[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SF.net SVN: ledger-smb: [456] trunk
- Subject: SF.net SVN: ledger-smb: [456] trunk
- From: ..hidden..
- Date: Wed, 01 Nov 2006 16:21:30 -0800
Revision: 456
http://svn.sourceforge.net/ledger-smb/?rev=456&view=rev
Author: einhverfr
Date: 2006-11-01 16:21:22 -0800 (Wed, 01 Nov 2006)
Log Message:
-----------
PE.pm now safe
Modified Paths:
--------------
trunk/Changelog
trunk/LedgerSMB/IC.pm
trunk/LedgerSMB/PE.pm
Modified: trunk/Changelog
===================================================================
--- trunk/Changelog 2006-11-01 23:43:38 UTC (rev 455)
+++ trunk/Changelog 2006-11-02 00:21:22 UTC (rev 456)
@@ -16,7 +16,7 @@
* Audited IS.pm, GL.pm, IR.pm for SQL injection and moved to new API. (Chris T)
* Audited User.pm for SQL injection. (Chris T)
* Audited HR.pm, removed old, stale payroll code, moved to new API (Chris T)
-* Audited OP.pm, JC.pm IC.pm and moved to new API (Chris T)
+* Audited OP.pm, PE,pm, JC.pm IC.pm and moved to new API (Chris T)
Localization:
* Moved localization files to standard codes (Seneca)
Modified: trunk/LedgerSMB/IC.pm
===================================================================
--- trunk/LedgerSMB/IC.pm 2006-11-01 23:43:38 UTC (rev 455)
+++ trunk/LedgerSMB/IC.pm 2006-11-02 00:21:22 UTC (rev 456)
@@ -770,7 +770,7 @@
my ($self, $myconfig, $form) = @_;
# connect to database
- my $dbh = $form->dbconnect_noauto($myconfig);
+ my $dbh = $form->{dbh};
for my $i (1 .. $form->{rowcount}) {
$form->{"qty_$i"} = $form->parse_amount(
Modified: trunk/LedgerSMB/PE.pm
===================================================================
--- trunk/LedgerSMB/PE.pm 2006-11-01 23:43:38 UTC (rev 455)
+++ trunk/LedgerSMB/PE.pm 2006-11-02 00:21:22 UTC (rev 456)
@@ -23,7 +23,7 @@
#
#======================================================================
#
-# This file has NOT undergone whitespace cleanup.
+# This file has undergone whitespace cleanup.
#
#======================================================================
#
@@ -36,54 +36,59 @@
sub projects {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect($myconfig);
+ my $dbh = $form->{dbh};
- $form->{sort} = "projectnumber" unless $form->{sort};
- my @a = ($form->{sort});
- my %ordinal = ( projectnumber => 2,
+ $form->{sort} = "projectnumber" unless $form->{sort};
+ my @a = ($form->{sort});
+ my %ordinal = ( projectnumber => 2,
description => 3,
startdate => 4,
enddate => 5,
);
- my $sortorder = $form->sort_order(..hidden.., \%ordinal);
+ my $sortorder = $form->sort_order(..hidden.., \%ordinal);
- my $query;
- my $where = "WHERE 1=1";
+ my $query;
+ my $where = "WHERE 1=1";
- $query = qq|SELECT pr.*, c.name
- FROM project pr
- LEFT JOIN customer c ON (c.id = pr.customer_id)|;
+ $query = qq|
+ SELECT pr.*, c.name
+ FROM project pr
+ LEFT JOIN customer c ON (c.id = pr.customer_id)|;
- if ($form->{type} eq 'job') {
- $where .= qq| AND pr.id NOT IN (SELECT DISTINCT id
+ if ($form->{type} eq 'job') {
+ $where .= qq| AND pr.id NOT IN (SELECT DISTINCT id
FROM parts
WHERE project_id > 0)|;
- }
+ }
- my $var;
- if ($form->{projectnumber} ne "") {
- $var = $form->like(lc $form->{projectnumber});
- $where .= " AND lower(pr.projectnumber) LIKE '$var'";
- }
- if ($form->{description} ne "") {
- $var = $form->like(lc $form->{description});
- $where .= " AND lower(pr.description) LIKE '$var'";
- }
+ my $var;
+ if ($form->{projectnumber} ne "") {
+ $var = $dbh->quote($form->like(lc $form->{projectnumber}));
+ $where .= " AND lower(pr.projectnumber) LIKE $var";
+ }
+ if ($form->{description} ne "") {
+ $var = $dbh->quote($form->like(lc $form->{description}));
+ $where .= " AND lower(pr.description) LIKE $var";
+ }
- ($form->{startdatefrom}, $form->{startdateto}) = $form->from_to($form->{year}, $form->{month}, $form->{interval}) if $form->{year} && $form->{month};
+ ($form->{startdatefrom}, $form->{startdateto})
+ = $form->from_to(
+ $form->{year}, $form->{month}, $form->{interval})
+ if $form->{year} && $form->{month};
- if ($form->{startdatefrom}) {
- $where .= " AND (pr.startdate IS NULL OR pr.startdate >= '$form->{startdatefrom}')";
- }
- if ($form->{startdateto}) {
- $where .= " AND (pr.startdate IS NULL OR pr.startdate <= '$form->{startdateto}')";
- }
+ if ($form->{startdatefrom}) {
+ $where .= " AND (pr.startdate IS NULL OR pr.startdate >= ".
+ $dbh->quote($form->{startdatefrom}).")";
+ }
+ if ($form->{startdateto}) {
+ $where .= " AND (pr.startdate IS NULL OR pr.startdate <= ".
+ $dbh->quote($form->{startdateto}).")";
+ }
- if ($form->{status} eq 'orphaned') {
- $where .= qq| AND pr.id NOT IN (SELECT DISTINCT project_id
+ if ($form->{status} eq 'orphaned') {
+ $where .= qq| AND pr.id NOT IN (SELECT DISTINCT project_id
FROM acc_trans
WHERE project_id > 0
UNION
@@ -100,29 +105,31 @@
WHERE project_id > 0)
|;
- }
- if ($form->{status} eq 'active') {
- $where .= qq| AND (pr.enddate IS NULL OR pr.enddate >= current_date)|;
- }
- if ($form->{status} eq 'inactive') {
- $where .= qq| AND pr.enddate <= current_date|;
- }
+ }
+ if ($form->{status} eq 'active') {
+ $where .= qq|
+ AND (pr.enddate IS NULL
+ OR pr.enddate >= current_date)|;
+ }
+ if ($form->{status} eq 'inactive') {
+ $where .= qq| AND pr.enddate <= current_date|;
+ }
- $query .= qq|
+ $query .= qq|
$where
ORDER BY $sortorder|;
- $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ $sth = $dbh->prepare($query);
+ $sth->execute || $form->dberror($query);
- my $i = 0;
- while (my $ref = $sth->fetchrow_hashref(NAME_lc)) {
- push @{ $form->{all_project} }, $ref;
- $i++;
- }
+ my $i = 0;
+ while (my $ref = $sth->fetchrow_hashref(NAME_lc)) {
+ push @{ $form->{all_project} }, $ref;
+ $i++;
+ }
$sth->finish;
- $dbh->disconnect;
+ $dbh->commit;
$i;
@@ -130,1243 +137,1294 @@
sub get_project {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect($myconfig);
+ my $dbh = $form->{dbh};
- my $query;
- my $sth;
- my $ref;
- my $where;
+ my $query;
+ my $sth;
+ my $ref;
+ my $where;
- if ($form->{id}) {
+ if ($form->{id}) {
- $where = "WHERE pr.id = $form->{id}" if $form->{id};
- $query = qq|SELECT pr.*,
- c.name AS customer
- FROM project pr
- LEFT JOIN customer c ON (c.id = pr.customer_id)
- $where|;
- $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ $query = qq|
+ SELECT pr.*, c.name AS customer
+ FROM project pr
+ LEFT JOIN customer c ON (c.id = pr.customer_id)
+ WHERE pr.id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute($form->{id}) || $form->dberror($query);
- $ref = $sth->fetchrow_hashref(NAME_lc);
+ $ref = $sth->fetchrow_hashref(NAME_lc);
- for (keys %$ref) { $form->{$_} = $ref->{$_} }
+ for (keys %$ref) { $form->{$_} = $ref->{$_} }
- $sth->finish;
+ $sth->finish;
- # check if it is orphaned
- $query = qq|SELECT count(*)
- FROM acc_trans
- WHERE project_id = $form->{id}
- UNION
- SELECT count(*)
- FROM invoice
- WHERE project_id = $form->{id}
- UNION
- SELECT count(*)
- FROM orderitems
- WHERE project_id = $form->{id}
- UNION
- SELECT count(*)
- FROM jcitems
- WHERE project_id = $form->{id}
- |;
- $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ # check if it is orphaned
+ $query = qq|
+ SELECT count(*)
+ FROM acc_trans
+ WHERE project_id = ?
+ UNION
+ SELECT count(*)
+ FROM invoice
+ WHERE project_id = ?
+ UNION
+ SELECT count(*)
+ FROM orderitems
+ WHERE project_id = ?
+ UNION
+ SELECT count(*)
+ FROM jcitems
+ WHERE project_id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute(
+ $form->{id}, $form->{id}, $form->{id}, $form->{id}
+ )|| $form->dberror($query);
- my $count;
- while (($count) = $sth->fetchrow_array) {
- $form->{orphaned} += $count;
- }
- $sth->finish;
- $form->{orphaned} = !$form->{orphaned};
- }
+ my $count;
+ while (($count) = $sth->fetchrow_array) {
+ $form->{orphaned} += $count;
+ }
+ $sth->finish;
+ $form->{orphaned} = !$form->{orphaned};
+ }
- PE->get_customer($myconfig, $form, $dbh);
+ PE->get_customer($myconfig, $form, $dbh);
- $form->run_custom_queries('project', 'SELECT');
+ $form->run_custom_queries('project', 'SELECT');
- $dbh->disconnect;
+ $dbh->commit;
}
sub save_project {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect($myconfig);
+ my $dbh = $form->{dbh};
- $form->{customer_id} ||= 'NULL';
+ $form->{customer_id} ||= 'NULL';
- $form->{projectnumber} = $form->update_defaults($myconfig, "projectnumber", $dbh) unless $form->{projectnumber};
+ $form->{projectnumber}
+ = $form->update_defaults($myconfig, "projectnumber", $dbh)
+ unless $form->{projectnumber};
- if ($form->{id}) {
+ if ($form->{id}) {
- $query = qq|UPDATE project SET
- projectnumber = |.$dbh->quote($form->{projectnumber}).qq|,
- description = |.$dbh->quote($form->{description}).qq|,
- startdate = |.$form->dbquote($form->{startdate}, SQL_DATE).qq|,
- enddate = |.$form->dbquote($form->{enddate}, SQL_DATE).qq|,
- customer_id = $form->{customer_id}
- WHERE id = $form->{id}|;
- } else {
+ $query = qq|
+ UPDATE project
+ SET projectnumber = ?,
+ description = ?,
+ startdate = ?,
+ enddate = ?,
+ customer_id = ?
+ WHERE id = |.$dbh->quote($form->{id});
+ } else {
- $query = qq|INSERT INTO project
- (projectnumber, description, startdate, enddate, customer_id)
- VALUES (|
- .$dbh->quote($form->{projectnumber}).qq|, |
- .$dbh->quote($form->{description}).qq|, |
- .$form->dbquote($form->{startdate}, SQL_DATE).qq|, |
- .$form->dbquote($form->{enddate}, SQL_DATE).qq|,
- $form->{customer_id}
- )|;
- }
- $dbh->do($query) || $form->dberror($query);
- $form->run_custom_queries('project', 'UPDATE');
+ $query = qq|
+ INSERT INTO project (projectnumber, description,
+ startdate, enddate, customer_id)
+ VALUES (?, ?, ?, ?, ?)|;
+ }
+ $sth = $dbh->prepare($query);
+ $sth->execute(
+ $form->{projectnumber}, $form->{description},
+ $form->{startdate}, $form->{enddate}, $form->{customer_id}
+ ) || $form->dberror($query);
+ $form->run_custom_queries('project', 'UPDATE');
- $dbh->disconnect;
+ $dbh->commit;
}
sub list_stock {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect($myconfig);
+ my $dbh = $form->{dbh};
- my $var;
- my $where = "1 = 1";
+ my $var;
+ my $where = "1 = 1";
- if ($form->{status} eq 'active') {
- $where = qq|(pr.enddate IS NULL
- OR pr.enddate >= current_date)
- AND pr.completed < pr.production|;
- }
- if ($form->{status} eq 'inactive') {
- $where = qq|pr.completed = pr.production|;
- }
+ if ($form->{status} eq 'active') {
+ $where = qq|
+ (pr.enddate IS NULL OR pr.enddate >= current_date)
+ AND pr.completed < pr.production|;
+ }
+ if ($form->{status} eq 'inactive') {
+ $where = qq|pr.completed = pr.production|;
+ }
- if ($form->{projectnumber}) {
- $var = $form->like(lc $form->{projectnumber});
- $where .= " AND lower(pr.projectnumber) LIKE '$var'";
- }
+ if ($form->{projectnumber}) {
+ $var = $dbh->quote($form->like(lc $form->{projectnumber}));
+ $where .= " AND lower(pr.projectnumber) LIKE $var";
+ }
- if ($form->{description}) {
- $var = $form->like(lc $form->{description});
- $where .= " AND lower(pr.description) LIKE '$var'";
- }
+ if ($form->{description}) {
+ $var = $dbh->quote($form->like(lc $form->{description}));
+ $where .= " AND lower(pr.description) LIKE $var";
+ }
- $form->{sort} = "projectnumber" unless $form->{sort};
- my @a = ($form->{sort});
- my %ordinal = ( projectnumber => 2,
- description => 3
- );
- my $sortorder = $form->sort_order(..hidden.., \%ordinal);
+ $form->{sort} = "projectnumber" unless $form->{sort};
+ my @a = ($form->{sort});
+ my %ordinal = ( projectnumber => 2, description => 3 );
+ my $sortorder = $form->sort_order(..hidden.., \%ordinal);
- my $query = qq|SELECT pr.*, p.partnumber
- FROM project pr
- JOIN parts p ON (p.id = pr.parts_id)
- WHERE $where
- ORDER BY $sortorder|;
+ my $query = qq|
+ SELECT pr.*, p.partnumber
+ FROM project pr
+ JOIN parts p ON (p.id = pr.parts_id)
+ WHERE $where
+ ORDER BY $sortorder|;
- $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ $sth = $dbh->prepare($query);
+ $sth->execute || $form->dberror($query);
- while (my $ref = $sth->fetchrow_hashref(NAME_lc)) {
- push @{ $form->{all_project} }, $ref;
- }
- $sth->finish;
+ while (my $ref = $sth->fetchrow_hashref(NAME_lc)) {
+ push @{ $form->{all_project} }, $ref;
+ }
+ $sth->finish;
- $query = qq|SELECT current_date|;
- ($form->{stockingdate}) = $dbh->selectrow_array($query) if !$form->{stockingdate};
+ $query = qq|SELECT current_date|;
+ ($form->{stockingdate}) = $dbh->selectrow_array($query)
+ if !$form->{stockingdate};
- $dbh->disconnect;
+ $dbh->commit;
}
sub jobs {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect($myconfig);
+ my $dbh = $form->{dbh};
- $form->{sort} = "projectnumber" unless $form->{sort};
- my @a = ($form->{sort});
- my %ordinal = ( projectnumber => 2,
- description => 3,
- startdate => 4,
- );
- my $sortorder = $form->sort_order(..hidden.., \%ordinal);
+ $form->{sort} = "projectnumber" unless $form->{sort};
+ my @a = ($form->{sort});
+ my %ordinal = (projectnumber => 2, description => 3, startdate => 4);
+ my $sortorder = $form->sort_order(..hidden.., \%ordinal);
- my $query = qq|SELECT pr.*, p.partnumber, p.onhand, c.name
- FROM project pr
- JOIN parts p ON (p.id = pr.parts_id)
- LEFT JOIN customer c ON (c.id = pr.customer_id)
- WHERE 1=1|;
+ my $query = qq|
+ SELECT pr.*, p.partnumber, p.onhand, c.name
+ FROM project pr
+ JOIN parts p ON (p.id = pr.parts_id)
+ LEFT JOIN customer c ON (c.id = pr.customer_id)
+ WHERE 1=1|;
- if ($form->{projectnumber} ne "") {
- $var = $form->like(lc $form->{projectnumber});
- $query .= " AND lower(pr.projectnumber) LIKE '$var'";
- }
- if ($form->{description} ne "") {
- $var = $form->like(lc $form->{description});
- $query .= " AND lower(pr.description) LIKE '$var'";
- }
+ if ($form->{projectnumber} ne "") {
+ $var = $dbh->quote($form->like(lc $form->{projectnumber}));
+ $query .= " AND lower(pr.projectnumber) LIKE $var";
+ }
+ if ($form->{description} ne "") {
+ $var = $dbh->quote($form->like(lc $form->{description}));
+ $query .= " AND lower(pr.description) LIKE $var";
+ }
- ($form->{startdatefrom}, $form->{startdateto}) = $form->from_to($form->{year}, $form->{month}, $form->{interval}) if $form->{year} && $form->{month};
+ ($form->{startdatefrom}, $form->{startdateto})
+ = $form->from_to($form->{year}, $form->{month},
+ $form->{interval})
+ if $form->{year} && $form->{month};
- if ($form->{startdatefrom}) {
- $query .= " AND pr.startdate >= '$form->{startdatefrom}'";
- }
- if ($form->{startdateto}) {
- $query .= " AND pr.startdate <= '$form->{startdateto}'";
- }
+ if ($form->{startdatefrom}) {
+ $query .= " AND pr.startdate >= ".
+ $dbh->quote($form->{startdatefrom});
+ }
+ if ($form->{startdateto}) {
+ $query .= " AND pr.startdate <= ".
+ $dbh->quote($form->{startdateto});
+ }
- if ($form->{status} eq 'active') {
- $query .= qq| AND NOT pr.production = pr.completed|;
- }
- if ($form->{status} eq 'inactive') {
- $query .= qq| AND pr.production = pr.completed|;
- }
- if ($form->{status} eq 'orphaned') {
- $query .= qq| AND pr.completed = 0
- AND (pr.id NOT IN SELECT DISTINCT project_id
- FROM invoice
- WHERE project_id > 0)
- UNION
- SELECT DISTINCT project_id
- FROM orderitems
- WHERE project_id > 0
- SELECT DISTINCT project_id
- FROM jcitems
- WHERE project_id > 0
- )|;
- }
+ if ($form->{status} eq 'active') {
+ $query .= qq| AND NOT pr.production = pr.completed|;
+ }
+ if ($form->{status} eq 'inactive') {
+ $query .= qq| AND pr.production = pr.completed|;
+ }
+ if ($form->{status} eq 'orphaned') {
+ $query .= qq|
+ AND pr.completed = 0
+ AND (pr.id NOT IN
+ (SELECT DISTINCT project_id
+ FROM invoice
+ WHERE project_id > 0
+ UNION
+ SELECT DISTINCT project_id
+ FROM orderitems
+ WHERE project_id > 0
+ UNION
+ SELECT DISTINCT project_id
+ FROM jcitems
+ WHERE project_id > 0)
+ )|;
+ }
- $query .= qq|
- ORDER BY $sortorder|;
+ $query .= qq|
+ ORDER BY $sortorder|;
- $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ $sth = $dbh->prepare($query);
+ $sth->execute || $form->dberror($query);
- while (my $ref = $sth->fetchrow_hashref(NAME_lc)) {
- push @{ $form->{all_project} }, $ref;
- }
+ while (my $ref = $sth->fetchrow_hashref(NAME_lc)) {
+ push @{ $form->{all_project} }, $ref;
+ }
- $sth->finish;
+ $sth->finish;
- $dbh->disconnect;
+ $dbh->commit;
}
sub get_job {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect($myconfig);
+ # connect to database
+ my $dbh = $form->{dbh};
- my $query;
- my $sth;
- my $ref;
+ my $query;
+ my $sth;
+ my $ref;
- if ($form->{id}) {
- $query = qq|SELECT value FROM defaults WHERE setting_key = 'weightunit'|;
- ($form->{weightunit}) = $dbh->selectrow_array($query);
+ if ($form->{id}) {
+ $query = qq|
+ SELECT value FROM defaults
+ WHERE setting_key = 'weightunit'|;
+ ($form->{weightunit}) = $dbh->selectrow_array($query);
- $query = qq|SELECT pr.*,
- p.partnumber, p.description AS partdescription, p.unit, p.listprice,
- p.sellprice, p.priceupdate, p.weight, p.notes, p.bin,
- p.partsgroup_id,
- ch.accno AS income_accno, ch.description AS income_description,
- pr.customer_id, c.name AS customer,
- pg.partsgroup
- FROM project pr
- LEFT JOIN parts p ON (p.id = pr.parts_id)
- LEFT JOIN chart ch ON (ch.id = p.income_accno_id)
- LEFT JOIN customer c ON (c.id = pr.customer_id)
- LEFT JOIN partsgroup pg ON (pg.id = p.partsgroup_id)
- WHERE pr.id = $form->{id}|;
- } else {
- $query = qq|
- SELECT value, current_date AS startdate FROM defaults
- WHERE setting_key = 'weightunit'|;
- }
+ $query = qq|
+ SELECT pr.*, p.partnumber,
+ p.description AS partdescription, p.unit,
+ p.listprice, p.sellprice, p.priceupdate,
+ p.weight, p.notes, p.bin, p.partsgroup_id,
+ ch.accno AS income_accno,
+ ch.description AS income_description,
+ pr.customer_id, c.name AS customer,
+ pg.partsgroup
+ FROM project pr
+ LEFT JOIN parts p ON (p.id = pr.parts_id)
+ LEFT JOIN chart ch ON (ch.id = p.income_accno_id)
+ LEFT JOIN customer c ON (c.id = pr.customer_id)
+ LEFT JOIN partsgroup pg ON (pg.id = p.partsgroup_id)
+ WHERE pr.id = |.$dbh->quote($form->{id});
+ } else {
+ $query = qq|
+ SELECT value, current_date AS startdate FROM defaults
+ WHERE setting_key = 'weightunit'|;
+ }
- $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ $sth = $dbh->prepare($query);
+ $sth->execute || $form->dberror($query);
- $ref = $sth->fetchrow_hashref(NAME_lc);
+ $ref = $sth->fetchrow_hashref(NAME_lc);
- for (keys %$ref) { $form->{$_} = $ref->{$_} }
+ for (keys %$ref) { $form->{$_} = $ref->{$_} }
- $sth->finish;
+ $sth->finish;
- if ($form->{id}) {
- # check if it is orphaned
- $query = qq|SELECT count(*)
- FROM invoice
- WHERE project_id = $form->{id}
- UNION
- SELECT count(*)
- FROM orderitems
- WHERE project_id = $form->{id}
- UNION
- SELECT count(*)
- FROM jcitems
- WHERE project_id = $form->{id}
- |;
+ if ($form->{id}) {
+ # check if it is orphaned
+ $query = qq|
+ SELECT count(*)
+ FROM invoice
+ WHERE project_id = ?
+ UNION
+ SELECT count(*)
+ FROM orderitems
+ WHERE project_id = ?
+ UNION
+ SELECT count(*)
+ FROM jcitems
+ WHERE project_id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute(
+ $form->{id}, $form->{id}, $form->{id}
+ )|| $form->dberror($query);
- $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ my $count;
- my $count;
- while (($count) = $sth->fetchrow_array) {
- $form->{orphaned} += $count;
- }
- $sth->finish;
+ my $count;
+ while (($count) = $sth->fetchrow_array) {
+ $form->{orphaned} += $count;
+ }
+ $sth->finish;
- }
+ }
- $form->{orphaned} = !$form->{orphaned};
+ $form->{orphaned} = !$form->{orphaned};
- $query = qq|SELECT accno, description, link
- FROM chart
- WHERE link LIKE '%IC%'
- ORDER BY accno|;
- $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ $query = qq|
+ SELECT accno, description, link
+ FROM chart
+ WHERE link LIKE ?
+ ORDER BY accno|;
+ $sth = $dbh->prepare($query);
+ $sth->execute('%IC%') || $form->dberror($query);
- while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
- for (split /:/, $ref->{link}) {
- if (/IC/) {
- push @{ $form->{IC_links}{$_} }, { accno => $ref->{accno},
- description => $ref->{description} };
- }
- }
- }
- $sth->finish;
+ while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
+ for (split /:/, $ref->{link}) {
+ if (/IC/) {
+ push @{ $form->{IC_links}{$_} },
+ { accno => $ref->{accno},
+ description => $ref->{description} };
+ }
+ }
+ }
+ $sth->finish;
- if ($form->{id}) {
- $query = qq|SELECT ch.accno
- FROM parts p
- JOIN partstax pt ON (pt.parts_id = p.id)
- JOIN chart ch ON (pt.chart_id = ch.id)
- WHERE p.id = $form->{id}|;
+ if ($form->{id}) {
+ $query = qq|
+ SELECT ch.accno
+ FROM parts p
+ JOIN partstax pt ON (pt.parts_id = p.id)
+ JOIN chart ch ON (pt.chart_id = ch.id)
+ WHERE p.id = ?|;
- $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ $sth = $dbh->prepare($query);
+ $sth->execute($form->{id}) || $form->dberror($query);
- while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
- $form->{amount}{$ref->{accno}} = $ref->{accno};
- }
- $sth->finish;
- }
+ while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
+ $form->{amount}{$ref->{accno}} = $ref->{accno};
+ }
+ $sth->finish;
+ }
- PE->get_customer($myconfig, $form, $dbh);
+ PE->get_customer($myconfig, $form, $dbh);
- $dbh->disconnect;
+ $dbh->commit;
}
sub get_customer {
- my ($self, $myconfig, $form, $dbh) = @_;
+ my ($self, $myconfig, $form, $dbh) = @_;
- my $disconnect = 0;
+ if (! $dbh) {
+ $dbh = $form->{dbh};
+ }
- if (! $dbh) {
- $dbh = $form->dbconnect($myconfig);
- $disconnect = 1;
- }
+ my $query;
+ my $sth;
+ my $ref;
- my $query;
- my $sth;
- my $ref;
-
- if (! $form->{startdate}) {
- $query = qq|SELECT current_date|;
- ($form->{startdate}) = $dbh->selectrow_array($query);
- }
+ if (! $form->{startdate}) {
+ $query = qq|SELECT current_date|;
+ ($form->{startdate}) = $dbh->selectrow_array($query);
+ }
- my $where = qq|(startdate >= '$form->{startdate}' OR startdate IS NULL OR enddate IS NULL)|;
+ my $where = qq|(startdate >= |.$dbh->quote($form->{startdate}).
+ qq| OR startdate IS NULL OR enddate IS NULL)|;
- if ($form->{enddate}) {
- $where .= qq| AND (enddate >= '$form->{enddate}' OR enddate IS NULL)|;
- } else {
- $where .= qq| AND (enddate >= current_date OR enddate IS NULL)|;
- }
+ if ($form->{enddate}) {
+ $where .= qq| AND (enddate >= |.$dbh->quote($form->{enddate}).
+ qq| OR enddate IS NULL)|;
+ } else {
+ $where .=
+ qq| AND (enddate >= current_date OR enddate IS NULL)|;
+ }
- $query = qq|SELECT count(*)
- FROM customer
- WHERE $where|;
- my ($count) = $dbh->selectrow_array($query);
+ $query = qq|
+ SELECT count(*)
+ FROM customer
+ WHERE $where|;
+ my ($count) = $dbh->selectrow_array($query);
- if ($count < $myconfig->{vclimit}) {
- $query = qq|SELECT id, name
- FROM customer
- WHERE $where|;
+ if ($count < $myconfig->{vclimit}) {
+ $query = qq|
+ SELECT id, name
+ FROM customer
+ WHERE $where|;
- if ($form->{customer_id}) {
- $query .= qq|
- UNION SELECT id,name
- FROM customer
- WHERE id = $form->{customer_id}|;
- }
+ if ($form->{customer_id}) {
+ $query .= qq|
+ UNION
+ SELECT id,name
+ FROM customer
+ WHERE id = |.
+ $dbh->quote($form->{customer_id});
+ }
- $query .= qq|
- ORDER BY name|;
- $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ $query .= qq|
+ ORDER BY name|;
+ $sth = $dbh->prepare($query);
+ $sth->execute || $form->dberror($query);
- @{ $form->{all_customer} } = ();
- while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
- push @{ $form->{all_customer} }, $ref;
- }
- $sth->finish;
- }
+ @{ $form->{all_customer} } = ();
+ while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
+ push @{ $form->{all_customer} }, $ref;
+ }
+ $sth->finish;
+ }
- $dbh->disconnect if $disconnect;
-
}
sub save_job {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
+
+ my $dbh = $form->{dbh};
- # connect to database
- my $dbh = $form->dbconnect_noauto($myconfig);
+ my ($income_accno) = split /--/, $form->{IC_income};
- my ($income_accno) = split /--/, $form->{IC_income};
+ my ($partsgroup, $partsgroup_id) = split /--/, $form->{partsgroup};
- my ($partsgroup, $partsgroup_id) = split /--/, $form->{partsgroup};
- $partsgroup_id ||= 'NULL';
-
- if ($form->{id}) {
- $query = qq|SELECT id FROM project
- WHERE id = $form->{id}|;
- ($form->{id}) = $dbh->selectrow_array($query);
- }
+ if ($form->{id}) {
+ $query = qq|
+ SELECT id FROM project
+ WHERE id = |.$dbh->quote($form->{id});
+ ($form->{id}) = $dbh->selectrow_array($query);
+ }
- if (!$form->{id}) {
- my $uid = localtime;
- $uid .= "$$";
+ if (!$form->{id}) {
+ my $uid = localtime;
+ $uid .= "$$";
- $query = qq|INSERT INTO project (projectnumber)
- VALUES ('$uid')|;
- $dbh->do($query) || $form->dberror($query);
+ $query = qq|
+ INSERT INTO project (projectnumber)
+ VALUES ('$uid')|;
+ $dbh->do($query) || $form->dberror($query);
- $query = qq|SELECT id FROM project
- WHERE projectnumber = '$uid'|;
- ($form->{id}) = $dbh->selectrow_array($query);
- }
+ $query = qq|
+ SELECT id FROM project
+ WHERE projectnumber = '$uid'|;
+ ($form->{id}) = $dbh->selectrow_array($query);
+ }
- $form->{projectnumber} = $form->update_defaults($myconfig, "projectnumber", $dbh) unless $form->{projectnumber};
+ $form->{projectnumber}
+ = $form->update_defaults($myconfig, "projectnumber", $dbh)
+ unless $form->{projectnumber};
- $query = qq|UPDATE project SET
- projectnumber = |.$dbh->quote($form->{projectnumber}).qq|,
- description = |.$dbh->quote($form->{description}).qq|,
- startdate = |.$form->dbquote($form->{startdate}, SQL_DATE).qq|,
- enddate = |.$form->dbquote($form->{enddate}, SQL_DATE).qq|,
- parts_id = $form->{id},
- production = |.$form->parse_amount($myconfig, $form->{production}).qq|,
- customer_id = $form->{customer_id}
- WHERE id = $form->{id}|;
- $dbh->do($query) || $form->dberror($query);
+ $query = qq|
+ UPDATE project
+ SET projectnumber = ?,
+ description = ?,
+ startdate = ?,
+ enddate = ?,
+ parts_id = ?
+ production = ?,
+ customer_id = ?
+ WHERE id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute(
+ $form->{projectnumber}, $form->{description},
+ $form->{startdate}, $form->{enddate}, $form->{id},
+ $form->{production}, $form->{customer_id}, $form->{id}
+ ) || $form->dberror($query);
- #### add/edit assembly
- $query = qq|SELECT id FROM parts
- WHERE id = $form->{id}|;
- my ($id) = $dbh->selectrow_array($query);
+ #### add/edit assembly
+ $query = qq|SELECT id FROM parts WHERE id = |.$dbh->quote($form->{id});
+ my ($id) = $dbh->selectrow_array($query);
- if (!$id) {
- $query = qq|INSERT INTO parts (id)
- VALUES ($form->{id})|;
- $dbh->do($query) || $form->dberror($query);
- }
+ if (!$id) {
+ $query = qq|
+ INSERT INTO parts (id)
+ VALUES (|.$dbh->quote($form->{id}).qq|)|;
+ $dbh->do($query) || $form->dberror($query);
+ }
- my $partnumber = ($form->{partnumber}) ? $form->{partnumber} : $form->{projectnumber};
+ my $partnumber =
+ ($form->{partnumber})
+ ? $form->{partnumber}
+ : $form->{projectnumber};
- $query = qq|UPDATE parts SET
- partnumber = |.$dbh->quote($partnumber).qq|,
- description = |.$dbh->quote($form->{partdescription}).qq|,
- priceupdate = |.$form->dbquote($form->{priceupdate}, SQL_DATE).qq|,
- listprice = |.$form->parse_amount($myconfig, $form->{listprice}).qq|,
- sellprice = |.$form->parse_amount($myconfig, $form->{sellprice}).qq|,
- weight = |.$form->parse_amount($myconfig, $form->{weight}).qq|,
- bin = '$form->{bin}',
- unit = |.$dbh->quote($form->{unit}).qq|,
- notes = |.$dbh->quote($form->{notes}).qq|,
- income_accno_id = (SELECT id FROM chart
- WHERE accno = '$income_accno'),
- partsgroup_id = $partsgroup_id,
- assembly = '1',
- obsolete = '1',
- project_id = $form->{id}
- WHERE id = $form->{id}|;
+ $query = qq|
+ UPDATE parts
+ SET partnumber = ?,
+ description = ?,
+ priceupdate = ?,
+ listprice = ?,
+ sellprice = ?,
+ weight = ?,
+ bin = ?,
+ unit = ?,
+ notes = ?,
+ income_accno_id = (SELECT id FROM chart
+ WHERE accno = ?),
+ partsgroup_id = ?,
+ assembly = '1',
+ obsolete = '1',
+ project_id = ?
+ WHERE id = ?|;
- $dbh->do($query) || $form->dberror($query);
+ $sth = $dbh->prepare($query);
+ $sth->execute(
+ $partnumber, $form->{partdescription},
+ $form->{priceupdate},
+ $form->parse_amount($myconfig, $form->{listprice}),
+ $form->parse_amount($myconfig, $form->{sellprice}),
+ $form->parse_amount($myconfig, $form->{weight}),
+ $form->{bin}, $form->{unit}, $form->{notes},
+ $income_accno,
+ ($partsgroup_id) ? $partsgroup_id : undef,
+ $form->{id}, $form->{id}
+ ) || $form->dberror($query);
- $query = qq|DELETE FROM partstax
- WHERE parts_id = $form->{id}|;
- $dbh->do($query) || $form->dberror($query);
+ $query = qq|DELETE FROM partstax WHERE parts_id = |.
+ $dbh->qupte($form->{id});
+ $dbh->do($query) || $form->dberror($query);
- for (split / /, $form->{taxaccounts}) {
- if ($form->{"IC_tax_$_"}) {
- $query = qq|INSERT INTO partstax (parts_id, chart_id)
- VALUES ($form->{id},
- (SELECT id
- FROM chart
- WHERE accno = '$_'))|;
- $dbh->do($query) || $form->dberror($query);
- }
- }
+ $query = qq|
+ INSERT INTO partstax (parts_id, chart_id)
+ VALUES (?, (SELECT id FROM chart WHERE accno = ?))|;
+ $sth = $dbh->prepare($query);
+ for (split / /, $form->{taxaccounts}) {
+ if ($form->{"IC_tax_$_"}) {
+ $sth->execute($form->{id}, $_)
+ || $form->dberror($query);
+ }
+ }
- $dbh->commit;
- $dbh->disconnect;
+ $dbh->commit;
}
sub stock_assembly {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect_noauto($myconfig);
+ my $dbh = $form->{dbh};
- my $ref;
+ my $ref;
- my $query = qq|SELECT *
- FROM project
- WHERE id = ?|;
- my $sth = $dbh->prepare($query) || $form->dberror($query);
+ my $query = qq|SELECT * FROM project WHERE id = ?|;
+ my $sth = $dbh->prepare($query) || $form->dberror($query);
- $query = qq|SELECT COUNT(*)
- FROM parts
- WHERE project_id = ?|;
- my $rvh = $dbh->prepare($query) || $form->dberror($query);
+ $query = qq|SELECT COUNT(*) FROM parts WHERE project_id = ?|;
+ my $rvh = $dbh->prepare($query) || $form->dberror($query);
- if (! $form->{stockingdate}) {
- $query = qq|SELECT current_date|;
- ($form->{stockingdate}) = $dbh->selectrow_array($query);
- }
+ if (! $form->{stockingdate}) {
+ $query = qq|SELECT current_date|;
+ ($form->{stockingdate}) = $dbh->selectrow_array($query);
+ }
- $query = qq|SELECT *
- FROM parts
- WHERE id = ?|;
- my $pth = $dbh->prepare($query) || $form->dberror($query);
+ $query = qq|SELECT * FROM parts WHERE id = ?|;
+ my $pth = $dbh->prepare($query) || $form->dberror($query);
- $query = qq|SELECT j.*, p.lastcost FROM jcitems j
- JOIN parts p ON (p.id = j.parts_id)
- WHERE j.project_id = ?
- AND j.checkedin <= '$form->{stockingdate}'
- ORDER BY parts_id|;
- my $jth = $dbh->prepare($query) || $form->dberror($query);
+ $query = qq|
+ SELECT j.*, p.lastcost FROM jcitems j
+ JOIN parts p ON (p.id = j.parts_id)
+ WHERE j.project_id = ?
+ AND j.checkedin <= |.
+ $dbh->quote($form->{stockingdate}).qq|
+ ORDER BY parts_id|;
+ my $jth = $dbh->prepare($query) || $form->dberror($query);
- $query = qq|INSERT INTO assembly (id, parts_id, qty, bom, adj)
- VALUES (?, ?, ?, '0', '0')|;
- my $ath = $dbh->prepare($query) || $form->dberror($query);
+ $query = qq|
+ INSERT INTO assembly (id, parts_id, qty, bom, adj)
+ VALUES (?, ?, ?, '0', '0')|;
+ my $ath = $dbh->prepare($query) || $form->dberror($query);
- my $i = 0;
- my $sold;
- my $ship;
+ my $i = 0;
+ my $sold;
+ my $ship;
- while (1) {
- $i++;
- last unless $form->{"id_$i"};
+ while (1) {
+ $i++;
+ last unless $form->{"id_$i"};
- $stock = $form->parse_amount($myconfig, $form->{"stock_$i"});
+ $stock = $form->parse_amount($myconfig, $form->{"stock_$i"});
- if ($stock) {
- $sth->execute($form->{"id_$i"});
- $ref = $sth->fetchrow_hashref(NAME_lc);
+ if ($stock) {
+ $sth->execute($form->{"id_$i"});
+ $ref = $sth->fetchrow_hashref(NAME_lc);
- if ($stock > ($ref->{production} - $ref->{completed})) {
- $stock = $ref->{production} - $ref->{completed};
- }
- if (($stock * -1) > $ref->{completed}) {
- $stock = $ref->{completed} * -1;
- }
+ if ($stock >($ref->{production} - $ref->{completed})) {
+ $stock = $ref->{production}
+ - $ref->{completed};
+ }
+ if (($stock * -1) > $ref->{completed}) {
+ $stock = $ref->{completed} * -1;
+ }
- $pth->execute($form->{"id_$i"});
- $pref = $pth->fetchrow_hashref(NAME_lc);
+ $pth->execute($form->{"id_$i"});
+ $pref = $pth->fetchrow_hashref(NAME_lc);
- my %assembly = ();
- my $lastcost = 0;
- my $sellprice = 0;
- my $listprice = 0;
+ my %assembly = ();
+ my $lastcost = 0;
+ my $sellprice = 0;
+ my $listprice = 0;
- $jth->execute($form->{"id_$i"});
- while ($jref = $jth->fetchrow_hashref(NAME_lc)) {
- $assembly{qty}{$jref->{parts_id}} += ($jref->{qty} - $jref->{allocated});
- $assembly{parts_id}{$jref->{parts_id}} = $jref->{parts_id};
- $assembly{jcitems}{$jref->{id}} = $jref->{id};
- $lastcost += $form->round_amount(($jref->{lastcost} * ($jref->{qty} - $jref->{allocated})), 2);
- $sellprice += $form->round_amount(($jref->{sellprice} * ($jref->{qty} - $jref->{allocated})), 2);
- $listprice += $form->round_amount(($jref->{listprice} * ($jref->{qty} - $jref->{allocated})), 2);
- }
- $jth->finish;
+ $jth->execute($form->{"id_$i"});
+ while ($jref = $jth->fetchrow_hashref(NAME_lc)) {
+ $assembly{qty}{$jref->{parts_id}}
+ += ($jref->{qty} - $jref->{allocated});
+ $assembly{parts_id}{$jref->{parts_id}}
+ = $jref->{parts_id};
+ $assembly{jcitems}{$jref->{id}} = $jref->{id};
+ $lastcost += $form->round_amount(
+ $jref->{lastcost} * ($jref->{qty}
+ - $jref->{allocated}),
+ 2);
+ $sellprice += $form->round_amount(
+ $jref->{sellprice} * ($jref->{qty}
+ - $jref->{allocated}),
+ 2);
+ $listprice += $form->round_amount(
+ $jref->{listprice} * ($jref->{qty}
+ - $jref->{allocated}),
+ 2);
+ }
+ $jth->finish;
- $uid = localtime;
- $uid .= "$$";
+ $uid = localtime;
+ $uid .= "$$";
- $query = qq|INSERT INTO parts (partnumber)
- VALUES ('$uid')|;
- $dbh->do($query) || $form->dberror($query);
+ $query = qq|
+ INSERT INTO parts (partnumber)
+ VALUES ('$uid')|;
+ $dbh->do($query) || $form->dberror($query);
- $query = qq|SELECT id
- FROM parts
- WHERE partnumber = '$uid'|;
- ($uid) = $dbh->selectrow_array($query);
+ $query = qq|
+ SELECT id
+ FROM parts
+ WHERE partnumber = '$uid'|;
+ ($uid) = $dbh->selectrow_array($query);
- $lastcost = $form->round_amount($lastcost / $stock, 2);
- $sellprice = ($pref->{sellprice}) ? $pref->{sellprice} : $form->round_amount($sellprice / $stock, 2);
- $listprice = ($pref->{listprice}) ? $pref->{listprice} : $form->round_amount($listprice / $stock, 2);
+ $lastcost = $form->round_amount($lastcost / $stock, 2);
+ $sellprice =
+ ($pref->{sellprice})
+ ? $pref->{sellprice}
+ : $form->round_amount($sellprice / $stock, 2);
+ $listprice =
+ ($pref->{listprice})
+ ? $pref->{listprice}
+ : $form->round_amount($listprice / $stock, 2);
- $rvh->execute($form->{"id_$i"});
- my ($rev) = $rvh->fetchrow_array;
- $rvh->finish;
+ $rvh->execute($form->{"id_$i"});
+ my ($rev) = $rvh->fetchrow_array;
+ $rvh->finish;
- $query = qq|UPDATE parts SET
- partnumber = '$pref->{partnumber}-$rev',
- description = '$pref->{partdescription}',
- priceupdate = '$form->{stockingdate}',
- unit = '$pref->{unit}',
- listprice = $listprice,
- sellprice = $sellprice,
- lastcost = $lastcost,
- weight = $pref->{weight},
- onhand = $stock,
- notes = '$pref->{notes}',
- assembly = '1',
- income_accno_id = $pref->{income_accno_id},
- bin = '$pref->{bin}',
- project_id = $form->{"id_$i"}
- WHERE id = $uid|;
- $dbh->do($query) || $form->dberror($query);
+ $query = qq|
+ UPDATE parts
+ SET partnumber = ?,
+ description = ?,
+ priceupdate = ?,
+ unit = ?,
+ listprice = ?,
+ sellprice = ?,
+ lastcost = ?,
+ weight = ?,
+ onhand = ?,
+ notes = ?,
+ assembly = '1',
+ income_accno_id = ?,
+ bin = ?,
+ project_id = ?
+ WHERE id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute(
+ "$pref->{partnumber}-$rev",
+ $pref->{partdescription},
+ $form->{stockingdate}, $pref->{unit},
+ $listprice, $sellprice, $lastcost,
+ $pref->{weight}, $stock, $pref->{notes},
+ $pref->{income_accno_id}, $pref->{bin},
+ $form->{"id_$i"}, $uid
+ )|| $form->dberror($query);
- $query = qq|INSERT INTO partstax (parts_id, chart_id)
- SELECT '$uid', chart_id FROM partstax
- WHERE parts_id = $pref->{id}|;
- $dbh->do($query) || $form->dberror($query);
+ $query = qq|
+ INSERT INTO partstax (parts_id, chart_id)
+ SELECT ?, chart_id FROM partstax
+ WHERE parts_id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute($uid, $pref->{id})
+ || $form->dberror($query);
- $pth->finish;
+ $pth->finish;
- for (keys %{$assembly{parts_id}}) {
- if ($assembly{qty}{$_}) {
- $ath->execute($uid, $assembly{parts_id}{$_}, $form->round_amount($assembly{qty}{$_} / $stock, 4));
- $ath->finish;
- }
- }
+ for (keys %{$assembly{parts_id}}) {
+ if ($assembly{qty}{$_}) {
+ $ath->execute(
+ $uid, $assembly{parts_id}{$_},
+ $form->round_amount(
+ $assembly{qty}{$_}
+ / $stock,
+ 4));
+ $ath->finish;
+ }
+ }
- $form->update_balance($dbh,
- "project",
- "completed",
- qq|id = $form->{"id_$i"}|,
- $stock);
+ $form->update_balance(
+ $dbh, "project", "completed",
+ qq|id = $form->{"id_$i"}|, $stock);
- $query = qq|UPDATE jcitems SET
- allocated = qty
- WHERE allocated != qty
- AND checkedin <= '$form->{stockingdate}'
- AND project_id = $form->{"id_$i"}|;
- $dbh->do($query) || $form->dberror($query);
+ $query = qq|
+ UPDATE jcitems
+ SET allocated = qty
+ WHERE allocated != qty
+ AND checkedin <= ?
+ AND project_id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute($form->{stockingdate}, $form->{"id_$i"})
+ || $form->dberror($query);
- $sth->finish;
+ $sth->finish;
- }
+ }
- }
+ }
- my $rc = $dbh->commit;
- $dbh->disconnect;
+ my $rc = $dbh->commit;
- $rc;
+ $rc;
}
sub delete_project {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect_noauto($myconfig);
+ my $dbh = $form->{dbh};
- $query = qq|DELETE FROM project
- WHERE id = $form->{id}|;
- $dbh->do($query) || $form->dberror($query);
+ $query = qq|DELETE FROM project WHERE id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute($form->{id}) || $form->dberror($query);
- $query = qq|DELETE FROM translation
+ $query = qq|DELETE FROM translation
WHERE trans_id = $form->{id}|;
- $dbh->do($query) || $form->dberror($query);
+ $sth = $dbh->prepare($query);
+ $sth->execute($form->{id}) || $form->dberror($query);
- my $rc = $dbh->commit;
- $dbh->disconnect;
+ my $rc = $dbh->commit;
- $rc;
+ $rc;
}
sub delete_partsgroup {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect_noauto($myconfig);
+ my $dbh = $form->{dbh};
- $query = qq|DELETE FROM partsgroup
- WHERE id = $form->{id}|;
- $dbh->do($query) || $form->dberror($query);
+ $query = qq|DELETE FROM partsgroup WHERE id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute($form->{id}) || $form->dberror($query);
- $query = qq|DELETE FROM translation
- WHERE trans_id = $form->{id}|;
- $dbh->do($query) || $form->dberror($query);
+ $query = qq|DELETE FROM translation WHERE trans_id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute($form->{id}) || $form->dberror($query);
- my $rc = $dbh->commit;
- $dbh->disconnect;
+ my $rc = $dbh->commit;
- $rc;
+ $rc;
}
sub delete_pricegroup {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect_noauto($myconfig);
+ my $dbh = $form->{dbh};
- $query = qq|DELETE FROM pricegroup
- WHERE id = $form->{id}|;
- $dbh->do($query) || $form->dberror($query);
+ $query = qq|DELETE FROM pricegroup WHERE id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute($form->{id}) || $form->dberror($query);
- my $rc = $dbh->commit;
- $dbh->disconnect;
+ my $rc = $dbh->commit;
- $rc;
+ $rc;
}
sub delete_job {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect_noauto($myconfig);
+ my $dbh = $form->{dbh};
- my %audittrail = ( tablename => 'project',
- reference => $form->{id},
- formname => $form->{type},
- action => 'deleted',
- id => $form->{id} );
+ my %audittrail = (
+ tablename => 'project',
+ reference => $form->{id},
+ formname => $form->{type},
+ action => 'deleted',
+ id => $form->{id} );
- $form->audittrail($dbh, "", \%audittrail);
+ $form->audittrail($dbh, "", \%audittrail);
- my $query = qq|DELETE FROM project
- WHERE id = $form->{id}|;
- $dbh->do($query) || $form->dberror($query);
+ my $query = qq|DELETE FROM project WHERE id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute($form->{id}) || $form->dberror($query);
- $query = qq|DELETE FROM translation
- WHERE trans_id = $form->{id}|;
- $dbh->do($query) || $form->dberror($query);
+ $query = qq|DELETE FROM translation WHERE trans_id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute($form->{id}) || $form->dberror($query);
- # delete all the assemblies
- $query = qq|DELETE FROM assembly a
- JOIN parts p ON (a.id = p.id)
- WHERE p.project_id = $form->{id}|;
- $dbh->do($query) || $form->dberror($query);
+ # delete all the assemblies
+ $query = qq|
+ DELETE FROM assembly a
+ JOIN parts p ON (a.id = p.id)
+ WHERE p.project_id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute($form->{id}) || $form->dberror($query);
- $query = qq|DELETE FROM parts
- WHERE project_id = $form->{id}|;
- $dbh->do($query) || $form->dberror($query);
+ $query = qq|DELETE FROM parts WHERE project_id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute($form->{id}) || $form->dberror($query);
- my $rc = $dbh->commit;
- $dbh->disconnect;
+ my $rc = $dbh->commit;
- $rc;
+ $rc;
}
sub partsgroups {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- my $var;
+ my $var;
- # connect to database
- my $dbh = $form->dbconnect($myconfig);
+ my $dbh = $form->dbconnect($myconfig);
- $form->{sort} = "partsgroup" unless $form->{partsgroup};
- my @a = (partsgroup);
- my $sortorder = $form->sort_order(..hidden..);
+ $form->{sort} = "partsgroup" unless $form->{partsgroup};
+ my @a = (partsgroup);
+ my $sortorder = $form->sort_order(..hidden..);
- my $query = qq|SELECT g.*
- FROM partsgroup g|;
+ my $query = qq|SELECT g.* FROM partsgroup g|;
- my $where = "1 = 1";
+ my $where = "1 = 1";
- if ($form->{partsgroup} ne "") {
- $var = $form->like(lc $form->{partsgroup});
- $where .= " AND lower(partsgroup) LIKE '$var'";
- }
- $query .= qq|
- WHERE $where
- ORDER BY $sortorder|;
+ if ($form->{partsgroup} ne "") {
+ $var = $dbh->quote($form->like(lc $form->{partsgroup}));
+ $where .= " AND lower(partsgroup) LIKE '$var'";
+ }
+ $query .= qq| WHERE $where ORDER BY $sortorder|;
- if ($form->{status} eq 'orphaned') {
- $query = qq|SELECT g.*
- FROM partsgroup g
- LEFT JOIN parts p ON (p.partsgroup_id = g.id)
- WHERE $where
- EXCEPT
- SELECT g.*
- FROM partsgroup g
- JOIN parts p ON (p.partsgroup_id = g.id)
- WHERE $where
- ORDER BY $sortorder|;
- }
+ if ($form->{status} eq 'orphaned') {
+ $query = qq|
+ SELECT g.*
+ FROM partsgroup g
+ LEFT JOIN parts p ON (p.partsgroup_id = g.id)
+ WHERE $where
+ EXCEPT
+ SELECT g.*
+ FROM partsgroup g
+ JOIN parts p ON (p.partsgroup_id = g.id)
+ WHERE $where
+ ORDER BY $sortorder|;
+ }
- $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ $sth = $dbh->prepare($query);
+ $sth->execute || $form->dberror($query);
- my $i = 0;
- while (my $ref = $sth->fetchrow_hashref(NAME_lc)) {
- push @{ $form->{item_list} }, $ref;
- $i++;
- }
+ my $i = 0;
+ while (my $ref = $sth->fetchrow_hashref(NAME_lc)) {
+ push @{ $form->{item_list} }, $ref;
+ $i++;
+ }
- $sth->finish;
- $dbh->disconnect;
+ $sth->finish;
- $i;
+ $i;
}
sub save_partsgroup {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect($myconfig);
+ my $dbh = $form->{dbh};
- if ($form->{id}) {
- $query = qq|UPDATE partsgroup SET
- partsgroup = |.$dbh->quote($form->{partsgroup}).qq|
- WHERE id = $form->{id}|;
- } else {
- $query = qq|INSERT INTO partsgroup
- (partsgroup)
- VALUES (|.$dbh->quote($form->{partsgroup}).qq|)|;
- }
- $dbh->do($query) || $form->dberror($query);
-
- $dbh->disconnect;
+ if ($form->{id}) {
+ $query = qq|
+ UPDATE partsgroup
+ SET partsgroup = |.
+ $dbh->quote($form->{partsgroup}).qq|
+ WHERE id = $form->{id}|;
+ } else {
+ $query = qq|
+ INSERT INTO partsgroup (partsgroup)
+ VALUES (|.$dbh->quote($form->{partsgroup}).qq|)|;
+ }
+ $dbh->do($query) || $form->dberror($query);
+ $dbh->commit;
+
}
sub get_partsgroup {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect($myconfig);
+ my $dbh = $form->dbconnect($myconfig);
- my $query = qq|SELECT *
- FROM partsgroup
- WHERE id = $form->{id}|;
- my $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ my $query = qq|SELECT * FROM partsgroup WHERE id = ?|;
+ my $sth = $dbh->prepare($query);
+ $sth->execute($form->{id}) || $form->dberror($query);
- my $ref = $sth->fetchrow_hashref(NAME_lc);
+ my $ref = $sth->fetchrow_hashref(NAME_lc);
- for (keys %$ref) { $form->{$_} = $ref->{$_} }
+ for (keys %$ref) { $form->{$_} = $ref->{$_} }
- $sth->finish;
+ $sth->finish;
- # check if it is orphaned
- $query = qq|SELECT count(*)
- FROM parts
- WHERE partsgroup_id = $form->{id}|;
- $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ # check if it is orphaned
+ $query = qq|SELECT count(*) FROM parts WHERE partsgroup_id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute($form->{id}) || $form->dberror($query);
- ($form->{orphaned}) = $sth->fetchrow_array;
- $form->{orphaned} = !$form->{orphaned};
+ ($form->{orphaned}) = $sth->fetchrow_array;
+ $form->{orphaned} = !$form->{orphaned};
- $sth->finish;
+ $sth->finish;
- $dbh->disconnect;
+ $dbh->commit;
}
sub pricegroups {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- my $var;
+ my $var;
- # connect to database
- my $dbh = $form->dbconnect($myconfig);
+ my $dbh = $form->{dbh};
- $form->{sort} = "pricegroup" unless $form->{sort};
- my @a = (pricegroup);
- my $sortorder = $form->sort_order(..hidden..);
+ $form->{sort} = "pricegroup" unless $form->{sort};
+ my @a = (pricegroup);
+ my $sortorder = $form->sort_order(..hidden..);
- my $query = qq|SELECT g.*
- FROM pricegroup g|;
+ my $query = qq|SELECT g.* FROM pricegroup g|;
- my $where = "1 = 1";
+ my $where = "1 = 1";
- if ($form->{pricegroup} ne "") {
- $var = $form->like(lc $form->{pricegroup});
- $where .= " AND lower(pricegroup) LIKE '$var'";
- }
- $query .= qq|
- WHERE $where
- ORDER BY $sortorder|;
+ if ($form->{pricegroup} ne "") {
+ $var = $dbh->quote($form->like(lc $form->{pricegroup}));
+ $where .= " AND lower(pricegroup) LIKE $var";
+ }
+ $query .= qq|
+ WHERE $where ORDER BY $sortorder|;
- if ($form->{status} eq 'orphaned') {
- $query = qq|SELECT g.*
- FROM pricegroup g
- WHERE $where
- AND g.id NOT IN (SELECT DISTINCT pricegroup_id
- FROM partscustomer
- WHERE pricegroup_id > 0)
+ if ($form->{status} eq 'orphaned') {
+ $query = qq|
+ SELECT g.*
+ FROM pricegroup g
+ WHERE $where
+ AND g.id NOT IN (SELECT DISTINCT pricegroup_id
+ FROM partscustomer
+ WHERE pricegroup_id > 0)
ORDER BY $sortorder|;
- }
+ }
- $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ $sth = $dbh->prepare($query);
+ $sth->execute || $form->dberror($query);
- my $i = 0;
- while (my $ref = $sth->fetchrow_hashref(NAME_lc)) {
- push @{ $form->{item_list} }, $ref;
- $i++;
- }
+ my $i = 0;
+ while (my $ref = $sth->fetchrow_hashref(NAME_lc)) {
+ push @{ $form->{item_list} }, $ref;
+ $i++;
+ }
- $sth->finish;
- $dbh->disconnect;
+ $sth->finish;
+ $dbh->commit;
- $i;
+ $i;
}
sub save_pricegroup {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect($myconfig);
+ my $dbh = $form->{dbh};
- if ($form->{id}) {
- $query = qq|UPDATE pricegroup SET
- pricegroup = |.$dbh->quote($form->{pricegroup}).qq|
- WHERE id = $form->{id}|;
- } else {
- $query = qq|INSERT INTO pricegroup
- (pricegroup)
- VALUES (|.$dbh->quote($form->{pricegroup}).qq|)|;
- }
- $dbh->do($query) || $form->dberror($query);
+ if ($form->{id}) {
+ $query = qq|
+ UPDATE pricegroup SET
+ pricegroup = ?
+ WHERE id = |.$dbh->quote($form->{id});
+ } else {
+ $query = qq|
+ INSERT INTO pricegroup (pricegroup)
+ VALUES (?)|;
+ }
+ $sth = $dbh->do($query);
+ $sth->execute($form->{pricegroup}) || $form->dberror($query);
- $dbh->disconnect;
+ $dbh->commit;
}
sub get_pricegroup {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect($myconfig);
+ my $dbh = $form->{dbh};
- my $query = qq|SELECT *
- FROM pricegroup
- WHERE id = $form->{id}|;
- my $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ my $query = qq|SELECT * FROM pricegroup WHERE id = ?|;
+ my $sth = $dbh->prepare($query);
+ $sth->execute($form->{id}) || $form->dberror($query);
- my $ref = $sth->fetchrow_hashref(NAME_lc);
+ my $ref = $sth->fetchrow_hashref(NAME_lc);
- for (keys %$ref) { $form->{$_} = $ref->{$_} }
+ for (keys %$ref) { $form->{$_} = $ref->{$_} }
- $sth->finish;
+ $sth->finish;
- # check if it is orphaned
- $query = qq|SELECT count(*)
- FROM partscustomer
- WHERE pricegroup_id = $form->{id}|;
- $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ # check if it is orphaned
+ $query = "SELECT count(*) FROM partscustomer WHERE pricegroup_id = ?";
+ $sth = $dbh->prepare($query);
+ $sth->execute($form->{id}) || $form->dberror($query);
- ($form->{orphaned}) = $sth->fetchrow_array;
- $form->{orphaned} = !$form->{orphaned};
+ ($form->{orphaned}) = $sth->fetchrow_array;
+ $form->{orphaned} = !$form->{orphaned};
- $sth->finish;
+ $sth->finish;
- $dbh->disconnect;
+ $dbh->commit;
}
sub description_translations {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- my $where = "1 = 1";
- my $var;
- my $ref;
+ my $dbh = $form->{dbh};
+ my $where = "1 = 1";
+ my $var;
+ my $ref;
- for (qw(partnumber description)) {
- if ($form->{$_}) {
- $var = $form->like(lc $form->{$_});
- $where .= " AND lower(p.$_) LIKE '$var'";
- }
- }
+ for (qw(partnumber description)) {
+ if ($form->{$_}) {
+ $var = $dbh->quote($form->like(lc $form->{$_}));
+ $where .= " AND lower(p.$_) LIKE $var";
+ }
+ }
- $where .= " AND p.obsolete = '0'";
- $where .= " AND p.id = $form->{id}" if $form->{id};
+ $where .= " AND p.obsolete = '0'";
+ $where .= " AND p.id = ".$dbh->quote($form->{id}) if $form->{id};
- # connect to database
- my $dbh = $form->dbconnect($myconfig);
- my %ordinal = ( 'partnumber' => 2,
- 'description' => 3
- );
+ my %ordinal = ( 'partnumber' => 2, 'description' => 3 );
- my @a = qw(partnumber description);
- my $sortorder = $form->sort_order(..hidden.., \%ordinal);
+ my @a = qw(partnumber description);
+ my $sortorder = $form->sort_order(..hidden.., \%ordinal);
- my $query = qq|SELECT l.description AS language, t.description AS translation,
- l.code
- FROM translation t
- JOIN language l ON (l.code = t.language_code)
- WHERE trans_id = ?
- ORDER BY 1|;
- my $tth = $dbh->prepare($query);
+ my $query = qq|
+ SELECT l.description AS language,
+ t.description AS translation, l.code
+ FROM translation t
+ JOIN language l ON (l.code = t.language_code)
+ WHERE trans_id = ?
+ ORDER BY 1|;
+ my $tth = $dbh->prepare($query);
- $query = qq|SELECT p.id, p.partnumber, p.description
- FROM parts p
- WHERE $where
- ORDER BY $sortorder|;
+ $query = qq|
+ SELECT p.id, p.partnumber, p.description
+ FROM parts p
+ WHERE $where
+ ORDER BY $sortorder|;
- my $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ my $sth = $dbh->prepare($query);
+ $sth->execute || $form->dberror($query);
- my $tra;
+ my $tra;
- while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
- push @{ $form->{translations} }, $ref;
+ while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
+ push @{ $form->{translations} }, $ref;
- # get translations for description
- $tth->execute($ref->{id}) || $form->dberror;
+ # get translations for description
+ $tth->execute($ref->{id}) || $form->dberror;
- while ($tra = $tth->fetchrow_hashref(NAME_lc)) {
- $form->{trans_id} = $ref->{id};
- $tra->{id} = $ref->{id};
- push @{ $form->{translations} }, $tra;
- }
- $tth->finish;
+ while ($tra = $tth->fetchrow_hashref(NAME_lc)) {
+ $form->{trans_id} = $ref->{id};
+ $tra->{id} = $ref->{id};
+ push @{ $form->{translations} }, $tra;
+ }
+ $tth->finish;
- }
- $sth->finish;
+ }
+ $sth->finish;
- &get_language("", $dbh, $form) if $form->{id};
+ &get_language("", $dbh, $form) if $form->{id};
- $dbh->disconnect;
+ $dbh->commit;
}
sub partsgroup_translations {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
+ my $dbh = $form->{dbh};
- my $where = "1 = 1";
- my $ref;
- my $var;
+ my $where = "1 = 1";
+ my $ref;
+ my $var;
- if ($form->{description}) {
- $var = $form->like(lc $form->{description});
- $where .= " AND lower(p.partsgroup) LIKE '$var'";
- }
- $where .= " AND p.id = $form->{id}" if $form->{id};
+ if ($form->{description}) {
+ $var = $dbh->quote($form->like(lc $form->{description}));
+ $where .= " AND lower(p.partsgroup) LIKE $var";
+ }
+ $where .= " AND p.id = ".$dbh->quote($form->{id}) if $form->{id};
- # connect to database
- my $dbh = $form->dbconnect($myconfig);
- my $query = qq|SELECT l.description AS language, t.description AS translation,
- l.code
- FROM translation t
- JOIN language l ON (l.code = t.language_code)
- WHERE trans_id = ?
- ORDER BY 1|;
- my $tth = $dbh->prepare($query);
+ my $query = qq|
+ SELECT l.description AS language,
+ t.description AS translation, l.code
+ FROM translation t
+ JOIN language l ON (l.code = t.language_code)
+ WHERE trans_id = ?
+ ORDER BY 1|;
+ my $tth = $dbh->prepare($query);
- $form->sort_order();
+ $form->sort_order();
- $query = qq|SELECT p.id, p.partsgroup AS description
- FROM partsgroup p
- WHERE $where
- ORDER BY 2 $form->{direction}|;
+ $query = qq|
+ SELECT p.id, p.partsgroup AS description
+ FROM partsgroup p
+ WHERE $where
+ ORDER BY 2 $form->{direction}|;
- my $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ my $sth = $dbh->prepare($query);
+ $sth->execute || $form->dberror($query);
- my $tra;
+ my $tra;
- while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
- push @{ $form->{translations} }, $ref;
+ while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
+ push @{ $form->{translations} }, $ref;
- # get translations for partsgroup
- $tth->execute($ref->{id}) || $form->dberror;
+ # get translations for partsgroup
+ $tth->execute($ref->{id}) || $form->dberror;
- while ($tra = $tth->fetchrow_hashref(NAME_lc)) {
- $form->{trans_id} = $ref->{id};
- push @{ $form->{translations} }, $tra;
- }
- $tth->finish;
+ while ($tra = $tth->fetchrow_hashref(NAME_lc)) {
+ $form->{trans_id} = $ref->{id};
+ push @{ $form->{translations} }, $tra;
+ }
+ $tth->finish;
- }
- $sth->finish;
+ }
+ $sth->finish;
- &get_language("", $dbh, $form) if $form->{id};
+ &get_language("", $dbh, $form) if $form->{id};
- $dbh->disconnect;
+ $dbh->commit;
}
sub project_translations {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
+ my $dbh = $form->{dbh};
- my $where = "1 = 1";
- my $var;
- my $ref;
+ my $where = "1 = 1";
+ my $var;
+ my $ref;
- for (qw(projectnumber description)) {
- if ($form->{$_}) {
- $var = $form->like(lc $form->{$_});
- $where .= " AND lower(p.$_) LIKE '$var'";
- }
- }
+ for (qw(projectnumber description)) {
+ if ($form->{$_}) {
+ $var = $dbh->quote($form->like(lc $form->{$_}));
+ $where .= " AND lower(p.$_) LIKE $var";
+ }
+ }
- $where .= " AND p.id = $form->{id}" if $form->{id};
+ $where .= " AND p.id = ".$dbh->quote($form->{id}) if $form->{id};
- # connect to database
- my $dbh = $form->dbconnect($myconfig);
- my %ordinal = ( 'projectnumber' => 2,
- 'description' => 3
- );
+ my %ordinal = ( 'projectnumber' => 2, 'description' => 3 );
- my @a = qw(projectnumber description);
- my $sortorder = $form->sort_order(..hidden.., \%ordinal);
+ my @a = qw(projectnumber description);
+ my $sortorder = $form->sort_order(..hidden.., \%ordinal);
- my $query = qq|SELECT l.description AS language, t.description AS translation,
- l.code
- FROM translation t
- JOIN language l ON (l.code = t.language_code)
- WHERE trans_id = ?
- ORDER BY 1|;
- my $tth = $dbh->prepare($query);
+ my $query = qq|
+ SELECT l.description AS language,
+ t.description AS translation, l.code
+ FROM translation t
+ JOIN language l ON (l.code = t.language_code)
+ WHERE trans_id = ?
+ ORDER BY 1|;
+ my $tth = $dbh->prepare($query);
- $query = qq|SELECT p.id, p.projectnumber, p.description
- FROM project p
- WHERE $where
- ORDER BY $sortorder|;
+ $query = qq|
+ SELECT p.id, p.projectnumber, p.description
+ FROM project p
+ WHERE $where
+ ORDER BY $sortorder|;
- my $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ my $sth = $dbh->prepare($query);
+ $sth->execute || $form->dberror($query);
- my $tra;
+ my $tra;
- while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
- push @{ $form->{translations} }, $ref;
+ while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
+ push @{ $form->{translations} }, $ref;
- # get translations for description
- $tth->execute($ref->{id}) || $form->dberror;
+ # get translations for description
+ $tth->execute($ref->{id}) || $form->dberror;
- while ($tra = $tth->fetchrow_hashref(NAME_lc)) {
- $form->{trans_id} = $ref->{id};
- $tra->{id} = $ref->{id};
- push @{ $form->{translations} }, $tra;
- }
- $tth->finish;
+ while ($tra = $tth->fetchrow_hashref(NAME_lc)) {
+ $form->{trans_id} = $ref->{id};
+ $tra->{id} = $ref->{id};
+ push @{ $form->{translations} }, $tra;
+ }
+ $tth->finish;
- }
- $sth->finish;
+ }
+ $sth->finish;
- &get_language("", $dbh, $form) if $form->{id};
+ &get_language("", $dbh, $form) if $form->{id};
- $dbh->disconnect;
+ $dbh->commit;
}
sub get_language {
- my ($self, $dbh, $form) = @_;
+ my ($self, $dbh, $form) = @_;
- # get language
- my $query = qq|SELECT *
- FROM language
- ORDER BY 2|;
- my $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ my $query = qq|SELECT * FROM language ORDER BY 2|;
+ my $sth = $dbh->prepare($query);
+ $sth->execute || $form->dberror($query);
- while (my $ref = $sth->fetchrow_hashref(NAME_lc)) {
- push @{ $form->{all_language} }, $ref;
- }
- $sth->finish;
+ while (my $ref = $sth->fetchrow_hashref(NAME_lc)) {
+ push @{ $form->{all_language} }, $ref;
+ }
+ $sth->finish;
}
sub save_translation {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect_noauto($myconfig);
+ my $dbh = $form->{dbh};
- my $query = qq|DELETE FROM translation
- WHERE trans_id = $form->{id}|;
- $dbh->do($query) || $form->dberror($query);
+ my $query = qq|DELETE FROM translation WHERE trans_id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute($form->{id})|| $form->dberror($query);
- $query = qq|INSERT INTO translation (trans_id, language_code, description)
- VALUES ($form->{id}, ?, ?)|;
- my $sth = $dbh->prepare($query) || $form->dberror($query);
+ $query = qq|
+ INSERT INTO translation (trans_id, language_code, description)
+ VALUES (?, ?, ?)|;
+ my $sth = $dbh->prepare($query) || $form->dberror($query);
- foreach my $i (1 .. $form->{translation_rows}) {
- if ($form->{"language_code_$i"} ne "") {
- $sth->execute($form->{"language_code_$i"}, $form->{"translation_$i"});
- $sth->finish;
- }
- }
+ foreach my $i (1 .. $form->{translation_rows}) {
+ if ($form->{"language_code_$i"} ne "") {
+ $sth->execute($form->{id}, $form->{"language_code_$i"},
+ $form->{"translation_$i"});
+ $sth->finish;
+ }
+ }
$dbh->commit;
- $dbh->disconnect;
}
sub delete_translation {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect($myconfig);
+ my $dbh = $form->{dbh};
- my $query = qq|DELETE FROM translation
- WHERE trans_id = $form->{id}|;
- $dbh->do($query) || $form->dberror($query);
-
- $dbh->disconnect;
+ my $query = qq|DELETE FROM translation WHERE trans_id = ?|;
+ $sth = $dbh->prepare($query);
+ $sth->execute($form->{id})|| $form->dberror($query);
+ $dbh->commit;
+
}
@@ -1391,127 +1449,133 @@
sub get_jcitems {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect($myconfig);
+ my $dbh = $form->{dbh};
- my $null;
- my $var;
- my $where;
+ my $null;
+ my $var;
+ my $where;
- if ($form->{projectnumber}) {
- ($null, $var) = split /--/, $form->{projectnumber};
- $where .= " AND j.project_id = $var";
- }
+ if ($form->{projectnumber}) {
+ ($null, $var) = split /--/, $form->{projectnumber};
+ $var = $dbh->quote($var);
+ $where .= " AND j.project_id = $var";
+ }
- if ($form->{employee}) {
- ($null, $var) = split /--/, $form->{employee};
- $where .= " AND j.employee_id = $var";
- }
+ if ($form->{employee}) {
+ ($null, $var) = split /--/, $form->{employee};
+ $var = $dbh->quote($var);
+ $where .= " AND j.employee_id = $var";
+ }
- ($form->{transdatefrom}, $form->{transdateto}) = $form->from_to($form->{year}, $form->{month}, $form->{interval}) if $form->{year} && $form->{month};
+ ($form->{transdatefrom}, $form->{transdateto})
+ = $form->from_to(
+ $form->{year}, $form->{month}, $form->{interval})
+ if $form->{year} && $form->{month};
- if ($form->{transdatefrom}) {
- $where .= " AND j.checkedin >= '$form->{transdatefrom}'";
- }
- if ($form->{transdateto}) {
- $where .= " AND j.checkedout <= (date '$form->{transdateto}' + interval '1 days')";
- }
+ if ($form->{transdatefrom}) {
+ $where .= " AND j.checkedin >= ".
+ $dbh->quote($form->{transdatefrom});
+ }
+ if ($form->{transdateto}) {
+ $where .= " AND j.checkedout <= (date ".
+ $dbh->quote($form->{transdateto}) .
+ " + interval '1 days')";
+ }
- my $query;
- my $ref;
+ my $query;
+ my $ref;
- $query = qq|SELECT j.id, j.description, j.qty - j.allocated AS qty,
- j.sellprice, j.parts_id, pr.$form->{vc}_id, j.project_id,
- j.checkedin::date AS transdate, j.notes,
- c.name AS $form->{vc}, pr.projectnumber, p.partnumber
- FROM jcitems j
- JOIN project pr ON (pr.id = j.project_id)
- JOIN employee e ON (e.id = j.employee_id)
- JOIN parts p ON (p.id = j.parts_id)
- LEFT JOIN $form->{vc} c ON (c.id = pr.$form->{vc}_id)
- WHERE pr.parts_id IS NULL
- AND j.allocated != j.qty
- $where
- ORDER BY pr.projectnumber, c.name, j.checkedin::date|;
+ $query = qq|
+ SELECT j.id, j.description, j.qty - j.allocated AS qty,
+ j.sellprice, j.parts_id, pr.$form->{vc}_id,
+ j.project_id, j.checkedin::date AS transdate,
+ j.notes, c.name AS $form->{vc}, pr.projectnumber,
+ p.partnumber
+ FROM jcitems j
+ JOIN project pr ON (pr.id = j.project_id)
+ JOIN employee e ON (e.id = j.employee_id)
+ JOIN parts p ON (p.id = j.parts_id)
+ LEFT JOIN $form->{vc} c ON (c.id = pr.$form->{vc}_id)
+ WHERE pr.parts_id IS NULL
+ AND j.allocated != j.qty $where
+ ORDER BY pr.projectnumber, c.name, j.checkedin::date|;
- if ($form->{summary}) {
- $query =~ s/j\.description/p\.description/;
- $query =~ s/c\.name,/c\.name, j\.parts_id, /;
- }
+ if ($form->{summary}) {
+ $query =~ s/j\.description/p\.description/;
+ $query =~ s/c\.name,/c\.name, j\.parts_id, /;
+ }
- $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
+ $sth = $dbh->prepare($query);
+ $sth->execute || $form->dberror($query);
- # tax accounts
- $query = qq|SELECT c.accno
- FROM chart c
- JOIN partstax pt ON (pt.chart_id = c.id)
- WHERE pt.parts_id = ?|;
- my $tth = $dbh->prepare($query) || $form->dberror($query);
- my $ptref;
+ # tax accounts
+ $query = qq|
+ SELECT c.accno
+ FROM chart c
+ JOIN partstax pt ON (pt.chart_id = c.id)
+ WHERE pt.parts_id = ?|;
+ my $tth = $dbh->prepare($query) || $form->dberror($query);
+ my $ptref;
- while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
+ while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
- $tth->execute($ref->{parts_id});
- $ref->{taxaccounts} = "";
- while ($ptref = $tth->fetchrow_hashref(NAME_lc)) {
- $ref->{taxaccounts} .= "$ptref->{accno} ";
- }
- $tth->finish;
- chop $ref->{taxaccounts};
+ $tth->execute($ref->{parts_id});
+ $ref->{taxaccounts} = "";
+ while ($ptref = $tth->fetchrow_hashref(NAME_lc)) {
+ $ref->{taxaccounts} .= "$ptref->{accno} ";
+ }
+ $tth->finish;
+ chop $ref->{taxaccounts};
- $ref->{amount} = $ref->{sellprice} * $ref->{qty};
+ $ref->{amount} = $ref->{sellprice} * $ref->{qty};
- push @{ $form->{jcitems} }, $ref;
- }
+ push @{ $form->{jcitems} }, $ref;
+ }
- $sth->finish;
+ $sth->finish;
- $query = qq|SELECT value FROM defaults WHERE setting_key = 'curr'|;
- ($form->{currency}) = $dbh->selectrow_array($query);
- $form->{currency} =~ s/:.*//;
- $form->{defaultcurrency} = $form->{currency};
+ $query = qq|SELECT value FROM defaults WHERE setting_key = 'curr'|;
+ ($form->{currency}) = $dbh->selectrow_array($query);
+ $form->{currency} =~ s/:.*//;
+ $form->{defaultcurrency} = $form->{currency};
- $query = qq|SELECT c.accno, t.rate
- FROM tax t
- JOIN chart c ON (c.id = t.chart_id)|;
- $sth = $dbh->prepare($query);
- $sth->execute || $form->dberror($query);
- while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
- $form->{taxaccounts} .= "$ref->{accno} ";
- $form->{"$ref->{accno}_rate"} = $ref->{rate};
- }
- chop $form->{taxaccounts};
- $sth->finish;
+ $query = qq|
+ SELECT c.accno, t.rate
+ FROM tax t
+ JOIN chart c ON (c.id = t.chart_id)|;
+ $sth = $dbh->prepare($query);
+ $sth->execute || $form->dberror($query);
+ while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
+ $form->{taxaccounts} .= "$ref->{accno} ";
+ $form->{"$ref->{accno}_rate"} = $ref->{rate};
+ }
+ chop $form->{taxaccounts};
+ $sth->finish;
- $dbh->disconnect;
+ $dbh->commit;
}
sub allocate_projectitems {
- my ($self, $myconfig, $form) = @_;
+ my ($self, $myconfig, $form) = @_;
- # connect to database
- my $dbh = $form->dbconnect_noauto($myconfig);
+ my $dbh = $form->{dbh};
- for my $i (1 .. $form->{rowcount}) {
- for (split / /, $form->{"jcitems_$i"}) {
- my ($id, $qty) = split /:/, $_;
- $form->update_balance($dbh,
- 'jcitems',
- 'allocated',
- "id = $id",
- $qty);
- }
- }
+ for my $i (1 .. $form->{rowcount}) {
+ for (split / /, $form->{"jcitems_$i"}) {
+ my ($id, $qty) = split /:/, $_;
+ $form->update_balance(
+ $dbh, 'jcitems', 'allocated', "id = $id",
+ $qty);
+ }
+ }
- $rc = $dbh->commit;
- $dbh->disconnect;
+ $rc = $dbh->commit;
- $rc;
+ $rc;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.