-[% USE LxERP %]
-<table width=100%>
+[% USE HTML %][% USE LxERP %]
+<table width="100%">
<tr>
<td>
- <table width=100%>
- <tr class=listheading>
- <th class=listheading>Lieferadresse</th>
- <th class=listheading>Rechnung</th>
- <th class=listheading>Auftrag</th>
- <th class=listheading>Rechnungsdatum</th>
- <th class=listheading>Beschreibung</th>
- <th class=listheading>Menge</th>
- <th class=listheading>Einheit</th>
- <th class=listheading>Verkaufspreis</th>
+ <table width="100%">
+ <tr class="listheading">
+ <th class="listheading">Lieferadresse</th>
+ <th class="listheading">Rechnung</th>
+ <th class="listheading">Auftrag</th>
+ <th class="listheading">Rechnungsdatum</th>
+ <th class="listheading">Beschreibung</th>
+ <th class="listheading">Menge</th>
+ <th class="listheading">Einheit</th>
+ <th class="listheading">Verkaufspreis</th>
</tr>
[%- FOREACH row = DELIVERY %]
- <tr class=listrow[% loop.count % 2 %]>
-
- <td>[% row.shiptoname UNLESS loop.prev.shiptoname == row.shiptoname %] </td>
- <td>[% row.invnumber %] </td>
- <td>[% row.ordnumber %] </td>
- <td>[% row.transdate %] </td>
- <td>[% row.description %] </td>
- <td>[% row.qty %] </td>
- <td>[% row.unit %] </td>
- <td>[% LxERP.format_amount(row.sellprice, 2) %] </td>
+ <tr class="listrow[% loop.count % 2 %]">
+ <td>[% HTML.escape(row.shiptoname) UNLESS loop.prev.shiptoname == row.shiptoname %] </td>
+ <td>[% IF row.id %]<a href='is.pl?action=edit&id=[% HTML.escape(row.id) %]'>[% END %][% HTML.escape(row.invnumber) || ' ' %][% IF row.id %]</a>[% END %]</td>
+ <td>[% IF row.oe_id %]<a href='oe.pl?action=edit&type=sales_order&vc=customer&id=[% HTML.escape(row.oe_id) %]'>[% END %][% HTML.escape(row.ordnumber) || ' ' %][% IF row.oe_id %]</a>[% END %]</td>
+ <td>[% HTML.escape(row.transdate) || ' ' %]</td>
+ <td>[% HTML.escape(row.description) || ' ' %]</td>
+ <td>[% HTML.escape(row.qty) || ' ' %]</td>
+ <td>[% HTML.escape(row.unit) || ' ' %]</td>
+ <td>[% LxERP.format_amount(row.sellprice, 2) || ' ' %]</td>
</tr>
[%- END %]