X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=reporting%2Frep303.php;h=73f58ee52659ddc5818a561fb79408184e3375f1;hb=a0a0a0e1318042034fe5652caa69b034200c8a90;hp=19be2ee92030cfad74174ec82f216ba87c04c4f7;hpb=2383d33373d6ddec06906658a0ed6398077c1147;p=fa-stable.git

diff --git a/reporting/rep303.php b/reporting/rep303.php
index 19be2ee9..73f58ee5 100644
--- a/reporting/rep303.php
+++ b/reporting/rep303.php
@@ -9,7 +9,7 @@
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
 ***********************************************************************/
-$page_security = 2;
+$page_security = 'SA_ITEMSVALREP';
 // ----------------------------------------------------------------
 // $ Revision:	2.0 $
 // Creator:	Joe Hunt
@@ -44,9 +44,9 @@ function getTransactions($category, $location)
 		WHERE ".TB_PREF."stock_master.category_id=".TB_PREF."stock_category.category_id
 		AND (".TB_PREF."stock_master.mb_flag='B' OR ".TB_PREF."stock_master.mb_flag='M')";
 	if ($category != 0)
-		$sql .= " AND ".TB_PREF."stock_master.category_id = '$category'";
+		$sql .= " AND ".TB_PREF."stock_master.category_id = ".db_escape($category);
 	if ($location != 'all')
-		$sql .= " AND IF(".TB_PREF."stock_moves.stock_id IS NULL, '1=1',".TB_PREF."stock_moves.loc_code = '$location')";
+		$sql .= " AND IF(".TB_PREF."stock_moves.stock_id IS NULL, '1=1',".TB_PREF."stock_moves.loc_code = ".db_escape($location).")";
 	$sql .= " GROUP BY ".TB_PREF."stock_master.category_id,
 		".TB_PREF."stock_category.description,
 		".TB_PREF."stock_master.stock_id,
@@ -61,7 +61,7 @@ function getTransactions($category, $location)
 
 function print_stock_check()
 {
-    global $comp_path, $path_to_root, $pic_height, $pic_width;
+    global $path_to_root, $pic_height, $pic_width;
 
     $category = $_POST['PARAM_0'];
     $location = $_POST['PARAM_1'];
@@ -75,14 +75,14 @@ function print_stock_check()
 	else
 		include_once($path_to_root . "/reporting/includes/pdf_report.inc");
 
-	if ($category == reserved_words::get_all_numeric())
+	if ($category == ALL_NUMERIC)
 		$category = 0;
 	if ($category == 0)
 		$cat = _('All');
 	else
 		$cat = get_category_name($category);
 
-	if ($location == reserved_words::get_all())
+	if ($location == ALL_TEXT)
 		$location = 'all';
 	if ($location == 'all')
 		$loc = _('All');
@@ -126,7 +126,7 @@ function print_stock_check()
 
     $rep->Font();
     $rep->Info($params, $cols, $headers, $aligns);
-    $rep->Header();
+    $rep->NewPage();
 
 	$res = getTransactions($category, $location);
 	$catt = '';
@@ -174,13 +174,13 @@ function print_stock_check()
 		}
 		if ($pictures)
 		{
-			$image = $comp_path .'/'. $user_comp . '/images/' 
+			$image = company_path() . '/images/' 
 				. item_img_name($trans['stock_id']) . '.jpg';
 			if (file_exists($image))
 			{
 				$rep->NewLine();
 				if ($rep->row - $pic_height < $rep->bottomMargin)
-					$rep->Header();
+					$rep->NewPage();
 				$rep->AddImage($image, $rep->cols[1], $rep->row - $pic_height, 0, $pic_height);
 				$rep->row -= $pic_height;
 				$rep->NewLine();