X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fdb%2Freferences_db.inc;h=71314463339be1294347e99fa546e718c371e5e4;hb=3613e32ad573d5faccb974a421702bdd87583878;hp=a41597f9701d1e69e8abaadeb9d1594b1798040e;hpb=c55119ade6f4c6bd4acdfa55c46870187f408978;p=fa-stable.git diff --git a/includes/db/references_db.inc b/includes/db/references_db.inc index a41597f9..71314463 100644 --- a/includes/db/references_db.inc +++ b/includes/db/references_db.inc @@ -1,12 +1,23 @@ . +***********************************************************************/ //-------------------------------------------------------------------------------------------------- function get_reference($type, $id) { - $sql = "SELECT * FROM ".TB_PREF."refs WHERE type=$type AND id=$id"; + $sql = "SELECT * FROM ".TB_PREF."refs WHERE type=".db_escape($type)." AND id=".db_escape($id); - return db_query($sql, "could not query reference table"); + $result = db_query($sql, "could not query reference table"); + $row = db_fetch($result); + return $row['reference']; } //-------------------------------------------------------------------------------------------------- @@ -14,16 +25,26 @@ function get_reference($type, $id) function add_reference($type, $id, $reference) { $sql = "INSERT INTO ".TB_PREF."refs (type, id, reference) - VALUES ($type, $id, " . db_escape(trim($reference)) . ")"; + VALUES (".db_escape($type).", ".db_escape($id).", " + . db_escape(trim($reference)) . ")"; db_query($sql, "could not add reference entry"); } +//-------------------------------------------------------------------------------------------------- + +function update_reference($type, $id, $reference) +{ + $sql = "UPDATE ".TB_PREF."refs SET reference=".db_escape($reference) + ." WHERE type=".db_escape($type)." AND id=".db_escape($id); + db_query($sql, "could not update reference entry"); +} + //-------------------------------------------------------------------------------------------------- function delete_reference($type, $id) { - $sql = "DELETE FROM ".TB_PREF."refs WHERE type=$type AND id=$id"; + $sql = "DELETE FROM ".TB_PREF."refs WHERE type=$type AND id=".db_escape($id); return db_query($sql, "could not delete from reference table"); } @@ -32,7 +53,12 @@ function delete_reference($type, $id) function find_reference($type, $reference) { - $sql = "SELECT id FROM ".TB_PREF."refs WHERE type=$type AND reference='$reference'"; + // ignore refs references for voided transactions + $sql = "SELECT r.id FROM ".TB_PREF."refs r LEFT JOIN ".TB_PREF."voided v ON" + ." r.type=v.type AND r.id=v.id" + ." WHERE r.type=".db_escape($type) + ." AND reference=".db_escape($reference) + ." AND ISNULL(`memo_`)"; $result = db_query($sql, "could not query reference table"); @@ -43,7 +69,8 @@ function find_reference($type, $reference) function save_next_reference($type, $reference) { - $sql = "UPDATE ".TB_PREF."sys_types SET next_reference=" . db_escape(trim($reference)) . " WHERE type_id = $type"; + $sql = "UPDATE ".TB_PREF."sys_types SET next_reference=" . db_escape(trim($reference)) + . " WHERE type_id = ".db_escape($type); db_query($sql, "The next transaction ref for $type could not be updated"); } @@ -52,7 +79,7 @@ function save_next_reference($type, $reference) function get_next_reference($type) { - $sql = "SELECT next_reference FROM ".TB_PREF."sys_types WHERE type_id = $type"; + $sql = "SELECT next_reference FROM ".TB_PREF."sys_types WHERE type_id = ".db_escape($type); $result = db_query($sql,"The last transaction ref for $type could not be retreived");