projects / fa-stable.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Sealing against XSS atacks: purchasing,sales,install,admin,taxes
[fa-stable.git] / sales / includes / db / cust_trans_db.inc
1 <?php
2 //------------------------------------------------------------------------------
3 //      Retreive parent document number(s) for given transaction
4 //
5 function get_parent_trans($trans_type, $trans_no) {
6
7         $sql = 'SELECT trans_link FROM
8                         '.TB_PREF.'debtor_trans WHERE
9                         (trans_no=' .$trans_no. ' AND type='.$trans_type.' AND trans_link!=0)';
10
11         $result = db_query($sql, 'Parent document numbers cannot be retrieved');
12
13         if (db_num_rows($result)) {
14                 $link = db_fetch($result);
15                 return array($link['trans_link']);
16         }
17         if ($trans_type!=10) return 0;  // this is credit note with no parent invoice
18         // invoice: find batch invoice parent trans.
19         $sql = 'SELECT trans_no FROM
20                         '.TB_PREF.'debtor_trans WHERE
21                         (trans_link='.$trans_no.' AND type='. get_parent_type($trans_type) .')';
22
23         $result = db_query($sql, 'Delivery links cannot be retrieved');
24
25         $delivery = array();
26         if(db_num_rows($result)>0) {
27                 while($link = db_fetch($result)) {
28                         $delivery[] = $link['trans_no'];
29                 }
30         }
31         return count($delivery) ? $delivery : 0;
32 }
33
34 //----------------------------------------------------------------------------------------
35 // Mark changes in debtor_trans_details
36 //
37 function update_customer_trans_version($type, $versions) {
38
39         $sql= 'UPDATE '.TB_PREF. 'debtor_trans SET version=version+1
40                         WHERE type='.$type. ' AND (';
41
42         foreach ($versions as $trans_no=>$version)
43                 $where[] =      '(trans_no='.$trans_no.
44                         ' AND version='.$version.')';
45
46                 $sql .= implode(' OR ', $where) .')';
47
48         return  db_query($sql, 'Concurrent editing conflict');
49 }
50
51 //----------------------------------------------------------------------------------------
52 // Gets document header versions for transaction set of type $type
53 // $trans_no = array(num1, num2,...);
54 // returns array(num1=>ver1, num2=>ver2...)
55 //
56 function get_customer_trans_version($type, $trans_no) {
57         if (!is_array($trans_no))
58                 $trans_no = array( $trans_no );
59
60         $sql= 'SELECT trans_no, version FROM '.TB_PREF. 'debtor_trans
61                         WHERE type='.$type.' AND (';
62
63         foreach ($trans_no as $key=>$trans)
64                 $trans_no[$key] =       'trans_no='.$trans_no[$key];
65
66         $sql .= implode(' OR ', $trans_no) . ')';
67
68         $res = db_query($sql, 'document version retreival');
69
70         $vers = array();
71         while($mysql=db_fetch($res)) {
72                 $vers[$mysql['trans_no']] = $mysql['version'];
73         }
74         return $vers;
75 }
76 //----------------------------------------------------------------------------------------
77 // $Total, $Tax, $Freight, $discount all in customer's currency
78 // date_ is display date (non-sql)
79 function write_customer_trans($trans_type, $trans_no, $debtor_no, $BranchNo,
80         $date_, $reference, $Total, $discount=0, $Tax=0, $Freight=0, $FreightTax=0,
81         $sales_type=0, $order_no=0, $trans_link=0, $ship_via="", $due_date=null,
82         $AllocAmt=0)
83 {
84
85         $curr = get_customer_currency($debtor_no);
86         $rate = get_exchange_rate_from_home_currency($curr, $date_);
87
88         $SQLDate = date2sql($date_);
89         $SQLDueDate = date2sql($due_date);
90
91         if ($trans_no==0) {
92         $trans_no = get_next_trans_no($trans_type);
93
94         $sql = "INSERT INTO ".TB_PREF."debtor_trans (
95                 trans_no, type,
96                 debtor_no, branch_code,
97                 tran_date, due_date,
98                 reference, tpe,
99                 order_, ov_amount, ov_discount,
100                 ov_gst, ov_freight, ov_freight_tax,
101                 rate, ship_via, alloc, trans_link
102                 ) VALUES ($trans_no, $trans_type, 
103                 ".db_escape($debtor_no).", ".db_escape($BranchNo).",
104                 '$SQLDate', '$SQLDueDate', ".db_escape($reference).",
105                 ".db_escape($sales_type).", $order_no, $Total, ".db_escape($discount).", $Tax, 
106                 ".db_escape($Freight).",
107                 $FreightTax, $rate, ".db_escape($ship_via).", $AllocAmt, ".db_escape($trans_link);
108         } else {        // may be optional argument should stay unchanged ?
109         $sql = "UPDATE ".TB_PREF."debtor_trans SET
110                 debtor_no=".db_escape($debtor_no)." , branch_code=".db_escape($BranchNo).",
111                 tran_date='$SQLDate', due_date='$SQLDueDate',
112                 reference=".db_escape($reference).", tpe=".db_escape($sales_type).", order_=$order_no,
113                 ov_amount=$Total, ov_discount=".db_escape($discount).", ov_gst=$Tax,
114                 ov_freight=".db_escape($Freight).", ov_freight_tax=$FreightTax, rate=$rate,
115                 ship_via=".db_escape($ship_via).", alloc=$AllocAmt, trans_link=$trans_link
116                 WHERE trans_no=$trans_no AND type=$trans_type";
117         }
118         db_query($sql, "The debtor transaction record could not be inserted");
119
120         return $trans_no;
121 }
122
123 //----------------------------------------------------------------------------------------
124
125 function get_customer_trans($trans_id, $trans_type)
126 {
127         $sql = "SELECT ".TB_PREF."debtor_trans.*,
128                 ov_amount+ov_gst+ov_freight+ov_freight_tax+ov_discount AS Total,
129                 ".TB_PREF."debtors_master.name AS DebtorName, ".TB_PREF."debtors_master.address, ".TB_PREF."debtors_master.email,
130                 ".TB_PREF."debtors_master.curr_code, ".TB_PREF."debtors_master.tax_id, ".TB_PREF."debtors_master.payment_terms ";
131
132         if ($trans_type == systypes::cust_payment()) {
133                 // it's a payment so also get the bank account
134                 $sql .= ", ".TB_PREF."bank_accounts.bank_name, ".TB_PREF."bank_accounts.bank_account_name,
135                         ".TB_PREF."bank_trans_types.name AS BankTransType ";
136         }
137
138         if ($trans_type == 10 OR $trans_type == 11 OR $trans_type == 13) {
139                 // it's an invoice so also get the shipper and salestype
140                 $sql .= ", ".TB_PREF."shippers.shipper_name, "
141                 .TB_PREF."sales_types.sales_type, "
142                 .TB_PREF."sales_types.tax_included, "
143                 .TB_PREF."cust_branch.*, "
144                 .TB_PREF."debtors_master.discount, "
145                 .TB_PREF."tax_groups.name AS tax_group_name, "
146                 .TB_PREF."tax_groups.id AS tax_group_id ";
147         }
148
149
150         $sql .= " FROM ".TB_PREF."debtor_trans, ".TB_PREF."debtors_master ";
151
152         if ($trans_type == systypes::cust_payment()) {
153                 // it's a payment so also get the bank account
154                 $sql .= ", ".TB_PREF."bank_trans, ".TB_PREF."bank_accounts, ".TB_PREF."bank_trans_types ";
155         }
156
157         if ($trans_type == 10 OR $trans_type == 11 OR $trans_type == 13) {
158                 // it's an invoice so also get the shipper, salestypes
159                 $sql .= ", ".TB_PREF."shippers, ".TB_PREF."sales_types, ".TB_PREF."cust_branch, ".TB_PREF."tax_groups ";
160         }
161
162         $sql .= " WHERE ".TB_PREF."debtor_trans.trans_no=$trans_id
163                 AND ".TB_PREF."debtor_trans.type=$trans_type
164                 AND ".TB_PREF."debtor_trans.debtor_no=".TB_PREF."debtors_master.debtor_no";
165
166         if ($trans_type == systypes::cust_payment()) {
167                 // it's a payment so also get the bank account
168                 $sql .= " AND ".TB_PREF."bank_trans.trans_no =$trans_id
169                         AND ".TB_PREF."bank_trans.type=$trans_type
170                         AND ".TB_PREF."bank_trans_types.id = ".TB_PREF."bank_trans.bank_trans_type_id
171                         AND ".TB_PREF."bank_accounts.account_code=".TB_PREF."bank_trans.bank_act ";
172         }
173         if ($trans_type == 10 OR $trans_type == 11 OR $trans_type == 13) {
174                 // it's an invoice so also get the shipper
175                 $sql .= " AND ".TB_PREF."shippers.shipper_id=".TB_PREF."debtor_trans.ship_via
176                         AND ".TB_PREF."sales_types.id = ".TB_PREF."debtor_trans.tpe
177                         AND ".TB_PREF."cust_branch.branch_code = ".TB_PREF."debtor_trans.branch_code
178                         AND ".TB_PREF."cust_branch.tax_group_id = ".TB_PREF."tax_groups.id ";
179         }
180
181         $result = db_query($sql, "Cannot retreive a debtor transaction");
182
183         if (db_num_rows($result) == 0) {
184                 // can't return nothing
185                 display_db_error("no debtor trans found for given params", $sql, true);
186                 exit;
187         }
188
189         if (db_num_rows($result) > 1) {
190                 // can't return multiple
191                 display_db_error("duplicate debtor transactions found for given params", $sql, true);
192                 exit;
193         }
194
195         return db_fetch($result);
196 }
197
198 //----------------------------------------------------------------------------------------
199
200 function get_customer_transactions($extra_fields=null, $extra_conditions=null, $extra_tables=null)
201 {
202         $sql = "SELECT ".TB_PREF."debtor_trans.*,
203                 ov_amount+ov_gst+ov_freight+ov_freight_tax+ov_discount AS Total,
204                 ".TB_PREF."debtors_master.name AS DebtorName, ".TB_PREF."debtors_master.address,
205                 ".TB_PREF."debtors_master.curr_code, ".TB_PREF."debtor_trans.version ";
206
207         if ($extra_fields)
208                 $sql .= ", $extra_fields ";
209
210         $sql .= " FROM ".TB_PREF."debtor_trans, ".TB_PREF."debtors_master ";
211         if ($extra_tables)
212                 $sql .= ",$extra_tables ";
213
214         $sql .= " WHERE ".TB_PREF."debtor_trans.debtor_no=".TB_PREF."debtors_master.debtor_no";
215
216         if ($extra_conditions)
217                 $sql .= " AND $extra_conditions ";
218
219         $sql .= " ORDER BY trans_no";
220
221         return db_query($sql, "Cannot retreive debtor transactions");
222 }
223
224 //----------------------------------------------------------------------------------------
225
226 function exists_customer_trans($type, $type_no)
227 {
228         $sql = "SELECT trans_no FROM ".TB_PREF."debtor_trans WHERE type=$type
229                 AND trans_no=$type_no";
230
231         $result = db_query($sql, "Cannot retreive a debtor transaction");
232
233         return (db_num_rows($result) > 0);
234 }
235
236 //----------------------------------------------------------------------------------------
237
238 // retreives the related sales order for a given trans
239
240 function get_customer_trans_order($type, $type_no)
241 {
242         $sql = "SELECT order_ FROM ".TB_PREF."debtor_trans WHERE type=$type AND trans_no=$type_no";
243
244         $result = db_query($sql, "The debtor transaction could not be queried");
245
246         $row = db_fetch_row($result);
247
248         return $row[0];
249 }
250
251 //----------------------------------------------------------------------------------------
252
253 function get_customer_details_from_trans($type, $type_no)
254 {
255         $sql = "SELECT ".TB_PREF."debtors_master.name, ".TB_PREF."debtors_master.curr_code, ".TB_PREF."cust_branch.br_name
256                 FROM ".TB_PREF."debtors_master,".TB_PREF."cust_branch,".TB_PREF."debtor_trans
257                 WHERE ".TB_PREF."debtor_trans.type=$type AND ".TB_PREF."debtor_trans.trans_no=$type_no
258                 AND ".TB_PREF."debtors_master.debtor_no = ".TB_PREF."debtor_trans.debtor_no
259                 AND     ".TB_PREF."cust_branch.branch_code = ".TB_PREF."debtor_trans.branch_code";
260
261         $result = db_query($sql, "could not get customer details from trans");
262         return db_fetch($result);
263 }
264
265 //----------------------------------------------------------------------------------------
266
267 function void_customer_trans($type, $type_no)
268 {
269         // clear all values and mark as void
270         $sql = "UPDATE ".TB_PREF."debtor_trans SET ov_amount=0, ov_discount=0, ov_gst=0, ov_freight=0,
271                 ov_freight_tax=0, alloc=0, version=version+1 WHERE type=$type AND trans_no=$type_no";
272
273         db_query($sql, "could not void debtor transactions for type=$type and trans_no=$type_no");
274 }
275
276 //----------------------------------------------------------------------------------------
277
278 function post_void_customer_trans($type, $type_no)
279 {
280         switch ($type) {
281                 case 10 :
282                 case 11 :
283                         void_sales_invoice($type, $type_no);
284                         break;
285                 case 13 :
286                         void_sales_delivery($type, $type_no);
287                         break;
288                 case 12 :
289                         void_customer_payment($type, $type_no);
290                         break;
291         }
292 }
293
294 //----------------------------------------------------------------------------------------
295
296 function get_customer_trans_link($type, $type_no)
297 {
298         $row = db_query("SELECT trans_link from ".TB_PREF."debtor_trans
299                 WHERE type=$type AND trans_no=$type_no",
300                 "could not get transaction link for type=$type and trans_no=$type_no");
301         return $row[0];
302 }
303 //----------------------------------------------------------------------------------------
304
305 ?>
FrontAccounting stable branch