public function handle_payment() { // handle a payment request via post data from $invoice_id = (int) $_REQUEST['invoice_id']; if (self::is_automatic_paying_invoice($invoice_id)) { } // resume a failed past payment. if (isset($_REQUEST['invoice_payment_id']) && (int) $_REQUEST['invoice_payment_id'] > 0) { $invoice_payment_data = module_invoice::get_invoice_payment($_REQUEST['invoice_payment_id']); if ($invoice_payment_data['invoice_id'] == $invoice_id && $invoice_payment_data['date_paid'] == '0000-00-00' && $invoice_payment_data['invoice_payment_id'] == $_REQUEST['invoice_payment_id']) { // we can resume this incomplete payment. // hack to find out which payment method plugin we are using, this is bad! $payment_methods = handle_hook('get_payment_methods', $this); foreach ($payment_methods as &$payment_method) { if ($payment_method->is_enabled() && $payment_method->is_method('online') && $payment_method->get_payment_method_name() == $invoice_payment_data['method']) { $payment_method_name = $payment_method->module_name; global $plugins; if (isset($plugins[$payment_method_name])) { $plugins['' . $payment_method_name]->start_payment($invoice_id, $invoice_payment_data['amount'] - $invoice_payment_data['fee_total'], $invoice_payment_data['invoice_payment_id']); } } } } } else { if (isset($_REQUEST['payment_method']) && $invoice_id && isset($_REQUEST['payment_amount'])) { $payment_method = $_REQUEST['payment_method']; $payment_amount = number_in($_REQUEST['payment_amount']); $invoice_data = $this->get_invoice($invoice_id); //&& module_security::can_access_data('invoice',$invoice_data,$invoice_id) if ($invoice_id && $payment_method && $payment_amount > 0 && $invoice_data) { // pass this off to the payment module for handling. global $plugins; if (isset($plugins[$payment_method])) { if (class_exists('module_company', false) && isset($invoice_data['company_id']) && (int) $invoice_data['company_id'] > 0) { module_company::set_current_company_id($invoice_data['company_id']); } // delete any previously pending payment methods //$sql = "DELETE FROM `"._DB_PREFIX."invoice_payment` WHERE invoice_id = $invoice_id AND method = '".mysql_real_escape_string($plugins[''.$payment_method]->get_payment_method_name())."' AND currency_id = '".$invoice_data['currency_id']."' "; // insert a temp payment method here. $invoice_payment_id = update_insert('invoice_payment_id', 'new', 'invoice_payment', array('invoice_id' => $invoice_id, 'amount' => $payment_amount, 'currency_id' => $invoice_data['currency_id'], 'method' => $plugins['' . $payment_method]->get_payment_method_name())); module_cache::clear('invoice'); $plugins['' . $payment_method]->start_payment($invoice_id, $payment_amount, $invoice_payment_id); } } } } // todo - better redirect with errors. //redirect_browser($_SERVER['REQUEST_URI']); }
if (isset($search['generic']) && strlen($search['generic']) > 0) { $name = strip_tags(isset($recurring['url']) && $recurring['url'] ? $recurring['url'] : module_finance::link_open_recurring($recurring['finance_recurring_id'], true, $recurring)); if (stripos($name, $search['generic']) === false) { unset($upcoming_finances[$recurring_id]); continue; } } if (isset($search['amount_from']) && strlen($search['amount_from'])) { $amount = number_in($search['amount_from']); if ($amount > 0 && $recurring['amount'] < $amount) { unset($upcoming_finances[$recurring_id]); continue; } } if (isset($search['amount_to']) && strlen($search['amount_to'])) { $amount = number_in($search['amount_to']); if ($amount > 0 && $recurring['amount'] > $amount) { unset($upcoming_finances[$recurring_id]); continue; } } } } ?> <script type="text/javascript"> function set_starting_balance(){ var balance = prompt('<?php _e('Please enter starting balance'); ?> ',0);
private static function member_edit_form_save($callback_name, $owner_table, $owner_id) { $changes_made = false; if (isset($_REQUEST['member_subscriptions_save'])) { $members_subscriptions = module_subscription::get_subscriptions_by($owner_table, $owner_id, false, true); /*if($customer_hack){ $members_subscriptions = module_subscription::get_subscriptions_by_customer($member_id); }else{ $members_subscriptions = module_subscription::get_subscriptions_by_member($member_id); }*/ // check if any are deleted. // check if any are added. if (isset($_REQUEST['subscription']) && is_array($_REQUEST['subscription'])) { foreach ($_REQUEST['subscription'] as $subscription_id => $tf) { if (isset($members_subscriptions[$subscription_id])) { unset($members_subscriptions[$subscription_id]); // this one already exists as a member. // option to update the start date for this one. if (isset($_REQUEST['subscription_start_date']) && isset($_REQUEST['subscription_start_date'][$subscription_id])) { $date = input_date($_REQUEST['subscription_start_date'][$subscription_id]); if ($date) { // todo - if we support multiple subscriptions per owner table then we want to change this from subscription_id to subscription_owner_id $sql = "UPDATE `" . _DB_PREFIX . "subscription_owner` SET `deleted` = 0, `start_date` = '" . mysql_real_escape_string($date) . "' WHERE `owner_id` = " . (int) $owner_id . " AND `owner_table` = '" . mysql_real_escape_string($owner_table) . "' AND subscription_id = '" . (int) $subscription_id . "' LIMIT 1"; /*if($customer_hack){ $sql = "UPDATE `"._DB_PREFIX."subscription_customer` SET `start_date` = '".mysql_real_escape_string($date)."' WHERE `customer_id` = ".(int)$member_id." AND subscription_id = '".(int)$subscription_id."' LIMIT 1"; }else{ $sql = "UPDATE `"._DB_PREFIX."subscription_member` SET `start_date` = '".mysql_real_escape_string($date)."' WHERE `member_id` = ".(int)$member_id." AND subscription_id = '".(int)$subscription_id."' LIMIT 1"; }*/ query($sql); $changes_made = true; } } // this input box is set from subscription.js when adjusting the next due date manually. if (isset($_REQUEST['subscription_next_due_date_change']) && isset($_REQUEST['subscription_next_due_date_change'][$subscription_id])) { $date = input_date($_REQUEST['subscription_next_due_date_change'][$subscription_id]); if ($date) { // todo - if we support multiple subscriptions per owner table then we want to change this from subscription_id to subscription_owner_id $sql = "UPDATE `" . _DB_PREFIX . "subscription_owner` SET `deleted` = 0, `next_due_date` = '" . mysql_real_escape_string($date) . "', manual_next_due_date = 1 WHERE `owner_id` = " . (int) $owner_id . " AND `owner_table` = '" . mysql_real_escape_string($owner_table) . "' AND subscription_id = '" . (int) $subscription_id . "' LIMIT 1"; /*if($customer_hack){ $sql = "UPDATE `"._DB_PREFIX."subscription_customer` SET `next_due_date` = '".mysql_real_escape_string($date)."', manual_next_due_date = 1 WHERE `customer_id` = ".(int)$member_id." AND subscription_id = '".(int)$subscription_id."' LIMIT 1"; }else{ $sql = "UPDATE `"._DB_PREFIX."subscription_member` SET `next_due_date` = '".mysql_real_escape_string($date)."', manual_next_due_date = 1 WHERE `member_id` = ".(int)$member_id." AND subscription_id = '".(int)$subscription_id."' LIMIT 1"; }*/ query($sql); $changes_made = true; } } else { self::update_next_due_date($subscription_id, $owner_table, $owner_id, false); $changes_made = true; } if (module_config::c('subscription_allow_credit', 1)) { $credit = 0; if (isset($_REQUEST['subscription_credit'][$subscription_id])) { $credit = (int) $_REQUEST['subscription_credit'][$subscription_id]; } $sql = "UPDATE `" . _DB_PREFIX . "subscription_owner` SET `use_as_credit_bucket` = {$credit} WHERE `owner_id` = " . (int) $owner_id . " AND `owner_table` = '" . mysql_real_escape_string($owner_table) . "' AND subscription_id = '" . (int) $subscription_id . "' LIMIT 1"; query($sql); $changes_made = true; } if (module_config::c('subscription_allow_limits', 1)) { if (isset($_REQUEST['subscription_recur_limits'][$subscription_id])) { $sql = "UPDATE `" . _DB_PREFIX . "subscription_owner` SET `recur_limit` = " . (int) $_REQUEST['subscription_recur_limits'][$subscription_id] . " WHERE `owner_id` = " . (int) $owner_id . " AND `owner_table` = '" . mysql_real_escape_string($owner_table) . "' AND subscription_id = '" . (int) $subscription_id . "' LIMIT 1"; query($sql); $changes_made = true; } } } else { // adding a new subscription to this user. $start_date = input_date($_REQUEST['subscription_start_date'][$subscription_id]); /*// find history. to modify start date based on first payment. $history = self::get_subscription_history($subscription_id,$member_id); if(count($history)>0){ foreach($history as $h){ if($h['paid_date']!='0000-00-00'){ $start_date = $h['paid_date']; break; } } }*/ // add this new one to this member. $sql = "INSERT INTO `" . _DB_PREFIX . "subscription_owner` SET "; $sql .= " owner_id = '" . (int) $owner_id . "'"; $sql .= ", owner_table = '" . mysql_real_escape_string($owner_table) . "'"; $sql .= ", subscription_id = '" . (int) $subscription_id . "'"; $sql .= ", start_date = '{$start_date}'"; /*if($customer_hack){ $sql = "REPLACE INTO `"._DB_PREFIX."subscription_customer` SET "; $sql .= " customer_id = '".(int)$member_id."'"; $sql .= ", subscription_id = '".(int)$subscription_id."'"; $sql .= ", start_date = '$start_date'"; }else{ $sql = "REPLACE INTO `"._DB_PREFIX."subscription_member` SET "; $sql .= " member_id = '".(int)$member_id."'"; $sql .= ", subscription_id = '".(int)$subscription_id."'"; $sql .= ", start_date = '$start_date'"; }*/ query($sql); self::update_next_due_date($subscription_id, $owner_table, $owner_id, true); $changes_made = true; } } } // remove any left in subscription history. foreach ($members_subscriptions as $subscription_id => $subscription) { $sql = "UPDATE `" . _DB_PREFIX . "subscription_owner` SET `deleted` = 1, next_due_date = '0000-00-00' WHERE `owner_id` = " . (int) $owner_id . " AND owner_table = '" . mysql_real_escape_string($owner_table) . "' AND subscription_id = '" . (int) $subscription_id . "' LIMIT 1"; /*if($customer_hack){ $sql = "UPDATE `"._DB_PREFIX."subscription_customer` SET `deleted` = 1 WHERE `customer_id` = ".(int)$member_id." AND subscription_id = '".(int)$subscription_id."' LIMIT 1"; }else{ $sql = "UPDATE `"._DB_PREFIX."subscription_member` SET `deleted` = 1 WHERE `member_id` = ".(int)$member_id." AND subscription_id = '".(int)$subscription_id."' LIMIT 1"; }*/ query($sql); $changes_made = true; } } // handle the payment adding. invoice creation. etc.!! // similar to premium ticket creation. if (isset($_REQUEST['subscription_add_payment_amount']) && $_REQUEST['subscription_add_payment_amount'] > 0) { $date = input_date($_REQUEST['subscription_add_payment_date']); $amount = number_in($_REQUEST['subscription_add_payment_amount']); $subscription_id = (int) $_REQUEST['subscription_add_payment']; $invoice_id = self::generate_subscription_invoice($subscription_id, $owner_table, $owner_id, $date, $amount); $changes_made = true; redirect_browser(module_invoice::link_open($invoice_id)); } // run the cron job so that any invoices are automatically sent // this code is also in customer.php if ($changes_made && module_config::c('subscription_send_invoice_straight_away', 0)) { self::run_cron(); } }
public static function update_insert($pkey, $pid, $table, $data = false, $do_replace = false) { if ($data === false) { $data = $_REQUEST; } $fields = self::get_fields($table, array("date_created", "date_updated")); // if (isset($fields['system_id']) && defined('_SYSTEM_ID')) { $data['system_id'] = _SYSTEM_ID; } if (isset($fields['date_created'])) { unset($fields['date_created']); } $now_string = mysql_real_escape_string(date('Y-m-d H:i:s')); if ($do_replace || !is_numeric($pid) || !$pid) { $pid = 'new'; if ($do_replace) { $sql = "REPLACE INTO "; } else { $sql = "INSERT INTO "; } $sql .= "`" . _DB_PREFIX . "{$table}` SET date_created = '{$now_string}', "; if (isset($fields['create_user_id']) && isset($_SESSION['_user_id']) && $_SESSION['_user_id']) { $sql .= "`create_user_id` = '" . (int) $_SESSION['_user_id'] . "', "; unset($fields['create_user_id']); } if (isset($fields['create_ip_address'])) { $sql .= "`create_ip_address` = '" . mysql_real_escape_string($_SERVER['REMOTE_ADDR']) . "', "; unset($fields['create_ip_address']); } // check there's a valid site id if (isset($fields['site_id']) && (!isset($data['site_id']) || !$data['site_id']) && isset($_SESSION['_site_id'])) { $data['site_id'] = $_SESSION['_site_id']; } $where = ""; //module_security::sanatise_data($table,$data); // todo - sanatise data here before we go through teh loop. // if sanatisation fails or data access fails then we stop the update/insert. if (!$data) { // dont do this becuase $email->new_email() fails. // return false; } } else { // TODO - security hook here, check if we can access this data. /*$security_dummy=array(); if(!module_security::can_access_data($table,$security_dummy,$pid)){ echo 'Security warning - unable to save data'; exit; return false; }*/ $updated = false; if (isset($data['date_updated'])) { $updated = "'" . mysql_real_escape_string(input_date($data['date_updated'], true)) . "'"; } if (!$updated) { $updated = "'{$now_string}'"; } $sql = "UPDATE `" . _DB_PREFIX . "{$table}` SET date_updated = {$updated},"; if (isset($fields['update_user_id']) && isset($_SESSION['_user_id']) && $_SESSION['_user_id']) { $sql .= "`update_user_id` = '" . (int) $_SESSION['_user_id'] . "', "; unset($fields['update_user_id']); } if (isset($fields['update_ip_address'])) { $sql .= "`update_ip_address` = '" . mysql_real_escape_string($_SERVER['REMOTE_ADDR']) . "', "; unset($fields['update_ip_address']); } $where = " WHERE `{$pkey}` = '" . mysql_real_escape_string($pid) . "'"; if (isset($fields['system_id']) && defined('_SYSTEM_ID')) { $where .= " AND system_id = '" . _SYSTEM_ID . "'"; } } //print_r($fields);exit; //print_r($data);exit; if (!$do_replace && isset($data[$pkey])) { unset($data[$pkey]); } foreach ($fields as $field) { if (!isset($data[$field['name']]) || $data[$field['name']] === false) { continue; } // special format for date fields. if ($field['type'] == 'date') { $data[$field['name']] = input_date($data[$field['name']]); } // special format for int / double fields. if (($field['type'] == 'decimal' || $field['type'] == 'double') && function_exists('number_in')) { // how many decimals are we rounding this number to? if (preg_match('#\\(\\d+,(\\d+)\\)#', $field['dbtype'], $matches)) { $data[$field['name']] = number_in($data[$field['name']], $matches[1]); } else { $data[$field['name']] = number_in($data[$field['name']]); } } if (is_array($data[$field['name']])) { $val = serialize($data[$field['name']]); } else { $val = $data[$field['name']]; } $sql .= " `" . $field['name'] . "` = '" . mysql_real_escape_string($val) . "', "; } $sql = rtrim($sql, ', '); $sql .= $where; query($sql); if ($pid == "new") { $pid = mysql_insert_id(); } return $pid; }
public function process() { $errors = array(); if (isset($_REQUEST['butt_del']) && $_REQUEST['butt_del'] && $_REQUEST['job_id']) { $data = self::get_job($_REQUEST['job_id']); if (module_form::confirm_delete('job_id', _l("Really delete job: %s", $data['name']), self::link_open($_REQUEST['job_id']))) { $this->delete_job($_REQUEST['job_id']); set_message("job deleted successfully"); redirect_browser($this->link_open(false)); } } else { if ("ajax_job_list" == $_REQUEST['_process']) { $customer_id = isset($_REQUEST['customer_id']) ? (int) $_REQUEST['customer_id'] : 0; $res = module_job::get_jobs(array('customer_id' => $customer_id)); $options = array(); foreach ($res as $row) { $options[$row['job_id']] = $row['name']; } echo json_encode($options); exit; } else { if ("ajax_create_invoice" == $_REQUEST['_process']) { $job_id = (int) $_REQUEST['job_id']; $job = self::get_job($job_id, true); $job_tasks = self::get_tasks($job_id); if (!$job || $job['job_id'] != $job_id) { exit; } // no permissions. if (!module_invoice::can_i('create', 'Invoices')) { exit; } // no permissions ob_start(); ?> <p><?php _e('Please select which tasks to generate an invoice for:'); ?> </p> <ul> <?php foreach ($job['uninvoiced_task_ids'] as $task_id) { if (isset($job_tasks[$task_id])) { ?> <li> <input type="checkbox" id="invoice_create_task_<?php echo $task_id; ?> " data-taskid="<?php echo $task_id; ?> " class="invoice_create_task" name="invoice_task_id[<?php echo $task_id; ?> ]" value="1" <?php echo $job_tasks[$task_id]['fully_completed'] ? 'checked' : ''; ?> > <label for="invoice_create_task_<?php echo $task_id; ?> "> (#<?php echo $job_tasks[$task_id]['task_order']; ?> ) <?php echo htmlspecialchars($job_tasks[$task_id]['description']); ?> </label> </li> <?php } } ?> </ul> <?php $html = ob_get_clean(); echo $html; exit; } else { if ("ajax_task" == $_REQUEST['_process']) { // we are requesting editing a task. $job_id = (int) $_REQUEST['job_id']; $job = self::get_job($job_id, true); $job_tasks = self::get_tasks($job_id); if (!$job || $job['job_id'] != $job_id) { exit; } // no permissions. if (!self::can_i('edit', 'Job Tasks')) { exit; } // no permissions if (isset($_REQUEST['toggle_completed'])) { $task_id = (int) $_REQUEST['task_id']; $task_data = $job_tasks[$task_id]; $result = array(); if ($task_data && $task_data['job_id'] == $job_id) { if ($task_data['invoiced'] && $task_data['fully_completed']) { // dont allow to 'uncompleted' fully completed invoice tasks } else { // it is editable. $task_data['fully_completed_t'] = 1; $task_data['fully_completed'] = $task_data['fully_completed'] ? 0 : 1; // save a single job task $this->save_job_tasks($job_id, array('job_task' => array($task_id => $task_data))); $result['success'] = 1; $result['job_id'] = $job_id; $result['task_id'] = $task_id; $result['message'] = $task_data['fully_completed'] ? _l('Task marked as complete') : _l('Task marked as incomplete'); $email_status = self::send_job_task_email($job_id, $result['task_id'], 'toggle'); if ($email_status !== false) { $result['message'] .= is_array($email_status) && isset($email_status['message']) ? $email_status['message'] : _l(' and email sent to customer'); } } } echo json_encode($result); exit; } else { if (isset($_REQUEST['delete_task_log_id']) && (int) $_REQUEST['delete_task_log_id'] > 0) { $task_id = (int) $_REQUEST['task_id']; $task_log_id = (int) $_REQUEST['delete_task_log_id']; $sql = "DELETE FROM `" . _DB_PREFIX . "task_log` WHERE task_id = '{$task_id}' AND task_log_id = '{$task_log_id}' LIMIT 1"; query($sql); echo 'done'; } else { if (isset($_REQUEST['update_task_order'])) { // updating the task orders for this task.. $task_order = (array) $_REQUEST['task_order']; foreach ($task_order as $task_id => $new_order) { if ((int) $new_order > 0 && isset($job_tasks[$task_id])) { update_insert('task_id', $task_id, 'task', array('task_order' => (int) $new_order)); } } echo 'done'; } else { $task_id = (int) $_REQUEST['task_id']; $task_data = $job_tasks[$task_id]; $task_editable = !$task_data['invoiced']; $job_task_creation_permissions = module_job::get_job_task_creation_permissions(); // todo - load this select box in via javascript from existing one on page. $staff_members = module_user::get_staff_members(); $staff_member_rel = array(); foreach ($staff_members as $staff_member) { $staff_member_rel[$staff_member['user_id']] = $staff_member['name']; } // new different formats for job data. $task_data['manual_task_type_real'] = $task_data['manual_task_type']; if ((!isset($task_data['manual_task_type']) || $task_data['manual_task_type'] < 0) && isset($job['default_task_type'])) { // use the job task type $task_data['manual_task_type'] = $job['default_task_type']; } $percentage = self::get_percentage($task_data); if (isset($_REQUEST['get_preview'])) { $after_task_id = $task_id; // this will put it right back where it started. $previous_task_id = 0; $job_tasks = self::get_tasks($job_id); $show_hours_summary = false; foreach ($job_tasks as $k => $v) { if ($v['manual_task_type'] < 0) { $job_tasks[$k]['manual_task_type'] = $job['default_task_type']; } if ($job_tasks[$k]['manual_task_type'] == _TASK_TYPE_HOURS_AMOUNT) { $show_hours_summary = true; } } foreach ($job_tasks as $k => $v) { // find out where this new task position is! if ($k == $task_id) { $after_task_id = $previous_task_id; break; } $previous_task_id = $k; } $create_invoice_button = ''; //if($job['total_amount_invoicable'] > 0 && module_invoice::can_i('create','Invoices')){ if (count($job['uninvoiced_task_ids']) && module_invoice::can_i('create', 'Invoices')) { //href="'.module_invoice::link_generate('new',array('arguments'=>array( 'job_id' => $job_id, ))).'" $create_invoice_button = '<a class="submit_button save_button uibutton job_generate_invoice_button" onclick="return ucm.job.generate_invoice();">' . _l('Create Invoice') . '</a>'; } $result = array('task_id' => $task_id, 'after_task_id' => $after_task_id, 'html' => self::generate_task_preview($job_id, $job, $task_id, $task_data), 'summary_html' => self::generate_job_summary($job_id, $job, $show_hours_summary), 'create_invoice_button' => $create_invoice_button); echo json_encode($result); } else { $show_task_numbers = module_config::c('job_show_task_numbers', 1) && $job['auto_task_numbers'] != 2; ob_start(); include 'pages/ajax_task_edit.php'; $result = array('task_id' => $task_id, 'hours' => isset($_REQUEST['hours']) ? (double) $_REQUEST['hours'] : 0, 'html' => ob_get_clean()); echo json_encode($result); } } } } exit; } else { if ("save_job_tasks_ajax" == $_REQUEST['_process']) { // do everything via ajax. trickery! // dont bother saving the job. it's already created. $job_id = (int) $_REQUEST['job_id']; $job_data = self::get_job($job_id); if (!$job_id || !$job_data || $job_data['job_id'] != $job_id) { set_error('Permission denied'); exit; } $result = $this->save_job_tasks($job_id, $_POST); $job_data = self::get_job($job_id, false); //if(!$job_data || $job_data['job_id'] != $job_id) $new_status = self::update_job_completion_status($job_id); $new_status = addcslashes(htmlspecialchars($new_status), "'"); //module_cache::clear_cache(); $new_job_data = self::get_job($job_id, false); // we now have to edit the parent DOM to reflect these changes. // what were we doing? adding a new task? editing an existing task? switch ($result['status']) { case 'created': // we added a new task. // add a new task to the bottom (OR MID WAY!) through the task list. if ((int) $result['task_id'] > 0) { // support for job task completion email. $email_status = self::send_job_task_email($job_id, $result['task_id'], 'created'); ?> <script type="text/javascript"> parent.refresh_task_preview(<?php echo (int) $result['task_id']; ?> ); parent.clear_create_form(); parent.ucm.add_message('<?php _e('New task created successfully'); echo is_array($email_status) && isset($email_status['message']) ? $email_status['message'] : ($email_status ? _l(' and email sent to customer') : ''); ?> '); parent.ucm.display_messages(true); <?php if ($job_data['status'] != $new_status) { ?> parent.jQuery('#status').val('<?php echo $new_status; ?> ').change();<?php } ?> <?php if ($new_job_data['date_completed'] != $job_data['date_completed']) { ?> parent.jQuery('#date_completed').val('<?php echo print_date($new_job_data['date_completed']); ?> ').change();<?php } ?> </script> <?php } else { set_error('New task creation failed.'); ?> <script type="text/javascript"> top.location.href = '<?php echo $this->link_open($_REQUEST['job_id']); ?> &added=true'; </script> <?php } break; case 'deleted': // we deleted a task. set_message('Task removed successfully'); ?> <script type="text/javascript"> top.location.href = '<?php echo $this->link_open($_REQUEST['job_id']); ?> '; <?php if ($job_data['status'] != $new_status) { ?> parent.jQuery('#status').val('<?php echo $new_status; ?> ').change();<?php } ?> </script> <?php break; case 'error': set_error('Something happened while trying to save a task. Unknown error.'); // something happened, refresh the parent browser frame ?> <script type="text/javascript"> top.location.href = '<?php echo $this->link_open($_REQUEST['job_id']); ?> '; </script> <?php break; case 'edited': // we changed a task (ie: completed?); // update this task above. if ((int) $result['task_id'] > 0) { $email_status = self::send_job_task_email($job_id, $result['task_id'], 'edited'); ?> <script type="text/javascript"> parent.canceledittask(); //parent.refresh_task_preview(<?php echo (int) $result['task_id']; ?> ); parent.ucm.add_message('<?php _e('Task saved successfully'); echo is_array($email_status) && isset($email_status['message']) ? $email_status['message'] : ($email_status ? _l(' and email sent to customer') : ''); ?> '); parent.ucm.display_messages(true); <?php if ($job_data['status'] != $new_status) { ?> parent.jQuery('#status').val('<?php echo $new_status; ?> ').change();<?php } ?> <?php if ($new_job_data['date_completed'] != $job_data['date_completed']) { ?> parent.jQuery('#date_completed').val('<?php echo print_date($new_job_data['date_completed']); ?> ').change();<?php } ?> </script> <?php } else { ?> <script type="text/javascript"> parent.canceledittask(); parent.ucm.add_error('<?php _e('Unable to save task'); ?> '); parent.ucm.display_messages(true); <?php if ($job_data['status'] != $new_status) { ?> parent.jQuery('#status').val('<?php echo $new_status; ?> ').change();<?php } ?> </script> <?php } break; default: ?> <script type="text/javascript"> parent.ucm.add_error('<?php _e('Unable to save task. Please check required fields.'); ?> '); parent.ucm.display_messages(true); </script> <?php break; } exit; } else { if ("save_job" == $_REQUEST['_process']) { $job_id = (int) $_REQUEST['job_id']; if ((int) $job_id > 0) { $original_job_data = self::get_job($job_id, false); if (!$original_job_data || $original_job_data['job_id'] != $job_id) { $original_job_data = array(); $job_id = false; } } else { $original_job_data = array(); $job_id = false; } // check create permissions. if (!$job_id && !self::can_i('create', 'Jobs')) { // user not allowed to create jobs. set_error('Unable to create new Jobs'); redirect_browser(self::link_open(false)); } else { if ($job_id && !self::can_i('edit', 'Jobs')) { // user not allowed to create jobs. set_error('Unable to edit Jobs'); redirect_browser(self::link_open(false)); } } $job_id = $this->save_job($job_id, $_POST); // look for the new tasks flag. if (isset($_REQUEST['default_task_list_id']) && isset($_REQUEST['default_tasks_action'])) { switch ($_REQUEST['default_tasks_action']) { case 'insert_default': if ((int) $_REQUEST['default_task_list_id'] > 0) { $default = self::get_default_task($_REQUEST['default_task_list_id']); $task_data = $default['task_data']; $new_task_data = array('job_task' => array()); foreach ($task_data as $task) { $task['job_id'] = $job_id; if ($task['date_due'] && $task['date_due'] != '0000-00-00') { $diff_time = strtotime($task['date_due']) - $task['saved_time']; $task['date_due'] = date('Y-m-d', time() + $diff_time); } $new_task_data['job_task'][] = $task; } $this->save_job_tasks($job_id, $new_task_data); } break; case 'save_default': $new_default_name = trim($_REQUEST['default_task_list_id']); if ($new_default_name != '') { // time to save it! $task_data = self::get_tasks($job_id); $cached_task_data = array(); foreach ($task_data as $task) { unset($task['task_id']); unset($task['date_done']); unset($task['invoice_id']); unset($task['task_order']); unset($task['create_user_id']); unset($task['update_user_id']); unset($task['date_created']); unset($task['date_updated']); $task['saved_time'] = time(); $cached_task_data[] = $task; /*$cached_task_data[] = array( 'hours' => $task['hours'], 'amount' => $task['amount'], 'billable' => $task['billable'], 'fully_completed' => $task['fully_completed'], 'description' => $task['description'], 'long_description' => $task['long_description'], 'date_due' => $task['date_due'], 'user_id' => $task['user_id'], 'approval_required' => $task['approval_required'], 'task_order' => $task['task_order'], 'saved_time' => time(), );*/ } self::save_default_tasks((int) $_REQUEST['default_task_list_id'], $new_default_name, $cached_task_data); unset($task_data); } break; } } // check if we are generating any renewals if (isset($_REQUEST['generate_renewal']) && $_REQUEST['generate_renewal'] > 0) { $new_job_id = $this->renew_job($job_id); set_message("Job renewed successfully"); redirect_browser($this->link_open($new_job_id)); } if (isset($_REQUEST['butt_create_deposit']) && isset($_REQUEST['job_deposit']) && $_REQUEST['job_deposit'] > 0) { if (strpos($_REQUEST['job_deposit'], '%') !== false) { $job_data = module_job::get_job($job_id); $percent = (int) str_replace('%', '', $_REQUEST['job_deposit']); $_REQUEST['job_deposit'] = number_out($job_data['total_amount'] * ($percent / 100)); } // create an invoice for this job. $url = module_invoice::link_generate('new', array('arguments' => array('job_id' => $job_id, 'as_deposit' => 1, 'amount_due' => number_in($_REQUEST['job_deposit']), 'description' => str_replace('{JOB_NAME}', $_POST['name'], module_config::c('job_deposit_text', 'Deposit for job: {JOB_NAME}'))))); redirect_browser($url); } set_message("Job saved successfully"); redirect_browser(isset($_REQUEST['_redirect']) && !empty($_REQUEST['_redirect']) ? $_REQUEST['_redirect'] : $this->link_open($job_id)); } } } } } } if (!count($errors)) { redirect_browser($_REQUEST['_redirect']); exit; } print_error($errors, true); }