From e9782c04faf09dd040dbc0c908cdb6e6d4f0dcfc Mon Sep 17 00:00:00 2001 From: Janusz Dobrowolski Date: Thu, 16 Feb 2012 23:04:13 +0100 Subject: [PATCH] Merged stable branch up to 2.3.10 --- .hgtags | 3 + access/logout.php | 3 +- admin/attachments.php | 14 ++-- admin/db/company_db.inc | 4 +- admin/db/maintenance_db.inc | 47 ++++++++--- admin/db/users_db.inc | 8 +- admin/inst_lang.php | 4 +- admin/void_transaction.php | 2 + config.default.php | 9 +++ dimensions/includes/dimensions_db.inc | 3 +- gl/includes/db/gl_db_accounts.inc | 12 +++ gl/includes/db/gl_db_bank_trans.inc | 5 +- gl/includes/db/gl_db_banking.inc | 23 ++++-- gl/includes/ui/gl_bank_ui.inc | 18 +++++ gl/inquiry/journal_inquiry.php | 11 ++- gl/manage/bank_accounts.php | 8 +- gl/manage/currencies.php | 16 ++-- gl/manage/gl_account_types.php | 9 +-- gl/manage/gl_accounts.php | 4 +- includes/current_user.inc | 14 ++++ includes/db/inventory_db.inc | 35 +++++---- includes/errors.inc | 11 ++- includes/hooks.inc | 6 +- includes/lang/gettext.php | 34 +++++--- includes/lang/language.php | 17 ++-- includes/main.inc | 8 +- includes/packages.inc | 19 +++-- includes/page/footer.inc | 2 +- includes/session.inc | 108 +++++++++++++++++++++++--- includes/sysnames.inc | 1 - includes/system_tests.inc | 6 +- includes/ui/ui_controls.inc | 6 +- includes/ui/ui_input.inc | 11 ++- includes/ui/ui_lists.inc | 41 ++++++++-- includes/ui/ui_view.inc | 18 ++--- install/index.php | 19 +++-- install/isession.inc | 6 +- 37 files changed, 411 insertions(+), 154 deletions(-) diff --git a/.hgtags b/.hgtags index 7c37c1b9..342f19a4 100644 --- a/.hgtags +++ b/.hgtags @@ -54,3 +54,6 @@ dd39e5e145c73e6dcb62b87dc8b6b195116089a9 unstable_2_3_4 b5cb2a38213b8638e6ece671e0c15796177ae3a9 version_2_3_4 bbd75fe337d100a74505913140dd01a7bd925831 version_2_3_7 4a14cd5b8bc8259dcf1cd7cadf90efab060ce11c unstable_2_3_7 +390d9d69797c94d30ff61768485704717a96a9e3 version_2_3_10 +a8b119b77f054c85223eb3a256268a3d5a61b3cb version_2_3_9 +b2ead0b2a3e30c13254288eddf587b5d8140d731 version_2_3_8 diff --git a/access/logout.php b/access/logout.php index 6ea32fd7..961e631d 100644 --- a/access/logout.php +++ b/access/logout.php @@ -43,8 +43,7 @@ echo "
\n"; end_page(false, true); -session_unset(); -session_destroy(); +@session_destroy(); ?> diff --git a/admin/attachments.php b/admin/attachments.php index 1ad50d69..2dcce85d 100644 --- a/admin/attachments.php +++ b/admin/attachments.php @@ -96,12 +96,16 @@ if ($Mode == 'ADD_ITEM' || $Mode == 'UPDATE_ITEM') } // file name compatible with POSIX // protect against directory traversal - $unique_name = preg_replace('/[^a-zA-Z0-9.\-_]/', '', $_POST['unique_name']); - if ($Mode == 'UPDATE_ITEM' && file_exists($dir."/".$unique_name)) - unlink($dir."/".$unique_name); - - $unique_name = uniqid(''); + if ($Mode == 'UPDATE_ITEM') + { + $unique_name = preg_replace('/[^a-zA-Z0-9.\-_]/', '', $_POST['unique_name']); + if ($Mode == 'UPDATE_ITEM' && file_exists($dir."/".$unique_name)) + unlink($dir."/".$unique_name); + } + else + $unique_name = uniqid(''); move_uploaded_file($tmpname, $dir."/".$unique_name); + //save the file $filename = basename($_FILES['filename']['name']); $filesize = $_FILES['filename']['size']; diff --git a/admin/db/company_db.inc b/admin/db/company_db.inc index bd9c4ea5..9fd2e68c 100644 --- a/admin/db/company_db.inc +++ b/admin/db/company_db.inc @@ -170,10 +170,8 @@ function get_payment_terms_all($show_inactive) value is name of foreign key field. For numeric keys $stdkey field name is used. $stdkey - standard name of foreign key. */ -function key_in_foreign_table($id, $tables, $stdkey, $escaped=false) +function key_in_foreign_table($id, $tables, $stdkey) { - if (!$escaped) - $id = db_escape($id); if (!is_array($tables)) $tables = array($tables); diff --git a/admin/db/maintenance_db.inc b/admin/db/maintenance_db.inc index 4e7d56cc..ce8e5506 100644 --- a/admin/db/maintenance_db.inc +++ b/admin/db/maintenance_db.inc @@ -18,6 +18,8 @@ * @param $strSortType String containing either asc or desc [default to asc] * @desc Naturally sorts an array using by the column $strSortBy */ +define('EXPORT_MAX_INSERT', 50000); + function array_natsort($aryData, $strIndex, $strSortBy, $strSortType=false) { // if the parameters are invalid @@ -178,7 +180,7 @@ function update_extensions($extensions) { } // update per company files - $cnt = count($db_connections); + $cnt = max(1, count($db_connections)); for($i = 0; $i < $cnt; $i++) { $newexts = $extensions; @@ -253,7 +255,9 @@ function write_lang() function db_import($filename, $connection, $force=true) { - global $db, $go_debug; + global $db, $go_debug, $sql_trail; + + $sql_trail = false; $allowed_commands = array( "create" => 'table_queries', @@ -557,12 +561,12 @@ function db_export($conn, $filename, $zip='no', $comment='', $no_default=false) // if ($auto_incr[$tablename]) // $out.=" AUTO_INCREMENT=".$auto_incr[$tablename]; $out.=" ;"; - $out.="\n\n\n"; + $out.="\n\n"; // export data if (!$error) { - $out.="### Data of table `".$tablename."` ###\n\n"; + $out.="### Data of table `".$tablename."` ###\n"; // check if field types are NULL or NOT NULL $res3 = db_query("SHOW COLUMNS FROM `" . $tablename . "`"); @@ -575,18 +579,40 @@ function db_export($conn, $filename, $zip='no', $comment='', $no_default=false) } $res2 = db_query("SELECT * FROM `" . $tablename . "`"); + $maxinsert = 0; + $insert = ''; for ($j = 0; $j < db_num_rows($res2); $j++) { - $out .= "INSERT INTO `" . $tablename . "` VALUES ("; $row2 = db_fetch_row($res2); - // run through each field + $values = '('; for ($k = 0; $k < $nf = db_num_fields($res2); $k++) { - $out .= db_escape($row2[$k], $field_null[$k]); + $values .= db_escape($row2[$k], $field_null[$k]); if ($k < ($nf - 1)) - $out .= ", "; + $values .= ', '; + } + $values .= ')'; + $len = strlen($values); + if ($maxinsert < $len+1) + { + $maxinsert = EXPORT_MAX_INSERT; + if ($insert) + { + $out .= $insert .';'; // flush insert query + $insert = ''; + } } - $out .= ");\n"; + + if ($insert == '') + { + $insert = "\nINSERT INTO `" . $tablename . "` VALUES\n"; + $maxinsert -= strlen($insert); + } else { + $insert .= ",\n"; + } + + $maxinsert -= $len; + $insert .= $values; // if saving is successful, then empty $out, else set error flag if (strlen($out) > $max_size && $zip != "zip") @@ -597,7 +623,8 @@ function db_export($conn, $filename, $zip='no', $comment='', $no_default=false) $error = true; } } - + if ($insert) + $out .= $insert. ';'; // an error occurred! Try to delete file and return error status } elseif ($error) diff --git a/admin/db/users_db.inc b/admin/db/users_db.inc index 3711066e..267029c9 100644 --- a/admin/db/users_db.inc +++ b/admin/db/users_db.inc @@ -89,8 +89,7 @@ function get_user($id) } //----------------------------------------------------------------------------------------------- -// This function is necessary for admin prefs update after upgrade from 2.1 -// + function get_user_by_login($user_id) { $sql = "SELECT * FROM ".TB_PREF."users WHERE user_id=".db_escape($user_id); @@ -130,7 +129,6 @@ function get_user_for_login($user_id, $password) function get_user_auth($user_id, $password) { - set_global_connection(); $sql = "SELECT * FROM ".TB_PREF."users WHERE user_id = ".db_escape($user_id)." AND" ." password=".db_escape($password); @@ -162,10 +160,10 @@ function check_user_activity($id) //----------------------------------------------------------------------------------------------- function show_users_online() { - global $show_users_online, $db; + global $show_users_online, $db, $GetText; if (!isset($show_users_online) || $show_users_online == 0 || !defined('TB_PREF') || - !isset($_SESSION['get_text']) || !isset($db)) + !isset($GetText) || !isset($db)) return ""; $result = db_query("SHOW TABLES LIKE '".TB_PREF."useronline'"); if (db_num_rows($result) == 1) diff --git a/admin/inst_lang.php b/admin/inst_lang.php index e1fbd063..805969ff 100644 --- a/admin/inst_lang.php +++ b/admin/inst_lang.php @@ -30,7 +30,7 @@ simple_page_mode(true); // function display_languages() { - global $table_style, $installed_languages, $dflt_lang; + global $table_style, $installed_languages, $dflt_lang, $GetText; $th = array(_("Language"), _("Name"), _("Encoding"), _("Right To Left"), _("Installed"), _("Available"), _("Default"), "", ""); @@ -75,7 +75,7 @@ function display_languages() else alt_table_row_color($k); - $support = $_SESSION['get_text']->check_support($lang, $charset); + $support = $GetText->check_support($lang, $charset); if (function_exists('gettext') && !$support && !get_post('DisplayAll')) continue; diff --git a/admin/void_transaction.php b/admin/void_transaction.php index 87d9a3b0..474217a0 100644 --- a/admin/void_transaction.php +++ b/admin/void_transaction.php @@ -121,6 +121,8 @@ function select_link($row) { if (!isset($row['type'])) $row['type'] = $_POST['filterType']; + if (!is_date_in_fiscalyear($row['trans_date'], true)) + return _("N/A"); return button('Edit'.$row["trans_no"], _("Select"), _("Select"), ICON_EDIT); } diff --git a/config.default.php b/config.default.php index 5482361c..5cd7fe20 100644 --- a/config.default.php +++ b/config.default.php @@ -68,6 +68,15 @@ if (!isset($path_to_root) || isset($_GET['path_to_root']) || isset($_POST['path_ $power_by = "FrontAccounting"; $power_url = "http://frontaccounting.com"; + /* Do not print zero lines amount of 0.00 in Sales Documents if service item. 1 = do not */ + $no_zero_lines_amount = 1; + + /* Use icon for editkey (=true) righ of combobox. 1 = use, 0 = do not use */ + $use_icon_for_editkey = 0; + + /* Creates automatic a default branch with contact. Value 0 do not create auto branch */ + $auto_create_branch = 1; + /* Save Report selections (a value > 0 means days to save. 0 = no save) */ $save_report_selections = 0; diff --git a/dimensions/includes/dimensions_db.inc b/dimensions/includes/dimensions_db.inc index c0483710..3bd30f3c 100644 --- a/dimensions/includes/dimensions_db.inc +++ b/dimensions/includes/dimensions_db.inc @@ -172,8 +172,7 @@ function get_dimension_balance($id, $from, $to) $id = db_escape($id); $sql = "SELECT SUM(amount) FROM ".TB_PREF."gl_trans WHERE tran_date >= '" . date2sql($from) . "' AND - tran_date <= '" . date2sql($to) . "' AND (dimension_id = " . - db_escape($id)." OR dimension2_id = " .db_escape($id).")"; + tran_date <= '" . date2sql($to) . "' AND (dimension_id = $id OR dimension2_id = $id)"; $res = db_query($sql, "Sum of transactions could not be calculated"); $row = db_fetch_row($res); diff --git a/gl/includes/db/gl_db_accounts.inc b/gl/includes/db/gl_db_accounts.inc index 921d53f1..6a41188c 100644 --- a/gl/includes/db/gl_db_accounts.inc +++ b/gl/includes/db/gl_db_accounts.inc @@ -112,6 +112,8 @@ function gl_account_in_company_defaults($acc) function gl_account_in_stock_category($acc) { + $acc = db_escape($acc); + $sql= "SELECT COUNT(*) FROM ".TB_PREF."stock_category WHERE dflt_inventory_act=$acc OR dflt_cogs_act=$acc @@ -125,6 +127,8 @@ function gl_account_in_stock_category($acc) function gl_account_in_stock_master($acc) { + $acc = db_escape($acc); + $sql= "SELECT COUNT(*) FROM ".TB_PREF."stock_master WHERE inventory_account=$acc OR cogs_account=$acc @@ -138,6 +142,8 @@ function gl_account_in_stock_master($acc) function gl_account_in_tax_types($acc) { + $acc = db_escape($acc); + $sql= "SELECT COUNT(*) FROM ".TB_PREF."tax_types WHERE sales_gl_code=$acc OR purchasing_gl_code=$acc"; $result = db_query($sql,"Couldn't test for existing tax GL codes"); @@ -147,6 +153,8 @@ function gl_account_in_tax_types($acc) function gl_account_in_cust_branch($acc) { + $acc = db_escape($acc); + $sql= "SELECT COUNT(*) FROM ".TB_PREF."cust_branch WHERE sales_account=$acc OR sales_discount_account=$acc @@ -160,6 +168,8 @@ function gl_account_in_cust_branch($acc) function gl_account_in_suppliers($acc) { + $acc = db_escape($acc); + $sql= "SELECT COUNT(*) FROM ".TB_PREF."suppliers WHERE purchase_account=$acc OR payment_discount_account=$acc @@ -172,6 +182,8 @@ function gl_account_in_suppliers($acc) function gl_account_in_quick_entry_lines($acc) { + $acc = db_escape($acc); + $sql= "SELECT COUNT(*) FROM ".TB_PREF."quick_entry_lines WHERE dest_id=$acc AND UPPER(LEFT(action, 1)) <> 'T'"; $result = db_query($sql,"Couldn't test for existing Quick Entry Line GL codes"); diff --git a/gl/includes/db/gl_db_bank_trans.inc b/gl/includes/db/gl_db_bank_trans.inc index f11a5698..59dbaa23 100644 --- a/gl/includes/db/gl_db_bank_trans.inc +++ b/gl/includes/db/gl_db_bank_trans.inc @@ -155,7 +155,7 @@ function void_bank_trans($type, $type_no, $nested=false) /** * Check account history to find transaction which would exceed authorized overdraft for given account. -* Returns null or transaction in conflict. +* Returns null or transaction in conflict. Running balance is checked on daily basis only, to enable ID change after edition. * $delta_amount - tested change in bank balance at $date. **/ function check_bank_account_history($delta_amount, $bank_account, $date, $user=null) @@ -171,7 +171,8 @@ function check_bank_account_history($delta_amount, $bank_account, $date, $user=n $date = date2sql($date); $balance+= $delta_amount; - $sql = "SELECT * FROM ".TB_PREF."bank_trans WHERE bank_act=".db_escape($bank_account)." AND trans_date > '$date' ORDER BY trans_date ASC, id ASC"; + $sql = "SELECT sum(amount) as amount FROM ".TB_PREF."bank_trans WHERE bank_act=".db_escape($bank_account) + ." AND trans_date >= '$date' GROUP BY trans_date ORDER BY trans_date ASC"; $history = db_query($sql, "cannot retrieve cash account history"); diff --git a/gl/includes/db/gl_db_banking.inc b/gl/includes/db/gl_db_banking.inc index 2bb5a1c8..608f4e8c 100644 --- a/gl/includes/db/gl_db_banking.inc +++ b/gl/includes/db/gl_db_banking.inc @@ -306,9 +306,11 @@ function write_bank_transaction($trans_type, $trans_no, $from_account, $items, $ $args); hook_db_prewrite($args, $trans_type); + $aid = 0; if ($trans_no) { - void_transaction($trans_type, $trans_no, Today(), _("Document reentered.")); + $old_trans = $trans_no; $Refs->restore_last($trans_type, $trans_no); + $aid = has_attachment($trans_type, $trans_no); } $currency = get_bank_account_currency($from_account); @@ -326,7 +328,7 @@ function write_bank_transaction($trans_type, $trans_no, $from_account, $items, $ // we need to negate it too $cust_amount = -$cust_amount; - $trans_no = write_customer_trans($trans_type, $trans_no, $person_id, $person_detail_id, $date_, + $trans_no = write_customer_trans($trans_type, 0, $person_id, $person_detail_id, $date_, $ref, $cust_amount); } @@ -339,19 +341,23 @@ function write_bank_transaction($trans_type, $trans_no, $from_account, $items, $ // we need to negate it too $supp_amount = -$supp_amount; - $trans_no = write_supp_trans($trans_type, $trans_no, $person_id, $date_, '', + $trans_no = write_supp_trans($trans_type, 0, $person_id, $date_, '', $ref, "", $supp_amount, 0, 0); } else { - if (!$trans_no) - $trans_no = get_next_trans_no($trans_type); + $trans_no = get_next_trans_no($trans_type); $do_exchange_variance = $SysPrefs->auto_currency_revaluation(); if ($do_exchange_variance) $trans_no1 = get_next_trans_no(ST_JOURNAL); } - + if ($aid != 0) + { + $row = get_attachment($aid); + update_attachment($aid, $row['type_no'], $trans_no, $row['description'], + $row['filename'], $row['unique_name'], $row['filesize'], $row['filetype']); + } // do the source account postings add_bank_trans($trans_type, $trans_no, $from_account, $ref, @@ -416,6 +422,11 @@ function write_bank_transaction($trans_type, $trans_no, $from_account, $items, $ $Refs->save($trans_type, $trans_no, $ref); add_audit_trail($trans_type, $trans_no, $date_); + // old transaction can be voided only after new transaction is entered, + // otherwise the operation could fail for cash accounts due to temporary negative balance + if (@$old_trans) + void_transaction($trans_type, $old_trans, Today(), _("Document reentered.")); + $args->trans_no = $trans_no; hook_db_postwrite($args, $trans_type); if ($use_transaction) diff --git a/gl/includes/ui/gl_bank_ui.inc b/gl/includes/ui/gl_bank_ui.inc index 1ac37eb7..5425edfb 100644 --- a/gl/includes/ui/gl_bank_ui.inc +++ b/gl/includes/ui/gl_bank_ui.inc @@ -14,6 +14,7 @@ function display_bank_header(&$order) global $Ajax, $Refs; $payment = $order->trans_type == ST_BANKPAYMENT; + $customer_error = false; div_start('pmt_header'); start_outer_table(TABLESTYLE2, "width=90%"); // outer table @@ -74,6 +75,17 @@ function display_bank_header(&$order) $_POST['PersonDetailID'] = ANY_NUMERIC; hidden('PersonDetailID'); } + $trans = get_customer_habit($_POST['person_id']); // take care of customers on hold + if ($trans['dissallow_invoices'] != 0) + { + if ($payment) + { + $customer_error = true; + display_error(_("This customer account is on hold.")); + } + else + display_warning(_("This customer account is on hold.")); + } break; case PT_QUICKENTRY : @@ -114,6 +126,12 @@ function display_bank_header(&$order) end_outer_table(1); // outer table div_end(); + if ($customer_error) + { + end_form(); + end_page(); + exit; + } } //--------------------------------------------------------------------------------- diff --git a/gl/inquiry/journal_inquiry.php b/gl/inquiry/journal_inquiry.php index 0297073c..2d9eaabc 100644 --- a/gl/inquiry/journal_inquiry.php +++ b/gl/inquiry/journal_inquiry.php @@ -107,7 +107,14 @@ function edit_link($row) { global $editors; - return isset($editors[$row["type"]]) && !is_closed_trans($row["type"], $row["type_no"]) ? + $ok = true; + if ($row['type'] == ST_SALESINVOICE) + { + $myrow = get_customer_trans($row["type_no"], $row["type"]); + if ($myrow['alloc'] != 0 || get_voided_entry(ST_SALESINVOICE, $row["type_no"]) !== false) + $ok = false; + } + return isset($editors[$row["type"]]) && !is_closed_trans($row["type"], $row["type_no"]) && $ok ? pager_link(_("Edit"), sprintf($editors[$row["type"]], $row["type_no"], $row["type"]), ICON_EDIT) : ''; @@ -118,7 +125,7 @@ $sql = get_sql_for_journal_inquiry(get_post('filterType', -1), get_post('FromDat $cols = array( _("#") => array('fun'=>'journal_pos', 'align'=>'center'), - _("Date") =>array('name'=>'tran_date','type'=>'date', 'ord' => check_value('AlsoClosed') ? 'asc' : 'desc'), + _("Date") =>array('name'=>'tran_date','type'=>'date','ord'=>'desc'), _("Type") => array('fun'=>'systype_name'), _("Trans #") => array('fun'=>'view_link'), _("Reference"), diff --git a/gl/manage/bank_accounts.php b/gl/manage/bank_accounts.php index c494247b..9dda5cd3 100644 --- a/gl/manage/bank_accounts.php +++ b/gl/manage/bank_accounts.php @@ -34,7 +34,7 @@ if ($Mode=='ADD_ITEM' || $Mode=='UPDATE_ITEM') set_focus('bank_account_name'); } if ($Mode=='ADD_ITEM' && (gl_account_in_bank_accounts(get_post('account_code')) - || key_in_foreign_table(get_post('account_code'), 'gl_trans', 'account', true))) { + || key_in_foreign_table(get_post('account_code'), 'gl_trans', 'account'))) { $input_error = 1; display_error(_("The GL account selected is already in use. Select another GL account.")); set_focus('account_code'); @@ -70,13 +70,13 @@ elseif( $Mode == 'Delete') $cancel_delete = 0; // PREVENT DELETES IF DEPENDENT RECORDS IN 'bank_trans' - if (key_in_foreign_table($selected_id, 'bank_trans', 'bank_act', true) || key_in_foreign_table(get_post('account_code'), 'gl_trans', 'account', true)) + if (key_in_foreign_table($selected_id, 'bank_trans', 'bank_act') || key_in_foreign_table(get_post('account_code'), 'gl_trans', 'account')) { $cancel_delete = 1; display_error(_("Cannot delete this bank account because transactions have been created using this account.")); } - if (key_in_foreign_table($selected_id, 'sales_pos', 'pos_account', true)) + if (key_in_foreign_table($selected_id, 'sales_pos', 'pos_account')) { $cancel_delete = 1; display_error(_("Cannot delete this bank account because POS definitions have been created using this account.")); @@ -135,7 +135,7 @@ while ($myrow = db_fetch($result)) inactive_control_row($th); end_table(1); -$is_used = $selected_id != -1 && key_in_foreign_table($selected_id, 'bank_trans', 'bank_act', true); +$is_used = $selected_id != -1 && key_in_foreign_table($selected_id, 'bank_trans', 'bank_act'); start_table(TABLESTYLE2); diff --git a/gl/manage/currencies.php b/gl/manage/currencies.php index b14b79fd..a6cf55af 100644 --- a/gl/manage/currencies.php +++ b/gl/manage/currencies.php @@ -80,22 +80,20 @@ function handle_submit() //--------------------------------------------------------------------------------------------- -function check_can_delete() +function check_can_delete($curr) { - global $selected_id; - - if ($selected_id == "") + + if ($curr == "") return false; - $curr = db_escape($selected_id); // PREVENT DELETES IF DEPENDENT RECORDS IN debtors_master - if (key_in_foreign_table($curr, 'debtors_master', 'curr_code', true)) + if (key_in_foreign_table($curr, 'debtors_master', 'curr_code')) { display_error(_("Cannot delete this currency, because customer accounts have been created referring to this currency.")); return false; } - if (key_in_foreign_table($curr, 'suppliers', 'curr_code', true)) + if (key_in_foreign_table($curr, 'suppliers', 'curr_code')) { display_error(_("Cannot delete this currency, because supplier accounts have been created referring to this currency.")); return false; @@ -108,7 +106,7 @@ function check_can_delete() } // see if there are any bank accounts that use this currency - if (key_in_foreign_table($curr, 'bank_accounts', 'bank_curr_code', true)) + if (key_in_foreign_table($curr, 'bank_accounts', 'bank_curr_code')) { display_error(_("Cannot delete this currency, because thre are bank accounts that use this currency.")); return false; @@ -122,7 +120,7 @@ function check_can_delete() function handle_delete() { global $selected_id, $Mode; - if (check_can_delete()) { + if (check_can_delete($selected_id)) { //only delete if used in neither customer or supplier, comp prefs, bank trans accounts delete_currency($selected_id); display_notification(_('Selected currency has been deleted')); diff --git a/gl/manage/gl_account_types.php b/gl/manage/gl_account_types.php index b3e56aca..fcea4dbf 100644 --- a/gl/manage/gl_account_types.php +++ b/gl/manage/gl_account_types.php @@ -79,19 +79,18 @@ if ($Mode=='ADD_ITEM' || $Mode=='UPDATE_ITEM') //----------------------------------------------------------------------------------- -function can_delete($selected_id) +function can_delete($type) { - if ($selected_id == "") + if ($type == "") return false; - $type = db_escape($selected_id); - if (key_in_foreign_table($type, 'chart_master', 'account_type', true)) + if (key_in_foreign_table($type, 'chart_master', 'account_type')) { display_error(_("Cannot delete this account group because GL accounts have been created referring to it.")); return false; } - if (key_in_foreign_table($type, 'chart_types', 'parent', true)) + if (key_in_foreign_table($type, 'chart_types', 'parent')) { display_error(_("Cannot delete this account group because GL account groups have been created referring to it.")); return false; diff --git a/gl/manage/gl_accounts.php b/gl/manage/gl_accounts.php index c47abcc8..0ce1d5da 100644 --- a/gl/manage/gl_accounts.php +++ b/gl/manage/gl_accounts.php @@ -111,7 +111,7 @@ function can_delete($selected_account) if ($selected_account == "") return false; - if (key_in_foreign_table($selected_account, 'gl_trans', 'account', true)) + if (key_in_foreign_table($selected_account, 'gl_trans', 'account')) { display_error(_("Cannot delete this account because transactions have been created using this account.")); return false; @@ -123,7 +123,7 @@ function can_delete($selected_account) return false; } - if (key_in_foreign_table($selected_account, 'bank_accounts', 'account_code', true)) + if (key_in_foreign_table($selected_account, 'bank_accounts', 'account_code')) { display_error(_("Cannot delete this account because it is used by a bank account.")); return false; diff --git a/includes/current_user.inc b/includes/current_user.inc index 591524f4..0a5b7481 100644 --- a/includes/current_user.inc +++ b/includes/current_user.inc @@ -211,6 +211,20 @@ function number_format2($number, $decimals=0) return $decimals==='max' ? rtrim($num, '0') : $num; } + +/* price/float comparision helper to be used in any suspicious place for zero values? +usage: +if (!floatcmp($value1, $value2)) + compare value is 0 +*/ + +define('FLOAT_COMP_DELTA', 0.004); + +function floatcmp($a, $b) +{ + return $a - $b > FLOAT_COMP_DELTA ? 1 : $b - $a > FLOAT_COMP_DELTA ? -1 : 0; +} + // // Current ui mode. // diff --git a/includes/db/inventory_db.inc b/includes/db/inventory_db.inc index 6cf96961..80f552e9 100644 --- a/includes/db/inventory_db.inc +++ b/includes/db/inventory_db.inc @@ -166,18 +166,21 @@ function get_deliveries_between($stock_id, $from, $to) function get_deliveries_from_trans($stock_id, $from) { // -ve qty is delivery either by ST_CUSTDELIVERY or inventory adjustment - $sql = "SELECT SUM(-qty), SUM(-qty*standard_cost) FROM ".TB_PREF."stock_moves - WHERE stock_id=".db_escape($stock_id)." AND qty < 0 AND - trans_id>='$from' GROUP BY stock_id"; + //Price for GRN and SUPPCREDIT and std_cost for other trans_types + $sql = "SELECT SUM(-qty), SUM(-qty*IF(type=".ST_SUPPRECEIVE." OR type=".ST_SUPPCREDIT.", price, standard_cost)) + FROM ".TB_PREF."stock_moves + WHERE stock_id=".db_escape($stock_id)." AND qty < 0 AND + trans_id>='$from' GROUP BY stock_id"; $result = db_query($sql, "The deliveries could not be updated"); $row = db_fetch_row($result); - - $sql = "SELECT standard_cost FROM ".TB_PREF."stock_moves - WHERE stock_id=".db_escape($stock_id) - ." AND trans_id ='$from'"; - $result = db_query($sql, "The deliveries could not be updated"); - $cost = db_fetch_row($result); - + + $sql = "SELECT IF(type=".ST_SUPPRECEIVE." OR type=".ST_SUPPCREDIT.", price, standard_cost) + FROM ".TB_PREF."stock_moves + WHERE stock_id=".db_escape($stock_id) + ." AND trans_id ='$from'"; + $result = db_query($sql, "The deliveries could not be updated"); + $cost = db_fetch_row($result); + // Adjusting QOH valuation $sql = "SELECT SUM(qty) FROM ".TB_PREF."stock_moves WHERE stock_id=".db_escape($stock_id)." AND @@ -185,7 +188,7 @@ function get_deliveries_from_trans($stock_id, $from) $result = db_query($sql, "The deliveries could not be updated"); $qoh = db_fetch_row($result); - $qty = $row[0] - $qoh[0]; //QOH prior to -ve stock is subtracted + $qty = $row[0] - $qoh[0]; //QOH prior to -ve stock is subtracted $final_cost = $row[1] - $qoh[0]*$cost[0]; return array($qty,$final_cost); @@ -271,7 +274,7 @@ function get_stock_gl_code($stock_id) function handle_negative_inventory($stock_id, $quantity, $standard_cost, $date_) { - //If negative adjustment result in negative or zero inventory + //If negative adjustment result in negative or zero inventory //then difference should be adjusted $qoh = get_qoh_on_date($stock_id); @@ -378,8 +381,10 @@ function get_stock_moves($type, $type_no, $visible=false) function void_stock_move($type, $type_no) { + $sql = "SELECT stock_id, standard_cost, loc_code, tran_date, reference, person_id, visible, discount_percent, price, + sum(qty) qty FROM ".TB_PREF."stock_moves WHERE type=".db_escape($type)." AND trans_no=".db_escape($type_no)." + GROUP BY stock_id, standard_cost, loc_code, tran_date, reference, person_id, visible, discount_percent, price HAVING sum(qty) <> 0"; - $sql = "SELECT * from ".TB_PREF."stock_moves WHERE type=".db_escape($type)." AND trans_no=".db_escape($type_no); $result = db_query($sql, "Could not void stock moves"); while ($row = db_fetch($result)) { @@ -388,7 +393,7 @@ function void_stock_move($type, $type_no) { // The cost has to be adjusted. // Transaction rates are stored either as price or standard_cost depending on types - $types = array(ST_SUPPCREDIT); + $types = array(ST_SUPPCREDIT, ST_SUPPRECEIVE); if (in_array($type,$types)) $trans_rate = $row["price"]; else @@ -397,7 +402,7 @@ function void_stock_move($type, $type_no) update_average_material_cost(0, $row["stock_id"], $trans_rate, -$row["qty"], sql2date($row["tran_date"])); } - + //Post stock move for service items also add_stock_move($type, $row["stock_id"], $type_no, $row["loc_code"], sql2date($row["tran_date"]), $row["reference"], -$row["qty"] diff --git a/includes/errors.inc b/includes/errors.inc index 89aae72f..9b40fa9f 100644 --- a/includes/errors.inc +++ b/includes/errors.inc @@ -117,6 +117,7 @@ function fmt_errors($center=false) { $content = ''; // clean other messages } } + $str = $msg[1]; if (!in_array($msg[0], array(E_USER_NOTICE, E_USER_ERROR, E_USER_WARNING)) && $msg[2] != null) $str .= ' '._('in file').': '.$msg[2].' '._('at line ').$msg[3]; @@ -149,12 +150,16 @@ function error_box() { Helper to avoid sparse log notices. */ function end_flush() { - global $Ajax, $transaction_level; + global $Ajax; if (isset($Ajax)) $Ajax->run(); - // flush all output buffers (works also with exit inside any div levels) - while(ob_get_level()) ob_end_flush(); + + // on some (but not all) php versions zlib extension adds 1 additional level of buffering, + // so flush the last buffer outside the loop to be on safe side + while(ob_get_level() > 1) + ob_end_flush(); + @ob_end_flush(); // if any transaction was aborted unexpectedly rollback changes cancel_transaction(); diff --git a/includes/hooks.inc b/includes/hooks.inc index 080798c2..cd40491b 100644 --- a/includes/hooks.inc +++ b/includes/hooks.inc @@ -262,8 +262,8 @@ function hook_invoke_all($method, &$data, $opts=null) } else if (isset($result)) { $return[] = $result; } + set_ext_domain(); } - set_ext_domain(); return $return; } /* @@ -281,9 +281,9 @@ function hook_invoke_first($method, &$data, $opts=null) $result = $hook->$method($data, $opts); if (isset($result)) break; + set_ext_domain(); } } - set_ext_domain(); return $result; } /* @@ -303,9 +303,9 @@ function hook_invoke_last($method, &$data, $opts=null) $result = $hook->$method($data, $opts); if (isset($result)) break; + set_ext_domain(); } } - set_ext_domain(); return $result; } //------------------------------------------------------------------------------------------ diff --git a/includes/lang/gettext.php b/includes/lang/gettext.php index 178ec3c8..72f24600 100644 --- a/includes/lang/gettext.php +++ b/includes/lang/gettext.php @@ -26,19 +26,19 @@ define('GETTEXT_NATIVE', 1); define('GETTEXT_PHP', 2); function get_text_init($managerType = GETTEXT_NATIVE) { - - if (!isset($_SESSION['get_text'])) { + global $GetText; + if (!isset($GetText)) { if ($managerType == GETTEXT_NATIVE) { if (function_exists('gettext')) { - $_SESSION['get_text'] = new gettext_native_support(); + $GetText = new gettext_native_support(); return; } } // fail back to php support - $_SESSION['get_text'] = new gettext_php_support(); + $GetText = new gettext_php_support(); } } @@ -190,7 +190,7 @@ class gettext_native_support */ function gettext($key) { - $value = $this->_get_translation($key); + $value = $this->_get_translation($key); if ($value === false) { $str = sprintf('Unable to locate gettext key "%s"', $key); //$err = new GetText_Error($str); @@ -320,7 +320,10 @@ class gettext_php_support extends gettext_native_support $this->_jobs[] = array($domain, $path); return; } - + // Don't fill the domains with false data, it increased the error.log + if (strpos($domain, $this->_lang_code) === false) + return; + $err = $this->_load_domain($domain, $path); if ($err != 0) { @@ -357,7 +360,6 @@ class gettext_php_support extends gettext_native_support $d = new gettext_domain(); $d->name = $domain; $d->path = $path; - if (!file_exists($php_domain) || (filemtime($php_domain) < filemtime($src_domain))) { @@ -474,6 +476,7 @@ class gettext_php_support_parser */ function _parse_line($line, $nbr) { + $line = str_replace("\\\"", "'", $line); // Should be inside preg_match, but I couldn't find the solution. This works. if (preg_match('/^\s*?#/', $line)) { return; } if (preg_match('/^\s*?msgid \"(.*?)(?!<\\\)\"/', $line, $m)) { $this->_store_key(); @@ -549,12 +552,21 @@ class gettext_php_support_compiler Set current gettext domain path */ function set_ext_domain($path='') { - global $path_to_root; + global $path_to_root, $GetText; + static $domain_stack = array(''); + + if ($path) // save path on domain stack + array_unshift($domain_stack, $path); + else + { + array_shift($domain_stack); + $path = $domain_stack[0]; + } $lang_path = $path_to_root . ($path ? '/' : '') .$path.'/lang'; - // ignore change when extension does not provide translation structure - if (file_exists($lang_path)) - $_SESSION['get_text']->add_domain($_SESSION['language']->code, + // ignore change when extension does not provide translation structure and test for valid gettext. + if (file_exists($lang_path) && isset($GetText)) + $GetText->add_domain($_SESSION['language']->code, $lang_path, $path ? '' : $_SESSION['language']->version); } ?> diff --git a/includes/lang/language.php b/includes/lang/language.php index ea428fca..5b050925 100644 --- a/includes/lang/language.php +++ b/includes/lang/language.php @@ -48,7 +48,7 @@ class language function set_language($code) { - global $path_to_root, $installed_languages; + global $path_to_root, $installed_languages, $GetText; $lang = array_search_value($code, $installed_languages, 'code'); $changed = $this->code != $code || $this->version != @$lang['version']; @@ -67,8 +67,8 @@ class language $this->is_locale_file = file_exists($locale); } - $_SESSION['get_text']->set_language($this->code, $this->encoding); - $_SESSION['get_text']->add_domain($this->code, $path_to_root . "/lang", $this->version); + $GetText->set_language($this->code, $this->encoding); + $GetText->add_domain($this->code, $path_to_root . "/lang", $this->version); // Necessary for ajax calls. Due to bug in php 4.3.10 for this // version set globally in php.ini @@ -79,16 +79,15 @@ class language } } -function _set($key,$value) -{ - $_SESSION['get_text']->set_var($key,$value); -} - if (!function_exists("_")) { function _($text) { - $retVal = $_SESSION['get_text']->gettext($text); + global $GetText; + if (!isset($GetText)) // Don't allow using gettext if not is net. + return $text; + + $retVal = $GetText->gettext($text); if ($retVal == "") return $text; return $retVal; diff --git a/includes/main.inc b/includes/main.inc index 161911c6..8f2b3c33 100644 --- a/includes/main.inc +++ b/includes/main.inc @@ -46,16 +46,16 @@ function page($title, $no_menu=false, $is_index=false, $onload="", $js="", $scri } } -function end_page($no_menu=false, $is_index=false, $hide_back_link=false, $type_no=0, $trans_no=0) +function end_page($no_menu=false, $is_index=false, $final_screen=false, $type_no=0, $trans_no=0) { global $path_to_root; - if (!$is_index && !$hide_back_link && function_exists('hyperlink_back')) - hyperlink_back(true, $no_menu, $type_no, $trans_no); + if (!$is_index && function_exists('hyperlink_back')) + hyperlink_back(true, $no_menu, $type_no, $trans_no, $final_screen); div_end(); // end of _page_body section include($path_to_root . "/includes/page/footer.inc"); - page_footer($no_menu, $is_index, $hide_back_link); + page_footer($no_menu, $is_index); } function cache_js_file($fpath, $text) diff --git a/includes/packages.inc b/includes/packages.inc index 6e97e7d1..38854311 100644 --- a/includes/packages.inc +++ b/includes/packages.inc @@ -289,9 +289,13 @@ function get_pkg_or_list($type = null, $pkgname = null, $filter=array(), $outkey $data = file_get_contents($loclist); $cert = file_get_contents(PUBKEY_PATH.'/FA.pem'); if (!openssl_verify($data, $sig, $cert)) { - if ($refresh) - @unlink($loclist); - else { + if ($refresh) { + if (!@unlink($loclist)) + { + display_error(sprintf(_("Cannot delete outdated '%s' file."), $loclist)); + return null; + } + } else { display_error(_('Release file in repository is invalid, or public key is outdated.')); return null; } @@ -319,9 +323,12 @@ function get_pkg_or_list($type = null, $pkgname = null, $filter=array(), $outkey $refresh = false; } if ($parms['SHA1sum'] != sha1_file($locindex)) { // check subdir index consistency - if ($refresh) - @unlink($locindex); - else { + if ($refresh) { + if (!@unlink($locindex)) { + display_error(sprintf(_("Cannot delete outdated '%s' file."), $locindex)); + return null; + } + } else { display_error(sprintf( _("Security alert: broken index file in repository '%s'. Please inform repository administrator about this issue."), $fname)); return null; diff --git a/includes/page/footer.inc b/includes/page/footer.inc index 68f76f35..633a0fb7 100644 --- a/includes/page/footer.inc +++ b/includes/page/footer.inc @@ -9,7 +9,7 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the License here . ***********************************************************************/ -function page_footer($no_menu=false, $is_index=false, $hide_back_link=false) +function page_footer($no_menu=false, $is_index=false) { global $path_to_root, $js_lib, $Validate, $Editors, $Ajax, $sql_queries; diff --git a/includes/session.inc b/includes/session.inc index 1208cf35..592d4644 100644 --- a/includes/session.inc +++ b/includes/session.inc @@ -9,6 +9,99 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the License here . ***********************************************************************/ + +class SessionManager +{ + function sessionStart($name, $limit = 0, $path = '/', $domain = null, $secure = null) + { + // Set the cookie name + session_name($name); + + // Set SSL level + $https = isset($secure) ? $secure : isset($_SERVER['HTTPS']); + + // Set session cookie options + session_set_cookie_params($limit, $path, $domain, $https, true); + session_start(); + + // Make sure the session hasn't expired, and destroy it if it has + if ($this->validateSession()) + { + // Check to see if the session is new or a hijacking attempt + if(!$this->preventHijacking()) + { + // Reset session data and regenerate id + $_SESSION = array(); + $_SESSION['IPaddress'] = $_SERVER['REMOTE_ADDR']; + $_SESSION['userAgent'] = $_SERVER['HTTP_USER_AGENT']; + $this->regenerateSession(); + + // Give a 5% chance of the session id changing on any request + } + elseif (rand(1, 100) <= 5) + { + $this->regenerateSession(); + } + } + else + { + $_SESSION = array(); + session_destroy(); + session_start(); + } + } + + function preventHijacking() + { + if (!isset($_SESSION['IPaddress']) || !isset($_SESSION['userAgent'])) + return false; + + if ($_SESSION['IPaddress'] != $_SERVER['REMOTE_ADDR']) + return false; + + if ( $_SESSION['userAgent'] != $_SERVER['HTTP_USER_AGENT']) + return false; + + return true; + } + + function regenerateSession() + { + // If this session is obsolete it means there already is a new id + if (isset($_SESSION['OBSOLETE']) && ($_SESSION['OBSOLETE'] == true)) + return; + + // Set current session to expire in 10 seconds + $_SESSION['OBSOLETE'] = true; + $_SESSION['EXPIRES'] = time() + 10; + + // Create new session without destroying the old one + session_regenerate_id(); + + // Grab current session ID and close both sessions to allow other scripts to use them + $newSession = session_id(); + session_write_close(); + // Set session ID to the new one, and start it back up again + + session_id($newSession); + session_start(); + + // Now we unset the obsolete and expiration values for the session we want to keep + unset($_SESSION['OBSOLETE']); + unset($_SESSION['EXPIRES']); + } + + function validateSession() + { + if (isset($_SESSION['OBSOLETE']) && !isset($_SESSION['EXPIRES']) ) + return false; + + if (isset($_SESSION['EXPIRES']) && $_SESSION['EXPIRES'] < time()) + return false; + + return true; + } +} function output_html($text) { global $before_box, $Ajax, $messages; @@ -68,7 +161,7 @@ function check_page_security($page_security) if ($msg){ display_error($msg); - end_page(); + end_page(@$_REQUEST['popup']); kill_login(); exit; } @@ -80,7 +173,7 @@ function check_page_security($page_security) echo _("The security settings on your account do not permit you to access this function"); echo ""; echo "



"; - end_page(); + end_page(@$_REQUEST['popup']); exit; } if (!$_SESSION['SysPrefs']->db_ok @@ -191,22 +284,19 @@ foreach ($installed_extensions as $ext) include_once($path_to_root.'/'.$ext['path'].'/hooks.php'); } - /* Uncomment the setting below when using FA on shared hosting to avoid unexpeced session timeouts. Make sure this directory exists and is writable! */ -//ini_set('session.save_path', dirname(__FILE__).'/../tmp/'); +// ini_set('session.save_path', dirname(__FILE__).'/../tmp/'); ini_set('session.gc_maxlifetime', 36000); // 10hrs hook_session_start(@$_POST["company_login_name"]); -session_name('FA'.md5(dirname(__FILE__))); - -session_start(); -session_regenerate_id(); +$Session_manager = new SessionManager(); +$Session_manager->sessionStart('FA'.md5(dirname(__FILE__))); // this is to fix the "back-do-you-want-to-refresh" issue - thanx PHPFreaks header("Cache-control: private"); @@ -308,5 +398,3 @@ $SysPrefs = &$_SESSION['SysPrefs']; // POST vars cleanup needed for direct reuse. // We quote all values later with db_escape() before db update. $_POST = strip_quotes($_POST); - -?> \ No newline at end of file diff --git a/includes/sysnames.inc b/includes/sysnames.inc index c14cccd6..7c296ad9 100644 --- a/includes/sysnames.inc +++ b/includes/sysnames.inc @@ -182,7 +182,6 @@ $pterm_types = array( PTT_DAYS => _("After No. of Days"), PTT_FOLLOWING => _("Day In Following Month") ); -//---------------------------------------------------------------------------------- $tax_algorithms = array( TCA_LINES => _("Sum per line taxes"), diff --git a/includes/system_tests.inc b/includes/system_tests.inc index 798ef677..46cb9ac5 100644 --- a/includes/system_tests.inc +++ b/includes/system_tests.inc @@ -228,8 +228,8 @@ function tst_tmpdir() function tst_langs($install) { - global $installed_languages, $path_to_root; - + global $installed_languages, $path_to_root, $GetText; + $test['descr'] = _('Language configuration consistency'); $test['type'] = 3; $test['result'] = true; @@ -269,7 +269,7 @@ function tst_langs($install) $test['result'] = false; $test['comments'][] = sprintf( _('Missing %s translation file.'), $file); } - if (!$_SESSION['get_text']->check_support($lang['code'], $lang['encoding'])) + if (!$GetText->check_support($lang['code'], $lang['encoding'])) { $test['result'] = false; $test['comments'][] = sprintf(_('Missing system locale: %s'), $lang['code'].".".$lang['encoding']); diff --git a/includes/ui/ui_controls.inc b/includes/ui/ui_controls.inc index fa4f62d7..d2e094ae 100644 --- a/includes/ui/ui_controls.inc +++ b/includes/ui/ui_controls.inc @@ -166,7 +166,7 @@ function access_string($label, $clean=false) return $clean ? $label : array($label, $access); } -function hyperlink_back($center=true, $no_menu=true, $type_no=0, $trans_no=0) +function hyperlink_back($center=true, $no_menu=true, $type_no=0, $trans_no=0, $final=false) { global $path_to_root; @@ -186,8 +186,8 @@ function hyperlink_back($center=true, $no_menu=true, $type_no=0, $trans_no=0) if ($id != 0) echo ""._("View Attachment")."\n"; echo ""._("Print")."\n"; - } - echo "".($no_menu ? _("Close") : _("Back"))."\n"; + } + echo "".($no_menu ? _("Close") : _("Back"))."\n"; end_row(); end_table(); if ($center) diff --git a/includes/ui/ui_input.inc b/includes/ui/ui_input.inc index 9048cac4..e252c8b1 100644 --- a/includes/ui/ui_input.inc +++ b/includes/ui/ui_input.inc @@ -112,6 +112,7 @@ function hidden($name, $value=null, $echo=true) 'selector' - ditto with closing current popup editor window 'cancel' - cancel form entry on Escape press; dflt ICON_CANCEL 'process' - displays progress bar during call; optional icon + 'nonajax' - ditto, non-ajax submit $atype can contain also multiply type selectors separated by space, however make sense only combination of 'process' and one of defualt/selector/cancel @@ -141,6 +142,9 @@ function submit($name, $value, $echo=true, $title=false, $atype=false, $icon=fal case 'cancel': if ($icon===false) $icon=ICON_ESCAPE; break; + + case 'nonajax': + $atype = false; } } } @@ -379,7 +383,10 @@ function check_row($label, $name, $value=null, $submit_on_change=false, $title=f } //----------------------------------------------------------------------------------- -function radio($label, $name, $value, $selected, $submit_on_change=false) { +function radio($label, $name, $value, $selected=null, $submit_on_change=false) +{ + if (!isset($selected)) + $selected = get_post($name) == $value; if ($submit_on_change === true) $submit_on_change = @@ -954,7 +961,7 @@ function edit_trans_link($trans_type, $trans_no, $url='') function bank_balance_row($bank_acc, $parms='') { global $path_to_root; - + $to = add_days(Today(), 1); $bal = get_balance_before_for_bank_account($bank_acc, $to); label_row( _("Bank Balance:"), diff --git a/includes/ui/ui_lists.inc b/includes/ui/ui_lists.inc index 12926903..e85e3899 100644 --- a/includes/ui/ui_lists.inc +++ b/includes/ui/ui_lists.inc @@ -417,6 +417,21 @@ function _format_add_curr($row) '' : (" - " . $row[2])); } +function add_edit_combo($type) +{ + global $path_to_root, $popup_editors, $use_icon_for_editkey; + + if (!isset($use_icon_for_editkey) || $use_icon_for_editkey==0) + return ""; + // Derive theme path + $theme_path = $path_to_root . '/themes/' . user_theme(); + + $key = $popup_editors[$type][1]; + $onclick = "onclick=\"javascript:callEditor($key); return false;\""; + $img = "Add/Edit"; + return "$img"; +} + function supplier_list($name, $selected_id=null, $spec_option=false, $submit_on_change=false, $all=false, $editkey = false) { @@ -428,8 +443,8 @@ function supplier_list($name, $selected_id=null, $spec_option=false, $submit_on_ if ($editkey) set_editor('supplier', $name, $editkey); - - return combo_input($name, $selected_id, $sql, 'supplier_id', 'supp_name', + + $ret = combo_input($name, $selected_id, $sql, 'supplier_id', 'supp_name', array( 'format' => '_format_add_curr', 'order' => array('supp_ref'), @@ -443,6 +458,9 @@ function supplier_list($name, $selected_id=null, $spec_option=false, $submit_on_ _('Select supplier'), 'show_inactive'=>$all )); + if ($editkey) + $ret .= add_edit_combo('supplier'); + return $ret; } function supplier_list_cells($label, $name, $selected_id=null, $all_option=false, @@ -477,7 +495,7 @@ function customer_list($name, $selected_id=null, $spec_option=false, $submit_on_ if ($editkey) set_editor('customer', $name, $editkey); - return combo_input($name, $selected_id, $sql, 'debtor_no', 'debtor_ref', + $ret = combo_input($name, $selected_id, $sql, 'debtor_no', 'debtor_ref', array( 'format' => '_format_add_curr', 'order' => array('debtor_ref'), @@ -492,6 +510,9 @@ function customer_list($name, $selected_id=null, $spec_option=false, $submit_on_ _('Select customer'), 'show_inactive' => $show_inactive ) ); + if ($editkey) + $ret .= add_edit_combo('customer'); + return $ret; } function customer_list_cells($label, $name, $selected_id=null, $all_option=false, @@ -508,6 +529,7 @@ function customer_list_cells($label, $name, $selected_id=null, $all_option=false function customer_list_row($label, $name, $selected_id=null, $all_option = false, $submit_on_change=false, $show_inactive=false, $editkey = false) { + echo "$label"; echo customer_list($name, $selected_id, $all_option, $submit_on_change, $show_inactive, $editkey); @@ -528,7 +550,7 @@ function customer_branches_list($customer_id, $name, $selected_id=null, set_editor('branch', $name, $editkey); $where = $enabled ? array("disable_trans = 0") : array(); - return combo_input($name, $selected_id, $sql, 'branch_code', 'branch_ref', + $ret = combo_input($name, $selected_id, $sql, 'branch_code', 'branch_ref', array( 'where' => $where, 'order' => array('branch_ref'), @@ -537,6 +559,11 @@ function customer_branches_list($customer_id, $name, $selected_id=null, 'select_submit'=> $submit_on_change, 'sel_hint' => _('Select customer branch') ) ); + if ($editkey) + { + $ret .= add_edit_combo('branch'); + } + return $ret; } //------------------------------------------------------------------------------------------------ @@ -718,7 +745,7 @@ function stock_items_list($name, $selected_id=null, $all_option=false, if ($editkey) set_editor('item', $name, $editkey); - return combo_input($name, $selected_id, $sql, 'stock_id', 's.description', + $ret = combo_input($name, $selected_id, $sql, 'stock_id', 's.description', array_merge( array( 'format' => '_format_stock_items', @@ -732,6 +759,9 @@ function stock_items_list($name, $selected_id=null, $all_option=false, 'category' => 2, 'order' => array('c.description','stock_id') ), $opts) ); + if ($editkey) + $ret .= add_edit_combo('item'); + return $ret; } function _format_stock_items($row) @@ -2419,4 +2449,3 @@ function subledger_list_row($label, $name, $selected_id=null, $all_option = fals echo subledger_list($name, $account, $selected_id); echo "\n\n"; } - diff --git a/includes/ui/ui_view.inc b/includes/ui/ui_view.inc index 3f27641b..938f0a33 100644 --- a/includes/ui/ui_view.inc +++ b/includes/ui/ui_view.inc @@ -50,7 +50,7 @@ function get_gl_view_str($type, $trans_no, $label="", $force=false, $class='', $ { $label = _("GL"); $icon = ICON_GL; - } + } $url = ($type == ST_WORKORDER && !work_order_is_closed($trans_no)) ? "manufacturing/view/wo_costs_view.php?trans_no=$trans_no" : "gl/view/gl_trans_view.php?type_id=$type&trans_no=$trans_no"; @@ -586,9 +586,9 @@ function display_quick_entries(&$cart, $id, $base, $type, $descr='') $begin = ""; else $begin = begin_fiscalyear(); // from fiscalyear begin - } + } $base = get_gl_trans_from_to($begin, $cart->tran_date, $qe['base_desc']); - + } if ($descr != '') $qe['description'] .= ': '.$descr; $result = get_quick_entry_lines($id); @@ -734,10 +734,10 @@ function _number_to_words($number) $ones = array("", "One", "Two", "Three", "Four", "Five", "Six", "Seven", "Eight", "Nine", "Ten", "Eleven", "Twelve", "Thirteen", - "Fourteen", "Fifteen", "Sixteen", "Seventeen", "Eightteen", + "Fourteen", "Fifteen", "Sixteen", "Seventeen", "Eighteen", "Nineteen"); $tens = array("", "", "Twenty", "Thirty", "Fourty", "Fifty", "Sixty", - "Seventy", "Eigthy", "Ninety"); + "Seventy", "Eighty", "Ninety"); if ($Dn || $n) { @@ -773,16 +773,16 @@ function price_in_words($amount, $document=0) $dec = user_price_dec(); if ($dec > 0) { - $divisor = pow(10, $dec); - $frac = round2($amount - floor($amount), $dec) * $divisor; - $frac = sprintf("%0{$dec}d", $frac); + $divisor = pow(10, $dec); + $frac = round2($amount - floor($amount), $dec) * $divisor; + $frac = sprintf("%0{$dec}d", round2($frac, 0)); $and = _("and"); $frac = " $and $frac/$divisor"; } else $frac = ""; return _number_to_words(intval($amount)) . $frac; -} +} function get_js_open_window($width, $height) { diff --git a/install/index.php b/install/index.php index 52adfbef..fc27f030 100644 --- a/install/index.php +++ b/install/index.php @@ -23,7 +23,8 @@ include($path_to_root . "/includes/ui.inc"); include($path_to_root . "/includes/system_tests.inc"); include($path_to_root . "/admin/db/maintenance_db.inc"); include($path_to_root . "/includes/packages.inc"); -@include($path_to_root . "/installed_extensions.php"); +if (file_exists($path_to_root . "/installed_extensions.php")) + include($path_to_root . "/installed_extensions.php"); //------------------------------------------------------------------------------------------------- function subpage_title($txt) @@ -173,11 +174,10 @@ function do_install() { return false; } // update default language - include_once($path_to_root . "/lang/installed_languages.inc"); + if (file_exists($path_to_root . "/lang/installed_languages.inc")) + include_once($path_to_root . "/lang/installed_languages.inc"); $dflt_lang = $_POST['lang']; write_lang(); - if (!isset($installed_extensions)) - update_extensions(array()); return true; } return false; @@ -262,11 +262,11 @@ elseif(get_post('install_coas')) $ret &= install_extension($package); } if ($ret) { - @include($path_to_root.'/installed_extensions.php'); + if (file_exists($path_to_root . '/installed_extensions.php')) + include($path_to_root.'/installed_extensions.php'); $_POST['Page'] = 5; } -} -elseif (isset($_POST['set_admin'])) { +} elseif (isset($_POST['set_admin'])) { // check company settings if (get_post('name')=='') { display_error(_('Company name cannot be empty.')); @@ -371,6 +371,11 @@ start_form(); $_POST[$name] = $val; set_focus('name'); } + if (!isset($installed_extensions)) { + $installed_extensions = array(); + update_extensions($installed_extensions); + } + subpage_title(_('Company Settings')); start_table(TABLESTYLE); text_row_ex(_("Company Name:"), 'name', 30); diff --git a/install/isession.inc b/install/isession.inc index 77540a76..25a5519c 100644 --- a/install/isession.inc +++ b/install/isession.inc @@ -93,7 +93,7 @@ $Ajax = new Ajax(); get_text_init(); $i_lang = isset($_POST['inst_lang']) ? $_POST['inst_lang'] : - (isset($_SESSION['inst_set']['inst_lang']) ? $_SESSION['inst_set']['inst_lang'] : 'C'); + (isset($_SESSION['inst_set']['inst_lang']) ? $_SESSION['inst_set']['inst_lang'] : array('C')); // Page Initialisation if (!isset($_SESSION['language']) || !method_exists($_SESSION['language'], 'set_language') @@ -103,9 +103,11 @@ if (!isset($_SESSION['language']) || !method_exists($_SESSION['language'], 'set_ $_SESSION['language'] = new language($l['name'], $l['code'], $l['encoding'], isset($l['rtl']) ? 'rtl' : 'ltr'); } +if (!isset($installed_languages)) + $installed_languages = array(); $_SESSION['language']->set_language($_SESSION['language']->code); -$_SESSION['get_text']->add_domain( $_SESSION['language']->code, $path_to_root."/install/lang"); +$GetText->add_domain( $_SESSION['language']->code, $path_to_root."/install/lang"); include_once($path_to_root . "/version.php"); include_once($path_to_root . "/includes/main.inc"); -- 2.30.2