X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=sales%2Fincludes%2Fdb%2Fsales_points_db.inc;h=c7ff404b9eb832b48b6d7b0a443c1dd0f8b6e71d;hb=0c1ab57c09d87eed2bd248892dbfe3f256767a82;hp=d444ea7676a9d749af86396ce8fd7e8bd1f00735;hpb=acd4af03e6b76b31ba2010154261ed4d1e934393;p=fa-stable.git

diff --git a/sales/includes/db/sales_points_db.inc b/sales/includes/db/sales_points_db.inc
index d444ea76..c7ff404b 100644
--- a/sales/includes/db/sales_points_db.inc
+++ b/sales/includes/db/sales_points_db.inc
@@ -1,5 +1,14 @@
 <?php
-
+/**********************************************************************
+    Copyright (C) FrontAccounting, LLC.
+	Released under the terms of the GNU General Public License, GPL, 
+	as published by the Free Software Foundation, either version 3 
+	of the License, or (at your option) any later version.
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
+    See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
 function add_sales_point($name, $location, $account, $cash, $credit)
 {
 	$sql = "INSERT INTO ".TB_PREF."sales_pos (pos_name, pos_location, pos_account, cash_sale, credit_sale) VALUES (".db_escape($name)
@@ -16,29 +25,29 @@ function update_sales_point($id, $name, $location, $account, $cash, $credit)
 				.",pos_account=".db_escape($account)
 				.",cash_sale =$cash"
 				.",credit_sale =$credit"
-		 		." WHERE id = $id";
+		 		." WHERE id = ".db_escape($id);
 	
 	db_query($sql, "could not update sales type");			
 }
 
-function get_all_sales_points()
+function get_all_sales_points($all=false)
 {
 	$sql = "SELECT pos.*, loc.location_name, acc.bank_account_name FROM "
-		.TB_PREF."sales_pos as pos,"
-		.TB_PREF."locations as loc,"
-		.TB_PREF."bank_accounts as acc"
-		." WHERE pos.pos_location=loc.loc_code AND pos.pos_account=acc.account_code";
+		.TB_PREF."sales_pos as pos
+		LEFT JOIN ".TB_PREF."locations as loc on pos.pos_location=loc.loc_code
+		LEFT JOIN ".TB_PREF."bank_accounts as acc on pos.pos_account=acc.id";
+	if (!$all) $sql .= " WHERE !pos.inactive";
 	
 	return db_query($sql, "could not get all POS definitions");
 } 
 
 function get_sales_point($id)
 {
-	$sql = "SELECT pos.*, loc.location_name, acc.bank_account_name, acc.account_code FROM "
-		.TB_PREF."sales_pos as pos,"
-		.TB_PREF."locations as loc,"
-		.TB_PREF."bank_accounts as acc"
-		." WHERE pos.id=$id AND pos.pos_location=loc.loc_code AND pos.pos_account=acc.account_code";
+	$sql = "SELECT pos.*, loc.location_name, acc.bank_account_name FROM "
+		.TB_PREF."sales_pos as pos
+		LEFT JOIN ".TB_PREF."locations as loc on pos.pos_location=loc.loc_code
+		LEFT JOIN ".TB_PREF."bank_accounts as acc on pos.pos_account=acc.id
+		WHERE pos.id=".db_escape($id);
 	
 	$result = db_query($sql, "could not get POS definition");
 	
@@ -47,7 +56,7 @@ function get_sales_point($id)
 
 function get_sales_point_name($id)
 {
-	$sql = "SELECT pos_name FROM ".TB_PREF."sales_pos WHERE id=$id";
+	$sql = "SELECT pos_name FROM ".TB_PREF."sales_pos WHERE id=".db_escape($id);
 	
 	$result = db_query($sql, "could not get POS name");
 	
@@ -57,7 +66,7 @@ function get_sales_point_name($id)
 
 function delete_sales_point($id)
 {
-	$sql="DELETE FROM ".TB_PREF."sales_pos WHERE id=$id";
+	$sql="DELETE FROM ".TB_PREF."sales_pos WHERE id=".db_escape($id);
 	db_query($sql,"The point of sale record could not be deleted");
 }