X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=sales%2Fmanage%2Fcustomers.php;h=e5ea837ab7228c08f75c2ca6d5efe089d31f4017;hb=5f8e0bc0b99277b133635a60710841378da8018c;hp=effc0c9e0a59edc06d66a2103713241e9f24013e;hpb=8429c2d2e1500cd879e084335391615e79fc3da3;p=fa-stable.git

diff --git a/sales/manage/customers.php b/sales/manage/customers.php
index effc0c9e..e5ea837a 100644
--- a/sales/manage/customers.php
+++ b/sales/manage/customers.php
@@ -13,7 +13,7 @@ $page_security = 3;
 $path_to_root="../..";
 
 include_once($path_to_root . "/includes/session.inc");
-page(_("Customers")); 
+page(_("Customers"), @$_REQUEST['popup']); 
 
 include_once($path_to_root . "/includes/date_functions.inc");
 include_once($path_to_root . "/includes/banking.inc");
@@ -127,13 +127,6 @@ if (isset($_POST['submit']))
 }
 //-------------------------------------------------------------------------------------------- 
 
-if (isset($_POST['select']))
-{
-	context_return(array('customer_id' => $_POST['customer_id'], 
-		'branch_id' => '')); // this fires customer history checks
-}
-//-------------------------------------------------------------------------------------------- 
-
 if (isset($_POST['delete'])) 
 {
 
@@ -142,8 +135,8 @@ if (isset($_POST['delete']))
 	$cancel_delete = 0;
 
 	// PREVENT DELETES IF DEPENDENT RECORDS IN 'debtor_trans'
-
-	$sql= "SELECT COUNT(*) FROM ".TB_PREF."debtor_trans WHERE debtor_no='" . $_POST['customer_id'] . "'";
+	$sel_id = db_escape($_POST['customer_id']);
+	$sql= "SELECT COUNT(*) FROM ".TB_PREF."debtor_trans WHERE debtor_no=$sel_id";
 	$result = db_query($sql,"check failed");
 	$myrow = db_fetch_row($result);
 	if ($myrow[0] > 0) 
@@ -153,7 +146,7 @@ if (isset($_POST['delete']))
 	} 
 	else 
 	{
-		$sql= "SELECT COUNT(*) FROM ".TB_PREF."sales_orders WHERE debtor_no='" . $_POST['customer_id'] . "'";
+		$sql= "SELECT COUNT(*) FROM ".TB_PREF."sales_orders WHERE debtor_no=$sel_id";
 		$result = db_query($sql,"check failed");
 		$myrow = db_fetch_row($result);
 		if ($myrow[0] > 0) 
@@ -163,7 +156,7 @@ if (isset($_POST['delete']))
 		} 
 		else 
 		{
-			$sql = "SELECT COUNT(*) FROM ".TB_PREF."cust_branch WHERE debtor_no='" . $_POST['customer_id'] . "'";
+			$sql = "SELECT COUNT(*) FROM ".TB_PREF."cust_branch WHERE debtor_no=$sel_id";
 			$result = db_query($sql,"check failed");
 			$myrow = db_fetch_row($result);
 			if ($myrow[0] > 0) 
@@ -177,7 +170,7 @@ if (isset($_POST['delete']))
 	
 	if ($cancel_delete == 0) 
 	{ 	//ie not cancelled the delete as a result of above tests
-		$sql = "DELETE FROM ".TB_PREF."debtors_master WHERE debtor_no='" . $_POST['customer_id'] . "'";
+		$sql = "DELETE FROM ".TB_PREF."debtors_master WHERE debtor_no=$sel_id";
 		db_query($sql,"cannot delete customer");
 
 		display_notification(_("Selected customer has been deleted."));
@@ -195,13 +188,15 @@ if (db_has_customers())
 {
 	start_table("class = 'tablestyle_noborder'");
 	start_row();
-	check_cells(_("Show inactive:"), 'show_inactive', null, true);
 	customer_list_cells(_("Select a customer: "), 'customer_id', null,
 		_('New customer'), true, check_value('show_inactive'));
+	check_cells(_("Show inactive:"), 'show_inactive', null, true);
 	end_row();
 	end_table();
-	if (get_post('_show_inactive_update'))
+	if (get_post('_show_inactive_update')) {
 		$Ajax->activate('customer_id');
+		set_focus('customer_id');
+	}
 } 
 else 
 {
@@ -225,7 +220,7 @@ if ($new_customer)
 else 
 {
 
-	$sql = "SELECT * FROM ".TB_PREF."debtors_master WHERE debtor_no = '" . $_POST['customer_id'] . "'";
+	$sql = "SELECT * FROM ".TB_PREF."debtors_master WHERE debtor_no = ".db_escape($_POST['customer_id']);
 	$result = db_query($sql,"check failed");
 
 	$myrow = db_fetch($result);
@@ -292,8 +287,8 @@ if (!$new_customer)  {
 	start_row();
 	echo '<td>'._('Customer branches').':</td>';
   	hyperlink_params_td($path_to_root . "/sales/manage/customer_branches.php",
-		'<b>'. (count($_SESSION['Context']) ?  _("Select or &Add") : _("&Add or Edit ")).'</b>', 
-		"debtor_no=".$_POST['customer_id']);
+		'<b>'. (@$_REQUEST['popup'] ?  _("Select or &Add") : _("&Add or Edit ")).'</b>', 
+		"debtor_no=".$_POST['customer_id'].(@$_REQUEST['popup'] ? '&popup=1':''));
 	end_row();
 
 }
@@ -310,11 +305,12 @@ else
 {
 	submit_center_first('submit', _("Update Customer"), 
 	  _('Update customer data'), true);
-	submit_return('select', _("Return"), _("Select this customer and return to document entry."), 'default');
+	submit_return('select', get_post('customer_id'), _("Select this customer and return to document entry."));
 	submit_center_last('delete', _("Delete Customer"), 
 	  _('Delete customer data if have been never used'), true);
 }
 div_end();
+hidden('popup', @$_REQUEST['popup']);
 end_form();
 end_page();