From b42adf7edd906956a0f9cf21c0ec2b66007b9585 Mon Sep 17 00:00:00 2001
From: Joe Hunt <joe.hunt.consulting@gmail.com>
Date: Mon, 13 Jul 2009 15:10:01 +0000
Subject: [PATCH] Added Audit Trail Report Changed so $page_security works with
 reports (displays an error message on top)

---
 CHANGELOG.txt                          |   8 ++
 reporting/includes/excel_report.inc    |   9 +-
 reporting/includes/pdf_report.inc      |   8 ++
 reporting/includes/reports_classes.inc |   4 +
 reporting/rep710.php                   | 118 +++++++++++++++++++++++++
 reporting/reports_main.php             |   7 ++
 6 files changed, 152 insertions(+), 2 deletions(-)
 create mode 100644 reporting/rep710.php

diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index 33e3ca6f..c01f6d5b 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -19,6 +19,14 @@ Legend:
 ! -> Note
 $ -> Affected files
 
+13-Jul-2009 Joe Hunt
++ Added Audit Trail Report
+$ /reporting/rep710.php
+$ /reporting/reports_main.php
+! Changed so $page_security works with reports (displays an error message on top)
+$ /reporting/includes/pdf_report.inc
+  /reporting/includes/excel_report.inc
+  
 10-Jul-2009 Janusz Dobrowolski
 + Added direct allocations in payments.
 $ /purchasing/supplier_payment.php
diff --git a/reporting/includes/excel_report.inc b/reporting/includes/excel_report.inc
index fbb843f2..0cbf7c38 100644
--- a/reporting/includes/excel_report.inc
+++ b/reporting/includes/excel_report.inc
@@ -56,8 +56,13 @@ class FrontReport extends Spreadsheet_Excel_Writer_Workbook
 
 	function FrontReport($title, $filename, $size = 'A4', $fontsize = 9)
 	{
-		global $comp_path, $dateseps;
-		
+		global $comp_path, $dateseps, $page_security;
+		if (!$_SESSION["wa_current_user"]->can_access_page($page_security))
+		{
+			display_error(_("The security settings on your account do not permit you to access this function"));
+			end_page();
+			exit;
+		}
 		$this->size = $size;
 		$this->title = $title;
 		$this->lineHeight = 12;
diff --git a/reporting/includes/pdf_report.inc b/reporting/includes/pdf_report.inc
index 4245ccde..10348cfe 100644
--- a/reporting/includes/pdf_report.inc
+++ b/reporting/includes/pdf_report.inc
@@ -51,6 +51,13 @@ class FrontReport extends Cpdf
 
 	function FrontReport($title, $filename, $size = 'A4', $fontsize = 9)
 	{
+		global $page_security;
+		if (!$_SESSION["wa_current_user"]->can_access_page($page_security))
+		{
+			display_error(_("The security settings on your account do not permit you to access this function"));
+			end_page();
+			exit;
+		}
 		switch ($size)
 		{
 			default:
@@ -492,6 +499,7 @@ class FrontReport extends Cpdf
         	        header('Expires: 0');
             	    header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
                 	header('Pragma: public');
+
 	                $this->Stream();
 					}
 				} else { // send report to network printer
diff --git a/reporting/includes/reports_classes.inc b/reporting/includes/reports_classes.inc
index 69597924..9a04b58e 100644
--- a/reporting/includes/reports_classes.inc
+++ b/reporting/includes/reports_classes.inc
@@ -326,6 +326,10 @@ class Report
 					$sql = "SELECT DISTINCT YEAR(tran_date), YEAR(tran_date) FROM ".TB_PREF."gl_trans";
 					$st .= dup_simple_codeandname_list($sql, "PARAM_$index", $dummy);
 					break;
+				case 'USERS':
+					$sql = "SELECT id, user_id FROM ".TB_PREF."users ORDER BY user_id";
+					$st .= dup_simple_codeandname_list($sql, "PARAM_$index", $dummy, true, _("No Users Filter"), true);
+					break;
 				case 'ACCOUNTS_NO_FILTER':
 					$sql = "SELECT id, name FROM ".TB_PREF."chart_types ORDER BY name";
 					$st .= dup_simple_codeandname_list($sql, "PARAM_$index", $dummy);
diff --git a/reporting/rep710.php b/reporting/rep710.php
new file mode 100644
index 00000000..9c1df5f1
--- /dev/null
+++ b/reporting/rep710.php
@@ -0,0 +1,118 @@
+<?php
+/**********************************************************************
+    Copyright (C) FrontAccounting, LLC.
+	Released under the terms of the GNU General Public License, GPL, 
+	as published by the Free Software Foundation, either version 3 
+	of the License, or (at your option) any later version.
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
+    See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
+$page_security = 15;
+// ----------------------------------------------------------------
+// $ Revision:	2.0 $
+// Creator:	Joe Hunt
+// date_:	2005-05-19
+// Title:	List of Journal Entries
+// ----------------------------------------------------------------
+$path_to_root="..";
+
+include_once($path_to_root . "/includes/session.inc");
+include_once($path_to_root . "/includes/date_functions.inc");
+include_once($path_to_root . "/includes/data_checks.inc");
+include_once($path_to_root . "/gl/includes/gl_db.inc");
+include_once($path_to_root . "/includes/ui/ui_view.inc");
+
+//----------------------------------------------------------------------------------------------------
+
+print_audit_trail();
+
+function getTransactions($from, $to, $type, $user)
+{
+	$fromdate = date2sql($from);
+	$todate = date2sql($to);
+
+	$sql = "SELECT ".TB_PREF."audit_trail.*, ".TB_PREF."gl_trans.tran_date, 
+		SUM(IF(".TB_PREF."gl_trans.amount > 0, ".TB_PREF."gl_trans.amount, 0)) AS amount,
+		".TB_PREF."users.user_id,
+		UNIX_TIMESTAMP(".TB_PREF."audit_trail.stamp) as unix_stamp
+		FROM ".TB_PREF."audit_trail, ".TB_PREF."gl_trans, ".TB_PREF."users
+		WHERE ".TB_PREF."audit_trail.type = ".TB_PREF."gl_trans.type
+			AND ".TB_PREF."audit_trail.trans_no = ".TB_PREF."gl_trans.type_no 
+			AND ".TB_PREF."audit_trail.user = ".TB_PREF."users.id ";
+	if ($type != -1)
+		$sql .= "AND ".TB_PREF."gl_trans.type=$type ";
+	if ($user != -1)	
+		$sql .= "AND ".TB_PREF."audit_trail.user='$user' ";
+	$sql .= "AND DATE(".TB_PREF."audit_trail.stamp) >= '$fromdate'
+			AND DATE(".TB_PREF."audit_trail.stamp) <= '$todate'
+		GROUP BY ".TB_PREF."gl_trans.type_no,".TB_PREF."audit_trail.gl_seq,".TB_PREF."audit_trail.stamp	
+		ORDER BY ".TB_PREF."audit_trail.stamp,".TB_PREF."audit_trail.gl_seq";
+    return db_query($sql,"No transactions were returned");
+}
+//----------------------------------------------------------------------------------------------------
+
+function print_audit_trail()
+{
+    global $path_to_root;
+
+    $from = $_POST['PARAM_0'];
+    $to = $_POST['PARAM_1'];
+    $systype = $_POST['PARAM_2'];
+    $user = $_POST['PARAM_3'];
+    $comments = $_POST['PARAM_4'];
+	$destination = $_POST['PARAM_5'];
+	if ($destination)
+		include_once($path_to_root . "/reporting/includes/excel_report.inc");
+	else
+		include_once($path_to_root . "/reporting/includes/pdf_report.inc");
+
+    $dec = user_price_dec();
+
+    $cols = array(0, 60, 120, 180, 240, 340, 400, 460, 520);
+
+    $headers = array(_('Date'), _('Time'), _('User'), _('Trans Date'),
+    	_('Type'), _('#'), _('Action'), _('Amount'));
+
+    $aligns = array('left', 'left', 'left', 'left', 'left', 'left', 'left', 'right');
+
+	$usr = get_user($user);
+	$user_id = $usr['user_id'];
+    $params =   array( 	0 => $comments,
+    				    1 => array('text' => _('Period'), 'from' => $from,'to' => $to),
+                    	2 => array('text' => _('Type'), 'from' => ($systype != -1 ? systypes::name($systype) : _('All')), 'to' => ''),
+                    	3 => array('text' => _('User'), 'from' => ($user != -1 ? $user_id : _('All')), 'to' => ''));
+
+    $rep = new FrontReport(_('Audit Trail'), "AuditTrail", user_pagesize());
+
+    $rep->Font();
+    $rep->Info($params, $cols, $headers, $aligns);
+    $rep->Header();
+
+    $trans = getTransactions($from, $to, $systype, $user);
+
+    while ($myrow=db_fetch($trans))
+    {
+        $rep->TextCol(0, 1, sql2date($myrow['stamp']));
+        if (user_date_format() == 0)
+        	$rep->TextCol(1, 2, date("h:i:s a", $myrow['unix_stamp']));
+        else	
+        	$rep->TextCol(1, 2, date("H:i:s", $myrow['unix_stamp']));
+        $rep->TextCol(2, 3, $myrow['user_id']);
+        $rep->TextCol(3, 4, sql2date($myrow['tran_date']));
+        $rep->TextCol(4, 5, systypes::name($myrow['type']));
+        $rep->TextCol(5, 6, $myrow['trans_no']);
+        if ($myrow['gl_seq'] == null)
+        	$action = _('Changed');
+        else
+        	$action = _('Closed');
+        $rep->TextCol(6, 7, $action);
+        $rep->AmountCol(7, 8, $myrow['amount'], $dec);
+        $rep->NewLine(1, 2);
+    }
+    $rep->Line($rep->row  + 4);
+    $rep->End();
+}
+
+?>
\ No newline at end of file
diff --git a/reporting/reports_main.php b/reporting/reports_main.php
index a4469584..bb5ea791 100644
--- a/reporting/reports_main.php
+++ b/reporting/reports_main.php
@@ -336,6 +336,13 @@ $reports->addReport(_('General Ledger'),709,_('Ta&x Report'),
 			new ReportParam(_('End Date'),'DATEENDTAX'),
 			new ReportParam(_('Summary Only'),'YES_NO'),
 			new ReportParam(_('Comments'),'TEXTBOX')));
+$reports->addReport(_('General Ledger'),710,_('Audit Trail'),
+	array(	new ReportParam(_('Start Date'),'DATEBEGINM'),
+			new ReportParam(_('End Date'),'DATEENDM'),
+			new ReportParam(_('Type'),'SYS_TYPES'),
+			new ReportParam(_('User'),'USERS'),
+			new ReportParam(_('Comments'),'TEXTBOX'),
+			new ReportParam(_('Destination'),'DESTINATION')));
 
 echo "<script language='javascript'>
 		function onWindowLoad() {
-- 
2.30.2