if (isset($_GET['AddedID']))
{
$order_no = $_GET['AddedID'];
- $trans_type = systypes::po();
+ $trans_type = ST_PURCHORDER;
if (!isset($_GET['Updated']))
display_notification_centered(_("Purchase Order has been entered"));
if ($allow_update == true)
{
$sql = "SELECT description, units, mb_flag
- FROM ".TB_PREF."stock_master WHERE stock_id = '". $_POST['stock_id'] . "'";
+ FROM ".TB_PREF."stock_master WHERE stock_id = ".db_escape($_POST['stock_id']);
$result = db_query($sql,"The stock details for " . $_POST['stock_id'] . " could not be retrieved");
function can_commit()
{
+ global $Refs;
+
if (!is_date($_POST['OrderDate']))
{
display_error(_("The entered order date is invalid."));
if (!$_SESSION['PO']->order_no)
{
- if (!references::is_valid(get_post('ref')))
+ if (!$Refs->is_valid(get_post('ref')))
{
display_error(_("There is no reference entered for this purchase order."));
set_focus('ref');
return false;
}
- if (!is_new_reference(get_post('ref'), systypes::po()))
+ if (!is_new_reference(get_post('ref'), ST_PURCHORDER))
{
display_error(_("The entered reference is already in use."));
set_focus('ref');