diff options
Diffstat (limited to 'LedgerSMB')
| -rwxr-xr-x | LedgerSMB/Form.pm | 21 | ||||
| -rwxr-xr-x | LedgerSMB/IC.pm | 36 | ||||
| -rwxr-xr-x | LedgerSMB/RC.pm | 80 |
3 files changed, 117 insertions, 20 deletions
diff --git a/LedgerSMB/Form.pm b/LedgerSMB/Form.pm index 4865e198..cd30803b 100755 --- a/LedgerSMB/Form.pm +++ b/LedgerSMB/Form.pm @@ -523,6 +523,23 @@ sub callproc { @results; } +sub get_my_emp_num { + my ($self, $myconfig, $form) = @_; + %myconfig = %{$myconfig}; + my $dbh = $form->{dbh}; + # we got a connection, check the version + my $query = qq| + SELECT employeenumber FROM employee + WHERE login = ?|; + my $sth = $dbh->prepare($query); + $sth->execute($form->{login}) || $form->dberror($query); + $sth->execute; + + my ($id) = $sth->fetchrow_array; + $sth->finish; + $form->{'emp_num'} = $id; +} + sub parse_template { my ($self, $myconfig, $userspath) = @_; @@ -1297,8 +1314,8 @@ sub db_init { } sub run_custom_queries { - my $dbh = $self->{dbh}; my ($self, $tablename, $query_type, $linenum) = @_; + my $dbh = $self->{dbh}; if ($query_type !~ /^(select|insert|update)$/i){ $self->error($locale->text( "Passed incorrect query type to get_cutstom_queries." @@ -1379,7 +1396,7 @@ sub run_custom_queries { } elsif ($query_type eq 'SELECT'){ for (@rc){ $query = shift @{$_}; - $sth = $form->{dbh}->prepare($query); + $sth = $self->{dbh}->prepare($query); $sth->execute($form->{id}); $ref = $sth->fetchrow_hashref(NAME_lc); for (keys %{$ref}){ diff --git a/LedgerSMB/IC.pm b/LedgerSMB/IC.pm index ebf9f429..32c409ec 100755 --- a/LedgerSMB/IC.pm +++ b/LedgerSMB/IC.pm @@ -38,7 +38,7 @@ sub get_part { my ($self, $myconfig, $form) = @_; # connect to db - my $dbh = $form->dbconnect($myconfig); + my $dbh = $form->{dbh}; my $i; my $query = qq|SELECT p.*, @@ -80,11 +80,11 @@ sub get_part { FROM parts p JOIN assembly a ON (a.parts_id = p.id) LEFT JOIN partsgroup pg ON (p.partsgroup_id = pg.id) - WHERE a.id = $form->{id} + WHERE a.id = ? |; $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); + $sth->execute($form->{id}) || $form->dberror($query); $form->{assembly_rows} = 0; while (my $ref = $sth->fetchrow_hashref(NAME_lc)) { @@ -106,10 +106,10 @@ sub get_part { if ($form->{makemodel} ne "") { $query = qq|SELECT make, model FROM makemodel - WHERE parts_id = $form->{id}|; + WHERE parts_id = ?|; $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); + $sth->execute($form->{id}) || $form->dberror($query); while ($ref = $sth->fetchrow_hashref(NAME_lc)) { push @{ $form->{makemodels} }, $ref; @@ -122,10 +122,10 @@ sub get_part { $query = qq|SELECT c.accno FROM chart c, partstax pt WHERE pt.chart_id = c.id - AND pt.parts_id = $form->{id}|; + AND pt.parts_id = ?|; $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); + $sth->execute($form->{id}) || $form->dberror($query); while (($key) = $sth->fetchrow_array) { $form->{amount}{$key} = $key; @@ -133,22 +133,23 @@ sub get_part { $sth->finish; + my $id = $dbh->quote($form->{id}); # is it an orphan $query = qq|SELECT parts_id FROM invoice - WHERE parts_id = $form->{id} + WHERE parts_id = $id UNION SELECT parts_id FROM orderitems - WHERE parts_id = $form->{id} + WHERE parts_id = $id UNION SELECT parts_id FROM assembly - WHERE parts_id = $form->{id} + WHERE parts_id = $id UNION SELECT parts_id FROM jcitems - WHERE parts_id = $form->{id}|; + WHERE parts_id = $id ($form->{orphaned}) = $dbh->selectrow_array($query); $form->{orphaned} = !$form->{orphaned}; @@ -166,11 +167,11 @@ sub get_part { pv.lastcost, pv.leadtime, pv.curr AS vendorcurr FROM partsvendor pv JOIN vendor v ON (v.id = pv.vendor_id) - WHERE pv.parts_id = $form->{id} + WHERE pv.parts_id = ? ORDER BY 2|; $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); + $sth->execute($form->{id}) || $form->dberror($query); while ($ref = $sth->fetchrow_hashref(NAME_lc)) { push @{ $form->{vendormatrix} }, $ref; @@ -187,18 +188,18 @@ sub get_part { FROM partscustomer pc LEFT JOIN customer c ON (c.id = pc.customer_id) LEFT JOIN pricegroup g ON (g.id = pc.pricegroup_id) - WHERE pc.parts_id = $form->{id} + WHERE pc.parts_id = ? ORDER BY c.name, g.pricegroup, pc.pricebreak|; $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); + $sth->execute($form->{id}) || $form->dberror($query); while ($ref = $sth->fetchrow_hashref(NAME_lc)) { push @{ $form->{customermatrix} }, $ref; } $sth->finish; } - - $dbh->disconnect; + + $form->get_custom_queries('parts', 'SELECT'); } @@ -492,6 +493,7 @@ sub save { my $rc = $dbh->commit; $dbh->disconnect; + $form->get_custom_queries('parts', 'UPDATE'); $rc; } diff --git a/LedgerSMB/RC.pm b/LedgerSMB/RC.pm index e1c3a144..47a8a4c4 100755 --- a/LedgerSMB/RC.pm +++ b/LedgerSMB/RC.pm @@ -33,12 +33,90 @@ package RC; + +sub getposlines{ + my ($self, $myconfig, $form) = @_; + %pos_config = %{$form->{pos_config}}; + %pos_sources = %{$form->{pos_sources}}; + my $sources = ''; + foreach $key (keys %pos_sources){ + $sources .= ", '$key'"; + } + $sources =~ s/^,\s*//; + my $dbh = $form->{dbh}; + + # Considering the query below to be safe since all variables are from config + # files rather than user input. + my $query = qq| + SELECT sum(amount) AS amount, source FROM acc_trans + WHERE chart_id = + (SELECT id FROM chart WHERE accno = '$pos_config{till_accno}') + AND transdate = date 'NOW' + AND cleared IS NOT TRUE + GROUP BY source + |; + my $sth = $dbh->prepare($query); + $sth->execute || $form->dberror($query); + while (my $ref = $sth->fetchrow_hashref(NAME_lc)) { + push @{$form->{TB}}, $ref; + } + $sth->finish; + my $query = qq| + SELECT sum(amount) AS sum FROM acc_trans + WHERE chart_id = + (SELECT id FROM chart WHERE accno = '$pos_config{till_accno}') + AND transdate = date 'NOW' + AND cleared IS NOT TRUE + |; + my $sth = $dbh->prepare($query); + $sth->execute || $form->dberror($query); + my $ref = $sth->fetchrow_hashref(NAME_lc); + $form->{sum} = $ref->{sum}; + $sth->finish; +} + +sub clear_till { + my ($self, $myconfig, $form) = @_; + %pos_config = %{$form->{pos_config}}; + %pos_sources = %{$form->{pos_sources}}; + my $sources = ''; + foreach $key (keys %pos_sources){ + $sources .= ", '$key'"; + } + $sources =~ s/^,\s//; + my $dbh = $form->{dbh}; + my $query = qq| + UPDATE acc_trans + SET cleared = TRUE + WHERE chart_id = + (SELECT id FROM chart WHERE accno = '$pos_config{till_accno}') + AND transdate = date 'NOW' + |; + my $sth = $dbh->prepare($query); + $sth->execute || $form->dberror($query); +} + +sub getbalance{ + my ($self, $myconfig, $form) = @_; + my $dbh = $form->{dbh}; + + my $query = qq|SELECT sum(amount) AS balance + FROM acc_trans + WHERE chart_id = + (SELECT id FROM chart WHERE accno = '$form->{accno}')|; + + my $sth = $dbh->prepare($query); + $sth->execute || $form->dberror($query); + my $ref = $sth->fetchrow_hashref(NAME_lc); + $form->{balance} = $ref->{balance}; +} + sub paymentaccounts { my ($self, $myconfig, $form) = @_; # connect to database - my $dbh = $form->dbconnect($myconfig); + my $dbh = $form->{dbh}; my $query = qq|SELECT accno, description FROM chart |