Umstellung der Benutzereinstellungen auf getabbtes Layout: Eine Übersetzung vergessen.

[kivitendo-erp.git] / bin / mozilla / am.pl
diff --git a/bin/mozilla/am.pl b/bin/mozilla/am.pl

index 77d8878..51f8f69 100644 (file)
--- a/bin/mozilla/am.pl
+++ b/bin/mozilla/am.pl
@@ -31,6 +31,7 @@
  #
  #======================================================================
  
+use SL::Auth;
  use SL::AM;
  use SL::CA;
  use SL::Form;
@@ -57,13 +58,13 @@ sub continue { call_sub($form->{"nextsub"}); }
  sub add_account {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title}     = "Add";
    $form->{charttype} = "A";
    AM->get_account(\%myconfig, \%$form);
  
-  $form->{callback} =
-    "$form->{script}?action=list_account&login=$form->{login}&password=$form->{password}"
-    unless $form->{callback};
+  $form->{callback} = "am.pl?action=list_account" unless $form->{callback};
  
    &account_header;
    &form_footer;
@@ -74,6 +75,8 @@ sub add_account {
  sub edit_account {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title} = "Edit";
    AM->get_account(\%myconfig, \%$form);
  
@@ -90,6 +93,8 @@ sub edit_account {
  sub account_header {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    if ( $form->{action} eq 'edit_account') {
      $form->{account_exists} = '1';
    } 
@@ -161,7 +166,7 @@ sub account_header {
          if ($item eq ''){
            $form->{ACCOUNT_TAXKEYS}[$i]{select_tax} .= qq|<option value="" selected="selected">-\n|;
          } 
-        elsif ( $item == $taxkey_used->{pos_ustva} ) {
+        elsif ( $item eq $taxkey_used->{pos_ustva} ) {
            $form->{ACCOUNT_TAXKEYS}[$i]{select_tax} .= qq|<option value="$item" selected="selected">$item\n|;
          }
          else {
@@ -348,12 +353,11 @@ sub account_header {
  sub form_footer {
    $lxdebug->enter_sub();
  
-  print qq|
+  $auth->assert('config');
  
-<input name=callback type=hidden value="$form->{callback}">
+  print qq|
  
-<input type=hidden name=login value=$form->{login}>
-<input type=hidden name=password value=$form->{password}>
+<input name=callback type=hidden value="| . H($form->{callback}) . qq|">
  
  <br>|;
    if ((!$form->{id}) || ($form->{id} && $form->{orphaned}) || (($form->{type} eq "account") && (!$form->{new_chart_valid}))) {
@@ -381,6 +385,8 @@ sub form_footer {
  sub save_account {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->isblank("accno",       $locale->text('Account Number missing!'));
    $form->isblank("description", $locale->text('Account Description missing!'));
    
@@ -398,55 +404,40 @@ sub save_account {
  sub list_account {
    $lxdebug->enter_sub();
  
-  CA->all_accounts(\%myconfig, \%$form);
-
-  $form->{title} = $locale->text('Chart of Accounts');
-
-  # construct callback
-  $callback =
-    "$form->{script}?action=list_account&login=$form->{login}&password=$form->{password}";
+  $auth->assert('config');
  
+  $form->{callback}     = build_std_url('action=list_account');
+  my $link_edit_account = build_std_url('action=edit_account', 'callback');
  
-
-  # escape callback
-  $callback = $form->escape($callback);
+  CA->all_accounts(\%myconfig, \%$form);
  
    foreach $ca (@{ $form->{CA} }) {
  
-    $ca->{debit}  = "&nbsp;";
-    $ca->{credit} = "&nbsp;";
+    $ca->{debit}  = "";
+    $ca->{credit} = "";
  
      if ($ca->{amount} > 0) {
-      $ca->{credit} =
-        $form->format_amount(\%myconfig, $ca->{amount}, 2, "&nbsp;");
+      $ca->{credit} = $form->format_amount(\%myconfig, $ca->{amount}, 2);
      }
      if ($ca->{amount} < 0) {
-      $ca->{debit} =
-        $form->format_amount(\%myconfig, -1 * $ca->{amount}, 2, "&nbsp;");
+      $ca->{debit} = $form->format_amount(\%myconfig, -1 * $ca->{amount}, 2);
      }
      $ca->{heading}   = ( $ca->{charttype} eq 'H' ) ? 1:''; 
-    $ca->{link_edit_account} = 
-        qq|$form->{script}?action=edit_account&id=$ca->{id}|
-       .qq|&path=$form->{path}&login=$form->{login}|
-       .qq|&password=$form->{password}&callback=$callback|;
+    $ca->{link_edit_account} = $link_edit_account . '&id=' . E($ca->{id});
    }
    
    # Ajax 
-  my $list_account_details_url = 
-              "$form->{script}?login=$form->{login}&path=$form->{path}"
-             ."&password=$form->{password}&action=list_account_details&";
-  
-  
-  my $pjx = new CGI::Ajax( 
-             'list_account_details' => $list_account_details_url 
-  );
+  my $pjx = new CGI::Ajax('list_account_details' => build_std_url('action=list_account_details'));
  
    # Eneable AJAX debuging
    #$pjx->DEBUG(1);
    #$pjx->JSDEBUG(1);
      
    push(@ { $form->{AJAX} }, $pjx);
-  
+
+  $form->{stylesheets} = "list_accounts.css";
+  $form->{title}       = $locale->text('Chart of Accounts');
+
    $form->header;
    
    
@@ -463,23 +454,14 @@ sub list_account {
  
  
  sub list_account_details {
-# Ajax Funktion aus list_account_details  
+# Ajax Funktion aus list_account_details
    $lxdebug->enter_sub();
  
-  my $chart_id = $form->{args};
-  
-  CA->all_accounts(\%myconfig, \%$form, $chart_id);
-
-  $form->{title} = $locale->text('Chart of Accounts');
-
-  # construct callback
-  $callback =
-    "$form->{script}?action=list_account&path=$form->{path}&login=$form->{login}&password=$form->{password}";
+  $auth->assert('config');
  
-  $form->header;
+  my $chart_id = $form->{args};
  
-  # escape callback
-  $callback = $form->escape($callback);
+  CA->all_accounts(\%myconfig, \%$form, $chart_id);
  
    foreach $ca (@{ $form->{CA} }) {
  
@@ -496,11 +478,11 @@ sub list_account_details {
      }
  
      my @links = split( q{:}, $ca->{link});
-    
+
      $ca->{link} = q{};
-    
+
      foreach my $link (@links){
-      $link = ( $link eq 'AR')             ? $locale->text('Account Link AR')
+      $link =    ( $link eq 'AR')             ? $locale->text('Account Link AR')
                 : ( $link eq 'AP')             ? $locale->text('Account Link AP')
                 : ( $link eq 'IC')             ? $locale->text('Account Link IC')
                 : ( $link eq 'AR_amount' )     ? $locale->text('Account Link AR_amount')
@@ -517,16 +499,8 @@ sub list_account_details {
                 : ( $link eq 'IC_taxservice' ) ? $locale->text('Account Link IC_taxservice')
  #               : ( $link eq 'CT_tax' )        ? $locale->text('Account Link CT_tax')
                 : $locale->text('Unknown Link') . ': ' . $link;
-      
        $ca->{link} .= ($link ne '') ?  "[$link] ":'';
      }
-    
-    $ca->{startdate}      =~ s/,/<br>/og;
-    $ca->{tk_ustva}       =~ s/,/<br>/og;
-    $ca->{taxkey}         =~ s/,/<br>/og;
-    $ca->{taxaccount}     =~ s/,/<br>/og;
-    $ca->{taxdescription} =~ s/,/<br>/og;
-    $ca->{datevautomatik} = ($ca->{datevautomatik}) ? $locale->text('On'):$locale->text('Off');
  
      $ca->{category} = ($ca->{category} eq 'A') ? $locale->text('Account Category A')
                      : ($ca->{category} eq 'E') ? $locale->text('Account Category E')
@@ -536,29 +510,13 @@ sub list_account_details {
                      : ($ca->{category} eq 'C') ? $locale->text('Account Category C')
                      : ($ca->{category} eq 'G') ? $locale->text('Account Category G')
                      : $locale->text('Unknown Category') . ': ' . $ca->{category};
-
-    $ca->{link_edit_account} = 
-        qq|$form->{script}?action=edit_account&id=$ca->{id}|
-       .qq|&login=$form->{login}|
-       .qq|&password=$form->{password}&callback=$callback|;
    }
  
+  $form->{title} = $locale->text('Chart of Accounts');
+  $form->header();
  
+  print $form->parse_html_template('am/list_account_details');
  
-
-  my $parameters_ref = {
-  
-  
-  #   hidden_variables                => $_hidden_variables_ref,
-  };
-  
-  # Ausgabe des Templates
-  #my $q = CGI->new();
-  my $result = $form->parse_html_template('am/list_account_details', $parameters_ref);
-  
-  print $result;
-#  print "chart_id:$chart_id, form->chartid:$form->{chart_id}, rest=$rest";
-      
    $lxdebug->leave_sub();
  
  }
@@ -566,6 +524,8 @@ sub list_account_details {
  sub delete_account {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title} = $locale->text('Delete Account');
  
    foreach $id (
@@ -586,12 +546,12 @@ sub delete_account {
  sub add_department {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title} = "Add";
    $form->{role}  = "P";
  
-  $form->{callback} =
-    "$form->{script}?action=add_department&login=$form->{login}&password=$form->{password}"
-    unless $form->{callback};
+  $form->{callback} = "am.pl?action=add_department" unless $form->{callback};
  
    &department_header;
    &form_footer;
@@ -602,6 +562,8 @@ sub add_department {
  sub edit_department {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title} = "Edit";
  
    AM->get_department(\%myconfig, \%$form);
@@ -615,10 +577,11 @@ sub edit_department {
  sub list_department {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    AM->departments(\%myconfig, \%$form);
  
-  $form->{callback} =
-    "$form->{script}?action=list_department&login=$form->{login}&password=$form->{password}";
+  $form->{callback} = "am.pl?action=list_department";
  
    $callback = $form->escape($form->{callback});
  
@@ -674,7 +637,7 @@ sub list_department {
      $profitcenter = ($ref->{role} eq "P") ? "X" : "";
  
      $column_data{description} =
-      qq|<td><a href=$form->{script}?action=edit_department&id=$ref->{id}&login=$form->{login}&password=$form->{password}&callback=$callback>$ref->{description}</td>|;
+      qq|<td><a href="am.pl?action=edit_department&id=$ref->{id}&callback=$callback">$ref->{description}</td>|;
      $column_data{cost}   = qq|<td align=center>$costcenter</td>|;
      $column_data{profit} = qq|<td align=center>$profitcenter</td>|;
  
@@ -695,15 +658,12 @@ sub list_department {
  </table>
  
  <br>
-<form method=post action=$form->{script}>
+<form method=post action=am.pl>
  
  <input name=callback type=hidden value="$form->{callback}">
  
  <input type=hidden name=type value=department>
  
-<input type=hidden name=login value=$form->{login}>
-<input type=hidden name=password value=$form->{password}>
-
  <input class=submit type=submit name=action value="|
      . $locale->text('Add') . qq|">
  
@@ -719,6 +679,8 @@ sub list_department {
  sub department_header {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title} = $locale->text("$form->{title} Department");
  
    # $locale->text('Add Department')
@@ -742,7 +704,7 @@ sub department_header {
    print qq|
  <body>
  
-<form method=post action=$form->{script}>
+<form method=post action=am.pl>
  
  <input type=hidden name=id value=$form->{id}>
  <input type=hidden name=type value=department>
@@ -775,6 +737,8 @@ sub department_header {
  sub save_department {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->isblank("description", $locale->text('Description missing!'));
    AM->save_department(\%myconfig, \%$form);
    $form->redirect($locale->text('Department saved!'));
@@ -785,6 +749,8 @@ sub save_department {
  sub delete_department {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    AM->delete_department(\%myconfig, \%$form);
    $form->redirect($locale->text('Department deleted!'));
  
@@ -794,11 +760,11 @@ sub delete_department {
  sub add_lead {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title} = "Add";
  
-  $form->{callback} =
-    "$form->{script}?action=add_lead&login=$form->{login}&password=$form->{password}"
-    unless $form->{callback};
+  $form->{callback} = "am.pl?action=add_lead" unless $form->{callback};
  
    &lead_header;
    &form_footer;
@@ -809,6 +775,8 @@ sub add_lead {
  sub edit_lead {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title} = "Edit";
  
    AM->get_lead(\%myconfig, \%$form);
@@ -824,10 +792,11 @@ sub edit_lead {
  sub list_lead {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    AM->lead(\%myconfig, \%$form);
  
-  $form->{callback} =
-    "$form->{script}?action=list_lead&login=$form->{login}&password=$form->{password}";
+  $form->{callback} = "am.pl?action=list_lead";
  
    $callback = $form->escape($form->{callback});
  
@@ -870,8 +839,7 @@ sub list_lead {
  
         $lead = $ref->{lead};
         
-    $column_data{description} =
-      qq|<td><a href=$form->{script}?action=edit_lead&id=$ref->{id}&login=$form->{login}&password=$form->{password}&callback=$callback>$ref->{lead}</td>|;
+    $column_data{description} = qq|<td><a href="am.pl?action=edit_lead&id=$ref->{id}&callback=$callback">$ref->{lead}</td>|;
  
      map { print "$column_data{$_}\n" } @column_index;
  
@@ -887,15 +855,12 @@ sub list_lead {
  </table>
  
  <br>
-<form method=post action=$form->{script}>
+<form method=post action=am.pl>
  
  <input name=callback type=hidden value="$form->{callback}">
  
  <input type=hidden name=type value=lead>
  
-<input type=hidden name=login value=$form->{login}>
-<input type=hidden name=password value=$form->{password}>
-
  <input class=submit type=submit name=action value="|
      . $locale->text('Add') . qq|">
  
@@ -911,6 +876,8 @@ sub list_lead {
  sub lead_header {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title} = $locale->text("$form->{title} Lead");
  
    # $locale->text('Add Lead')
@@ -926,7 +893,7 @@ sub lead_header {
    print qq|
  <body>
  
-<form method=post action=$form->{script}>
+<form method=post action=am.pl>
  
  <input type=hidden name=id value=$form->{id}>
  <input type=hidden name=type value=lead>
@@ -951,6 +918,8 @@ sub lead_header {
  sub save_lead {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->isblank("description", $locale->text('Description missing!'));
    AM->save_lead(\%myconfig, \%$form);
    $form->redirect($locale->text('lead saved!'));
@@ -961,6 +930,8 @@ sub save_lead {
  sub delete_lead {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    AM->delete_lead(\%myconfig, \%$form);
    $form->redirect($locale->text('lead deleted!'));
  
@@ -970,11 +941,11 @@ sub delete_lead {
  sub add_business {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title} = "Add";
  
-  $form->{callback} =
-    "$form->{script}?action=add_business&login=$form->{login}&password=$form->{password}"
-    unless $form->{callback};
+  $form->{callback} = "am.pl?action=add_business" unless $form->{callback};
  
    &business_header;
    &form_footer;
@@ -1000,10 +971,11 @@ sub edit_business {
  sub list_business {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    AM->business(\%myconfig, \%$form);
  
-  $form->{callback} =
-    "$form->{script}?action=list_business&login=$form->{login}&password=$form->{password}";
+  $form->{callback} = "am.pl?action=list_business";
  
    $callback = $form->escape($form->{callback});
  
@@ -1059,8 +1031,7 @@ sub list_business {
        $form->format_amount(\%myconfig, $ref->{discount} * 100);
      $description =
        $ref->{description};
-    $column_data{description} =
-      qq|<td><a href=$form->{script}?action=edit_business&id=$ref->{id}&login=$form->{login}&password=$form->{password}&callback=$callback>$description</td>|;
+    $column_data{description} = qq|<td><a href="am.pl?action=edit_business&id=$ref->{id}&callback=$callback">$description</td>|;
      $column_data{discount}           = qq|<td align=right>$discount</td>|;
      $column_data{customernumberinit} =
        qq|<td align=right>$ref->{customernumberinit}</td>|;
@@ -1082,15 +1053,12 @@ sub list_business {
  </table>
  
  <br>
-<form method=post action=$form->{script}>
+<form method=post action=am.pl>
  
  <input name=callback type=hidden value="$form->{callback}">
  
  <input type=hidden name=type value=business>
  
-<input type=hidden name=login value=$form->{login}>
-<input type=hidden name=password value=$form->{password}>
-
  <input class=submit type=submit name=action value="|
      . $locale->text('Add') . qq|">
  
@@ -1106,6 +1074,8 @@ sub list_business {
  sub business_header {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title}    = $locale->text("$form->{title} Business");
  
    # $locale->text('Add Business')
@@ -1120,7 +1090,7 @@ sub business_header {
    print qq|
  <body>
  
-<form method=post action=$form->{script}>
+<form method=post action=am.pl>
  
  <input type=hidden name=id value=$form->{id}>
  <input type=hidden name=type value=business>
@@ -1153,6 +1123,8 @@ sub business_header {
  sub save_business {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->isblank("description", $locale->text('Description missing!'));
    $form->{discount} = $form->parse_amount(\%myconfig, $form->{discount}) / 100;
    AM->save_business(\%myconfig, \%$form);
@@ -1164,6 +1136,8 @@ sub save_business {
  sub delete_business {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    AM->delete_business(\%myconfig, \%$form);
    $form->redirect($locale->text('Business deleted!'));
  
@@ -1173,11 +1147,11 @@ sub delete_business {
  sub add_language {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title} = "Add";
  
-  $form->{callback} =
-    "$form->{script}?action=add_language&login=$form->{login}&password=$form->{password}"
-    unless $form->{callback};
+  $form->{callback} = "am.pl?action=add_language" unless $form->{callback};
  
    &language_header;
    &form_footer;
@@ -1188,6 +1162,8 @@ sub add_language {
  sub edit_language {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title} = "Edit";
  
    AM->get_language(\%myconfig, \%$form);
@@ -1203,10 +1179,11 @@ sub edit_language {
  sub list_language {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    AM->language(\%myconfig, \%$form);
  
-  $form->{callback} =
-    "$form->{script}?action=list_language&login=$form->{login}&password=$form->{password}";
+  $form->{callback} = "am.pl?action=list_language";
  
    $callback = $form->escape($form->{callback});
  
@@ -1272,7 +1249,7 @@ sub list_language {
  
  
      $column_data{description} =
-      qq|<td><a href=$form->{script}?action=edit_language&id=$ref->{id}&login=$form->{login}&password=$form->{password}&callback=$callback>$ref->{description}</td>|;
+      qq|<td><a href="am.pl?action=edit_language&id=$ref->{id}&callback=$callback">$ref->{description}</td>|;
      $column_data{template_code}           = qq|<td align=right>$ref->{template_code}</td>|;
      $column_data{article_code} =
        qq|<td align=right>$ref->{article_code}</td>|;
@@ -1308,15 +1285,12 @@ sub list_language {
  </table>
  
  <br>
-<form method=post action=$form->{script}>
+<form method=post action=am.pl>
  
  <input name=callback type=hidden value="$form->{callback}">
  
  <input type=hidden name=type value=language>
  
-<input type=hidden name=login value=$form->{login}>
-<input type=hidden name=password value=$form->{password}>
-
  <input class=submit type=submit name=action value="|
      . $locale->text('Add') . qq|">
  
@@ -1332,6 +1306,8 @@ sub list_language {
  sub language_header {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title}    = $locale->text("$form->{title} Language");
  
    # $locale->text('Add Language')
@@ -1369,7 +1345,7 @@ sub language_header {
    print qq|
  <body>
  
-<form method=post action=$form->{script}>
+<form method=post action=am.pl>
  
  <input type=hidden name=id value=$form->{id}>
  <input type=hidden name=type value=language>
@@ -1420,6 +1396,8 @@ sub language_header {
  sub save_language {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->isblank("description", $locale->text('Language missing!'));
    $form->isblank("template_code", $locale->text('Template Code missing!'));
    $form->isblank("article_code", $locale->text('Article Code missing!'));
@@ -1432,6 +1410,8 @@ sub save_language {
  sub delete_language {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    AM->delete_language(\%myconfig, \%$form);
    $form->redirect($locale->text('Language deleted!'));
  
@@ -1442,13 +1422,14 @@ sub delete_language {
  sub add_buchungsgruppe {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    # $locale->text("Add Buchungsgruppe")
    # $locale->text("Edit Buchungsgruppe")
    $form->{title} = "Add";
  
-  $form->{callback} =
-    "$form->{script}?action=add_buchungsgruppe&login=$form->{login}&password=$form->{password}"
-    unless $form->{callback};
+  $form->{callback} = "am.pl?action=add_buchungsgruppe" unless $form->{callback};
+
    AM->get_buchungsgruppe(\%myconfig, \%$form);
    $form->{"inventory_accno_id"} = $form->{"std_inventory_accno_id"};
    for (my $i = 0; 4 > $i; $i++) {
@@ -1465,6 +1446,8 @@ sub add_buchungsgruppe {
  sub edit_buchungsgruppe {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title} = "Edit";
  
    AM->get_buchungsgruppe(\%myconfig, \%$form);
@@ -1479,10 +1462,11 @@ sub edit_buchungsgruppe {
  sub list_buchungsgruppe {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    AM->buchungsgruppe(\%myconfig, \%$form);
  
-  $form->{callback} =
-    "$form->{script}?action=list_buchungsgruppe&login=$form->{login}&password=$form->{password}";
+  $form->{callback} = "am.pl?action=list_buchungsgruppe";
  
    $callback = $form->escape($form->{callback});
  
@@ -1564,9 +1548,7 @@ sub list_buchungsgruppe {
          </tr>
  |;
  
-  my $swap_link = qq|$form->{script}?action=swap_buchungsgruppen&|;
-  map({ $swap_link .= $_ . "=" . $form->escape($form->{$_}) . "&" }
-      qw(login password));
+  my $swap_link = qq|am.pl?action=swap_buchungsgruppen&|;
  
    my $row = 0;
    foreach $ref (@{ $form->{ALL} }) {
@@ -1600,8 +1582,7 @@ sub list_buchungsgruppe {
          qq|</a></td>|;
      }
  
-    $column_data{description} =
-      qq|<td><a href=$form->{script}?action=edit_buchungsgruppe&id=$ref->{id}&login=$form->{login}&password=$form->{password}&callback=$callback>$ref->{description}</td>|;
+    $column_data{description} = qq|<td><a href="am.pl?action=edit_buchungsgruppe&id=$ref->{id}&callback=$callback">$ref->{description}</td>|;
      $column_data{inventory_accno}           = qq|<td align=right>$ref->{inventory_accno}</td>|;
      $column_data{income_accno_0} =
        qq|<td align=right>$ref->{income_accno_0}</td>|;
@@ -1635,15 +1616,12 @@ sub list_buchungsgruppe {
  </table>
  
  <br>
-<form method=post action=$form->{script}>
+<form method=post action=am.pl>
  
  <input name=callback type=hidden value="$form->{callback}">
  
  <input type=hidden name=type value=buchungsgruppe>
  
-<input type=hidden name=login value=$form->{login}>
-<input type=hidden name=password value=$form->{password}>
-
  <input class=submit type=submit name=action value="|
      . $locale->text('Add') . qq|">
  
@@ -1659,6 +1637,8 @@ sub list_buchungsgruppe {
  sub buchungsgruppe_header {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title}    = $locale->text("$form->{title} Buchungsgruppe");
  
    # $locale->text('Add Accounting Group')
@@ -1690,11 +1670,11 @@ sub buchungsgruppe_header {
  
    if ($form->{id}) {
      $form->{selectIC} =~ s/selected//g;
-    $form->{selectIC} =~ s/ value=$form->{inventory_accno_id}/  value=$form->{inventory_accno_id} selected/;
+    $form->{selectIC} =~ s/ value=\Q$form->{inventory_accno_id}\E/  value=$form->{inventory_accno_id} selected/;
      $form->{selectIC_income} =~ s/selected//g;
-    $form->{selectIC_income} =~ s/ value=$form->{income_accno_id_0}/  value=$form->{income_accno_id_0} selected/;
+    $form->{selectIC_income} =~ s/ value=\Q$form->{income_accno_id_0}\E/  value=$form->{income_accno_id_0} selected/;
      $form->{selectIC_expense} =~ s/selected//g;
-    $form->{selectIC_expense} =~ s/ value=$form->{expense_accno_id_0}/  value=$form->{expense_accno_id_0} selected/;
+    $form->{selectIC_expense} =~ s/ value=\Q$form->{expense_accno_id_0}\E/  value=$form->{expense_accno_id_0} selected/;
    }
  
    if (!$eur) {
@@ -1721,9 +1701,9 @@ sub buchungsgruppe_header {
               </tr>|;
    if ($form->{id}) {
      $form->{selectIC_income} =~ s/selected//g;
-    $form->{selectIC_income} =~ s/ value=$form->{income_accno_id_1}/  value=$form->{income_accno_id_1} selected/;
+    $form->{selectIC_income} =~ s/ value=\Q$form->{income_accno_id_1}\E/  value=$form->{income_accno_id_1} selected/;
      $form->{selectIC_expense} =~ s/selected//g;
-    $form->{selectIC_expense} =~ s/ value=$form->{expense_accno_id_1}/  value=$form->{expense_accno_id_1} selected/;
+    $form->{selectIC_expense} =~ s/ value=\Q$form->{expense_accno_id_1}\E/  value=$form->{expense_accno_id_1} selected/;
    }
    $linkaccounts .= qq|       <tr>
                 <th align=right>| . $locale->text('Revenues EU with UStId') . qq|</th>
@@ -1736,9 +1716,9 @@ sub buchungsgruppe_header {
  
    if ($form->{id}) {
      $form->{selectIC_income} =~ s/selected//g;
-    $form->{selectIC_income} =~ s/ value=$form->{income_accno_id_2}/  value=$form->{income_accno_id_2} selected/;
+    $form->{selectIC_income} =~ s/ value=\Q$form->{income_accno_id_2}\E/  value=$form->{income_accno_id_2} selected/;
      $form->{selectIC_expense} =~ s/selected//g;
-    $form->{selectIC_expense} =~ s/ value=$form->{expense_accno_id_2}/  value=$form->{expense_accno_id_2} selected/;
+    $form->{selectIC_expense} =~ s/ value=\Q$form->{expense_accno_id_2}\E/  value=$form->{expense_accno_id_2} selected/;
    }
  
    $linkaccounts .= qq|       <tr>
@@ -1752,9 +1732,9 @@ sub buchungsgruppe_header {
  
    if ($form->{id}) {
      $form->{selectIC_income} =~ s/selected//g;
-    $form->{selectIC_income} =~ s/ value=$form->{income_accno_id_3}/  value=$form->{income_accno_id_3} selected/;
+    $form->{selectIC_income} =~ s/ value=\Q$form->{income_accno_id_3}\E/  value=$form->{income_accno_id_3} selected/;
      $form->{selectIC_expense} =~ s/selected//g;
-    $form->{selectIC_expense} =~ s/ value=$form->{expense_accno_id_3}/  value=$form->{expense_accno_id_3} selected/;
+    $form->{selectIC_expense} =~ s/ value=\Q$form->{expense_accno_id_3}\E/  value=$form->{expense_accno_id_3} selected/;
    }
  
    $linkaccounts .= qq|       <tr>
@@ -1773,7 +1753,7 @@ sub buchungsgruppe_header {
    print qq|
  <body>
  
-<form method=post action=$form->{script}>
+<form method=post action=am.pl>
  
  <input type=hidden name=id value=$form->{id}>
  <input type=hidden name=type value=buchungsgruppe>
@@ -1799,6 +1779,8 @@ sub buchungsgruppe_header {
  sub save_buchungsgruppe {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->isblank("description", $locale->text('Description missing!'));
  
    AM->save_buchungsgruppe(\%myconfig, \%$form);
@@ -1810,6 +1792,8 @@ sub save_buchungsgruppe {
  sub delete_buchungsgruppe {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    AM->delete_buchungsgruppe(\%myconfig, \%$form);
    $form->redirect($locale->text('Accounting Group deleted!'));
  
@@ -1819,6 +1803,8 @@ sub delete_buchungsgruppe {
  sub swap_buchungsgruppen {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    AM->swap_sortkeys(\%myconfig, $form, "buchungsgruppen");
    list_buchungsgruppe();
  
@@ -1829,11 +1815,11 @@ sub swap_buchungsgruppen {
  sub add_printer {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title} = "Add";
  
-  $form->{callback} =
-    "$form->{script}?action=add_printer&login=$form->{login}&password=$form->{password}"
-    unless $form->{callback};
+  $form->{callback} = "am.pl?action=add_printer" unless $form->{callback};
  
    &printer_header;
    &form_footer;
@@ -1844,6 +1830,8 @@ sub add_printer {
  sub edit_printer {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title} = "Edit";
  
    AM->get_printer(\%myconfig, \%$form);
@@ -1859,10 +1847,11 @@ sub edit_printer {
  sub list_printer {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    AM->printer(\%myconfig, \%$form);
  
-  $form->{callback} =
-    "$form->{script}?action=list_printer&login=$form->{login}&password=$form->{password}";
+  $form->{callback} = "am.pl?action=list_printer";
  
    $callback = $form->escape($form->{callback});
  
@@ -1915,8 +1904,7 @@ sub list_printer {
  |;
  
  
-    $column_data{printer_description} =
-      qq|<td><a href=$form->{script}?action=edit_printer&id=$ref->{id}&login=$form->{login}&password=$form->{password}&callback=$callback>$ref->{printer_description}</td>|;
+    $column_data{printer_description} = qq|<td><a href="am.pl?action=edit_printer&id=$ref->{id}&callback=$callback">$ref->{printer_description}"</td>|;
      $column_data{printer_command}           = qq|<td align=right>$ref->{printer_command}</td>|;
      $column_data{template_code} =
        qq|<td align=right>$ref->{template_code}</td>|;
@@ -1938,15 +1926,12 @@ sub list_printer {
  </table>
  
  <br>
-<form method=post action=$form->{script}>
+<form method=post action=am.pl>
  
  <input name=callback type=hidden value="$form->{callback}">
  
  <input type=hidden name=type value=printer>
  
-<input type=hidden name=login value=$form->{login}>
-<input type=hidden name=password value=$form->{password}>
-
  <input class=submit type=submit name=action value="|
      . $locale->text('Add') . qq|">
  
@@ -1962,6 +1947,8 @@ sub list_printer {
  sub printer_header {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title}    = $locale->text("$form->{title} Printer");
  
    # $locale->text('Add Printer')
@@ -1977,7 +1964,7 @@ sub printer_header {
    print qq|
  <body>
  
-<form method=post action=$form->{script}>
+<form method=post action=am.pl>
  
  <input type=hidden name=id value=$form->{id}>
  <input type=hidden name=type value=printer>
@@ -2010,6 +1997,8 @@ sub printer_header {
  sub save_printer {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->isblank("printer_description", $locale->text('Description missing!'));
    $form->isblank("printer_command", $locale->text('Printer Command missing!'));
    AM->save_printer(\%myconfig, \%$form);
@@ -2021,6 +2010,8 @@ sub save_printer {
  sub delete_printer {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    AM->delete_printer(\%myconfig, \%$form);
    $form->redirect($locale->text('Printer deleted!'));
  
@@ -2030,11 +2021,11 @@ sub delete_printer {
  sub add_payment {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title} = "Add";
  
-  $form->{callback} =
-    "$form->{script}?action=add_payment&login=$form->{login}&password=$form->{password}"
-    unless $form->{callback};
+  $form->{callback} = "am.pl?action=add_payment" unless $form->{callback};
  
    $form->{terms_netto} = 0;
    $form->{terms_skonto} = 0;
@@ -2052,6 +2043,8 @@ sub add_payment {
  sub edit_payment {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title} = "Edit";
  
    AM->get_payment(\%myconfig, $form);
@@ -2069,6 +2062,8 @@ sub edit_payment {
  sub list_payment {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    AM->payment(\%myconfig, \%$form);
  
    $form->{callback} = build_std_url("action=list_payment");
@@ -2197,15 +2192,12 @@ sub list_payment {
  </table>
  
  <br>
-<form method=post action=$form->{script}>
+<form method=post action=am.pl>
  
  <input name=callback type=hidden value="$form->{callback}">
  
  <input type=hidden name=type value=payment>
  
-<input type=hidden name=login value=$form->{login}>
-<input type=hidden name=password value=$form->{password}>
-
  <input class=submit type=submit name=action value="|
      . $locale->text('Add') . qq|">
  
@@ -2221,6 +2213,8 @@ sub list_payment {
  sub payment_header {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title}    = $locale->text("$form->{title} Payment Terms");
  
    # $locale->text('Add Payment Terms')
@@ -2235,7 +2229,7 @@ sub payment_header {
    print qq|
  <body>
  
-<form method=post action=$form->{script}>
+<form method=post action=am.pl>
  
  <input type=hidden name=id value=$form->{id}>
  <input type=hidden name=type value=payment>
@@ -2301,8 +2295,12 @@ sub payment_header {
    <li>| . $locale->text("&lt;%skonto_amount%&gt; -- The deductible amount")
  . qq|</li>
    <li>| . $locale->text("&lt;%total%&gt; -- Amount payable")
+. qq|</li>
+  <li>| . $locale->text("&lt;%total_wo_skonto%&gt; -- Amount payable less discount")
  . qq|</li>
    <li>| . $locale->text("&lt;%invtotal%&gt; -- Invoice total")
+. qq|</li>
+  <li>| . $locale->text("&lt;%invtotal_wo_skonto%&gt; -- Invoice total less discount")
  . qq|</li>
    <li>| . $locale->text("&lt;%currency%&gt; -- The selected currency")
  . qq|</li>
@@ -2323,6 +2321,8 @@ sub payment_header {
  sub save_payment {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->isblank("description", $locale->text('Description missing!'));
    $form->{"percent_skonto"} =
      $form->parse_amount(\%myconfig, $form->{percent_skonto}) / 100;
@@ -2335,6 +2335,8 @@ sub save_payment {
  sub delete_payment {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    AM->delete_payment(\%myconfig, \%$form);
    $form->redirect($locale->text('Payment terms deleted!'));
  
@@ -2344,39 +2346,73 @@ sub delete_payment {
  sub swap_payment_terms {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    AM->swap_sortkeys(\%myconfig, $form, "payment_terms");
    list_payment();
  
    $lxdebug->leave_sub();
  }
  
-sub config {
+sub edit_defaults {
    $lxdebug->enter_sub();
  
    # get defaults for account numbers and last numbers
    AM->defaultaccounts(\%myconfig, \%$form);
  
-  foreach $item (qw(mm-dd-yy mm/dd/yy dd-mm-yy dd/mm/yy dd.mm.yy yyyy-mm-dd)) {
-    $dateformat .=
-      ($item eq $myconfig{dateformat})
-      ? "<option selected>$item\n"
-      : "<option>$item\n";
-  }
+  map { $form->{"defaults_${_}"} = $form->{defaults}->{$_} } keys %{ $form->{defaults} };
  
-  foreach $item (qw(1,000.00 1000.00 1.000,00 1000,00)) {
-    $numberformat .=
-      ($item eq $myconfig{numberformat})
-      ? "<option selected>$item\n"
-      : "<option>$item\n";
+  foreach $key (keys %{ $form->{IC} }) {
+    foreach $accno (sort keys %{ $form->{IC}->{$key} }) {
+      my $array = "ACCNOS_" . uc($key);
+      $form->{$array} ||= [];
+
+      my $value = "${accno}--" . $form->{IC}->{$key}->{$accno}->{description};
+      push @{ $form->{$array} }, {
+        'name'     => $value,
+        'value'    => $value,
+        'selected' => $form->{IC}->{$key}->{$accno}->{id} == $form->{defaults}->{$key},
+      };
+    }
    }
  
-  foreach $item (qw(name company address signature)) {
-    $myconfig{$item} =~ s/\"/&quot;/g;
-  }
+  $form->{title} = $locale->text('Ranges of numbers and default accounts');
+
+  $form->header();
+  print $form->parse_html_template('am/edit_defaults');
+
+  $lxdebug->leave_sub();
+}
+
+sub save_defaults {
+  $lxdebug->enter_sub();
+
+  AM->save_defaults();
+
+  $form->redirect($locale->text('Defaults saved.'));
+
+  $lxdebug->leave_sub();
+}
+
+sub _build_cfg_options {
+  my $idx   = shift;
+  my $array = uc($idx) . 'S';
  
-  foreach $item (qw(address signature)) {
-    $myconfig{$item} =~ s/\\n/\r\n/g;
+  $form->{$array} = [];
+  foreach my $item (@_) {
+    push @{ $form->{$array} }, {
+      'name'     => $item,
+      'value'    => $item,
+      'selected' => $item eq $myconfig{$idx},
+    };
    }
+}
+
+sub config {
+  $lxdebug->enter_sub();
+
+  _build_cfg_options('dateformat', qw(mm-dd-yy mm/dd/yy dd-mm-yy dd/mm/yy dd.mm.yy yyyy-mm-dd));
+  _build_cfg_options('numberformat', qw(1,000.00 1000.00 1.000,00 1000,00));
  
    @formats = ();
    if ($opendocument_templates && $openofficeorg_writer_bin &&
@@ -2400,346 +2436,66 @@ sub config {
    if (!$myconfig{"template_format"}) {
      $myconfig{"template_format"} = "pdf";
    }
-  my $template_format = "";
+  $form->{TEMPLATE_FORMATS} = [];
    foreach $item (@formats) {
-    $template_format .=
-      "<option value=\"$item->{value}\"" .
-      ($item->{"value"} eq $myconfig{"template_format"} ?
-       " selected" : "") .
-       ">" . H($item->{"name"}) . "</option>";
+    push @{ $form->{TEMPLATE_FORMATS} }, {
+      'name'     => $item->{name},
+      'value'    => $item->{value},
+      'selected' => $item->{value} eq $myconfig{template_format},
+    };
    }
  
    if (!$myconfig{"default_media"}) {
      $myconfig{"default_media"} = "screen";
    }
+
    my %selected = ($myconfig{"default_media"} => "selected");
-  my $default_media = qq|
-  <option value="screen" $selected{'screen'}>| . $locale->text("Screen") . qq|</option>
-  <option value="printer" $selected{'printer'}>| . $locale->text("Printer") . qq|</option>
-  <option value="queue" $selected{'queue'}>| . $locale->text("Queue") . qq|</option>
-|;
+  $form->{MEDIA} = [
+    { 'name' => $locale->text('Screen'),  'value' => 'screen',  'selected' => $selected{screen}, },
+    { 'name' => $locale->text('Printer'), 'value' => 'printer', 'selected' => $selected{printer}, },
+    { 'name' => $locale->text('Queue'),   'value' => 'queue',   'selected' => $selected{queue}, },
+    ];
  
-  %selected = ();
-  $selected{$myconfig{"default_printer_id"}} = "selected"
-    if ($myconfig{"default_printer_id"});
-  my $default_printer = qq|<option></option>|;
    AM->printer(\%myconfig, $form);
+
+  $form->{PRINTERS} = [];
    foreach my $printer (@{$form->{"ALL"}}) {
-    $default_printer .= qq|<option value="| . Q($printer->{"id"}) .
-      qq|" $selected{$printer->{'id'}}>| .
-      H($printer->{"printer_description"}) . qq|</option>|;
+    push @{ $form->{PRINTERS} }, {
+      'name'     => $printer->{printer_description},
+      'value'    => $printer->{id},
+      'selected' => $printer->{id} == $myconfig{default_printer_id},
+    };
    }
  
    %countrycodes = User->country_codes;
-  $countrycodes = '';
-  foreach $key (sort { $countrycodes{$a} cmp $countrycodes{$b} }
-                keys %countrycodes
-    ) {
-    $countrycodes .=
-      ($myconfig{countrycode} eq $key)
-      ? "<option selected value=$key>$countrycodes{$key}\n"
-      : "<option value=$key>$countrycodes{$key}\n";
-  }
-  $countrycodes = "<option>American English\n$countrycodes";
  
-  foreach $key (keys %{ $form->{IC} }) {
-    foreach $accno (sort keys %{ $form->{IC}{$key} }) {
-      $myconfig{$key} .=
-        ($form->{IC}{$key}{$accno}{id} == $form->{defaults}{$key})
-        ? "<option selected>$accno--$form->{IC}{$key}{$accno}{description}\n"
-        : "<option>$accno--$form->{IC}{$key}{$accno}{description}\n";
-    }
-  }
-
-#  opendir CSS, "css/.";
-#  @all = grep /.*\.css$/, readdir CSS;
-#  closedir CSS;
-
-# css dir has styles that are not intended as general layouts.
-# reverting to hardcoded list
-  @all = qw(lx-office-erp.css Win2000.css);
-
-  foreach $item (@all) {
-    if ($item eq $myconfig{stylesheet}) {
-      $selectstylesheet .= qq|<option selected>$item\n|;
-    } else {
-      $selectstylesheet .= qq|<option>$item\n|;
-    }
+  $countrycodes{""} = "American English";
+  $form->{COUNTRYCODES} = [];
+  foreach $countrycode (sort { $countrycodes{$a} cmp $countrycodes{$b} } keys %countrycodes) {
+    push @{ $form->{COUNTRYCODES} }, {
+      'name'     => $countrycodes{$countrycode},
+      'value'    => $countrycode,
+      'selected' => $countrycode eq $myconfig{countrycode},
+    };
    }
-  $selectstylesheet .= "<option>\n";
-
-  $form->{title} = $locale->text('Edit Preferences for') . qq| $form->{login}|;
  
-  $form->header;
-
-  if ($myconfig{menustyle} eq "old") {
-    $menustyle_old = "checked";
-  } elsif ($myconfig{menustyle} eq "neu") {
-    $menustyle_neu = "checked";
-  } elsif ($myconfig{menustyle} eq "v3") {
-    $menustyle_v3 = "checked";
+  $form->{STYLESHEETS} = [];
+  foreach $item (qw(lx-office-erp.css Win2000.css)) {
+    push @{ $form->{STYLESHEETS} }, {
+      'name'     => $item,
+      'value'    => $item,
+      'selected' => $item eq $myconfig{stylesheet},
+    };
    }
  
-  my ($show_form_details, $hide_form_details);
-  $myconfig{"show_form_details"} = 1
-    unless (defined($myconfig{"show_form_details"}));
-  $show_form_details = "checked" if ($myconfig{"show_form_details"});
-  $hide_form_details = "checked" unless ($myconfig{"show_form_details"});
-
-  print qq|
-<body>
-
-<form method=post action=$form->{script}>
-
-<input type=hidden name=old_password value=$myconfig{password}>
-<input type=hidden name=type value=preferences>
-<input type=hidden name=role value=$myconfig{role}>
-
-<table width=100%>
-  <tr><th class=listtop>$form->{title}</th></tr>
-  <tr>
-    <td>
-      <table>
-        <tr>
-         <th align=right>| . $locale->text('Name') . qq|</th>
-         <td><input name=name size=15 value="$myconfig{name}"></td>
-       </tr>
-       <tr>
-         <th align=right>| . $locale->text('Password') . qq|</th>
-         <td><input type=password name=new_password size=10 value=$myconfig{password}></td>
-       </tr>
-       <tr>
-         <th align=right>| . $locale->text('E-mail') . qq|</th>
-         <td><input name=email size=30 value="$myconfig{email}"></td>
-       </tr>
-       <tr valign=top>
-         <th align=right>| . $locale->text('Signature') . qq|</th>
-         <td><textarea name=signature rows=3 cols=50>$myconfig{signature}</textarea></td>
-       </tr>
-       <tr>
-         <th align=right>| . $locale->text('Phone') . qq|</th>
-         <td><input name=tel size=14 value="$myconfig{tel}"></td>
-       </tr>
-       <tr>
-         <th align=right>| . $locale->text('Fax') . qq|</th>
-         <td><input name=fax size=14 value="$myconfig{fax}"></td>
-       </tr>
-       <tr>
-         <th align=right>| . $locale->text('Company') . qq|</th>
-         <td><input name=company size=30 value="$myconfig{company}"></td>
-       </tr>
-       <tr valign=top>
-         <th align=right>| . $locale->text('Address') . qq|</th>
-         <td><textarea name=address rows=4 cols=50>$myconfig{address}</textarea></td>
-       </tr>
-       <tr>
-         <th align=right>| . $locale->text('Date Format') . qq|</th>
-         <td><select name=dateformat>$dateformat</select></td>
-       </tr>
-       <tr>
-         <th align=right>| . $locale->text('Output Number Format') . qq|</th>
-         <td><select name=numberformat>$numberformat</select></td>
-       </tr>
-
-       <tr>
-         <th align=right>| . $locale->text('Dropdown Limit') . qq|</th>
-         <td><input name=vclimit size=10 value="$myconfig{vclimit}"></td>
-       </tr>
-       <tr>
-         <th align=right>| . $locale->text('Language') . qq|</th>
-         <td><select name=countrycode>$countrycodes</select></td>
-       </tr>
-       <tr>
-         <th align=right>| . $locale->text('Stylesheet') . qq|</th>
-         <td><select name=usestylesheet>$selectstylesheet</select></td>
-       </tr>
-       <tr>
-         <th align=right>| . $locale->text('Setup Menu') . qq|</th>
-         <td><input name=menustyle type=radio class=radio value=v3 $menustyle_v3>&nbsp;| .
-    $locale->text("Top (CSS)") . qq|
-         <input name=menustyle type=radio class=radio value=neu $menustyle_neu>&nbsp;| .
-    $locale->text("Top (Javascript)") . qq|
-    <input name=menustyle type=radio class=radio value=old $menustyle_old>&nbsp;| .
-    $locale->text("Old (on the side)") . qq|</td>
-  </tr>
-  <tr>
-    <th align=right>| . $locale->text('Form details (second row)') . qq|</th>
-    <td><input type="radio" id="rad_show_form_details" name="show_form_details" value="1" $show_form_details>&nbsp;
-    <label for="rad_show_form_details">| . $locale->text('Show by default') . qq|</label>
-    <input type="radio" id="rad_hide_form_details" name="show_form_details" value="0" $hide_form_details>&nbsp;
-    <label for="rad_hide_form_details">| . $locale->text('Hide by default') . qq|</label></td>
-       </tr>
-       <input name=printer type=hidden value="$myconfig{printer}">
-       <tr class=listheading>
-         <th colspan=2>| . $locale->text("Print options") . qq|</th>
-       </tr>
-       <tr>
-         <th align=right>| . $locale->text('Default template format') . qq|</th>
-         <td><select name="template_format">$template_format</select></td>
-       </tr>
-       <tr>
-         <th align=right>| . $locale->text('Default output medium') . qq|</th>
-         <td><select name="default_media">$default_media</select></td>
-       </tr>
-       <tr>
-         <th align=right>| . $locale->text('Default printer') . qq|</th>
-         <td><select name="default_printer_id">$default_printer</select></td>
-       </tr>
-       <tr>
-         <th align=right>| . $locale->text('Number of copies') . qq|</th>
-         <td><input name="copies" size="10" value="| .
-    $form->quote($myconfig{"copies"}) . qq|"></td>
-       </tr>
-
-
-       <tr class=listheading>
-         <th colspan=2>&nbsp;</th>
-       </tr>
-       <tr>
-         <th align=right>| . $locale->text('Business Number') . qq|</th>
-         <td><input name=businessnumber size=25 value="$myconfig{businessnumber}"></td>
-       </tr>
-       <tr>
-               <th align=right>| . $locale->text('Year End') . qq| (mm/dd)</th>
-               <td><input name=yearend size=5 value=$form->{defaults}{yearend}></td>
-       </tr>
-       <tr class=listheading>
-         <th colspan=2>|
-    . $locale->text('Last Numbers & Default Accounts') . qq|</th>
-       </tr>
-       <tr>
-         <td colspan=2>
-           <table width=100%>
-             <tr>
-               <th align=right nowrap>| . $locale->text('Inventory Account') . qq|</th>
-               <td><select name=inventory_accno>$myconfig{IC}</select></td>
-             </tr>
-             <tr>
-               <th align=right nowrap>| . $locale->text('Revenue Account') . qq|</th>
-               <td><select name=income_accno>$myconfig{IC_income}</select></td>
-             </tr>
-             <tr>
-               <th align=right nowrap>| . $locale->text('Expense Account') . qq|</th>
-               <td><select name=expense_accno>$myconfig{IC_expense}</select></td>
-             </tr>
-             <tr>
-               <th align=right nowrap>| . $locale->text('Foreign Exchange Gain') . qq|</th>
-               <td><select name=fxgain_accno>$myconfig{FX_gain}</select></td>
-             </tr>
-             <tr>
-               <th align=right nowrap>| . $locale->text('Foreign Exchange Loss') . qq|</th>
-               <td><select name=fxloss_accno>$myconfig{FX_loss}</select></td>
-             </tr>
-             <tr>
-               <td colspan=2>|
-    . $locale->text(
-    'Enter up to 3 letters separated by a colon (i.e CAD:USD:EUR) for your native and foreign currencies'
-    )
-    . qq|<br><input name=curr size=40 value="$form->{defaults}{curr}"></td>
-             </tr>
-            </table>
-          </td>
-         </tr>
-         <tr>
-           <td colspan=2>
-             <table width=100%>
-             <tr>
-               <th align=right nowrap>| . $locale->text('Last Invoice Number') . qq|</th>
-               <td><input name=invnumber size=10 value=$form->{defaults}{invnumber}></td>
-                <th align=right nowrap>|
-    . $locale->text('Last Customer Number') . qq|</th>
-               <td><input name=customernumber size=10 value=$form->{defaults}{customernumber}></td>
-             </tr>
-             <tr>
-               <th align=right nowrap>|
-    . $locale->text('Last Credit Note Number') . qq|</th>
-               <td><input name=cnnumber size=10 value=$form->{defaults}{cnnumber}></td>
-                <th align=right nowrap>|
-    . $locale->text('Last Vendor Number') . qq|</th>
-               <td><input name=vendornumber size=10 value=$form->{defaults}{vendornumber}></td>
-             </tr>
-             <tr>
-               <th align=right nowrap>|
-    . $locale->text('Last Sales Order Number') . qq|</th>
-               <td><input name=sonumber size=10 value=$form->{defaults}{sonumber}></td>
-             </tr>
-             <tr>
-               <th align=right nowrap>|
-    . $locale->text('Last Purchase Order Number') . qq|</th>
-               <td><input name=ponumber size=10 value=$form->{defaults}{ponumber}></td>
-                <th align=right nowrap>|
-    . $locale->text('Last Article Number') . qq|</th>
-               <td><input name=articlenumber size=10 value=$form->{defaults}{articlenumber}></td>
-             </tr>
-             <tr>
-               <th align=right nowrap>|
-    . $locale->text('Last Sales Quotation Number') . qq|</th>
-               <td><input name=sqnumber size=10 value=$form->{defaults}{sqnumber}></td>
-                <th align=right nowrap>|
-    . $locale->text('Last Service Number') . qq|</th>
-               <td><input name=servicenumber size=10 value=$form->{defaults}{servicenumber}></td>
-             </tr>
-             <tr>
-               <th align=right nowrap>| . $locale->text('Last RFQ Number') . qq|</th>
-               <td><input name=rfqnumber size=10 value=$form->{defaults}{rfqnumber}></td>
-                <th align=right nowrap></th>
-               <td></td>
-             </tr>
-           </table>
-         </td>
-       </tr>|;
-#      <tr class=listheading>
-#        <th colspan=2>| . $locale->text('Tax Accounts') . qq|</th>
-#      </tr>
-#      <tr>
-#        <td colspan=2>
-#          <table>
-#            <tr>
-#              <th>&nbsp;</th>
-#              <th>| . $locale->text('Rate') . qq| (%)</th>
-#              <th>| . $locale->text('Number') . qq|</th>
-#            </tr>
-# |;
-# 
-#   foreach $accno (sort keys %{ $form->{taxrates} }) {
-#     print qq|
-#               <tr>
-#              <th align=right>$form->{taxrates}{$accno}{description}</th>
-#              <td><input name=$form->{taxrates}{$accno}{id} size=6 value=$form->{taxrates}{$accno}{rate}></td>
-#              <td><input name="taxnumber_$form->{taxrates}{$accno}{id}" value="$form->{taxrates}{$accno}{taxnumber}"></td>
-#            </tr>
-# |;
-#     $form->{taxaccounts} .= "$form->{taxrates}{$accno}{id} ";
-#   }
-# 
-#   chop $form->{taxaccounts};
-# 
-#   print qq|
-# <input name=taxaccounts type=hidden value="$form->{taxaccounts}">
-# 
-#             </table>
-#        </td>
-#      </tr>
-print qq|      </table>
-    </td>
-  </tr>
-  <tr>
-    <td><hr size=3 noshade></td>
-  </tr>
-</table>
-
-<input type=hidden name=login value=$form->{login}>
-<input type=hidden name=password value=$form->{password}>
-
-<br>
-<input type=submit class=submit name=action value="|
-    . $locale->text('Save') . qq|">
+  $myconfig{show_form_details}              = 1 unless (defined($myconfig{show_form_details}));
+  $form->{"menustyle_$myconfig{menustyle}"} = 1;
+  $form->{CAN_CHANGE_PASSWORD}              = $auth->can_change_password();
  
-  </form>
+  $form->{title}                            = $locale->text('Edit Preferences for #1', $form->{login});
  
-</body>
-</html>
-|;
+  $form->header();
+  print $form->parse_html_template('am/config');
  
    $lxdebug->leave_sub();
  }
@@ -2749,10 +2505,7 @@ sub save_preferences {
  
    $form->{stylesheet} = $form->{usestylesheet};
  
-  $form->redirect($locale->text('Preferences saved!'))
-    if (
-     AM->save_preferences(\%myconfig, \%$form, $memberfile, $userspath, $webdav
-     ));
+  $form->redirect($locale->text('Preferences saved!')) if (AM->save_preferences(\%myconfig, \%$form, $webdav));
    $form->error($locale->text('Cannot save preferences!'));
  
    $lxdebug->leave_sub();
@@ -2761,6 +2514,8 @@ sub save_preferences {
  sub audit_control {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->{title} = $locale->text('Audit Control');
  
    AM->closedto(\%myconfig, \%$form);
@@ -2776,10 +2531,7 @@ sub audit_control {
    print qq|
  <body>
  
-<form method=post action=$form->{script}>
-
-<input type=hidden name=login value=$form->{login}>
-<input type=hidden name=password value=$form->{password}>
+<form method=post action=am.pl>
  
  <table width=100%>
    <tr><th class=listtop>$form->{title}</th></tr>
@@ -2825,6 +2577,8 @@ sub audit_control {
  sub doclose {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    AM->closebooks(\%myconfig, \%$form);
  
    if ($form->{revtrans}) {
@@ -2846,6 +2600,8 @@ sub doclose {
  sub edit_units {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $units = AM->retrieve_units(\%myconfig, $form, $form->{"unit_type"}, "resolved_");
    AM->units_in_use(\%myconfig, $form, $units);
    map({ $units->{$_}->{"BASE_UNIT_DDBOX"} = AM->unit_select_data($units, $units->{$_}->{"base_unit"}, 1); } keys(%{$units}));
@@ -2878,10 +2634,10 @@ sub edit_units {
    $form->{"title"} = sprintf($locale->text("Add and edit %s"), $form->{"unit_type"} eq "dimension" ? $locale->text("dimension units") : $locale->text("service units"));
    $form->header();
    print($form->parse_html_template("am/edit_units",
-                                   { "UNITS" => \@unit_list,
+                                   { "UNITS"               => \@unit_list,
                                       "NEW_BASE_UNIT_DDBOX" => $ddbox,
-                                     "LANGUAGES" => \@languages,
-                                     "updownlink" => $updownlink }));
+                                     "LANGUAGES"           => \@languages,
+                                     "updownlink"          => $updownlink }));
  
    $lxdebug->leave_sub();
  }
@@ -2889,6 +2645,8 @@ sub edit_units {
  sub add_unit {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $form->isblank("new_name", $locale->text("The name is missing."));
    $units = AM->retrieve_units(\%myconfig, $form, $form->{"unit_type"});
    $all_units = AM->retrieve_units(\%myconfig, $form);
@@ -2925,6 +2683,8 @@ sub add_unit {
  sub set_unit_languages {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    my ($unit, $languages, $idx) = @_;
  
    $unit->{"LANGUAGES"} = [];
@@ -2943,6 +2703,8 @@ sub set_unit_languages {
  sub save_unit {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    $old_units = AM->retrieve_units(\%myconfig, $form, $form->{"unit_type"}, "resolved_");
    AM->units_in_use(\%myconfig, $form, $old_units);
  
@@ -3021,16 +2783,21 @@ sub save_unit {
  sub show_history_search {
         $lxdebug->enter_sub();
         
+  $auth->assert('config');
+
         $form->{title} = $locale->text("History Search");
      $form->header();
      
-    print $form->parse_html_template("/common/search_history");
+    print $form->parse_html_template("common/search_history");
         
         $lxdebug->leave_sub();
  }
  
  sub show_am_history {
         $lxdebug->enter_sub();
+
+  $auth->assert('config');
+
         my %search = ( "Artikelnummer" => "parts",
                                    "Kundennummer"  => "customer",
                                    "Lieferantennummer" => "vendor",
@@ -3061,7 +2828,6 @@ sub show_am_history {
                         $restriction .= " OR addition = '" . $_ . "'";
                 }
         }
-       
         $restriction .= (($form->{transdate} ne "" && $form->{reqdate} ne "") 
                                                 ? qq| AND st.itime::date >= '| . $form->{transdate} . qq|' AND st.itime::date <= '| . $form->{reqdate} . qq|'|
                                                 : (($form->{transdate} ne "" && $form->{reqdate} eq "") 
@@ -3071,43 +2837,55 @@ sub show_am_history {
                                                                 : ""
                                                         )
                                                 );
-       
+  $restriction .= ($form->{mitarbeiter} eq "" ? "" 
+          : ($form->{mitarbeiter} =~ /^[0-9]*$/  
+            ? " AND employee_id = " . $form->{mitarbeiter} 
+            : " AND employee_id = " . &get_employee_id($form->{mitarbeiter}, $dbh)));
+  
         my $dbh = $form->dbconnect(\%myconfig);
-       my $searchSNumber = $searchNo{$form->{'what2search'}} . qq|_| . $form->{'searchid'};
-       $restriction .= ($form->{mitarbeiter} eq "" ? "" 
-                                       : ($form->{mitarbeiter} =~ /^[0-9]*$/  
-                                               ? " AND employee_id = " . $form->{mitarbeiter} 
-                                               : " AND employee_id = " . &get_employee_id($form->{mitarbeiter}, $dbh)));
-       my $query = qq|SELECT trans_id AS id FROM history_erp WHERE sNumbers = '$searchSNumber' |;
+       my $query = qq|SELECT trans_id AS id FROM history_erp | . 
+                ($form->{'searchid'} ? 
+                  qq| WHERE snumbers = '| . $searchNo{$form->{'what2search'}} . qq|_| . $form->{'searchid'} . qq|'| : 
+                  qq| WHERE snumbers ~ '^| . $searchNo{$form->{'what2search'}} . qq|'|);
  
    my $sth = $dbh->prepare($query);
         
         $sth->execute() || $form->dberror($query);
-       
-  if($sth->fetch() <= 0) {
-    $sth->finish();
-    my $query = qq|SELECT id FROM $search{$form->{what2search}} 
-           WHERE $searchNo{$form->{'what2search'}} ILIKE '$form->{"searchid"}' 
-           |;
-  }
-  $sth->execute() || $form->dberror($query);  
-       $form->{title} = $locale->text("History Search");
+  
+  $form->{title} = $locale->text("History Search");
         $form->header();
-       my $daten = "";
-       while(my $hash_ref = $sth->fetchrow_hashref()){
-    $daten =  $form->get_history($dbh,$hash_ref->{id},$restriction);
+       
+  my $i = 1;
+  my $daten = qq||;
+  while(my $hash_ref = $sth->fetchrow_hashref()){
+    if($i) {
+      $daten .= $hash_ref->{id};
+      $i = 0;
+    }
+    else {
+      $daten .= " OR trans_id = " . $hash_ref->{id};
+    }
    }
-       $dbh->disconnect();
-       print $form->parse_html_template("/common/show_history", 
-    {"DATEN" => $daten,
-     "SUCCESS" => ($daten != 0 ? 1 : 0),
-     "NONEWWINDOW" => 1
+  
+  my ($sort, $sortby) = split(/\-\-/, $form->{order});
+  $sort =~ s/.*\.(.*)$/$1/;
+
+       print $form->parse_html_template("common/show_history", 
+    {"DATEN" => $form->get_history($dbh, $daten, $restriction, $form->{order}),
+     "SUCCESS" => ($form->get_history($dbh, $daten, $restriction, $form->{order}) ne "0"),
+     "NONEWWINDOW" => 1,
+     uc($sort) => 1,
+     uc($sort)."BY" => $sortby
      });
-       $lxdebug->leave_sub();
+       $dbh->disconnect();
+  $lxdebug->leave_sub();
  }
  
  sub get_employee_id {
         $lxdebug->enter_sub();
+
+  $auth->assert('config');
+
         my $query = qq|SELECT id FROM employee WHERE name = '| . $_[0] . qq|'|;
         my $sth = $_[1]->prepare($query);
         $sth->execute() || $form->dberror($query);
@@ -3120,6 +2898,8 @@ sub get_employee_id {
  sub swap_units {
    $lxdebug->enter_sub();
  
+  $auth->assert('config');
+
    my $dir = $form->{"dir"} eq "down" ? "down" : "up";
    my $unit_type = $form->{"unit_type"} eq "dimension" ?
      "dimension" : "service";
@@ -3129,3 +2909,226 @@ sub swap_units {
  
    $lxdebug->leave_sub();
  }
+
+sub add_tax {
+  $lxdebug->enter_sub();
+
+  $auth->assert('config');
+
+  $form->{title} =  $locale->text('Add');
+
+  $form->{callback} ||= "am.pl?action=add_tax";
+
+  _get_taxaccount_selection();
+
+  $form->header();
+  
+  my $parameters_ref = {
+#    ChartTypeIsAccount         => $ChartTypeIsAccount,
+  };
+  
+  # Ausgabe des Templates
+  print($form->parse_html_template('am/edit_tax', $parameters_ref));
+
+  $lxdebug->leave_sub();
+}
+
+sub edit_tax {
+  $lxdebug->enter_sub();
+
+  $auth->assert('config');
+
+  $form->{title} =  $locale->text('Edit');
+
+  AM->get_tax(\%myconfig, \%$form);
+  _get_taxaccount_selection();
+
+  $form->{rate} = $form->format_amount(\%myconfig, $form->{rate}, 2);
+
+  $form->header();
+  
+  my $parameters_ref = {
+  };
+  
+  # Ausgabe des Templates
+  print($form->parse_html_template('am/edit_tax', $parameters_ref));
+
+  $lxdebug->leave_sub();
+}
+
+sub list_tax {
+  $lxdebug->enter_sub();
+
+  $auth->assert('config');
+
+  AM->taxes(\%myconfig, \%$form);
+
+  map { $_->{rate} = $form->format_amount(\%myconfig, $_->{rate}, 2) } @{ $form->{TAX} };
+
+  $form->{callback} = build_std_url('action=list_tax');
+
+  $form->{title} = $locale->text('Tax-O-Matic');
+
+  $form->header();
+  
+  # Ausgabe des Templates
+  print($form->parse_html_template('am/list_tax', $parameters_ref));
+
+  $lxdebug->leave_sub();
+}
+
+sub _get_taxaccount_selection{
+  $lxdebug->enter_sub();
+
+  $auth->assert('config');
+
+  AM->get_tax_accounts(\%myconfig, \%$form);
+
+  map { $_->{selected} = $form->{chart_id} == $_->{id} } @{ $form->{ACCOUNTS} };
+
+  $lxdebug->leave_sub();
+}
+
+sub save_tax {
+  $lxdebug->enter_sub();
+
+  $auth->assert('config');
+
+  $form->isblank("rate", $locale->text('Taxrate missing!'));
+  $form->isblank("taxdescription", $locale->text('Taxdescription  missing!'));
+  $form->isblank("taxkey", $locale->text('Taxkey  missing!'));
+
+  $form->{rate} = $form->parse_amount(\%myconfig, $form->{rate});
+
+  if ( $form->{rate} < 0 || $form->{rate} >= 100 ) {
+    $form->error($locale->text('Tax Percent is a number between 0 and 100'));
+  }
+
+  if ( $form->{rate} <= 0.99 && $form->{rate} > 0 ) {
+    $form->error($locale->text('Tax Percent is a number between 0 and 100'));
+  }  
+
+  AM->save_tax(\%myconfig, \%$form);
+  $form->redirect($locale->text('Tax saved!'));
+
+  $lxdebug->leave_sub();
+}
+
+sub delete_tax {
+  $lxdebug->enter_sub();
+
+  $auth->assert('config');
+
+  AM->delete_tax(\%myconfig, \%$form);
+  $form->redirect($locale->text('Tax deleted!'));
+
+  $lxdebug->leave_sub();
+}
+
+sub add_price_factor {
+  $lxdebug->enter_sub();
+
+  $auth->assert('config');
+
+  $form->{title}      = $locale->text('Add Price Factor');
+  $form->{callback} ||= build_std_url('action=add_price_factor');
+  $form->{fokus}      = 'description';
+
+  $form->header();
+  print $form->parse_html_template('am/edit_price_factor');
+
+  $lxdebug->leave_sub();
+}
+
+sub edit_price_factor {
+  $lxdebug->enter_sub();
+
+  $auth->assert('config');
+
+  $form->{title}      = $locale->text('Edit Price Factor');
+  $form->{callback} ||= build_std_url('action=add_price_factor');
+  $form->{fokus}      = 'description';
+
+  AM->get_price_factor(\%myconfig, $form);
+
+  $form->{factor} = $form->format_amount(\%myconfig, $form->{factor} * 1);
+
+  $form->header();
+  print $form->parse_html_template('am/edit_price_factor');
+
+  $lxdebug->leave_sub();
+}
+
+sub list_price_factors {
+  $lxdebug->enter_sub();
+
+  $auth->assert('config');
+
+  AM->get_all_price_factors(\%myconfig, \%$form);
+
+  my $previous;
+  foreach my $current (@{ $form->{PRICE_FACTORS} }) {
+    if ($previous) {
+      $previous->{next_id}    = $current->{id};
+      $current->{previous_id} = $previous->{id};
+    }
+
+    $current->{factor} = $form->format_amount(\%myconfig, $current->{factor} * 1);
+
+    $previous = $current;
+  }
+
+  $form->{callback} = build_std_url('action=list_price_factors');
+  $form->{title}    = $locale->text('Price Factors');
+  $form->{url_base} = build_std_url('callback');
+
+  $form->header();
+  print $form->parse_html_template('am/list_price_factors');
+
+  $lxdebug->leave_sub();
+}
+
+sub save_price_factor {
+  $lxdebug->enter_sub();
+
+  $auth->assert('config');
+
+  $form->isblank("description", $locale->text('Description missing!'));
+  $form->isblank("factor", $locale->text('Factor missing!'));
+
+  $form->{factor} = $form->parse_amount(\%myconfig, $form->{factor});
+
+  AM->save_price_factor(\%myconfig, $form);
+
+  $form->{callback} .= '&MESSAGE=' . $form->escape($locale->text('Price factor saved!')) if ($form->{callback});
+
+  $form->redirect($locale->text('Price factor saved!'));
+
+  $lxdebug->leave_sub();
+}
+
+sub delete_price_factor {
+  $lxdebug->enter_sub();
+
+  $auth->assert('config');
+
+  AM->delete_price_factor(\%myconfig, \%$form);
+
+  $form->{callback} .= '&MESSAGE=' . $form->escape($locale->text('Price factor deleted!')) if ($form->{callback});
+
+  $form->redirect($locale->text('Price factor deleted!'));
+
+  $lxdebug->leave_sub();
+}
+
+sub swap_price_factors {
+  $lxdebug->enter_sub();
+
+  $auth->assert('config');
+
+  AM->swap_sortkeys(\%myconfig, $form, 'price_factors');
+  list_price_factors();
+
+  $lxdebug->leave_sub();
+}
+