Added text fields sanitization on upgrdae to 2.2.

[fa-stable.git] / sales / credit_note_entry.php

diff --git a/sales/credit_note_entry.php b/sales/credit_note_entry.php
index f27bf8f0ad8617c4c9f9f81bbb6b58179253c707..5d2ebb8d4ea17455f567d06cdc76af43ff609413 100644 (file)
--- a/sales/credit_note_entry.php
+++ b/sales/credit_note_entry.php
@@ -13,8 +13,8 @@
 //
 //     Entry/Modify free hand Credit Note
 //
-$page_security = 3;
-$path_to_root="..";
+$page_security = 'SA_SALESCREDIT';
+$path_to_root = "..";
 include_once($path_to_root . "/sales/includes/cart_class.inc");
 include_once($path_to_root . "/includes/session.inc");
 include_once($path_to_root . "/includes/data_checks.inc");
@@ -51,28 +51,24 @@ check_db_has_stock_items(_("There are no items defined in the system."));
 check_db_has_customer_branches(_("There are no customers, or there are no customers with branches. Please define customers and customer branches."));
 
 //-----------------------------------------------------------------------------
-if ($ret = context_restore()) {
- // return from new customer add
-       copy_from_cn();
-       if(isset($ret['customer_id']))
-               $_POST['customer_id'] = $ret['customer_id'];
-       if(isset($ret['branch_id']))
-               $_POST['branch_id'] = $ret['branch_id'];
-}
-if (isset($_POST['_customer_id_editor'])) {
-       copy_to_cn(); //store context
-       context_call($path_to_root.'/sales/manage/customers.php?debtor_no='.$_POST['customer_id'], 'Items');
+
+if (list_updated('branch_id')) {
+       // when branch is selected via external editor also customer can change
+       $br = get_branch(get_post('branch_id'));
+       $_POST['customer_id'] = $br['debtor_no'];
+       $Ajax->activate('customer_id');
 }
 
 if (isset($_GET['AddedID'])) {
        $credit_no = $_GET['AddedID'];
-       $trans_type = 11;
+       $trans_type = ST_CUSTCREDIT;
 
        display_notification_centered(sprintf(_("Credit Note # %d has been processed"),$credit_no));
 
        display_note(get_customer_trans_view_str($trans_type, $credit_no, _("&View this credit note")), 0, 1);
 
-       display_note(print_document_link($credit_no, _("&Print This Credit Invoice"), true, 11),0, 1);
+       display_note(print_document_link($credit_no, _("&Print This Credit Invoice"), true, ST_CUSTCREDIT),0, 1);
+       display_note(print_document_link($credit_no, _("&Email This Credit Invoice"), true, ST_CUSTCREDIT, false, "", "", 1),0, 1);
 
        display_note(get_gl_view_str($trans_type, $credit_no, _("View the GL &Journal Entries for this Credit Note")));
 
@@ -136,17 +132,18 @@ function handle_new_credit($trans_no)
 
 function can_process()
 {
+       global $Refs;
 
        $input_error = 0;
 
        if ($_SESSION['Items']->count_items() == 0 && (!check_num('ChargeFreightCost',0)))
                return false;
        if($_SESSION['Items']->trans_no == 0) {
-           if (!references::is_valid($_POST['ref'])) {
+           if (!$Refs->is_valid($_POST['ref'])) {
                display_error( _("You must enter a reference."));
                set_focus('ref');
                $input_error = 1;
-           } elseif (!is_new_reference($_POST['ref'], 11))     {
+           } elseif (!is_new_reference($_POST['ref'], ST_CUSTCREDIT))  {
                display_error( _("The entered reference is already in use."));
                set_focus('ref');
                $input_error = 1;