function btn_delete() { global $db, $messageStack; if ($this->security_id < 4) { $messageStack->add_session(ERROR_NO_PERMISSION, 'error'); return false; } $countries_id = db_prepare_input($_POST['rowSeq']); $result = $db->Execute("select countries_name from " . $this->db_table . " where countries_id = " . (int) $countries_id); $db->Execute("delete from " . $this->db_table . " where countries_id = " . (int) $countries_id); gen_add_audit_log(SETUP_LOG_COUNTRIES . TEXT_DELETE, $result->fields['countries_name']); return true; }
function btn_delete($id = 0) { global $db, $messageStack; if ($this->security_id < 4) { $messageStack->add(ERROR_NO_PERMISSION, 'error'); return false; } /* // TBD - Check for this project phase being used in a journal entry, if so do not allow deletion $result = $db->Execute("select projects from " . TABLE_JOURNAL_ITEM . " where projects like '%" . $id . "%'"); while (!$result->EOF) { $cost_ids = explode(':', $result->fields['projects']); for ($i = 0; $i < count($cost_ids); $i++) { if ($id == $cost_ids[$i]) { $messageStack->add(SETUP_PROJECT_COSTS_DELETE_ERROR,'error'); return false; } } $result->MoveNext(); } */ // OK to delete $result = $db->Execute("select description_short from " . $this->db_table . " where cost_id = '" . $this->id . "'"); $db->Execute("delete from " . $this->db_table . " where cost_id = '" . $this->id . "'"); gen_add_audit_log(SETUP_PROJECT_COSTSS_LOG . TEXT_DELETE, $result->fields['description_short']); return true; }
function btn_delete() { global $db, $messageStack; if ($this->security_id < 4) { $messageStack->add_session(ERROR_NO_PERMISSION, 'error'); return false; } $tax_auth_id = db_prepare_input($_POST['rowSeq']); // Check for this authority being used in a tax rate calculation, if so do not delete $result = $db->Execute("select tax_auths from " . TABLE_JOURNAL_MAIN . " \r\n\t\twhere tax_auths like '%" . $tax_auth_id . "%'"); while (!$result->EOF) { $auth_ids = explode(':', $result->fields['tax_auths']); for ($i = 0; $i < count($auth_ids); $i++) { if ($tax_auth_id == $auth_ids[$i]) { $messageStack->add(SETUP_TAX_AUTHS_DELETE_ERROR, 'error'); return false; } } $result->MoveNext(); } // OK to delete $result = $db->Execute("select description_short from " . $this->db_table . " where tax_auth_id = " . (int) $tax_auth_id); $db->Execute("delete from " . $this->db_table . " where tax_auth_id = " . (int) $tax_auth_id); gen_add_audit_log(SETUP_TAX_AUTHS_LOG . TEXT_DELETE, $result->fields['description_short']); return true; }
function btn_delete($id = 0) { global $db, $messageStack; validate_security($this->security_id, 4); // OK to delete $result = $db->Execute("select description from " . $this->db_table . " where kt_id = '" . $id . "'"); $db->Execute("delete from " . $this->db_table . " where kt_id = '" . $id . "'"); gen_add_audit_log(SETUP_TAX_AUTHS_LOG . TEXT_DELETE, $result->fields['description']); return true; }
function btn_delete($id = 0) { global $db, $messageStack; if ($this->security_id < 4) { $messageStack->add(ERROR_NO_PERMISSION, 'error'); return false; } // Check for this rate as part of a journal entry, if so do not delete // Since tax rates are not used explicitly, they can be deleted at any time. $result = $db->Execute("select description_short from " . $this->db_table . " where tax_rate_id = '" . $id . "'"); $db->Execute("delete from " . $this->db_table . " where tax_rate_id = '" . $id . "'"); gen_add_audit_log(SETUP_TAX_RATES_LOG . TEXT_DELETE, $result->fields['description_short']); return true; }
function btn_delete($id = 0) { global $db, $messageStack; if ($this->security_id < 4) { $messageStack->add(ERROR_NO_PERMISSION, 'error'); return false; } // error check // Departments have no pre-requisites to check prior to delete // OK to delete $db->Execute("delete from " . $this->db_table . " where id = '" . $this->id . "'"); modify_account_history_records($this->id, $add_acct = false); gen_add_audit_log(HR_LOG_DEPARTMENTS . TEXT_DELETE, $this->id); return true; }
function btn_delete($id = 0) { global $db, $messageStack; if ($_SESSION['admin_security'][SECURITY_ID_CONFIGURATION] < 4) { $messageStack->add_session(ERROR_NO_PERMISSION, 'error'); return false; } $result = $db->Execute("select field_name from " . TABLE_EXTRA_FIELDS . " where id = '" . $id . "'"); if ($result->RecordCount() > 0) { $messageStack->add(ASSETS_CATEGORY_CANNOT_DELETE . $result->fields['field_name'], 'error'); return false; } $result = $db->Execute("select tab_name from " . TABLE_EXTRA_TABS . " where id = '" . $id . "'"); $db->Execute("delete from " . TABLE_EXTRA_TABS . " where id = '" . $id . "'"); gen_add_audit_log(sprintf(EXTRA_TABS_LOG, TEXT_DELETE), $result->fields['tab_name']); return true; }
public function btn_delete($id = 0) { global $db, $messageStack; if ($_SESSION['admin_security'][SECURITY_ID_CONFIGURATION] < 4) { $messageStack->add(ERROR_NO_PERMISSION, 'error'); return false; } $result = $db->Execute("SELECT field_name FROM " . TABLE_EXTRA_FIELDS . " WHERE tab_id='{$id}'"); if ($result->RecordCount() > 0) { $messageStack->add(INV_CATEGORY_CANNOT_DELETE . $result->fields['field_name'], 'error'); return false; } $result = $db->Execute("SELECT tab_name FROM " . TABLE_EXTRA_TABS . " WHERE id='{$id}'"); $db->Execute("DELETE FROM " . TABLE_EXTRA_TABS . " WHERE id={$id}"); gen_add_audit_log(sprintf(EXTRA_TABS_LOG, TEXT_DELETE), $result->fields['tab_name']); return true; }
function btn_delete($id = 0) { global $db, $messageStack; validate_security($this->security_id, 4); // Don't allow delete if there is account activity for this account $sql = "select max(debit_amount) as debit, max(credit_amount) as credit, max(beginning_balance) as beg_bal \n\t\tfrom " . TABLE_CHART_OF_ACCOUNTS_HISTORY . " where account_id = '" . $this->gl_acct_id . "'"; $result = $db->Execute($sql); if ($result->fields['debit'] != 0 || $result->fields['credit'] != 0 || $result->fields['beg_bal'] != 0) { $messageStack->add(GL_ERROR_CANT_DELETE, 'error'); return false; } // OK to delete $result = $db->Execute("select description from " . $this->db_table . " where till_id = '" . $id . "'"); $db->Execute("delete from " . $this->db_table . " where till_id = '" . $id . "'"); gen_add_audit_log(SETUP_TAX_AUTHS_LOG . TEXT_DELETE, $result->fields['description']); return true; }
function btn_delete() { global $db, $messageStack; if ($this->security_id < 4) { $messageStack->add_session(ERROR_NO_PERMISSION, 'error'); return false; } $id = (int) db_prepare_input($_POST['rowSeq']); $result = $db->Execute("select field_name from " . TABLE_INVENTORY_FIELDS . " where category_id = " . $id); if ($result->RecordCount() > 0) { $messageStack->add(INV_CATEGORY_CANNOT_DELETE . $result->fields['field_name'], 'error'); return false; } $result = $db->Execute("select category_name from " . $this->db_table . " where category_id = " . (int) $id); $db->Execute("delete from " . TABLE_INVENTORY_CATEGORIES . " where category_id = " . $id); gen_add_audit_log(INV_TABS_LOG . TEXT_DELETE, $result->fields['category_name']); return true; }
function btn_delete($id = 0) { global $db, $messageStack; if ($this->security_id < 4) { $messageStack->add(ERROR_NO_PERMISSION, 'error'); return false; } // Check for this department type being used in a department, if so do not delete $result = $db->Execute("select department_type from " . TABLE_DEPARTMENTS); while (!$result->EOF) { if ($this->id == $result->fields['department_type']) { $messageStack->add(SETUP_DEPT_TYPES_DELETE_ERROR, 'error'); return false; } $result->MoveNext(); } // OK to delete $result = $db->Execute("select description from " . $this->db_table . " where id = '" . $this->id . "'"); $db->Execute("delete from " . $this->db_table . " where id = '" . $this->id . "'"); gen_add_audit_log(SETUP_DEPT_TYPES_LOG . TEXT_DELETE, $result->fields['description']); return true; }
$shipment_id = db_prepare_input($_GET['sID']); $result = $db->Execute("select method, ship_date from " . TABLE_SHIPPING_LOG . " where shipment_id = " . (int) $shipment_id); $ship_method = $result->fields['method']; if ($result->RecordCount() == 0 || !$shipment_id) { $messageStack->add(SHIPPING_FEDEX_DELETE_ERROR, 'error'); $error = true; break; } if ($result->fields['ship_date'] < date('Y-m-d', time())) { // only allow delete if shipped today or in future $messageStack->add(SHIPPING_FEDEX_CANNOT_DELETE, 'error'); $error = true; break; } $db->Execute("delete from " . TABLE_SHIPPING_LOG . " where shipment_id = " . $shipment_id); gen_add_audit_log(SHIPPING_FEDEX_LABEL_DELETED, $tracking_id); $messageStack->convert_add_to_session(); // save any messages for reload break; default: $oID = db_prepare_input($_GET['oID']); $sql = "select shipper_code, purchase_invoice_id \r\n\t\tfrom " . TABLE_JOURNAL_MAIN . " where id = " . (int) $oID; $result = $db->Execute($sql); $sInfo->purchase_invoice_id = $result->fields['purchase_invoice_id']; $temp = explode(':', $result->fields['shipper_code']); $sInfo->ship_method = $temp[1]; } /***************** prepare to display templates *************************/ // translate shipping terms in the carriers language, style $shipping_methods = array(); foreach ($shipping_defaults['service_levels'] as $key => $value) {
case 'save': if (!$method) { break; } $sql_data_array = array('carrier' => db_prepare_input($_POST['carrier']), 'ref_id' => db_prepare_input($_POST['ref_id']), 'method' => db_prepare_input($_POST['method']), 'ship_date' => gen_db_date($_POST['ship_date']), 'deliver_date' => gen_db_date($_POST['deliver_date']), 'tracking_id' => db_prepare_input($_POST['tracking_id']), 'cost' => $currencies->clean_value($_POST['cost'])); if (!$sID) { // it's a new entry $result = $db->Execute("select next_shipment_num from " . TABLE_CURRENT_STATUS); $sql_data_array['shipment_id'] = $result->fields['next_shipment_num']; db_perform(TABLE_SHIPPING_LOG, $sql_data_array, 'insert'); $db->Execute("update " . TABLE_CURRENT_STATUS . " set next_shipment_num = next_shipment_num + 1"); gen_add_audit_log(SHIPPING_SHIPMENT_DETAILS . ' - ' . TEXT_INSERT, $sID); } else { // update db_perform(TABLE_SHIPPING_LOG, $sql_data_array, 'update', "id = " . $sID); gen_add_audit_log(SHIPPING_SHIPMENT_DETAILS . ' - ' . TEXT_UPDATE, $sID); } $close_popup = true; break; default: } /***************** prepare to display templates *************************/ $js_methods = build_js_methods($methods); if ($sID) { $sql = "select id, shipment_id, carrier, ref_id, method, ship_date, deliver_date, tracking_id, cost \n\tfrom " . TABLE_SHIPPING_LOG . " where id = " . (int) $sID; $result = $db->Execute($sql); $cInfo = new objectInfo($result->fields); // need to build the methods pull down $carrier_methods = array(); foreach ($shipping_defaults['service_levels'] as $key => $value) { if (defined($cInfo->carrier . '_' . $key)) {
gen_redirect(html_href_link(FILENAME_DEFAULT, gen_get_all_get_params(array('action')), 'SSL')); break; } $id = db_prepare_input($_GET['psID']); $result = $db->Execute("select * from " . TABLE_PRICE_SHEETS . " where id = " . $id); $old_rev = (int) $result->fields['revision']; $output_array = array('sheet_name' => $result->fields['sheet_name'], 'revision' => $result->fields['revision'] + 1, 'effective_date' => $result->fields['expiration_date'], 'default_sheet' => $result->fields['default_sheet'], 'default_levels' => $result->fields['default_levels']); db_perform(TABLE_PRICE_SHEETS, $output_array, 'insert'); $sheet_id = db_insert_id(); // Copy special pricing information to new sheet $levels = $db->Execute("select inventory_id, price_levels from " . TABLE_INVENTORY_SPECIAL_PRICES . " \r\n\t\t\twhere price_sheet_id = " . $id); while (!$levels->EOF) { $db->Execute("insert into " . TABLE_INVENTORY_SPECIAL_PRICES . " set \r\n\t\t\tinventory_id = " . $levels->fields['inventory_id'] . ", \r\n\t\t\tprice_sheet_id = " . $sheet_id . ", \r\n\t\t\tprice_levels = '" . $levels->fields['price_levels'] . "'"); $levels->MoveNext(); } gen_add_audit_log(PRICE_SHEETS_LOG . TEXT_REVISE, $result->fields['sheet_name'] . ' Rev. ' . $old_rev . ' => ' . ($old_rev + 1)); $action = ''; break; case 'edit': $id = db_prepare_input($_POST['rowSeq']); $result = $db->Execute("select * from " . TABLE_PRICE_SHEETS . " where id = " . $id); $sheet_name = $result->fields['sheet_name']; $revision = $result->fields['revision']; $effective_date = gen_spiffycal_db_date_short($result->fields['effective_date']); $default_sheet = $result->fields['default_sheet'] ? '1' : '0'; $default_levels = $result->fields['default_levels']; break; case 'go_first': $_GET['page'] = 1; break; case 'go_previous':
$orph_cnt++; $search_type = $rpt->reporttype == 'frm' ? 'misc:misc' : 'misc'; // put in misc $result = $db->Execute("select id from " . TABLE_PHREEFORM . " where doc_group = '" . $search_type . "' and doc_type = '0'"); } $sql_array = array('parent_id' => $result->fields['id'], 'doc_type' => 's', 'doc_title' => $rpt->title, 'doc_group' => $rpt->groupname, 'doc_ext' => $rpt->reporttype, 'security' => $rpt->security, 'create_date' => date('Y-m-d')); db_perform(TABLE_PHREEFORM, $sql_array); $name_map[$rpt_id] = db_insert_id(); rename(PF_DIR_MY_REPORTS . $report, PF_DIR_MY_REPORTS . 'tmp_' . $rpt_id); $rpt_cnt++; } // remap the reports to the new db id's foreach ($name_map as $old => $new) { rename(PF_DIR_MY_REPORTS . 'tmp_' . $old, PF_DIR_MY_REPORTS . 'pf_' . $new); } gen_add_audit_log(PHREEFORM_TOOLS_REBUILD_TITLE); $messageStack->add(sprintf(PHREEFORM_TOOLS_REBUILD_SUCCESS, $rpt_cnt, $orph_cnt), 'success'); break; /*** BOF - Added by PhreeSoft to convert PhreeBooks reports to phreeform format *************/ // This script transfers stored reports from the reportwriter database used in PhreeBooks to phreeform /*** BOF - Added by PhreeSoft to convert PhreeBooks reports to phreeform format *************/ // This script transfers stored reports from the reportwriter database used in PhreeBooks to phreeform case 'convert': require_once DIR_FS_MODULES . 'phreeform/functions/reportwriter.php'; $result = $db->Execute("select * from " . TABLE_REPORTS); $count = 0; while (!$result->EOF) { $skip_report = false; $report = PrepReport($result->fields['id']); if (!($params = import_text_params($report))) { $messageStack->add(sprintf(PB_CONVERT_ERROR, $result->fields['description']), 'error');
} $output = $details->fields['purch_order_id'] . "\t"; $output .= '' . "\t"; $output .= '' . "\t"; // was $output .= $result->fields['qty'] . "\t"; $output .= substr($result->fields['ship_date'], 0, 10) . "\t"; $output .= $carrier . "\t"; $output .= $carrier_name . "\t"; $output .= $result->fields['tracking_id'] . "\t"; $output .= $method . "\n"; $str .= $output; $db->Execute("UPDATE " . TABLE_SHIPPING_LOG . " SET amazon_confirm='1' WHERE ref_id LIKE '{$purchase_invoice_id}%'"); } $result->MoveNext(); } gen_add_audit_log('Generated Amazon Confirmation File.', 'OrderCnt: ' . $result->RecordCount()); header("Content-type: plain/txt"); header("Content-disposition: attachment; filename=" . AMAZON_SHIP_CONFIRM_FILE_NAME . "; size=" . strlen($str)); header('Pragma: cache'); header('Cache-Control: public, must-revalidate, max-age=0'); header('Connection: close'); header('Expires: ' . date('r', time() + 60 * 60)); header('Last-Modified: ' . date('r', time())); print $str; die; case 'go_first': $_REQUEST['list'] = 1; break; case 'go_previous': $_REQUEST['list']--; break;
} else { $sql = "update " . TABLE_RECONCILIATION . " set\r\n\t\t\tstatement_balance = " . $statement_balance . ", \r\n\t\t\tcleared_items = '" . serialize($cleared_items) . "' \r\n\t\t\twhere period = " . $period . " and gl_account = '" . $gl_account . "'"; } // $result = $db->Execute($sql); // set closed flag to '1' for all records that were checked if (count($cleared_items)) { $sql = "update " . TABLE_JOURNAL_MAIN . " set closed = '1' where id in (" . implode(',', $cleared_items) . ")"; // $result = $db->Execute($sql); } // set closed flag to '0' for all records that were unchecked if (count($uncleared_items)) { $sql = "update " . TABLE_JOURNAL_MAIN . " set closed = '0' where id in (" . implode(',', $uncleared_items) . ")"; // $result = $db->Execute($sql); } $messageStack->add(GL_RECON_POST_SUCCESS, 'success'); gen_add_audit_log(GL_LOG_ACCT_RECON . $period, $gl_account); break; default: } /***************** prepare to display templates *************************/ // $bank_list = array(); $statement_balance = $currencies->format(0); // load the payments and deposits that are open $fiscal_dates = gen_calculate_fiscal_dates($period); $end_date = $fiscal_dates['end_date']; $sql = "select i.id, m.post_date, i.debit_amount, i.credit_amount, m.purchase_invoice_id, m.bill_primary_name \r\n\tfrom " . TABLE_JOURNAL_MAIN . " m inner join " . TABLE_JOURNAL_ITEM . " i on m.id = i.ref_id\r\n\twhere i.gl_account = '" . $gl_account . "' and i.reconciled = '0' and m.post_date <= '" . $fiscal_dates['end_date'] . "'"; $result = $db->Execute($sql); while (!$result->EOF) { $bank_list[$result->fields['id']] = array('post_date' => $result->fields['post_date'], 'reference' => $result->fields['purchase_invoice_id'], 'dep_amount' => $result->fields['debit_amount'], 'pmt_amount' => $result->fields['credit_amount'], 'payment' => $result->fields['debit_amount'] ? 0 : 1, 'name' => $result->fields['bill_primary_name'], 'cleared' => 0); $result->MoveNext();
if (!$id) { $_REQUEST['action'] = ''; $error = true; break; } // error check $result = $db->Execute("select wo_title, last_usage from " . TABLE_WO_MAIN . " where id = " . $id); if ($result->fields['last_usage'] != '0000-00-00') { $error = true; $messageStack->add(WO_ERROR_CANNOT_DELETE_BUILDER, 'error'); } // finish if (!$error) { $db->Execute("delete from " . TABLE_WO_MAIN . " where id = " . $id); $db->Execute("delete from " . TABLE_WO_STEPS . " where ref_id = " . $id); gen_add_audit_log(sprintf(WO_AUDIT_LOG_BUILDER, TEXT_DELETE) . $result->fields['wo_title']); $messageStack->add(WO_MESSAGE_SUCCESS_MAIN_DELETE, 'success'); } $_REQUEST['action'] = ''; break; case 'go_first': $_REQUEST['list'] = 1; break; case 'go_previous': $_REQUEST['list'] = max($_REQUEST['list'] - 1, 1); break; case 'go_next': $_REQUEST['list']++; break; case 'go_last': $_REQUEST['list'] = 99999;
break; case 'delete': if ($security_level < 4) { $messageStack->add_session(ERROR_NO_PERMISSION, 'error'); gen_redirect(html_href_link(FILENAME_DEFAULT, gen_get_all_get_params(array('action')), 'SSL')); break; } $id = db_prepare_input($_GET['cID']); $result = $db->Execute("select rma_num from " . TABLE_RMA . " where id = " . $id); if ($result->RecordCount() > 0) { $db->Execute("delete from " . TABLE_RMA . " where id = " . $id); foreach (glob(RMA_DIR_ATTACHMENTS . 'ram_' . $id . '_*.zip') as $filename) { unlink($filename); } // remove attachments gen_add_audit_log(RMA_MESSAGE_DELETE, $result->fields['rma_num']); gen_redirect(html_href_link(FILENAME_DEFAULT, gen_get_all_get_params(array('cID', 'action')), 'SSL')); } else { $messageStack->add(RMA_ERROR_CANNOT_DELETE, 'error'); } break; case 'download': $cID = db_prepare_input($_POST['id']); $imgID = db_prepare_input($_POST['rowSeq']); $filename = 'rma_' . $cID . '_' . $imgID . '.zip'; if (file_exists(RMA_DIR_ATTACHMENTS . $filename)) { require_once DIR_FS_MODULES . 'phreedom/classes/backup.php'; $backup = new backup(); $backup->download(RMA_DIR_ATTACHMENTS, $filename, true); } die;
} $result = $db->Execute("select * from " . TABLE_USERS . " where admin_id = " . (int) $admin_id); $result->fields['prefs'] = unserialize($result->fields['admin_prefs']); $uInfo = new objectInfo($result->fields); break; case 'delete': if ($security_level < 4) { $messageStack->add_session(ERROR_NO_PERMISSION, 'error'); gen_redirect(html_href_link(FILENAME_DEFAULT, gen_get_all_get_params(array('action')), 'SSL')); break; } $admin_id = (int) db_prepare_input($_POST['rowSeq']); // fetch the name for the audit log $result = $db->Execute("select admin_name from " . TABLE_USERS . " where admin_id = " . $admin_id); $db->Execute("delete from " . TABLE_USERS . " where admin_id = " . $admin_id); gen_add_audit_log(GEN_LOG_USER_DELETE . $result->fields['admin_id']); gen_redirect(html_href_link(FILENAME_DEFAULT, gen_get_all_get_params(array('action')), 'SSL')); break; case 'go_first': $_GET['page'] = 1; break; case 'go_previous': $_GET['page']--; break; case 'go_next': $_GET['page']++; break; case 'go_last': $_GET['page'] = 99999; break; case 'search':
} } if (!$error) { $messageStack->add($id ? WO_MESSAGE_SUCCESS_UPDATE : WO_MESSAGE_SUCCESS_ADD, 'success'); gen_redirect(html_href_link(FILENAME_DEFAULT, gen_get_all_get_params(array('action')), 'SSL')); } else { $messageStack->add(WO_MESSAGE_ERROR, 'error'); } break; case 'delete': $id = db_prepare_input($_GET['cID']); // check to see if the task is used in any defined work orders. If so don't let it be deleted. $result = $db->Execute("select ref_id from " . TABLE_WO_JOURNAL_ITEM . " where task_id = " . $id); if ($result->RecordCount() == 0) { $db->Execute("delete from " . TABLE_WO_TASK . " where id = " . $id); gen_add_audit_log(sprintf(WO_AUDIT_LOG_TASK, TEXT_DELETE), $id); gen_redirect(html_href_link(FILENAME_DEFAULT, gen_get_all_get_params(array('action')), 'SSL')); } else { $messageStack->add(sprintf(WO_ERROR_CANNOT_DELETE . $result->fields['ref_id']), 'error'); } break; case 'go_first': $_REQUEST['list'] = 1; break; case 'go_previous': $_REQUEST['list'] = max($_REQUEST['list'] - 1, 1); break; case 'go_next': $_REQUEST['list']++; break; case 'go_last':
break; } /* $id = db_prepare_input($_POST['id_' . $j]); $lead_time = db_prepare_input($_POST['lead_' . $j]); $item_cost = $currencies->clean_value($_POST['cost_' . $j]); $full_price = $currencies->clean_value($_POST['sell_' . $j]); $db->Execute("update " . TABLE_INVENTORY . " set lead_time = '" . $currencies->clean_value($lead_time) . "', item_cost = '" . $currencies->clean_value($item_cost) . "', full_price = '" . $currencies->clean_value($full_price) . "' where id = " . $id); */ $j++; } gen_add_audit_log(INVENTORY_REVALUATION); break; case 'go_first': $_GET['page'] = 1; break; case 'go_previous': $_GET['page']--; break; case 'go_next': $_GET['page']++; break; case 'go_last': $_GET['page'] = 99999; break; case 'search': case 'search_reset':
if (!$_POST['admin_email']) { $error_check = true; $email_message = ERROR_WRONG_EMAIL_NULL; } $_SESSION['company'] = $_SESSION['companies'][$_POST['company']]; $admin_email = db_prepare_input($_POST['admin_email']); $sql = "select admin_id, admin_name, admin_email, admin_pass \r\n \tfrom " . TABLE_USERS . " where admin_email = '" . db_input($admin_email) . "'"; $result = $db->Execute($sql); if (!($admin_email == $result->fields['admin_email'])) { $error_check = true; $email_message = ERROR_WRONG_EMAIL; } if (!$error_check) { $new_password = pw_create_random_value(ENTRY_PASSWORD_MIN_LENGTH); $admin_pass = pw_encrypt_password($new_password); $sql = "update " . TABLE_USERS . " set admin_pass = '******' \r\n\t\twhere admin_email = '" . $result->fields['admin_email'] . "'"; $db->Execute($sql); $html_msg['EMAIL_CUSTOMERS_NAME'] = $result->fields['admin_name']; $html_msg['EMAIL_MESSAGE_HTML'] = sprintf(TEXT_EMAIL_MESSAGE, $new_password); validate_send_mail($result->fields['admin_name'], $result->fields['admin_email'], TEXT_EMAIL_SUBJECT, sprintf(TEXT_EMAIL_MESSAGE, $new_password), COMPANY_NAME, EMAIL_FROM, $html_msg); $email_message = SUCCESS_PASSWORD_SENT; gen_add_audit_log(GEN_LOG_RESEND_PW . $admin_email); } } /***************** prepare to display templates *************************/ $include_header = false; $include_footer = false; $include_tabs = false; $include_calendar = false; $include_template = 'template_main.php'; define('PAGE_TITLE', TITLE);
function buildJournalEntry() { global $messageStack, $currencies; // set some preliminary information switch (strtoupper($this->order['function'])) { case 'SALESINVOICEENTRY': define('JOURNAL_ID', 12); define('GL_TYPE', 'sos'); break; case 'SALESORDERENTRY': default: define('JOURNAL_ID', 10); define('GL_TYPE', 'soo'); } if ($this->order['receivables_gl_acct'] != '') { // see if requestor specifies a AR account else use default define('DEF_GL_ACCT', $this->order['receivables_gl_acct']); } else { define('DEF_GL_ACCT', AR_DEFAULT_GL_ACCT); } $account_type = 'c'; $psOrd = new orders(); // make the received string look like a form submission then post as usual $psOrd->account_type = $account_type; $psOrd->id = ''; // should be null unless opening an existing purchase/receive $psOrd->journal_id = JOURNAL_ID; $psOrd->post_date = $this->order['post_date']; // date format should already be YYYY-MM-DD $psOrd->terminal_date = $this->order['post_date']; // make same as order date for now $psOrd->period = gen_calculate_period($psOrd->post_date); $psOrd->store_id = $this->get_account_id($this->order['store_id'], 'b'); $psOrd->admin_id = $this->get_user_id($this->username); $psOrd->description = SOAP_XML_SUBMITTED_SO; $psOrd->gl_acct_id = DEF_GL_ACCT; $psOrd->freight = $currencies->clean_value(db_prepare_input($this->order['freight_total']), DEFAULT_CURRENCY); $psOrd->discount = $currencies->clean_value(db_prepare_input($this->order['discount_total']), DEFAULT_CURRENCY); $psOrd->sales_tax = db_prepare_input($this->order['tax_total']); $psOrd->total_amount = db_prepare_input($this->order['order_total']); // The order ID should be set by the submitter $psOrd->purchase_invoice_id = db_prepare_input($this->order['order_id']); $psOrd->purch_order_id = db_prepare_input($this->order['purch_order_id']); $psOrd->shipper_code = db_prepare_input($this->order['freight_carrier']); // BOF - Added by PhreeSoft for Portable Power Systems to map the shipping codes to PhreeBooks Codes $psOrd->shipper_code = substr($psOrd->shipper_code, 0, 16); switch ($psOrd->shipper_code) { default: case 'FedEx (Ground):': $psOrd->shipper_code = 'fedex_v7:GND'; break; case 'FedEx (Ground LT': $psOrd->shipper_code = 'fedex_v7:GndFrt'; break; case 'FedEx (Home Deli': $psOrd->shipper_code = 'fedex_v7:GDR'; break; case 'FedEx (Express S': $psOrd->shipper_code = 'fedex_v7:3Dpm'; break; case 'FedEx (Express 2': $psOrd->shipper_code = 'fedex_v7:2Dpm'; break; case 'FedEx (Standard ': $psOrd->shipper_code = 'fedex_v7:1Dpm'; break; case 'FedEx (Priority ': $psOrd->shipper_code = 'fedex_v7:1Dam'; break; case 'UPS (Ground):': case 'UPS (Ground Resi': $psOrd->shipper_code = 'ups:GND'; break; case 'UPS (3 Day Selec': $psOrd->shipper_code = 'ups:3Dpm'; break; case 'UPS (2 Day Air):': $psOrd->shipper_code = 'ups:2Dpm'; break; case 'UPS (Next Day PM': $psOrd->shipper_code = 'ups:1Dpm'; break; case 'UPS (Next Day):': $psOrd->shipper_code = 'ups:1Dam'; break; case 'FREE SHIPPING! (': $psOrd->shipper_code = 'usps:3Dpm'; break; case 'Flat (Best Way):': $psOrd->shipper_code = 'usps:2Dpm'; break; } // EOF - Added by PhreeSoft for PPS /* Values below are not used at this time $psOrd->sales_tax_auths $psOrd->terms $psOrd->drop_ship = 0; $psOrd->waiting = 0; $psOrd->closed = 0; $psOrd->subtotal */ $psOrd->bill_add_update = 1; // force an address book update // see if the customer record exists $psOrd->short_name = db_prepare_input($this->order['customer']['customer_id']); $psOrd->ship_short_name = $psOrd->short_name; $result = $this->checkForCustomerExists($psOrd); if (!$result) { return false; } $psOrd->ship_add_update = $result['ship_add_update']; $psOrd->bill_acct_id = $result['bill_acct_id']; $psOrd->bill_address_id = $result['bill_address_id']; $psOrd->ship_acct_id = $result['ship_acct_id']; $psOrd->ship_address_id = $result['ship_address_id']; // Phreebooks requires a primary name or the order is not valid, use company name if exists, else contact name if ($this->order['billing']['primary_name'] == '') { $psOrd->bill_primary_name = $this->order['billing']['contact']; $psOrd->bill_contact = ''; } else { $psOrd->bill_primary_name = $this->order['billing']['primary_name']; $psOrd->bill_contact = $this->order['billing']['contact']; } $psOrd->bill_address1 = $this->order['billing']['address1']; $psOrd->bill_address2 = $this->order['billing']['address2']; $psOrd->bill_city_town = $this->order['billing']['city_town']; $psOrd->bill_state_province = $this->order['billing']['state_province']; $psOrd->bill_postal_code = $this->order['billing']['postal_code']; $psOrd->bill_country_code = gen_get_country_iso_3_from_2($this->order['billing']['country_code']); $psOrd->bill_telephone1 = $this->order['customer']['telephone']; $psOrd->bill_email = $this->order['customer']['email']; if ($this->order['shipping']['primary_name'] == '') { $psOrd->ship_primary_name = $this->order['shipping']['contact']; $psOrd->ship_contact = ''; } else { $psOrd->ship_primary_name = $this->order['shipping']['primary_name']; $psOrd->ship_contact = $this->order['shipping']['contact']; } $psOrd->ship_address1 = $this->order['shipping']['address1']; $psOrd->ship_address2 = $this->order['shipping']['address2']; $psOrd->ship_city_town = $this->order['shipping']['city_town']; $psOrd->ship_state_province = $this->order['shipping']['state_province']; $psOrd->ship_postal_code = $this->order['shipping']['postal_code']; $psOrd->ship_country_code = gen_get_country_iso_3_from_2($this->order['shipping']['country_code']); $psOrd->ship_telephone1 = $this->order['customer']['telephone']; $psOrd->ship_email = $this->order['customer']['email']; // check for truncation of addresses if (strlen($psOrd->bill_primary_name) > 32 || strlen($psOrd->bill_address1) > 32 || strlen($psOrd->ship_primary_name) > 32 || strlen($psOrd->ship_address1) > 32) { $messageStack->add('Either the Primary Name or Address has been truncated to fit in the PhreeBooks database field sizes. Please check source information.', 'caution'); } // load the item rows switch (JOURNAL_ID) { case 12: $index = 'pstd'; break; case 10: default: $index = 'qty'; break; } for ($i = 0; $i < count($this->order['items']); $i++) { $psOrd->item_rows[] = array('gl_type' => GL_TYPE, $index => db_prepare_input($this->order['items'][$i]['quantity']), 'sku' => db_prepare_input($this->order['items'][$i]['sku']), 'desc' => db_prepare_input($this->order['items'][$i]['description']), 'price' => db_prepare_input($this->order['items'][$i]['unit_price']), 'acct' => db_prepare_input($this->order['items'][$i]['gl_acct']), 'tax' => db_prepare_input($this->order['items'][$i]['taxable']), 'total' => db_prepare_input($this->order['items'][$i]['total_price'])); } // error check input if (!$psOrd->short_name) { return $this->responseXML('18', SOAP_NO_CUSTOMER_ID, 'error'); } if (!$psOrd->post_date) { return $this->responseXML('20', SOAP_NO_POST_DATE, 'error'); } if (!$psOrd->period) { return $this->responseXML('21', SOAP_BAD_POST_DATE, 'error'); } if (!$psOrd->bill_primary_name) { return $this->responseXML('30', SOAP_NO_BILLING_PRIMARY_NAME, 'error'); } if (ADDRESS_BOOK_CONTACT_REQUIRED && !$psOrd->bill_contact) { return $this->responseXML('31', SOAP_NO_BILLING_CONTACT, 'error'); } if (ADDRESS_BOOK_ADDRESS1_REQUIRED && !$psOrd->bill_address1) { return $this->responseXML('32', SOAP_NO_BILLING_ADDRESS1, 'error'); } if (ADDRESS_BOOK_ADDRESS2_REQUIRED && !$psOrd->bill_address2) { return $this->responseXML('33', SOAP_NO_BILLING_ADDRESS2, 'error'); } if (ADDRESS_BOOK_CITY_TOWN_REQUIRED && !$psOrd->bill_city_town) { return $this->responseXML('34', SOAP_NO_BILLING_CITY_TOWN, 'error'); } if (ADDRESS_BOOK_STATE_PROVINCE_REQUIRED && !$psOrd->bill_state_province) { return $this->responseXML('35', SOAP_NO_BILLING_STATE_PROVINCE, 'error'); } if (ADDRESS_BOOK_POSTAL_CODE_REQUIRED && !$psOrd->bill_postal_code) { return $this->responseXML('36', SOAP_NO_BILLING_POSTAL_CODE, 'error'); } if (!$psOrd->bill_country_code) { return $this->responseXML('37', SOAP_NO_BILLING_COUNTRY_CODE, 'error'); } if (!$psOrd->ship_primary_name) { return $this->responseXML('40', SOAP_NO_SHIPPING_PRIMARY_NAME, 'error'); } if (ADDRESS_BOOK_CONTACT_REQUIRED && !$psOrd->ship_contact) { return $this->responseXML('41', SOAP_NO_SHIPPING_CONTACT, 'error'); } if (ADDRESS_BOOK_ADDRESS1_REQUIRED && !$psOrd->ship_address1) { return $this->responseXML('42', SOAP_NO_SHIPPING_ADDRESS1, 'error'); } if (ADDRESS_BOOK_ADDRESS2_REQUIRED && !$psOrd->ship_address2) { return $this->responseXML('43', SOAP_NO_SHIPPING_ADDRESS2, 'error'); } if (ADDRESS_BOOK_CITY_TOWN_REQUIRED && !$psOrd->ship_city_town) { return $this->responseXML('44', SOAP_NO_SHIPPING_CITY_TOWN, 'error'); } if (ADDRESS_BOOK_STATE_PROVINCE_REQUIRED && !$psOrd->ship_state_province) { return $this->responseXML('45', SOAP_NO_SHIPPING_STATE_PROVINCE, 'error'); } if (ADDRESS_BOOK_POSTAL_CODE_REQUIRED && !$psOrd->ship_postal_code) { return $this->responseXML('46', SOAP_NO_SHIPPING_POSTAL_CODE, 'error'); } if (!$psOrd->ship_country_code) { return $this->responseXML('47', SOAP_NO_SHIPPING_COUNTRY_CODE, 'error'); } // post the sales order //echo 'ready to post =><br />'; echo 'psOrd object = '; print_r($psOrd); echo '<br />'; $post_success = $psOrd->post_ordr($action); if (!$post_success) { // extract the error message from the messageStack and return with error $text = strip_tags($messageStack->output()); $text = preg_replace('/ /', '', $text); // the messes up the response XML return $this->responseXML('90', SOAP_SO_POST_ERROR . $text, 'error'); } // Begin - additional operations added by PhreeSoft for PPS global $db; if ($this->order['payment']['encval']) { $sql_array = array('module' => 'contacts', 'ref_1' => $psOrd->bill_acct_id, 'ref_2' => $psOrd->bill_address_id, 'hint' => $this->order['payment']['hint'], 'enc_value' => $this->order['payment']['encval']); $result = $db->Execute("select id from " . TABLE_DATA_SECURITY . " \r\n\t\t\t\twhere module = 'contacts' \r\n\t\t\t\tand ref_1 = '" . $psOrd->bill_acct_id . "' \r\n\t\t\t\tand ref_2 = '" . $psOrd->bill_address_id . "' \r\n\t\t\t\tand hint = '" . $this->order['payment']['hint'] . "'"); if ($result->RecordCount() > 0) { db_perform(TABLE_DATA_SECURITY, $sql_array, 'update', 'id = ' . $result->fields['id']); } else { db_perform(TABLE_DATA_SECURITY, $sql_array, 'insert'); } } // End - additional operations added by PhreeSoft for PPS gen_add_audit_log(constant('AUDIT_LOG_SOAP_' . JOURNAL_ID . '_ADDED'), $psOrd->purchase_invoice_id, $psOrd->total_amount); $this->responseXML('0', sprintf(constant('SOAP_' . JOURNAL_ID . '_SUCCESS'), $psOrd->purchase_invoice_id), 'success'); return true; }
} break; case 'bulkupload': $upXML = new bulk_upload(); $inc_image = isset($_POST['include_images']) ? true : false; if ($upXML->bulkUpload($inc_image)) { gen_add_audit_log(ZENCART_BULK_UPLOAD); write_configure('MODULE_ZENCART_LAST_UPDATE', date('Y-m-d H:i:s')); } break; case 'sync': $upXML = new zencart(); if ($upXML->submitXML(0, 'product_sync')) { gen_add_audit_log(ZENCART_PRODUCT_SYNC); } break; case 'confirm': $upXML = new zencart(); $upXML->post_date = $ship_date; if ($upXML->submitXML(0, 'confirm')) { gen_add_audit_log(ZENCART_SHIP_CONFIRM, $ship_date); } break; default: } /***************** prepare to display templates *************************/ $cal_zc = array('name' => 'shipDate', 'form' => 'zencart', 'fieldname' => 'ship_date', 'imagename' => 'btn_date_1', 'default' => gen_locale_date($ship_date), 'params' => array('align' => 'left')); $include_header = true; $include_footer = true; $include_template = 'template_main.php'; define('PAGE_TITLE', BOX_ZENCART_MODULE);
break; } // determine which journals were selected to re-post $valid_journals = array(2, 3, 4, 6, 7, 8, 9, 10, 12, 13, 14, 16, 18, 19, 20, 21, 22); $journals = array(); foreach ($valid_journals as $journal_id) { if (isset($_POST['jID_' . $journal_id])) { $journals[] = $journal_id; } } $repost_cnt = repost_journals($journals, $start_date, $end_date); if ($repost_cnt === false) { $messageStack->add(GEN_ADM_TOOLS_RE_POST_FAILED, 'caution'); } else { $messageStack->add(sprintf(GEN_ADM_TOOLS_RE_POST_SUCCESS, $repost_cnt), 'success'); gen_add_audit_log(GEN_ADM_TOOLS_AUDIT_LOG_RE_POST, implode(',', $journals)); } if (DEBUG) { $messageStack->write_debug(); } break; case 'coa_hist_test': case 'coa_hist_fix': if ($security_level < 4) { $messageStack->add_session(ERROR_NO_PERMISSION, 'error'); gen_redirect(html_href_link(FILENAME_DEFAULT, gen_get_all_get_params(array('action')), 'SSL')); break; } $success = validate_gl_balances($action); break; default:
$_REQUEST['action'] = 'main'; break; } $_REQUEST['action'] = 'edit'; break; case 'edit': case 'properties': $cInfo->getContact(); break; case 'delete': case 'crm_delete': validate_security($security_level, 4); $short_name = gen_get_contact_name($cInfo->id); $temp = $cInfo->delete(); if ($temp == true) { gen_add_audit_log(TEXT_CONTACTS . '-' . TEXT_DELETE . '-' . constant('ACT_' . strtoupper($type) . '_TYPE_NAME'), $short_name); } else { $error = $messageStack->add($temp, 'error'); } break; case 'download': $cID = db_prepare_input($_POST['id']); $imgID = db_prepare_input($_POST['rowSeq']); $filename = 'contacts_' . $cID . '_' . $imgID . '.zip'; if (file_exists(CONTACTS_DIR_ATTACHMENTS . $filename)) { require_once DIR_FS_MODULES . 'phreedom/classes/backup.php'; $backup = new backup(); $backup->download(CONTACTS_DIR_ATTACHMENTS, $filename, true); } die; case 'dn_attach':
function btn_delete() { global $db, $messageStack; if ($this->security_id < 4) { $messageStack->add_session(ERROR_NO_PERMISSION, 'error'); return false; } $currencies_id = db_prepare_input($_POST['rowSeq']); $currency = $db->Execute("select currencies_id\r\n\t\t\t\t\t\t\t from " . $this->db_table . "\r\n\t\t\t\t\t\t\t where code = '" . DEFAULT_CURRENCY . "'"); if ($currency->fields['currencies_id'] == $currencies_id) { $db->Execute("update " . TABLE_CONFIGURATION . "\r\n\t\t\t\t\tset configuration_value = ''\r\n\t\t\t\t\twhere configuration_key = 'DEFAULT_CURRENCY'"); } $result = $db->Execute("select title from " . $this->db_table . " where currencies_id = " . (int) $currencies_id); $db->Execute("delete from " . $this->db_table . " where currencies_id = " . (int) $currencies_id); gen_add_audit_log(SETUP_LOG_CURRENCY . TEXT_DELETE, $result->fields['title']); return true; }
$order->purch_order_id = db_prepare_input($_POST['purch_order_id']); // customer PO/Ref number $order->description = constant('GENERAL_JOURNAL_' . $order->journal_id . '_DESC'); $order->total_amount = $currencies->clean_value(db_prepare_input($_POST['total']), DEFAULT_CURRENCY); $order->gl_acct_id = JOURNAL_ID == 20 ? AP_DEFAULT_PURCHASE_ACCOUNT : AR_DEFAULT_GL_ACCT; $order->item_rows[0] = array('pstd' => '1', 'id' => '', 'desc' => db_prepare_input($_POST['desc_1']), 'total' => $currencies->clean_value(db_prepare_input($_POST['total_1'])), 'acct' => db_prepare_input($_POST['acct_1'])); $post_credit = $order->post_ordr($action); if (!$post_credit) { $order = new objectInfo($_POST); $order->post_date = gen_db_date_short($_POST['post_date']); // fix the date to original format $order->id = $_POST['id'] != '' ? $_POST['id'] : ''; // will be null unless opening an existing purchase/receive $messageStack->add(GL_ERROR_NO_POST, 'error'); } gen_add_audit_log(AUDIT_LOG_DESC, $order->purchase_invoice_id, $order->total_amount); if (DEBUG) { $messageStack->write_debug(); } if ($action == 'save') { gen_redirect(html_href_link(FILENAME_DEFAULT, gen_get_all_get_params(array('action')), 'SSL')); } // else print or print_update, fall through and load javascript to call form_popup and clear form } else { // else there was a post error, display and re-display form $order = new objectInfo($_POST); $order->post_date = gen_db_date_short($_POST['post_date']); // fix the date to original format $order->id = $_POST['id'] != '' ? $_POST['id'] : ''; // will be null unless opening an existing purchase/receive $messageStack->add(GL_ERROR_NO_POST, 'error');
$delOrd = new journal($id); $result = $db->Execute("SELECT id FROM " . TABLE_JOURNAL_MAIN . " WHERE so_po_ref_id = {$delOrd->id}"); $xfer_to_id = $result->fields['id']; // save the matching adjust ID if (!$xfer_to_id) { $error = $messageStack('cannot deltete there is no offsetting record to delete!', 'error'); } if (!$error) { // *************** START TRANSACTION ************************* $db->transStart(); if ($delOrd->unPost('delete')) { $delOrd = new journal($xfer_to_id); if ($delOrd->unPost('delete')) { $db->transCommit(); // if not successful rollback will already have been performed gen_add_audit_log(INV_LOG_ADJ . TEXT_DELETE, $delOrd->journal_rows[0]['sku'], $delOrd->journal_rows[0]['qty']); if (DEBUG) { $messageStack->write_debug(); } gen_redirect(html_href_link(FILENAME_DEFAULT, gen_get_all_get_params(array('action')), 'SSL')); break; } else { $db->transRollback(); } } else { $db->transRollback(); } } } $error = $messageStack->add(GL_ERROR_NO_DELETE, 'error'); $cInfo = new objectInfo($_POST);