Home Esplora Aiuto
Accedi
fusionpbx
/
fusionpbx-apps
mirror da https://github.com/fusionpbx/fusionpbx-apps.git
2
0
Forka 0
File Problemi 0 Wiki
Albero (Tree): 1f4948eba6
Rami (Branch) Tag
fusionpbx-apps
/
invoices
/
invoice_item_edit.php

invoice_item_edit.php 8.4 KB
Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234 
  1. <?php
    2. 

  2. /* $Id$ */
    3. 

  3. /*
    4. 

  4. 	Copyright (C) 2008-2013 Mark J Crane
    5. 

  5. 	All rights reserved.
    6. 

  6. 

  7. 	Redistribution and use in source and binary forms, with or without
    8. 

  8. 	modification, are permitted provided that the following conditions are met:
    9. 

  9. 

  10. 	1. Redistributions of source code must retain the above copyright notice,
    11. 

  11. 	   this list of conditions and the following disclaimer.
    12. 

  12. 

  13. 	2. Redistributions in binary form must reproduce the above copyright
    14. 

  14. 	   notice, this list of conditions and the following disclaimer in the
    15. 

  15. 	   documentation and/or other materials provided with the distribution.
    16. 

  16. 

  17. 	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
    18. 

  18. 	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
    19. 

  19. 	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
    20. 

  20. 	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
    21. 

  21. 	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
    22. 

  22. 	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
    23. 

  23. 	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
    24. 

  24. 	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    25. 

  25. 	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
    26. 

  26. 	POSSIBILITY OF SUCH DAMAGE.
    27. 

  27. */
    28. 

  28. 

  29. //includes files
    30. 

  30. 	require_once dirname(__DIR__, 2) . "/resources/require.php";
    31. 

  31. 	require_once "resources/check_auth.php";
    32. 

  32. 	
    33. 

  33. //check permissionss
    34. 

  34. 	if (permission_exists('invoice_item_add') || permission_exists('invoice_item_edit')) {
    35. 

  35. 		//access granted
    36. 

  36. 	}
    37. 

  37. 	else {
    38. 

  38. 		echo "access denied";
    39. 

  39. 		exit;
    40. 

  40. 	}
    41. 

  41. 

  42. //add multi-lingual support
    43. 

  43. 	$language = new text;
    44. 

  44. 	$text = $language->get();
    45. 

  45. 

  46. //action add or update
    47. 

  47. 	if (isset($_REQUEST["id"])) {
    48. 

  48. 		$action = "update";
    49. 

  49. 		$invoice_item_uuid = check_str($_REQUEST["id"]);
    50. 

  50. 		$back = check_str($_REQUEST['back']);
    51. 

  51. 	}
    52. 

  52. 	else {
    53. 

  53. 		$action = "add";
    54. 

  54. 		$back = check_str($_REQUEST['back']);
    55. 

  55. 	}
    56. 

  56. 

  57. //get http post variables and set them to php variables
    58. 

  58. 	if (strlen(count($_REQUEST)) > 0) {
    59. 

  59. 		$contact_uuid = check_str($_REQUEST["contact_uuid"]);
    60. 

  60. 		$invoice_uuid = check_str($_REQUEST["invoice_uuid"]);
    61. 

  61. 	}	
    62. 

  62. 	if (count($_POST) > 0) {
    63. 

  63. 		$item_qty = check_str($_POST["item_qty"]);
    64. 

  64. 		$item_desc = check_str($_POST["item_desc"]);
    65. 

  65. 		$item_unit_price = check_str($_POST["item_unit_price"]);
    66. 

  66. 	}
    67. 

  67. 

  68. //process the data from the http post
    69. 

  69. 	if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
    70. 

  70. 

  71. 		//get the id
    72. 

  72. 			if ($action == "update") {
    73. 

  73. 				$invoice_item_uuid = check_str($_POST["invoice_item_uuid"]);
    74. 

  74. 			}
    75. 

  75. 

  76. 		//check for all required data
    77. 

  77. 			$msg = '';
    78. 

  78. 			//if (strlen($invoice_item_uuid) == 0) { $msg .= $text['message-required']." ".$text['label-invoice_item_uuid']."<br>\n"; }
    79. 

  79. 			//if (strlen($domain_uuid) == 0) { $msg .= $text['message-required']." ".$text['label-domain_uuid']."<br>\n"; }
    80. 

  80. 			//if (strlen($invoice_uuid) == 0) { $msg .= $text['message-required']." ".$text['label-invoice_uuid']."<br>\n"; }
    81. 

  81. 			if (strlen($item_qty) == 0) { $msg .= $text['message-required']." ".$text['label-item_qty']."<br>\n"; }
    82. 

  82. 			//if (strlen($item_desc) == 0) { $msg .= $text['message-required']." ".$text['label-item_desc']."<br>\n"; }
    83. 

  83. 			//if (strlen($item_unit_price) == 0) { $msg .= $text['message-required']." ".$text['label-item_unit_price']."<br>\n"; }
    84. 

  84. 			if (strlen($msg) > 0 && strlen($_POST["persistformvar"]) == 0) {
    85. 

  85. 				require_once "resources/header.php";
    86. 

  86. 				require_once "resources/persist_form_var.php";
    87. 

  87. 				echo "<div align='center'>\n";
    88. 

  88. 				echo "<table><tr><td>\n";
    89. 

  89. 				echo $msg."<br />";
    90. 

  90. 				echo "</td></tr></table>\n";
    91. 

  91. 				persistformvar($_POST);
    92. 

  92. 				echo "</div>\n";
    93. 

  93. 				require_once "resources/footer.php";
    94. 

  94. 				return;
    95. 

  95. 			}
    96. 

  96. 

  97. 		//add or update the database
    98. 

  98. 			if ($_POST["persistformvar"] != "true") {
    99. 

  99. 				if ($action == "add" && permission_exists('invoice_item_add')) {
    100. 

  100. 					$invoice_item_uuid = uuid();
    101. 

  101. 					$sql = "insert into v_invoice_items ";
    102. 

  102. 					$sql .= "(";
    103. 

  103. 					$sql .= "domain_uuid, ";
    104. 

  104. 					$sql .= "invoice_uuid, ";
    105. 

  105. 					$sql .= "invoice_item_uuid, ";
    106. 

  106. 					$sql .= "item_qty, ";
    107. 

  107. 					$sql .= "item_desc, ";
    108. 

  108. 					$sql .= "item_unit_price ";
    109. 

  109. 					$sql .= ")";
    110. 

  110. 					$sql .= "values ";
    111. 

  111. 					$sql .= "(";
    112. 

  112. 					$sql .= "'$domain_uuid', ";
    113. 

  113. 					$sql .= "'$invoice_uuid', ";
    114. 

  114. 					$sql .= "'$invoice_item_uuid', ";
    115. 

  115. 					$sql .= "'$item_qty', ";
    116. 

  116. 					$sql .= "'$item_desc', ";
    117. 

  117. 					$sql .= "'$item_unit_price' ";
    118. 

  118. 					$sql .= ")";
    119. 

  119. 					$db->exec(check_sql($sql));
    120. 

  120. 					unset($sql);
    121. 

  121. 

  122. 					//set redirect
    123. 

  123. 					$_SESSION['message'] = $text['message-add'];
    124. 

  124. 					$back = ($back != '') ? "&back=".$back : null;
    125. 

  125. 					header("Location: invoice_edit.php?id=".$invoice_uuid."&contact_uuid=".$contact_uuid.$back);
    126. 

  126. 					return;
    127. 

  127. 	
    128. 

  128. 				} //if ($action == "add")
    129. 

  129. 

  130. 				if ($action == "update" && permission_exists('invoice_item_edit')) {
    131. 

  131. 					$sql = "update v_invoice_items set ";
    132. 

  132. 					$sql .= "item_qty = '$item_qty', ";
    133. 

  133. 					$sql .= "item_desc = '$item_desc', ";
    134. 

  134. 					$sql .= "item_unit_price = '$item_unit_price' ";
    135. 

  135. 					$sql .= "where domain_uuid = '$domain_uuid' ";
    136. 

  136. 					$sql .= "and invoice_item_uuid = '$invoice_item_uuid'";
    137. 

  137. 					$db->exec(check_sql($sql));
    138. 

  138. 					unset($sql);
    139. 

  139. 

  140. 					//set redirect
    141. 

  141. 					$_SESSION['message'] = $text['message-update'];
    142. 

  142. 					$back = ($back != '') ? "&back=".$back : null;
    143. 

  143. 					header("Location: invoice_edit.php?id=".$invoice_uuid."&contact_uuid=".$contact_uuid.$back);
    144. 

  144. 					return;
    145. 

  145. 

  146. 				} //if ($action == "update")
    147. 

  147. 			} //if ($_POST["persistformvar"] != "true")
    148. 

  148. 	} //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0)
    149. 

  149. 

  150. //pre-populate the form
    151. 

  151. 	if (count($_GET) > 0 && $_POST["persistformvar"] != "true") {
    152. 

  152. 		$invoice_item_uuid = check_str($_GET["id"]);
    153. 

  153. 		$sql = "select * from v_invoice_items ";
    154. 

  154. 		$sql .= "where domain_uuid = '$domain_uuid' ";
    155. 

  155. 		$sql .= "and invoice_item_uuid = '$invoice_item_uuid' ";
    156. 

  156. 		$prep_statement = $db->prepare(check_sql($sql));
    157. 

  157. 		$prep_statement->execute();
    158. 

  158. 		$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
    159. 

  159. 		foreach ($result as &$row) {
    160. 

  160. 			$item_qty = $row["item_qty"];
    161. 

  161. 			$item_desc = $row["item_desc"];
    162. 

  162. 			$item_unit_price = $row["item_unit_price"];
    163. 

  163. 			break; //limit to 1 row
    164. 

  164. 		}
    165. 

  165. 		unset ($prep_statement);
    166. 

  166. 	}
    167. 

  167. 

  168. //show the header
    169. 

  169. 	require_once "resources/header.php";
    170. 

  170. 

  171. //show the content
    172. 

  172. 	echo "<form method='post' name='frm' action=''>\n";
    173. 

  173. 	echo "<table width='100%'  border='0' cellpadding='0' cellspacing='0'>\n";
    174. 

  174. 	echo "<tr>\n";
    175. 

  175. 	echo "<td align='left' width='30%' valign='top' nowrap='nowrap'><b>".$text['title-invoice_item']."</b></td>\n";
    176. 

  176. 	echo "<td width='70%' align='right' valign='top'>\n";
    177. 

  177. 	echo "	<input type='button' class='btn' name='' alt='".$text['button-back']."' onclick=\"history.go(-1);\" value='".$text['button-back']."'>\n";
    178. 

  178. 	echo "</td>\n";
    179. 

  179. 	echo "</tr>\n";
    180. 

  180. 

  181. 	echo "<tr>\n";
    182. 

  182. 	echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
    183. 

  183. 	echo "	".$text['label-item_qty']."\n";
    184. 

  184. 	echo "</td>\n";
    185. 

  185. 	echo "<td class='vtable' align='left'>\n";
    186. 

  186. 	echo "  <input class='formfld' type='text' name='item_qty' maxlength='255' value='".escape($item_qty)."'>\n";
    187. 

  187. 	echo "<br />\n";
    188. 

  188. 	echo $text['description-item_qty']."\n";
    189. 

  189. 	echo "</td>\n";
    190. 

  190. 	echo "</tr>\n";
    191. 

  191. 

  192. 	echo "<tr>\n";
    193. 

  193. 	echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
    194. 

  194. 	echo "	".$text['label-item_unit_price']."\n";
    195. 

  195. 	echo "</td>\n";
    196. 

  196. 	echo "<td class='vtable' align='left'>\n";
    197. 

  197. 	echo "  <input class='formfld' type='text' name='item_unit_price' maxlength='255' value='".escape($item_unit_price)."'>\n";
    198. 

  198. 	echo "<br />\n";
    199. 

  199. 	echo $text['description-item_unit_price']."\n";
    200. 

  200. 	echo "</td>\n";
    201. 

  201. 	echo "</tr>\n";
    202. 

  202. 

  203. 	echo "<tr>\n";
    204. 

  204. 	echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
    205. 

  205. 	echo "	".$text['label-item_desc']."\n";
    206. 

  206. 	echo "</td>\n";
    207. 

  207. 	echo "<td class='vtable' align='left'>\n";
    208. 

  208. 	echo "  <textarea class='formfld' type='text' rows='15' name='item_desc'>".escape($item_desc)."</textarea>\n";
    209. 

  209. 	echo "<br />\n";
    210. 

  210. 	//echo $text['description-item_desc']."\n";
    211. 

  211. 	echo "</td>\n";
    212. 

  212. 	echo "</tr>\n";
    213. 

  213. 

  214. 	echo "	<tr>\n";
    215. 

  215. 	echo "		<td colspan='2' align='right'>\n";
    216. 

  216. 	echo "			<input type='hidden' name='invoice_uuid' value='".escape($invoice_uuid)."'>\n";
    217. 

  217. 	echo "			<input type='hidden' name='contact_uuid' value='".escape($contact_uuid)."'>\n";
    218. 

  218. 	if ($action == "update") {
    219. 

  219. 		if ($back != '') {
    220. 

  220. 			echo "		<input type='hidden' name='back' value='".escape($back)."'>";
    221. 

  221. 		}
    222. 

  222. 		echo "		<input type='hidden' name='invoice_item_uuid' value='".escape($invoice_item_uuid)."'>\n";
    223. 

  223. 	}
    224. 

  224. 	echo "			<br><input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
    225. 

  225. 	echo "		</td>\n";
    226. 

  226. 	echo "	</tr>";
    227. 

  227. 	echo "</table>";
    228. 

  228. 	echo "<br><br>";
    229. 

  229. 	echo "</form>";
    230. 

  230. 

  231. //include the footer
    232. 

  232. 	require_once "resources/footer.php";
    233. 

  233. 

  234. ?>
    235.