function get_by_name($p_name) { $p_name = sql_string($p_name); if ($p_name == null) { $p_name = $this->name; } $this->fetch_from_db("po_name='" . $p_name . "'"); echo "id = " . $this->id; }
public function insert($p_array = null) { global $g_parameter; bcscale(2); $internal_code = ""; $oid = 0; extract($p_array); $ret = ''; // Debit = banque $bank_id = $this->get_bank(); $fBank = new Fiche($this->db, $bank_id); $e_bank_account = $fBank->strAttribut(ATTR_DEF_QUICKCODE); // Get the saldo $pPeriode = new Periode($this->db); $sposte = $fBank->strAttribut(ATTR_DEF_ACCOUNT); // if 2 accounts, take only the debit one for customer if (strpos($sposte, ',') != 0) { $array = explode(',', $sposte); $poste_val = $array[0]; } else { $poste_val = $sposte; } $acc_account = new Acc_Account_Ledger($this->db, $poste_val); // If date = deposit date if ($chdate == 1) { if ($this->check_periode() == true) { $pPeriode->p_id = $periode; } else { $pPeriode->find_periode($e_date); } $exercice = $pPeriode->get_exercice(); $filter_year = " j_tech_per in (select p_id from parm_periode where p_exercice='" . $exercice . "')"; $asolde = $acc_account->get_solde_detail($filter_year); $deb = $asolde['debit']; $cred = $asolde['credit']; $solde = bcsub($deb, $cred); $new_solde = $solde; } try { $this->db->start(); $amount = 0.0; $idx_operation = 0; $ret = '<table class="result" >'; $ret .= tr(th('Date') . th('n° interne') . th('Quick Code') . th('Nom') . th('Libellé') . th('Montant', ' style="text-align:right"')); // Credit = goods $get_solde = true; for ($i = 0; $i < $nb_item; $i++) { // insert it into the database // and quit the loop ? if (strlen(trim(${"e_other{$i}"})) == 0) { continue; } if ($chdate == 2) { $e_date = ${'dateop' . $i}; } // if date is date of operation if ($chdate == 2 && $get_solde) { $get_solde = false; if ($this->check_periode() == true) { $pPeriode->p_id = $periode; } else { $pPeriode->find_periode($e_date); } $exercice = $pPeriode->get_exercice(); $filter_year = " j_tech_per in (select p_id from parm_periode where p_exercice='" . $exercice . "')"; $solde = $acc_account->get_solde($filter_year); $new_solde = $solde; } $fPoste = new Fiche($this->db); $fPoste->get_by_qcode(${"e_other{$i}"}); // round it ${"e_other{$i}" . "_amount"} = round(${"e_other{$i}" . "_amount"}, 2); $amount += ${"e_other{$i}" . "_amount"}; // Record a line for the bank // Compute the j_grpt $seq = $this->db->get_next_seq('s_grpt'); $acc_operation = new Acc_Operation($this->db); $acc_operation->date = $e_date; $sposte = $fPoste->strAttribut(ATTR_DEF_ACCOUNT); // if 2 accounts if (strpos($sposte, ',') != 0) { $array = explode(',', $sposte); if (${"e_other{$i}" . "_amount"} < 0) { $poste_val = $array[1]; } else { $poste_val = $array[0]; } } else { $poste_val = $sposte; } $acc_operation->poste = $poste_val; $acc_operation->amount = ${"e_other{$i}" . "_amount"} * -1; $acc_operation->grpt = $seq; $acc_operation->jrn = $p_jrn; $acc_operation->type = 'd'; if (isset($periode)) { $tperiode = $periode; } else { $per = new Periode($this->db); $tperiode = $per->find_periode($e_date); } $acc_operation->periode = $tperiode; $acc_operation->qcode = ${"e_other" . $i}; $j_id = $acc_operation->insert_jrnx(); $acc_operation = new Acc_Operation($this->db); $acc_operation->date = $e_date; $sposte = $fBank->strAttribut(ATTR_DEF_ACCOUNT); // if 2 accounts if (strpos($sposte, ',') != 0) { $array = explode(',', $sposte); if (${"e_other{$i}" . "_amount"} < 0) { $poste_val = $array[1]; } else { $poste_val = $array[0]; } } else { $poste_val = $sposte; } $acc_operation->poste = $poste_val; $acc_operation->amount = ${"e_other{$i}" . "_amount"}; $acc_operation->grpt = $seq; $acc_operation->jrn = $p_jrn; $acc_operation->type = 'd'; $acc_operation->periode = $tperiode; $acc_operation->qcode = $e_bank_account; $acc_operation->insert_jrnx(); if (sql_string(${"e_other{$i}" . "_comment"}) == null) { // if comment is blank set a default one $comment = " compte : " . $fBank->strAttribut(ATTR_DEF_NAME) . ' a ' . $fPoste->strAttribut(ATTR_DEF_NAME); } else { $comment = ${'e_other' . $i . '_comment'}; } $acc_operation = new Acc_Operation($this->db); $acc_operation->jrn = $p_jrn; $acc_operation->amount = abs(${"e_other{$i}" . "_amount"}); $acc_operation->date = $e_date; $acc_operation->desc = $comment; $acc_operation->grpt = $seq; $acc_operation->periode = $tperiode; $acc_operation->mt = $mt; $idx_operation++; $acc_operation->pj = ''; if (trim($e_pj) != '' && $this->numb_operation() == true) { $acc_operation->pj = $e_pj . str_pad($idx_operation, 3, 0, STR_PAD_LEFT); } if (trim($e_pj) != '' && $this->numb_operation() == false) { $acc_operation->pj = $e_pj; } $jr_id = $acc_operation->insert_jrn(); // $acc_operation->set_pj(); $this->db->exec_sql('update jrn set jr_pj_number=$1 where jr_id=$2', array($acc_operation->pj, $jr_id)); $internal = $this->compute_internal_code($seq); if (trim(${"e_concerned" . $i}) != "") { if (strpos(${"e_concerned" . $i}, ',') != 0) { $aRapt = explode(',', ${"e_concerned" . $i}); foreach ($aRapt as $rRapt) { // Add a "concerned operation to bound these op.together // $rec = new Acc_Reconciliation($this->db); $rec->set_jr_id($jr_id); if (isNumber($rRapt) == 1) { $rec->insert($rRapt); } } } else { if (isNumber(${"e_concerned" . $i}) == 1) { $rec = new Acc_Reconciliation($this->db); $rec->set_jr_id($jr_id); $rec->insert(${"e_concerned{$i}"}); } } } // Set Internal code $this->grpt_id = $seq; /** * save also into quant_fin */ $this->insert_quant_fin($fBank->id, $jr_id, $fPoste->id, ${"e_other{$i}" . "_amount"}); if ($g_parameter->MY_ANALYTIC != "nu") { // for each item, insert into operation_analytique */ $op = new Anc_Operation($this->db); $op->oa_group = $this->db->get_next_seq("s_oa_group"); /* for analytic */ $op->j_id = $j_id; $op->oa_date = $e_date; $op->oa_debit = 'f'; $op->oa_description = sql_string($comment); $op->save_form_plan($_POST, $i, $j_id); } $this->update_internal_code($internal); $js_detail = HtmlInput::detail_op($jr_id, $internal); // Compute display $row = td($e_date) . td($js_detail) . td(${"e_other{$i}"}) . td($fPoste->strAttribut(ATTR_DEF_NAME)) . td(${"e_other" . $i . "_comment"}) . td(nbm(${"e_other{$i}" . "_amount"}), 'class="num"'); $class = $i % 2 == 0 ? ' class="even" ' : ' class="odd" '; $ret .= tr($row, $class); if ($i == 0) { // first record we upload the files and // keep variable to update other row of jrn if (isset($_FILES)) { $oid = $this->db->save_upload_document($seq); } } else { if ($oid != 0) { $this->db->exec_sql("update jrn set jr_pj=\$1 , jr_pj_name=\$2,\n jr_pj_type=\$3 where jr_grpt_id=\$4", array($oid, $_FILES['pj']['name'], $_FILES['pj']['type'], $seq)); } } } // for nbitem // increment pj if (strlen(trim($e_pj)) != 0) { $this->inc_seq_pj(); } $ret .= '</table>'; } catch (Exception $e) { $r = '<span class="error">' . 'Erreur dans l\'enregistrement ' . __FILE__ . ':' . __LINE__ . ' ' . $e->getMessage(); $this->db->rollback(); throw new Exception($r); } $this->db->commit(); $r = ""; $r .= "<br>Ancien solde " . nbm($solde); $new_solde = bcadd($new_solde, $amount); $r .= "<br>Nouveau solde " . nbm($new_solde); $ret .= $r; return $ret; }
public function get_operation() { if ($this->jrn_def_id == '') { return array(); } $value = $this->db->make_array("select od_id,od_name from op_predef " . " where jrn_def_id=" . sql_string($this->jrn_def_id) . " and od_direct ='" . sql_string($this->od_direct) . "'" . " order by od_name", 1); return $value; }
if ($msg != "") { echo '<div class="content">'; echo h2(_("Fiche non effacées"), ' class="error" '); echo '<p class="error">' . _(" Ces fiches n'ont pas été effacées ") . $msg; echo '</div>'; } } } else { echo NoAccess(); } } $sql = "select f_id from fiche "; if ($allcard == 1) { $cond = ""; } else { $cond = " where f.fd_id = " . sql_string($_GET['cat']); } // Create nav bar $max = $cn->get_value("select count(*) from fiche as f " . $cond); $step = $_SESSION['g_pagesize']; $page = isset($_GET['offset']) ? $_GET['page'] : 1; $offset = isset($_GET['offset']) ? $_GET['offset'] : 0; $bar = navigation_bar($offset, $max, $step, $page); $limit = $step == -1 ? "" : " limit " . $step; $res = $cn->exec_sql("\n\t\tselect f_id,\n\t\t\t(select ad_value from fiche_detail as fd1 where ad_id=1 and fd1.f_id=f.f_id) as name,\n\t\t\t(select ad_value from fiche_detail as fd1 where ad_id=23 and fd1.f_id=f.f_id) as qcode,\n\t\t\tfd_label,\n\t\t\t(select ad_value from fiche_detail as fd1 where ad_id=5 and fd1.f_id=f.f_id) as poste\n\t\tfrom fiche as f join fiche_def as fd on (fd.fd_id=f.fd_id)\n\t\t{$cond} order by 2,4 offset {$offset} {$limit}\n\t"); $nb_line = Database::num_row($res); if ($write != 1 || $allcard != 0) { $str_add_card = ""; } require_once NOALYSS_INCLUDE . '/template/fiche_list.php'; echo '<hr>' . $bar;
/** * replaced by sql_string * @deprecated */ function FormatString($p_string) { return sql_string($p_string); }
<?php include "common.php"; include "database.php"; include "credentials.php"; $fingerprint = sql_string($_REQUEST['fingerprint']); $licensecode = sql_string($_REQUEST['licensecode']); $paypalref = sql_string($_REQUEST['paypalref']); $contributor = sql_string($_REQUEST['contributor']); $euro = sql_string($_REQUEST['euro']); $magic = $_REQUEST['magic']; if ($magic != $MAGIC) { die("no permission"); } mysql_query("UPDATE newsflash2 SET " . "license={$licensecode}, paypalref={$paypalref}, " . "contributor={$contributor}, euro={$euro} " . "WHERE fingerprint={$fingerprint}") or die("SQL Error"); mysql_close($db); echo "success";
$table->add(_('Code'), $url, "order by me_code asc", "order by me_code desc", "codea", "coded"); $table->add(_('Menu'), $url, "order by me_menu asc", "order by me_menu desc", "menua", "menud"); $table->add(_('Description'), $url, "order by me_description asc", "order by me_description desc", "desa", "desd"); $table->add(_('Type'), $url, "order by me_type asc", "order by me_type desc", "ta", "td"); $table->add(_('Fichier'), $url, "order by me_file asc", "order by me_file desc", "fa", "fd"); $table->add(_('URL'), $url, "order by me_url asc", "order by me_url desc", "urla", "urld"); $table->add(_('Paramètre'), $url, "order by me_parametere asc", "order by me_parameter desc", "paa", "pad"); $table->add(_('Javascript'), $url, "order by me_javascript asc", "order by me_javascript desc", "jsa", "jsd"); $ord = isset($_REQUEST['ord']) ? $_REQUEST['ord'] : 'codea'; $order = $table->get_sql_order($ord); $iselect = new ISelect('p_type'); $iselect->value = array(array("value" => '', "label" => _("Tout")), array("value" => 'ME', "label" => _("Menu")), array("value" => 'PR', "label" => _("Impression")), array("value" => 'PL', "label" => _("Extension / Plugin")), array("value" => 'SP', "label" => _("Valeurs spéciales"))); $iselect->selected = isset($_REQUEST['p_type']) ? $_REQUEST['p_type'] : ''; $sql = ""; if ($iselect->selected != '') { $sql = "where me_type='" . sql_string($_REQUEST['p_type']) . "' "; } $menu = new Menu_Ref_sql($cn); $ret = $menu->seek($sql . $order); ?> <fieldset><legend><?php echo _('Recherche'); ?> </legend> <form method="GET"> <?php echo $iselect->input(); ?> <?php echo HtmlInput::submit("search", _("Recherche")); ?>
function create_query_histo($p_array) { global $cn, $g_user; $profile = $g_user->get_profile(); $sql = "\n\t\t\tselect sg_id,\n\t\t\t\tsg.f_id,\n\t\t\t\t(select ad_value from fiche_Detail as fd1 where ad_id=1 and fd1.f_id=jx.f_id) as fname,\n\t\t\t\t(select ad_value from fiche_Detail as fd1 where ad_id=23 and fd1.f_id=jx.f_id) as qcode,\n\t\t\t\tsg_code,\n\t\t\t\tcoalesce(sg_comment,jr_comment) as ccomment,\n\t\t\t\tsg_exercice,\n\t\t\t\tr_name,\n\t\t\t\tsg.r_id,\n\t\t\t\tj_montant,\n\t\t\t\tjr_date,\n\t\t\t\tsg_quantity,\n\t\t\t\tcase when sg_type='c' then 'OUT' when sg_type='d' then 'IN' end as direction,\n\t\t\t\tjr_internal,\n\t\t\t\tjr_id,\n\t\t\t\tcoalesce(sg_date,jr_date) as real_date,\n\t\t\t\tto_char(coalesce(sg_date,jr_date),'DD.MM.YY') as cdate\n\t\t\tfrom stock_goods as sg\n\t\t\tjoin stock_repository as sr on (sg.r_id=sr.r_id)\n\t\t\tleft join jrnx as jx on (sg.j_id=jx.j_id)\n\t\t\tleft join jrn as j on (j.jr_grpt_id=jx.j_grpt)\n\t\t\twhere\n\t\t\tsg.r_id in (select r_id from profile_sec_repository where p_id = {$profile})"; $and = " and "; $clause = ""; if (isset($p_array['wdate_start']) && $p_array['wdate_start'] != '') { $clause = $and . " to_date('" . sql_string($p_array['wdate_start']) . "','DD.MM.YYYY')<=coalesce(sg_date,jr_date) "; } if (isset($p_array['wdate_end']) && $p_array['wdate_end'] != '') { $clause .= $and . " to_date('" . sql_string($p_array['wdate_end']) . "','DD.MM.YYYY')>=coalesce(sg_date,jr_date) "; } if (isset($p_array['wamount_start']) && $p_array['wamount_start'] != '' && isNumber($p_array['wamount_start']) == 1 && $p_array['wamount_start'] != 0) { $clause .= $and . " j_montant >= " . sql_string($p_array['wamount_start']); } if (isset($p_array['wamount_end']) && $p_array['wamount_end'] != '' && $p_array['wamount_end'] != 0 && isNumber($p_array['wamount_end']) == 1) { $clause .= $and . " j_montant <= " . sql_string($p_array['wamount_end']); } if (isset($p_array['wcard']) && $p_array['wcard'] != '') { $f = new Fiche($this->cn); $f->get_by_qcode($p_array['wcard'], false); if ($f->id != 0) { $clause .= $and . " sg.f_id = " . sql_string($f->id); } } if (isset($p_array['wcode_stock']) && $p_array['wcode_stock'] != "") { $clause .= $and . " upper(sg_code) = upper('" . sql_string(trim($p_array['wcode_stock'])) . "')"; } if (isset($p_array['wrepo']) && $p_array['wrepo'] != -1) { $clause .= $and . " sg.r_id = " . sql_string($p_array['wrepo']); } if (isset($p_array['wdirection']) && $p_array['wdirection'] != -1) { $clause .= $and . " sg.sg_type = '" . sql_string($p_array['wdirection']) . "'"; } return $sql . $clause; }
require_once '../include/constant.php'; include_once NOALYSS_INCLUDE . '/ac_common.php'; /*! \file * \brief Login page */ require_once NOALYSS_INCLUDE . '/class_database.php'; // Verif if User and Pass match DB // if no, then redirect to the login page $rep = new Database(); if (defined('MULTI') && MULTI == 0) { $version = $rep->get_value('select val from repo_version'); } else { $version = $rep->get_value('select val from version'); } if (isset($_POST["p_user"])) { $g_user = sql_string($_POST["p_user"]); $g_pass = $_POST["p_pass"]; $_SESSION['g_user'] = $g_user; $_SESSION['g_pass'] = $g_pass; /* * Check repository version */ if ($version != DBVERSIONREPO) { echo alert(_('Version de base de données incorrectes, vous devez mettre à jour')); echo "<META HTTP-EQUIV=\"REFRESH\" content=\"0;url=admin/setup.php\">"; exit; } include_once NOALYSS_INCLUDE . "/class_user.php"; $User = new User($rep); $User->Check(false, 'LOGIN'); if ($g_captcha == true) {
<?php // this interface PHP script is used by Newsflash Plus 4.0.0 and newer. // prior versions have an older interface in newsflash.php include "common.php"; include "database.php"; include "version.php"; $platform = sql_string($_REQUEST['platform']); $version = sql_string($_REQUEST['version']); $fingerprint = sql_string($_REQUEST['fingerprint']); $host = sql_string(get_host_name()); mysql_query("INSERT INTO newsflash2 (fingerprint,host,version,platform,count) " . "VALUES({$fingerprint}, {$host}, {$version}, {$platform}, 1) " . "ON DUPLICATE KEY UPDATE latest=now(), count=count+1, host={$host}, version={$version}, platform={$platform}", $db) or die($DATABASE_ERROR); mysql_close($db); //echo($NEWSFLASH_VERSION); echo $NEWSFLASH_VERSION_DEV; //echo("\r\n"); //echo($count);
function build_sql($array) { if (!empty($array)) { extract($array); } $and = ''; $filter_fd_id = 'true'; $filter_query = ''; if (isset($typecard)) { if (strpos($typecard, "sql") == false) { switch ($typecard) { case 'cred': if (!isset($jrn)) { throw 'Erreur pas de valeur pour jrn'; } $filter_jrn = $this->cn->make_list("select jrn_def_fiche_cred from jrn_Def where jrn_def_id=\$1", array($jrn)); $filter_fd_id = " fd_id in (" . $filter_jrn . ")"; $and = " and "; break; case 'deb': if (!isset($jrn)) { throw 'Erreur pas de valeur pour jrn'; } $filter_jrn = $this->cn->make_list("select jrn_def_fiche_deb from jrn_Def where jrn_def_id=\$1", array($jrn)); $filter_fd_id = " fd_id in (" . $filter_jrn . ")"; $and = " and "; break; case 'filter': if (!isset($jrn)) { throw 'Erreur pas de valeur pour jrn'; } $filter_jrn = $this->cn->make_list("select jrn_def_fiche_deb from jrn_Def where jrn_def_id=\$1", array($jrn)); if (trim($filter_jrn) != '') { $fp1 = " fd_id in (" . $filter_jrn . ")"; } else { $fp1 = "fd_id < 0"; } $filter_jrn = $this->cn->make_list("select jrn_def_fiche_cred from jrn_Def where jrn_def_id=\$1", array($jrn)); if (trim($filter_jrn) != '') { $fp2 = " fd_id in (" . $filter_jrn . ")"; } else { $fp2 = "fd_id < 0"; } $filter_fd_id = '(' . $fp1 . ' or ' . $fp2 . ')'; $and = " and "; break; case 'all': $filter_fd_id = ' true'; break; default: if (trim($typecard) != '') { $filter_fd_id = ' fd_id in (' . $typecard . ')'; } else { $filter_fd_id = ' fd_id < 0'; } } } else { $filter_fd_id = str_replace('[sql]', '', $typecard); } } $and = " and "; if (isset($query)) { $query = sql_string($query); if (strlen(trim($query)) > 1) { $filter_query = $and . "(vw_name ilike '%{$query}%' or quick_code ilike ('%{$query}%') " . " or vw_description ilike '%{$query}%' or tva_num ilike '%{$query}%' or accounting like upper('{$query}%'))"; } else { $filter_query = ''; } } $sql = "select * from vw_fiche_attr where " . $filter_fd_id . $filter_query; return $sql; }
require_once NOALYSS_INCLUDE . '/class_dossier.php'; $gDossier = dossier::id(); require_once 'class_user.php'; $cn = new Database(dossier::id()); global $g_user; $g_user = new User($cn); $g_user->check(); $g_user->check_dossier(dossier::id()); set_language(); $fLabel = isset($_REQUEST['l']) ? $_REQUEST['l'] : 'none'; $fTva_id = isset($_REQUEST['t']) ? $_REQUEST['t'] : 'none'; $fPrice_sale = isset($_REQUEST['p']) ? $_REQUEST['p'] : 'none'; $fPrice_purchase = isset($_REQUEST['b']) ? $_REQUEST['b'] : 'none'; if (isset($_SESSION['isValid']) && $_SESSION['isValid'] == 1) { $jrn = sql_string($_GET['j']); $d = sql_string($_GET['d']); if ($jrn == -1) { $d = 'all'; } if (strpos($d, 'sql') == false) { switch ($d) { case 'cred': $filter_jrn = $cn->make_list("select jrn_def_fiche_cred from jrn_def where jrn_def_id=\$1", array($jrn)); $filter_card = $filter_jrn != "" ? " and fd_id in ({$filter_jrn})" : ' and false '; break; case 'deb': $filter_jrn = $cn->make_list("select jrn_def_fiche_deb from jrn_def where jrn_def_id=\$1", array($jrn)); $filter_card = $filter_jrn != "" ? " and fd_id in ({$filter_jrn})" : ' and false '; break; case 'all': $filter_card = "";
/** * Get date from $_GET and create the sql stmt for the query * @note the query is taken in $_REQUEST * @see Follow_Up::ShowActionList * @return string SQL condition */ static function create_query($cn, $p_array = null) { if ($p_array == null) { $p_array = $_GET; } extract($p_array); $action_query = ""; if (isset($_REQUEST['action_query'])) { // if a query is request build the sql stmt $action_query = "and (ag_title ~* '" . sql_string($_REQUEST['action_query']) . "' " . "or ag_ref ='" . trim(sql_string($_REQUEST['action_query'])) . "' or ag_id in (select ag_id from action_gestion_comment where agc_comment ~* '" . trim(sql_string($_REQUEST['action_query'])) . "')" . ")"; } $str = ""; if (isset($qcode)) { // verify that qcode is not empty if (strlen(trim($qcode)) != 0) { $fiche = new Fiche($cn); $fiche->get_by_qcode($_REQUEST['qcode']); // if quick code not found then nothing if ($fiche->id == 0) { $str = ' and false '; } else { $str = " and (f_id_dest= " . $fiche->id . " or ag_id in (select ag_id from action_person as ap where ap.f_id=" . $fiche->id . ") )"; } } } if (isset($tdoc) && $tdoc != -1) { $action_query .= ' and dt_id = ' . sql_string($tdoc); } if (isset($state) && $state != -1) { $action_query .= ' and ag_state= ' . sql_string($state); } if (isset($hsstate) && $hsstate != -1) { $action_query .= ' and ag_state <> ' . sql_string($hsstate); } if (isset($sag_ref) && trim($sag_ref) != "") { $query .= ' and ag_ref= \'' . sql_string($sag_ref) . "'"; } if (isset($_GET['only_internal'])) { $action_query .= ' and f_id_dest=0 '; } if (isset($date_start) && isDate($date_start) != null) { $action_query .= " and ag_timestamp >= to_date('{$date_start}','DD.MM.YYYY')"; } if (isset($date_end) && isDate($date_end) != null) { $action_query .= " and ag_timestamp <= to_date('{$date_end}','DD.MM.YYYY')"; } if (isset($ag_dest_query) && $ag_dest_query != -2) { $action_query .= " and ((ag_dest = " . sql_string($ag_dest_query) . " and " . self::sql_security_filter($cn, "R") . ") or " . "(ag_dest = " . sql_string($ag_dest_query) . " and " . self::sql_security_filter($cn, "R") . " and " . " ag_owner='" . $_SESSION['g_user'] . "'))"; } else { $action_query .= " and (ag_owner='" . $_SESSION['g_user'] . "' or " . self::sql_security_filter($cn, "R") . " or ag_dest=-1 )"; } if (isNumber($ag_id) == 1 && $ag_id != 0) { $action_query = " and ag_id= " . sql_string($ag_id); } if (isset($remind_date) && $remind_date != "" && isDate($remind_date) == $remind_date) { $action_query .= " and to_date('" . sql_string($remind_date) . "','DD.MM.YYYY')<= ag_remind_date"; } if (isset($remind_date_end) && $remind_date_end != "" && isDate($remind_date_end) == $remind_date_end) { $action_query .= " and to_date('" . sql_string($remind_date_end) . "','DD.MM.YYYY')>= ag_remind_date"; } if (!isset($closed_action)) { $action_query .= " and s_status is null "; } if (isset($searchtag)) { $action_query .= Follow_Up::filter_by_tag($cn, $p_array); } return $action_query . $str; }
public function insert($p_array = null) { global $g_parameter; extract($p_array); $this->verify($p_array); $group = $this->db->get_next_seq("s_oa_group"); /* for analytic */ $seq = $this->db->get_next_seq('s_grpt'); $this->id = $p_jrn; $internal = $this->compute_internal_code($seq); $this->internal = $internal; $oPeriode = new Periode($this->db); $check_periode = $this->check_periode(); if ($check_periode == true) { $tperiode = $period; } else { $tperiode = $oPeriode->find_periode($e_date); } $cust = new Fiche($this->db); $cust->get_by_qcode($e_client); $sposte = $cust->strAttribut(ATTR_DEF_ACCOUNT); // if 2 accounts, take only the debit one for the customer // if (strpos($sposte, ',') != 0) { $array = explode(',', $sposte); $poste = $array[0]; } else { $poste = $sposte; } bcscale(4); try { $tot_amount = 0; $tot_tva = 0; $tot_debit = 0; $this->db->start(); $tva = array(); /* Save all the items without vat */ for ($i = 0; $i < $nb_item; $i++) { $n_both = 0; if (strlen(trim(${'e_march' . $i})) == 0) { continue; } /* First we save all the items without vat */ $fiche = new Fiche($this->db); $fiche->get_by_qcode(${"e_march" . $i}); $amount = bcmul(${'e_march' . $i . '_price'}, ${'e_quant' . $i}); $tot_amount = round(bcadd($tot_amount, $amount), 2); $acc_operation = new Acc_Operation($this->db); $acc_operation->date = $e_date; $sposte = $fiche->strAttribut(ATTR_DEF_ACCOUNT); // if 2 accounts, take only the credit one if (strpos($sposte, ',') != 0) { $array = explode(',', $sposte); $poste_val = $array[1]; } else { $poste_val = $sposte; } $acc_operation->poste = $poste_val; $acc_operation->amount = $amount; $acc_operation->grpt = $seq; $acc_operation->jrn = $p_jrn; $acc_operation->type = 'c'; $acc_operation->periode = $tperiode; if ($g_parameter->MY_UPDLAB == 'Y') { $acc_operation->desc = strip_tags(${"e_march" . $i . "_label"}); } else { $acc_operation->desc = null; } $acc_operation->qcode = ${"e_march" . $i}; if ($amount < 0) { $tot_debit = bcadd($tot_debit, abs($amount)); } $j_id = $acc_operation->insert_jrnx(); if ($g_parameter->MY_TVA_USE == 'Y') { /* Compute sum vat */ $oTva = new Acc_Tva($this->db); $idx_tva = ${'e_march' . $i . '_tva_id'}; $tva_item = ${'e_march' . $i . '_tva_amount'}; $oTva->set_parameter("id", $idx_tva); $oTva->load(); /* if empty then we need to compute it */ if (trim($tva_item) == '' || ${'e_march' . $i . '_tva_amount'} == 0) { /* retrieve tva */ $l = new Acc_Tva($this->db, $idx_tva); $l->load(); $tva_item = bcmul($amount, $l->get_parameter('rate')); } if (isset($tva[$idx_tva])) { $tva[$idx_tva] += $tva_item; } else { $tva[$idx_tva] = $tva_item; } if ($oTva->get_parameter("both_side") == 0) { $tot_tva = round(bcadd($tva_item, $tot_tva), 2); } else { $n_both = $tva_item; if ($n_both < 0) { $tot_debit = bcadd($tot_debit, abs($n_both)); } } } /* Save the stock */ /* if the quantity is < 0 then the stock increase (return of * material) */ $nNeg = ${"e_quant" . $i} < 0 ? -1 : 1; // always save quantity but in withStock we can find // what card need a stock management if ($g_parameter->MY_STOCK = 'Y' && isset($repo)) { $dir = ${'e_quant' . $i} < 0 ? 'd' : 'c'; Stock_Goods::insert_goods($this->db, array('j_id' => $j_id, 'goods' => ${'e_march' . $i}, 'quant' => $nNeg * ${'e_quant' . $i}, 'dir' => $dir, 'repo' => $repo)); } if ($g_parameter->MY_ANALYTIC != "nu") { // for each item, insert into operation_analytique */ $op = new Anc_Operation($this->db); $op->oa_group = $group; $op->j_id = $j_id; $op->oa_date = $e_date; $op->oa_debit = 'f'; $op->oa_description = sql_string($e_comm); $op->save_form_plan($_POST, $i, $j_id); } if ($g_parameter->MY_TVA_USE == 'Y') { /* save into quant_sold */ $r = $this->db->exec_sql("select insert_quant_sold (\$1,\$2,\$3,\$4,\$5,\$6,\$7,\$8,\$9)", array(null, $j_id, ${'e_march' . $i}, ${'e_quant' . $i}, round($amount, 2), $tva_item, $idx_tva, $e_client, $n_both)); } else { $r = $this->db->exec_sql("select insert_quant_sold (\$1,\$2,\$3,\$4,\$5,\$6,\$7,\$8,\$9) ", array(null, $j_id, ${'e_march' . $i}, ${'e_quant' . $i}, $amount, 0, null, $e_client, 0)); } // if ( $g_parameter->MY_TVA_USE=='Y') { } // end loop : save all items /* save total customer */ $cust_amount = bcadd($tot_amount, $tot_tva); $acc_operation = new Acc_Operation($this->db); $acc_operation->date = $e_date; $acc_operation->poste = $poste; $acc_operation->amount = $cust_amount; $acc_operation->grpt = $seq; $acc_operation->jrn = $p_jrn; $acc_operation->type = 'd'; $acc_operation->periode = $tperiode; $acc_operation->qcode = ${"e_client"}; if ($cust_amount > 0) { $tot_debit = bcadd($tot_debit, $cust_amount); } $let_tiers = $acc_operation->insert_jrnx(); /** save all vat * $i contains the tva_id and value contains the vat amount * if if ($g_parameter->MY_TVA_USE == 'Y' ) */ if ($g_parameter->MY_TVA_USE == 'Y') { foreach ($tva as $i => $value) { $oTva = new Acc_Tva($this->db); $oTva->set_parameter('id', $i); $oTva->load(); $poste_vat = $oTva->get_side('c'); $cust_amount = bcadd($tot_amount, $tot_tva); $acc_operation = new Acc_Operation($this->db); $acc_operation->date = $e_date; $acc_operation->poste = $poste_vat; $acc_operation->amount = $value; $acc_operation->grpt = $seq; $acc_operation->jrn = $p_jrn; $acc_operation->type = 'c'; $acc_operation->periode = $tperiode; if ($value < 0) { $tot_debit = bcadd($tot_debit, abs($value)); } $acc_operation->insert_jrnx(); // if TVA is on both side, we deduce it immediately if ($oTva->get_parameter("both_side") == 1) { $poste_vat = $oTva->get_side('d'); $cust_amount = bcadd($tot_amount, $tot_tva); $acc_operation = new Acc_Operation($this->db); $acc_operation->date = $e_date; $acc_operation->poste = $poste_vat; $acc_operation->amount = $value; $acc_operation->grpt = $seq; $acc_operation->jrn = $p_jrn; $acc_operation->type = 'd'; $acc_operation->periode = $tperiode; $acc_operation->insert_jrnx(); $tot_debit = bcadd($tot_debit, $value); $n_both = $value; } } } // if ($g_parameter->MY_TVA_USE=='Y') /* insert into jrn */ $acc_operation = new Acc_Operation($this->db); $acc_operation->date = $e_date; $acc_operation->echeance = $e_ech; $acc_operation->amount = abs(round($tot_debit, 2)); $acc_operation->desc = $e_comm; $acc_operation->grpt = $seq; $acc_operation->jrn = $p_jrn; $acc_operation->periode = $tperiode; $acc_operation->pj = $e_pj; $acc_operation->mt = $mt; $this->jr_id = $acc_operation->insert_jrn(); $this->pj = $acc_operation->set_pj(); /* * = e_pj then do not increment sequence */ /* and e_pj is not null */ if (strcmp($e_pj, $e_pj_suggest) == 0 && strlen(trim($e_pj)) != 0) { $this->inc_seq_pj(); } $this->db->exec_sql("update jrn set jr_internal='" . $internal . "' where " . " jr_grpt_id = " . $seq); /* update quant_sold */ $this->db->exec_sql('update quant_sold set qs_internal = $1 where j_id in (select j_id from jrnx where j_grpt=$2)', array($internal, $seq)); /* Save the attachment or generate doc */ if (isset($_FILES['pj'])) { if (strlen(trim($_FILES['pj']['name'])) != 0) { $this->db->save_upload_document($seq); } else { /* Generate an invoice and save it into the database */ if (isset($_POST['gen_invoice'])) { $file = $this->create_document($internal, $p_array); $this->doc = '<A class="line" HREF="show_pj.php?' . dossier::get() . '&jr_grpt_id=' . $seq . '&jrn=' . $this->id . '">' . $file . '</A>'; } } } //---------------------------------------- // Save the payer //---------------------------------------- if ($e_mp != 0) { /* mp */ $mp = new Acc_Payment($this->db, $e_mp); $mp->load(); /* fiche */ $fqcode = ${'e_mp_qcode_' . $e_mp}; $acfiche = new Fiche($this->db); $acfiche->get_by_qcode($fqcode); /* jrnx */ $acseq = $this->db->get_next_seq('s_grpt'); $acjrn = new Acc_Ledger($this->db, $mp->get_parameter('ledger_target')); $acinternal = $acjrn->compute_internal_code($acseq); /* Insert paid by */ $acc_pay = new Acc_Operation($this->db); $acc_pay->date = $e_date; /* get the account and explode if necessary */ $sposte = $acfiche->strAttribut(ATTR_DEF_ACCOUNT); // if 2 accounts, take only the debit one for customer if (strpos($sposte, ',') != 0) { $array = explode(',', $sposte); $poste_val = $array[0]; } else { $poste_val = $sposte; } $famount = bcsub($cust_amount, $acompte); $acc_pay->poste = $poste_val; $acc_pay->qcode = $fqcode; $acc_pay->amount = abs(round($famount, 2)); $acc_pay->desc = null; $acc_pay->grpt = $acseq; $acc_pay->jrn = $mp->get_parameter('ledger_target'); $acc_pay->periode = $tperiode; $acc_pay->type = $famount >= 0 ? 'd' : 'c'; $acc_pay->insert_jrnx(); /* Insert supplier */ $acc_pay = new Acc_Operation($this->db); $acc_pay->date = $e_date; $acc_pay->poste = $poste; $acc_pay->qcode = $e_client; $acc_pay->amount = abs(round($famount, 2)); $acc_pay->desc = null; $acc_pay->grpt = $acseq; $acc_pay->jrn = $mp->get_parameter('ledger_target'); $acc_pay->periode = $tperiode; $acc_pay->type = $famount >= 0 ? 'c' : 'd'; $let_other = $acc_pay->insert_jrnx(); /* insert into jrn */ $acc_pay->mt = $mt; $acjrn->grpt_id = $acseq; $acc_pay->desc = !isset($e_comm_paiement) || strlen(trim($e_comm_paiement)) == 0 ? $e_comm : $e_comm_paiement; $mp_jr_id = $acc_pay->insert_jrn(); $acjrn->update_internal_code($acinternal); $r1 = $this->get_id($internal); $r2 = $this->get_id($acinternal); /* * add lettering */ $oletter = new Lettering($this->db); $oletter->insert_couple($let_tiers, $let_other); /* set the flag paid */ $Res = $this->db->exec_sql("update jrn set jr_rapt='paid' where jr_id=\$1", array($r1)); /* Reconcialiation */ $rec = new Acc_Reconciliation($this->db); $rec->set_jr_id($r1); $rec->insert($r2); /* * save also into quant_fin */ /* get ledger property */ $ledger = new Acc_Ledger_Fin($this->db, $acc_pay->jrn); $prop = $ledger->get_propertie(); /* if ledger is FIN then insert into quant_fin */ if ($prop['jrn_def_type'] == 'FIN') { $ledger->insert_quant_fin($acfiche->id, $mp_jr_id, $cust->id, bcmul($famount, 1)); } } } catch (Exception $e) { echo '<span class="error">' . 'Erreur dans l\'enregistrement ' . __FILE__ . ':' . __LINE__ . ' ' . $e->getMessage(); echo $e->getTrace(); $this->db->rollback(); throw new Exception($e); } $this->db->commit(); return $internal; }
function belong_ledger($p_jrn) { $filter = $this->db->get_value("select jrn_def_class_cred from jrn_def where jrn_def_id={$p_jrn}"); if (trim($filter) == '') { return 0; } $valid_cred = explode(" ", $filter); $sql = "select count(*) as poste from tmp_pcmn where "; // Creation query $or = ""; $SqlFilter = ""; foreach ($valid_cred as $item_cred) { if (strlen(trim($item_cred))) { if (strstr($item_cred, "*") == true) { $item_cred = strtr($item_cred, "*", "%"); $SqlItem = "{$or} pcm_val::text like '" . sql_string($item_cred) . "'"; $or = " or "; } else { $SqlItem = "{$or} pcm_val::text = '" . sql_string($item_cred) . "' "; $or = " or "; } $SqlFilter = $SqlFilter . $SqlItem; } } //foreach $sql .= $SqlFilter . " and pcm_val::text='" . sql_string($this->id) . "'"; $max = $this->db->get_value($sql); if ($max > 0) { return 0; } else { return -1; } }
include_once 'class_impress.php'; require_once NOALYSS_INCLUDE . '/class_own.php'; require_once NOALYSS_INCLUDE . '/class_dossier.php'; require_once NOALYSS_INCLUDE . '/class_user.php'; header('Content-type: application/csv'); header('Content-Disposition: attachment;filename="gl_comptes.csv"', FALSE); header('Pragma: public'); $gDossier = dossier::id(); /* Security */ $cn = new Database($gDossier); extract($_GET); if (isset($poste_id) && strlen(trim($poste_id)) != 0 && isNumber($poste_id)) { if (isset($poste_fille)) { $parent = $poste_id; $a_poste = $cn->get_array("select pcm_val from tmp_pcmn where pcm_val::text like '{$parent}%' order by pcm_val::text"); } elseif ($cn->count_sql('select * from tmp_pcmn where pcm_val=' . sql_string($poste_id)) != 0) { $a_poste = array('pcm_val' => $poste_id); } } else { $cond_poste = ''; $sql = "select pcm_val from tmp_pcmn "; if ($from_poste != '') { $cond_poste = ' where '; $cond_poste .= " pcm_val >= upper ('" . Database::escape_string($from_poste) . "')"; } if ($to_poste != '') { if ($cond_poste == '') { $cond_poste = " where pcm_val <= upper ('" . Database::escape_string($to_poste) . "')"; } else { $cond_poste .= " and pcm_val <= upper ('" . Database::escape_string($to_poste) . "')"; }
// action = del //--------------------------------------------------------------------------- if ($sa == 'remove') { if (!isset($_REQUEST['p_confirm'])) { echo _('Désolé, vous n\'avez pas coché la case'); echo HtmlInput::button_anchor(_('Retour'), '?action=modele_mgt'); return; } $cn = new Database(); $msg = "dossier"; $name = $cn->get_value("select mod_name from modeledef where mod_id=\$1", array($_REQUEST['m'])); if (strlen(trim($name)) == 0) { echo "<h2 class=\"error\"> {$msg} inexistant</h2>"; return; } $sql = "drop database " . domaine . "mod" . sql_string($_REQUEST['m']); ob_start(); if ($cn->exec_sql($sql) == false) { ob_end_clean(); echo "<h2 class=\"error\">"; printf(_("Base de donnée %s mod %s est accèdée, déconnectez-vous d'abord"), domaine, $_REQUEST['m']) . "</h2>"; exit; } ob_flush(); $sql = "delete from modeledef where mod_id=\$1"; $cn->exec_sql($sql, array($_REQUEST['m'])); print '<h2 class="error">'; printf(_("Le modèle %s est effacé") . "</H2>", $name); echo HtmlInput::button_anchor(_('Retour'), '?action=modele_mgt'); } echo '</div>';
} $new_cn = new Database($id); $new_cn->apply_patch($name, 0); echo '<span class="error">' . _('Ne pas recharger la page, sinon votre base de données sera restaurée une fois de plus') . '</span>'; Dossier::synchro_admin($id); echo $retour; echo '</div>'; } //--------------------------------------------------------------------------- // Restore a modele if ($_REQUEST['t'] == 'm') { echo '<div class="content">'; $cn = new Database(); $id = $cn->get_next_seq('s_modid'); if (strlen(trim($_REQUEST['database'])) == 0) { $lname = $id . " Restauration :" . sql_string($_FILES['file']['name']); } else { $lname = $id . " " . $_REQUEST['database']; } $sql = "insert into modeledef (mod_id,mod_name,mod_desc) values (" . $id . ",'Restauration" . $lname . "','" . $ldesc . "') "; $cn->start(); try { $cn->get_value($sql); } catch (Exception $e) { echo '<span class="error">' . _("Echec de la restauration ") . '</span>'; $cn->rollback(); exit; } $cn->commit(); $name = domaine . "mod" . $id; $cn->exec_sql("create database " . $name . " encoding='utf8'");
case sql_string($TYPE_NEGATIVE_FEEDBACK): $typename = "Feedback :("; break; case sql_string($TYPE_POSITIVE_FEEDBACK): $typename = "Feedback :)"; break; case sql_string($TYPE_NEUTRAL_FEEDBACK): $typename = "Feedback :|"; break; case sql_string($TYPE_BUG_REPORT): $typename = "Bug report"; break; case sql_string($TYPE_FEATURE_REQUEST): $typename = "Feature request"; break; case sql_string($TYPE_LICENSE_REQUEST): $typename = "License request"; break; } if (!strlen($typename)) { die($ERROR_QUERY_PARAMS . " type"); } if (!strlen($name)) { die($ERROR_QUERY_PARAMS . " name"); } if (!strlen($text)) { die($ERROR_QUERY_PARAMS . " text"); } if (sql_check_spam("feedback", $host)) { die($DIRTY_ROTTEN_SPAMMER); }
$r .= '</form>'; $sql = "\n\t\tselect pcm_val,pcm_lib,array_to_string(array_agg(j_qcode) , ',') as acode\n\t\tfrom tmp_pcmn left join vw_poste_qcode on (j_poste=pcm_val) "; $sep = " where "; /* build the sql stmt */ if (isset($j) && $j > 0 && isNumber($j)) { /* create a filter on the ledger */ $ledger = new Acc_Account_Ledger($cn, 0); $fd_id = $ledger->build_sql_account($j); if ($fd_id != '') { $sql .= " {$sep} (" . $fd_id . ')'; $sep = " and "; } } /* show result */ if (isset($q) && strlen(trim($q)) > 0) { $q = sql_string($q); $sql .= sprintf(" {$sep} ( pcm_val::text like '%s%%' or pcm_lib::text ilike '%%%s%%') ", $q, $q); } $sql .= ' group by pcm_val,pcm_lib,pcm_val_parent, pcm_type order by pcm_val::text limit 50'; if (isset($q) && strlen(trim($q)) > 0) { $array = $cn->get_array($sql); } if (!isset($q)) { $array = array(); } if (isset($q) && strlen(trim($q)) == 0) { $array = array(); } /* set the javascript */ for ($i = 0; $i < count($array); $i++) { $pcm_val = $array[$i]['pcm_val'];
/** *Create an ISelect object containing the available repository for reading * or writing * @global $g_user * @param $p_cn db object * @param $p_name name of the select * @param $p_mode is 'R' for reading, 'W' for writinh * @return ISelect * @throws Exception if p_mode is wrong */ static function select_stock($p_cn, $p_name, $p_mode) { global $g_user; if (!in_array($p_mode, array('R', 'W'))) { throw new Exception(__FILE__ . ":" . __LINE__ . " {$p_mode} invalide"); } $profile = $g_user->get_profile(); $sel = new ISelect($p_name); if ($p_mode == 'W') { $sel->value = $p_cn->make_array("\n select r_id,r_name\n\t\t\t\t from stock_repository join profile_sec_repository using (r_id)\n where\n ur_right='W' and p_id=" . sql_string($profile) . " order by 2"); return $sel; } if ($p_mode == 'R') { $sel->value = $p_cn->make_array("\n select r_id,r_name\n\t\t\t\t from stock_repository join profile_sec_repository using (r_id)\n where\n p_id=" . sql_string($profile) . " order by 2"); return $sel; } }
$prop = $l->get_propertie(); if ($prop == '') { $prop = -1; } $where = ' where fd_id in (' . $prop['jrn_def_fiche_deb'] . ')'; break; } } else { /* we filter thanks a given model of card */ if (isset($cat)) { $where = sprintf(' where frd_id in (' . sql_string($cat) . ')'); } else { /* we filter thanks a given list of category of card */ if (isset($fil) && strlen(trim($fil)) > 0) { $where = sprintf(" where fd_id in (%s)", sql_string($fil)); } } } if (strpos($where, " in ()") != 0) { $html = HtmlInput::anchor_close('select_card_div'); $html .= h2info(_('Choix de la catégorie')); $html .= '<h3 class="notice">'; $html .= _("Aucune catégorie de fiche ne correspond à" . " votre demande, le journal pourrait n'avoir accès à aucune fiche"); $html .= '</h3>'; break; } $sql .= " " . $where . " order by fd_label"; $array = $cn->get_array($sql); $html = HtmlInput::title_box(_("Choix de la catégorie"), $ctl); if (empty($array)) {
function save_class_base($p_label) { if ($this->id == 0) { return; } $p_label = sql_string($p_label); $sql = "update fiche_def set fd_class_base=\$1 " . "where fd_id=\$2"; $Res = $this->cn->exec_sql($sql, array($p_label, $this->id)); }
$exercice = isset($_GET['exercice']) ? $_GET['exercice'] : $g_user->get_exercice(); if (!isset($_GET['verif'])) { /* * Let you change the exercice */ echo '<fieldset><legend>' . _('Exercice') . '</legend>'; echo '<form method="GET">'; echo _('Choisissez un autre exercice'); $ex = new Exercice($cn); $wex = $ex->select('exercice', $exercice, ' onchange="submit(this)"'); echo $wex->input(); echo dossier::hidden(); echo HtmlInput::get_to_hidden(array('ac', 'type')); echo '</form>'; echo '</fieldset>'; $filter_year = " where p_exercice='" . sql_string($exercice) . "'"; echo '<FORM METHOD="GET">'; echo HtmlInput::hidden('type', 'bilan'); echo dossier::hidden(); echo $bilan->display_form($filter_year); echo '<span class="notice"> ' . _('Attention : si le bilan n\'est pas équilibré.<br> Vérifiez <ul> <li>L\'affectation du résultat est fait</li> <li>Vos comptes actifs ont un solde débiteur (sauf les comptes dit inversés)</li> <li> les comptes passifs ont un solde créditeur (sauf les comptes dit inversés) </li> </ul> Utilisez la balance des comptes pour vérifier.') . ' </span>'; echo HtmlInput::submit('verif', _('Verification comptabilite')); echo HtmlInput::get_to_hidden(array('ac', 'exercice')); echo '</FORM>'; } if (isset($_GET['verif'])) {
} $cn = new Database(); $msg = "dossier"; $name = $cn->get_value("select dos_name from ac_dossier where dos_id=\$1", array($dossier_id)); if (strlen(trim($name)) == 0) { echo "<h2 class=\"error\"> {$msg} " . _('inexistant') . "</h2>"; return; } /** * Check if db exists */ $str_name = domaine . 'dossier' . $dossier_id; $database_exist = $cn->exist_database($str_name); // if db exists for postgres then drop it if ($database_exist == 1) { $sql = "drop database " . domaine . "dossier" . sql_string($_REQUEST['d']); ob_start(); if ($cn->exec_sql($sql) == false) { ob_end_clean(); echo "<h2 class=\"error\"> "; echo _('Base de donnée ') . domaine . "dossier" . $_REQUEST['d'] . _("est accèdée, déconnectez-vous d'abord") . "</h2>"; exit; } ob_flush(); } // clean tables about this dossier $sql = "delete from jnt_use_dos where dos_id=\$1"; $cn->exec_sql($sql, array($dossier_id)); $sql = "delete from ac_dossier where dos_id=\$1"; $cn->exec_sql($sql, array($dossier_id)); print '<h2 class="error">';
function Summary($p_search = "", $p_action = "", $p_sql = "", $p_nothing = false) { $p_search = sql_string($p_search); $extra_sql = ""; if ($this->company != "") { $extra_sql = "and f_id in (select f_id from fiche_detail\n where ad_value=upper('" . $this->company . "') and ad_id=" . ATTR_DEF_COMPANY . ") "; } $url = urlencode($_SERVER['REQUEST_URI']); $script = $_SERVER['PHP_SELF']; // Creation of the nav bar // Get the max numberRow $all_contact = $this->count_by_modele($this->fiche_def_ref, $p_search, $extra_sql); // Get offset and page variable $offset = isset($_REQUEST['offset']) ? $_REQUEST['offset'] : 0; $page = isset($_REQUEST['page']) ? $_REQUEST['page'] : 1; $bar = navigation_bar($offset, $all_contact, $_SESSION['g_pagesize'], $page); // set a filter ? $search = ""; if (trim($p_search) != "") { $search = " and f_id in\n (select f_id from fiche_Detail\n where\n ad_id=1 and ad_value ~* '{$p_search}') "; } // Get The result Array $step_contact = $this->get_by_category($offset, $search . $extra_sql . $p_sql); if ($all_contact == 0) { return ""; } $r = $bar; $r .= '<table id="contact_tb" class="sortable"> <TR> <th>Quick Code</th> <th>Nom</th> <th>Prénom</th> <th>Société</th> <th>Téléphone</th> <th>email</th> <th>Fax</th> </TR>'; $base = $_SERVER['PHP_SELF']; // Compute the url $url = ""; $and = "?"; $get = $_GET; if (isset($get)) { foreach ($get as $name => $value) { // we clean the parameter offset, step, page and size if (!in_array($name, array('f_id', 'detail'))) { $url .= $and . $name . "=" . $value; $and = "&"; } // if } //foreach } // if $back_url = urlencode($_SERVER['REQUEST_URI']); if (sizeof($step_contact) == 0) { return $r; } $idx = 0; foreach ($step_contact as $contact) { $l_company = new Fiche($this->cn); $l_company->get_by_qcode($contact->strAttribut(ATTR_DEF_COMPANY), false); $l_company_name = $l_company->strAttribut(ATTR_DEF_NAME); if ($l_company_name == NOTFOUND) { $l_company_name = ""; } // add popup for detail if ($l_company_name != "") { $l_company_name = HtmlInput::card_detail($contact->strAttribut(ATTR_DEF_COMPANY), $l_company_name, 'style="text-decoration:underline;"'); } $tr = $idx % 2 == 0 ? ' <tr class="odd">' : '<tr class="even">'; $idx++; $r .= $tr; $qcode = $contact->strAttribut(ATTR_DEF_QUICKCODE); $r .= '<TD>' . HtmlInput::card_detail($qcode) . "</TD>"; $r .= "<TD>" . $contact->strAttribut(ATTR_DEF_NAME) . "</TD>"; $r .= "<TD>" . $contact->strAttribut(ATTR_DEF_FIRST_NAME) . "</TD>"; $r .= "<TD>" . $l_company_name . "</TD>"; $r .= "<TD>" . $contact->strAttribut(ATTR_DEF_TEL) . "</TD>"; $r .= "<TD>" . $contact->strAttribut(ATTR_DEF_EMAIL) . "</TD>" . "<TD> " . $contact->strAttribut(ATTR_DEF_FAX) . "</TD>"; $r .= "</TR>"; } $r .= "</TABLE>"; $r .= $bar; return $r; }
if (!defined('ALLOWED')) { die('Appel direct ne sont pas permis'); } require_once NOALYSS_INCLUDE . '/class_ihidden.php'; require_once NOALYSS_INCLUDE . '/class_fiche_def.php'; /*! \file * \brief Let customise the fiche_def_ref for the user */ echo '<div class="content">'; // record change if (isset($_POST['confirm_mod'])) { extract($_POST); $update = new Fiche_Def_Ref($cn); $update->frd_id = sql_string($frd_id); $update->frd_text = sql_string($frd_text); $update->frd_class_base = sql_string($frd_class_base); $update->Save(); } // Load All Fiche_def $fiche_def = new Fiche_Def_Ref($cn); $all = $fiche_def->LoadAll(); // Display Them echo '<table align="left">'; for ($i = 0; $i < sizeof($all); $i++) { echo '<TR>'; echo $all[$i]->Display(); echo "<TD>"; echo '<form method="post">'; $w = new IHidden(); echo $w->input('idx', $all[$i]->frd_id); echo HtmlInput::submit('mod', 'modifie');
/** * @brief this function will create a sql stmt to use to create the list for * the ledger, * @param$p_array is usually the $_GET, * @param$p_order the order of the row * @param$p_where is the sql condition if not null then the $p_array will not be used * \note the p_action will be used to filter the ledger but gl means ALL * struct array $p_array \verbatim ( [gDossier] => 13 [p_jrn] => -1 [date_start] => [date_end] => [amount_min] => 0 [amount_max] => 0 [desc] => [search] => Rechercher [p_action] => ven [sa] => l ) \endverbatim * \return an array with a valid sql statement, an the where clause => array[sql] array[where] * \see list_operation * \see display_search_form * \see search_form */ public function build_search_sql($p_array, $p_order = "", $p_where = "") { $sql = "select jr_id\t,\n jr_montant,\n substr(jr_comment,1,60) as jr_comment,\n to_char(jr_ech,'DD.MM.YY') as str_jr_ech,\n to_char(jr_date,'DD.MM.YY') as str_jr_date,\n jr_date as jr_date_order,\n jr_grpt_id,\n jr_rapt,\n jr_internal,\n jrn_def_id,\n jrn_def_name,\n jrn_def_ech,\n jrn_def_type,\n jr_valid,\n jr_tech_per,\n jr_pj_name,\n p_closed,\n jr_pj_number,\n n_text,\n\t case\n\t when jrn_def_type='VEN' then\n\t\t (select ad_value from fiche_detail where ad_id=1\n\t\t and f_id=(select max(qs_client) from quant_sold join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t when jrn_def_type = 'ACH' then\n\t\t(select ad_value from fiche_detail where ad_id=1\n\t\tand f_id=(select max(qp_supplier) from quant_purchase join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t when jrn_def_type = 'FIN' then\n\t\t(select ad_value from fiche_detail where ad_id=1\n\t\tand f_id=(select qf_other from quant_fin where quant_fin.jr_id=x.jr_id))\n\t end as name,\n\t case\n\t when jrn_def_type='VEN' then (select ad_value from fiche_detail where ad_id=32 and f_id=(select max(qs_client) from quant_sold join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t when jrn_def_type = 'ACH' then (select ad_value from fiche_detail where ad_id=32 and f_id=(select max(qp_supplier) from quant_purchase join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t when jrn_def_type = 'FIN' then (select ad_value from fiche_detail where ad_id=32 and f_id=(select qf_other from quant_fin where quant_fin.jr_id=x.jr_id))\n\t end as first_name,\n\t case\n\t when jrn_def_type='VEN' then (select ad_value from fiche_detail where ad_id=23 and f_id=(select max(qs_client) from quant_sold join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t when jrn_def_type = 'ACH' then (select ad_value from fiche_detail where ad_id=23 and f_id=(select max(qp_supplier) from quant_purchase join jrnx using (j_id) join jrn as e on (e.jr_grpt_id=j_grpt) where e.jr_id=x.jr_id))\n\t when jrn_def_type = 'FIN' then (select ad_value from fiche_detail where ad_id=23 and f_id=(select qf_other from quant_fin where quant_fin.jr_id=x.jr_id))\n\t end as quick_code,\n\t case\n\t when jrn_def_type='VEN' then\n\t\t (select sum(qs_price)+sum(vat) from\n\t\t\t\t(select qs_internal,qs_price,case when qs_vat_sided<>0 then 0 else qs_vat end as vat from quant_sold where qs_internal=X.jr_internal) as ven_invoice\n\t\t\t )\n\t when jrn_def_type = 'ACH' then\n\t\t\t(\n\t\t\t\tselect sum(qp_price)+sum(vat)+sum(qp_nd_tva)+sum(qp_nd_tva_recup)\n\t\t\t\tfrom\n\t\t\t\t (select qp_internal,qp_price,qp_nd_tva,qp_nd_tva_recup,qp_vat-qp_vat_sided as vat from quant_purchase where qp_internal=X.jr_internal) as invoice_purchase\n\t\t\t)\n\t\telse null\n\t\tend as total_invoice,\n jr_date_paid,\n to_char(jr_date_paid,'DD.MM.YY') as str_jr_date_paid\n from\n jrn as X left join jrn_note using(jr_id)\n join jrn_def on jrn_def_id=jr_def_id\n join parm_periode on p_id=jr_tech_per"; if (!empty($p_array)) { extract($p_array); } if (isset($op)) { $r_jrn = isset(${$op . "r_jrn"}) ? ${$op . "r_jrn"} : -1; } else { $r_jrn = isset($r_jrn) ? $r_jrn : -1; } /* if no variable are set then give them a default * value */ if ($p_array == null || empty($p_array) || !isset($amount_min)) { $amount_min = 0; $amount_max = 0; $desc = ''; $qcode = isset($qcode) ? $qcode : ""; if (isset($qcodesearch_op)) { $qcode = $qcodesearch_op; } $accounting = isset($accounting) ? $accounting : ""; $periode = new Periode($this->db); $g_user = new User($this->db); $p_id = $g_user->get_periode(); if ($p_id != null) { list($date_start, $date_end) = $periode->get_date_limit($p_id); } } /* if p_jrn : 0 if means all ledgers, if -1 means all ledger of this * type otherwise only one ledger */ $fil_ledger = ''; $fil_amount = ''; $fil_date = ''; $fil_desc = ''; $fil_sec = ''; $fil_qcode = ''; $fil_account = ''; $fil_paid = ''; $fil_date_paid = ''; $and = ''; $g_user = new User($this->db); $p_action = $ledger_type; if ($p_action == '') { $p_action = 'ALL'; } if ($r_jrn == -1) { /* from compta.php the p_action is quick_writing instead of ODS */ if ($p_action == 'quick_writing') { $p_action = 'ODS'; } $fil_ledger = $g_user->get_ledger_sql($p_action, 3); $and = ' and '; } else { if ($p_action == 'quick_writing') { $p_action = 'ODS'; } $aLedger = $g_user->get_ledger($p_action, 3); $fil_ledger = ''; $sp = ''; for ($i = 0; $i < count($r_jrn); $i++) { if (isset($r_jrn[$i])) { $a = $r_jrn[$i]; $fil_ledger .= $sp . $a; $sp = ','; } } $fil_ledger = ' jrn_def_id in (' . $fil_ledger . ')'; $and = ' and '; /* no ledger selected */ if ($sp == '') { $fil_ledger = ''; $and = ''; } } /* format the number */ $amount_min = abs(toNumber($amount_min)); $amount_max = abs(toNumber($amount_max)); if ($amount_min > 0 && isNumber($amount_min)) { $fil_amount = $and . ' jr_montant >=' . $amount_min; $and = ' and '; } if ($amount_max > 0 && isNumber($amount_max)) { $fil_amount .= $and . ' jr_montant <=' . $amount_max; $and = ' and '; } /* -------------------------------------------------------------------------- * * if both amount are the same then we need to search into the detail * and we reset the fil_amount * -------------------------------------------------------------------------- */ if (isNumber($amount_min) && isNumber($amount_max) && $amount_min > 0 && bccomp($amount_min, $amount_max, 2) == 0) { $fil_amount = $and . ' ( '; // Look in detail $fil_amount .= 'jr_grpt_id in ( select distinct j_grpt from jrnx where j_montant = ' . $amount_min . ') '; //and the total operation $fil_amount .= ' or '; $fil_amount .= ' jr_montant = ' . $amount_min; $fil_amount .= ')'; $and = " and "; } // date if (isset($date_start) && isDate($date_start) != null) { $fil_date = $and . " jr_date >= to_date('" . $date_start . "','DD.MM.YYYY')"; $and = " and "; } if (isset($date_end) && isDate($date_end) != null) { $fil_date .= $and . " jr_date <= to_date('" . $date_end . "','DD.MM.YYYY')"; $and = " and "; } // date paiement if (isset($date_paid_start) && isDate($date_paid_start) != null) { $fil_date_paid = $and . " jr_date_paid >= to_date('" . $date_paid_start . "','DD.MM.YYYY')"; $and = " and "; } if (isset($date_paid_end) && isDate($date_paid_end) != null) { $fil_date_paid .= $and . " jr_date_paid <= to_date('" . $date_paid_end . "','DD.MM.YYYY')"; $and = " and "; } // comment if (isset($desc) && $desc != null) { $desc = sql_string($desc); $fil_desc = $and . " ( upper(jr_comment) like upper('%" . $desc . "%') or upper(jr_pj_number) like upper('%" . $desc . "%') " . " or upper(jr_internal) like upper('%" . $desc . "%')\n or jr_grpt_id in (select j_grpt from jrnx where j_text ~* '" . $desc . "')\n or jr_id in (select jr_id from jrn_info where ji_value is not null and ji_value ~* '{$desc}')\n )"; $and = " and "; } // Poste if (isset($accounting) && $accounting != null) { $fil_account = $and . " jr_grpt_id in (select j_grpt\n from jrnx where j_poste::text like '" . sql_string($accounting) . "%' ) "; $and = " and "; } // Quick Code if (isset($qcodesearch_op)) { $qcode = $qcodesearch_op; } if (isset($qcode) && $qcode != null) { $fil_qcode = $and . " jr_grpt_id in ( select j_grpt from\n jrnx where trim(j_qcode) = upper(trim('" . sql_string($qcode) . "')))"; $and = " and "; } // Only the unpaid if (isset($unpaid)) { $fil_paid = $and . SQL_LIST_UNPAID_INVOICE; $and = " and "; } $g_user = new User(new Database()); $g_user->Check(); $g_user->check_dossier(dossier::id()); if ($g_user->admin == 0 && $g_user->is_local_admin() == 0) { $fil_sec = $and . " jr_def_id in ( select uj_jrn_id " . " from user_sec_jrn where " . " uj_login='******'g_user'] . "'" . " and uj_priv in ('R','W'))"; } $where = $fil_ledger . $fil_amount . $fil_date . $fil_desc . $fil_sec . $fil_amount . $fil_qcode . $fil_paid . $fil_account . $fil_date_paid; $sql .= " where " . $where; return array($sql, $where); }
function save() { // if p_code=="" nothing to save if ($this->p_code == -1) { return; } // check if the account exists $acc = new Acc_Account_Ledger($this->db, $this->p_value); if ($acc->load() == false) { alert(_("Ce compte n'existe pas")); } else { $this->p_comment = sql_string($this->p_comment); $this->p_value = sql_string($this->p_value); $this->p_code = sql_string($this->p_code); $sql = "update parm_code set " . "p_comment='" . $this->p_comment . "' " . ",p_value='" . $this->p_value . "' " . "where p_code='" . $this->p_code . "'"; $Res = $this->db->exec_sql($sql); } }
/** * \brief get all the available ledgers for the current user * \param $p_type = ALL or the type of the ledger (ACH,VEN,FIN,ODS) * \param $p_access =3 for Read or WRITE, 2 write, 1 for readonly * \return a double array of available ledgers @verbatim [0] => [jrn_def_id] [jrn_def_type] [jrn_def_name] [jrn_def_class_deb] [jrn_def_class_cred] [jrn_type_id] [jrn_desc] [uj_priv] @endverbatim */ function get_ledger($p_type = 'ALL', $p_access = 3) { if ($this->admin != 1 && $this->is_local_admin() != 1) { $sql_type = $p_type == 'ALL' ? '' : "and jrn_def_type=upper('" . sql_string($p_type) . "')"; switch ($p_access) { case 3: $sql_access = " and uj_priv!= 'X'"; break; case 2: $sql_access = " and uj_priv = 'W'"; break; case 1: $sql_access = " and ( uj_priv = 'R' or uj_priv='W') "; break; } $sql = "select jrn_def_id,jrn_def_type,\n jrn_def_name,jrn_def_class_deb,jrn_def_class_cred,jrn_type_id,jrn_desc,uj_priv,\n jrn_deb_max_line,jrn_cred_max_line,jrn_def_description\n from jrn_def join jrn_type on jrn_def_type=jrn_type_id\n join user_sec_jrn on uj_jrn_id=jrn_def_id\n where\n uj_login='******'" . $sql_type . $sql_access . " order by jrn_Def_id"; } else { $sql_type = $p_type == 'ALL' ? '' : "where jrn_def_type=upper('" . sql_string($p_type) . "')"; $sql = "select jrn_def_id,jrn_def_type,jrn_def_name,jrn_def_class_deb,jrn_def_class_cred,jrn_deb_max_line,jrn_cred_max_line,\n jrn_type_id,jrn_desc,'W' as uj_priv,jrn_def_description\n from jrn_def join jrn_type on jrn_def_type=jrn_type_id\n {$sql_type}\n order by jrn_Def_name"; } $res = $this->db->exec_sql($sql); if (Database::num_row($res) == 0) { return null; } $array = Database::fetch_all($res); return $array; }