<?php
/*
	cancelf.php

	phpInvoice - is easy-to-use Web-based multilingual accounting software.
	Copyright (C) 2001 - 2008 Edy Corak < phprechnung at ecorak dot net >

	This program is free software; you can redistribute it and/or modify
	it under the terms of the GNU General Public License as published by
	the Free Software Foundation; either version 2 of the License, or
	(at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

	You should have received a copy of the GNU General Public License
	along with this program; if not, write to the Free Software
	Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
*/

require_once("../include/phprechnung.inc.php");
require_once("../include/smarty.inc.php");
CheckUser();
CheckAdminGroup1();
CheckSession();

if(isset($_REQUEST['myID']))
{
	$myID = $_REQUEST['myID'];
}
if(isset($_REQUEST['offerID']))
{
	$offerID = $_REQUEST['offerID'];
}
if(isset($_REQUEST['page']))
 {
	$page = $_REQUEST['page'];
}
if(isset($_REQUEST['infoID']))
{
	$infoID = $_REQUEST['infoID'];
}
if(isset($_REQUEST['OfferID1']))
{
	$OfferID1 = $_REQUEST['OfferID1'];
}
if(isset($_REQUEST['CustomerID1']))
{
	$CustomerID1 = $_REQUEST['CustomerID1'];
}
if(isset($_REQUEST['DateFrom1']))
{
	$DateFrom1 = $_REQUEST['DateFrom1'];
}
if(isset($_REQUEST['DateTill1']))
{
	$DateTill1 = $_REQUEST['DateTill1'];
}
if(isset($_REQUEST['Total1']))
{
	$Total1 = $_REQUEST['Total1'];
}
if(isset($_REQUEST['Customer1']))
{
	$Customer1 = $_REQUEST['Customer1'];
}
if(isset($_REQUEST['Order']))
{
	$Order = $_REQUEST['Order'];
}
if(isset($_REQUEST['Sort']))
{
	$Sort = $_REQUEST['Sort'];
}
if(isset($_REQUEST['Canceled']))
{
	$Canceled = $_REQUEST['Canceled'];
	$smarty->assign("Canceled","$Canceled");
}

$Searchstring = "OfferID1=$OfferID1&CustomerID1=$CustomerID1&DateFrom1=$DateFrom1&DateTill1=$DateTill1&Total1=$Total1&Customer1=$Customer1";

// Database connection
//
DBConnect();

// Get Offer Information
//
$query = $db->GetAll("SELECT OFFERID, INVOICEID, CREATEDBY FROM {$TBLName}offer WHERE OFFERID=$offerID");

// If an error has occurred, display the error message
//
if (!$query)
	print($db->ErrorMsg());
else
	foreach($query as $f)
	{
		$OfferID = $f['OFFERID'];
		$invoiceID = $f['INVOICEID'];
		$CreatedBy = $f['CREATEDBY'];
	}

function UserInput()
{
	global $smarty, $offerID, $page, $myID, $infoID, $OfferID1, $Customer1, $DateFrom1, $DateTill1, $CustomerID1, $Total1, $Order, $Sort;
	$smarty->assign("offerID","$offerID");
	$smarty->assign("page","$page");
	$smarty->assign("myID","$myID");
	$smarty->assign("infoID","$infoID");
	$smarty->assign("OfferID1","$OfferID1");
	$smarty->assign("CustomerID1","$CustomerID1");
	$smarty->assign("DateFrom1","$DateFrom1");
	$smarty->assign("DateTill1","$DateTill1");
	$smarty->assign("Total1","$Total1");
	$smarty->assign("Customer1","$Customer1");
	$smarty->assign("Order","$Order");
	$smarty->assign("Sort","$Sort");
}

if(isset($_SESSION['Username']) && $_SESSION['Username'] != $root && $_SESSION['Username'] != $CreatedBy)
{
	$_SESSION['LastSite'] = $_SERVER['PHP_SELF'].'?'.$_SERVER['argv'][0];
	$_SESSION['logoutid'] = "5";
	Header("Location: $web/login/sustart.php?$sessname=$sessid");
} else {
	// Check if there are any invoices depend on this offer
	//
	$query1 = $db->Execute("SELECT INVOICEID FROM {$TBLName}invoice WHERE INVOICEID=$invoiceID");
	$numrows1 = $query1->RowCount();
	if (!$numrows1)
	{
		// Cancel the selected offer
		//
		$query2 = "UPDATE {$TBLName}offer SET CANCELED=1 WHERE OFFERID=$offerID";

		if ($db->Execute($query2) === false)
		{
			die($db->ErrorMsg());
		}

		$query3 = "INSERT INTO {$TBLName}syslog (SYSLOGID, CREATED, DESCRIPTION, CREATEDBY, USERGROUP1, USERGROUP2)";
		$query3 .= "VALUES(NULL, '$CurrentDateTime', 'Offer-No.: $offerID for Customer-No.: $myID was CANCELED by user $_SESSION[Username] (uid=$_SESSION[UserID]) from $IPAddress.', 'admin', '1', '2')";
		if ($db->Execute($query3) === false)
		{
			die($db->ErrorMsg());
		}

		$_SESSION['CancelID'] = "1";
	
		if($infoID == '9')
			Header("Location: $web/offer/searchlist.php?page=$page&offerID=$offerID&myID=$myID&$Searchstring&Order=$Order&Sort=$Sort&Canceled=$Canceled&$sessname=$sessid#$offerID");
		if(empty($infoID))
			Header("Location: $web/offer/list.php?page=$page&offerID=$offerID&myID=$myID&Order=$Order&Sort=$Sort&Canceled=$Canceled&$sessname=$sessid#$offerID");
	} else {
		// Display message invoice issued
		//
		$smarty->assign("FieldError","$a[entry_not_deleted] <br />$a[invoice_issued]");
		UserInput();
		$smarty->display('offer/cancelf.tpl');
	}
}
?>