function btn_delete() { global $db, $messageStack; if ($this->security_id < 4) { $messageStack->add_session(ERROR_NO_PERMISSION, 'error'); return false; } $countries_id = db_prepare_input($_POST['rowSeq']); $result = $db->Execute("select countries_name from " . $this->db_table . " where countries_id = " . (int) $countries_id); $db->Execute("delete from " . $this->db_table . " where countries_id = " . (int) $countries_id); gen_add_audit_log(SETUP_LOG_COUNTRIES . TEXT_DELETE, $result->fields['countries_name']); return true; }
function btn_delete() { global $db, $messageStack; if ($this->security_id < 4) { $messageStack->add_session(ERROR_NO_PERMISSION, 'error'); return false; } $tax_auth_id = db_prepare_input($_POST['rowSeq']); // Check for this authority being used in a tax rate calculation, if so do not delete $result = $db->Execute("select tax_auths from " . TABLE_JOURNAL_MAIN . " \r\n\t\twhere tax_auths like '%" . $tax_auth_id . "%'"); while (!$result->EOF) { $auth_ids = explode(':', $result->fields['tax_auths']); for ($i = 0; $i < count($auth_ids); $i++) { if ($tax_auth_id == $auth_ids[$i]) { $messageStack->add(SETUP_TAX_AUTHS_DELETE_ERROR, 'error'); return false; } } $result->MoveNext(); } // OK to delete $result = $db->Execute("select description_short from " . $this->db_table . " where tax_auth_id = " . (int) $tax_auth_id); $db->Execute("delete from " . $this->db_table . " where tax_auth_id = " . (int) $tax_auth_id); gen_add_audit_log(SETUP_TAX_AUTHS_LOG . TEXT_DELETE, $result->fields['description_short']); return true; }
function btn_save($id = '') { global $db, $messageStack; if ($_SESSION['admin_security'][SECURITY_ID_CONFIGURATION] < 2) { $messageStack->add_session(ERROR_NO_PERMISSION, 'error'); return false; } $tab_name = db_prepare_input($_POST['tab_name']); $sql_data_array = array('module_id' => 'assets', 'tab_name' => db_prepare_input($_POST['tab_name']), 'description' => db_prepare_input($_POST['description']), 'sort_order' => db_prepare_input($_POST['sort_order'])); if ($id) { db_perform(TABLE_EXTRA_TABS, $sql_data_array, 'update', "id = " . $id); gen_add_audit_log(sprintf(EXTRA_TABS_LOG, TEXT_UPDATE), $tab_name); } else { // Test for duplicates. $result = $db->Execute("select id from " . TABLE_EXTRA_TABS . " where module_id='assets' and tab_name='" . $tab_name . "'"); if ($result->RecordCount() > 0) { $messageStack->add(EXTRA_TABS_DELETE_ERROR, 'error'); return false; } $sql_data_array['id'] = db_prepare_input($_POST['rowSeq']); db_perform(TABLE_EXTRA_TABS, $sql_data_array); gen_add_audit_log(sprintf(EXTRA_TABS_LOG, TEXT_ADD), $tab_name); } return true; }
function Update() { if (count($this->params) == 0) { $this->params['num_rows'] = db_prepare_input($_POST['todays_orders_field_0']); } parent::Update(); }
function Update() { global $db; $admin_id = $_SESSION['admin_id']; $my_title = db_prepare_input($_POST['my_title']); $my_url = db_prepare_input($_POST['my_url']); $remove_id = db_prepare_input($_POST[$this->module_id . '_rId']); $page_id = $_GET['module'] ? $_GET['module'] : 'index'; // do nothing if no title or url entered if (!$remove_id && ($my_title == '' || $my_url == '')) { return; } // fetch the current params $result = $db->Execute("select params from " . TABLE_USERS_PROFILES . "\r\n\t\t\twhere page_id = '" . $page_id . "' and user_id = " . $admin_id . " and module_id = '" . $this->module_id . "'"); if ($remove_id) { // remove element $params = unserialize($result->fields['params']); $first_part = array_slice($params, 0, $remove_id - 1); $last_part = array_slice($params, $remove_id); $params = array_merge($first_part, $last_part); } elseif ($result->fields['params']) { // append new url and sort $params = unserialize($result->fields['params']); $params[$my_title] = $my_url; ksort($params); } else { // first entry $params = array($my_title => $my_url); } $db->Execute("update " . TABLE_USERS_PROFILES . " set params = '" . serialize($params) . "' \r\n\t\t\twhere user_id = " . $admin_id . " and page_id = '" . $page_id . "' and module_id = '" . $this->module_id . "'"); }
function btn_delete() { global $db, $messageStack; if ($this->security_id < 4) { $messageStack->add_session(ERROR_NO_PERMISSION, 'error'); return false; } $phase_id = db_prepare_input($_POST['rowSeq']); /* // Check for this project phase being used in a journal entry, if so do not allow deletion $result = $db->Execute("select projects from " . TABLE_JOURNAL_ITEM . " where projects like '%" . $phase_id . "%'"); while (!$result->EOF) { $phase_ids = explode(':', $result->fields['projects']); for ($i = 0; $i < count($phase_ids); $i++) { if ($phase_id == $phase_ids[$i]) { $messageStack->add(SETUP_PROJECT_PHASESS_DELETE_ERROR,'error'); return false; } } $result->MoveNext(); } */ // OK to delete $result = $db->Execute("select description_short from " . $this->db_table . " where phase_id = " . (int) $phase_id); $db->Execute("delete from " . $this->db_table . " where phase_id = " . (int) $phase_id); gen_add_audit_log(SETUP_PROJECT_PHASESS_LOG . TEXT_DELETE, $result->fields['description_short']); return true; }
function Update() { if (count($this->params) == 0) { $this->params['num_rows'] = db_prepare_input($_POST['open_inv_branch_field_0']); } parent::Update(); }
function btn_save($id = '') { global $db, $messageStack; if ($this->security_id < 2) { $messageStack->add(ERROR_NO_PERMISSION, 'error'); return false; } if ($_POST['subdepartment'] && !$_POST['primary_dept_id']) { $_POST['subdepartment'] = '0'; } if (!$_POST['subdepartment']) { $_POST['primary_dept_id'] = ''; } if ($_POST['primary_dept_id'] == $id) { $messageStack->add(HR_DEPARTMENT_REF_ERROR, 'error'); $this->error = true; return false; } // OK to save $sql_data_array = array('description_short' => db_prepare_input($_POST['description_short']), 'description' => db_prepare_input($_POST['description']), 'subdepartment' => db_prepare_input($_POST['subdepartment']), 'primary_dept_id' => db_prepare_input($_POST['primary_dept_id']), 'department_type' => db_prepare_input($_POST['department_type']), 'department_inactive' => db_prepare_input($_POST['department_inactive'] ? '1' : '0')); if ($id) { db_perform($this->db_table, $sql_data_array, 'update', "id = '" . $id . "'"); gen_add_audit_log(HR_LOG_DEPARTMENTS . TEXT_UPDATE, $id); } else { $sql_data_array['id'] = db_prepare_input($_POST['id']); db_perform($this->db_table, $sql_data_array); gen_add_audit_log(HR_LOG_DEPARTMENTS . TEXT_ADD, $id); } return true; }
function Update() { if (count($this->params) == 0) { $this->params['num_rows'] = db_prepare_input($_POST['todays_audit_log_num_rows']); } parent::Update(); }
function objectInfo($object_array) { reset($object_array); while (list($key, $value) = each($object_array)) { $this->{$key} = db_prepare_input($value); } }
public function __construct() { foreach ($_POST as $key => $value) { $this->{$key} = db_prepare_input($value); } $this->id = isset($_POST['sID']) ? $_POST['sID'] : $_GET['sID']; }
function Update() { global $db; $my_note = db_prepare_input($_POST['my_notes_field_0']); $remove_id = db_prepare_input($_POST['my_notes_rId']); // do nothing if no title or url entered if (!$remove_id && $my_note == '') { return; } // fetch the current params $result = $db->Execute("select params from " . TABLE_USERS_PROFILES . "\n\t\t where user_id = " . $_SESSION['admin_id'] . " and menu_id = '" . $this->menu_id . "' \n\t\t and dashboard_id = '" . $this->dashboard_id . "'"); if ($remove_id) { // remove element $this->params = unserialize($result->fields['params']); $first_part = array_slice($this->params, 0, $remove_id - 1); $last_part = array_slice($this->params, $remove_id); $this->params = array_merge($first_part, $last_part); } elseif ($result->fields['params']) { // append new note and sort $this->params = unserialize($result->fields['params']); $this->params[] = $my_note; } else { // first entry $this->params[] = $my_note; } ksort($this->params); db_perform(TABLE_USERS_PROFILES, array('params' => serialize($this->params)), "update", "user_id = " . $_SESSION['admin_id'] . " and menu_id = '" . $this->menu_id . "' and dashboard_id = '" . $this->dashboard_id . "'"); }
function Update() { global $db; $my_title = db_prepare_input($_POST['company_links_field_0']); $my_url = db_prepare_input($_POST['company_links_field_1']); $remove_id = db_prepare_input($_POST[$this->dashboard_id . '_rId']); // do nothing if no title or url entered if (!$remove_id && ($my_title == '' || $my_url == '')) { return; } // fetch the current params $result = $db->Execute("select params from " . TABLE_USERS_PROFILES . "\n\t\t where menu_id = '" . $this->menu_id . "' and dashboard_id = '" . $this->dashboard_id . "'"); // just need one if ($remove_id) { // remove element $this->params = unserialize($result->fields['params']); $first_part = array_slice($this->params, 0, $remove_id - 1); $last_part = array_slice($this->params, $remove_id); $this->params = array_merge($first_part, $last_part); } elseif ($result->fields['params']) { // append new url and sort $this->params = unserialize($result->fields['params']); $this->params[$my_title] = $my_url; } else { // first entry $this->params[$my_title] = $my_url; } ksort($this->params); db_perform(TABLE_USERS_PROFILES, array('params' => serialize($this->params)), "update", "menu_id = '" . $this->menu_id . "' and dashboard_id = '" . $this->dashboard_id . "'"); }
public function __construct() { $this->security_id = $_SESSION['admin_security'][SECURITY_ID_CONFIGURATION]; foreach ($_POST as $key => $value) { $this->{$key} = db_prepare_input($value); } $this->id = isset($_POST['sID']) ? $_POST['sID'] : $_GET['sID']; }
function btn_save($id = '') { if (parent::btn_save($id = '')) { $sql_data_array['use_in_inventory_filter'] = db_prepare_input($_POST['use_in_inventory_filter']); db_perform(TABLE_EXTRA_FIELDS, $sql_data_array, 'update', "id = {$this->id}"); return true; } return false; }
function postAssign(&$smartyobj, $postArray = '') { if (!is_array($postArray)) { $postArray = $_POST; } foreach ($postArray as $key => $value) { $smartyobj->assign($key, db_prepare_input($value)); } }
public function __construct() { $this->security_id = $_SESSION['admin_security'][SECURITY_ID_CONFIGURATION]; foreach ($_POST as $key => $value) { $this->{$key} = db_prepare_input($value); } $this->id = isset($_POST['sID']) ? $_POST['sID'] : $_GET['sID']; $this->store_ids = gen_get_store_ids(); if ($_REQUEST['page'] == 'main') { $this->showDropDown(); } }
function prestamo() { global $order; $this->code = 'prestamo'; $this->title = MODULE_PAYMENT_PRESTAMO_TEXT_TITLE; $this->description = MODULE_PAYMENT_PRESTAMO_TEXT_DESCRIPTION; $this->sort_order = MODULE_PAYMENT_PRESTAMO_SORT_ORDER; $this->enabled = MODULE_PAYMENT_PRESTAMO_STATUS == 'True' ? true : false; if ((int) MODULE_PAYMENT_PRESTAMO_ORDER_STATUS_ID > 0) { $this->order_status = MODULE_PAYMENT_PRESTAMO_ORDER_STATUS_ID; } $this->payment_fields = db_prepare_input($_POST['prestamo_ref']); }
function bancopopular() { global $order; $this->code = 'bancopopular'; $this->title = MODULE_PAYMENT_BANCOPOPULAR_TEXT_TITLE; $this->description = MODULE_PAYMENT_BANCOPOPULAR_TEXT_DESCRIPTION; $this->sort_order = MODULE_PAYMENT_BANCOPOPULAR_SORT_ORDER; $this->enabled = MODULE_PAYMENT_BANCOPOPULAR_STATUS == 'True' ? true : false; if ((int) MODULE_PAYMENT_BANCOPOPULAR_ORDER_STATUS_ID > 0) { $this->order_status = MODULE_PAYMENT_BANCOPOPULAR_ORDER_STATUS_ID; } $this->payment_fields = db_prepare_input($_POST['bancopopular_ref']); }
function directdebit() { global $order; $this->code = 'directdebit'; $this->title = MODULE_PAYMENT_DIRECTDEBIT_TEXT_TITLE; $this->description = MODULE_PAYMENT_DIRECTDEBIT_TEXT_DESCRIPTION; $this->sort_order = MODULE_PAYMENT_DIRECTDEBIT_SORT_ORDER; $this->enabled = MODULE_PAYMENT_DIRECTDEBIT_STATUS == 'True' ? true : false; if ((int) MODULE_PAYMENT_DIRECTDEBIT_ORDER_STATUS_ID > 0) { $this->order_status = MODULE_PAYMENT_DIRECTDEBIT_ORDER_STATUS_ID; } $this->payment_fields = db_prepare_input($_POST['directdebit_ref']); }
function xtrafinanc() { global $order; $this->code = 'xtrafinanc'; $this->title = MODULE_PAYMENT_XTRAFINANC_TEXT_TITLE; $this->description = MODULE_PAYMENT_XTRAFINANC_TEXT_DESCRIPTION; $this->sort_order = MODULE_PAYMENT_XTRAFINANC_SORT_ORDER; $this->enabled = MODULE_PAYMENT_XTRAFINANC_STATUS == 'True' ? true : false; if ((int) MODULE_PAYMENT_XTRAFINANC_ORDER_STATUS_ID > 0) { $this->order_status = MODULE_PAYMENT_XTRAFINANC_ORDER_STATUS_ID; } $this->payment_fields = db_prepare_input($_POST['xtrafinanc_ref']); }
function load_query_results($tableKey = 'id', $tableValue = 0) { global $db, $report; if (!$tableValue) { return false; } $sql = "select * from " . TABLE_WO_JOURNAL_MAIN . " where id = " . $tableValue; $result = $db->Execute($sql); while (list($key, $value) = each($result->fields)) { $this->{$key} = db_prepare_input($value); } $this->load_item_details($this->id); $this->build_bom_list($this->sku_id); $this->build_ref_lists(); // convert particular values indexed by id to common name $result = $db->Execute("select sku, image_with_path, description_sales, upc_code from " . TABLE_INVENTORY . " where id = " . $this->sku_id); $this->sku = $result->fields['sku']; $this->bar_code = $result->fields['sku']; $this->image_with_path = $result->fields['image_with_path']; $this->description = $result->fields['description_sales']; $this->upc_code = $result->fields['upc_code']; // sequence the results per Prefs[Seq] $output = array(); foreach ($report->fieldlist as $OneField) { // check for a data field and build sql field list if (in_array($OneField->type, array('Data', 'ImgLink', 'BarCode'))) { // then it's data field, include it $field = $OneField->boxfield[0]->fieldname; switch ($field) { case 'bar_code': $output[] = $this->bar_code; break; case 'sku_image': $output[] = $this->image_with_path; break; case 'description': $output[] = $this->description; break; case 'upc_code': $output[] = $this->upc_code; break; default: $output[] = $this->{$field}; break; } } } // return results return $output; }
function btn_delete() { global $db, $messageStack; if ($this->security_id < 4) { $messageStack->add_session(ERROR_NO_PERMISSION, 'error'); return false; } $tax_rate_id = db_prepare_input($_POST['rowSeq']); // Check for this rate as part of a journal entry, if so do not delete // Since tax rates are not used explicitly, they can be deleted at any time. $result = $db->Execute("select description_short from " . $this->db_table . " where tax_rate_id = " . (int) $tax_rate_id); $db->Execute("delete from " . $this->db_table . " where tax_rate_id = " . $tax_rate_id); gen_add_audit_log(SETUP_TAX_RATES_LOG . TEXT_DELETE, $result->fields['description_short']); return true; }
function btn_delete() { global $db, $messageStack; if ($this->security_id < 4) { $messageStack->add_session(ERROR_NO_PERMISSION, 'error'); return false; } $id = db_prepare_input($_POST['rowSeq']); // error check // Departments have no pre-requisites to check prior to delete // OK to delete $db->Execute("delete from " . $this->db_table . " where id = '" . $id . "'"); modify_account_history_records($id, $add_acct = false); gen_add_audit_log(HR_LOG_DEPARTMENTS . TEXT_DELETE, $id); return true; }
function btn_save($id = '') { global $db, $messageStack; if ($this->security_id < 2) { $messageStack->add(ERROR_NO_PERMISSION, 'error'); return false; } $description_short = db_prepare_input($_POST['description_short']); $sql_data_array = array('description_short' => $description_short, 'description_long' => db_prepare_input($_POST['description_long']), 'cost_type' => db_prepare_input($_POST['cost_type']), 'inactive' => isset($_POST['inactive']) ? '1' : '0'); if (!$this->id == '') { db_perform($this->db_table, $sql_data_array, 'update', "cost_id = '" . $this->id . "'"); gen_add_audit_log(SETUP_PROJECT_COSTS_LOG . TEXT_UPDATE, $description_short); } else { db_perform($this->db_table, $sql_data_array); gen_add_audit_log(SETUP_PROJECT_COSTS_LOG . TEXT_ADD, $description_short); } return true; }
function btn_save($id = '') { global $db, $messageStack; if ($this->security_id < 2) { $messageStack->add(ERROR_NO_PERMISSION, 'error'); return false; } $description = db_prepare_input($_POST['description']); $sql_data_array = array('description' => $description); if (!$this->id == '') { db_perform($this->db_table, $sql_data_array, 'update', "id = '" . $this->id . "'"); gen_add_audit_log(SETUP_DEPT_TYPES_LOG . TEXT_UPDATE, $description); } else { db_perform($this->db_table, $sql_data_array); gen_add_audit_log(SETUP_DEPT_TYPES_LOG . TEXT_ADD, $description); } return true; }
function btn_delete() { global $db, $messageStack; if ($this->security_id < 4) { $messageStack->add_session(ERROR_NO_PERMISSION, 'error'); return false; } $id = (int) db_prepare_input($_POST['rowSeq']); $result = $db->Execute("select field_name from " . TABLE_INVENTORY_FIELDS . " where category_id = " . $id); if ($result->RecordCount() > 0) { $messageStack->add(INV_CATEGORY_CANNOT_DELETE . $result->fields['field_name'], 'error'); return false; } $result = $db->Execute("select category_name from " . $this->db_table . " where category_id = " . (int) $id); $db->Execute("delete from " . TABLE_INVENTORY_CATEGORIES . " where category_id = " . $id); gen_add_audit_log(INV_TABS_LOG . TEXT_DELETE, $result->fields['category_name']); return true; }
function load_query_results($tableKey = 'id', $tableValue = 0) { global $db, $report, $FieldListings; if (!$tableValue) { return false; } $sql = "select * from " . TABLE_JOURNAL_MAIN . " where id = " . $tableValue; $result = $db->Execute($sql); while (list($key, $value) = each($result->fields)) { $this->{$key} = db_prepare_input($value); } $this->load_item_details($this->id); $this->load_payment_details($this->id); $this->load_account_details($this->bill_acct_id); // convert particular values indexed by id to common name if ($this->rep_id) { $sql = "select short_name, contact_first, contact_last from " . TABLE_CONTACTS . " where id = " . $this->rep_id; $result = $db->Execute($sql); $this->rep_id = $result->fields['short_name']; $this->rep_name = $result->fields['contact_first'] . ' ' . $result->fields['contact_last']; } else { $this->rep_id = ''; $this->rep_name = ''; } $terms_date = calculate_terms_due_dates($this->post_date, $this->terms); $this->payment_due_date = $terms_date['net_date']; // $this->tax_authorities = 'tax_auths'; $this->balance_due = $this->total_amount - $this->total_paid; $this->rounded_of = $this->total_amount - ($this->inv_subtotal_w_tax - $this->discount); // sequence the results per Prefs[Seq] $output = array(); foreach ($report->fieldlist as $OneField) { // check for a data field and build sql field list if ($OneField->type == 'Data') { // then it's data field, include it $field = $OneField->boxfield[0]->fieldname; $output[] = $this->{$field}; } } // return results //echo 'line items = '; print_r($this->line_items); echo '<br />'; return $output; }
function btn_delete() { global $db, $messageStack; if ($this->security_id < 4) { $messageStack->add_session(ERROR_NO_PERMISSION, 'error'); return false; } $id = db_prepare_input($_POST['rowSeq']); // Don't allow delete if there is account activity for this account $sql = "select max(debit_amount) as debit, max(credit_amount) as credit, max(beginning_balance) as beg_bal \r\n\t\tfrom " . TABLE_CHART_OF_ACCOUNTS_HISTORY . " where account_id = '" . $id . "'"; $result = $db->Execute($sql); if ($result->fields['debit'] != 0 || $result->fields['credit'] != 0 || $result->fields['beg_bal'] != 0) { $messageStack->add(GL_ERROR_CANT_DELETE, 'error'); return false; } // OK to delete $db->Execute("delete from " . $this->db_table . " where id = '" . $id . "'"); modify_account_history_records($id, $add_acct = false); gen_add_audit_log(GL_LOG_CHART_OF_ACCOUNTS . TEXT_DELETE, $id); return true; }
function transferencia() { global $order; $this->code = 'transferencia'; $this->title = MODULE_PAYMENT_TRANSFERENCIA_TEXT_TITLE; $this->description = MODULE_PAYMENT_TRANSFERENCIA_TEXT_DESCRIPTION; $this->sort_order = MODULE_PAYMENT_TRANSFERENCIA_SORT_ORDER; $this->enabled = MODULE_PAYMENT_TRANSFERENCIA_STATUS == 'True' ? true : false; if ((int) MODULE_PAYMENT_TRANSFERENCIA_ORDER_STATUS_ID > 0) { $this->order_status = MODULE_PAYMENT_TRANSFERENCIA_ORDER_STATUS_ID; } $this->payment_fields = db_prepare_input($_POST['transferencia_ref']); }