projects / fa-stable.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 82b768d)
Fixed improper checks on GL account deletion.
authorJanusz Dobrowolski <janusz@frontaccouting.eu>
Fri, 19 Aug 2011 08:06:38 +0000 (10:06 +0200)
committerJanusz Dobrowolski <janusz@frontaccouting.eu>
Fri, 19 Aug 2011 08:06:38 +0000 (10:06 +0200)
gl/includes/db/gl_db_accounts.inc patch | blob | history
gl/manage/bank_accounts.php patch | blob | history
gl/manage/gl_accounts.php patch | blob | history

diff --git a/gl/includes/db/gl_db_accounts.inc b/gl/includes/db/gl_db_accounts.inc
index f97b713e57820e674fec4aae35fcbe314f7400d3..a788604ac814541506f3af3fb2fc9c3c3385f518 100644 (file)
--- a/gl/includes/db/gl_db_accounts.inc
+++ b/gl/includes/db/gl_db_accounts.inc
@@ -103,7 +103,7 @@ function gl_account_in_company_defaults($acc)
                OR name='default_cogs_act'
                OR name='default_adj_act'
                OR name='default_inv_sales_act'
-               OR name='default_assembly_act') AND value=$acc";
+               OR name='default_assembly_act') AND value=".db_escape($acc);
        $result = db_query($sql,"Couldn't test for default company GL codes");
 
        $myrow = db_fetch_row($result);
@@ -112,6 +112,8 @@ function gl_account_in_company_defaults($acc)
 
 function gl_account_in_stock_category($acc)
 {
+       $acc = db_escape($acc);
+
        $sql= "SELECT COUNT(*) FROM ".TB_PREF."stock_category WHERE 
                dflt_inventory_act=$acc 
                OR dflt_cogs_act=$acc
@@ -125,6 +127,8 @@ function gl_account_in_stock_category($acc)
 
 function gl_account_in_stock_master($acc)
 {
+       $acc = db_escape($acc);
+
        $sql= "SELECT COUNT(*) FROM ".TB_PREF."stock_master WHERE 
                inventory_account=$acc 
                OR cogs_account=$acc
@@ -138,6 +142,8 @@ function gl_account_in_stock_master($acc)
 
 function gl_account_in_tax_types($acc)
 {
+       $acc = db_escape($acc);
+
        $sql= "SELECT COUNT(*) FROM ".TB_PREF."tax_types WHERE sales_gl_code=$acc OR purchasing_gl_code=$acc";
        $result = db_query($sql,"Couldn't test for existing tax GL codes");
 
@@ -147,6 +153,8 @@ function gl_account_in_tax_types($acc)
 
 function gl_account_in_cust_branch($acc)
 {
+       $acc = db_escape($acc);
+
        $sql= "SELECT COUNT(*) FROM ".TB_PREF."cust_branch WHERE 
                sales_account=$acc 
                OR sales_discount_account=$acc
@@ -160,6 +168,8 @@ function gl_account_in_cust_branch($acc)
 
 function gl_account_in_suppliers($acc)
 {
+       $acc = db_escape($acc);
+
        $sql= "SELECT COUNT(*) FROM ".TB_PREF."suppliers WHERE 
                purchase_account=$acc
                OR payment_discount_account=$acc
@@ -172,6 +182,8 @@ function gl_account_in_suppliers($acc)
 
 function gl_account_in_quick_entry_lines($acc)
 {
+       $acc = db_escape($acc);
+
        $sql= "SELECT COUNT(*) FROM ".TB_PREF."quick_entry_lines WHERE 
                dest_id=$acc AND UPPER(LEFT(action, 1)) <> 'T'";
        $result = db_query($sql,"Couldn't test for existing Quick Entry Line GL codes");
diff --git a/gl/manage/bank_accounts.php b/gl/manage/bank_accounts.php
index d8d02ab27b36d4188371618069f178183e4cb5dd..c494247b73446943d9e2f5d1872916dbd2b9468e 100644 (file)
--- a/gl/manage/bank_accounts.php
+++ b/gl/manage/bank_accounts.php
@@ -68,16 +68,15 @@ elseif( $Mode == 'Delete')
        //the link to delete a selected record was clicked instead of the submit button
 
        $cancel_delete = 0;
-       $acc = db_escape($selected_id);
        // PREVENT DELETES IF DEPENDENT RECORDS IN 'bank_trans'
 
-       if (key_in_foreign_table($acc, 'bank_trans', 'bank_act', true))
+       if (key_in_foreign_table($selected_id, 'bank_trans', 'bank_act', true) || key_in_foreign_table(get_post('account_code'), 'gl_trans', 'account', true))
        {
                $cancel_delete = 1;
                display_error(_("Cannot delete this bank account because transactions have been created using this account."));
        }
 
-       if (key_in_foreign_table($acc, 'sales_pos', 'pos_account', true))
+       if (key_in_foreign_table($selected_id, 'sales_pos', 'pos_account', true))
        {
                $cancel_delete = 1;
                display_error(_("Cannot delete this bank account because POS definitions have been created using this account."));
diff --git a/gl/manage/gl_accounts.php b/gl/manage/gl_accounts.php
index 345d3791fa8a17e21e71fbfc15858e30286932e9..db432dcc288209332c2ed9b92f1b285385f5f7e6 100644 (file)
--- a/gl/manage/gl_accounts.php
+++ b/gl/manage/gl_accounts.php
@@ -110,61 +110,60 @@ function can_delete($selected_account)
 {
        if ($selected_account == "")
                return false;
-       $acc = db_escape($selected_account);
 
-       if (key_in_foreign_table($acc, 'gl_trans', 'account', true))
+       if (key_in_foreign_table($selected_account, 'gl_trans', 'account', true))
        {
                display_error(_("Cannot delete this account because transactions have been created using this account."));
                return false;
        }
 
-       if (gl_account_in_company_defaults($acc))
+       if (gl_account_in_company_defaults($selected_account))
        {
                display_error(_("Cannot delete this account because it is used as one of the company default GL accounts."));
                return false;
        }
 
-       if (key_in_foreign_table($acc, 'bank_accounts', 'account_code', true))  
+       if (key_in_foreign_table($selected_account, 'bank_accounts', 'account_code', true))     
        {
                display_error(_("Cannot delete this account because it is used by a bank account."));
                return false;
        }       
 
-       if (gl_account_in_stock_category($acc))
+       if (gl_account_in_stock_category($selected_account))
        {
                display_error(_("Cannot delete this account because it is used by one or more Item Categories."));
                return false;
        }       
        
-       if (gl_account_in_stock_master($acc))
+       if (gl_account_in_stock_master($selected_account))
        {
                display_error(_("Cannot delete this account because it is used by one or more Items."));
                return false;
        }       
        
-       if (gl_account_in_tax_types($acc))
+       if (gl_account_in_tax_types($selected_account))
        {
                display_error(_("Cannot delete this account because it is used by one or more Taxes."));
                return false;
        }       
        
-       if (gl_account_in_cust_branch($acc))
+       if (gl_account_in_cust_branch($selected_account))
        {
                display_error(_("Cannot delete this account because it is used by one or more Customer Branches."));
                return false;
        }               
        
-       if (gl_account_in_suppliers($acc))
+       if (gl_account_in_suppliers($selected_account))
        {
                display_error(_("Cannot delete this account because it is used by one or more suppliers."));
                return false;
-       }                                                                       
-       
-       if (gl_account_in_quick_entry_lines($acc))
+       }
+
+       if (gl_account_in_quick_entry_lines($selected_account))
        {
                display_error(_("Cannot delete this account because it is used by one or more Quick Entry Lines."));
                return false;
-       }                                                                       
+       }
 
        return true;
 }
FrontAccounting stable branch