function confirm($_POST)
{
# get vars
foreach ($_POST as $key => $value) {
${$key} = $value;
}
# validate input
require_lib("validate");
$v = new validate();
$v->isOk($catid, "string", 1, 50, "Invalid category number.");
$v->isOk($catname, "string", 1, 255, "Invalid category name.");
# display errors, if any
if ($v->isError()) {
$confirm = "";
$errors = $v->getErrors();
foreach ($errors as $e) {
$confirm .= "<li class=err>" . $e["msg"];
}
return edit_err($_POST, $confirm);
}
# Check category name
core_connect();
$sql = "SELECT * FROM {$tab} WHERE lower(catname) = '" . strtolower($catname) . "' AND catid != '{$catid}' AND div = '" . USER_DIV . "'";
$checkRslt = db_exec($sql) or errDie("Unable to retrieve Account Category details from database.");
if (pg_numrows($checkRslt) > 0) {
$confirm = "<li class=err> Account Category name already exist.";
return edit_err($_POST, $confirm);
}
$confirm = "<h3>Confirm edit Account Category</h3>\n\t<form action='" . SELF . "' method=post>\n\t<table cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "'>\n\t\t<input type=hidden name=key value=write>\n\t\t<input type=hidden name=catid value='{$catid}'>\n\t\t<input type=hidden name=catname value='{$catname}'>\n\t\t<input type=hidden name=tab value='{$tab}'>\n\t\t<tr><th>Field</th><th>Value</th></tr>\n\t\t<tr class='bg-odd'><td>Account Category Type</td><td>{$tab}</td></tr>\n\t\t<tr class='bg-even'><td>Account Category Number</td><td>{$catid}</td></tr>\n\t\t<tr class='bg-odd'><td>Account Category Name</td><td>{$catname}</td></tr>\n\t\t<tr><td><br></td></tr>\n\t\t<tr><td colspan=2 align=right><input type=submit value='Write »'></td></tr>\n\t</table></form>\n\t<p>\n\t<table border=0 cellpadding='2' cellspacing='1'>\n\t\t<tr><th>Quick Links</th></tr>\n\t\t<tr class='bg-odd'><td><a href='accat-view.php'>View Account Categories</a></td></tr>\n\t\t<script>document.write(getQuicklinkSpecial());</script>\n\t</table>";
return $confirm;
}
function write($_POST)
{
# get vars
extract($_POST);
if (isset($back)) {
return edit_err($_POST);
}
# validate input
require_lib("validate");
$v = new validate();
$v->isOk($deptid, "num", 1, 255, "Invalid Department.");
$v->isOk($supid, "num", 1, 50, "Invalid supplier id.");
$v->isOk($supno, "string", 1, 255, "Invalid suppleir number.");
$v->isOk($supname, "string", 1, 255, "Invalid supplier name.");
$v->isOk($loc, "string", 1, 3, "Invalid Type.");
$v->isOk($fcid, "num", 1, 30, "Invalid Currency.");
$v->isOk($vatnum, "string", 1, 255, "Invalid supplier vat number.");
$v->isOk($registration, "string", 1, 255, "Invalid registration number.");
$v->isOk($supaddr, "string", 1, 255, "Invalid supplier address.");
$v->isOk($suppostaddr, "string", 0, 255, "Invalid supplier postal address.");
$v->isOk($contname, "string", 1, 255, "Invalid contact name.");
$v->isOk($tel, "string", 1, 20, "Invalid tel no.");
$v->isOk($fax, "string", 0, 20, "Invalid fax no.");
$v->isOk($cell, "string", 0, 20, "Invalid cell no.");
$v->isOk($email, "email", 0, 255, "Invalid e-mail address.");
$v->isOk($listid, "num", 1, 20, "Invalid price list.");
$v->isOk($url, "url", 0, 255, "Invalid web address.");
$v->isOk($bankname, "string", 0, 255, "Invalid bank name.");
$v->isOk($branname, "string", 0, 255, "Invalid branch name.");
$v->isOk($brancode, "string", 0, 255, "Invalid branch code.");
$v->isOk($bankaccname, "string", 0, 255, "Invalid bank account name.");
$v->isOk($bankacctype, "string", 0, 255, "Invalid bank account type.");
$v->isOk($bankaccno, "num", 0, 255, "Invalid bank account number.");
$v->isOk($comments, "string", 0, 255, "Invalid characters in comment.");
$v->isOk($branch, "string", 0, 255, "Invalid supplier branch.");
$v->isOk($reference, "string", 0, 255, "Invalid reference.");
$v->isOk($bee_status, "string", 0, 255, "Invalid BEE Status");
$v->isOk($supp_grp, "num", 1, 9, "Invalid supplier group selected.");
$v->isOk($team_id, "num", 1, 9, "Invalid team selection.");
$v->isOk($setdisc, "float", 1, 40, "Invalid Settlement Discount Amount.");
$v->isOk($setdays, "num", 1, 40, "Invalid Settlement Discount Days");
# display errors, if any
if ($v->isError()) {
$confirmCust = "";
$errors = $v->getErrors();
foreach ($errors as $e) {
$confirmCust .= "<li class='err'>" . $e["msg"] . "</li>";
}
$confirmCust .= "<p><input type='button' onClick='JavaScript:history.back();' value='« Correct submission'>";
return $confirmCust;
}
db_conn('cubit');
$Sl = "SELECT * FROM suppliers WHERE supno='{$supno}' AND supid!='{$supid}'";
$Ri = db_exec($Sl) or errDie("Unable to get data.");
if (pg_num_rows($Ri) > 0) {
return edit_err($_POST, "<li class='err'>There is already a supplier with that number.</li>");
}
# connect to db
db_connect();
$curr = getSymbol($fcid);
# write to db
$sql = "\r\n\t\tUPDATE suppliers \r\n\t\tSET \r\n\t\t\tdeptid = '{$deptid}', supno = '{$supno}', supname = '{$supname}', vatnum = '{$vatnum}', supaddr = '{$supaddr}', \r\n\t\t\tsuppostaddr = '{$suppostaddr}', contname = '{$contname}', tel = '{$tel}', fax = '{$fax}', cell = '{$cell}', \r\n\t\t\temail = '{$email}', url = '{$url}', listid = '{$listid}', bankname = '{$bankname}', branname = '{$branname}', \r\n\t\t\tbrancode = '{$brancode}', bankaccno = '{$bankaccno}', location = '{$loc}', fcid = '{$fcid}', currency = '{$curr['symbol']}', \r\n\t\t\tcomments = '{$comments}', branch = '{$branch}', reference = '{$reference}', bee_status = '{$bee_status}', \r\n\t\t\tregistration = '{$registration}', bankaccname = '{$bankaccname}', bankacctype = '{$bankacctype}', \r\n\t\t\tteam_id = '{$team_id}', setdisc = '{$setdisc}', setdays = '{$setdays}' \r\n\t\tWHERE supid = '{$supid}'";
$suppRslt = db_exec($sql) or errDie("Unable to edit supplier on the system.", SELF);
if (pg_cmdtuples($suppRslt) < 1) {
return "<li class='err'>Unable to Edit supplier in database.</li>";
}
// Update documents
$sql = "SELECT * FROM crm.stmp_docs WHERE session='{$_REQUEST['CUBIT_SESSION']}'";
$stdoc_rslt = db_exec($sql) or errDie("Unable to retrieve docs.");
while ($stdoc_data = pg_fetch_array($stdoc_rslt)) {
$sql = "\r\n\t\t\tINSERT INTO crm.supplier_docs (\r\n\t\t\t\tsupid, file, type, filename, size, real_filename\r\n\t\t\t) VALUES (\r\n\t\t\t\t'{$supid}', '{$stdoc_data['file']}', '{$stdoc_data['type']}', '{$stdoc_data['filename']}', '{$stdoc_data['size']}', '{$stdoc_data['real_filename']}'\r\n\t\t\t)";
db_exec($sql) or errDie("Unable to save files to customer.");
$sql = "DELETE FROM crm.stmp_docs WHERE id='{$stdoc_data['id']}'";
db_exec($sql) or errDie("Unable to remove tmp file.");
}
#handle supplier groups
if ($supp_grp != 0) {
#group set, check whether we should add the new entry or update a existing one ...
$check_grp = "SELECT * FROM supp_grpowners WHERE supid = '{$supid}' LIMIT 1";
$run_check = db_exec($check_grp) or errDie("Unable to get supplier group information.");
if (pg_numrows($run_check) < 1) {
$insert_sql = "INSERT INTO supp_grpowners (grpid,supid) VALUES ('{$supp_grp}','{$supid}')";
$run_insert = db_exec($insert_sql) or errDie("Unable to add supplier group information.");
} else {
$update_sql = "UPDATE supp_grpowners SET grpid = '{$supp_grp}' WHERE supid = '{$supid}'";
$run_update = db_exec($update_sql) or errDie("Unable to update supplier group information");
}
} else {
#remove any current entry
$remove_sql = "DELETE FROM supp_grpowners WHERE supid = '{$supid}'";
$run_remove = db_exec($remove_sql) or errDie("Unable to update supplier group informatiom");
}
// update the contact in the contact list if any
$sql = "UPDATE cons SET surname='{$supname}', tell='{$tel}', fax='{$fax}', email='{$email}', padd='{$supaddr}' WHERE supp_id = '{$supid}'";
$rslt = db_exec($sql) or errDie("Unable to edit supplier in contact list.", SELF);
return edit($supid, "<li class='yay'>Supplier <b>{$supname}</b>, has been saved.</li><br>");
// $write = "
// <table ".TMPL_tblDflts." width='50%'>
// <tr>
// <th>Supplier edited</th>
// </tr>
// <tr class='datacell'>
// <td>Supplier <b>$supname</b>, has been edited.</td>
// </tr>
// </table>
// <p>
// <table border=0 cellpadding='2' cellspacing='1'>
// <tr>
// <th>Quick Links</th>
// </tr>
// <tr class='".bg_class()."'>
// <td><a href='supp-view.php'>View Suppliers</a></td>
// </tr>
// <tr class='".bg_class()."'>
// <td><a href='main.php'>Main Menu</a></td>
// </tr>
// </table>";
// return $write;
}
