Location: PHPKode > projects > PhpRechnung > phpRechnung/invoice/editf.php
<?php
/*
	editf.php

	phpInvoice - is easy-to-use Web-based multilingual accounting software.
	Copyright (C) 2001 - 2008 Edy Corak < phprechnung at ecorak dot net >

	This program is free software; you can redistribute it and/or modify
	it under the terms of the GNU General Public License as published by
	the Free Software Foundation; either version 2 of the License, or
	(at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

	You should have received a copy of the GNU General Public License
	along with this program; if not, write to the Free Software
	Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
*/

require_once("../include/phprechnung.inc.php");
require_once("../include/smarty.inc.php");
CheckUser();
CheckSession();

if(isset($_POST['invoiceID']))
{
	$invoiceID = $_POST["invoiceID"];
}
if(isset($_POST['InvoiceDate']))
{
	$InvoiceDate = $_POST['InvoiceDate'];
}
if(isset($_POST['myID']))
{
	$myID = $_POST["myID"];
}
if(isset($_POST['infoID']))
{
	$infoID = $_POST["infoID"];
}
if(isset($_POST['page']))
{
	$page = $_POST["page"];
}
if(isset($_POST['messageID']))
{
	$messageID = $_POST['messageID'];
}
if(isset($_POST['InvoiceAmount']))
{
	$InvoiceAmount = ereg_replace(",", ".", $_POST['InvoiceAmount']);
}
if(isset($_POST['MethodOfPayment']))
{
	$MethodOfPayment = $_POST['MethodOfPayment'];
}
if(isset($_POST['MethodOfPaymentDate']))
{
	$MethodOfPaymentDate = $_POST['MethodOfPaymentDate'];
}
if(isset($_POST['Tax1Total']))
{
	$Tax1Total = ereg_replace(",", ".", $_POST['Tax1Total']);
}
if(isset($_POST['Tax2Total']))
{
	$Tax2Total = ereg_replace(",", ".", $_POST['Tax2Total']);
}
if(isset($_POST['Tax3Total']))
{
	$Tax3Total = ereg_replace(",", ".", $_POST['Tax3Total']);
}
if(isset($_POST['Tax4Total']))
{
	$Tax4Total = ereg_replace(",", ".", $_POST['Tax4Total']);
}
if(isset($_POST['Tax1Desc']))
{
	$Tax1Desc = $_POST['Tax1Desc'];
}
if(isset($_POST['Tax2Desc']))
{
	$Tax2Desc = $_POST['Tax2Desc'];
}
if(isset($_POST['Tax3Desc']))
{
	$Tax3Desc = $_POST['Tax3Desc'];
}
if(isset($_POST['Tax4Desc']))
{
	$Tax4Desc = $_POST['Tax4Desc'];
}
if(isset($_POST['InvoiceSubtotal1']))
{
	$InvoiceSubtotal1 = ereg_replace(",", ".", $_POST['InvoiceSubtotal1']);
}
if(isset($_POST['InvoiceSubtotal2']))
{
	$InvoiceSubtotal2 = ereg_replace(",", ".", $_POST['InvoiceSubtotal2']);
}
if(isset($_POST['InvoiceSubtotal3']))
{
	$InvoiceSubtotal3 = ereg_replace(",", ".", $_POST['InvoiceSubtotal3']);
}
if(isset($_POST['InvoiceSubtotal4']))
{
	$InvoiceSubtotal4 = ereg_replace(",", ".", $_POST['InvoiceSubtotal4']);
}
if(isset($_POST['InvoiceID1']))
{
	$InvoiceID1 = $_POST['InvoiceID1'];
}
if(isset($_POST['CustomerID1']))
{
	$CustomerID1 = $_POST['CustomerID1'];
}
if(isset($_POST['DateFrom1']))
{
	$DateFrom1 = $_POST['DateFrom1'];
}
if(isset($_POST['DateTill1']))
{
	$DateTill1 = $_POST['DateTill1'];
}
if(isset($_POST['Total1']))
{
	$Total1 = $_POST['Total1'];
}
if(isset($_POST['Customer1']))
{
	$Customer1 = $_POST['Customer1'];
}
if(isset($_POST['Order']))
{
	$Order = $_POST['Order'];
}
if(isset($_POST['Sort']))
{
	$Sort = $_POST['Sort'];
}
if(isset($_POST['CreatedBy']))
{
	$CreatedBy = $_POST['CreatedBy'];
}
if(isset($_POST['Note']))
{
	$Note = $_POST['Note'];
}
if(isset($_REQUEST['Canceled']))
{
	$Canceled = $_REQUEST['Canceled'];
	$smarty->assign("Canceled","$Canceled");
}

$Searchstring = "InvoiceID1=$InvoiceID1&CustomerID1=$CustomerID1&DateFrom1=$DateFrom1&DateTill1=$DateTill1&Total1=$Total1&Customer1=$Customer1";

function UserInput($mark)
{
	global $smarty, $page, $myID, $invoiceID, $infoID, $messageID, $InvoiceDate, $MethodOfPayment, $MethodOfPaymentDate,
	$Note, $Customer1, $CustomerID1, $InvoiceID1, $DateFrom1, $DateTill1, $Total1, $Order, $Sort, $Canceled;
	$smarty->assign("page","$page");
	$smarty->assign("invoiceID","$invoiceID");
	$smarty->assign("myID","$myID");
	$smarty->assign("infoID","$infoID");
	$smarty->assign("messageID","$messageID");
	$smarty->assign("InvoiceDate","$InvoiceDate");
	$smarty->assign("MethodOfPayment","$MethodOfPayment");
	$smarty->assign("MethodOfPaymentDate","$MethodOfPaymentDate");
	$smarty->assign("Note","$Note");
	$smarty->assign("InvoiceID1","$InvoiceID1");
	$smarty->assign("CustomerID1","$CustomerID1");
	$smarty->assign("DateFrom1","$DateFrom1");
	$smarty->assign("DateTill1","$DateTill1");
	$smarty->assign("Total1","$Total1");
	$smarty->assign("Customer1","$Customer1");
	$smarty->assign("Order","$Order");
	$smarty->assign("Sort","$Sort");
	$smarty->assign("Mark",$mark);
	$smarty->assign("Canceled",$Canceled);
}

list($day, $month, $year) = explode(".", $InvoiceDate);
list($day1, $month1, $year1) = explode(".", $MethodOfPaymentDate);

if (empty($myID))
{
	$smarty->assign("FieldError","$a[customer] - $a[field_error]");
	UserInput("Edit.Customer");
	$smarty->display('invoice/editf.tpl');
}
else if (empty($InvoiceDate))
{
	$smarty->assign("FieldError","$a[date_text] - $a[field_error]");
	UserInput("InvoiceD.InvoiceDate");
	$smarty->display('invoice/editf.tpl');
}
else if (!checkdate($month, $day, $year))
{
	$smarty->assign("FieldError","$a[date_text] - $a[field_error]");
	UserInput("InvoiceD.InvoiceDate");
	$smarty->display('invoice/editf.tpl');
}
else if(!empty($MethodOfPaymentDate) && $MethodOfPaymentDate != 0 && !checkdate($month1, $day1, $year1))
{
	$smarty->assign("FieldError","$a[date_text] - $a[field_error]");
	UserInput("MethodOfPayD.MethodOfPaymentDate");
	$smarty->display('invoice/editf.tpl');
}
else if ($InvoiceAmount < 0)
{
	$smarty->assign("FieldError","$a[invoice_amount] - $a[field_error]");
	UserInput("");
	$smarty->display('invoice/editf.tpl');
}
else if(isset($_SESSION['Username']) && $_SESSION['Username'] != $root && $_SESSION['Usergroup1'] != $admingroup_1 && $_SESSION['Usergroup2'] != $admingroup_2 && $_SESSION['Username'] != $CreatedBy)
{
	$_SESSION['LastSite'] = $_SERVER['PHP_SELF'].'?'.$_SERVER['argv'][0];
	$_SESSION['logoutid'] = "5";
	Header("Location: $web/login/sustart.php?$sessname=$sessid");
}
else
{
	// Database connection
	//
	DBConnect();

	$InvoiceDate = German_Mysql_Date($InvoiceDate);
	$MethodOfPaymentDate = German_Mysql_Date($MethodOfPaymentDate);

	$query = $db->GetAll("SELECT MESSAGEID, DESCRIPTION FROM {$TBLName}message WHERE MESSAGEID=$messageID");

	if (!$query)
		print($db->ErrorMsg());
	else
		foreach($query as $f)
		{
			$Message_Desc = $f['DESCRIPTION'];
		}

	$query1 = $db->GetAll("SELECT METHODOFPAYID, DESCRIPTION FROM {$TBLName}methodofpay WHERE METHODOFPAYID=$MethodOfPayment");

	if (!$query1)
		print($db->ErrorMsg());
	else
		foreach($query1 as $f1)
		{
			$MethodOfPayment_Desc = $f1['DESCRIPTION'];
		}

	$db->Execute("DELETE FROM {$TBLName}invoicepos WHERE INVOICEID=$invoiceID");

	$query2 = $db->GetAll("SELECT TMP_INVOICEID, POSITIONID, USERNAME, POS_DESC, POS_QUANTITY, POS_PRICE, POS_GROUP, TAX, TAX_MULTI, TAX_DIVIDE, TAX_DESC FROM {$TBLName}tmp_invoice WHERE USERNAME='$_SESSION[Username]' ORDER BY TMP_INVOICEID");

	if (!$query2)
		print($db->ErrorMsg());
	else
		foreach($query2 as $f)
		{
			$PosID = $f['POSITIONID'];
			$Pos_Desc = $f['POS_DESC'];
			$Pos_Quantity = $f['POS_QUANTITY'];
			$Pos_Price = $f['POS_PRICE'];
			$Pos_Group = $f['POS_GROUP'];
			$Tax = $f['TAX'];
			$Tax_Multi = $f['TAX_MULTI'];
			$Tax_Divide = $f['TAX_DIVIDE'];
			$Tax_Desc = $f['TAX_DESC'];

			$query3 = "INSERT INTO {$TBLName}invoicepos (INVOICEPOSID, MYID, INVOICEID, POSITIONID, POS_DESC, POS_QUANTITY, POS_PRICE, POS_GROUP, TAX, TAX_DESC, TAX_MULTI, TAX_DIVIDE)";
			$query3 .= "VALUES (NULL, '$myID', '$invoiceID', '$PosID', '$Pos_Desc', '$Pos_Quantity', '$Pos_Price', '$Pos_Group', '$Tax', '$Tax_Desc', '$Tax_Multi', '$Tax_Divide')";

			if ($db->Execute($query3) === false)
			{
				die($db->ErrorMsg());
			}

			$_SESSION['EditID'] = "1";
		}

	$db->Execute("DELETE FROM {$TBLName}tmp_invoice WHERE USERNAME='$_SESSION[Username]'");

	$query4 = "UPDATE {$TBLName}invoice SET MYID='$myID', INVOICE_DATE='$InvoiceDate', MESSAGEID='$messageID', MESSAGE_DESC='$Message_Desc', METHODOFPAYID='$MethodOfPayment', METHOD_OF_PAY='$MethodOfPayment_Desc', METHOD_OF_PAY_DATE='$MethodOfPaymentDate', TAX1_TOTAL='$Tax1Total', TAX2_TOTAL='$Tax2Total', TAX3_TOTAL='$Tax3Total', TAX4_TOTAL='$Tax4Total', TAX1_DESC='$Tax1Desc', TAX2_DESC='$Tax2Desc', TAX3_DESC='$Tax3Desc', TAX4_DESC='$Tax4Desc', SUBTOTAL1='$InvoiceSubtotal1', SUBTOTAL2='$InvoiceSubtotal2', SUBTOTAL3='$InvoiceSubtotal3', SUBTOTAL4='$InvoiceSubtotal4', TOTAL_AMOUNT='$InvoiceAmount', NOTE='$Note', MODIFIEDBY='$_SESSION[Username]', MODIFIED='$CurrentDateTime' WHERE INVOICEID=$invoiceID";

	if ($db->Execute($query4) === false)
	{
		die($db->ErrorMsg());
	}

	if($infoID == '9')
	{
		Header("Location: $web/invoice/searchlist.php?page=$page&myID=$myID&invoiceID=$invoiceID&Order=$Order&Sort=$Sort&Canceled=$Canceled&$Searchstring&$sessname=$sessid#$invoiceID");
	}
	else
	{
		Header("Location: $web/invoice/list.php?page=$pagec&myID=$myID&invoiceID=$invoiceID&Order=$Order&Sort=$Sort&Canceled=$Canceled&$sessname=$sessid#$invoiceID");
	}
}
?>
Return current item: PhpRechnung