Formatting

- Added missing ; to "nbsp"
- Remove filtering from checkbox items in controller
- Added null check to checkboxes in controller
- Fixed function naming to avoid 404
- Removed escaping from fixed urls
- Removed esc() wrapping around site_url() which already returns escaped urls.

app/Controllers/Config.php

@@ -424,7 +424,7 @@ class Config extends Secure_Controller
 			'suggestions_second_column' => $this->request->getPost('suggestions_second_column'),
 			'suggestions_third_column' => $this->request->getPost('suggestions_third_column'),
 			'giftcard_number' => $this->request->getPost('giftcard_number'),
-			'derive_sale_quantity' => $this->request->getPost('derive_sale_quantity', FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION) != null,
+			'derive_sale_quantity' => $this->request->getPost('derive_sale_quantity') != null,
 			'multi_pack_enabled' => $this->request->getPost('multi_pack_enabled') != null,
 			'include_hsn' => $this->request->getPost('include_hsn') != null,
 			'category_dropdown' => $this->request->getPost('category_dropdown') != null
@@ -504,14 +504,14 @@ class Config extends Secure_Controller
 			'timezone' => $this->request->getPost('timezone'),
 			'dateformat' => $this->request->getPost('dateformat'),
 			'timeformat' => $this->request->getPost('timeformat'),
-			'thousands_separator' => !empty($this->request->getPost('thousands_separator')),
+			'thousands_separator' => $this->request->getPost('thousands_separator') != null,
 			'number_locale' => $this->request->getPost('number_locale'),
 			'currency_decimals' => $this->request->getPost('currency_decimals', FILTER_SANITIZE_NUMBER_INT),
 			'tax_decimals' => $this->request->getPost('tax_decimals', FILTER_SANITIZE_NUMBER_INT),
 			'quantity_decimals' => $this->request->getPost('quantity_decimals', FILTER_SANITIZE_NUMBER_INT),
 			'country_codes' => htmlspecialchars($this->request->getPost('country_codes')),
 			'payment_options_order' => $this->request->getPost('payment_options_order'),
-			'date_or_time_format' => $this->request->getPost('date_or_time_format'),
+			'date_or_time_format' => $this->request->getPost('date_or_time_format') != null,
 			'cash_decimals' => $this->request->getPost('cash_decimals', FILTER_SANITIZE_NUMBER_INT),
 			'cash_rounding_code' => $this->request->getPost('cash_rounding_code'),
 			'financial_year' => $this->request->getPost('financial_year', FILTER_SANITIZE_NUMBER_INT)
@@ -930,8 +930,8 @@ class Config extends Secure_Controller
 			'email_receipt_check_behaviour' => $this->request->getPost('email_receipt_check_behaviour'),
 			'print_receipt_check_behaviour' => $this->request->getPost('print_receipt_check_behaviour'),
 			'receipt_show_company_name' => $this->request->getPost('receipt_show_company_name') != null,
-			'receipt_show_taxes' => ($this->request->getPost('receipt_show_taxes') != null),
-			'receipt_show_tax_ind' => ($this->request->getPost('receipt_show_tax_ind') != null),
+			'receipt_show_taxes' => $this->request->getPost('receipt_show_taxes') != null,
+			'receipt_show_tax_ind' => $this->request->getPost('receipt_show_tax_ind') != null,
 			'receipt_show_total_discount' => $this->request->getPost('receipt_show_total_discount') != null,
 			'receipt_show_description' => $this->request->getPost('receipt_show_description') != null,
 			'receipt_show_serialnumber' => $this->request->getPost('receipt_show_serialnumber') != null,

app/Controllers/Items.php

@@ -655,12 +655,12 @@ class Items extends Secure_Controller
 			'unit_price' => parse_decimals($this->request->getPost('unit_price')),
 			'reorder_level' => parse_quantity($this->request->getPost('reorder_level')),
 			'receiving_quantity' => $receiving_quantity,
-			'allow_alt_description' => $this->request->getPost('allow_alt_description') !== null,
-			'is_serialized' => $this->request->getPost('is_serialized') !== null,
-			'qty_per_pack' => $this->request->getPost('qty_per_pack') === null ? 1 : parse_quantity($this->request->getPost('qty_per_pack')),
-			'pack_name' => $this->request->getPost('pack_name') === null ? $default_pack_name : $this->request->getPost('pack_name'),
+			'allow_alt_description' => $this->request->getPost('allow_alt_description') != null,
+			'is_serialized' => $this->request->getPost('is_serialized') != null,
+			'qty_per_pack' => $this->request->getPost('qty_per_pack') == null ? 1 : parse_quantity($this->request->getPost('qty_per_pack')),
+			'pack_name' => $this->request->getPost('pack_name') == null ? $default_pack_name : $this->request->getPost('pack_name'),
 			'low_sell_item_id' => $this->request->getPost('low_sell_item_id') === null ? $item_id : intval($this->request->getPost('low_sell_item_id')),
-			'deleted' => $this->request->getPost('is_deleted') !== null,
+			'deleted' => $this->request->getPost('is_deleted') != null,
 			'hsn_code' => $this->request->getPost('hsn_code') === null ? '' : $this->request->getPost('hsn_code')
 		];
 

app/Controllers/Receivings.php

@@ -129,7 +129,7 @@ class Receivings extends Secure_Controller
 	 */
 	public function set_print_after_sale(): void
 	{
-		$this->receiving_lib->set_print_after_sale($this->request->getPost('recv_print_after_sale', FILTER_SANITIZE_NUMBER_INT));
+		$this->receiving_lib->set_print_after_sale($this->request->getPost('recv_print_after_sale') != null);
 	}
 
 	/**

app/Controllers/Sales.php

@@ -340,7 +340,7 @@ class Sales extends Secure_Controller
 	 */
 	public function set_print_after_sale(): void
 	{
-		$this->sale_lib->set_print_after_sale($this->request->getPost('sales_print_after_sale', FILTER_SANITIZE_NUMBER_INT));
+		$this->sale_lib->set_print_after_sale($this->request->getPost('sales_print_after_sale') != null);
 	}
 
 	/**
@@ -1639,7 +1639,7 @@ class Sales extends Secure_Controller
 	 * it as a new suspended sale.
 	 * @throws ReflectionException
 	 */
-	public function suspend(): void
+	public function postSuspend(): void
 	{
 		$sale_id = $this->sale_lib->get_sale_id();
 		$dinner_table = $this->sale_lib->get_dinner_table();
@@ -1680,7 +1680,7 @@ class Sales extends Secure_Controller
 	/**
 	 * List suspended sales
 	 */
-	public function suspended(): void
+	public function getSuspended(): void
 	{
 		$data = [];
 		$customer_id = $this->sale_lib->get_customer();
@@ -1692,7 +1692,7 @@ class Sales extends Secure_Controller
 	 * Unsuspended sales are now left in the tables and are only removed
 	 * when they are intentionally cancelled.
 	 */
-	public function unsuspend(): void
+	public function postUnsuspend(): void
 	{
 		$sale_id = $this->request->getPost('suspended_sale_id', FILTER_SANITIZE_NUMBER_INT);
 		$this->sale_lib->clear_all();

app/Models/Attribute.php

@@ -701,12 +701,9 @@ class Attribute extends Model
 
 		if(!empty($id))
 		{
-			$builder->where('definition_flags &=', $definition_flags);
+			$builder->where(new RawSql("definition_flags & $definition_flags"));
 		}
-
-		$result = $builder->get();
-
-		return $result;
+		return $builder->get();
 	}
 
 	/**

app/Views/configs/locale_config.php

@@ -33,7 +33,7 @@
 							<span class="glyphicon glyphicon-info-sign" data-toggle="tooltip" data-placement="right" title="<?= lang('Config.number_locale_tooltip') ?>"></span>
 						</a>
 						<span id="number_locale_example">
-							&nbsp&nbsp<?= to_currency(1234567890.12300) ?>
+							&nbsp;&nbsp;<?= to_currency(1234567890.12300) ?>
 						</span>
 					</label>
 				</div>

app/Views/sales/register.php

@@ -884,14 +884,14 @@ $(document).ready(function()
 	});
 
 	$('#suspend_sale_button').click(function() {
-		$('#buttons_form').attr('action', "<?= esc(site_url("$controller_name/suspend"), 'url') ?>");
+		$('#buttons_form').attr('action', "<?= site_url("$controller_name/suspend") ?>");
 		$('#buttons_form').submit();
 	});
 
 	$('#cancel_sale_button').click(function() {
 		if(confirm("<?= lang(ucfirst($controller_name) .'.confirm_cancel_sale') ?>"))
 		{
-			$('#buttons_form').attr('action', "<?= esc(site_url("$controller_name/cancel"), 'url') ?>");
+			$('#buttons_form').attr('action', "<?= site_url("$controller_name/cancel") ?>");
 			$('#buttons_form').submit();
 		}
 	});