// | Copyright(c) 2008-2014 PhreeSoft (www.PhreeSoft.com) |
// +-----------------------------------------------------------------+
// | This program is free software: you can redistribute it and/or |
// | modify it under the terms of the GNU General Public License as |
// | published by the Free Software Foundation, either version 3 of |
// | the License, or any later version. |
// | |
// | This program is distributed in the hope that it will be useful, |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
// | GNU General Public License for more details. |
// +-----------------------------------------------------------------+
// Path: /modules/work_orders/ajax/load_wo_detail.php
//
/************** Check user security *****************************/
$xml = NULL;
$security_level = validate_ajax_user();
/************** page specific initialization *************************/
$id = $_GET['id'];
if (!$id) {
echo createXmlHeader() . xmlEntry('error', 'Error - Bad ID passed.') . createXmlFooter();
die;
}
$result = $db->Execute("select display_name, admin_email from " . TABLE_USERS . " where admin_id = " . $_SESSION['admin_id']);
$xml = xmlEntry("id", $id);
$xml .= xmlEntry("sEmail", $result->fields['admin_email']);
$xml .= xmlEntry("sName", $result->fields['display_name']);
$xml .= xmlEntry("rEmail", '');
$xml .= xmlEntry("rName", '');
echo createXmlHeader() . $xml . createXmlFooter();
die;
// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
// | GNU General Public License for more details. |
// | |
// | The license that is bundled with this package is located in the |
// | file: /doc/manual/ch01-Introduction/license.html. |
// | If not, see http://www.gnu.org/licenses/ |
// +-----------------------------------------------------------------+
// Path: /modules/banking/ajax/acct_balance.php
//
/************** Check user security *****************************/
// None
/************** include page specific files *********************/
require DIR_FS_MODULES . 'banking/functions/banking.php';
/************** page specific initialization *************************/
$gl_acct_id = $_GET['gl_acct_id'] ? db_prepare_input($_GET['gl_acct_id']) : AP_PURCHASE_INVOICE_ACCOUNT;
$post_date = $_GET['post_date'] ? gen_db_date_short($_GET['post_date']) : date('Y-m-d', time());
$period = gen_calculate_period($post_date);
if (!$period) {
// bad post_date was submitted
$post_date = date('Y-m-d', time());
$period = 0;
}
$xml = xmlEntry("value", load_cash_acct_balance($post_date, $gl_acct_id, $period));
// error check
//put it all together
$str = createXmlHeader('acctbal');
$str .= $xml;
$str .= createXmlFooter();
echo $str;
die;
// | |
// | This program is distributed in the hope that it will be useful, |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
// | GNU General Public License for more details. |
// +-----------------------------------------------------------------+
// Path: /modules/work_orders/ajax/load_bom_list.php
//
/************** Check user security *****************************/
$security_level = validate_ajax_user();
/************** include page specific files *********************/
/************** page specific initialization *************************/
$xml = NULL;
$sku_id = $_GET['skuID'];
$qty = $_GET['qty'];
if (!$sku_id || !$qty) {
die;
}
$result = $db->Execute("select sku, description, qty from " . TABLE_INVENTORY_ASSY_LIST . " where ref_id = '" . $sku_id . "'");
$short = array();
while (!$result->EOF) {
$stock = $db->Execute("select quantity_on_hand, quantity_on_sales_order, quantity_on_allocation \n from " . TABLE_INVENTORY . " where sku = '" . $result->fields['sku'] . "' limit 1");
$qty_available = $stock->fields['quantity_on_hand'] - $stock->fields['quantity_on_sales_order'] - $stock->fields['quantity_on_allocation'];
if ($qty_available < $qty * $result->fields['qty']) {
$short[] = sprintf(WO_TEXT_PARTS_SHORTAGE, $qty_available, $qty * $result->fields['qty'], $result->fields['sku'], $result->fields['description']);
}
$result->MoveNext();
}
$shortage = sizeof($short) == 0 ? 'none' : implode(chr(10), $short);
echo createXmlHeader() . xmlEntry("shortage", $shortage) . createXmlFooter();
die;
$tables[] = $_GET['table1'];
while (true) {
if (!isset($_GET['table' . $i])) {
break;
}
$joinopt = isset($_GET['joinopt' . $i]) ? $_GET['joinopt' . $i] : 'JOIN';
$strTable .= ' ' . $joinopt . ' ' . DB_PREFIX . $_GET['table' . $i] . ' on ' . $_GET['table' . $i . 'criteria'];
$tables[] = $_GET['table' . $i];
$i++;
if ($runaway++ > 100) {
echo createXmlHeader() . xmlEntry('error', 'Runaway counter expired.') . createXmlFooter();
die;
}
}
foreach ($tables as $table) {
// prefix the criteria
$strTable = str_replace($table . '.', DB_PREFIX . $table . '.', $strTable);
}
$sql = "select * from " . $strTable . " limit 1";
$result = $db->Execute_return_error($sql);
// if we have a row, sql was valid
if ($db->error_number) {
$message = sprintf(PHREEFORM_AJAX_BAD_DB_REFERENCE, $db->error_number . ' - ' . $db->error_text, $sql);
} elseif ($result->RecordCount() == 0) {
// no rows were returned, could be no data yet so just warn and continue
$message = PHREEFORM_AJAX_NO_TABLE_DATA;
} else {
$message = PHREEFORM_AJAX_DB_SUCCESS;
}
echo createXmlHeader() . xmlEntry("message", $message) . createXmlFooter();
die;
while (!$bill_add->EOF) {
$xml .= "\t<billaddress>\n";
foreach ($bill_add->fields as $key => $value) {
$xml .= "\t\t" . xmlEntry($key, $value);
}
$xml .= "\t</billaddress>\n";
$bill_add->MoveNext();
}
}
if ($bill->fields) {
// there was an bill to open
$xml .= "\t<bill>\n";
foreach ($bill->fields as $key => $value) {
$xml .= "\t\t" . xmlEntry($key, $value);
}
$xml .= "\t</bill>\n";
}
foreach ($item_list as $item) {
// there should always be invoices to pull
$xml .= "\t<items>\n";
foreach ($item as $key => $value) {
$xml .= "\t\t" . xmlEntry($key, $value);
}
$xml .= "\t</items>\n";
}
//put it all together
$str = createXmlHeader($function_name);
$str .= $xml;
$str .= createXmlFooter();
echo $str;
die;
$xml .= "<bom>\n";
$xml .= "\t" . xmlEntry("qty", $value['qty']);
$xml .= "\t" . xmlEntry("sku", $value['sku']);
$xml .= "\t" . xmlEntry("description_short", $value['description_short']);
$xml .= "\t" . xmlEntry("item_cost", $value['item_cost']);
$xml .= "\t" . xmlEntry("quantity_on_hand", $value['quantity_on_hand']);
$xml .= "</bom>\n";
}
}
$xml .= xmlEntry("assy_cost", $assy_cost);
// build where used
foreach ($sku_usage as $value) {
$xml .= "<sku_usage>\n";
$xml .= "\t" . xmlEntry("text_line", $value);
$xml .= "</sku_usage>\n";
}
// build the sales price
$xml .= xmlEntry("sales_price", $sales_price);
// build the stock status
if (sizeof($stock_note) > 0) {
foreach ($stock_note as $value) {
$xml .= "<stock_note>\n";
$xml .= "\t" . xmlEntry("text_line", $value);
$xml .= "</stock_note>\n";
}
}
$str = createXmlHeader($fID);
$str .= $xml;
$str .= createXmlFooter();
echo $str;
die;
function isLoadByZendExtension()
{
$warning = error_get_last();
if (isset($warning) && is_array($warning) && strcasecmp($warning["message"], "Xdebug MUST be loaded as a Zend extension") == 0) {
return "0";
}
return "1";
}
function validateZendDebugger()
{
$element = array();
$element["name"] = ZEND_DEBUGGER;
$element["enable"] = htmlspecialchars(ini_get("zend_debugger.expose_remotely"));
$element["host"] = htmlspecialchars(ini_get("zend_debugger.allow_hosts"));
return $element;
}
$result = createXmlHeader();
$content = "";
$file = php_ini_loaded_file();
$content .= createXmlElement("path_to_ini", array("path" => htmlspecialchars($file)));
$xdebug = extension_loaded(XDEBUG);
if ($xdebug) {
$config = validateXdebug();
$content .= createXmlElement("debugger", $config);
}
$zend_debug = extension_loaded(ZEND_DEBUGGER);
if ($zend_debug) {
$config = validateZendDebugger();
$content .= createXmlElement("debugger", $config);
}
echo $result . createXmlElement("validation", array(), $content);
function Execute($zf_sql, $zf_limit = false, $zf_cache = false, $zf_cachetime = 0)
{
global $zc_cache, $messageStack;
if ($zf_limit) {
$zf_sql = $zf_sql . ' LIMIT ' . $zf_limit;
}
if ($zf_cache and $zc_cache->sql_cache_exists($zf_sql) and !$zc_cache->sql_cache_is_expired($zf_sql, $zf_cachetime)) {
$obj = new queryFactoryResult();
$obj->cursor = 0;
$obj->is_cached = true;
$obj->sql_query = $zf_sql;
$zp_result_array = $zc_cache->sql_cache_read($zf_sql);
$obj->result = $zp_result_array;
if (sizeof($zp_result_array) > 0) {
$obj->EOF = false;
while (list($key, $value) = each($zp_result_array[0])) {
$obj->fields[$key] = $value;
}
return $obj;
} else {
$obj->EOF = true;
}
} elseif ($zf_cache) {
$zc_cache->sql_cache_expire_now($zf_sql);
$time_start = explode(' ', microtime());
$obj = new queryFactoryResult();
$obj->sql_query = $zf_sql;
if (!$this->db_connected) {
$this->set_error('0', DB_ERROR_NOT_CONNECTED);
}
$zp_db_resource = @mysql_query($zf_sql, $this->link);
if (!$zp_db_resource) {
$this->set_error(@mysql_errno(), @mysql_error());
}
$obj->resource = $zp_db_resource;
$obj->cursor = 0;
$obj->is_cached = true;
if ($obj->RecordCount() > 0) {
$obj->EOF = false;
$zp_ii = 0;
while (!$obj->EOF) {
$zp_result_array = @mysql_fetch_array($zp_db_resource);
if ($zp_result_array) {
while (list($key, $value) = each($zp_result_array)) {
if (!preg_match('/^[0-9]/', $key)) {
$obj->result[$zp_ii][$key] = $value;
}
}
} else {
$obj->Limit = $zp_ii;
$obj->EOF = true;
}
$zp_ii++;
}
while (list($key, $value) = each($obj->result[$obj->cursor])) {
if (!preg_match('/^[0-9]/', $key)) {
$obj->fields[$key] = $value;
}
}
$obj->EOF = false;
} else {
$obj->EOF = true;
}
$zc_cache->sql_cache_store($zf_sql, $obj->result);
$time_end = explode(' ', microtime());
$query_time = $time_end[1] + $time_end[0] - $time_start[1] - $time_start[0];
$this->total_query_time += $query_time;
$this->count_queries++;
return $obj;
} else {
$time_start = explode(' ', microtime());
$obj = new queryFactoryResult();
if (!$this->db_connected) {
$this->set_error('0', DB_ERROR_NOT_CONNECTED);
}
$zp_db_resource = @mysql_query($zf_sql, $this->link);
if (!$zp_db_resource) {
if ($_POST['page'] == 'ajax' || $_GET['page'] == 'ajax') {
$messageStack->debug("\n\nThe failing sql was: " . $zf_sql);
$messageStack->debug("\n\nmySQL returned: " . @mysql_errno($this->link) . ' ' . @mysql_error($this->link));
if (defined('FILENAME_DEFAULT')) {
$messageStack->write_debug();
}
echo createXmlHeader() . xmlEntry('error', 'There was a SQL Error: ' . @mysql_error($this->link)) . createXmlFooter();
die;
}
if (method_exists($messageStack, 'debug')) {
$messageStack->debug("\n\nThe failing sql was: " . $zf_sql);
$messageStack->debug("\n\nmySQL returned: " . @mysql_errno($this->link) . ' ' . @mysql_error($this->link));
if (defined('FILENAME_DEFAULT')) {
$messageStack->write_debug();
$messageStack->add('The last transaction had a SQL database error.', 'error');
gen_redirect(html_href_link(FILENAME_DEFAULT, 'cat=phreedom&page=main&action=crash', 'SSL'));
} else {
echo str_replace("\n", '<br />', $messageStack->debug_info);
die;
}
} else {
echo str_replace("\n", '<br />', $messageStack->debug_info);
die;
}
}
$obj->resource = $zp_db_resource;
$obj->cursor = 0;
if ($obj->RecordCount() > 0) {
$obj->EOF = false;
$zp_result_array = @mysql_fetch_array($zp_db_resource);
if ($zp_result_array) {
while (list($key, $value) = each($zp_result_array)) {
if (!preg_match('/^[0-9]/', $key)) {
$obj->fields[$key] = $value;
}
}
$obj->EOF = false;
} else {
$obj->EOF = true;
}
} else {
$obj->EOF = true;
}
$time_end = explode(' ', microtime());
$query_time = $time_end[1] + $time_end[0] - $time_start[1] - $time_start[0];
$this->total_query_time += $query_time;
$this->count_queries++;
//$messageStack->add("query execution time = $query_time and sql = $zf_sql<br>".chr(13));
return $obj;
}
}
$xml .= xmlEntry('result', 'success');
if ($contact->fields) {
$xml .= "\t<contact>\n";
foreach ($contact->fields as $key => $value) {
$xml .= "\t" . xmlEntry($key, $value);
}
$xml .= "\t</contact>\n";
}
if ($bill_add->fields) {
while (!$bill_add->EOF) {
$xml .= "\t<billaddress>\n";
foreach ($bill_add->fields as $key => $value) {
$xml .= "\t" . xmlEntry($key, $value);
}
$xml .= "\t</billaddress>\n";
$bill_add->MoveNext();
}
}
if (ENABLE_SHIPPING_FUNCTIONS && $ship_add->fields) {
while (!$ship_add->EOF) {
$xml .= "\t<shipaddress>\n";
foreach ($ship_add->fields as $key => $value) {
$xml .= "\t" . xmlEntry($key, $value);
}
$xml .= "\t</shipaddress>\n";
$ship_add->MoveNext();
}
}
//put it all together
echo createXmlHeader($function_name) . $xml . createXmlFooter();
die;
function PhreebooksExceptionHandler($exception)
{
global $messageStack;
if ($_POST['page'] == 'ajax' || $_GET['page'] == 'ajax') {
echo createXmlHeader() . xmlEntry('error', "Exception: " . $exception->getMessage()) . createXmlFooter();
die;
}
$messageStack->add($exception->getMessage(), 'error');
$text = date('Y-m-d H:i:s') . " User: "******" Company: " . $_SESSION['company'];
$text .= " Exception: '" . $exception->getMessage() . "' line " . $exception->getLine() . " in file " . $exception->getFile();
if (DEBUG) {
error_log($text . PHP_EOL, 3, DIR_FS_MY_FILES . "/errors.log");
}
}
$module = $_GET['module'];
} else {
$module = 'phreedom';
}
if (isset($_POST['page'])) {
$page = $_POST['page'];
} elseif (isset($_GET['page'])) {
$page = $_GET['page'];
} else {
$page = 'main';
}
$user_validated = false;
require_once 'includes/application_top.php';
if (!$user_validated) {
if ($page == 'ajax') {
echo createXmlHeader() . xmlEntry('error', SORRY_YOU_ARE_LOGGED_OUT) . createXmlFooter();
die;
}
$_SESSION['pb_cat'] = isset($_GET['module']) ? $_GET['module'] : '';
$_SESSION['pb_module'] = isset($_GET['page']) ? $_GET['page'] : '';
$_SESSION['pb_jID'] = isset($_GET['jID']) ? $_GET['jID'] : '';
$_SESSION['pb_type'] = isset($_GET['type']) ? $_GET['type'] : '';
$module = 'phreedom';
$page = 'main';
if (!isset($_REQUEST['action']) || $_REQUEST['action'] != 'validate') {
$_REQUEST['action'] = 'login';
}
} else {
unset($_SESSION['pb_cat']);
unset($_SESSION['pb_module']);
unset($_SESSION['pb_jID']);
// | http://www.PhreeSoft.com |
// +-----------------------------------------------------------------+
// | This program is free software: you can redistribute it and/or |
// | modify it under the terms of the GNU General Public License as |
// | published by the Free Software Foundation, either version 3 of |
// | the License, or any later version. |
// | |
// | This program is distributed in the hope that it will be useful, |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
// | GNU General Public License for more details. |
// | |
// | The license that is bundled with this package is located in the |
// | file: /doc/manual/ch01-Introduction/license.html. |
// | If not, see http://www.gnu.org/licenses/ |
// +-----------------------------------------------------------------+
// Path: /modules/general/ajax/refresh_session.php
//
/************** Check user security *****************************/
// None
/************** include page specific files *********************/
// None
/************** page specific initialization *************************/
$xml = NULL;
$xml .= xmlEntry("action", 'bump');
//put it all together
$str = createXmlHeader('sessionTimeout');
$str .= $xml;
$str .= createXmlFooter();
echo $str;
die;
function GenerateXMLFile($Data, $report, $delivery_method = 'D')
{
// for csv reports only
global $Heading, $posted_currencies;
// Now write each data line and totals
print_r($Data);
foreach ($Data as $myrow) {
$xml .= '<Row>' . chr(10);
$Action = array_shift($myrow);
$todo = explode(':', $Action);
// contains a letter of the date type and title/groupname
switch ($todo[0]) {
case "r":
// Report Total
// Report Total
case "g":
// Group Total
$Desc = $todo[0] == 'g' ? TEXT_GROUP_TOTAL_FOR : TEXT_REPORT_TOTAL_FOR;
$xml .= '<' . $Desc . '>' . $todo[1] . '</' . $Desc . '>' . chr(10);
// Now write the total data like any other data row
// Now write the total data like any other data row
case "d":
// Data
// Data
default:
$i = 0;
foreach ($Heading as $title) {
//foreach ($myrow as $mycolumn) { // check for embedded commas and enclose in quotes
$xml .= '<' . $title . '>' . $myrow[$i] . '</' . $title . '>' . chr(10);
$i++;
}
}
$xml .= '</Row>' . chr(10);
}
$ReportName = ReplaceNonAllowedCharacters($report->title) . '.csv';
if ($delivery_method == 'S') {
return array('filename' => $ReportName, 'pdf' => $CSVOutput);
}
global $db, $messageStack;
$error = false;
$output = '<?xml version="1.0" encoding="UTF-8" standalone="yes"?>' . chr(10);
$output .= '<PhreeformReport>' . chr(10);
$output .= $xml;
$output .= '</PhreeformReport>' . chr(10);
print $output;
exit;
echo createXmlHeader() . $xml . createXmlFooter();
die;
}
// +-----------------------------------------------------------------+
// Path: /modules/accounts/ajax/load_contact_info.php
//
/************** Check user security *****************************/
// None
/************** include page specific files *********************/
/************** page specific initialization *************************/
$guess = db_prepare_input($_GET['guess']);
$xml = NULL;
if (!$guess) {
die;
}
$search_fields = array('a.primary_name', 'a.contact', 'a.telephone1', 'a.telephone2', 'a.telephone4', 'a.city_town', 'a.postal_code', 'c.id', 'c.short_name');
$search = ' and (' . implode(' like \'%' . $guess . '%\' or ', $search_fields) . ' like \'%' . $guess . '%\')';
$field_list = array('c.id', 'c.short_name', 'a.primary_name');
$query_raw = "select " . implode(', ', $field_list) . " \r\n\tfrom " . TABLE_CONTACTS . " c left join " . TABLE_ADDRESS_BOOK . " a on c.id = a.ref_id \r\n\twhere a.type in ('cm', 'vm')" . $search;
$result = $db->Execute($query_raw);
$xml .= xmlEntry("guess", $guess);
while (!$result->EOF) {
$xml .= "\t<guesses>\n";
$xml .= "\t" . xmlEntry("id", $result->fields['id']);
$xml .= "\t" . xmlEntry("guess", $result->fields['short_name'] . ' - ' . $result->fields['primary_name']);
$xml .= "\t</guesses>\n";
$result->MoveNext();
}
//put it all together
$str = createXmlHeader('contactList');
$str .= $xml;
$str .= createXmlFooter();
echo $str;
die;
