X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=sales%2Fincludes%2Fdb%2Fcust_trans_db.inc;h=2ab21e17f03da2f8bfc97b7777bc662581706fe8;hb=777422e8d5a3ba188e7420719e33322098075313;hp=95e5889734a50a4ffef58bee80dd743b6f750f0f;hpb=e90136a7328b96c6b77e2b780d6eaa3e8f81b29d;p=fa-stable.git diff --git a/sales/includes/db/cust_trans_db.inc b/sales/includes/db/cust_trans_db.inc index 95e58897..2ab21e17 100644 --- a/sales/includes/db/cust_trans_db.inc +++ b/sales/includes/db/cust_trans_db.inc @@ -1,4 +1,14 @@ . +***********************************************************************/ //------------------------------------------------------------------------------ // Retreive parent document number(s) for given transaction // @@ -6,7 +16,7 @@ function get_parent_trans($trans_type, $trans_no) { $sql = 'SELECT trans_link FROM '.TB_PREF.'debtor_trans WHERE - (trans_no=' .$trans_no. ' AND type='.$trans_type.' AND trans_link!=0)'; + (trans_no='.db_escape($trans_no).' AND type='.db_escape($trans_type).' AND trans_link!=0)'; $result = db_query($sql, 'Parent document numbers cannot be retrieved'); @@ -14,11 +24,11 @@ function get_parent_trans($trans_type, $trans_no) { $link = db_fetch($result); return array($link['trans_link']); } - if ($trans_type!=10) return 0; // this is credit note with no parent invoice + if ($trans_type!=ST_SALESINVOICE) return 0; // this is credit note with no parent invoice // invoice: find batch invoice parent trans. $sql = 'SELECT trans_no FROM '.TB_PREF.'debtor_trans WHERE - (trans_link='.$trans_no.' AND type='. get_parent_type($trans_type) .')'; + (trans_link='.db_escape($trans_no).' AND type='. get_parent_type($trans_type) .')'; $result = db_query($sql, 'Delivery links cannot be retrieved'); @@ -37,11 +47,10 @@ function get_parent_trans($trans_type, $trans_no) { function update_customer_trans_version($type, $versions) { $sql= 'UPDATE '.TB_PREF. 'debtor_trans SET version=version+1 - WHERE type='.$type. ' AND ('; + WHERE type='.db_escape($type).' AND ('; foreach ($versions as $trans_no=>$version) - $where[] = '(trans_no='.$trans_no. - ' AND version='.$version.')'; + $where[] = '(trans_no='.db_escape($trans_no).' AND version='.$version.')'; $sql .= implode(' OR ', $where) .')'; @@ -58,7 +67,7 @@ function get_customer_trans_version($type, $trans_no) { $trans_no = array( $trans_no ); $sql= 'SELECT trans_no, version FROM '.TB_PREF. 'debtor_trans - WHERE type='.$type.' AND ('; + WHERE type='.db_escape($type).' AND ('; foreach ($trans_no as $key=>$trans) $trans_no[$key] = 'trans_no='.$trans_no[$key]; @@ -79,20 +88,23 @@ function get_customer_trans_version($type, $trans_no) { function write_customer_trans($trans_type, $trans_no, $debtor_no, $BranchNo, $date_, $reference, $Total, $discount=0, $Tax=0, $Freight=0, $FreightTax=0, $sales_type=0, $order_no=0, $trans_link=0, $ship_via=0, $due_date="", - $AllocAmt=0, $rate=0) + $AllocAmt=0, $rate=0, $dimension_id=0, $dimension2_id=0) { - + $new = $trans_no==0; $curr = get_customer_currency($debtor_no); if ($rate == 0) $rate = get_exchange_rate_from_home_currency($curr, $date_); $SQLDate = date2sql($date_); if ($due_date == "") - $SQLDueDate = "000-00-00"; + $SQLDueDate = "0000-00-00"; else $SQLDueDate = date2sql($due_date); + + if ($trans_type == ST_BANKPAYMENT) + $Total = -$Total; - if ($trans_no==0) { + if ($new) { $trans_no = get_next_trans_no($trans_type); $sql = "INSERT INTO ".TB_PREF."debtor_trans ( @@ -102,25 +114,30 @@ function write_customer_trans($trans_type, $trans_no, $debtor_no, $BranchNo, reference, tpe, order_, ov_amount, ov_discount, ov_gst, ov_freight, ov_freight_tax, - rate, ship_via, alloc, trans_link - ) VALUES ($trans_no, $trans_type, + rate, ship_via, alloc, trans_link, + dimension_id, dimension2_id + ) VALUES ($trans_no, ".db_escape($trans_type).", ".db_escape($debtor_no).", ".db_escape($BranchNo).", '$SQLDate', '$SQLDueDate', ".db_escape($reference).", - ".db_escape($sales_type).", $order_no, $Total, ".db_escape($discount).", $Tax, + ".db_escape($sales_type).", ".db_escape($order_no).", $Total, ".db_escape($discount).", $Tax, ".db_escape($Freight).", - $FreightTax, $rate, ".db_escape($ship_via).", $AllocAmt, ".db_escape($trans_link).")"; + $FreightTax, $rate, ".db_escape($ship_via).", $AllocAmt, ".db_escape($trans_link).", + ".db_escape($dimension_id).", ".db_escape($dimension2_id).")"; } else { // may be optional argument should stay unchanged ? $sql = "UPDATE ".TB_PREF."debtor_trans SET debtor_no=".db_escape($debtor_no)." , branch_code=".db_escape($BranchNo).", tran_date='$SQLDate', due_date='$SQLDueDate', - reference=".db_escape($reference).", tpe=".db_escape($sales_type).", order_=$order_no, + reference=".db_escape($reference).", tpe=".db_escape($sales_type).", order_=".db_escape($order_no).", ov_amount=$Total, ov_discount=".db_escape($discount).", ov_gst=$Tax, ov_freight=".db_escape($Freight).", ov_freight_tax=$FreightTax, rate=$rate, - ship_via=".db_escape($ship_via).", alloc=$AllocAmt, trans_link='$trans_link' - WHERE trans_no=$trans_no AND type=$trans_type"; + ship_via=".db_escape($ship_via).", alloc=$AllocAmt, trans_link=$trans_link, + dimension_id=".db_escape($dimension_id).", dimension2_id=".db_escape($dimension2_id)." + WHERE trans_no=$trans_no AND type=".db_escape($trans_type); } db_query($sql, "The debtor transaction record could not be inserted"); + add_audit_trail($trans_type, $trans_no, $date_, $new ? '': _("Updated.")); + return $trans_no; } @@ -133,13 +150,13 @@ function get_customer_trans($trans_id, $trans_type) ".TB_PREF."debtors_master.name AS DebtorName, ".TB_PREF."debtors_master.address, ".TB_PREF."debtors_master.email AS email2, ".TB_PREF."debtors_master.curr_code, ".TB_PREF."debtors_master.tax_id, ".TB_PREF."debtors_master.payment_terms "; - if ($trans_type == systypes::cust_payment()) { + if ($trans_type == ST_CUSTPAYMENT) { // it's a payment so also get the bank account $sql .= ", ".TB_PREF."bank_accounts.bank_name, ".TB_PREF."bank_accounts.bank_account_name, - ".TB_PREF."bank_trans_types.name AS BankTransType "; + ".TB_PREF."bank_accounts.account_type AS BankTransType "; } - if ($trans_type == 10 OR $trans_type == 11 OR $trans_type == 13) { + if ($trans_type == ST_SALESINVOICE || $trans_type == ST_CUSTCREDIT || $trans_type == ST_CUSTDELIVERY) { // it's an invoice so also get the shipper and salestype $sql .= ", ".TB_PREF."shippers.shipper_name, " .TB_PREF."sales_types.sales_type, " @@ -153,28 +170,27 @@ function get_customer_trans($trans_id, $trans_type) $sql .= " FROM ".TB_PREF."debtor_trans, ".TB_PREF."debtors_master "; - if ($trans_type == systypes::cust_payment()) { + if ($trans_type == ST_CUSTPAYMENT) { // it's a payment so also get the bank account - $sql .= ", ".TB_PREF."bank_trans, ".TB_PREF."bank_accounts, ".TB_PREF."bank_trans_types "; + $sql .= ", ".TB_PREF."bank_trans, ".TB_PREF."bank_accounts"; } - if ($trans_type == 10 OR $trans_type == 11 OR $trans_type == 13) { + if ($trans_type == ST_SALESINVOICE || $trans_type == ST_CUSTCREDIT || $trans_type == ST_CUSTDELIVERY) { // it's an invoice so also get the shipper, salestypes $sql .= ", ".TB_PREF."shippers, ".TB_PREF."sales_types, ".TB_PREF."cust_branch, ".TB_PREF."tax_groups "; } - $sql .= " WHERE ".TB_PREF."debtor_trans.trans_no=$trans_id - AND ".TB_PREF."debtor_trans.type=$trans_type + $sql .= " WHERE ".TB_PREF."debtor_trans.trans_no=".db_escape($trans_id)." + AND ".TB_PREF."debtor_trans.type=".db_escape($trans_type)." AND ".TB_PREF."debtor_trans.debtor_no=".TB_PREF."debtors_master.debtor_no"; - if ($trans_type == systypes::cust_payment()) { + if ($trans_type == ST_CUSTPAYMENT) { // it's a payment so also get the bank account $sql .= " AND ".TB_PREF."bank_trans.trans_no =$trans_id AND ".TB_PREF."bank_trans.type=$trans_type - AND ".TB_PREF."bank_trans_types.id = ".TB_PREF."bank_trans.bank_trans_type_id - AND ".TB_PREF."bank_accounts.account_code=".TB_PREF."bank_trans.bank_act "; + AND ".TB_PREF."bank_accounts.id=".TB_PREF."bank_trans.bank_act "; } - if ($trans_type == 10 OR $trans_type == 11 OR $trans_type == 13) { + if ($trans_type == ST_SALESINVOICE || $trans_type == ST_CUSTCREDIT || $trans_type == ST_CUSTDELIVERY) { // it's an invoice so also get the shipper $sql .= " AND ".TB_PREF."shippers.shipper_id=".TB_PREF."debtor_trans.ship_via AND ".TB_PREF."sales_types.id = ".TB_PREF."debtor_trans.tpe @@ -204,36 +220,10 @@ function get_customer_trans($trans_id, $trans_type) //---------------------------------------------------------------------------------------- -function get_customer_transactions($extra_fields=null, $extra_conditions=null, $extra_tables=null) -{ - $sql = "SELECT ".TB_PREF."debtor_trans.*, - ov_amount+ov_gst+ov_freight+ov_freight_tax+ov_discount AS Total, - ".TB_PREF."debtors_master.name AS DebtorName, ".TB_PREF."debtors_master.address, - ".TB_PREF."debtors_master.curr_code, ".TB_PREF."debtor_trans.version "; - - if ($extra_fields) - $sql .= ", $extra_fields "; - - $sql .= " FROM ".TB_PREF."debtor_trans, ".TB_PREF."debtors_master "; - if ($extra_tables) - $sql .= ",$extra_tables "; - - $sql .= " WHERE ".TB_PREF."debtor_trans.debtor_no=".TB_PREF."debtors_master.debtor_no"; - - if ($extra_conditions) - $sql .= " AND $extra_conditions "; - - $sql .= " ORDER BY trans_no"; - - return db_query($sql, "Cannot retreive debtor transactions"); -} - -//---------------------------------------------------------------------------------------- - function exists_customer_trans($type, $type_no) { - $sql = "SELECT trans_no FROM ".TB_PREF."debtor_trans WHERE type=$type - AND trans_no=$type_no"; + $sql = "SELECT trans_no FROM ".TB_PREF."debtor_trans WHERE type=".db_escape($type)." + AND trans_no=".db_escape($type_no); $result = db_query($sql, "Cannot retreive a debtor transaction"); @@ -246,7 +236,7 @@ function exists_customer_trans($type, $type_no) function get_customer_trans_order($type, $type_no) { - $sql = "SELECT order_ FROM ".TB_PREF."debtor_trans WHERE type=$type AND trans_no=$type_no"; + $sql = "SELECT order_ FROM ".TB_PREF."debtor_trans WHERE type=".db_escape($type)." AND trans_no=".db_escape($type_no); $result = db_query($sql, "The debtor transaction could not be queried"); @@ -261,7 +251,7 @@ function get_customer_details_from_trans($type, $type_no) { $sql = "SELECT ".TB_PREF."debtors_master.name, ".TB_PREF."debtors_master.curr_code, ".TB_PREF."cust_branch.br_name FROM ".TB_PREF."debtors_master,".TB_PREF."cust_branch,".TB_PREF."debtor_trans - WHERE ".TB_PREF."debtor_trans.type=$type AND ".TB_PREF."debtor_trans.trans_no=$type_no + WHERE ".TB_PREF."debtor_trans.type=".db_escape($type)." AND ".TB_PREF."debtor_trans.trans_no=".db_escape($type_no)." AND ".TB_PREF."debtors_master.debtor_no = ".TB_PREF."debtor_trans.debtor_no AND ".TB_PREF."cust_branch.branch_code = ".TB_PREF."debtor_trans.branch_code"; @@ -275,7 +265,7 @@ function void_customer_trans($type, $type_no) { // clear all values and mark as void $sql = "UPDATE ".TB_PREF."debtor_trans SET ov_amount=0, ov_discount=0, ov_gst=0, ov_freight=0, - ov_freight_tax=0, alloc=0, version=version+1 WHERE type=$type AND trans_no=$type_no"; + ov_freight_tax=0, alloc=0, version=version+1 WHERE type=".db_escape($type)." AND trans_no=".db_escape($type_no); db_query($sql, "could not void debtor transactions for type=$type and trans_no=$type_no"); } @@ -285,14 +275,14 @@ function void_customer_trans($type, $type_no) function post_void_customer_trans($type, $type_no) { switch ($type) { - case 10 : - case 11 : + case ST_SALESINVOICE : + case ST_CUSTCREDIT : void_sales_invoice($type, $type_no); break; - case 13 : + case ST_CUSTDELIVERY : void_sales_delivery($type, $type_no); break; - case 12 : + case ST_CUSTPAYMENT : void_customer_payment($type, $type_no); break; } @@ -303,7 +293,7 @@ function post_void_customer_trans($type, $type_no) function get_customer_trans_link($type, $type_no) { $row = db_query("SELECT trans_link from ".TB_PREF."debtor_trans - WHERE type=$type AND trans_no=$type_no", + WHERE type=".db_escape($type)." AND trans_no=".db_escape($type_no), "could not get transaction link for type=$type and trans_no=$type_no"); return $row[0]; }