1<?php 2 3include('includes/session.php'); 4 5$Title = _('Units Of Measure'); 6 7include('includes/header.php'); 8echo '<p class="page_title_text"><img src="' . $RootPath . '/css/' . $Theme . '/images/magnifier.png" title="' . 9 _('Search') . '" alt="" />' . ' ' . $Title . '</p>'; 10 11if ( isset($_GET['SelectedMeasureID']) ) 12 $SelectedMeasureID = $_GET['SelectedMeasureID']; 13elseif (isset($_POST['SelectedMeasureID'])) 14 $SelectedMeasureID = $_POST['SelectedMeasureID']; 15 16if (isset($_POST['Submit'])) { 17 18 //initialise no input errors assumed initially before we test 19 20 $InputError = 0; 21 22 /* actions to take once the user has clicked the submit button 23 ie the page has called itself with some user input */ 24 25 //first off validate inputs sensible 26 27 if (ContainsIllegalCharacters($_POST['MeasureName'])) { 28 $InputError = 1; 29 prnMsg( _('The unit of measure cannot contain any of the illegal characters') ,'error'); 30 } 31 if (trim($_POST['MeasureName']) == '') { 32 $InputError = 1; 33 prnMsg( _('The unit of measure may not be empty'), 'error'); 34 } 35 36 if (isset($_POST['SelectedMeasureID']) AND $_POST['SelectedMeasureID']!='' AND $InputError !=1) { 37 38 39 /*SelectedMeasureID could also exist if submit had not been clicked this code would not run in this case cos submit is false of course see the delete code below*/ 40 // Check the name does not clash 41 $sql = "SELECT count(*) FROM unitsofmeasure 42 WHERE unitid <> '" . $SelectedMeasureID ."' 43 AND unitname ".LIKE." '" . $_POST['MeasureName'] . "'"; 44 $result = DB_query($sql); 45 $myrow = DB_fetch_row($result); 46 if ( $myrow[0] > 0 ) { 47 $InputError = 1; 48 prnMsg( _('The unit of measure can not be renamed because another with the same name already exist.'),'error'); 49 } else { 50 // Get the old name and check that the record still exist neet to be very carefull here 51 // idealy this is one of those sets that should be in a stored procedure simce even the checks are 52 // relavant 53 $sql = "SELECT unitname FROM unitsofmeasure 54 WHERE unitid = '" . $SelectedMeasureID . "'"; 55 $result = DB_query($sql); 56 if ( DB_num_rows($result) != 0 ) { 57 // This is probably the safest way there is 58 $myrow = DB_fetch_row($result); 59 $OldMeasureName = $myrow[0]; 60 $sql = array(); 61 $sql[] = "UPDATE unitsofmeasure 62 SET unitname='" . $_POST['MeasureName'] . "' 63 WHERE unitname ".LIKE." '".$OldMeasureName."'"; 64 $sql[] = "UPDATE stockmaster 65 SET units='" . $_POST['MeasureName'] . "' 66 WHERE units ".LIKE." '" . $OldMeasureName . "'"; 67 } else { 68 $InputError = 1; 69 prnMsg( _('The unit of measure no longer exist.'),'error'); 70 } 71 } 72 $msg = _('Unit of measure changed'); 73 } elseif ($InputError !=1) { 74 /*SelectedMeasureID is null cos no item selected on first time round so must be adding a record*/ 75 $sql = "SELECT count(*) FROM unitsofmeasure 76 WHERE unitname " .LIKE. " '".$_POST['MeasureName'] ."'"; 77 $result = DB_query($sql); 78 $myrow = DB_fetch_row($result); 79 if ( $myrow[0] > 0 ) { 80 $InputError = 1; 81 prnMsg( _('The unit of measure can not be created because another with the same name already exists.'),'error'); 82 } else { 83 $sql = "INSERT INTO unitsofmeasure (unitname ) 84 VALUES ('" . $_POST['MeasureName'] ."')"; 85 } 86 $msg = _('New unit of measure added'); 87 } 88 89 if ($InputError!=1){ 90 //run the SQL from either of the above possibilites 91 if (is_array($sql)) { 92 $result = DB_Txn_Begin(); 93 $tmpErr = _('Could not update unit of measure'); 94 $tmpDbg = _('The sql that failed was') . ':'; 95 foreach ($sql as $stmt ) { 96 $result = DB_query($stmt, $tmpErr,$tmpDbg,true); 97 if(!$result) { 98 $InputError = 1; 99 break; 100 } 101 } 102 if ($InputError!=1){ 103 $result = DB_Txn_Commit(); 104 } else { 105 $result = DB_Txn_Rollback(); 106 } 107 } else { 108 $result = DB_query($sql); 109 } 110 prnMsg($msg,'success'); 111 } 112 unset ($SelectedMeasureID); 113 unset ($_POST['SelectedMeasureID']); 114 unset ($_POST['MeasureName']); 115 116} elseif (isset($_GET['delete'])) { 117//the link to delete a selected record was clicked instead of the submit button 118// PREVENT DELETES IF DEPENDENT RECORDS IN 'stockmaster' 119 // Get the original name of the unit of measure the ID is just a secure way to find the unit of measure 120 $sql = "SELECT unitname FROM unitsofmeasure 121 WHERE unitid = '" . $SelectedMeasureID . "'"; 122 $result = DB_query($sql); 123 if ( DB_num_rows($result) == 0 ) { 124 // This is probably the safest way there is 125 prnMsg( _('Cannot delete this unit of measure because it no longer exist'),'warn'); 126 } else { 127 $myrow = DB_fetch_row($result); 128 $OldMeasureName = $myrow[0]; 129 $sql= "SELECT COUNT(*) FROM stockmaster WHERE units ".LIKE." '" . $OldMeasureName . "'"; 130 $result = DB_query($sql); 131 $myrow = DB_fetch_row($result); 132 if ($myrow[0]>0) { 133 prnMsg( _('Cannot delete this unit of measure because inventory items have been created using this unit of measure'),'warn'); 134 echo '<br />' . _('There are') . ' ' . $myrow[0] . ' ' . _('inventory items that refer to this unit of measure') . '</font>'; 135 } else { 136 $sql="DELETE FROM unitsofmeasure WHERE unitname ".LIKE."'" . $OldMeasureName . "'"; 137 $result = DB_query($sql); 138 prnMsg( $OldMeasureName . ' ' . _('unit of measure has been deleted') . '!','success'); 139 } 140 } //end if account group used in GL accounts 141 unset ($SelectedMeasureID); 142 unset ($_GET['SelectedMeasureID']); 143 unset($_GET['delete']); 144 unset ($_POST['SelectedMeasureID']); 145 unset ($_POST['MeasureID']); 146 unset ($_POST['MeasureName']); 147} 148 149 if (!isset($SelectedMeasureID)) { 150 151/* An unit of measure could be posted when one has been edited and is being updated 152 or GOT when selected for modification 153 SelectedMeasureID will exist because it was sent with the page in a GET . 154 If its the first time the page has been displayed with no parameters 155 then none of the above are true and the list of account groups will be displayed with 156 links to delete or edit each. These will call the same page again and allow update/input 157 or deletion of the records*/ 158 159 $sql = "SELECT unitid, 160 unitname 161 FROM unitsofmeasure 162 ORDER BY unitid"; 163 164 $ErrMsg = _('Could not get unit of measures because'); 165 $result = DB_query($sql,$ErrMsg); 166 167 echo '<table class="selection"> 168 <thead> 169 <tr> 170 <th class="ascending">' . _('Units of Measure') . '</th> 171 </tr> 172 </thead> 173 <tbody>'; 174 175 while ($myrow = DB_fetch_row($result)) { 176 177 echo '<tr class="striped_row"> 178 <td>' . $myrow[1] . '</td> 179 <td><a href="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '?SelectedMeasureID=' . $myrow[0] . '">' . _('Edit') . '</a></td> 180 <td><a href="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '?SelectedMeasureID=' . $myrow[0] . '&delete=1" onclick="return confirm(\'' . _('Are you sure you wish to delete this unit of measure?') . '\');">' . _('Delete') . '</a></td> 181 </tr>'; 182 183 } //END WHILE LIST LOOP 184 echo '</tbody></table><br />'; 185} //end of ifs and buts! 186 187 188if (isset($SelectedMeasureID)) { 189 echo '<div class="centre"> 190 <a href="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '">' . _('Review Units of Measure') . '</a> 191 </div>'; 192} 193 194echo '<br />'; 195 196if (! isset($_GET['delete'])) { 197 198 echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '">'; 199 echo '<div>'; 200 echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />'; 201 202 if (isset($SelectedMeasureID)) { 203 //editing an existing section 204 205 $sql = "SELECT unitid, 206 unitname 207 FROM unitsofmeasure 208 WHERE unitid='" . $SelectedMeasureID . "'"; 209 210 $result = DB_query($sql); 211 if ( DB_num_rows($result) == 0 ) { 212 prnMsg( _('Could not retrieve the requested unit of measure, please try again.'),'warn'); 213 unset($SelectedMeasureID); 214 } else { 215 $myrow = DB_fetch_array($result); 216 217 $_POST['MeasureID'] = $myrow['unitid']; 218 $_POST['MeasureName'] = $myrow['unitname']; 219 220 echo '<input type="hidden" name="SelectedMeasureID" value="' . $_POST['MeasureID'] . '" />'; 221 echo '<table class="selection">'; 222 } 223 224 } else { 225 $_POST['MeasureName']=''; 226 echo '<table>'; 227 } 228 echo '<tr> 229 <td>' . _('Unit of Measure') . ':' . '</td> 230 <td><input required="required" pattern="(?!^ *$)[^+<>-]{1,}" type="text" name="MeasureName" title="'._('Cannot be blank or contains illegal characters').'" placeholder="'._('More than one character').'" size="30" maxlength="30" value="' . $_POST['MeasureName'] . '" /></td> 231 </tr>'; 232 echo '</table>'; 233 234 echo '<div class="centre"> 235 <input type="submit" name="Submit" value="' . _('Enter Information') . '" /> 236 </div>'; 237 238 echo '</div> 239 </form>'; 240 241} //end if record deleted no point displaying form to add record 242 243include('includes/footer.php'); 244?> 245