if (!empty($_POST['taxrate'])) { foreach ($_POST['taxrate'] as $key => $value) { $taxrates .= "{$key}:"; } } if ($mode == "delete") { sqlStatement("DELETE FROM codes WHERE id = ?", array($code_id)); $code_id = 0; } else { if ($mode == "add" || $mode == "modify_complete") { // this covers both adding and modifying $crow = sqlQuery("SELECT COUNT(*) AS count FROM codes WHERE " . "code_type = '" . ffescape($code_type) . "' AND " . "code = '" . ffescape($code) . "' AND " . "modifier = '" . ffescape($modifier) . "' AND " . "id != '" . add_escape_custom($code_id) . "'"); if ($crow['count']) { $alertmsg = xl('Cannot add/update this entry because a duplicate already exists!'); } else { $sql = "code = '" . ffescape($code) . "', " . "code_type = '" . ffescape($code_type) . "', " . "code_text = '" . ffescape($code_text) . "', " . "modifier = '" . ffescape($modifier) . "', " . "superbill = '" . ffescape($superbill) . "', " . "related_code = '" . ffescape($related_code) . "', " . "cyp_factor = '" . ffescape($cyp_factor) . "', " . "taxrates = '" . ffescape($taxrates) . "', " . "active = " . add_escape_custom($active) . ", " . "financial_reporting = " . add_escape_custom($financial_reporting) . ", " . "reportable = " . add_escape_custom($reportable); if ($code_id) { $query = "UPDATE codes SET {$sql} WHERE id = ?"; sqlStatement($query, array($code_id)); sqlStatement("DELETE FROM prices WHERE pr_id = ? AND " . "pr_selector = ''", array($code_id)); } else { $code_id = sqlInsert("INSERT INTO codes SET {$sql}"); } if (!$alertmsg) { foreach ($_POST['fee'] as $key => $value) { $value = $value + 0; if ($value) { sqlStatement("INSERT INTO prices ( " . "pr_id, pr_selector, pr_level, pr_price ) VALUES ( " . "?, '', ?, ?)", array($code_id, $key, $value)); } } $code = $code_type = $code_text = $modifier = $superbill = "";
} } } $related_desc = ''; if (!empty($related_code)) { $related_desc = $related_code; } $fstart = $_REQUEST['fstart'] + 0; $filter = $_REQUEST['filter'] + 0; $search = $_REQUEST['search']; $where = "1 = 1"; if ($filter) { $where .= " AND code_type = '{$filter}'"; } if (!empty($search)) { $where .= " AND code LIKE '" . ffescape($search) . "%'"; } $crow = sqlQuery("SELECT count(*) AS count FROM codes WHERE {$where}"); $count = $crow['count']; if ($fstart >= $count) { $fstart -= $pagesize; } if ($fstart < 0) { $fstart = 0; } $fend = $fstart + $pagesize; if ($fend > $count) { $fend = $count; } ?>