X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=gl%2Fincludes%2Fdb%2Fgl_db_accounts.inc;h=70ef323638ca30f821c65a3b813f2eab51cdf4c5;hb=6f8094c63f914fce9fcfd02780c452d712a2dba3;hp=b544094e325551c51f0afd1fb79f308ff349513e;hpb=fa3dd600a4b60b528e4c69519c856125e6c3f9bf;p=fa-stable.git

diff --git a/gl/includes/db/gl_db_accounts.inc b/gl/includes/db/gl_db_accounts.inc
index b544094e..70ef3236 100644
--- a/gl/includes/db/gl_db_accounts.inc
+++ b/gl/includes/db/gl_db_accounts.inc
@@ -11,61 +11,48 @@
 ***********************************************************************/
 function add_gl_account($account_code, $account_name, $account_type, $account_code2)
 {
-	$account_name = db_escape($account_name);
 	$sql = "INSERT INTO ".TB_PREF."chart_master (account_code, account_code2, account_name, account_type)
-		VALUES (".db_escape($account_code).", ".db_escape($account_code2).", $account_name, $account_type)";
+		VALUES (".db_escape($account_code).", ".db_escape($account_code2).", "
+			.db_escape($account_name).", ".db_escape($account_type).")";
 
-	db_query($sql, "could not add gl account");
+	return db_query($sql);
 }
 
 function update_gl_account($account_code, $account_name, $account_type, $account_code2)
 {
-	$account_name = db_escape($account_name);
-    $sql = "UPDATE ".TB_PREF."chart_master SET account_name=$account_name,
-		account_type=$account_type, account_code2=".db_escape($account_code2)
-		." WHERE account_code = '$account_code'";
+    $sql = "UPDATE ".TB_PREF."chart_master SET account_name=".db_escape($account_name)
+    .",account_type=".db_escape($account_type).", account_code2=".db_escape($account_code2)
+		." WHERE account_code = ".db_escape($account_code);
 
-	db_query($sql, "could not update gl account");
+	return db_query($sql);
 }
 
 function delete_gl_account($code)
 {
-	$sql = "DELETE FROM ".TB_PREF."chart_master WHERE account_code='$code'";
+	$sql = "DELETE FROM ".TB_PREF."chart_master WHERE account_code=".db_escape($code);
 
 	db_query($sql, "could not delete gl account");
 }
 
-function get_gl_accounts($from=null, $to=null)
+function get_gl_accounts($from=null, $to=null, $type=null)
 {
 	$sql = "SELECT ".TB_PREF."chart_master.*,".TB_PREF."chart_types.name AS AccountTypeName
 		FROM ".TB_PREF."chart_master,".TB_PREF."chart_types
 		WHERE ".TB_PREF."chart_master.account_type=".TB_PREF."chart_types.id";
 	if ($from != null)
-		$sql .= " AND ".TB_PREF."chart_master.account_code >= '$from'";
+		$sql .= " AND ".TB_PREF."chart_master.account_code >= ".db_escape($from);
 	if ($to != null)
-		$sql .= " AND ".TB_PREF."chart_master.account_code <= '$to'";
+		$sql .= " AND ".TB_PREF."chart_master.account_code <= ".db_escape($to);
+	if ($type != null)
+		$sql .= " AND account_type=".db_escape($type);
 	$sql .= " ORDER BY account_code";
 
 	return db_query($sql, "could not get gl accounts");
 }
 
-function get_gl_accounts_all($balance=-1)
-{
-	 $sql = "SELECT ".TB_PREF."chart_master.account_code, ".TB_PREF."chart_master.account_name, ".TB_PREF."chart_types.name AS AccountTypeName,".TB_PREF."chart_types.id AS AccountType,
-	 	".TB_PREF."chart_types.parent, ".TB_PREF."chart_class.class_name AS AccountClassName
-	 	FROM ".TB_PREF."chart_types INNER JOIN ".TB_PREF."chart_class ON ".TB_PREF."chart_types.class_id=".TB_PREF."chart_class.cid
-	 	LEFT JOIN ".TB_PREF."chart_master ON ".TB_PREF."chart_master.account_type=".TB_PREF."chart_types.id ";
-	if ($balance != -1)
-		$sql .= "WHERE ".TB_PREF."chart_class.balance_sheet=$balance "; 	 	 		
-	 $sql .= "ORDER BY ".TB_PREF."chart_class.cid, IF(parent > 0,parent,".TB_PREF."chart_types.id), 
-	 	IF(parent > 0,".TB_PREF."chart_types.id, parent), ".TB_PREF."chart_master.account_code";
-
-	return db_query($sql, "could not get gl accounts");
-}
-
 function get_gl_account($code)
 {
-	$sql = "SELECT * FROM ".TB_PREF."chart_master WHERE account_code='$code'";
+	$sql = "SELECT * FROM ".TB_PREF."chart_master WHERE account_code=".db_escape($code);
 
 	$result = db_query($sql, "could not get gl account");
 	return db_fetch($result);
@@ -73,19 +60,20 @@ function get_gl_account($code)
 
 function is_account_balancesheet($code)
 {
-	$sql = "SELECT ".TB_PREF."chart_class.balance_sheet FROM ".TB_PREF."chart_class, ".TB_PREF."chart_types, ".TB_PREF."chart_master
+	$sql = "SELECT ".TB_PREF."chart_class.ctype FROM ".TB_PREF."chart_class, "
+		.TB_PREF."chart_types, ".TB_PREF."chart_master
 		WHERE ".TB_PREF."chart_master.account_type=".TB_PREF."chart_types.id AND
 		".TB_PREF."chart_types.class_id=".TB_PREF."chart_class.cid
-		AND ".TB_PREF."chart_master.account_code='$code'";
+		AND ".TB_PREF."chart_master.account_code=".db_escape($code);
 
 	$result = db_query($sql,"could not retreive the account class for $code");
 	$row = db_fetch_row($result);
-	return $row[0];
+	return $row[0] > 0 && $row[0] < CL_INCOME;
 }
 
 function get_gl_account_name($code)
 {
-	$sql = "SELECT account_name from ".TB_PREF."chart_master WHERE account_code='$code'";
+	$sql = "SELECT account_name from ".TB_PREF."chart_master WHERE account_code=".db_escape($code);
 
 	$result = db_query($sql,"could not retreive the account name for $code");