function smarty_function_print_if_not_null($params, &$smarty)
{
if ($params['field'] != null) {
$print_if_not_null = "\n <tr>\n <td class='" . htmlsafe($params[class1]) . "'>" . htmlsafe($params[label]) . ":</td>\n\t\t\t\t<td class='" . htmlsafe($params[class2]) . "' colspan='" . htmlsafe($params[colspan]) . "'>" . htmlsafe($params[field]) . "</td>\n </tr>";
echo $print_if_not_null;
}
}
public static function get_all()
{
global $dbh;
global $LANG;
global $auth_session;
$customer = null;
$sql = "SELECT * FROM " . TB_PREFIX . "customers WHERE domain_id = :domain_id";
$sth = dbQuery($sql, ':domain_id', $auth_session->domain_id) or die(htmlsafe(end($dbh->errorInfo())));
$customers = null;
for ($i = 0; $customer = $sth->fetch(); $i++) {
if ($customer['enabled'] == 1) {
$customer['enabled'] = $LANG['enabled'];
} else {
$customer['enabled'] = $LANG['disabled'];
}
#invoice total calc - start
$customer['total'] = calc_customer_total($customer['id']);
#invoice total calc - end
#amount paid calc - start
$customer['paid'] = calc_customer_paid($customer['id']);
#amount paid calc - end
#amount owing calc - start
$customer['owing'] = $customer['total'] - $customer['paid'];
#amount owing calc - end
$customers[$i] = $customer;
}
return $customers;
}
function query($sqlQuery)
{
//dbQuery($sql);
try {
//$dbh = $this->connection;
//var_dump($this->_db);
$argc = func_num_args();
$binds = func_get_args();
//$sth = false;
// PDO SQL Preparation
$sth = $this->_db->prepare($sqlQuery);
if ($argc > 1) {
array_shift($binds);
for ($i = 0; $i < count($binds); $i++) {
$sth->bindValue($binds[$i], $binds[++$i]);
}
}
//var_dump($this->_db);
$result = $sth->execute();
//$sth->closeCursor();
if ($sth->errorCode() > '0') {
simpleInvoicesError('sql', $sth->errorInfo(), $sqlQuery);
}
} catch (Exception $e) {
echo $e->getMessage();
echo "Dude, what happened to your query?:<br /><br /> " . htmlsafe($sqlQuery) . "<br />" . htmlsafe(end($this->_db->errorInfo()));
$sth = NULL;
}
//$this->connection->closeCursor();
return $sth;
#return $result;
$sth->closeCursor();
$sth = NULL;
}
function grouped($expense_id)
{
$sql = "select \n t.tax_description as tax_name, \n sum(et.tax_amount) as tax_amount,\n count(*) as count\n from \n si_expense_item_tax et, \n si_expense e,\n si_tax t \n where \n e.id = et.expense_id \n AND \n t.tax_id = et.tax_id \n AND\n e.id = :expense_id\n GROUP BY \n t.tax_id;";
$sth = dbQuery($sql, ':expense_id', $expense_id) or die(htmlsafe(end($dbh->errorInfo())));
$result = $sth->fetchAll();
return $result;
}
public function update()
{
global $db;
$sql = "UPDATE ".TB_PREFIX."system_defaults SET value = :value WHERE name = :name";
//dont worry about checking db if were using the core extension
if ( $this->extension_name != "core" )
{
$SI_EXTENSIONS = new SimpleInvoices_Db_Table_Extensions();
$extension_id = $SI_EXTENSIONS->findByName($extension_name);
} else {
$extension_id = 0;
}
if ($extension_id >= 0) {
$sql .= " AND extension_id = :extension_id";
} else {
die(htmlsafe("Invalid extension name: ".$extension));
}
if ($db->query($sql, ':value', $this->value, ':name', $this->name, ':extension_id', $extension_id)) {
return true;
}
return false;
}
function smarty_function_online_payment_link($params, &$smarty)
{
global $LANG;
$domain_id = domain_id::get($params['domain_id']);
$url = getURL();
if (in_array("paypal", explode(",", $params['type']))) {
$link = "<a \n\t\t\t\thref=\"https://www.paypal.com/xclick/?business=" . urlencode($params['business']) . "&item_name=" . urlencode($params['item_name']) . "&invoice=" . urlencode($params['invoice']) . "&amount=" . urlencode(number_format($params['amount'], 2, '.', '')) . "¤cy_code=" . urlencode($params['currency_code']) . "¬ify_url=" . urlencode($params['notify_url']) . "&return=" . urlencode($params['return_url']) . "&no_shipping=1&no_note=1&custom=domain_id:" . urlencode($domain_id) . "; \">";
if ($params['include_image'] == "true") {
$link .= "<img border='0' src='" . urlsafe($url) . "/images/common/pay_with_paypal.gif'/>";
} else {
$link .= htmlsafe($params['link_wording']);
}
$link .= "</a>";
echo $link;
}
if (in_array("eway_shared", explode(",", $params['type']))) {
$link = "<a \n\t\t\t\thref=\"https://www.paypal.com/xclick/?business=" . urlencode($params['business'] . "\n\t\t\t\t&item_name=" . urlencode($params['item_name']) . "&invoice=" . urlencode($params['invoice']) . "\n\t\t\t\t&amount=" . urlencode(number_format($params['amount'], 2, '.', '')) . "¤cy_code=" . $params['currency_code']) . "\n\t\t\t\t&return=http://vcsweb.com.au&no_shipping=1&no_note=1\">";
if ($params['include_image'] == "true") {
$link .= "<img border='0' src='" . urlsafe($url) . "/images/common/pay_with_eway.gif'/>";
} else {
$link .= htmlsafe($params['link_wording']);
}
$link .= "</a>";
echo $link;
}
}
public function insert()
{
global $db;
global $auth_session;
global $dbh;
$domain_id = domain_id::get($this->domain_id);
$sql = "INSERT INTO ".TB_PREFIX."payment_types (
pt_description,
pt_enabled,
domain_id
) VALUES (
:pt_description,
:pt_enabled,
:domain_id
)";
$sth = $db->query($sql,
':pt_description',$this->pt_description,
':pt_enabled',$this->pt_enabled,
':domain_id',$domain_id
) or die(htmlsafe(end($dbh->errorInfo())));
return $sth;
}
function printInputField($id,$itemId) {
$description = $this->getDescription($id);
$name = $this->getFormName($id);
if($itemId != "") {
$value = $this->getFieldValue($id,$itemId);
}
else {
$last = $this->getLastValue();
$year = date("Y");
if(preg_match("/([0-9]+)-([0-9]{4})/",$last,$match)) {
if($year == $match[2]) {
$number = $match[1]+1;
$value = $number."-".$year;
}
else {
$value = "1-".$year;
}
}
else {
$value = "1-".$year;
}
}
echo "<tr><td>".htmlsafe($description)."</td><td><input name='".htmlsafe($name)."' value='".htmlsafe($value)."' type='hidden'>".htmlsafe($value)."</td></tr>";
}
public function check()
{
global $db;
global $dbh;
$domain_id = domain_id::get($this->domain_id);
$run_date = empty($this->run_date) ? $today : $this->run_date;
$sql = "SELECT
count(*) as count
FROM
".TB_PREFIX."cron_log
WHERE
domain_id = :domain_id
AND
cron_id = :cron_id
AND
run_date = :run_date";
$sth = $db->query($sql,
':domain_id',$domain_id,
':cron_id',$this->cron_id,
':run_date',$run_date
) or die(htmlsafe(end($dbh->errorInfo())));
return $sth->fetchColumn();
}
public static function get($id)
{
global $db;
global $auth_session;
global $dbh;
$sql = "SELECT * FROM ".TB_PREFIX."expense WHERE domain_id = :domain_id and id = :id";
/*$sql = "SELECT
*
FROM
".TB_PREFIX."expense e
LEFT OUTER JOIN ".TB_PREFIX."expense_item_tax et
ON (e.id = et.expense_id)
WHERE
e.domain_id = :domain_id
and e.id = :id
";*/
$sth = $db->query($sql,':domain_id',$auth_session->domain_id ,':id',$id) or die(htmlsafe(end($dbh->errorInfo())));
return $sth->fetch();
}
function printInputField($id,$itemId) {
$description = $this->getDescription($id);
$value = rand();
$name = $this->getFormName($id);
echo "<tr><input type='hidden' name='".htmlsafe($name)."' value='".htmlsafe($value)."'><td>".htmlsafe($description).":</td><td>".htmlsafe($value)."</td></tr>";
}
function smarty_function_merge_address($params, &$smarty)
{
global $LANG;
$skip_section = false;
$ma = '';
// If any among city, state or zip is present with no street at all
if (($params['field1'] != null or $params['field2'] != null or $params['field3'] != null) and ($params['street1'] == null and $params['street2'] == null)) {
$ma .= "\n\t\t<tr>\n\t\t\t\t<td class='" . htmlsafe($params[class1]) . "'>{$LANG['address']}:</td>\n\t\t\t\t<td class='" . htmlsafe($params[class2]) . "' colspan='" . htmlsafe($params[colspan]) . "'>";
$skip_section = true;
}
// If any among city, state or zip is present with atleast one street value
if (($params['field1'] != null or $params['field2'] != null or $params['field3'] != null) and !$skip_section) {
$ma .= "\n\t\t<tr>\n\t\t\t\t<td class='" . htmlsafe($params[class1]) . "'></td>\n\t\t\t\t<td class='" . htmlsafe($params[class2]) . "' colspan='" . htmlsafe($params[colspan]) . "'>";
}
if ($params['field1'] != null) {
$ma .= htmlsafe($params[field1]);
}
if ($params['field1'] != null and $params['field2'] != null) {
$ma .= ", ";
}
if ($params['field2'] != null) {
$ma .= htmlsafe($params[field2]);
}
if (($params['field1'] != null or $params['field2'] != null) and $params['field3'] != null) {
$ma .= ", ";
}
if ($params['field3'] != null) {
$ma .= htmlsafe($params[field3]);
}
$ma .= "</td>\n\t\t</tr>";
echo $ma;
}
function getInvoiceItems($id)
{
$sql = "SELECT * FROM " . TB_PREFIX . "invoice_items WHERE invoice_id = :id";
$sth = dbQuery($sql, ':id', $id);
$invoiceItems = null;
for ($i = 0; $invoiceItem = $sth->fetch(); $i++) {
$invoiceItem['quantity'] = $invoiceItem['quantity'];
$invoiceItem['unit_price'] = $invoiceItem['unit_price'];
$invoiceItem['tax_amount'] = $invoiceItem['tax_amount'];
$invoiceItem['gross_total'] = $invoiceItem['gross_total'];
$invoiceItem['total'] = $invoiceItem['total'];
$sql = "SELECT * FROM " . TB_PREFIX . "products WHERE id = :id";
$tth = dbQuery($sql, ':id', $invoiceItem['product_id']) or die(htmlsafe(end($dbh->errorInfo())));
$invoiceItem['product'] = $tth->fetch();
$attr_sql = "select \r\n CONCAT(a.display_name, '-',v.value) as display,\r\n\t\t\t\t\tCONCAT(p.id, '-', a.id, '-', v.id) as id, \r\n\t\t\t\t\ta.id as aid \r\n from\r\n si_products_attributes a,\r\n si_products_values v,\r\n\t\t\t\t\tsi_products_matrix m,\r\n\t\t\t\t\tsi_products p\r\n where\r\n\t\t\t\t\tp.id = m.product_id \r\n\t\t\t\t\tand \r\n\t\t\t\t\ta.id = m.attribute_id \r\n\t\t\t\t\tand \r\n a.id = v.attribute_id\r\n\t\t\t\t\tand\r\n\t\t\t\t\tp.id = :pid\r\n and\r\n v.id = :attr_id";
$attr_all_sql = "select \r\n CONCAT(a.display_name, '-',v.value) as display,\r\n\t\t\t\t\tCONCAT(p.id, '-', a.id, '-', v.id) as id \r\n\t\t\t\t\r\n from\r\n si_products_attributes a,\r\n si_products_values v,\r\n\t\t\t\t\tsi_products_matrix m,\r\n\t\t\t\t\tsi_products p\r\n where\r\n\t\t\t\t\tp.id = m.product_id \r\n\t\t\t\t\tand \r\n\t\t\t\t\ta.id = m.attribute_id \r\n\t\t\t\t\tand \r\n a.id = v.attribute_id\r\n\t\t\t\t\tand\r\n\t\t\t\t\tp.id = :pid\r\n and\r\n m.attribute_id = :aid\r\n and\r\n v.id != :attr_id";
$attr1 = dbQuery($attr_sql, ':attr_id', $invoiceItem['attribute_1'], ':pid', $invoiceItem['product_id']) or die(htmlsafe(end($dbh->errorInfo())));
$invoiceItem['attr1'] = $attr1->fetch();
$attr_all_1 = dbQuery($attr_all_sql, ':attr_id', $invoiceItem['attribute_1'], ':pid', $invoiceItem['product_id'], ':aid', $invoiceItem['attr1']['aid']) or die(htmlsafe(end($dbh->errorInfo())));
$invoiceItem['attr_all_1'] = $attr_all_1->fetchAll();
$attr2 = dbQuery($attr_sql, ':attr_id', $invoiceItem['attribute_2'], ':pid', $invoiceItem['product_id']) or die(htmlsafe(end($dbh->errorInfo())));
$invoiceItem['attr2'] = $attr2->fetch();
$attr_all_2 = dbQuery($attr_all_sql, ':attr_id', $invoiceItem['attribute_2'], ':pid', $invoiceItem['product_id'], ':aid', $invoiceItem['attr2']['aid']) or die(htmlsafe(end($dbh->errorInfo())));
$invoiceItem['attr_all_2'] = $attr_all_2->fetchAll();
$attr3 = dbQuery($attr_sql, ':attr_id', $invoiceItem['attribute_3'], ':pid', $invoiceItem['product_id']) or die(htmlsafe(end($dbh->errorInfo())));
$invoiceItem['attr3'] = $attr3->fetch();
$attr_all_3 = dbQuery($attr_all_sql, ':attr_id', $invoiceItem['attribute_3'], ':pid', $invoiceItem['product_id'], ':aid', $invoiceItem['attr2']['aid']) or die(htmlsafe(end($dbh->errorInfo())));
$invoiceItem['attr_all_3'] = $attr_all_3->fetchAll();
$invoiceItems[$i] = $invoiceItem;
}
return $invoiceItems;
}
function smarty_function_inv_itemised_cf($params, &$smarty)
{
//$print_cf ="testsd";
if ($params['field'] != null) {
$print_cf .= "<td width=50%>".htmlsafe($params[label]).": ".htmlsafe($params[field])."</td>";
echo $print_cf;
}
}
public function select()
{
global $LANG;
global $db;
$sql = "SELECT\n\t\t\t\tiv.*,\n p.description\n\t\t\tFROM \n\t\t\t\t" . TB_PREFIX . "products p,\n\t\t\t\t" . TB_PREFIX . "inventory iv\n\t\t\t WHERE \n\t\t\t\tiv.domain_id = :domain_id\n\t\t\t\tand\n p.id = iv.product_id\n\t\t\t\tand\n iv.id = :id;";
$sth = $db->query($sql, ':domain_id', domain_id::get($this->domain_id), ':id', $this->id) or die(htmlsafe(end($dbh->errorInfo())));
return $sth->fetch();
}
function smarty_function_print_if_not_null($params, &$smarty) {
if ($params['field'] != null) {
$print_if_not_null = "
<tr>
<td class='".htmlsafe($params['class1'])."'>".htmlsafe($params['label']).":</td>
<td class='".htmlsafe($params['class2'])."' colspan='".htmlsafe($params['colspan'])."'>".htmlsafe($params['field'])."</td>
</tr>";
echo $print_if_not_null;
}
}
function printInputField($id, $itemId)
{
$name = $this->getFormName($id);
if ($itemId != "") {
$value = $this->getList($this->getFieldValue($id, $itemId), $name);
} else {
$value = $this->getList("", $name);
}
echo "<tr><td>" . htmlsafe($description) . "</td><td>" . htmlsafe($value) . "</td></tr>";
}
public static function rewind()
{
global $db;
global $auth_session;
if ($sub_node != "") {
$subnode = "and sub_node = " . $sub_node;
}
$sql = "update\n si_index \n set \n id = (id - 1) \n where\n node = :node\n and\n domain_id = :domain_id\n " . $subnode;
$sth = $db->query($sql, ':node', $node, ':domain_id', $auth_session->domain_id) or die(htmlsafe(end($dbh->errorInfo())));
return $sth;
}
function sql($type = '', $dir, $sort, $rp, $page)
{
global $config;
global $auth_session;
//SC: Safety checking values that will be directly subbed in
if (intval($start) != $start) {
$start = 0;
}
if (intval($limit) != $limit) {
$limit = 25;
}
if (!preg_match('/^(asc|desc)$/iD', $dir)) {
$dir = 'DESC';
}
$query = $_POST['query'];
$qtype = $_POST['qtype'];
/*SQL Limit - start*/
$start = ($page - 1) * $rp;
$limit = "LIMIT {$start}, {$rp}";
if ($type == "count") {
unset($limit);
}
/*SQL Limit - end*/
$where = "";
if ($query) {
$where = " AND {$qtype} LIKE '%{$query}%' ";
}
/*Check that the sort field is OK*/
$validFields = array('ap.id', 'ac_inv_id', 'description', 'unit_price', 'enabled');
if (in_array($sort, $validFields)) {
$sort = $sort;
} else {
$sort = "ap.id";
}
$query = null;
#if coming from another page where you want to filter by just one invoice
if (!empty($_GET['id'])) {
$id = $_GET['id'];
//$query = getInvoicePayments($_GET['id']);
//$sql = "SELECT ap.*, c.name as cname, b.name as bname from ".TB_PREFIX."payment ap, ".TB_PREFIX."invoices iv, ".TB_PREFIX."customers c, ".TB_PREFIX."biller b where ap.ac_inv_id = iv.id and iv.customer_id = c.id and iv.biller_id = b.id and ap.ac_inv_id = :id ORDER BY ap.id DESC";
$sql = "SELECT \r\n\t\t\t\t\tap.*, \r\n\t\t\t\t\tc.name as cname, \r\n\t\t\t\t\t(SELECT CONCAT(p.pref_inv_wording,' ',iv.index_id)) as index_name,\r\n\t\t\t\t\tb.name as bname,\r\n\t\t\t\t\tpt.pt_description AS description,\r\n\t\t\t\t\tac_notes AS notes,\r\n\t\t\t\t\tDATE_FORMAT(ac_date,'%Y-%m-%d') AS date\r\n\t\t\tfrom \r\n\t\t\t\t" . TB_PREFIX . "payment ap,\r\n\t\t\t\t" . TB_PREFIX . "invoices iv,\r\n\t\t\t\t" . TB_PREFIX . "customers c,\r\n\t\t\t\t" . TB_PREFIX . "preferences p,\r\n\t\t\t\t" . TB_PREFIX . "biller b ,\r\n\t\t\t\t" . TB_PREFIX . "payment_types pt \r\n\t\t\twhere \r\n\t\t\t\tap.ac_inv_id = iv.id \r\n\t\t\t\tand \r\n\t\t\t\tiv.customer_id = c.id \r\n\t\t\t\tand \r\n\t\t\t\tiv.biller_id = b.id \r\n\t\t\t\tand\r\n\t\t\t\tap.ac_payment_type = pt.pt_id \r\n\t\t\t\tand \r\n\t\t\t\tap.ac_inv_id = :invoice_id\r\n\t\t\t\tand \r\n\t\t\t\tap.domain_id = :domain_id\r\n\t\t\t\tand \r\n\t\t\t\tiv.preference_id = p.pref_id\r\n\t\t\t\t{$where}\r\n\t\t\tORDER BY \r\n\t\t\t\t{$sort} {$dir} \r\n\t\t\t\t{$limit}";
$result = dbQuery($sql, ':domain_id', $auth_session->domain_id, ':invoice_id', $_GET['id']) or die(htmlsafe(end($dbh->errorInfo())));
} elseif (!empty($_GET['c_id'])) {
//$query = getCustomerPayments($_GET['c_id']);
$id = $_GET['c_id'];
$sql = "SELECT \r\n\t\t\t\t\tap.*, \r\n\t\t\t\t\tc.name as cname, \r\n\t\t\t\t\t(SELECT CONCAT(p.pref_inv_wording,' ',iv.index_id)) as index_name,\r\n\t\t\t\t\tb.name as bname,\r\n\t\t\t\t\tpt.pt_description AS description,\r\n\t\t\t\t\tac_notes AS notes,\r\n\t\t\t\t\tDATE_FORMAT(ac_date,'%Y-%m-%d') AS date\r\n\t\t\t\tfrom \r\n\t\t\t\t\t" . TB_PREFIX . "payment ap, \r\n\t\t\t\t\t" . TB_PREFIX . "invoices iv, \r\n\t\t\t\t\t" . TB_PREFIX . "customers c, \r\n\t\t\t\t\t" . TB_PREFIX . "preferences p,\r\n\t\t\t\t\t" . TB_PREFIX . "biller b ,\r\n\t\t\t\t\t" . TB_PREFIX . "payment_types pt \r\n\t\t\t\twhere \r\n\t\t\t\t\tap.ac_inv_id = iv.id \r\n\t\t\t\t\tand \r\n\t\t\t\t\tiv.customer_id = c.id \r\n\t\t\t\t\tand \r\n\t\t\t\t\tiv.biller_id = b.id \r\n\t\t\t\t\tand\r\n\t\t\t\t\tap.ac_payment_type = pt.pt_id \r\n\t\t\t\t\tand \r\n\t\t\t\t\tc.id = :id \r\n\t\t\t\t\tand \r\n\t\t\t\t\tiv.preference_id = p.pref_id\r\n\t\t\t\tORDER BY \r\n\t\t\t\t{$sort} {$dir} \r\n\t\t\t\t{$limit}";
$result = dbQuery($sql, ':id', $id) or die(htmlsafe(end($dbh->errorInfo())));
} else {
//$query = getPayments();
$sql = "SELECT \r\n\t\t\t\t\tap.*, \r\n\t\t\t\t\tc.name as cname, \r\n\t\t\t\t\tb.name as bname,\r\n\t\t\t\t\tpt.pt_description AS description,\r\n\t\t\t\t\tac_notes AS notes,\r\n\t\t\t\t\t(SELECT CONCAT(p.pref_inv_wording,' ',iv.index_id)) as index_name,\r\n\t\t\t\t\tDATE_FORMAT(ac_date,'%Y-%m-%d') AS date\r\n\t\t\t\tFROM \r\n\t\t\t\t\t" . TB_PREFIX . "payment ap, \r\n\t\t\t\t\t" . TB_PREFIX . "invoices iv, \r\n\t\t\t\t\t" . TB_PREFIX . "customers c, \r\n\t\t\t\t\t" . TB_PREFIX . "biller b ,\r\n\t\t\t\t\t" . TB_PREFIX . "preferences p,\r\n\t\t\t\t\t" . TB_PREFIX . "payment_types pt \r\n\t\t\t\tWHERE \r\n\t\t\t\t\tap.ac_inv_id = iv.id \r\n\t\t\t\t\tAND \r\n\t\t\t\t\t\tiv.customer_id = c.id \r\n\t\t\t\t\tAND \r\n\t\t\t\t\t\tiv.biller_id = b.id \r\n\t\t\t\t\tAND\r\n\t\t\t\t\t\tap.ac_payment_type = pt.pt_id \r\n\t\t\t\t\tAND\r\n\t\t\t\t\t\tap.domain_id = :domain_id\r\n\t\t\t\t\tand \r\n\t\t\t\t\tiv.preference_id = p.pref_id\r\n\t\t\t\t\t{$where}\r\n\t\t\t\tORDER BY \r\n\t\t\t\t\t{$sort} {$dir} \r\n\t\t\t\t{$limit}\r\n\t\t\t\t\t";
$result = dbQuery($sql, ':domain_id', $auth_session->domain_id) or die(end($dbh->errorInfo()));
}
return $result;
}
function smarty_function_do_tr($params, &$smarty)
{
if ($params['number'] == 2) {
$new_tr = "</tr><tr class='" . htmlsafe($params['class']) . "'>";
return $new_tr;
}
if ($params['number'] == 4) {
$new_tr = "</tr><tr class='" . htmlsafe($params['class']) . "'>";
return $new_tr;
}
}
public static function select($id)
{
global $dbh;
global $auth_session;
$sql = "SELECT * FROM ".TB_PREFIX."expense_account WHERE domain_id = :domain_id and id = :id";
$sth = dbQuery($sql,':domain_id',$auth_session->domain_id, ':id', $id) or die(htmlsafe(end($dbh->errorInfo())));
return $sth->fetch();
}
public static function select($id)
{
global $LANG;
global $db;
global $auth_session;
$sql = "SELECT * FROM " . TB_PREFIX . "biller WHERE domain_id = :domain_id AND id = :id";
$sth = $db->query($sql, ':domain_id', $auth_session->domain_id, ':id', $id) or die(htmlsafe(end($dbh->errorInfo())));
$biller = $sth->fetch();
$biller['wording_for_enabled'] = $biller['enabled'] == 1 ? $LANG['enabled'] : $LANG['disabled'];
return $biller;
#return $sth->fetch();
}
function printInputField($id, $itemId)
{
$description = $this->getDescription($id);
$name = $this->getFormName($id);
if ($itemId != "") {
//Sould be replace by customFieldId and Itemid
$value = $this->getFieldValue($id, $itemId);
} else {
$value = "";
}
echo "<tr><td>" . htmlsafe($description) . "</td><td><input name='" . htmlsafe($name) . "' value='" . htmlsafe($value) . "' type='hidden'>" . htmlsafe($value) . "</td></tr>";
}
function smarty_function_online_payment_link($params, &$smarty)
{
global $LANG;
global $siUrl;
global $config;
global $siUrl;
$domain_id = domain_id::get($params['domain_id']);
$url = getURL();
if (in_array("paypal", explode(",", $params['type']))) {
$link = "<a \n href=\"https://www.paypal.com/xclick/?business=" . urlencode($params['business']) . "&item_name=" . urlencode($params['item_name']) . "&invoice=" . urlencode($params['invoice']) . "&amount=" . urlencode(number_format($params['amount'], 2, '.', '')) . "¤cy_code=" . urlencode($params['currency_code']) . "¬ify_url=" . urlencode($params['notify_url']) . "&return=" . urlencode($params['return_url']) . "&no_shipping=1&no_note=1&custom=domain_id:" . urlencode($domain_id) . "; \">";
if ($params['include_image'] == "true") {
$link .= "<img border='0' src='" . urlsafe($url) . "/images/common/pay_with_paypal.gif'/>";
} else {
$link .= htmlsafe($params['link_wording']);
}
$link .= "</a>";
echo $link;
}
if (in_array("eway_shared", explode(",", $params['type']))) {
$link = "<a \n href=\"https://www.paypal.com/xclick/?business=" . urlencode($params['business'] . "\n &item_name=" . urlencode($params['item_name']) . "&invoice=" . urlencode($params['invoice']) . "\n &amount=" . urlencode(number_format($params['amount'], 2, '.', '')) . "¤cy_code=" . $params['currency_code']) . "\n &return=http://vcsweb.com.au&no_shipping=1&no_note=1\">";
if ($params['include_image'] == "true") {
$link .= "<img border='0' src='" . urlsafe($url) . "/images/common/pay_with_eway.gif'/>";
} else {
$link .= htmlsafe($params['link_wording']);
}
$link .= "</a>";
echo $link;
}
if (in_array("paymentsgateway", explode(",", $params['type']))) {
// $today = date('Y-m-d',$x);
/*
$datetime1 = new DateTime('0001-01-01');
$datetime2 = new DateTime('now', new DateTimeZone('UTC'));
$interval = $datetime1->diff($datetime2);
//$interval->format('%a %h %i %s ') ;
$seconds = ( $interval->format('%a') * 24 * 60 * 60) + ( $interval->format('%h') * 60 * 60 )+ ($interval->format('%i') * 60) + ( $interval->format('%s') ) ;
*/
//$time = time() + 62135596800;
//$seconds = $time . '0000000';
//get biller secure trans key here
// $hash_info = $params['api_id'] ."|1|1.0|". number_format($params['amount'], 2, '.', '') ."|". $seconds. "|". $params['invoice'] ;
//$hash = hash_hmac('md5', $hash_info, $params['transaction_password']) ;
$link = "<a \n href='https://swp.paymentsgateway.net/co/default.aspx?pg_api_login_id=" . urlencode($params['api_id']) . "&pg_billto_postal_name_company=" . urlencode($params['customer']['name']) . "&pg_version_number=1.0&pg_total_amount=" . urlencode(number_format($params['amount'], 2, '.', '')) . "&pg_transaction_order_number=" . urlencode($params['invoice']) . "&pg_billto_postal_name_first=" . urlencode($params['customer']['attention']) . "&pg_billto_postal_name_last=-&pg_billto_postal_street_line1=" . urlencode($params['customer']['street_address']) . "&pg_billto_postal_street_line2=" . urlencode($params['customer']['street_address2']) . "&pg_billto_postal_city=" . urlencode($params['customer']['city']) . "&pg_billto_postal_stateprov=" . urlencode($params['customer']['state']) . "&pg_billto_postal_postalcode=" . urlencode($params['customer']['zip_code']) . "&pg_billto_telecom_phone_number=" . urlencode($params['customer']['phone']) . "&pg_billto_online_email=" . $params['customer']['email'] . "&pg_consumerorderid=" . $params['invoice'] . "&pg_return_url=" . $siUrl . "/api-ach&pg_save_client=2'>";
if ($params['include_image'] == "true") {
$link .= "<img border='0' src='" . urlsafe($url) . "/images/common/pay_with_ach.gif'/>";
} else {
$link .= htmlsafe($params['link_wording']);
}
$link .= "</a>";
echo $link;
}
}
function getExtensions()
{
global $LANG;
global $dbh;
global $auth_session;
$sql = "SELECT * FROM si_extensions WHERE domain_id = 0 OR domain_id = :domain_id ORDER BY name";
$sth = dbQuery($sql, ':domain_id', $auth_session->domain_id) or die(htmlsafe(end($dbh->errorInfo())));
$exts = null;
for ($i = 0; $ext = $sth->fetch(); $i++) {
$exts[$i] = $ext;
}
return $exts;
}
function smarty_function_markup_percentage($params, &$smarty)
{
$subtotal_tax = 0;
$subtotal_total = 0;
foreach ($params['cost'] as $key => $value) {
if ($value['product']['custom_field1'] == $params['group']) {
$subtotal_tax = $value['tax_amount'] + $subtotal_tax;
$subtotal_total = $value['gross_total'] + $subtotal_total;
}
}
$subtotal = round($subtotal_tax / $subtotal_total * 100, 0);
//$subtotal = siLocal::number($subtotal);
return htmlsafe($subtotal);
}
function getSubCustomer($parent_customer_id = '')
{
global $dbh;
global $db_server;
global $auth_session;
$sql = "SELECT * FROM " . TB_PREFIX . "customers WHERE parent_customer_id = :parent_customer_id and domain_id = :domain_id ;";
$sth = dbQuery($sql, ':domain_id', $auth_session->domain_id, ':parent_customer_id', $parent_customer_id) or die(htmlsafe(end($dbh->errorInfo())));
$code = $sth->fetchAll();
$code_description[] = '';
$output .= "<option value=''></option>";
foreach ($code as $key => $value) {
$output .= "<option value='" . $value['id'] . "'>" . $value['name'] . "</option>";
}
echo json_encode($output);
exit;
}
public static function xml($array, $level = 1)
{
$xml = '';
if ($level == 1) {
$xml .= '<?xml version="1.0" encoding="ISO-8859-1"?>' . "\n<array>\n";
}
foreach ($array as $key => $value) {
$key = strtolower($key);
if (is_array($value)) {
$multi_tags = false;
foreach ($value as $key2 => $value2) {
if (is_array($value2)) {
$xml .= str_repeat("\t", $level) . "<{$key}>\n";
$xml .= array_to_xml($value2, $level + 1);
$xml .= str_repeat("\t", $level) . "</{$key}>\n";
$multi_tags = true;
} else {
if (trim($value2) != '') {
if (htmlsafe($value2) != $value2) {
$xml .= str_repeat("\t", $level) . "<{$key}><![CDATA[{$value2}]]>" . "</{$key}>\n";
} else {
$xml .= str_repeat("\t", $level) . "<{$key}>{$value2}</{$key}>\n";
}
}
$multi_tags = true;
}
}
if (!$multi_tags and count($value) > 0) {
$xml .= str_repeat("\t", $level) . "<{$key}>\n";
$xml .= array_to_xml($value, $level + 1);
$xml .= str_repeat("\t", $level) . "</{$key}>\n";
}
} else {
if (trim($value) != '') {
if (htmlsafe($value) != $value) {
$xml .= str_repeat("\t", $level) . "<{$key}>" . "<![CDATA[{$value}]]></{$key}>\n";
} else {
$xml .= str_repeat("\t", $level) . "<{$key}>{$value}</{$key}>\n";
}
}
}
}
if ($level == 1) {
$xml .= "</array>\n";
}
return $xml;
}
function sql($type = '', $dir, $sort, $rp, $page)
{
global $config;
global $LANG;
global $auth_session;
//SC: Safety checking values that will be directly subbed in
if (intval($start) != $start) {
$start = 0;
}
$start = ($page - 1) * $limit;
if (intval($limit) != $limit) {
$limit = 25;
}
/*SQL Limit - start*/
$start = ($page - 1) * $rp;
$limit = "LIMIT {$start}, {$rp}";
if ($type == "count") {
unset($limit);
}
/*SQL Limit - end*/
if (!preg_match('/^(asc|desc)$/iD', $dir)) {
$dir = 'DESC';
}
$req = array_merge($_GET, $_POST);
$query = $_REQUEST['query'];
$qtype = $_REQUEST['qtype'];
$where = "";
if ($query != "") {
$where = " AND {$qtype} LIKE '%{$query}%' ";
}
/*Check that the sort field is OK*/
$validFields = array('id', 'status', 'amount', 'expense_account_id', 'biller_id', 'customer_id', 'invoice_id', 'date', 'amount', 'note');
if (in_array($sort, $validFields)) {
$sort = $sort;
} else {
$sort = "id";
}
#coalesce(sum(et.tax_amount),0) as ettax
#LEFT OUTER JOIN ".TB_PREFIX."expense_item_tax et
# ON (et.expense_id = e.id)
$sql = "SELECT\n e.id as EID,\n e.status as status,\n e.*,\n i.id as invoice,\n b.name as biller,\n ea.name as expense_account,\n c.name as customer,\n p.description as product,\n (select sum(tax_amount) from si_expense_item_tax where expense_id = EID) as tax,\n (select tax + e.amount) as total,\n (CASE WHEN status = 1 THEN '" . $LANG['paid'] . "'\n WHEN status = 0 THEN '" . $LANG['not_paid'] . "'\n END) AS status_wording\n\n\t\t\t\tFROM \n\t\t\t\t\t" . TB_PREFIX . "expense e\n LEFT OUTER JOIN " . TB_PREFIX . "expense_account ea \n ON (e.expense_account_id = ea.id)\n LEFT OUTER JOIN " . TB_PREFIX . "biller b \n ON (e.biller_id = b.id)\n LEFT OUTER JOIN " . TB_PREFIX . "customers c \n ON (e.customer_id = c.id)\n LEFT OUTER JOIN " . TB_PREFIX . "products p \n ON (e.product_id = p.id)\n LEFT OUTER JOIN " . TB_PREFIX . "invoices i \n ON (e.invoice_id = i.id)\n\t\t\t\tWHERE\n e.domain_id = :domain_id\n\t\t\t\t\t{$where}\n\t\t\t\tORDER BY \n\t\t\t\t\t{$sort} {$dir} \n\t\t\t\t{$limit}";
$result = dbQuery($sql, ':domain_id', $auth_session->domain_id) or die(htmlsafe(end($dbh->errorInfo())));
return $result;
}
function smarty_function_merge_address($params, &$smarty) {
global $LANG;
$skip_section = false;
$ma = '';
// If any among city, state or zip is present with no street at all
if (($params['field1'] != null OR $params['field2'] != null OR $params['field3'] != null) AND ($params['street1'] ==null AND $params['street2'] ==null)) {
$ma .= "
<tr>
<td class='".htmlsafe($params['class1'])."'>$LANG[address]:</td>
<td class='".htmlsafe($params['class2'])."' colspan='".htmlsafe($params['colspan'])."'>";
$skip_section = true;
}
// If any among city, state or zip is present with atleast one street value
if (($params['field1'] != null OR $params['field2'] != null OR $params['field3'] != null) AND ( ! $skip_section )) {
$ma .= "
<tr>
<td class='".htmlsafe($params['class1'])."'></td>
<td class='".htmlsafe($params['class2'])."' colspan='".htmlsafe($params['colspan'])."'>";
}
if ($params['field1'] != null) {
$ma .= htmlsafe($params['field1']);
}
if ($params['field1'] != null AND $params['field2'] != null ) {
$ma .= ", ";
}
if ($params['field2'] != null) {
$ma .= htmlsafe($params['field2']);
}
if (($params['field1'] != null OR $params['field2'] != null) AND ($params['field3'] != null)) {
$ma .= ", ";
}
if ($params['field3'] != null) {
$ma .= htmlsafe($params['field3']);
}
$ma .= "</td>
</tr>";
echo $ma;
}
