MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
***********************************************************************/
-$page_security=5;
-$path_to_root="../..";
+$page_security = 'SA_SUPPLIER';
+$path_to_root = "../..";
include($path_to_root . "/includes/session.inc");
-page(_("Suppliers"), @$_REQUEST['popup']);
+page(_($help_context = "Suppliers"), @$_REQUEST['popup']);
//include($path_to_root . "/includes/date_functions.inc");
if (!$new_supplier)
{
-
- $sql = "UPDATE ".TB_PREF."suppliers SET supp_name=".db_escape($_POST['supp_name']) . ",
- supp_ref=".db_escape($_POST['supp_ref']) . ",
- address=".db_escape($_POST['address']) . ",
- supp_address=".db_escape($_POST['supp_address']) . ",
- phone=".db_escape($_POST['phone']) . ",
- fax=".db_escape($_POST['fax']) . ",
- gst_no=".db_escape($_POST['gst_no']) . ",
- email=".db_escape($_POST['email']) . ",
- website=".db_escape($_POST['website']) . ",
- contact=".db_escape($_POST['contact']) . ",
- supp_account_no=".db_escape($_POST['supp_account_no']) . ",
- bank_account=".db_escape($_POST['bank_account']) . ",
- credit_limit=".input_num('credit_limit', 0) . ",
- dimension_id=".db_escape($_POST['dimension_id']) . ",
- dimension2_id=".db_escape($_POST['dimension2_id']) . ",
- curr_code=".db_escape($_POST['curr_code']).",
- payment_terms=".db_escape($_POST['payment_terms']) . ",
- payable_account=".db_escape($_POST['payable_account']) . ",
- purchase_account=".db_escape($_POST['purchase_account']) . ",
- payment_discount_account=".db_escape($_POST['payment_discount_account']) . ",
- notes=".db_escape($_POST['notes']) . ",
- tax_group_id=".db_escape($_POST['tax_group_id']) . " WHERE supplier_id = '" . $_POST['supplier_id'] . "'";
-
- db_query($sql,"The supplier could not be updated");
+ update_supplier($_POST['supplier_id'], $_POST['supp_name'], $_POST['supp_ref'], $_POST['address'],
+ $_POST['supp_address'], $_POST['phone'], $_POST['phone2'], $_POST['fax'], $_POST['gst_no'],
+ $_POST['email'], $_POST['website'], $_POST['contact'], $_POST['supp_account_no'], $_POST['bank_account'],
+ input_num('credit_limit', 0), $_POST['dimension_id'], $_POST['dimension2_id'], $_POST['curr_code'],
+ $_POST['payment_terms'], $_POST['payable_account'], $_POST['purchase_account'], $_POST['payment_discount_account'],
+ $_POST['notes'], $_POST['tax_group_id']);
update_record_status($_POST['supplier_id'], $_POST['inactive'],
'suppliers', 'supplier_id');
}
else
{
+ add_supplier($_POST['supp_name'], $_POST['supp_ref'], $_POST['address'], $_POST['supp_address'],
+ $_POST['phone'], $_POST['phone2'], $_POST['fax'], $_POST['gst_no'], $_POST['email'],
+ $_POST['website'], $_POST['contact'], $_POST['supp_account_no'], $_POST['bank_account'],
+ input_num('credit_limit',0), $_POST['dimension_id'], $_POST['dimension2_id'],
+ $_POST['curr_code'], $_POST['payment_terms'], $_POST['payable_account'], $_POST['purchase_account'],
+ $_POST['payment_discount_account'], $_POST['notes'], $_POST['tax_group_id']);
- $sql = "INSERT INTO ".TB_PREF."suppliers (supp_name, supp_ref, address, supp_address, phone, fax, gst_no, email, website,
- contact, supp_account_no, bank_account, credit_limit, dimension_id, dimension2_id, curr_code,
- payment_terms, payable_account, purchase_account, payment_discount_account, notes, tax_group_id)
- VALUES (".db_escape($_POST['supp_name']). ", "
- .db_escape($_POST['supp_ref']). ", "
- .db_escape($_POST['address']) . ", "
- .db_escape($_POST['supp_address']) . ", "
- .db_escape($_POST['phone']). ", "
- .db_escape($_POST['fax']). ", "
- .db_escape($_POST['gst_no']). ", "
- .db_escape($_POST['email']). ", "
- .db_escape($_POST['website']). ", "
- .db_escape($_POST['contact']). ", "
- .db_escape($_POST['supp_account_no']). ", "
- .db_escape($_POST['bank_account']). ", "
- .input_num('credit_limit',0). ", "
- .db_escape($_POST['dimension_id']). ", "
- .db_escape($_POST['dimension2_id']). ", "
- .db_escape($_POST['curr_code']). ", "
- .db_escape($_POST['payment_terms']). ", "
- .db_escape($_POST['payable_account']). ", "
- .db_escape($_POST['purchase_account']). ", "
- .db_escape($_POST['payment_discount_account']). ", "
- .db_escape($_POST['notes']). ", "
- .db_escape($_POST['tax_group_id']). ")";
-
- db_query($sql,"The supplier could not be added");
$_POST['supplier_id'] = db_insert_id();
$new_supplier = false;
display_notification(_("A new supplier has been added."));
// PREVENT DELETES IF DEPENDENT RECORDS IN 'supp_trans' , purch_orders
- $sql= "SELECT COUNT(*) FROM ".TB_PREF."supp_trans WHERE supplier_id='" . $_POST['supplier_id'] . "'";
- $result = db_query($sql,"check failed");
- $myrow = db_fetch_row($result);
- if ($myrow[0] > 0)
+ if (key_in_foreign_table($_POST['supplier_id'], 'supp_trans', 'supplier_id'))
{
$cancel_delete = 1;
display_error(_("Cannot delete this supplier because there are transactions that refer to this supplier."));
}
else
{
- $sql= "SELECT COUNT(*) FROM ".TB_PREF."purch_orders WHERE supplier_id='" . $_POST['supplier_id'] . "'";
- $result = db_query($sql,"check failed");
- $myrow = db_fetch_row($result);
- if ($myrow[0] > 0)
+ if (key_in_foreign_table($_POST['supplier_id'], 'purch_orders', 'supplier_id'))
{
$cancel_delete = 1;
display_error(_("Cannot delete the supplier record because purchase orders have been created against this supplier."));
}
if ($cancel_delete == 0)
{
- $sql="DELETE FROM ".TB_PREF."suppliers WHERE supplier_id='" . $_POST['supplier_id']. "'";
- db_query($sql,"check failed");
+ delete_supplier($_POST['supplier_id']);
unset($_SESSION['supplier_id']);
$new_supplier = true;
$_POST['address'] = $myrow["address"];
$_POST['supp_address'] = $myrow["supp_address"];
$_POST['phone'] = $myrow["phone"];
+ $_POST['phone2'] = $myrow["phone2"];
$_POST['fax'] = $myrow["fax"];
$_POST['gst_no'] = $myrow["gst_no"];
$_POST['email'] = $myrow["email"];
}
else
{
- $_POST['supp_name'] = $_POST['supp_ref'] = $_POST['address'] = $_POST['supp_address'] = $_POST['tax_group_id'] =
- $_POST['website'] = $_POST['supp_account_no'] = $_POST['notes'] = '';
+ $_POST['supp_name'] = $_POST['supp_ref'] = $_POST['address'] = $_POST['supp_address'] =
+ $_POST['tax_group_id'] = $_POST['website'] = $_POST['supp_account_no'] = $_POST['notes'] = '';
$_POST['dimension_id'] = 0;
$_POST['dimension2_id'] = 0;
$_POST['sales_type'] = -1;
- $_POST['email'] = $_POST['phone'] = $_POST['fax'] = $_POST['gst_no'] = $_POST['contact'] = $_POST['bank_account'] = '';
+ $_POST['email'] = $_POST['phone'] = $_POST['phone2'] = $_POST['fax'] =
+ $_POST['gst_no'] = $_POST['contact'] = $_POST['bank_account'] = '';
$_POST['payment_terms'] = '';
$_POST['credit_limit'] = price_format(0);
text_row(_("Supplier Short Name:"), 'supp_ref', null, 30, 30);
text_row(_("Contact Person:"), 'contact', null, 42, 40);
-text_row(_("Phone Number:"), 'phone', null, 42, 40);
-text_row(_("Fax Number:"), 'fax', null, 42, 40);
+text_row(_("Phone Number:"), 'phone', null, 32, 30);
+text_row(_("Secondary Phone Number:"), 'phone2', null, 32, 30);
+text_row(_("Fax Number:"), 'fax', null, 32, 30);
email_row(_("E-mail:"), 'email', null, 35, 55);
link_row(_("Website:"), 'website', null, 35, 55);
projects / fa-stable.git / blobdiff