X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=purchasing%2Fincludes%2Fdb%2Fpo_db.inc;h=ba2740e927f1b0dc296bd0bd7c9d20c9a7409ffd;hb=65c68ebb3a09aa06418fb7f5e1712ca8012d756f;hp=439ca58f19227bfd05781aa05b7ac899350ae920;hpb=da8311619dd73feae101d246a1957b972e00cbd2;p=fa-stable.git diff --git a/purchasing/includes/db/po_db.inc b/purchasing/includes/db/po_db.inc index 439ca58f..ba2740e9 100644 --- a/purchasing/includes/db/po_db.inc +++ b/purchasing/includes/db/po_db.inc @@ -15,46 +15,44 @@ function delete_po($po) function add_po(&$po_obj) { - begin_transaction(); - + begin_transaction(); + /*Insert to purchase order header record */ $sql = "INSERT INTO ".TB_PREF."purch_orders (supplier_id, Comments, ord_date, reference, requisition_no, into_stock_location, delivery_address) VALUES("; - $sql .= "'" . $po_obj->supplier_id . "', '" . - db_escape($po_obj->Comments) . "','" . - date2sql($po_obj->orig_order_date) . "', '" . - $po_obj->reference . "', '" . - $po_obj->requisition_no . "', '" . - $po_obj->Location . "', '" . - $po_obj->delivery_address . "')"; - + $sql .= "' ". $po_obj->supplier_id . "'," . + db_escape($po_obj->Comments) . ",'" . + date2sql($po_obj->orig_order_date) . "', '" . + $po_obj->reference . "', " . + db_escape($po_obj->requisition_no) . ", " . + db_escape($po_obj->Location) . ", " . + db_escape($po_obj->delivery_address) . ")"; + db_query($sql, "The purchase order header record could not be inserted"); - + /*Get the auto increment value of the order number created from the sql above */ $po_obj->order_no = db_insert_id(); - + /*Insert the purchase order detail records */ - foreach ($po_obj->line_items as $po_line) + foreach ($po_obj->line_items as $po_line) { - if ($po_line->Deleted == false) + if ($po_line->Deleted == false) { $sql = "INSERT INTO ".TB_PREF."purch_order_details (order_no, item_code, description, delivery_date, unit_price, quantity_ordered) VALUES ("; - $sql .= $po_obj->order_no . ", '" . $po_line->stock_id . "','" . - $po_line->item_description . "','" . - date2sql($po_line->req_del_date) . "'," . - $po_line->price . ", " . + $sql .= $po_obj->order_no . ", " . db_escape($po_line->stock_id). "," . + db_escape($po_line->item_description). ",'" . + date2sql($po_line->req_del_date) . "'," . + $po_line->price . ", " . $po_line->quantity . ")"; db_query($sql, "One of the purchase order detail records could not be inserted"); } - } - - add_forms_for_sys_type(systypes::po(), $po_obj->order_no); - - references::save_last($po_obj->reference, systypes::po()); - - //add_comments(systypes::po(), $po_obj->order_no, $po_obj->orig_order_date, $po_obj->Comments); - - commit_transaction(); - + } + + references::save_last($po_obj->reference, systypes::po()); + + //add_comments(systypes::po(), $po_obj->order_no, $po_obj->orig_order_date, $po_obj->Comments); + + commit_transaction(); + return $po_obj->order_no; } @@ -62,92 +60,92 @@ function add_po(&$po_obj) function update_po(&$po_obj) { - begin_transaction(); + begin_transaction(); /*Update the purchase order header with any changes */ - $sql = "UPDATE ".TB_PREF."purch_orders SET Comments='" . db_escape($po_obj->Comments) . "', - requisition_no= '" . $po_obj->requisition_no . "', - into_stock_location='" . $po_obj->Location . "', + $sql = "UPDATE ".TB_PREF."purch_orders SET Comments=" . db_escape($po_obj->Comments) . ", + requisition_no= ". db_escape( $po_obj->requisition_no). ", + into_stock_location=" . db_escape($po_obj->Location). ", ord_date='" . date2sql($po_obj->orig_order_date) . "', - delivery_address='" . $po_obj->delivery_address . "'"; + delivery_address=" . db_escape($po_obj->delivery_address); $sql .= " WHERE order_no = " . $po_obj->order_no; db_query($sql, "The purchase order could not be updated"); /*Now Update the purchase order detail records */ - foreach ($po_obj->line_items as $po_line) + foreach ($po_obj->line_items as $po_line) { - if ($po_line->Deleted==True) + if ($po_line->Deleted==True) { // Sherifoz 21.06.03 Handle deleting existing lines - if ($po_line->po_detail_rec!='') + if ($po_line->po_detail_rec!='') { $sql = "DELETE FROM ".TB_PREF."purch_order_details WHERE po_detail_item='" . $po_line->po_detail_rec . "'"; db_query($sql, "could not query purch order details"); } - } - else if ($po_line->po_detail_rec == '') + } + else if ($po_line->po_detail_rec == '') { // Sherifoz 21.06.03 Handle adding new lines vs. updating. if no key(po_detail_rec) then it's a new line $sql = "INSERT INTO ".TB_PREF."purch_order_details (order_no, item_code, description, delivery_date, unit_price, quantity_ordered) VALUES ("; - $sql .= $po_obj->order_no . ", '" . - $po_line->stock_id . "','" . - $po_line->item_description . "','" . - date2sql($po_line->req_del_date) . "'," . + $sql .= $po_obj->order_no . "," . + db_escape($po_line->stock_id). "," . + db_escape($po_line->item_description). ",'" . + date2sql($po_line->req_del_date) . "'," . $po_line->price . ", " . $po_line->quantity . ")"; - } - else + } + else { - $sql = "UPDATE ".TB_PREF."purch_order_details SET item_code='" . $po_line->stock_id . "', - description ='" . $po_line->item_description . "', - delivery_date ='" . date2sql($po_line->req_del_date) . "', - unit_price=" . $po_line->price . ", - quantity_ordered=" . $po_line->quantity . " + $sql = "UPDATE ".TB_PREF."purch_order_details SET item_code='" . $po_line->stock_id . "', + description =" . db_escape($po_line->item_description). ", + delivery_date ='" . date2sql($po_line->req_del_date) . "', + unit_price=" . $po_line->price . ", + quantity_ordered=" . $po_line->quantity . " WHERE po_detail_item=" . $po_line->po_detail_rec; } db_query($sql, "One of the purchase order detail records could not be updated"); } - - //add_comments(systypes::po(), $po_obj->order_no, $po_obj->orig_order_date, $po_obj->Comments); - - commit_transaction(); - - return $po_obj->order_no; + + //add_comments(systypes::po(), $po_obj->order_no, $po_obj->orig_order_date, $po_obj->Comments); + + commit_transaction(); + + return $po_obj->order_no; } //---------------------------------------------------------------------------------------- function read_po_header($order_no, &$order) { - $sql = "SELECT ".TB_PREF."purch_orders.*, ".TB_PREF."suppliers.supp_name, - ".TB_PREF."suppliers.curr_code, ".TB_PREF."locations.location_name - FROM ".TB_PREF."purch_orders, ".TB_PREF."suppliers, ".TB_PREF."locations + $sql = "SELECT ".TB_PREF."purch_orders.*, ".TB_PREF."suppliers.supp_name, + ".TB_PREF."suppliers.curr_code, ".TB_PREF."locations.location_name + FROM ".TB_PREF."purch_orders, ".TB_PREF."suppliers, ".TB_PREF."locations WHERE ".TB_PREF."purch_orders.supplier_id = ".TB_PREF."suppliers.supplier_id - AND ".TB_PREF."locations.loc_code = into_stock_location + AND ".TB_PREF."locations.loc_code = into_stock_location AND ".TB_PREF."purch_orders.order_no = " . $order_no; $result = db_query($sql, "The order cannot be retrieved"); - - if (db_num_rows($result) == 1) + + if (db_num_rows($result) == 1) { $myrow = db_fetch($result); - + $order->order_no = $order_no; $order->supplier_id = $myrow["supplier_id"]; $order->supplier_name = $myrow["supp_name"]; $order->curr_code = $myrow["curr_code"]; - + $order->orig_order_date = sql2date($myrow["ord_date"]); $order->Comments = $myrow["comments"]; $order->Location = $myrow["into_stock_location"]; $order->requisition_no = $myrow["requisition_no"]; $order->reference = $myrow["reference"]; $order->delivery_address = $myrow["delivery_address"]; - + return true; - } - + } + display_db_error("FATAL : duplicate purchase order found", "", true); return false; } @@ -158,38 +156,38 @@ function read_po_items($order_no, &$order, $open_items_only=false) { /*now populate the line po array with the purchase order details records */ - $sql = "SELECT ".TB_PREF."purch_order_details.*, units - FROM ".TB_PREF."purch_order_details - LEFT JOIN ".TB_PREF."stock_master - ON ".TB_PREF."purch_order_details.item_code=".TB_PREF."stock_master.stock_id + $sql = "SELECT ".TB_PREF."purch_order_details.*, units + FROM ".TB_PREF."purch_order_details + LEFT JOIN ".TB_PREF."stock_master + ON ".TB_PREF."purch_order_details.item_code=".TB_PREF."stock_master.stock_id WHERE order_no =$order_no "; - + if ($open_items_only) - $sql .= " AND (".TB_PREF."purch_order_details.quantity_ordered > ".TB_PREF."purch_order_details.quantity_received) "; - + $sql .= " AND (".TB_PREF."purch_order_details.quantity_ordered > ".TB_PREF."purch_order_details.quantity_received) "; + $sql .= " ORDER BY po_detail_item"; - $result = db_query($sql, "The lines on the purchase order cannot be retrieved"); + $result = db_query($sql, "The lines on the purchase order cannot be retrieved"); - if (db_num_rows($result) > 0) + if (db_num_rows($result) > 0) { - while ($myrow = db_fetch($result)) + while ($myrow = db_fetch($result)) { if (is_null($myrow["units"])) { $units = ""; - } - else + } + else { $units = $myrow["units"]; } - $order->add_to_order($order->lines_on_order+1, $myrow["item_code"], - $myrow["quantity_ordered"],$myrow["description"], + $order->add_to_order($order->lines_on_order+1, $myrow["item_code"], + $myrow["quantity_ordered"],$myrow["description"], $myrow["unit_price"],$units, sql2date($myrow["delivery_date"]), $myrow["qty_invoiced"], $myrow["quantity_received"]); - + $order->line_items[$order->lines_on_order]->po_detail_rec = $myrow["po_detail_item"]; $order->line_items[$order->lines_on_order]->standard_cost = $myrow["std_cost_unit"]; /*Needed for receiving goods and GL interface */ } /* line po from purchase order details */ @@ -200,10 +198,10 @@ function read_po_items($order_no, &$order, $open_items_only=false) function read_po($order_no, &$order, $open_items_only=false) { - $result = read_po_header($order_no, $order); - + $result = read_po_header($order_no, $order); + if ($result) - read_po_items($order_no, $order, $open_items_only); + read_po_items($order_no, $order, $open_items_only); } //----------------------------------------------------------------------------------------