public function put($rest, $id)
{
$req = $rest->request();
$info = $req->post();
$sup = get_supplier($id);
if ($sup == null) {
api_error(400, 'Invalid Supplier ID');
}
// Validate Required Fields
if (!isset($info['supp_name'])) {
api_error(412, 'Supplier Name is required [supp_name]');
}
if (!isset($info['supp_ref'])) {
api_error(412, 'Supplier Reference is required [supp_ref]');
}
if (!isset($info['address'])) {
api_error(412, 'Address is required [address]');
}
if (!isset($info['supp_address'])) {
api_error(412, 'Supplier Address 2 is required [supp_address]');
}
if (!isset($info['gst_no'])) {
api_error(412, 'GST No. is required [gst_no]');
}
if (!isset($info['supp_account_no'])) {
api_error(412, 'Supplier Account Number is required [supp_account_no]');
}
if (!isset($info['bank_account'])) {
api_error(412, 'Bank Account is required [bank_account]');
}
if (!isset($info['credit_limit'])) {
api_error(412, 'Credit Limir is required [credit_limit]');
}
if (!isset($info['curr_code'])) {
api_error(412, 'Currency Code is required [curr_code]');
}
if (!isset($info['payment_terms'])) {
api_error(412, 'Payment Terms is required [payment_terms]');
}
if (!isset($info['payable_account'])) {
api_error(412, 'Payable Account is required [payable_account]');
}
if (!isset($info['purchase_account'])) {
api_error(412, 'Purchase Account is required [purchase_account]');
}
if (!isset($info['payment_discount_account'])) {
api_error(412, 'Payment Discount Account is required [payment_discount]');
}
if (!isset($info['tax_group_id'])) {
api_error(412, 'Tax Group Id is required [tax_group_id]');
}
if (!isset($info['tax_included'])) {
api_error(412, 'Tax Included is required [tax_included]');
}
if (!isset($info['website'])) {
$info['website'] = '';
}
if (!isset($info['notes'])) {
$info['notes'] = '';
}
/*
* $supplier_id, $supp_name, $supp_ref, $address, $supp_address, $gst_no, $website, $supp_account_no,
* $bank_account, $credit_limit, $dimension_id, $dimension2_id, $curr_code, $payment_terms, $payable_account,
* $purchase_account, $payment_discount_account, $notes, $tax_group_id, $tax_included
*/
update_supplier($id, $info['supp_name'], $info['supp_ref'], $info['address'], $info['supp_address'], $info['gst_no'], $info['website'], $info['supp_account_no'], $info['bank_account'], $info['credit_limit'], 0, 0, $info['curr_code'], $info['payment_terms'], $info['payable_account'], $info['purchase_account'], $info['payment_discount_account'], $info['notes'], $info['tax_group_id'], $info['tax_included']);
api_success_response("Supplier has been updated");
}
<?php
// Load the Supplier classes
require_once 'include.php';
// Load the Translation for this Module
if (!xml2php('supplier')) {
$smarty->assign('error_msg', "Error in language file");
}
// Load PHP Language Translations
$langvals = gateway_xml2php('supplier');
// Load supplier details
$supplier_details = display_supplier_info($db, $VAR['supplierID']);
// If details submitted run update values, if not set load edit.tpl and populate values
if (isset($VAR['submit'])) {
if (!update_supplier($db, $VAR)) {
force_page('supplier', 'edit&error_msg=Falied to Update Supplier Information&supplierID=' . $VAR['supplierID']);
exit;
} else {
force_page('supplier', 'supplier_details&supplierID=' . $VAR['supplierID'] . '&page_title=' . $langvals['supplier_details_title']);
exit;
}
} else {
$smarty->assign('supplier_details', $supplier_details);
$smarty->display('supplier' . SEP . 'edit.tpl');
}
$query = "SELECT * from SUPPLIER WHERE Contact={$supplier_contact}";
$supp = mysql_query($query);
$num_fields = mysql_num_fields($supp);
for ($i = 0; $i < $num_fields; $i++) {
echo "<tr>" . "\n";
echo "<td>" . "\n";
$field = mysql_field_name($supp, $i);
echo "<b>" . $field . "</b>" . "\n";
echo "</td>" . "\n";
echo "<td>" . "\n";
$res = mysql_result($supp, 0, $i);
if ($i > 1) {
echo "<input type = \"text\" name = \"{$field}\" value=\"{$res}\">";
} else {
echo "<input type = \"text\" name = \"{$field}\" value=\"{$res}\" readonly=\"readonly\">";
}
echo "</td>" . "\n";
echo "</tr>" . "\n";
}
echo "</table>" . "\n" . "<br/>";
echo "<input type=\"submit\" name=\"submitbutton\" value=\"Update\">" . "\n";
echo "</form>" . "\n";
}
?>
<body background="1.png">
<?php
update_supplier($_POST["supplier"]);
?>
</body>
</html>
ie the page has called itself with some user input */
//first off validate inputs sensible
if (strlen($_POST['supp_name']) == 0 || $_POST['supp_name'] == "") {
$input_error = 1;
display_error(_("The supplier name must be entered."));
set_focus('supp_name');
}
if (strlen($_POST['supp_ref']) == 0 || $_POST['supp_ref'] == "") {
$input_error = 1;
display_error(_("The supplier short name must be entered."));
set_focus('supp_ref');
}
if ($input_error != 1) {
begin_transaction();
if ($supplier_id) {
update_supplier($_POST['supplier_id'], $_POST['supp_name'], $_POST['supp_ref'], $_POST['address'], $_POST['supp_address'], $_POST['gst_no'], $_POST['website'], $_POST['supp_account_no'], $_POST['bank_account'], input_num('credit_limit', 0), $_POST['dimension_id'], $_POST['dimension2_id'], $_POST['curr_code'], $_POST['payment_terms'], $_POST['payable_account'], $_POST['purchase_account'], $_POST['payment_discount_account'], $_POST['notes'], $_POST['tax_group_id'], get_post('tax_included', 0));
update_record_status($_POST['supplier_id'], $_POST['inactive'], 'suppliers', 'supplier_id');
$Ajax->activate('supplier_id');
// in case of status change
display_notification(_("Supplier has been updated."));
} else {
add_supplier($_POST['supp_name'], $_POST['supp_ref'], $_POST['address'], $_POST['supp_address'], $_POST['gst_no'], $_POST['website'], $_POST['supp_account_no'], $_POST['bank_account'], input_num('credit_limit', 0), $_POST['dimension_id'], $_POST['dimension2_id'], $_POST['curr_code'], $_POST['payment_terms'], $_POST['payable_account'], $_POST['purchase_account'], $_POST['payment_discount_account'], $_POST['notes'], $_POST['tax_group_id'], check_value('tax_included'));
$supplier_id = $_POST['supplier_id'] = db_insert_id();
add_crm_person($_POST['supp_ref'], $_POST['contact'], '', $_POST['address'], $_POST['phone'], $_POST['phone2'], $_POST['fax'], $_POST['email'], $_POST['rep_lang'], '');
add_crm_contact('supplier', 'general', $supplier_id, db_insert_id());
display_notification(_("A new supplier has been added."));
$Ajax->activate('_page_body');
}
commit_transaction();
}
} elseif (isset($_POST['delete']) && $_POST['delete'] != "") {
add_supplier();
break;
case 'get_supplier':
get_supplier();
break;
case 'edit_product':
edit_product();
break;
case 'get_suppliers':
get_suppliers();
break;
case 'delete_supplier':
delete_supplier();
break;
case 'update_supplier':
update_supplier();
break;
}
function add_supplier()
{
$data = json_decode(file_get_contents("php://input"));
$suppliername = mysql_real_escape_string($data->suppliername);
$supplieraddress = mysql_real_escape_string($data->supplieraddress);
$supplierphone = mysql_real_escape_string($data->supplierphone);
$supplieremail = mysql_real_escape_string($data->supplieremail);
$supplieritem = mysql_real_escape_string($data->supplieritem);
$supplierunitprice = mysql_real_escape_string($data->supplierunitprice);
$supplierstatues = 1;
//$upswd = mysql_real_escape_string($data->pswd);
//$uemail = mysql_real_escape_string($data->email);
$con = mysql_connect('localhost', 'root', '');
