From 03bfa825f47a35ff8fac5c9a0ffa95107687901c Mon Sep 17 00:00:00 2001
From: einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46>
Date: Thu, 13 Dec 2007 21:27:59 +0000
Subject: Added a routine to sanitize the CGI variables.  Needed for some CSV
 exports routines.

git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@1978 4979c152-3d1c-0410-bac9-87ea11338e46
---
 LedgerSMB.pm                     | 13 +++++++++++++
 LedgerSMB/DBObject/Payment.pm    | 24 ++++++++++++++++--------
 UI/payments/check_job.html       |  6 ++----
 UI/payments/payments_detail.html | 26 ++++++++++++++++++--------
 UI/payments/payments_filter.html | 13 +++----------
 sql/modules/Payment.sql          | 15 ++++++---------
 sql/modules/Voucher.sql          | 25 +++++++++++++++++++++++++
 7 files changed, 83 insertions(+), 39 deletions(-)

diff --git a/LedgerSMB.pm b/LedgerSMB.pm
index 49126940..30c3b2b8 100755
--- a/LedgerSMB.pm
+++ b/LedgerSMB.pm
@@ -94,6 +94,11 @@ non-numbers.
 Copies the given key=>vars to $self. Allows for finer control of 
 merging hashes into self.
 
+=item remove_cgi_globals()
+
+Removes all elements starting with a . because these elements conflict with the
+ability to hide the entire structure for things like CSV lookups.
+
 =back
 
 =head1 Copyright (C) 2006, The LedgerSMB core team.
@@ -796,6 +801,14 @@ sub set {
 
 }
 
+sub remove_cgi_globals {
+    my ($self) = @_;
+    for my $key (keys %$self){
+        if ($key =~ /^\./){
+            delete $self->{key}
+        }
+    }
+}
 1;
 
 
diff --git a/LedgerSMB/DBObject/Payment.pm b/LedgerSMB/DBObject/Payment.pm
index 8bf22ee9..2d4ced79 100644
--- a/LedgerSMB/DBObject/Payment.pm
+++ b/LedgerSMB/DBObject/Payment.pm
@@ -75,6 +75,11 @@ sub get_metadata {
     );
     @{$self->{debt_accounts}} = $self->exec_method(
 		funcname => 'chart_get_ar_ap');
+    @{$self->{cash_accounts}} = $self->exec_method(
+		funcname => 'chart_list_cash');
+    for my $ref(@{$self->{cash_accounts}}){
+        $ref->{text} = "$ref->{accno}--$ref->{description}";
+    }
 }
 
 sub get_open_accounts {
@@ -351,8 +356,6 @@ This method sets appropriate project, department, etc. fields.
 
 sub get_payment_detail_data {
     my ($self) = @_;
-    @{$self->{cash_accounts}} = $self->exec_method(
-		funcname => 'chart_list_cash');
     $self->get_metadata();
 
     my $source_inc;
@@ -385,11 +388,17 @@ sub get_payment_detail_data {
 sub post_bulk {
     my ($self) = @_;
     my $total_count = 0;
-    my ($ref) = $self->callproc(
+    my ($ref) = $self->call_procedure(
           procname => 'setting_get', 
           args     => ['queue_payments'],
     );
     my $queue_payments = $ref->{setting_get};
+    if ($queue_payments){
+        my ($job_ref) = $self->exec_method(
+                 funcname => 'job__create'
+        );
+        $self->{job_id} = $job_ref->{job__create};
+    }
     $self->{payment_date} = $self->{datepaid};
     for my $contact_row (1 .. $self->{contact_count}){
         my $contact_id = $self->{"contact_$contact_row"};
@@ -414,12 +423,11 @@ sub post_bulk {
         $self->{transactions} = $invoice_array;
 	$self->{source} = $self->{"source_$contact_id"};
         if ($queue_payments){
-             my ($job_ref) = $self->exec_method(
-                 funcname => 'job__create'
-             );
-             $self->{job_id} = $job_ref->{job__create};
              $self->exec_method(
-                 funcname => 'payment_bulk_queue_entry'
+                 funcname => 'payment_bulk_queue'
+             );
+             ($self->{job}) = $self->exec_method(
+		funcname => 'job__status'
              );
         } else {
             $self->exec_method(funcname => 'payment_bulk_post');
diff --git a/UI/payments/check_job.html b/UI/payments/check_job.html
index 18f786cc..b59caeab 100644
--- a/UI/payments/check_job.html
+++ b/UI/payments/check_job.html
@@ -6,7 +6,7 @@
 		]
 		titlebar = text('Checking Job') # '
 		refresh = {
-			url = "payment.pl?job_id=${job_id}&account_class=${account_class}"
+			url = "payment.pl?job_id=${job_id}&account_class=${account_class}&action=check_job"
 			delay = 20
 		}
 ?>
@@ -18,19 +18,17 @@
 	ELSE;
 		text('Status: Complete');
 	END ?></div>
-   <?lsmb IF job.completed ?>
+   <?lsmb IF ! job.completed ?>
    <div class="info">
 	<?lsmb IF job.success;
 		text('Completed Successfully');
 	ELSE;
 		text('Job Failed');
 	END ?></div>
-	<?lsmb IF ! job.success ?>
   <div class="info">
 	<?lsmb text('Error:') ?><br />
 	<?lsmb job.error_condition ?>
   </div>
-	<?lsmb END # if ! job.success ?>
   <?lsmb END # if job.completed ?>
 </body>
 </html>
diff --git a/UI/payments/payments_detail.html b/UI/payments/payments_detail.html
index f926c041..0e931ddc 100644
--- a/UI/payments/payments_detail.html
+++ b/UI/payments/payments_detail.html
@@ -137,14 +137,18 @@
 	<?lsmb END # foreach b ?></span>
     </div>
     <?lsmb END # if business ?>
-    <div class="input" id="cash_account_div">
-	<select name="cash_accno" id="cash_account">
-	<?lsmb FOREACH a = cash_accounts ?>
-	<option value="<?lsmb a.accno ?>">
-		<?lsmb a.accno ?>--<?lsmb a.description ?>
-	</option>
-	<?lsmb END # foreach a ?>
-	</select>
+    <div class="info" id="cash_account_div">
+	<?lsmb INCLUDE input element_data = {
+		type = "hidden"
+		name = "cash_accno"
+		value = cash_accno
+	} ?>
+	<label><?lsmb text('Pay From') ?></label>
+	<?lsmb FOR c = cash_accounts -?>
+		<?lsmb IF c.accno == cash_accno -?>
+		<?lsmb c.accno ?>--<?lsmb c.description ?>
+		<?lsmb END # if c.accno -?>
+	<?lsmb END # for c -?>
     </div>
     <table id="payments_table">
     <tr class="listheading">
@@ -270,6 +274,12 @@
 	class = "submit"
 	name = 'action'
 	} ?>
+    <?lsmb INCLUDE button element_data = {
+	text = text('Add Payment Fees') # '
+	value = 'paycom_add_fees'
+	class = 'submit'
+	name = 'action'
+	} ?>
   </form>
  </body>
 </html>
diff --git a/UI/payments/payments_filter.html b/UI/payments/payments_filter.html
index 6ae341dd..c92a57c2 100644
--- a/UI/payments/payments_filter.html
+++ b/UI/payments/payments_filter.html
@@ -105,22 +105,15 @@
 </select>
 </div>
 </div>
-<div class="listtop">
-	<!-- <?lsmb INCLUDE select element_data = {
+<div class="listtop"><?lsmb text('Payment Processing') ?></div>
+	<?lsmb INCLUDE select element_data = {
 		name = "cash_accno"
 		default_values = [cash_accno]
 		options = cash_accounts
 		value_attr = "accno"
 		text_attr = "text"
 		label = text('Pay From:') # '
-	} ?> -->
-	<select name="cash_accno" id="cash_account">
-	<?lsmb FOREACH a = cash_accounts ?>
-	<option value="<?lsmb a.accno ?>">
-		<?lsmb a.accno ?>--<?lsmb a.description ?>
-	</option>
-	<?lsmb END # foreach a ?>
-	</select>
+	} ?> 
 <div class = "input">
 <?lsmb INCLUDE input element_data = {
 	type = "text"
diff --git a/sql/modules/Payment.sql b/sql/modules/Payment.sql
index f48bd22f..77a48045 100644
--- a/sql/modules/Payment.sql
+++ b/sql/modules/Payment.sql
@@ -207,10 +207,6 @@ This then returns a set of contact information with a 2 dimensional array
 cnsisting of outstanding invoices.
 $$;
 
-CREATE OR REPLACE FUNCTION payment_create_queue_entry() RETURNS int AS
-$$
-$$ LANGUAGE PLPGSQL;
-
 CREATE OR REPLACE FUNCTION payment_bulk_queue
 (in_transactions numeric[], in_batch_id int, in_source text, in_total numeric,
 	in_ar_ap_accno text, in_cash_accno text, 
@@ -233,21 +229,22 @@ $$ LANGUAGE PLPGSQL;
 CREATE OR REPLACE FUNCTION job__process_payment(in_job_id int)
 RETURNS bool AS $$
 DECLARE 
-	queue_record RECORD
-	t_auth_name text,
+	queue_record RECORD;
+	t_auth_name text;
 BEGIN
 	-- TODO:  Move the set session authorization into a utility function
-	SELECT created_by INTO t_auth_name FROM pending_jobs
+	SELECT entered_by INTO t_auth_name FROM pending_job
 	WHERE id = in_job_id;
 
-	EXECUTE 'SET SESSION AUTHORIZATION ' quote_ident(t_auth_name);
+	EXECUTE 'SET SESSION AUTHORIZATION ' || quote_ident(t_auth_name);
 
 	FOR queue_record IN
 		SELECT * from payments_queue WHERE job_id = in_job_id
 	LOOP
 		PERFORM payment_bulk_post
 		(transactions, batch_id, source, total, ar_ap_accno, cash_accno,
-			payment_date, account_class);
+			payment_date, account_class)
+		FROM payments_queue WHERE job_id = in_job_id;
 	END LOOP;
 		UPDATE pending_job
 		SET completed_at = timeofday()::timestamp,
diff --git a/sql/modules/Voucher.sql b/sql/modules/Voucher.sql
index 5227a848..0633ab5d 100644
--- a/sql/modules/Voucher.sql
+++ b/sql/modules/Voucher.sql
@@ -221,3 +221,28 @@ BEGIN
 	return currval('batch_id_seq');
 END;	
 $$ LANGUAGE PLPGSQL;
+
+CREATE OR REPLACE FUNCTION batch_delete(in_batch_id int) RETURNS int AS
+$$
+DECLARE 
+	t_transaction_ids int[];
+BEGIN
+
+	-- voucher_id is only set in acc_trans on payment/receipt vouchers and
+	-- their reversals. -CT
+	DELETE FROM acc_trans WHERE voucher_id IN 
+		(select voucher_id FROM voucher where batch_id = in_batch_id);
+
+	SELECT as_array(trans_id) INTO t_transaction_ids
+	FROM voucher WHERE batch_id = in_batch_id AND batch_class IN (1, 2, 5);
+
+	DELETE FROM acc_trans WHERE trans_id = ANY(t_transaction_ids);
+	DELETE FROM ap WHERE id = ANY(t_transaction_ids);
+	DELETE FROM gl WHERE id = ANY(t_transaction_ids);
+	DELETE FROM voucher WHERE batch_id = in_batch_id;
+	DELETE FROM batch WHERE id = in_batch_id;
+	DELETE FROM transactions WHERE id = ANY(t_transaction_ids);
+
+	RETURN 1;
+END;
+$$ language plpgsql;
-- 
cgit v1.2.3