MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
***********************************************************************/
-$page_security = 2;
+$page_security = 'SA_CUSTBULKREP';
// ----------------------------------------------------------------
// $ Revision: 2.0 $
// Creator: Joe Hunt
if ($area != 0)
{
if ($salesid != 0)
- $sql .= " WHERE ".TB_PREF."salesman.salesman_code='$salesid'
- AND ".TB_PREF."areas.area_code='$area'";
+ $sql .= " WHERE ".TB_PREF."salesman.salesman_code=".db_escape($salesid)."
+ AND ".TB_PREF."areas.area_code=".db_escape($area);
else
- $sql .= " WHERE ".TB_PREF."areas.area_code='$area'";
+ $sql .= " WHERE ".TB_PREF."areas.area_code=".db_escape($area);
}
elseif ($salesid != 0)
- $sql .= " WHERE ".TB_PREF."salesman.salesman_code='$salesid'";
+ $sql .= " WHERE ".TB_PREF."salesman.salesman_code=".db_escape($salesid);
$sql .= " ORDER BY description,
".TB_PREF."salesman.salesman_name,
".TB_PREF."debtors_master.debtor_no,
".TB_PREF."cust_branch.branch_code";
-
+
return db_query($sql,"No transactions were returned");
}
$sql = "SELECT SUM((ov_amount+ov_freight+ov_discount)*rate) AS Turnover
FROM ".TB_PREF."debtor_trans
- WHERE debtor_no='$debtorno'
- AND branch_code='$branchcode'
- AND (type=10 or type=11)
+ WHERE debtor_no=".db_escape($debtorno)."
+ AND branch_code=".db_escape($branchcode)."
+ AND (type=".ST_SALESINVOICE." OR type=".ST_CUSTCREDIT.")
AND trandate >='$date'";
-
+
$result = db_query($sql,"No transactions were returned");
$row = db_fetch_row($result);
$dec = 0;
- if ($area == reserved_words::get_all_numeric())
+ if ($area == ALL_NUMERIC)
$area = 0;
- if ($folk == reserved_words::get_all_numeric())
+ if ($folk == ALL_NUMERIC)
$folk = 0;
if ($area == 0)
projects / fa-stable.git / blobdiff