function credit_form_export_process($type, $returnpage_error, $returnpage_success)
{
log_debug("inc_credits_forms", "Executing credit_form_export_process({$type}, {$returnpage_error}, {$returnpage_success})");
/*
Start the credit
*/
$credit = new credit();
$credit->type = $type;
/*
Fetch all form data
*/
// get the ID for an edit
$credit->id = @security_form_input_predefined("int", "id_credit", 1, "");
// general details
$data["formname"] = @security_form_input_predefined("any", "formname", 1, "");
if ($data["formname"] == "credit_export_email") {
// send email
$data["sender"] = @security_form_input_predefined("any", "sender", 1, "");
$data["subject"] = @security_form_input_predefined("any", "subject", 1, "");
$data["email_to"] = @security_form_input_predefined("multiple_email", "email_to", 1, "");
$data["email_cc"] = @security_form_input_predefined("multiple_email", "email_cc", 0, "");
$data["email_bcc"] = @security_form_input_predefined("multiple_email", "email_bcc", 0, "");
$data["message"] = @security_form_input_predefined("any", "email_message", 1, "");
// check if email sending is permitted
if (sql_get_singlevalue("SELECT value FROM config WHERE name='EMAIL_ENABLE'") != "enabled") {
log_write("error", "inc_credits_process", "Sorry, the ability to email credits has been disabled. Please contact your system administrator if you require this feature to be enabled.");
}
} else {
// PDF download
$data["credit_mark_as_sent"] = @security_form_input_predefined("any", "credit_mark_as_sent", 0, "");
}
// make sure that the credit exists
$sql_obj = new sql_query();
$sql_obj->string = "SELECT id FROM `account_" . $credit->type . "` WHERE id='" . $credit->id . "'";
$sql_obj->execute();
if (!$sql_obj->num_rows()) {
$_SESSION["error"]["message"][] = "The credit you have attempted to edit - " . $credit->id . " - does not exist in this system.";
}
//// ERROR CHECKING ///////////////////////
/// if there was an error, go back to the entry page
if (!empty($_SESSION["error"]["message"])) {
header("Location: ../../index.php?page={$returnpage_error}&id=" . $credit->id . "");
exit(0);
} else {
if ($data["formname"] == "credit_export_email") {
/*
Generate a PDF of the credit and email it to the customer
*/
// stripslashes from the variables - by default all input variables are quoted for security reasons but
// we don't want this going through to the email.
$data["subject"] = stripslashes($data["subject"]);
$data["message"] = stripslashes($data["message"]);
// send email
$credit->load_data();
$credit->email_credit($data["sender"], $data["email_to"], $data["email_cc"], $data["email_bcc"], $data["subject"], $data["message"]);
$_SESSION["notification"]["message"][] = "Email sent successfully.";
} else {
/*
Mark credit as being sent if user requests it
*/
if ($data["credit_mark_as_sent"]) {
$sql_obj = new sql_query();
$sql_obj->string = "UPDATE account_" . $credit->type . " SET date_sent='" . date("Y-m-d") . "', sentmethod='manual' WHERE id='" . $credit->id . "'";
$sql_obj->execute();
}
/*
Provide PDF to user's browser
*/
// generate PDF
$credit->load_data();
$credit->generate_pdf();
// PDF headers
if ($type == "quotes") {
$filename = "/tmp/quote_" . $credit->data["code_quote"] . ".pdf";
} else {
$filename = "/tmp/credit_" . $credit->data["code_credit"] . ".pdf";
}
// required for IE, otherwise Content-disposition is ignored
if (ini_get('zlib.output_compression')) {
ini_set('zlib.output_compression', 'Off');
}
header("Pragma: public");
// required
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: private", false);
// required for certain browsers
header("Content-Type: application/pdf");
header("Content-Disposition: attachment; filename=\"" . basename($filename) . "\";");
header("Content-Transfer-Encoding: binary");
// output the PDF
print $credit->obj_pdf->output;
exit(0);
}
// display updated details
header("Location: ../../index.php?page={$returnpage_success}&id=" . $credit->id . "");
exit(0);
}
// end if passed tests
}
function get_credit_pdf($id, $credittype)
{
log_debug('invoices_manage_soap', "Executing get_creditnote_pdf({$id}, {$credittype})");
// check the credit type
if ($credittype != 'ar' && $credittype != 'ap') {
throw new SoapFault('Sender', 'INVALID_CREDIT_TYPE');
}
if (user_permissions_get('accounts_' . $credittype . '_view')) {
$obj_credit = new credit();
$obj_credit->type = $credittype;
// sanitise input
$obj_credit->id = @security_script_input_predefined('int', $id);
if (!$obj_credit->id || $obj_credit->id == 'error') {
throw new SoapFault('Sender', 'INVALID_INPUT');
}
// load data from DB for this credit note
if (!$obj_credit->load_data()) {
throw new SoapFault('Sender', 'UNEXPECTED_ACTION_ERROR');
}
// generate PDF
$obj_credit->generate_pdf();
// return data
return base64_encode($obj_credit->obj_pdf->output);
} else {
throw new SoapFault('Sender', 'ACCESS_DENIED');
}
}
