X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FBP.pm;h=f2d0201d7fe27aa0dab6568af6b30bfb74cae23d;hb=89c9ff022d3f13e27ba6bda085df15707fcfb0eb;hp=94a1e6a2f0edb49b308a8f84f9660622497a7123;hpb=b079ee7c4f1c7f9e8252dbab91b068036aa7df23;p=kivitendo-erp.git diff --git a/SL/BP.pm b/SL/BP.pm index 94a1e6a2f..f2d0201d7 100644 --- a/SL/BP.pm +++ b/SL/BP.pm @@ -36,6 +36,8 @@ package BP; use SL::DBUtils; +use strict; + sub get_vc { $main::lxdebug->enter_sub(); @@ -45,7 +47,6 @@ sub get_vc { my $dbh = $form->dbconnect($myconfig); my %arap = (invoice => 'ar', - packing_list => 'ar', sales_order => 'oe', purchase_order => 'oe', sales_quotation => 'oe', @@ -56,7 +57,7 @@ sub get_vc { my $vc = $form->{vc} eq "customer" ? "customer" : "vendor"; my $arap_type = defined($arap{$form->{type}}) ? $arap{$form->{type}} : 'ar'; - $query = + my $query = qq|SELECT count(*) | . qq|FROM (SELECT DISTINCT ON (vc.id) vc.id FROM $vc vc, $arap_type a, status s | . qq| WHERE a.${vc}_id = vc.id AND s.trans_id = a.id AND s.formname = ? | . @@ -72,11 +73,11 @@ sub get_vc { qq|WHERE a.${vc}_id = vc.id AND s.trans_id = a.id AND s.formname = ? | . qq| AND s.spoolfile IS NOT NULL|; - $sth = $dbh->prepare($query); + my $sth = $dbh->prepare($query); $sth->execute($form->{type}) || $form->dberror($query . " ($form->{type})"); $form->{"all_${vc}"} = []; - while (my $ref = $sth->fetchrow_hashref(NAME_lc)) { + while (my $ref = $sth->fetchrow_hashref("NAME_lc")) { push @{ $form->{"all_${vc}"} }, $ref; } $sth->finish; @@ -103,7 +104,7 @@ sub payment_accounts { $sth->execute($form->{type}) || $form->dberror($query . " ($form->{type})"); $form->{accounts} = []; - while (my $ref = $sth->fetchrow_hashref(NAME_lc)) { + while (my $ref = $sth->fetchrow_hashref("NAME_lc")) { push @{ $form->{accounts} }, $ref; } @@ -181,7 +182,7 @@ sub get_spoolfiles { } } - if ($form->{type} =~ /(invoice|sales_order|sales_quotation|packing_list|puchase_order|request_quotation)$/) { + if ($form->{type} =~ /(invoice|sales_order|sales_quotation|puchase_order|request_quotation)$/) { if ($form->{transdatefrom}) { $query .= " AND a.transdate >= ?"; push(@values, $form->{transdatefrom}); @@ -192,7 +193,7 @@ sub get_spoolfiles { } } - my @a = (transdate, $invnumber, name); + my @a = ("transdate", $invnumber, "name"); my $sortorder = join ', ', $form->sort_columns(@a); if (grep({ $_ eq $form->{sort} } @@ -207,7 +208,7 @@ sub get_spoolfiles { $form->dberror($query . " (" . join(", ", @values) . ")"); $form->{SPOOL} = []; - while (my $ref = $sth->fetchrow_hashref(NAME_lc)) { + while (my $ref = $sth->fetchrow_hashref("NAME_lc")) { push @{ $form->{SPOOL} }, $ref; } @@ -220,7 +221,9 @@ sub get_spoolfiles { sub delete_spool { $main::lxdebug->enter_sub(); - my ($self, $myconfig, $form, $spool) = @_; + my ($self, $myconfig, $form) = @_; + + my $spool = $::lx_office_conf{paths}->{spool}; # connect to database, turn AutoCommit off my $dbh = $form->dbconnect_noauto($myconfig); @@ -263,7 +266,9 @@ sub delete_spool { sub print_spool { $main::lxdebug->enter_sub(); - my ($self, $myconfig, $form, $spool) = @_; + my ($self, $myconfig, $form, $output) = @_; + + my $spool = $::lx_office_conf{paths}->{spool}; # connect to database my $dbh = $form->dbconnect($myconfig); @@ -275,9 +280,11 @@ sub print_spool { foreach my $i (1 .. $form->{rowcount}) { if ($form->{"checked_$i"}) { - open(OUT, $form->{OUT}) or $form->error("$form->{OUT} : $!"); + # $output is safe ( = does not come directly from the browser). + open(OUT, $output) or $form->error("$output : $!"); - $spoolfile = qq|$spool/$form->{"spoolfile_$i"}|; + $form->{"spoolfile_$i"} =~ s|.*/||; + my $spoolfile = qq|$spool/$form->{"spoolfile_$i"}|; # send file to printer open(IN, $spoolfile) or $form->error("$spoolfile : $!");