X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/mfinanz.git/blobdiff_plain/d59ca2b3ff5c4772ec86ac14e5867cce3f64326e..d74347f965b920e837d28ae0d7c78135a2f447a3:/SL/Form.pm diff --git a/SL/Form.pm b/SL/Form.pm index ad5f0a3cf..64412e15e 100644 --- a/SL/Form.pm +++ b/SL/Form.pm @@ -258,6 +258,16 @@ sub new { bless $self, $type; + $main::lxdebug->leave_sub(); + + return $self; +} + +sub read_cgi_input { + $main::lxdebug->enter_sub(); + + my ($self) = @_; + $self->_input_to_hash($ENV{QUERY_STRING}) if $ENV{QUERY_STRING}; $self->_input_to_hash($ARGV[0]) if @ARGV && $ARGV[0]; @@ -268,6 +278,12 @@ sub new { $uploads = $self->_request_to_hash($content); } + if ($self->{RESTORE_FORM_FROM_SESSION_ID}) { + my %temp_form; + $::auth->restore_form_from_session(delete $self->{RESTORE_FORM_FROM_SESSION_ID}, form => \%temp_form); + $self->_input_to_hash(join '&', map { $self->escape($_) . '=' . $self->escape($temp_form{$_}) } keys %temp_form); + } + my $db_charset = $::lx_office_conf{system}->{dbcharset}; $db_charset ||= Common::DEFAULT_CHARSET; @@ -819,7 +835,6 @@ sub _prepare_html_template { $additional_params->{"conf_dbcharset"} = $::lx_office_conf{system}->{dbcharset}; $additional_params->{"conf_webdav"} = $::lx_office_conf{features}->{webdav}; - $additional_params->{"conf_lizenzen"} = $::lx_office_conf{features}->{lizenzen}; $additional_params->{"conf_latex_templates"} = $::lx_office_conf{print_templates}->{latex}; $additional_params->{"conf_opendocument_templates"} = $::lx_office_conf{print_templates}->{opendocument}; $additional_params->{"conf_vertreter"} = $::lx_office_conf{features}->{vertreter}; @@ -995,6 +1010,16 @@ sub write_trigger { return $jsscript; } #end sub write_trigger +sub _store_redirect_info_in_session { + my ($self) = @_; + + return unless $self->{callback} =~ m:^ ( [^\?/]+ \.pl ) \? (.+) :x; + + my ($controller, $params) = ($1, $2); + my $form = { map { map { $self->unescape($_) } split /=/, $_, 2 } split m/\&/, $params }; + $self->{callback} = "${controller}?RESTORE_FORM_FROM_SESSION_ID=" . $::auth->save_form_in_session(form => $form); +} + sub redirect { $main::lxdebug->enter_sub(); @@ -1004,6 +1029,7 @@ sub redirect { $self->info($msg); } else { + $self->_store_redirect_info_in_session; print $::form->redirect_header($self->{callback}); } @@ -1172,17 +1198,12 @@ sub parse_amount { } $amount =~ s/,//g; - # make shure no code wich is not a math expression ends in eval() - - $amount =~ s/\s//g; - - unless($amount =~ /^[-\+]?\d+\.?\d*([-\+\*\/][-\+]?\d+\.?\d*)*$/){ - return 0; - } $main::lxdebug->leave_sub(2); - return (eval $amount) * 1 ; + # Make sure no code wich is not a math expression ends up in eval(). + return 0 unless $amount =~ /^ [\s \d \( \) \- \+ \* \/ \. ]* $/x; + return scalar(eval($amount)) * 1 ; } sub round_amount { @@ -1880,12 +1901,12 @@ sub set_payment_options { my $dbh = $self->get_standard_dbh($myconfig); my $query = - qq|SELECT p.terms_netto, p.terms_skonto, p.percent_skonto, p.description_long | . + qq|SELECT p.terms_netto, p.terms_skonto, p.percent_skonto, p.description_long , p.description | . qq|FROM payment_terms p | . qq|WHERE p.id = ?|; ($self->{terms_netto}, $self->{terms_skonto}, $self->{percent_skonto}, - $self->{payment_terms}) = + $self->{payment_terms}, $self->{payment_description}) = selectrow_query($self, $dbh, $query, $self->{payment_id}); if ($transdate eq "") {