<?php
/*
editf.php
phpInvoice - is easy-to-use Web-based multilingual accounting software.
Copyright (C) 2001 - 2008 Edy Corak < phprechnung at ecorak dot net >
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
require_once("../include/phprechnung.inc.php");
require_once("../include/smarty.inc.php");
CheckUser();
CheckSession();
if(isset($_POST['offerID']))
{
$offerID = $_POST["offerID"];
}
if(isset($_POST['OfferDate']))
{
$OfferDate = $_POST['OfferDate'];
}
if(isset($_POST['myID']))
{
$myID = $_POST["myID"];
}
if(isset($_POST['infoID']))
{
$infoID = $_POST["infoID"];
}
if(isset($_POST['invoiceID']))
{
$invoiceID = $_POST["invoiceID"];
}
if(isset($_POST['page']))
{
$page = $_POST["page"];
}
if(isset($_POST['messageID']))
{
$messageID = $_POST['messageID'];
}
if(isset($_POST['OfferAmount']))
{
$OfferAmount = ereg_replace(",", ".", $_POST['OfferAmount']);
}
if(isset($_POST['OfferStatus']))
{
$OfferStatus = $_POST['OfferStatus'];
}
if(isset($_POST['MethodOfPayment']))
{
$MethodOfPayment = $_POST['MethodOfPayment'];
}
if(isset($_POST['MethodOfPaymentDate']))
{
$MethodOfPaymentDate = $_POST['MethodOfPaymentDate'];
}
if(isset($_REQUEST['Note']))
{
$Note = $_REQUEST['Note'];
}
if(isset($_POST['Tax1Total']))
{
$Tax1Total = ereg_replace(",", ".", $_POST['Tax1Total']);
}
if(isset($_POST['Tax2Total']))
{
$Tax2Total = ereg_replace(",", ".", $_POST['Tax2Total']);
}
if(isset($_POST['Tax3Total']))
{
$Tax3Total = ereg_replace(",", ".", $_POST['Tax3Total']);
}
if(isset($_POST['Tax4Total']))
{
$Tax4Total = ereg_replace(",", ".", $_POST['Tax4Total']);
}
if(isset($_POST['Tax1Desc']))
{
$Tax1Desc = $_POST['Tax1Desc'];
}
if(isset($_POST['Tax2Desc']))
{
$Tax2Desc = $_POST['Tax2Desc'];
}
if(isset($_POST['Tax3Desc']))
{
$Tax3Desc = $_POST['Tax3Desc'];
}
if(isset($_POST['Tax4Desc']))
{
$Tax4Desc = $_POST['Tax4Desc'];
}
if(isset($_POST['OfferSubtotal1']))
{
$OfferSubtotal1 = ereg_replace(",", ".", $_POST['OfferSubtotal1']);
}
if(isset($_POST['OfferSubtotal2']))
{
$OfferSubtotal2 = ereg_replace(",", ".", $_POST['OfferSubtotal2']);
}
if(isset($_POST['OfferSubtotal3']))
{
$OfferSubtotal3 = ereg_replace(",", ".", $_POST['OfferSubtotal3']);
}
if(isset($_POST['OfferSubtotal4']))
{
$OfferSubtotal4 = ereg_replace(",", ".", $_POST['OfferSubtotal4']);
}
if(isset($_POST['OfferID1']))
{
$OfferID1 = $_POST['OfferID1'];
$smarty->assign("OfferID1","$OfferID1");
}
if(isset($_POST['CustomerID1']))
{
$CustomerID1 = $_POST['CustomerID1'];
$smarty->assign("CustomerID1","$CustomerID1");
}
if(isset($_POST['DateFrom1']))
{
$DateFrom1 = $_POST['DateFrom1'];
$smarty->assign("DateFrom1","$DateFrom1");
}
if(isset($_POST['DateTill1']))
{
$DateTill1 = $_POST['DateTill1'];
$smarty->assign("DateTill1","$DateTill1");
}
if(isset($_POST['Total1']))
{
$Total1 = $_POST['Total1'];
$smarty->assign("Total1","$Total1");
}
if(isset($_POST['Customer1']))
{
$Customer1 = $_POST['Customer1'];
$smarty->assign("Customer1","$Customer1");
}
if(isset($_POST['Order']))
{
$Order = $_POST['Order'];
$smarty->assign("Order",$Order);
}
if(isset($_POST['Sort']))
{
$Sort = $_POST['Sort'];
$smarty->assign("Sort",$Sort);
}
if(isset($_POST['CreatedBy']))
{
$CreatedBy = $_POST['CreatedBy'];
}
if(isset($_POST['Canceled']))
{
$Canceled = $_POST['Canceled'];
}
$Searchstring = "OfferID1=$OfferID1&CustomerID1=$CustomerID1&DateFrom1=$DateFrom1&DateTill1=$DateTill1&Total1=$Total1&Customer1=$Customer1";
function UserInput($mark)
{
global $smarty, $page, $myID, $offerID, $infoID, $messageID, $OfferDate, $MethodOfPayment, $MethodOfPaymentDate,
$Note, $OfferStatus, $Customer1, $CustomerID1, $OfferID1, $DateFrom1, $DateTill1, $Total1, $Order, $Sort, $Canceled;
$smarty->assign("page","$page");
$smarty->assign("offerID","$offerID");
$smarty->assign("myID","$myID");
$smarty->assign("infoID","$infoID");
$smarty->assign("messageID","$messageID");
$smarty->assign("OfferDate","$OfferDate");
$smarty->assign("OfferStatus","$OfferStatus");
$smarty->assign("MethodOfPayment","$MethodOfPayment");
$smarty->assign("MethodOfPaymentDate","$MethodOfPaymentDate");
$smarty->assign("Note","$Note");
$smarty->assign("OfferID1","$OfferID1");
$smarty->assign("CustomerID1","$CustomerID1");
$smarty->assign("DateFrom1","$DateFrom1");
$smarty->assign("DateTill1","$DateTill1");
$smarty->assign("Total1","$Total1");
$smarty->assign("Customer1","$Customer1");
$smarty->assign("Order","$Order");
$smarty->assign("Sort","$Sort");
$smarty->assign("Canceled","$Canceled");
$smarty->assign("Mark",$mark);
}
list($day, $month, $year) = explode(".", $OfferDate);
list($day1, $month1, $year1) = explode(".", $MethodOfPaymentDate);
if (empty($myID))
{
$smarty->assign("FieldError","$a[customer] - $a[field_error]");
UserInput("Edit.Customer");
$smarty->display('offer/editf.tpl');
}
else if (empty($OfferDate))
{
$smarty->assign("FieldError","$a[date_text] - $a[field_error]");
UserInput("OfferD.OfferDate");
$smarty->display('offer/editf.tpl');
}
else if (!checkdate($month, $day, $year))
{
$smarty->assign("FieldError","$a[date_text] - $a[field_error]");
UserInput("OfferD.OfferDate");
$smarty->display('offer/editf.tpl');
}
else if(!empty($MethodOfPaymentDate) && $MethodOfPaymentDate != 0 && !checkdate($month1, $day1, $year1))
{
$smarty->assign("FieldError","$a[date_text] - $a[field_error]");
UserInput("MethodOfPayD.MethodOfPaymentDate");
$smarty->display('offer/editf.tpl');
}
else if ($OfferAmount <= 0)
{
$smarty->assign("FieldError","$a[offer_amount] - $a[field_error]");
UserInput("");
$smarty->display('offer/editf.tpl');
}
else if(isset($_SESSION['Username']) && $_SESSION['Username'] != $root && $_SESSION['Usergroup1'] != $admingroup_1 && $_SESSION['Usergroup2'] != $admingroup_2 && $_SESSION['Username'] != $CreatedBy)
{
$_SESSION['LastSite'] = $_SERVER['PHP_SELF'].'?'.$_SERVER['argv'][0];
$_SESSION['logoutid'] = "5";
Header("Location: $web/login/sustart.php?$sessname=$sessid");
}
else
{
// Database connection
//
DBConnect();
$OfferDate = German_Mysql_Date($OfferDate);
$MethodOfPaymentDate = German_Mysql_Date($MethodOfPaymentDate);
$query = $db->GetAll("SELECT MESSAGEID, DESCRIPTION FROM {$TBLName}message WHERE MESSAGEID=$messageID");
if (!$query)
print($db->ErrorMsg());
else
foreach($query as $f)
{
$Message_Desc = $f['DESCRIPTION'];
}
$query1 = $db->GetAll("SELECT METHODOFPAYID, DESCRIPTION FROM {$TBLName}methodofpay WHERE METHODOFPAYID=$MethodOfPayment");
if (!$query1)
print($db->ErrorMsg());
else
foreach($query1 as $f1)
{
$MethodOfPayment_Desc = $f1['DESCRIPTION'];
}
$db->Execute("DELETE FROM {$TBLName}offerpos WHERE OFFERID=$offerID");
$query2 = $db->GetAll("SELECT POSITIONID, USERNAME, POS_DESC, POS_QUANTITY, POS_PRICE, POS_GROUP, TAX, TAX_MULTI, TAX_DIVIDE, TAX_DESC, TMP_OFFERID FROM {$TBLName}tmp_offer WHERE USERNAME='$_SESSION[Username]' ORDER BY TMP_OFFERID");
if (!$query2)
print($db->ErrorMsg());
else
foreach($query2 as $f)
{
$PosID = $f['POSITIONID'];
$Pos_Desc = $f['POS_DESC'];
$Pos_Quantity = $f['POS_QUANTITY'];
$Pos_Price = $f['POS_PRICE'];
$Pos_Group = $f['POS_GROUP'];
$Tax = $f['TAX'];
$Tax_Multi = $f['TAX_MULTI'];
$Tax_Divide = $f['TAX_DIVIDE'];
$Tax_Desc = $f['TAX_DESC'];
$query3 = "INSERT INTO {$TBLName}offerpos (OFFERPOSID, MYID, OFFERID, POSITIONID, POS_DESC, POS_QUANTITY, POS_PRICE, POS_GROUP, TAX, TAX_MULTI, TAX_DIVIDE, TAX_DESC)";
$query3 .= "VALUES (NULL, '$myID', '$offerID', '$PosID', '$Pos_Desc', '$Pos_Quantity', '$Pos_Price', '$Pos_Group', '$Tax', '$Tax_Multi', '$Tax_Divide', '$Tax_Desc')";
if ($db->Execute($query3) === false)
{
die($db->ErrorMsg());
}
$_SESSION['EditID'] = "1";
}
$db->Execute("DELETE FROM {$TBLName}tmp_offer WHERE USERNAME='$_SESSION[Username]'");
$query4 = "UPDATE {$TBLName}offer SET MYID='$myID', INVOICEID='$invoiceID', OFFER_DATE='$OfferDate', MESSAGEID='$messageID', MESSAGE_DESC='$Message_Desc', METHODOFPAYID='$MethodOfPayment', METHOD_OF_PAY='$MethodOfPayment_Desc', METHOD_OF_PAY_DATE='$MethodOfPaymentDate', TAX1_TOTAL='$Tax1Total', TAX2_TOTAL='$Tax2Total', TAX3_TOTAL='$Tax3Total', TAX4_TOTAL='$Tax4Total', TAX1_DESC='$Tax1Desc', TAX2_DESC='$Tax2Desc', TAX3_DESC='$Tax3Desc', TAX4_DESC='$Tax4Desc', SUBTOTAL1='$OfferSubtotal1', SUBTOTAL2='$OfferSubtotal2', SUBTOTAL3='$OfferSubtotal3', SUBTOTAL4='$OfferSubtotal4', TOTAL_AMOUNT='$OfferAmount', NOTE='$Note', MODIFIEDBY='$_SESSION[Username]', MODIFIED='$CurrentDateTime' WHERE OFFERID=$offerID";
if ($db->Execute($query4) === false)
{
die($db->ErrorMsg());
}
if($infoID == '9')
Header("Location: $web/offer/searchlist.php?page=$page&myID=$myID&offerID=$offerID&Order=$Order&Sort=$Sort&Canceled=$Canceled&$Searchstring&$sessname=$sessid#$offerID");
if(empty($infoID))
Header("Location: $web/offer/list.php?page=$pagec&myID=$myID&offerID=$offerID&Order=$Order&Sort=$Sort&Canceled=$Canceled&$sessname=$sessid#$offerID");
}
?>