MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
***********************************************************************/
-$page_security = 3;
-$path_to_root="../..";
+$page_security = 'SA_CUSTOMER';
+$path_to_root = "../..";
include_once($path_to_root . "/includes/session.inc");
-page(_("Customers"));
+page(_("Customers"), @$_REQUEST['popup']);
include_once($path_to_root . "/includes/date_functions.inc");
include_once($path_to_root . "/includes/banking.inc");
set_focus('CustName');
return false;
}
+
+ if (strlen($_POST['cust_ref']) == 0)
+ {
+ display_error(_("The customer short name cannot be empty."));
+ set_focus('cust_ref');
+ return false;
+ }
if (!check_num('credit_limit', 0))
{
{
$sql = "UPDATE ".TB_PREF."debtors_master SET name=" . db_escape($_POST['CustName']) . ",
+ debtor_ref=" . db_escape($_POST['cust_ref']) . ",
address=".db_escape($_POST['address']) . ",
tax_id=".db_escape($_POST['tax_id']) . ",
curr_code=".db_escape($_POST['curr_code']) . ",
discount=" . input_num('discount') / 100 . ",
pymt_discount=" . input_num('pymt_discount') / 100 . ",
credit_limit=" . input_num('credit_limit') . ",
- sales_type = ".db_escape($_POST['sales_type']) . "
- WHERE debtor_no = '". $_POST['customer_id'] . "'";
+ sales_type = ".db_escape($_POST['sales_type']) . ",
+ notes=".db_escape($_POST['notes']) . "
+ WHERE debtor_no = ".db_escape($_POST['customer_id']);
db_query($sql,"The customer could not be updated");
begin_transaction();
- $sql = "INSERT INTO ".TB_PREF."debtors_master (name, address, tax_id, email, dimension_id, dimension2_id,
+ $sql = "INSERT INTO ".TB_PREF."debtors_master (name, debtor_ref, address, tax_id, email, dimension_id, dimension2_id,
curr_code, credit_status, payment_terms, discount, pymt_discount,credit_limit,
- sales_type) VALUES (".db_escape($_POST['CustName']) .", "
+ sales_type, notes) VALUES (".db_escape($_POST['CustName']) .", " .db_escape($_POST['cust_ref']) .", "
.db_escape($_POST['address']) . ", " . db_escape($_POST['tax_id']) . ","
.db_escape($_POST['email']) . ", ".db_escape($_POST['dimension_id']) . ", "
.db_escape($_POST['dimension2_id']) . ", ".db_escape($_POST['curr_code']) . ",
" . db_escape($_POST['credit_status']) . ", ".db_escape($_POST['payment_terms']) . ", " . input_num('discount')/100 . ",
- " . input_num('pymt_discount')/100 . ", " . input_num('credit_limit') . ", ".db_escape($_POST['sales_type']) . ")";
+ " . input_num('pymt_discount')/100 . ", " . input_num('credit_limit')
+ .", ".db_escape($_POST['sales_type']).", ".db_escape($_POST['notes']) . ")";
db_query($sql,"The customer could not be added");
}
//--------------------------------------------------------------------------------------------
-if (isset($_POST['select']))
-{
- context_return(array('customer_id' => $_POST['customer_id'],
- 'branch_id' => '')); // this fires customer history checks
-}
-//--------------------------------------------------------------------------------------------
-
if (isset($_POST['delete']))
{
$cancel_delete = 0;
// PREVENT DELETES IF DEPENDENT RECORDS IN 'debtor_trans'
-
- $sql= "SELECT COUNT(*) FROM ".TB_PREF."debtor_trans WHERE debtor_no='" . $_POST['customer_id'] . "'";
+ $sel_id = db_escape($_POST['customer_id']);
+ $sql= "SELECT COUNT(*) FROM ".TB_PREF."debtor_trans WHERE debtor_no=$sel_id";
$result = db_query($sql,"check failed");
$myrow = db_fetch_row($result);
if ($myrow[0] > 0)
}
else
{
- $sql= "SELECT COUNT(*) FROM ".TB_PREF."sales_orders WHERE debtor_no='" . $_POST['customer_id'] . "'";
+ $sql= "SELECT COUNT(*) FROM ".TB_PREF."sales_orders WHERE debtor_no=$sel_id";
$result = db_query($sql,"check failed");
$myrow = db_fetch_row($result);
if ($myrow[0] > 0)
}
else
{
- $sql = "SELECT COUNT(*) FROM ".TB_PREF."cust_branch WHERE debtor_no='" . $_POST['customer_id'] . "'";
+ $sql = "SELECT COUNT(*) FROM ".TB_PREF."cust_branch WHERE debtor_no=$sel_id";
$result = db_query($sql,"check failed");
$myrow = db_fetch_row($result);
if ($myrow[0] > 0)
if ($cancel_delete == 0)
{ //ie not cancelled the delete as a result of above tests
- $sql = "DELETE FROM ".TB_PREF."debtors_master WHERE debtor_no='" . $_POST['customer_id'] . "'";
+ $sql = "DELETE FROM ".TB_PREF."debtors_master WHERE debtor_no=$sel_id";
db_query($sql,"cannot delete customer");
display_notification(_("Selected customer has been deleted."));
if ($new_customer)
{
- $_POST['CustName'] = $_POST['address'] = $_POST['tax_id'] = '';
+ $_POST['CustName'] = $_POST['cust_ref'] = $_POST['address'] = $_POST['tax_id'] = '';
$_POST['dimension_id'] = 0;
$_POST['dimension2_id'] = 0;
$_POST['sales_type'] = -1;
$_POST['email'] = '';
$_POST['curr_code'] = get_company_currency();
$_POST['credit_status'] = -1;
- $_POST['payment_terms'] = '';
+ $_POST['payment_terms'] = $_POST['notes'] = '';
+
$_POST['discount'] = $_POST['pymt_discount'] = percent_format(0);
- $_POST['credit_limit'] = price_format(sys_prefs::default_credit_limit());
+ $_POST['credit_limit'] = price_format($SysPrefs->default_credit_limit());
$_POST['inactive'] = 0;
}
else
{
- $sql = "SELECT * FROM ".TB_PREF."debtors_master WHERE debtor_no = '" . $_POST['customer_id'] . "'";
+ $sql = "SELECT * FROM ".TB_PREF."debtors_master WHERE debtor_no = ".db_escape($_POST['customer_id']);
$result = db_query($sql,"check failed");
$myrow = db_fetch($result);
$_POST['CustName'] = $myrow["name"];
+ $_POST['cust_ref'] = $myrow["debtor_ref"];
$_POST['address'] = $myrow["address"];
$_POST['tax_id'] = $myrow["tax_id"];
$_POST['email'] = $myrow["email"];
$_POST['discount'] = percent_format($myrow["discount"] * 100);
$_POST['pymt_discount'] = percent_format($myrow["pymt_discount"] * 100);
$_POST['credit_limit'] = price_format($myrow["credit_limit"]);
+ $_POST['notes'] = $myrow["notes"];
$_POST['inactive'] = $myrow["inactive"];
}
table_section_title(_("Name and Address"));
text_row(_("Customer Name:"), 'CustName', $_POST['CustName'], 40, 80);
+text_row(_("Customer Short Name:"), 'cust_ref', null, 30, 30);
textarea_row(_("Address:"), 'address', $_POST['address'], 35, 5);
email_row(_("E-mail:"), 'email', null, 40, 40);
start_row();
echo '<td>'._('Customer branches').':</td>';
hyperlink_params_td($path_to_root . "/sales/manage/customer_branches.php",
- '<b>'. (count($_SESSION['Context']) ? _("Select or &Add") : _("&Add or Edit ")).'</b>',
- "debtor_no=".$_POST['customer_id']);
+ '<b>'. (@$_REQUEST['popup'] ? _("Select or &Add") : _("&Add or Edit ")).'</b>',
+ "debtor_no=".$_POST['customer_id'].(@$_REQUEST['popup'] ? '&popup=1':''));
end_row();
}
+textarea_row(_("General Notes:"), 'notes', null, 35, 5);
record_status_list_row(_("Customer status:"), 'inactive');
end_outer_table(1);
else
{
submit_center_first('submit', _("Update Customer"),
- _('Update customer data'), true);
- submit_return('select', _("Return"), _("Select this customer and return to document entry."), 'default');
+ _('Update customer data'), @$_REQUEST['popup'] ? true : 'default');
+ submit_return('select', get_post('customer_id'), _("Select this customer and return to document entry."));
submit_center_last('delete', _("Delete Customer"),
_('Delete customer data if have been never used'), true);
}
div_end();
+hidden('popup', @$_REQUEST['popup']);
end_form();
end_page();
projects / fa-stable.git / blobdiff