} elseif (!isset($_POST['Update']) && isset($_GET['Update'])) { //se e' il primo accesso per UPDATE $anagrafica = new Anagrafica(); $form = $anagrafica->getPartner(intval($admin_aziend['mascli']*1000000+$_GET['codice'])); $form['codice'] = intval(substr($form['codice'],3)); $toDo = 'update'; $form['search']['id_des']=''; $form['ritorno']=$_SERVER['HTTP_REFERER']; $form['hidden_req'] = ''; $form['datnas_Y'] = substr($form['datnas'],0,4); $form['datnas_M'] = substr($form['datnas'],5,2); $form['datnas_D'] = substr($form['datnas'],8,2); } elseif (!isset($_POST['Insert'])) { //se e' il primo accesso per INSERT $anagrafica = new Anagrafica(); $last=$anagrafica->queryPartners('*',"codice BETWEEN ".$admin_aziend['mascli']."000000 AND ".$admin_aziend['mascli']."999999" ,"codice DESC",0,1); $form=array_merge(gaz_dbi_fields('clfoco'),gaz_dbi_fields('anagra')); $form['codice']=substr($last[0]['codice'],3) + 1; $toDo = 'insert'; $form['search']['id_des']=''; $form['country']=$admin_aziend['country']; $form['id_language']=$admin_aziend['id_language']; $form['id_currency']=$admin_aziend['id_currency']; $form['datnas_Y'] =1900; $form['datnas_M'] =1; $form['datnas_D'] =1; $form['counas']=$admin_aziend['country']; $form['codpag']=1; $form['spefat']='N'; $form['stapre']='N'; $form['allegato']=1; $form['ritorno']=$_SERVER['HTTP_REFERER'];
function getPartnerData($idAnagra, $acc = 1) { global $table_prefix; $rs_co = gaz_dbi_dyn_query('codice', $this->gTables['aziend'], 1); $partner_data = array(); $partner = array(); while ($co = gaz_dbi_fetch_array($rs_co)) { $rs_partner = gaz_dbi_query('SELECT * FROM ' . $table_prefix . sprintf('_%03d', $co['codice']) . 'clfoco WHERE ' . ' codice BETWEEN ' . $acc . '00000001 AND ' . $acc . '99999999 AND id_anagra =' . $idAnagra . ' LIMIT 1'); $r_p = gaz_dbi_fetch_array($rs_partner); if ($r_p) { $r_p['id_aziend'] = $co['codice']; $partner_data[] = $r_p; } } if (sizeof($partner_data) == 0) { // se non ci sono tra i partner omogenei controllo su tutti $rs_co = gaz_dbi_dyn_query('codice', $this->gTables['aziend'], 1); while ($co = gaz_dbi_fetch_array($rs_co)) { $rs_partner = gaz_dbi_query('SELECT * FROM ' . $table_prefix . sprintf('_%03d', $co['codice']) . 'clfoco WHERE ' . ' id_anagra =' . $idAnagra . ' LIMIT 1'); $r_p = gaz_dbi_fetch_array($rs_partner); if ($r_p) { $r_p['id_aziend'] = $co['codice']; $partner_data[] = $r_p; } } } if (sizeof($partner_data) == 0) { // e' un'anagrafica isolata inserisco una tabella vuota $partner_data[0] = gaz_dbi_fields('clfoco'); $partner_data[0]['last_modified'] = 'isolated'; $partner_data[0]['id_anagra'] = $idAnagra; } foreach ($partner_data as $k => $row) { $partner[$row['last_modified']] = $row; } ksort($partner); $r_a = gaz_dbi_get_row($this->gTables['anagra'], 'id', $idAnagra); $data = array_merge(array_pop($partner), $r_a); unset($data['codice']); return $data; }
} elseif (isset($_POST['Return'])) { // torno indietro header("Location: ".$form['ritorno']); exit; } } elseif (!isset($_POST['Update']) && isset($_GET['Update'])) { $assist = gaz_dbi_get_row($gTables['assist'],"codice",$_GET['codice']); //se e' il primo accesso per UPDATE $anagrafica = new Anagrafica(); $cliente = $anagrafica->getPartner($assist['clfoco']); $form = gaz_dbi_get_row($gTables['assist'], 'codice', $_GET['codice']); $form['search']['clfoco']=substr($cliente['ragso1'],0,10); $form['ritorno']=$_SERVER['HTTP_REFERER']; $form['ref_code']=$form['codice']; } else { //se e' il primo accesso per INSERT $form=gaz_dbi_fields('assist'); $rs_ultima_ass = gaz_dbi_dyn_query("codice", $gTables['assist'],$where,"codice desc"); $ultimo_documento = gaz_dbi_fetch_array($rs_ultima_ass); // se e' il primo documento dell'anno, resetto il contatore if ($ultimo_documento) { $form['codice'] = $ultimo_documento['codice'] + 1; } else { $form['codice'] = 1; } $form['data'] = date("Y-m-d"); $form['ore'] = "0.00"; $form['stato'] = 'aperto'; $form['search']['clfoco']=''; $form['ritorno']=$_SERVER['HTTP_REFERER']; $form['ref_code']=''; }
header("Location: ".$form['ritorno']); exit; } } elseif (isset($_POST['Return'])) { // torno indietro header("Location: ".$form['ritorno']); exit; } } elseif (!isset($_POST['Update']) && isset($_GET['Update'])) { //se e' il primo accesso per UPDATE $form = gaz_dbi_get_row($gTables['files'], 'id_doc',intval($_GET['id_doc'])); $form['ritorno']=$_SERVER['HTTP_REFERER']; if (empty($form)) { // scappo! header("Location: ".$form['ritorno']); exit; } } else { //se e' il primo accesso per INSERT $form=gaz_dbi_fields('files'); $form['ritorno']=$_SERVER['HTTP_REFERER']; $artico = gaz_dbi_get_row($gTables['artico'], 'codice',substr($_GET['item_ref'],0,15)); if (!empty($artico)) { //l'articolo è stato trovato $form['item_ref']= $artico['codice']; } else { // scappo! header("Location: ".$form['ritorno']); exit; } } require("../../library/include/header.php"); $script_transl = HeadMain(); require("./lang.".$admin_aziend['lang'].".php"); $script_transl += $strScript["browse_document.php"]; $gForm = new magazzForm();
$form['datnas_D'] = substr($form['datnas'],8,2); $form['virtual_stamp_auth_date_Y'] = substr($form['virtual_stamp_auth_date'],0,4); $form['virtual_stamp_auth_date_M'] = substr($form['virtual_stamp_auth_date'],5,2); $form['virtual_stamp_auth_date_D'] = substr($form['virtual_stamp_auth_date'],8,2); // rilevo l'eventuale intermediario $intermediary = gaz_dbi_get_row($gTables['config'],'variable','intermediary'); $form['intermediary_code'] = $intermediary['cvalue']; if ($intermediary['cvalue']>0){ $intermediary_descr = gaz_dbi_get_row($gTables['aziend'], 'codice',$intermediary['cvalue']); $form['intermediary_descr'] = $intermediary_descr['ragso1'].' '.$intermediary_descr['ragso2']; } else { $form['intermediary_descr'] = ''; } } elseif (!isset($_POST['Insert'])) { //se e' il primo accesso per INSERT $form=gaz_dbi_fields('aziend'); $form['ritorno']=$_SERVER['HTTP_REFERER']; $form['datnas_Y'] = date("Y"); $form['datnas_M'] = date("m"); $form['datnas_D'] = date("d"); $form['virtual_stamp_auth_date_Y'] = 1970; $form['virtual_stamp_auth_date_M'] = 1; $form['virtual_stamp_auth_date_D'] = 1; $form['country'] ='IT'; $form['id_language']=1; $form['id_currency']=1; $form['decimal_price']=3; $form['ivaera']=5; $form['web_url']='http://'; // rilevo l'eventuale intermediario $intermediary = gaz_dbi_get_row($gTables['config'],'variable','intermediary');
function checkAccessRights($adminid, $module, $enterprise_id = 0) { global $gTables, $link; $ck_co = gaz_dbi_fields('admin_module'); if ($enterprise_id == 0 || !array_key_exists('enterprise_id', $ck_co)) { // vengo da una vecchia versione (<4.0.12) $query = 'SELECT am.access FROM ' . $gTables['admin_module'] . ' AS am' . ' LEFT JOIN ' . $gTables['module'] . ' AS module ON module.id=am.moduleid' . " WHERE am.adminid='" . $adminid . "' AND module.name='" . $module . "'"; } else { //nuove versione >= 4.0.12 $query = 'SELECT am.access FROM ' . $gTables['admin_module'] . ' AS am' . ' LEFT JOIN ' . $gTables['module'] . ' AS module ON module.id=am.moduleid' . " WHERE am.adminid='" . $adminid . "' AND module.name='" . $module . "' AND am.enterprise_id = {$enterprise_id} "; } $result = mysqli_query($link, $query) or die('Errore in query: ' . $query . ' Errore checkAccessRights ' . mysqli_error($link)); if (gaz_dbi_num_rows($result) < 1) { return 0; } $row = gaz_dbi_fetch_array($result); return $row['access']; }
$form['date_emi_M'] = substr($form['datemi'],5,2); $form['date_emi_Y'] = substr($form['datemi'],0,4); $form['date_doc_D'] = substr($form['datfat'],8,2); $form['date_doc_M'] = substr($form['datfat'],5,2); $form['date_doc_Y'] = substr($form['datfat'],0,4); $form['date_exp_D'] = substr($form['scaden'],8,2); $form['date_exp_M'] = substr($form['scaden'],5,2); $form['date_exp_Y'] = substr($form['scaden'],0,4); $toDo = 'update'; $form['search']['clfoco']=''; $form['ritorno']=$_SERVER['HTTP_REFERER']; $form['hidden_req'] = ''; } elseif (!isset($_POST['Insert'])) { //se e' il primo accesso per INSERT $anagrafica = new Anagrafica(); $last=$anagrafica->queryPartners('*',"codice BETWEEN ".$admin_aziend['mascli']."000000 AND ".$admin_aziend['mascli']."999999" ,"codice DESC",0,1); $form=gaz_dbi_fields('effett'); $toDo = 'insert'; $form['date_emi_D']=date("d"); $form['date_emi_M']=date("m"); $form['date_emi_Y']=date("Y"); $form['date_doc_D']=date("d"); $form['date_doc_M']=date("m"); $form['date_doc_Y']=date("Y"); $form['date_exp_D']=date("d"); $form['date_exp_M']=date("m"); $form['date_exp_Y']=date("Y"); $form['search']['clfoco']=''; $form['ritorno']=$_SERVER['HTTP_REFERER']; $form['hidden_req'] = ''; } require("../../library/include/header.php");
$form["preve1"] = number_format($form['preve1'],$admin_aziend['decimal_price'],'.',''); $form["preve2"] = number_format($form['preve2'],$admin_aziend['decimal_price'],'.',''); $form["preve3"] = number_format($form['preve3'],$admin_aziend['decimal_price'],'.',''); $form["web_price"] = number_format($form['web_price'],$admin_aziend['decimal_price'],'.',''); $form['rows'] = array(); // inizio documenti/certificati $next_row = 0; $rs_row = gaz_dbi_dyn_query("*", $gTables['files'], "item_ref = '".$form['codice']."'","id_doc DESC"); while ($row = gaz_dbi_fetch_array($rs_row)) { $form['rows'][$next_row] = $row; $next_row++; } // fine documenti/certificati } else { //se e' il primo accesso per INSERT $form=gaz_dbi_fields('artico'); $form['ritorno']=$_SERVER['HTTP_REFERER']; $form['ref_code']=''; $form['aliiva']=$admin_aziend['preeminent_vat']; // i prezzi devono essere arrotondati come richiesti dalle impostazioni aziendali $form["preacq"] = number_format($form['preacq'],$admin_aziend['decimal_price'],'.',''); $form["preve1"] = number_format($form['preve1'],$admin_aziend['decimal_price'],'.',''); $form["preve2"] = number_format($form['preve2'],$admin_aziend['decimal_price'],'.',''); $form["preve3"] = number_format($form['preve3'],$admin_aziend['decimal_price'],'.',''); $form["web_price"] = number_format($form['web_price'],$admin_aziend['decimal_price'],'.',''); $form['web_url']=''; } require("../../library/include/header.php"); $script_transl = HeadMain(); echo "<form method=\"POST\" name=\"form\" enctype=\"multipart/form-data\">\n";