X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=sales%2Fmanage%2Fcustomers.php;h=dd2646834967b3ee61a78b50b8503eae90deb5a2;hb=777422e8d5a3ba188e7420719e33322098075313;hp=5a57732f8328ef12f6b182717b07021c39a5d873;hpb=da8311619dd73feae101d246a1957b972e00cbd2;p=fa-stable.git
diff --git a/sales/manage/customers.php b/sales/manage/customers.php
index 5a57732f..dd264683 100644
--- a/sales/manage/customers.php
+++ b/sales/manage/customers.php
@@ -1,26 +1,29 @@
.
+***********************************************************************/
+$page_security = 'SA_CUSTOMER';
+$path_to_root = "../..";
include_once($path_to_root . "/includes/session.inc");
-page(_("Customers"));
+page(_($help_context = "Customers"), @$_REQUEST['popup']);
include_once($path_to_root . "/includes/date_functions.inc");
include_once($path_to_root . "/includes/banking.inc");
include_once($path_to_root . "/includes/ui.inc");
-include_once($path_to_root . "/includes/data_checks.inc");
-
-if (isset($_GET['New']) || !isset($_POST['customer_id']) || $_POST['customer_id'] == "")
-{
- $_POST['New'] = "1";
-}
-if (isset($_POST['SelectCustomer']))
+if (isset($_GET['debtor_no']))
{
- unset($_POST['New']);
+ $_POST['customer_id'] = $_GET['debtor_no'];
}
-
+$new_customer = (!isset($_POST['customer_id']) || $_POST['customer_id'] == "");
//--------------------------------------------------------------------------------------------
function can_process()
@@ -28,45 +31,38 @@ function can_process()
if (strlen($_POST['CustName']) == 0)
{
display_error(_("The customer name cannot be empty."));
+ set_focus('CustName');
return false;
}
-
- if (!is_numeric( $_POST['credit_limit']))
- {
- display_error(_("The credit limit must be numeric."));
- return false;
- }
-
- if (!is_numeric( $_POST['pymt_discount']))
+
+ if (strlen($_POST['cust_ref']) == 0)
{
- display_error(_("The payment discount must be numeric."));
- return false;
+ display_error(_("The customer short name cannot be empty."));
+ set_focus('cust_ref');
+ return false;
}
- if (!is_numeric( $_POST['discount']))
+ if (!check_num('credit_limit', 0))
{
- display_error(_("The discount percentage must be numeric."));
+ display_error(_("The credit limit must be numeric and not less than zero."));
+ set_focus('credit_limit');
return false;
}
- if ($_POST['credit_limit'] < 0)
+ if (!check_num('pymt_discount', 0, 100))
{
- display_error(_("The credit limit must be a positive number."));
+ display_error(_("The payment discount must be numeric and is expected to be less than 100% and greater than or equal to 0."));
+ set_focus('pymt_discount');
return false;
}
- if (($_POST['pymt_discount'] >= 100) || ($_POST['pymt_discount'] < 0))
+ if (!check_num('discount', 0, 100))
{
- display_error(_("The payment discount is expected to be less than 100% and greater than or equal to 0."));
+ display_error(_("The discount percentage must be numeric and is expected to be less than 100% and greater than or equal to 0."));
+ set_focus('discount');
return false;
}
-
- if (($_POST['discount'] >= 100) || ($_POST['discount'] < 0))
- {
- display_error(_("The discount percent is expected to be less than 100 and greater than or equal to 0."));
- return false;
- }
-
+
return true;
}
@@ -74,68 +70,71 @@ function can_process()
function handle_submit()
{
- global $path_to_root;
+ global $path_to_root, $new_customer, $Ajax;
+
if (!can_process())
return;
- if (!isset($_POST['New']))
+ if ($new_customer == false)
{
- // Sherifoz 22.06.03 convert percent to fraction
- $sql = "UPDATE ".TB_PREF."debtors_master SET name='" . $_POST['CustName'] . "',
- address='" . $_POST['address'] . "',
- tax_id='" . $_POST['tax_id'] . "',
- curr_code='" . $_POST['curr_code'] . "',
- email='" . $_POST['email'] . "',
- dimension_id=" . $_POST['dimension_id'] . ",
- dimension2_id=" . $_POST['dimension2_id'] . ",
- credit_status='" . $_POST['credit_status'] . "',
- payment_terms='" . $_POST['payment_terms'] . "',
- discount=" . ($_POST['discount']) / 100 . ",
- pymt_discount=" . ($_POST['pymt_discount']) / 100 . ",
- credit_limit=" . $_POST['credit_limit'] . ",
- sales_type = '" . $_POST['sales_type'] . "'
- WHERE debtor_no = '" . $_POST['customer_id'] . "'";
+ $sql = "UPDATE ".TB_PREF."debtors_master SET name=" . db_escape($_POST['CustName']) . ",
+ debtor_ref=" . db_escape($_POST['cust_ref']) . ",
+ address=".db_escape($_POST['address']) . ",
+ tax_id=".db_escape($_POST['tax_id']) . ",
+ curr_code=".db_escape($_POST['curr_code']) . ",
+ email=".db_escape($_POST['email']) . ",
+ dimension_id=".db_escape($_POST['dimension_id']) . ",
+ dimension2_id=".db_escape($_POST['dimension2_id']) . ",
+ credit_status=".db_escape($_POST['credit_status']) . ",
+ payment_terms=".db_escape($_POST['payment_terms']) . ",
+ discount=" . input_num('discount') / 100 . ",
+ pymt_discount=" . input_num('pymt_discount') / 100 . ",
+ credit_limit=" . input_num('credit_limit') . ",
+ sales_type = ".db_escape($_POST['sales_type']) . ",
+ notes=".db_escape($_POST['notes']) . "
+ WHERE debtor_no = ".db_escape($_POST['customer_id']);
db_query($sql,"The customer could not be updated");
- display_notification(_("Customer has been updated."));
- clear_fields();
+ update_record_status($_POST['customer_id'], $_POST['inactive'],
+ 'debtors_master', 'debtor_no');
+
+ $Ajax->activate('customer_id'); // in case of status change
+ display_notification(_("Customer has been updated."));
}
else
{ //it is a new customer
begin_transaction();
- $sql = "INSERT INTO ".TB_PREF."debtors_master (name, address, tax_id, email, dimension_id, dimension2_id,
- curr_code, credit_status, payment_terms, discount, pymt_discount,credit_limit,
- sales_type) VALUES ('" . $_POST['CustName'] ."', '" . $_POST['address'] . "', '" . $_POST['tax_id'] . "',
- '" . $_POST['email'] . "', " . $_POST['dimension_id'] . ", " . $_POST['dimension2_id'] . ", '" . $_POST['curr_code'] . "',
- " . $_POST['credit_status'] . ", '" . $_POST['payment_terms'] . "', " . ($_POST['discount'])/100 . ",
- " . ($_POST['pymt_discount'])/100 . ", " . $_POST['credit_limit'] . ", '" . $_POST['sales_type'] . "')";
+ $sql = "INSERT INTO ".TB_PREF."debtors_master (name, debtor_ref, address, tax_id, email, dimension_id, dimension2_id,
+ curr_code, credit_status, payment_terms, discount, pymt_discount,credit_limit,
+ sales_type, notes) VALUES (".db_escape($_POST['CustName']) .", " .db_escape($_POST['cust_ref']) .", "
+ .db_escape($_POST['address']) . ", " . db_escape($_POST['tax_id']) . ","
+ .db_escape($_POST['email']) . ", ".db_escape($_POST['dimension_id']) . ", "
+ .db_escape($_POST['dimension2_id']) . ", ".db_escape($_POST['curr_code']) . ",
+ " . db_escape($_POST['credit_status']) . ", ".db_escape($_POST['payment_terms']) . ", " . input_num('discount')/100 . ",
+ " . input_num('pymt_discount')/100 . ", " . input_num('credit_limit')
+ .", ".db_escape($_POST['sales_type']).", ".db_escape($_POST['notes']) . ")";
db_query($sql,"The customer could not be added");
- $new_customer_id = db_insert_id();
-
+ $_POST['customer_id'] = db_insert_id();
+ $new_customer = false;
commit_transaction();
display_notification(_("A new customer has been added."));
- hyperlink_params($path_to_root . "/sales/manage/customer_branches.php", _("Add branches for this customer"), "debtor_no=$new_customer_id");
-
- clear_fields();
+ $Ajax->activate('_page_body');
}
}
-
//--------------------------------------------------------------------------------------------
if (isset($_POST['submit']))
{
-
handle_submit();
}
-
//--------------------------------------------------------------------------------------------
if (isset($_POST['delete']))
@@ -146,8 +145,8 @@ if (isset($_POST['delete']))
$cancel_delete = 0;
// PREVENT DELETES IF DEPENDENT RECORDS IN 'debtor_trans'
-
- $sql= "SELECT COUNT(*) FROM ".TB_PREF."debtor_trans WHERE debtor_no='" . $_POST['customer_id'] . "'";
+ $sel_id = db_escape($_POST['customer_id']);
+ $sql= "SELECT COUNT(*) FROM ".TB_PREF."debtor_trans WHERE debtor_no=$sel_id";
$result = db_query($sql,"check failed");
$myrow = db_fetch_row($result);
if ($myrow[0] > 0)
@@ -157,7 +156,7 @@ if (isset($_POST['delete']))
}
else
{
- $sql= "SELECT COUNT(*) FROM ".TB_PREF."sales_orders WHERE debtor_no='" . $_POST['customer_id'] . "'";
+ $sql= "SELECT COUNT(*) FROM ".TB_PREF."sales_orders WHERE debtor_no=$sel_id";
$result = db_query($sql,"check failed");
$myrow = db_fetch_row($result);
if ($myrow[0] > 0)
@@ -167,7 +166,7 @@ if (isset($_POST['delete']))
}
else
{
- $sql = "SELECT COUNT(*) FROM ".TB_PREF."cust_branch WHERE debtor_no='" . $_POST['customer_id'] . "'";
+ $sql = "SELECT COUNT(*) FROM ".TB_PREF."cust_branch WHERE debtor_no=$sel_id";
$result = db_query($sql,"check failed");
$myrow = db_fetch_row($result);
if ($myrow[0] > 0)
@@ -181,29 +180,14 @@ if (isset($_POST['delete']))
if ($cancel_delete == 0)
{ //ie not cancelled the delete as a result of above tests
- $sql = "DELETE FROM ".TB_PREF."debtors_master WHERE debtor_no='" . $_POST['customer_id'] . "'";
+ $sql = "DELETE FROM ".TB_PREF."debtors_master WHERE debtor_no=$sel_id";
db_query($sql,"cannot delete customer");
-
- meta_forward($_SERVER['PHP_SELF']);
- } //end if Delete Customer
-}
-function clear_fields()
-{
- unset($_POST['CustName']);
- unset($_POST['address']);
- unset($_POST['tax_id']);
- unset($_POST['email']);
- unset($_POST['dimension_id']);
- unset($_POST['dimension2_id']);
- unset($_POST['credit_status']);
- unset($_POST['payment_terms']);
- unset($_POST['discount']);
- unset($_POST['pymt_discount']);
- unset($_POST['credit_limit']);
- unset($_POST['sales_type']);
- unset($_POST['customer_id']);
- $_POST['New'] = 1;
+ display_notification(_("Selected customer has been deleted."));
+ unset($_POST['customer_id']);
+ $new_customer = true;
+ $Ajax->activate('_page_body');
+ } //end if Delete Customer
}
check_db_has_sales_types(_("There are no sales types defined. Please define at least one sales type before adding a customer."));
@@ -214,48 +198,46 @@ if (db_has_customers())
{
start_table("class = 'tablestyle_noborder'");
start_row();
- customer_list_cells(_("Select a customer: "), 'customer_id', null);
- submit_cells('SelectCustomer', _("Edit Customer"));
+ customer_list_cells(_("Select a customer: "), 'customer_id', null,
+ _('New customer'), true, check_value('show_inactive'));
+ check_cells(_("Show inactive:"), 'show_inactive', null, true);
end_row();
end_table();
+ if (get_post('_show_inactive_update')) {
+ $Ajax->activate('customer_id');
+ set_focus('customer_id');
+ }
}
else
{
- hidden('customer_id', $_POST['customer_id']);
+ hidden('customer_id');
}
-hyperlink_params($_SERVER['PHP_SELF'], _("Enter a new customer"), "New=1");
-echo "
";
-
-start_table($table_style2, 7, 6);
-echo "