From c4778ed550b246b7fb559a2f4c913b799352041f Mon Sep 17 00:00:00 2001
From: Janusz Dobrowolski <janusz@frontaccouting.eu>
Date: Sun, 27 Jan 2013 17:55:08 +0100
Subject: [PATCH] Cleanup in get_sql_for_supplier_inquiry().

---
 purchasing/includes/db/supp_trans_db.inc | 28 ++++++++++++------------
 purchasing/inquiry/supplier_inquiry.php  |  2 +-
 2 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/purchasing/includes/db/supp_trans_db.inc b/purchasing/includes/db/supp_trans_db.inc
index b5b93d9e..e17897e7 100644
--- a/purchasing/includes/db/supp_trans_db.inc
+++ b/purchasing/includes/db/supp_trans_db.inc
@@ -163,10 +163,10 @@ function post_void_supp_trans($type, $type_no)
 
 //----------------------------------------------------------------------------------------
 
-function get_sql_for_supplier_inquiry()
+function get_sql_for_supplier_inquiry($filter, $after_date, $to_date, $supplier_id=ALL_TEXT)
 {
-    $date_after = date2sql($_POST['TransAfterDate']);
-    $date_to = date2sql($_POST['TransToDate']);
+    $date_after = date2sql($after_date);
+    $date_to = date2sql($to_date);
 
     $sql = "SELECT trans.type, 
 		trans.trans_no,
@@ -203,38 +203,38 @@ function get_sql_for_supplier_inquiry()
      	AND trans.delivery_date >= '$date_after'
     	AND trans.delivery_date <= '$date_to'";
 
-   	if ($_POST['supplier_id'] != ALL_TEXT) {
-   		$sql .= " AND trans.supplier_id = ".db_escape($_POST['supplier_id']);
-   		$sql2 .= " AND trans.supplier_id = ".db_escape($_POST['supplier_id']);
+   	if ($supplier_id != ALL_TEXT) {
+   		$sql .= " AND trans.supplier_id = ".db_escape($supplier_id);
+   		$sql2 .= " AND trans.supplier_id = ".db_escape($supplier_id);
 	}
-	if (($_POST['filterType'] == '6')) 
+	if (($filter == '6')) 
 	{
 			$sql = $sql2;
 	} 
-	elseif (!isset($_POST['filterType']) || $_POST['filterType'] == ALL_TEXT || $_POST['filterType'] == '6') {
+	elseif (!isset($filter) || $filter == ALL_TEXT || $filter == '6') {
 		$sql = "SELECT * FROM (($sql) UNION ($sql2)) as tr";
    	}
 
-   	if (isset($_POST['filterType']) && $_POST['filterType'] != ALL_TEXT)
+   	if (isset($filter) && $filter != ALL_TEXT)
    	{
-   		if (($_POST['filterType'] == '1')) 
+   		if (($filter == '1')) 
    		{
    			$sql .= " AND (trans.type = ".ST_SUPPINVOICE." OR trans.type = ".ST_BANKDEPOSIT.")";
    		} 
-   		elseif (($_POST['filterType'] == '2')) 
+   		elseif (($filter == '2')) 
    		{
    			$sql .= " AND trans.type = ".ST_SUPPINVOICE." ";
    		} 
-   		elseif ($_POST['filterType'] == '3') 
+   		elseif ($filter == '3') 
    		{
 			$sql .= " AND (trans.type = ".ST_SUPPAYMENT." OR trans.type = ".ST_BANKPAYMENT.") ";
    		} 
-   		elseif (($_POST['filterType'] == '4') || ($_POST['filterType'] == '5')) 
+   		elseif (($filter == '4') || ($filter == '5')) 
    		{
 			$sql .= " AND trans.type = ".ST_SUPPCREDIT."  ";
    		}
 
-   		if (($_POST['filterType'] == '2') || ($_POST['filterType'] == '5')) 
+   		if (($filter == '2') || ($filter == '5')) 
    		{
    			$today =  date2sql(Today());
 			$sql .= " AND trans.due_date < '$today' ";
diff --git a/purchasing/inquiry/supplier_inquiry.php b/purchasing/inquiry/supplier_inquiry.php
index ffb264b5..1e106d0e 100644
--- a/purchasing/inquiry/supplier_inquiry.php
+++ b/purchasing/inquiry/supplier_inquiry.php
@@ -162,7 +162,7 @@ function check_overdue($row)
 }
 //------------------------------------------------------------------------------------------------
 
-$sql = get_sql_for_supplier_inquiry();
+$sql = get_sql_for_supplier_inquiry($_POST['filterType'], $_POST['TransAfterDate'], $_POST['TransToDate'], $_POST['supplier_id']);
 
 $cols = array(
 			_("Type") => array('fun'=>'systype_name', 'ord'=>''), 
-- 
2.30.2