function createForm($strFunc, $strList, $strForm)
{
require "form_switch.php";
if (!sesAccessLevel($levelsAllowed) && !sesAdminAccess()) {
?>
<div class="form_container ui-widget-content">
<?php
echo $GLOBALS['locNoAccess'] . "\n";
?>
</div>
<?php
return;
}
$blnNew = getPostRequest('newact', FALSE);
$blnCopy = getPostRequest('copyact', FALSE) ? TRUE : FALSE;
$blnDelete = getPostRequest('deleteact', FALSE) ? TRUE : FALSE;
$intKeyValue = getPostRequest('id', FALSE);
if (!$intKeyValue) {
$blnNew = TRUE;
}
if (!sesWriteAccess() && ($blnNew || $blnCopy || $blnDelete)) {
?>
<div class="form_container ui-widget-content">
<?php
echo $GLOBALS['locNoAccess'] . "\n";
?>
</div>
<?php
return;
}
$strMessage = '';
if (isset($_SESSION['formMessage']) && $_SESSION['formMessage']) {
$strMessage = $GLOBALS['loc' . $_SESSION['formMessage']];
unset($_SESSION['formMessage']);
}
$strErrorMessage = '';
if (isset($_SESSION['formErrorMessage']) && $_SESSION['formErrorMessage']) {
$strErrorMessage = $GLOBALS['loc' . $_SESSION['formErrorMessage']];
unset($_SESSION['formErrorMessage']);
}
// if NEW is clicked clear existing form data
if ($blnNew) {
unset($intKeyValue);
unset($astrValues);
unset($_POST);
unset($_REQUEST);
$readOnlyForm = false;
}
$astrValues = getPostValues($astrFormElements, isset($intKeyValue) ? $intKeyValue : FALSE);
$redirect = getRequest('redirect', null);
if (isset($redirect)) {
// Redirect after save
foreach ($astrFormElements as $elem) {
if ($elem['name'] == $redirect) {
if ($elem['style'] == 'redirect') {
$newLocation = str_replace('_ID_', $intKeyValue, $elem['listquery']);
} elseif ($elem['style'] == 'openwindow') {
$openWindow = str_replace('_ID_', $intKeyValue, $elem['listquery']);
}
}
}
}
if ($blnDelete && $intKeyValue && !$readOnlyForm) {
deleteRecord($strTable, $intKeyValue);
unset($intKeyValue);
unset($astrValues);
$blnNew = TRUE;
if (getSetting('auto_close_after_delete')) {
$qs = preg_replace('/&form=\\w*/', '', $_SERVER['QUERY_STRING']);
$qs = preg_replace('/&id=\\w*/', '', $qs);
header("Location: " . _PROTOCOL_ . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/index.php?{$qs}");
return;
}
?>
<div class="form_container ui-widget-content">
<?php
echo $GLOBALS['locRecordDeleted'] . "\n";
?>
</div>
<?php
return;
}
if (isset($intKeyValue) && $intKeyValue) {
$res = fetchRecord($strTable, $intKeyValue, $astrFormElements, $astrValues);
if ($res === 'deleted') {
$strMessage .= $GLOBALS['locDeletedRecord'] . '<br>';
} elseif ($res === 'notfound') {
echo $GLOBALS['locEntryDeleted'];
die;
}
}
if ($blnCopy) {
unset($intKeyValue);
unset($_POST);
$blnNew = TRUE;
$readOnlyForm = false;
}
?>
<div id="popup_dlg" style="display: none; width: 900px; overflow: hidden">
<iframe id="popup_dlg_iframe" src="about:blank" style="width: 100%; height: 100%; overflow: hidden; border: 0"></iframe>
</div>
<?php
if (isset($popupHTML)) {
echo $popupHTML;
}
?>
<div class="form_container">
<?php
createFormButtons($blnNew, $copyLinkOverride, true, $readOnlyForm);
?>
<div class="form">
<form method="post" name="admin_form" id="admin_form">
<input type="hidden" name="copyact" value="0">
<input type="hidden" name="newact" value="<?php
echo $blnNew ? 1 : 0;
?>
">
<input type="hidden" name="deleteact" value="0">
<input type="hidden" name="redirect" id="redirect" value="">
<input type="hidden" id="record_id" name="id" value="<?php
echo isset($intKeyValue) && $intKeyValue ? $intKeyValue : '';
?>
">
<table>
<?php
$haveChildForm = false;
$prevPosition = false;
$prevColSpan = 1;
$rowOpen = false;
$formFieldMode = sesWriteAccess() && !$readOnlyForm ? 'MODIFY' : 'READONLY';
foreach ($astrFormElements as $elem) {
if ($elem['type'] === false) {
continue;
}
$fieldMode = isset($elem['read_only']) && $elem['read_only'] ? 'READONLY' : $formFieldMode;
if ($elem['type'] == "LABEL") {
if ($rowOpen) {
echo " </tr>\n";
}
$rowOpen = false;
?>
<tr>
<td class="sublabel ui-widget-header ui-state-default" colspan="4">
<?php
echo $elem['label'];
?>
</td>
</tr>
<?php
continue;
}
if ($elem['position'] == 0 || $elem['position'] <= $prevPosition) {
$prevPosition = 0;
$prevColSpan = 1;
echo " </tr>\n";
$rowOpen = false;
}
if ($elem['type'] != "IFORM") {
if (!$rowOpen) {
$rowOpen = true;
echo " <tr>\n";
}
if ($prevPosition !== FALSE && $elem['position'] > 0) {
for ($i = $prevPosition + $prevColSpan; $i < $elem['position']; $i++) {
echo " <td class=\"label\"> </td>\n";
}
}
if ($elem['position'] == 0 && !strstr($elem['type'], "HID_")) {
$strColspan = "colspan=\"3\"";
$intColspan = 3;
} elseif ($elem['position'] == 1 && !strstr($elem['type'], "HID_")) {
$strColspan = '';
$intColspan = 2;
} else {
$intColspan = 2;
}
}
if ($blnNew && ($elem['type'] == 'BUTTON' || $elem['type'] == 'JSBUTTON' || $elem['type'] == 'IMAGE')) {
echo " <td class=\"label\"> </td>";
} elseif ($elem['type'] == "BUTTON" || $elem['type'] == "JSBUTTON") {
$intColspan = 1;
?>
<td class="button">
<?php
echo htmlFormElement($elem['name'], $elem['type'], $astrValues[$elem['name']], $elem['style'], $elem['listquery'], $fieldMode, $elem['parent_key'], $elem['label'], array(), isset($elem['elem_attributes']) ? $elem['elem_attributes'] : '', isset($elem['options']) ? $elem['options'] : null);
?>
</td>
<?php
} elseif ($elem['type'] == "FILLER") {
$intColspan = 1;
?>
<td>
</td>
<?php
} elseif ($elem['type'] == "HID_INT" || strstr($elem['type'], "HID_")) {
?>
<?php
echo htmlFormElement($elem['name'], $elem['type'], $astrValues[$elem['name']], $elem['style'], $elem['listquery'], $fieldMode, $elem['parent_key'], $elem['label']);
} elseif ($elem['type'] == "IMAGE") {
?>
<td class="image" colspan="<?php
echo $intColspan;
?>
">
<?php
echo htmlFormElement($elem['name'], $elem['type'], $astrValues[$elem['name']], $elem['style'], $elem['listquery'], $fieldMode, $elem['parent_key'], $elem['label'], array(), isset($elem['elem_attributes']) ? $elem['elem_attributes'] : '', isset($elem['options']) ? $elem['options'] : null);
?>
</td>
<?php
} elseif ($elem['type'] == "IFORM") {
if ($rowOpen) {
echo " </tr>\n";
}
echo " </table>\n </form>\n";
$haveChildForm = true;
createIForm($astrFormElements, $elem, isset($intKeyValue) ? $intKeyValue : 0, $blnNew, $strForm);
break;
} else {
$value = $astrValues[$elem['name']];
if ($elem['style'] == 'measurement') {
$value = $value ? miscRound2Decim($value, 2) : '';
}
if ($elem['type'] == 'AREA') {
?>
<td class="toplabel"><?php
echo $elem['label'];
?>
</td>
<?php
} else {
?>
<td id="<?php
echo htmlentities($elem['name']) . '_label';
?>
" class="label"<?php
if (isset($elem['title'])) {
echo ' title="' . $elem['title'] . '"';
}
?>
><?php
echo $elem['label'];
?>
</td>
<?php
}
?>
<td class="field"<?php
echo $strColspan ? " {$strColspan}" : '';
?>
>
<?php
echo htmlFormElement($elem['name'], $elem['type'], $value, $elem['style'], $elem['listquery'], $fieldMode, isset($elem['parent_key']) ? $elem['parent_key'] : '', '', array(), isset($elem['elem_attributes']) ? $elem['elem_attributes'] : '', isset($elem['options']) ? $elem['options'] : null);
if (isset($elem['attached_elem'])) {
echo ' ' . $elem['attached_elem'] . "\n";
}
?>
</td>
<?php
}
$prevPosition = is_int($elem['position']) ? $elem['position'] : 0;
if ($prevPosition == 0) {
$prevPosition = 255;
}
$prevColSpan = $intColspan;
}
if (!$haveChildForm) {
if ($rowOpen) {
echo " </tr>\n";
}
echo " </table>\n </form>\n";
}
if ($strForm == 'product') {
// Special case for product: show stock balance change log
?>
<div class="iform ui-corner-tl ui-corner-bl ui-corner-br ui-corner-tr ui-helper-clearfix" id="stock_balance_log">
<div class="ui-corner-tl ui-corner-tr fg-toolbar ui-toolbar ui-widget-header"><?php
echo $GLOBALS['locStockBalanceUpdates'];
?>
</div>
<table id="stock_balance_change_log">
<tr>
<th class="medium"><?php
echo $GLOBALS['locHeaderChangeLogDateTime'];
?>
</th>
<th class="medium"><?php
echo $GLOBALS['locHeaderChangeLogUser'];
?>
</th>
<th class="small"><?php
echo $GLOBALS['locHeaderChangeLogAmount'];
?>
</th>
<th class="long"><?php
echo $GLOBALS['locHeaderChangeLogDescription'];
?>
</th>
</tr>
</table>
</div>
</div>
<?php
}
?>
</div>
<script type="text/javascript">
/* <![CDATA[ */
var globals = {};
$(window).bind('beforeunload', function(e) {
if ($('.save_button').hasClass('ui-state-highlight') || $('.add_row_button').hasClass('ui-state-highlight'))
{
e.returnValue = "<?php
echo $GLOBALS['locUnsavedData'];
?>
";
return "<?php
echo $GLOBALS['locUnsavedData'];
?>
";
}
});
function showmsg(msg, timeout)
{
$.floatingMessage("<span>" + msg + "</span>", {
position: "top-right",
className: "ui-widget ui-state-highlight",
show: "show",
hide: "fade",
stuffEaseTime: 200,
moveEaseTime: 0,
time: typeof(timeout) != 'undefined' ? timeout : 5000
});
}
function errormsg(msg, timeout)
{
$.floatingMessage("<span>" + msg + "</span>", {
position: "top-right",
className: "ui-widget ui-state-error",
show: "show",
hide: "fade",
stuffEaseTime: 200,
moveEaseTime: 0,
time: typeof(timeout) != 'undefined' ? timeout : 5000
});
}
$(document).ready(function() {
<?php
if ($strMessage) {
?>
showmsg("<?php
echo $strMessage;
?>
");
<?php
}
if ($strErrorMessage) {
?>
errormsg("<?php
echo $strErrorMessage;
?>
");
<?php
}
if ($strForm == 'product') {
?>
update_stock_balance_log();
<?php
}
if (sesWriteAccess()) {
?>
$('input[class~="hasCalendar"]').datepicker();
<?php
}
?>
$('#message').ajaxStart(function() {
$('#spinner').css('visibility', 'visible');
});
$('#message').ajaxStop(function() {
$('#spinner').css('visibility', 'hidden');
});
$('#errormsg').ajaxError(function(event, request, settings) {
errormsg('Server request failed: ' + request.status + ' - ' + request.statusText);
$('#spinner').css('visibility', 'hidden');
});
$('#admin_form').find('input[type="text"],input[type="hidden"],input[type="checkbox"],select,textarea').change(function() { $('.save_button').addClass('ui-state-highlight'); });
<?php
if ($haveChildForm && !$blnNew) {
?>
init_rows();
$('#iform').find('input[type="text"],input[type="hidden"],input[type="checkbox"],select,textarea').change(function() { $('.add_row_button').addClass('ui-state-highlight'); });
<?php
} elseif (isset($newLocation)) {
echo "window.location='{$newLocation}';";
}
if (isset($openWindow)) {
echo "window.open('{$openWindow}');";
}
?>
});
<?php
if ($haveChildForm && !$blnNew) {
?>
function init_rows_done()
{
<?php
if (isset($newLocation)) {
echo "window.location='{$newLocation}';";
}
?>
}
<?php
}
?>
function save_record(redirect_url, redir_style)
{
var form = document.getElementById('admin_form');
var obj = new Object();
<?php
foreach ($astrFormElements as $elem) {
if ($elem['name'] && !in_array($elem['type'], array('HID_INT', 'SECHID_INT', 'BUTTON', 'JSBUTTON', 'LABEL', 'IMAGE', 'NEWLINE', 'ROWSUM', 'CHECK', 'IFORM'))) {
?>
obj.<?php
echo $elem['name'];
?>
= form.<?php
echo $elem['name'];
?>
.value;
<?php
} elseif ($elem['type'] == 'CHECK') {
?>
obj.<?php
echo $elem['name'];
?>
= form.<?php
echo $elem['name'];
?>
.checked ? 1 : 0;
<?php
}
}
?>
obj.id = form.id.value;
$.ajax({
'url': "json.php?func=put_<?php
echo $strJSONType;
?>
",
'type': 'POST',
'dataType': 'json',
'data': $.toJSON(obj),
'contentType': 'application/json; charset=utf-8',
'success': function(data) {
if (data.warnings)
alert(data.warnings);
if (data.missing_fields)
{
errormsg('<?php
echo $GLOBALS['locErrValueMissing'];
?>
: ' + data.missing_fields);
}
else
{
$('.save_button').removeClass('ui-state-highlight');
showmsg('<?php
echo $GLOBALS['locRecordSaved'];
?>
', 2000);
if (redirect_url)
{
if (redir_style == 'openwindow')
window.open(redirect_url);
else
window.location = redirect_url;
}
if (!obj.id)
{
obj.id = data.id;
form.id.value = obj.id;
if (!redirect_url || redir_style == 'openwindow')
{
var newloc = new String(window.location).split('#', 1)[0];
window.location = newloc + '&id=' + obj.id;
}
}
}
},
'error': function(XMLHTTPReq, textStatus, errorThrown) {
if (XMLHTTPReq.status == 409) {
errormsg(jQuery.parseJSON(XMLHTTPReq.responseText).warnings);
}
else if (textStatus == 'timeout')
errormsg('Timeout trying to save data');
else
errormsg('Error trying to save data: ' + XMLHTTPReq.status + ' - ' + XMLHTTPReq.statusText);
return false;
}
});
}
function popup_dialog(url, on_close, dialog_title, event, width, height)
{
$("#popup_dlg").dialog({ modal: true, width: width, height: height, resizable: true,
position: [50, 50],
buttons: {
"<?php
echo $GLOBALS['locClose'];
?>
": function() { $("#popup_dlg").dialog('close'); }
},
title: dialog_title,
close: function(event, ui) { eval(on_close); }
}).find("#popup_dlg_iframe").attr("src", url);
return true;
}
/* ]]> */
</script>
<?php
createFormButtons($blnNew, $copyLinkOverride, false, $readOnlyForm);
echo " </div>\n";
if ($addressAutocomplete && getSetting('address_autocomplete')) {
?>
<script type="text/javascript">
$(document).ready(function() {
var s = document.createElement("script");
s.type = "text/javascript";
s.src = "https://maps.googleapis.com/maps/api/js?sensor=false&libraries=places&callback=gmapsready";
window.gmapsready = function(){
initAddressAutocomplete("");
initAddressAutocomplete("quick_");
};
$("head").append(s);
});
</script>
<?php
}
}
function createJSONSelectList($strList, $startRow, $rowCount, $filter, $sort, $id = null)
{
global $dblink;
require "list_switch.php";
if (!sesAccessLevel($levelsAllowed) && !sesAdminAccess()) {
?>
<div class="form_container ui-widget-content">
<?php
echo $GLOBALS['locNoAccess'] . "\n";
?>
</div>
<?php
return;
}
if ($sort) {
if (!preg_match('/^[\\w_,]+$/', $sort)) {
header('HTTP/1.1 400 Bad Request');
die('Invalid sort type');
}
$sortValid = 0;
$sortFields = explode(',', $sort);
foreach ($sortFields as $sortField) {
foreach ($astrShowFields as $field) {
if ($sortField === $field['name']) {
++$sortValid;
break;
}
}
}
if ($sortValid != count($sortFields)) {
header('HTTP/1.1 400 Bad Request');
die('Invalid sort type');
}
} else {
foreach ($astrShowFields as $field) {
if ($field['name'] == 'order_no') {
$sort = 'order_no';
}
}
}
$arrQueryParams = array();
$strWhereClause = '';
if (!getSetting('show_deleted_records') && empty($id)) {
$strWhereClause = " WHERE {$strDeletedField}=0";
}
if ($strGroupBy) {
$strGroupBy = " GROUP BY {$strGroupBy}";
}
// Add Filter
if ($filter) {
$strWhereClause .= ($strWhereClause ? ' AND ' : ' WHERE ') . createWhereClause($astrSearchFields, $filter, $arrQueryParams, !getSetting('dynamic_select_search_in_middle'));
}
// Filter out inactive companies
if ($strList == 'company' || $strList == 'companies') {
$strWhereClause .= ($strWhereClause ? ' AND ' : ' WHERE ') . 'inactive=0';
}
if ($id) {
$strWhereClause .= ($strWhereClause ? ' AND ' : ' WHERE ') . 'id=' . mysqli_real_escape_string($dblink, $id);
}
// Build the final select clause
$strSelectClause = "{$strPrimaryKey}, {$strDeletedField}";
foreach ($astrShowFields as $field) {
$strSelectClause .= ', ' . (isset($field['sql']) ? $field['sql'] : $field['name']);
}
$fullQuery = "SELECT {$strSelectClause} FROM {$strTable} {$strWhereClause}{$strGroupBy}";
if ($sort) {
$fullQuery .= " ORDER BY {$sort}";
}
if ($startRow >= 0 && $rowCount >= 0) {
$fullQuery .= " LIMIT {$startRow}, " . ($rowCount + 1);
}
$res = mysqli_param_query($fullQuery, $arrQueryParams);
$astrListValues = array();
$i = -1;
$moreAvailable = false;
while ($row = mysqli_fetch_prefixed_assoc($res)) {
++$i;
if ($startRow >= 0 && $rowCount >= 0 && $i >= $rowCount) {
$moreAvailable = true;
break;
}
$astrPrimaryKeys[$i] = $row[$strPrimaryKey];
$aboolDeleted[$i] = $row[$strDeletedField];
foreach ($astrShowFields as $field) {
$name = $field['name'];
if ($field['type'] == 'TEXT' || $field['type'] == 'INT') {
$value = $row[$name];
if (isset($field['mappings']) && isset($field['mappings'][$value])) {
$value = $field['mappings'][$value];
}
$astrListValues[$i][$name] = $value;
} elseif ($field['type'] == 'CURRENCY') {
$value = $row[$name];
$value = miscRound2Decim($value, isset($field['decimals']) ? $field['decimals'] : 2);
$astrListValues[$i][$name] = $value;
} elseif ($field['type'] == 'INTDATE') {
$astrListValues[$i][$name] = dateConvDBDate2Date($row[$name]);
}
}
}
$records = array();
for ($i = 0; $i < count($astrListValues); $i++) {
$row = $astrListValues[$i];
$resultValues = array();
foreach ($astrShowFields as $field) {
if (!isset($field['select']) || !$field['select']) {
continue;
}
$name = $field['name'];
if (isset($field['translate']) && $field['translate'] && isset($GLOBALS["loc{$row[$name]}"])) {
$value = $GLOBALS["loc{$row[$name]}"];
} else {
$value = htmlspecialchars($row[$name]);
}
$resultValues[$name] = $value;
}
$records[] = array('id' => $astrPrimaryKeys[$i], 'text' => implode(' ', $resultValues));
}
$results = array('moreAvailable' => $moreAvailable, 'records' => $records, 'filter' => $filter);
return json_encode($results);
}
echo '{"columns":[';
$res = mysqli_query_check("select * from {prefix}{$table} where 1=2");
$field_count = mysqli_num_fields($res);
for ($i = 0; $i < $field_count; $i++) {
$field_def = mysqli_fetch_field($res);
if ($i == 0) {
echo "\n";
} else {
echo ",\n";
}
echo json_encode(['name' => $field_def->name]);
}
echo "\n]}";
break;
case 'get_import_preview':
if (!sesAdminAccess()) {
header('HTTP/1.1 403 Forbidden');
exit;
}
$table = getRequest('table', '');
if ($table == 'account_statement') {
require 'import_statement.php';
$import = new ImportStatement();
} else {
require 'import.php';
$import = new ImportFile();
}
$import->create_import_preview();
break;
case 'get_list':
require 'list.php';
echo $GLOBALS['locPrereleaseVersion'];
?>
").appendTo("#version");
}
$.cookie("updateversion", $.toJSON(data), { expires: 1 });
}
</script>
<?php
}
}
if ($strFunc == 'system' && getRequest('operation', '') == 'export' && sesAdminAccess()) {
createFuncMenu($strFunc);
require_once 'export.php';
$export = new ExportData();
$export->launch();
} elseif ($strFunc == 'system' && getRequest('operation', '') == 'import' && sesAdminAccess()) {
createFuncMenu($strFunc);
require_once 'import.php';
$import = new ImportFile();
$import->launch();
} elseif ($strFunc == 'import_statement') {
createFuncMenu($strFunc);
require_once 'import_statement.php';
$import = new ImportStatement();
$import->launch();
} else {
switch ($strFunc) {
case 'reports':
createFuncMenu($strFunc);
switch ($strForm) {
case 'invoice':
function createFuncMenu($strFunc)
{
$strHiddenTerm = '';
$strNewButton = '';
$strFormName = '';
$strExtSearchTerm = "";
$blnShowSearch = FALSE;
switch ($strFunc) {
case "system":
$astrNaviLinks = array(array("href" => "list=user", "text" => $GLOBALS['locUsers'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "list=invoice_state", "text" => $GLOBALS['locInvoiceStates'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "list=row_type", "text" => $GLOBALS['locRowTypes'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "list=delivery_terms", "text" => $GLOBALS['locDeliveryTerms'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "list=delivery_method", "text" => $GLOBALS['locDeliveryMethods'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "list=print_template", "text" => $GLOBALS['locPrintTemplates'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "operation=dbdump", "text" => $GLOBALS['locBackupDatabase'], "levels_allowed" => array(ROLE_BACKUPMGR, ROLE_ADMIN)), array("href" => "operation=import", "text" => $GLOBALS['locImportData'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "operation=export", "text" => $GLOBALS['locExportData'], "levels_allowed" => array(ROLE_ADMIN)));
$strNewText = '';
$strList = getRequest('list', '');
switch ($strList) {
case 'user':
$strNewText = $GLOBALS['locNewUser'];
break;
case 'session_type':
$strNewText = $GLOBALS['locNewSessionType'];
break;
case 'invoice_state':
case 'row_type':
case 'delivery_terms':
case 'delivery_method':
case 'print_template':
$strNewText = $GLOBALS['locAddNew'];
break;
}
if ($strNewText) {
$strNewButton = "<br/><br/><a class=\"buttonlink new_button\" href=\"?func=system&list={$strList}&form={$strList}\">{$strNewText}</a>";
}
break;
case "settings":
$astrNaviLinks = array(array("href" => "list=settings", "text" => $GLOBALS['locGeneralSettings'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR)), array("href" => "list=base", "text" => $GLOBALS['locBases'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR)), array("href" => "list=product", "text" => $GLOBALS['locProducts'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR)));
$strNewText = '';
$strList = getRequest('list', '');
switch ($strList) {
case 'base':
$strNewText = $GLOBALS['locNewBase'];
break;
case 'product':
$strNewText = $GLOBALS['locNewProduct'];
break;
}
if ($strNewText) {
$strNewButton = "<br/><br/><a class=\"buttonlink\" href=\"?func=settings&list={$strList}&form={$strList}\">{$strNewText}</a>";
}
break;
case "reports":
$astrNaviLinks = array(array("href" => "form=invoice", "text" => $GLOBALS['locInvoiceReport'], "levels_allowed" => array(ROLE_READONLY, ROLE_USER, ROLE_BACKUPMGR)), array("href" => "form=product", "text" => $GLOBALS['locProductReport'], "levels_allowed" => array(ROLE_READONLY, ROLE_USER, ROLE_BACKUPMGR)), array("href" => "form=product_stock", "text" => $GLOBALS['locProductStockReport'], "levels_allowed" => array(ROLE_READONLY, ROLE_USER, ROLE_BACKUPMGR)));
break;
case "companies":
$blnShowSearch = TRUE;
$strOpenForm = "company";
$strFormName = "company";
$strFormSwitch = "company";
$astrNaviLinks = array();
$strNewButton = '<a class="buttonlink" href="?func=companies&form=company">' . $GLOBALS['locNewClient'] . '</a>';
break;
default:
$blnShowSearch = TRUE;
$strFormName = "invoice";
$astrNaviLinks = array();
if ($strFunc == 'open_invoices') {
$astrNaviLinks[] = array("href" => "index.php?func=invoices", "text" => $GLOBALS['locDisplayAllInvoices'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR));
} else {
$astrNaviLinks[] = array("href" => "index.php?func=open_invoices", "text" => $GLOBALS['locDisplayOpenInvoices'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR));
}
if ($strFunc != 'archived_invoices') {
$strNewButton = '<a class="buttonlink" href="?func=invoices&form=invoice">' . $GLOBALS['locNewInvoice'] . '</a>';
$astrNaviLinks[] = array("href" => "index.php?func=import_statement", "text" => $GLOBALS['locImportAccountStatement'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR));
}
$strFunc = 'invoices';
break;
}
?>
<script type="text/javascript">
<!--
function openSearchWindow(mode, event) {
x = event.screenX;
y = event.screenY;
if( mode == 'ext' ) {
strLink = 'ext_search.php?func=<?php
echo $strFunc;
?>
&form=<?php
echo $strFormName;
?>
';
strLink = strLink + '<?php
echo $strExtSearchTerm;
?>
';
height = '400';
width = '600';
windowname = 'ext';
}
if( mode == 'quick' ) {
strLink = 'quick_search.php?func=<?php
echo $strFunc;
?>
';
height = '400';
width = '250';
windowname = 'quicksearch';
}
var win = window.open(strLink, windowname, 'height='+height+',width='+width+',screenX=' + x + ',screenY=' + y + ',left=' + x + ',top=' + y + ',menubar=no,scrollbars=yes,status=no,toolbar=no');
win.focus();
return true;
}
-->
</script>
<div class="function_navi">
<?php
foreach ($astrNaviLinks as $link) {
if (sesAccessLevel($link["levels_allowed"]) || sesAdminAccess()) {
if (strchr($link['href'], '?') === FALSE) {
$strHref = "?func={$strFunc}&" . $link['href'];
} else {
$strHref = $link['href'];
}
$class = '';
if (strpos($link['href'], '?')) {
list(, $urlParams) = explode('?', $link['href'], 2);
} else {
$urlParams = $link['href'];
}
parse_str($urlParams, $linkParts);
if ((!isset($linkParts['func']) || getRequest('func', '') == $linkParts['func']) && (!isset($linkParts['list']) || getRequest('list', '') == $linkParts['list']) && (!isset($linkParts['form']) || getRequest('form', '') == $linkParts['form']) && (!isset($linkParts['operation']) || getRequest('operation', '') == $linkParts['operation'])) {
$class = ' ui-state-highlight';
}
?>
<a class="buttonlink<?php
echo $class;
?>
" href="<?php
echo $strHref;
?>
"><?php
echo $link['text'];
?>
</a>
<?php
}
}
if ($blnShowSearch) {
?>
<a class="buttonlink" href="#" onClick="openSearchWindow('ext', event); return false;"><?php
echo $GLOBALS['locExtSearch'];
?>
</a>
<a class="buttonlink" href="#" onClick="openSearchWindow('quick', event); return false;"><?php
echo $GLOBALS['locQuickSearch'];
?>
</a>
<?php
}
if (sesWriteAccess()) {
echo " {$strNewButton}\n";
}
?>
</div>
<?php
}
function createSettingsList()
{
if (!sesAdminAccess()) {
?>
<div class="form_container ui-widget-content">
<?php
echo $GLOBALS['locNoAccess'] . "\n";
?>
</div>
<?php
return;
}
require 'settings_def.php';
$messages = '';
$blnSave = getPostRequest('saveact', FALSE) ? TRUE : FALSE;
if ($blnSave) {
foreach ($arrSettings as $name => $elem) {
$type = $elem['type'];
$label = $elem['label'];
if ($type == 'LABEL') {
continue;
}
$newValue = getPost($name, NULL);
if (!isset($newValue) || $newValue === '') {
if (!$elem['allow_null']) {
$messages .= $GLOBALS['locErrValueMissing'] . ": '{$label}'<br>\n";
continue;
} else {
$newValue = '';
}
}
if (in_array($type, array('CURRENCY', 'PERCENT'))) {
$newValue = str_replace($GLOBALS['locDecimalSeparator'], '.', $newValue);
}
if (in_array($type, array('CURRENCY', 'PERCENT', 'INT'))) {
$newValue = trim($newValue);
if (!is_numeric($newValue)) {
$messages .= $GLOBALS['locErrInvalidValue'] . " '{$label}'<br>\n";
continue;
}
}
if (isset($elem['session']) && $elem['session']) {
$_SESSION[$name] = $newValue;
}
mysqli_param_query('DELETE from {prefix}settings WHERE name=?', array($name));
mysqli_param_query('INSERT INTO {prefix}settings (name, value) VALUES (?, ?)', array($name, $newValue));
}
}
?>
<div class="form_container ui-widget-content">
<?php
if ($messages) {
?>
<div class="ui-widget ui-state-error"><?php
echo $messages;
?>
</div>
<?php
}
?>
<script type="text/javascript">
<!--
$(document).ready(function() {
$('input[class~="hasCalendar"]').datepicker();
$('iframe[class~="resizable"]').load(function() {
var iframe = $(this);
var body = iframe.contents().find("body");
var newHeight = body.outerHeight(true) + 10;
// Leave room for calendar popup
if (newHeight < 250)
newHeight = 250;
iframe.css("height", newHeight + 'px');
body.css("overflow", "hidden");
});
$('#admin_form').find('input[type="text"],input[type="checkbox"],select,textarea').change(function() { $('.save_button').addClass('unsaved'); });
});
-->
</script>
<?php
createSettingsListButtons();
?>
<div class="form">
<form method="post" name="admin_form" id="admin_form">
<?php
foreach ($arrSettings as $name => $elem) {
$elemType = $elem['type'];
if ($elemType == 'LABEL') {
?>
<div class="sublabel ui-widget-header ui-state-default"><?php
echo $elem['label'];
?>
</div>
<?php
continue;
}
$value = getPost($name, NULL);
if (!isset($value)) {
if (isset($elem['session']) && $elem['session']) {
$value = isset($_SESSION[$name]) ? $_SESSION[$name] : (isset($elem['default']) ? cond_utf8_decode($elem['default']) : '');
} else {
$res = mysqli_param_query('SELECT value from {prefix}settings WHERE name=?', array($name));
if ($row = mysqli_fetch_assoc($res)) {
$value = $row['value'];
} else {
$value = isset($elem['default']) ? cond_utf8_decode($elem['default']) : '';
}
}
if ($elemType == 'CURRENCY') {
$value = miscRound2Decim($value);
} elseif ($elemType == 'PERCENT') {
$value = miscRound2Decim($value, 1);
}
}
if ($elemType == 'CURRENCY' || $elemType == 'PERCENT') {
$elemType = 'INT';
}
if ($elemType == 'CHECK') {
?>
<div class="field" style="clear: both">
<?php
echo htmlFormElement($name, $elemType, $value, $elem['style'], '', "MODIFY", '', '', array(), isset($elem['elem_attributes']) ? $elem['elem_attributes'] : '', isset($elem['options']) ? $elem['options'] : null);
?>
<label for="<?php
echo $name;
?>
"><?php
echo $elem['label'];
?>
</label>
</div>
<?php
} else {
?>
<div class="label" style="clear: both"><label for="<?php
echo $name;
?>
"><?php
echo $elem['label'];
?>
</label></div>
<div class="field" style="clear: both">
<?php
echo htmlFormElement($name, $elemType, $value, $elem['style'], '', "MODIFY", '', '', array(), isset($elem['elem_attributes']) ? $elem['elem_attributes'] : '', isset($elem['options']) ? $elem['options'] : null);
?>
</div>
<?php
}
}
?>
<input type="hidden" name="saveact" value="0">
<?php
createSettingsListButtons();
?>
</form>
</div>
</div>
<?php
}
