phpBMS

root/trunk/phpbms/modules/bms/invoices_attachments.php

Revision 702, 4.3 KB (checked in by brieb, 2 years ago)

Updated copyrights to 2010
  • Property svn:keywords set to LastChangedBy LastChangedDate LastChangedRevision
Line 
1<?php
2/*
3 $Rev$ | $LastChangedBy$
4 $LastChangedDate$
5 +-------------------------------------------------------------------------+
6 | Copyright (c) 2004 - 2010, Kreotek LLC                                  |
7 | All rights reserved.                                                    |
8 +-------------------------------------------------------------------------+
9 |                                                                         |
10 | Redistribution and use in source and binary forms, with or without      |
11 | modification, are permitted provided that the following conditions are  |
12 | met:                                                                    |
13 |                                                                         |
14 | - Redistributions of source code must retain the above copyright        |
15 |   notice, this list of conditions and the following disclaimer.         |
16 |                                                                         |
17 | - Redistributions in binary form must reproduce the above copyright     |
18 |   notice, this list of conditions and the following disclaimer in the   |
19 |   documentation and/or other materials provided with the distribution.  |
20 |                                                                         |
21 | - Neither the name of Kreotek LLC nor the names of its contributore may |
22 |   be used to endorse or promote products derived from this software     |
23 |   without specific prior written permission.                            |
24 |                                                                         |
25 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS     |
26 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT       |
27 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A |
28 | PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT      |
29 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,   |
30 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT        |
31 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,   |
32 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY   |
33 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT     |
34 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE   |
35 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.    |
36 |                                                                         |
37 +-------------------------------------------------------------------------+
38*/
39
40        include("../../include/session.php");
41
42
43        require_once("../../include/search_class.php");
44
45
46        //set the table passing stuff
47        $tabledefuuid = "tbld:62fe599d-c18f-3674-9e54-b62c2d6b1883";
48        if(isset($_GET["refid"])) $_GET["id"]=$_GET["refid"];
49        $refid=(integer) $_GET["id"];
50
51    $querystatement = "
52        SELECT
53            `uuid`
54        FROM
55            `invoices`
56        WHERE
57            `id` = '".$refid."'
58        ";
59
60    $queryresult = $db->query($querystatement);
61    $therecord = $db->fetchArray($queryresult);
62    $refuuid = $therecord["uuid"];
63
64    $securitywhere="";
65    if ($_SESSION["userinfo"]["admin"]!=1 && count($_SESSION["userinfo"]["roles"])>0){
66        $securitywhere = "''";
67        foreach($_SESSION["userinfo"]["roles"] as $roleuuid)
68            $securitywhere .= ",'".$roleuuid."'";
69    }//end if
70
71    $whereclause="attachments.tabledefid='".$tabledefuuid."' AND attachments.recordid='".$refuuid."'".$securitywhere;
72        $backurl="../bms/invoices_attachments.php";
73        $base="../../";
74
75        $refquery="select firstname,lastname,company from clients where id=".$refid;
76        $refquery=$db->query($refquery);
77        $refrecord=$db->fetchArray($refquery);
78
79        $refquery="SELECT
80                           invoices.id, if(clients.lastname!=\"\",concat(clients.lastname,\", \",clients.firstname,if(clients.company!=\"\",concat(\" (\",clients.company,\")\"),\"\")),clients.company) as name
81                           FROM invoices INNER JOIN clients ON invoices.clientid=clients.uuid
82                           WHERE invoices.id=".$refid;
83        $refquery=$db->query($refquery);
84        $refrecord=$db->fetchArray($refquery);
85
86        $pageTitle="Attachments: ".$refrecord["id"];
87        if($refrecord["name"] !== "")
88                $pageTitle .= ", ".$refrecord["name"];
89
90        $tabgroup="invoices entry";
91        $selectedtabid="tab:23687374-5c14-04af-74ac-0f74342e1019";
92
93        include("../base/attachments_records.php");
94
95?>
Note: See TracBrowser for help on using the browser.
phpBMS vulnerability assesment provided by Orvant Inc. Copyright © 2010 Kreotek, LLC. All Rights reserved.