From 4ece8e8078c74faac1037693e70656a8a50cb778 Mon Sep 17 00:00:00 2001
From: Thomas Mudrunka <tomas@mudrunka.cz>
Date: Fri, 21 Oct 2011 19:40:04 +0200
Subject: [PATCH] pridany dalsi relacni linky

---
 assistants/sell.inc.php | 3 ++-
 index.php               | 3 +++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/assistants/sell.inc.php b/assistants/sell.inc.php
index 26f9631..33b08e5 100644
--- a/assistants/sell.inc.php
+++ b/assistants/sell.inc.php
@@ -14,8 +14,9 @@ $hide_cols_common = array_merge($hide_cols_additional,array('status_id','item_pr
 
 switch($SUBPATH[0]) {
 	default: case 1:
+		$serial = isset($_GET['serial']) ? htmlspecialchars($_GET['serial']) : ''; //TODO: XSS
 		echo $this->html->form("$URL/2", 'GET', array(
-			array('serial','','text',false,'autofocus','item_serial:'),
+			array('serial',$serial,'text',false,'autofocus','item_serial:'),
 			array('quantity','1','text',false,false,'quantity:'),
 			array(false,$button_label,'submit')
 		));
diff --git a/index.php b/index.php
index b37ab51..7361d30 100755
--- a/index.php
+++ b/index.php
@@ -298,6 +298,9 @@ EOF;
 				'model_id' => array(array('item',$where_url)),
 				'model_barcode' => array(array('store','assistant/%d?barcode=%v'))
 			),
+			'item' => array(
+				'item_serial' => array(array('dispose','assistant/%d?serial=%v'),array('sell','assistant/%d?serial=%v'))
+			),
 			'category' => array('category_id' => array(array('item',$where_url))),
 			'producer' => array('producer_id' => array(array('item',$where_url))),
 			'vendor' => array('vendor_id' => array(array('item',$where_url))),
-- 
2.30.2