X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=sales%2Fincludes%2Fdb%2Fcustomers_db.inc;h=5f6748818f7e64be17a22f8e0d492977d651d77d;hb=3cf9ab70d79ebd01b13b6cc0c9366ccb5b8c496a;hp=e50931e2375d78e7678cf9c9c5fa5f98e7faba97;hpb=818719f38b8327cdca616d58b13913dbd174d96a;p=fa-stable.git

diff --git a/sales/includes/db/customers_db.inc b/sales/includes/db/customers_db.inc
index e50931e2..5f674881 100644
--- a/sales/includes/db/customers_db.inc
+++ b/sales/includes/db/customers_db.inc
@@ -1,14 +1,66 @@
 <?php
 /**********************************************************************
     Copyright (C) FrontAccounting, LLC.
-	Released under the terms of the GNU Affero General Public License,
-	AGPL, as published by the Free Software Foundation, either version 
-	3 of the License, or (at your option) any later version.
+	Released under the terms of the GNU General Public License, GPL, 
+	as published by the Free Software Foundation, either version 3 
+	of the License, or (at your option) any later version.
     This program is distributed in the hope that it will be useful,
     but WITHOUT ANY WARRANTY; without even the implied warranty of
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
-    See the License here <http://www.gnu.org/licenses/agpl-3.0.html>.
+    See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
 ***********************************************************************/
+
+function add_customer($CustName, $cust_ref, $address, $tax_id, $curr_code,
+	$dimension_id, $dimension2_id, $credit_status, $payment_terms, $discount, $pymt_discount, 
+	$credit_limit, $sales_type, $notes)
+{
+	$sql = "INSERT INTO ".TB_PREF."debtors_master (name, debtor_ref, address, tax_id,
+		dimension_id, dimension2_id, curr_code, credit_status, payment_terms, discount, 
+		pymt_discount,credit_limit, sales_type, notes) VALUES ("
+		.db_escape($CustName) .", " .db_escape($cust_ref) .", "
+		.db_escape($address) . ", " . db_escape($tax_id) . ","
+		.db_escape($dimension_id) . ", " 
+		.db_escape($dimension2_id) . ", ".db_escape($curr_code) . ", 
+		" . db_escape($credit_status) . ", ".db_escape($payment_terms) . ", " . $discount . ", 
+		" . $pymt_discount . ", " . $credit_limit 
+		 .", ".db_escape($sales_type).", ".db_escape($notes) . ")";
+
+	db_query($sql,"The customer could not be added");
+}
+
+function update_customer($customer_id, $CustName, $cust_ref, $address, $tax_id, $curr_code,
+	$dimension_id, $dimension2_id, $credit_status, $payment_terms, $discount, $pymt_discount,
+	$credit_limit, $sales_type, $notes)
+{
+	$sql = "UPDATE ".TB_PREF."debtors_master SET name=" . db_escape($CustName) . ", 
+		debtor_ref=" . db_escape($cust_ref) . ",
+		address=".db_escape($address) . ", 
+		tax_id=".db_escape($tax_id) . ", 
+		curr_code=".db_escape($curr_code) . ", 
+		dimension_id=".db_escape($dimension_id) . ", 
+		dimension2_id=".db_escape($dimension2_id) . ", 
+		credit_status=".db_escape($credit_status) . ", 
+		payment_terms=".db_escape($payment_terms) . ", 
+		discount=" . $discount . ", 
+		pymt_discount=" . $pymt_discount . ", 
+		credit_limit=" . $credit_limit . ", 
+		sales_type = ".db_escape($sales_type) . ", 
+		notes=".db_escape($notes) ."
+		WHERE debtor_no = ".db_escape($customer_id);
+
+	db_query($sql,"The customer could not be updated");
+}
+
+function delete_customer($customer_id)
+{
+	begin_transaction();
+	delete_entity_contacts('customer', $customer_id);
+
+	$sql = "DELETE FROM ".TB_PREF."debtors_master WHERE debtor_no=".db_escape($customer_id);;
+	db_query($sql,"cannot delete customer");
+	commit_transaction();
+}
+
 function get_customer_details($customer_id, $to=null)
 {
 
@@ -43,7 +95,7 @@ function get_customer_details($customer_id, $to=null)
 		WHERE
 			 ".TB_PREF."debtors_master.payment_terms = ".TB_PREF."payment_terms.terms_indicator
 			 AND ".TB_PREF."debtors_master.credit_status = ".TB_PREF."credit_status.id
-			 AND ".TB_PREF."debtors_master.debtor_no = $customer_id
+			 AND ".TB_PREF."debtors_master.debtor_no = ".db_escape($customer_id)."
 			 AND ".TB_PREF."debtor_trans.tran_date <= '$todate'
 			 AND ".TB_PREF."debtor_trans.type <> 13
 			 AND ".TB_PREF."debtors_master.debtor_no = ".TB_PREF."debtor_trans.debtor_no
@@ -74,7 +126,7 @@ function get_customer_details($customer_id, $to=null)
     		WHERE
     		     ".TB_PREF."debtors_master.payment_terms = ".TB_PREF."payment_terms.terms_indicator
     		     AND ".TB_PREF."debtors_master.credit_status = ".TB_PREF."credit_status.id
-    		     AND ".TB_PREF."debtors_master.debtor_no = '$customer_id'";
+    		     AND ".TB_PREF."debtors_master.debtor_no = ".db_escape($customer_id);
 
     	$result = db_query($sql,"The customer details could not be retrieved");
 
@@ -100,7 +152,7 @@ function get_customer_details($customer_id, $to=null)
 
 function get_customer($customer_id)
 {
-	$sql = "SELECT * FROM ".TB_PREF."debtors_master WHERE debtor_no=$customer_id";
+	$sql = "SELECT * FROM ".TB_PREF."debtors_master WHERE debtor_no=".db_escape($customer_id);
 
 	$result = db_query($sql, "could not get customer");
 
@@ -109,7 +161,7 @@ function get_customer($customer_id)
 
 function get_customer_name($customer_id)
 {
-	$sql = "SELECT name FROM ".TB_PREF."debtors_master WHERE debtor_no=$customer_id";
+	$sql = "SELECT name FROM ".TB_PREF."debtors_master WHERE debtor_no=".db_escape($customer_id);
 
 	$result = db_query($sql, "could not get customer");
 
@@ -118,27 +170,28 @@ function get_customer_name($customer_id)
 	return $row[0];
 }
 
-function get_area_name($id)
+function get_customer_habit($customer_id)
 {
-	$sql = "SELECT description FROM ".TB_PREF."areas WHERE area_code=$id";
+	$sql = "SELECT ".TB_PREF."debtors_master.pymt_discount,
+		".TB_PREF."credit_status.dissallow_invoices
+		FROM ".TB_PREF."debtors_master, ".TB_PREF."credit_status
+		WHERE ".TB_PREF."debtors_master.credit_status = ".TB_PREF."credit_status.id
+			AND ".TB_PREF."debtors_master.debtor_no = ".db_escape($customer_id);
 
-	$result = db_query($sql, "could not get sales type");
+	$result = db_query($sql, "could not query customers");
 
-	$row = db_fetch_row($result);
-	return $row[0];
+	return db_fetch($result);
 }
 
-function get_salesman_name($id)
+function get_customer_contacts($customer_id, $action=null)
 {
-	$sql = "SELECT salesman_name FROM ".TB_PREF."salesman WHERE salesman_code=$id";
-
-	$result = db_query($sql, "could not get sales type");
+	$results = array();
+	$res = get_crm_persons('customer', $action, $customer_id);
+	while($contact = db_fetch($res))
+		$results[] = $contact;
 
-	$row = db_fetch_row($result);
-	return $row[0];
+	return $results;
 }
 
 
-
-
 ?>
\ No newline at end of file