X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=sales%2Fincludes%2Fdb%2Fsales_order_db.inc;h=ef66b0b7d72166792bb172c49be19cbe4d26fa46;hb=8429c2d2e1500cd879e084335391615e79fc3da3;hp=a6c7610637fa06b4eae24b5a28aaaa3e437e9baa;hpb=0c1bcd8ce3c089d7ddb3722a097f8fc8417f41e6;p=fa-stable.git diff --git a/sales/includes/db/sales_order_db.inc b/sales/includes/db/sales_order_db.inc index a6c76106..ef66b0b7 100644 --- a/sales/includes/db/sales_order_db.inc +++ b/sales/includes/db/sales_order_db.inc @@ -1,5 +1,14 @@ . +***********************************************************************/ //---------------------------------------------------------------------------------------- function get_demand_qty($stockid, $location) { @@ -54,15 +63,20 @@ function add_sales_order(&$order) $sql = "INSERT INTO ".TB_PREF."sales_orders (type, debtor_no, branch_code, customer_ref, comments, ord_date, order_type, ship_via, deliver_to, delivery_address, contact_phone, contact_email, freight_cost, from_stk_loc, delivery_date) - VALUES ('" . $order_type . "', '" . $order->customer_id . "', '" . $order->Branch . "', '". - $order->cust_ref ."','". db_escape($order->Comments) ."','" . - date2sql($order->document_date) . "', '" . - $order->default_sales_type . "', " . - $_POST['ship_via'] .",'" . $order->deliver_to . "', '" . - $order->delivery_address . "', '" . - $order->phone . "', '" . $order->email . "', " . - $order->freight_cost .", '" . $order->Location ."', '" . - $del_date . "')"; + VALUES (" .db_escape($order_type) . "," . db_escape($order->customer_id) . + ", " . db_escape($order->Branch) . ", ". + db_escape($order->cust_ref) .",". + db_escape($order->Comments) .",'" . + date2sql($order->document_date) . "', " . + db_escape($order->sales_type) . ", " . + db_escape($order->ship_via)."," . + db_escape($order->deliver_to) . "," . + db_escape($order->delivery_address) . ", " . + db_escape($order->phone) . ", " . + db_escape($order->email) . ", " . + db_escape($order->freight_cost) .", " . + db_escape($order->Location) .", " . + db_escape($del_date) . ")"; db_query($sql, "order Cannot be Added"); @@ -106,15 +120,14 @@ function add_sales_order(&$order) $sql = "INSERT INTO ".TB_PREF."sales_order_details (order_no, stk_code, description, unit_price, quantity, discount_percent) VALUES ("; $sql .= $order_no . - ",'$line->stock_id', '$line->item_description', $line->price, + ",".db_escape($line->stock_id).", " + .db_escape($line->item_description).", $line->price, $line->quantity, $line->discount_percent)"; db_query($sql, "order Details Cannot be Added"); } /* inserted line items into sales order details */ - add_forms_for_sys_type(systypes::sales_order(), $order_no); - commit_transaction(); if ($loc_notification == 1 && count($st_ids) > 0) @@ -150,15 +163,13 @@ function delete_sales_order($order_no) $sql = "DELETE FROM ".TB_PREF."sales_order_details WHERE order_no =" . $order_no; db_query($sql, "order Detail Delete"); - delete_forms_for_systype(systypes::sales_order(), $order_no); - commit_transaction(); } //---------------------------------------------------------------------------------------- // Mark changes in sales_order_details // -function update_sales_order_version($order) +function update_sales_order_version($order) { foreach ($order as $so_num => $so_ver) { $sql= 'UPDATE '.TB_PREF.'sales_orders SET version=version+1 WHERE order_no='. $so_num. @@ -181,24 +192,23 @@ function update_sales_order($order) begin_transaction(); $sql = "UPDATE ".TB_PREF."sales_orders SET type =".$order->so_type." , - debtor_no = '" . $order->customer_id . "', - branch_code = '" . $order->Branch . "', - customer_ref = '". $order->cust_ref ."', - comments = '". db_escape($order->Comments) ."', - ord_date = '" . $ord_date . "', - order_type = '" . $order->default_sales_type . "', - ship_via = " . $order->ship_via .", - deliver_to = '" . $order->deliver_to . "', - delivery_address = '" . $order->delivery_address . "', - contact_phone = '" . $order->phone . "', - contact_email = '" . $order->email . "', - freight_cost = " . $order->freight_cost .", - from_stk_loc = '" . $order->Location ."', - delivery_date = '" . $del_date . "', + debtor_no = " . db_escape($order->customer_id) . ", + branch_code = " . db_escape($order->Branch) . ", + customer_ref = ". db_escape($order->cust_ref) .", + comments = ". db_escape($order->Comments) .", + ord_date = " . db_escape($ord_date) . ", + order_type = " .db_escape($order->sales_type) . ", + ship_via = " . db_escape($order->ship_via) .", + deliver_to = " . db_escape($order->deliver_to) . ", + delivery_address = " . db_escape($order->delivery_address) . ", + contact_phone = " .db_escape($order->phone) . ", + contact_email = " .db_escape($order->email) . ", + freight_cost = " .db_escape($order->freight_cost) .", + from_stk_loc = " .db_escape($order->Location) .", + delivery_date = " .db_escape($del_date). ", version = ".($version+1)." WHERE order_no=" . $order_no ." AND version=".$version; - db_query($sql, "order Cannot be Updated, this can be concurrent edition conflict"); $sql = "DELETE FROM ".TB_PREF."sales_order_details WHERE order_no =" . $order_no; @@ -242,17 +252,17 @@ function update_sales_order($order) } } } - $sql = "INSERT INTO ".TB_PREF."sales_order_details - (order_no, stk_code, description, unit_price, quantity, - discount_percent, qty_sent) + $sql = "INSERT INTO ".TB_PREF."sales_order_details + (order_no, stk_code, description, unit_price, quantity, + discount_percent, qty_sent) VALUES ("; - $sql .= $order_no . ",'" - .$line->stock_id . "','" - .$line->item_description . "', " - .$line->price . ", " - .$line->quantity . ", " - .$line->discount_percent . ", " - .$line->qty_done ." )"; + $sql .= $order_no . "," + .db_escape($line->stock_id) . "," + .db_escape($line->item_description) . ", " + .db_escape($line->price) . ", " + .db_escape($line->quantity) . ", " + .db_escape($line->discount_percent) . ", " + .db_escape($line->qty_done) ." )"; db_query($sql, "Old order Cannot be Inserted"); @@ -269,8 +279,8 @@ function update_sales_order($order) $subject = _("Stocks below Re-Order Level at " . $loc['location_name']); $msg = "\n"; for ($i = 0; $i < count($st_ids); $i++) - $msg .= $st_ids[$i] . " " . $st_names[$i] . ", " - . _("Re-Order Level") . ": " . $st_reorder[$i] . ", " + $msg .= $st_ids[$i] . " " . $st_names[$i] . ", " + . _("Re-Order Level") . ": " . $st_reorder[$i] . ", " . _("Below") . ": " . $st_num[$i] . "\n"; $msg .= "\n" . _("Please reorder") . "\n\n"; $msg .= $company['coy_name']; @@ -332,7 +342,7 @@ function get_sales_order_header($order_no) function get_sales_order_details($order_no) { $sql = "SELECT id, stk_code, unit_price, " .TB_PREF."sales_order_details.description," - .TB_PREF."sales_order_details.quantity, + .TB_PREF."sales_order_details.quantity, discount_percent, qty_sent as qty_done, " .TB_PREF."stock_master.units, @@ -355,21 +365,22 @@ function read_sales_order($order_no, &$order) $order->so_type = $myrow["type"]; $order->trans_no = array($order_no=> $myrow["version"]); - $order->set_customer($myrow["debtor_no"], $myrow["name"], + $order->set_customer($myrow["debtor_no"], $myrow["name"], $myrow["curr_code"], $myrow["discount"]); $order->set_branch($myrow["branch_code"], $myrow["tax_group_id"], $myrow["tax_group_name"], $myrow["contact_phone"], $myrow["contact_email"]); - $order->set_sales_type($myrow["sales_type_id"], $myrow["sales_type"], $myrow["tax_included"]); + $order->set_sales_type($myrow["sales_type_id"], $myrow["sales_type"], + $myrow["tax_included"], 0); // no default price calculations on edit $order->set_location($myrow["from_stk_loc"], $myrow["location_name"]); - $order->set_delivery($myrow["ship_via"], $myrow["deliver_to"], + $order->set_delivery($myrow["ship_via"], $myrow["deliver_to"], $myrow["delivery_address"], $myrow["freight_cost"]); - + $order->cust_ref = $myrow["customer_ref"]; - $order->default_sales_type =$myrow["order_type"]; + $order->sales_type =$myrow["order_type"]; $order->Comments = $myrow["comments"]; $order->due_date = sql2date($myrow["delivery_date"]); $order->document_date = sql2date($myrow["ord_date"]); @@ -423,7 +434,7 @@ function get_invoice_duedate($debtorno, $invdate) { if (!is_date($invdate)) { - return Today(); + return new_doc_date(); } $sql = "SELECT ".TB_PREF."debtors_master.debtor_no, ".TB_PREF."debtors_master.payment_terms, ".TB_PREF."payment_terms.* FROM ".TB_PREF."debtors_master, ".TB_PREF."payment_terms WHERE ".TB_PREF."debtors_master.payment_terms = ".TB_PREF."payment_terms.terms_indicator AND @@ -448,10 +459,14 @@ function get_customer_to_order($customer_id) { .TB_PREF."debtors_master.address, " .TB_PREF."credit_status.dissallow_invoices, " .TB_PREF."debtors_master.sales_type AS salestype, " + .TB_PREF."debtors_master.dimension_id, " + .TB_PREF."debtors_master.dimension2_id, " .TB_PREF."sales_types.sales_type, " .TB_PREF."sales_types.tax_included, " + .TB_PREF."sales_types.factor, " .TB_PREF."debtors_master.curr_code, " - .TB_PREF."debtors_master.discount + .TB_PREF."debtors_master.discount," + .TB_PREF."debtors_master.pymt_discount FROM ".TB_PREF."debtors_master, " .TB_PREF."credit_status, " .TB_PREF."sales_types @@ -465,7 +480,7 @@ function get_customer_to_order($customer_id) { } function get_branch_to_order($customer_id, $branch_id) { - + // the branch was also selected from the customer selection so default the delivery details from the customer branches table cust_branch. The order process will ask for branch details later anyway $sql = "SELECT ".TB_PREF."cust_branch.br_name, " .TB_PREF."cust_branch.br_address, "