function createFormButtons($boolNew, $copyLinkOverride, $spinner, $readOnlyForm) { if (!sesWriteAccess()) { return; } ?> <div class="form_buttons"> <?php if (!$readOnlyForm) { ?> <a class="actionlink save_button" href="#" onclick="save_record(); return false;"><?php echo $GLOBALS['locSave']; ?> </a> <?php } if (!$boolNew) { $copyCmd = $copyLinkOverride ? "window.location='{$copyLinkOverride}'; return false;" : "document.getElementById('admin_form').copyact.value=1; document.getElementById('admin_form').submit(); return false;"; ?> <a class="actionlink" href="#" onclick="<?php echo $copyCmd; ?> "><?php echo $GLOBALS['locCopy']; ?> </a> <a class="actionlink" href="#" onclick="document.getElementById('admin_form').newact.value=1; document.getElementById('admin_form').submit(); return false;"><?php echo $GLOBALS['locNew']; ?> </a> <?php if (!$readOnlyForm) { ?> <a class="actionlink" href="#" onclick="if(confirm('<?php echo $GLOBALS['locConfirmDelete']; ?> ')==true) { document.getElementById('admin_form').deleteact.value=1; document.getElementById('admin_form').submit(); return false;} else{ return false; }"><?php echo $GLOBALS['locDelete']; ?> </a> <?php } } if ($spinner) { echo ' <span id="spinner" style="visibility: hidden"><img src="images/spinner.gif" alt=""></span>' . "\n"; } ?> </div> <?php }
/******************************************************************************* MLInvoice: web-pohjainen laskutusohjelma. Copyright (C) 2010-2015 Ere Maijala Tämä ohjelma on vapaa. Lue oheinen LICENSE. *******************************************************************************/ require_once 'htmlfuncs.php'; require_once 'sqlfuncs.php'; require_once 'sessionfuncs.php'; sesVerifySession(); require_once 'localize.php'; require_once 'datefuncs.php'; require_once 'miscfuncs.php'; require_once 'settings.php'; if (!sesWriteAccess()) { echo htmlPageStart(_PAGE_TITLE_, getSetting('session_keepalive') ? ['js/keepalive.js'] : null); ?> <body> <div class="ui-widget"> <div class="form_container ui-widget-content"> <?php echo $GLOBALS['locNoAccess'] . "\n"; ?> </div> </div> </body> </html> <?php return; }
function DeleteJSONRecord($table) { if (!sesWriteAccess()) { header('HTTP/1.1 403 Forbidden'); exit; } $id = getRequest('id', ''); if ($id) { deleteRecord("{prefix}{$table}", $id); header('Content-Type: application/json'); echo json_encode(['status' => 'ok']); } }
$invoiceData = mysqli_fetch_assoc($intRes); if (!$invoiceData) { die('Could not find invoice data'); } $strQuery = 'SELECT * FROM {prefix}company WHERE id=?'; $intRes = mysqli_param_query($strQuery, [$invoiceData['company_id']]); $recipientData = mysqli_fetch_assoc($intRes); if (!empty($recipientData['company_id'])) { $recipientData['vat_id'] = createVATID($recipientData['company_id']); } else { $recipientData['vat_id'] = ''; } $strQuery = 'SELECT * FROM {prefix}base WHERE id=?'; $intRes = mysqli_param_query($strQuery, [$invoiceData['base_id']]); $senderData = mysqli_fetch_assoc($intRes); if (!$senderData) { die('Could not find invoice sender data'); } $senderData['vat_id'] = createVATID($senderData['company_id']); $strQuery = 'SELECT pr.product_name, pr.product_code, pr.price_decimals, pr.barcode1, pr.barcode1_type, pr.barcode2, pr.barcode2_type, ir.description, ir.pcs, ir.price, IFNULL(ir.discount, 0) as discount, ir.row_date, ir.vat, ir.vat_included, ir.reminder_row, rt.name type ' . 'FROM {prefix}invoice_row ir ' . 'LEFT OUTER JOIN {prefix}row_type rt ON rt.id = ir.type_id ' . 'LEFT OUTER JOIN {prefix}product pr ON ir.product_id = pr.id ' . 'WHERE ir.invoice_id=? AND ir.deleted=0 ORDER BY ir.order_no, row_date, pr.product_name DESC, ir.description DESC'; $intRes = mysqli_param_query($strQuery, [$intInvoiceId]); $invoiceRowData = []; while ($row = mysqli_fetch_assoc($intRes)) { $invoiceRowData[] = $row; } if (sesWriteAccess()) { mysqli_param_query('UPDATE {prefix}invoice SET print_date=? where id=?', [date('Ymd'), $intInvoiceId]); } $printer = instantiateInvoicePrinter(trim($printTemplateFile)); $printer->init($intInvoiceId, $printParameters, $printOutputFileName, $senderData, $recipientData, $invoiceData, $invoiceRowData); $printer->printInvoice();
$intRes = mysqli_query_check('SELECT ID from {prefix}base WHERE deleted=0'); if (mysqli_num_rows($intRes) == 1) { $defaultBase = mysqli_fetch_value($intRes); } else { $defaultBase = FALSE; } $copyLinkOverride = "copy_invoice.php?func={$strFunc}&list={$strList}&id={$intInvoiceId}"; $updateInvoiceNr = null; if (sesWriteAccess()) { if (!getSetting('invoice_add_number') || !getSetting('invoice_add_reference_number')) { $updateInvoiceNr = '<a class="formbuttonlink" href="#" onclick="' . $getInvoiceNr . '">' . $GLOBALS['locGetInvoiceNr'] . '</a>'; } } $addReminderFees = "\$.getJSON('json.php?func=add_reminder_fees&id=' + document.getElementById('record_id').value, function(json) { if (json.errors) { \$('#errormsg').text(json.errors).show() } else { showmsg('{$GLOBALS['locReminderFeesAdded']}'); } init_rows(); }); return false;"; $intervalOptions = array('0' => $GLOBALS['locInvoiceIntervalNone'], '2' => $GLOBALS['locInvoiceIntervalMonth'], '3' => $GLOBALS['locInvoiceIntervalYear']); $astrFormElements = array(array('name' => 'base_id', 'label' => $GLOBALS['locBiller'], 'type' => 'LIST', 'style' => 'medium linked', 'listquery' => 'SELECT id, name FROM {prefix}base WHERE deleted=0', 'position' => 1, 'default' => $defaultBase), array('name' => 'name', 'label' => $GLOBALS['locInvName'], 'type' => 'TEXT', 'style' => 'medium', 'position' => 2, 'allow_null' => true), array('name' => 'company_id', 'label' => $GLOBALS['locPayer'], 'type' => 'SEARCHLIST', 'style' => 'medium linked', 'listquery' => "table=company&sort=company_name,company_id", 'position' => 1, 'allow_null' => true, 'attached_elem' => $addCompanyCode, 'elem_attributes' => $companyOnChange), array('name' => 'reference', 'label' => $GLOBALS['locClientsReference'], 'type' => 'TEXT', 'style' => 'medium', 'position' => 2, 'allow_null' => true), array('name' => 'invoice_no', 'label' => $GLOBALS['locInvoiceNumber'], 'type' => 'INT', 'style' => 'medium hidezerovalue', 'position' => 1, 'default' => null, 'allow_null' => true), array('name' => 'ref_number', 'label' => $GLOBALS['locReferenceNumber'], 'type' => 'TEXT', 'style' => 'medium hidezerovalue', 'position' => 2, 'default' => null, 'attached_elem' => $updateInvoiceNr, 'allow_null' => true), array('name' => 'invoice_date', 'label' => $GLOBALS['locInvDate'], 'type' => 'INTDATE', 'style' => 'date', 'position' => 1, 'default' => 'DATE_NOW'), array('name' => 'due_date', 'label' => $GLOBALS['locDueDate'], 'type' => 'INTDATE', 'style' => 'date', 'position' => 2, 'default' => 'DATE_NOW+' . getSetting('invoice_payment_days'), 'attached_elem' => $updateDates), array('name' => 'interval_type', 'label' => $GLOBALS['locInvoiceIntervalType'], 'type' => 'SELECT', 'style' => 'medium', 'position' => 1, 'options' => $intervalOptions, 'default' => '0', 'allow_null' => true), array('name' => 'next_interval_date', 'label' => $GLOBALS['locInvoiceNextIntervalDate'], 'type' => 'INTDATE', 'style' => 'date', 'position' => 2, 'default' => '', 'allow_null' => true), array('name' => 'state_id', 'label' => $GLOBALS['locStatus'], 'type' => 'LIST', 'style' => 'medium translated', 'listquery' => 'SELECT id, name FROM {prefix}invoice_state WHERE deleted=0 ORDER BY order_no', 'position' => 1, 'default' => 1), array('name' => 'payment_date', 'label' => $GLOBALS['locPayDate'], 'type' => 'INTDATE', 'style' => 'date', 'position' => 2, 'allow_null' => true, 'attached_elem' => $markPaidTodayButton, 'elem_attributes' => 'onchange="' . $markPaidTodayEvent . '"'), array('name' => 'delivery_terms_id', 'label' => $GLOBALS['locDeliveryTerms'], 'type' => 'LIST', 'style' => 'medium', 'listquery' => 'SELECT id, name FROM {prefix}delivery_terms WHERE deleted=0 ORDER BY order_no;', 'position' => 1, 'default' => null, 'allow_null' => true), array('name' => 'delivery_method_id', 'label' => $GLOBALS['locDeliveryMethod'], 'type' => 'LIST', 'style' => 'medium', 'listquery' => 'SELECT id, name FROM {prefix}delivery_method WHERE deleted=0 ORDER BY order_no;', 'position' => 2, 'default' => null, 'allow_null' => true), array('name' => 'archived', 'label' => $GLOBALS['locArchived'], 'type' => 'CHECK', 'style' => 'medium', 'position' => 1, 'default' => 0, 'allow_null' => true), array('name' => 'info', 'label' => $GLOBALS['locVisibleInfo'], 'type' => 'AREA', 'style' => 'medium', 'position' => 1, 'allow_null' => true), array('name' => 'internal_info', 'label' => $GLOBALS['locInternalInfo'], 'type' => 'AREA', 'style' => 'medium', 'position' => 2, 'allow_null' => true), !sesWriteAccess() ? array('name' => 'refundinvoice', 'label' => '', 'type' => 'FILLER', 'position' => 1) : array('name' => 'refundinvoice', 'label' => $GLOBALS['locRefundInvoice'], 'type' => 'BUTTON', 'style' => 'redirect', 'listquery' => "copy_invoice.php?func={$strFunc}&list={$strList}&id=_ID_&refund=1", 'position' => 1, 'default' => FALSE, 'allow_null' => true), $arrRefundedInvoice, isset($printButtons[0]) ? $printButtons[0] : array(), isset($printButtons2[0]) ? $printButtons2[0] : array(), !sesWriteAccess() ? array('name' => 'addreminderfees', 'label' => '', 'type' => 'FILLER', 'position' => 1) : array('name' => 'addreminderfees', 'label' => $GLOBALS['locAddReminderFees'], 'type' => 'JSBUTTON', 'style' => 'redirect', 'listquery' => $addReminderFees, 'position' => 1, 'default' => FALSE, 'allow_null' => true), $arrRefundingInvoice, isset($printButtons[1]) ? $printButtons[1] : array(), isset($printButtons2[1]) ? $printButtons2[1] : array()); for ($i = 2; $i < count($printButtons); $i++) { $astrFormElements[] = $printButtons[$i]; if (isset($printButtons2[$i])) { $astrFormElements[] = $printButtons2[$i]; } } $astrFormElements[] = array('name' => 'invoice_rows', 'label' => $GLOBALS['locInvRows'], 'type' => 'IFORM', 'style' => 'xfull', 'position' => 0, 'allow_null' => true, 'parent_key' => 'invoice_id'); break; case 'invoice_row': case 'invoice_rows': $strTable = '{prefix}invoice_row'; $strJSONType = 'invoice_row'; $strParentKey = 'invoice_id'; $strOrder = 'ORDER BY {prefix}invoice_row.order_no, {prefix}invoice_row.row_date'; switch (getSetting('invoice_clear_row_values_after_add')) {
function createFuncMenu($strFunc) { $strHiddenTerm = ''; $strNewButton = ''; $strFormName = ''; $strExtSearchTerm = ""; $blnShowSearch = FALSE; switch ($strFunc) { case "system": $astrNaviLinks = array(array("href" => "list=user", "text" => $GLOBALS['locUsers'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "list=invoice_state", "text" => $GLOBALS['locInvoiceStates'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "list=row_type", "text" => $GLOBALS['locRowTypes'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "list=delivery_terms", "text" => $GLOBALS['locDeliveryTerms'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "list=delivery_method", "text" => $GLOBALS['locDeliveryMethods'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "list=print_template", "text" => $GLOBALS['locPrintTemplates'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "operation=dbdump", "text" => $GLOBALS['locBackupDatabase'], "levels_allowed" => array(ROLE_BACKUPMGR, ROLE_ADMIN)), array("href" => "operation=import", "text" => $GLOBALS['locImportData'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "operation=export", "text" => $GLOBALS['locExportData'], "levels_allowed" => array(ROLE_ADMIN))); $strNewText = ''; $strList = getRequest('list', ''); switch ($strList) { case 'user': $strNewText = $GLOBALS['locNewUser']; break; case 'session_type': $strNewText = $GLOBALS['locNewSessionType']; break; case 'invoice_state': case 'row_type': case 'delivery_terms': case 'delivery_method': case 'print_template': $strNewText = $GLOBALS['locAddNew']; break; } if ($strNewText) { $strNewButton = "<br/><br/><a class=\"buttonlink new_button\" href=\"?func=system&list={$strList}&form={$strList}\">{$strNewText}</a>"; } break; case "settings": $astrNaviLinks = array(array("href" => "list=settings", "text" => $GLOBALS['locGeneralSettings'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR)), array("href" => "list=base", "text" => $GLOBALS['locBases'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR)), array("href" => "list=product", "text" => $GLOBALS['locProducts'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR))); $strNewText = ''; $strList = getRequest('list', ''); switch ($strList) { case 'base': $strNewText = $GLOBALS['locNewBase']; break; case 'product': $strNewText = $GLOBALS['locNewProduct']; break; } if ($strNewText) { $strNewButton = "<br/><br/><a class=\"buttonlink\" href=\"?func=settings&list={$strList}&form={$strList}\">{$strNewText}</a>"; } break; case "reports": $astrNaviLinks = array(array("href" => "form=invoice", "text" => $GLOBALS['locInvoiceReport'], "levels_allowed" => array(ROLE_READONLY, ROLE_USER, ROLE_BACKUPMGR)), array("href" => "form=product", "text" => $GLOBALS['locProductReport'], "levels_allowed" => array(ROLE_READONLY, ROLE_USER, ROLE_BACKUPMGR)), array("href" => "form=product_stock", "text" => $GLOBALS['locProductStockReport'], "levels_allowed" => array(ROLE_READONLY, ROLE_USER, ROLE_BACKUPMGR))); break; case "companies": $blnShowSearch = TRUE; $strOpenForm = "company"; $strFormName = "company"; $strFormSwitch = "company"; $astrNaviLinks = array(); $strNewButton = '<a class="buttonlink" href="?func=companies&form=company">' . $GLOBALS['locNewClient'] . '</a>'; break; default: $blnShowSearch = TRUE; $strFormName = "invoice"; $astrNaviLinks = array(); if ($strFunc == 'open_invoices') { $astrNaviLinks[] = array("href" => "index.php?func=invoices", "text" => $GLOBALS['locDisplayAllInvoices'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR)); } else { $astrNaviLinks[] = array("href" => "index.php?func=open_invoices", "text" => $GLOBALS['locDisplayOpenInvoices'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR)); } if ($strFunc != 'archived_invoices') { $strNewButton = '<a class="buttonlink" href="?func=invoices&form=invoice">' . $GLOBALS['locNewInvoice'] . '</a>'; $astrNaviLinks[] = array("href" => "index.php?func=import_statement", "text" => $GLOBALS['locImportAccountStatement'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR)); } $strFunc = 'invoices'; break; } ?> <script type="text/javascript"> <!-- function openSearchWindow(mode, event) { x = event.screenX; y = event.screenY; if( mode == 'ext' ) { strLink = 'ext_search.php?func=<?php echo $strFunc; ?> &form=<?php echo $strFormName; ?> '; strLink = strLink + '<?php echo $strExtSearchTerm; ?> '; height = '400'; width = '600'; windowname = 'ext'; } if( mode == 'quick' ) { strLink = 'quick_search.php?func=<?php echo $strFunc; ?> '; height = '400'; width = '250'; windowname = 'quicksearch'; } var win = window.open(strLink, windowname, 'height='+height+',width='+width+',screenX=' + x + ',screenY=' + y + ',left=' + x + ',top=' + y + ',menubar=no,scrollbars=yes,status=no,toolbar=no'); win.focus(); return true; } --> </script> <div class="function_navi"> <?php foreach ($astrNaviLinks as $link) { if (sesAccessLevel($link["levels_allowed"]) || sesAdminAccess()) { if (strchr($link['href'], '?') === FALSE) { $strHref = "?func={$strFunc}&" . $link['href']; } else { $strHref = $link['href']; } $class = ''; if (strpos($link['href'], '?')) { list(, $urlParams) = explode('?', $link['href'], 2); } else { $urlParams = $link['href']; } parse_str($urlParams, $linkParts); if ((!isset($linkParts['func']) || getRequest('func', '') == $linkParts['func']) && (!isset($linkParts['list']) || getRequest('list', '') == $linkParts['list']) && (!isset($linkParts['form']) || getRequest('form', '') == $linkParts['form']) && (!isset($linkParts['operation']) || getRequest('operation', '') == $linkParts['operation'])) { $class = ' ui-state-highlight'; } ?> <a class="buttonlink<?php echo $class; ?> " href="<?php echo $strHref; ?> "><?php echo $link['text']; ?> </a> <?php } } if ($blnShowSearch) { ?> <a class="buttonlink" href="#" onClick="openSearchWindow('ext', event); return false;"><?php echo $GLOBALS['locExtSearch']; ?> </a> <a class="buttonlink" href="#" onClick="openSearchWindow('quick', event); return false;"><?php echo $GLOBALS['locQuickSearch']; ?> </a> <?php } if (sesWriteAccess()) { echo " {$strNewButton}\n"; } ?> </div> <?php }