X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=sales%2Fmanage%2Fcustomer_branches.php;h=1478e63b94419aacd7289b1352d618cd1fb4c5c1;hb=c73e1bd3cfe2231278d5749f87657bcae429ddf0;hp=ef2b2db91bfdc10473575e6ae780f9de25ae9251;hpb=43ce9508e7855556be002a7ecf25ea9960c30b81;p=fa-stable.git diff --git a/sales/manage/customer_branches.php b/sales/manage/customer_branches.php index ef2b2db9..1478e63b 100644 --- a/sales/manage/customer_branches.php +++ b/sales/manage/customer_branches.php @@ -22,7 +22,7 @@ check_db_has_tax_groups(_("There are no tax groups defined in the system. At lea //----------------------------------------------------------------------------------------------- -if (isset($_GET['debtor_no'])) +if (isset($_GET['debtor_no'])) { $_POST['customer_id'] = strtoupper($_GET['debtor_no']); $_POST['New'] = "1"; @@ -34,14 +34,14 @@ if (isset($_GET['SelectedBranch'])) unset($_POST['New']); } -if (!isset($_GET['SelectedBranch']) && !isset($_POST['AddUpdate'])) +if (!isset($_GET['SelectedBranch']) && !isset($_POST['AddUpdate'])) { $_POST['New'] = "1"; } //----------------------------------------------------------------------------------------------- -if (isset($_POST['ADD_ITEM']) || isset($_POST['UPDATE_ITEM'])) +if (isset($_POST['ADD_ITEM']) || isset($_POST['UPDATE_ITEM'])) { //initialise no input errors assumed initially before we test @@ -49,13 +49,13 @@ if (isset($_POST['ADD_ITEM']) || isset($_POST['UPDATE_ITEM'])) //first off validate inputs sensible - if (strlen($_POST['br_name']) == 0) + if (strlen($_POST['br_name']) == 0) { $input_error = 1; display_error(_("The Branch name cannot be empty.")); } - if ($input_error != 1) + if ($input_error != 1) { //if (!isset($_POST['New'])) @@ -63,27 +63,27 @@ if (isset($_POST['ADD_ITEM']) || isset($_POST['UPDATE_ITEM'])) { /*SelectedBranch could also exist if submit had not been clicked this code would not run in this case cos submit is false of course see the delete code below*/ - $sql = "UPDATE ".TB_PREF."cust_branch SET br_name = '" . $_POST['br_name'] . "', - br_address = '" . $_POST['br_address'] . "', - phone='" . $_POST['phone'] . "', - fax='" . $_POST['fax'] . "', - contact_name='" . $_POST['contact_name'] . "', - salesman= '" . $_POST['salesman'] . "', - area='" . $_POST['area'] . "', - email='" . $_POST['email'] . "', - tax_group_id=" . $_POST['tax_group_id'] . ", - sales_account='" . $_POST['sales_account'] . "', - sales_discount_account='" . $_POST['sales_discount_account'] . "', - receivables_account='" . $_POST['receivables_account'] . "', - payment_discount_account='" . $_POST['payment_discount_account'] . "', - default_location='" . $_POST['default_location'] . "', - br_post_address = '" . $_POST['br_post_address'] . "', - disable_trans=" . $_POST['disable_trans'] . ", - default_ship_via=" . $_POST['default_ship_via'] . " - WHERE branch_code = '" . $_POST['branch_code'] . "' - AND debtor_no='" . $_POST['customer_id']. "'"; - - } + $sql = "UPDATE ".TB_PREF."cust_branch SET br_name = " . db_escape($_POST['br_name']) . ", + br_address = ".db_escape($_POST['br_address']). ", + phone=".db_escape($_POST['phone']). ", + fax=".db_escape($_POST['fax']).", + contact_name=".db_escape($_POST['contact_name']) . ", + salesman= ".db_escape($_POST['salesman']) . ", + area=".db_escape($_POST['area']) . ", + email=".db_escape($_POST['email']) . ", + tax_group_id=".db_escape($_POST['tax_group_id']). ", + sales_account=".db_escape($_POST['sales_account']) . ", + sales_discount_account=".db_escape($_POST['sales_discount_account']) . ", + receivables_account=".db_escape($_POST['receivables_account']) . ", + payment_discount_account=".db_escape($_POST['payment_discount_account']) . ", + default_location=".db_escape($_POST['default_location']) . ", + br_post_address =".db_escape($_POST['br_post_address']) . ", + disable_trans=".db_escape($_POST['disable_trans']) . ", + default_ship_via=".db_escape($_POST['default_ship_via']) . " + WHERE branch_code =".db_escape($_POST['branch_code']) . " + AND debtor_no=".db_escape($_POST['customer_id']); + + } else { /*Selected branch is null cos no item selected on first time round so must be adding a record must be submitting new entries in the new Customer Branches form */ @@ -91,16 +91,19 @@ if (isset($_POST['ADD_ITEM']) || isset($_POST['UPDATE_ITEM'])) salesman, phone, fax, contact_name, area, email, tax_group_id, sales_account, receivables_account, payment_discount_account, sales_discount_account, default_location, br_post_address, disable_trans, default_ship_via) - VALUES ('" . $_POST['customer_id']. "', '" . $_POST['br_name'] . "', '" . - $_POST['br_address'] . "', '" . $_POST['salesman'] . "', '" . - $_POST['phone'] . "', '" . $_POST['fax'] . "','" . - $_POST['contact_name'] . "', '" . $_POST['area'] . "','" . - $_POST['email'] . "', " . $_POST['tax_group_id'] . ", '" . - $_POST['sales_account'] . "', '" . - $_POST['receivables_account'] . "', '" . - $_POST['payment_discount_account'] . "', '" . - $_POST['sales_discount_account'] . "', '" . - $_POST['default_location'] . "', '" . $_POST['br_post_address'] . "'," . $_POST['disable_trans'] . ", " . $_POST['default_ship_via'] . ")"; + VALUES (".db_escape($_POST['customer_id']). ",".db_escape($_POST['br_name']) . ", " + .db_escape($_POST['br_address']) . ", ".db_escape($_POST['salesman']) . ", " + .db_escape($_POST['phone']) . ", ".db_escape($_POST['fax']) . "," + .db_escape($_POST['contact_name']) . ", ".db_escape($_POST['area']) . "," + .db_escape($_POST['email']) . ", ".db_escape($_POST['tax_group_id']) . ", " + .db_escape($_POST['sales_account']) . ", " + .db_escape($_POST['receivables_account']) . ", " + .db_escape($_POST['payment_discount_account']) . ", " + .db_escape($_POST['sales_discount_account']) . ", " + .db_escape($_POST['default_location']) . ", " + .db_escape($_POST['br_post_address']) . "," + .db_escape($_POST['disable_trans']) . ", " + .db_escape($_POST['default_ship_via']) . ")"; } //run the sql from either of the above possibilites @@ -109,8 +112,8 @@ if (isset($_POST['ADD_ITEM']) || isset($_POST['UPDATE_ITEM'])) meta_forward($_SERVER['PHP_SELF'], "debtor_no=" . $_POST['customer_id']); } -} -elseif (isset($_GET['delete'])) +} +elseif (isset($_GET['delete'])) { //the link to delete a selected record was clicked instead of the submit button @@ -119,22 +122,22 @@ elseif (isset($_GET['delete'])) $sql= "SELECT COUNT(*) FROM ".TB_PREF."debtor_trans WHERE branch_code='" . $_POST['branch_code']. "' AND debtor_no = '" . $_POST['customer_id']. "'"; $result = db_query($sql,"could not query debtortrans"); $myrow = db_fetch_row($result); - if ($myrow[0] > 0) + if ($myrow[0] > 0) { display_error(_("Cannot delete this branch because customer transactions have been created to this branch.")); - } - else + } + else { $sql= "SELECT COUNT(*) FROM ".TB_PREF."sales_orders WHERE branch_code='" . $_POST['branch_code']. "' AND debtor_no = '" . $_POST['customer_id']. "'"; $result = db_query($sql,"could not query sales orders"); $myrow = db_fetch_row($result); - if ($myrow[0] > 0) + if ($myrow[0] > 0) { display_error(_("Cannot delete this branch because sales orders exist for it. Purge old sales orders first.")); - } - else + } + else { $sql="DELETE FROM ".TB_PREF."cust_branch WHERE branch_code='" . $_POST['branch_code']. "' AND debtor_no='" . $_POST['customer_id']. "'"; db_query($sql,"could not delete branch"); @@ -167,7 +170,7 @@ if ($num_branches) $th = array(_("Name"), _("Contact"), _("Sales Person"), _("Area"), _("Phone No"), _("Fax No"), _("E-mail"), _("Tax Group"), "", ""); - table_header($th); + table_header($th); while ($myrow = db_fetch($result)) { @@ -183,7 +186,7 @@ if ($num_branches) edit_link_cell("debtor_no=" . $_POST['customer_id']. "&SelectedBranch=" . $myrow["branch_code"]); delete_link_cell("debtor_no=" . $_POST['customer_id']. "&SelectedBranch=" . $myrow["branch_code"]. "&delete=yes"); end_row(); - } + } end_table(); //END WHILE LIST LOOP } @@ -191,10 +194,10 @@ else display_note(_("The selected customer does not have any branches. Please create at least one branch.")); //else //{ -//} +//} -if (!isset($_POST['New'])) +if (!isset($_POST['New'])) { hyperlink_params($_SERVER['PHP_SELF'], _("New Customer Branch"), "debtor_no=" . $_POST['customer_id']); } @@ -205,7 +208,7 @@ echo ""; // outer table echo ""; -if (!isset($_POST['New']) && $num_branches) +if (!isset($_POST['New']) && $num_branches) { //editing an existing branch @@ -235,8 +238,8 @@ if (!isset($_POST['New']) && $num_branches) $_POST['receivables_account'] = $myrow['receivables_account']; $_POST['payment_discount_account'] = $myrow['payment_discount_account']; -} -else +} +else { //end of if $SelectedBranch only do the else when a new record is being entered $sql = "SELECT name, address, email @@ -248,7 +251,7 @@ else $_POST['br_address'] = $_POST['br_post_address'] = $myrow["address"]; $_POST['branch_code'] = ""; $_POST['email'] = $myrow['email']; - if (!isset($_POST['sales_account']) || !isset($_POST['sales_discount_account'])) + if (!isset($_POST['sales_account']) || !isset($_POST['sales_discount_account'])) { $company_record = get_company_prefs(); @@ -295,7 +298,9 @@ echo"
"; table_section_title(_("GL Accounts")); -gl_all_accounts_list_row(_("Sales Account:"), 'sales_account', $_POST['sales_account']); +// 2006-06-14. Changed gl_al_accounts_list to have an optional all_option 'Use Item Sales Accounts' +gl_all_accounts_list_row(_("Sales Account:"), 'sales_account', $_POST['sales_account'], false, + false, false, true); gl_all_accounts_list_row(_("Sales Discount Account:"), 'sales_discount_account', $_POST['sales_discount_account']);