GIT.Harvie.CZ / mirrors / SokoMan.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Vylepseni prekladu
[mirrors/SokoMan.git] / assistants / store.inc.php
diff --git a/assistants/store.inc.php b/assistants/store.inc.php
index fcc420f55aadaf440831f5a135bb02281504c7ff..418ce9407177537b47a4bd616197115ebb0da6ab 100644 (file)
--- a/assistants/store.inc.php
+++ b/assistants/store.inc.php
@@ -1,37 +1,41 @@
 <?php
 switch($SUBPATH[0]) {
        default: case 1:
+               $barcode = isset($_GET['barcode']) ? htmlspecialchars($_GET['barcode']) : ''; //TODO: XSS
                echo $this->html->form("$URL/2", 'GET', array(
-                       array('barcode','','text',false,'autofocus','model_barcode:'),
+                       array('barcode',$barcode,'text',false,'autofocus','model_barcode:'),
                        array('quantity','1','text',false,false,'quantity:'),
                        array(false,'STORE','submit')
                ));
                break;
        case 2:
                $model_id = $this->db->map_unique('model_barcode', $_GET['barcode'], 'model_id', 'model');
+               $item_price_in = $this->db->map_unique('item_serial', $_GET['barcode'], 'item_price_in', 'item', false);
+               $item_price_out = $this->db->map_unique('item_serial', $_GET['barcode'], 'item_price_out', 'item', false);
+               $model_price_in = $this->db->map_unique('model_barcode', $_GET['barcode'], 'model_price_in', 'model');
+               $model_price_out = $this->db->map_unique('model_barcode', $_GET['barcode'], 'model_price_out', 'model');
 
-               $disable_cols = array('status_id','item_price_out','item_customer', 'model_id','item_quantity');
+               $disable_cols = array('status_id','item_price_out','item_customer', 'model_id','item_quantity','item_date_sold');
                if($this->db->map_unique('model_barcode', $_GET['barcode'], 'model_countable', 'model')) {
+                       $multi_insert = true;
                        //$disable_cols[] = 'item_quantity';
                        $item_serial = '';
-                       $item_quantity = 1;
+                       $item_quantity = $quantity_added = 1;
                        $action = $_SERVER['SCRIPT_NAME'].'/item/new';
                } else {
+                       $multi_insert = false;
                        $quantity_added = $_GET['quantity'];
                        if($quantity_added <= 0) $this->post_redirect_get("$URL_INTERNAL/1","Can't store non-possitive amount of items!");
                        if(!is_numeric($quantity_added)) $quantity_added = 1;
                        $quantity_stored = $this->db->map_unique('item_serial', $_GET['barcode'], 'item_quantity', 'item', false);
-                       $item_price_in = $this->db->map_unique('item_serial', $_GET['barcode'], 'item_price_in', 'item', false);
-                       $item_price_out = $this->db->map_unique('item_serial', $_GET['barcode'], 'item_price_out', 'item', false);
-                       $model_price_in = $this->db->map_unique('model_barcode', $_GET['barcode'], 'model_price_in', 'model');
-                       $model_price_out = $this->db->map_unique('model_barcode', $_GET['barcode'], 'model_price_out', 'model');
                        if(!is_numeric($quantity_stored)) $quantity_stored = 0;
-                       echo("Quantity stored: ".$quantity_stored);
 
                        $disable_cols[] = 'item_serial';
                        $item_serial = $_GET['barcode'];
                        $item_quantity = $quantity_stored + $quantity_added;
                        $action = $_SERVER['SCRIPT_NAME'].'/item/0/edit';
+
+                       echo('Stock: '.$quantity_stored.'<br />Storing: '.$quantity_added.'<br />Total: '.$item_quantity);
                }
                $columns = $this->db->get_columns('item');
 
@@ -45,9 +49,11 @@ switch($SUBPATH[0]) {
                        'status_id' => 1,
                        'item_price_in' => $item_price_in + ($quantity_added * $model_price_in),
                        'item_price_out' => $item_price_out + ($quantity_added * $model_price_out),
-                       'item_author' => $this->db->auth->get_user_id()
+                       'item_author' => $this->db->auth->get_user_id(),
+                       'item_date_bought' => date('Y-m-d'),
+                       'location_id' => 0
                ));
 
-    echo $this->html->render_insert_form('item', $columns, $selectbox, $current, $disable_cols, $action);
+    echo $this->html->render_insert_form('item', $columns, $selectbox, $current, $disable_cols, $action, $multi_insert);
                break;
 }
https://github.com/Harvie/SokoMan.git (mirrored @ Wed, 26 Jun 2024 11:40:12 +0200)
This page took 0.123782 seconds and 4 git commands to generate.