X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=manufacturing%2Fsearch_work_orders.php;h=447dbd0782cbedf4013bb08fda3e87a99426356c;hb=54d84ff9a67620ab38c676cdbcf87853632724f0;hp=15b466ce12131f7929430dc130e355e3576c2a30;hpb=d567a10b7925c8bb97c734e213d6651a979af29d;p=fa-stable.git

diff --git a/manufacturing/search_work_orders.php b/manufacturing/search_work_orders.php
index 15b466ce..447dbd07 100644
--- a/manufacturing/search_work_orders.php
+++ b/manufacturing/search_work_orders.php
@@ -130,10 +130,22 @@ function produce_link($row)
 
 function costs_link($row)
 {
+/*
 	return $row["closed"] || !$row["released"] ? '' :
 		pager_link(_('Costs'),
 			"/gl/gl_bank.php?NewPayment=1&PayType=" 
 			.payment_person_types::WorkOrder(). "&PayPerson=" .$row["id"]);
+*/			
+	return $row["closed"] || !$row["released"] ? '' :
+		pager_link(_('Costs'),
+			"/manufacturing/work_order_costs.php?trans_no=" .$row["id"]);
+}
+
+function view_gl_link($row)
+{
+	if ($row['closed'] == 0)
+		return '';
+	return get_gl_view_str(systypes::work_order(), $row['id']);
 }
 
 function dec_amount($row, $amount)
@@ -171,17 +183,17 @@ if (check_value('OpenOnly') || $outstanding_only != 0)
 
 if (isset($_POST['StockLocation']) && $_POST['StockLocation'] != $all_items)
 {
-	$sql .= " AND workorder.loc_code='" . $_POST['StockLocation'] . "' ";
+	$sql .= " AND workorder.loc_code=".db_escape($_POST['StockLocation']);
 }
 
 if (isset($_POST['OrderNumber']) && $_POST['OrderNumber'] != "")
 {
-	$sql .= " AND workorder.wo_ref LIKE '%". $_POST['OrderNumber'] . "%'";
+	$sql .= " AND workorder.wo_ref LIKE ".db_escape('%'.$_POST['OrderNumber'].'%');
 }
 
 if (isset($_POST['SelectedStockItem']) && $_POST['SelectedStockItem'] != $all_items)
 {
-	$sql .= " AND workorder.stock_id='". $_POST['SelectedStockItem'] . "'";
+	$sql .= " AND workorder.stock_id=".db_escape($_POST['SelectedStockItem']);
 }
 
 if (check_value('OverdueOnly'))
@@ -204,7 +216,8 @@ $cols = array(
 	array('insert'=>true, 'fun'=> 'edit_link'),
 	array('insert'=>true, 'fun'=> 'release_link'),
 	array('insert'=>true, 'fun'=> 'produce_link'),
-	array('insert'=>true, 'fun'=> 'costs_link')
+	array('insert'=>true, 'fun'=> 'costs_link'),
+	array('insert'=>true, 'fun'=> 'view_gl_link')
 );
 
 $table =& new_db_pager('orders_tbl', $sql, $cols);