Location: PHPKode > projects > Total ISP > total-isp/purchaseedit.php
<?
include "./auth.inc.php";
if ($security<90)
	die();

if ($supervisor){
	$approved=1;
	$save=1;
}

if ($save){
	if ($SupplierID == '0'){
		if (!$ABN)
			$e.="<P>Please Enter An ABN.";
		if (!$Company)
			$e.="<P>Please Enter a Company Name";
		
		#no names for now..
		$LastName=$Company;

		if (!$e){
			$isql = "INSERT INTO MasterAccounts(FirstName, LastName, Company, ABN,Address,Suburb,Postcode,PhoneWork,VISP,Supplier,Approved)
				VALUES('$FirstName','$LastName','$Company','$ABN','$Address','$Suburb','$Postcode','$PhoneWork',1,1,'$approved')";
			mysql_query($isql);
			if (mysql_error()){
				$e.="<P>";
				$e.=mysql_error();
			}else{
				$ssql = "SELECT LAST_INSERT_ID()";
				$sres = mysql_query($ssql);
				$SupplierID = mysql_result($sres,0);
			}

		}
	}elseif(!$SupplierID){
		$e.="<P>No Supplier Selected!";
	}

	if (!$PurchaseCode || $PurchaseCode=='0'){
		
		if ($CodeID > 0 && $CodeName){
			$cisql = "INSERT INTO PurchaseCodes(CodeID,CodeName) 
					VALUES('$CodeID','$CodeName')";
			mysql_query($cisql);
			if (mysql_error())
				$e.=mysql_error();
			$PurchaseCode=mysql_insert_id();
			
		}else{
			$e.="<P>Please Choose a Purchase Code";
		}
	}

	if (!$e){
		if ($Cost){
			if (!$GST){
				$excost = $Cost;
				$gst=0;
				if ($TotalCost){
					$gst=$TotalCost-$Cost;
				}
			}else{
				$excost=$Cost;
				$gst=$GST;
			}
		}elseif($GST){
			$gst=$GST;
			if ($TotalPrice){
				$excost=$TotalPrice-$GST;
			}else{
				$e.="<P>GST only makes no sense.";
			}

		}elseif($TotalPrice){
			$gst=$TotalPrice/11;
			$excost=$TotalPrice/1.1;
		}else{
			$e.="<P>Please Enter a Price or GST Charges.";
		}
	}

	if (!$e){
		$identity="$REMOTE_ADDR-$PHP_AUTH_USER";

		#if ($ItemOnly)
		#	$ItemOnly=1;
		if (!$PurchaseDate)
			$PurchaseDate="now()";
		else
			$PurchaseDate = "'".$PurchaseDate."'";		


		#$isql = "INSERT INTO Purchases(SupplierID,PurchaseDesc,Cost,GST,
		#PurchaseDate,Identifier,SupplierCode,ItemOnly) 
		#	VALUES('$SupplierID','$Purchase','$excost','$gst',now(),'$identity','$SupplierCode','$ItemOnly')";
		#mysql_query($isql);
		$usql = "UPDATE Purchases SET
				SupplierID='$SupplierID',
				PurchaseDesc='$Purchase',
				Cost='$excost',
				GST='$gst',
				PurchaseDate=$PurchaseDate,
				Identifier='$identity',
				SupplierCode='$SupplierCode',
				ItemOnly='$ItemOnly',
				ChequeID='$ChequeID',
				PurchaseCode='$PurchaseCode',
				Approved='$approved'
			WHERE PurchaseID='$ID'";
		
		mysql_query($usql);

		if (mysql_error())
			$e.=mysql_error();
		if (!$e){
			if ($supervisor){
				$nsql = "SELECT PurchaseID 
					FROM Purchases 
					WHERE PurchaseID > $ID 
					AND Approved !=1 
					ORDER BY PurchaseID ASC";
				$nres = mysql_query($nsql);
				$nextid = mysql_result($nres,0);
				if ($nextid){
					header("Location: purchaseedit.php?ID=$nextid");
					exit;
				}
			}
			
			print $usql;
			print "Purchase Added, ID is:<BR><h1>";
			print "$ID";
			exit;
		}
	}
}

if ($supervisor){
	print "test.$usql";
}

$psql = "SELECT * FROM Purchases WHERE PurchaseID=$ID";
$pres = mysql_query($psql);
if (mysql_error())
	print mysql_error().$psql;
$pr = mysql_fetch_array($pres);
#print $pr[SupplierID];
?><HTML>
<HEAD></HEAD>
<BODY bgcolor=white>
<H2>Purchases</H2>
<H1>ID: <? echo $ID ?></H1>
<? if ($e)
	print $e;
?>
<TABLE>
<form>
<INPUT TYPE=HIDDEN NAME=ID VALUE="<? echo $ID ?>">
<INPUT TYPE=HIDDEN NAME=SupplierID VALUE="<? echo $pr[SupplierID] ?>">
<TR><TD>Supplier</TD><TD>
<?
$ssql = "SELECT CustomerID, Company, FirstName, LastName, Address, ABN, Suburb, Postcode,State FROM MasterAccounts WHERE
CustomerID=$pr[SupplierID]";
$sres = mysql_query($ssql);
#print $ssql;
if (mysql_error())
        print mysql_error().$ssql;

$srow = mysql_fetch_array($sres);
print "$srow[Company]";

?>
</TD></TR>
<? $bg="bgcolor=#DDDDDD" ?>
<tr <? echo $bg ?>>
<TD align=right>ABN</TD><TD><? echo $srow[ABN]; ?></TD>
</TR>
<tr <? echo $bg ?>>
<TD align=right>Street Address</TD><TD><? print $srow[Address] ?></TD>
</TR>
<tr <? echo $bg ?>>
<TD align=right>Suburb</TD><TD><? print $srow[Suburb] ?></TD>
</TR>
<tr <? echo $bg ?>>
<TD align=right>Postcode</TD><TD><? print $srow[Postcode] ?></TD>
</TR>
<tr <? echo $bg ?>>
<TD align=right>State</TD><TD><? print $srow[State] ?></TD>
</TR>
<TR><TD>&nbsp</TD></TR>
<TR>
<TD><H2>Purchase Description</H2></TD>
<TD colspan=2><TEXTAREA NAME=Purchase rows=5 cols=40><? echo $pr[PurchaseDesc] ?></TEXTAREA></TD>
</TR>
<TR>
<TD>ex-GST Price</TD><TD><input type=text name=Cost value="<? echo $pr[Cost] ?>"></TD>
<TD rowspan=3>Please fill out no more than 2 of these boxes</TD>
</TR>
<TR>
<TD>GST Charged</TD><TD><input type=text name=GST value="<? echo $pr[GST] ?>"></TD>
</TR>
<TR>
<TD>GST.inc.php.php.php.php.php.php price</TD><TD><input type=text name=TotalPrice value="<? echo $pr[GST] + $pr[Cost] ?>"></TD>
</TR>

<tr>
<TD>Date of Purchase</TD><TD><input type=text name=PurchaseDate value="<? echo $pr[PurchaseDate] ?>"></TD><TD>(YYYY-MM-DD,
Blank for
today)</TD>
</TR>

<tr>
<TD>Supplier Invoice Number/Code</TD>
<TD><input type=text name=SupplierCode value="<? echo $pr[SupplierCode] ?>"></TD>
</TR>

<tr>
<TD>Cheque Number</TD>
<TD><input type=text name=ChequeID value="<? echo $pr[ChequeID] ?>"></TD>
</TR>

<tr>
<TD>Itemised Bill</TD>
<TD><SELECT NAME=ItemOnly>
<? $isql = "SELECT PurchaseGroupID, PGName 
	FROM PurchaseGroup 
	ORDER BY PGName";
$ires = mysql_query($isql);
while ($i = mysql_fetch_row($ires)){
	print "<option value=\"$i[0]\"";
	if ($pr[ItemOnly]==$i[0]){
		print " selected";
	}
	print ">$i[1]</option>\n";
}
?></SELECT>
</TD
</TR>


<tr>
<td>Purchase Code</td>
<TD><SELECT NAME=PurchaseCode>
    <option value="0">(New Code) -></option>
<?
$csql = "SELECT CodeID, CodeName FROM PurchaseCodes ORDER BY CodeID";
$cres = mysql_query($csql);
while ($crow = mysql_fetch_array($cres)){
	print "<option value=\"$crow[CodeID]\"";
	if ($pr[PurchaseCode] == $crow[CodeID])
		print " selected";
	print ">$crow[CodeID] - $crow[CodeName]</option>\n";
}
?>
</select></td>
<td>Name: <input type=text name=CodeName><br>
Number: <input type=text name=CodeID></td>
</TR>

</TABLE>

<INPUT TYPE=SUBMIT NAME=save VALUE="Save Details">
<? if ($security >= 100){ ?> 
<INPUT TYPE=SUBMIT NAME=supervisor VALUE="Supervisor Approve">
<? } ?>

</FORM>
<BR>
<A HREF="purchase-delete.php?ID=<? echo $ID ?>">Delete This Record</A>
</BODY>
</HTML>
Return current item: Total ISP