PageRenderTime 39ms CodeModel.GetById 9ms RepoModel.GetById 1ms app.codeStats 0ms

/chronique/PaymentMethods.php

http://chronique.googlecode.com/
PHP | 289 lines | 224 code | 44 blank | 21 comment | 31 complexity | cedaeb10aa42f72729428ef23310f771 MD5 | raw file
Possible License(s): AGPL-1.0, GPL-2.0, LGPL-2.1, MPL-2.0-no-copyleft-exception 
    

  1. <?php
    2. 

  2. 

  3. /* $Id: PaymentMethods.php 4734 2011-10-29 03:26:27Z daintree $*/
    4. 

  4. 

  5. include('includes/session.inc');
    6. 

  6. 

  7. $title = _('Payment Methods');
    8. 

  8. 

  9. include('includes/header.inc');
    10. 

  10. 

  11. echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/transactions.png" title="' . _('Payments') .
    12. 

  12. 	'" alt="" />' . ' ' . $title.'</p>';
    13. 

  13. 

  14. if ( isset($_GET['SelectedPaymentID']) )
    15. 

  15. 	$SelectedPaymentID = $_GET['SelectedPaymentID'];
    16. 

  16. elseif (isset($_POST['SelectedPaymentID']))
    17. 

  17. 	$SelectedPaymentID = $_POST['SelectedPaymentID'];
    18. 

  18. 

  19. if (isset($Errors)) {
    20. 

  20. 	unset($Errors);
    21. 

  21. }
    22. 

  22. 

  23. $Errors = array();
    24. 

  24. 

  25. if (isset($_POST['submit'])) {
    26. 

  26. 

  27. 	//initialise no input errors assumed initially before we test
    28. 

  28. 

  29. 	$InputError = 0;
    30. 

  30. 

  31. 	/* actions to take once the user has clicked the submit button
    32. 

  32. 	ie the page has called itself with some user input */
    33. 

  33. 	$i=1;
    34. 

  34. 

  35. 	//first off validate inputs sensible
    36. 

  36. 

  37. 	if (ContainsIllegalCharacters($_POST['MethodName'])) {
    38. 

  38. 		$InputError = 1;
    39. 

  39. 		prnMsg( _('The payment method cannot contain illegal characters'),'error');
    40. 

  40. 		$Errors[$i] = 'MethodName';
    41. 

  41. 		$i++;
    42. 

  42. 	}
    43. 

  43. 	if ( trim($_POST['MethodName']) == "") {
    44. 

  44. 		$InputError = 1;
    45. 

  45. 		prnMsg( _('The payment method may not be empty.'),'error');
    46. 

  46. 		$Errors[$i] = 'MethodName';
    47. 

  47. 		$i++;
    48. 

  48. 	}
    49. 

  49. 	if (isset($_POST['SelectedPaymentID']) AND $InputError !=1) {
    50. 

  50. 

  51. 		/*SelectedPaymentID could also exist if submit had not been clicked this code would not run in this case cos submit is false of course  see the delete code below*/
    52. 

  52. 		// Check the name does not clash
    53. 

  53. 		$sql = "SELECT count(*) FROM paymentmethods
    54. 

  54. 				WHERE paymentid <> '" . $SelectedPaymentID ."'
    55. 

  55. 				AND paymentname ".LIKE." '" . $_POST['MethodName'] . "'";
    56. 

  56. 		$result = DB_query($sql,$db);
    57. 

  57. 		$myrow = DB_fetch_row($result);
    58. 

  58. 		if ( $myrow[0] > 0 ) {
    59. 

  59. 			$InputError = 1;
    60. 

  60. 			prnMsg( _('The payment method can not be renamed because another with the same name already exists.'),'error');
    61. 

  61. 		} else {
    62. 

  62. 			// Get the old name and check that the record still exists need to be very careful here
    63. 

  63. 

  64. 			$sql = "SELECT paymentname FROM paymentmethods
    65. 

  65. 					WHERE paymentid = '" . $SelectedPaymentID . "'";
    66. 

  66. 			$result = DB_query($sql,$db);
    67. 

  67. 			if ( DB_num_rows($result) != 0 ) {
    68. 

  68. 				$myrow = DB_fetch_row($result);
    69. 

  69. 				$OldName = $myrow[0];
    70. 

  70. 				$sql = "UPDATE paymentmethods
    71. 

  71. 						SET paymentname='" . $_POST['MethodName'] . "',
    72. 

  72. 							paymenttype = '" . $_POST['ForPayment'] . "',
    73. 

  73. 							receipttype = '" . $_POST['ForReceipt'] . "',
    74. 

  74. 							usepreprintedstationery = '" . $_POST['UsePrePrintedStationery']. "'
    75. 

  75. 						WHERE paymentname " . LIKE . " '".$OldName."'";
    76. 

    77. 

  77. 			} else {
    78. 

  78. 				$InputError = 1;
    79. 

  79. 				prnMsg( _('The payment method no longer exists.'),'error');
    80. 

  80. 			}
    81. 

  81. 		}
    82. 

  82. 		$msg = _('Record Updated');
    83. 

  83. 		$ErrMsg = _('Could not update payment method');
    84. 

  84. 	} elseif ($InputError !=1) {
    85. 

  85. 		/*SelectedPaymentID is null cos no item selected on first time round so must be adding a record*/
    86. 

  86. 		$sql = "SELECT count(*) FROM paymentmethods
    87. 

  87. 				WHERE paymentname LIKE'".$_POST['MethodName'] ."'";
    88. 

  88. 		$result = DB_query($sql,$db);
    89. 

  89. 		$myrow = DB_fetch_row($result);
    90. 

  90. 		if ( $myrow[0] > 0 ) {
    91. 

  91. 			$InputError = 1;
    92. 

  92. 			prnMsg( _('The payment method can not be created because another with the same name already exists.'),'error');
    93. 

  93. 		} else {
    94. 

  94. 			$sql = "INSERT INTO paymentmethods (	paymentname,
    95. 

  95. 												paymenttype,
    96. 

  96. 												receipttype,
    97. 

  97. 												usepreprintedstationery)
    98. 

  98. 								VALUES ('" . $_POST['MethodName'] ."',
    99. 

  99. 										'" . $_POST['ForPayment'] ."',
    100. 

  100. 										'" . $_POST['ForReceipt'] ."',
    101. 

  101. 										'" . $_POST['UsePrePrintedStationery'] ."')";
    102. 

  102. 		}
    103. 

  103. 		$msg = _('Record inserted');
    104. 

  104. 		$ErrMsg = _('Could not insert payment method');
    105. 

  105. 	}
    106. 

  106. 

  107. 	if ($InputError!=1){
    108. 

  108. 		$result = DB_query($sql,$db, $ErrMsg);
    109. 

  109. 		prnMsg($msg,'success');
    110. 

  110. 		echo '<br />';
    111. 

  111. 	}
    112. 

  112. 	unset ($SelectedPaymentID);
    113. 

  113. 	unset ($_POST['SelectedPaymentID']);
    114. 

  114. 	unset ($_POST['MethodName']);
    115. 

  115. 	unset ($_POST['ForPayment']);
    116. 

  116. 	unset ($_POST['ForReceipt']);
    117. 

  117. 	unset ($_POST['UsePrePrintedStationery']);
    118. 

  118. 

  119. } elseif (isset($_GET['delete'])) {
    120. 

  120. //the link to delete a selected record was clicked instead of the submit button
    121. 

  121. // PREVENT DELETES IF DEPENDENT RECORDS IN 'stockmaster'
    122. 

  122. 	// Get the original name of the payment method the ID is just a secure way to find the payment method
    123. 

  123. 	$sql = "SELECT paymentname FROM paymentmethods
    124. 

  124. 			WHERE paymentid = '" . $SelectedPaymentID . "'";
    125. 

  125. 	$result = DB_query($sql,$db);
    126. 

  126. 	if ( DB_num_rows($result) == 0 ) {
    127. 

  127. 		// This is probably the safest way there is
    128. 

  128. 		prnMsg( _('Cannot delete this payment method because it no longer exist'),'warn');
    129. 

  129. 	} else {
    130. 

  130. 		$myrow = DB_fetch_row($result);
    131. 

  131. 		$OldMeasureName = $myrow[0];
    132. 

  132. 		$sql= "SELECT COUNT(*) FROM banktrans 
    133. 

  133. 				WHERE banktranstype LIKE '" . $OldMeasureName . "'";
    134. 

  134. 		$result = DB_query($sql,$db);
    135. 

  135. 		$myrow = DB_fetch_row($result);
    136. 

  136. 		if ($myrow[0]>0) {
    137. 

  137. 			prnMsg( _('Cannot delete this payment method because bank transactions have been created using this payment method'),'warn');
    138. 

  138. 			echo '<br />' . _('There are') . ' ' . $myrow[0] . ' ' . _('bank transactions that refer to this payment method') . '</font>';
    139. 

  139. 		} else {
    140. 

  140. 			$sql="DELETE FROM paymentmethods WHERE paymentname " . LIKE  . " '" . $OldMeasureName . "'";
    141. 

  141. 			$result = DB_query($sql,$db);
    142. 

  142. 			prnMsg( $OldMeasureName . ' ' . _('payment method has been deleted') . '!','success');
    143. 

  143. 			echo '<br />';
    144. 

  144. 		} //end if not used
    145. 

  145. 	} //end if payment method exist
    146. 

  146. 	unset ($SelectedPaymentID);
    147. 

  147. 	unset ($_GET['SelectedPaymentID']);
    148. 

  148. 	unset($_GET['delete']);
    149. 

  149. 	unset ($_POST['SelectedPaymentID']);
    150. 

  150. 	unset ($_POST['MethodID']);
    151. 

  151. 	unset ($_POST['MethodName']);
    152. 

  152. 	unset ($_POST['ForPayment']);
    153. 

  153. 	unset ($_POST['ForReceipt']);
    154. 

  154. }
    155. 

  155. 

  156.  if (!isset($SelectedPaymentID)) {
    157. 

  157. 

  158. /* A payment method could be posted when one has been edited and is being updated
    159. 

  159.   or GOT when selected for modification
    160. 

  160.   SelectedPaymentID will exist because it was sent with the page in a GET .
    161. 

  161.   If its the first time the page has been displayed with no parameters
    162. 

  162.   then none of the above are true and the list of payment methods will be displayed with
    163. 

  163.   links to delete or edit each. These will call the same page again and allow update/input
    164. 

  164.   or deletion of the records*/
    165. 

  165. 

  166. 	$sql = "SELECT paymentid,
    167. 

  167. 					paymentname,
    168. 

  168. 					paymenttype,
    169. 

  169. 					receipttype,
    170. 

  170. 					usepreprintedstationery
    171. 

  171. 			FROM paymentmethods
    172. 

  172. 			ORDER BY paymentid";
    173. 

    174. 

  174. 	$ErrMsg = _('Could not get payment methods because');
    175. 

  175. 	$result = DB_query($sql,$db,$ErrMsg);
    176. 

  176. 

  177. 	echo '<table class="selection">
    178. 

  178. 		<tr>
    179. 

  179. 			<th>' . _('Payment Method') . '</th>
    180. 

  180. 			<th>' . _('For Payments') . '</th>
    181. 

  181. 			<th>' . _('For Receipts') . '</th>
    182. 

  182. 			<th>' . _('Use Pre-printed') .'<br />' . _('Stationery') . '</th>
    183. 

  183. 		</tr>';
    184. 

    185. 

  185. 	$k=0; //row colour counter
    186. 

  186. 	while ($myrow = DB_fetch_array($result)) {
    187. 

  187. 

  188. 		if ($k==1){
    189. 

  189. 			echo '<tr class="EvenTableRows">';
    190. 

  190. 			$k=0;
    191. 

  191. 		} else {
    192. 

  192. 			echo '<tr class="OddTableRows">';
    193. 

  193. 			$k++;
    194. 

  194. 		}
    195. 

  195. 

  196. 		echo '<td>' . $myrow['paymentname'] . '</td>
    197. 

  197. 				<td>' . ($myrow['paymenttype'] ? _('Yes') : _('No')) . '</td>
    198. 

  198. 				<td>' . ($myrow['receipttype'] ? _('Yes') : _('No')) . '</td>
    199. 

  199. 				<td>' . ($myrow['usepreprintedstationery'] ? _('Yes') : _('No')) . '</td>
    200. 

  200. 				<td><a href="' . htmlspecialchars($_SERVER['PHP_SELF']) . '?SelectedPaymentID=' . $myrow['paymentid'] . '">' . _('Edit') . '</a></td>
    201. 

  201. 				<td><a href="' . htmlspecialchars($_SERVER['PHP_SELF']) . '?SelectedPaymentID=' . $myrow['paymentid'] . '&delete=1" onclick="return confirm(\'' . _('Are you sure you wish to delete this payment method?') . '\');">' . _('Delete') .'</a></td>
    202. 

  202. 			</tr>';
    203. 

    204. 

  204. 	} //END WHILE LIST LOOP
    205. 

  205. 	echo '</table><p>';
    206. 

  206. } //end of ifs and buts!
    207. 

  207. 

  208. 

  209. if (isset($SelectedPaymentID)) {
    210. 

  210. 	echo '<div class="centre"><a href=' . htmlspecialchars($_SERVER['PHP_SELF']) . '?' . SID .'>' . _('Review Payment Methods') . '</a></div>';
    211. 

  211. }
    212. 

  212. 

  213. echo '<p>';
    214. 

  214. 

  215. if (! isset($_GET['delete'])) {
    216. 

  216. 

  217. 	echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF']) . '">';
    218. 

  218. 	echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
    219. 

  219. 

  220. 	if (isset($SelectedPaymentID)) {
    221. 

  221. 		//editing an existing section
    222. 

  222. 

  223. 		$sql = "SELECT paymentid,
    224. 

  224. 						paymentname,
    225. 

  225. 						paymenttype,
    226. 

  226. 						receipttype,
    227. 

  227. 						usepreprintedstationery
    228. 

  228. 				FROM paymentmethods
    229. 

  229. 				WHERE paymentid='" . $SelectedPaymentID . "'";
    230. 

    231. 

  231. 		$result = DB_query($sql, $db);
    232. 

  232. 		if ( DB_num_rows($result) == 0 ) {
    233. 

  233. 			prnMsg( _('Could not retrieve the requested payment method, please try again.'),'warn');
    234. 

  234. 			unset($SelectedPaymentID);
    235. 

  235. 		} else {
    236. 

  236. 			$myrow = DB_fetch_array($result);
    237. 

  237. 

  238. 			$_POST['MethodID'] = $myrow['paymentid'];
    239. 

  239. 			$_POST['MethodName'] = $myrow['paymentname'];
    240. 

  240. 			$_POST['ForPayment'] = $myrow['paymenttype'];
    241. 

  241. 			$_POST['ForReceipt'] = $myrow['receipttype'];
    242. 

  242. 			$_POST['UsePrePrintedStationery'] = $myrow['usepreprintedstationery'];
    243. 

  243. 

  244. 			echo '<input type="hidden" name="SelectedPaymentID" value="' . $_POST['MethodID'] . '">';
    245. 

  245. 			echo '<table class="selection">';
    246. 

  246. 		}
    247. 

  247. 

  248. 	}  else {
    249. 

  249. 		$_POST['MethodName']='';
    250. 

  250. 		$_POST['ForPayment'] = 1; // Default is use for payment
    251. 

  251. 		$_POST['ForReceipt'] = 1; // Default is use for receipts
    252. 

  252. 		$_POST['UsePrePrintedStationery'] = 0; // Default is use for receipts
    253. 

  253. 		echo '<table class=selection>';
    254. 

  254. 	}
    255. 

  255. 	echo '<tr>
    256. 

  256. 			<td>' . _('Payment Method') . ':' . '</td>
    257. 

  257. 			<td><input type="Text" '. (in_array('MethodName',$Errors) ? 'class="inputerror"' : '' ) .' name="MethodName" size="30" maxlength="30" value="' . $_POST['MethodName'] . '"></td>
    258. 

  258. 		</tr>';
    259. 

  259. 	echo '<tr>
    260. 

  260. 		<td>' . _('Use For Payments') . ':' . '</td>
    261. 

  261. 		<td><select name="ForPayment">
    262. 

  262. 			<option' . ($_POST['ForPayment'] ? ' selected' : '') .' value="1">' . _('Yes') . '</option>
    263. 

  263. 			<option' . ($_POST['ForPayment'] ? '' : ' selected') .' value="0">' . _('No') . '</select></td>
    264. 

  264. 		</tr>';
    265. 

  265. 	echo '<tr>
    266. 

  266. 			<td>' . _('Use For Receipts') . ':' . '</td>
    267. 

  267. 			<td><select name="ForReceipt">
    268. 

  268. 				<option' . ($_POST['ForReceipt'] ? ' selected' : '') .' value="1">' . _('Yes') . '</option>
    269. 

  269. 				<option' . ($_POST['ForReceipt'] ? '' : ' selected') .' value="0">' . _('No') . '</option>
    270. 

  270. 			</select></td>
    271. 

  271. 		</tr>';
    272. 

  272. 	echo '<tr>
    273. 

  273. 			<td>' . _('Use Pre-printed Stationery') . ':' . '</td>
    274. 

  274. 			<td><select name="UsePrePrintedStationery">
    275. 

  275. 				<option' . ($_POST['UsePrePrintedStationery'] ? ' selected': '' ) .' value="1">' . _('Yes') . '</option>
    276. 

  276. 				<option' . ($_POST['UsePrePrintedStationery']==1 ? '' : ' selected' ) .' value="0">' . _('No') . '</option>
    277. 

  277. 				</select></td>
    278. 

  278. 		</tr>';
    279. 

  279. 	
    280. 

  280. 	echo '</table>';
    281. 

  281. 

  282. 	echo '<br /><div class="centre"><input type="submit" name="submit" value=' . _('Enter Information') . '></div>';
    283. 

  283. 

  284. 	echo '</form>';
    285. 

  285. 

  286. } //end if record deleted no point displaying form to add record
    287. 

  287. 

  288. include('includes/footer.inc');
    289. 

  289. ?>
    290.