9 files changed, 304 insertions, 7 deletions
diff --git a/LedgerSMB.pm b/LedgerSMB.pm
index 7b555e10..b4d6c360 100755
--- a/LedgerSMB.pm
+++ b/LedgerSMB.pm
@@ -196,6 +196,7 @@ sub new {
        #check for valid session unless this is an inital authentication
        #request -- CT
        if (!LedgerSMB::Auth::session_check( $cookie{"LedgerSMB"}, $self) ) {
+            print STDERR "Session did not check";
             $self->_get_password("Session Expired");
             exit;
        }
@@ -633,7 +634,6 @@ sub error {
 sub _db_init {
     my $self     = shift @_;
     my %args     = @_;
-
     my $creds = LedgerSMB::Auth::get_credentials();
   
     $self->{login} = $creds->{login};
diff --git a/LedgerSMB/Auth/DB.pm b/LedgerSMB/Auth/DB.pm
index da89711f..ca5f01fa 100755
--- a/LedgerSMB/Auth/DB.pm
+++ b/LedgerSMB/Auth/DB.pm
@@ -132,6 +132,7 @@ sub session_check {
 
 sub session_create {
     my ($lsmb) = @_;
+    print STDERR "Creating Session\n";
     my $path = ($ENV{SCRIPT_NAME});
     $path =~ s|[^/]*$||;
     use Time::HiRes qw(gettimeofday);
diff --git a/UI/login.js b/UI/login.js
index aa2af97c..5f5eed63 100644
--- a/UI/login.js
+++ b/UI/login.js
@@ -17,7 +17,6 @@ function submit_form() {
 		+ document.login.company.value, false, 
 		username, password);
 	http.send("");
-	alert(http.status);
         if (http.status != 200){
 		alert("Access Denied:  Bad username/Password");
 		return false;
@@ -36,4 +35,4 @@ function check_auth() {
         + document.login.company.value, false, 
 		username, password
     );
-}
-\ No newline at end of file
+}
diff --git a/UI/payment1.html b/UI/payment1.html
new file mode 100644
index 00000000..d064ad0e
--- /dev/null
+++ b/UI/payment1.html
@@ -0,0 +1,124 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+  <title><?lsmb titlebar ?></title>
+  <meta http-equiv="Pragma" content="no-cache" />
+  <meta http-equiv="Expires" content="-1" />
+  <link rel="shortcut icon" href="favicon.ico" type="image/x-icon" />
+  <link rel="stylesheet" href="css/<?lsmb stylesheet ?>" type="text/css" />
+
+  <meta http-equiv="content-type" content="text/html; charset=<?lsmb charset ?>" />  
+  <meta name="robots" content="noindex,nofollow" />
+
+</head>
+
+<body id="payment-1-body">
+
+<form name="search" method="post" action="payment.pl">
+	
+<?lsmb PROCESS elements.html  # Include form elements helper. ?>
+
+<?lsmb PROCESS input element_data=sort ?>
+<?lsmb PROCESS input element_data=nextsub ?>
+<?lsmb PROCESS input element_data=selectcustomer ?>
+<?lsmb PROCESS input element_data=selectaccount ?>
+<?lsmb PROCESS input element_data=selectAR ?>
+<?lsmb PROCESS input element_data=selectadvance ?>
+<?lsmb PROCESS input element_data=defaultcurrency ?>
+<?lsmb PROCESS input element_data=datepaid ?>
+<?lsmb PROCESS input element_data=closedto ?>
+<?lsmb PROCESS input element_data=path ?>
+<?lsmb login.type = 'hidden' ; PROCESS input element_data=login ?>
+<?lsmb accountclass.type = 'hidden'; PROCESS input element_data=accountclass?>
+<?lsmb PROCESS input element_data=sessionid ?>
+<?lsmb PROCESS input element_data=vc ?>
+
+<?lsmb type.type = "hidden";
+       PROCESS input element_data=type;
+ ?>
+ 
+<?lsmb PROCESS input element_data=selectdepartment ?>
+<?lsmb PROCESS input element_data=callback ?>
+<?lsmb PROCESS input element_data=ARAP ?>
+<?lsmb PROCESS input element_data=nextsub ?>
+
+<table width=100%>
+  <tr id="top-bar" class="listtop">
+    <th id="top-bar-header" class="listtop"><label  id="top-bar-header-label"><?lsmb text('Receipts') ?></th>
+  </tr>
+</table>
+
+<table id="search-form-table">
+	<tr id="search-form-row">
+		<td id="projects-label-column" class="label-left"><?lsmb text('Projects') ?></td>
+		<td id="projects-column" colspan="5">
+			<?lsmb PROCESS select element_data=projects ?>
+		</td>
+	</tr>
+	<tr id="cost-center-row">
+		<td id="cost-center-label-column" class="label-left"><?lsmb text('Departments') ?></td>
+		<td id="department-column">
+			<?lsmb PROCESS select element_data=department ?>
+  	</td>
+	</tr>
+	<tr id="vc-currency-row">
+		<td id="vc-label-column" class="label-left">
+		 <?lsmb IF (type.value == 'receipt') ?>
+		   <?lsmb text('Customer')?>
+		 <?lsmb ELSE; text('Vendor')?>
+		 <?lsmb END ?>		
+                     		 
+		</td>
+		<td id="vc-column">
+			<?lsmb PROCESS select element_data=vendor_customer ?>
+		</td>
+  	<td id="currency-label-column" class="label-left"><?lsmb text('Currency') ?></td>
+		<td id="currency-column">
+			<?lsmb PROCESS select element_data=curr ?>
+		</td>
+	</tr>
+  <tr id="daterange-row">
+		<td id="daterange-label-column" class="label-left"><?lsmb text('Period') ?></td>
+		<td id="month-year-column" colspan="5">
+			<?lsmb PROCESS select element_data=month ?>
+			<?lsmb PROCESS select element_data=year ?>
+			
+			<?lsmb 
+			  FOREACH interval_radio IN interval_radios;
+			    interval_radio.type  = "radio";
+			    interval_radio.class = "radio";
+			    PROCESS input element_data=interval_radio;
+			  END;
+			?>
+		</td>
+	</tr>
+	<tr id="total-row">
+		<td id="total-gt-label-column" class="label-left"><?lsmb text('Total') ?> &gt;=</td>
+		<td id="total-gt-column">
+			<?lsmb 
+			     amountfrom.type      = "text";
+			     amountfrom.size      = "10"  ;
+			     amountfrom.maxlenght = "10"  ;
+			     PROCESS input element_data=amountfrom;
+		         ?>
+		</td>
+		<td id="total-lt-label-column" class="label-left" align=right><?lsmb text('Total') ?> &lt;=</td>
+		<td id="total-lt-column">
+			<?lsmb 
+			     amountto.type        = "text";
+			     amountto.size        = "10"  ;
+			     amountto.maxlenght   = "10"  ;
+			     PROCESS input element_data=amountto;
+			?>
+		</td>
+	</tr>
+</table>
+			
+<hr />
+
+<?lsmb PROCESS button element_data=action ?>
+
+</form>
+</body>
+</html>
diff --git a/UI/payment2.html b/UI/payment2.html
new file mode 100644
index 00000000..1b53d6da
--- /dev/null
+++ b/UI/payment2.html
@@ -0,0 +1,161 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+  <title><?lsmb titlebar ?></title>
+  <meta http-equiv="Pragma" content="no-cache" />
+  <meta http-equiv="Expires" content="-1" />
+  <link rel="shortcut icon" href="favicon.ico" type="image/x-icon" />
+  <link rel="stylesheet" href="css/<?lsmb stylesheet ?>" type="text/css" />
+
+  <meta http-equiv="content-type" content="text/html; charset=<?lsmb charset ?>" />  
+  <meta name="robots" content="noindex,nofollow" />
+</head>
+<body id="payment_2_body">
+ <form name="pay_single_dues" method="post" action="payment.pl">
+
+ <?lsmb PROCESS elements.html  # Include form elements helper. ?>
+
+ <table width=100%>
+  <tr id="top_bar" class="listtop">
+    <th id="top_bar_header" class="listtop"><?lsmb header.text ?></th>
+  </tr>
+ </table>
+ <table width=100% id="info_table">
+  <tr valign=top id="info_row">
+   <td width=50% id="info_data">
+    <table id="cv_info_table">
+     <tr id="cv_row">
+      <th class="label_left" id="cv_label_column"><?lsmb  text('Vendor') ?></th>
+       <td id="cv_column"><?lsmb vc.name ?></td>
+     </tr>
+     <tr id="cv_address_row">
+      <th valign="top" align="right" id="cv_address_label_column"><?lsmb text('Address') ?></th>
+      <td id="cv_address_column">
+       <table id="cv_address_table">
+       <?lsmb # this table will show the customer/vendor address, city, phone and others things that could help to reminds them?>
+       <?lsmb FOREACH address IN vc.address  # Loop through customer/vendor address info ?>
+         <tr>
+          <td><?lsmb address.text ?></td>
+         </tr>
+	      <?lsmb END ?>
+        </table>
+      </td>
+     </tr>
+     <tr align="right" id="notes_row">
+      <th valign="top" id="notes_column"><?lsmb text('Notes') ?></th>
+      <td><textarea id="notes" name="notes" cols="35" rows="3"></textarea></td>
+     </tr>
+    </table>
+   </td>
+   <td align="right">
+    <table>
+     <?lsmb # the project will be shown if it was selected in the first step  ?>
+     <?lsmb IF project.value  # Only process element if the value exists.  ?>
+     <tr id="project_row">
+      <th align="right" nowrap id="project_label_column"><?lsmb text('Projects') ?>:</th>
+      <td colspan="2" id="project_column">
+          <?lsmb project.text ?>
+	  <?lsmb  project.type="hidden"; PROCESS input element_data=project ?>
+     </td>
+     </tr>
+     <?lsmb END ?>
+     <?lsmb #the department will be shown if it was selected in the first step ?>
+     <?lsmb IF department.value  # Only process element if one exists. As in project above ?>
+     <tr id="department-row">
+      <th align="right" nowrap id="department_label_column"><?lsmb  text('Department')  ?>:</th>
+      <td colspan="2" id="department_column">
+       <?lsmb  department.text ?>
+       <?lsmb  department.type="hidden"; PROCESS input element_data=department ?>
+      </td>
+     </tr>
+     <?lsmb END ?>
+     <tr id="account_row">
+     <?lsmb  #here goes all the posible accounts were the paid can be done  ?>
+      <th align="right" nowrap id="account_label_column"><?lsmb text('Account') ?></th>
+      <td colspan="2" id="account_column"><?lsmb PROCESS select element_data=account ?></td>
+     </tr>
+     <tr id="date_row"><?lsmb # here goes an input where the date can be written, we can also use a java calendar :). We can use an ajax script to call the Exchange rate of the input date wich can be called with the onChange Method	  ?>
+      <th align="right" nowrap id="date_label_column"><?lsmb text('Date') ?></th>
+      <td colspan="2" id="date_column"> <?lsmb PROCESS input element_data=datepaid ?> </td>
+     </tr>
+     <tr id="source_row">
+     <?lsmb # here goes all the posible sources wich we can use ?>
+      <th align="right" nowrap id="source_label_column"><?lsmb text('Source')?></th>
+       <td width="28%" id="source_column"><?lsmb PROCESS select element_data=source ?></td>
+       <td id="source_text_column"><?lsmb PROCESS input element_data=source_text ?></td>
+     </tr>
+     <tr id="currency_row">
+     <?lsmb #  here goes the selected currency in step 1 ?>
+      <th align="right" id="currency_label_column"><?lsmb text('Currency') ?>:</th>
+      <td id="currency_column"><?lsmb PROCESS label element_data=curr ?></td>
+     </tr>
+     <?lsmb # here goes the exchange rate of the selected currency, it can be done by the ajax script or the update button ?>
+     <?lsmb  IF defaultcurrency.text != curr.text # Only process element if one exists. ?>
+      <tr id="exrate_row">
+       <th valig="top" align="right" id="exrate_label_column"><?lsmb text('Exchange Rate') ?>:</th>
+       <td id="exrate_column">
+        <?lsmb  IF date_curr.value ?>
+         <?lsmb  date_curr.text ?>
+        <?lsmb  END ?>
+        <?lsmb  IF !date_curr.value ?>
+         <?lsmb PROCESS input element_data=date_curr ?>
+        <?lsmb  END ?>
+       </td>
+      </tr>
+     <?lsmb END ?>
+    </table>
+   </td>
+  </tr>
+ </table>
+ <table width="100%" border="1">
+  <tr class="listheading">
+   <?lsmb FOREACH column IN column_headers  # Loop through columns ?>
+   <th class="listheading"><?lsmb column.text ?></th>
+   <?lsmb END ?>
+  </tr>
+  <?lsmb # We have to clear i for later usage :)  ?>
+  <?lsmb i = '0' ?>
+  <?lsmb FOREACH row IN rows ?>
+  <?lsmb i = i + 1; j = i % 2; alterning_style = "listrow$j" ?>
+  <tr class="<?lsmb alterning_style ?>"=>
+    <td><a href="<?lsmb row.invoice.href ?>"><?lsmb row.invoice.number ?></a>
+        <input type="hidden" value="<?lsmb row.invoice.id ?>" />                 </td>
+    <?lsmb # we can use an href to link this invoice number to the invoice ?>
+    <td><?lsmb row.invoice_date ?></td>
+    <td><?lsmb row.amount ?></td>
+    <td><?lsmb row.paid ?></td>
+    <td><?lsmb row.due ?></td>
+    <?lsmb IF defaultcurrency.text != curr.text ?>
+    <td><?lsmb row.exchange_rate ?></td>
+    <td><?lsmb row.due_fx ?></td>
+    <td><div id="<?lsmb "div_topay_invoice_$i" ?>"><?lsmb row.topay ?></div></td>
+    <?lsmb END ?> 
+    <?lsmb #This should be computed and updated to the div using  ?> 
+    <td><?lsmb PROCESS input  element_data=row.topay_fx ?><div id="<?lsmb "div_topay_$i" ?>">
+    <hr />  
+    <table>
+     <tr id="<?lsmb "account-row$i"?>">
+      <?lsmb # here goes all the posible accounts were the paid can be  done ?>
+      <th align="right" nowrap id="<?lsmb "account_label_column$i" ?>"><?lsmb text('Account') ?></th>
+      <td colspan="2" id="<?lsmb "account_column$i" ?>"><?lsmb PROCESS select element_data=account ?></td>
+     </tr>
+     <tr id="<?lsmb "source_row$i" ?>">
+      <?lsmb # here goes all the posible sources wich we can used ?>
+      <th align="right" nowrap id="<?lsmb "source_label_column$i" ?>"><?lsmb text('Source') ?></th>
+      <td width="28%" id="<?lsmb "source_column$i" ?>"><?lsmb PROCESS select element_data=source ?></td>
+      <td><?lsmb PROCESS input element_data=source_text ?></td>   
+      <td nowrap align="left"><input  name="<?lsmb "optionalpay_$i" ?>" type="checkbox"  class="checkbox"></td>
+     </tr>
+    </table>
+   </div>
+   <?lsmb END ?>
+  </table>
+  <hr />
+  <?lsmb PROCESS button element_data=post ?>
+  <?lsmb PROCESS button element_data=post_and_print ?>
+  <?lsmb PROCESS select element_data=format ?>
+  <?lsmb PROCESS select element_data=media ?>
+  </form>
+ </body>
+</html>
diff --git a/UI/payments/payment1.html b/UI/payments/payment1.html
index d064ad0e..50fa1ca9 100644
--- a/UI/payments/payment1.html
+++ b/UI/payments/payment1.html
@@ -17,7 +17,7 @@
 
 <form name="search" method="post" action="payment.pl">
 	
-<?lsmb PROCESS elements.html  # Include form elements helper. ?>
+<?lsmb PROCESS '../elements.html'  # Include form elements helper. ?>
 
 <?lsmb PROCESS input element_data=sort ?>
 <?lsmb PROCESS input element_data=nextsub ?>
diff --git a/UI/payments/payment2.html b/UI/payments/payment2.html
index 502cb859..d395b170 100644
--- a/UI/payments/payment2.html
+++ b/UI/payments/payment2.html
@@ -14,7 +14,7 @@
 <body id="payment_2_body">
  <form name="pay_single_dues" method="post" action="payment.pl">
 
- <?lsmb PROCESS elements.html  # Include form elements helper. ?>
+ <?lsmb PROCESS ../elements.html  # Include form elements helper. ?>
 
  <table width=100%>
   <tr id="top_bar" class="listtop">
@@ -158,4 +158,4 @@
   <?lsmb PROCESS select element_data=media ?>
   </form>
  </body>
-</html>
-\ No newline at end of file
+</html>
diff --git a/scripts/payment.pl b/scripts/payment.pl
index ae476a9b..01e32fc7 100644
--- a/scripts/payment.pl
+++ b/scripts/payment.pl
@@ -157,6 +157,7 @@ my $template;
   $template = LedgerSMB::Template->new(
   user     => $request->{_user},
   locale   => $request->{_locale},
+#  path     => 'UI/payments',
   path     => 'UI',
   template => 'payment1',
   format => 'HTML', );
@@ -362,7 +363,8 @@ my $select = {
 my $template = LedgerSMB::Template->new(
   user     => $request->{_user},
   locale   => $request->{_locale},
-  path     => 'UI',
+#  path     => 'UI/payments',
+  path => 'UI',
   template => 'payment2',
   format => 'HTML' );
 eval {$template->render($select) };
diff --git a/sql/modules/Roles.sql b/sql/modules/Roles.sql
index 126f4d2f..a44ebcf4 100644
--- a/sql/modules/Roles.sql
+++ b/sql/modules/Roles.sql
@@ -1366,3 +1366,13 @@ lsmb_<?lsmb dbname ?>__create_project_translation;
 
 GRANT SELECT ON custom_field_catalog TO public;
 GRANT SELECT ON custom_table_catalog TO public;
+
+-- Grants to all users;
+GRANT ALL ON defaults TO public;
+GRANT ALL ON "session" TO public;
+GRANT ALL ON session_session_id_seq TO PUBLIC;
+GRANT SELECT ON users TO public;
+GRANT SELECT ON user_preference TO public;
+GRANT SELECT ON custom_table_catalog TO PUBLIC;
+GRANT SELECT ON custom_field_catalog TO PUBLIC;
+grant select on menu_node, menu_attribute, menu_acl to public;