X-Git-Url: http://git.harvie.cz/?a=blobdiff_plain;f=assistants%2Fsell.inc.php;h=33b08e57cb62e12cca50f7c6962896469ad1866f;hb=a5094502005a6f99b8e4533e4107490868500411;hp=cb038d21d3151cd4bd726c0066792f9fb837d11b;hpb=5ef6c52f74756cfd5fc08f5af74b970d560b0293;p=mirrors%2FSokoMan.git
diff --git a/assistants/sell.inc.php b/assistants/sell.inc.php
index cb038d2..33b08e5 100644
--- a/assistants/sell.inc.php
+++ b/assistants/sell.inc.php
@@ -14,8 +14,9 @@ $hide_cols_common = array_merge($hide_cols_additional,array('status_id','item_pr
switch($SUBPATH[0]) {
default: case 1:
+ $serial = isset($_GET['serial']) ? htmlspecialchars($_GET['serial']) : ''; //TODO: XSS
echo $this->html->form("$URL/2", 'GET', array(
- array('serial','','text',false,'autofocus','item_serial:'),
+ array('serial',$serial,'text',false,'autofocus','item_serial:'),
array('quantity','1','text',false,false,'quantity:'),
array(false,$button_label,'submit')
));
@@ -25,6 +26,7 @@ switch($SUBPATH[0]) {
$item_id = $this->db->map_unique('item_serial', $item_serial, 'item_id', 'item');
$current = $this->db->get_listing('item', $item_id, 1);
+ $current[$item_id]['item_author'] = $this->db->auth->get_user_id();
$forked_item = $current;
$model_id = $this->db->map_unique('item_serial', $item_serial, 'model_id', 'item');
@@ -51,8 +53,8 @@ switch($SUBPATH[0]) {
echo("Stock: ".$quantity_stored."
Disposing/Selling: ".$quantity_removed."
Keeping: ".$item_quantity);
$current[$item_id]['item_quantity'] = $item_quantity;
- $current[$item_id]['item_price_in'] = $item_quantity * $model_price_in;
- $current[$item_id]['item_price_out'] = $item_quantity * $model_price_out;
+ $current[$item_id]['item_price_in'] -= $quantity_removed * $model_price_in;
+ $current[$item_id]['item_price_out'] -= $quantity_removed * $model_price_out;
$forked_item[$item_id]['item_id'] = '';
$forked_item[$item_id]['item_serial'] .= '@'.time();