summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoreinhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46>2007-12-13 21:27:59 +0000
committereinhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46>2007-12-13 21:27:59 +0000
commit03bfa825f47a35ff8fac5c9a0ffa95107687901c (patch)
treeb34647425df248a3ca0699f7b59ec7b7c131883e
parent536b29fa6ca68c26012785df5ad6807ce96acc40 (diff)
Added a routine to sanitize the CGI variables. Needed for some CSV exports routines.
git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@1978 4979c152-3d1c-0410-bac9-87ea11338e46
-rwxr-xr-xLedgerSMB.pm13
-rw-r--r--LedgerSMB/DBObject/Payment.pm24
-rw-r--r--UI/payments/check_job.html6
-rw-r--r--UI/payments/payments_detail.html26
-rw-r--r--UI/payments/payments_filter.html13
-rw-r--r--sql/modules/Payment.sql15
-rw-r--r--sql/modules/Voucher.sql25
7 files changed, 83 insertions, 39 deletions
diff --git a/LedgerSMB.pm b/LedgerSMB.pm
index 49126940..30c3b2b8 100755
--- a/LedgerSMB.pm
+++ b/LedgerSMB.pm
@@ -94,6 +94,11 @@ non-numbers.
Copies the given key=>vars to $self. Allows for finer control of
merging hashes into self.
+=item remove_cgi_globals()
+
+Removes all elements starting with a . because these elements conflict with the
+ability to hide the entire structure for things like CSV lookups.
+
=back
=head1 Copyright (C) 2006, The LedgerSMB core team.
@@ -796,6 +801,14 @@ sub set {
}
+sub remove_cgi_globals {
+ my ($self) = @_;
+ for my $key (keys %$self){
+ if ($key =~ /^\./){
+ delete $self->{key}
+ }
+ }
+}
1;
diff --git a/LedgerSMB/DBObject/Payment.pm b/LedgerSMB/DBObject/Payment.pm
index 8bf22ee9..2d4ced79 100644
--- a/LedgerSMB/DBObject/Payment.pm
+++ b/LedgerSMB/DBObject/Payment.pm
@@ -75,6 +75,11 @@ sub get_metadata {
);
@{$self->{debt_accounts}} = $self->exec_method(
funcname => 'chart_get_ar_ap');
+ @{$self->{cash_accounts}} = $self->exec_method(
+ funcname => 'chart_list_cash');
+ for my $ref(@{$self->{cash_accounts}}){
+ $ref->{text} = "$ref->{accno}--$ref->{description}";
+ }
}
sub get_open_accounts {
@@ -351,8 +356,6 @@ This method sets appropriate project, department, etc. fields.
sub get_payment_detail_data {
my ($self) = @_;
- @{$self->{cash_accounts}} = $self->exec_method(
- funcname => 'chart_list_cash');
$self->get_metadata();
my $source_inc;
@@ -385,11 +388,17 @@ sub get_payment_detail_data {
sub post_bulk {
my ($self) = @_;
my $total_count = 0;
- my ($ref) = $self->callproc(
+ my ($ref) = $self->call_procedure(
procname => 'setting_get',
args => ['queue_payments'],
);
my $queue_payments = $ref->{setting_get};
+ if ($queue_payments){
+ my ($job_ref) = $self->exec_method(
+ funcname => 'job__create'
+ );
+ $self->{job_id} = $job_ref->{job__create};
+ }
$self->{payment_date} = $self->{datepaid};
for my $contact_row (1 .. $self->{contact_count}){
my $contact_id = $self->{"contact_$contact_row"};
@@ -414,12 +423,11 @@ sub post_bulk {
$self->{transactions} = $invoice_array;
$self->{source} = $self->{"source_$contact_id"};
if ($queue_payments){
- my ($job_ref) = $self->exec_method(
- funcname => 'job__create'
- );
- $self->{job_id} = $job_ref->{job__create};
$self->exec_method(
- funcname => 'payment_bulk_queue_entry'
+ funcname => 'payment_bulk_queue'
+ );
+ ($self->{job}) = $self->exec_method(
+ funcname => 'job__status'
);
} else {
$self->exec_method(funcname => 'payment_bulk_post');
diff --git a/UI/payments/check_job.html b/UI/payments/check_job.html
index 18f786cc..b59caeab 100644
--- a/UI/payments/check_job.html
+++ b/UI/payments/check_job.html
@@ -6,7 +6,7 @@
]
titlebar = text('Checking Job') # '
refresh = {
- url = "payment.pl?job_id=${job_id}&account_class=${account_class}"
+ url = "payment.pl?job_id=${job_id}&account_class=${account_class}&action=check_job"
delay = 20
}
?>
@@ -18,19 +18,17 @@
ELSE;
text('Status: Complete');
END ?></div>
- <?lsmb IF job.completed ?>
+ <?lsmb IF ! job.completed ?>
<div class="info">
<?lsmb IF job.success;
text('Completed Successfully');
ELSE;
text('Job Failed');
END ?></div>
- <?lsmb IF ! job.success ?>
<div class="info">
<?lsmb text('Error:') ?><br />
<?lsmb job.error_condition ?>
</div>
- <?lsmb END # if ! job.success ?>
<?lsmb END # if job.completed ?>
</body>
</html>
diff --git a/UI/payments/payments_detail.html b/UI/payments/payments_detail.html
index f926c041..0e931ddc 100644
--- a/UI/payments/payments_detail.html
+++ b/UI/payments/payments_detail.html
@@ -137,14 +137,18 @@
<?lsmb END # foreach b ?></span>
</div>
<?lsmb END # if business ?>
- <div class="input" id="cash_account_div">
- <select name="cash_accno" id="cash_account">
- <?lsmb FOREACH a = cash_accounts ?>
- <option value="<?lsmb a.accno ?>">
- <?lsmb a.accno ?>--<?lsmb a.description ?>
- </option>
- <?lsmb END # foreach a ?>
- </select>
+ <div class="info" id="cash_account_div">
+ <?lsmb INCLUDE input element_data = {
+ type = "hidden"
+ name = "cash_accno"
+ value = cash_accno
+ } ?>
+ <label><?lsmb text('Pay From') ?></label>
+ <?lsmb FOR c = cash_accounts -?>
+ <?lsmb IF c.accno == cash_accno -?>
+ <?lsmb c.accno ?>--<?lsmb c.description ?>
+ <?lsmb END # if c.accno -?>
+ <?lsmb END # for c -?>
</div>
<table id="payments_table">
<tr class="listheading">
@@ -270,6 +274,12 @@
class = "submit"
name = 'action'
} ?>
+ <?lsmb INCLUDE button element_data = {
+ text = text('Add Payment Fees') # '
+ value = 'paycom_add_fees'
+ class = 'submit'
+ name = 'action'
+ } ?>
</form>
</body>
</html>
diff --git a/UI/payments/payments_filter.html b/UI/payments/payments_filter.html
index 6ae341dd..c92a57c2 100644
--- a/UI/payments/payments_filter.html
+++ b/UI/payments/payments_filter.html
@@ -105,22 +105,15 @@
</select>
</div>
</div>
-<div class="listtop">
- <!-- <?lsmb INCLUDE select element_data = {
+<div class="listtop"><?lsmb text('Payment Processing') ?></div>
+ <?lsmb INCLUDE select element_data = {
name = "cash_accno"
default_values = [cash_accno]
options = cash_accounts
value_attr = "accno"
text_attr = "text"
label = text('Pay From:') # '
- } ?> -->
- <select name="cash_accno" id="cash_account">
- <?lsmb FOREACH a = cash_accounts ?>
- <option value="<?lsmb a.accno ?>">
- <?lsmb a.accno ?>--<?lsmb a.description ?>
- </option>
- <?lsmb END # foreach a ?>
- </select>
+ } ?>
<div class = "input">
<?lsmb INCLUDE input element_data = {
type = "text"
diff --git a/sql/modules/Payment.sql b/sql/modules/Payment.sql
index f48bd22f..77a48045 100644
--- a/sql/modules/Payment.sql
+++ b/sql/modules/Payment.sql
@@ -207,10 +207,6 @@ This then returns a set of contact information with a 2 dimensional array
cnsisting of outstanding invoices.
$$;
-CREATE OR REPLACE FUNCTION payment_create_queue_entry() RETURNS int AS
-$$
-$$ LANGUAGE PLPGSQL;
-
CREATE OR REPLACE FUNCTION payment_bulk_queue
(in_transactions numeric[], in_batch_id int, in_source text, in_total numeric,
in_ar_ap_accno text, in_cash_accno text,
@@ -233,21 +229,22 @@ $$ LANGUAGE PLPGSQL;
CREATE OR REPLACE FUNCTION job__process_payment(in_job_id int)
RETURNS bool AS $$
DECLARE
- queue_record RECORD
- t_auth_name text,
+ queue_record RECORD;
+ t_auth_name text;
BEGIN
-- TODO: Move the set session authorization into a utility function
- SELECT created_by INTO t_auth_name FROM pending_jobs
+ SELECT entered_by INTO t_auth_name FROM pending_job
WHERE id = in_job_id;
- EXECUTE 'SET SESSION AUTHORIZATION ' quote_ident(t_auth_name);
+ EXECUTE 'SET SESSION AUTHORIZATION ' || quote_ident(t_auth_name);
FOR queue_record IN
SELECT * from payments_queue WHERE job_id = in_job_id
LOOP
PERFORM payment_bulk_post
(transactions, batch_id, source, total, ar_ap_accno, cash_accno,
- payment_date, account_class);
+ payment_date, account_class)
+ FROM payments_queue WHERE job_id = in_job_id;
END LOOP;
UPDATE pending_job
SET completed_at = timeofday()::timestamp,
diff --git a/sql/modules/Voucher.sql b/sql/modules/Voucher.sql
index 5227a848..0633ab5d 100644
--- a/sql/modules/Voucher.sql
+++ b/sql/modules/Voucher.sql
@@ -221,3 +221,28 @@ BEGIN
return currval('batch_id_seq');
END;
$$ LANGUAGE PLPGSQL;
+
+CREATE OR REPLACE FUNCTION batch_delete(in_batch_id int) RETURNS int AS
+$$
+DECLARE
+ t_transaction_ids int[];
+BEGIN
+
+ -- voucher_id is only set in acc_trans on payment/receipt vouchers and
+ -- their reversals. -CT
+ DELETE FROM acc_trans WHERE voucher_id IN
+ (select voucher_id FROM voucher where batch_id = in_batch_id);
+
+ SELECT as_array(trans_id) INTO t_transaction_ids
+ FROM voucher WHERE batch_id = in_batch_id AND batch_class IN (1, 2, 5);
+
+ DELETE FROM acc_trans WHERE trans_id = ANY(t_transaction_ids);
+ DELETE FROM ap WHERE id = ANY(t_transaction_ids);
+ DELETE FROM gl WHERE id = ANY(t_transaction_ids);
+ DELETE FROM voucher WHERE batch_id = in_batch_id;
+ DELETE FROM batch WHERE id = in_batch_id;
+ DELETE FROM transactions WHERE id = ANY(t_transaction_ids);
+
+ RETURN 1;
+END;
+$$ language plpgsql;