. ***********************************************************************/ $page_security=5; $path_to_root="../.."; include($path_to_root . "/includes/session.inc"); page(_("Suppliers")); //include($path_to_root . "/includes/date_functions.inc"); include($path_to_root . "/includes/ui.inc"); check_db_has_tax_groups(_("There are no tax groups defined in the system. At least one tax group is required before proceeding.")); if (isset($_GET['supplier_id'])) { $_POST['supplier_id'] = $_GET['supplier_id']; } $new_supplier = get_post('supplier_id') == ''; if (isset($_POST['submit'])) { //initialise no input errors assumed initially before we test $input_error = 0; /* actions to take once the user has clicked the submit button ie the page has called itself with some user input */ //first off validate inputs sensible if (strlen($_POST['supp_name']) == 0 || $_POST['supp_name'] == "") { $input_error = 1; display_error(_("The supplier name must be entered.")); set_focus('supp_name'); } if ($input_error !=1 ) { if (!$new_supplier) { $sql = "UPDATE ".TB_PREF."suppliers SET supp_name=".db_escape($_POST['supp_name']) . ", address=".db_escape($_POST['address']) . ", supp_address=".db_escape($_POST['supp_address']) . ", phone=".db_escape($_POST['phone']) . ", fax=".db_escape($_POST['fax']) . ", gst_no=".db_escape($_POST['gst_no']) . ", email=".db_escape($_POST['email']) . ", contact=".db_escape($_POST['contact']) . ", bank_account=".db_escape($_POST['bank_account']) . ", credit_limit=".db_escape($_POST['credit_limit']) . ", dimension_id=".db_escape($_POST['dimension_id']) . ", dimension2_id=".db_escape($_POST['dimension2_id']) . ", curr_code=".db_escape($_POST['curr_code']).", payment_terms=".db_escape($_POST['payment_terms']) . ", payable_account=".db_escape($_POST['payable_account']) . ", purchase_account=".db_escape($_POST['purchase_account']) . ", payment_discount_account=".db_escape($_POST['payment_discount_account']) . ", tax_group_id=".db_escape($_POST['tax_group_id']) . " WHERE supplier_id = '" . $_POST['supplier_id'] . "'"; db_query($sql,"The supplier could not be updated"); display_notification(_("Supplier has been updated.")); } else { $sql = "INSERT INTO ".TB_PREF."suppliers (supp_name, address, supp_address, phone, fax, gst_no, email, contact, bank_account, credit_limit, dimension_id, dimension2_id, curr_code, payment_terms, payable_account, purchase_account, payment_discount_account, tax_group_id) VALUES (".db_escape($_POST['supp_name']). ", " .db_escape($_POST['address']) . ", " .db_escape($_POST['supp_address']) . ", " .db_escape($_POST['phone']). ", " .db_escape($_POST['fax']). ", " .db_escape($_POST['gst_no']). ", " .db_escape($_POST['email']). ", " .db_escape($_POST['contact']). ", " .db_escape($_POST['bank_account']). ", " .db_escape($_POST['credit_limit']). ", " .db_escape($_POST['dimension_id']). ", " .db_escape($_POST['dimension2_id']). ", " .db_escape($_POST['curr_code']). ", " .db_escape($_POST['payment_terms']). ", " .db_escape($_POST['payable_account']). ", " .db_escape($_POST['purchase_account']). ", " .db_escape($_POST['payment_discount_account']). ", " .db_escape($_POST['tax_group_id']). ")"; db_query($sql,"The supplier could not be added"); $_POST['supplier_id'] = db_insert_id(); $new_supplier = false; display_notification(_("A new supplier has been added.")); $Ajax->activate('_page_body'); } } } elseif (isset($_POST['delete']) && $_POST['delete'] != "") { //the link to delete a selected record was clicked instead of the submit button $cancel_delete = 0; // PREVENT DELETES IF DEPENDENT RECORDS IN 'supp_trans' , purch_orders $sql= "SELECT COUNT(*) FROM ".TB_PREF."supp_trans WHERE supplier_id='" . $_POST['supplier_id'] . "'"; $result = db_query($sql,"check failed"); $myrow = db_fetch_row($result); if ($myrow[0] > 0) { $cancel_delete = 1; display_error(_("Cannot delete this supplier because there are transactions that refer to this supplier.")); } else { $sql= "SELECT COUNT(*) FROM ".TB_PREF."purch_orders WHERE supplier_id='" . $_POST['supplier_id'] . "'"; $result = db_query($sql,"check failed"); $myrow = db_fetch_row($result); if ($myrow[0] > 0) { $cancel_delete = 1; display_error(_("Cannot delete the supplier record because purchase orders have been created against this supplier.")); } } if ($cancel_delete == 0) { $sql="DELETE FROM ".TB_PREF."suppliers WHERE supplier_id='" . $_POST['supplier_id']. "'"; db_query($sql,"check failed"); unset($_SESSION['supplier_id']); $new_supplier = true; $Ajax->activate('_page_body'); } //end if Delete supplier } elseif (isset($_POST['select'])) { context_return(array('supplier_id' => $_POST['supplier_id'])); } start_form(); if (db_has_suppliers()) { start_table("", 3); // start_table("class = 'tablestyle_noborder'"); supplier_list_row(_("Select a supplier: "), 'supplier_id', null, _('New supplier'), true); end_table(); } else { hidden('supplier_id', get_post('supplier_id')); } br(); start_table("$table_style2 width=65%", 5); echo "