<?php
/**********************************************************************
Copyright (C) FrontAccounting, LLC.
- Released under the terms of the GNU Affero General Public License,
- AGPL, as published by the Free Software Foundation, either version
- 3 of the License, or (at your option) any later version.
+ Released under the terms of the GNU General Public License, GPL,
+ as published by the Free Software Foundation, either version 3
+ of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
- See the License here <http://www.gnu.org/licenses/agpl-3.0.html>.
+ See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
***********************************************************************/
//---------------------------------------------------------------------------------------------
function get_exchange_rate($rate_id)
{
- $sql = "SELECT * FROM ".TB_PREF."exchange_rates WHERE id=$rate_id";
+ $sql = "SELECT * FROM ".TB_PREF."exchange_rates WHERE id=".db_escape($rate_id);
$result = db_query($sql, "could not get exchange rate for $rate_id");
return db_fetch($result);
function get_date_exchange_rate($curr_code, $date_)
{
$date = date2sql($date_);
- $sql = "SELECT rate_buy FROM ".TB_PREF."exchange_rates WHERE curr_code='$curr_code'
- AND date_='$date'";
+ $sql = "SELECT rate_buy FROM ".TB_PREF."exchange_rates WHERE curr_code=".db_escape($curr_code)
+ ." AND date_='$date'";
$result = db_query($sql, "could not get exchange rate for $curr_code - $date_");
if(db_num_rows($result) == 0)
$date = date2sql($date_);
- $sql = "UPDATE ".TB_PREF."exchange_rates SET rate_buy=$buy_rate, rate_sell=$sell_rate
- WHERE curr_code='$curr_code' AND date_='$date'";
+ $sql = "UPDATE ".TB_PREF."exchange_rates SET rate_buy=$buy_rate, rate_sell=".db_escape($sell_rate)
+ ." WHERE curr_code=".db_escape($curr_code)." AND date_='$date'";
db_query($sql, "could not add exchange rate for $curr_code");
}
$date = date2sql($date_);
$sql = "INSERT INTO ".TB_PREF."exchange_rates (curr_code, date_, rate_buy, rate_sell)
- VALUES ('$curr_code', '$date', $buy_rate, $sell_rate)";
+ VALUES (".db_escape($curr_code).", '$date', ".db_escape($buy_rate)
+ .", ".db_escape($sell_rate).")";
db_query($sql, "could not add exchange rate for $curr_code");
}
function delete_exchange_rate($rate_id)
{
- $sql = "DELETE FROM ".TB_PREF."exchange_rates WHERE id=$rate_id";
+ $sql = "DELETE FROM ".TB_PREF."exchange_rates WHERE id=".db_escape($rate_id);
db_query($sql, "could not delete exchange rate $rate_id");
}
-//---------------------------------------------------------------------------------------------
+//-----------------------------------------------------------------------------
+// Retrieve exchange rate as of date $date from external source (usually inet)
+//
+function retrieve_exrate($curr_b, $date)
+{
+ global $Hooks;
+
+ if (method_exists($Hooks, 'retrieve_exrate'))
+ return $Hooks->retrieve_exrate($curr_b, $date);
+ else
+ return get_ecb_rate($curr_b);
+}
+//-----------------------------------------------------------------------------
function get_ecb_rate($curr_b)
{
$curr_a = get_company_pref('curr_default');
- $ecb_filename = 'http://www.ecb.int/stats/eurofxref/eurofxref-daily.xml';
- $handle = @fopen($ecb_filename, 'rb');
+ $ecb_filename = '/stats/eurofxref/eurofxref-daily.xml';
+ $ecb_site = 'www.ecb.int';
$contents = '';
- if ($handle)
- {
- do
- {
- $data = @fread( $handle, 4096 );
- if ( strlen ( $data ) == 0 )
- break;
- $contents .= $data; // with this syntax only text will be translated, whole text with htmlspecialchars($data)
- }
- while (true);
- @fclose( $handle );
- } // end handle
- else
- {
- $ch = curl_init();
- curl_setopt ($ch, CURLOPT_URL, $ecb_filename);
- curl_setopt ($ch, CURLOPT_COOKIEJAR, "cookie.txt");
- curl_setopt ($ch, CURLOPT_HEADER, 0);
- curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt ($ch, CURLOPT_TIMEOUT, 120);
- $contents = curl_exec ($ch);
- curl_close($ch);
+
+ if (function_exists('curl_init'))
+ { // first check with curl as we can set short timeout;
+ $retry = 1;
+ do {
+ $ch = curl_init();
+ curl_setopt ($ch, CURLOPT_URL, 'http://'.$ecb_site.$ecb_filename);
+ curl_setopt ($ch, CURLOPT_COOKIEJAR, "cookie.txt");
+ curl_setopt ($ch, CURLOPT_HEADER, 0);
+ curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
+ curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
+ curl_setopt ($ch, CURLOPT_TIMEOUT, 3);
+ $contents = curl_exec ($ch);
+ curl_close($ch);
+ // due to resolver bug in some curl versions (e.g. 7.15.5)
+ // try again for constant IP.
+ $ecb_site="195.128.2.97";
+ } while( ($contents == '') && $retry--);
+
+ } else {
+ $handle = @fopen("http://".$ecb_site.$ecb_filename, 'rb');
+ if ($handle) {
+ do
+ {
+ $data = @fread( $handle, 4096 );
+ if ( strlen ( $data ) == 0 )
+ break;
+ $contents .= $data; // with this syntax only text will be translated, whole text with htmlspecialchars($data)
+ }
+ while (true);
+ @fclose( $handle );
+ } // end handle
+ }
+ if (!$contents) {
+ display_warning(_('Cannot retrieve currency rate from ECB page. Please set the rate manually.'));
}
$contents = str_replace ("<Cube currency='USD'", " <Cube currency='EUR' rate='1'/> <Cube currency='USD'", $contents);
$from_mask = "|<Cube\s*currency=\'" . $curr_a . "\'\s*rate=\'([\d.,]*)\'\s*/>|i";
$val = 0;
}
return $val;
-} // end function get_ecb_rate
+} // end function get_ecb_rate
?>
\ No newline at end of file
projects / fa-stable.git / blobdiff