X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=reporting%2Frep103.php;h=8ee0abbe62971dcf34bee9d819566a171822829e;hb=ebc600101ceab69c06eac4b1bd4d1782af45de05;hp=dd655487e7a98465810e7d73eab6f248646246a9;hpb=da8311619dd73feae101d246a1957b972e00cbd2;p=fa-stable.git

diff --git a/reporting/rep103.php b/reporting/rep103.php
index dd655487..8ee0abbe 100644
--- a/reporting/rep103.php
+++ b/reporting/rep103.php
@@ -1,22 +1,30 @@
 <?php
-
-$page_security = 2;
+/**********************************************************************
+    Copyright (C) FrontAccounting, LLC.
+	Released under the terms of the GNU General Public License, GPL, 
+	as published by the Free Software Foundation, either version 3 
+	of the License, or (at your option) any later version.
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
+    See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
+$page_security = 'SA_CUSTBULKREP';
 // ----------------------------------------------------------------
 // $ Revision:	2.0 $
 // Creator:	Joe Hunt
 // date_:	2005-05-19
 // Title:	Customer Details Listing
 // ----------------------------------------------------------------
-$path_to_root="../";
+$path_to_root="..";
 
-include_once($path_to_root . "includes/session.inc");
-include_once($path_to_root . "includes/date_functions.inc");
-include_once($path_to_root . "includes/data_checks.inc");
-include_once($path_to_root . "gl/includes/gl_db.inc");
+include_once($path_to_root . "/includes/session.inc");
+include_once($path_to_root . "/includes/date_functions.inc");
+include_once($path_to_root . "/includes/data_checks.inc");
+include_once($path_to_root . "/gl/includes/gl_db.inc");
 
 //----------------------------------------------------------------------------------------------------
 
-// trial_inquiry_controls();
 print_customer_details_listing();
 
 function get_customer_details_for_report($area=0, $salesid=0) 
@@ -48,18 +56,18 @@ function get_customer_details_for_report($area=0, $salesid=0)
 	if ($area != 0)
 	{
 		if ($salesid != 0)
-			$sql .= " WHERE ".TB_PREF."salesman.salesman_code='$salesid' 
-				AND ".TB_PREF."areas.area_code='$area'";
+			$sql .= " WHERE ".TB_PREF."salesman.salesman_code=".db_escape($salesid)." 
+				AND ".TB_PREF."areas.area_code=".db_escape($area);
 		else		
-			$sql .= " WHERE ".TB_PREF."areas.area_code='$area'";
+			$sql .= " WHERE ".TB_PREF."areas.area_code=".db_escape($area);
 	}
 	elseif ($salesid != 0)
-		$sql .= " WHERE ".TB_PREF."salesman.salesman_code='$salesid'";
+		$sql .= " WHERE ".TB_PREF."salesman.salesman_code=".db_escape($salesid);
 	$sql .= " ORDER BY description,
 			".TB_PREF."salesman.salesman_name,
 			".TB_PREF."debtors_master.debtor_no,
 			".TB_PREF."cust_branch.branch_code";
-					
+
     return db_query($sql,"No transactions were returned");
 }
 
@@ -70,11 +78,11 @@ function getTransactions($debtorno, $branchcode, $date)
 
 	$sql = "SELECT SUM((ov_amount+ov_freight+ov_discount)*rate) AS Turnover
 		FROM ".TB_PREF."debtor_trans
-		WHERE debtor_no='$debtorno'
-		AND branch_code='$branchcode'
-		AND (type=10 or type=11)
+		WHERE debtor_no=".db_escape($debtorno)."
+		AND branch_code=".db_escape($branchcode)."
+		AND (type=".ST_SALESINVOICE." OR type=".ST_CUSTCREDIT.")
 		AND trandate >='$date'";
-		
+
     $result = db_query($sql,"No transactions were returned");
 
 	$row = db_fetch_row($result);
@@ -87,20 +95,23 @@ function print_customer_details_listing()
 {
     global $path_to_root;
 
-    include_once($path_to_root . "reporting/includes/pdf_report.inc");
-
     $from = $_POST['PARAM_0'];
     $area = $_POST['PARAM_1'];
     $folk = $_POST['PARAM_2'];
     $more = $_POST['PARAM_3'];
     $less = $_POST['PARAM_4'];
     $comments = $_POST['PARAM_5'];
+	$destination = $_POST['PARAM_6'];
+	if ($destination)
+		include_once($path_to_root . "/reporting/includes/excel_report.inc");
+	else
+		include_once($path_to_root . "/reporting/includes/pdf_report.inc");
     
     $dec = 0;
 
-	if ($area == reserved_words::get_all_numeric())
+	if ($area == ALL_NUMERIC)
 		$area = 0;
-	if ($folk == reserved_words::get_all_numeric())
+	if ($folk == ALL_NUMERIC)
 		$folk = 0;
 
 	if ($area == 0)
@@ -136,7 +147,7 @@ function print_customer_details_listing()
     				    3 => array('text' => _('Sales Folk'), 		'from' => $salesfolk, 	'to' => ''),
     				    4 => array('text' => _('Activity'), 		'from' => $morestr, 	'to' => $lessstr));
 
-    $rep = new FrontReport(_('Customer Details Listing'), "CustomerDetailsListing.pdf", user_pagesize());
+    $rep = new FrontReport(_('Customer Details Listing'), "CustomerDetailsListing", user_pagesize());
 
     $rep->Font();
     $rep->Info($params, $cols, $headers, $aligns);