function invoice_form_details_process($type, $mode, $returnpage_error, $returnpage_success)
{
log_debug("inc_invoices_forms", "Executing invoice_form_details_process({$type}, {$mode}, {$returnpage_error}, {$returnpage_success})");
// TODO: it seems this function requests the $mode, but then works it out itself anyway.
// check out what is going on here.
/*
Start the invoice
*/
$invoice = new invoice();
$invoice->type = $type;
/*
Fetch all form data
*/
// get the ID for an edit
if ($mode == "edit") {
$invoice->id = @security_form_input_predefined("int", "id_invoice", 1, "");
}
// general details
if ($type == "ap") {
$invoice->data["vendorid"] = @security_form_input_predefined("int", "vendorid", 1, "");
} else {
$invoice->data["customerid"] = @security_form_input_predefined("int", "customerid", 1, "");
}
$invoice->data["employeeid"] = @security_form_input_predefined("int", "employeeid", 1, "");
$invoice->data["notes"] = @security_form_input_predefined("any", "notes", 0, "");
$invoice->data["code_ordernumber"] = @security_form_input_predefined("any", "code_ordernumber", 0, "");
$invoice->data["code_ponumber"] = @security_form_input_predefined("any", "code_ponumber", 0, "");
$invoice->data["date_trans"] = @security_form_input_predefined("date", "date_trans", 1, "");
$invoice->data["date_due"] = @security_form_input_predefined("date", "date_due", 1, "");
// other
$invoice->data["dest_account"] = @security_form_input_predefined("int", "dest_account", 1, "");
// are we editing an existing invoice or adding a new one?
if ($invoice->id) {
$mode = "edit";
// make sure the invoice actually exists
if (!$invoice->verify_invoice()) {
log_write("error", "process", "The invoice you have attempted to edit - " . $invoice->id . " - does not exist in this system.");
}
// check if invoice is locked or not
if ($invoice->check_lock()) {
log_write("error", "process", "The invoice can not be edited because it is locked.");
}
} else {
$mode = "add";
}
// invoice must be provided by edit page, but not by add invoice, since we can just generate a new one
if ($mode == "add") {
$invoice->data["code_invoice"] = @security_form_input_predefined("any", "code_invoice", 0, "");
} else {
$invoice->data["code_invoice"] = @security_form_input_predefined("any", "code_invoice", 1, "");
}
//// ERROR CHECKING ///////////////////////
// make sure we don't choose a invoice invoice number that is already in use
if ($invoice->data["code_invoice"]) {
$invoice->prepare_code_invoice($invoice->data["code_invoice"]);
}
/// if there was an error, go back to the entry page
if ($_SESSION["error"]["message"]) {
$_SESSION["error"]["form"][$type . "_invoice_" . $mode] = "failed";
header("Location: ../../index.php?page={$returnpage_error}&id=" . $invoice->id . "");
exit(0);
} else {
// GENERATE INVOICE ID
// if no invoice ID has been supplied, we now need to generate a unique invoice id
if (!$invoice->data["code_invoice"]) {
$invoice->prepare_code_invoice();
}
// APPLY GENERAL OPTIONS
if ($mode == "add") {
// create a new invoice
if ($invoice->action_create()) {
$_SESSION["notification"]["message"][] = "Invoice successfully created.";
journal_quickadd_event("account_" . $invoice->type . "", $invoice->id, "Invoice successfully created");
} else {
$_SESSION["error"]["message"] = "An error occured whilst attempting to create the invoice";
}
// display items page
$returnpage_success = str_replace("view", "items", $returnpage_success);
header("Location: ../../index.php?page={$returnpage_success}&id=" . $invoice->id . "");
} else {
// update an existing invoice
if ($invoice->action_update()) {
$_SESSION["notification"]["message"][] = "Invoice successfully updated.";
journal_quickadd_event("account_" . $invoice->type . "", $invoice->id, "Invoice successfully updated");
} else {
$_SESSION["error"]["message"] = "An error occured whilst attempting to update the invoice";
}
// display updated details
header("Location: ../../index.php?page={$returnpage_success}&id=" . $invoice->id . "");
}
exit(0);
}
// end if passed tests
}
// concurrent logins
$sql_obj->string = "INSERT INTO users_options (userid, name, value) VALUES ({$id}, 'concurrent_logins', '" . $data["option_concurrent_logins"] . "')";
$sql_obj->execute();
}
//translate options
if (user_permissions_get("devel_translate")) {
$sql_obj->string = "INSERT INTO users_options (userid, name, value) VALUES ({$id}, 'translation', '" . $data["option_translation"] . "')";
$sql_obj->execute();
}
/*
Complete
*/
if (!$_SESSION["error"]["message"]) {
$sql_obj->trans_commit();
log_write("notification", "process", "Account changes applied successfully.");
journal_quickadd_event("users", $id, "User changed account options");
/*
Apply changes to active session
*/
$sql_obj->string = "SELECT name, value FROM users_options WHERE userid='{$id}'";
$sql_obj->execute();
if ($sql_obj->num_rows()) {
$sql_obj->fetch_array();
foreach ($sql_obj->data as $data) {
// save updated session data
$_SESSION["user"][$data["name"]] = $data["value"];
}
}
} else {
$sql_obj->trans_rollback();
log_write("error", "process", "No changes have been applied.");
function service_form_plan_process()
{
log_debug("inc_services_process", "Executing service_form_plan_process()");
/*
Fetch all form data
*/
$id = @security_form_input_predefined("int", "id_service", 1, "");
// general details
$data["price"] = @security_form_input_predefined("money", "price", 0, "");
$data["price_setup"] = @security_form_input_predefined("money", "price_setup", 0, "");
$data["discount"] = @security_form_input_predefined("float", "discount", 0, "");
$data["billing_cycle"] = @security_form_input_predefined("int", "billing_cycle", 1, "");
$data["billing_mode"] = @security_form_input_predefined("int", "billing_mode", 1, "");
// needed to handle errors, but not used
$data["name_service"] = @security_form_input_predefined("any", "name_service", 0, "");
// make sure that the service actually exists
$sql_plan_obj = new sql_query();
$sql_plan_obj->string = "SELECT services.typeid, service_types.name FROM services LEFT JOIN service_types ON service_types.id = services.typeid WHERE services.id='{$id}' LIMIT 1";
$sql_plan_obj->execute();
if (!$sql_plan_obj->num_rows()) {
$_SESSION["error"]["message"][] = "The service you have attempted to edit - {$id} - does not exist in this system.";
} else {
$sql_plan_obj->fetch_array();
}
// fetch fields depending on the service type
switch ($sql_plan_obj->data[0]["name"]) {
case "generic_with_usage":
$data["units"] = @security_form_input_predefined("any", "units", 1, "");
$data["included_units"] = @security_form_input_predefined("int", "included_units", 0, "");
$data["price_extraunits"] = @security_form_input_predefined("money", "price_extraunits", 0, "");
$data["usage_mode"] = @security_form_input_predefined("int", "usage_mode", 1, "");
$data["alert_80pc"] = @security_form_input_predefined("any", "alert_80pc", 0, "");
$data["alert_100pc"] = @security_form_input_predefined("any", "alert_100pc", 0, "");
$data["alert_extraunits"] = @security_form_input_predefined("any", "alert_extraunits", 0, "");
break;
case "licenses":
$data["units"] = @security_form_input_predefined("any", "units", 1, "");
$data["included_units"] = @security_form_input_predefined("int", "included_units", 0, "");
$data["price_extraunits"] = @security_form_input_predefined("money", "price_extraunits", 0, "");
break;
case "time":
$data["units"] = @security_form_input_predefined("int", "units", 1, "");
$data["included_units"] = @security_form_input_predefined("int", "included_units", 0, "");
$data["price_extraunits"] = @security_form_input_predefined("money", "price_extraunits", 0, "");
// force data usage/time to be incrementing
$data["usage_mode"] = sql_get_singlevalue("SELECT id as value FROM service_usage_modes WHERE name='incrementing' LIMIT 1");
$data["alert_80pc"] = @security_form_input_predefined("any", "alert_80pc", 0, "");
$data["alert_100pc"] = @security_form_input_predefined("any", "alert_100pc", 0, "");
$data["alert_extraunits"] = @security_form_input_predefined("any", "alert_extraunits", 0, "");
break;
case "data_traffic":
// general data traffic options
$data["units"] = @security_form_input_predefined("int", "units", 1, "");
// force data usage/time to be incrementing
$data["usage_mode"] = sql_get_singlevalue("SELECT id as value FROM service_usage_modes WHERE name='incrementing' LIMIT 1");
// loop through all the traffic types
$data["data_traffic_caps"] = array();
$obj_sql_traffic_types = new sql_query();
$obj_sql_traffic_types->string = "SELECT id FROM traffic_types";
$obj_sql_traffic_types->execute();
$obj_sql_traffic_types->num_rows();
// will always be at least one, need for loop
for ($i = 0; $i < $obj_sql_traffic_types->data_num_rows; $i++) {
$cap = array();
if (@security_form_input_predefined("checkbox", "traffic_cap_" . $i . "_active", 0, "") || $_POST["traffic_cap_" . $i . "_id"] == "1") {
// fetch traffic cap details
$cap["id_traffic_type"] = @security_form_input_predefined("int", "traffic_cap_" . $i . "_id", 1, "");
$cap["name"] = @security_form_input_predefined("any", "traffic_cap_" . $i . "_name", 0, "");
$cap["mode"] = @security_form_input_predefined("any", "traffic_cap_" . $i . "_mode", 0, "");
$cap["units_included"] = @security_form_input_predefined("int", "traffic_cap_" . $i . "_units_included", 0, "");
$cap["units_price"] = @security_form_input_predefined("money", "traffic_cap_" . $i . "_units_price", 0, "");
// additional checks
if ($cap["mode"] != "unlimited" && $cap["mode"] != "capped") {
log_write("error", "inc_services_process", "A data type must either be disabled or marked as capped vs unlimited");
error_flag_field("traffic_cap_" . $i);
}
$data["data_traffic_caps"][] = $cap;
}
}
unset($obj_sql_traffic_types);
// alert configuration
$data["alert_80pc"] = @security_form_input_predefined("any", "alert_80pc", 0, "");
$data["alert_100pc"] = @security_form_input_predefined("any", "alert_100pc", 0, "");
$data["alert_extraunits"] = @security_form_input_predefined("any", "alert_extraunits", 0, "");
break;
case "phone_single":
$data["id_rate_table"] = @security_form_input_predefined("int", "id_rate_table", 1, "");
break;
case "phone_tollfree":
$data["id_rate_table"] = @security_form_input_predefined("int", "id_rate_table", 1, "");
$data["phone_trunk_included_units"] = @security_form_input_predefined("int", "phone_trunk_included_units", 1, "");
$data["phone_trunk_price_extra_units"] = @security_form_input_predefined("money", "phone_trunk_price_extra_units", 0, "");
break;
case "phone_trunk":
$data["id_rate_table"] = @security_form_input_predefined("int", "id_rate_table", 1, "");
$data["phone_ddi_included_units"] = @security_form_input_predefined("int", "phone_ddi_included_units", 1, "");
$data["phone_ddi_price_extra_units"] = @security_form_input_predefined("money", "phone_ddi_price_extra_units", 0, "");
$data["phone_trunk_included_units"] = @security_form_input_predefined("int", "phone_trunk_included_units", 1, "");
$data["phone_trunk_price_extra_units"] = @security_form_input_predefined("money", "phone_trunk_price_extra_units", 0, "");
break;
}
// convert checkbox input
if ($data["alert_80pc"]) {
$data["alert_80pc"] = 1;
}
if ($data["alert_100pc"]) {
$data["alert_100pc"] = 1;
}
//// ERROR CHECKING ///////////////////////
/// if there was an error, go back to the entry page
if ($_SESSION["error"]["message"]) {
$_SESSION["error"]["form"]["service_plan"] = "failed";
header("Location: ../index.php?page=services/plan.php&id={$id}");
exit(0);
} else {
/*
Begin Transaction
*/
$sql_obj = new sql_query();
$sql_obj->trans_begin();
/*
Update plan details
*/
$sql_obj = new sql_query();
switch ($sql_plan_obj->data[0]["name"]) {
case "time":
$sql_obj->string = "UPDATE services SET " . "active='1', " . "price='" . $data["price"] . "', " . "price_setup='" . $data["price_setup"] . "', " . "discount='" . $data["discount"] . "', " . "units='" . $data["units"] . "', " . "price_extraunits='" . $data["price_extraunits"] . "', " . "included_units='" . $data["included_units"] . "', " . "billing_cycle='" . $data["billing_cycle"] . "', " . "billing_mode='" . $data["billing_mode"] . "', " . "usage_mode='" . $data["usage_mode"] . "', " . "alert_80pc='" . $data["alert_80pc"] . "', " . "alert_100pc='" . $data["alert_100pc"] . "', " . "alert_extraunits='" . $data["alert_extraunits"] . "' " . "WHERE id='{$id}'";
$sql_obj->execute();
break;
case "data_traffic":
// update service plan
$sql_obj->string = "UPDATE services SET " . "active='1', " . "price='" . $data["price"] . "', " . "price_setup='" . $data["price_setup"] . "', " . "discount='" . $data["discount"] . "', " . "units='" . $data["units"] . "', " . "billing_cycle='" . $data["billing_cycle"] . "', " . "billing_mode='" . $data["billing_mode"] . "', " . "usage_mode='" . $data["usage_mode"] . "', " . "alert_80pc='" . $data["alert_80pc"] . "', " . "alert_100pc='" . $data["alert_100pc"] . "', " . "alert_extraunits='" . $data["alert_extraunits"] . "' " . "WHERE id='{$id}'";
$sql_obj->execute();
// delete existing service traffic caps
$sql_obj->string = "DELETE FROM traffic_caps WHERE id_service='{$id}'";
$sql_obj->execute();
// update service traffic caps
foreach ($data["data_traffic_caps"] as $cap) {
// add each traffic cap
$sql_obj->string = "INSERT INTO traffic_caps (id_service, id_traffic_type, mode, units_price, units_included) VALUES ('{$id}', '" . $cap["id_traffic_type"] . "', '" . $cap["mode"] . "', '" . $cap["units_price"] . "', '" . $cap["units_included"] . "')";
$sql_obj->execute();
}
break;
case "generic_with_usage":
$sql_obj->string = "UPDATE services SET " . "active='1', " . "price='" . $data["price"] . "', " . "price_setup='" . $data["price_setup"] . "', " . "discount='" . $data["discount"] . "', " . "units='" . $data["units"] . "', " . "price_extraunits='" . $data["price_extraunits"] . "', " . "included_units='" . $data["included_units"] . "', " . "billing_cycle='" . $data["billing_cycle"] . "', " . "billing_mode='" . $data["billing_mode"] . "', " . "usage_mode='" . $data["usage_mode"] . "', " . "alert_80pc='" . $data["alert_80pc"] . "', " . "alert_100pc='" . $data["alert_100pc"] . "', " . "alert_extraunits='" . $data["alert_extraunits"] . "' " . "WHERE id='{$id}'";
$sql_obj->execute();
break;
case "licenses":
$sql_obj->string = "UPDATE services SET " . "active='1', " . "price='" . $data["price"] . "', " . "price_setup='" . $data["price_setup"] . "', " . "discount='" . $data["discount"] . "', " . "units='" . $data["units"] . "', " . "price_extraunits='" . $data["price_extraunits"] . "', " . "included_units='" . $data["included_units"] . "', " . "billing_cycle='" . $data["billing_cycle"] . "', " . "billing_mode='" . $data["billing_mode"] . "' " . "WHERE id='{$id}'";
$sql_obj->execute();
break;
case "phone_single":
$sql_obj->string = "UPDATE services SET " . "active='1', " . "price='" . $data["price"] . "', " . "price_setup='" . $data["price_setup"] . "', " . "discount='" . $data["discount"] . "', " . "billing_cycle='" . $data["billing_cycle"] . "', " . "billing_mode='" . $data["billing_mode"] . "', " . "id_rate_table='" . $data["id_rate_table"] . "' " . "WHERE id='{$id}'";
$sql_obj->execute();
break;
case "phone_trunk":
// update basic details
$sql_obj->string = "UPDATE services SET " . "active='1', " . "price='" . $data["price"] . "', " . "price_setup='" . $data["price_setup"] . "', " . "discount='" . $data["discount"] . "', " . "billing_cycle='" . $data["billing_cycle"] . "', " . "billing_mode='" . $data["billing_mode"] . "', " . "id_rate_table='" . $data["id_rate_table"] . "' " . "WHERE id='{$id}'";
$sql_obj->execute();
// delete old options (if any)
$sql_obj->string = "DELETE FROM services_options\n\t\t\t\t\t\t\t\tWHERE option_type='service' \n\t\t\t\t\t\t\t\tAND option_type_id='" . $id . "' \n\t\t\t\t\t\t\t\tAND option_name IN ('phone_ddi_included_units',\n\t\t\t\t\t\t\t\t\t\t\t'phone_ddi_price_extra_units',\n\t\t\t\t\t\t\t\t\t\t\t'phone_trunk_included_units',\n\t\t\t\t\t\t\t\t\t\t\t'phone_trunk_price_extra_units')";
$sql_obj->execute();
// apply new options
$sql_obj->string = "INSERT INTO services_options (option_type, option_type_id, option_name, option_value) VALUES ('service', '" . $id . "', 'phone_ddi_included_units', '" . $data["phone_ddi_included_units"] . "')";
$sql_obj->execute();
$sql_obj->string = "INSERT INTO services_options (option_type, option_type_id, option_name, option_value) VALUES ('service', '" . $id . "', 'phone_ddi_price_extra_units', '" . $data["phone_ddi_price_extra_units"] . "')";
$sql_obj->execute();
$sql_obj->string = "INSERT INTO services_options (option_type, option_type_id, option_name, option_value) VALUES ('service', '" . $id . "', 'phone_trunk_included_units', '" . $data["phone_trunk_included_units"] . "')";
$sql_obj->execute();
$sql_obj->string = "INSERT INTO services_options (option_type, option_type_id, option_name, option_value) VALUES ('service', '" . $id . "', 'phone_trunk_price_extra_units', '" . $data["phone_trunk_price_extra_units"] . "')";
$sql_obj->execute();
break;
case "phone_tollfree":
// update basic details
$sql_obj->string = "UPDATE services SET " . "active='1', " . "price='" . $data["price"] . "', " . "price_setup='" . $data["price_setup"] . "', " . "discount='" . $data["discount"] . "', " . "billing_cycle='" . $data["billing_cycle"] . "', " . "billing_mode='" . $data["billing_mode"] . "', " . "id_rate_table='" . $data["id_rate_table"] . "' " . "WHERE id='{$id}'";
$sql_obj->execute();
// delete old options (if any)
$sql_obj->string = "DELETE FROM services_options\n\t\t\t\t\t\t\t\tWHERE option_type='service' \n\t\t\t\t\t\t\t\tAND option_type_id='" . $id . "' \n\t\t\t\t\t\t\t\tAND option_name IN ('phone_trunk_included_units',\n\t\t\t\t\t\t\t\t\t\t\t'phone_trunk_price_extra_units')";
$sql_obj->execute();
// apply new options
$sql_obj->string = "INSERT INTO services_options (option_type, option_type_id, option_name, option_value) VALUES ('service', '" . $id . "', 'phone_trunk_included_units', '" . $data["phone_trunk_included_units"] . "')";
$sql_obj->execute();
$sql_obj->string = "INSERT INTO services_options (option_type, option_type_id, option_name, option_value) VALUES ('service', '" . $id . "', 'phone_trunk_price_extra_units', '" . $data["phone_trunk_price_extra_units"] . "')";
$sql_obj->execute();
break;
case "generic_no_usage":
case "bundle":
default:
$sql_obj->string = "UPDATE services SET " . "active='1', " . "price='" . $data["price"] . "', " . "price_setup='" . $data["price_setup"] . "', " . "discount='" . $data["discount"] . "', " . "billing_cycle='" . $data["billing_cycle"] . "', " . "billing_mode='" . $data["billing_mode"] . "' " . "WHERE id='{$id}'";
$sql_obj->execute();
break;
}
/*
Update the Journal
*/
journal_quickadd_event("services", $id, "Service plan configuration changed");
/*
Commit
*/
if (error_check()) {
$sql_obj->trans_rollback();
log_write("error", "process", "An error occured whilst attempting to update service plan information. No changes have been made.");
} else {
$sql_obj->trans_commit();
log_write("notification", "process", "Service successfully updated.");
}
// display updated details
header("Location: ../index.php?page=services/plan.php&id={$id}");
exit(0);
}
// end if passed tests
}
function action_delete()
{
log_debug("invoice_items", "Executing action_delete()");
// we may need to fetch the item type, since often this is not passed
// to the delete function
if (!$this->type_item) {
$this->type_item = sql_get_singlevalue("SELECT type as value FROM account_items WHERE id='" . $this->id_item . "' LIMIT 1");
}
/*
Start SQL Transaction
*/
$sql_obj = new sql_query();
$sql_obj->trans_begin();
/*
Unlock time_groups if required
*/
if ($this->type_item == "time") {
$groupid = sql_get_singlevalue("SELECT option_value as value FROM account_items_options WHERE itemid='" . $this->id_item . "' AND option_name='TIMEGROUPID'");
// fetch the current lock status of the time group
// if it's set to 1, we want to keep that, otherwise if 2, set to 0
$locked = sql_get_singlevalue("SELECT locked as value FROM time_groups WHERE id='{$groupid}'");
if ($locked == 2) {
$locked = 0;
}
$sql_obj->string = "UPDATE time_groups SET invoiceid='0', invoiceitemid='0', locked='{$locked}' WHERE id='{$groupid}'";
$sql_obj->execute();
}
/*
Delete credit payments if required
*/
if ($this->type_item == "payment") {
$credit = sql_get_singlevalue("SELECT option_value as value FROM account_items_options WHERE itemid='" . $this->id_item . "' AND option_name='CREDIT'");
if (!empty($credit)) {
if ($this->type_invoice == "ap") {
$id_vendor = sql_get_singlevalue("SELECT vendorid as value FROM account_ar WHERE id='" . $this->id_invoice . "' LIMIT 1");
$sql_obj->string = "DELETE FROM vendors_credits WHERE id_vendor='" . $id_vendor . "' AND type='payment' AND id_custom='" . $this->id_item . "' LIMIT 1";
$sql_obj->execute();
} else {
$id_customer = sql_get_singlevalue("SELECT customerid as value FROM account_ar WHERE id='" . $this->id_invoice . "' LIMIT 1");
$sql_obj->string = "DELETE FROM customers_credits WHERE id_customer='" . $id_customer . "' AND type='payment' AND id_custom='" . $this->id_item . "' LIMIT 1";
$sql_obj->execute();
}
}
}
/*
Delete the invoice item options
*/
$sql_obj->string = "DELETE FROM account_items_options WHERE itemid='" . $this->id_item . "'";
$sql_obj->execute();
/*
Delete the invoice item
*/
$sql_obj->string = "DELETE FROM account_items WHERE id='" . $this->id_item . "' AND invoicetype='" . $this->type_invoice . "' LIMIT 1";
$sql_obj->execute();
/*
Update Journal
*/
journal_quickadd_event("account_" . $this->type_invoice . "", $this->id_invoice, "Item successfully deleted");
/*
Commit
*/
if (error_check()) {
$sql_obj->trans_rollback();
log_write("error", "invoice_items", "An error occured whilst attempting to delete invoice item. No changes have been made.");
return 0;
} else {
$sql_obj->trans_commit();
log_write("notification", "invoice_items", "Invoice item removed successfully");
return 1;
}
}
function bundle_service_delete($id_service)
{
log_write("debug", "inc_services", "Executing bundle_service_delete({$id_service}))");
/*
Begin Transaction
*/
$sql_obj = new sql_query();
$sql_obj->trans_begin();
/*
Apply Changes
*/
$sql_obj->string = "SELECT id FROM `services_bundles` WHERE id_bundle='" . $this->id . "' AND id_service='{$id_service}' LIMIT 1";
$sql_obj->execute();
$sql_obj->fetch_array();
$option_id = $sql_obj->data[0]["id"];
$sql_obj->string = "DELETE FROM `services_bundles` WHERE id='{$option_id}' LIMIT 1";
$sql_obj->execute();
$sql_obj->string = "DELETE FROM `services_options` WHERE option_type='bundle' AND option_type_id='{$option_id}'";
$sql_obj->execute();
/*
Update the Journal
*/
journal_quickadd_event("services", $this->id, "Service component removed from bundle.");
/*
Commit
*/
if (error_check()) {
$sql_obj->trans_rollback();
log_write("error", "process", "An error occured whilst attempting to remove a service from the bundle. No changes have been made.");
} else {
$sql_obj->trans_commit();
log_write("notification", "process", "Service successfully removed from bundle.");
}
return 0;
}
$sql_obj->execute();
}
// if new setting is "on", we don't need todo anything.
} else {
// no current setting exists
// if the new setting is "on", insert a new setting
if ($permissions[$data_perms["value"]] == "on") {
$sql_obj->string = "INSERT INTO `users_permissions_staff` (userid, staffid, permid) VALUES ('{$id}', '{$staffid}', '" . $data_perms["id"] . "')";
$sql_obj->execute();
}
// if new setting is "off", we don't need todo anything.
}
}
// end of while
// update journal
journal_quickadd_event("users", $id, "Adjusted user's staffaccess rights.");
// commit
if (error_check()) {
$sql_obj->trans_rollback();
log_write("error", "process", "An error occured attempting to update permissions, no changes have been made");
} else {
$sql_obj->trans_commit();
log_write("notification", "process", "User staff access permissions have been updated, and are active immediately.");
}
// goto view page
header("Location: ../index.php?page=user/user-staffaccess.php&id={$id}");
exit(0);
}
// if valid data input
} else {
// user does not have permissions to access this page.
}
/*
Update project details
*/
if ($id) {
// update project details
$sql_obj->string = "UPDATE `projects` SET " . "name_project='" . $data["name_project"] . "', " . "code_project='" . $data["code_project"] . "', " . "date_start='" . $data["date_start"] . "', " . "date_end='" . $data["date_end"] . "', " . "internal_only='" . $data["internal_only"] . "', " . "details='" . $data["details"] . "' " . "WHERE id='{$id}' LIMIT 1";
$sql_obj->execute();
}
/*
Update Journal
*/
if ($mode == "add") {
journal_quickadd_event("projects", $id, "Project successfully created.");
} else {
journal_quickadd_event("projects", $id, "Project successfully created.");
}
/*
Commit
*/
if (error_check()) {
$sql_obj->trans_rollback();
log_write("error", "process", "An error occured whilst attempting to update project. No changes have been made.");
if ($mode == "add") {
header("Location: ../index.php?page=projects/add.php");
exit(0);
} else {
header("Location: ../index.php?page=projects/view.php&id={$id}");
exit(0);
}
} else {
// table options
$sql_obj->string = "INSERT INTO users_options (userid, name, value) VALUES ({$id}, 'shrink_tableoptions', '" . $data["option_shrink_tableoptions"] . "')";
$sql_obj->execute();
$sql_obj->string = "INSERT INTO users_options (userid, name, value) VALUES ({$id}, 'table_limit', '" . $data["option_table_limit"] . "')";
$sql_obj->execute();
// defaults
$sql_obj->string = "INSERT INTO users_options (userid, name, value) VALUES ({$id}, 'default_employeeid', '" . $data["option_default_employeeid"] . "')";
$sql_obj->execute();
// debugging
$sql_obj->string = "INSERT INTO users_options (userid, name, value) VALUES ({$id}, 'debug', '" . $data["option_debug"] . "')";
$sql_obj->execute();
// concurrent logins
$sql_obj->string = "INSERT INTO users_options (userid, name, value) VALUES ({$id}, 'concurrent_logins', '" . $data["option_concurrent_logins"] . "')";
$sql_obj->execute();
// update journal
journal_quickadd_event("users", $id, "Updated user account settings.");
// commit/rollback
if ($_SESSION["error"]["message"]) {
$sql_obj->trans_rollback();
log_write("error", "process", "An error occured whilst attempting to update the user - No changes have been made.");
} else {
$sql_obj->trans_commit();
log_write("notification", "process", "Successfully updated user account");
}
}
// Because we have changed the user's details such as their username, we need to kill all the user's
// sessions to prevent any undesired issues from occuring.
$sql_obj = new sql_query();
$sql_obj->string = "DELETE FROM `users_sessions` WHERE userid='{$id}'";
$sql_obj->execute();
// goto view page
$sql_obj->execute();
}
// if new setting is "on", we don't need todo anything.
} else {
// no current setting exists
// if the new setting is "on", insert a new setting
if ($permissions[$data_perms["value"]] == "on") {
$sql_obj->string = "INSERT INTO `users_permissions` (userid, permid) VALUES ('{$id}', '" . $data_perms["id"] . "')";
$sql_obj->execute();
}
// if new setting is "off", we don't need todo anything.
}
}
// end of while
// update journal
journal_quickadd_event("users", $id, "Adjusted user permissions.");
// commit
if (error_check()) {
$sql_obj->trans_rollback();
log_write("error", "process", "An error occured whilst attempting to update user permissions, no change has been made.");
} else {
$sql_obj->trans_commit();
log_write("notification", "process", "User permissions have been updated, and are active immediately.");
}
// goto view page
header("Location: ../index.php?page=user/user-permissions.php&id={$id}");
exit(0);
}
// if valid data input
} else {
// user does not have permissions to access this page.
function page_execute($argv)
{
/*
Input Options
*/
$option_date = NULL;
$option_type = NULL;
if (empty($argv[2])) {
die("You must provide a date option in form of YYYY-MM-DD\n");
}
if (preg_match('/^[0-9]{4}-[0-9]{2}-[0-9]{2}$/', $argv[2])) {
$option_date = $argv[2];
} else {
die("You must provide a date option in form of YYYY-MM-DD - wrong format supplied\n");
}
if (empty($argv[3])) {
die("Service Type must be set.\n");
}
if (preg_match('/^\\S\\S*$/', $argv[3])) {
$option_type = $argv[3];
$option_type_id = sql_get_singlevalue("SELECT id as value FROM service_types WHERE name='{$option_type}' LIMIT 1");
if (!$option_type_id) {
die("Service type {$option_type} is unknown\n");
}
} else {
die("You must provide a service type\n");
}
log_write("notification", "repair", "Executing usage charge rollback for invoices generated {$option_date} for service type {$option_type} (ID {$option_type_id})");
/*
Fetch IDs of all sercices with selected option type
*/
$option_services = array();
$obj_sql_service = new sql_query();
$obj_sql_service->string = "SELECT id FROM services WHERE typeid='" . $option_type_id . "'";
$obj_sql_service->execute();
if ($obj_sql_service->num_rows()) {
$obj_sql_service->fetch_array();
foreach ($obj_sql_service->data as $data) {
$option_services[] = $data["id"];
}
}
unset($obj_sql_service);
log_write("notification", "repair", "Returned ID of matching services, array of " . format_arraytocommastring($option_services, NULL) . "");
/*
Start Transaction
*/
$obj_sql_trans = new sql_query();
$obj_sql_trans->trans_begin();
/*
Fetch AR Invoices for selected period
*/
$obj_sql_ar = new sql_query();
$obj_sql_ar->string = "SELECT id, customerid, code_invoice, dest_account, amount_total, amount_paid FROM account_ar WHERE date_trans='{$option_date}'";
$obj_sql_ar->execute();
if ($obj_sql_ar->num_rows()) {
$obj_sql_ar->fetch_array();
foreach ($obj_sql_ar->data as $data_ar) {
$invoice_items = array();
// store item details
/*
Fetch Invoice Items
*/
$obj_sql_items = new sql_query();
$obj_sql_items->string = "SELECT id, customid, chartid, amount, description FROM account_items WHERE invoiceid='" . $data_ar["id"] . "' AND invoicetype='ar' AND type='service_usage'";
$obj_sql_items->execute();
if ($obj_sql_items->num_rows()) {
$obj_sql_items->fetch_array();
/*
For each item, check the service type and whether it is one of the items
that we want to credit.
*/
foreach ($obj_sql_items->data as $data_item) {
if (in_array($data_item["customid"], $option_services)) {
// item is one of the target services, add details to array
log_write("debug", "repair", "Invoice ID #" . $data_ar["id"] . ", (" . $data_ar["code_invoice"] . ") item ID #" . $data_item["id"] . " is a valid service usage item to refund.");
// check if it's call charges
if (!strpos($data_item["description"], "call charges")) {
log_write("debug", "repair", "Skipping non-call charge usage item from credit");
continue;
}
// add invoice items
$invoice_items_tmp = array();
$invoice_items_tmp["id"] = $data_item["id"];
$invoice_items_tmp["customid"] = $data_item["customid"];
$invoice_items_tmp["chartid"] = $data_item["chartid"];
$invoice_items_tmp["amount"] = $data_item["amount"];
$invoice_items_tmp["description"] = $data_item["description"];
// add to array
$invoice_items[] = $invoice_items_tmp;
}
}
}
// end of AR invoice items loop
/*
If any items matched, we should create a credit note and add the items as credits
*/
if (!empty($invoice_items)) {
/*
Create Credit Note
We have all the information needed for the credit note from the invoice.
*/
$credit = new credit();
$credit->type = "ar_credit";
$credit->prepare_set_defaults();
$credit->data["invoiceid"] = $data_ar["id"];
$credit->data["customerid"] = $data_ar["customerid"];
$credit->data["employeeid"] = "0";
$credit->data["date_trans"] = date("Y-m-d");
$credit->data["dest_account"] = $data_ar["dest_account"];
$credit->data["notes"] = "Automatically generated credit by repair process to cover service usage refund of invoice " . $data_ar["code_invoice"] . "";
// create a new credit
if ($credit->action_create()) {
log_write("notification", "repair", "Credit note successfully created");
journal_quickadd_event("account_ar_credit", $credit->id, "Credit Note successfully created");
} else {
log_write("error", "repair", "An unexpected fault occured whilst attempting to create the credit note");
}
/*
Add Items
We loop through each selected item and for each item, we create an appropiate credit note item.
*/
foreach ($invoice_items as $data_item) {
// create credit item
$item = new invoice_items();
$item->id_invoice = $credit->id;
$item->type_invoice = "ar_credit";
$item->type_item = "credit";
// set item details
$data = array();
$data["amount"] = $data_item["amount"];
$data["price"] = $data_item["amount"];
$data["chartid"] = $data_item["chartid"];
$data["description"] = "Credit For: " . $data_item["description"];
// fetch taxes for selected item
$sql_tax_obj = new sql_query();
$sql_tax_obj->string = "SELECT taxid FROM services_taxes WHERE serviceid='" . $data_item["customid"] . "'";
$sql_tax_obj->execute();
if ($sql_tax_obj->num_rows()) {
$sql_tax_obj->fetch_array();
foreach ($sql_tax_obj->data as $data_tax) {
$sql_cust_tax_obj = new sql_query();
$sql_cust_tax_obj->string = "SELECT id FROM customers_taxes WHERE customerid='" . $credit->data["customerid"] . "' AND taxid='" . $data_tax["taxid"] . "'";
$sql_cust_tax_obj->execute();
if ($sql_cust_tax_obj->num_rows()) {
$data["tax_" . $data_tax["taxid"]] = "on";
}
}
}
unset($sql_tax_obj);
if (!$item->prepare_data($data)) {
log_write("error", "process", "An error was encountered whilst processing supplied data.");
} else {
$item->action_create();
$item->action_update();
}
unset($data);
}
// end of items loop
/*
Re-calculate Credit Note Totals
*/
$item->action_update_tax();
$item->action_update_total();
$item->action_update_ledger();
// finsihed with credit items
unset($item);
/*
Apply Credit Note against the invoice if it hasn't been paid in full.
*/
$amount_invoice = array();
if ($data_ar["amount_total"] != $data_ar["amount_paid"]) {
// determine amount owing
$amount_invoice["owing"] = $data_ar["amount_total"] - $data_ar["amount_paid"];
if ($amount_invoice["owing"] <= 0) {
// nothing todo
log_write("notification", "repair", "Ignoring overpaid invoice " . $data_ar["code_invoice"] . " and assigning credit note to customer account/pool instead");
} else {
// determine credit amount
$amount_invoice["credit"] = sql_get_singlevalue("SELECT amount_total as value FROM account_ar_credit WHERE id='" . $credit->id . "' LIMIT 1");
if ($amount_invoice["credit"] > $amount_invoice["owing"]) {
// pay the amount owing which is less than the credit
$amount_invoice["creditpay"] = $amount_invoice["owing"];
} else {
// customer owes more than the credit is for, make credit payment amount maximum
$amount_invoice["creditpay"] = $amount_invoice["credit"];
}
// make credit payment against the invoice
$item = new invoice_items();
$item->id_invoice = $data_ar["id"];
$item->type_invoice = "ar";
$item->type_item = "payment";
// set item details
$data = array();
$data["date_trans"] = date("Y-m-d");
$data["amount"] = $amount_invoice["creditpay"];
$data["chartid"] = "credit";
$data["source"] = "CREDITED FUNDS (AUTOMATIC)";
$data["description"] = "Credit from credit note " . $credit->data["code_credit"] . " for service usage charge correction";
if (!$item->prepare_data($data)) {
log_write("error", "process", "An error was encountered whilst processing supplied data for credit payment to invoice");
} else {
// create & update payment item
$item->action_create();
$item->action_update();
// update invoice totals & ledger
$item->action_update_tax();
$item->action_update_total();
$item->action_update_ledger();
log_write("notification", "repair", "Applied credit of " . $amount_invoice["creditpay"] . "");
}
unset($item);
}
// end if credit payment made
} else {
log_write("notification", "repair", "Credited invoice " . $data_ar["code_invoice"] . " has already been paid in full, assigning credit note to customer's credit pool for future use.");
}
/*
Email PDF credit notes and message.
*/
if ($GLOBALS["config"]["ACCOUNTS_INVOICE_AUTOEMAIL"] == 1 || $GLOBALS["config"]["ACCOUNTS_INVOICE_AUTOEMAIL"] == "enabled") {
$email = $credit->generate_email();
$credit->email_credit($email["sender"], $email["to"], $email["cc"], $email["bcc"], $email["subject"], $email["message"]);
} else {
log_write("notification", "repair", "No credit note email sent, ACCOUNTS_INVOICE_AUTOEMAIL is disabled.");
}
// unset the credit note
unset($credit);
/*
Flag the refunded usage periods for re-billing.
Now that we have refunded the usage on the selected invoice, we should then flag any service periods
of the same service type and invoice ID, to cause the usge to be rebilled in the next service billing month.
*/
// fetch id_service_customer values from services where customer matches invoice
$obj_sql_cust = new sql_query();
$obj_sql_cust->string = "SELECT id FROM services_customers WHERE customerid='" . $data_ar["customerid"] . "' AND serviceid IN (" . format_arraytocommastring($option_services, NULL) . ")";
$obj_sql_cust->execute();
if ($obj_sql_cust->num_rows()) {
$obj_sql_cust->fetch_array();
foreach ($obj_sql_cust->data as $data_cust) {
// update any periods for this customer-service which have the ID of the selected invoice as
// the usage period invoice.
//
// these usage periods will then be re-invoiced at the next service invoicing run.
//
$obj_sql_period = new sql_query();
$obj_sql_period->string = "UPDATE services_customers_periods SET invoiceid_usage='0', rebill='1' WHERE invoiceid_usage='" . $data_ar["id"] . "' AND id_service_customer='" . $data_cust["id"] . "'";
$obj_sql_period->execute();
}
log_write("notification", "repair", "Flagged services for customer " . $data_ar["customerid"] . " to bill for usage periods.");
} else {
log_write("warning", "repair", "No usage periods found to flag for rebilling for customer " . $data_ar["customerid"] . ", possibly the service has been deleted?");
}
unset($obj_sql_cust);
}
// if creditable items exist on the selected invoice
if (error_check()) {
// there was an error, do not continue processing invoices.
continue;
}
}
}
// end of AR invoice loop
/*
Close Transaction
*/
if (error_check()) {
// rollback/failure
log_write("error", "repair", "An error occured whilst executing, rolling back DB changes");
$obj_sql_trans->trans_rollback();
} else {
// commit
log_write("notification", "repair", "Successful execution, applying DB changes");
$obj_sql_trans->trans_commit();
}
}
function action_update()
{
log_debug("inc_vendors", "Executing action_update()");
// transaction start
$sql_obj = new sql_query();
$sql_obj->trans_begin();
// if no ID exists, create a new vendor first
if (!$this->id) {
$mode = "create";
if (!$this->action_create()) {
return 0;
}
} else {
$mode = "update";
}
// create a unique vendor code if none already exist
if (!$this->data["code_vendor"]) {
$this->data["code_vendor"] = config_generate_uniqueid("CODE_VENDOR", "SELECT id FROM vendors WHERE code_vendor='VALUE' LIMIT 1");
}
// update
$sql_obj->string = "UPDATE `vendors` SET " . "code_vendor='" . $this->data["code_vendor"] . "', " . "name_vendor='" . $this->data["name_vendor"] . "', " . "date_start='" . $this->data["date_start"] . "', " . "date_end='" . $this->data["date_end"] . "', " . "tax_number='" . $this->data["tax_number"] . "', " . "tax_default='" . $this->data["tax_default"] . "', " . "address1_street='" . $this->data["address1_street"] . "', " . "address1_city='" . $this->data["address1_city"] . "', " . "address1_state='" . $this->data["address1_state"] . "', " . "address1_country='" . $this->data["address1_country"] . "', " . "address1_zipcode='" . $this->data["address1_zipcode"] . "', " . "address2_street='" . $this->data["address2_street"] . "', " . "address2_city='" . $this->data["address2_city"] . "', " . "address2_state='" . $this->data["address2_state"] . "', " . "address2_country='" . $this->data["address2_country"] . "', " . "address2_zipcode='" . $this->data["address2_zipcode"] . "', " . "discount='" . $this->data["discount"] . "' " . "WHERE id='" . $this->id . "'";
if (!$sql_obj->execute()) {
log_write("error", "inc_vendors", "Unable to update vendor information");
}
for ($i = 0; $i < $this->data["num_contacts"]; $i++) {
if (empty($this->data["contacts"][$i]["contact_id"]) && $this->data["contacts"][$i]["delete_contact"] == "false" && !empty($this->data["contacts"][$i]["contact"])) {
// create new contact
$this->action_create_contact($i);
} else {
if ($this->data["contacts"][$i]["delete_contact"] == "true") {
// delete contact
$this->action_delete_contact($i);
} else {
// update contact
$this->action_update_contact($i);
}
}
}
// add journal entry
if ($mode == "update") {
journal_quickadd_event("vendors", $this->id, "Vendor details updated.");
} else {
journal_quickadd_event("vendors", $this->id, "Initial Vendor Creation.");
}
// commit
if (error_check()) {
// failure
$sql_obj->trans_rollback();
log_write("error", "inc_vendors", "An error occured whilst saving vendor details, no changes have been made.");
return 0;
} else {
// success
$sql_obj->trans_commit();
if ($mode == "update") {
log_write("notification", "inc_vendors", "Vendor details successfully updated.");
} else {
log_write("notification", "inc_vendors", "Vendor successfully created.");
}
return $this->id;
}
}
function quotes_form_convert_process($returnpage_error, $returnpage_success)
{
log_debug("inc_quotes_forms", "Executing quotes_form_convert_process({$mode}, {$returnpage_error}, {$returnpage_success})");
/*
Fetch all form data
*/
$id = @security_form_input_predefined("int", "id_quote", 1, "");
// general data
$data["code_invoice"] = @security_form_input_predefined("any", "code_invoice", 0, "");
$data["code_ordernumber"] = @security_form_input_predefined("any", "code_ordernumber", 0, "");
$data["code_ponumber"] = @security_form_input_predefined("any", "code_ponumber", 0, "");
$data["date_trans"] = @security_form_input_predefined("date", "date_trans", 1, "");
$data["date_due"] = @security_form_input_predefined("date", "date_due", 1, "");
// other
$data["dest_account"] = @security_form_input_predefined("int", "dest_account", 1, "");
//// ERROR CHECKING ///////////////////////
// make sure the quote actually exists, and fetch various fields that we need to create the invoice.
$sql_quote_obj = new sql_query();
$sql_quote_obj->string = "SELECT id, employeeid, customerid, amount_total, amount_tax, amount, notes FROM `account_quotes` WHERE id='{$id}' LIMIT 1";
$sql_quote_obj->execute();
if (!$sql_quote_obj->num_rows()) {
$_SESSION["error"]["message"][] = "The quote you have attempted to edit - {$id} - does not exist in this system.";
} else {
$sql_quote_obj->fetch_array();
}
/// if there was an error, go back to the entry page
if ($_SESSION["error"]["message"]) {
$_SESSION["error"]["form"]["quote_convert"] = "failed";
header("Location: ../../index.php?page={$returnpage_error}&id={$id}");
exit(0);
} else {
/*
Start SQL Transaction
*/
$sql_obj = new sql_query();
$sql_obj->trans_begin();
// make an invoice ID if one is not supplied by the user
if (!$data["code_invoice"]) {
$data["code_invoice"] = config_generate_uniqueid("ACCOUNTS_AR_INVOICENUM", "SELECT id FROM account_ar WHERE code_invoice='VALUE'");
}
/*
Create new invoice
*/
$sql_obj->string = "INSERT INTO `account_ar` (code_invoice, date_create) VALUES ('" . $data["code_invoice"] . "', '" . date("Y-m-d") . "')";
$sql_obj->execute();
$invoiceid = $sql_obj->fetch_insert_id();
if ($invoiceid) {
/*
Update general invoice details
*/
$sql_obj->string = "UPDATE `account_ar` SET " . "customerid='" . $sql_quote_obj->data[0]["customerid"] . "', " . "employeeid='" . $sql_quote_obj->data[0]["employeeid"] . "', " . "notes='" . $sql_quote_obj->data[0]["notes"] . "', " . "code_invoice='" . $data["code_invoice"] . "', " . "code_ordernumber='" . $data["code_ordernumber"] . "', " . "code_ponumber='" . $data["code_ponumber"] . "', " . "date_trans='" . $data["date_trans"] . "', " . "date_due='" . $data["date_due"] . "', " . "dest_account='" . $data["dest_account"] . "', " . "amount='" . $sql_quote_obj->data[0]["amount"] . "', " . "amount_tax='" . $sql_quote_obj->data[0]["amount_tax"] . "', " . "amount_total='" . $sql_quote_obj->data[0]["amount_total"] . "' " . "WHERE id='{$invoiceid}' LIMIT 1";
$sql_obj->execute();
/*
Migrate all the items from the quote to the invoice
*/
$sql_obj->string = "UPDATE account_items SET invoiceid='{$invoiceid}', invoicetype='ar' WHERE invoiceid='{$id}' AND invoicetype='quotes'";
$sql_obj->execute();
/*
Call functions to create transaction entries for all the items.
(remember that the quote had nothing in account_trans for the items)
*/
$invoice_item = new invoice_items();
$invoice_item->id_invoice = $invoiceid;
$invoice_item->type_invoice = "ar";
$invoice_item->action_update_ledger();
unset($invoice_item);
/*
Migrate the journal
*/
$sql_obj->string = "UPDATE journal SET customid='{$invoiceid}', journalname='account_ar' WHERE customid='{$id}' AND journalname='account_quotes'";
$sql_obj->execute();
/*
Delete the quote
*/
$sql_obj->string = "DELETE FROM account_quotes WHERE id='{$id}' LIMIT 1";
$sql_obj->execute();
}
/*
Update the Journal
*/
journal_quickadd_event("account_ar", $invoiceid, "Converted quotation into invoice");
/*
Commit
*/
if (error_check()) {
$sql_obj->trans_rollback();
log_write("error", "inc_quotes_forms", "An error occured whilst attempting to convert the quote into an invoice. No changes have been made.");
$_SESSION["error"]["form"]["quote_convert"] = "failed";
header("Location: ../../index.php?page={$returnpage_error}&id={$id}");
exit(0);
} else {
$sql_obj->trans_commit();
log_write("notification", "inc_quotes_forms", "Quotation has been converted to an invoice successfully.");
header("Location: ../../index.php?page={$returnpage_success}&id={$invoiceid}");
exit(0);
}
}
// end if passed tests
}
function action_update()
{
log_debug("inc_staff", "Executing action_update()");
/*
Start the transaction
*/
$sql_obj = new sql_query();
$sql_obj->trans_begin();
/*
If no ID exists, create a new employee first
*/
if (!$this->id) {
$mode = "create";
if (!$this->action_create()) {
return 0;
}
} else {
$mode = "update";
}
// All staff require a staff_code value. If one has not been provided, automatically generate one
if (!$this->data["staff_code"]) {
$this->data["staff_code"] = config_generate_uniqueid("CODE_STAFF", "SELECT id FROM staff WHERE staff_code='VALUE'");
}
/*
Update Employee
*/
$sql_obj->string = "UPDATE `staff` SET " . "name_staff='" . $this->data["name_staff"] . "', " . "staff_code='" . $this->data["staff_code"] . "', " . "staff_position='" . $this->data["staff_position"] . "', " . "contact_phone='" . $this->data["contact_phone"] . "', " . "contact_email='" . $this->data["contact_email"] . "', " . "contact_fax='" . $this->data["contact_fax"] . "', " . "date_start='" . $this->data["date_start"] . "', " . "date_end='" . $this->data["date_end"] . "' " . "WHERE id='" . $this->id . "' LIMIT 1";
$sql_obj->execute();
/*
Update the Journal
*/
if ($mode == "update") {
journal_quickadd_event("staff", $this->id, "Employee successfully adjusted.");
} else {
journal_quickadd_event("staff", $this->id, "Employee successfully created.");
}
/*
Commit
*/
if (error_check()) {
$sql_obj->trans_rollback();
log_write("error", "process", "An error occured whilst updating employee details. No changes were made.");
return 0;
} else {
$sql_obj->trans_commit();
if ($mode == "update") {
log_write("notification", "inc_staff", "Employee successfully adjusted.");
} else {
log_write("notification", "inc_staff", "Employee successfully created.");
}
// success
return $this->id;
}
}
if ($mode == "add") {
// create a new entry in the DB
$sql_obj->string = "INSERT INTO `support_tickets` (title) VALUES ('" . $data["title"] . "')";
$sql_obj->execute();
$id = $sql_obj->fetch_insert_id();
}
if ($id) {
// update ticket details
$sql_obj->string = "UPDATE `support_tickets` SET " . "title='" . $data["title"] . "', " . "priority='" . $data["priority"] . "', " . "details='" . $data["details"] . "', " . "status='" . $data["status"] . "', " . "date_start='" . $data["date_start"] . "', " . "date_end='" . $data["date_end"] . "' " . "WHERE id='{$id}' LIMIT 1";
$sql_obj->execute();
}
// update journal
if ($mode == "add") {
journal_quickadd_event("support_tickets", $id, "Support ticket created");
} else {
journal_quickadd_event("support_tickets", $id, "Support ticket details updated");
}
// commit
if (error_check()) {
$sql_obj->trans_rollback();
log_write("error", "process", "An error occured whilst updating support ticket. No changes have been made.");
} else {
$sql_obj->trans_commit();
if ($mode == "add") {
log_write("notification", "process", "Support ticket successfully created.");
} else {
log_write("notification", "process", "Support ticket successfully updated.");
}
}
// display updated details
header("Location: ../index.php?page=support/view.php&id={$id}");
function action_update_orders()
{
log_debug("inc_customers", "Executing action_update_orders()");
/*
Start Transaction
*/
$sql_obj = new sql_query();
$sql_obj->trans_begin();
/*
If no ID supplied, create a new order first
*/
if (!$this->id_order) {
$mode = "create";
if (!$this->action_create_orders()) {
return 0;
}
} else {
$mode = "update";
}
/*
Calculate the amount from the price
*/
// total amount
$this->data_orders["amount"] = $this->data_orders["price"] * $this->data_orders["quantity"];
// discount
if ($this->data_orders["discount"]) {
$discount_calc = $this->data_orders["discount"] / 100;
$discount_calc = $this->data_orders["amount"] * $discount_calc;
$this->data_orders["amount"] = $this->data_orders["amount"] - $discount_calc;
}
/*
Update Order Details
*/
$sql_obj->string = "UPDATE `customers_orders` SET " . "date_ordered='" . $this->data_orders["date_ordered"] . "', " . "type='" . $this->data_orders["type"] . "', " . "customid='" . $this->data_orders["customid"] . "', " . "quantity='" . $this->data_orders["quantity"] . "', " . "units='" . $this->data_orders["units"] . "', " . "amount='" . $this->data_orders["amount"] . "', " . "price='" . $this->data_orders["price"] . "', " . "discount='" . $this->data_orders["discount"] . "', " . "description='" . $this->data_orders["description"] . "' " . "WHERE id='" . $this->id_order . "' LIMIT 1";
$sql_obj->execute();
/*
Update the journal
*/
if ($mode == "update") {
journal_quickadd_event("customers", $this->id, "Customer order item adjusted.");
} else {
journal_quickadd_event("customers", $this->id, "Order item added to customer.");
}
/*
Commit
*/
if (error_check()) {
$sql_obj->trans_rollback();
log_write("error", "inc_customers", "An error occurred when updating customer order.");
return 0;
} else {
$sql_obj->trans_commit();
if ($mode == "update") {
log_write("notification", "inc_customers", "Customer order successfully updated.");
} else {
log_write("notification", "inc_customers", "Customer order created.");
}
return $this->id;
}
}
