$date = date2sql($date_);
$sql = "INSERT INTO ".TB_PREF."wo_manufacture (workorder_id, reference, quantity, date_)
- VALUES ($woid, ".db_escape($ref).", $quantity, '$date')";
+ VALUES (".db_escape($woid).", ".db_escape($ref).", ".db_escape($quantity)
+ .", '$date')";
db_query($sql,"A work order manufacture could not be added");
$id = db_insert_id();
+ // -------------------------------------------------------------------------
+
+ work_order_quick_costs($woid, $details["stock_id"], $quantity, $date_, true);
+
+ // -------------------------------------------------------------------------
// insert a +ve stock move for the item being manufactured
// negative means "unproduce" or unassemble
add_stock_move(29, $details["stock_id"], $id,
$details["loc_code"], $date_, $memo_, $quantity, 0);
-
// update wo quantity and close wo if requested
work_order_update_finished_quantity($woid, $quantity, $close_wo);
- // -------------------------------------------------------------------------
-
- work_order_quick_costs($woid, $details["stock_id"], $quantity, $date_, 0, true);
- // -------------------------------------------------------------------------
if ($memo_)
add_comments(29, $id, $date_, $memo_);
function get_work_order_produce($id)
{
- $sql = "SELECT ".TB_PREF."wo_manufacture.*,".TB_PREF."workorders.stock_id, ".TB_PREF."stock_master.description AS StockDescription
+ $sql = "SELECT ".TB_PREF."wo_manufacture.*,".TB_PREF."workorders.stock_id, "
+ .TB_PREF."stock_master.description AS StockDescription
FROM ".TB_PREF."wo_manufacture, ".TB_PREF."workorders, ".TB_PREF."stock_master
WHERE ".TB_PREF."wo_manufacture.workorder_id=".TB_PREF."workorders.id
AND ".TB_PREF."stock_master.stock_id=".TB_PREF."workorders.stock_id
- AND ".TB_PREF."wo_manufacture.id=$id";
+ AND ".TB_PREF."wo_manufacture.id=".db_escape($id);
$result = db_query($sql, "The work order production could not be retrieved");
return db_fetch($result);
function get_work_order_productions($woid)
{
- $sql = "SELECT * FROM ".TB_PREF."wo_manufacture WHERE workorder_id=$woid ORDER BY id";
+ $sql = "SELECT * FROM ".TB_PREF."wo_manufacture WHERE workorder_id="
+ .db_escape($woid)." ORDER BY id";
return db_query($sql, "The work order issues could not be retrieved");
}
function exists_work_order_produce($id)
{
- $sql = "SELECT id FROM ".TB_PREF."wo_manufacture WHERE id=$id";
+ $sql = "SELECT id FROM ".TB_PREF."wo_manufacture WHERE id=".db_escape($id);
$result = db_query($sql, "Cannot retreive a wo production");
return (db_num_rows($result) > 0);
work_order_update_finished_quantity($row["workorder_id"], -$row["quantity"]);
// clear the production record
- $sql = "UPDATE ".TB_PREF."wo_manufacture SET quantity=0 WHERE id=$type_no";
+ $sql = "UPDATE ".TB_PREF."wo_manufacture SET quantity=0 WHERE id=".db_escape($type_no);
db_query($sql, "Cannot void a wo production");
// void all related stock moves