my @values;
my $query =
- qq|SELECT ct.id as customerid, ct.name as customername,ct.customernumber,ct.country,ar.invnumber,ar.id,ar.transdate,p.partnumber,pg.partsgroup,i.parts_id,i.qty,i.price_factor,i.discount,i.description as description,i.lastcost,i.sellprice,i.marge_total,i.marge_percent,i.unit,b.description as business,e.name as employee,e2.name as salesman, to_char(ar.transdate,'Month') as month | .
+ qq|SELECT ct.id as customerid, ct.name as customername,ct.customernumber,ct.country,ar.invnumber,ar.id,ar.transdate,p.partnumber,pg.partsgroup,i.parts_id,i.qty,i.price_factor,i.discount,i.description as description,i.lastcost,i.sellprice,i.fxsellprice,i.marge_total,i.marge_percent,i.unit,b.description as business,e.name as employee,e2.name as salesman, to_char(ar.transdate,'Month') as month, to_char(ar.transdate, 'YYYYMM') as nummonth, p.unit as parts_unit, p.weight | .
qq|FROM invoice i | .
qq|JOIN ar on (i.trans_id = ar.id) | .
qq|JOIN parts p on (i.parts_id = p.id) | .
# Bestandteile von Erzeugnissen herausfiltern
$where .= " AND i.assemblyitem is not true ";
+ # filter allowed parameters for mainsort and subsort as passed by POST
+ my @databasefields = qw(description customername country partsgroup business salesman month);
+ my ($mainsort) = grep { /^$form->{mainsort}$/ } @databasefields;
+ my ($subsort) = grep { /^$form->{subsort}$/ } @databasefields;
+ die "illegal parameter for mainsort or subsort" unless $mainsort and $subsort;
+
my $sortorder;
- # sorting by month is a special case:
- # Sorting by month, using salesman as an example:
- # Sorting with month as mainsort: ORDER BY month,salesman,ar.transdate,ar.invnumber
- # Sorting with month as subsort: ORDER BY salesman,ar.transdate,month,ar.invnumber
+ # sorting by month is a special case, we don't want to sort alphabetically by
+ # month name, so we also extract a numerical month in the from YYYYMM to sort
+ # by in case of month sorting
+ # Sorting by month, using description as an example:
+ # Sorting with month as mainsort: ORDER BY nummonth,description,ar.transdate,ar.invnumber
+ # Sorting with month as subsort: ORDER BY description,nummonth,ar.transdate,ar.invnumber
if ($form->{mainsort} eq 'month') {
- $sortorder .= "ar.transdate,month,"
+ $sortorder .= "nummonth,"
} else {
- $sortorder .= $form->{mainsort} . ",";
+ $sortorder .= $mainsort . ",";
};
if ($form->{subsort} eq 'month') {
- $sortorder .= "ar.transdate,month,"
+ $sortorder .= "nummonth,"
} else {
- $sortorder .= $form->{subsort} . ",";
+ $sortorder .= $subsort . ",";
};
- $sortorder .= 'ar.transdate,' unless $form->{subsort} eq 'month';
- $sortorder .= 'ar.invnumber';
-
-# $sortorder =~ s/month/ar.transdate/;
+ $sortorder .= 'ar.transdate,ar.invnumber'; # Default sorting order after mainsort und subsort
if ($form->{customer_id}) {
$where .= " AND ar.customer_id = ?";