X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;ds=sidebyside;f=reporting%2Frep209.php;h=b6b88a4572ee85b310b3493d5109b019c5594441;hb=af78fbb535a6fedbc2eb70a26ddc39739be2b986;hp=046738d025e47900f17d3530add9cc4db2d3dc3d;hpb=2383d33373d6ddec06906658a0ed6398077c1147;p=fa-stable.git diff --git a/reporting/rep209.php b/reporting/rep209.php index 046738d0..b6b88a45 100644 --- a/reporting/rep209.php +++ b/reporting/rep209.php @@ -9,7 +9,9 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the License here . ***********************************************************************/ -$page_security = 2; + +$page_security = $_POST['PARAM_0'] == $_POST['PARAM_1'] ? + 'SA_SUPPTRANSVIEW' : 'SA_SUPPBULKREP'; // ---------------------------------------------------------------- // $ Revision: 2.0 $ // Creator: Joe Hunt @@ -35,7 +37,7 @@ function get_po($order_no) FROM ".TB_PREF."purch_orders, ".TB_PREF."suppliers, ".TB_PREF."locations WHERE ".TB_PREF."purch_orders.supplier_id = ".TB_PREF."suppliers.supplier_id AND ".TB_PREF."locations.loc_code = into_stock_location - AND ".TB_PREF."purch_orders.order_no = " . $order_no; + AND ".TB_PREF."purch_orders.order_no = ".db_escape($order_no); $result = db_query($sql, "The order cannot be retrieved"); return db_fetch($result); } @@ -46,7 +48,7 @@ function get_po_details($order_no) FROM ".TB_PREF."purch_order_details LEFT JOIN ".TB_PREF."stock_master ON ".TB_PREF."purch_order_details.item_code=".TB_PREF."stock_master.stock_id - WHERE order_no =$order_no "; + WHERE order_no =".db_escape($order_no)." "; $sql .= " ORDER BY po_detail_item"; return db_query($sql, "Retreive order Line Items"); } @@ -60,9 +62,8 @@ function print_po() $from = $_POST['PARAM_0']; $to = $_POST['PARAM_1']; $currency = $_POST['PARAM_2']; - $bankaccount = $_POST['PARAM_3']; - $email = $_POST['PARAM_4']; - $comments = $_POST['PARAM_5']; + $email = $_POST['PARAM_3']; + $comments = $_POST['PARAM_4']; if ($from == null) $from = 0; @@ -75,10 +76,8 @@ function print_po() // $headers in doctext.inc $aligns = array('left', 'left', 'left', 'right', 'left', 'right', 'right'); - $params = array('comments' => $comments, - 'bankaccount' => $bankaccount); + $params = array('comments' => $comments); - $baccount = get_bank_account($params['bankaccount']); $cur = get_company_Pref('curr_default'); if ($email == 0) @@ -92,6 +91,8 @@ function print_po() for ($i = $from; $i <= $to; $i++) { $myrow = get_po($i); + $baccount = get_default_bank_account($myrow['curr_code']); + $params['bankaccount'] = $baccount['id']; if ($email == 1) { @@ -125,7 +126,8 @@ function print_po() } $Net = round2(($myrow2["unit_price"] * $myrow2["quantity_ordered"]), user_price_dec()); $SubTotal += $Net; - $DisplayPrice = number_format2($myrow2["unit_price"],$dec); + $dec2 = 0; + $DisplayPrice = price_decimal_format($myrow2["unit_price"],$dec2); $DisplayQty = number_format2($myrow2["quantity_ordered"],get_qty_dec($myrow2['item_code'])); $DisplayNet = number_format2($Net,$dec); //$rep->TextCol(0, 1, $myrow2['item_code'], -2);