$table->style = array();
$table->style[0] = 'font-weight: bold';
$table->colspan = array();
$table->head[0] = __('ID');
//$table->head[1] = __('Description');
$table->head[2] = __('Amount');
$table->head[3] = __('Type');
$table->head[4] = __('Status');
$table->head[5] = __('Creation');
$table->head[6] = __('Expiration');
$table->head[7] = __('Options');
$counter = 0;
$company = get_db_row('tcompany', 'id', $id);
foreach ($invoices as $invoice) {
$lock_permission = crm_check_lock_permission($config["id_user"], $invoice["id"]);
$is_locked = crm_is_invoice_locked($invoice["id"]);
$locked_id_user = false;
if ($is_locked) {
$locked_id_user = crm_get_invoice_locked_id_user($invoice["id"]);
}
$data = array();
$url = "index.php?sec=customers&sec2=operation/companies/company_detail&view_invoice=1&id=" . $id . "&op=invoices&id_invoice=" . $invoice["id"];
$data[0] = "<a href='{$url}'>" . $invoice["bill_id"] . "</a>";
//$data[1] = "<a href='$url'>".$invoice["description"]."</a>";
$data[2] = format_numeric(get_invoice_amount($invoice["id"])) . " " . strtoupper($invoice["currency"]);
$tax = get_invoice_tax($invoice["id"]);
$tax_amount = get_invoice_amount($invoice["id"]) * (1 + $tax / 100);
if ($tax != 0) {
$data[2] .= print_help_tip(__("With taxes") . ": " . format_numeric($tax_amount), true);
}
$data[3] = __($invoice["invoice_type"]);
function crm_change_invoice_lock($id_user, $id_invoice)
{
if (crm_check_lock_permission($id_user, $id_invoice)) {
$lock_status = crm_is_invoice_locked($id_invoice);
if ($lock_status == 1) {
$values = array('locked' => 0, 'locked_id_user' => NULL);
$where = array('id' => $id_invoice);
if (process_sql_update('tinvoice', $values, $where) > 0) {
return 0;
}
return 1;
} elseif ($lock_status == 0) {
$values = array('locked' => 1, 'locked_id_user' => $id_user);
$where = array('id' => $id_invoice);
if (process_sql_update('tinvoice', $values, $where) > 0) {
return 1;
}
return 0;
}
}
return -1;
}
if ($id_company > 0) {
$permission = check_crm_acl ('invoice', '', $config['id_user'], $id_company);
if (!$permission) {
include ("general/noaccess.php");
exit;
} elseif (!$write && !$manage && $read) {
include ("operation/invoices/invoice_view.php");
return;
}
} else {
audit_db ($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access an invoice");
include ("general/noaccess.php");
exit;
}
if (crm_is_invoice_locked ($invoice["id"])) {
include ("operation/invoices/invoice_view.php");
return;
}
}
$upload_file = get_parameter('upload_file', 0);
if ($upload_file) {
if (isset($_POST['upfile']) && ( $_POST['upfile'] != "" )){ //if file
$filename= $_POST['upfile'];
$file_tmp = sys_get_temp_dir().'/'.$filename;
$size = filesize ($file_tmp);
$description = get_parameter ("description", "");
$sql = sprintf("INSERT INTO tattachment (id_invoice, id_usuario, filename, description, timestamp, size) VALUES (%d, '%s', '%s', '%s', '%s', %d)", $id_invoice, $config["id_user"], $filename, $description, date('Y-m-d H:i:s'), $size);
if ($id_company > 0) {
$permission = check_crm_acl ('invoice', '', $config['id_user'], $id_company);
if (!$permission) {
include ("general/noaccess.php");
exit;
} elseif (!$write && !$manage && $read) {
include ("operation/invoices/invoice_view.php");
return;
}
} else {
audit_db ($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access an invoice");
include ("general/noaccess.php");
exit;
}
if (crm_is_invoice_locked ($id_invoice)) {
include ("operation/invoices/invoice_view.php");
return;
}
}
// Delete file
$deletef = get_parameter ("deletef", "");
if ($deletef != ""){
$file = get_db_row ("tattachment", "id_attachment", $deletef);
if ( (dame_admin($config["id_user"])) || ($file["id_usuario"] == $config["id_user"]) ){
$sql = "DELETE FROM tattachment WHERE id_attachment = $deletef";
process_sql ($sql);
$filename = $config["homedir"]."/attachment/". $file["id_attachment"]. "_" . $file["filename"];
unlink ($filename);
echo ui_print_success_message (__("Successfully deleted"), '', true, 'h3', true);
