$table->style = array(); $table->style[0] = 'font-weight: bold'; $table->colspan = array(); $table->head[0] = __('ID'); //$table->head[1] = __('Description'); $table->head[2] = __('Amount'); $table->head[3] = __('Type'); $table->head[4] = __('Status'); $table->head[5] = __('Creation'); $table->head[6] = __('Expiration'); $table->head[7] = __('Options'); $counter = 0; $company = get_db_row('tcompany', 'id', $id); foreach ($invoices as $invoice) { $lock_permission = crm_check_lock_permission($config["id_user"], $invoice["id"]); $is_locked = crm_is_invoice_locked($invoice["id"]); $locked_id_user = false; if ($is_locked) { $locked_id_user = crm_get_invoice_locked_id_user($invoice["id"]); } $data = array(); $url = "index.php?sec=customers&sec2=operation/companies/company_detail&view_invoice=1&id=" . $id . "&op=invoices&id_invoice=" . $invoice["id"]; $data[0] = "<a href='{$url}'>" . $invoice["bill_id"] . "</a>"; //$data[1] = "<a href='$url'>".$invoice["description"]."</a>"; $data[2] = format_numeric(get_invoice_amount($invoice["id"])) . " " . strtoupper($invoice["currency"]); $tax = get_invoice_tax($invoice["id"]); $tax_amount = get_invoice_amount($invoice["id"]) * (1 + $tax / 100); if ($tax != 0) { $data[2] .= print_help_tip(__("With taxes") . ": " . format_numeric($tax_amount), true); } $data[3] = __($invoice["invoice_type"]);
function crm_change_invoice_lock($id_user, $id_invoice) { if (crm_check_lock_permission($id_user, $id_invoice)) { $lock_status = crm_is_invoice_locked($id_invoice); if ($lock_status == 1) { $values = array('locked' => 0, 'locked_id_user' => NULL); $where = array('id' => $id_invoice); if (process_sql_update('tinvoice', $values, $where) > 0) { return 0; } return 1; } elseif ($lock_status == 0) { $values = array('locked' => 1, 'locked_id_user' => $id_user); $where = array('id' => $id_invoice); if (process_sql_update('tinvoice', $values, $where) > 0) { return 1; } return 0; } } return -1; }
if ($id_company > 0) { $permission = check_crm_acl ('invoice', '', $config['id_user'], $id_company); if (!$permission) { include ("general/noaccess.php"); exit; } elseif (!$write && !$manage && $read) { include ("operation/invoices/invoice_view.php"); return; } } else { audit_db ($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access an invoice"); include ("general/noaccess.php"); exit; } if (crm_is_invoice_locked ($invoice["id"])) { include ("operation/invoices/invoice_view.php"); return; } } $upload_file = get_parameter('upload_file', 0); if ($upload_file) { if (isset($_POST['upfile']) && ( $_POST['upfile'] != "" )){ //if file $filename= $_POST['upfile']; $file_tmp = sys_get_temp_dir().'/'.$filename; $size = filesize ($file_tmp); $description = get_parameter ("description", ""); $sql = sprintf("INSERT INTO tattachment (id_invoice, id_usuario, filename, description, timestamp, size) VALUES (%d, '%s', '%s', '%s', '%s', %d)", $id_invoice, $config["id_user"], $filename, $description, date('Y-m-d H:i:s'), $size);
if ($id_company > 0) { $permission = check_crm_acl ('invoice', '', $config['id_user'], $id_company); if (!$permission) { include ("general/noaccess.php"); exit; } elseif (!$write && !$manage && $read) { include ("operation/invoices/invoice_view.php"); return; } } else { audit_db ($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access an invoice"); include ("general/noaccess.php"); exit; } if (crm_is_invoice_locked ($id_invoice)) { include ("operation/invoices/invoice_view.php"); return; } } // Delete file $deletef = get_parameter ("deletef", ""); if ($deletef != ""){ $file = get_db_row ("tattachment", "id_attachment", $deletef); if ( (dame_admin($config["id_user"])) || ($file["id_usuario"] == $config["id_user"]) ){ $sql = "DELETE FROM tattachment WHERE id_attachment = $deletef"; process_sql ($sql); $filename = $config["homedir"]."/attachment/". $file["id_attachment"]. "_" . $file["filename"]; unlink ($filename); echo ui_print_success_message (__("Successfully deleted"), '', true, 'h3', true);