Merged changes form main trunk up to 2.2.4

[fa-stable.git] / sales / includes / sales_db.inc

diff --git a/sales/includes/sales_db.inc b/sales/includes/sales_db.inc
index de98c3b0ffbc6d4a97e2f05296b78c72c493a3c0..88727e80982a3fd0aa088bbfdc8ec2daf18c102e 100644 (file)
--- a/sales/includes/sales_db.inc
+++ b/sales/includes/sales_db.inc
@@ -17,6 +17,8 @@ include_once($path_to_root . "/sales/includes/db/sales_invoice_db.inc");
 include_once($path_to_root . "/sales/includes/db/sales_delivery_db.inc");
 include_once($path_to_root . "/sales/includes/db/sales_types_db.inc");
 include_once($path_to_root . "/sales/includes/db/sales_points_db.inc");
+include_once($path_to_root . "/sales/includes/db/sales_groups_db.inc");
+include_once($path_to_root . "/sales/includes/db/recurrent_invoices_db.inc");
 include_once($path_to_root . "/sales/includes/db/custalloc_db.inc");
 include_once($path_to_root . "/sales/includes/db/cust_trans_db.inc");
 include_once($path_to_root . "/sales/includes/db/cust_trans_details_db.inc");
@@ -52,7 +54,7 @@ function add_gl_trans_customer($type, $type_no, $date_, $account, $dimension, $d
 
        return add_gl_trans($type, $type_no, $date_, $account, $dimension, $dimension2, "", $amount,
                get_customer_currency($customer_id),
-               payment_person_types::customer(), $customer_id, $err_msg, $rate);
+               PT_CUSTOMER, $customer_id, $err_msg, $rate);
 }
 
 //----------------------------------------------------------------------------------------
@@ -92,15 +94,15 @@ function get_price ($stock_id, $currency, $sales_type_id, $factor=null, $date=nu
                $myrow = get_sales_type($sales_type_id);
                $factor = $myrow['factor'];
        }
-           
+
        $add_pct = get_company_pref('add_pct');
        $base_id = get_base_sales_type();
     $home_curr = get_company_currency();
        //      AND (sales_type_id = $sales_type_id     OR sales_type_id = $base_id)
        $sql = "SELECT price, curr_abrev, sales_type_id
                FROM ".TB_PREF."prices
-               WHERE stock_id = '$stock_id' 
-                       AND (curr_abrev = '$currency' OR curr_abrev = '$home_curr')";
+               WHERE stock_id = ".db_escape($stock_id)."
+                       AND (curr_abrev = ".db_escape($currency)." OR curr_abrev = ".db_escape($home_curr).")";
 
        $result = db_query($sql, "There was a problem retrieving the pricing information for the part $stock_id for customer");
        $num_rows = db_num_rows($result);
@@ -184,15 +186,16 @@ function set_document_parent($cart)
 
        if (count($cart->src_docs) == 1) {
 
-       // if this child document has only one parent - update child link
-       $del_no = reset(array_keys($cart->src_docs));
+               // if this child document has only one parent - update child link
+               $src = array_keys($cart->src_docs);
+               $del_no = reset($src);
 
-       $sql = 'UPDATE '.TB_PREF.'debtor_trans SET trans_link = ' . $del_no .
-               ' WHERE type='.$cart->trans_type.' AND trans_no='. $inv_no ;
-       db_query($sql, 'Child document link cannot be updated');
+               $sql = 'UPDATE '.TB_PREF.'debtor_trans SET trans_link = ' . $del_no .
+                       ' WHERE type='.db_escape($cart->trans_type).' AND trans_no='. $inv_no ;
+               db_query($sql, 'Child document link cannot be updated');
 
        }
-       if ($cart->trans_type != 10)
+       if ($cart->trans_type != ST_SALESINVOICE)
                return 0;
 
        // the rest is batch invoice specific
@@ -220,7 +223,7 @@ function set_document_parent($cart)
 //--------------------------------------------------------------------------------------------------
 function get_parent_type($type)
 {
-       $parent_types = array( 11=>10, 10=>13, 13=>30 );
+       $parent_types = array( ST_CUSTCREDIT => ST_SALESINVOICE, ST_SALESINVOICE => ST_CUSTDELIVERY, ST_CUSTDELIVERY => ST_SALESORDER );
        return isset($parent_types[$type]) ?  $parent_types[$type] : 0;
 }
 
@@ -233,14 +236,14 @@ function update_parent_line($doc_type, $line_id, $qty_dispatched)
        if ($doc_type==0)
                return false;
        else {
-               if ($doc_type==30)
+               if ($doc_type==ST_SALESORDER)
                        $sql = "UPDATE ".TB_PREF."sales_order_details
                                SET qty_sent = qty_sent + $qty_dispatched
-                               WHERE id=$line_id";
+                               WHERE id=".db_escape($line_id);
                else
                        $sql = "UPDATE ".TB_PREF."debtor_trans_details
                                SET qty_done = qty_done + $qty_dispatched
-                               WHERE id=$line_id";
+                               WHERE id=".db_escape($line_id);
        }
        db_query($sql, "The parent document detail record could not be updated");
        return true;
@@ -253,7 +256,7 @@ function get_location(&$cart)
 {
        $sql = "SELECT ".TB_PREF."locations.* FROM ".TB_PREF."stock_moves,"
                .TB_PREF."locations".
-               " WHERE type=".$cart->trans_type.
+               " WHERE type=".db_escape($cart->trans_type).
                " AND trans_no=".key($cart->trans_no).
                " AND qty!=0 ".
                " AND ".TB_PREF."locations.loc_code=".TB_PREF."stock_moves.loc_code";