1<?php
2
3include('includes/DefineOfferClass.php');
4include('includes/session.php');
5$Title = _('Supplier Tendering');
6include('includes/header.php');
7
8$Maximum_Number_Of_Parts_To_Show=50;
9
10if (isset($_GET['TenderType'])) {
11	$_POST['TenderType']=$_GET['TenderType'];
12}
13
14if (empty($_GET['identifier'])) {
15	/*unique session identifier to ensure that there is no conflict with other supplier tender sessions on the same machine  */
16	$identifier=date('U');
17} else {
18	$identifier=$_GET['identifier'];
19}
20
21if (!isset($_POST['SupplierID'])) {
22	$sql="SELECT supplierid FROM www_users WHERE userid='" . $_SESSION['UserID'] . "'";
23	$result=DB_query($sql);
24	$myrow=DB_fetch_array($result);
25	if ($myrow['supplierid']=='') {
26		prnMsg(_('This functionality can only be accessed via a supplier login.'), 'warning');
27		include('includes/footer.php');
28		exit;
29	} else {
30		$_POST['SupplierID']=$myrow['supplierid'];
31	}
32}
33
34if (isset($_GET['Delete'])) {
35	$_POST['SupplierID']=$_SESSION['offer'.$identifier]->SupplierID;
36	$_POST['TenderType']=$_GET['Type'];
37	$_SESSION['offer'.$identifier]->remove_from_offer($_GET['Delete']);
38}
39
40$sql="SELECT suppname,
41			currcode
42		FROM suppliers
43		WHERE supplierid='" . $_POST['SupplierID'] . "'";
44$result=DB_query($sql);
45$myrow=DB_fetch_array($result);
46$Supplier=$myrow['suppname'];
47$Currency=$myrow['currcode'];
48
49if (isset($_POST['Confirm'])) {
50	$_SESSION['offer'.$identifier]->Save();
51	$_SESSION['offer'.$identifier]->EmailOffer();
52	$sql="UPDATE tendersuppliers
53			SET responded=1
54			WHERE supplierid='" . $_SESSION['offer'.$identifier]->SupplierID . "'
55			AND tenderid='" . $_SESSION['offer'.$identifier]->TenderID . "'";
56	$result=DB_query($sql);
57}
58
59if (isset($_POST['Process'])) {
60	if (isset($_SESSION['offer'.$identifier])) {
61		unset($_SESSION['offer'.$identifier]);
62	}
63	$_SESSION['offer'.$identifier]=new Offer($_POST['SupplierID']);
64	$_SESSION['offer'.$identifier]->TenderID=$_POST['Tender'];
65	$_SESSION['offer'.$identifier]->CurrCode=$Currency;
66	$LineNo=0;
67	foreach ($_POST as $key=>$value) {
68		if (mb_substr($key,0,7)=='StockID') {
69			$Index = mb_substr($key,7,mb_strlen($key)-7);
70			$ItemCode=$value;
71			$Quantity=$_POST['Qty'.$Index];
72			$Price=$_POST['Price'.$Index];
73			$_SESSION['offer'.$identifier]->add_to_offer(
74				$LineNo,
75				$ItemCode,
76				$Quantity,
77				$_POST['ItemDescription'.$Index],
78				$Price,
79				$_POST['UOM'.$Index],
80				$_POST['DecimalPlaces'.$Index],
81				$_POST['RequiredByDate'.$Index]);
82			$LineNo++;
83		}
84	}
85	echo '<p class="page_title_text"><img src="' . $RootPath . '/css/' . $Theme . '/images/supplier.png" title="' . _('Tenders') . '" alt="" />' . ' ' . _('Confirm the Response For Tender') . ' ' . $_SESSION['offer'.$identifier]->TenderID  . '</p>';
86	echo '<form action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '?identifier=' . urlencode($identifier) . '" method="post">';
87	echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
88	echo '<table class="selection">';
89	echo '<input type="hidden" name="TenderType" value="3" />';
90	$LocationSQL="SELECT tenderid,
91						locations.locationname,
92						address1,
93						address2,
94						address3,
95						address4,
96						address5,
97						address6,
98						telephone
99					FROM tenders
100					INNER JOIN locations
101					ON tenders.location=locations.loccode
102					WHERE closed=0
103					AND tenderid='".$_SESSION['offer'.$identifier]->TenderID."'";
104	$LocationResult=DB_query($LocationSQL);
105	$MyLocationRow=DB_fetch_row($LocationResult);
106	$CurrencySQL="SELECT decimalplaces from currencies WHERE currabrev='".$_SESSION['offer'.$identifier]->CurrCode."'";
107	$CurrencyResult=DB_query($CurrencySQL);
108	$CurrencyRow=DB_fetch_array($CurrencyResult);
109	echo '<tr>
110			<td valign="top" style="background-color:#cccce5">' . _('Deliver To') . ':</td>
111			<td valign="top" style="background-color:#cccce5">';
112	for ($i=1; $i<8; $i++) {
113		if ($MyLocationRow[$i]!='') {
114			echo $MyLocationRow[$i] . '<br />';
115		}
116	}
117	echo '</td>';
118	echo '<th colspan="8" style="vertical-align:top"><font size="2" color="#616161">' . _('Tender Number') . ': ' .$_SESSION['offer'.$identifier]->TenderID . '</font></th>';
119	echo '<input type="hidden" value="' . $_SESSION['offer'.$identifier]->TenderID . '" name="Tender" />';
120	echo '<tr>
121			<th>' . stripslashes($_SESSION['CompanyRecord']['coyname']) . '<br />' . _('Item Code') . '</th>
122			<th>' . _('Item Description') . '</th>
123			<th>' . _('Quantity') . '<br />' . _('Offered') . '</th>
124			<th>' . $Supplier . '<br />' . _('Units of Measure') . '</th>
125			<th>' . _('Currency') . '</th>
126			<th>' . $Supplier . '<br />' . _('Price') . '</th>
127			<th>' . _('Line Value') . '</th>
128			<th>' . _('Delivery By') . '</th>
129		</tr>';
130
131	foreach ($_SESSION['offer'.$identifier]->LineItems as $LineItem)  {
132		echo '<tr><td>' . $LineItem->StockID . '</td>';
133		echo '<td>' . $LineItem->ItemDescription . '</td>';
134		echo '<td class="number"> ' .locale_number_format($LineItem->Quantity, $LineItem->DecimalPlaces) . '</td>';
135		echo '<td>' . $LineItem->Units . '</td>';
136		echo '<td>' . $_SESSION['offer'.$identifier]->CurrCode . '</td>';
137		echo '<td class="number">' . locale_number_format($LineItem->Price, $CurrencyRow['decimalplaces']) . '</td>';
138		echo '<td class="number">' . locale_number_format($LineItem->Price*$LineItem->Quantity,$CurrencyRow['decimalplaces']) . '</td>';
139		echo '<td>' . $LineItem->ExpiryDate . '</td>';
140	}
141	echo '</table>
142		<br />
143		<div class="centre">
144			<input type="submit" name="Confirm" value="' . _('Confirm and Send Email') . '" />
145			<br />
146			<br />
147			<input type="submit" name="Cancel" value="' . _('Cancel Offer') . '" />
148		</div>
149		</form>';
150	include('includes/footer.php');
151	exit;
152}
153
154/* If the supplierID is set then it must be a login from the supplier but if nothing else is
155 * set then the supplier must have just logged in so show them the choices.
156 */
157if (isset($_POST['SupplierID']) AND empty($_POST['TenderType']) AND empty($_POST['Search']) AND empty($_POST['NewItem']) AND empty($_GET['Delete'])) {
158	if (isset($_SESSION['offer'.$identifier])) {
159		unset($_SESSION['offer'.$identifier]);
160	}
161	echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '?identifier=' . urlencode($identifier) . '">';
162	echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
163	echo '<p class="page_title_text"><img src="' . $RootPath . '/css/' . $Theme . '/images/supplier.png" title="' . _('Tenders') . '" alt="" />' . ' ' . _('Create or View Offers from') . ' '.$Supplier . '</p>';
164	echo '<table class="selection">';
165	echo'<tr>
166			<td>' . _('Select option for tendering') . '</td>
167			<td><select name="TenderType">
168				<option value="1">' . _('View or Amend outstanding offers from').' '.$Supplier  . '</option>
169				<option value="2">' . _('Create a new offer from').' '.$Supplier  . '</option>
170				<option value="3">' . _('View any open tenders without an offer from').' '.$Supplier  . '</option>
171				</select></td>
172		</tr>';
173	echo '<input type="hidden" name="SupplierID" value="'.$_POST['SupplierID'].'" />';
174	echo '<tr>
175			<td colspan="2">
176				<div class="centre">
177				<input type="submit" name="submit" value="' . _('Select') . '" />
178				</div>
179			</td>
180		</tr>
181		</table>
182		</form>';
183}
184
185if (isset($_POST['NewItem']) AND !isset($_POST['Refresh'])) {
186	foreach ($_POST as $key => $value) {
187		if (mb_substr($key,0,7)=='StockID') {
188			$Index = mb_substr($key,7,mb_strlen($key)-7);
189			$StockID=$value;
190			$Quantity=filter_number_format($_POST['Qty'.$Index]);
191			$Price=filter_number_format($_POST['Price'.$Index]);
192			$UOM=$_POST['uom'.$Index];
193			if (isset($UOM) AND $Quantity>0) {
194				$sql="SELECT description, decimalplaces FROM stockmaster WHERE stockid='".$StockID."'";
195				$result=DB_query($sql);
196				$myrow=DB_fetch_array($result);
197				$_SESSION['offer'.$identifier]->add_to_offer($_SESSION['offer'.$identifier]->LinesOnOffer,
198												$StockID,
199												$Quantity,
200												$myrow['description'],
201												$Price,
202												$UOM,
203												$myrow['decimalplaces'],
204												DateAdd(date($_SESSION['DefaultDateFormat']),'m',3));
205				unset($UOM);
206			}
207		}
208	}
209}
210
211if (isset($_POST['Refresh']) AND !isset($_POST['NewItem'])) {
212	foreach ($_POST as $key => $value) {
213		if (mb_substr($key,0,7)=='StockID') {
214			$Index = mb_substr($key,7,mb_strlen($key)-7);
215			$StockID=$value;
216			$Quantity=filter_number_format($_POST['Qty'.$Index]);
217			$Price=filter_number_format($_POST['Price'.$Index]);
218			$ExpiryDate=$_POST['expirydate'.$Index];
219		}
220		if (isset($ExpiryDate)) {
221			$_SESSION['offer'.$identifier]->update_offer_item(
222				$Index,
223				$Quantity,
224				$Price,
225				$ExpiryDate);
226			unset($ExpiryDate);
227		}
228	}
229}
230
231if (isset($_POST['Update'])) {
232	foreach ($_POST as $key => $value) {
233		if (mb_substr($key,0,3)=='Qty') {
234			$LineNo=mb_substr($key,3);
235			$Quantity=$value;
236		}
237		if (mb_substr($key,0,5)=='Price') {
238			$Price=$value;
239		}
240		if (mb_substr($key,0,10)=='expirydate') {
241			$ExpiryDate=$value;
242		}
243		if (isset($ExpiryDate)) {
244			$_SESSION['offer'.$identifier]->update_offer_item(
245				$LineNo,
246				$Quantity,
247				$Price,
248				$ExpiryDate);
249			unset($ExpiryDate);
250		}
251	}
252	$_SESSION['offer'.$identifier]->Save('Yes');
253	$_SESSION['offer'.$identifier]->EmailOffer();
254	unset($_SESSION['offer'.$identifier]);
255	include('includes/footer.php');
256	exit;
257}
258
259if (isset($_POST['Save'])) {
260	foreach ($_POST as $key => $value) {
261		if (mb_substr($key,0,3)=='Qty') {
262			$LineNo=mb_substr($key,3);
263			$Quantity=$value;
264		}
265		if (mb_substr($key,0,5)=='Price') {
266			$Price=$value;
267		}
268		if (mb_substr($key,0,10)=='expirydate') {
269			$ExpiryDate=$value;
270		}
271		if (isset($ExpiryDate)) {
272			$_SESSION['offer'.$identifier]->update_offer_item(
273				$LineNo,
274				$Quantity,
275				$Price,
276				$ExpiryDate);
277			unset($ExpiryDate);
278		}
279	}
280	$_SESSION['offer'.$identifier]->Save();
281	$_SESSION['offer'.$identifier]->EmailOffer();
282	unset($_SESSION['offer'.$identifier]);
283	include('includes/footer.php');
284	exit;
285}
286
287/*The supplier has chosen option 1
288 */
289if (isset($_POST['TenderType']) AND $_POST['TenderType']==1 AND !isset($_POST['Refresh']) AND !isset($_GET['Delete'])) {
290	$sql="SELECT offers.offerid,
291				offers.stockid,
292				stockmaster.description,
293				offers.quantity,
294				offers.uom,
295				offers.price,
296				offers.expirydate,
297				stockmaster.decimalplaces
298			FROM offers
299			INNER JOIN stockmaster
300				ON offers.stockid=stockmaster.stockid
301			WHERE offers.supplierid='" . $_POST['SupplierID'] . "'
302			AND offers.expirydate>='" . date('Y-m-d') . "'";
303	$result=DB_query($sql);
304	$_SESSION['offer'.$identifier]=new Offer($_POST['SupplierID']);
305	$_SESSION['offer'.$identifier]->CurrCode=$Currency;
306	while ($myrow=DB_fetch_array($result)) {
307		$_SESSION['offer'.$identifier]->add_to_offer(	$myrow['offerid'],
308														$myrow['stockid'],
309														$myrow['quantity'],
310														$myrow['description'],
311														$myrow['price'],
312														$myrow['uom'],
313														$myrow['decimalplaces'],
314														ConvertSQLDate($myrow['expirydate']));
315	}
316}
317
318if (isset($_POST['TenderType']) and $_POST['TenderType']!=3 and isset($_SESSION['offer'.$identifier]) and $_SESSION['offer'.$identifier]->LinesOnOffer>0 or isset($_POST['Update'])) {
319	echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '?identifier=' . urlencode($identifier) . '">';
320	echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
321	echo '<p class="page_title_text"><img src="' . $RootPath . '/css/' . $Theme . '/images/supplier.png" title="' . _('Search') . '" alt="" />' . ' ' . _('Items to offer from').' '.$Supplier  . '</p>';
322	echo '<table>
323			<tr>
324				<th class="assending">' . _('Stock ID') . '</th>
325				<th class="assending">' . _('Description') . '</th>
326				<th class="assending">' . _('Quantity') . '</th>
327				<th class="assending">' . _('UOM') . '</th>
328				<th class="assending">' . _('Price').' ('.$Currency.')</th>
329				<th class="assending">' . _('Line Total').' ('.$Currency.')</th>
330				<th class="assending">' . _('Expiry Date') . '</th>
331			</tr>';
332
333	foreach ($_SESSION['offer'.$identifier]->LineItems as $LineItems) {
334		if ($LineItems->Deleted==False) {
335			if ($LineItems->ExpiryDate < date('Y-m-d')) {
336				echo '<tr style="background-color:#F7A9A9">';
337			} else {
338				echo '<tr class="striped_row">';
339			}
340
341			echo '<input type="hidden" name="StockID'.$LineItems->LineNo.'" value="'.$LineItems->StockID.'" />';
342			echo '<td>' . $LineItems->StockID . '</td>
343					<td>' . $LineItems->ItemDescription . '</td>
344					<td><input type="text" class="number" required="true" name="Qty'.$LineItems->LineNo.'" value="'.locale_number_format($LineItems->Quantity,$LineItems->DecimalPlaces).'" /></td>
345					<td>' . $LineItems->Units . '</td>
346					<td><input type="text" class="number" required="true" name="Price'.$LineItems->LineNo.'" value="'.locale_number_format($LineItems->Price,2,'.','').'" /></td>
347					<td class="number">' . locale_number_format($LineItems->Price*$LineItems->Quantity,2) . '</td>
348					<td><input type="text" maxlength="10" size="11" class="date" required="true" name="expirydate'.$LineItems->LineNo.'" value="'.$LineItems->ExpiryDate.'" /></td>
349					<td><a href="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '?identifier='.$identifier.'&Delete=' . $LineItems->LineNo . '&Type=' . $_POST['TenderType'] . '">' . _('Remove') . '</a></td>
350				</tr>';
351		}
352	}
353	echo '</table>';
354	echo '<input type="hidden" name="TenderType" value="'.$_POST['TenderType'].'" />';
355	if ($_POST['TenderType']==1) {
356		echo '<br />
357				<div class="centre">
358					<input type="submit" name="Update" value="Update offer" />
359					<input type="submit" name="Refresh" value="Refresh screen" />
360				</div>';
361	} else if ($_POST['TenderType']==2) {
362		echo '<br />
363				<div class="centre">
364					<input type="submit" name="Save" value="Save offer" />
365					<input type="submit" name="Refresh" value="Refresh screen" />
366				</div>';
367	}
368	echo '</form>';
369}
370
371/*The supplier has chosen option 2
372 */
373if (isset($_POST['TenderType'])
374	AND $_POST['TenderType']==2
375	AND !isset($_POST['Search'])
376	OR isset($_GET['Delete'])) {
377
378	if (!isset($_SESSION['offer'.$identifier])) {
379		$_SESSION['offer'.$identifier]=new Offer($_POST['SupplierID']);
380	}
381	echo '<form action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '?identifier=' . urlencode($identifier) . '" method="post">';
382	echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
383	echo '<p class="page_title_text"><img src="' . $RootPath . '/css/' . $Theme . '/images/magnifier.png" title="' . _('Search') . '" alt="" />' . ' ' . _('Search for Inventory Items') . '</p>';
384
385	$sql = "SELECT categoryid,
386				categorydescription
387			FROM stockcategory
388			ORDER BY categorydescription";
389	$result = DB_query($sql);
390
391	if (DB_num_rows($result) == 0) {
392		echo '<p><font size="4" color="red">' . _('Problem Report') . ':</font><br />' .
393			_('There are no stock categories currently defined please use the link below to set them up');
394		echo '<br /><a href="' . $RootPath . '/StockCategories.php">' . _('Define Stock Categories') . '</a></p>';
395		exit;
396	}
397	echo '<table class="selection"><tr>';
398	echo '<td>' . _('In Stock Category') . ':';
399	echo '<select name="StockCat">';
400	if (!isset($_POST['StockCat'])) {
401		$_POST['StockCat'] = '';
402	}
403	if ($_POST['StockCat'] == 'All') {
404		echo '<option selected="selected" value="All">' . _('All') . '</option>';
405	} else {
406		echo '<option value="All">' . _('All') . '</option>';
407	}
408	while ($myrow1 = DB_fetch_array($result)) {
409		if ($myrow1['categoryid'] == $_POST['StockCat']) {
410			echo '<option selected="selected" value="' . $myrow1['categoryid'] . '">' . $myrow1['categorydescription'] . '</option>';
411		} else {
412			echo '<option value="' . $myrow1['categoryid'] . '">' . $myrow1['categorydescription'] . '</option>';
413		}
414	}
415	echo '</select>';
416	echo '<td>' . _('Enter partial') . '<b> ' . _('Description') . '</b>:</td><td>';
417	if (isset($_POST['Keywords'])) {
418		echo '<input type="text" name="Keywords" value="' . $_POST['Keywords'] . '" size="20" maxlength="25" />';
419	} else {
420		echo '<input type="text" name="Keywords" size="20" maxlength="25" />';
421	}
422	echo '<input type="hidden" name="TenderType" value="'.$_POST['TenderType'].'" />';
423	echo '<input type="hidden" name="SupplierID" value="'.$_POST['SupplierID'].'" />';
424	echo '</td>
425		</tr>
426		<tr>
427			<td></td>
428			<td><font size="3"><b>' . _('OR') . ' ' . '</b></font>' . _('Enter partial') . ' <b>' . _('Stock Code') . '</b>:</td>
429			<td>';
430	if (isset($_POST['StockCode'])) {
431		echo '<input type="text" name="StockCode" autofocus="autofocus" value="' . $_POST['StockCode'] . '" size="15" maxlength="18" />';
432	} else {
433		echo '<input type="text" name="StockCode" autofocus="autofocus" size="15" maxlength="18" />';
434	}
435	echo '</td>
436		</tr>
437		</table>
438		<br />
439		<div class="centre">
440			<input type="submit" name="Search" value="' . _('Search Now') . '" />
441		</div>
442		<br />
443		</form>';
444}
445
446/*The supplier has chosen option 3
447 */
448if (isset($_POST['TenderType'])
449	AND $_POST['TenderType']==3
450	AND !isset($_POST['Search'])
451	OR isset($_GET['Delete'])) {
452
453	echo '<p class="page_title_text"><img src="' . $RootPath . '/css/' . $Theme . '/images/supplier.png" title="' . _('Tenders') . '" alt="" />' . ' ' . _('Tenders Waiting For Offers') . '</p>';
454	$sql="SELECT DISTINCT tendersuppliers.tenderid,
455				suppliers.currcode
456			FROM tendersuppliers
457			LEFT JOIN suppliers
458			ON suppliers.supplierid=tendersuppliers.supplierid
459			LEFT JOIN tenders
460			ON tenders.tenderid=tendersuppliers.tenderid
461			WHERE tendersuppliers.supplierid='" . $_POST['SupplierID'] . "'
462			AND tenders.closed=0
463			AND tendersuppliers.responded=0
464			ORDER BY tendersuppliers.tenderid";
465	$result=DB_query($sql);
466	echo '<table class="selection">';
467	echo '<tr>
468			<th colspan="13"><font size="3" color="#616161">' . _('Outstanding Tenders Waiting For Offer') . '</font></th>
469		</tr>';
470	while ($myrow=DB_fetch_row($result)) {
471		echo '<form action="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '" method="post">';
472		echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
473		echo '<input type="hidden" name="TenderType" value="3" />';
474		$LocationSQL="SELECT tenderid,
475							locations.locationname,
476							address1,
477							address2,
478							address3,
479							address4,
480							address5,
481							address6,
482							telephone
483						FROM tenders
484						INNER JOIN locations
485						ON tenders.location=locations.loccode
486						WHERE closed=0
487						AND tenderid='".$myrow[0]."'";
488		$LocationResult=DB_query($LocationSQL);
489		$MyLocationRow=DB_fetch_row($LocationResult);
490		echo '<tr>
491				<td valign="top" style="background-color:#cccce5">' . _('Deliver To') . ':</td>
492				<td valign="top" style="background-color:#cccce5">';
493		for ($i=1; $i<8; $i++) {
494			if ($MyLocationRow[$i]!='') {
495				echo $MyLocationRow[$i] . '<br />';
496			}
497		}
498		echo '</td>';
499		echo '<th colspan="8" style="vertical-align:top"><font size="2" color="#616161">' . _('Tender Number') . ': ' .$myrow[0] . '</font></th>';
500		echo '<input type="hidden" value="' . $myrow[0] . '" name="Tender" />';
501		echo '<th><input type="submit" value="' . _('Process') . "\n" . _('Tender') . '" name="Process" /></th>
502			</tr>';
503		$ItemSQL="SELECT tenderitems.tenderid,
504						tenderitems.stockid,
505						stockmaster.description,
506						stockmaster.decimalplaces,
507						purchdata.suppliers_partno,
508						tenderitems.quantity,
509						tenderitems.units,
510						tenders.requiredbydate,
511						purchdata.suppliersuom
512					FROM tenderitems
513					LEFT JOIN stockmaster
514					ON tenderitems.stockid=stockmaster.stockid
515					LEFT JOIN purchdata
516					ON tenderitems.stockid=purchdata.stockid
517					AND purchdata.supplierno='".$_POST['SupplierID']."'
518					LEFT JOIN tenders
519					ON tenders.tenderid=tenderitems.tenderid
520					WHERE tenderitems.tenderid='" . $myrow[0] . "'";
521		$ItemResult=DB_query($ItemSQL);
522		echo '<tr>
523				<th>' . stripslashes($_SESSION['CompanyRecord']['coyname']) . '<br />' . _('Item Code') . '</th>
524				<th>' . _('Item Description') . '</th>
525				<th>' . $Supplier . '<br />' . _('Item Code') . '</th>
526				<th>' . _('Quantity') . '<br />' . _('Required') . '</th>
527				<th>' . stripslashes($_SESSION['CompanyRecord']['coyname']) . '<br />' . _('Units of Measure') . '</th>
528				<th>' . _('Required By') . '</th>
529				<th>' . _('Quantity') . '<br />' . _('Offered') . '</th>
530				<th>' . $Supplier . '<br />' . _('Units of Measure') . '</th>
531				<th>' . _('Currency') . '</th>
532				<th>' . $Supplier . '<br />' . _('Price') . '</th>
533				<th>' . _('Delivery By') . '</th>
534			</tr>';
535		$i=0;
536		while ($MyItemRow=DB_fetch_array($ItemResult)) {
537			echo '<tr>
538					<td>' . $MyItemRow['stockid'] . '</td>
539					<td>' . $MyItemRow['description'] . '</td>
540					<input type="hidden" name="StockID'. $i . '" value="' . $MyItemRow['stockid'] . '" />
541					<input type="hidden" name="ItemDescription'. $i . '" value="' . $MyItemRow['description'] . '" />
542					<td>' . $MyItemRow['suppliers_partno'] . '</td>
543					<td class="number">' . locale_number_format($MyItemRow['quantity'], $MyItemRow['decimalplaces']) . '</td>
544					<td>' . $MyItemRow['units'] . '</td>
545					<td>' . ConvertSQLDate($MyItemRow['requiredbydate']) . '</td>';
546
547			if ($MyItemRow['suppliersuom']=='') {
548				$MyItemRow['suppliersuom']=$MyItemRow['units'];
549			}
550			echo '<td><input type="text" class="number" title="'._('Input must be in numeric format').'" size="10" name="Qty'. $i . '" value="' . locale_number_format($MyItemRow['quantity'], $MyItemRow['decimalplaces']) . '" /></td>
551				<input type="hidden" name="UOM'. $i . '" value="' . $MyItemRow['units'] . '" />
552				<input type="hidden" name="DecimalPlaces'. $i . '" value="' . $MyItemRow['decimalplaces'] . '" />
553				<td>' . $MyItemRow['suppliersuom'] . '</td>
554				<td>' . $myrow[1] . '</td>
555				<td><input type="text" class="number" title="'._('Input must be in numeric format').'"  size="10" name="Price'. $i . '" value="0.00" /></td>
556				<td><input type="text" class="date" name="RequiredByDate'. $i . '" maxlength="10" size="11" value="' . ConvertSQLDate($MyItemRow['requiredbydate']) . '" /></td>
557				</tr>';
558			$i++;
559		}
560		echo '</form>';
561	}
562	echo '</table>';
563}
564
565if (isset($_POST['Search'])){  /*ie seach for stock items */
566	echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '?identifier=' . urlencode($identifier) . '">';
567	echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
568	echo '<p class="page_title_text"><img src="' . $RootPath . '/css/' . $Theme . '/images/supplier.png" title="' . _('Tenders') . '" alt="" />' . ' ' . _('Select items to offer from').' '.$Supplier  . '</p>';
569
570	if ($_POST['Keywords'] AND $_POST['StockCode']) {
571		prnMsg( _('Stock description keywords have been used in preference to the Stock code extract entered'), 'info' );
572	}
573	if ($_POST['Keywords']) {
574		//insert wildcard characters in spaces
575		$SearchString = '%' . str_replace(' ', '%', $_POST['Keywords']) . '%';
576
577		if ($_POST['StockCat']=='All'){
578			$sql = "SELECT stockmaster.stockid,
579						stockmaster.description,
580						stockmaster.units
581					FROM stockmaster INNER JOIN stockcategory
582					ON stockmaster.categoryid=stockcategory.categoryid
583					WHERE stockmaster.mbflag!='D'
584					AND stockmaster.mbflag!='A'
585					AND stockmaster.mbflag!='K'
586					AND stockmaster.discontinued!=1
587					AND stockmaster.description " . LIKE . " '$SearchString'
588					ORDER BY stockmaster.stockid";
589		} else {
590			$sql = "SELECT stockmaster.stockid,
591						stockmaster.description,
592						stockmaster.units
593					FROM stockmaster INNER JOIN stockcategory
594					ON stockmaster.categoryid=stockcategory.categoryid
595					WHERE stockmaster.mbflag!='D'
596					AND stockmaster.mbflag!='A'
597					AND stockmaster.mbflag!='K'
598					AND stockmaster.discontinued!=1
599					AND stockmaster.description " . LIKE . " '$SearchString'
600					AND stockmaster.categoryid='" . $_POST['StockCat'] . "'
601					ORDER BY stockmaster.stockid";
602		}
603
604	} elseif ($_POST['StockCode']){
605
606		$_POST['StockCode'] = '%' . $_POST['StockCode'] . '%';
607
608		if ($_POST['StockCat']=='All'){
609			$sql = "SELECT stockmaster.stockid,
610						stockmaster.description,
611						stockmaster.units
612					FROM stockmaster INNER JOIN stockcategory
613					ON stockmaster.categoryid=stockcategory.categoryid
614					WHERE stockmaster.mbflag!='D'
615					AND stockmaster.mbflag!='A'
616					AND stockmaster.mbflag!='K'
617					AND stockmaster.discontinued!=1
618					AND stockmaster.stockid " . LIKE . " '" . $_POST['StockCode'] . "'
619					ORDER BY stockmaster.stockid";
620		} else {
621			$sql = "SELECT stockmaster.stockid,
622						stockmaster.description,
623						stockmaster.units
624					FROM stockmaster INNER JOIN stockcategory
625					ON stockmaster.categoryid=stockcategory.categoryid
626					WHERE stockmaster.mbflag!='D'
627					AND stockmaster.mbflag!='A'
628					AND stockmaster.mbflag!='K'
629					AND stockmaster.discontinued!=1
630					AND stockmaster.stockid " . LIKE . " '" . $_POST['StockCode'] . "'
631					AND stockmaster.categoryid='" . $_POST['StockCat'] . "'
632					ORDER BY stockmaster.stockid";
633		}
634
635	} else {
636		if ($_POST['StockCat']=='All'){
637			$sql = "SELECT stockmaster.stockid,
638						stockmaster.description,
639						stockmaster.units
640					FROM stockmaster INNER JOIN stockcategory
641					ON stockmaster.categoryid=stockcategory.categoryid
642					WHERE stockmaster.mbflag!='D'
643					AND stockmaster.mbflag!='A'
644					AND stockmaster.mbflag!='K'
645					AND stockmaster.discontinued!=1
646					ORDER BY stockmaster.stockid";
647		} else {
648			$sql = "SELECT stockmaster.stockid,
649						stockmaster.description,
650						stockmaster.units
651					FROM stockmaster INNER JOIN stockcategory
652					ON stockmaster.categoryid=stockcategory.categoryid
653					WHERE stockmaster.mbflag!='D'
654					AND stockmaster.mbflag!='A'
655					AND stockmaster.mbflag!='K'
656					AND stockmaster.discontinued!=1
657					AND stockmaster.categoryid='" . $_POST['StockCat'] . "'
658					ORDER BY stockmaster.stockid";
659		}
660	}
661
662	$ErrMsg = _('There is a problem selecting the part records to display because');
663	$DbgMsg = _('The SQL statement that failed was');
664	$SearchResult = DB_query($sql,$ErrMsg,$DbgMsg);
665
666	if (DB_num_rows($SearchResult)==0 AND $debug==1){
667		prnMsg( _('There are no products to display matching the criteria provided'),'warn');
668	}
669	if (DB_num_rows($SearchResult)==1){
670
671		$myrow=DB_fetch_array($SearchResult);
672		$_GET['NewItem'] = $myrow['stockid'];
673		DB_data_seek($SearchResult,0);
674	}
675
676	if (isset($SearchResult)) {
677
678		echo '<table cellpadding="1">';
679
680		$TableHeader = '<tr>
681						<th class="assending">' . _('Code')  . '</th>
682						<th class="assending">' . _('Description') . '</th>
683						<th class="assending">' . _('Units') . '</th>
684						<th class="assending">' . _('Image') . '</th>
685						<th class="assending">' . _('Quantity') . '</th>
686						<th class="assending">' . _('Price') .' ('.$Currency.')</th>
687					</tr>';
688		echo $TableHeader;
689
690		$i = 0;
691		$PartsDisplayed=0;
692		while ($myrow=DB_fetch_array($SearchResult)) {
693
694			$SupportedImgExt = array('png','jpg','jpeg');
695			$imagefile = reset((glob($_SESSION['part_pics_dir'] . '/' . $myrow['stockid'] . '.{' . implode(",", $SupportedImgExt) . '}', GLOB_BRACE)));
696			if (extension_loaded('gd') && function_exists('gd_info') && file_exists ($imagefile) ) {
697				$ImageSource = '<img src="GetStockImage.php?automake=1&amp;textcolor=FFFFFF&amp;bgcolor=CCCCCC'.
698					'&amp;StockID='.urlencode($myrow['stockid']).
699					'&amp;text='.
700					'&amp;width=64'.
701					'&amp;height=64'.
702					'" alt="" />';
703			} else if (file_exists ($imagefile)) {
704				$ImageSource = '<img src="' . $imagefile . '" height="64" width="64" />';
705			} else {
706				$ImageSource = _('No Image');
707			}
708
709			$UOMsql="SELECT conversionfactor,
710						suppliersuom,
711						unitsofmeasure.unitname
712					FROM purchdata
713					LEFT JOIN unitsofmeasure
714					ON purchdata.suppliersuom=unitsofmeasure.unitid
715					WHERE supplierno='".$_POST['SupplierID']."'
716					AND stockid='" . $myrow['stockid'] . "'";
717
718			$UOMresult=DB_query($UOMsql);
719			if (DB_num_rows($UOMresult)>0) {
720				$UOMrow=DB_fetch_array($UOMresult);
721				if (mb_strlen($UOMrow['suppliersuom'])>0) {
722					$UOM=$UOMrow['unitname'];
723				} else {
724					$UOM=$myrow['units'];
725				}
726			} else {
727				$UOM=$myrow['units'];
728			}
729			echo '<tr class="striped_row">
730					<td>' . $myrow['stockid'] . '</td>
731					<td>' . $myrow['description'] . '</td>
732					<td>' . $UOM . '</td>
733					<td>' . $ImageSource . '</td>
734					<td><input class="number" title="'._('The input must be numeric').'" type="text" size="6" value="0" name="Qty'.$i.'" /></td>
735					<td><input class="number" title="'._('The input must be numeric').'" type="text" size="12" value="0" name="Price'.$i.'" /></td>
736					<input type="hidden" size="12" value="'.$myrow['stockid'].'" name="StockID'.$i.'" />
737					<input type="hidden" value="'.$UOM.'" name="uom'.$i.'" />
738					</tr>';
739			$i++;
740			$PartsDisplayed++;
741			if ($PartsDisplayed == $Maximum_Number_Of_Parts_To_Show){
742				break;
743			}
744#end of page full new headings if
745		}
746#end of while loop
747		echo '</table>';
748		if ($PartsDisplayed == $Maximum_Number_Of_Parts_To_Show){
749
750	/*$Maximum_Number_Of_Parts_To_Show defined in config.php */
751			prnMsg( _('Only the first') . ' ' . $Maximum_Number_Of_Parts_To_Show . ' ' . _('can be displayed') . '. ' .
752				_('Please restrict your search to only the parts required'),'info');
753		}
754		echo '<a name="end"></a>
755				<br />
756				<div class="centre">
757					<input type="submit" name="NewItem" value="Add to Offer" />
758				</div>';
759	}#end if SearchResults to show
760	echo '<input type="hidden" name="TenderType" value="'.$_POST['TenderType'].'" />';
761	echo '<input type="hidden" name="SupplierID" value="'.$_POST['SupplierID'].'" />';
762
763	echo '</form>';
764
765} //end of if search
766
767include('includes/footer.php');
768
769?>
770