include_once($path_to_root . "/includes/date_functions.inc");
include_once($path_to_root . "/includes/db/inventory_db.inc");
+include_once($path_to_root . "/includes/db/allocations_db.inc");
include_once($path_to_root . "/purchasing/includes/db/supp_trans_db.inc");
include_once($path_to_root . "/purchasing/includes/db/po_db.inc");
function get_purchase_price($supplier_id, $stock_id)
{
$sql = "SELECT price, conversion_factor FROM ".TB_PREF."purch_data
- WHERE supplier_id = '" . $supplier_id . "'
- AND stock_id = '". $stock_id . "'";
+ WHERE supplier_id = ".db_escape($supplier_id) . "
+ AND stock_id = ".db_escape($stock_id);
$result = db_query($sql, "The supplier pricing details for " . $stock_id . " could not be retrieved");
if (db_num_rows($result) == 1)
function get_purchase_conversion_factor($supplier_id, $stock_id)
{
$sql = "SELECT conversion_factor FROM ".TB_PREF."purch_data
- WHERE supplier_id = '" . $supplier_id . "'
- AND stock_id = '". $stock_id . "'";
+ WHERE supplier_id = ".db_escape($supplier_id)."
+ AND stock_id = ".db_escape($stock_id);
$result = db_query($sql, "The supplier pricing details for " . $stock_id . " could not be retrieved");
if (db_num_rows($result) == 1)
function get_purchase_data($supplier_id, $stock_id)
{
$sql = "SELECT * FROM ".TB_PREF."purch_data
- WHERE supplier_id = '" . $supplier_id . "'
- AND stock_id = '". $stock_id . "'";
+ WHERE supplier_id = ".db_escape($supplier_id) . "
+ AND stock_id = ".db_escape($stock_id);
$result = db_query($sql, "The supplier pricing details for " . $stock_id . " could not be retrieved");
return db_fetch($result);
if ($data === false)
{
$sql = "INSERT INTO ".TB_PREF."purch_data (supplier_id, stock_id, price, suppliers_uom,
- conversion_factor, supplier_description) VALUES ('$supplier_id', '$stock_id',
- $price, '$uom', 1, ".db_escape($description).")";
+ conversion_factor, supplier_description) VALUES (".db_escape($supplier_id)
+ .", ".db_escape($stock_id).", ".db_escape($price).", "
+ .db_escape($uom).", 1, ".db_escape($description).")";
db_query($sql,"The supplier purchasing details could not be added");
return;
}
- $price = round($price * $data['conversion_factor'], user_price_dec());
- $sql = "UPDATE ".TB_PREF."purch_data SET price=$price";
+ $price = round($price * $data['conversion_factor'], user_price_dec());
+ $sql = "UPDATE ".TB_PREF."purch_data SET price=".db_escape($price);
if ($uom != "")
- $sql .= ",suppliers_uom='$uom'";
+ $sql .= ",suppliers_uom=".db_escape($uom);
if ($description != "")
$sql .= ",supplier_description=".db_escape($description);
- $sql .= " WHERE stock_id='$stock_id' AND supplier_id='$supplier_id'";
+ $sql .= " WHERE stock_id=".db_escape($stock_id)." AND supplier_id=".db_escape($supplier_id);
db_query($sql,"The supplier purchasing details could not be updated");
return true;
}
+function get_po_prepayments($supp_trans)
+{
+ // collect purchase order line ids
+ $allocations = array();
+ $line_ids = array();
+ foreach($supp_trans->grn_items as $item)
+ $line_ids[] = $item->po_detail_item;
+
+ if (!count($line_ids))
+ return $allocations;
+
+ $sql = "SELECT DISTINCT allocs.*
+ FROM ".TB_PREF."supp_allocations allocs
+ LEFT JOIN ".TB_PREF."purch_order_details line ON line.order_no=allocs.trans_no_to AND trans_type_to=".ST_PURCHORDER."
+ WHERE line.po_detail_item IN(".implode(',', array_values($line_ids)).")";
+//_vd($sql);
+ $result = db_query($sql, "Cannot retrieve po prepayments");
+
+ while($dat = db_fetch($result))
+ {
+ $allocations[] = $dat;
+ }
+
+ return $allocations;
+}
?>
\ No newline at end of file
projects / fa-stable.git / blobdiff