<?php //stop the direct browsing to this file - let index.php handle which files get displayed checkLogin(); # Deal with op and add some basic sanity checking #insert - process payment #op=pay_selected_invoice means the user came from the print_view or manage_invoces #op=pay_invoice means the user came from the process_paymen page global $db_server; global $auth_session; if (isset($_POST['process_payment'])) { $payment = new payment(); $payment->ac_inv_id = $_POST['invoice_id']; $payment->ac_amount = $_POST['ac_amount']; $payment->ac_notes = $_POST['ac_notes']; $payment->ac_date = SqlDateWithTime($_POST['ac_date']); $payment->ac_payment_type = $_POST['ac_payment_type']; $result = $payment->insert(); $saved = !empty($result) ? "true" : "false"; if ($saved == 'true') { $display_block = $LANG['save_payment_success']; } else { $display_block = $LANG['save_payment_failure'] . "<br />" . $sql; } $refresh_total = "<meta http-equiv='refresh' content='27;url=index.php?module=payments&view=manage' />"; } $smarty->assign('display_block', $display_block); $smarty->assign('pageActive', 'payment'); $smarty->assign('active_tab', '#money');
function insertInvoice($type, $domain_id = '') { global $db_server; $domain_id = domain_id::get($domain_id); if ($db_server == 'mysql' && !_invoice_check_fk($_POST['biller_id'], $_POST['customer_id'], $type, $_POST['preference_id'])) { return null; } $sql = "INSERT INTO\n\t\t" . TB_PREFIX . "invoices (\n\t\t\tid, \n index_id,\n\t\t\tdomain_id,\n\t\t\tbiller_id, \n\t\t\tcustomer_id, \n\t\t\ttype_id,\n\t\t\tpreference_id, \n\t\t\tdate, \n\t\t\tnote,\n\t\t\tcustom_field1,\n\t\t\tcustom_field2,\n\t\t\tcustom_field3,\n\t\t\tcustom_field4\n\t\t)\n\t\tVALUES\n\t\t(\n\t\t\tNULL,\n\t\t\t:index_id,\n\t\t\t:domain_id,\n\t\t\t:biller_id,\n\t\t\t:customer_id,\n\t\t\t:type,\n\t\t\t:preference_id,\n\t\t\t:date,\n\t\t\t:note,\n\t\t\t:customField1,\n\t\t\t:customField2,\n\t\t\t:customField3,\n\t\t\t:customField4\n\t\t\t)"; if ($db_server == 'pgsql') { $sql = "INSERT INTO\n\t\t\t" . TB_PREFIX . "invoices (\n\t\t\t\tindex_id,\n\t\t\t\tdomain_id,\n\t\t\t\tbiller_id, \n\t\t\t\tcustomer_id, \n\t\t\t\ttype_id,\n\t\t\t\tpreference_id, \n\t\t\t\tdate, \n\t\t\t\tnote,\n\t\t\t\tcustom_field1,\n\t\t\t\tcustom_field2,\n\t\t\t\tcustom_field3,\n\t\t\t\tcustom_field4\n\t\t\t)\n\t\t\tVALUES\n\t\t\t(\n\t\t\t\t:index_id,\n\t\t\t\t:domain_id,\n\t\t\t\t:biller_id,\n\t\t\t\t:customer_id,\n\t\t\t\t:type,\n\t\t\t\t:preference_id,\n\t\t\t\t:date,\n\t\t\t\t:note,\n\t\t\t\t:customField1,\n\t\t\t\t:customField2,\n\t\t\t\t:customField3,\n\t\t\t\t:customField4\n\t\t\t\t)"; } $pref_group = getPreference($_POST[preference_id]); //also set the current time (if null or =00:00:00) $clean_date = SqlDateWithTime($_POST['date']); $sth = dbQuery($sql, ':index_id', index::next('invoice', $pref_group['index_group'], $domain_id), ':domain_id', $domain_id, ':biller_id', $_POST['biller_id'], ':customer_id', $_POST['customer_id'], ':type', $type, ':preference_id', $_POST['preference_id'], ':date', $clean_date, ':note', trim($_POST['note']), ':customField1', $_POST['customField1'], ':customField2', $_POST['customField2'], ':customField3', $_POST['customField3'], ':customField4', $_POST['customField4']); #index::increment('invoice',$pref_group[index_group], $domain_id,$_POST[biller_id]); // Needed only if si_index table exists index::increment('invoice', $pref_group[index_group], $domain_id); return $sth; }