public static function get_finances($search = array())
{
// we have to search for recent transactions. this involves combining the "finance" table with the "invoice_payment" table
// then sort the results by date
$hide_invoice_payments = false;
$sql = "SELECT f.* ";
$sql .= " , fa.name AS account_name ";
$sql .= " , GROUP_CONCAT(fc.`name` ORDER BY fc.`name` ASC SEPARATOR ', ') AS categories ";
$sql .= " FROM `" . _DB_PREFIX . "finance` f ";
$sql .= " LEFT JOIN `" . _DB_PREFIX . "finance_account` fa USING (finance_account_id) ";
$sql .= " LEFT JOIN `" . _DB_PREFIX . "finance_category_rel` fcr ON f.finance_id = fcr.finance_id ";
$sql .= " LEFT JOIN `" . _DB_PREFIX . "finance_category` fc ON fcr.finance_category_id = fc.finance_category_id ";
$where = " WHERE 1 ";
if (isset($search['finance_account_id']) && is_array($search['finance_account_id'])) {
$fo = array();
foreach ($search['finance_account_id'] as $val) {
if ((int) $val > 0) {
$fo[(int) $val] = true;
}
}
if (count($fo) > 0) {
$where .= " AND ( ";
foreach ($fo as $f => $ff) {
$where .= " f.finance_account_id = " . $f . ' OR';
}
$where = rtrim($where, 'OR');
$where .= ' )';
$hide_invoice_payments = true;
}
}
if (isset($search['finance_recurring_id']) && $search['finance_recurring_id']) {
$where .= " AND f.finance_recurring_id = '" . (int) $search['finance_recurring_id'] . "'";
$hide_invoice_payments = true;
}
if (isset($search['finance_category_id']) && is_array($search['finance_category_id'])) {
$fo = array();
foreach ($search['finance_category_id'] as $val) {
if ((int) $val > 0) {
$fo[(int) $val] = true;
}
}
if (count($fo) > 0) {
$where .= " AND EXISTS ( SELECT * FROM `" . _DB_PREFIX . "finance_category_rel` fcr2 WHERE fcr2.finance_id = f.finance_id AND ( ";
foreach ($fo as $f => $ff) {
$where .= " fcr2.finance_category_id = " . $f . ' OR';
}
$where = rtrim($where, 'OR');
$where .= ' )';
$where .= ' )';
$hide_invoice_payments = true;
}
}
if (isset($search['invoice_payment_id']) && $search['invoice_payment_id']) {
$where .= " AND f.invoice_payment_id = '" . (int) $search['invoice_payment_id'] . "'";
$hide_invoice_payments = true;
}
// below 6 searches are repeated again below in invoice payments
if (isset($search['job_id']) && (int) $search['job_id'] > 0) {
$where .= " AND f.`job_id` = " . (int) $search['job_id'];
}
if (isset($search['invoice_id']) && (int) $search['invoice_id'] > 0) {
$where .= " AND f.`invoice_id` = " . (int) $search['invoice_id'];
}
if (isset($search['customer_id']) && (int) $search['customer_id'] > 0) {
$where .= " AND f.`customer_id` = " . (int) $search['customer_id'];
}
if (isset($search['company_id']) && (int) $search['company_id'] > 0) {
// check this user can view this company id or not
if (class_exists('module_company', false) && module_company::can_i('view', 'Company') && module_company::is_enabled()) {
$companys = module_company::get_companys();
if (isset($companys[$search['company_id']])) {
$sql .= " LEFT JOIN `" . _DB_PREFIX . "company_customer` cc ON f.customer_id = cc.customer_id ";
$where .= " AND ( cc.`company_id` = " . (int) $search['company_id'] . " OR f.`company_id` = " . (int) $search['company_id'] . " )";
}
}
}
if (isset($search['generic']) && strlen(trim($search['generic']))) {
$name = mysql_real_escape_string(trim($search['generic']));
$where .= " AND (f.`name` LIKE '%{$name}%' OR f.description LIKE '%{$name}%' )";
}
if (isset($search['date_from']) && $search['date_from'] != '') {
$where .= " AND f.transaction_date >= '" . input_date($search['date_from']) . "'";
}
if (isset($search['date_to']) && $search['date_to'] != '') {
$where .= " AND f.transaction_date <= '" . input_date($search['date_to']) . "'";
}
if (isset($search['amount_from']) && $search['amount_from'] != '') {
$where .= " AND f.amount >= '" . mysql_real_escape_string($search['amount_from']) . "'";
}
if (isset($search['amount_to']) && $search['amount_to'] != '') {
$where .= " AND f.amount <= '" . mysql_real_escape_string($search['amount_to']) . "'";
}
if (isset($search['type']) && $search['type'] != '' && $search['type'] != 'ie') {
$where .= " AND f.type = '" . mysql_real_escape_string($search['type']) . "'";
}
// permissions from job module.
/*switch(module_job::get_job_access_permissions()){
case _JOB_ACCESS_ALL:
break;
case _JOB_ACCESS_ASSIGNED:
// only assigned jobs!
//$from .= " LEFT JOIN `"._DB_PREFIX."task` t ON u.job_id = t.job_id ";
//u.user_id = ".(int)module_security::get_loggedin_id()." OR
$where .= " AND (t.user_id = ".(int)module_security::get_loggedin_id().")";
break;
case _JOB_ACCESS_CUSTOMER:
break;
}*/
// permissions from customer module.
// tie in with customer permissions to only get jobs from customers we can access.
switch (module_customer::get_customer_data_access()) {
case _CUSTOMER_ACCESS_ALL:
// all customers! so this means all jobs!
break;
case _CUSTOMER_ACCESS_ALL_COMPANY:
case _CUSTOMER_ACCESS_CONTACTS:
case _CUSTOMER_ACCESS_TASKS:
case _CUSTOMER_ACCESS_STAFF:
$valid_customer_ids = module_security::get_customer_restrictions();
if (count($valid_customer_ids)) {
$where .= " AND f.customer_id IN ( ";
foreach ($valid_customer_ids as $valid_customer_id) {
$where .= (int) $valid_customer_id . ", ";
}
$where = rtrim($where, ', ');
$where .= " )";
}
}
$where .= " GROUP BY f.finance_id ";
$where .= " ORDER BY f.transaction_date DESC ";
$sql .= $where;
$finances_from_finance_db_table = qa($sql);
// invoice payments:
$finance_from_invoice_payments = array();
$finance_from_job_staff_expenses = array();
if (!$hide_invoice_payments && (!isset($search['invoice_id']) || !(int) $search['invoice_id'] > 0)) {
$sql = "SELECT j.*, f.finance_id AS existing_finance_id ";
$sql .= " FROM `" . _DB_PREFIX . "job` j ";
$sql .= " LEFT JOIN `" . _DB_PREFIX . "finance` f ON j.job_id = f.job_id AND f.job_staff_expense > 0 ";
$where = " WHERE 1 ";
//j.date_completed != '0000-00-00' ";
$where .= " AND j.`c_staff_total_amount` > 0 ";
if (isset($search['job_id']) && (int) $search['job_id'] > 0) {
$where .= " AND (j.`job_id` = " . (int) $search['job_id'] . " ) ";
}
if (isset($search['customer_id']) && (int) $search['customer_id'] > 0) {
$where .= " AND j.`customer_id` = " . (int) $search['customer_id'];
}
/*if(isset($search['generic']) && strlen(trim($search['generic']))){
$name = mysql_real_escape_string(trim($search['generic']));
$where .= " AND (i.`name` LIKE '%$name%' OR p.method LIKE '%$name%' )";
}*/
if (isset($search['company_id']) && (int) $search['company_id'] > 0) {
// check this user can view this company id or not
if (class_exists('module_company', false) && module_company::can_i('view', 'Company') && module_company::is_enabled()) {
$companys = module_company::get_companys();
if (isset($companys[$search['company_id']])) {
$sql .= " LEFT JOIN `" . _DB_PREFIX . "company_customer` cc ON j.customer_id = cc.customer_id ";
$where .= " AND cc.`company_id` = " . (int) $search['company_id'];
}
}
}
if (isset($search['date_from']) && $search['date_from'] != '') {
$where .= " AND j.date_completed >= '" . input_date($search['date_from']) . "'";
}
if (isset($search['date_to']) && $search['date_to'] != '') {
$where .= " AND j.date_completed <= '" . input_date($search['date_to']) . "'";
}
if (isset($search['amount_from']) && $search['amount_from'] != '') {
$where .= " AND j.c_staff_total_amount >= '" . mysql_real_escape_string($search['amount_from']) . "'";
}
if (isset($search['amount_to']) && $search['amount_to'] != '') {
$where .= " AND j.c_staff_total_amount <= '" . mysql_real_escape_string($search['amount_to']) . "'";
}
switch (module_job::get_job_access_permissions()) {
case _JOB_ACCESS_ALL:
break;
case _JOB_ACCESS_ASSIGNED:
// only assigned jobs!
$sql .= " LEFT JOIN `" . _DB_PREFIX . "task` t ON j.job_id = t.job_id ";
$where .= " AND (j.user_id = " . (int) module_security::get_loggedin_id() . " OR t.user_id = " . (int) module_security::get_loggedin_id() . ")";
break;
case _JOB_ACCESS_CUSTOMER:
// tie in with customer permissions to only get jobs from customers we can access.
$valid_customer_ids = module_security::get_customer_restrictions();
if (count($valid_customer_ids)) {
$where .= " AND j.customer_id IN ( ";
foreach ($valid_customer_ids as $valid_customer_id) {
$where .= (int) $valid_customer_id . ", ";
}
$where = rtrim($where, ', ');
$where .= " )";
}
break;
}
switch (module_customer::get_customer_data_access()) {
case _CUSTOMER_ACCESS_ALL:
// all customers! so this means all jobs!
break;
case _CUSTOMER_ACCESS_ALL_COMPANY:
case _CUSTOMER_ACCESS_CONTACTS:
case _CUSTOMER_ACCESS_TASKS:
case _CUSTOMER_ACCESS_STAFF:
$valid_customer_ids = module_security::get_customer_restrictions();
if (count($valid_customer_ids)) {
$where .= " AND j.customer_id IN ( ";
foreach ($valid_customer_ids as $valid_customer_id) {
$where .= (int) $valid_customer_id . ", ";
}
$where = rtrim($where, ', ');
$where .= " )";
}
}
$sql .= $where . " GROUP BY j.job_id ORDER BY j.date_completed DESC ";
//echo $sql;
$finance_from_job_staff_expenses = array();
$res = qa($sql);
foreach ($res as $finance) {
// we have a job with staff expenses. split this up into gruops based on staff members.
$staff_total_grouped = false;
if (isset($finance['c_staff_total_grouped']) && strlen($finance['c_staff_total_grouped'])) {
$staff_total_grouped = @unserialize($finance['c_staff_total_grouped']);
}
if ($staff_total_grouped === false) {
// echo 'here: ';
// var_dump($finance);
// var_dump($staff_total_grouped);
$job_data = module_job::get_job($finance['job_id']);
$staff_total_grouped = $job_data['staff_total_grouped'];
}
if (is_array($staff_total_grouped)) {
foreach ($staff_total_grouped as $staff_id => $staff_total) {
$staff_member = module_user::get_user($staff_id);
if ($staff_member && $staff_member['user_id'] == $staff_id) {
// make sure this entry doesn't already exist in the database table for this job
// there MAY be an existing entry if 'existing_finance_id' is set
if ($finance['existing_finance_id'] > 0) {
// check if it exists for this staff member.
$existing = get_single('finance', array('job_id', 'job_staff_expense', 'amount'), array($finance['job_id'], $staff_id, $staff_total));
if ($existing) {
// match exists already, skip adding this one to the list.
continue;
}
}
//$finance = self::_format_invoice_payment($finance, $finance);
//$finance['url'] = module_job::link_open($finance['job_id'],false,$finance);
$finance['url'] = module_finance::link_open('new', false) . '&job_staff_expense=' . $staff_id . '&from_job_id=' . $finance['job_id'];
$finance['transaction_date'] = $finance['date_completed'];
$finance['description'] = _l('Job Expense For Staff Member: %s', $staff_member['name'] . ' ' . $staff_member['last_name']);
//"Exiting: ".$finance['existing_finance_id'].": ".
$finance['amount'] = $staff_total;
$finance['debit'] = $staff_total;
$finance['sub_amount'] = $staff_total;
$finance['taxable_amount'] = $staff_total;
$finance['credit'] = 0;
$finance['type'] = 'e';
$finance_from_job_staff_expenses[] = $finance;
}
}
}
}
}
if (!$hide_invoice_payments) {
$sql = "SELECT p.*, i.customer_id ";
if (module_config::c('finance_date_type', 'payment') == 'invoice') {
// show entries by invoice create date, not payment date.
$sql .= " , i.date_create AS transaction_date ";
} else {
// default, show by paid date.
$sql .= " , p.date_paid AS transaction_date ";
}
$sql .= " FROM `" . _DB_PREFIX . "invoice_payment` p ";
$sql .= " LEFT JOIN `" . _DB_PREFIX . "invoice` i ON p.invoice_id = i.invoice_id ";
$where = " WHERE p.date_paid != '0000-00-00' ";
$where .= " AND p.`amount` != 0 ";
$where .= " AND ( p.`payment_type` = " . _INVOICE_PAYMENT_TYPE_NORMAL . " OR p.`payment_type` = " . _INVOICE_PAYMENT_TYPE_REFUND . ' OR p.`payment_type` = ' . _INVOICE_PAYMENT_TYPE_OVERPAYMENT_CREDIT . ' OR p.`payment_type` = ' . _INVOICE_PAYMENT_TYPE_CREDIT . ')';
if (isset($search['job_id']) && (int) $search['job_id'] > 0) {
$sql .= " LEFT JOIN `" . _DB_PREFIX . "invoice_item` ii ON i.invoice_id = ii.invoice_id";
$sql .= " LEFT JOIN `" . _DB_PREFIX . "task` t ON ii.task_id = t.task_id";
$where .= " AND (t.`job_id` = " . (int) $search['job_id'] . " OR i.`deposit_job_id` = " . (int) $search['job_id'] . " ) ";
}
if (isset($search['invoice_id']) && (int) $search['invoice_id'] > 0) {
$where .= " AND p.`invoice_id` = " . (int) $search['invoice_id'];
}
if (isset($search['customer_id']) && (int) $search['customer_id'] > 0) {
$where .= " AND i.`customer_id` = " . (int) $search['customer_id'];
}
/*if(isset($search['generic']) && strlen(trim($search['generic']))){
$name = mysql_real_escape_string(trim($search['generic']));
$where .= " AND (i.`name` LIKE '%$name%' OR p.method LIKE '%$name%' )";
}*/
if (isset($search['company_id']) && (int) $search['company_id'] > 0) {
// check this user can view this company id or not
if (class_exists('module_company', false) && module_company::can_i('view', 'Company') && module_company::is_enabled()) {
$companys = module_company::get_companys();
if (isset($companys[$search['company_id']])) {
$sql .= " LEFT JOIN `" . _DB_PREFIX . "company_customer` cc ON i.customer_id = cc.customer_id ";
$where .= " AND cc.`company_id` = " . (int) $search['company_id'];
}
}
}
if (isset($search['date_from']) && $search['date_from'] != '') {
if (module_config::c('finance_date_type', 'payment') == 'invoice') {
$where .= " AND i.date_create >= '" . input_date($search['date_from']) . "'";
} else {
$where .= " AND p.date_paid >= '" . input_date($search['date_from']) . "'";
}
}
if (isset($search['date_to']) && $search['date_to'] != '') {
if (module_config::c('finance_date_type', 'payment') == 'invoice') {
$where .= " AND i.date_create <= '" . input_date($search['date_to']) . "'";
} else {
$where .= " AND p.date_paid <= '" . input_date($search['date_to']) . "'";
}
}
if (isset($search['amount_from']) && $search['amount_from'] != '') {
$where .= " AND p.amount >= '" . mysql_real_escape_string($search['amount_from']) . "'";
}
if (isset($search['amount_to']) && $search['amount_to'] != '') {
$where .= " AND p.amount <= '" . mysql_real_escape_string($search['amount_to']) . "'";
}
if (isset($search['type']) && $search['type'] != '' && $search['type'] != 'ie') {
if ($search['type'] == 'i') {
$where .= " AND p.amount > 0";
} else {
if ($search['type'] == 'e') {
$where .= " AND p.amount < 0";
}
}
}
switch (module_customer::get_customer_data_access()) {
case _CUSTOMER_ACCESS_ALL:
// all customers! so this means all jobs!
break;
case _CUSTOMER_ACCESS_ALL_COMPANY:
case _CUSTOMER_ACCESS_CONTACTS:
case _CUSTOMER_ACCESS_TASKS:
case _CUSTOMER_ACCESS_STAFF:
$valid_customer_ids = module_security::get_customer_restrictions();
if (count($valid_customer_ids)) {
$where .= " AND i.customer_id IN ( ";
foreach ($valid_customer_ids as $valid_customer_id) {
$where .= (int) $valid_customer_id . ", ";
}
$where = rtrim($where, ', ');
$where .= " )";
}
}
$sql .= $where . " ORDER BY p.date_paid DESC ";
//echo $sql;
$finance_from_invoice_payments = qa($sql);
foreach ($finance_from_invoice_payments as $finance_id => $finance) {
// doesn't have an finance / account reference just yet.
// but they can create one and this will become a child entry to it.
$finance = self::_format_invoice_payment($finance, $finance);
/*if(!isset($finance['customer_id']) || !$finance['customer_id']){
$invoice_data = module_invoice::get_invoice($finance['invoice_id'],2);
$finance['customer_id'] = $invoice_data['customer_id'];
}*/
// grab a new name/descriptino/etc.. from other plugins (at the moment only subscription)
/*$new_finance = hook_handle_callback('finance_invoice_listing',$finance['invoice_id'],$finance);
if(is_array($new_finance) && count($new_finance)){
foreach($new_finance as $n){
$finance = array_merge($finance,$n);
}
}*/
$finance_from_invoice_payments[$finance_id] = $finance;
}
if (isset($search['generic']) && strlen(trim($search['generic']))) {
$name = mysql_real_escape_string(trim($search['generic']));
// $where .= " AND (i.`name` LIKE '%$name%' OR p.method LIKE '%$name%' )";
// we have to do a PHP search here because
foreach ($finance_from_invoice_payments as $finance_id => $finance) {
if (stripos($finance['name'], $name) === false && stripos($finance['description'], $name) === false) {
unset($finance_from_invoice_payments[$finance_id]);
}
}
}
}
$finances = array_merge($finances_from_finance_db_table, $finance_from_invoice_payments, $finance_from_job_staff_expenses);
unset($finances_from_finance_db_table);
unset($finance_from_invoice_payments);
unset($finance_from_job_staff_expenses);
// sort this
if (!function_exists('sort_finance')) {
function sort_finance($a, $b)
{
$t1 = strtotime($a['transaction_date']);
$t2 = strtotime($b['transaction_date']);
if ($t1 == $t2) {
// sort by finance id, putting ones with a finance id first before others. then amount.
if (isset($a['finance_id']) && !isset($b['finance_id'])) {
// put $a before $b
return -1;
} else {
if (!isset($a['finance_id']) && isset($b['finance_id'])) {
// put $b before $a
return 1;
} else {
return $a['amount'] > $b['amount'];
}
}
} else {
return $t1 < $t2;
}
}
}
uasort($finances, 'sort_finance');
foreach ($finances as $finance_id => $finance) {
// we load each of these transactions
// transaction can be a "transaction" or an "invoice_payment"
// find out if this transaction is a child transaction to another transaction.
// if it is a child transaction and we haven't already dispayed it in this listing
// then we find the parent transaction and display it along with all it's children in this place.
// this wont be perfect all the time but will be awesome in 99% of cases.
if (isset($finance['finance_id']) && $finance['finance_id']) {
// displayed before already?
if (isset($displayed_finance_ids[$finance['finance_id']])) {
$finances[$displayed_finance_ids[$finance['finance_id']]]['link_count']++;
unset($finances[$finance_id]);
continue;
}
$displayed_finance_ids[$finance['finance_id']] = $finance_id;
if (isset($finance['invoice_payment_id']) && $finance['invoice_payment_id']) {
$displayed_invoice_payment_ids[$finance['invoice_payment_id']] = $finance_id;
// so we dont display again.
}
} else {
if (isset($finance['invoice_payment_id']) && $finance['invoice_payment_id'] && isset($finance['invoice_id']) && $finance['invoice_id']) {
// this is an invoice payment (incoming payment)
// displayed before already?
if (isset($displayed_invoice_payment_ids[$finance['invoice_payment_id']])) {
$finances[$displayed_invoice_payment_ids[$finance['invoice_payment_id']]] = array_merge($finance, $finances[$displayed_invoice_payment_ids[$finance['invoice_payment_id']]]);
$finances[$displayed_invoice_payment_ids[$finance['invoice_payment_id']]]['link_count']++;
unset($finances[$finance_id]);
continue;
}
$displayed_invoice_payment_ids[$finance['invoice_payment_id']] = $finance_id;
// so we dont display again.
} else {
if (isset($finance['c_staff_total_amount'])) {
// staff expense.
} else {
// nfi?
unset($finances[$finance_id]);
continue;
}
}
}
if (isset($finance['parent_finance_id']) && $finance['parent_finance_id']) {
// check if it's parent finance id has been displayed already somewhere.
if (isset($displayed_finance_ids[$finance['parent_finance_id']])) {
$finances[$displayed_finance_ids[$finance['parent_finance_id']]]['link_count']++;
unset($finances[$finance_id]);
continue;
// already done it on this page.
}
$displayed_finance_ids[$finance['parent_finance_id']] = $finance_id;
// we haven't displayed the parent one yet.
// display the parent one in this listing.
$finance = self::get_finance($finance['parent_finance_id']);
}
/*if(isset($finance['invoice_payment_id']) && $finance['invoice_payment_id'] && isset($finance['invoice_id']) && $finance['invoice_id']){
// moved to above.
}else*/
if (isset($finance['finance_id']) && $finance['finance_id']) {
$finance['url'] = self::link_open($finance['finance_id'], false);
$finance['credit'] = $finance['type'] == 'i' ? $finance['amount'] : 0;
$finance['debit'] = $finance['type'] == 'e' ? $finance['amount'] : 0;
if (!isset($finance['categories'])) {
$finance['categories'] = '';
}
if (!isset($finance['account_name'])) {
$finance['account_name'] = '';
}
}
if (isset($finance['taxes']) && !isset($finance['sub_amount'])) {
$finance['sub_amount'] = $finance['amount'];
foreach ($finance['taxes'] as $tax) {
if (isset($tax['amount'])) {
$finance['sub_amount'] -= $tax['amount'];
}
}
}
$finance['link_count'] = 0;
$finances[$finance_id] = $finance;
}
return $finances;
}
public static function email_invoice_to_customer($invoice_id, $debug = false)
{
// this is a copy of some of the code in invoie_admin_email.php
// used in the CRON job when sending out automated emails.
$invoice = module_invoice::get_invoice($invoice_id);
// template for sending emails.
// are we sending the paid one? or the dueone.
$template_name = '';
$template_prefix = isset($invoice['invoice_template_email']) && strlen($invoice['invoice_template_email']) ? $invoice['invoice_template_email'] : 'invoice_email';
if (isset($invoice['credit_note_id']) && $invoice['credit_note_id']) {
$template_name = 'credit_note_email';
} else {
if ($invoice['date_paid'] && $invoice['date_paid'] != '0000-00-00') {
$template_name = $template_prefix . '_paid';
} else {
if ($invoice['overdue'] && $invoice['date_sent'] && $invoice['date_sent'] != '0000-00-00') {
$template_name = $template_prefix . '_overdue';
} else {
$template_name = $template_prefix . '_due';
}
}
}
$template_name = hook_filter_var('invoice_email_template', $template_name, $invoice_id, $invoice);
if (class_exists('module_company', false) && isset($invoice_data['company_id']) && (int) $invoice_data['company_id'] > 0) {
module_company::set_current_company_id($invoice_data['company_id']);
}
$template = module_template::get_template_by_key($template_name);
if (!$template || $template->template_key != $template_name) {
// backup default templates incase someone has chosen a template that doesn't exist (eg: created invoice_email_MINE_due but not invoice_email_MINE_paid )
$template_prefix = 'invoice_email';
if ($invoice['date_paid'] && $invoice['date_paid'] != '0000-00-00') {
$template_name = $template_prefix . '_paid';
} else {
if ($invoice['overdue'] && $invoice['date_sent'] && $invoice['date_sent'] != '0000-00-00') {
$template_name = $template_prefix . '_overdue';
} else {
$template_name = $template_prefix . '_due';
}
}
}
$replace = module_invoice::get_replace_fields($invoice_id, $invoice);
if (defined('_BLOCK_EMAILS') && _BLOCK_EMAILS) {
$pdf = false;
} else {
$pdf = module_invoice::generate_pdf($invoice_id);
}
$send_email_to = array();
$to = array();
if ($invoice['customer_id']) {
$customer = module_customer::get_customer($invoice['customer_id']);
$replace['customer_name'] = $customer['customer_name'];
if ($invoice['user_id']) {
// this invoice has a manually assigned user, only send the invoice to this user.
// todo: should we also send to accounts? not sure - see if peopel complain
$primary = module_user::get_user($invoice['user_id']);
if ($primary) {
$send_email_to[] = $primary;
}
} else {
$to = module_user::get_contacts(array('customer_id' => $invoice['customer_id']));
// hunt for 'accounts' extra field
$field_to_find = strtolower(module_config::c('accounts_extra_field_name', 'Accounts'));
foreach ($to as $contact) {
$extras = module_extra::get_extras(array('owner_table' => 'user', 'owner_id' => $contact['user_id']));
foreach ($extras as $e) {
if (strtolower($e['extra_key']) == $field_to_find) {
// this is the accounts contact - woo!
$send_email_to[] = $contact;
}
}
}
if (!count($send_email_to) && $customer['primary_user_id']) {
$primary = module_user::get_user($customer['primary_user_id']);
if ($primary) {
$send_email_to[] = $primary;
}
}
}
} else {
if ($invoice['member_id']) {
$member = module_member::get_member($invoice['member_id']);
$to = array($member);
$replace['customer_name'] = $member['first_name'];
} else {
$to = array();
}
}
$template->assign_values($replace);
$html = $template->render('html');
// send an email to this user.
$email = module_email::new_email();
$email->replace_values = $replace;
// todo: send to all customer contacts ?
if ($send_email_to) {
foreach ($send_email_to as $send_email_t) {
if (!empty($send_email_t['user_id'])) {
$email->set_to('user', $send_email_t['user_id']);
} else {
if (!empty($send_email_t['email'])) {
$email->set_to_manual($send_email_t['email']);
}
}
}
} else {
foreach ($to as $t) {
if (!empty($t['user_id'])) {
$email->set_to('user', $t['user_id']);
} else {
if (!empty($t['email'])) {
$email->set_to_manual($t['email']);
}
}
break;
// only 1? todo: all?
}
}
$email->set_bcc_manual(module_config::c('admin_email_address', ''), '');
//$email->set_from('user',); // nfi
$email->set_subject($template->description);
// do we send images inline?
$email->set_html($html);
if ($pdf) {
$email->add_attachment($pdf);
}
$email->invoice_id = $invoice_id;
$email->customer_id = $invoice['customer_id'];
$email->prevent_duplicates = true;
if ($email->send($debug)) {
// it worked successfully!!
// record a log on the invoice when it's done.
self::email_sent(array('invoice_id' => $invoice_id, 'template_name' => $template_name));
return true;
} else {
/// log err?
return false;
}
}
public static function save_config($key, $val)
{
if (_DEMO_MODE) {
// dont save particular values
switch ($key) {
case 'system_base_dir':
case 'system_base_href':
case 'php_memory_limit':
case 'force_ssl':
set_error('Changing some settings is disabled in DEMO mode.');
return $val;
default:
if (strpos($key, 'license') !== false || strpos($key, 'licence') !== false) {
set_error('Changing some settings is disabled in DEMO mode.');
return $val;
}
/*if(
strpos($key,'plugin_enabled') !== false ||
strpos($key,'table_sort') !== false ||
strpos($key,'menu_order') !== false ||
strpos($key,'leads_enabled') !== false ||
strpos($key,'pin_show_in_menu') !== false ||
strpos($key,'timer_enabled') !== false ||
strpos($key,'header_title') !== false ||
strpos($key,'header_title') !== false ||
strpos($key,'theme_name') !== false ||
strpos($key,'admin_system_name') !== false ||
strpos($key,'default_language') !== false ||
strpos($key,'_theme') !== false
){*/
// save some settings into the _SESSION variable for demo mode
if (!isset($_SESSION['_demo_config'])) {
$_SESSION['_demo_config'] = array();
}
$_SESSION['_demo_config'][$key] = $val;
self::$config_vars[$key] = $val;
return $val;
//}
break;
}
}
$sql = "SELECT * FROM `" . _DB_PREFIX . "config` c ";
$sql .= " WHERE `key` = '" . mysql_real_escape_string($key) . "'";
$res = qa1($sql);
if (!$res) {
$sql = "INSERT INTO `" . _DB_PREFIX . "config` SET `key` = '" . mysql_real_escape_string($key) . "', `val` = '" . mysql_real_escape_string($val) . "'";
query($sql);
} else {
// a default for this key exists already, we give the option of updating the company config here
if (class_exists('module_company', false) && module_company::is_enabled()) {
// pass setting saving over to company module for now
// if company module returns true we don't save it below
if (module_company::save_company_config($key, $val)) {
// saved in company module, don't save in defaults below
self::$config_vars[$key] = $val;
return true;
}
}
$sql = "UPDATE `" . _DB_PREFIX . "config` SET `val` = '" . mysql_real_escape_string($val) . "' WHERE `key` = '" . mysql_real_escape_string($key) . "' LIMIT 1";
query($sql);
}
self::$config_vars[$key] = $val;
}
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
if (!module_config::can_i('edit', 'Settings')) {
redirect_browser(_BASE_HREF);
}
$company_id = (int) $_REQUEST['company_id'];
$company = array();
if ($company_id > 0) {
if (class_exists('module_security', false)) {
module_security::check_page(array('category' => 'Company', 'page_name' => 'Company', 'module' => 'company', 'feature' => 'edit'));
}
$company = module_company::get_company($company_id);
} else {
}
if (!$company) {
$company_id = 'new';
$company = array('company_id' => 'new', 'name' => '');
module_security::sanatise_data('company', $company);
}
?>
<form action="" method="post">
<input type="hidden" name="_process" value="save_company" />
<input type="hidden" name="company_id" value="<?php
echo $company_id;
?>
/**
* Copyright: dtbaker 2012
* Licence: Please check CodeCanyon.net for licence details.
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
if (!$invoice_safe) {
die('failed');
}
$invoice_id = (int) $_REQUEST['invoice_id'];
$invoice = module_invoice::get_invoice($invoice_id);
if (class_exists('module_company', false) && isset($invoice['company_id']) && (int) $invoice['company_id'] > 0) {
module_company::set_current_company_id($invoice['company_id']);
}
// template for sending emails.
// are we sending the paid one? or the dueone.
$original_template_name = $template_name = '';
$template_name = '';
$template_prefix = isset($invoice['invoice_template_email']) && strlen($invoice['invoice_template_email']) ? $invoice['invoice_template_email'] : 'invoice_email';
if (isset($invoice['credit_note_id']) && $invoice['credit_note_id']) {
$original_template_name = $template_name = 'credit_note_email';
} else {
if ($invoice['date_paid'] && $invoice['date_paid'] != '0000-00-00') {
$original_template_name = $template_name = $template_prefix . '_paid';
} else {
if ($invoice['overdue'] && $invoice['date_sent'] && $invoice['date_sent'] != '0000-00-00') {
$original_template_name = $template_name = $template_prefix . '_overdue';
} else {
public function save_user($user_id, $data, $from_public = false)
{
$use_master_key = $this->get_contact_master_key();
if ($from_public) {
$user_id = 0;
} else {
if ($use_master_key && isset($data[$use_master_key]) && $data[$use_master_key]) {
if (!module_user::can_i('edit', 'Contacts', 'Customer')) {
set_error('Unable to edit contacts.');
return false;
}
} else {
if (!self::can_i('edit', 'Users', 'Config')) {
set_error('Unable to edit users.');
return false;
}
}
$user_id = (int) $user_id;
}
$temp_user = array();
if ($user_id > 0) {
// check permissions
$temp_user = $this->get_user($user_id, true, false);
if (!$temp_user || $temp_user['user_id'] != $user_id || isset($temp_user['_perms'])) {
$user_id = false;
}
}
if (!$user_id && !$from_public) {
if ($use_master_key && isset($data[$use_master_key]) && $data[$use_master_key]) {
if (!module_user::can_i('create', 'Contacts', 'Customer')) {
set_error('Unable to create new contacts.');
return false;
}
} else {
if (!self::can_i('create', 'Users', 'Config')) {
set_error('Unable to create new users.');
return false;
}
}
} else {
if ($user_id == 1 && module_security::get_loggedin_id() != 1) {
set_error('Sorry only the administrator can modify this account');
}
}
// check the customer id is valid assignment to someone who has these perms.
if (!$from_public) {
if (isset($data['customer_id']) && (int) $data['customer_id'] > 0) {
$temp_customer = module_customer::get_customer($data['customer_id']);
if (!$temp_customer || $temp_customer['customer_id'] != $data['customer_id']) {
unset($data['customer_id']);
}
}
if (isset($data['vendor_id']) && (int) $data['vendor_id'] > 0) {
$temp_vendor = module_vendor::get_vendor($data['vendor_id']);
if (!$temp_vendor || $temp_vendor['vendor_id'] != $data['vendor_id']) {
unset($data['vendor_id']);
}
}
}
if (isset($data['password'])) {
unset($data['password']);
}
// we do the password hash thing here.
if (isset($data['password_new']) && strlen($data['password_new'])) {
// an admin is trying to set the password for this account.
// same permissions checks as on the user_admin_edit_login.php page
if (!$user_id || isset($temp_user['password']) && !$temp_user['password'] || module_user::can_i('create', 'Users Passwords', 'Config') || isset($_REQUEST['reset_password']) && $_REQUEST['reset_password'] == module_security::get_auto_login_string($user_id)) {
// we allow the admin to set a new password without typing in previous password.
$data['password'] = $data['password_new'];
} else {
set_error('Sorry, no permissions to set a new password.');
}
} else {
if ($user_id && isset($data['password_new1']) && isset($data['password_new2']) && strlen($data['password_new1'])) {
// the user is trying to change their password.
// only do this if the user has edit password permissions and their password matches.
if (module_user::can_i('edit', 'Users Passwords', 'Config') || $user_id == module_security::get_loggedin_id()) {
if (isset($data['password_old']) && (md5($data['password_old']) == $temp_user['password'] || $data['password_old'] == $temp_user['password'])) {
// correct old password
// verify new password.
if ($data['password_new1'] == $data['password_new2']) {
$data['password'] = $data['password_new1'];
} else {
set_error('Verified password mismatch. Password unchanged.');
}
} else {
set_error('Old password does not match. Password unchanged.');
}
} else {
set_error('No permissions to change passwords');
}
}
}
// and we finally hash our password
if (isset($data['password']) && strlen($data['password']) > 0) {
$data['password'] = md5($data['password']);
// if you change md5 also change it in customer import.
// todo - salt? meh.
}
$user_id = update_insert("user_id", $user_id, "user", $data);
$use_master_key = $this->get_contact_master_key();
// this will be customer_id or supplier_id
if ($use_master_key && (isset($data[$use_master_key]) && $data[$use_master_key])) {
if ($user_id) {
if (isset($data['customer_primary']) && $data['customer_primary']) {
// update the customer/supplier to mark them as primary or not..
switch ($use_master_key) {
case 'customer_id':
module_customer::set_primary_user_id($data['customer_id'], $user_id);
break;
case 'vendor_id':
module_vendor::set_primary_user_id($data['vendor_id'], $user_id);
break;
}
} else {
// check if this contact was the old customer/supplier primary and
switch ($use_master_key) {
case 'customer_id':
$customer_data = module_customer::get_customer($data['customer_id']);
if ($customer_data['primary_user_id'] == $user_id) {
module_customer::set_primary_user_id($data['customer_id'], 0);
}
break;
case 'vendor_id':
$vendor_data = module_vendor::get_vendor($data['vendor_id']);
if ($vendor_data['primary_user_id'] == $user_id) {
module_vendor::set_primary_user_id($data['vendor_id'], 0);
}
break;
}
}
}
}
if (!$from_public) {
// hack for linked user accounts.
if ($user_id && isset($data['link_customers']) && $data['link_customers'] == 'yes' && isset($data['link_user_ids']) && is_array($data['link_user_ids']) && isset($data['email']) && $data['email']) {
$others = module_user::get_contacts(array('email' => $data['email']));
foreach ($data['link_user_ids'] as $link_user_id) {
if (!(int) $link_user_id) {
continue;
}
if ($link_user_id == $user_id) {
continue;
}
// shouldnt happen
foreach ($others as $other) {
if ($other['user_id'] == $link_user_id) {
// success! they'renot trying to hack us.
$sql = "REPLACE INTO `" . _DB_PREFIX . "user_customer_rel` SET user_id = '" . (int) $link_user_id . "', customer_id = '" . (int) $other['customer_id'] . "', `primary` = " . (int) $user_id;
query($sql);
update_insert('user_id', $link_user_id, 'user', array('linked_parent_user_id' => $user_id));
}
}
}
update_insert('user_id', $user_id, 'user', array('linked_parent_user_id' => $user_id));
}
if ($user_id && isset($data['unlink']) && $data['unlink'] == 'yes') {
$sql = "DELETE FROM `" . _DB_PREFIX . "user_customer_rel` WHERE user_id = '" . (int) $user_id . "'";
query($sql);
update_insert('user_id', $user_id, 'user', array('linked_parent_user_id' => 0));
}
handle_hook("address_block_save", $this, "physical", "user", "user_id", $user_id);
handle_hook("address_block_save", $this, "postal", "user", "user_id", $user_id);
if (class_exists('module_extra', false) && module_extra::is_plugin_enabled()) {
module_extra::save_extras('user', 'user_id', $user_id);
}
// find current role / permissions
$user_data = $this->get_user($user_id);
$previous_user_roles = $user_data['roles'];
$re_save_role_perms = false;
// hack to support only 1 role (we may support multi-role in the future)
// TODO: check we have permissions to set this role id, otherwise anyone can set their own role.
if (isset($_REQUEST['role_id'])) {
$sql = "DELETE FROM `" . _DB_PREFIX . "user_role` WHERE user_id = '" . (int) $user_id . "'";
query($sql);
if ((int) $_REQUEST['role_id'] > 0) {
if (!isset($previous_user_roles[$_REQUEST['role_id']])) {
$re_save_role_perms = (int) $_REQUEST['role_id'];
}
$_REQUEST['role'] = array($_REQUEST['role_id'] => 1);
}
}
// save users roles (support for multi roles in future - but probably will never happen)
if (isset($_REQUEST['role']) && is_array($_REQUEST['role'])) {
foreach ($_REQUEST['role'] as $role_id => $tf) {
$this->add_user_to_role($user_id, $role_id);
}
}
if ($re_save_role_perms) {
// copy role permissiosn to user permissions
$sql = "DELETE FROM `" . _DB_PREFIX . "user_perm` WHERE user_id = " . (int) $user_id;
query($sql);
// update - we are not relying on these permissions any more.
// if the user has a role assigned, we use those permissions period
// we ignore all permissions in the user_perm table if the user has a role.
// if the user doesn't have a role, then we use these user_perm permissions.
/*$security_role = module_security::get_security_role($re_save_role_perms);
foreach($security_role['permissions'] as $security_permission_id => $d){
$sql = "INSERT INTO `"._DB_PREFIX."user_perm` SET user_id = ".(int)$user_id.", security_permission_id = '".(int)$security_permission_id."'";
foreach(module_security::$available_permissions as $perm){
$sql .= ", `".$perm."` = ".(int)$d[$perm];
}
query($sql);
}*/
} else {
if (isset($_REQUEST['permission']) && is_array($_REQUEST['permission'])) {
$sql = "DELETE FROM `" . _DB_PREFIX . "user_perm` WHERE user_id = '" . (int) $user_id . "'";
query($sql);
// update permissions for this user.
foreach ($_REQUEST['permission'] as $security_permission_id => $permissions) {
$actions = array();
foreach (module_security::$available_permissions as $permission) {
if (isset($permissions[$permission]) && $permissions[$permission]) {
$actions[$permission] = 1;
}
}
$sql = "REPLACE INTO `" . _DB_PREFIX . "user_perm` SET user_id = '" . (int) $user_id . "', security_permission_id = '" . (int) $security_permission_id . "' ";
foreach ($actions as $permission => $tf) {
$sql .= ", `" . mysql_real_escape_string($permission) . "` = 1";
}
query($sql);
}
}
}
/*global $plugins;
if($user_id && isset($data['user_type_id']) && $data['user_type_id'] == 1 && $data['site_id']){
// update the site.
$plugins['site']->set_primary_user_id($data['site_id'],$user_id);
}else{
//this use isn't (or isnt any more) the sites primary user.
// unset this if he was the primary user before
$site_data = $plugins['site']->get_site($data['site_id']);
if(isset($site_data['primary_user_id']) && $site_data['primary_user_id'] == $user_id){
$plugins['site']->set_primary_user_id($data['site_id'],0);
}
}*/
// save the company information if it's available
if (class_exists('module_company', false) && module_company::can_i('edit', 'Company') && module_company::is_enabled() && module_user::can_i('edit', 'User')) {
if (isset($_REQUEST['available_user_company']) && is_array($_REQUEST['available_user_company'])) {
$selected_companies = isset($_POST['user_company']) && is_array($_POST['user_company']) ? $_POST['user_company'] : array();
foreach ($_REQUEST['available_user_company'] as $company_id => $tf) {
if (!isset($selected_companies[$company_id]) || !$selected_companies[$company_id]) {
// remove user from this company
module_company::delete_user($company_id, $user_id);
} else {
// add user to this company (if they are not already existing)
module_company::add_user_to_company($company_id, $user_id);
}
}
}
}
}
module_cache::clear('user');
return $user_id;
}
private function _handle_save_template()
{
// handle post back for save template template.
$template_id = (int) $_REQUEST['template_id'];
// delete.
if (isset($_REQUEST['butt_del']) && self::can_i('delete', 'Templates')) {
$template_data = self::get_template($template_id);
if (module_form::confirm_delete('template_id', _l("Really delete template: %s", $template_data['template_key']), self::link_open($template_id))) {
$this->delete($template_id);
// todo: delete company template as well if exists.
set_message("Template deleted successfully");
redirect_browser(self::link_open(false));
}
}
$data = $_POST;
$already_saved = false;
if ((int) $template_id > 0 && class_exists('module_company', false)) {
module_company::template_handle_save($template_id, $data);
// we have to redirect to a company specific version of this template
// each company template must have a matching parent template id/key. cannot change keys in company unique config.
}
// write header/footer html based on uploaded images.
// pass uploaded images to the file manager plugin.
$template_id = update_insert('template_id', $template_id, 'template', $data);
// redirect upon save.
set_message('Template saved successfully!');
if (isset($_REQUEST['return']) && $_REQUEST['return']) {
redirect_browser($_REQUEST['return']);
}
redirect_browser($this->link_open($template_id));
exit;
}
public static function quote_html($quote_id, $quote_data, $mode = 'html')
{
if ($quote_id && $quote_data) {
// spit out the quote html into a file, then pass it to the pdf converter
// to convert it into a PDF.
$quote = $quote_data;
if (class_exists('module_company', false) && isset($quote_data['company_id']) && (int) $quote_data['company_id'] > 0) {
module_company::set_current_company_id($quote_data['company_id']);
}
$quote_template = isset($quote_data['quote_template_print']) && strlen($quote_data['quote_template_print']) ? $quote_data['quote_template_print'] : module_config::c('quote_template_print_default', 'quote_pdf');
$quote_template_suffix = '';
if ($quote_template != 'quote_pdf') {
$quote_template_suffix = str_replace('quote_pdf', '', $quote_template);
}
ob_start();
include module_theme::include_ucm('includes/plugin_quote/template/quote_task_list.php');
$task_list_html = ob_get_clean();
$replace = self::get_replace_fields($quote_id, $quote_data);
$replace['task_list'] = $task_list_html;
$replace['quote_link'] = module_quote::link_public($quote_id);
$replace['external_quote_template_html'] = '';
$external_quote_template = module_template::get_template_by_key('quote_pdf');
$external_quote_template->assign_values($replace);
$replace['external_quote_template_html'] = $external_quote_template->replace_content();
ob_start();
$template = module_template::get_template_by_key($quote_template);
$template->assign_values($replace);
echo $template->render('html');
$quote_html = ob_get_clean();
return $quote_html;
}
return false;
}
if (class_exists('module_group', false) && module_customer::can_i('view', $page_type_single . ' Groups')) {
$search_bar['elements']['group_id'] = array('title' => false, 'field' => array('type' => 'select', 'name' => 'search[group_id]', 'value' => isset($search['group_id']) ? $search['group_id'] : '', 'options' => module_group::get_groups('customer'), 'options_array_id' => 'name', 'blank' => _l(' Industry - ')));
}
if (class_exists('module_company', false) && module_company::can_i('view', 'Company') && module_company::is_enabled()) {
$companys = module_company::get_companys();
$companys_rel = array();
foreach ($companys as $company) {
$companys_rel[$company['company_id']] = $company['name'];
}
$search_bar['elements']['company'] = array('title' => false, 'field' => array('type' => 'select', 'name' => 'search[company_id]', 'value' => isset($search['company_id']) ? $search['company_id'] : '', 'options' => $companys_rel, 'blank' => _l(' - Company - ')));
}
echo module_form::search_bar($search_bar);
/** START TABLE LAYOUT **/
$table_manager = module_theme::new_table_manager();
$columns = array();
if (class_exists('module_company', false) && module_company::can_i('view', 'Company') && module_company::is_enabled()) {
$columns['company_name'] = array('title' => 'Company', 'callback' => function ($customer) {
if (isset($customer['company_ids']) && is_array($customer['company_ids']) && count($customer['company_ids'])) {
foreach ($customer['company_ids'] as $company_id => $company_name) {
?>
<a href="<?php
echo module_customer::link_open($customer['customer_id'], false);
?>
"><?php
echo htmlspecialchars($company_name);
?>
</a>
<?php
}
} else {
_e('N/A');
<thead>
<tr class="title">
<th><?php
echo _l('Company Name');
?>
</th>
</tr>
</thead>
<tbody>
<?php
$c = 0;
foreach ($companys as $company) {
?>
<tr class="<?php
echo $c++ % 2 ? "odd" : "even";
?>
">
<td class="row_action">
<?php
echo module_company::link_open($company['company_id'], true);
?>
</td>
</tr>
<?php
}
?>
</tbody>
</table>
</form>
<?php
}
<form action="" method="post" id="finance_form" class="search_form">
<?php
$categories_rel = array();
foreach (module_finance::get_categories() as $category) {
$categories_rel[$category['finance_category_id']] = $category['name'];
}
$accounts_rel = array();
foreach (module_finance::get_accounts() as $account) {
$accounts_rel[$account['finance_account_id']] = $account['name'];
}
$search_bar = array('elements' => array('name' => array('title' => _l('Name:'), 'field' => array('type' => 'text', 'name' => 'search[generic]', 'value' => isset($search['generic']) ? $search['generic'] : '', 'size' => 15)), 'due_date' => array('title' => _l('Date:'), 'fields' => array(array('type' => 'date', 'name' => 'search[date_from]', 'value' => isset($search['date_from']) ? $search['date_from'] : ''), _l('to'), array('type' => 'date', 'name' => 'search[date_to]', 'value' => isset($search['date_to']) ? $search['date_to'] : ''))), 'amount' => array('title' => _l('Amount:'), 'fields' => array(array('type' => 'currency', 'name' => 'search[amount_from]', 'value' => isset($search['amount_from']) ? $search['amount_from'] : ''), _l('to'), array('type' => 'currency', 'name' => 'search[amount_to]', 'value' => isset($search['amount_to']) ? $search['amount_to'] : ''))), 'account' => array('title' => false, 'field' => array('type' => 'select', 'name' => 'search[finance_account_id][]', 'values' => isset($search['finance_account_id']) ? $search['finance_account_id'] : '', 'value' => '', 'options' => $accounts_rel, 'blank' => _l(' - Account - '), 'multiple' => true)), 'category' => array('title' => false, 'field' => array('type' => 'select', 'name' => 'search[finance_category_id][]', 'values' => isset($search['finance_category_id']) ? $search['finance_category_id'] : '', 'value' => '', 'options' => $categories_rel, 'blank' => _l(' - Category - '), 'multiple' => true))));
if (class_exists('module_company', false) && module_company::can_i('view', 'Company') && module_company::is_enabled()) {
$companys = module_company::get_companys();
$companys_rel = array();
foreach ($companys as $company) {
$companys_rel[$company['company_id']] = $company['name'];
}
$search_bar['elements']['company'] = array('title' => false, 'field' => array('type' => 'select', 'name' => 'search[company_id]', 'value' => isset($search['company_id']) ? $search['company_id'] : '', 'options' => $companys_rel, 'blank' => _l(' - Company - ')));
}
echo module_form::search_bar($search_bar);
?>
</form>
<script type="text/javascript">
function link_it(t){
public function save_customer($customer_id, $data)
{
$customer_id = (int) $customer_id;
$temp_customer = false;
if ($customer_id > 0) {
// check permissions
$temp_customer = $this->get_customer($customer_id);
if (!$temp_customer || $temp_customer['customer_id'] != $customer_id) {
$temp_customer = false;
$customer_id = false;
}
}
if (_DEMO_MODE && $customer_id == 1) {
set_error('Sorry this is a Demo Customer. It cannot be changed.');
redirect_browser(self::link_open($customer_id));
}
if (isset($data['default_tax_system']) && $data['default_tax_system']) {
$data['default_tax'] = -1;
$data['default_tax_name'] = '';
}
if (isset($data['primary_user_id'])) {
unset($data['primary_user_id']);
}
// only allow this to be set through the method.
$customer_id = update_insert("customer_id", $customer_id, "customer", $data);
if (isset($data['single_staff_id']) && (int) $data['single_staff_id'] > 0 && module_customer::get_customer_data_access() == _CUSTOMER_ACCESS_STAFF && $data['single_staff_id'] == module_security::get_loggedin_id()) {
$sql = "REPLACE INTO `" . _DB_PREFIX . "customer_user_rel` SET ";
$sql .= " `user_id` = " . (int) $data['single_staff_id'];
$sql .= ", `customer_id` = " . (int) $customer_id;
query($sql);
} else {
if (isset($data['staff_ids']) && is_array($data['staff_ids']) && module_customer::can_i('edit', 'Customer Staff')) {
$existing_staff = array();
if ($temp_customer) {
$existing_staff = $temp_customer['staff_ids'];
}
foreach ($data['staff_ids'] as $staff_id) {
$sql = "REPLACE INTO `" . _DB_PREFIX . "customer_user_rel` SET ";
$sql .= " `user_id` = " . (int) $staff_id;
$sql .= ", `customer_id` = " . (int) $customer_id;
$key = array_search($staff_id, $existing_staff);
if ($key !== false) {
unset($existing_staff[$key]);
}
query($sql);
}
foreach ($existing_staff as $staff_id) {
delete_from_db('customer_user_rel', array('user_id', 'customer_id'), array($staff_id, $customer_id));
}
}
}
if (isset($_REQUEST['user_id'])) {
$user_id = (int) $_REQUEST['user_id'];
if ($user_id > 0) {
// check permissions
$temp_user = module_user::get_user($user_id);
if (!$temp_user || $temp_user['user_id'] != $user_id) {
$user_id = false;
}
}
// assign specified user_id to this customer.
// could this be a problem?
// maybe?
// todo: think about security precautions here, maybe only allow admins to set primary contacts.
$data['customer_id'] = $customer_id;
if (!$user_id) {
// hack to set the default role of a contact (if one is set in settings).
if (!isset($data['last_name']) && isset($data['name']) && strpos($data['name'], ' ') > 0) {
// todo - save from customer import
$bits = explode(' ', $data['name']);
$data['last_name'] = array_pop($bits);
$data['name'] = implode(' ', $bits);
}
global $plugins;
$user_id = $plugins['user']->create_user($data, 'contact');
//$user_id = update_insert("user_id",false,"user",$data);
//module_cache::clear('user');
$role_id = module_config::c('contact_default_role', 0);
if ($role_id > 0) {
module_user::add_user_to_role($user_id, $role_id);
}
$this->set_primary_user_id($customer_id, $user_id);
} else {
// make sure this user is part of this customer.
// wait! addition, we want to be able to move an existing customer contact to this new customer.
$saved_user_id = false;
if (isset($_REQUEST['move_user_id']) && (int) $_REQUEST['move_user_id'] && module_customer::can_i('create', 'Active Leads')) {
$old_user = module_user::get_user((int) $_REQUEST['move_user_id']);
if ($old_user && $old_user['user_id'] == (int) $_REQUEST['move_user_id']) {
$saved_user_id = $user_id = update_insert("user_id", $user_id, "user", $data);
module_cache::clear('user');
hook_handle_callback('customer_contact_moved', $user_id, $old_user['customer_id'], $customer_id);
$this->set_primary_user_id($customer_id, $user_id);
module_cache::clear('user');
}
} else {
// save normally, only those linked to this account:
$users = module_user::get_contacts(array('customer_id' => $customer_id));
foreach ($users as $user) {
if ($user['user_id'] == $user_id) {
$saved_user_id = $user_id = update_insert("user_id", $user_id, "user", $data);
$this->set_primary_user_id($customer_id, $user_id);
module_cache::clear('user');
break;
}
}
}
if (!$saved_user_id) {
$this->set_primary_user_id($customer_id, 0);
module_cache::clear('user');
}
}
// todo: move this functionality back into the user class.
// maybe with a static save_user method ?
if ($user_id > 0 && class_exists('module_extra', false) && module_extra::is_plugin_enabled()) {
module_extra::save_extras('user', 'user_id', $user_id);
}
}
handle_hook("address_block_save", $this, "physical", "customer", "customer_id", $customer_id);
//handle_hook("address_block_save",$this,"postal","customer","customer_id",$customer_id);
if (class_exists('module_extra', false) && module_extra::is_plugin_enabled()) {
module_extra::save_extras('customer', 'customer_id', $customer_id);
}
// save the company information if it's available
if (class_exists('module_company', false) && module_company::can_i('view', 'Company') && module_company::is_enabled()) {
if (isset($_REQUEST['available_customer_company']) && is_array($_REQUEST['available_customer_company'])) {
$selected_companies = isset($_POST['customer_company']) && is_array($_POST['customer_company']) ? $_POST['customer_company'] : array();
$company_access = module_company::get_company_data_access();
if ($company_access == _COMPANY_ACCESS_ALL && !count($selected_companies)) {
// user is unassignging this customer from all companies we have access to, dont let them do this?
}
foreach ($_REQUEST['available_customer_company'] as $company_id => $tf) {
if (!isset($selected_companies[$company_id]) || !$selected_companies[$company_id]) {
// remove customer from this company
module_company::delete_customer($company_id, $customer_id);
} else {
// add customer to this company (if they are not already existing)
module_company::add_customer_to_company($company_id, $customer_id);
}
}
}
}
self::update_customer_status($customer_id);
module_cache::clear('customer');
return $customer_id;
}
<?php
}
hook_handle_callback('layout_column_half', 1);
/** COMPANY INFORMATION **/
if (class_exists('module_company', false) && module_company::can_i('view', 'Company') && module_company::is_enabled()) {
$heading = array('type' => 'h3', 'title' => 'Company Information');
if (module_company::can_i('edit', 'Company')) {
$help_text = addcslashes(_l("Here you can select which Company this Vendor belongs to. This is handy if you are running multiple companies through this system and you would like to separate vendors between different companies."), "'");
$heading['button'] = array('url' => '#', 'onclick' => "alert('{$help_text}'); return false;", 'title' => 'help');
}
//print_heading($heading);
$company_fields = array();
$companys = module_company::get_companys();
foreach ($companys as $company) {
$company_fields[] = array('type' => 'hidden', 'name' => "available_vendor_company[" . $company['company_id'] . "]", 'value' => 1);
$company_fields[] = array('type' => 'check', 'name' => "vendor_company[" . $company['company_id'] . "]", 'value' => $company['company_id'], 'checked' => isset($vendor['company_ids'][$company['company_id']]) || !$vendor_id && !module_company::can_i('edit', 'Company'), 'label' => htmlspecialchars($company['name']));
}
$fieldset_data = array('heading' => $heading, 'class' => 'tableclass tableclass_form tableclass_full', 'elements' => array('company' => array('title' => _l('Company'), 'fields' => $company_fields)));
echo module_form::generate_fieldset($fieldset_data);
}
/** VENDOR INFORMATION **/
$fieldset_data = array('heading' => array('type' => 'h3', 'title' => $page_type_single . ' Information'), 'class' => 'tableclass tableclass_form tableclass_full', 'elements' => array('name' => array('title' => _l('Name'), 'field' => array('type' => 'text', 'name' => 'vendor_name', 'value' => $vendor['vendor_name']))), 'extra_settings' => array('owner_table' => 'vendor', 'owner_key' => 'vendor_id', 'owner_id' => $vendor_id, 'layout' => 'table_row', 'allow_new' => module_vendor::can_i('create', $page_type), 'allow_edit' => module_vendor::can_i('create', $page_type)));
if ($vendor_id && $vendor_id != 'new' && class_exists('module_file') && module_file::is_plugin_enabled()) {
ob_start();
module_file::display_files(array('owner_table' => 'vendor', 'owner_id' => $vendor_id, 'layout' => 'gallery', 'editable' => module_security::is_page_editable()));
$fieldset_data['elements']['logo'] = array('title' => _l('Logo'), 'field' => ob_get_clean());
}
echo module_form::generate_fieldset($fieldset_data);
/** PRIMARY CONTACT DETAILS **/
// we use the "user" module to find the user details
// for the currently selected primary contact id
?>
<table class="tableclass tableclass_form tableclass_full">
<tbody>
<tr>
<th class="width1">
<?php
echo _l('Company');
?>
</th>
<td>
<?php
$companys = module_company::get_companys();
foreach ($companys as $company) {
?>
<?php
if (module_company::can_i('edit', 'Company')) {
?>
<input type="hidden" name="available_user_company[<?php
echo $company['company_id'];
?>
]" value="1">
<input type="checkbox" name="user_company[<?php
echo $company['company_id'];
?>
]" id="customer_company_<?php
echo $company['company_id'];
?>
" value="<?php
echo $company['company_id'];
?>
" <?php
$current_template = isset($invoice['invoice_template_print']) && strlen($invoice['invoice_template_print']) ? $invoice['invoice_template_print'] : module_config::c('invoice_template_print_default', 'invoice_print');
if (function_exists('convert_html2pdf') && isset($find_other_templates) && strlen($find_other_templates) && isset($current_template) && strlen($current_template)) {
$other_templates = array();
foreach (module_template::get_templates() as $possible_template) {
if (strpos($possible_template['template_key'], $find_other_templates) !== false) {
// found another one!
$other_templates[$possible_template['template_key']] = $possible_template['template_key'];
//$possible_template['description'];
}
}
if (count($other_templates) > 1) {
$fieldset_data['elements'][] = array('title' => 'PDF Template', 'field' => array('type' => 'select', 'options' => $other_templates, 'name' => 'invoice_template_print', 'value' => $current_template, 'help' => 'Choose the default template for PDF printing and PDF emailing. Name your custom templates invoice_print_SOMETHING for them to appear in this listing.'));
}
}
if (class_exists('module_company', false) && module_company::is_enabled() && defined('COMPANY_UNIQUE_CONFIG') && COMPANY_UNIQUE_CONFIG && module_company::can_i('view', 'Company') && $invoice['customer_id'] > 0) {
$company_list = module_company::get_companys_by_customer($invoice['customer_id']);
if (count($company_list) > 1) {
$fieldset_data['elements'][] = array('title' => 'Company', 'fields' => array(array('type' => 'select', 'name' => 'set_manual_company_id', 'options' => $company_list, 'blank' => _l('Default'), 'options_array_id' => 'name', 'value' => isset($invoice['company_id']) ? $invoice['company_id'] : 0)));
}
}
echo module_form::generate_fieldset($fieldset_data);
unset($fieldset_data);
}
hook_handle_callback('layout_column_half', 2, '65');
if ($invoice['date_cancel'] && $invoice['date_cancel'] != '0000-00-00') {
/**** INVOICE CANCELLED ***/
ob_start();
?>
<div class="tableclass_form content">
<p align="center"><?php
public static function is_enabled()
{
if (self::$checking_enabled) {
return false;
}
self::$checking_enabled = true;
$companys = self::get_companys_access_restrictions();
$enabled = count($companys) > 0 && module_config::c('company_enabled', 1);
self::$checking_enabled = false;
return $enabled;
}
<script type="text/javascript">
$(function(){
$('#company_id').change(function(){
change_detected = false;
window.location.href='<?php
echo module_template::link_open($template_id);
?>
&company_id='+$(this).val();
});
});
</script>
</td>
</tr>
<?php
}
if (class_exists('module_company', false) && defined('COMPANY_UNIQUE_CONFIG') && COMPANY_UNIQUE_CONFIG && (int) $template_id > 0 && module_company::can_i('view', 'Company') && module_company::is_enabled() && isset($company_id) && $company_id) {
?>
<tr>
<th class="width2">
<?php
echo _l('Template Key');
?>
</th>
<td>
<?php
echo htmlspecialchars($template['template_key']);
?>
</td>
public function save_vendor($vendor_id, $data)
{
$vendor_id = (int) $vendor_id;
$temp_vendor = false;
if ($vendor_id > 0) {
// check permissions
$temp_vendor = $this->get_vendor($vendor_id);
if (!$temp_vendor || $temp_vendor['vendor_id'] != $vendor_id) {
$temp_vendor = false;
$vendor_id = false;
}
}
if (_DEMO_MODE && $vendor_id == 1) {
set_error('Sorry this is a Demo Vendor. It cannot be changed.');
redirect_browser(self::link_open($vendor_id));
}
if (isset($data['default_tax_system']) && $data['default_tax_system']) {
$data['default_tax'] = -1;
$data['default_tax_name'] = '';
}
if (isset($data['primary_user_id'])) {
unset($data['primary_user_id']);
}
// only allow this to be set through the method.
$vendor_id = update_insert("vendor_id", $vendor_id, "vendor", $data);
if (isset($_REQUEST['user_id'])) {
$user_id = (int) $_REQUEST['user_id'];
if ($user_id > 0) {
// check permissions
$temp_user = module_user::get_user($user_id);
if (!$temp_user || $temp_user['user_id'] != $user_id) {
$user_id = false;
}
}
// assign specified user_id to this vendor.
// could this be a problem?
// maybe?
// todo: think about security precautions here, maybe only allow admins to set primary contacts.
$data['vendor_id'] = $vendor_id;
if (!$user_id) {
// hack to set the default role of a contact (if one is set in settings).
if (!isset($data['last_name']) && isset($data['name']) && strpos($data['name'], ' ') > 0) {
// todo - save from vendor import
$bits = explode(' ', $data['name']);
$data['last_name'] = array_pop($bits);
$data['name'] = implode(' ', $bits);
}
$user_id = update_insert("user_id", false, "user", $data);
module_cache::clear('user');
$role_id = module_config::c('contact_default_role', 0);
if ($role_id > 0) {
module_user::add_user_to_role($user_id, $role_id);
}
$this->set_primary_user_id($vendor_id, $user_id);
} else {
// make sure this user is part of this vendor.
// wait! addition, we want to be able to move an existing vendor contact to this new vendor.
$saved_user_id = false;
if (isset($_REQUEST['move_user_id']) && (int) $_REQUEST['move_user_id'] && module_vendor::can_i('create', 'Companies')) {
$old_user = module_user::get_user((int) $_REQUEST['move_user_id']);
if ($old_user && $old_user['user_id'] == (int) $_REQUEST['move_user_id']) {
$saved_user_id = $user_id = update_insert("user_id", $user_id, "user", $data);
module_cache::clear('user');
hook_handle_callback('vendor_contact_moved', $user_id, $old_user['vendor_id'], $vendor_id);
$this->set_primary_user_id($vendor_id, $user_id);
module_cache::clear('user');
}
} else {
// save normally, only those linked to this account:
$users = module_user::get_contacts(array('vendor_id' => $vendor_id));
foreach ($users as $user) {
if ($user['user_id'] == $user_id) {
$saved_user_id = $user_id = update_insert("user_id", $user_id, "user", $data);
$this->set_primary_user_id($vendor_id, $user_id);
module_cache::clear('user');
break;
}
}
}
if (!$saved_user_id) {
$this->set_primary_user_id($vendor_id, 0);
module_cache::clear('user');
}
}
// todo: move this functionality back into the user class.
// maybe with a static save_user method ?
if ($user_id > 0 && class_exists('module_extra', false) && module_extra::is_plugin_enabled()) {
module_extra::save_extras('user', 'user_id', $user_id);
}
}
handle_hook("address_block_save", $this, "physical", "vendor", "vendor_id", $vendor_id);
//handle_hook("address_block_save",$this,"postal","vendor","vendor_id",$vendor_id);
if (class_exists('module_extra', false) && module_extra::is_plugin_enabled()) {
module_extra::save_extras('vendor', 'vendor_id', $vendor_id);
}
// save the company information if it's available
if (class_exists('module_company', false) && module_company::can_i('view', 'Company') && module_company::is_enabled()) {
if (isset($_REQUEST['available_vendor_company']) && is_array($_REQUEST['available_vendor_company'])) {
$selected_companies = isset($_POST['vendor_company']) && is_array($_POST['vendor_company']) ? $_POST['vendor_company'] : array();
$company_access = module_company::get_company_data_access();
if ($company_access == _COMPANY_ACCESS_ALL && !count($selected_companies)) {
// user is unassignging this vendor from all companies we have access to, dont let them do this?
}
foreach ($_REQUEST['available_vendor_company'] as $company_id => $tf) {
if (!isset($selected_companies[$company_id]) || !$selected_companies[$company_id]) {
// remove vendor from this company
module_company::delete_vendor($company_id, $vendor_id);
} else {
// add vendor to this company (if they are not already existing)
module_company::add_vendor_to_company($company_id, $vendor_id);
}
}
}
}
self::update_vendor_status($vendor_id);
module_cache::clear('vendor');
return $vendor_id;
}
