X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=gl%2Fincludes%2Fdb%2Fgl_db_rates.inc;h=a6dc58e7d59f5e4377e2705e7253e519be1c144b;hb=49fa30e88e27b311edaca3ae3789d62e4629eb39;hp=0c9ae6863b5d81d572f404ddff4789bbf7c37322;hpb=c15a2e092043303fc99080fe8bb4f33475ec4812;p=fa-stable.git

diff --git a/gl/includes/db/gl_db_rates.inc b/gl/includes/db/gl_db_rates.inc
index 0c9ae686..a6dc58e7 100644
--- a/gl/includes/db/gl_db_rates.inc
+++ b/gl/includes/db/gl_db_rates.inc
@@ -9,10 +9,11 @@
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
 ***********************************************************************/
+include_once($path_to_root . "/includes/remote_url.inc");
 //---------------------------------------------------------------------------------------------
 function get_exchange_rate($rate_id)
 {
-	$sql = "SELECT * FROM ".TB_PREF."exchange_rates WHERE id=$rate_id";
+	$sql = "SELECT * FROM ".TB_PREF."exchange_rates WHERE id=".db_escape($rate_id);
 	$result = db_query($sql, "could not get exchange rate for $rate_id");	
 
 	return db_fetch($result);
@@ -22,8 +23,8 @@ function get_exchange_rate($rate_id)
 function get_date_exchange_rate($curr_code, $date_)
 {
 	$date = date2sql($date_);
-	$sql = "SELECT rate_buy FROM ".TB_PREF."exchange_rates WHERE curr_code='$curr_code' 
-		AND date_='$date'";
+	$sql = "SELECT rate_buy FROM ".TB_PREF."exchange_rates WHERE curr_code=".db_escape($curr_code)
+	." AND date_='$date'";
 	$result = db_query($sql, "could not get exchange rate for $curr_code - $date_");	
 
 	if(db_num_rows($result) == 0) 
@@ -41,8 +42,8 @@ function update_exchange_rate($curr_code, $date_, $buy_rate, $sell_rate)
 			
 	$date = date2sql($date_);
 		
-	$sql = "UPDATE ".TB_PREF."exchange_rates SET rate_buy=$buy_rate, rate_sell=$sell_rate
-		WHERE curr_code='$curr_code' AND date_='$date'";
+	$sql = "UPDATE ".TB_PREF."exchange_rates SET rate_buy=$buy_rate, rate_sell=".db_escape($sell_rate)
+	." WHERE curr_code=".db_escape($curr_code)." AND date_='$date'";
 				
 	db_query($sql, "could not add exchange rate for $curr_code");				
 }
@@ -57,7 +58,8 @@ function add_exchange_rate($curr_code, $date_, $buy_rate, $sell_rate)
 	$date = date2sql($date_);
 		
 	$sql = "INSERT INTO ".TB_PREF."exchange_rates (curr_code, date_, rate_buy, rate_sell)
-		VALUES ('$curr_code', '$date', $buy_rate, $sell_rate)";
+		VALUES (".db_escape($curr_code).", '$date', ".db_escape($buy_rate)
+		.", ".db_escape($sell_rate).")";
 	db_query($sql, "could not add exchange rate for $curr_code");				
 }
 
@@ -65,17 +67,40 @@ function add_exchange_rate($curr_code, $date_, $buy_rate, $sell_rate)
 
 function delete_exchange_rate($rate_id)
 {
-	$sql = "DELETE FROM ".TB_PREF."exchange_rates WHERE id=$rate_id";
+	$sql = "DELETE FROM ".TB_PREF."exchange_rates WHERE id=".db_escape($rate_id);
 	db_query($sql, "could not delete exchange rate $rate_id");		
 }
 
-//---------------------------------------------------------------------------------------------
+//-----------------------------------------------------------------------------
+//	Retrieve exchange rate as of date $date from external source (usually inet)
+//
+function retrieve_exrate($curr_b, $date)
+{
+	return $rate = hook_retrieve_exrate($curr_b, $date);
+	if (is_numeric($rate))
+		return $rate;
+	return get_extern_rate($curr_b, 'ECB', $date);
+}
+//-----------------------------------------------------------------------------
 
-function get_ecb_rate($curr_b) 
+function get_extern_rate($curr_b, $provider = 'ECB', $date) 
 {
 	$curr_a = get_company_pref('curr_default');
-	$ecb_filename = '/stats/eurofxref/eurofxref-daily.xml';
-	$ecb_site = 'www.ecb.int';
+	if ($provider == 'ECB')
+	{
+		$filename = "/stats/eurofxref/eurofxref-daily.xml";
+		$site = "www.ecb.int";
+	}
+	elseif ($provider == 'YAHOO')
+	{
+		$filename = "/q?s={$curr_a}{$curr_b}=X";
+		$site = "finance.yahoo.com";
+	}
+	elseif ($provider == 'GOOGLE')
+	{
+		$filename = "/finance/converter?a=1&from={$curr_a}&to={$curr_b}";
+		$site = "finance.google.com";
+	}
 	$contents = '';
 
 	if (function_exists('curl_init'))
@@ -83,7 +108,7 @@ function get_ecb_rate($curr_b)
 		$retry = 1;
 	 	do {
 	       $ch = curl_init();
-    	   curl_setopt ($ch, CURLOPT_URL, 'http://'.$ecb_site.$ecb_filename);
+    	   curl_setopt ($ch, CURLOPT_URL, 'http://'.$site.$filename);
 	       curl_setopt ($ch, CURLOPT_COOKIEJAR, "cookie.txt");
     	   curl_setopt ($ch, CURLOPT_HEADER, 0);
 	       curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
@@ -93,44 +118,68 @@ function get_ecb_rate($curr_b)
 	       curl_close($ch);
 			// due to resolver bug in some curl versions (e.g. 7.15.5) 
 			// try again for constant IP.
-		   $ecb_site="195.128.2.97";
+		   $site="195.128.2.97";
 	   } while( ($contents == '') && $retry--);
 	   
 	} else {
-		$handle = @fopen("http://".$ecb_site.$ecb_filename, 'rb');
-		if ($handle) {
-			do 
-			{
-				$data = @fread( $handle, 4096 );
-				if ( strlen ( $data ) == 0 ) 
-   					break;
-   				$contents .= $data; // with this syntax only text will be translated, whole text with htmlspecialchars($data)
-			} 
-			while (true);
-			@fclose( $handle );
-		} // end handle
+		$contents = url_get_contents("http://".$site.$filename);
 	}
 	if (!$contents) {
-		display_warning(_('Cannot retrieve currency rate from ECB page. Please set the rate manually.'));
+		display_warning(_("Cannot retrieve currency rate from $provider page. Please set the rate manually."));
 	}
-	$contents = str_replace ("<Cube currency='USD'", " <Cube currency='EUR' rate='1'/> <Cube currency='USD'", $contents);
-	$from_mask = "|<Cube\s*currency=\'" . $curr_a . "\'\s*rate=\'([\d.,]*)\'\s*/>|i";
-	preg_match ( $from_mask, $contents, $out );
-	$val_a = isset($out[1]) ? $out[1] : 0;
-	$val_a = str_replace ( ',', '', $val_a );
-	$to_mask = "|<Cube\s*currency=\'" . $curr_b . "\'\s*rate=\'([\d.,]*)\'\s*/>|i";
-	preg_match ( $to_mask, $contents, $out );
-	$val_b = isset($out[1]) ? $out[1] : 0;
-	$val_b = str_replace ( ',', '', $val_b );
-	if ($val_b) 
+	if ($provider == 'ECB')
 	{
-		$val = $val_a / $val_b;
-	} 
-	else 
+		$contents = str_replace ("<Cube currency='USD'", " <Cube currency='EUR' rate='1'/> <Cube currency='USD'", $contents);
+		$from_mask = "|<Cube\s*currency=\'" . $curr_a . "\'\s*rate=\'([\d.,]*)\'\s*/>|i";
+		preg_match ( $from_mask, $contents, $out );
+		$val_a = isset($out[1]) ? $out[1] : 0;
+		$val_a = str_replace ( ',', '', $val_a );
+		$to_mask = "|<Cube\s*currency=\'" . $curr_b . "\'\s*rate=\'([\d.,]*)\'\s*/>|i";
+		preg_match ( $to_mask, $contents, $out );
+		$val_b = isset($out[1]) ? $out[1] : 0;
+		$val_b = str_replace ( ',', '', $val_b );
+		if ($val_b) 
+		{
+			$val = $val_a / $val_b;
+		} 
+		else 
+		{
+			$val = 0;
+		}
+	}
+	elseif ($provider == 'YAHOO')
 	{
-		$val = 0;
+		$val = '';
+		if (preg_match('/Last\sTrade:(.*?)Trade\sTime/s', $contents, $matches)) {
+			$val = strip_tags($matches[1]);
+			$val = str_replace(',', '', $val);
+			if ($val != 0)
+				$val = 1 / $val;
+		}
 	}
+	elseif ($provider == 'GOOGLE')
+	{
+		$val = '';
+		$regexp = "%([\d|.]+)\s+{$curr_a}\s+=\s+<span\sclass=(.*)>([\d|.]+)\s+{$curr_b}\s*</span>%s";
+		if (preg_match($regexp, $contents, $matches)) 
+		{
+			$val = $matches[3];
+			$val = str_replace(',', '', $val);
+			if ($val != 0)
+				$val = 1 / $val;
+		}
+    }    
 	return $val;
-}  // end function get_ecb_rate
+}  /* end function get_extern_rate */
 
+//-----------------------------------------------------------------------------
+
+function get_sql_for_exchange_rates()
+{
+	$sql = "SELECT date_, rate_buy, id FROM "
+		.TB_PREF."exchange_rates "
+		."WHERE curr_code=".db_escape($_POST['curr_abrev'])."
+		 ORDER BY date_ DESC";
+	return $sql;	 
+}
 ?>
\ No newline at end of file