Moving 2.0 development version to main trunk.

[fa-stable.git] / admin / shipping_companies.php

diff --git a/admin/shipping_companies.php b/admin/shipping_companies.php
index 7d4e530c7cb0a424742928a86d821c1a15f11a42..1c16fa3f72358dccb17f9e5514200531452fe8d6 100644 (file)
--- a/admin/shipping_companies.php
+++ b/admin/shipping_companies.php
@@ -7,16 +7,7 @@ include($path_to_root . "/includes/session.inc");
 page(_("Shipping Company"));
 include($path_to_root . "/includes/ui.inc");
 
-
-if (isset($_GET['selected_id']))
-{
-       $selected_id = $_GET['selected_id'];
-} 
-else if (isset($_POST['selected_id']))
-{
-       $selected_id = $_POST['selected_id'];
-}
-
+simple_page_mode(true);
 //----------------------------------------------------------------------------------------------
 
 function can_process() 
@@ -24,44 +15,46 @@ function can_process()
        if (strlen($_POST['shipper_name']) == 0) 
        {
                display_error(_("The shipping company name cannot be empty."));
+               set_focus('shipper_name');
                return false;
        }
        return true;
 }
 
 //----------------------------------------------------------------------------------------------
-
-if (isset($_POST['ADD_ITEM']) && can_process()) 
+if ($Mode=='ADD_ITEM' && can_process()) 
 {
 
        $sql = "INSERT INTO ".TB_PREF."shippers (shipper_name, contact, phone, address)
-               VALUES ('" . $_POST['shipper_name'] . "', '" .
-               $_POST['contact'] . "', '" .
-               $_POST['phone'] . "', '" .
-               $_POST['address'] . "')";
+               VALUES (" . db_escape($_POST['shipper_name']) . ", " .
+               db_escape($_POST['contact']). ", " .
+               db_escape($_POST['phone']). ", " .
+               db_escape($_POST['address']) . ")";
 
        db_query($sql,"The Shipping Company could not be added");
-       meta_forward($_SERVER['PHP_SELF']);
+       display_notification(_('New shipping company has been added'));
+       $Mode = 'RESET';
 }
 
 //----------------------------------------------------------------------------------------------
 
-if (isset($_POST['UPDATE_ITEM']) && can_process()) 
+if ($Mode=='UPDATE_ITEM' && can_process()) 
 {
 
-       $sql = "UPDATE ".TB_PREF."shippers SET shipper_name='" . $_POST['shipper_name'] . "' ,
-               contact ='" . $_POST['contact'] . "' ,
-               phone ='" . $_POST['phone'] . "' ,
-               address ='" . $_POST['address'] . "'
+       $sql = "UPDATE ".TB_PREF."shippers SET shipper_name=" . db_escape($_POST['shipper_name']). " ,
+               contact =" . db_escape($_POST['contact']). " ,
+               phone =" . db_escape($_POST['phone']). " ,
+               address =" . db_escape($_POST['address']). "
                WHERE shipper_id = $selected_id";
 
        db_query($sql,"The shipping company could not be updated");
-       meta_forward($_SERVER['PHP_SELF']);
+       display_notification(_('Selected shipping company has been updated'));
+       $Mode = 'RESET';
 }
 
 //----------------------------------------------------------------------------------------------
 
-if (isset($_GET['delete']))
+if ($Mode == 'Delete')
 {
 // PREVENT DELETES IF DEPENDENT RECORDS IN 'sales_orders'
 
@@ -89,17 +82,23 @@ if (isset($_GET['delete']))
                {
                        $sql="DELETE FROM ".TB_PREF."shippers WHERE shipper_id=$selected_id";
                        db_query($sql,"could not delete shipper");
-
-                       meta_forward($_SERVER['PHP_SELF']);
+                       display_notification(_('Selected shipping company has been deleted'));
                }
        }
+       $Mode = 'RESET';
 }
 
+if ($Mode == 'RESET')
+{
+       $selected_id = -1;
+       unset($_POST);
+}
 //----------------------------------------------------------------------------------------------
 
 $sql = "SELECT * FROM ".TB_PREF."shippers ORDER BY shipper_id";
 $result = db_query($sql,"could not get shippers");
 
+start_form();
 start_table($table_style);
 $th = array(_("Name"), _("Contact Person"), _("Phone Number"), _("Address"), "", "");
 table_header($th);
@@ -113,35 +112,36 @@ while ($myrow = db_fetch($result))
        label_cell($myrow["contact"]);
        label_cell($myrow["phone"]);
        label_cell($myrow["address"]);
-    edit_link_cell("selected_id=".$myrow[0]);
-    delete_link_cell("selected_id=".$myrow[0]."&delete=1");
+       edit_button_cell("Edit".$myrow[0], _("Edit"));
+       edit_button_cell("Delete".$myrow[0], _("Delete"));
        end_row();
 }
 
 end_table();
+end_form();
+echo '<br>';
 
 //----------------------------------------------------------------------------------------------
 
-hyperlink_no_params($_SERVER['PHP_SELF'], _("New Shipping Company"));
-
 start_form();
 
 start_table($table_style2);
 
-if (isset($selected_id)) 
+if ($selected_id != -1) 
 {
-       //editing an existing Shipper
-
-       $sql = "SELECT * FROM ".TB_PREF."shippers WHERE shipper_id=$selected_id";
+       if ($Mode == 'Edit') {
+               //editing an existing Shipper
 
-       $result = db_query($sql, "could not get shipper");
-       $myrow = db_fetch($result);
+               $sql = "SELECT * FROM ".TB_PREF."shippers WHERE shipper_id=$selected_id";
 
-       $_POST['shipper_name']  = $myrow["shipper_name"];
-       $_POST['contact']       = $myrow["contact"];
-       $_POST['phone'] = $myrow["phone"];
-       $_POST['address'] = $myrow["address"];
+               $result = db_query($sql, "could not get shipper");
+               $myrow = db_fetch($result);
 
+               $_POST['shipper_name']  = $myrow["shipper_name"];
+               $_POST['contact']       = $myrow["contact"];
+               $_POST['phone'] = $myrow["phone"];
+               $_POST['address'] = $myrow["address"];
+       }
        hidden('selected_id', $selected_id);
 }
 
@@ -155,7 +155,7 @@ text_row_ex(_("Address:"), 'address', 50);
 
 end_table(1);
 
-submit_add_or_update_center(!isset($selected_id));
+submit_add_or_update_center($selected_id == -1, '', true);
 
 end_form();
 end_page();