mirror/opensourcepos
1
0
Fork 0
mirror of https://github.com/opensourcepos/opensourcepos.git synced 2026-05-13 18:23:57 -04:00
Code Issues Packages Projects Releases Wiki Activity

XSS clean Customers, Employees, Suppliers, Person, Item_kits. Minor fix Giftcards and Config (#39)

Browse Source
This commit is contained in:
FrancescoUK
2016-06-04 15:05:02 +01:00
parent 1453b5e21d
commit b11377041d
9 changed files with 462 additions and 361 deletions
Download Patch File Download Diff File Expand all files Collapse all files

184
application/controllers/Config.php
View File

@@ -27,13 +27,13 @@ class Config extends Secure_area
$upload_data = $this->upload->data();
$batch_save_data = array(
'company'=>$this->input->post('company'),
'address'=>$this->input->post('address'),
'phone'=>$this->input->post('phone'),
'email'=>$this->input->post('email'),
'fax'=>$this->input->post('fax'),
'website'=>$this->input->post('website'),
'return_policy'=>$this->input->post('return_policy')
'company' => $this->input->post('company'),
'address' => $this->input->post('address'),
'phone' => $this->input->post('phone'),
'email' => $this->input->post('email'),
'fax' => $this->input->post('fax'),
'website' => $this->input->post('website'),
'return_policy' => $this->input->post('return_policy')
);
if (!empty($upload_data['orig_name']))
@@ -46,80 +46,80 @@ class Config extends Secure_area
}
$result = $this->Appconfig->batch_save($batch_save_data);
$success = $upload_success && $result ? true : false;
$success = $upload_success && $result ? TRUE : FALSE;
$message = $this->lang->line('config_saved_' . ($success ? '' : 'un') . 'successfully');
$message = $upload_success ? $message : $this->upload->display_errors();
echo json_encode(array('success'=>$success, 'message'=>$message));
echo json_encode(array('success' => $success, 'message' => $message));
}
public function save_general()
{
$batch_save_data = array(
'default_tax_1_rate'=>$this->input->post('default_tax_1_rate'),
'default_tax_1_name'=>$this->input->post('default_tax_1_name'),
'default_tax_2_rate'=>$this->input->post('default_tax_2_rate'),
'default_tax_2_name'=>$this->input->post('default_tax_2_name'),
'tax_included'=>$this->input->post('tax_included') != null,
'receiving_calculate_average_price'=>$this->input->post('receiving_calculate_average_price') != null,
'lines_per_page'=>$this->input->post('lines_per_page'),
'default_sales_discount'=>$this->input->post('default_sales_discount'),
'config_notify_horizontal_position'=>$this->input->post('config_notify_horizontal_position'),
'config_notify_vertical_position'=>$this->input->post('config_notify_vertical_position'),
'custom1_name'=>$this->input->post('custom1_name'),
'custom2_name'=>$this->input->post('custom2_name'),
'custom3_name'=>$this->input->post('custom3_name'),
'custom4_name'=>$this->input->post('custom4_name'),
'custom5_name'=>$this->input->post('custom5_name'),
'custom6_name'=>$this->input->post('custom6_name'),
'custom7_name'=>$this->input->post('custom7_name'),
'custom8_name'=>$this->input->post('custom8_name'),
'custom9_name'=>$this->input->post('custom9_name'),
'custom10_name'=>$this->input->post('custom10_name')
'default_tax_1_rate' => $this->input->post('default_tax_1_rate'),
'default_tax_1_name' => $this->input->post('default_tax_1_name'),
'default_tax_2_rate' => $this->input->post('default_tax_2_rate'),
'default_tax_2_name' => $this->input->post('default_tax_2_name'),
'tax_included' => $this->input->post('tax_included') != NULL,
'receiving_calculate_average_price' => $this->input->post('receiving_calculate_average_price') != NULL,
'lines_per_page' => $this->input->post('lines_per_page'),
'default_sales_discount' => $this->input->post('default_sales_discount'),
'config_notify_horizontal_position' => $this->input->post('config_notify_horizontal_position'),
'config_notify_vertical_position' => $this->input->post('config_notify_vertical_position'),
'custom1_name' => $this->input->post('custom1_name'),
'custom2_name' => $this->input->post('custom2_name'),
'custom3_name' => $this->input->post('custom3_name'),
'custom4_name' => $this->input->post('custom4_name'),
'custom5_name' => $this->input->post('custom5_name'),
'custom6_name' => $this->input->post('custom6_name'),
'custom7_name' => $this->input->post('custom7_name'),
'custom8_name' => $this->input->post('custom8_name'),
'custom9_name' => $this->input->post('custom9_name'),
'custom10_name' => $this->input->post('custom10_name')
);
$result = $this->Appconfig->batch_save($batch_save_data);
$success = $result ? true : false;
$success = $result ? TRUE : FALSE;
echo json_encode(array('success'=>$success, 'message'=>$this->lang->line('config_saved_' . ($success ? '' : 'un') . 'successfully')));
echo json_encode(array('success' => $success, 'message' => $this->lang->line('config_saved_' . ($success ? '' : 'un') . 'successfully')));
}
function save_locale()
{
$batch_save_data = array(
'currency_symbol'=>$this->input->post('currency_symbol'),
'currency_side'=>$this->input->post('currency_side') != null,
'language'=>$this->input->post('language'),
'timezone'=>$this->input->post('timezone'),
'dateformat'=>$this->input->post('dateformat'),
'timeformat'=>$this->input->post('timeformat'),
'thousands_separator'=>$this->input->post('thousands_separator'),
'decimal_point'=>$this->input->post('decimal_point'),
'currency_decimals'=>$this->input->post('currency_decimals'),
'tax_decimals'=>$this->input->post('tax_decimals'),
'quantity_decimals'=>$this->input->post('quantity_decimals'),
'country_codes'=>$this->input->post('country_codes')
'currency_symbol' => $this->input->post('currency_symbol'),
'currency_side' => $this->input->post('currency_side') != NULL,
'language' => $this->input->post('language'),
'timezone' => $this->input->post('timezone'),
'dateformat' => $this->input->post('dateformat'),
'timeformat' => $this->input->post('timeformat'),
'thousands_separator' => $this->input->post('thousands_separator'),
'decimal_point' => $this->input->post('decimal_point'),
'currency_decimals' => $this->input->post('currency_decimals'),
'tax_decimals' => $this->input->post('tax_decimals'),
'quantity_decimals' => $this->input->post('quantity_decimals'),
'country_codes' => $this->input->post('country_codes')
);
$result = $this->Appconfig->batch_save($batch_save_data);
$success = $result ? true : false;
$success = $result ? TRUE : FALSE;
echo json_encode(array('success'=>$success, 'message'=>$this->lang->line('config_saved_' . ($success ? '' : 'un') . 'successfully')));
echo json_encode(array('success' => $success, 'message' => $this->lang->line('config_saved_' . ($success ? '' : 'un') . 'successfully')));
}
public function save_message()
{
$batch_save_data = array(
'msg_msg'=>$this->input->post('msg_msg'),
'msg_uid'=>$this->input->post('msg_uid'),
'msg_pwd'=>$this->input->post('msg_pwd'),
'msg_src'=>$this->input->post('msg_src')
'msg_msg' => $this->input->post('msg_msg'),
'msg_uid' => $this->input->post('msg_uid'),
'msg_pwd' => $this->input->post('msg_pwd'),
'msg_src' => $this->input->post('msg_src')
);
$result = $this->Appconfig->batch_save($batch_save_data);
$success = $result ? true : false;
$success = $result ? TRUE : FALSE;
echo json_encode(array('success'=>$success, 'message'=>$this->lang->line('config_saved_' . ($success ? '' : 'un') . 'successfully')));
echo json_encode(array('success' => $success, 'message' => $this->lang->line('config_saved_' . ($success ? '' : 'un') . 'successfully')));
}
public function stock_locations()
@@ -128,7 +128,7 @@ class Config extends Secure_area
$stock_locations = $this->security->xss_clean($stock_locations);
$this->load->view('partial/stock_locations', array('stock_locations'=>$stock_locations));
$this->load->view('partial/stock_locations', array('stock_locations' => $stock_locations));
}
private function _clear_session_state()
@@ -154,7 +154,7 @@ class Config extends Secure_area
$location_id = preg_replace("/.*?_(\d+)$/", "$1", $key);
unset($deleted_locations[$location_id]);
// save or update
$location_data = array('location_name'=>$value);
$location_data = array('location_name' => $value);
if ($this->Stock_location->save($location_data, $location_id))
{
$this->_clear_session_state();
@@ -172,78 +172,78 @@ class Config extends Secure_area
$success = $this->db->trans_status();
echo json_encode(array('success'=>$success, 'message'=>$this->lang->line('config_saved_' . ($success ? '' : 'un') . 'successfully')));
echo json_encode(array('success' => $success, 'message' => $this->lang->line('config_saved_' . ($success ? '' : 'un') . 'successfully')));
}
public function save_barcode()
{
$batch_save_data = array(
'barcode_type'=>$this->input->post('barcode_type'),
'barcode_quality'=>$this->input->post('barcode_quality'),
'barcode_width'=>$this->input->post('barcode_width'),
'barcode_height'=>$this->input->post('barcode_height'),
'barcode_font'=>$this->input->post('barcode_font'),
'barcode_font_size'=>$this->input->post('barcode_font_size'),
'barcode_first_row'=>$this->input->post('barcode_first_row'),
'barcode_second_row'=>$this->input->post('barcode_second_row'),
'barcode_third_row'=>$this->input->post('barcode_third_row'),
'barcode_num_in_row'=>$this->input->post('barcode_num_in_row'),
'barcode_page_width'=>$this->input->post('barcode_page_width'),
'barcode_page_cellspacing'=>$this->input->post('barcode_page_cellspacing'),
'barcode_generate_if_empty'=>$this->input->post('barcode_generate_if_empty') != null,
'barcode_content'=>$this->input->post('barcode_content')
'barcode_type' => $this->input->post('barcode_type'),
'barcode_quality' => $this->input->post('barcode_quality'),
'barcode_width' => $this->input->post('barcode_width'),
'barcode_height' => $this->input->post('barcode_height'),
'barcode_font' => $this->input->post('barcode_font'),
'barcode_font_size' => $this->input->post('barcode_font_size'),
'barcode_first_row' => $this->input->post('barcode_first_row'),
'barcode_second_row' => $this->input->post('barcode_second_row'),
'barcode_third_row' => $this->input->post('barcode_third_row'),
'barcode_num_in_row' => $this->input->post('barcode_num_in_row'),
'barcode_page_width' => $this->input->post('barcode_page_width'),
'barcode_page_cellspacing' => $this->input->post('barcode_page_cellspacing'),
'barcode_generate_if_empty' => $this->input->post('barcode_generate_if_empty') != NULL,
'barcode_content' => $this->input->post('barcode_content')
);
$result = $this->Appconfig->batch_save($batch_save_data);
$success = $result ? true : false;
$success = $result ? TRUE : FALSE;
echo json_encode(array('success'=>$success, 'message'=>$this->lang->line('config_saved_' . ($success ? '' : 'un') . 'successfully')));
echo json_encode(array('success' => $success, 'message' => $this->lang->line('config_saved_' . ($success ? '' : 'un') . 'successfully')));
}
public function save_receipt()
{
$batch_save_data = array (
'receipt_show_taxes'=>$this->input->post('receipt_show_taxes') != null,
'receipt_show_total_discount'=>$this->input->post('receipt_show_total_discount') != null,
'receipt_show_description'=>$this->input->post('receipt_show_description') != null,
'receipt_show_serialnumber'=>$this->input->post('receipt_show_serialnumber') != null,
'print_silently'=>$this->input->post('print_silently') != null,
'print_header'=>$this->input->post('print_header') != null,
'print_footer'=>$this->input->post('print_footer') != null,
'print_top_margin'=>$this->input->post('print_top_margin'),
'print_left_margin'=>$this->input->post('print_left_margin'),
'print_bottom_margin'=>$this->input->post('print_bottom_margin'),
'print_right_margin'=>$this->input->post('print_right_margin')
'receipt_show_taxes' => $this->input->post('receipt_show_taxes') != NULL,
'receipt_show_total_discount' => $this->input->post('receipt_show_total_discount') != NULL,
'receipt_show_description' => $this->input->post('receipt_show_description') != NULL,
'receipt_show_serialnumber' => $this->input->post('receipt_show_serialnumber') != NULL,
'print_silently' => $this->input->post('print_silently') != NULL,
'print_header' => $this->input->post('print_header') != NULL,
'print_footer' => $this->input->post('print_footer') != NULL,
'print_top_margin' => $this->input->post('print_top_margin'),
'print_left_margin' => $this->input->post('print_left_margin'),
'print_bottom_margin' => $this->input->post('print_bottom_margin'),
'print_right_margin' => $this->input->post('print_right_margin')
);
$result = $this->Appconfig->batch_save($batch_save_data);
$success = $result ? true : false;
$success = $result ? TRUE : FALSE;
echo json_encode(array('success'=>$success, 'message'=>$this->lang->line('config_saved_' . ($success ? '' : 'un') . 'successfully')));
echo json_encode(array('success' => $success, 'message' => $this->lang->line('config_saved_' . ($success ? '' : 'un') . 'successfully')));
}
public function save_invoice()
{
$batch_save_data = array (
'invoice_enable'=>$this->input->post('invoice_enable') != null,
'sales_invoice_format'=>$this->input->post('sales_invoice_format'),
'recv_invoice_format'=>$this->input->post('recv_invoice_format'),
'use_invoice_template'=>$this->input->post('use_invoice_template') != null,
'invoice_default_comments'=>$this->input->post('invoice_default_comments'),
'invoice_email_message'=>$this->input->post('invoice_email_message')
'invoice_enable' => $this->input->post('invoice_enable') != NULL,
'sales_invoice_format' => $this->input->post('sales_invoice_format'),
'recv_invoice_format' => $this->input->post('recv_invoice_format'),
'use_invoice_template' => $this->input->post('use_invoice_template') != NULL,
'invoice_default_comments' => $this->input->post('invoice_default_comments'),
'invoice_email_message' => $this->input->post('invoice_email_message')
);
$result = $this->Appconfig->batch_save($batch_save_data);
$success = $result ? true : false;
$success = $result ? TRUE : FALSE;
echo json_encode(array('success'=>$success, 'message'=>$this->lang->line('config_saved_' . ($success ? '' : 'un') . 'successfully')));
echo json_encode(array('success' => $success, 'message' => $this->lang->line('config_saved_' . ($success ? '' : 'un') . 'successfully')));
}
public function remove_logo()
{
$result = $this->Appconfig->batch_save(array('company_logo' => ''));
echo json_encode(array('success'=>$result));
echo json_encode(array('success' => $result));
}
private function _handle_logo_upload()

211
application/controllers/Customers.php
View File

@@ -1,5 +1,6 @@
<?php
require_once ("Person_controller.php");
class Customers extends Person_controller
{
function __construct()
@@ -7,10 +8,12 @@ class Customers extends Person_controller
parent::__construct('customers');
}
function index()
public function index()
{
$data['controller_name'] = $this->get_controller_name();
$data['table_headers'] = get_people_manage_table_headers();
$data = $this->security->xss_clean($data);
$this->load->view('people/manage', $data);
}
@@ -18,13 +21,13 @@ class Customers extends Person_controller
/*
Returns customer table data rows. This will be called with AJAX.
*/
function search()
public function search()
{
$search = $this->input->get('search');
$limit = $this->input->get('limit');
$limit = $this->input->get('limit');
$offset = $this->input->get('offset');
$sort = $this->input->get('sort');
$order = $this->input->get('order');
$sort = $this->input->get('sort');
$order = $this->input->get('order');
$customers = $this->Customer->search($search, $limit, $offset, $sort, $order);
$total_rows = $this->Customer->get_found_rows($search);
@@ -34,22 +37,25 @@ class Customers extends Person_controller
{
$data_rows[] = get_person_data_row($person, $this);
}
$data_rows = $this->security->xss_clean($data_rows);
echo json_encode(array('total' => $total_rows, 'rows' => $data_rows));
}
/*
Gives search suggestions based on what is being searched for
*/
function suggest()
public function suggest()
{
$suggestions = $this->Customer->get_search_suggestions($this->input->get('term'), TRUE);
$suggestions = $this->security->xss_clean($this->Customer->get_search_suggestions($this->input->get('term'), TRUE));
echo json_encode($suggestions);
}
function suggest_search()
public function suggest_search()
{
$suggestions = $this->Customer->get_search_suggestions($this->input->post('term'), FALSE);
$suggestions = $this->security->xss_clean($this->Customer->get_search_suggestions($this->input->post('term'), FALSE));
echo json_encode($suggestions);
}
@@ -57,10 +63,16 @@ class Customers extends Person_controller
/*
Loads the customer edit form
*/
function view($customer_id=-1)
public function view($customer_id = -1)
{
$data['person_info'] = $this->Customer->get_info($customer_id);
$data['total'] = $this->Customer->get_totals($customer_id)->total;
$info = $this->Customer->get_info($customer_id);
foreach(get_object_vars($info) as $property => $value)
{
$info->$property = $this->security->xss_clean($value);
}
$data['person_info'] = $info;
$data['total'] = $this->security->xss_clean($this->Customer->get_totals($customer_id)->total);
$this->load->view("customers/form", $data);
}
@@ -68,135 +80,140 @@ class Customers extends Person_controller
/*
Inserts/updates a customer
*/
function save($customer_id=-1)
public function save($customer_id = -1)
{
$person_data = array(
'first_name'=>$this->input->post('first_name'),
'last_name'=>$this->input->post('last_name'),
'gender'=>$this->input->post('gender'),
'email'=>$this->input->post('email'),
'phone_number'=>$this->input->post('phone_number'),
'address_1'=>$this->input->post('address_1'),
'address_2'=>$this->input->post('address_2'),
'city'=>$this->input->post('city'),
'state'=>$this->input->post('state'),
'zip'=>$this->input->post('zip'),
'country'=>$this->input->post('country'),
'comments'=>$this->input->post('comments')
'first_name' => $this->input->post('first_name'),
'last_name' => $this->input->post('last_name'),
'gender' => $this->input->post('gender'),
'email' => $this->input->post('email'),
'phone_number' => $this->input->post('phone_number'),
'address_1' => $this->input->post('address_1'),
'address_2' => $this->input->post('address_2'),
'city' => $this->input->post('city'),
'state' => $this->input->post('state'),
'zip' => $this->input->post('zip'),
'country' => $this->input->post('country'),
'comments' => $this->input->post('comments')
);
$customer_data=array(
'account_number'=>$this->input->post('account_number') == '' ? null : $this->input->post('account_number'),
'company_name'=>$this->input->post('company_name') == '' ? null : $this->input->post('company_name'),
'discount_percent'=>$this->input->post('discount_percent') == '' ? 0.00 : $this->input->post('discount_percent'),
'taxable'=>$this->input->post('taxable') != null
$customer_data = array(
'account_number' => $this->input->post('account_number') == '' ? NULL : $this->input->post('account_number'),
'company_name' => $this->input->post('company_name') == '' ? NULL : $this->input->post('company_name'),
'discount_percent' => $this->input->post('discount_percent') == '' ? 0.00 : $this->input->post('discount_percent'),
'taxable' => $this->input->post('taxable') != NULL
);
if($this->Customer->save_customer($person_data,$customer_data,$customer_id))
if($this->Customer->save_customer($person_data, $customer_data, $customer_id))
{
$person_data = $this->security->xss_clean($person_data);
$customer_data = $this->security->xss_clean($customer_data);
//New customer
if($customer_id==-1)
if($customer_id == -1)
{
echo json_encode(array('success'=>true,'message'=>$this->lang->line('customers_successful_adding').' '.
$person_data['first_name'].' '.$person_data['last_name'], 'id' => $customer_data['person_id']));
echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('customers_successful_adding').' '.
$person_data['first_name'].' '.$person_data['last_name'], 'id' => $customer_data['person_id']));
}
else //previous customer
else //Existing customer
{
echo json_encode(array('success'=>true,'message'=>$this->lang->line('customers_successful_updating').' '.
$person_data['first_name'].' '.$person_data['last_name'], 'id' => $customer_id));
echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('customers_successful_updating').' '.
$person_data['first_name'].' '.$person_data['last_name'], 'id' => $customer_id));
}
}
else//failure
{
echo json_encode(array('success'=>false,'message'=>$this->lang->line('customers_error_adding_updating').' '.
$person_data['first_name'].' '.$person_data['last_name'], 'id' => -1));
{
$person_data = $this->security->xss_clean($person_data);
echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('customers_error_adding_updating').' '.
$person_data['first_name'].' '.$person_data['last_name'], 'id' => -1));
}
}
function check_account_number()
public function check_account_number()
{
$exists = $this->Customer->account_number_exists($this->input->post('account_number'),$this->input->post('person_id'));
$exists = $this->Customer->account_number_exists($this->input->post('account_number'), $this->input->post('person_id'));
echo !$exists ? 'true' : 'false';
echo !$exists ? 'TRUE' : 'FALSE';
}
/*
This deletes customers from the customers table
*/
function delete()
public function delete()
{
$customers_to_delete=$this->input->post('ids');
$customers_to_delete = $this->security->xss_clean($this->input->post('ids'));
if($this->Customer->delete_list($customers_to_delete))
{
echo json_encode(array('success'=>true,'message'=>$this->lang->line('customers_successful_deleted').' '.
count($customers_to_delete).' '.$this->lang->line('customers_one_or_multiple')));
echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('customers_successful_deleted').' '.
count($customers_to_delete).' '.$this->lang->line('customers_one_or_multiple')));
}
else
{
echo json_encode(array('success'=>false,'message'=>$this->lang->line('customers_cannot_be_deleted')));
echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('customers_cannot_be_deleted')));
}
}
function excel()
/*
Customer import from excel spreadsheet
*/
public function excel()
{
$data = file_get_contents("import_customers.csv");
$name = 'import_customers.csv';
force_download($name, $data);
}
function excel_import()
public function excel_import()
{
$this->load->view("customers/form_excel_import", null);
$this->load->view("customers/form_excel_import", NULL);
}
function do_excel_import()
public function do_excel_import()
{
$msg = 'do_excel_import';
$failCodes = array();
if ($_FILES['file_path']['error'] != UPLOAD_ERR_OK)
if($_FILES['file_path']['error'] != UPLOAD_ERR_OK)
{
$msg = $this->lang->line('items_excel_import_failed');
echo json_encode( array('success'=>false,'message'=>$msg) );
return;
echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('items_excel_import_failed')));
}
else
{
if (($handle = fopen($_FILES['file_path']['tmp_name'], "r")) !== FALSE)
if(($handle = fopen($_FILES['file_path']['tmp_name'], "r")) !== FALSE)
{
// Skip the first row as it's the table description
fgetcsv($handle);
$i=1;
while (($data = fgetcsv($handle)) !== FALSE)
$i = 1;
$failCodes = array();
while(($data = fgetcsv($handle)) !== FALSE)
{
// XSS file data sanity check
$data = $this->security->xss_clean($data);
$person_data = array(
'first_name'=>$data[0],
'last_name'=>$data[1],
'gender'=>$data[2],
'email'=>$data[3],
'phone_number'=>$data[4],
'address_1'=>$data[5],
'address_2'=>$data[6],
'city'=>$data[7],
'state'=>$data[8],
'zip'=>$data[9],
'country'=>$data[10],
'comments'=>$data[11]
'first_name' => $data[0],
'last_name' => $data[1],
'gender' => $data[2],
'email' => $data[3],
'phone_number' => $data[4],
'address_1' => $data[5],
'address_2' => $data[6],
'city' => $data[7],
'state' => $data[8],
'zip' => $data[9],
'country' => $data[10],
'comments' => $data[11]
);
$customer_data = array(
'company_name'=>$data[12],
'discount_percent'=>$data[14],
'taxable'=>$data[15]=='' ? 0 : 1
'company_name' => $data[12],
'discount_percent' => $data[14],
'taxable' => $data[15]=='' ? 0 : 1
);
$account_number = $data[13];
$invalidated = false;
if ($account_number != "")
$invalidated = FALSE;
if($account_number != "")
{
$customer_data['account_number'] = $account_number;
$invalidated = $this->Customer->account_number_exists($account_number);
@@ -209,27 +226,23 @@ class Customers extends Person_controller
$i++;
}
if(count($failCodes) > 0)
{
$msg = 'Most customers imported. But some were not, here is list of their CODE (' . count($failCodes) . '): ' . implode(', ', $failCodes);
echo json_encode(array('success' => FALSE, 'message' => $msg));
}
else
{
echo json_encode(array('success' => TRUE, 'message' => 'Import of Customers successful'));
}
}
else
{
echo json_encode( array('success'=>false, 'message'=>'Your uploaded file has no data or wrong format') );
return;
echo json_encode(array('success' => FALSE, 'message' => 'Your uploaded file has no data or wrong format'));
}
}
$success = true;
if(count($failCodes) > 0)
{
$msg = "Most customers imported. But some were not, here is list of their CODE (" .count($failCodes) ."): ".implode(", ", $failCodes);
$success = false;
}
else
{
$msg = "Import of Customers successful";
}
echo json_encode( array('success'=>$success, 'message'=>$msg) );
}
}
?>

134
application/controllers/Employees.php
View File

@@ -8,124 +8,162 @@ class Employees extends Person_controller
parent::__construct('employees');
}
function index()
public function index()
{
$data['controller_name'] = $this->get_controller_name();
$data['table_headers'] = get_people_manage_table_headers();
$this->load->view('people/manage',$data);
$data = $this->security->xss_clean($data);
$this->load->view('people/manage', $data);
}
/*
Returns employee table data rows. This will be called with AJAX.
*/
function search()
public function search()
{
$search = $this->input->get('search');
$limit = $this->input->get('limit');
$limit = $this->input->get('limit');
$offset = $this->input->get('offset');
$sort = $this->input->get('sort');
$order = $this->input->get('order');
$sort = $this->input->get('sort');
$order = $this->input->get('order');
$employees = $this->Employee->search($search, $limit, $offset, $sort, $order);
$total_rows = $this->Employee->get_found_rows($search);
$data_rows = array();
foreach($employees->result() as $person)
{
$data_rows[] = get_person_data_row($person, $this);
}
$data_rows = $this->security->xss_clean($data_rows);
echo json_encode(array('total' => $total_rows, 'rows' => $data_rows));
}
/*
Gives search suggestions based on what is being searched for
*/
function suggest_search()
public function suggest_search()
{
$suggestions = $this->Employee->get_search_suggestions($this->input->post('term'));
$suggestions = $this->security->xss_clean($this->Employee->get_search_suggestions($this->input->post('term')));
echo json_encode($suggestions);
}
/*
Loads the employee edit form
*/
function view($employee_id=-1)
public function view($employee_id = -1)
{
$data['person_info']=$this->Employee->get_info($employee_id);
$data['all_modules']=$this->Module->get_all_modules();
$data['all_subpermissions']=$this->Module->get_all_subpermissions();
$this->load->view("employees/form",$data);
$person_info = $this->Employee->get_info($employee_id);
foreach(get_object_vars($person_info) as $property => $value)
{
$person_info->$property = $this->security->xss_clean($value);
}
$data['person_info'] = $person_info;
$modules = array();
foreach($this->Module->get_all_modules()->result() as $module)
{
$module->module_id = $this->security->xss_clean($module->module_id);
$module->grant = $this->security->xss_clean($this->Employee->has_grant($module->module_id, $person_info->person_id));
$modules[] = $module;
}
$data['all_modules'] = $modules;
$permissions = array();
foreach($this->Module->get_all_subpermissions()->result() as $permission)
{
$permission->module_id = $this->security->xss_clean($permission->module_id);
$permission->permission_id = $this->security->xss_clean($permission->permission_id);
$permission->grant = $this->security->xss_clean($this->Employee->has_grant($permission->permission_id, $person_info->person_id));
$permissions[] = $permission;
}
$data['all_subpermissions'] = $permissions;
$this->load->view("employees/form", $data);
}
/*
Inserts/updates an employee
*/
function save($employee_id=-1)
public function save($employee_id = -1)
{
$person_data = array(
'first_name'=>$this->input->post('first_name'),
'last_name'=>$this->input->post('last_name'),
'gender'=>$this->input->post('gender'),
'email'=>$this->input->post('email'),
'phone_number'=>$this->input->post('phone_number'),
'address_1'=>$this->input->post('address_1'),
'address_2'=>$this->input->post('address_2'),
'city'=>$this->input->post('city'),
'state'=>$this->input->post('state'),
'zip'=>$this->input->post('zip'),
'country'=>$this->input->post('country'),
'comments'=>$this->input->post('comments')
'first_name' => $this->input->post('first_name'),
'last_name' => $this->input->post('last_name'),
'gender' => $this->input->post('gender'),
'email' => $this->input->post('email'),
'phone_number' => $this->input->post('phone_number'),
'address_1' => $this->input->post('address_1'),
'address_2' => $this->input->post('address_2'),
'city' => $this->input->post('city'),
'state' => $this->input->post('state'),
'zip' => $this->input->post('zip'),
'country' => $this->input->post('country'),
'comments' => $this->input->post('comments')
);
$grants_data = $this->input->post('grants') != null ? $this->input->post('grants') : array();
$grants_data = $this->input->post('grants') != NULL ? $this->input->post('grants') : array();
//Password has been changed OR first time password set
if ( $this->input->post('password') != '' )
if($this->input->post('password') != '')
{
$employee_data=array(
'username'=>$this->input->post('username'),
'password'=>md5($this->input->post('password'))
$employee_data = array(
'username' => $this->input->post('username'),
'password' => md5($this->input->post('password'))
);
}
else //Password not changed
{
$employee_data=array('username'=>$this->input->post('username'));
$employee_data = array('username' => $this->input->post('username'));
}
if($this->Employee->save_employee($person_data,$employee_data,$grants_data,$employee_id))
if($this->Employee->save_employee($person_data, $employee_data, $grants_data, $employee_id))
{
$person_data = $this->security->xss_clean($person_data);
$employee_data = $this->security->xss_clean($employee_data);
//New employee
if($employee_id==-1)
if($employee_id == -1)
{
echo json_encode(array('success'=>true,'message'=>$this->lang->line('employees_successful_adding').' '.
$person_data['first_name'].' '.$person_data['last_name'],'id'=>$employee_data['person_id']));
echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('employees_successful_adding').' '.
$person_data['first_name'].' '.$person_data['last_name'], 'id' => $employee_data['person_id']));
}
else //previous employee
else //Existing employee
{
echo json_encode(array('success'=>true,'message'=>$this->lang->line('employees_successful_updating').' '.
$person_data['first_name'].' '.$person_data['last_name'],'id'=>$employee_id));
echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('employees_successful_updating').' '.
$person_data['first_name'].' '.$person_data['last_name'], 'id' => $employee_id));
}
}
else//failure
{
echo json_encode(array('success'=>false,'message'=>$this->lang->line('employees_error_adding_updating').' '.
$person_data['first_name'].' '.$person_data['last_name'],'id'=>-1));
{
$person_data = $this->security->xss_clean($person_data);
echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('employees_error_adding_updating').' '.
$person_data['first_name'].' '.$person_data['last_name'], 'id' => -1));
}
}
/*
This deletes employees from the employees table
*/
function delete()
public function delete()
{
$employees_to_delete=$this->input->post('ids');
$employees_to_delete = $this->security->xss_clean($this->input->post('ids'));
if($this->Employee->delete_list($employees_to_delete))
{
echo json_encode(array('success'=>true,'message'=>$this->lang->line('employees_successful_deleted').' '.
count($employees_to_delete).' '.$this->lang->line('employees_one_or_multiple')));
echo json_encode(array('success' => TRUE,'message' => $this->lang->line('employees_successful_deleted').' '.
count($employees_to_delete).' '.$this->lang->line('employees_one_or_multiple')));
}
else
{
echo json_encode(array('success'=>false,'message'=>$this->lang->line('employees_cannot_be_deleted')));
echo json_encode(array('success' => FALSE,'message' => $this->lang->line('employees_cannot_be_deleted')));
}
}
}

32
application/controllers/Giftcards.php
View File

@@ -49,18 +49,14 @@ class Giftcards extends Secure_area implements iData_controller
*/
public function suggest_search()
{
$suggestions = $this->Giftcard->get_search_suggestions($this->input->post('term'));
$suggestions = $this->security->xss_clean($suggestions);
$suggestions = $this->security->xss_clean($this->Giftcard->get_search_suggestions($this->input->post('term')));
echo json_encode($suggestions);
}
public function get_row($row_id)
{
$data_row = get_giftcard_data_row($this->Giftcard->get_info($row_id), $this);
$data_row = $this->security->xss_clean($data_row);
$data_row = $this->security->xss_clean(get_giftcard_data_row($this->Giftcard->get_info($row_id), $this));
echo json_encode($data_row);
}
@@ -91,39 +87,41 @@ class Giftcards extends Secure_area implements iData_controller
if($this->Giftcard->save($giftcard_data, $giftcard_id))
{
$giftcard_data = $this->security->xss_clean($giftcard_data);
//New giftcard
if($giftcard_id == -1)
{
echo json_encode(array('success'=>true, 'message'=>$this->lang->line('giftcards_successful_adding').' '.
$giftcard_data['giftcard_number'], 'id'=>$giftcard_data['giftcard_id']));
echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('giftcards_successful_adding').' '.
$giftcard_data['giftcard_number'], 'id' => $giftcard_data['giftcard_id']));
}
else //Existing giftcard
{
echo json_encode(array('success'=>true, 'message'=>$this->lang->line('giftcards_successful_updating').' '.
$giftcard_data['giftcard_number'], 'id'=>$giftcard_id));
echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('giftcards_successful_updating').' '.
$giftcard_data['giftcard_number'], 'id' => $giftcard_id));
}
}
else //failure
{
echo json_encode(array('success'=>false,'message'=>$this->lang->line('giftcards_error_adding_updating').' '.
$giftcard_data['giftcard_number'], 'id'=>-1));
$giftcard_data = $this->security->xss_clean($giftcard_data);
echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('giftcards_error_adding_updating').' '.
$giftcard_data['giftcard_number'], 'id' => -1));
}
}
public function delete()
{
$giftcards_to_delete = $this->input->post('ids');
$giftcards_to_delete = $this->security->xss_clean($giftcards_to_delete);
$giftcards_to_delete = $this->security->xss_clean($this->input->post('ids'));
if($this->Giftcard->delete_list($giftcards_to_delete))
{
echo json_encode(array('success'=>true, 'message'=>$this->lang->line('giftcards_successful_deleted').' '.
echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('giftcards_successful_deleted').' '.
count($giftcards_to_delete).' '.$this->lang->line('giftcards_one_or_multiple')));
}
else
{
echo json_encode(array('success'=>false, 'message'=>$this->lang->line('giftcards_cannot_be_deleted')));
echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('giftcards_cannot_be_deleted')));
}
}
}

105
application/controllers/Item_kits.php
View File

@@ -10,14 +10,18 @@ class Item_kits extends Secure_area implements iData_controller
}
// add the total cost and retail price to a passed items kit retrieving the data from each singolar item part of the kit
private function add_totals_to_item_kit($item_kit)
private function _add_totals_to_item_kit($item_kit)
{
$item_kit->total_cost_price = 0;
$item_kit->total_unit_price = 0;
foreach ($this->Item_kit_items->get_info($item_kit->item_kit_id) as $item_kit_item)
foreach($this->Item_kit_items->get_info($item_kit->item_kit_id) as $item_kit_item)
{
$item_info = $this->Item->get_info($item_kit_item['item_id']);
foreach(get_object_vars($item_info) as $property => $value)
{
$item_info->$property = $this->security->xss_clean($value);
}
$item_kit->total_cost_price += $item_info->cost_price * $item_kit_item['quantity'];
$item_kit->total_unit_price += $item_info->unit_price * $item_kit_item['quantity'];
@@ -26,24 +30,26 @@ class Item_kits extends Secure_area implements iData_controller
return $item_kit;
}
function index()
public function index()
{
$data['controller_name'] = $this->get_controller_name();
$data['table_headers'] = get_item_kits_manage_table_headers();
$data = $this->security->xss_clean($data);
$this->load->view('item_kits/manage', $data);
}
/*
Returns Item kits table data rows. This will be called with AJAX.
*/
function search()
public function search()
{
$search = $this->input->get('search');
$limit = $this->input->get('limit');
$limit = $this->input->get('limit');
$offset = $this->input->get('offset');
$sort = $this->input->get('sort');
$order = $this->input->get('order');
$sort = $this->input->get('sort');
$order = $this->input->get('order');
$item_kits = $this->Item_kit->search($search, $limit, $offset, $sort, $order);
$total_rows = $this->Item_kit->get_found_rows($search);
@@ -52,49 +58,70 @@ class Item_kits extends Secure_area implements iData_controller
foreach($item_kits->result() as $item_kit)
{
// calculate the total cost and retail price of the Kit so it can be printed out in the manage table
$item_kit = $this->add_totals_to_item_kit($item_kit);
$item_kit = $this->_add_totals_to_item_kit($item_kit);
$data_rows[] = get_item_kit_data_row($item_kit, $this);
}
$data_rows = $this->security->xss_clean($data_rows);
echo json_encode(array('total' => $total_rows, 'rows' => $data_rows));
}
function suggest_search()
public function suggest_search()
{
$suggestions = $this->Item_kit->get_search_suggestions($this->input->post('term'));
$suggestions = $this->security->xss_clean($this->Item_kit->get_search_suggestions($this->input->post('term')));
echo json_encode($suggestions);
}
function get_row($row_id)
public function get_row($row_id)
{
// calculate the total cost and retail price of the Kit so it can be added to the table refresh
$item_kit = $this->add_totals_to_item_kit($this->Item_kit->get_info($row_id));
$item_kit = $this->_add_totals_to_item_kit($this->Item_kit->get_info($row_id));
echo json_encode(get_item_kit_data_row($item_kit, $this));
}
function view($item_kit_id=-1)
public function view($item_kit_id = -1)
{
$data['item_kit_info'] = $this->Item_kit->get_info($item_kit_id);
$info = $this->Item_kit->get_info($item_kit_id);
foreach(get_object_vars($info) as $property => $value)
{
$info->$property = $this->security->xss_clean($value);
}
$data['item_kit_info'] = $info;
$items = array();
foreach($this->Item_kit_items->get_info($item_kit_id) as $item_kit_item)
{
$item['name'] = $this->security->xss_clean($this->Item->get_info($item_kit_item['item_id'])->name);
$item['item_id'] = $this->security->xss_clean($item_kit_item['item_id']);
$item['quantity'] = $this->security->xss_clean($item_kit_item['quantity']);
$items[] = $item;
}
$data['item_kit_items'] = $items;
$this->load->view("item_kits/form", $data);
}
function save($item_kit_id=-1)
public function save($item_kit_id = -1)
{
$item_kit_data = array(
'name' => $this->input->post('name'),
'description' => $this->input->post('description')
);
if ($this->Item_kit->save($item_kit_data, $item_kit_id))
if($this->Item_kit->save($item_kit_data, $item_kit_id))
{
$success = TRUE;
//New item kit
if ($item_kit_id==-1) {
if ($item_kit_id == -1)
{
$item_kit_id = $item_kit_data['item_kit_id'];
}
if ( $this->input->post('item_kit_item') != null )
if($this->input->post('item_kit_item') != NULL)
{
$item_kit_items = array();
foreach($this->input->post('item_kit_item') as $item_id => $quantity)
@@ -107,46 +134,50 @@ class Item_kits extends Secure_area implements iData_controller
$success = $this->Item_kit_items->save($item_kit_items, $item_kit_id);
}
echo json_encode(array('success'=>$success,
'message'=>$this->lang->line('item_kits_successful_adding').' '.$item_kit_data['name'],
'id'=>$item_kit_id));
$item_kit_data = $this->security->xss_clean($item_kit_data);
echo json_encode(array('success' => $success,
'message' => $this->lang->line('item_kits_successful_adding').' '.$item_kit_data['name'], 'id' => $item_kit_id));
}
else//failure
{
echo json_encode(array('success'=>false,
'message'=>$this->lang->line('item_kits_error_adding_updating').' '.$item_kit_data['name'],
'id'=>-1));
$item_kit_data = $this->security->xss_clean($item_kit_data);
echo json_encode(array('success' => FALSE,
'message' => $this->lang->line('item_kits_error_adding_updating').' '.$item_kit_data['name'], 'id' => -1));
}
}
function delete()
public function delete()
{
$item_kits_to_delete = $this->input->post('ids');
$item_kits_to_delete = $this->security->xss_clean($this->input->post('ids'));
if ($this->Item_kit->delete_list($item_kits_to_delete))
if($this->Item_kit->delete_list($item_kits_to_delete))
{
echo json_encode(array('success'=>true,
'message'=>$this->lang->line('item_kits_successful_deleted').' '.count($item_kits_to_delete).' '.$this->lang->line('item_kits_one_or_multiple')));
echo json_encode(array('success' => TRUE,
'message' => $this->lang->line('item_kits_successful_deleted').' '.count($item_kits_to_delete).' '.$this->lang->line('item_kits_one_or_multiple')));
}
else
{
echo json_encode(array('success'=>false,
'message'=>$this->lang->line('item_kits_cannot_be_deleted')));
echo json_encode(array('success' => FALSE,
'message' => $this->lang->line('item_kits_cannot_be_deleted')));
}
}
function generate_barcodes($item_kit_ids)
public function generate_barcodes($item_kit_ids)
{
$this->load->library('barcode_lib');
$result = array();
$item_kit_ids = explode(':', $item_kit_ids);
foreach ($item_kit_ids as $item_kid_id)
foreach($item_kit_ids as $item_kid_id)
{
// calculate the total cost and retail price of the Kit so it can be added to the barcode text at the bottom
$item_kit = $this->add_totals_to_item_kit($this->Item_kit->get_info($item_kid_id));
$item_kit = $this->_add_totals_to_item_kit($this->Item_kit->get_info($item_kid_id));
$result[] = array('name'=>$item_kit->name, 'item_id'=>urldecode($item_kid_id), 'item_number'=>urldecode($item_kid_id), 'cost_price'=>$item_kit->total_cost_price, 'unit_price'=>$item_kit->total_unit_price);
$result[] = array('name' => $item_kit->name, 'item_id' => urldecode($item_kid_id), 'item_number' => urldecode($item_kid_id),
'cost_price' => $item_kit->total_cost_price, 'unit_price' => $item_kit->total_unit_price);
}
$data['items'] = $result;
@@ -158,7 +189,7 @@ class Item_kits extends Secure_area implements iData_controller
$barcode_config['barcode_type'] = 'Code128';
}
$data['barcode_config'] = $barcode_config;
// display barcodes
$this->load->view("barcodes/barcode_sheet", $data);
}

15
application/controllers/Person_controller.php
View File

@@ -1,8 +1,9 @@
<?php
require_once ("Secure_area.php");
abstract class Person_controller extends Secure_area
{
function __construct($module_id=null)
function __construct($module_id = NULL)
{
parent::__construct($module_id);
}
@@ -10,18 +11,20 @@ abstract class Person_controller extends Secure_area
/*
Gives search suggestions based on what is being searched for
*/
function suggest()
public function suggest()
{
$suggestions = $this->Person->get_search_suggestions($this->input->post('q'),$this->input->post('limit'));
echo implode("\n",$suggestions);
$suggestions = $this->security->xss_clean($this->Person->get_search_suggestions($this->input->post('term')));
echo json_encode($suggestions);
}
/*
Gets one row for a person manage table. This is called using AJAX to update one row.
*/
function get_row($row_id)
public function get_row($row_id)
{
$data_row=get_person_data_row($this->Person->get_info($row_id),$this);
$data_row = $this->security->xss_clean(get_person_data_row($this->Person->get_info($row_id), $this));
echo json_encode($data_row);
}
}

110
application/controllers/Suppliers.php
View File

@@ -1,5 +1,6 @@
<?php
require_once ("Person_controller.php");
class Suppliers extends Person_controller
{
function __construct()
@@ -7,119 +8,138 @@ class Suppliers extends Person_controller
parent::__construct('suppliers');
}
function index()
public function index()
{
$data['controller_name'] = $this->get_controller_name();
$data['table_headers'] = get_suppliers_manage_table_headers();
$data = $this->security->xss_clean($data);
$this->load->view('people/manage', $data);
}
/*
Returns Supplier table data rows. This will be called with AJAX.
*/
function search()
public function search()
{
$search = $this->input->get('search');
$limit = $this->input->get('limit');
$limit = $this->input->get('limit');
$offset = $this->input->get('offset');
$sort = $this->input->get('sort');
$order = $this->input->get('order');
$sort = $this->input->get('sort');
$order = $this->input->get('order');
$suppliers = $this->Supplier->search($search, $limit, $offset, $sort, $order);
$total_rows = $this->Supplier->get_found_rows($search);
$data_rows = array();
foreach($suppliers->result() as $supplier)
{
$data_rows[] = get_supplier_data_row($supplier, $this);
}
$data_rows = $this->security->xss_clean($data_rows);
echo json_encode(array('total' => $total_rows, 'rows' => $data_rows));
}
/*
Gives search suggestions based on what is being searched for
*/
function suggest()
public function suggest()
{
$suggestions = $this->Supplier->get_search_suggestions($this->input->get('term'), TRUE);
$suggestions = $this->security->xss_clean($this->Supplier->get_search_suggestions($this->input->get('term'), TRUE));
echo json_encode($suggestions);
}
function suggest_search()
public function suggest_search()
{
$suggestions = $this->Supplier->get_search_suggestions($this->input->post('term'), FALSE);
$suggestions = $this->security->xss_clean($this->Supplier->get_search_suggestions($this->input->post('term'), FALSE));
echo json_encode($suggestions);
}
/*
Loads the supplier edit form
*/
function view($supplier_id=-1)
public function view($supplier_id = -1)
{
$data['person_info']=$this->Supplier->get_info($supplier_id);
$this->load->view("suppliers/form",$data);
$info = $this->Supplier->get_info($supplier_id);
foreach(get_object_vars($info) as $property => $value)
{
$info->$property = $this->security->xss_clean($value);
}
$data['person_info'] = $info;
$this->load->view("suppliers/form", $data);
}
/*
Inserts/updates a supplier
*/
function save($supplier_id=-1)
public function save($supplier_id = -1)
{
$person_data = array(
'first_name'=>$this->input->post('first_name'),
'last_name'=>$this->input->post('last_name'),
'gender'=>$this->input->post('gender'),
'email'=>$this->input->post('email'),
'phone_number'=>$this->input->post('phone_number'),
'address_1'=>$this->input->post('address_1'),
'address_2'=>$this->input->post('address_2'),
'city'=>$this->input->post('city'),
'state'=>$this->input->post('state'),
'zip'=>$this->input->post('zip'),
'country'=>$this->input->post('country'),
'comments'=>$this->input->post('comments')
'first_name' => $this->input->post('first_name'),
'last_name' => $this->input->post('last_name'),
'gender' => $this->input->post('gender'),
'email' => $this->input->post('email'),
'phone_number' => $this->input->post('phone_number'),
'address_1' => $this->input->post('address_1'),
'address_2' => $this->input->post('address_2'),
'city' => $this->input->post('city'),
'state' => $this->input->post('state'),
'zip' => $this->input->post('zip'),
'country' => $this->input->post('country'),
'comments' => $this->input->post('comments')
);
$supplier_data=array(
'company_name'=>$this->input->post('company_name'),
'agency_name'=>$this->input->post('agency_name'),
'account_number'=>$this->input->post('account_number') == '' ? null : $this->input->post('account_number')
$supplier_data = array(
'company_name' => $this->input->post('company_name'),
'agency_name' => $this->input->post('agency_name'),
'account_number' => $this->input->post('account_number') == '' ? NULL : $this->input->post('account_number')
);
if($this->Supplier->save_supplier($person_data,$supplier_data,$supplier_id))
if($this->Supplier->save_supplier($person_data, $supplier_data, $supplier_id))
{
$supplier_data = $this->security->xss_clean($supplier_data);
//New supplier
if($supplier_id==-1)
if($supplier_id == -1)
{
echo json_encode(array('success'=>true,'message'=>$this->lang->line('suppliers_successful_adding').' '.
$supplier_data['company_name'],'id'=>$supplier_data['person_id']));
echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('suppliers_successful_adding').' '.
$supplier_data['company_name'], 'id' => $supplier_data['person_id']));
}
else //previous supplier
else //Existing supplier
{
echo json_encode(array('success'=>true,'message'=>$this->lang->line('suppliers_successful_updating').' '.
$supplier_data['company_name'],'id'=>$supplier_id));
echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('suppliers_successful_updating').' '.
$supplier_data['company_name'], 'id' => $supplier_id));
}
}
else//failure
{
echo json_encode(array('success'=>false,'message'=>$this->lang->line('suppliers_error_adding_updating').' '.
$supplier_data['company_name'],'id'=>-1));
{
$supplier_data = $this->security->xss_clean($supplier_data);
echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('suppliers_error_adding_updating').' '.
$supplier_data['company_name'], 'id' => -1));
}
}
/*
This deletes suppliers from the suppliers table
*/
function delete()
public function delete()
{
$suppliers_to_delete=$this->input->post('ids');
$suppliers_to_delete = $this->security->xss_clean($this->input->post('ids'));
if($this->Supplier->delete_list($suppliers_to_delete))
{
echo json_encode(array('success'=>true,'message'=>$this->lang->line('suppliers_successful_deleted').' '.
count($suppliers_to_delete).' '.$this->lang->line('suppliers_one_or_multiple')));
echo json_encode(array('success' => TRUE,'message' => $this->lang->line('suppliers_successful_deleted').' '.
count($suppliers_to_delete).' '.$this->lang->line('suppliers_one_or_multiple')));
}
else
{
echo json_encode(array('success'=>false,'message'=>$this->lang->line('suppliers_cannot_be_deleted')));
echo json_encode(array('success' => FALSE,'message' => $this->lang->line('suppliers_cannot_be_deleted')));
}
}

27
application/views/employees/form.php
View File

@@ -77,34 +77,33 @@
<ul id="permission_list">
<?php
foreach($all_modules->result() as $module)
foreach($all_modules as $module)
{
?>
<li>
<?php echo form_checkbox("grants[]",$module->module_id,$this->Employee->has_grant($module->module_id,$person_info->person_id),"class='module'"); ?>
<?php echo form_checkbox("grants[]", $module->module_id, $module->grant, "class='module'"); ?>
<span class="medium"><?php echo $this->lang->line('module_'.$module->module_id);?>:</span>
<span class="small"><?php echo $this->lang->line('module_'.$module->module_id.'_desc');?></span>
<?php
foreach($all_subpermissions->result() as $permission)
foreach($all_subpermissions as $permission)
{
$exploded_permission = explode('_', $permission->permission_id);
if ($permission->module_id == $module->module_id)
if($permission->module_id == $module->module_id)
{
$lang_key = $module->module_id.'_'.$exploded_permission[1];
$lang_line = $this->lang->line($lang_key);
$lang_line = ($this->lang->line_tbd($lang_key) == $lang_line) ? $exploded_permission[1] : $lang_line;
if (empty($lang_line))
if(!empty($lang_line))
{
continue;
}
?>
<ul>
<li>
<?php echo form_checkbox("grants[]", $permission->permission_id, $this->Employee->has_grant($permission->permission_id,$person_info->person_id)); ?>
<span class="medium"><?php echo $lang_line ?></span>
</li>
</ul>
<?php
<ul>
<li>
<?php echo form_checkbox("grants[]", $permission->permission_id, $permission->grant); ?>
<span class="medium"><?php echo $lang_line ?></span>
</li>
</ul>
<?php
}
}
}
?>

5
application/views/item_kits/form.php
View File

@@ -49,13 +49,12 @@
</thead>
<tbody>
<?php
foreach ($this->Item_kit_items->get_info($item_kit_info->item_kit_id) as $item_kit_item)
foreach($item_kit_items as $item_kit_item)
{
?>
<tr>
<?php $item_info = $this->Item->get_info($item_kit_item['item_id']); ?>
<td><a href='#' onclick='return delete_item_kit_row(this);'><span class='glyphicon glyphicon-trash'></span></a></td>
<td><?php echo $item_info->name; ?></td>
<td><?php echo $item_kit_item['name']; ?></td>
<td><input class='quantity form-control input-sm' id='item_kit_item_<?php echo $item_kit_item['item_id'] ?>' name=item_kit_item[<?php echo $item_kit_item['item_id'] ?>] value='<?php echo to_quantity_decimals($item_kit_item['quantity']) ?>'/></td>
</tr>
<?php