X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=gl%2Fincludes%2Fdb%2Fgl_db_rates.inc;h=02a782296ae03e54b976049cf30f02659f8f7ac5;hb=0bf933423b9645bcb57390c478d4fdaf0c895049;hp=7e05f98e5e32919d93440f0c8d50c23b63e1ee09;hpb=818719f38b8327cdca616d58b13913dbd174d96a;p=fa-stable.git diff --git a/gl/includes/db/gl_db_rates.inc b/gl/includes/db/gl_db_rates.inc index 7e05f98e..02a78229 100644 --- a/gl/includes/db/gl_db_rates.inc +++ b/gl/includes/db/gl_db_rates.inc @@ -1,18 +1,18 @@ . + See the License here . ***********************************************************************/ //--------------------------------------------------------------------------------------------- function get_exchange_rate($rate_id) { - $sql = "SELECT * FROM ".TB_PREF."exchange_rates WHERE id=$rate_id"; + $sql = "SELECT * FROM ".TB_PREF."exchange_rates WHERE id=".db_escape($rate_id); $result = db_query($sql, "could not get exchange rate for $rate_id"); return db_fetch($result); @@ -22,8 +22,8 @@ function get_exchange_rate($rate_id) function get_date_exchange_rate($curr_code, $date_) { $date = date2sql($date_); - $sql = "SELECT rate_buy FROM ".TB_PREF."exchange_rates WHERE curr_code='$curr_code' - AND date_='$date'"; + $sql = "SELECT rate_buy FROM ".TB_PREF."exchange_rates WHERE curr_code=".db_escape($curr_code) + ." AND date_='$date'"; $result = db_query($sql, "could not get exchange rate for $curr_code - $date_"); if(db_num_rows($result) == 0) @@ -41,8 +41,8 @@ function update_exchange_rate($curr_code, $date_, $buy_rate, $sell_rate) $date = date2sql($date_); - $sql = "UPDATE ".TB_PREF."exchange_rates SET rate_buy=$buy_rate, rate_sell=$sell_rate - WHERE curr_code='$curr_code' AND date_='$date'"; + $sql = "UPDATE ".TB_PREF."exchange_rates SET rate_buy=$buy_rate, rate_sell=".db_escape($sell_rate) + ." WHERE curr_code=".db_escape($curr_code)." AND date_='$date'"; db_query($sql, "could not add exchange rate for $curr_code"); } @@ -57,7 +57,8 @@ function add_exchange_rate($curr_code, $date_, $buy_rate, $sell_rate) $date = date2sql($date_); $sql = "INSERT INTO ".TB_PREF."exchange_rates (curr_code, date_, rate_buy, rate_sell) - VALUES ('$curr_code', '$date', $buy_rate, $sell_rate)"; + VALUES (".db_escape($curr_code).", '$date', ".db_escape($buy_rate) + .", ".db_escape($sell_rate).")"; db_query($sql, "could not add exchange rate for $curr_code"); } @@ -65,41 +66,65 @@ function add_exchange_rate($curr_code, $date_, $buy_rate, $sell_rate) function delete_exchange_rate($rate_id) { - $sql = "DELETE FROM ".TB_PREF."exchange_rates WHERE id=$rate_id"; + $sql = "DELETE FROM ".TB_PREF."exchange_rates WHERE id=".db_escape($rate_id); db_query($sql, "could not delete exchange rate $rate_id"); } -//--------------------------------------------------------------------------------------------- +//----------------------------------------------------------------------------- +// Retrieve exchange rate as of date $date from external source (usually inet) +// +function retrieve_exrate($curr_b, $date) +{ + global $Hooks; + + if (method_exists($Hooks, 'retrieve_exrate')) + return $Hooks->retrieve_exrate($curr_b, $date); + else + return get_ecb_rate($curr_b); +} +//----------------------------------------------------------------------------- function get_ecb_rate($curr_b) { $curr_a = get_company_pref('curr_default'); - $ecb_filename = 'http://www.ecb.int/stats/eurofxref/eurofxref-daily.xml'; - $handle = @fopen($ecb_filename, 'rb'); + $ecb_filename = '/stats/eurofxref/eurofxref-daily.xml'; + $ecb_site = 'www.ecb.int'; $contents = ''; - if ($handle) - { - do - { - $data = @fread( $handle, 4096 ); - if ( strlen ( $data ) == 0 ) - break; - $contents .= $data; // with this syntax only text will be translated, whole text with htmlspecialchars($data) - } - while (true); - @fclose( $handle ); - } // end handle - else - { - $ch = curl_init(); - curl_setopt ($ch, CURLOPT_URL, $ecb_filename); - curl_setopt ($ch, CURLOPT_COOKIEJAR, "cookie.txt"); - curl_setopt ($ch, CURLOPT_HEADER, 0); - curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); - curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1); - curl_setopt ($ch, CURLOPT_TIMEOUT, 120); - $contents = curl_exec ($ch); - curl_close($ch); + + if (function_exists('curl_init')) + { // first check with curl as we can set short timeout; + $retry = 1; + do { + $ch = curl_init(); + curl_setopt ($ch, CURLOPT_URL, 'http://'.$ecb_site.$ecb_filename); + curl_setopt ($ch, CURLOPT_COOKIEJAR, "cookie.txt"); + curl_setopt ($ch, CURLOPT_HEADER, 0); + curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); + curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1); + curl_setopt ($ch, CURLOPT_TIMEOUT, 3); + $contents = curl_exec ($ch); + curl_close($ch); + // due to resolver bug in some curl versions (e.g. 7.15.5) + // try again for constant IP. + $ecb_site="195.128.2.97"; + } while( ($contents == '') && $retry--); + + } else { + $handle = @fopen("http://".$ecb_site.$ecb_filename, 'rb'); + if ($handle) { + do + { + $data = @fread( $handle, 4096 ); + if ( strlen ( $data ) == 0 ) + break; + $contents .= $data; // with this syntax only text will be translated, whole text with htmlspecialchars($data) + } + while (true); + @fclose( $handle ); + } // end handle + } + if (!$contents) { + display_warning(_('Cannot retrieve currency rate from ECB page. Please set the rate manually.')); } $contents = str_replace (" |i"; @@ -119,6 +144,16 @@ function get_ecb_rate($curr_b) $val = 0; } return $val; -} // end function get_ecb_rate +} // end function get_ecb_rate +//----------------------------------------------------------------------------- + +function get_sql_for_exchange_rates() +{ + $sql = "SELECT date_, rate_buy, id FROM " + .TB_PREF."exchange_rates " + ."WHERE curr_code=".db_escape($_POST['curr_abrev'])." + ORDER BY date_ DESC"; + return $sql; +} ?> \ No newline at end of file