X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=reporting%2Frep209.php;h=e8278e60e13036c644e5742654c61c983c4b0a79;hb=31966256a900343308ce287a246fe3a52e9a613c;hp=b59ca1ad8689f1f6a479a05e922c6397176af883;hpb=b76384515a4eca6456b6f045836e3c913244c78f;p=fa-stable.git

diff --git a/reporting/rep209.php b/reporting/rep209.php
index b59ca1ad..e8278e60 100644
--- a/reporting/rep209.php
+++ b/reporting/rep209.php
@@ -1,34 +1,43 @@
 <?php
-
-$page_security = 2;
+/**********************************************************************
+    Copyright (C) FrontAccounting, LLC.
+	Released under the terms of the GNU General Public License, GPL, 
+	as published by the Free Software Foundation, either version 3 
+	of the License, or (at your option) any later version.
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
+    See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
+
+$page_security = $_POST['PARAM_0'] == $_POST['PARAM_1'] ?
+	'SA_SUPPTRANSVIEW' : 'SA_SUPPBULKREP';
 // ----------------------------------------------------------------
 // $ Revision:	2.0 $
 // Creator:	Joe Hunt
 // date_:	2005-05-19
 // Title:	Purchase Orders
 // ----------------------------------------------------------------
-$path_to_root="../";
+$path_to_root="..";
 
-include_once($path_to_root . "includes/session.inc");
-include_once($path_to_root . "includes/date_functions.inc");
-include_once($path_to_root . "includes/data_checks.inc");
-//include_once($path_to_root . "sales/includes/sales_db.inc");
+include_once($path_to_root . "/includes/session.inc");
+include_once($path_to_root . "/includes/date_functions.inc");
+include_once($path_to_root . "/includes/data_checks.inc");
 
 //----------------------------------------------------------------------------------------------------
 
-// trial_inquiry_controls();
 print_po();
 
 //----------------------------------------------------------------------------------------------------
 function get_po($order_no)
 {
-   	$sql = "SELECT ".TB_PREF."purch_orders.*, ".TB_PREF."suppliers.supp_name,
+   	$sql = "SELECT ".TB_PREF."purch_orders.*, ".TB_PREF."suppliers.supp_name,  ".TB_PREF."suppliers.supp_account_no,
    		".TB_PREF."suppliers.curr_code, ".TB_PREF."suppliers.payment_terms, ".TB_PREF."locations.location_name,
-   		".TB_PREF."suppliers.email, ".TB_PREF."suppliers.address
+   		".TB_PREF."suppliers.email, ".TB_PREF."suppliers.address, ".TB_PREF."suppliers.contact
 		FROM ".TB_PREF."purch_orders, ".TB_PREF."suppliers, ".TB_PREF."locations
 		WHERE ".TB_PREF."purch_orders.supplier_id = ".TB_PREF."suppliers.supplier_id
 		AND ".TB_PREF."locations.loc_code = into_stock_location
-		AND ".TB_PREF."purch_orders.order_no = " . $order_no;
+		AND ".TB_PREF."purch_orders.order_no = ".db_escape($order_no);
    	$result = db_query($sql, "The order cannot be retrieved");
     return db_fetch($result);
 }
@@ -39,7 +48,7 @@ function get_po_details($order_no)
 		FROM ".TB_PREF."purch_order_details
 		LEFT JOIN ".TB_PREF."stock_master
 		ON ".TB_PREF."purch_order_details.item_code=".TB_PREF."stock_master.stock_id
-		WHERE order_no =$order_no ";
+		WHERE order_no =".db_escape($order_no)." ";
 	$sql .= " ORDER BY po_detail_item";
 	return db_query($sql, "Retreive order Line Items");
 }
@@ -48,14 +57,13 @@ function print_po()
 {
 	global $path_to_root;
 
-	include_once($path_to_root . "reporting/includes/pdf_report.inc");
+	include_once($path_to_root . "/reporting/includes/pdf_report.inc");
 
 	$from = $_POST['PARAM_0'];
 	$to = $_POST['PARAM_1'];
 	$currency = $_POST['PARAM_2'];
-	$bankaccount = $_POST['PARAM_3'];
-	$email = $_POST['PARAM_4'];
-	$comments = $_POST['PARAM_5'];
+	$email = $_POST['PARAM_3'];
+	$comments = $_POST['PARAM_4'];
 
 	if ($from == null)
 		$from = 0;
@@ -68,15 +76,13 @@ function print_po()
 	// $headers in doctext.inc
 	$aligns = array('left',	'left',	'left', 'right', 'left', 'right', 'right');
 
-	$params = array('comments' => $comments,
-					'bankaccount' => $bankaccount);
+	$params = array('comments' => $comments);
 
-	$baccount = get_bank_account($params['bankaccount']);
 	$cur = get_company_Pref('curr_default');
 
 	if ($email == 0)
 	{
-		$rep = new FrontReport(_('PURCHASE ORDER'), "PurchaseOrderBulk.pdf", user_pagesize());
+		$rep = new FrontReport(_('PURCHASE ORDER'), "PurchaseOrderBulk", user_pagesize());
 		$rep->currency = $cur;
 		$rep->Font();
 		$rep->Info($params, $cols, null, $aligns);
@@ -85,6 +91,8 @@ function print_po()
 	for ($i = $from; $i <= $to; $i++)
 	{
 		$myrow = get_po($i);
+		$baccount = get_default_bank_account($myrow['curr_code']);
+		$params['bankaccount'] = $baccount['id'];
 
 		if ($email == 1)
 		{
@@ -97,7 +105,7 @@ function print_po()
 		}
 		else
 			$rep->title = _('PURCHASE ORDER');
-		$rep->Header2($myrow, null, $myrow, $baccount, 8);
+		$rep->Header2($myrow, null, $myrow, $baccount, ST_PURCHORDER);
 
 		$result = get_po_details($i);
 		$SubTotal = 0;
@@ -112,14 +120,14 @@ function print_po()
 					$myrow2['units'] = $data['suppliers_uom'];
 				if ($data['conversion_factor'] != 1)
 				{
-					$myrow2['unit_price'] = round($myrow2['unit_price'] / $data['conversion_factor'], user_price_dec());
-					$myrow2['quantiry_ordered'] = round($myrow2['quantiry_ordered'] / $data['conversion_factor'], user_qty_dec());
+					$myrow2['unit_price'] = round2($myrow2['unit_price'] * $data['conversion_factor'], user_price_dec());
+					$myrow2['quantity_ordered'] = round2($myrow2['quantity_ordered'] / $data['conversion_factor'], user_qty_dec());
 				}
 			}	
-			$Net = round(($myrow2["unit_price"] * $myrow2["quantity_ordered"]),
-			  user_price_dec());
+			$Net = round2(($myrow2["unit_price"] * $myrow2["quantity_ordered"]), user_price_dec());
 			$SubTotal += $Net;
-			$DisplayPrice = number_format2($myrow2["unit_price"],$dec);
+			$dec2 = 0;
+			$DisplayPrice = price_decimal_format($myrow2["unit_price"],$dec2);
 			$DisplayQty = number_format2($myrow2["quantity_ordered"],get_qty_dec($myrow2['item_code']));
 			$DisplayNet = number_format2($Net,$dec);
 			//$rep->TextCol(0, 1,	$myrow2['item_code'], -2);
@@ -131,7 +139,7 @@ function print_po()
 			$rep->TextCol(6, 7,	$DisplayNet, -2);
 			$rep->NewLine(1);
 			if ($rep->row < $rep->bottomMargin + (15 * $rep->lineHeight))
-				$rep->Header2($myrow, $branch, $myrow, $baccount, 8);
+				$rep->Header2($myrow, $branch, $myrow, $baccount, ST_PURCHORDER);
 		}
 		if ($myrow['comments'] != "")
 		{
@@ -142,14 +150,14 @@ function print_po()
 
 		$rep->row = $rep->bottomMargin + (15 * $rep->lineHeight);
 		$linetype = true;
-		$doctype = 8;
+		$doctype = ST_PURCHORDER;
 		if ($rep->currency != $myrow['curr_code'])
 		{
-			include($path_to_root . "reporting/includes/doctext2.inc");
+			include($path_to_root . "/reporting/includes/doctext2.inc");
 		}
 		else
 		{
-			include($path_to_root . "reporting/includes/doctext.inc");
+			include($path_to_root . "/reporting/includes/doctext.inc");
 		}
 
 		$rep->TextCol(3, 6, $doc_Sub_total, -2);
@@ -164,6 +172,7 @@ function print_po()
 		{
 			$myrow['contact_email'] = $myrow['email'];
 			$myrow['DebtorName'] = $myrow['supp_name'];
+			if ($myrow['contact'] != '') $myrow['DebtorName'] = $myrow['contact'];
 			$myrow['reference'] = $myrow['order_no'];
 			$rep->End($email, $doc_Order_no . " " . $myrow['reference'], $myrow);
 		}