Revision 4cba27b6
Von G. Richardson vor mehr als 12 Jahren hinzugefügt
| SL/VK.pm | ||
|---|---|---|
| 77 | 77 |
# Bestandteile von Erzeugnissen herausfiltern |
| 78 | 78 |
$where .= " AND i.assemblyitem is not true "; |
| 79 | 79 |
|
| 80 |
my $sortorder; |
|
| 80 |
# filter allowed parameters for mainsort and subsort as passed by POST |
|
| 81 |
my @databasefields = qw(description customername country partsgroup business salesman month); |
|
| 82 |
my ($mainsort) = grep { /^$form->{mainsort}$/ } @databasefields;
|
|
| 83 |
my ($subsort) = grep { /^$form->{subsort}$/ } @databasefields;
|
|
| 84 |
die "illegal parameter for mainsort or subsort" unless $mainsort and $subsort; |
|
| 81 | 85 |
|
| 86 |
my $sortorder; |
|
| 82 | 87 |
# sorting by month is a special case, we don't want to sort alphabetically by |
| 83 | 88 |
# month name, so we also extract a numerical month in the from YYYYMM to sort |
| 84 | 89 |
# by in case of month sorting |
| ... | ... | |
| 88 | 93 |
if ($form->{mainsort} eq 'month') {
|
| 89 | 94 |
$sortorder .= "nummonth," |
| 90 | 95 |
} else {
|
| 91 |
$sortorder .= $form->{mainsort} . ",";
|
|
| 96 |
$sortorder .= $mainsort . ",";
|
|
| 92 | 97 |
}; |
| 93 | 98 |
if ($form->{subsort} eq 'month') {
|
| 94 | 99 |
$sortorder .= "nummonth," |
| 95 | 100 |
} else {
|
| 96 |
$sortorder .= $form->{subsort} . ",";
|
|
| 101 |
$sortorder .= $subsort . ",";
|
|
| 97 | 102 |
}; |
| 98 | 103 |
$sortorder .= 'ar.transdate,ar.invnumber'; # Default sorting order after mainsort und subsort |
| 99 | 104 |
|
| 100 |
|
|
| 101 | 105 |
if ($form->{customer_id}) {
|
| 102 | 106 |
$where .= " AND ar.customer_id = ?"; |
| 103 | 107 |
push(@values, $form->{customer_id});
|
Auch abrufbar als: Unified diff
Erlaubte Sortierparameter für Verkaufsbericht filtern
Parameter nicht ungeprüft übergeben, aber Liste der erlauben Parameter muß
gepflegt werden.