X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=inventory%2Fincludes%2Fdb%2Fitems_db.inc;h=b0553726158e0319b1be4ba2dc1f6e1072a13ecb;hb=f4b8a8d9c3087513c0dc225e31ac895104ed10c5;hp=7a6bd4ff48bf8d15c2451467fd71a73169353f76;hpb=3a5c989060c96623b8f621ba89f8eb4405fb1588;p=fa-stable.git diff --git a/inventory/includes/db/items_db.inc b/inventory/includes/db/items_db.inc index 7a6bd4ff..b0553726 100644 --- a/inventory/includes/db/items_db.inc +++ b/inventory/includes/db/items_db.inc @@ -1,68 +1,92 @@ . +***********************************************************************/ +function update_item($stock_id, $description, $long_description, $category_id, + $tax_type_id, $units='', $mb_flag='', $sales_account, $inventory_account, + $cogs_account, $adjustment_account, $assembly_account, $dimension_id, + $dimension2_id, $no_sale) { $sql = "UPDATE ".TB_PREF."stock_master SET long_description=".db_escape($long_description).", description=".db_escape($description).", - category_id='$category_id', - sales_account='$sales_account', - inventory_account='$inventory_account', - cogs_account='$cogs_account', - adjustment_account='$adjustment_account', - assembly_account='$assembly_account', - dimension_id=$dimension_id, - dimension2_id=$dimension2_id, - tax_type_id=$tax_type_id - WHERE stock_id='$stock_id'"; + category_id=".db_escape($category_id).", + sales_account=".db_escape($sales_account).", + inventory_account=".db_escape($inventory_account).", + cogs_account=".db_escape($cogs_account).", + adjustment_account=".db_escape($adjustment_account).", + assembly_account=".db_escape($assembly_account).", + dimension_id=".db_escape($dimension_id).", + dimension2_id=".db_escape($dimension2_id).", + tax_type_id=".db_escape($tax_type_id).", + no_sale=".db_escape($no_sale); + + if ($units != '') + $sql .= ", units='$units'"; + + if ($mb_flag != '') + $sql .= ", mb_flag='$mb_flag'"; + + $sql .= " WHERE stock_id=".db_escape($stock_id); db_query($sql, "The item could not be updated"); - update_item_code(-1, $stock_id, $stock_id, $description, 1, 0); + update_item_code(-1, $stock_id, $stock_id, $description, $category_id, 1, 0); } -function add_item($stock_id, $description, $long_description, $category_id, $tax_type_id, $units, $mb_flag, - $sales_account, $inventory_account, $cogs_account, $adjustment_account, - $assembly_account, $dimension_id, $dimension2_id) +function add_item($stock_id, $description, $long_description, $category_id, + $tax_type_id, $units, $mb_flag, $sales_account, $inventory_account, + $cogs_account, $adjustment_account, $assembly_account, $dimension_id, + $dimension2_id, $no_sale) { $sql = "INSERT INTO ".TB_PREF."stock_master (stock_id, description, long_description, category_id, tax_type_id, units, mb_flag, sales_account, inventory_account, cogs_account, - adjustment_account, assembly_account, dimension_id, dimension2_id) + adjustment_account, assembly_account, dimension_id, dimension2_id, no_sale) VALUES (".db_escape($stock_id).", ".db_escape($description).", ".db_escape($long_description).", - '$category_id', $tax_type_id, '$units', '$mb_flag', - '$sales_account', '$inventory_account', '$cogs_account', - '$adjustment_account', '$assembly_account', $dimension_id, $dimension2_id)"; + ".db_escape($category_id).", ".db_escape($tax_type_id).", " + .db_escape($units).", ".db_escape($mb_flag).", + ".db_escape($sales_account).", ".db_escape($inventory_account) + .", ".db_escape($cogs_account).",".db_escape($adjustment_account) + .", ".db_escape($assembly_account).", " + .db_escape($dimension_id).", ".db_escape($dimension2_id)."," + .db_escape($no_sale).")"; db_query($sql, "The item could not be added"); $sql = "INSERT INTO ".TB_PREF."loc_stock (loc_code, stock_id) - SELECT ".TB_PREF."locations.loc_code, '$stock_id' FROM ".TB_PREF."locations"; + SELECT ".TB_PREF."locations.loc_code, ".db_escape($stock_id) + ." FROM ".TB_PREF."locations"; db_query($sql, "The item locstock could not be added"); - add_item_code($stock_id, $stock_id, $description, 1, 0); + add_item_code($stock_id, $stock_id, $description, $category_id, 1, 0); } function delete_item($stock_id) { - $sql="DELETE FROM ".TB_PREF."stock_master WHERE stock_id='$stock_id'"; + $sql="DELETE FROM ".TB_PREF."stock_master WHERE stock_id=".db_escape($stock_id); db_query($sql, "could not delete stock item"); /*and cascade deletes in loc_stock */ - $sql ="DELETE FROM ".TB_PREF."loc_stock WHERE stock_id='$stock_id'"; + $sql ="DELETE FROM ".TB_PREF."loc_stock WHERE stock_id=".db_escape($stock_id); db_query($sql, "could not delete stock item loc stock"); /*and cascade deletes in purch_data */ - $sql ="DELETE FROM ".TB_PREF."purch_data WHERE stock_id='$stock_id'"; + $sql ="DELETE FROM ".TB_PREF."purch_data WHERE stock_id=".db_escape($stock_id); db_query($sql, "could not delete stock item purch data"); /*and cascade deletes in prices */ - $sql ="DELETE FROM ".TB_PREF."prices WHERE stock_id='$stock_id'"; + $sql ="DELETE FROM ".TB_PREF."prices WHERE stock_id=".db_escape($stock_id); db_query($sql, "could not delete stock item prices"); /*and cascade delete the bill of material if any */ - $sql = "DELETE FROM ".TB_PREF."bom WHERE parent='$stock_id'"; + $sql = "DELETE FROM ".TB_PREF."bom WHERE parent=".db_escape($stock_id); db_query($sql, "could not delete stock item bom"); delete_item_kit($stock_id); @@ -73,7 +97,7 @@ function get_item($stock_id) $sql = "SELECT ".TB_PREF."stock_master.*,".TB_PREF."item_tax_types.name AS tax_type_name FROM ".TB_PREF."stock_master,".TB_PREF."item_tax_types WHERE ".TB_PREF."item_tax_types.id=".TB_PREF."stock_master.tax_type_id - AND stock_id='$stock_id'"; + AND stock_id=".db_escape($stock_id); $result = db_query($sql,"an item could not be retreived"); return db_fetch($result);