function createForm($strFunc, $strList, $strForm) { require "form_switch.php"; if (!sesAccessLevel($levelsAllowed) && !sesAdminAccess()) { ?> <div class="form_container ui-widget-content"> <?php echo $GLOBALS['locNoAccess'] . "\n"; ?> </div> <?php return; } $blnNew = getPostRequest('newact', FALSE); $blnCopy = getPostRequest('copyact', FALSE) ? TRUE : FALSE; $blnDelete = getPostRequest('deleteact', FALSE) ? TRUE : FALSE; $intKeyValue = getPostRequest('id', FALSE); if (!$intKeyValue) { $blnNew = TRUE; } if (!sesWriteAccess() && ($blnNew || $blnCopy || $blnDelete)) { ?> <div class="form_container ui-widget-content"> <?php echo $GLOBALS['locNoAccess'] . "\n"; ?> </div> <?php return; } $strMessage = ''; if (isset($_SESSION['formMessage']) && $_SESSION['formMessage']) { $strMessage = $GLOBALS['loc' . $_SESSION['formMessage']]; unset($_SESSION['formMessage']); } $strErrorMessage = ''; if (isset($_SESSION['formErrorMessage']) && $_SESSION['formErrorMessage']) { $strErrorMessage = $GLOBALS['loc' . $_SESSION['formErrorMessage']]; unset($_SESSION['formErrorMessage']); } // if NEW is clicked clear existing form data if ($blnNew) { unset($intKeyValue); unset($astrValues); unset($_POST); unset($_REQUEST); $readOnlyForm = false; } $astrValues = getPostValues($astrFormElements, isset($intKeyValue) ? $intKeyValue : FALSE); $redirect = getRequest('redirect', null); if (isset($redirect)) { // Redirect after save foreach ($astrFormElements as $elem) { if ($elem['name'] == $redirect) { if ($elem['style'] == 'redirect') { $newLocation = str_replace('_ID_', $intKeyValue, $elem['listquery']); } elseif ($elem['style'] == 'openwindow') { $openWindow = str_replace('_ID_', $intKeyValue, $elem['listquery']); } } } } if ($blnDelete && $intKeyValue && !$readOnlyForm) { deleteRecord($strTable, $intKeyValue); unset($intKeyValue); unset($astrValues); $blnNew = TRUE; if (getSetting('auto_close_after_delete')) { $qs = preg_replace('/&form=\\w*/', '', $_SERVER['QUERY_STRING']); $qs = preg_replace('/&id=\\w*/', '', $qs); header("Location: " . _PROTOCOL_ . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/index.php?{$qs}"); return; } ?> <div class="form_container ui-widget-content"> <?php echo $GLOBALS['locRecordDeleted'] . "\n"; ?> </div> <?php return; } if (isset($intKeyValue) && $intKeyValue) { $res = fetchRecord($strTable, $intKeyValue, $astrFormElements, $astrValues); if ($res === 'deleted') { $strMessage .= $GLOBALS['locDeletedRecord'] . '<br>'; } elseif ($res === 'notfound') { echo $GLOBALS['locEntryDeleted']; die; } } if ($blnCopy) { unset($intKeyValue); unset($_POST); $blnNew = TRUE; $readOnlyForm = false; } ?> <div id="popup_dlg" style="display: none; width: 900px; overflow: hidden"> <iframe id="popup_dlg_iframe" src="about:blank" style="width: 100%; height: 100%; overflow: hidden; border: 0"></iframe> </div> <?php if (isset($popupHTML)) { echo $popupHTML; } ?> <div class="form_container"> <?php createFormButtons($blnNew, $copyLinkOverride, true, $readOnlyForm); ?> <div class="form"> <form method="post" name="admin_form" id="admin_form"> <input type="hidden" name="copyact" value="0"> <input type="hidden" name="newact" value="<?php echo $blnNew ? 1 : 0; ?> "> <input type="hidden" name="deleteact" value="0"> <input type="hidden" name="redirect" id="redirect" value=""> <input type="hidden" id="record_id" name="id" value="<?php echo isset($intKeyValue) && $intKeyValue ? $intKeyValue : ''; ?> "> <table> <?php $haveChildForm = false; $prevPosition = false; $prevColSpan = 1; $rowOpen = false; $formFieldMode = sesWriteAccess() && !$readOnlyForm ? 'MODIFY' : 'READONLY'; foreach ($astrFormElements as $elem) { if ($elem['type'] === false) { continue; } $fieldMode = isset($elem['read_only']) && $elem['read_only'] ? 'READONLY' : $formFieldMode; if ($elem['type'] == "LABEL") { if ($rowOpen) { echo " </tr>\n"; } $rowOpen = false; ?> <tr> <td class="sublabel ui-widget-header ui-state-default" colspan="4"> <?php echo $elem['label']; ?> </td> </tr> <?php continue; } if ($elem['position'] == 0 || $elem['position'] <= $prevPosition) { $prevPosition = 0; $prevColSpan = 1; echo " </tr>\n"; $rowOpen = false; } if ($elem['type'] != "IFORM") { if (!$rowOpen) { $rowOpen = true; echo " <tr>\n"; } if ($prevPosition !== FALSE && $elem['position'] > 0) { for ($i = $prevPosition + $prevColSpan; $i < $elem['position']; $i++) { echo " <td class=\"label\"> </td>\n"; } } if ($elem['position'] == 0 && !strstr($elem['type'], "HID_")) { $strColspan = "colspan=\"3\""; $intColspan = 3; } elseif ($elem['position'] == 1 && !strstr($elem['type'], "HID_")) { $strColspan = ''; $intColspan = 2; } else { $intColspan = 2; } } if ($blnNew && ($elem['type'] == 'BUTTON' || $elem['type'] == 'JSBUTTON' || $elem['type'] == 'IMAGE')) { echo " <td class=\"label\"> </td>"; } elseif ($elem['type'] == "BUTTON" || $elem['type'] == "JSBUTTON") { $intColspan = 1; ?> <td class="button"> <?php echo htmlFormElement($elem['name'], $elem['type'], $astrValues[$elem['name']], $elem['style'], $elem['listquery'], $fieldMode, $elem['parent_key'], $elem['label'], array(), isset($elem['elem_attributes']) ? $elem['elem_attributes'] : '', isset($elem['options']) ? $elem['options'] : null); ?> </td> <?php } elseif ($elem['type'] == "FILLER") { $intColspan = 1; ?> <td> </td> <?php } elseif ($elem['type'] == "HID_INT" || strstr($elem['type'], "HID_")) { ?> <?php echo htmlFormElement($elem['name'], $elem['type'], $astrValues[$elem['name']], $elem['style'], $elem['listquery'], $fieldMode, $elem['parent_key'], $elem['label']); } elseif ($elem['type'] == "IMAGE") { ?> <td class="image" colspan="<?php echo $intColspan; ?> "> <?php echo htmlFormElement($elem['name'], $elem['type'], $astrValues[$elem['name']], $elem['style'], $elem['listquery'], $fieldMode, $elem['parent_key'], $elem['label'], array(), isset($elem['elem_attributes']) ? $elem['elem_attributes'] : '', isset($elem['options']) ? $elem['options'] : null); ?> </td> <?php } elseif ($elem['type'] == "IFORM") { if ($rowOpen) { echo " </tr>\n"; } echo " </table>\n </form>\n"; $haveChildForm = true; createIForm($astrFormElements, $elem, isset($intKeyValue) ? $intKeyValue : 0, $blnNew, $strForm); break; } else { $value = $astrValues[$elem['name']]; if ($elem['style'] == 'measurement') { $value = $value ? miscRound2Decim($value, 2) : ''; } if ($elem['type'] == 'AREA') { ?> <td class="toplabel"><?php echo $elem['label']; ?> </td> <?php } else { ?> <td id="<?php echo htmlentities($elem['name']) . '_label'; ?> " class="label"<?php if (isset($elem['title'])) { echo ' title="' . $elem['title'] . '"'; } ?> ><?php echo $elem['label']; ?> </td> <?php } ?> <td class="field"<?php echo $strColspan ? " {$strColspan}" : ''; ?> > <?php echo htmlFormElement($elem['name'], $elem['type'], $value, $elem['style'], $elem['listquery'], $fieldMode, isset($elem['parent_key']) ? $elem['parent_key'] : '', '', array(), isset($elem['elem_attributes']) ? $elem['elem_attributes'] : '', isset($elem['options']) ? $elem['options'] : null); if (isset($elem['attached_elem'])) { echo ' ' . $elem['attached_elem'] . "\n"; } ?> </td> <?php } $prevPosition = is_int($elem['position']) ? $elem['position'] : 0; if ($prevPosition == 0) { $prevPosition = 255; } $prevColSpan = $intColspan; } if (!$haveChildForm) { if ($rowOpen) { echo " </tr>\n"; } echo " </table>\n </form>\n"; } if ($strForm == 'product') { // Special case for product: show stock balance change log ?> <div class="iform ui-corner-tl ui-corner-bl ui-corner-br ui-corner-tr ui-helper-clearfix" id="stock_balance_log"> <div class="ui-corner-tl ui-corner-tr fg-toolbar ui-toolbar ui-widget-header"><?php echo $GLOBALS['locStockBalanceUpdates']; ?> </div> <table id="stock_balance_change_log"> <tr> <th class="medium"><?php echo $GLOBALS['locHeaderChangeLogDateTime']; ?> </th> <th class="medium"><?php echo $GLOBALS['locHeaderChangeLogUser']; ?> </th> <th class="small"><?php echo $GLOBALS['locHeaderChangeLogAmount']; ?> </th> <th class="long"><?php echo $GLOBALS['locHeaderChangeLogDescription']; ?> </th> </tr> </table> </div> </div> <?php } ?> </div> <script type="text/javascript"> /* <![CDATA[ */ var globals = {}; $(window).bind('beforeunload', function(e) { if ($('.save_button').hasClass('ui-state-highlight') || $('.add_row_button').hasClass('ui-state-highlight')) { e.returnValue = "<?php echo $GLOBALS['locUnsavedData']; ?> "; return "<?php echo $GLOBALS['locUnsavedData']; ?> "; } }); function showmsg(msg, timeout) { $.floatingMessage("<span>" + msg + "</span>", { position: "top-right", className: "ui-widget ui-state-highlight", show: "show", hide: "fade", stuffEaseTime: 200, moveEaseTime: 0, time: typeof(timeout) != 'undefined' ? timeout : 5000 }); } function errormsg(msg, timeout) { $.floatingMessage("<span>" + msg + "</span>", { position: "top-right", className: "ui-widget ui-state-error", show: "show", hide: "fade", stuffEaseTime: 200, moveEaseTime: 0, time: typeof(timeout) != 'undefined' ? timeout : 5000 }); } $(document).ready(function() { <?php if ($strMessage) { ?> showmsg("<?php echo $strMessage; ?> "); <?php } if ($strErrorMessage) { ?> errormsg("<?php echo $strErrorMessage; ?> "); <?php } if ($strForm == 'product') { ?> update_stock_balance_log(); <?php } if (sesWriteAccess()) { ?> $('input[class~="hasCalendar"]').datepicker(); <?php } ?> $('#message').ajaxStart(function() { $('#spinner').css('visibility', 'visible'); }); $('#message').ajaxStop(function() { $('#spinner').css('visibility', 'hidden'); }); $('#errormsg').ajaxError(function(event, request, settings) { errormsg('Server request failed: ' + request.status + ' - ' + request.statusText); $('#spinner').css('visibility', 'hidden'); }); $('#admin_form').find('input[type="text"],input[type="hidden"],input[type="checkbox"],select,textarea').change(function() { $('.save_button').addClass('ui-state-highlight'); }); <?php if ($haveChildForm && !$blnNew) { ?> init_rows(); $('#iform').find('input[type="text"],input[type="hidden"],input[type="checkbox"],select,textarea').change(function() { $('.add_row_button').addClass('ui-state-highlight'); }); <?php } elseif (isset($newLocation)) { echo "window.location='{$newLocation}';"; } if (isset($openWindow)) { echo "window.open('{$openWindow}');"; } ?> }); <?php if ($haveChildForm && !$blnNew) { ?> function init_rows_done() { <?php if (isset($newLocation)) { echo "window.location='{$newLocation}';"; } ?> } <?php } ?> function save_record(redirect_url, redir_style) { var form = document.getElementById('admin_form'); var obj = new Object(); <?php foreach ($astrFormElements as $elem) { if ($elem['name'] && !in_array($elem['type'], array('HID_INT', 'SECHID_INT', 'BUTTON', 'JSBUTTON', 'LABEL', 'IMAGE', 'NEWLINE', 'ROWSUM', 'CHECK', 'IFORM'))) { ?> obj.<?php echo $elem['name']; ?> = form.<?php echo $elem['name']; ?> .value; <?php } elseif ($elem['type'] == 'CHECK') { ?> obj.<?php echo $elem['name']; ?> = form.<?php echo $elem['name']; ?> .checked ? 1 : 0; <?php } } ?> obj.id = form.id.value; $.ajax({ 'url': "json.php?func=put_<?php echo $strJSONType; ?> ", 'type': 'POST', 'dataType': 'json', 'data': $.toJSON(obj), 'contentType': 'application/json; charset=utf-8', 'success': function(data) { if (data.warnings) alert(data.warnings); if (data.missing_fields) { errormsg('<?php echo $GLOBALS['locErrValueMissing']; ?> : ' + data.missing_fields); } else { $('.save_button').removeClass('ui-state-highlight'); showmsg('<?php echo $GLOBALS['locRecordSaved']; ?> ', 2000); if (redirect_url) { if (redir_style == 'openwindow') window.open(redirect_url); else window.location = redirect_url; } if (!obj.id) { obj.id = data.id; form.id.value = obj.id; if (!redirect_url || redir_style == 'openwindow') { var newloc = new String(window.location).split('#', 1)[0]; window.location = newloc + '&id=' + obj.id; } } } }, 'error': function(XMLHTTPReq, textStatus, errorThrown) { if (XMLHTTPReq.status == 409) { errormsg(jQuery.parseJSON(XMLHTTPReq.responseText).warnings); } else if (textStatus == 'timeout') errormsg('Timeout trying to save data'); else errormsg('Error trying to save data: ' + XMLHTTPReq.status + ' - ' + XMLHTTPReq.statusText); return false; } }); } function popup_dialog(url, on_close, dialog_title, event, width, height) { $("#popup_dlg").dialog({ modal: true, width: width, height: height, resizable: true, position: [50, 50], buttons: { "<?php echo $GLOBALS['locClose']; ?> ": function() { $("#popup_dlg").dialog('close'); } }, title: dialog_title, close: function(event, ui) { eval(on_close); } }).find("#popup_dlg_iframe").attr("src", url); return true; } /* ]]> */ </script> <?php createFormButtons($blnNew, $copyLinkOverride, false, $readOnlyForm); echo " </div>\n"; if ($addressAutocomplete && getSetting('address_autocomplete')) { ?> <script type="text/javascript"> $(document).ready(function() { var s = document.createElement("script"); s.type = "text/javascript"; s.src = "https://maps.googleapis.com/maps/api/js?sensor=false&libraries=places&callback=gmapsready"; window.gmapsready = function(){ initAddressAutocomplete(""); initAddressAutocomplete("quick_"); }; $("head").append(s); }); </script> <?php } }
function createJSONSelectList($strList, $startRow, $rowCount, $filter, $sort, $id = null) { global $dblink; require "list_switch.php"; if (!sesAccessLevel($levelsAllowed) && !sesAdminAccess()) { ?> <div class="form_container ui-widget-content"> <?php echo $GLOBALS['locNoAccess'] . "\n"; ?> </div> <?php return; } if ($sort) { if (!preg_match('/^[\\w_,]+$/', $sort)) { header('HTTP/1.1 400 Bad Request'); die('Invalid sort type'); } $sortValid = 0; $sortFields = explode(',', $sort); foreach ($sortFields as $sortField) { foreach ($astrShowFields as $field) { if ($sortField === $field['name']) { ++$sortValid; break; } } } if ($sortValid != count($sortFields)) { header('HTTP/1.1 400 Bad Request'); die('Invalid sort type'); } } else { foreach ($astrShowFields as $field) { if ($field['name'] == 'order_no') { $sort = 'order_no'; } } } $arrQueryParams = array(); $strWhereClause = ''; if (!getSetting('show_deleted_records') && empty($id)) { $strWhereClause = " WHERE {$strDeletedField}=0"; } if ($strGroupBy) { $strGroupBy = " GROUP BY {$strGroupBy}"; } // Add Filter if ($filter) { $strWhereClause .= ($strWhereClause ? ' AND ' : ' WHERE ') . createWhereClause($astrSearchFields, $filter, $arrQueryParams, !getSetting('dynamic_select_search_in_middle')); } // Filter out inactive companies if ($strList == 'company' || $strList == 'companies') { $strWhereClause .= ($strWhereClause ? ' AND ' : ' WHERE ') . 'inactive=0'; } if ($id) { $strWhereClause .= ($strWhereClause ? ' AND ' : ' WHERE ') . 'id=' . mysqli_real_escape_string($dblink, $id); } // Build the final select clause $strSelectClause = "{$strPrimaryKey}, {$strDeletedField}"; foreach ($astrShowFields as $field) { $strSelectClause .= ', ' . (isset($field['sql']) ? $field['sql'] : $field['name']); } $fullQuery = "SELECT {$strSelectClause} FROM {$strTable} {$strWhereClause}{$strGroupBy}"; if ($sort) { $fullQuery .= " ORDER BY {$sort}"; } if ($startRow >= 0 && $rowCount >= 0) { $fullQuery .= " LIMIT {$startRow}, " . ($rowCount + 1); } $res = mysqli_param_query($fullQuery, $arrQueryParams); $astrListValues = array(); $i = -1; $moreAvailable = false; while ($row = mysqli_fetch_prefixed_assoc($res)) { ++$i; if ($startRow >= 0 && $rowCount >= 0 && $i >= $rowCount) { $moreAvailable = true; break; } $astrPrimaryKeys[$i] = $row[$strPrimaryKey]; $aboolDeleted[$i] = $row[$strDeletedField]; foreach ($astrShowFields as $field) { $name = $field['name']; if ($field['type'] == 'TEXT' || $field['type'] == 'INT') { $value = $row[$name]; if (isset($field['mappings']) && isset($field['mappings'][$value])) { $value = $field['mappings'][$value]; } $astrListValues[$i][$name] = $value; } elseif ($field['type'] == 'CURRENCY') { $value = $row[$name]; $value = miscRound2Decim($value, isset($field['decimals']) ? $field['decimals'] : 2); $astrListValues[$i][$name] = $value; } elseif ($field['type'] == 'INTDATE') { $astrListValues[$i][$name] = dateConvDBDate2Date($row[$name]); } } } $records = array(); for ($i = 0; $i < count($astrListValues); $i++) { $row = $astrListValues[$i]; $resultValues = array(); foreach ($astrShowFields as $field) { if (!isset($field['select']) || !$field['select']) { continue; } $name = $field['name']; if (isset($field['translate']) && $field['translate'] && isset($GLOBALS["loc{$row[$name]}"])) { $value = $GLOBALS["loc{$row[$name]}"]; } else { $value = htmlspecialchars($row[$name]); } $resultValues[$name] = $value; } $records[] = array('id' => $astrPrimaryKeys[$i], 'text' => implode(' ', $resultValues)); } $results = array('moreAvailable' => $moreAvailable, 'records' => $records, 'filter' => $filter); return json_encode($results); }
echo '{"columns":['; $res = mysqli_query_check("select * from {prefix}{$table} where 1=2"); $field_count = mysqli_num_fields($res); for ($i = 0; $i < $field_count; $i++) { $field_def = mysqli_fetch_field($res); if ($i == 0) { echo "\n"; } else { echo ",\n"; } echo json_encode(['name' => $field_def->name]); } echo "\n]}"; break; case 'get_import_preview': if (!sesAdminAccess()) { header('HTTP/1.1 403 Forbidden'); exit; } $table = getRequest('table', ''); if ($table == 'account_statement') { require 'import_statement.php'; $import = new ImportStatement(); } else { require 'import.php'; $import = new ImportFile(); } $import->create_import_preview(); break; case 'get_list': require 'list.php';
echo $GLOBALS['locPrereleaseVersion']; ?> ").appendTo("#version"); } $.cookie("updateversion", $.toJSON(data), { expires: 1 }); } </script> <?php } } if ($strFunc == 'system' && getRequest('operation', '') == 'export' && sesAdminAccess()) { createFuncMenu($strFunc); require_once 'export.php'; $export = new ExportData(); $export->launch(); } elseif ($strFunc == 'system' && getRequest('operation', '') == 'import' && sesAdminAccess()) { createFuncMenu($strFunc); require_once 'import.php'; $import = new ImportFile(); $import->launch(); } elseif ($strFunc == 'import_statement') { createFuncMenu($strFunc); require_once 'import_statement.php'; $import = new ImportStatement(); $import->launch(); } else { switch ($strFunc) { case 'reports': createFuncMenu($strFunc); switch ($strForm) { case 'invoice':
function createFuncMenu($strFunc) { $strHiddenTerm = ''; $strNewButton = ''; $strFormName = ''; $strExtSearchTerm = ""; $blnShowSearch = FALSE; switch ($strFunc) { case "system": $astrNaviLinks = array(array("href" => "list=user", "text" => $GLOBALS['locUsers'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "list=invoice_state", "text" => $GLOBALS['locInvoiceStates'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "list=row_type", "text" => $GLOBALS['locRowTypes'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "list=delivery_terms", "text" => $GLOBALS['locDeliveryTerms'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "list=delivery_method", "text" => $GLOBALS['locDeliveryMethods'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "list=print_template", "text" => $GLOBALS['locPrintTemplates'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "operation=dbdump", "text" => $GLOBALS['locBackupDatabase'], "levels_allowed" => array(ROLE_BACKUPMGR, ROLE_ADMIN)), array("href" => "operation=import", "text" => $GLOBALS['locImportData'], "levels_allowed" => array(ROLE_ADMIN)), array("href" => "operation=export", "text" => $GLOBALS['locExportData'], "levels_allowed" => array(ROLE_ADMIN))); $strNewText = ''; $strList = getRequest('list', ''); switch ($strList) { case 'user': $strNewText = $GLOBALS['locNewUser']; break; case 'session_type': $strNewText = $GLOBALS['locNewSessionType']; break; case 'invoice_state': case 'row_type': case 'delivery_terms': case 'delivery_method': case 'print_template': $strNewText = $GLOBALS['locAddNew']; break; } if ($strNewText) { $strNewButton = "<br/><br/><a class=\"buttonlink new_button\" href=\"?func=system&list={$strList}&form={$strList}\">{$strNewText}</a>"; } break; case "settings": $astrNaviLinks = array(array("href" => "list=settings", "text" => $GLOBALS['locGeneralSettings'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR)), array("href" => "list=base", "text" => $GLOBALS['locBases'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR)), array("href" => "list=product", "text" => $GLOBALS['locProducts'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR))); $strNewText = ''; $strList = getRequest('list', ''); switch ($strList) { case 'base': $strNewText = $GLOBALS['locNewBase']; break; case 'product': $strNewText = $GLOBALS['locNewProduct']; break; } if ($strNewText) { $strNewButton = "<br/><br/><a class=\"buttonlink\" href=\"?func=settings&list={$strList}&form={$strList}\">{$strNewText}</a>"; } break; case "reports": $astrNaviLinks = array(array("href" => "form=invoice", "text" => $GLOBALS['locInvoiceReport'], "levels_allowed" => array(ROLE_READONLY, ROLE_USER, ROLE_BACKUPMGR)), array("href" => "form=product", "text" => $GLOBALS['locProductReport'], "levels_allowed" => array(ROLE_READONLY, ROLE_USER, ROLE_BACKUPMGR)), array("href" => "form=product_stock", "text" => $GLOBALS['locProductStockReport'], "levels_allowed" => array(ROLE_READONLY, ROLE_USER, ROLE_BACKUPMGR))); break; case "companies": $blnShowSearch = TRUE; $strOpenForm = "company"; $strFormName = "company"; $strFormSwitch = "company"; $astrNaviLinks = array(); $strNewButton = '<a class="buttonlink" href="?func=companies&form=company">' . $GLOBALS['locNewClient'] . '</a>'; break; default: $blnShowSearch = TRUE; $strFormName = "invoice"; $astrNaviLinks = array(); if ($strFunc == 'open_invoices') { $astrNaviLinks[] = array("href" => "index.php?func=invoices", "text" => $GLOBALS['locDisplayAllInvoices'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR)); } else { $astrNaviLinks[] = array("href" => "index.php?func=open_invoices", "text" => $GLOBALS['locDisplayOpenInvoices'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR)); } if ($strFunc != 'archived_invoices') { $strNewButton = '<a class="buttonlink" href="?func=invoices&form=invoice">' . $GLOBALS['locNewInvoice'] . '</a>'; $astrNaviLinks[] = array("href" => "index.php?func=import_statement", "text" => $GLOBALS['locImportAccountStatement'], "levels_allowed" => array(ROLE_USER, ROLE_BACKUPMGR)); } $strFunc = 'invoices'; break; } ?> <script type="text/javascript"> <!-- function openSearchWindow(mode, event) { x = event.screenX; y = event.screenY; if( mode == 'ext' ) { strLink = 'ext_search.php?func=<?php echo $strFunc; ?> &form=<?php echo $strFormName; ?> '; strLink = strLink + '<?php echo $strExtSearchTerm; ?> '; height = '400'; width = '600'; windowname = 'ext'; } if( mode == 'quick' ) { strLink = 'quick_search.php?func=<?php echo $strFunc; ?> '; height = '400'; width = '250'; windowname = 'quicksearch'; } var win = window.open(strLink, windowname, 'height='+height+',width='+width+',screenX=' + x + ',screenY=' + y + ',left=' + x + ',top=' + y + ',menubar=no,scrollbars=yes,status=no,toolbar=no'); win.focus(); return true; } --> </script> <div class="function_navi"> <?php foreach ($astrNaviLinks as $link) { if (sesAccessLevel($link["levels_allowed"]) || sesAdminAccess()) { if (strchr($link['href'], '?') === FALSE) { $strHref = "?func={$strFunc}&" . $link['href']; } else { $strHref = $link['href']; } $class = ''; if (strpos($link['href'], '?')) { list(, $urlParams) = explode('?', $link['href'], 2); } else { $urlParams = $link['href']; } parse_str($urlParams, $linkParts); if ((!isset($linkParts['func']) || getRequest('func', '') == $linkParts['func']) && (!isset($linkParts['list']) || getRequest('list', '') == $linkParts['list']) && (!isset($linkParts['form']) || getRequest('form', '') == $linkParts['form']) && (!isset($linkParts['operation']) || getRequest('operation', '') == $linkParts['operation'])) { $class = ' ui-state-highlight'; } ?> <a class="buttonlink<?php echo $class; ?> " href="<?php echo $strHref; ?> "><?php echo $link['text']; ?> </a> <?php } } if ($blnShowSearch) { ?> <a class="buttonlink" href="#" onClick="openSearchWindow('ext', event); return false;"><?php echo $GLOBALS['locExtSearch']; ?> </a> <a class="buttonlink" href="#" onClick="openSearchWindow('quick', event); return false;"><?php echo $GLOBALS['locQuickSearch']; ?> </a> <?php } if (sesWriteAccess()) { echo " {$strNewButton}\n"; } ?> </div> <?php }
function createSettingsList() { if (!sesAdminAccess()) { ?> <div class="form_container ui-widget-content"> <?php echo $GLOBALS['locNoAccess'] . "\n"; ?> </div> <?php return; } require 'settings_def.php'; $messages = ''; $blnSave = getPostRequest('saveact', FALSE) ? TRUE : FALSE; if ($blnSave) { foreach ($arrSettings as $name => $elem) { $type = $elem['type']; $label = $elem['label']; if ($type == 'LABEL') { continue; } $newValue = getPost($name, NULL); if (!isset($newValue) || $newValue === '') { if (!$elem['allow_null']) { $messages .= $GLOBALS['locErrValueMissing'] . ": '{$label}'<br>\n"; continue; } else { $newValue = ''; } } if (in_array($type, array('CURRENCY', 'PERCENT'))) { $newValue = str_replace($GLOBALS['locDecimalSeparator'], '.', $newValue); } if (in_array($type, array('CURRENCY', 'PERCENT', 'INT'))) { $newValue = trim($newValue); if (!is_numeric($newValue)) { $messages .= $GLOBALS['locErrInvalidValue'] . " '{$label}'<br>\n"; continue; } } if (isset($elem['session']) && $elem['session']) { $_SESSION[$name] = $newValue; } mysqli_param_query('DELETE from {prefix}settings WHERE name=?', array($name)); mysqli_param_query('INSERT INTO {prefix}settings (name, value) VALUES (?, ?)', array($name, $newValue)); } } ?> <div class="form_container ui-widget-content"> <?php if ($messages) { ?> <div class="ui-widget ui-state-error"><?php echo $messages; ?> </div> <?php } ?> <script type="text/javascript"> <!-- $(document).ready(function() { $('input[class~="hasCalendar"]').datepicker(); $('iframe[class~="resizable"]').load(function() { var iframe = $(this); var body = iframe.contents().find("body"); var newHeight = body.outerHeight(true) + 10; // Leave room for calendar popup if (newHeight < 250) newHeight = 250; iframe.css("height", newHeight + 'px'); body.css("overflow", "hidden"); }); $('#admin_form').find('input[type="text"],input[type="checkbox"],select,textarea').change(function() { $('.save_button').addClass('unsaved'); }); }); --> </script> <?php createSettingsListButtons(); ?> <div class="form"> <form method="post" name="admin_form" id="admin_form"> <?php foreach ($arrSettings as $name => $elem) { $elemType = $elem['type']; if ($elemType == 'LABEL') { ?> <div class="sublabel ui-widget-header ui-state-default"><?php echo $elem['label']; ?> </div> <?php continue; } $value = getPost($name, NULL); if (!isset($value)) { if (isset($elem['session']) && $elem['session']) { $value = isset($_SESSION[$name]) ? $_SESSION[$name] : (isset($elem['default']) ? cond_utf8_decode($elem['default']) : ''); } else { $res = mysqli_param_query('SELECT value from {prefix}settings WHERE name=?', array($name)); if ($row = mysqli_fetch_assoc($res)) { $value = $row['value']; } else { $value = isset($elem['default']) ? cond_utf8_decode($elem['default']) : ''; } } if ($elemType == 'CURRENCY') { $value = miscRound2Decim($value); } elseif ($elemType == 'PERCENT') { $value = miscRound2Decim($value, 1); } } if ($elemType == 'CURRENCY' || $elemType == 'PERCENT') { $elemType = 'INT'; } if ($elemType == 'CHECK') { ?> <div class="field" style="clear: both"> <?php echo htmlFormElement($name, $elemType, $value, $elem['style'], '', "MODIFY", '', '', array(), isset($elem['elem_attributes']) ? $elem['elem_attributes'] : '', isset($elem['options']) ? $elem['options'] : null); ?> <label for="<?php echo $name; ?> "><?php echo $elem['label']; ?> </label> </div> <?php } else { ?> <div class="label" style="clear: both"><label for="<?php echo $name; ?> "><?php echo $elem['label']; ?> </label></div> <div class="field" style="clear: both"> <?php echo htmlFormElement($name, $elemType, $value, $elem['style'], '', "MODIFY", '', '', array(), isset($elem['elem_attributes']) ? $elem['elem_attributes'] : '', isset($elem['options']) ? $elem['options'] : null); ?> </div> <?php } } ?> <input type="hidden" name="saveact" value="0"> <?php createSettingsListButtons(); ?> </form> </div> </div> <?php }