function check_acl($db, $module, $page) { $uid = $_SESSION['login_id']; /* get group id */ $q = 'SELECT ' . PRFX . 'CONFIG_EMPLOYEE_TYPE.TYPE_NAME FROM ' . PRFX . 'TABLE_EMPLOYEE,' . PRFX . 'CONFIG_EMPLOYEE_TYPE WHERE ' . PRFX . 'TABLE_EMPLOYEE.EMPLOYEE_TYPE = ' . PRFX . 'CONFIG_EMPLOYEE_TYPE.TYPE_ID AND EMPLOYEE_ID=' . $db->qstr($uid); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=Could not get Group ID for user'); exit; } else { $gid = $rs->fields['TYPE_NAME']; } /* check page to see if we have access */ if (!isset($module)) { $page = "core:main"; } else { $page = $module . ":" . $page; } $q = 'SELECT ' . $gid . ' as ACL FROM ' . PRFX . 'ACL WHERE page=' . $db->qstr($page); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=Could not get Page ACL'); exit; } else { $acl = $rs->fields['ACL']; if ($acl != 1) { return false; } else { return true; } } }
function display_workorder_status2($db, $wo_id) { $sql = "SELECT " . PRFX . "TABLE_WORK_ORDER_STATUS.*, " . PRFX . "TABLE_EMPLOYEE.EMPLOYEE_DISPLAY_NAME \n\t\t\t\tFROM " . PRFX . "TABLE_WORK_ORDER_STATUS, " . PRFX . "TABLE_EMPLOYEE \n\t\t\t\tWHERE " . PRFX . "TABLE_WORK_ORDER_STATUS.WORK_ORDER_ID=" . $db->qstr($wo_id) . " \n\t\t\t\tAND " . PRFX . "TABLE_EMPLOYEE.EMPLOYEE_ID = " . PRFX . "TABLE_WORK_ORDER_STATUS.WORK_ORDER_STATUS_ENTER_BY ORDER BY " . PRFX . "TABLE_WORK_ORDER_STATUS.WORK_ORDER_STATUS_ID"; if (!($result = $db->Execute($sql))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } $work_order_status2 = $result->GetArray(); return $work_order_status2; }
function date_format_call($db) { $q = 'SELECT * FROM ' . PRFX . 'TABLE_COMPANY'; if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } else { $date_format = $rs->fields['COMPANY_DATE_FORMAT']; return $date_format; } }
function display_closed($db, $page_no, $smarty) { global $smarty; // Define the number of results per page $max_results = 25; // Figure out the limit for the Execute based // on the current page number. $from = $page_no * $max_results - $max_results; $sql = "SELECT \n\t\t\t" . PRFX . "TABLE_WORK_ORDER.WORK_ORDER_ID, \n\t\t\t" . PRFX . "TABLE_WORK_ORDER.WORK_ORDER_OPEN_DATE,\n\t\t\t" . PRFX . "TABLE_WORK_ORDER.WORK_ORDER_ASSIGN_TO,\n\t\t\t" . PRFX . "TABLE_WORK_ORDER.WORK_ORDER_SCOPE, \n\t\t\t" . PRFX . "TABLE_WORK_ORDER.WORK_ORDER_CLOSE_DATE,\n\t\t\t" . PRFX . "TABLE_CUSTOMER.*, \n\t\t\t" . PRFX . "TABLE_EMPLOYEE.EMPLOYEE_ID, \n\t\t\t" . PRFX . "TABLE_EMPLOYEE.EMPLOYEE_DISPLAY_NAME, \n\t\t\t" . PRFX . "TABLE_EMPLOYEE.EMPLOYEE_WORK_PHONE, \n\t\t\t" . PRFX . "TABLE_EMPLOYEE.EMPLOYEE_HOME_PHONE, \n\t\t\t" . PRFX . "TABLE_EMPLOYEE.EMPLOYEE_MOBILE_PHONE, \n\t\t\t" . PRFX . "CONFIG_WORK_ORDER_STATUS.CONFIG_WORK_ORDER_STATUS\n\t\t\tFROM " . PRFX . "TABLE_WORK_ORDER\n\t\t\tLEFT JOIN " . PRFX . "TABLE_CUSTOMER ON " . PRFX . "TABLE_WORK_ORDER.CUSTOMER_ID = " . PRFX . "TABLE_CUSTOMER.CUSTOMER_ID\n\t\t\tLEFT JOIN " . PRFX . "TABLE_EMPLOYEE ON " . PRFX . "TABLE_WORK_ORDER.WORK_ORDER_ASSIGN_TO = " . PRFX . "TABLE_EMPLOYEE.EMPLOYEE_ID\n\t\t\tLEFT JOIN " . PRFX . "CONFIG_WORK_ORDER_STATUS ON " . PRFX . "TABLE_WORK_ORDER.WORK_ORDER_CURRENT_STATUS = " . PRFX . "CONFIG_WORK_ORDER_STATUS.CONFIG_WORK_ORDER_STATUS_ID\n\t\t\tWHERE WORK_ORDER_STATUS=" . $db->qstr(6) . " GROUP BY " . PRFX . "TABLE_WORK_ORDER.WORK_ORDER_ID ORDER BY " . PRFX . "TABLE_WORK_ORDER.WORK_ORDER_ID DESC LIMIT {$from}, {$max_results}"; if (!($rs = $db->Execute($sql))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } else { $work_order = $rs->GetArray(); } // Figure out the total number of results in DB: $q = "SELECT COUNT(*) as Num FROM " . PRFX . "TABLE_WORK_ORDER WHERE WORK_ORDER_STATUS=" . $db->qstr(6); if (!($results = $db->Execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } if (!($total_results = $results->FetchRow())) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } else { $smarty->assign('total_results', $total_results['Num']); } // Figure out the total number of pages. Always round up using ceil() $total_pages = ceil($total_results["Num"] / $max_results); $smarty->assign('total_pages', $total_pages); // Assign the first page if ($page_no > 1) { $prev = $page_no - 1; } // Build Next Link if ($page_no < $total_pages) { $next = $page_no + 1; } $smarty->assign('name', $name); $smarty->assign('page_no', $page_no); $smarty->assign("previous", $prev); $smarty->assign("next", $next); return $work_order; }
<?php // Load the Expense Functions require_once 'include.php'; // Load the Translations for this Module if (!xml2php('expense')) { $smarty->assign('error_msg', "Error in language file"); } $expenseID = $VAR['expenseID']; // Load PHP Language Translations $langvals = gateway_xml2php('expense'); // Make sure we got an Expense ID number if (!isset($expenseID) || $expenseID == "") { $smarty->assign('results', 'Please go back and select an expense record'); die; } // Delete the expense function call if (!delete_expense($db, $expenseID)) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } else { force_page('expense', 'search&page_title=' . $langvals['expense_search_title']); exit; }
<?php // Load the Expense Functions require_once 'include.php'; // Load the Translations for this Module if (!xml2php('expense')) { $smarty->assign('error_msg', "Error in language file"); } // Load PHP Language Translations $langvals = gateway_xml2php('expense'); // Load expense details $expense_details = display_expense_info($db, $VAR['expenseID']); // If details submitted run update values, if not set load edit.tpl and populate values if (isset($VAR['submit'])) { if (!update_expense($db, $VAR)) { force_page('expense', 'edit&error_msg=Falied to Update Expense Information&expenseID=' . $VAR['expenseID']); exit; } else { force_page('expense', 'expense_details&expenseID=' . $VAR['expenseID'] . '&page_title=' . $langvals['expense_details_title']); exit; } } else { $smarty->assign('expense_details', $expense_details); $smarty->display('expense' . SEP . 'edit.tpl'); }
require_once 'include.php'; // Load the Translation for this Module if (!xml2php('refund')) { $smarty->assign('error_msg', "Error in language file"); } // Load PHP Language Translations $langvals = gateway_xml2php('refund'); $last_record_id = last_record_id_lookup($db); $new_record_id = $last_record_id + 1; // If details submitted insert record, if non submitted load new.tpl and populate values if (isset($VAR['submit']) || isset($VAR['submitandnew'])) { if ($run != insert_new_refund($db, $VAR)) { $smarty->assign('error_msg', 'Falied to insert Refund'); $smarty->display('core' . SEP . 'error.tpl'); echo "refund insert error"; } else { if (isset($VAR['submitandnew'])) { // Submit New Refund and reload page force_page('refund', 'new&page_title='); exit; } else { // Submit and load Refund View Details force_page('refund', 'refund_details&refundID=' . $new_record_id . '&page_title=' . $langvals['refund_details_title']); exit; } } } else { $smarty->assign('new_record_id', $new_record_id); $smarty->assign('tax_rate', $tax_rate); $smarty->display('refund' . SEP . 'new.tpl'); }
function employee_type($db) { $q = "SELECT * FROM " . PRFX . "CONFIG_EMPLOYEE_TYPE"; if (!($rs = $db->Execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } else { $arr = $rs->GetArray(); return $arr; } }
<?php // Load the Refund Functions require_once 'include.php'; // Load the Translation for this Module if (!xml2php('refund')) { $smarty->assign('error_msg', "Error in language file"); } // Load PHP Language Translations $langvals = gateway_xml2php('refund'); // Load refund details $refund_details = display_refund_info($db, $VAR['refundID']); // If details submitted run update values, if not set load edit.tpl and populate values if (isset($VAR['submit'])) { if (!update_refund($db, $VAR)) { force_page('refund', 'edit&error_msg=Falied to Update refund Information&refundID=' . $VAR['refundID']); exit; } else { force_page('refund', 'refund_details&refundID=' . $VAR['refundID'] . '&page_title=' . $langvals['refund_details_title']); exit; } } else { $smarty->assign('refund_details', $refund_details); $smarty->display('refund' . SEP . 'edit.tpl'); }
<?php // Load the Supplier classes require_once 'include.php'; // Load the Translation for this Module if (!xml2php('supplier')) { $smarty->assign('error_msg', "Error in language file"); } // Load PHP Language Translations $langvals = gateway_xml2php('supplier'); // Load supplier details $supplier_details = display_supplier_info($db, $VAR['supplierID']); // If details submitted run update values, if not set load edit.tpl and populate values if (isset($VAR['submit'])) { if (!update_supplier($db, $VAR)) { force_page('supplier', 'edit&error_msg=Falied to Update Supplier Information&supplierID=' . $VAR['supplierID']); exit; } else { force_page('supplier', 'supplier_details&supplierID=' . $VAR['supplierID'] . '&page_title=' . $langvals['supplier_details_title']); exit; } } else { $smarty->assign('supplier_details', $supplier_details); $smarty->display('supplier' . SEP . 'edit.tpl'); }
<?php require_once "include.php"; if (!xml2php("customer")) { $smarty->assign('error_msg', "Error in language file"); } if (isset($VAR['submit'])) { if (!($customer_id = insert_new_customer($db, $VAR))) { $smarty->assign('error_msg', 'Falied to insert customer'); $smarty->display('core' . SEP . 'error.tpl'); } else { force_page('customer', 'customer_details&customer_id=' . $customer_id . '&msg=Added New Customer ' . $VAR["displayName"] . ' &page_title=' . $VAR["displayName"]); exit; } } else { $smarty->display('customer' . SEP . 'new.tpl'); }
<?php require_once "include.php"; if (empty($VAR['wo_id'])) { force_page('core', 'error&error_msg=No Work Order ID'); exit; } if (isset($VAR['submit'])) { if (!update_status($db, $VAR)) { force_page('core', 'error&error_msg=Falied to update work order status'); exit; } else { force_page('workorder', 'view&wo_id=' . $VAR['wo_id'] . '&page_title=Work%20Order%20ID%20' . $VAR['wo_id']); exit; } } else { $smarty->assign('wo_id', $VAR['wo_id']); $smarty->display('workorder' . SEP . 'new_status.tpl'); }
$trans = $rs->GetArray(); $smarty->assign('trans', $trans); } $smarty->assign('invoice_details', $invoice_details); /* get billing settings from db */ $q = "SELECT BILLING_OPTION, ACTIVE FROM " . PRFX . "CONFIG_BILLING_OPTIONS WHERE ACTIVE='1'"; if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1'); exit; } $billing_options = $rs->GetAssoc(); if (empty($billing_options)) { force_page('core', 'error&error_msg=No Billing Methods Available. Please select billing options in the configuration&menu=1'); exit; } $smarty->assign('billing_options', $billing_options); /* get Accepted Credit cards*/ if ($billing_options['cc_billing'] == '1') { $q = "SELECT CARD_TYPE, CARD_NAME FROM " . PRFX . "CONFIG_CC_CARDS WHERE ACTIVE='1'"; if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1'); exit; } $cc_cards = $rs->GetAssoc(); if (empty($cc_cards)) { force_page('core', 'error&error_msg=Credit Card Billing is Set on but no cards are active. Please enable at least on credit card in the control panel&menu=1'); exit; } $smarty->assign('cc_cards', $cc_cards); } $smarty->display('billing' . SEP . 'new.tpl');
$q = "INSERT INTO " . PRFX . "TABLE_WORK_ORDER_STATUS SET\n\t\t\t\tWORK_ORDER_ID\t\t\t\t\t= " . $db->qstr($wo_id) . ",\n\t\t\t\tWORK_ORDER_STATUS_DATE \t\t= " . $db->qstr(time()) . ",\n\t\t\t\tWORK_ORDER_STATUS_NOTES \t\t= " . $db->qstr($memo) . ",\n\t\t\t\tWORK_ORDER_STATUS_ENTER_BY\t= " . $db->qstr($_SESSION['login_id']); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1'); exit; } /* check status */ $q = "SELECT WORK_ORDER_STATUS FROM " . PRFX . "TABLE_WORK_ORDER WHERE WORK_ORDER_ID=" . $db->qstr($wo_id); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } if ($rs->fields['WORK_ORDER_STATUS'] != '6') { /* check if we have a schedule */ $q = "SELECT count(*) as count FROM " . PRFX . "TABLE_SCHEDULE WHERE WORK_ORDER_ID=" . $db->qstr($wo_id); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } if ($rs->fields['count'] == 1) { $status = '2'; } else { $status = '1'; } $q = "UPDATE " . PRFX . "TABLE_WORK_ORDER SET WORK_ORDER_CURRENT_STATUS =" . $db->qstr($status) . ", LAST_ACTIVE=" . $db->qstr(time()) . " WHERE WORK_ORDER_ID = " . $db->qstr($wo_id); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } } force_page('workorder', 'view&wo_id=' . $wo_id . '&page_title=Work%20Order%20ID%20' . $wo_id);
$partsID = $VAR['partsID']; // Labour Delete Record if (isset($VAR['deleteType']) && $VAR['deleteType'] == "labourRecord") { // Delete the labour record Function call if (!delete_labour_record($db, $labourID)) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } else { force_page('invoice', 'new&invoice_id=' . $invoice_id . '&wo_id=' . $wo_id . '&page_title=' . $langvals['invoice_invoice'] . '&customer_id=' . $customer_id); exit; } } // Parts Delete Record if (isset($VAR['deleteType']) && $VAR['deleteType'] == "partsRecord") { // Delete the labour record Function call if (!delete_parts_record($db, $partsID)) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } else { force_page('invoice', 'new&invoice_id=' . $invoice_id . '&wo_id=' . $wo_id . '&page_title=' . $langvals['invoice_invoice'] . '&customer_id=' . $customer_id); exit; } } // Delete Invoice if (!delete_invoice($db, $invoice_id, $customer_id, $login)) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } else { force_page('invoice', 'view_paid&page_title=Paid%20Invoices'); exit; }
<?php ######################################################### # This program is distributed under the terms and # # conditions of the GPL # # new.php # # Version 0.0.1 Fri Sep 30 09:30:10 PDT 2005 # # # ######################################################### require_once "include.php"; //require_once("js/emp_new.js"); if (!xml2php("employees")) { $smarty->assign('error_msg', "Error in language file"); } $VAR['page_title'] = "Add New Employee"; if (isset($VAR['submit'])) { $smarty->assign('VAR', $VAR); if (!check_employee_ex($db, $VAR)) { $smarty->assign('error_msg', 'The employees Display Name, ' . $VAR["displayName"] . ', already exists! Please use a differnt name.'); $smarty->display('employees' . SEP . 'new.tpl'); } else { if (!($employee_id = insert_new_employee($db, $VAR))) { $smarty->assign('error_msg', 'Falied to insert Employee'); } else { force_page('employees', 'employee_details&employee_id=' . $employee_id . '&page_title=Employees'); } } } else { $smarty->display('employees' . SEP . 'new.tpl'); }
function display_memo($db, $customer_id) { $q = "SELECT * FROM " . PRFX . "CUSTOMER_NOTES WHERE CUSTOMER_ID=" . $db->qstr($customer_id); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } $arr = $rs->GetArray(); return $arr; }
$smarty->assign('DD_BSB', $DD_BSB); $smarty->assign('DD_ACC', $DD_ACC); $smarty->assign('DD_INS', $DD_INS); $smarty->assign('DD_BANK', $DD_BANK); $smarty->assign('CHECK_PAYABLE', $CHECK_PAYABLE); $smarty->assign('PAYMATE_LOGIN', $PAYMATE_LOGIN); $smarty->assign('company', $company); $smarty->assign('company2', $company2); //$smarty->assign('CURRENCY_CODE',$CURRENCY_CODE); //$smarty->assign('currency_sym',$currency_sym); $smarty->assign('country', $country); $smarty->assign('pamount', $pamount); $smarty->assign('paymate_amt', $paymate_amt); $smarty->assign('PAYMATE_FEES', $PAYMATE_FEES); $smarty->assign('parts_sub_total_sum', $parts_sub_total_sum); $smarty->assign('labour_sub_total_sum', $labour_sub_total_sum); $smarty->assign('wo_description', $wo_description); $smarty->assign('wo_resolution', $wo_resolution); $smarty->display('invoice' . SEP . 'print_html.tpl'); } else { // EOF HTML Printing Section // BOF PDF Printing Section if ($print_type == 'pdf') { require_once FILE_ROOT . 'templates/invoice/print_pdf_tpl.php'; //This loads the PDF template file } else { force_page('core', "error&menu=1&error_msg=No Printing Options set. Please set up printing options in the Control Center.&type=error"); exit; } } // EOF PDF Printing Section
<?php #################################################### # This program is distributed under the terms and # # conditions of the GPL # # Schedule Delete # # Version 0.0.2 2:18 PM Monday, 6 April 2009 # # # #################################################### $sch_id = $VAR['sch_id']; $y = $VAR['y']; $m = $VAR['m']; $d = $VAR['d']; $q = "DELETE FROM " . PRFX . "TABLE_SCHEDULE WHERE SCHEDULE_ID =" . $db->qstr($sch_id); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } else { force_page('schedule', 'main&y=' . $y . '&m=' . $m . '&d=' . $d . '&wo_id=' . $VAR['wo_id']); exit; }
if (!insert_new_schedule($db, $VAR)) { /* If db insert fails send em the error */ $day = $VAR['start']['schedule_date']; $start_time = $VAR['start']['Time_Hour'] . ":" . $VAR['start']['Time_Minute'] . " " . $VAR['start']['Time_Meridian']; $notes = $VAR['schedule_notes']; $end_time = $VAR['end']['Time_Hour'] . ":" . $VAR['end']['Time_Minute'] . " " . $VAR['end']['Time_Meridian']; $smarty->assign('end_time', $end_time); $smarty->assign('start_day', $day); $smarty->assign('start_time', $start_time); $smarty->assign('schedule_notes', $notes); $smarty->assign('tech', $VAR['tech']); $smarty->assign('wo_id', $VAR['wo_id']); $smarty->display("schedule/new.tpl"); //force_page('schedule','main&y='.$s_year.'&d='.$s_month.'&m='.$s_day.'&wo_id='.$VAR['wo_id'].'&page_title=schedule&tech='.$VAR['tech']); } else { //list($s_day, $s_month, $s_year) = split('[/.-]', $VAR['start']['SCHEDULE_date']); list($s_month, $s_day, $s_year) = split('[/.-]', $VAR['start']['SCHEDULE_date']); force_page('schedule', 'main&y=' . $s_year . '&d=' . $s_month . '&m=' . $s_day . '&wo_id=' . $VAR['wo_id'] . '&page_title=schedule&tech=' . $VAR['tech']); } } else { // Load html form to smarty $start_time = $VAR['starttime']; $day = $VAR['day']; $wo_id = $VAR['wo_id']; $tech = $VAR['tech']; $smarty->assign('tech', $tech); $smarty->assign('wo_id', $wo_id); $smarty->assign('start_day', $day); $smarty->assign('start_time', $start_time); $smarty->display('schedule' . SEP . 'new.tpl'); }
function delete_invoice($db, $invoice_id, $customer_id, $login) { //Actual Deletion Function from Invoice Table $q = "DELETE FROM " . PRFX . "TABLE_INVOICE WHERE INVOICE_ID=" . $db->qstr($invoice_id); if (!($rs = $db->Execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } else { return true; } // TODO - Add transaction log to database /* $q = "INSERT INTO ".PRFX."TABLE_TRANSACTION ( TRANSACTION_ID, DATE, TYPE, INVOICE_ID, WORKORDER_ID, CUSTOMER_ID, MEMO, AMOUNT ) VALUES, ( NULL, ".$db->qstr(time()).",'6',".$db->qstr($invoice_id).",'0',".$db->qstr($customer_id).",'Invoice Deleted By ".$db->qstr($login).",'0.00');"; if (!$rs = $db->Execute($q)) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; }*/ }
force_page('billing', 'new&wo_id=' . $workorder_id . '&customer_id=' . $customer_id . '&invoice_id=' . $invoice_id . '&error_msg=You can not bill more than the amount of the invoice.'); exit; } if ($invoice_details['INVOICE_AMOUNT'] == $deposit_amount) { /* insert Transaction */ $memo = "Full Deposit Payment Made of {$currency_sym}{$deposit_amount}, Deposit ID#: {$deposit_recieved}, Deposit Memo: {$deposit_memo}"; $q = "INSERT INTO " . PRFX . "TABLE_TRANSACTION SET\n\t\t\tDATE \t\t\t= " . $db->qstr(time()) . ",\n\t\t\tTYPE \t\t\t= '6',\n\t\t\tINVOICE_ID = " . $db->qstr($invoice_id) . ",\n\t\t\tWORKORDER_ID = " . $db->qstr($workorder_id) . ",\n\t\t\tCUSTOMER_ID = " . $db->qstr($customer_id) . ",\n\t\t\tMEMO \t\t\t= " . $db->qstr($memo) . ",\n\t\t\tAMOUNT\t\t\t= " . $db->qstr($deposit_amount); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1'); exit; } /* update the invoice */ $q = "UPDATE " . PRFX . "TABLE_INVOICE SET\n\t\t\tPAID_DATE \t\t= " . $db->qstr(time()) . ", \n\t\t\tPAID_AMOUNT \t\t= " . $db->qstr($deposit_amount) . ",\n\t\t\tINVOICE_PAID\t\t= '1',\n\t\t\tBALANCE \t\t= " . $db->qstr(0.0) . "\n\t\t\tWHERE INVOICE_ID \t= " . $db->qstr($invoice_id); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1'); exit; } /* update work order */ $q = "INSERT INTO " . PRFX . "TABLE_WORK_ORDER_STATUS SET\n\t\t\tWORK_ORDER_ID\t\t\t= " . $db->qstr($workorder_id) . ",\n\t\t\tWORK_ORDER_STATUS_DATE \t\t= " . $db->qstr(time()) . ",\n\t\t\tWORK_ORDER_STATUS_NOTES \t= " . $db->qstr($memo) . ",\n\t\t\tWORK_ORDER_STATUS_ENTER_BY\t= " . $db->qstr($_SESSION['login_id']); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1'); exit; } $q = "UPDATE " . PRFX . "TABLE_WORK_ORDER SET\n\t\t\tWORK_ORDER_STATUS\t\t\t= '6',\n\t\t\tWORK_ORDER_CURRENT_STATUS \t= '8'\n\t\t\tWHERE WORK_ORDER_ID \t\t=\t" . $db->qstr($workorder_id); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1'); exit; } force_page('invoice', "view&invoice_id={$invoice_id}&customer_id={$customer_id}"); } }
$parts_sub_total_sum = parts_sub_total_sum($db, $invoice['INVOICE_ID']); $smarty->assign('labour_sub_total_sum', $labour_sub_total_sum); $smarty->assign('parts_sub_total_sum', $parts_sub_total_sum); $smarty->display('invoice' . SEP . 'new.tpl'); // If discount is greate than 100% then these close WO and mark the invoice as paid if ($VAR['discount'] >= 100) { $q = "UPDATE " . PRFX . "TABLE_WORK_ORDER SET\n WORK_ORDER_STATUS\t\t= '6',\n WORK_ORDER_CURRENT_STATUS \t= '8'\n WHERE WORK_ORDER_ID \t\t=" . $db->qstr($wo_id); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1'); exit; } } if ($VAR['discount'] >= 100) { /* update the invoice */ $q = "UPDATE " . PRFX . "TABLE_INVOICE SET\n PAID_DATE \t\t= " . $db->qstr(time()) . ",\n PAID_AMOUNT \t\t= '0',\n INVOICE_PAID\t\t= '1'\n WHERE INVOICE_ID \t= " . $db->qstr($VAR['invoice_id']); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1'); exit; } } } ################################## # If We have a Submit2 # ################################## if (isset($submit2) && $wo_id != "0") { $q = "UPDATE " . PRFX . "TABLE_WORK_ORDER SET\n\t\t\tWORK_ORDER_STATUS\t\t= '6',\n\t\t\tWORK_ORDER_CURRENT_STATUS \t= '8'\n\t\t\tWHERE WORK_ORDER_ID \t\t=" . $db->qstr($wo_id); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1'); exit; } }
unlink($target_path);*/ } else { $users = array($email_from => $employee_details['EMPLOYEE_FIRST_NAME']); //Generate Replacements $replacements = array(); foreach ($users as $email => $user) { $replacements[$email] = array('{name}' => $employee_details['EMPLOYEE_FIRST_NAME'], '{sig}' => $sig); } $decorator = new Swift_Plugins_DecoratorPlugin($replacements); $mailer->registerPlugin($decorator); $message = Swift_Message::newInstance($email_subject)->setFrom(array($email_from => $employee_details['EMPLOYEE_FIRST_NAME']))->setTo($users)->setBody($message_body, 'text/html'); //Send the message $numSent = $mailer->send($message); //Display how many messages were sent echo "<script>alert('Successfully Sent {$numSent} message')</script>"; echo "<script>navigate('?page=customer:email&customer_id=" . $c2 . "&page_title=Email Customer')</script>"; //Show what file was uploaded //printf("File Location", $fname2); //Assign the variables with smarty $smarty->assign('email_subject', $email_subject); $smarty->assign('email_from', $email_from); $smarty->assign('email_to', $email_to); $smarty->assign('message_body', $message_body); $smarty->assign('rr', $rr); $smarty->assign('file_download', $file_download); // EOF Email Message details force_page('customer', "email&customer_id=" . $c2 . "&page_title=Email Customer"); } } ///Display the template we will use $smarty->display('customer' . SEP . 'email.tpl');
exit; } force_page('billing', 'new&wo_id=' . $workorder_id . '&customer_id=' . $customer_id . '&invoice_id=' . $invoice_id . '&page_title=Billing&error_msg=' . $result[3]); exit; } else { if ($result[0] == "3") { /* insert Transaction */ $memo = "ERROR: " . $result[3] . " Card Number: {$cc_num} TRANS ID: " . $result[37]; $q = "INSERT INTO " . PRFX . "TABLE_TRANSACTION SET\n\t\t\tDATE \t\t\t= " . $db->qstr(time()) . ",\n\t\t\tTYPE \t\t\t= '1',\n\t\t\tINVOICE_ID \t\t= " . $db->qstr($invoice_id) . ",\n\t\t\tWORKORDER_ID = " . $db->qstr($workorder_id) . ",\n\t\t\tCUSTOMER_ID \t\t= " . $db->qstr($customer_id) . ",\n\t\t\tMEMO \t\t\t= " . $db->qstr($memo) . ",\n\t\t\tAMOUNT\t\t\t= " . $db->qstr($cc_amount); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1'); exit; } force_page('billing', 'new&wo_id=' . $workorder_id . '&customer_id=' . $customer_id . '&invoice_id=' . $invoice_id . '&page_title=Billing&error_msg=' . $result[3]); exit; } else { if ($result[0] == "4") { /* insert Transaction */ $memo = "ERROR: " . $result[3] . " Card Number: {$cc_num} TRANS ID: " . $result[37]; $q = "INSERT INTO " . PRFX . "TABLE_TRANSACTION SET\n\t\t\tDATE \t\t\t= " . $db->qstr(time()) . ",\n\t\t\tTYPE \t\t\t= '1',\n\t\t\tINVOICE_ID \t\t= " . $db->qstr($invoice_id) . ",\n\t\t\tWORKORDER_ID = " . $db->qstr($workorder_id) . ",\n\t\t\tCUSTOMER_ID \t\t= " . $db->qstr($customer_id) . ",\n\t\t\tMEMO \t\t\t= " . $db->qstr($memo) . ",\n\t\t\tAMOUNT\t\t\t= " . $db->qstr($cc_amount); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1'); exit; } force_page('billing', 'new&wo_id=' . $workorder_id . '&customer_id=' . $customer_id . '&invoice_id=' . $invoice_id . '&page_title=Billing&error_msg=' . $result[3]); exit; } else { } } } }
force_page('control', 'hours_edit&error_msg=Start Time is the same as End Time'); exit; } else { $q = 'UPDATE ' . PRFX . 'SETUP SET OFFICE_HOUR_START =' . $db->qstr($VAR['startHour']) . ', OFFICE_HOUR_END =' . $db->qstr($VAR['endHour']); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } else { force_page('control', 'hours_edit&msg=Office hours have been updated.'); exit; } } } } else { $q = 'SELECT OFFICE_HOUR_START, OFFICE_HOUR_END FROM ' . PRFX . 'SETUP'; if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } $arr = $rs->GetArray(); $hour = array(); while ($count != 25) { array_push($hour, $count); $count++; } $smarty->assign('hour', $hour); $smarty->assign('arr', $arr); $smarty->display('control/hours_edit.tpl'); }
function display_refund_search($db, $refund_search_category, $refund_search_term, $page_no, $smarty) { global $smarty; // Define the number of results per page $max_results = 25; // Figure out the limit for the Execute based // on the current page number. $from = $page_no * $max_results - $max_results; $sql = "SELECT * FROM " . PRFX . "TABLE_REFUND WHERE REFUND_{$refund_search_category} LIKE '{$refund_search_term}' ORDER BY REFUND_ID DESC LIMIT {$from}, {$max_results}"; //print $sql; if (!($result = $db->Execute($sql))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } else { $refund_search_result = array(); } while ($row = $result->FetchRow()) { array_push($refund_search_result, $row); } // Figure out the total number of results in DB: $results = $db->Execute("SELECT COUNT(*) as Num FROM " . PRFX . "TABLE_REFUND WHERE REFUND_{$refund_search_category} LIKE " . $db->qstr("{$refund_search_term}")); if (!($total_results = $results->FetchRow())) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } else { $smarty->assign('total_results', $total_results['Num']); } // Figure out the total number of pages. Always round up using ceil() $total_pages = ceil($total_results["Num"] / $max_results); $smarty->assign('total_pages', $total_pages); // Assign the first page if ($page_no > 1) { $prev = $page_no - 1; } // Build Next Link if ($page_no < $total_pages) { $next = $page_no + 1; } $smarty->assign('items', $items); $smarty->assign('page_no', $page_no); $smarty->assign('previous', $prev); $smarty->assign('next', $next); $smarty->assign('refund_search_category', $refund_search_category); $smarty->assign('refund_search_term', $refund_search_term); return $refund_search_result; }
<?php require_once "include.php"; if (!xml2php("employees")) { $smarty->assign('error_msg', "Error in language file"); } if (isset($VAR['submit'])) { /* check if we have an ID */ if (!isset($VAR['employee_id'])) { force_page('core', 'error&error_msg=No Employee ID'); } /* if we are changing password update */ if ($VAR['password'] != '' || $VAR['login_id'] != '') { $update = "SET EMPLOYEE_PASSWD \t\t=" . $db->qstr(md5($VAR['password'])) . ",\n\t\t\t\t\t\t\tEMPLOYEE_EMAIL\t\t\t=" . $db->qstr($VAR['email']) . ", \n\t\t\t\t\t\t\tEMPLOYEE_FIRST_NAME\t\t=" . $db->qstr($VAR['firstName']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_LAST_NAME\t\t=" . $db->qstr($VAR['lastName']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_DISPLAY_NAME =" . $db->qstr($VAR['displayName']) . ",\n EMPLOYEE_LOGIN ="******",\n\t\t\t\t\t\t\tEMPLOYEE_SSN\t\t\t\t=" . $db->qstr($VAR['']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_ADDRESS\t\t=" . $db->qstr($VAR['address']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_CITY\t\t\t=" . $db->qstr($VAR['city']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_STATE\t\t\t=" . $db->qstr($VAR['state']) . ", \n\t\t\t\t\t\t\tEMPLOYEE_ZIP \t\t\t=" . $db->qstr($VAR['zip']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_TYPE\t\t\t=" . $db->qstr($VAR['type']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_BASED\t\t\t=" . $db->qstr($VAR['based']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_WORK_PHONE\t=" . $db->qstr($VAR['workPhone']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_HOME_PHONE \t=" . $db->qstr($VAR['homePhone']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_MOBILE_PHONE\t=" . $db->qstr($VAR['mobilePhone']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_STATUS\t\t\t=" . $db->qstr($VAR['active']); } else { $update = "\t\tSET\n\t\t\t\t\t\t\tEMPLOYEE_EMAIL\t\t\t=" . $db->qstr($VAR['email']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_FIRST_NAME\t\t=" . $db->qstr($VAR['firstName']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_LAST_NAME\t\t=" . $db->qstr($VAR['lastName']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_DISPLAY_NAME =" . $db->qstr($VAR['displayName']) . ", \n\t\t\t\t\t\t\tEMPLOYEE_SSN\t\t\t\t=" . $db->qstr($VAR['']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_ADDRESS\t\t=" . $db->qstr($VAR['address']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_CITY\t\t\t=" . $db->qstr($VAR['city']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_STATE\t\t\t=" . $db->qstr($VAR['state']) . ", \n\t\t\t\t\t\t\tEMPLOYEE_ZIP \t\t\t=" . $db->qstr($VAR['zip']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_TYPE\t\t\t=" . $db->qstr($VAR['type']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_BASED\t\t\t=" . $db->qstr($VAR['based']) . ",\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tEMPLOYEE_WORK_PHONE\t=" . $db->qstr($VAR['workPhone']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_HOME_PHONE \t=" . $db->qstr($VAR['homePhone']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_MOBILE_PHONE\t=" . $db->qstr($VAR['mobilePhone']) . ",\n\t\t\t\t\t\t\tEMPLOYEE_STATUS\t\t\t=" . $db->qstr($VAR['active']); } $q = "UPDATE " . PRFX . "TABLE_EMPLOYEE " . $update . "\n\t\t\tWHERE EMPLOYEE_ID= " . $db->qstr($VAR['employee_id']); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=Error updateing Employee Information'); } force_page('employees', 'employee_details&employee_id=' . $VAR['employee_id'] . '&page_title=Employees'); } else { $smarty->assign('employee_type', employee_type($db)); $smarty->assign('employee_details', display_employee_info($db, $VAR['employee_id'])); $smarty->display('employees' . SEP . 'edit.tpl'); }
function update_last_active($db, $wo_id) { $q = "UPDATE " . PRFX . "TABLE_WORK_ORDER SET LAST_ACTIVE=" . $db->qstr(time()) . " WHERE WORK_ORDER_ID=" . $db->qstr($wo_id); if (!($rs = $db->execute($q))) { force_page('core', 'error&error_msg=MySQL Error: ' . $db->ErrorMsg() . '&menu=1&type=database'); exit; } }
} if (isset($VAR['msg'])) { $smarty->assign('msg', $VAR['msg']); } if ($VAR['escape'] != 1) { require 'modules' . SEP . 'core' . SEP . 'header.php'; require 'modules' . SEP . 'core' . SEP . 'navagation.php'; require 'modules' . SEP . 'core' . SEP . 'company.php'; } if ($menu == 1) { $smarty->assign('menu', '1'); $smarty->display('core' . SEP . 'error.tpl'); } else { /* check acl for page request */ if (!check_acl($db, $module, $page)) { force_page('core', 'error&error_msg=You do not have permission to access this ' . $module . ':' . $page . '&menu=1'); } else { require $the_page; } } if ($VAR['escape'] != 1) { require 'modules' . SEP . 'core' . SEP . 'footer.php'; } /* Tracker code */ function getIP() { // $ip; if (getenv("HTTP_CLIENT_IP")) { $ip = getenv("HTTP_CLIENT_IP"); } else { if (getenv("HTTP_X_FORWARDED_FOR")) {