
- $sql = "SELECT ".TB_PREF."chart_class.balance_sheet FROM ".TB_PREF."chart_class, ".TB_PREF."chart_types, ".TB_PREF."chart_master
+ $sql = "SELECT ".TB_PREF."chart_class.balance_sheet FROM ".TB_PREF."chart_class, "
+ .TB_PREF."chart_types, ".TB_PREF."chart_master
WHERE ".TB_PREF."chart_master.account_type=".TB_PREF."chart_types.id AND
".TB_PREF."chart_types.class_id=".TB_PREF."chart_class.cid
- AND ".TB_PREF."chart_master.account_code='$code'";
+ AND ".TB_PREF."chart_master.account_code=".db_escape($code);
$result = db_query($sql,"could not retreive the account class for $code");
$row = db_fetch_row($result);
- return $row[0];
+ return $row[0] > 0 && $row[0] < CL_INCOME;
}
function get_gl_account_name($code)
{
- $sql = "SELECT account_name from ".TB_PREF."chart_master WHERE account_code='$code'";
+ $sql = "SELECT account_name from ".TB_PREF."chart_master WHERE account_code=".db_escape($code);
$result = db_query($sql,"could not retreive the account name for $code");