From 8864b1ec0fd3321e510511ef22614bc36845540e Mon Sep 17 00:00:00 2001
From: Janusz Dobrowolski <janusz@frontaccounting.eu>
Date: Thu, 30 Apr 2009 16:18:25 +0000
Subject: [PATCH] Merged changes in main branch up to v.2.1.2

---
 CHANGELOG.txt                          |  62 +++++
 access/login.php                       |   2 +-
 admin/backups.php                      | 323 ++++++++++---------------
 admin/db/maintenance_db.inc            |  35 ++-
 includes/JsHttpRequest.php             |  69 ++++--
 includes/current_user.inc              |   7 +-
 includes/page/footer.inc               |  10 +-
 includes/page/header.inc               |  11 +-
 includes/ui/ui_controls.inc            |   9 +-
 includes/ui/ui_input.inc               |   5 +
 includes/ui/ui_lists.inc               |   2 +-
 includes/ui/ui_view.inc                |  14 +-
 js/JsHttpRequest.js                    |   9 +-
 js/inserts.js                          |  61 +++--
 js/utils.js                            |  48 +++-
 purchasing/includes/db/po_db.inc       |   2 +-
 purchasing/includes/ui/invoice_ui.inc  |   5 +-
 purchasing/manage/suppliers.php        |   2 +-
 purchasing/supplier_invoice.php        |  14 +-
 reporting/includes/header2.inc         |   1 +
 reporting/includes/pdf_report.inc      |  18 +-
 sales/manage/customers.php             |  12 +-
 sales/sales_order_entry.php            |   9 +-
 themes/aqua/images/ajax-loader2.gif    | Bin 0 -> 847 bytes
 themes/aqua/images/progressbar.gif     | Bin 3238 -> 3063 bytes
 themes/aqua/images/warning.png         | Bin 0 -> 644 bytes
 themes/cool/images/ajax-loader2.gif    | Bin 0 -> 847 bytes
 themes/cool/images/progressbar.gif     | Bin 3238 -> 3063 bytes
 themes/cool/images/warning.png         | Bin 0 -> 644 bytes
 themes/default/images/ajax-loader2.gif | Bin 0 -> 847 bytes
 themes/default/images/progressbar.gif  | Bin 3238 -> 3063 bytes
 themes/default/images/warning.png      | Bin 0 -> 644 bytes
 32 files changed, 395 insertions(+), 335 deletions(-)
 create mode 100644 themes/aqua/images/ajax-loader2.gif
 create mode 100644 themes/aqua/images/warning.png
 create mode 100644 themes/cool/images/ajax-loader2.gif
 create mode 100644 themes/cool/images/warning.png
 create mode 100644 themes/default/images/ajax-loader2.gif
 create mode 100644 themes/default/images/warning.png

diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index 513105be..75df47c1 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -19,6 +19,9 @@ Legend:
 ! -> Note
 $ -> Affected files
 
+30-Apr-2009 Janusz Dobrowolski
+! Merged changes from main trunk  2.1.1-2.1.2 (see below)
+
 30-Apr-2009 Janusz Dobrowolski
 # Small layout fixes 
 $ /includes/errors.inc
@@ -355,6 +358,65 @@ $ /.htaccess
   /sales/inquiry/sales_deliveries_view.php
   /sales/inquiry/sales_orders_view.php
 
+------------------------------- Release 2.1.2 ----------------------------------
+30-Apr-2009 Joe Hunt
+! Release 2.1.2
+$ config.php
+
+22-Apr-2009 Joe Hunt
+! Changed the text 'Supplier Account No' to 'Our Customer No' in Supplier form
+$ /purchasing/manage/suppliers.php
+
+20-Apr-2009 Janusz Dobrowolski
+# Rewritten backup manager, fixed progressbar bug.
+$ /admin/backups.php
+# Fixed bug in zipped sql file restore.
+$ /admin/db/maintenance_db.inc
+! JsHttpRequest class updated to latest version.
+$ /includes/JsHttpRequest.php
+  /js/JsHttpRequest.js
+! Added optional parameter in vertical_space()
+$ /includes/ui/ui_controls.inc
++ Helper for javascript confirm dialogs added.
+$ /includes/ui/ui_input.inc
+! Client side confirm dialog added for destructive submits.
+$ /purchasing/supplier_invoice.php
+  /purchasing/includes/ui/invoice_ui.inc
+  /sales/sales_order_entry.php
++ Added retry after timeout on unreliable ajax connections. Preparation for client-side javascript checks.
+$ /includes/current_user.inc
+  /includes/page/footer.inc
+  /includes/page/header.inc
+  /includes/ui/ui_view.inc
+  /access/login.php
+  /js/inserts.js
+  /js/utils.js
+  /themes/aqua/images/progressbar.gif
+  /themes/cool/images/progressbar.gif
+  /themes/default/images/progressbar.gif
+  /themes/default/images/ajax-loader2.gif (new)
+  /themes/default/images/warning.png (new)
+  /themes/aqua/images/ajax-loader2.gif (new)
+  /themes/aqua/images/warning.png (new)
+  /themes/cool/images/ajax-loader2.gif (new)
+  /themes/cool/images/warning.png (new)
+# Fixed supplier uom retrieval.
+$ /purchasing/includes/db/po_db.inc
+
+04-Apr-2009 Janusz Dobrowolski
+# Paper format defaults to A4 for unknown specifiers.
+$ /reporting/includes/pdf_report.inc
+# Sealing sql statements.
+$ /sales/manage/customers.php
+
+01-Apr-2009 Janusz Dobrowolski
+# Fixed document mailing.
+$ /reporting/includes/pdf_report.inc
+# Fixed focus javascript error on lists.
+$ /includes/ui/ui_lists.inc
+# Fixed report links hotkey selection
+$ /js/inserts.js
+
 ------------------------------- Release 2.1.1 ----------------------------------
 30-Mar-2009 Janusz Dobrowolski
 # Fixed display of unsufficient quantities in sales docs.
diff --git a/access/login.php b/access/login.php
index 295fd537..faad0806 100644
--- a/access/login.php
+++ b/access/login.php
@@ -28,7 +28,7 @@
 ?>
 <html>
 <head>
-<?php echo get_js_png_fix(); ?>
+<?php echo '<script>'.get_js_png_fix().'</script>'; ?>
 <script type="text/javascript">
 function defaultCompany()
 {
diff --git a/admin/backups.php b/admin/backups.php
index 46442458..cfc54c7f 100644
--- a/admin/backups.php
+++ b/admin/backups.php
@@ -16,179 +16,19 @@ include_once($path_to_root . "/includes/session.inc");
 include_once($path_to_root . "/includes/ui.inc");
 include_once($path_to_root . "/admin/db/maintenance_db.inc");
 
-$valid_paths = valid_paths();
-//$valid_paths = '';
-if ($valid_paths != "")
-{
-	page(_("Backup and Restore Database - Error"));
-	display_error (_("Backup paths have not been set correctly.") ."&nbsp;&nbsp;&nbsp;" . _("Please contact System Administrator.") . "<br>" .$valid_paths);
-	end_page();
-	exit;
-}
-
-$db_name = $_SESSION["wa_current_user"]->company;
-handle_form($db_connections[$db_name]);
-
-page(_("Backup and Restore Database"), false, false, '', '', true);
-
-//-------------------------------------------------------------------------------
-start_form(true);
-
-$cmb = get_backup_file_combo();
-$compr = get_compr_combo();
-
-echo "
-	<script language='javascript'>
-	function createBackup() {
-		progbar();
-		ext = document.forms[0].cmb_comp.options[document.forms[0].cmb_comp.selectedIndex].value
-		comm = document.forms[0].comments.value
-		document.location.replace('backups.php?c=g&comp='+ext+'&comm='+comm)
-	}
-	function restoreBackup() {
-		progbar();
-		pFilename = document.forms[0].cmb_backups.options[document.forms[0].cmb_backups.selectedIndex].value
-		document.location.replace('backups.php?c=r&fn='+pFilename)
-	}
-	function viewBackup() {
-		pFilename = document.forms[0].cmb_backups.options[document.forms[0].cmb_backups.selectedIndex].value
-		var ext = pFilename.substr(pFilename.lastIndexOf('.') + 1)
-		if (ext != 'sql') {
-			alert('" . _('This extension can not be be viewed: ') . "' + ext)
-			return
-		}
-		window.open('" . BACKUP_PATH . "'+pFilename, '', 'toolbar=no,scrollbars=yes')
-	}
-	function deleteBackup() {
-		pFilename = document.forms[0].cmb_backups.options[document.forms[0].cmb_backups.selectedIndex].value
-		if (!confirm('" . _("Are you sure you want to delete the backup file - ") . "'+pFilename+'?'))
-			return
-		document.location.replace('backups.php?c=df&fn='+pFilename)
-	}
-	function downloadBackup() {
-		pFilename = document.forms[0].cmb_backups.options[document.forms[0].cmb_backups.selectedIndex].value
-		document.location.replace('backups.php?c=ds&fn='+pFilename)
-		Behaviour.apply();
-	}
-	function uploadBackup() {
-		if (document.forms[0].uploadfile.value=='') {
-			alert('" . _("Please select a file to upload.") . "')
-			return
-		}
-		progbar();
-		document.forms[0].action='backups.php?c=u&fn=' + document.forms[0].uploadfile.value
-		document.forms[0].submit()
-	}
-	</script>
-	<center>
-	<table cellpadding=2 cellspacing=2 border=0>
-	<tr>
-		<td style='padding-right:30px'>" . _("Backup scripts") . "</td>
-	</tr>
-	<tr>
-		<td style='padding-right:30px'>$cmb</td>
-		<script language='javascript'>
-			if (document.forms[0].cmb_backups.options.length!=0) document.forms[0].cmb_backups.selectedIndex=0
-		</script>
-		<td>
-			<table height=160 cellpadding=0 cellspacing=0 border=0>
-			<tr><td><input onclick='javascript:createBackup()' type='button' style='width:150px' value='". _("Create Backup") . "'></td><td style='padding-left:20px'>" . _("Compression") . "&nbsp;&nbsp;$compr</td></tr>
-			<tr><td><input onclick='javascript:restoreBackup()' type='button' style='width:150px' value='". _("Restore Backup") . "'></td><td>&nbsp;</td></tr>
-			<tr><td><input onclick='javascript:viewBackup()' type='button' style='width:150px' value='". _("View Backup") . "'></td><td>&nbsp;</td></tr>
-			<tr><td><input onclick='javascript:deleteBackup()' type='button' style='width:150px' value='". _("Delete Backup") . "'></td><td>&nbsp;</td></tr>
-			<tr><td><input onclick='javascript:downloadBackup()' type='button' style='width:150px' value='". _("Download Backup") . "'></td><td>&nbsp;</td></tr>
-			<tr><td><input onclick='javascript:uploadBackup()' type='button' style='width:150px' value='". _("Upload Backup"). "'></td>
-				<td style='padding-left:20px'><input name='uploadfile' type='file'></td>
-			</tr>
-			</table>
-		</td>
-	</tr>
-	<tr>
-		<td style='padding-right:30px'>" . _("Comments") . " (" . _("Create Backup") . ")</td>
-	</tr>
-	<tr>
-		<td style='padding-right:30px'><textarea rows=4 cols=30 name='comments'></textarea></td>
-	</tr>
-	</table></center>";
-
-end_form();
-
-//-------------------------------------------------------------------------------------------------
-
-end_page();
+page(_("Backup and Restore Database"), false, false, '', '');
 
+check_paths();
 
-function handle_form($conn)
+function check_paths()
 {
-if(isset($_GET['c']))
-	switch($_GET['c'])
-	{
-		case 'g':	//Generate Only
-			$filename = generate_backup($conn, $_GET['comp'], $_GET['comm']);
-			header("Location: backups.php?c=gs&fn=" . urlencode($filename));
-			break;
-
-		case 'gd':	//Generate and download
-			$filename = generate_backup($conn);
-			header("Location: backups.php?c=ds&fn=" . urlencode($filename));
-			break;
-
-		case 'd':	//Download the file
-			download_file(BACKUP_PATH . $_GET['fn']);
-			exit;
-
-		case 'df':	//Delete the file
-			$filename = $_GET['fn'];
-			@unlink(BACKUP_PATH . $filename);
-			header("Location: backups.php?c=dff&fn=" . urlencode($filename));
-			break;
-
-		case 'dff':
-			$msg = _("File successfully deleted.")." ";
-			$msg .= _("Filename") . " = " . $_GET['fn'];
-			display_notification($msg);
-			break;
-
-		case 'ds':	//Write JS script to open download window
-			$filename = urlencode($_GET['fn']);
-			display_notification(_("Backup is being downloaded..."));
-			
-			add_js_source("<script language='javascript'>
-			function download_file() {location.href ='backups.php?c=d&fn=$filename'}; 
-				Behaviour.addLoadEvent(download_file);
-			</script>");
-			break;
-
-		case 'gs':	//Print backup success message
-			$msg = _("Backup successfully generated."). ' ';
-			$msg .= _("Filename") . " = " . $_GET['fn'];
-			display_notification($msg);
-			break;
-
-		case 'r':	//Restore backup
-			$filename=$_GET['fn'];
-			if( restore_backup(BACKUP_PATH . $filename, $conn) )
-				header("Location: backups.php?c=rs&fn=" . urlencode($filename));
-			break;
-
-		case 'rs':	//Print restore success message
-			display_notification(_("Restore backup completed."));
-			break;
-
-		case 'u':
-			$filename = $_FILES['uploadfile']['tmp_name'];
-			if (is_uploaded_file ($filename))
-			{
-				if( restore_backup($filename, $conn) )
-					display_notification(_("Uploaded file has been restored."));
-				else
-					display_error(_("Database restore failed."));
-			}
-			else
-			{
-				display_error(_("Backup was not uploaded into the system."));
-			}
-		}
+	if (!file_exists(BACKUP_PATH)) {
+		display_error (_("Backup paths have not been set correctly.") 
+			._("Please contact System Administrator.")."<br>" 
+			. _("cannot find backup directory") . " - " . BACKUP_PATH . "<br>");
+		end_page();
+		exit;
+	}
 }
 
 function generate_backup($conn, $ext='no', $comm='')
@@ -199,18 +39,20 @@ function generate_backup($conn, $ext='no', $comm='')
 		$filename = $conn['dbname'] . "_" . date("Ymd_Hi") . ".sql";
 
 	$filename = db_export($conn, $filename, $ext, $comm);
-
+	if ($filename)
+		display_notification(_("Backup successfully generated."). ' '
+			. _("Filename") . ": " . $filename);
+	else
+		display_error(_("Database backup failed."));
+	
 	return $filename;
 }
 
-function restore_backup($filename, $conn)
-{
-	return db_import($filename, $conn);
-}
 
 function get_backup_file_combo()
 {
-	global $path_to_root;
+	global $path_to_root, $Ajax;
+	
 	$ar_files = array();
     default_focus('cmb_backups');
     $dh = opendir(BACKUP_PATH);
@@ -221,26 +63,29 @@ function get_backup_file_combo()
     rsort($ar_files);
 	$opt_files = "";
     foreach ($ar_files as $file)
-    	if (strpos($file, ".sql") || strpos($file, ".sql"))
+		if (preg_match("/.sql(.zip|.gz)?$/", $file))
     		$opt_files .= "<option value='$file'>$file</option>";
 
-	return "<select name='cmb_backups' size=2 style='height:160px;width:230px'>$opt_files</select>";
+	$selector = "<select name='cmb_backups' size=2 style='height:160px;width:230px'>$opt_files</select>";
+
+	$Ajax->addUpdate('cmd_backups', "_cmd_backups_sel", $selector);
+	$selector = "<span id='_cmd_backups_sel'>".$selector."</span>\n";
+
+	return $selector;
 }
 
-function get_compr_combo()
+function compress_list_row($label, $name, $value=null)
 {
-	$ar_comps = array();
+	$ar_comps = array('no'=>_("No"));
 
-	$ar_comps[] = _("No");
     if (function_exists("gzcompress"))
-    	$ar_comps[] = "zip";
+    	$ar_comps['zip'] = "zip";
     if (function_exists("gzopen"))
-    	$ar_comps[] = "gzip";
-	$opt_comps = "";
-    foreach ($ar_comps as $file)
-    	$opt_comps .= "<option value='$file'>$file</option>";
+    	$ar_comps['gzip'] = "gzip";
 
-	return "<select name='cmb_comp'>$opt_comps</select>";
+	echo "<tr><td>$label</td><td>";
+	array_selector('comp', $value, $ar_comps);
+	echo "</td></tr>";
 }
 
 function download_file($filename)
@@ -251,20 +96,104 @@ function download_file($filename)
     }
     $saveasname = basename($filename);
     header('Content-type: application/octet-stream');
-    header('Content-Length: '.filesize($filename));
-    header('Content-Disposition: attachment; filename="'.$saveasname.'"');
+   	header('Content-Length: '.filesize($filename));
+   	header('Content-Disposition: attachment; filename="'.$saveasname.'"');
     readfile($filename);
+
     return true;
 }
 
-function valid_paths()
-{
-	global $path_to_root;
+$db_name = $_SESSION["wa_current_user"]->company;
+$conn = $db_connections[$db_name];
+
+if (get_post('creat')) {
+	generate_backup($conn, get_post('comp'), get_post('comments'));
+	$Ajax->activate('cmd_backups');
+};
+
+if (get_post('restore')) {
+	if (db_import(BACKUP_PATH . get_post('cmb_backups'), $conn))
+		display_notification(_("Restore backup completed."));
+}
+
+if (get_post('view')) {
+	$filename = BACKUP_PATH . get_post('cmb_backups');
+	if (in_ajax()) 
+		$Ajax->popup( $filename );
+	else {
+	    header('Content-type: application/octet-stream');
+    	header('Content-Length: '.filesize($filename));
+		header("Content-Disposition: inline; filename=$filename");
+    	readfile($filename);
+		exit();
+	}
+};
+
+if (get_post('download')) {
+	download_file(BACKUP_PATH . get_post('cmb_backups'));
+	exit;
+}
+
+if (get_post('delete')) {
+	if (unlink(BACKUP_PATH . get_post('cmb_backups'))) {
+		display_notification(_("File successfully deleted.")." "
+				. _("Filename") . ": " . get_post('cmb_backups'));
+		$Ajax->activate('cmd_backups');
+	}
+	else
+		display_error(_("Can't delete backup file."));
+};
 
-	$st = "";
-	if (!file_exists(BACKUP_PATH))
-		$st .= "&nbsp;&nbsp;&nbsp;-&nbsp;" . _("cannot find backup directory") . " - " . BACKUP_PATH . "<br>";
-	return $st;
+if (get_post('upload'))
+{
+	$tmpname = $_FILES['uploadfile']['tmp_name'];
+	$fname = $_FILES['uploadfile']['name'];
+
+	if (!preg_match("/.sql(.zip|.gz)?$/", $fname))
+		display_error(_("You can only upload *.sql backup files"));
+	elseif (is_uploaded_file($tmpname)) {
+		rename($tmpname, BACKUP_PATH . $fname);
+		display_notification( "File uploaded to backup directory");
+		$Ajax->activate('cmd_backups');
+	} else
+		display_error(_("File was not uploaded into the system."));
 }
+//-------------------------------------------------------------------------------
+start_form(true, true);
+start_outer_table($table_style2);
+table_section(1);
+table_section_title(_("Create backup"));
+	textarea_row(_("Comments:"), 'comments', null, 30, 8);
+	compress_list_row(_("Compression:"),'comp');
+	vertical_space("height='20px'");
+	submit_row('creat',_("Create Backup"), false, "colspan=2 align='center'", '', 'process');
+table_section(2);
+table_section_title(_("Backup scripts maintenance"));
+
+	start_row();
+	echo "<td style='padding-left:20px'align='left'>".get_backup_file_combo()."</td>";
+	echo "<td valign='top'>";
+	start_table();
+	submit_row('view',_("View Backup"), false, '', '', true);
+	submit_row('download',_("Download Backup"), false, '', '', false);
+	submit_row('restore',_("Restore Backup"), false, '','', 'process');
+
+	$js = "if(confirm(\""
+		.sprintf(_('You are about to remove %s backup file.<br> Do you want to continue ?'),
+			get_post('cmb_backups'))
+		."\")) { JsHttpRequest.request(\"delete\"); }";
+
+	submit_row('delete', _("Delete Backup"), false, '','', 'dialog');
+	end_table();
+	echo "</td>";
+	end_row();
+start_row();
+echo "<td style='padding-left:20px' align='left'><input name='uploadfile' type='file'></td>";
+	submit_cells('upload',_("Upload file"),'', '', true);
+end_row();
+end_outer_table();
 
-?>
\ No newline at end of file
+end_form();
+
+end_page();
+?>
diff --git a/admin/db/maintenance_db.inc b/admin/db/maintenance_db.inc
index 44ba4bb9..29790b66 100644
--- a/admin/db/maintenance_db.inc
+++ b/admin/db/maintenance_db.inc
@@ -141,7 +141,7 @@ function db_import($filename, $connection, $force=true)
 	db_query("SET foreign_key_checks=0");
 
 	// uncrompress gziped backup files
-	if (strpos($filename, ".gzip") || strpos($filename, ".GZIP"))
+	if (strpos($filename, ".gz") || strpos($filename, ".GZ"))
 		$lines = db_ungzip("lines", $filename);
 	elseif (strpos($filename, ".zip") || strpos($filename, ".ZIP"))
 		$lines = db_unzip("lines", $filename);
@@ -266,26 +266,24 @@ function db_unzip($mode, $path)
     $filename = substr($filename, 0, strlen($filename) - 4);
 
     // compare filname in zip and filename from $_GET
-    if (substr($all, 30, strlen($filename)) != $filename)
-    {
-		return '';
-        // exit if names differ
-        //echo F_WRONG_FILE.".";
-        //exit;
+    if (substr($all, 30, strlen($filename)-4) . substr($all, 30+strlen($filename)+9, 4)
+	  != $filename) {
+		return '';     // exit if names differ
     }
     else
     {
     	// get the suffix of the filename in hex
-        $crc_bugfix = substr(substr($filename, 0, strlen($filename) - 4), strlen($filename) - 12 - 4);
+		$crc_bugfix = substr($all, 30, strlen($filename)+13);
+        $crc_bugfix = substr(substr($crc_bugfix, 0, strlen($crc_bugfix) - 4), 
+				strlen($crc_bugfix) - 12 - 4);
         $suffix = false;
-
         // convert hex to ascii
         for ($i=0; $i < 12; )
         	$suffix .= chr($crc_bugfix[$i++] . $crc_bugfix[$i++] . $crc_bugfix[$i++]);
 
         // remove central directory information (we have always just one ziped file)
-        $comp = substr($all, -(strlen($all) - 30 - strlen($filename)));
-        $comp = substr($comp, 0, (strlen($comp) - 80 - strlen($filename)));
+        $comp = substr($all, -(strlen($all) - 30 - strlen($filename)-13));
+        $comp = substr($comp, 0, (strlen($comp) - 80 - strlen($filename)-13));
 
         // fix the crc bugfix (see function save_to_file)
         $comp = "xœ" . $comp . $suffix;
@@ -567,13 +565,14 @@ function save_to_file($backupfile, $zip, $fileData)
         $crc = crc32($fileData);
         $zdata = gzcompress($fileData);
 
-        // string needed for decoding (because of crc bug)
-        //$name_suffix = substr($zdata, -4, 4);
-        //$name_suffix2 = "_";
-        //for ($i = 0; $i < 4; $i++)
-        //	$name_suffix2 .= sprintf("%03d", ord($name_suffix[$i]));
-        //$backupfile = substr($backupfile, 0, strlen($backupfile) - 8) . $name_suffix2 . ".sql.zip";
-        $name = substr($backupfile, 0, strlen($backupfile) -4);
+		// extend stored file name with suffix
+        // needed for decoding (because of crc bug)
+        $name_suffix = substr($zdata, -4, 4);
+        $name_suffix2 = "_";
+        for ($i = 0; $i < 4; $i++)
+        	$name_suffix2 .= sprintf("%03d", ord($name_suffix[$i]));
+
+      	$name = substr($backupfile, 0, strlen($backupfile) - 8) . $name_suffix2 . ".sql";
 
         // fix crc bug
         $zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
diff --git a/includes/JsHttpRequest.php b/includes/JsHttpRequest.php
index a8dea9c4..12dbf686 100644
--- a/includes/JsHttpRequest.php
+++ b/includes/JsHttpRequest.php
@@ -15,7 +15,7 @@
  * This backend library also supports POST requests additionally to GET.
  *
  * @author Dmitry Koterov 
- * @version 5.x $Id$
+ * @version 5.x
  */
 
 class JsHttpRequest
@@ -95,6 +95,7 @@ class JsHttpRequest
             ini_set('display_errors', $this->_magic); //
             ini_set('error_prepend_string', $this->_uniqHash . ini_get('error_prepend_string'));
             ini_set('error_append_string',  ini_get('error_append_string') . $this->_uniqHash);
+            if (function_exists('xdebug_disable')) xdebug_disable(); // else Fatal errors are not catched
 
             // Start OB handling early.
             ob_start(array(&$this, "_obHandler"));
@@ -293,36 +294,49 @@ class JsHttpRequest
         unset($GLOBALS['JsHttpRequest_Active']);
         
         // Check for error & fetch a resulting data.
-        if (preg_match("/{$this->_uniqHash}(.*?){$this->_uniqHash}/sx", $text, $m)) {
-            if (!ini_get('display_errors') || (!$this->_prevDisplayErrors && ini_get('display_errors') == $this->_magic)) {
-                // Display_errors:
-                // 1. disabled manually after the library initialization, or
-                // 2. was initially disabled and is not changed
-                $text = str_replace($m[0], '', $text); // strip whole error message
-            } else {
-                $text = str_replace($this->_uniqHash, '', $text);
+        $wasFatalError = false;
+        if (preg_match_all("/{$this->_uniqHash}(.*?){$this->_uniqHash}/sx", $text, $m)) {
+            // Display_errors:
+            // 1. disabled manually after the library initialization, or
+            // 2. was initially disabled and is not changed
+            $needRemoveErrorMessages = !ini_get('display_errors') || (!$this->_prevDisplayErrors && ini_get('display_errors') == $this->_magic);
+            foreach ($m[0] as $error) {
+                if (preg_match('/\bFatal error(<.*?>)?:/i', $error)) {
+                    $wasFatalError = true;
+                }
+                if ($needRemoveErrorMessages) {
+                    $text = str_replace($error, '', $text); // strip the whole error message
+                } else {
+                    $text = str_replace($this->_uniqHash, '', $text);
+                }
             }
         }
-        if ($m && preg_match('/\bFatal error(<.*?>)?:/i', $m[1])) {
-            // On fatal errors - force null result (generate 500 error).
+        if ($wasFatalError) {
+            // On fatal errors - force "null" result. This is needed, because $_RESULT
+            // may not be fully completed at the moment of the error.
             $this->RESULT = null;
         } else {
-            // Make a resulting hash.
+            // Read the result from globals if not set directly.
             if (!isset($this->RESULT)) {
                 global $_RESULT;
                 $this->RESULT = $_RESULT;
             }
+            // Avoid manual NULLs in the result (very important!).
+            if ($this->RESULT === null) {
+                $this->RESULT = false;
+            }
         }
         
+        // Note that 500 error is generated when a PHP error occurred.
+        $status = $this->RESULT === null? 500 : 200;
         $result = array(
             'id'   => $this->ID,
-            'js'   => $this->RESULT,
-            'text' => $text,
+            'js'   => $this->RESULT,  // null always means a fatal error...
+            'text' => $text,          // ...independent on $text!!!
         );
-        $text = null;
         $encoding = $this->SCRIPT_ENCODING;
-        $status = $this->RESULT !== null? 200 : 500;
-
+        $text = null; // to be on a safe side
+        
         // Try to use very fast json_encode: 3-4 times faster than a manual encoding.
         if (function_exists('array_walk_recursive') && function_exists('json_encode') && $this->_unicodeConvMethod) {
             $this->_nonAsciiChars = join("", array_map('chr', range(128, 255)));
@@ -458,7 +472,7 @@ class JsHttpRequest
 
 
     /**
-     * If there is no ICONV, try to decode 1-byte characters manually
+     * If there is no ICONV, try to decode 1-byte characters and UTF-8 manually
      * (for most popular charsets only).
      */
      
@@ -467,12 +481,25 @@ class JsHttpRequest
      */
     function _decUcs2Decode($code, $toEnc)
     {
+        // Little speedup by using array_flip($this->_encTables) and later hash access.
+        static $flippedTable = null;
         if ($code < 128) return chr($code);
+        
         if (isset($this->_encTables[$toEnc])) {
-            // TODO: possible speedup by using array_flip($this->_encTables) and later hash access in the constructor.
-            $p = array_search($code, $this->_encTables[$toEnc]);
-            if ($p !== false) return chr(128 + $p);
+            if (!$flippedTable) $flippedTable = array_flip($this->_encTables[$toEnc]);
+            if (isset($flippedTable[$code])) return chr(128 + $flippedTable[$code]);
+        } else if ($toEnc == 'utf-8' || $toEnc == 'utf8') {
+            // UTF-8 conversion rules: http://www.cl.cam.ac.uk/~mgk25/unicode.html
+            if ($code < 0x800) {
+                return chr(0xC0 + ($code >> 6)) . 
+                       chr(0x80 + ($code & 0x3F));
+            } else { // if ($code <= 0xFFFF) -- it is almost always so for UCS2-BE
+                return chr(0xE0 + ($code >> 12)) .
+                       chr(0x80 + (0x3F & ($code >> 6))) .
+                       chr(0x80 + ($code & 0x3F));
+            }
         }
+        
         return "";
     }
     
diff --git a/includes/current_user.inc b/includes/current_user.inc
index f55f248d..b6663e31 100644
--- a/includes/current_user.inc
+++ b/includes/current_user.inc
@@ -323,15 +323,14 @@ function add_user_js_data() {
 	$ts = $thoseps[user_tho_sep()];
 	$ds = $decseps[user_dec_sep()];
 
-    $js = "\n<script type=\"text/javascript\">\n"
-	  . "<!--\n"
+    $js = "\n"
 	  . "var user = {\n"
-	  . "theme: '". $path_to_root . '/themes/'. 'default' /*user_theme()*/.'/'."',\n"
+	  . "theme: '". $path_to_root . '/themes/'. user_theme().'/'."',\n"
 	  . "loadtxt: '"._('Requesting data...')."',\n"
 	  . "date: '".Today()."',\n"
 	  . "ts: '$ts',\n"
 	  . "ds: '$ds',\n"
-	  . "pdec : " . user_price_dec() . "}\n--></script>";
+	  . "pdec : " . user_price_dec() . "}\n";
 
   add_js_source($js);
 }
diff --git a/includes/page/footer.inc b/includes/page/footer.inc
index 61c73118..a105d755 100644
--- a/includes/page/footer.inc
+++ b/includes/page/footer.inc
@@ -11,7 +11,7 @@
 ***********************************************************************/
 function page_footer($no_menu=false, $is_index=false)
 {
-	global $path_to_root;
+	global $path_to_root, $js_lib;
 
   	if (in_ajax())
   		return;// just for speed up
@@ -22,6 +22,14 @@ function page_footer($no_menu=false, $is_index=false)
 	$rend = new renderer();
 	$rend->menu_footer($no_menu, $is_index);
 	echo "<script>_focus = '".get_post('_focus')."';</script>";
+
+   	add_user_js_data();
+	echo "\n<script type=\"text/javascript\"><!--\n";
+
+	foreach($js_lib as $text)
+	  	echo $text;
+
+	echo "\n--></script>\n";
     echo "</body></html>\n";
 }
 
diff --git a/includes/page/header.inc b/includes/page/header.inc
index 6abf7c93..197f27fb 100644
--- a/includes/page/header.inc
+++ b/includes/page/header.inc
@@ -41,8 +41,6 @@ function send_scripts()
     global $js_lib, $js_static, $js_path, $js_userlib, $comp_path,
 	$path_to_root, $go_debug;
 
-   	add_user_js_data();
-
 	$js ='';
 	foreach($js_static as $jsfile)
 	{
@@ -60,10 +58,6 @@ function send_scripts()
 	    	$jsfile . '"></script>';
 	}
 
-	foreach($js_lib as $text)
-	{
-	  	$js .= $text;
-	}
     echo $js;
 }
 
@@ -75,6 +69,11 @@ function page_header($title, $no_menu=false, $is_index=false, $onload="", $js=""
 	if (in_ajax())
 		return; // just for speed up
 
+//	$jsext = substr_replace($_SERVER['PHP_SELF'], '.js', -4);
+
+//	if (file_exists($_SERVER['DOCUMENT_ROOT'].$jsext))
+//		add_js_ufile($jsext);
+
 	$theme = user_theme();
 	$local_path_to_root = $path_to_root;
 
diff --git a/includes/ui/ui_controls.inc b/includes/ui/ui_controls.inc
index fe23de17..ff969639 100644
--- a/includes/ui/ui_controls.inc
+++ b/includes/ui/ui_controls.inc
@@ -82,11 +82,14 @@ function end_outer_table($breaks=0, $close_table=true)
 	echo "</td></tr>\n";
 	end_table($breaks);
 }
-
-function vertical_space()
+//
+//  outer table spacer
+//
+function vertical_space($params='')
 {
-	echo "</td></tr><tr><td valign=center>"; // outer table
+	echo "</td></tr><tr><td valign=center $params>";
 }
+
 function meta_forward($forward_to, $params="")
 {
     global $Ajax;
diff --git a/includes/ui/ui_input.inc b/includes/ui/ui_input.inc
index 9d74f67c..a2355cfb 100644
--- a/includes/ui/ui_input.inc
+++ b/includes/ui/ui_input.inc
@@ -231,6 +231,11 @@ function submit_return($name, $value, $title=false, $async=false)
 		submit($name, $value, true, $title, $async);
 	}
 }
+
+function submit_js_confirm($name, $msg) {
+	add_js_source(
+		"_validate.$name=function(){ return confirm('$msg');};");
+};
 //-----------------------------------------------------------------------------------
 
 function set_icon($icon, $title=false)
diff --git a/includes/ui/ui_lists.inc b/includes/ui/ui_lists.inc
index 8f10f156..6362fe74 100644
--- a/includes/ui/ui_lists.inc
+++ b/includes/ui/ui_lists.inc
@@ -243,7 +243,7 @@ $opts = array(		// default options
 				$search_submit)."\n";
 		}
 	}
-	default_focus($search_box ? $search_box : $name);
+	default_focus(($search_box && $by_id) ? $search_box : $name);
 	$str = $selector;
 	if ($search_box && $opts['cells'])
 		echo ($edit_entry!='' ? "<td>$edit_entry</td>" : '')."<td>$selector</td>";
diff --git a/includes/ui/ui_view.inc b/includes/ui/ui_view.inc
index 5f284430..e2265f9d 100644
--- a/includes/ui/ui_view.inc
+++ b/includes/ui/ui_view.inc
@@ -586,16 +586,12 @@ function display_quick_entries(&$cart, $id, $base, $type, $descr='')
 
 function get_js_open_window($width, $height)
 {
-	$js = "\n<script type=\"text/javascript\">\n"
-	 	. "<!--\n"
-		. "function openWindow(url, title)\n"
+	$js ="function openWindow(url, title)\n"
 		. "{\n"
 		. " var left = (screen.width - $width) / 2;\n"
 		. " var top = (screen.height - $height) / 2;\n"
 		. " return window.open(url, title, 'width=$width,height=$height,left='+left+',top='+top+',screenX='+left+',screenY='+top+',status=no,scrollbars=yes');\n"
-		. "}\n"
-		. "-->\n"
-		. "</script>\n";
+		. "}\n";
 	return $js;
 }
 
@@ -624,8 +620,7 @@ function default_focus($name=null, $form_no=0) {
 
 function get_js_png_fix()
 {
-	$js = "<script type=\"text/javascript\">\n"
-		. "function fixPNG(myImage)\n"
+	$js = "function fixPNG(myImage)\n"
 		. "{\n"
 		. " var arVersion = navigator.appVersion.split(\"MSIE\")\n"
 		. " var version = parseFloat(arVersion[1])\n"
@@ -644,8 +639,7 @@ function get_js_png_fix()
         . "    + \"(src=\'\" + myImage.src + \"\', sizingMethod='scale');\\\"></span>\"\n"
 	   	. "  myImage.outerHTML = strNewHTML\n"
     	. " }\n"
-		. "}\n"
-		. "</script>\n";
+		. "}\n";
 	return $js;
 }
 
diff --git a/js/JsHttpRequest.js b/js/JsHttpRequest.js
index 654362dc..1a1a2ec9 100644
--- a/js/JsHttpRequest.js
+++ b/js/JsHttpRequest.js
@@ -3,7 +3,7 @@
  *
  * @license LGPL
  * @author Dmitry Koterov, http://en.dklab.ru/lib/JsHttpRequest/
- * @version 5.x $Id$
+ * @version 5.x
  */
 
 // {{{
@@ -192,6 +192,9 @@ function JsHttpRequest() {
             status = 200;
             statusText = "OK";
         } else {
+             // The special value "null" from a backend means Fatal error.
+             // User cannot assign null to $_RESULT manually, it is 
+             // translated to false to avoid 500 error collisions.
             status = 500;
             statusText = "Internal Server Error";
         }
@@ -507,8 +510,10 @@ JsHttpRequest.LOADERS.xml = { loader: function(req) {
             } catch (e) {}
             if (!req.status) return;
             try {
+                 // Damned Opera returned empty responseText when Status is not 200.
+                 var rtext = req.responseText || '{ js: null, text: null }';
                 // Prepare generator function & catch syntax errors on this stage.
-                eval('JsHttpRequest._tmp = function(id) { var d = ' + req.responseText + '; d.id = id; JsHttpRequest.dataReady(d); }');
+                eval('JsHttpRequest._tmp = function(id) { var d = ' + rtext + '; d.id = id; JsHttpRequest.dataReady(d); }');
             } catch (e) {
                 // Note that FF 2.0 does not throw any error from onreadystatechange handler.
                 return req._error('js_invalid', req.responseText)
diff --git a/js/inserts.js b/js/inserts.js
index 1026fbf6..dd78a9f6 100644
--- a/js/inserts.js
+++ b/js/inserts.js
@@ -13,22 +13,13 @@ var _hotkeys = {
 	'alt': false,	// whether is the Alt key pressed
 	'focus': -1		// currently selected indeks of document.links
 };
+var _validate = {}; // validation functions
 
 function debug(msg) {
     box = document.getElementById('msgbox')
 	box.innerHTML= box.innerHTML+'<br>'+msg
 }
 
-function progbar() {
-	box = document.getElementById('msgbox');
-    box.innerHTML= "<center><table width='98%' border='1' cellpadding=3 "
-	+"bordercolor='#007700' style='border-collapse: collapse'>"
-	+"<tr><td align='center' bgcolor='#ccffcc' >"
-		+"<img src='"+user.theme+"images/progressbar.gif' alt='"
-		+user.loadtxt+"' /></td></tr></table></center><br>";
-	box.style.display = 'block';
-}
-
 function save_focus(e) {
   _focus = e.name||e.id;
   var h = document.getElementById('hints');
@@ -200,15 +191,34 @@ var inserts = {
 	    e.style.display = 'block';
 	},
 //	'.ajaxsubmit,.editbutton,.navibutton': // much slower on IE7
-	'button.ajaxsubmit,input.ajaxsubmit,input.editbutton,button.navibutton': 
+	'button.ajaxsubmit,input.ajaxsubmit,input.editbutton,button.editbutton,button.navibutton': 
 	function(e) {
-	    e.onclick = function() {
-			if (this.getAttribute('aspect') == 'process')
-				progbar();
-		    save_focus(this);
-			JsHttpRequest.request(this);
-			return false;
-	    }
+		    e.onclick = function() {
+			    save_focus(e);
+				if (e.getAttribute('aspect') == 'process')
+					JsHttpRequest.request(this, null, 30000);
+				else
+					JsHttpRequest.request(this);
+				return false;
+		    }
+	},
+	'button': function(e) {
+		if (e.name) {
+			var func = _validate[e.name];
+			var old = e.onclick;
+			if(func) {
+				if (typeof old != 'function') {
+					e.onclick = func;
+				} else {
+					e.onclick = function() {
+						if(func()) 
+							{ old(); return true;}
+						else
+							return false;
+					}
+				}
+			}
+		}
 	},
     '.amount': function(e) {
 		if(e.onblur==undefined) {
@@ -378,14 +388,17 @@ function setHotKeys() {
 				_hotkeys.alt = false;
 				if (_hotkeys.focus>=0) {
 					var link = document.links[_hotkeys.focus];
-					if (link.target=='_blank') {
-//						window.open(link.href,'','toolbar=no,scrollbar=no,resizable=yes,menubar=no,width=900,height=500');
-						openWindow(link.href,'_blank');
-					} else
-						window.location = link.href;
+					if(link.onclick) 
+						link.onclick();
+					else
+						if (link.target=='_blank') {
+							window.open(link.href,'','toolbar=no,scrollbar=no,resizable=yes,menubar=no,width=900,height=500');
+							openWindow(link.href,'_blank');
+						} else
+							window.location = link.href;
 				}
-			} 
 			return stopEv(ev);
+			} 
 		}
 		return true;
 	}
diff --git a/js/utils.js b/js/utils.js
index 1c66384b..d051b10f 100644
--- a/js/utils.js
+++ b/js/utils.js
@@ -8,6 +8,12 @@
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
 ***********************************************************************/
+function set_mark(img) {
+	var box = document.getElementById('ajaxmark');
+	if(img) box.src = user.theme+'images/'+ img;
+	box.style.visibility = img ? 'visible' : 'hidden'
+}
+
 //
 //	JsHttpRequest class extensions.
 //
@@ -18,9 +24,14 @@
 //		if form parameter exists also form values are submited, otherwise
 //		request is directed to current location 
 // 
-    JsHttpRequest.request= function(trigger, form) {
-		var mark = document.getElementById('ajaxmark');
-		if(mark) mark.style.visibility = 'visible';
+JsHttpRequest.request= function(trigger, form, tout) {
+	tout = tout | 3000;	// default timeout value
+	set_mark(tout>5000 ? 'progressbar.gif' : 'ajax-loader.gif');
+	JsHttpRequest._request(trigger, form, tout, 2);
+}
+
+JsHttpRequest._request = function(trigger, form, tout, retry) {
+
 		if (trigger.tagName=='A') {
 			var content = {};
 			var upload = 0;
@@ -41,12 +52,29 @@
 
 		if (!form) url = url.substring(0, url.indexOf('?'));
 		
-		if (!submitObj) 
+		if (!submitObj) {
 			content[trigger] = 1;
-			
+			}
 		}
 			// this is to avoid caching problems
 		content['_random'] = Math.random()*1234567;
+	
+		var tcheck = setTimeout(
+			function() {
+				for(var id in JsHttpRequest.PENDING)  {
+					var call = JsHttpRequest.PENDING[id];
+				 	if (call != false) {
+					if (call._ldObj.xr) // needed for gecko
+						call._ldObj.xr.onreadystatechange = function(){};
+					call.abort(); // why this doesn't kill request in firebug?
+//						call._ldObj.xr.abort();
+						delete JsHttpRequest.PENDING[id];
+					}
+				}
+				set_mark(retry ? 'ajax-loader2.gif':'warning.png' );
+				if(retry)
+					JsHttpRequest._request(trigger, form, tout, retry-1);
+			}, tout );
 
         JsHttpRequest.query(
             (upload ? "form." : "")+"POST "+url, // force form loader
@@ -91,11 +119,11 @@
 				  errors = errors+'<br>Unknown ajax function: '+cmd;
 			}
 		  }
-
+		 if(tcheck)
+		   JsHttpRequest.clearTimeout(tcheck);
         // Write errors to the debug div.
 		  document.getElementById('msgbox').innerHTML = errors;
-		  var mark = document.getElementById('ajaxmark');
-		  if(mark) mark.style.visibility = 'hidden';
+		  set_mark();
 
 		  Behaviour.apply();
 
@@ -108,9 +136,9 @@
 			}
 		}
             },
-            false  // do not disable caching
+	        false  // do not disable caching
         );
-    }
+	}
 	// collect all form input values plus inp trigger value
 	JsHttpRequest.formInputs = function(inp, objForm, upload)
 	{
diff --git a/purchasing/includes/db/po_db.inc b/purchasing/includes/db/po_db.inc
index 66b306e4..d3135f56 100644
--- a/purchasing/includes/db/po_db.inc
+++ b/purchasing/includes/db/po_db.inc
@@ -189,7 +189,7 @@ function read_po_items($order_no, &$order, $open_items_only=false)
         		if ($data['supplier_description'] != "")
         			$myrow['description'] = $data['supplier_description'];
         		if ($data['suppliers_uom'] != "")
-        			$myrow['units'] = $data['suppliers_uon'];
+        			$myrow['units'] = $data['suppliers_uom'];
         	}		
             if (is_null($myrow["units"]))
             {
diff --git a/purchasing/includes/ui/invoice_ui.inc b/purchasing/includes/ui/invoice_ui.inc
index d17a676d..79f2441e 100644
--- a/purchasing/includes/ui/invoice_ui.inc
+++ b/purchasing/includes/ui/invoice_ui.inc
@@ -385,8 +385,11 @@ function display_grn_items_for_selection(&$supp_trans, $k)
         		submit_cells('grn_item_id'.$n, _("Add"), '', _("Add to Invoice"), true);
         	else	
         		submit_cells('grn_item_id'.$n, _("Add"), '', _("Add to Credit Note"), true);
-    		if ($supp_trans->is_invoice && $_SESSION["wa_current_user"]->access == 2)	// Added 2008-10-18 by Joe Hunt. Only admins can remove GRNs
+    		if ($supp_trans->is_invoice && $_SESSION["wa_current_user"]->access == 2) {	// Added 2008-10-18 by Joe Hunt. Only admins can remove GRNs
         		submit_cells('void_item_id'.$n, _("Remove"), '', _("WARNING! Be careful with removal. The operation is executed immediately and cannot be undone !!!"), true);
+				submit_js_confirm('void_item_id'.$n,
+					sprintf(_('You are about to remove all yet non-invoiced items from delivery line #%d. This operation also irreversibly changes related order line. Do you want to continue ?'), $n));
+			}
 			end_row();
     	}
     }
diff --git a/purchasing/manage/suppliers.php b/purchasing/manage/suppliers.php
index 0df75281..2d92edc8 100644
--- a/purchasing/manage/suppliers.php
+++ b/purchasing/manage/suppliers.php
@@ -244,7 +244,7 @@ text_row(_("Fax Number:"), 'fax', null, 42, 40);
 
 email_row(_("E-mail:"), 'email', null, 35, 55);
 link_row(_("Website:"), 'website', null, 35, 55);
-text_row(_("Supplier Account No.:"), 'supp_account_no', null, 42, 40);
+text_row(_("Our Customer No:"), 'supp_account_no', null, 42, 40);
 
 table_section_title(_("Addresses"));
 textarea_row(_("Mailing Address:"), 'address', null, 35, 5);
diff --git a/purchasing/supplier_invoice.php b/purchasing/supplier_invoice.php
index a0782e2b..03fc1c33 100644
--- a/purchasing/supplier_invoice.php
+++ b/purchasing/supplier_invoice.php
@@ -337,18 +337,8 @@ if ($id4 != -1)
 $id2 = -1;
 if ($_SESSION["wa_current_user"]->access == 2)
 {
-	$id3 = find_submit('void_item_id');
-	if ($id3 != -1) 
-	{
-		$js = "if(confirm(\""
-		.sprintf(_('You are about to remove all yet non-invoiced items from delivery line #%d. This operation also irreversibly changes related order line. Do you want to continue ?'), $id3)
-		."\")) {
-			JsHttpRequest.request(\"void_confirm".$id3."\");
-		}";
-		$Ajax->addScript(true,$js);
-	}
-	$id2 = find_submit('void_confirm');
-	if ($id2 != -1) // Added section 2008-10-18 Joe Hunt for voiding delivery lines
+	$id2 = find_submit('void_item_id');
+	if ($id2 != -1) 
 	{
 		begin_transaction();
 		
diff --git a/reporting/includes/header2.inc b/reporting/includes/header2.inc
index 6298149b..98bb9428 100644
--- a/reporting/includes/header2.inc
+++ b/reporting/includes/header2.inc
@@ -9,6 +9,7 @@
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
 ***********************************************************************/
+		// New version (without vertical lines)
 
 		$this->row = $this->pageHeight - $this->topMargin;
 
diff --git a/reporting/includes/pdf_report.inc b/reporting/includes/pdf_report.inc
index 8c5d5727..5beea7e9 100644
--- a/reporting/includes/pdf_report.inc
+++ b/reporting/includes/pdf_report.inc
@@ -9,7 +9,6 @@
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
 ***********************************************************************/
-/* $Revision$ */
 $page_security = 8;
 //include_once($path_to_root . "reporting/includes/class.pdf.inc");
 include_once(dirname(__FILE__)."/class.pdf.inc");
@@ -54,7 +53,7 @@ class FrontReport extends Cpdf
 	{
 		switch ($size)
 		{
-
+			default:
 		  case 'A4':
 		  case 'a4':
 			  $this->pageWidth=595;
@@ -419,7 +418,7 @@ class FrontReport extends Cpdf
 				{
 					include("doctext.inc");
 				}
-				require_once($path_to_root . "reporting/includes/class.mail.inc");
+				require_once($path_to_root . "/reporting/includes/class.mail.inc");
     			$mail = new email($this->company['coy_name'], $this->company['email']);
     			$from = $this->company['coy_name'] . " <" . $this->company['email'] . ">";
     			$to = $myrow['DebtorName'] . " <" . $myrow['email'] . ">";
@@ -457,14 +456,11 @@ class FrontReport extends Cpdf
     				$msg2 .= nl2br($sender) . "<br>";
     				$msg2 .= "<br>Filepath: " . $fname . "<br>Filename: " . $this->filename . "<br>";
     			}
-    			if ($ret)
-    				$str = "<br>" . $this->title . " " . $myrow['reference'] . " " . _("sent to") . " ";
-    			else
-    				$str = "<br>" . $this->title . " " . $myrow['reference'] . " " . _("NOT sent to") . " ";
-    			$msg2 .= $str . $myrow['DebtorName'] . " - " . $myrow['email'];
-    			echo "<html><body>";
-    			echo $msg2;
-    			echo "</body></html>";
+				if (!$ret)
+					display_error(_("Sending document by email failed"));
+				else
+					display_notification($this->title . " " . $myrow['reference'] . " " 
+						. _("has been sent by email."));
 			}
 			else
 			{
diff --git a/sales/manage/customers.php b/sales/manage/customers.php
index 578fbc52..16581f55 100644
--- a/sales/manage/customers.php
+++ b/sales/manage/customers.php
@@ -142,8 +142,8 @@ if (isset($_POST['delete']))
 	$cancel_delete = 0;
 
 	// PREVENT DELETES IF DEPENDENT RECORDS IN 'debtor_trans'
-
-	$sql= "SELECT COUNT(*) FROM ".TB_PREF."debtor_trans WHERE debtor_no='" . $_POST['customer_id'] . "'";
+	$sel_id = db_escape($_POST['customer_id']);
+	$sql= "SELECT COUNT(*) FROM ".TB_PREF."debtor_trans WHERE debtor_no=$sel_id";
 	$result = db_query($sql,"check failed");
 	$myrow = db_fetch_row($result);
 	if ($myrow[0] > 0) 
@@ -153,7 +153,7 @@ if (isset($_POST['delete']))
 	} 
 	else 
 	{
-		$sql= "SELECT COUNT(*) FROM ".TB_PREF."sales_orders WHERE debtor_no='" . $_POST['customer_id'] . "'";
+		$sql= "SELECT COUNT(*) FROM ".TB_PREF."sales_orders WHERE debtor_no=$sel_id";
 		$result = db_query($sql,"check failed");
 		$myrow = db_fetch_row($result);
 		if ($myrow[0] > 0) 
@@ -163,7 +163,7 @@ if (isset($_POST['delete']))
 		} 
 		else 
 		{
-			$sql = "SELECT COUNT(*) FROM ".TB_PREF."cust_branch WHERE debtor_no='" . $_POST['customer_id'] . "'";
+			$sql = "SELECT COUNT(*) FROM ".TB_PREF."cust_branch WHERE debtor_no=$sel_id";
 			$result = db_query($sql,"check failed");
 			$myrow = db_fetch_row($result);
 			if ($myrow[0] > 0) 
@@ -177,7 +177,7 @@ if (isset($_POST['delete']))
 	
 	if ($cancel_delete == 0) 
 	{ 	//ie not cancelled the delete as a result of above tests
-		$sql = "DELETE FROM ".TB_PREF."debtors_master WHERE debtor_no='" . $_POST['customer_id'] . "'";
+		$sql = "DELETE FROM ".TB_PREF."debtors_master WHERE debtor_no=$sel_id";
 		db_query($sql,"cannot delete customer");
 
 		display_notification(_("Selected customer has been deleted."));
@@ -227,7 +227,7 @@ if ($new_customer)
 else 
 {
 
-	$sql = "SELECT * FROM ".TB_PREF."debtors_master WHERE debtor_no = '" . $_POST['customer_id'] . "'";
+	$sql = "SELECT * FROM ".TB_PREF."debtors_master WHERE debtor_no = ".db_escape($_POST['customer_id']);
 	$result = db_query($sql,"check failed");
 
 	$myrow = db_fetch($result);
diff --git a/sales/sales_order_entry.php b/sales/sales_order_entry.php
index fd14cc8d..6a2c2b06 100644
--- a/sales/sales_order_entry.php
+++ b/sales/sales_order_entry.php
@@ -146,7 +146,6 @@ if (isset($_GET['AddedID'])) {
 	display_footer_exit();
 } else
 	check_edit_conflicts();
-
 //-----------------------------------------------------------------------------
 
 function copy_to_cart()
@@ -234,8 +233,8 @@ function line_start_focus() {
   $Ajax->activate('items_table');
   set_focus('_stock_id_edit');
 }
-//--------------------------------------------------------------------------------
 
+//--------------------------------------------------------------------------------
 function can_process() {
 	if (!is_date($_POST['OrderDate'])) {
 		display_error(_("The entered date is invalid."));
@@ -361,8 +360,6 @@ function check_item_data()
 function handle_update_item()
 {
 	if ($_POST['UpdateItem'] != '' && check_item_data()) {
-		//alert("description=".$_POST['item_description']);
-		//$_SESSION['items']->line_items[$_POST['LineNo']]->item_description = $_POST['item_description'];
 		$_SESSION['Items']->update_cart_item($_POST['LineNo'],
 		 input_num('qty'), input_num('price'),
 		 input_num('Disc') / 100, $_POST['item_description'] );
@@ -435,7 +432,7 @@ function  handle_cancel_order()
 //--------------------------------------------------------------------------------
 
 function create_cart($type, $trans_no)
-{
+{ 
 	processing_start();
 	$doc_type = $type;
 
@@ -513,6 +510,7 @@ if ($_SESSION['Items']->trans_type == 10) {
 	$corder = _("Commit Order Changes");
 }
 start_form();
+
 hidden('cart_id');
 
 $customer_error = display_order_header($_SESSION['Items'],
@@ -532,6 +530,7 @@ if ($customer_error == "") {
 
 		submit_center_first('ProcessOrder', $porder,
 		    _('Check entered data and save document'), 'default');
+		submit_js_confirm('CancelOrder', _('You are about to void this Sales Order.\nDo you want to continue?'));
 	} else {
 		submit_center_first('ProcessOrder', $corder,
 		    _('Validate changes and update document'), 'default');
diff --git a/themes/aqua/images/ajax-loader2.gif b/themes/aqua/images/ajax-loader2.gif
new file mode 100644
index 0000000000000000000000000000000000000000..526fb8454fefc99dcd1a5e7119e5dc9bc653c2ce
GIT binary patch
literal 847
zcmZ?wbhEHb6krfw_`<+&@A;b}PEL0oJwK6}esTKDBd)H;qoQw~xo~COregsC=ldp{
zYi_-L_2#7|%WoVyda9uCOl1`VDM0Z*x1VcBu(M-;tC5}oGb2#1;y)?pqSVBa)D(sC
z%#sX+#H_@MoczQTz0AC{d<MmzESy|GRXQMBK#pW!4Ny?%OUazK)IcOhQL80k)!G>%
z$0kadHhf^a+0hW)%VNWn*%~lWpp~(+by43MO`QhMs2__|l0NM6m^8tnWreAlY(=MO
zwt|hY$fru#qwo8juvwC!pwQ)hsV75A>ga<ND;!i@YY!Yac<m??N6(ao)C>_Jo`VMz
z90a+14m5m74s>s3a@z8ATY%{d1)Ei-p(%mev|lLgTbw?{V1?MaMGN~Kvjxs8J2G(F
z1ehDJ+i<cp81O~1S!nTcwks=QvpfOlL*>sCG;WD_XmK405aHBa(r)<PxRJ}s`Lv<;
z7LS&uhio2tGgNMFtYqL2*mv;^>y0dKy~c1ChdX?c42ujrIK^6Z4Emg|aP?&ics+Z|
z6KZc-&dgGylFb{V$<Nb`)zTnHur?@6VKNjs>ae2OS&nUu__6Hnra6p?PEQi-85*}U
z?VF(N+GJ7X6d2KvygPSM8MlzqLWP%y7AG_&wDE?zEt4#|Bgwb4;I-!GwEqoQtpWKB
z7<(%mcw7wy4xN<9jg>gQQ^KR?LfZ`uc7ZMy6DEb{8afio+!PZ%7$Smaa5UzcF4@YM
z<l?b~jbYW!#3UWAKGlW-W3l8T${W;w@V-%EH!(90P}7RgZ_w!JRl#a$Jk(MTpvO3t
zIhZgU+H}lO$#WvdhFJ>}IPCITSv?I@IwX4Kyv;Z9dg!np?9?r3)@o{Yl@bwHa#;6b
r!itWB157^!3_Cd_HcWTu=W{mC;LtZ@Nn?%C?Cw!hWUvM$PcQ%ga~TT3

literal 0
HcmV?d00001

diff --git a/themes/aqua/images/progressbar.gif b/themes/aqua/images/progressbar.gif
index d2572219bd0d067c3f292791523660a4a9d5c057..7c07f694c4091fb5845595e96dbc975134c34195 100644
GIT binary patch
delta 486
zcmZ1``CXjT-P6s&GEs?<cOvJ+iAyvmZs3}DRz&P43o9doJ%bJd5CG*E7}%~lh^?M1
zz$j85Y{9aCAz?$dkKXL_FSb;j&D(wd!;Tui^|#+w6lF&gS*R%S3-MRBwzYS3c6Il3
zxG*zwaL98^=$$@e=B(Ls`gEnmMOYVUvd&$;V&$sUtuA6bOdB`ytl7G4`;NITjIxaT
z7_}I89zJsPSb>YM1Q(aEpdi=rOP8<gaAD_^QoO;*?sN72gNM^y*i<BC*hJZsAH99|
zzSxDAg@v1i_uGeGzyBmx>oV9hG!!s3b=GkRhuv0o=|0>ppzJlrW8)&%Hb({qMVQ~X
z85k!&WQ$@Jh0^j+S`$heLup$m?GB{_p>#BqPKDC>P`VOIH$&-OC_NoYFND&oq4ZWL
ry&p=SgwmIx^j#?Z97=zL(!ZfJD<i}o{9rnSlQ9JpbCO_QAfq(^*T$Z{

delta 682
zcmew^zD$zS-P6s&GEs+7ej?{Ywln|FeEj%v;zFH?XGH7&i8>dhCYGe8D3oWGWGIAW
zq$;?3`UWs4{$ycgWUyz@VE_W4Mg|79e-6_>xavstpIB0KGRJEEg%u@UYopfR&<VA;
zQnmlVh6*3O*>mr1t~#5y`+kmijo<p)?|<y6JOBRo|Axk<=9bpB_Kwc3?w;Ph{t10L
zI=WM*O`kDyR{iWbbLY)puyE1hB}<nrU$Ju4+{r#u7&I6*ZHn2tZTpU$yLRu{yKn!2
zgNF_uIeP5)iS4>NKDw%Wd_qe6Li{JM-?(|}_MN-;Zt0$7X6E3K=XiYo)$2EJ-@Siu
zR$5$y^{Xc9hhM+{{QY<R;j}Fq4mdP8HuL<`j5)DEaZiI+6w3>N1xXC`qKq<GcTQ|n
zHt6t-@;R`;;b04gph!i`$xW%w6Fj11JQgS(Im5yp^XksYVA-5A%DOxgP8>Msz{;##
zr4@Us<c7bpu9Senh6ab`Rlb|E?rJ^BoER?W;9$XckmdU3j99&5*UYK6w--D<HP?Il
zy1QW$KfStpdi(nO`x}_K<$QK*c&L83Ls&cROvHvc$0jJddn)hTl&ZW{FT3xIDhDD8
z1Q@s`C$dB_OF?NBD6I#jEugd$l=gwrVNf~&N@qdo5-42<r8}VXBq%)xN-u-b8=&+q
sD18J<pM%mjp!6ds{RT>ZgVGF)5chLIX%R3T!pWEdN?>weULd12025dUtpET3

diff --git a/themes/aqua/images/warning.png b/themes/aqua/images/warning.png
new file mode 100644
index 0000000000000000000000000000000000000000..06ef4e0b668c1d70341ef2cce01646fef117abcb
GIT binary patch
literal 644
zcmV-~0(<?5P)<h;3K|Lk000e1NJLTq000mG000mO1^@s6AM^iV00006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY4c7nw4c7reD4Tcy000McNliru*#r<1Fa(-6`P%>h0uf0>
zK~y-)rIXJ~6af@~zxlDw?9R;2&aUgKyJM}H6%tg345`2_1yNAp*$g!3*1bz06hfz<
zV}C>7r7m@fE=31XF(^ezT{F{MbH`@qbttyL-4c4Y$9wPN@%SG6XDE#duSZDa+7G=@
z6`EGw&h#ID!g{?vwGklW<VMqpos%hJ`<U0A8*9{87ce<MI+^ze_%aI{^EjE7%M(NR
zdj?ot{+Jmo6%;d$lCX$}rJUQ+et%DZi6MMD-F%6!AJP3HdPgTxUcvE_7pAXs^q&B?
zt#d4~v)H284nZPAV5U%$DU4t#?X>4d{|cBKq{s1`^HMIM7m7T5`iTeQE9ia^2{y1T
z<J{CBXBz_C;=y~y_JXIn9%?d0M{^TxUJS)@P`zei!IJG3{5y346T|dbw%IS0HS|Ie
zfR1d8)|3u_?iV4f;Kb$3^sshq7a-#wxoec?Y&D%lv1|Yi<O~ky&7Z~@akOkJTBT$r
zv$@;yOF|W3YDBwe#g)^tQ${cBudVm!*(#5pf3D?PejiAcq#5?k+=|_(sk}Ja^U@98
z_i3pVdS`cSAQBJ}H1)Uf;rs`xrA5{y`{v!N(kXrXDpwLsVJ}-1s;kRXSC@Cm64nvO
zjekF3v~p9Q+hn18BU;w=E=!_FK?IQqL_i`0fvAdth(r+}C`1x|ldaiJrj$R9nFfqK
eesKV-0nraFTBpT4?_G`n0000<MNUMnLSTa3{vcEU

literal 0
HcmV?d00001

diff --git a/themes/cool/images/ajax-loader2.gif b/themes/cool/images/ajax-loader2.gif
new file mode 100644
index 0000000000000000000000000000000000000000..526fb8454fefc99dcd1a5e7119e5dc9bc653c2ce
GIT binary patch
literal 847
zcmZ?wbhEHb6krfw_`<+&@A;b}PEL0oJwK6}esTKDBd)H;qoQw~xo~COregsC=ldp{
zYi_-L_2#7|%WoVyda9uCOl1`VDM0Z*x1VcBu(M-;tC5}oGb2#1;y)?pqSVBa)D(sC
z%#sX+#H_@MoczQTz0AC{d<MmzESy|GRXQMBK#pW!4Ny?%OUazK)IcOhQL80k)!G>%
z$0kadHhf^a+0hW)%VNWn*%~lWpp~(+by43MO`QhMs2__|l0NM6m^8tnWreAlY(=MO
zwt|hY$fru#qwo8juvwC!pwQ)hsV75A>ga<ND;!i@YY!Yac<m??N6(ao)C>_Jo`VMz
z90a+14m5m74s>s3a@z8ATY%{d1)Ei-p(%mev|lLgTbw?{V1?MaMGN~Kvjxs8J2G(F
z1ehDJ+i<cp81O~1S!nTcwks=QvpfOlL*>sCG;WD_XmK405aHBa(r)<PxRJ}s`Lv<;
z7LS&uhio2tGgNMFtYqL2*mv;^>y0dKy~c1ChdX?c42ujrIK^6Z4Emg|aP?&ics+Z|
z6KZc-&dgGylFb{V$<Nb`)zTnHur?@6VKNjs>ae2OS&nUu__6Hnra6p?PEQi-85*}U
z?VF(N+GJ7X6d2KvygPSM8MlzqLWP%y7AG_&wDE?zEt4#|Bgwb4;I-!GwEqoQtpWKB
z7<(%mcw7wy4xN<9jg>gQQ^KR?LfZ`uc7ZMy6DEb{8afio+!PZ%7$Smaa5UzcF4@YM
z<l?b~jbYW!#3UWAKGlW-W3l8T${W;w@V-%EH!(90P}7RgZ_w!JRl#a$Jk(MTpvO3t
zIhZgU+H}lO$#WvdhFJ>}IPCITSv?I@IwX4Kyv;Z9dg!np?9?r3)@o{Yl@bwHa#;6b
r!itWB157^!3_Cd_HcWTu=W{mC;LtZ@Nn?%C?Cw!hWUvM$PcQ%ga~TT3

literal 0
HcmV?d00001

diff --git a/themes/cool/images/progressbar.gif b/themes/cool/images/progressbar.gif
index d2572219bd0d067c3f292791523660a4a9d5c057..7c07f694c4091fb5845595e96dbc975134c34195 100644
GIT binary patch
delta 486
zcmZ1``CXjT-P6s&GEs?<cOvJ+iAyvmZs3}DRz&P43o9doJ%bJd5CG*E7}%~lh^?M1
zz$j85Y{9aCAz?$dkKXL_FSb;j&D(wd!;Tui^|#+w6lF&gS*R%S3-MRBwzYS3c6Il3
zxG*zwaL98^=$$@e=B(Ls`gEnmMOYVUvd&$;V&$sUtuA6bOdB`ytl7G4`;NITjIxaT
z7_}I89zJsPSb>YM1Q(aEpdi=rOP8<gaAD_^QoO;*?sN72gNM^y*i<BC*hJZsAH99|
zzSxDAg@v1i_uGeGzyBmx>oV9hG!!s3b=GkRhuv0o=|0>ppzJlrW8)&%Hb({qMVQ~X
z85k!&WQ$@Jh0^j+S`$heLup$m?GB{_p>#BqPKDC>P`VOIH$&-OC_NoYFND&oq4ZWL
ry&p=SgwmIx^j#?Z97=zL(!ZfJD<i}o{9rnSlQ9JpbCO_QAfq(^*T$Z{

delta 682
zcmew^zD$zS-P6s&GEs+7ej?{Ywln|FeEj%v;zFH?XGH7&i8>dhCYGe8D3oWGWGIAW
zq$;?3`UWs4{$ycgWUyz@VE_W4Mg|79e-6_>xavstpIB0KGRJEEg%u@UYopfR&<VA;
zQnmlVh6*3O*>mr1t~#5y`+kmijo<p)?|<y6JOBRo|Axk<=9bpB_Kwc3?w;Ph{t10L
zI=WM*O`kDyR{iWbbLY)puyE1hB}<nrU$Ju4+{r#u7&I6*ZHn2tZTpU$yLRu{yKn!2
zgNF_uIeP5)iS4>NKDw%Wd_qe6Li{JM-?(|}_MN-;Zt0$7X6E3K=XiYo)$2EJ-@Siu
zR$5$y^{Xc9hhM+{{QY<R;j}Fq4mdP8HuL<`j5)DEaZiI+6w3>N1xXC`qKq<GcTQ|n
zHt6t-@;R`;;b04gph!i`$xW%w6Fj11JQgS(Im5yp^XksYVA-5A%DOxgP8>Msz{;##
zr4@Us<c7bpu9Senh6ab`Rlb|E?rJ^BoER?W;9$XckmdU3j99&5*UYK6w--D<HP?Il
zy1QW$KfStpdi(nO`x}_K<$QK*c&L83Ls&cROvHvc$0jJddn)hTl&ZW{FT3xIDhDD8
z1Q@s`C$dB_OF?NBD6I#jEugd$l=gwrVNf~&N@qdo5-42<r8}VXBq%)xN-u-b8=&+q
sD18J<pM%mjp!6ds{RT>ZgVGF)5chLIX%R3T!pWEdN?>weULd12025dUtpET3

diff --git a/themes/cool/images/warning.png b/themes/cool/images/warning.png
new file mode 100644
index 0000000000000000000000000000000000000000..06ef4e0b668c1d70341ef2cce01646fef117abcb
GIT binary patch
literal 644
zcmV-~0(<?5P)<h;3K|Lk000e1NJLTq000mG000mO1^@s6AM^iV00006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY4c7nw4c7reD4Tcy000McNliru*#r<1Fa(-6`P%>h0uf0>
zK~y-)rIXJ~6af@~zxlDw?9R;2&aUgKyJM}H6%tg345`2_1yNAp*$g!3*1bz06hfz<
zV}C>7r7m@fE=31XF(^ezT{F{MbH`@qbttyL-4c4Y$9wPN@%SG6XDE#duSZDa+7G=@
z6`EGw&h#ID!g{?vwGklW<VMqpos%hJ`<U0A8*9{87ce<MI+^ze_%aI{^EjE7%M(NR
zdj?ot{+Jmo6%;d$lCX$}rJUQ+et%DZi6MMD-F%6!AJP3HdPgTxUcvE_7pAXs^q&B?
zt#d4~v)H284nZPAV5U%$DU4t#?X>4d{|cBKq{s1`^HMIM7m7T5`iTeQE9ia^2{y1T
z<J{CBXBz_C;=y~y_JXIn9%?d0M{^TxUJS)@P`zei!IJG3{5y346T|dbw%IS0HS|Ie
zfR1d8)|3u_?iV4f;Kb$3^sshq7a-#wxoec?Y&D%lv1|Yi<O~ky&7Z~@akOkJTBT$r
zv$@;yOF|W3YDBwe#g)^tQ${cBudVm!*(#5pf3D?PejiAcq#5?k+=|_(sk}Ja^U@98
z_i3pVdS`cSAQBJ}H1)Uf;rs`xrA5{y`{v!N(kXrXDpwLsVJ}-1s;kRXSC@Cm64nvO
zjekF3v~p9Q+hn18BU;w=E=!_FK?IQqL_i`0fvAdth(r+}C`1x|ldaiJrj$R9nFfqK
eesKV-0nraFTBpT4?_G`n0000<MNUMnLSTa3{vcEU

literal 0
HcmV?d00001

diff --git a/themes/default/images/ajax-loader2.gif b/themes/default/images/ajax-loader2.gif
new file mode 100644
index 0000000000000000000000000000000000000000..526fb8454fefc99dcd1a5e7119e5dc9bc653c2ce
GIT binary patch
literal 847
zcmZ?wbhEHb6krfw_`<+&@A;b}PEL0oJwK6}esTKDBd)H;qoQw~xo~COregsC=ldp{
zYi_-L_2#7|%WoVyda9uCOl1`VDM0Z*x1VcBu(M-;tC5}oGb2#1;y)?pqSVBa)D(sC
z%#sX+#H_@MoczQTz0AC{d<MmzESy|GRXQMBK#pW!4Ny?%OUazK)IcOhQL80k)!G>%
z$0kadHhf^a+0hW)%VNWn*%~lWpp~(+by43MO`QhMs2__|l0NM6m^8tnWreAlY(=MO
zwt|hY$fru#qwo8juvwC!pwQ)hsV75A>ga<ND;!i@YY!Yac<m??N6(ao)C>_Jo`VMz
z90a+14m5m74s>s3a@z8ATY%{d1)Ei-p(%mev|lLgTbw?{V1?MaMGN~Kvjxs8J2G(F
z1ehDJ+i<cp81O~1S!nTcwks=QvpfOlL*>sCG;WD_XmK405aHBa(r)<PxRJ}s`Lv<;
z7LS&uhio2tGgNMFtYqL2*mv;^>y0dKy~c1ChdX?c42ujrIK^6Z4Emg|aP?&ics+Z|
z6KZc-&dgGylFb{V$<Nb`)zTnHur?@6VKNjs>ae2OS&nUu__6Hnra6p?PEQi-85*}U
z?VF(N+GJ7X6d2KvygPSM8MlzqLWP%y7AG_&wDE?zEt4#|Bgwb4;I-!GwEqoQtpWKB
z7<(%mcw7wy4xN<9jg>gQQ^KR?LfZ`uc7ZMy6DEb{8afio+!PZ%7$Smaa5UzcF4@YM
z<l?b~jbYW!#3UWAKGlW-W3l8T${W;w@V-%EH!(90P}7RgZ_w!JRl#a$Jk(MTpvO3t
zIhZgU+H}lO$#WvdhFJ>}IPCITSv?I@IwX4Kyv;Z9dg!np?9?r3)@o{Yl@bwHa#;6b
r!itWB157^!3_Cd_HcWTu=W{mC;LtZ@Nn?%C?Cw!hWUvM$PcQ%ga~TT3

literal 0
HcmV?d00001

diff --git a/themes/default/images/progressbar.gif b/themes/default/images/progressbar.gif
index d2572219bd0d067c3f292791523660a4a9d5c057..7c07f694c4091fb5845595e96dbc975134c34195 100644
GIT binary patch
delta 486
zcmZ1``CXjT-P6s&GEs?<cOvJ+iAyvmZs3}DRz&P43o9doJ%bJd5CG*E7}%~lh^?M1
zz$j85Y{9aCAz?$dkKXL_FSb;j&D(wd!;Tui^|#+w6lF&gS*R%S3-MRBwzYS3c6Il3
zxG*zwaL98^=$$@e=B(Ls`gEnmMOYVUvd&$;V&$sUtuA6bOdB`ytl7G4`;NITjIxaT
z7_}I89zJsPSb>YM1Q(aEpdi=rOP8<gaAD_^QoO;*?sN72gNM^y*i<BC*hJZsAH99|
zzSxDAg@v1i_uGeGzyBmx>oV9hG!!s3b=GkRhuv0o=|0>ppzJlrW8)&%Hb({qMVQ~X
z85k!&WQ$@Jh0^j+S`$heLup$m?GB{_p>#BqPKDC>P`VOIH$&-OC_NoYFND&oq4ZWL
ry&p=SgwmIx^j#?Z97=zL(!ZfJD<i}o{9rnSlQ9JpbCO_QAfq(^*T$Z{

delta 682
zcmew^zD$zS-P6s&GEs+7ej?{Ywln|FeEj%v;zFH?XGH7&i8>dhCYGe8D3oWGWGIAW
zq$;?3`UWs4{$ycgWUyz@VE_W4Mg|79e-6_>xavstpIB0KGRJEEg%u@UYopfR&<VA;
zQnmlVh6*3O*>mr1t~#5y`+kmijo<p)?|<y6JOBRo|Axk<=9bpB_Kwc3?w;Ph{t10L
zI=WM*O`kDyR{iWbbLY)puyE1hB}<nrU$Ju4+{r#u7&I6*ZHn2tZTpU$yLRu{yKn!2
zgNF_uIeP5)iS4>NKDw%Wd_qe6Li{JM-?(|}_MN-;Zt0$7X6E3K=XiYo)$2EJ-@Siu
zR$5$y^{Xc9hhM+{{QY<R;j}Fq4mdP8HuL<`j5)DEaZiI+6w3>N1xXC`qKq<GcTQ|n
zHt6t-@;R`;;b04gph!i`$xW%w6Fj11JQgS(Im5yp^XksYVA-5A%DOxgP8>Msz{;##
zr4@Us<c7bpu9Senh6ab`Rlb|E?rJ^BoER?W;9$XckmdU3j99&5*UYK6w--D<HP?Il
zy1QW$KfStpdi(nO`x}_K<$QK*c&L83Ls&cROvHvc$0jJddn)hTl&ZW{FT3xIDhDD8
z1Q@s`C$dB_OF?NBD6I#jEugd$l=gwrVNf~&N@qdo5-42<r8}VXBq%)xN-u-b8=&+q
sD18J<pM%mjp!6ds{RT>ZgVGF)5chLIX%R3T!pWEdN?>weULd12025dUtpET3

diff --git a/themes/default/images/warning.png b/themes/default/images/warning.png
new file mode 100644
index 0000000000000000000000000000000000000000..06ef4e0b668c1d70341ef2cce01646fef117abcb
GIT binary patch
literal 644
zcmV-~0(<?5P)<h;3K|Lk000e1NJLTq000mG000mO1^@s6AM^iV00006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY4c7nw4c7reD4Tcy000McNliru*#r<1Fa(-6`P%>h0uf0>
zK~y-)rIXJ~6af@~zxlDw?9R;2&aUgKyJM}H6%tg345`2_1yNAp*$g!3*1bz06hfz<
zV}C>7r7m@fE=31XF(^ezT{F{MbH`@qbttyL-4c4Y$9wPN@%SG6XDE#duSZDa+7G=@
z6`EGw&h#ID!g{?vwGklW<VMqpos%hJ`<U0A8*9{87ce<MI+^ze_%aI{^EjE7%M(NR
zdj?ot{+Jmo6%;d$lCX$}rJUQ+et%DZi6MMD-F%6!AJP3HdPgTxUcvE_7pAXs^q&B?
zt#d4~v)H284nZPAV5U%$DU4t#?X>4d{|cBKq{s1`^HMIM7m7T5`iTeQE9ia^2{y1T
z<J{CBXBz_C;=y~y_JXIn9%?d0M{^TxUJS)@P`zei!IJG3{5y346T|dbw%IS0HS|Ie
zfR1d8)|3u_?iV4f;Kb$3^sshq7a-#wxoec?Y&D%lv1|Yi<O~ky&7Z~@akOkJTBT$r
zv$@;yOF|W3YDBwe#g)^tQ${cBudVm!*(#5pf3D?PejiAcq#5?k+=|_(sk}Ja^U@98
z_i3pVdS`cSAQBJ}H1)Uf;rs`xrA5{y`{v!N(kXrXDpwLsVJ}-1s;kRXSC@Cm64nvO
zjekF3v~p9Q+hn18BU;w=E=!_FK?IQqL_i`0fvAdth(r+}C`1x|ldaiJrj$R9nFfqK
eesKV-0nraFTBpT4?_G`n0000<MNUMnLSTa3{vcEU

literal 0
HcmV?d00001

-- 
2.30.2