예제 #1
0
function saveFormData($table, &$primaryKey, &$formElements, &$values, &$warnings, $parentKeyName = '', $parentKey = FALSE)
{
    global $dblink;
    $missingValues = '';
    $strFields = '';
    $strInsert = '';
    $strUpdateFields = '';
    $arrValues = [];
    if (!isset($primaryKey) || !$primaryKey) {
        unset($values['id']);
    }
    foreach ($formElements as $elem) {
        $type = $elem['type'];
        if (in_array($type, ['', 'IFORM', 'RESULT', 'BUTTON', 'JSBUTTON', 'IMAGE', 'ROWSUM', 'NEWLINE', 'LABEL']) || isset($elem['read_only']) && $elem['read_only']) {
            continue;
        }
        $name = $elem['name'];
        if (!$elem['allow_null'] && (!isset($values[$name]) || $values[$name] === '')) {
            if ($missingValues) {
                $missingValues .= ', ';
            }
            $missingValues .= $elem['label'];
            continue;
        }
        $value = isset($values[$name]) ? $values[$name] : getFormDefaultValue($elem, $parentKey);
        if ($type == 'PASSWD' && !$value) {
            continue;
        }
        // Don't save empty password
        if (isset($elem['unique']) && $elem['unique']) {
            $query = "SELECT * FROM {$table} WHERE deleted=0 AND {$name}=?";
            $params = [$value];
            if (isset($primaryKey) && $primaryKey) {
                $query .= ' AND id!=?';
                $params[] = $primaryKey;
            }
            $res = mysqli_param_query($query, $params);
            if (mysqli_fetch_array($res)) {
                $warnings = sprintf($GLOBALS['locDuplicateValue'], $elem['label']);
                return false;
            }
        }
        if ($strFields) {
            $strFields .= ', ';
            $strInsert .= ', ';
            $strUpdateFields .= ', ';
        }
        $strFields .= $name;
        $fieldPlaceholder = '?';
        switch ($type) {
            case 'PASSWD':
                $fieldPlaceholder = 'md5(?)';
                $arrValues[] = $values[$name];
                break;
            case 'INT':
            case 'HID_INT':
            case 'SECHID_INT':
                $arrValues[] = $value !== '' && $value !== false ? str_replace(',', '.', $value) : ($elem['allow_null'] ? NULL : 0);
                break;
            case 'LIST':
            case 'SEARCHLIST':
                $arrValues[] = isset($values[$name]) ? $value !== '' ? str_replace(',', '.', $value) : NULL : NULL;
                break;
            case 'CHECK':
                $arrValues[] = $value ? 1 : 0;
                break;
            case 'INTDATE':
                $arrValues[] = $value ? dateConvDate2DBDate($value) : NULL;
                break;
            default:
                $arrValues[] = $value;
        }
        $strInsert .= $fieldPlaceholder;
        $strUpdateFields .= "{$name}={$fieldPlaceholder}";
    }
    if ($missingValues) {
        return $missingValues;
    }
    mysqli_query_check('SET AUTOCOMMIT = 0');
    mysqli_query_check('BEGIN');
    try {
        // Special case for invoice rows - update product stock balance
        if ($table == '{prefix}invoice_row') {
            updateProductStockBalance(isset($primaryKey) ? $primaryKey : null, isset($values['product_id']) ? $values['product_id'] : null, $values['pcs']);
        }
        if (!isset($primaryKey) || !$primaryKey) {
            if ($parentKeyName) {
                $strFields .= ", {$parentKeyName}";
                $strInsert .= ', ?';
                $arrValues[] = $parentKey;
            }
            $strQuery = "INSERT INTO {$table} ({$strFields}) VALUES ({$strInsert})";
            mysqli_param_query($strQuery, $arrValues, 'exception');
            $primaryKey = mysqli_insert_id($dblink);
        } else {
            // Special case for invoice - update product stock balance for all
            // invoice rows if the invoice was previously deleted
            if ($table == '{prefix}invoice') {
                $res = mysqli_param_query('SELECT deleted FROM {prefix}invoice WHERE id=?', [$primaryKey]);
                if (mysqli_fetch_value($res)) {
                    $res = mysqli_param_query('SELECT product_id, pcs FROM {prefix}invoice_row WHERE invoice_id=? AND deleted=0', [$primaryKey]);
                    while ($row = mysqli_fetch_assoc($res)) {
                        updateProductStockBalance(null, $row['product_id'], $row['pcs']);
                    }
                }
            }
            $strQuery = "UPDATE {$table} SET {$strUpdateFields}, deleted=0 WHERE id=?";
            $arrValues[] = $primaryKey;
            mysqli_param_query($strQuery, $arrValues, 'exception');
        }
    } catch (Exception $e) {
        mysqli_query_check('ROLLBACK');
        mysqli_query_check('SET AUTOCOMMIT = 1');
        die($e->getMessage());
    }
    mysqli_query_check('COMMIT');
    mysqli_query_check('SET AUTOCOMMIT = 1');
    // Special case for invoices - check for duplicate invoice numbers
    if ($table == '{prefix}invoice' && isset($values['invoice_no']) && $values['invoice_no']) {
        $query = 'SELECT ID FROM {prefix}invoice where deleted=0 AND id!=? AND invoice_no=?';
        $params = [$primaryKey, $values['invoice_no']];
        if (getSetting('invoice_numbering_per_base')) {
            $query .= ' AND base_id=?';
            $params[] = $values['base_id'];
        }
        if (getSetting('invoice_numbering_per_year')) {
            $query .= ' AND invoice_date >= ' . date('Y') . '0101';
        }
        $res = mysqli_param_query($query, $params);
        if (mysqli_fetch_assoc($res)) {
            $warnings = $GLOBALS['locInvoiceNumberAlreadyInUse'];
        }
    }
    return TRUE;
}
예제 #2
0
        $strQuery = 'SELECT * ' . 'FROM {prefix}invoice_row ' . 'WHERE deleted=0 AND invoice_id=?';
        $intRes = mysqli_param_query($strQuery, [$intInvoiceId], 'exception');
        while ($row = mysqli_fetch_assoc($intRes)) {
            if ($boolRefund) {
                $row['pcs'] = -$row['pcs'];
            } else {
                if ($row['reminder_row']) {
                    continue;
                }
            }
            unset($row['id']);
            $row['invoice_id'] = $intNewId;
            if (getSetting('invoice_update_row_dates_on_copy')) {
                $row['row_date'] = $newRowDate;
            }
            // Update product stock balance
            if ($row['product_id'] !== null) {
                updateProductStockBalance(null, $row['product_id'], $row['pcs']);
            }
            $strQuery = 'INSERT INTO {prefix}invoice_row(' . implode(', ', array_keys($row)) . ') ' . 'VALUES (' . str_repeat('?, ', count($row) - 1) . '?)';
            mysqli_param_query($strQuery, $row, 'exception');
        }
    } catch (Exception $e) {
        mysqli_query_check('ROLLBACK');
        mysqli_query_check('SET AUTOCOMMIT = 1');
        die($e->message);
    }
    mysqli_query_check('COMMIT');
    mysqli_query_check('SET AUTOCOMMIT = 1');
}
header('Location: ' . _PROTOCOL_ . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/index.php?func={$strFunc}&list={$strList}&form=invoice&id={$intNewId}");
예제 #3
0
function deleteRecord($table, $id)
{
    mysqli_query_check('BEGIN');
    try {
        // Special case for invoice_row - update product stock balance
        if ($table == '{prefix}invoice_row') {
            updateProductStockBalance($id, null, null);
        }
        // Special case for invoice - update all products in invoice rows
        if ($table == '{prefix}invoice') {
            $res = mysqli_param_query('SELECT id FROM {prefix}invoice_row WHERE invoice_id=? AND deleted=0', [$id], 'exception');
            while ($row = mysqli_fetch_assoc($res)) {
                updateProductStockBalance($row['id'], null, null);
            }
        }
        $query = "UPDATE {$table} SET deleted=1 WHERE id=?";
        mysqli_param_query($query, [$id], 'exception');
    } catch (Exception $e) {
        mysqli_query_check('ROLLBACK');
        throw $e;
    }
    mysqli_query_check('COMMIT');
}