X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=sales%2Fmanage%2Fsales_people.php;h=1c398b61a37a8da5bcc705d384d363e8d3bf1126;hb=5cd13431fe25eb8cd98f67020c55dab124c7e930;hp=04e1948df6569c6e7506ef556b86c30c5e732952;hpb=d567a10b7925c8bb97c734e213d6651a979af29d;p=fa-stable.git diff --git a/sales/manage/sales_people.php b/sales/manage/sales_people.php index 04e1948d..1c398b61 100644 --- a/sales/manage/sales_people.php +++ b/sales/manage/sales_people.php @@ -9,11 +9,11 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the License here . ***********************************************************************/ -$page_security = 3; -$path_to_root="../.."; +$page_security = 'SA_SALESMAN'; +$path_to_root = "../.."; include($path_to_root . "/includes/session.inc"); -page(_("Sales Persons")); +page(_($help_context = "Sales Persons")); include($path_to_root . "/includes/ui.inc"); @@ -56,7 +56,7 @@ if ($Mode=='ADD_ITEM' || $Mode=='UPDATE_ITEM') provision=".input_num('provision').", break_pt=".input_num('break_pt').", provision2=".input_num('provision2')." - WHERE salesman_code = '$selected_id'"; + WHERE salesman_code = ".db_escape($selected_id); } else { @@ -86,7 +86,7 @@ if ($Mode == 'Delete') // PREVENT DELETES IF DEPENDENT RECORDS IN 'debtors_master' - $sql= "SELECT COUNT(*) FROM ".TB_PREF."cust_branch WHERE salesman='$selected_id'"; + $sql= "SELECT COUNT(*) FROM ".TB_PREF."cust_branch WHERE salesman=".db_escape($selected_id); $result = db_query($sql,"check failed"); $myrow = db_fetch_row($result); if ($myrow[0] > 0) @@ -95,7 +95,7 @@ if ($Mode == 'Delete') } else { - $sql="DELETE FROM ".TB_PREF."salesman WHERE salesman_code='$selected_id'"; + $sql="DELETE FROM ".TB_PREF."salesman WHERE salesman_code=".db_escape($selected_id); db_query($sql,"The sales-person could not be deleted"); display_notification(_('Selected sales person data have been deleted')); } @@ -105,16 +105,20 @@ if ($Mode == 'Delete') if ($Mode == 'RESET') { $selected_id = -1; + $sav = get_post('show_inactive'); unset($_POST); + $_POST['show_inactive'] = $sav; } //------------------------------------------------------------------------------------------------ $sql = "SELECT * FROM ".TB_PREF."salesman"; +if (!check_value('show_inactive')) $sql .= " WHERE !inactive"; $result = db_query($sql,"could not get sales persons"); start_form(); start_table("$table_style width=60%"); $th = array(_("Name"), _("Phone"), _("Fax"), _("Email"), _("Provision"), _("Break Pt."), _("Provision")." 2", "", ""); +inactive_control_column($th); table_header($th); $k = 0; @@ -131,27 +135,26 @@ while ($myrow = db_fetch($result)) label_cell(percent_format($myrow["provision"])." %", "nowrap align=right"); amount_cell($myrow["break_pt"]); label_cell(percent_format($myrow["provision2"])." %", "nowrap align=right"); + inactive_control_cell($myrow["salesman_code"], $myrow["inactive"], + 'salesman', 'salesman_code'); edit_button_cell("Edit".$myrow["salesman_code"], _("Edit")); delete_button_cell("Delete".$myrow["salesman_code"], _("Delete")); end_row(); } //END WHILE LIST LOOP +inactive_control_row($th); end_table(); -end_form(); echo '
'; //------------------------------------------------------------------------------------------------ -start_form(); - - $_POST['salesman_email'] = ""; if ($selected_id != -1) { if ($Mode == 'Edit') { //editing an existing Sales-person - $sql = "SELECT * FROM ".TB_PREF."salesman WHERE salesman_code='$selected_id'"; + $sql = "SELECT * FROM ".TB_PREF."salesman WHERE salesman_code=".db_escape($selected_id); $result = db_query($sql,"could not get sales person"); $myrow = db_fetch($result); @@ -182,7 +185,7 @@ amount_row(_("Break Pt.:"), 'break_pt'); percent_row(_("Provision")." 2:", 'provision2'); end_table(1); -submit_add_or_update_center($selected_id == -1, '', true); +submit_add_or_update_center($selected_id == -1, '', 'both'); end_form();