function invoice_form_export_process($type, $returnpage_error, $returnpage_success)
{
log_debug("inc_invoices_forms", "Executing invoice_form_export_process({$type}, {$returnpage_error}, {$returnpage_success})");
/*
Start the invoice
*/
$invoice = new invoice();
$invoice->type = $type;
/*
Fetch all form data
*/
// get the ID for an edit
$invoice->id = @security_form_input_predefined("int", "id_invoice", 1, "");
// general details
$data["formname"] = @security_form_input_predefined("any", "formname", 1, "");
if ($data["formname"] == "invoice_export_email") {
// send email
$data["sender"] = @security_form_input_predefined("any", "sender", 1, "");
$data["subject"] = @security_form_input_predefined("any", "subject", 1, "");
$data["email_to"] = @security_form_input_predefined("multiple_email", "email_to", 1, "");
$data["email_cc"] = @security_form_input_predefined("multiple_email", "email_cc", 0, "");
$data["email_bcc"] = @security_form_input_predefined("multiple_email", "email_bcc", 0, "");
$data["message"] = @security_form_input_predefined("any", "email_message", 1, "");
// check if email sending is permitted
if (sql_get_singlevalue("SELECT value FROM config WHERE name='EMAIL_ENABLE'") != "enabled") {
log_write("error", "inc_invoices_process", "Sorry, the ability to email invoices has been disabled. Please contact your system administrator if you require this feature to be enabled.");
}
} else {
// PDF download
$data["invoice_mark_as_sent"] = @security_form_input_predefined("any", "invoice_mark_as_sent", 0, "");
}
// make sure that the invoice exists
$sql_obj = new sql_query();
$sql_obj->string = "SELECT id FROM `account_" . $invoice->type . "` WHERE id='" . $invoice->id . "'";
$sql_obj->execute();
if (!$sql_obj->num_rows()) {
$_SESSION["error"]["message"][] = "The invoice you have attempted to edit - " . $invoice->id . " - does not exist in this system.";
}
//// ERROR CHECKING ///////////////////////
/// if there was an error, go back to the entry page
if (!empty($_SESSION["error"]["message"])) {
header("Location: ../../index.php?page={$returnpage_error}&id=" . $invoice->id . "");
exit(0);
} else {
if ($data["formname"] == "invoice_export_email") {
/*
Generate a PDF of the invoice and email it to the customer
*/
// stripslashes from the variables - by default all input variables are quoted for security reasons but
// we don't want this going through to the email.
$data["subject"] = stripslashes($data["subject"]);
$data["message"] = stripslashes($data["message"]);
// send email
$invoice->load_data();
$invoice->email_invoice($data["sender"], $data["email_to"], $data["email_cc"], $data["email_bcc"], $data["subject"], $data["message"]);
$_SESSION["notification"]["message"][] = "Email sent successfully.";
} else {
/*
Mark invoice as being sent if user requests it
*/
if ($data["invoice_mark_as_sent"]) {
$sql_obj = new sql_query();
$sql_obj->string = "UPDATE account_" . $invoice->type . " SET date_sent='" . date("Y-m-d") . "', sentmethod='manual' WHERE id='" . $invoice->id . "'";
$sql_obj->execute();
}
/*
Provide PDF to user's browser
*/
// generate PDF
$invoice->load_data();
$invoice->generate_pdf();
// PDF headers
if ($type == "quotes") {
$filename = "/tmp/quote_" . $invoice->data["code_quote"] . ".pdf";
} else {
$filename = "/tmp/invoice_" . $invoice->data["code_invoice"] . ".pdf";
}
// required for IE, otherwise Content-disposition is ignored
if (ini_get('zlib.output_compression')) {
ini_set('zlib.output_compression', 'Off');
}
header("Pragma: public");
// required
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: private", false);
// required for certain browsers
header("Content-Type: application/pdf");
header("Content-Disposition: attachment; filename=\"" . basename($filename) . "\";");
header("Content-Transfer-Encoding: binary");
// output the PDF
print $invoice->obj_pdf->output;
exit(0);
}
// display updated details
header("Location: ../../index.php?page={$returnpage_success}&id=" . $invoice->id . "");
exit(0);
}
// end if passed tests
}
function get_invoice_pdf($id, $invoicetype)
{
log_debug("invoices_manage_soap", "Executing get_invoice_pdf({$id}, {$invoicetype})");
// check the invoice type
if ($invoicetype != "ar" && $invoicetype != "ap") {
throw new SoapFault("Sender", "INVALID_INVOICE_TYPE");
}
if (user_permissions_get("accounts_" . $invoicetype . "_view")) {
$obj_invoice = new invoice();
$obj_invoice->type = $invoicetype;
// sanitise input
$obj_invoice->id = @security_script_input_predefined("int", $id);
if (!$obj_invoice->id || $obj_invoice->id == "error") {
throw new SoapFault("Sender", "INVALID_INPUT");
}
// verify that the invoice is valid
if (!$obj_invoice->verify_invoice()) {
throw new SoapFault("Sender", "INVALID_INVOICE");
}
// load data from DB for this invoice
if (!$obj_invoice->load_data()) {
throw new SoapFault("Sender", "UNEXPECTED_ACTION_ERROR");
}
// generate PDF
$obj_invoice->generate_pdf();
// return data
return base64_encode($obj_invoice->obj_pdf->output);
} else {
throw new SoapFault("Sender", "ACCESS_DENIED");
}
}
