<?php
-
-
-$page_security = 3;
-$path_to_root="../..";
+/**********************************************************************
+ Copyright (C) FrontAccounting, LLC.
+ Released under the terms of the GNU General Public License, GPL,
+ as published by the Free Software Foundation, either version 3
+ of the License, or (at your option) any later version.
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
+$page_security = 'SA_SRECURRENT';
+$path_to_root = "../..";
include($path_to_root . "/includes/session.inc");
include($path_to_root . "/includes/ui.inc");
page(_("Recurrent Invoices"), false, false, "", $js);
-
simple_page_mode(true);
if ($Mode=='ADD_ITEM' || $Mode=='UPDATE_ITEM')
monthly=".input_num('monthly', 0).",
begin='".date2sql($_POST['begin'])."',
end='".date2sql($_POST['end'])."'
- WHERE id = '$selected_id'";
+ WHERE id = ".db_escape($selected_id);
$note = _('Selected recurrent invoice has been updated');
}
else
if ($cancel_delete == 0)
{
- $sql="DELETE FROM ".TB_PREF."recurrent_invoices WHERE id='" . $selected_id . "'";
+ $sql="DELETE FROM ".TB_PREF."recurrent_invoices WHERE id=".db_escape($selected_id);
db_query($sql,"could not delete recurrent invoice");
display_notification(_('Selected recurrent invoice has been deleted'));
//-------------------------------------------------------------------------------------------------
function get_sales_group_name($group_no)
{
- $sql = "SELECT description FROM ".TB_PREF."groups WHERE id = $group_no";
+ $sql = "SELECT description FROM ".TB_PREF."groups WHERE id = ".db_escape($group_no);
$result = db_query($sql, "could not get group");
$row = db_fetch($result);
return $row[0];
alt_table_row_color($k);
label_cell($myrow["description"]);
- label_cell(get_customer_trans_view_str(30, $myrow["order_no"]));
+ label_cell(get_customer_trans_view_str(ST_SALESORDER, $myrow["order_no"]));
if ($myrow["debtor_no"] == 0)
{
label_cell("");
label_cell($end);
label_cell($last_sent);
edit_button_cell("Edit".$myrow["id"], _("Edit"));
- edit_button_cell("Delete".$myrow["id"], _("Delete"));
+ delete_button_cell("Delete".$myrow["id"], _("Delete"));
end_row();
}
end_table();
start_form();
-start_table("$table_style2 width=40%");
+start_table($table_style2);
if ($selected_id != -1)
{
if ($Mode == 'Edit') {
//editing an existing area
- $sql = "SELECT * FROM ".TB_PREF."recurrent_invoices WHERE id='$selected_id'";
+ $sql = "SELECT * FROM ".TB_PREF."recurrent_invoices WHERE id=".db_escape($selected_id);
$result = db_query($sql,"could not get recurrent invoice");
$myrow = db_fetch($result);
end_table(1);
-submit_add_or_update_center($selected_id == -1, '', true);
+submit_add_or_update_center($selected_id == -1, '', 'both');
end_form();