X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FAM.pm;h=be5d8a4310d1ee63133a0893569d340d95a09ac1;hb=a4b22a8f008d6431597fa80de26bcb0fa10e8d7b;hp=440329dd0c025381ea6debd2c29df23fe065d938;hpb=4b1c7617cf4e4fcd38c17cfc10e424ea9bbd5ed5;p=kivitendo-erp.git diff --git a/SL/AM.pm b/SL/AM.pm index 440329dd0..be5d8a431 100644 --- a/SL/AM.pm +++ b/SL/AM.pm @@ -45,19 +45,24 @@ sub get_account { my ($self, $myconfig, $form) = @_; - $form->{id} = "NULL" unless ($form->{id}); - # connect to database my $dbh = $form->dbconnect($myconfig); - my $query = qq§SELECT c.accno, c.description, c.charttype, c.gifi_accno, - c.category,c.link, tk.taxkey_id, tk.pos_ustva, tk.tax_id,tk.tax_id||'--'||tk.taxkey_id AS tax, tk.startdate, c.pos_bilanz, c.pos_eur, c.new_chart_id, c.valid_from, c.pos_bwa - FROM chart c LEFT JOIN taxkeys tk - ON (c.id=tk.chart_id AND tk.id = (SELECT id from taxkeys where taxkeys.chart_id =c.id AND startdate<=current_date ORDER BY startdate desc LIMIT 1)) - WHERE c.id = $form->{id}§; - + my $query = + qq!SELECT c.accno, c.description, c.charttype, c.gifi_accno, c.category,! . + qq! c.link, c.pos_bilanz, c.pos_eur, c.new_chart_id, c.valid_from, ! . + qq! c.pos_bwa, ! . + qq! tk.taxkey_id, tk.pos_ustva, tk.tax_id, ! . + qq! tk.tax_id || '--' || tk.taxkey_id AS tax, tk.startdate ! . + qq!FROM chart c ! . + qq!LEFT JOIN taxkeys tk ! . + qq!ON (c.id=tk.chart_id AND tk.id = ! . + qq! (SELECT id FROM taxkeys ! . + qq! WHERE taxkeys.chart_id = c.id AND startdate <= current_date ! . + qq! ORDER BY startdate DESC LIMIT 1)) ! . + qq!WHERE c.id = ?!; my $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); + $sth->execute($form->{id}) || $form->dberror($query . " ($form->{id})"); my $ref = $sth->fetchrow_hashref(NAME_lc); @@ -93,16 +98,13 @@ sub get_account { $sth->finish; if ($form->{id}) { - - $where = " WHERE link='$form->{link}'"; - - # get new accounts $query = qq|SELECT id, accno,description - FROM chart $where|; + FROM chart WHERE link = ?|; $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); + $sth->execute($form->{link}) || $form->dberror($query . " ($form->{link})"); + $form->{NEWACCOUNT} = []; while (my $ref = $sth->fetchrow_hashref(NAME_lc)) { push @{ $form->{NEWACCOUNT} }, $ref; } @@ -111,9 +113,9 @@ sub get_account { } # check if we have any transactions $query = qq|SELECT a.trans_id FROM acc_trans a - WHERE a.chart_id = $form->{id}|; + WHERE a.chart_id = ?|; $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); + $sth->execute($form->{id}) || $form->dberror($query . " ($form->{id})"); ($form->{orphaned}) = $sth->fetchrow_array; $form->{orphaned} = !$form->{orphaned}; @@ -123,11 +125,8 @@ sub get_account { $form->{new_chart_valid} = 0; if ($form->{new_chart_id}) { $query = qq|SELECT current_date-valid_from FROM chart - WHERE id = $form->{id}|; - $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); - - my ($count) = $sth->fetchrow_array; + WHERE id = ?|; + my ($count) = selectrow_query($form, $dbh, $query, $form->{id}); if ($count >=0) { $form->{new_chart_valid} = 1; } @@ -167,9 +166,6 @@ sub save_account { } chop $form->{link}; - # if we have an id then replace the old record - $form->{description} =~ s/\'/\'\'/g; - # strip blanks from accno map { $form->{$_} =~ s/ //g; } qw(accno); @@ -179,95 +175,74 @@ sub save_account { $form->{id} = ""; } - map({ $form->{$_} = "NULL" unless ($form->{$_}); } - qw(pos_ustva pos_bwa pos_bilanz pos_eur new_chart_id)); - my($tax_id, $taxkey) = split /--/, $form->{tax}; - $form->{valid_from} = ($form->{valid_from}) ? "'$form->{valid_from}'" : "NULL"; - my $startdate = ($form->{startdate}) ? "'$form->{startdate}'" : "'1970-01-01'"; + my @values; + + my ($tax_id, $taxkey) = split(/--/, $form->{tax}); + my $startdate = $form->{startdate} ? $form->{startdate} : "1970-01-01"; + if ($form->{id} && $form->{orphaned}) { $query = qq|UPDATE chart SET - accno = '$form->{accno}', - description = '$form->{description}', - charttype = '$form->{charttype}', - gifi_accno = '$form->{gifi_accno}', - category = '$form->{category}', - link = '$form->{link}', - taxkey_id = $taxkey, - pos_ustva = $form->{pos_ustva}, - pos_bwa = $form->{pos_bwa}, - pos_bilanz = $form->{pos_bilanz}, - pos_eur = $form->{pos_eur}, - new_chart_id = $form->{new_chart_id}, - valid_from = $form->{valid_from} - WHERE id = $form->{id}|; + accno = ?, description = ?, charttype = ?, + gifi_accno = ?, category = ?, link = ?, + taxkey_id = ?, + pos_ustva = ?, pos_bwa = ?, pos_bilanz = ?, + pos_eur = ?, new_chart_id = ?, valid_from = ? + WHERE id = ?|; + @values = ($form->{accno}, $form->{description}, $form->{charttype}, + $form->{gifi_accno}, $form->{category}, $form->{link}, + conv_i($taxkey), + conv_i($form->{pos_ustva}), conv_i($form->{pos_bwa}), + conv_i($form->{pos_bilanz}), conv_i($form->{pos_eur}), + conv_i($form->{new_chart_id}), + conv_date($form->{valid_from}), + $form->{id}); + } elsif ($form->{id} && !$form->{new_chart_valid}) { - $query = qq|UPDATE chart SET - new_chart_id = $form->{new_chart_id}, - valid_from = $form->{valid_from} - WHERE id = $form->{id}|; + $query = qq|UPDATE chart SET new_chart_id = ?, valid_from = ? + WHERE id = ?|; + @values = (conv_i($form->{new_chart_id}), conv_date($form->{valid_from}), + $form->{id}); } else { - $query = qq|INSERT INTO chart - (accno, description, charttype, gifi_accno, category, link, taxkey_id, pos_ustva, pos_bwa, pos_bilanz,pos_eur, new_chart_id, valid_from) - VALUES ('$form->{accno}', '$form->{description}', - '$form->{charttype}', '$form->{gifi_accno}', - '$form->{category}', '$form->{link}', $taxkey, $form->{pos_ustva}, $form->{pos_bwa}, $form->{pos_bilanz}, $form->{pos_eur}, $form->{new_chart_id}, $form->{valid_from})|; + (accno, description, charttype, + gifi_accno, category, link, + taxkey_id, + pos_ustva, pos_bwa, pos_bilanz, pos_eur, + new_chart_id, valid_from) + VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)|; + @values = ($form->{accno}, $form->{description}, $form->{charttype}, + $form->{gifi_accno}, $form->{category}, $form->{link}, + conv_i($taxkey), + conv_i($form->{pos_ustva}), conv_i($form->{pos_bwa}), + conv_i($form->{pos_bilanz}), conv_i($form->{pos_eur}), + conv_i($form->{new_chart_id}), + conv_date($form->{valid_from})); + } - $dbh->do($query) || $form->dberror($query); + do_query($form, $dbh, $query, @values); #Save Taxes if (!$form->{id}) { - $query = qq|INSERT INTO taxkeys (chart_id,tax_id,taxkey_id, pos_ustva, startdate) VALUES ((SELECT id FROM chart where accno='$form->{accno}'), $tax_id, $taxkey,$form->{pos_ustva}, $startdate)|; - $dbh->do($query) || $form->dberror($query); + $query = + qq|INSERT INTO taxkeys | . + qq|(chart_id, tax_id, taxkey_id, pos_ustva, startdate) | . + qq|VALUES ((SELECT id FROM chart WHERE accno = ?), ?, ?, ?, ?)|; + do_query($form, $dbh, $query, + $form->{accno}, conv_i($tax_id), conv_i($taxkey), + conv_i($form->{pos_ustva}), conv_date($startdate)); + } else { - $query = qq|DELETE FROM taxkeys WHERE chart_id=$form->{id} AND tax_id=$tax_id|; - $dbh->do($query) || $form->dberror($query); - $query = qq|INSERT INTO taxkeys (chart_id,tax_id,taxkey_id, pos_ustva, startdate) VALUES ($form->{id}, $tax_id, $taxkey,$form->{pos_ustva}, $startdate)|; - $dbh->do($query) || $form->dberror($query); - } + $query = qq|DELETE FROM taxkeys WHERE chart_id = ? AND tax_id = ?|; + do_query($form, $dbh, $query, $form->{id}, conv_i($tax_id)); -# if ($form->{IC_taxpart} || $form->{IC_taxservice} || $form->{CT_tax}) { -# -# my $chart_id = $form->{id}; -# -# unless ($form->{id}) { -# -# # get id from chart -# $query = qq|SELECT c.id -# FROM chart c -# WHERE c.accno = '$form->{accno}'|; -# $sth = $dbh->prepare($query); -# $sth->execute || $form->dberror($query); -# -# ($chart_id) = $sth->fetchrow_array; -# $sth->finish; -# } -# -# # add account if it doesn't exist in tax -# $query = qq|SELECT t.chart_id -# FROM tax t -# WHERE t.chart_id = $chart_id|; -# $sth = $dbh->prepare($query); -# $sth->execute || $form->dberror($query); -# -# my ($tax_id) = $sth->fetchrow_array; -# $sth->finish; -# -# # add tax if it doesn't exist -# unless ($tax_id) { -# $query = qq|INSERT INTO tax (chart_id, rate) -# VALUES ($chart_id, 0)|; -# $dbh->do($query) || $form->dberror($query); -# } -# } else { -# -# # remove tax -# if ($form->{id}) { -# $query = qq|DELETE FROM tax -# WHERE chart_id = $form->{id}|; -# $dbh->do($query) || $form->dberror($query); -# } -# } + $query = + qq|INSERT INTO taxkeys | . + qq|(chart_id, tax_id, taxkey_id, pos_ustva, startdate) | . + qq|VALUES (?, ?, ?, ?, ?)|; + do_query($form, $dbh, $query, + $form->{id}, conv_i($tax_id), conv_i($taxkey), + conv_i($form->{pos_ustva}), conv_date($startdate)); + } # commit my $rc = $dbh->commit; @@ -287,48 +262,35 @@ sub delete_account { my $dbh = $form->dbconnect_noauto($myconfig); my $query = qq|SELECT count(*) FROM acc_trans a - WHERE a.chart_id = $form->{id}|; - my $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); + WHERE a.chart_id = ?|; + my ($count) = selectrow_query($form, $dbh, $query, $form->{id}); - if ($sth->fetchrow_array) { - $sth->finish; + if ($count) { $dbh->disconnect; $main::lxdebug->leave_sub(); return; } - $sth->finish; - - # delete chart of account record - $query = qq|DELETE FROM chart - WHERE id = $form->{id}|; - $dbh->do($query) || $form->dberror($query); # set inventory_accno_id, income_accno_id, expense_accno_id to defaults - $query = qq|UPDATE parts - SET inventory_accno_id = - (SELECT inventory_accno_id FROM defaults) - WHERE inventory_accno_id = $form->{id}|; - $dbh->do($query) || $form->dberror($query); - - $query = qq|UPDATE parts - SET income_accno_id = - (SELECT income_accno_id FROM defaults) - WHERE income_accno_id = $form->{id}|; - $dbh->do($query) || $form->dberror($query); - - $query = qq|UPDATE parts - SET expense_accno_id = - (SELECT expense_accno_id FROM defaults) - WHERE expense_accno_id = $form->{id}|; - $dbh->do($query) || $form->dberror($query); + foreach my $type (qw(inventory income expense)) { + $query = + qq|UPDATE parts | . + qq|SET ${type}_accno_id = (SELECT ${type}_accno_id FROM defaults) | . + qq|WHERE ${type}_accno_id = ?|; + do_query($form, $dbh, $query, $form->{id}); + } foreach my $table (qw(partstax customertax vendortax tax)) { $query = qq|DELETE FROM $table - WHERE chart_id = $form->{id}|; - $dbh->do($query) || $form->dberror($query); + WHERE chart_id = ?|; + do_query($form, $dbh, $query, $form->{id}); } + # delete chart of account record + $query = qq|DELETE FROM chart + WHERE id = ?|; + do_query($form, $dbh, $query, $form->{id}); + # commit and redirect my $rc = $dbh->commit; $dbh->disconnect; @@ -338,217 +300,6 @@ sub delete_account { return $rc; } -sub gifi_accounts { - $main::lxdebug->enter_sub(); - - my ($self, $myconfig, $form) = @_; - - # connect to database - my $dbh = $form->dbconnect($myconfig); - - my $query = qq|SELECT accno, description - FROM gifi - ORDER BY accno|; - - $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); - - while (my $ref = $sth->fetchrow_hashref(NAME_lc)) { - push @{ $form->{ALL} }, $ref; - } - - $sth->finish; - $dbh->disconnect; - - $main::lxdebug->leave_sub(); -} - -sub get_gifi { - $main::lxdebug->enter_sub(); - - my ($self, $myconfig, $form) = @_; - - # connect to database - my $dbh = $form->dbconnect($myconfig); - - my $query = qq|SELECT g.accno, g.description - FROM gifi g - WHERE g.accno = '$form->{accno}'|; - my $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); - - my $ref = $sth->fetchrow_hashref(NAME_lc); - - map { $form->{$_} = $ref->{$_} } keys %$ref; - - $sth->finish; - - # check for transactions - $query = qq|SELECT count(*) FROM acc_trans a, chart c, gifi g - WHERE c.gifi_accno = g.accno - AND a.chart_id = c.id - AND g.accno = '$form->{accno}'|; - $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); - - ($form->{orphaned}) = $sth->fetchrow_array; - $sth->finish; - $form->{orphaned} = !$form->{orphaned}; - - $dbh->disconnect; - - $main::lxdebug->leave_sub(); -} - -sub save_gifi { - $main::lxdebug->enter_sub(); - - my ($self, $myconfig, $form) = @_; - - # connect to database - my $dbh = $form->dbconnect($myconfig); - - $form->{description} =~ s/\'/\'\'/g; - - # id is the old account number! - if ($form->{id}) { - $query = qq|UPDATE gifi SET - accno = '$form->{accno}', - description = '$form->{description}' - WHERE accno = '$form->{id}'|; - } else { - $query = qq|INSERT INTO gifi - (accno, description) - VALUES ('$form->{accno}', '$form->{description}')|; - } - $dbh->do($query) || $form->dberror($query); - - $dbh->disconnect; - - $main::lxdebug->leave_sub(); -} - -sub delete_gifi { - $main::lxdebug->enter_sub(); - - my ($self, $myconfig, $form) = @_; - - # connect to database - my $dbh = $form->dbconnect($myconfig); - - # id is the old account number! - $query = qq|DELETE FROM gifi - WHERE accno = '$form->{id}'|; - $dbh->do($query) || $form->dberror($query); - - $dbh->disconnect; - - $main::lxdebug->leave_sub(); -} - -sub warehouses { - $main::lxdebug->enter_sub(); - - my ($self, $myconfig, $form) = @_; - - # connect to database - my $dbh = $form->dbconnect($myconfig); - - my $query = qq|SELECT id, description - FROM warehouse - ORDER BY 2|; - - $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); - - while (my $ref = $sth->fetchrow_hashref(NAME_lc)) { - push @{ $form->{ALL} }, $ref; - } - - $sth->finish; - $dbh->disconnect; - - $main::lxdebug->leave_sub(); -} - -sub get_warehouse { - $main::lxdebug->enter_sub(); - - my ($self, $myconfig, $form) = @_; - - # connect to database - my $dbh = $form->dbconnect($myconfig); - - my $query = qq|SELECT w.description - FROM warehouse w - WHERE w.id = $form->{id}|; - my $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); - - my $ref = $sth->fetchrow_hashref(NAME_lc); - - map { $form->{$_} = $ref->{$_} } keys %$ref; - - $sth->finish; - - # see if it is in use - $query = qq|SELECT count(*) FROM inventory i - WHERE i.warehouse_id = $form->{id}|; - $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); - - ($form->{orphaned}) = $sth->fetchrow_array; - $form->{orphaned} = !$form->{orphaned}; - $sth->finish; - - $dbh->disconnect; - - $main::lxdebug->leave_sub(); -} - -sub save_warehouse { - $main::lxdebug->enter_sub(); - - my ($self, $myconfig, $form) = @_; - - # connect to database - my $dbh = $form->dbconnect($myconfig); - - $form->{description} =~ s/\'/\'\'/g; - - if ($form->{id}) { - $query = qq|UPDATE warehouse SET - description = '$form->{description}' - WHERE id = $form->{id}|; - } else { - $query = qq|INSERT INTO warehouse - (description) - VALUES ('$form->{description}')|; - } - $dbh->do($query) || $form->dberror($query); - - $dbh->disconnect; - - $main::lxdebug->leave_sub(); -} - -sub delete_warehouse { - $main::lxdebug->enter_sub(); - - my ($self, $myconfig, $form) = @_; - - # connect to database - my $dbh = $form->dbconnect($myconfig); - - $query = qq|DELETE FROM warehouse - WHERE id = $form->{id}|; - $dbh->do($query) || $form->dberror($query); - - $dbh->disconnect; - - $main::lxdebug->leave_sub(); -} - sub departments { $main::lxdebug->enter_sub(); @@ -559,11 +310,12 @@ sub departments { my $query = qq|SELECT d.id, d.description, d.role FROM department d - ORDER BY 2|; + ORDER BY 2|; $sth = $dbh->prepare($query); $sth->execute || $form->dberror($query); + $form->{ALL} = []; while (my $ref = $sth->fetchrow_hashref(NAME_lc)) { push @{ $form->{ALL} }, $ref; } @@ -584,9 +336,9 @@ sub get_department { my $query = qq|SELECT d.description, d.role FROM department d - WHERE d.id = $form->{id}|; + WHERE d.id = ?|; my $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); + $sth->execute($form->{id}) || $form->dberror($query . " ($form->{id})"); my $ref = $sth->fetchrow_hashref(NAME_lc); @@ -596,11 +348,9 @@ sub get_department { # see if it is in use $query = qq|SELECT count(*) FROM dpt_trans d - WHERE d.department_id = $form->{id}|; - $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); + WHERE d.department_id = ?|; + ($form->{orphaned}) = selectrow_query($form, $dbh, $query, $form->{id}); - ($form->{orphaned}) = $sth->fetchrow_array; $form->{orphaned} = !$form->{orphaned}; $sth->finish; @@ -617,19 +367,18 @@ sub save_department { # connect to database my $dbh = $form->dbconnect($myconfig); - $form->{description} =~ s/\'/\'\'/g; - + my @values = ($form->{description}, $form->{role}); if ($form->{id}) { $query = qq|UPDATE department SET - description = '$form->{description}', - role = '$form->{role}' - WHERE id = $form->{id}|; + description = ?, role = ? + WHERE id = ?|; + push(@values, $form->{id}); } else { $query = qq|INSERT INTO department (description, role) - VALUES ('$form->{description}', '$form->{role}')|; + VALUES (?, ?)|; } - $dbh->do($query) || $form->dberror($query); + do_query($form, $dbh, $query, @values); $dbh->disconnect; @@ -645,8 +394,8 @@ sub delete_department { my $dbh = $form->dbconnect($myconfig); $query = qq|DELETE FROM department - WHERE id = $form->{id}|; - $dbh->do($query) || $form->dberror($query); + WHERE id = ?|; + do_query($form, $dbh, $query, $form->{id}); $dbh->disconnect; @@ -663,11 +412,12 @@ sub lead { my $query = qq|SELECT id, lead FROM leads - ORDER BY 2|; + ORDER BY 2|; $sth = $dbh->prepare($query); $sth->execute || $form->dberror($query); + $form->{ALL}; while (my $ref = $sth->fetchrow_hashref(NAME_lc)) { push @{ $form->{ALL} }, $ref; } @@ -687,11 +437,11 @@ sub get_lead { my $dbh = $form->dbconnect($myconfig); my $query = - qq|SELECT l.id, l.lead - FROM leads l - WHERE l.id = $form->{id}|; + qq|SELECT l.id, l.lead | . + qq|FROM leads l | . + qq|WHERE l.id = ?|; my $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); + $sth->execute($form->{id}) || $form->dberror($query . " ($form->{id})"); my $ref = $sth->fetchrow_hashref(NAME_lc); @@ -712,19 +462,19 @@ sub save_lead { # connect to database my $dbh = $form->dbconnect($myconfig); - $form->{lead} =~ s/\'/\'\'/g; - + my @values = ($form->{description}); # id is the old record if ($form->{id}) { $query = qq|UPDATE leads SET - lead = '$form->{description}' - WHERE id = $form->{id}|; + lead = ? + WHERE id = ?|; + puhs(@values, $form->{id}); } else { $query = qq|INSERT INTO leads (lead) - VALUES ('$form->{description}')|; + VALUES (?)|; } - $dbh->do($query) || $form->dberror($query); + do_query($form, $dbh, $query, @values); $dbh->disconnect; @@ -740,8 +490,8 @@ sub delete_lead { my $dbh = $form->dbconnect($myconfig); $query = qq|DELETE FROM leads - WHERE id = $form->{id}|; - $dbh->do($query) || $form->dberror($query); + WHERE id = ?|; + do_query($form, $dbh, $query, $form->{id}); $dbh->disconnect; @@ -758,11 +508,12 @@ sub business { my $query = qq|SELECT id, description, discount, customernumberinit, salesman FROM business - ORDER BY 2|; + ORDER BY 2|; $sth = $dbh->prepare($query); $sth->execute || $form->dberror($query); + $form->{ALL}; while (my $ref = $sth->fetchrow_hashref(NAME_lc)) { push @{ $form->{ALL} }, $ref; } @@ -783,10 +534,10 @@ sub get_business { my $query = qq|SELECT b.description, b.discount, b.customernumberinit, b.salesman - FROM business b - WHERE b.id = $form->{id}|; + FROM business b + WHERE b.id = ?|; my $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); + $sth->execute($form->{id}) || $form->dberror($query . " ($form->{id})"); my $ref = $sth->fetchrow_hashref(NAME_lc); @@ -807,24 +558,23 @@ sub save_business { # connect to database my $dbh = $form->dbconnect($myconfig); - $form->{description} =~ s/\'/\'\'/g; - $form->{discount} /= 100; - $form->{salesman} *= 1; - + my @values = ($form->{description}, $form->{discount}, + $form->{customernumberinit}, $form->{salesman} ? 't' : 'f'); # id is the old record if ($form->{id}) { $query = qq|UPDATE business SET - description = '$form->{description}', - discount = $form->{discount}, - customernumberinit = '$form->{customernumberinit}', - salesman = '$form->{salesman}' - WHERE id = $form->{id}|; + description = ?, + discount = ?, + customernumberinit = ?, + salesman = ? + WHERE id = ?|; + push(@values, $form->{id}); } else { $query = qq|INSERT INTO business (description, discount, customernumberinit, salesman) - VALUES ('$form->{description}', $form->{discount}, '$form->{customernumberinit}', '$form->{salesman}')|; + VALUES (?, ?, ?, ?)|; } - $dbh->do($query) || $form->dberror($query); + do_query($form, $dbh, $query, @values); $dbh->disconnect; @@ -840,8 +590,8 @@ sub delete_business { my $dbh = $form->dbconnect($myconfig); $query = qq|DELETE FROM business - WHERE id = $form->{id}|; - $dbh->do($query) || $form->dberror($query); + WHERE id = ?|; + do_query($form, $dbh, $query, $form->{id}); $dbh->disconnect; @@ -921,7 +671,7 @@ sub get_language_details { "SELECT template_code, " . " output_numberformat, output_dateformat, output_longdates " . "FROM language WHERE id = ?"; - my @res = $dbh->selectrow_array($query, undef, $id); + my @res = selectrow_query($form, $dbh, $query, $id); $dbh->disconnect; $main::lxdebug->leave_sub(); @@ -958,8 +708,7 @@ sub save_language { " output_numberformat, output_dateformat, output_longdates" . ") VALUES (?, ?, ?, ?, ?, ?)"; } - $dbh->do($query, undef, @values) || - $form->dberror($query . " (" . join(", ", @values) . ")"); + do_query($form, $dbh, $query, @values); $dbh->disconnect; @@ -1076,7 +825,7 @@ sub get_buchungsgruppe { qq|SELECT count(id) = 0 AS orphaned FROM parts WHERE buchungsgruppen_id = ?|; - ($form->{orphaned}) = $dbh->selectrow_array($query, undef, $form->{id}); + ($form->{orphaned}) = selectrow_arra($query, undef, $form->{id}); $form->dberror($query . " ($form->{id})") if ($dbh->err); } @@ -1231,7 +980,7 @@ sub printer { my $query = qq|SELECT id, printer_description, template_code, printer_command FROM printers - ORDER BY 2|; + ORDER BY 2|; $sth = $dbh->prepare($query); $sth->execute || $form->dberror($query); @@ -1257,10 +1006,10 @@ sub get_printer { my $query = qq|SELECT p.printer_description, p.template_code, p.printer_command - FROM printers p - WHERE p.id = $form->{id}|; + FROM printers p + WHERE p.id = ?|; my $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); + $sth->execute($form->{id}) || $form->dberror($query . " ($form->{id})"); my $ref = $sth->fetchrow_hashref(NAME_lc); @@ -1281,24 +1030,22 @@ sub save_printer { # connect to database my $dbh = $form->dbconnect($myconfig); - $form->{printer_description} =~ s/\'/\'\'/g; - $form->{printer_command} =~ s/\'/\'\'/g; - $form->{template_code} =~ s/\'/\'\'/g; - + my @values = ($form->{printer_description}, + $form->{template_code}, + $form->{printer_command}); # id is the old record if ($form->{id}) { $query = qq|UPDATE printers SET - printer_description = '$form->{printer_description}', - template_code = '$form->{template_code}', - printer_command = '$form->{printer_command}' - WHERE id = $form->{id}|; + printer_description = ?, template_code = ?, printer_command = ? + WHERE id = ?|; + push(@values, $form->{id}); } else { $query = qq|INSERT INTO printers (printer_description, template_code, printer_command) - VALUES ('$form->{printer_description}', '$form->{template_code}', '$form->{printer_command}')|; + VALUES (?, ?, ?)|; } - $dbh->do($query) || $form->dberror($query); + do_query($form, $dbh, $query, @values); $dbh->disconnect; @@ -1314,8 +1061,8 @@ sub delete_printer { my $dbh = $form->dbconnect($myconfig); $query = qq|DELETE FROM printers - WHERE id = $form->{id}|; - $dbh->do($query) || $form->dberror($query); + WHERE id = ?|; + do_query($form, $dbh, $query, $form->{id}); $dbh->disconnect; @@ -1369,7 +1116,7 @@ sub get_payment { qq|WHERE t.payment_terms_id = ? | . qq|UNION | . qq|SELECT l.id AS language_id, NULL AS description_long, | . - qq|l.description AS language | . + qq| l.description AS language | . qq|FROM language l|; $sth = $dbh->prepare($query); $sth->execute($form->{"id"}) || $form->dberror($query . " ($form->{id})"); @@ -1477,103 +1224,6 @@ sub delete_payment { $main::lxdebug->leave_sub(); } -sub sic { - $main::lxdebug->enter_sub(); - - my ($self, $myconfig, $form) = @_; - - # connect to database - my $dbh = $form->dbconnect($myconfig); - - my $query = qq|SELECT code, sictype, description - FROM sic - ORDER BY code|; - - $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); - - while (my $ref = $sth->fetchrow_hashref(NAME_lc)) { - push @{ $form->{ALL} }, $ref; - } - - $sth->finish; - $dbh->disconnect; - - $main::lxdebug->leave_sub(); -} - -sub get_sic { - $main::lxdebug->enter_sub(); - - my ($self, $myconfig, $form) = @_; - - # connect to database - my $dbh = $form->dbconnect($myconfig); - - my $query = qq|SELECT s.code, s.sictype, s.description - FROM sic s - WHERE s.code = '$form->{code}'|; - my $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); - - my $ref = $sth->fetchrow_hashref(NAME_lc); - - map { $form->{$_} = $ref->{$_} } keys %$ref; - - $sth->finish; - - $dbh->disconnect; - - $main::lxdebug->leave_sub(); -} - -sub save_sic { - $main::lxdebug->enter_sub(); - - my ($self, $myconfig, $form) = @_; - - # connect to database - my $dbh = $form->dbconnect($myconfig); - - $form->{code} =~ s/\'/\'\'/g; - $form->{description} =~ s/\'/\'\'/g; - - # if there is an id - if ($form->{id}) { - $query = qq|UPDATE sic SET - code = '$form->{code}', - sictype = '$form->{sictype}', - description = '$form->{description}' - WHERE code = '$form->{id}'|; - } else { - $query = qq|INSERT INTO sic - (code, sictype, description) - VALUES ('$form->{code}', '$form->{sictype}', '$form->{description}')|; - } - $dbh->do($query) || $form->dberror($query); - - $dbh->disconnect; - - $main::lxdebug->leave_sub(); -} - -sub delete_sic { - $main::lxdebug->enter_sub(); - - my ($self, $myconfig, $form) = @_; - - # connect to database - my $dbh = $form->dbconnect($myconfig); - - $query = qq|DELETE FROM sic - WHERE code = '$form->{code}'|; - $dbh->do($query) || $form->dberror($query); - - $dbh->disconnect; - - $main::lxdebug->leave_sub(); -} - sub load_template { $main::lxdebug->enter_sub(); @@ -1625,53 +1275,43 @@ sub save_preferences { # these defaults are database wide # user specific variables are in myconfig # save defaults - my $query = qq|UPDATE defaults SET - inventory_accno_id = - (SELECT c.id FROM chart c - WHERE c.accno = '$form->{inventory_accno}'), - income_accno_id = - (SELECT c.id FROM chart c - WHERE c.accno = '$form->{income_accno}'), - expense_accno_id = - (SELECT c.id FROM chart c - WHERE c.accno = '$form->{expense_accno}'), - fxgain_accno_id = - (SELECT c.id FROM chart c - WHERE c.accno = '$form->{fxgain_accno}'), - fxloss_accno_id = - (SELECT c.id FROM chart c - WHERE c.accno = '$form->{fxloss_accno}'), - invnumber = '$form->{invnumber}', - cnnumber = '$form->{cnnumber}', - sonumber = '$form->{sonumber}', - ponumber = '$form->{ponumber}', - sqnumber = '$form->{sqnumber}', - rfqnumber = '$form->{rfqnumber}', - customernumber = '$form->{customernumber}', - vendornumber = '$form->{vendornumber}', - articlenumber = '$form->{articlenumber}', - servicenumber = '$form->{servicenumber}', - yearend = '$form->{yearend}', - curr = '$form->{curr}', - businessnumber = '$form->{businessnumber}' - |; - $dbh->do($query) || $form->dberror($query); + my $query = + qq|UPDATE defaults SET | . + qq|inventory_accno_id = (SELECT c.id FROM chart c WHERE c.accno = ?), | . + qq|income_accno_id = (SELECT c.id FROM chart c WHERE c.accno = ?), | . + qq|expense_accno_id = (SELECT c.id FROM chart c WHERE c.accno = ?), | . + qq|fxgain_accno_id = (SELECT c.id FROM chart c WHERE c.accno = ?), | . + qq|fxloss_accno_id = (SELECT c.id FROM chart c WHERE c.accno = ?), | . + qq|invnumber = ?, | . + qq|cnnumber = ?, | . + qq|sonumber = ?, | . + qq|ponumber = ?, | . + qq|sqnumber = ?, | . + qq|rfqnumber = ?, | . + qq|customernumber = ?, | . + qq|vendornumber = ?, | . + qq|articlenumber = ?, | . + qq|servicenumber = ?, | . + qq|yearend = ?, | . + qq|curr = ?, | . + qq|businessnumber = ?|; + my @values = ($form->{inventory_accno}, $form->{income_accno}, + $form->{expense_accno}, + $form->{fxgain_accno}, $form->{fxloss_accno}, + $form->{invnumber}, $form->{cnnumber}, + $form->{sonumber}, $form->{ponumber}, + $form->{sqnumber}, $form->{rfqnumber}, + $form->{customernumber}, $form->{vendornumber}, + $form->{articlenumber}, $form->{servicenumber}, + $form->{yearend}, $form->{curr}, + $form->{businessnumber}); + do_query($form, $dbh, $query, @values); # update name - my $name = $form->{name}; - $name =~ s/\'/\'\'/g; $query = qq|UPDATE employee - SET name = '$name' - WHERE login = '$form->{login}'|; - $dbh->do($query) || $form->dberror($query); - -# foreach my $item (split(/ /, $form->{taxaccounts})) { -# $query = qq|UPDATE tax -# SET rate = | . ($form->{$item} / 100) . qq|, -# taxnumber = '$form->{"taxnumber_$item"}' -# WHERE chart_id = $item|; -# $dbh->do($query) || $form->dberror($query); -# } + SET name = ? + WHERE login = ?|; + do_query($form, $dbh, $query, $form->{name}, $form->{login}); my $rc = $dbh->commit; $dbh->disconnect; @@ -1777,8 +1417,8 @@ sub defaultaccounts { $query = qq|SELECT c.id, c.accno, c.description FROM chart c - WHERE c.category = 'I' - AND c.charttype = 'A' + WHERE c.category = 'I' + AND c.charttype = 'A' ORDER BY c.accno|; $sth = $dbh->prepare($query); $sth->execute || $self->dberror($query); @@ -1793,8 +1433,8 @@ sub defaultaccounts { $query = qq|SELECT c.id, c.accno, c.description FROM chart c - WHERE c.category = 'E' - AND c.charttype = 'A' + WHERE c.category = 'E' + AND c.charttype = 'A' ORDER BY c.accno|; $sth = $dbh->prepare($query); $sth->execute || $self->dberror($query); @@ -1811,7 +1451,7 @@ sub defaultaccounts { $query = qq|SELECT c.id, c.accno, c.description, t.rate * 100 AS rate, t.taxnumber FROM chart c, tax t - WHERE c.id = t.chart_id|; + WHERE c.id = t.chart_id|; $sth = $dbh->prepare($query); $sth->execute || $form->dberror($query); @@ -1830,259 +1470,6 @@ sub defaultaccounts { $main::lxdebug->leave_sub(); } -sub backup { - $main::lxdebug->enter_sub(); - - my ($self, $myconfig, $form, $userspath) = @_; - - my $mail; - my $err; - my $boundary = time; - my $tmpfile = - "$userspath/$boundary.$myconfig->{dbname}-$form->{dbversion}.sql"; - my $out = $form->{OUT}; - $form->{OUT} = ">$tmpfile"; - - if ($form->{media} eq 'email') { - - use SL::Mailer; - $mail = new Mailer; - - $mail->{to} = qq|"$myconfig->{name}" <$myconfig->{email}>|; - $mail->{from} = qq|"$myconfig->{name}" <$myconfig->{email}>|; - $mail->{subject} = - "Lx-Office Backup / $myconfig->{dbname}-$form->{dbversion}.sql"; - @{ $mail->{attachments} } = ($tmpfile); - $mail->{version} = $form->{version}; - $mail->{fileid} = "$boundary."; - - $myconfig->{signature} =~ s/\\n/\r\n/g; - $mail->{message} = "--\n$myconfig->{signature}"; - - } - - open(OUT, "$form->{OUT}") or $form->error("$form->{OUT} : $!"); - - # get sequences, functions and triggers - open(FH, "sql/lx-office.sql") or $form->error("sql/lx-office.sql : $!"); - - my @sequences = (); - my @functions = (); - my @triggers = (); - my @indices = (); - my %tablespecs; - - my $query = ""; - my @quote_chars; - - while () { - - # Remove DOS and Unix style line endings. - s/[\r\n]//g; - - # ignore comments or empty lines - next if /^(--.*|\s+)$/; - - for (my $i = 0; $i < length($_); $i++) { - my $char = substr($_, $i, 1); - - # Are we inside a string? - if (@quote_chars) { - if ($char eq $quote_chars[-1]) { - pop(@quote_chars); - } - $query .= $char; - - } else { - if (($char eq "'") || ($char eq "\"")) { - push(@quote_chars, $char); - - } elsif ($char eq ";") { - - # Query is complete. Check for triggers and functions. - if ($query =~ /^create\s+function\s+\"?(\w+)\"?/i) { - push(@functions, $query); - - } elsif ($query =~ /^create\s+trigger\s+\"?(\w+)\"?/i) { - push(@triggers, $query); - - } elsif ($query =~ /^create\s+sequence\s+\"?(\w+)\"?/i) { - push(@sequences, $1); - - } elsif ($query =~ /^create\s+table\s+\"?(\w+)\"?/i) { - $tablespecs{$1} = $query; - - } elsif ($query =~ /^create\s+index\s+\"?(\w+)\"?/i) { - push(@indices, $query); - - } - - $query = ""; - $char = ""; - } - - $query .= $char; - } - } - } - close(FH); - - # connect to database - my $dbh = $form->dbconnect($myconfig); - - # get all the tables - my @tables = $dbh->tables('', '', 'customer', '', { noprefix => 0 }); - - my $today = scalar localtime; - - $myconfig->{dbhost} = 'localhost' unless $myconfig->{dbhost}; - - print OUT qq|-- Lx-Office Backup --- Dataset: $myconfig->{dbname} --- Version: $form->{dbversion} --- Host: $myconfig->{dbhost} --- Login: $form->{login} --- User: $myconfig->{name} --- Date: $today --- --- set options -$myconfig->{dboptions}; --- -|; - - print OUT "-- DROP Sequences\n"; - my $item; - foreach $item (@sequences) { - print OUT qq|DROP SEQUENCE $item;\n|; - } - - print OUT "-- DROP Triggers\n"; - - foreach $item (@triggers) { - if ($item =~ /^create\s+trigger\s+\"?(\w+)\"?\s+.*on\s+\"?(\w+)\"?\s+/i) { - print OUT qq|DROP TRIGGER "$1" ON "$2";\n|; - } - } - - print OUT "-- DROP Functions\n"; - - foreach $item (@functions) { - if ($item =~ /^create\s+function\s+\"?(\w+)\"?/i) { - print OUT qq|DROP FUNCTION "$1" ();\n|; - } - } - - foreach $table (@tables) { - if (!($table =~ /^sql_.*/)) { - my $query = qq|SELECT * FROM $table|; - - my $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); - - $query = "INSERT INTO $table ("; - map { $query .= qq|$sth->{NAME}->[$_],| } - (0 .. $sth->{NUM_OF_FIELDS} - 1); - chop $query; - - $query .= ") VALUES"; - - if ($tablespecs{$table}) { - print(OUT "--\n"); - print(OUT "DROP TABLE $table;\n"); - print(OUT $tablespecs{$table}, ";\n"); - } else { - print(OUT "--\n"); - print(OUT "DELETE FROM $table;\n"); - } - while (my @arr = $sth->fetchrow_array) { - - $fields = "("; - foreach my $item (@arr) { - if (defined $item) { - $item =~ s/\'/\'\'/g; - $fields .= qq|'$item',|; - } else { - $fields .= 'NULL,'; - } - } - - chop $fields; - $fields .= ")"; - - print OUT qq|$query $fields;\n|; - } - - $sth->finish; - } - } - - # create indices, sequences, functions and triggers - - print(OUT "-- CREATE Indices\n"); - map({ print(OUT "$_;\n"); } @indices); - - print OUT "-- CREATE Sequences\n"; - foreach $item (@sequences) { - $query = qq|SELECT last_value FROM $item|; - $sth = $dbh->prepare($query); - $sth->execute || $form->dberror($query); - my ($id) = $sth->fetchrow_array; - $sth->finish; - - print OUT qq|-- -CREATE SEQUENCE $item START $id; -|; - } - - print OUT "-- CREATE Functions\n"; - - # functions - map { print(OUT $_, ";\n"); } @functions; - - print OUT "-- CREATE Triggers\n"; - - # triggers - map { print(OUT $_, ";\n"); } @triggers; - - close(OUT); - - $dbh->disconnect; - - # compress backup - my @args = ("gzip", "$tmpfile"); - system(@args) == 0 or $form->error("$args[0] : $?"); - - $tmpfile .= ".gz"; - - if ($form->{media} eq 'email') { - @{ $mail->{attachments} } = ($tmpfile); - $err = $mail->send($out); - } - - if ($form->{media} eq 'file') { - - open(IN, "$tmpfile") or $form->error("$tmpfile : $!"); - open(OUT, ">-") or $form->error("STDOUT : $!"); - - print OUT qq|Content-Type: application/x-tar-gzip; -Content-Disposition: attachment; filename="$myconfig->{dbname}-$form->{dbversion}.sql.gz" - -|; - - while () { - print OUT $_; - } - - close(IN); - close(OUT); - - } - - unlink "$tmpfile"; - - $main::lxdebug->leave_sub(); -} - sub closedto { $main::lxdebug->enter_sub(); @@ -2110,22 +1497,21 @@ sub closebooks { my $dbh = $form->dbconnect($myconfig); + my ($query, @values); + if ($form->{revtrans}) { + $query = qq|UPDATE defaults SET closedto = NULL, revtrans = '1'|; - $query = qq|UPDATE defaults SET closedto = NULL, - revtrans = '1'|; } elsif ($form->{closedto}) { + $query = qq|UPDATE defaults SET closedto = ?, revtrans = '0'|; + @values = (conv_date($form->{closedto})); - $query = qq|UPDATE defaults SET closedto = '$form->{closedto}', - revtrans = '0'|; } else { - - $query = qq|UPDATE defaults SET closedto = NULL, - revtrans = '0'|; + $query = qq|UPDATE defaults SET closedto = NULL, revtrans = '0'|; } # set close in defaults - $dbh->do($query) || $form->dberror($query); + do_query($form, $dbh, $query, @values); $dbh->disconnect; @@ -2236,9 +1622,12 @@ sub units_in_use { my $dbh = $form->dbconnect($myconfig); + map({ $_->{"in_use"} = 0; } values(%{$units})); + foreach my $unit (values(%{$units})) { my $base_unit = $unit->{"original_base_unit"}; while ($base_unit) { + $units->{$base_unit}->{"in_use"} = 1; $units->{$base_unit}->{"DEPENDING_UNITS"} = [] unless ($units->{$base_unit}->{"DEPENDING_UNITS"}); push(@{$units->{$base_unit}->{"DEPENDING_UNITS"}}, $unit->{"name"}); $base_unit = $units->{$base_unit}->{"original_base_unit"}; @@ -2246,7 +1635,6 @@ sub units_in_use { } foreach my $unit (values(%{$units})) { - $unit->{"in_use"} = 0; map({ $_ = $dbh->quote($_); } @{$unit->{"DEPENDING_UNITS"}}); foreach my $table (qw(parts invoice orderitems)) { @@ -2255,7 +1643,8 @@ sub units_in_use { if (0 == scalar(@{$unit->{"DEPENDING_UNITS"}})) { $query .= "= " . $dbh->quote($unit->{"name"}); } else { - $query .= "IN (" . $dbh->quote($unit->{"name"}) . "," . join(",", @{$unit->{"DEPENDING_UNITS"}}) . ")"; + $query .= "IN (" . $dbh->quote($unit->{"name"}) . "," . + join(",", map({ $dbh->quote($_) } @{$unit->{"DEPENDING_UNITS"}})) . ")"; } my ($count) = $dbh->selectrow_array($query);