X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fdata_checks.inc;h=84552e402cba8b72ad99842dd0d7846b6235c795;hb=96f82e64b766fa59a3ebc3176e4efd17736f6878;hp=ff316953030d9c322fea21c2a7e3aced11717340;hpb=c0b985cc57f88e49f3402e1c55f7e884e55770ea;p=fa-stable.git diff --git a/includes/data_checks.inc b/includes/data_checks.inc index ff316953..84552e40 100644 --- a/includes/data_checks.inc +++ b/includes/data_checks.inc @@ -124,7 +124,7 @@ function check_db_has_movement_types($msg) function db_customer_has_branches($customer_id) { return check_empty_result("SELECT COUNT(*) FROM ".TB_PREF."cust_branch " - ."WHERE debtor_no='$customer_id'"); + ."WHERE debtor_no=".db_escape($customer_id)); } function db_has_customer_branches() @@ -430,7 +430,7 @@ function db_has_quick_entries() function db_has_tags($type) { - return check_empty_result("SELECT COUNT(*) FROM ".TB_PREF."tags WHERE type=$type"); + return check_empty_result("SELECT COUNT(*) FROM ".TB_PREF."tags WHERE type=".db_escape($type)); } function check_db_has_tags($type, $msg) @@ -449,7 +449,7 @@ function check_empty_result($sql) $result = db_query($sql, "could not do check empty query"); $myrow = db_fetch_row($result); - return $myrow[0] > 0; + return $myrow[0] > 0; } // // Integer input check @@ -485,5 +485,45 @@ function check_num($postname, $min=null, $max=null, $dflt=0) { return 1; } +function check_is_closed($type, $type_no, $msg=null) +{ + global $systypes_array; + + if (($type_no > 0) && is_closed_trans($type, $type_no)) + { + if (!$msg) + $msg = sprintf(_("%s #%s is closed for further edition."), $systypes_array[$type], $type_no); + display_error($msg, true); + display_footer_exit(); + } +} + +function check_deferred_income_act($msg) +{ + global $path_to_root; + + if (!get_company_pref('deferred_income_act')) + { + display_error($msg, true); + display_footer_exit(); + } +} + +function check_is_editable($trans_type, $trans_no, $msg=null) +{ + if (!$_SESSION['wa_current_user']->can_access('SA_EDITOTHERSTRANS')) + { + $audit = get_audit_trail_last($trans_type, $trans_no); + + if ($_SESSION['wa_current_user']->user != $audit['user']) + { + if (!$msg) + $msg = ''._("You have no edit access to transactions created by other users.").''; + display_note($msg); + display_footer_exit(); + } + } + if (!in_array($trans_type, array(ST_SALESORDER, ST_SALESQUOTE, ST_PURCHORDER, ST_WORKORDER))) + check_is_closed($trans_type, $trans_no, $msg); +} -?> \ No newline at end of file