X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=sales%2Fmanage%2Fsales_people.php;h=1c398b61a37a8da5bcc705d384d363e8d3bf1126;hb=5cd13431fe25eb8cd98f67020c55dab124c7e930;hp=a6072ff893e56c1f468f7f78b1437dba444ccad5;hpb=c09be0dad6b05131e240349a375af7a4b7bf3444;p=fa-stable.git

diff --git a/sales/manage/sales_people.php b/sales/manage/sales_people.php
index a6072ff8..1c398b61 100644
--- a/sales/manage/sales_people.php
+++ b/sales/manage/sales_people.php
@@ -1,10 +1,19 @@
 <?php
-
-$page_security = 3;
-$path_to_root="../..";
+/**********************************************************************
+    Copyright (C) FrontAccounting, LLC.
+	Released under the terms of the GNU General Public License, GPL, 
+	as published by the Free Software Foundation, either version 3 
+	of the License, or (at your option) any later version.
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
+    See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
+$page_security = 'SA_SALESMAN';
+$path_to_root = "../..";
 include($path_to_root . "/includes/session.inc");
 
-page(_("Sales Persons"));
+page(_($help_context = "Sales Persons"));
 
 include($path_to_root . "/includes/ui.inc");
 
@@ -47,7 +56,7 @@ if ($Mode=='ADD_ITEM' || $Mode=='UPDATE_ITEM')
     			provision=".input_num('provision').",
     			break_pt=".input_num('break_pt').",
     			provision2=".input_num('provision2')."
-    			WHERE salesman_code = '$selected_id'";
+    			WHERE salesman_code = ".db_escape($selected_id);
     	}
     	else
     	{
@@ -77,7 +86,7 @@ if ($Mode == 'Delete')
 
 	// PREVENT DELETES IF DEPENDENT RECORDS IN 'debtors_master'
 
-	$sql= "SELECT COUNT(*) FROM ".TB_PREF."cust_branch WHERE salesman='$selected_id'";
+	$sql= "SELECT COUNT(*) FROM ".TB_PREF."cust_branch WHERE salesman=".db_escape($selected_id);
 	$result = db_query($sql,"check failed");
 	$myrow = db_fetch_row($result);
 	if ($myrow[0] > 0)
@@ -86,7 +95,7 @@ if ($Mode == 'Delete')
 	}
 	else
 	{
-		$sql="DELETE FROM ".TB_PREF."salesman WHERE salesman_code='$selected_id'";
+		$sql="DELETE FROM ".TB_PREF."salesman WHERE salesman_code=".db_escape($selected_id);
 		db_query($sql,"The sales-person could not be deleted");
 		display_notification(_('Selected sales person data have been deleted'));
 	}
@@ -96,16 +105,20 @@ if ($Mode == 'Delete')
 if ($Mode == 'RESET')
 {
 	$selected_id = -1;
+	$sav = get_post('show_inactive');
 	unset($_POST);
+	$_POST['show_inactive'] = $sav;
 }
 //------------------------------------------------------------------------------------------------
 
 $sql = "SELECT * FROM ".TB_PREF."salesman";
+if (!check_value('show_inactive')) $sql .= " WHERE !inactive";
 $result = db_query($sql,"could not get sales persons");
 
 start_form();
 start_table("$table_style width=60%");
 $th = array(_("Name"), _("Phone"), _("Fax"), _("Email"), _("Provision"), _("Break Pt."), _("Provision")." 2", "", "");
+inactive_control_column($th);
 table_header($th);
 
 $k = 0;
@@ -118,29 +131,30 @@ while ($myrow = db_fetch($result))
     label_cell($myrow["salesman_name"]);
    	label_cell($myrow["salesman_phone"]);
    	label_cell($myrow["salesman_fax"]);
-   	label_cell($myrow["salesman_email"]);
+	email_cell($myrow["salesman_email"]);
 	label_cell(percent_format($myrow["provision"])." %", "nowrap align=right");
    	amount_cell($myrow["break_pt"]);
 	label_cell(percent_format($myrow["provision2"])." %", "nowrap align=right");
+	inactive_control_cell($myrow["salesman_code"], $myrow["inactive"],
+		'salesman', 'salesman_code');
  	edit_button_cell("Edit".$myrow["salesman_code"], _("Edit"));
- 	edit_button_cell("Delete".$myrow["salesman_code"], _("Delete"));
+ 	delete_button_cell("Delete".$myrow["salesman_code"], _("Delete"));
   	end_row();
 
 } //END WHILE LIST LOOP
 
+inactive_control_row($th);
 end_table();
-end_form();
 echo '<br>';
 
 //------------------------------------------------------------------------------------------------
 
-start_form();
-
+$_POST['salesman_email'] = "";
 if ($selected_id != -1) 
 {
  	if ($Mode == 'Edit') {
 		//editing an existing Sales-person
-		$sql = "SELECT *  FROM ".TB_PREF."salesman WHERE salesman_code='$selected_id'";
+		$sql = "SELECT *  FROM ".TB_PREF."salesman WHERE salesman_code=".db_escape($selected_id);
 
 		$result = db_query($sql,"could not get sales person");
 		$myrow = db_fetch($result);
@@ -160,18 +174,18 @@ if ($selected_id != -1)
 		$_POST['provision2'] = percent_format(0);	
 }
 
-start_table("$table_style2 width=60%");
+start_table($table_style2);
 
 text_row_ex(_("Sales person name:"), 'salesman_name', 30);
 text_row_ex(_("Telephone number:"), 'salesman_phone', 20);
 text_row_ex(_("Fax number:"), 'salesman_fax', 20);
-text_row_ex(_("Email:"), 'salesman_email', 40);
+email_row_ex(_("E-mail:"), 'salesman_email', 40);
 percent_row(_("Provision").':', 'provision');
 amount_row(_("Break Pt.:"), 'break_pt');
 percent_row(_("Provision")." 2:", 'provision2');
 end_table(1);
 
-submit_add_or_update_center($selected_id == -1, '', true);
+submit_add_or_update_center($selected_id == -1, '', 'both');
 
 end_form();