Projekt

Allgemein

Profil

« Zurück | Weiter » 

Revision 936f6a7f

Von Moritz Bunkus vor fast 18 Jahren hinzugefügt

  • ID 936f6a7f56afda61115d693ede0f78144292fbee
  • Vorgänger 98ad02ca
  • Nachfolger c8d21015

Umstellung von RP.pm auf die Verwendung von parametrisierten Queries bzw. Verwendung von gequoteten Variablen zur Vermeidung von SQL injections.

Unterschiede anzeigen:

SL/RP.pm
package RP;
use SL::DBUtils;
sub balance_sheet {
$main::lxdebug->enter_sub();
......
# if there are any dates construct a where
if ($form->{asofdate}) {
$form->{this_period} = "$form->{asofdate}";
$form->{period} = "$form->{asofdate}";
$form->{period} = $form->{this_period} = conv_dateq($form->{asofdate});
}
$form->{decimalplaces} *= 1;
......
&get_accounts($dbh, $last_period, "", $form->{compareasofdate},
$form, \@categories);
$form->{last_period} = "$form->{compareasofdate}";
$form->{last_period} = conv_dateq($form->{compareasofdate});
}
......
'ml' => 1
});
foreach $category (grep { !/C/ } @categories) {
foreach my $category (grep { !/C/ } @categories) {
foreach $key (sort keys %{ $form->{$category} }) {
......
my $glwhere = "";
my $subwhere = "";
my $item;
my $sth;
my $category = "AND (";
foreach $item (@{$categories}) {
$category .= qq|c.category = '$item' OR |;
}
$category =~ s/OR $/\)/;
my $category = qq| AND (| . join(" OR ", map({ "(c.category = " . $dbh->quote($_) . ")" } @{$categories})) . qq|) |;
# get headings
$query = qq|SELECT c.accno, c.description, c.category
FROM chart c
WHERE c.charttype = 'H'
$category
ORDER by c.accno|;
$query =
qq|SELECT c.accno, c.description, c.category
FROM chart c
WHERE (c.charttype = 'H')
$category
ORDER by c.accno|;
$sth = $dbh->prepare($query);
$sth->execute || $form->dberror($query);
$sth = prepare_execute_query($form, $dbh, $query);
my @headingaccounts = ();
while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
......
$sth->finish;
if ($fromdate) {
$fromdate = conv_dateq($fromdate);
if ($form->{method} eq 'cash') {
$subwhere .= " AND transdate >= '$fromdate'";
$glwhere = " AND ac.transdate >= '$fromdate'";
$subwhere .= " AND (transdate >= $fromdate)";
$glwhere = " AND (ac.transdate >= $fromdate)";
} else {
$where .= " AND ac.transdate >= '$fromdate'";
$where .= " AND (ac.transdate >= $fromdate)";
}
}
if ($todate) {
$where .= " AND ac.transdate <= '$todate'";
$subwhere .= " AND transdate <= '$todate'";
$todate = conv_dateq($todate);
$where .= " AND (ac.transdate <= $todate)";
$subwhere .= " AND (transdate <= $todate)";
}
if ($department_id) {
$dpt_join = qq|
JOIN department t ON (a.department_id = t.id)
|;
$dpt_where = qq|
AND t.id = $department_id
|;
$dpt_join = qq| JOIN department t ON (a.department_id = t.id) |;
$dpt_where = qq| AND (t.id = | . conv_i($department_id, 'NULL') . qq|)|;
}
if ($form->{project_id}) {
$project = qq|
AND ac.project_id = $form->{project_id}
|;
$project = qq| AND (ac.project_id = | . conv_i($form->{project_id}, 'NULL') . qq|) |;
}
{ # standard account
if ($form->{method} eq 'cash') {
$query = qq|
SELECT c.accno, sum(ac.amount) AS amount,
c.description, c.category
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
JOIN ar a ON (a.id = ac.trans_id)
$dpt_join
WHERE $where
$dpt_where
$category
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE link LIKE '%AR_paid%'
$subwhere
)
$project
GROUP BY c.accno, c.description, c.category
UNION ALL
SELECT c.accno, sum(ac.amount) AS amount,
c.description, c.category
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
JOIN ap a ON (a.id = ac.trans_id)
$dpt_join
WHERE $where
$dpt_where
$category
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE link LIKE '%AP_paid%'
$subwhere
)
$project
GROUP BY c.accno, c.description, c.category
UNION ALL
SELECT c.accno, sum(ac.amount) AS amount,
c.description, c.category
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
JOIN gl a ON (a.id = ac.trans_id)
$dpt_join
WHERE $where
$glwhere
$dpt_from
$category
AND NOT (c.link = 'AR' OR c.link = 'AP')
$project
GROUP BY c.accno, c.description, c.category
|;
if ($form->{project_id}) {
$query .= qq|
UNION ALL
SELECT c.accno AS accno, SUM(ac.sellprice * ac.qty) AS amount,
c.description AS description, c.category
FROM invoice ac
JOIN ar a ON (a.id = ac.trans_id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c on (p.income_accno_id = c.id)
$dpt_join
-- use transdate from subwhere
WHERE 1 = 1 $subwhere
AND c.category = 'I'
$dpt_where
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE link LIKE '%AR_paid%'
$subwhere
)
$project
GROUP BY c.accno, c.description, c.category
UNION ALL
SELECT c.accno AS accno, SUM(ac.sellprice) AS amount,
c.description AS description, c.category
FROM invoice ac
JOIN ap a ON (a.id = ac.trans_id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c on (p.expense_accno_id = c.id)
$dpt_join
WHERE 1 = 1 $subwhere
AND c.category = 'E'
$dpt_where
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE link LIKE '%AP_paid%'
$subwhere
)
$project
GROUP BY c.accno, c.description, c.category
|;
}
} else {
if ($department_id) {
$dpt_join = qq|
JOIN dpt_trans t ON (t.trans_id = ac.trans_id)
|;
$dpt_where = qq|
AND t.department_id = $department_id
|;
}
$query = qq|
if ($form->{method} eq 'cash') {
$query =
qq|SELECT c.accno, sum(ac.amount) AS amount, c.description, c.category
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
JOIN ar a ON (a.id = ac.trans_id)
$dpt_join
WHERE $where
$dpt_where
$category
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE (link LIKE '%AR_paid%')
$subwhere
)
$project
GROUP BY c.accno, c.description, c.category
UNION ALL
SELECT c.accno, sum(ac.amount) AS amount, c.description, c.category
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
JOIN ap a ON (a.id = ac.trans_id)
$dpt_join
WHERE $where
$dpt_where
$category
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE (link LIKE '%AP_paid%')
$subwhere
)
$project
GROUP BY c.accno, c.description, c.category
UNION ALL
SELECT c.accno, sum(ac.amount) AS amount, c.description, c.category
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
JOIN gl a ON (a.id = ac.trans_id)
$dpt_join
WHERE $where
$glwhere
$dpt_from
$category
AND NOT ((c.link = 'AR') OR (c.link = 'AP'))
$project
GROUP BY c.accno, c.description, c.category |;
SELECT c.accno, sum(ac.amount) AS amount,
c.description, c.category
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
$dpt_join
WHERE $where
$dpt_where
$category
$project
GROUP BY c.accno, c.description, c.category
|;
if ($form->{project_id}) {
$query .=
qq|
UNION ALL
SELECT c.accno AS accno, SUM(ac.sellprice * ac.qty) AS amount, c.description AS description, c.category
FROM invoice ac
JOIN ar a ON (a.id = ac.trans_id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c on (p.income_accno_id = c.id)
$dpt_join
-- use transdate from subwhere
WHERE (c.category = 'I')
$subwhere
$dpt_where
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE (link LIKE '%AR_paid%')
$subwhere
)
$project
GROUP BY c.accno, c.description, c.category
UNION ALL
SELECT c.accno AS accno, SUM(ac.sellprice) AS amount, c.description AS description, c.category
FROM invoice ac
JOIN ap a ON (a.id = ac.trans_id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c on (p.expense_accno_id = c.id)
$dpt_join
WHERE (c.category = 'E')
$subwhere
$dpt_where
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE link LIKE '%AP_paid%'
$subwhere
)
$project
GROUP BY c.accno, c.description, c.category |;
}
if ($form->{project_id}) {
} else { # if ($form->{method} eq 'cash')
if ($department_id) {
$dpt_join = qq| JOIN dpt_trans t ON (t.trans_id = ac.trans_id) |;
$dpt_where = qq| AND t.department_id = $department_id |;
}
$query .= qq|
UNION ALL
SELECT c.accno AS accno, SUM(ac.sellprice * ac.qty) AS amount,
c.description AS description, c.category
FROM invoice ac
JOIN ar a ON (a.id = ac.trans_id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c on (p.income_accno_id = c.id)
$dpt_join
-- use transdate from subwhere
WHERE 1 = 1 $subwhere
AND c.category = 'I'
$dpt_where
$project
GROUP BY c.accno, c.description, c.category
UNION ALL
SELECT c.accno AS accno, SUM(ac.sellprice * ac.qty) * -1 AS amount,
c.description AS description, c.category
FROM invoice ac
JOIN ap a ON (a.id = ac.trans_id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c on (p.expense_accno_id = c.id)
$dpt_join
WHERE 1 = 1 $subwhere
AND c.category = 'E'
$dpt_where
$project
GROUP BY c.accno, c.description, c.category
|;
$query = qq|
SELECT c.accno, sum(ac.amount) AS amount, c.description, c.category
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
$dpt_join
WHERE $where
$dpt_where
$category
$project
GROUP BY c.accno, c.description, c.category |;
}
if ($form->{project_id}) {
$query .= qq|
UNION ALL
SELECT c.accno AS accno, SUM(ac.sellprice * ac.qty) AS amount, c.description AS description, c.category
FROM invoice ac
JOIN ar a ON (a.id = ac.trans_id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c on (p.income_accno_id = c.id)
$dpt_join
-- use transdate from subwhere
WHERE (c.category = 'I')
$subwhere
$dpt_where
$project
GROUP BY c.accno, c.description, c.category
UNION ALL
SELECT c.accno AS accno, SUM(ac.sellprice * ac.qty) * -1 AS amount, c.description AS description, c.category
FROM invoice ac
JOIN ap a ON (a.id = ac.trans_id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c on (p.expense_accno_id = c.id)
$dpt_join
WHERE (c.category = 'E')
$subwhere
$dpt_where
$project
GROUP BY c.accno, c.description, c.category |;
}
}
......
my $accno;
my $ref;
my $sth = $dbh->prepare($query);
$sth->execute || $form->dberror($query);
my $sth = prepare_execute_query($form, $dbh, $query);
while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
......
my $item;
if ($fromdate) {
$fromdate = conv_dateq($fromdate);
if ($form->{method} eq 'cash') {
$subwhere .= " AND transdate >= '$fromdate'";
$glwhere = " AND ac.transdate >= '$fromdate'";
$prwhere = " AND ar.transdate >= '$fromdate'";
$subwhere .= " AND (transdate >= $fromdate)";
$glwhere = " AND (ac.transdate >= $fromdate)";
$prwhere = " AND (ar.transdate >= $fromdate)";
} else {
$where .= " AND ac.transdate >= '$fromdate'";
$where .= " AND (ac.transdate >= $fromdate)";
}
}
if ($todate) {
$where .= " AND ac.transdate <= '$todate'";
$subwhere .= " AND transdate <= '$todate'";
$prwhere .= " AND ar.transdate <= '$todate'";
$todate = conv_dateq($todate);
$where .= " AND (ac.transdate <= $todate)";
$subwhere .= " AND (transdate <= $todate)";
$prwhere .= " AND (ar.transdate <= $todate)";
}
if ($department_id) {
$dpt_join = qq|
JOIN department t ON (a.department_id = t.id)
|;
$dpt_where = qq|
AND t.id = $department_id
|;
$dpt_join = qq| JOIN department t ON (a.department_id = t.id) |;
$dpt_where = qq| AND (t.id = | . conv_i($department_id, 'NULL') . qq|) |;
}
if ($form->{project_id}) {
$project = qq|
AND ac.project_id = $form->{project_id}
|;
$project = qq| AND (ac.project_id = | . conv_i($form->{project_id}) . qq|) |;
}
if ($form->{method} eq 'cash') {
$query = qq|
SELECT sum(ac.amount) AS amount,
c.$category
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
JOIN ar a ON (a.id = ac.trans_id)
$dpt_join
WHERE $where
$dpt_where
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE link LIKE '%AR_paid%'
$subwhere
)
$project
GROUP BY c.$category
UNION
SELECT sum(ac.amount) AS amount,
c.$category
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
JOIN ap a ON (a.id = ac.trans_id)
$dpt_join
WHERE $where
$dpt_where
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE link LIKE '%AP_paid%'
$subwhere
)
$project
GROUP BY c.$category
UNION
SELECT sum(ac.amount) AS amount,
c.$category
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
JOIN gl a ON (a.id = ac.trans_id)
$dpt_join
WHERE $where
$glwhere
$dpt_from
AND NOT (c.link = 'AR' OR c.link = 'AP')
$project
GROUP BY c.$category
|;
$query =
qq|SELECT sum(ac.amount) AS amount, c.$category
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
JOIN ar a ON (a.id = ac.trans_id)
$dpt_join
WHERE $where
$dpt_where
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE (link LIKE '%AR_paid%')
$subwhere
)
$project
GROUP BY c.$category
UNION
SELECT sum(ac.amount) AS amount, c.$category
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
JOIN ap a ON (a.id = ac.trans_id)
$dpt_join
WHERE $where
$dpt_where
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE (link LIKE '%AP_paid%')
$subwhere
)
$project
GROUP BY c.$category
UNION
SELECT sum(ac.amount) AS amount, c.$category
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
JOIN gl a ON (a.id = ac.trans_id)
$dpt_join
WHERE $where
$glwhere
$dpt_from
AND NOT ((c.link = 'AR') OR (c.link = 'AP'))
$project
GROUP BY c.$category |;
if ($form->{project_id}) {
$query .= qq|
UNION
SELECT SUM(ac.sellprice * ac.qty) AS amount,
c.$category
FROM invoice ac
JOIN ar a ON (a.id = ac.trans_id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c on (p.income_accno_id = c.id)
$dpt_join
WHERE 1 = 1 $prwhere
AND c.category = 'I'
$dpt_where
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE link LIKE '%AR_paid%'
$subwhere
)
$project
GROUP BY c.$category
UNION
SELECT SUM(ac.sellprice) AS amount,
c.$category
FROM invoice ac
JOIN ap a ON (a.id = ac.trans_id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c on (p.expense_accno_id = c.id)
$dpt_join
WHERE 1 = 1 $prwhere
AND c.category = 'E'
$dpt_where
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE link LIKE '%AP_paid%'
$subwhere
)
$project
GROUP BY c.$category
|;
UNION
SELECT SUM(ac.sellprice * ac.qty) AS amount, c.$category
FROM invoice ac
JOIN ar a ON (a.id = ac.trans_id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c on (p.income_accno_id = c.id)
$dpt_join
WHERE (c.category = 'I')
$prwhere
$dpt_where
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE (link LIKE '%AR_paid%')
$subwhere
)
$project
GROUP BY c.$category
UNION
SELECT SUM(ac.sellprice) AS amount, c.$category
FROM invoice ac
JOIN ap a ON (a.id = ac.trans_id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c on (p.expense_accno_id = c.id)
$dpt_join
WHERE (c.category = 'E') $prwhere
$dpt_where
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE (link LIKE '%AP_paid%')
$subwhere
)
$project
GROUP BY c.$category |;
}
} else {
} else { # if ($form->{method} eq 'cash')
if ($department_id) {
$dpt_join = qq|
JOIN dpt_trans t ON (t.trans_id = ac.trans_id)
|;
$dpt_where = qq|
AND t.department_id = $department_id
|;
$dpt_join = qq| JOIN dpt_trans t ON (t.trans_id = ac.trans_id) |;
$dpt_where = qq| AND (t.department_id = | . conv_i($department_id, 'NULL') . qq|) |;
}
$query = qq|
SELECT sum(ac.amount) AS amount,
c.$category
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
$dpt_join
WHERE $where
$dpt_where
$project
GROUP BY c.$category
|;
SELECT sum(ac.amount) AS amount, c.$category
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
$dpt_join
WHERE $where
$dpt_where
$project
GROUP BY c.$category |;
if ($form->{project_id}) {
$query .= qq|
UNION
UNION
SELECT SUM(ac.sellprice * ac.qty) AS amount,
c.$category
FROM invoice ac
JOIN ar a ON (a.id = ac.trans_id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c on (p.income_accno_id = c.id)
$dpt_join
WHERE 1 = 1 $prwhere
AND c.category = 'I'
$dpt_where
$project
GROUP BY c.$category
UNION
SELECT SUM(ac.sellprice * ac.qty) * -1 AS amount,
c.$category
FROM invoice ac
JOIN ap a ON (a.id = ac.trans_id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c on (p.expense_accno_id = c.id)
$dpt_join
WHERE 1 = 1 $prwhere
AND c.category = 'E'
$dpt_where
$project
GROUP BY c.$category
|;
SELECT SUM(ac.sellprice * ac.qty) AS amount, c.$category
FROM invoice ac
JOIN ar a ON (a.id = ac.trans_id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c on (p.income_accno_id = c.id)
$dpt_join
WHERE (c.category = 'I')
$prwhere
$dpt_where
$project
GROUP BY c.$category
UNION
SELECT SUM(ac.sellprice * ac.qty) * -1 AS amount, c.$category
FROM invoice ac
JOIN ap a ON (a.id = ac.trans_id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c on (p.expense_accno_id = c.id)
$dpt_join
WHERE (c.category = 'E')
$prwhere
$dpt_where
$project
GROUP BY c.$category |;
}
}
......
my $ref;
#print $query;
my $sth = $dbh->prepare($query);
$sth->execute || $form->dberror($query);
my $sth = prepare_execute_query($form, $dbh, $query);
while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
if ($ref->{amount} < 0) {
......
my $invwhere = $where;
if ($department_id) {
$dpt_join = qq|
JOIN dpt_trans t ON (ac.trans_id = t.trans_id)
|;
$dpt_where = qq|
AND t.department_id = $department_id
|;
$dpt_join = qq| JOIN dpt_trans t ON (ac.trans_id = t.trans_id) |;
$dpt_where = qq| AND (t.department_id = | . conv_i($department_id, 'NULL') . qq|) |;
}
# project_id only applies to getting transactions
......
# but we use the same function to collect information
if ($form->{project_id}) {
$project = qq|
AND ac.project_id = $form->{project_id}
|;
$project = qq| AND ac.project_id = | . conv_i($form->{project_id}, 'NULL') . qq|) |;
}
# get beginning balances
if ($form->{fromdate}) {
$query = qq|SELECT c.accno, c.category, SUM(ac.amount) AS amount,
c.description
FROM acc_trans ac
JOIN chart c ON (ac.chart_id = c.id)
$dpt_join
WHERE ac.transdate < '$form->{fromdate}'
$dpt_where
$project
GROUP BY c.accno, c.category, c.description
|;
$sth = $dbh->prepare($query);
$sth->execute || $form->dberror($query);
$query =
qq|SELECT c.accno, c.category, SUM(ac.amount) AS amount, c.description
FROM acc_trans ac
JOIN chart c ON (ac.chart_id = c.id)
$dpt_join
WHERE (ac.transdate < ?)
$dpt_where
$project
GROUP BY c.accno, c.category, c.description |;
$sth = prepare_execute_query($form, $dbh, $query, $form->{fromdate});
while (my $ref = $sth->fetchrow_hashref(NAME_lc)) {
$balance{ $ref->{accno} } = $ref->{amount};
......
}
# get headings
$query = qq|SELECT c.accno, c.description, c.category
FROM chart c
WHERE c.charttype = 'H'
ORDER by c.accno|;
$query =
qq|SELECT c.accno, c.description, c.category
FROM chart c
WHERE c.charttype = 'H'
ORDER by c.accno|;
$sth = $dbh->prepare($query);
$sth->execute || $form->dberror($query);
$sth = prepare_execute_query($form, $dbh, $query);
while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
$trb{ $ref->{accno} }{description} = $ref->{description};
......
$sth->finish;
$where = " 1 = 1 ";
my $tofrom;
if ($form->{fromdate} || $form->{todate}) {
if ($form->{fromdate}) {
$tofrom .= " AND ac.transdate >= '$form->{fromdate}'";
$subwhere .= " AND transdate >= '$form->{fromdate}'";
$invwhere .= " AND a.transdate >= '$form->{fromdate}'";
$glwhere = " AND ac.transdate >= '$form->{fromdate}'";
my $fromdate = conv_dateq($form->{fromdate});
$tofrom .= " AND (ac.transdate >= $fromdate)";
$subwhere .= " AND (transdate >= $fromdate)";
$invwhere .= " AND (a.transdate >= $fromdate)";
$glwhere = " AND (ac.transdate >= $fromdate)";
}
if ($form->{todate}) {
$tofrom .= " AND ac.transdate <= '$form->{todate}'";
$invwhere .= " AND a.transdate <= '$form->{todate}'";
$subwhere .= " AND transdate <= '$form->{todate}'";
$glwhere .= " AND ac.transdate <= '$form->{todate}'";
my $todate = conv_dateq($form->{todate});
$tofrom .= " AND (ac.transdate <= $todate)";
$invwhere .= " AND (a.transdate <= $todate)";
$subwhere .= " AND (transdate <= $todate)";
$glwhere .= " AND (ac.transdate <= $todate)";
}
}
if ($form->{eur}) {
$where .= qq| AND ((ac.trans_id in (SELECT id from ar)
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE link LIKE '%AR_paid%'
$subwhere
)) OR (ac.trans_id in (SELECT id from ap)
AND ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE link LIKE '%AP_paid%'
$subwhere
)) OR (ac.trans_id in (SELECT id from gl)
$glwhere))|;
$where .=
qq| AND ((ac.trans_id IN (SELECT id from ar) AND
ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE (link LIKE '%AR_paid%')
$subwhere
)
)
OR
(ac.trans_id in (SELECT id from ap) AND
ac.trans_id IN
(
SELECT trans_id
FROM acc_trans
JOIN chart ON (chart_id = id)
WHERE (link LIKE '%AP_paid%')
$subwhere
)
)
OR
(ac.trans_id in (SELECT id from gl)
$glwhere)
)|;
} else {
$where .= $tofrom;
}
{
$query = qq|SELECT c.accno, c.description, c.category,
SUM(ac.amount) AS amount
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
$dpt_join
WHERE $where
$dpt_where
$project
GROUP BY c.accno, c.description, c.category
|;
if ($form->{project_id}) {
$query .= qq|
-- add project transactions from invoice
UNION ALL
SELECT c.accno, c.description, c.category,
SUM(ac.sellprice * ac.qty) AS amount
FROM invoice ac
JOIN ar a ON (ac.trans_id = a.id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c ON (p.income_accno_id = c.id)
$dpt_join
WHERE $invwhere
$dpt_where
$project
GROUP BY c.accno, c.description, c.category
UNION ALL
SELECT c.accno, c.description, c.category,
SUM(ac.sellprice * ac.qty) * -1 AS amount
FROM invoice ac
JOIN ap a ON (ac.trans_id = a.id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c ON (p.expense_accno_id = c.id)
$dpt_join
WHERE $invwhere
$dpt_where
$project
GROUP BY c.accno, c.description, c.category
|;
}
$query .= qq|
ORDER BY accno|;
}
$sth = $dbh->prepare($query);
$sth->execute || $form->dberror($query);
# prepare query for each account
$query = qq|SELECT (SELECT SUM(ac.amount) * -1
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
$dpt_join
WHERE $where
$dpt_where
$project
AND ac.amount < 0
AND c.accno = ?) AS debit,
(SELECT SUM(ac.amount)
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
$dpt_join
WHERE $where
$dpt_where
$project
AND ac.amount > 0
AND c.accno = ?) AS credit
|;
$drcr = $dbh->prepare($query);
$query = qq|
SELECT c.accno, c.description, c.category, SUM(ac.amount) AS amount
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
$dpt_join
WHERE $where
$dpt_where
$project
GROUP BY c.accno, c.description, c.category |;
if ($form->{project_id}) {
$query .= qq|
-- add project transactions from invoice
UNION ALL
SELECT c.accno, c.description, c.category, SUM(ac.sellprice * ac.qty) AS amount
FROM invoice ac
JOIN ar a ON (ac.trans_id = a.id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c ON (p.income_accno_id = c.id)
$dpt_join
WHERE $invwhere
$dpt_where
$project
GROUP BY c.accno, c.description, c.category
UNION ALL
SELECT c.accno, c.description, c.category, SUM(ac.sellprice * ac.qty) * -1 AS amount
FROM invoice ac
JOIN ap a ON (ac.trans_id = a.id)
JOIN parts p ON (ac.parts_id = p.id)
JOIN chart c ON (p.expense_accno_id = c.id)
$dpt_join
WHERE $invwhere
$dpt_where
$project
GROUP BY c.accno, c.description, c.category
|;
}
# prepare query for each account
$query = qq|SELECT (SELECT SUM(ac.sellprice * ac.qty) * -1
FROM invoice ac
JOIN parts p ON (ac.parts_id = p.id)
JOIN ap a ON (ac.trans_id = a.id)
JOIN chart c ON (p.expense_accno_id = c.id)
$dpt_join
WHERE $invwhere
$dpt_where
$project
AND c.accno = ?) AS debit,
(SELECT SUM(ac.sellprice * ac.qty)
FROM invoice ac
JOIN parts p ON (ac.parts_id = p.id)
JOIN ar a ON (ac.trans_id = a.id)
JOIN chart c ON (p.income_accno_id = c.id)
$dpt_join
WHERE $invwhere
$dpt_where
$project
AND c.accno = ?) AS credit
|;
$project_drcr = $dbh->prepare($query);
$query .= qq| ORDER BY accno|;
}
$sth = prepare_execute_query($form, $dbh, $query);
# calculate the debit and credit in the period
while ($ref = $sth->fetchrow_hashref(NAME_lc)) {
......
}
$sth->finish;
# prepare query for each account
my ($q_drcr, $drcr, $q_project_drcr, $project_drcr);
$q_drcr =
qq|SELECT
(SELECT SUM(ac.amount) * -1
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
$dpt_join
WHERE $where
$dpt_where
$project
AND (ac.amount < 0)
AND (c.accno = ?)) AS debit,
(SELECT SUM(ac.amount)
FROM acc_trans ac
JOIN chart c ON (c.id = ac.chart_id)
$dpt_join
WHERE $where
$dpt_where
$project
AND ac.amount > 0
AND c.accno = ?) AS credit |;
$drcr = prepare_query($form, $dbh, $q_drcr);
if ($form->{project_id}) {
# prepare query for each account
$q_project_drcr =
qq|SELECT
(SELECT SUM(ac.sellprice * ac.qty) * -1
FROM invoice ac
JOIN parts p ON (ac.parts_id = p.id)
JOIN ap a ON (ac.trans_id = a.id)
JOIN chart c ON (p.expense_accno_id = c.id)
$dpt_join
WHERE $invwhere
$dpt_where
$project
AND c.accno = ?) AS debit,
(SELECT SUM(ac.sellprice * ac.qty)
FROM invoice ac
JOIN parts p ON (ac.parts_id = p.id)
JOIN ar a ON (ac.trans_id = a.id)
JOIN chart c ON (p.income_accno_id = c.id)
$dpt_join
WHERE $invwhere
$dpt_where
$project
AND c.accno = ?) AS credit |;
$project_drcr = prepare_query($form, $dbh, $q_project_drcr);
}
my ($debit, $credit);
foreach my $accno (sort keys %trb) {
$ref = ();
$ref = {};
$ref->{accno} = $accno;
map { $ref->{$_} = $trb{$accno}{$_} }
......
if ($trb{$accno}{charttype} eq 'A') {
# get DR/CR
$drcr->execute($ref->{accno}, $ref->{accno}) || $form->dberror($query);
do_statement($form, $drcr, $q_drcr, $ref->{accno}, $ref->{accno});
($debit, $credit) = (0, 0);
while (($debit, $credit) = $drcr->fetchrow_array) {
......
if ($form->{project_id}) {
# get DR/CR
$project_drcr->execute($ref->{accno}, $ref->{accno})
|| $form->dberror($query);
do_statement($form, $project_drcr, $q_project_drcr, $ref->{accno}, $ref->{accno});
($debit, $credit) = (0, 0);
while (($debit, $credit) = $project_drcr->fetchrow_array) {
......
sub get_storno {
$main::lxdebug->enter_sub();
my ($self, $dbh, $form) = @_;
my $query = qq|SELECT invnumber FROM $form->{arap} WHERE invnumber LIKE "Storno zu "|;
my $arap = $form->{arap} eq "ar" ? "ar" : "ap";
my $query = qq|SELECT invnumber FROM $arap WHERE invnumber LIKE "Storno zu "|;
my $sth = $dbh->prepare($query);
while(my $ref = $sth->fetchrow_hashref()) {
$ref->{invnumer} =~ s/Storno zu //g;
$ref->{invnumer} =~ s/Storno zu //g;
$form->{storno}{$ref->{invnumber}} = 1;
}
$main::lxdebug->leave_sub();
......
# connect to database
my $dbh = $form->dbconnect($myconfig);
my $invoice = ($form->{arap} eq 'ar') ? 'is' : 'ir';
my ($invoice, $arap, $buysell, $ct, $ct_id);
if ($form->{ct} eq "customer") {
$invoice = "is";
$arap = "ar";
$buysell = "buy";
$ct = "customer";
} else {
$invoice = "ir";
$arap = "ap";
$buysell = "sell";
$ct = "vendor";
}
$ct_id = "${ct}_id";
$form->{todate} = $form->current_date($myconfig) unless ($form->{todate});
my $todate = conv_dateq($form->{todate});
my $where = " 1 = 1 ";
my ($name, $null);
if ($form->{"$form->{ct}_id"}) {
$where .= qq| AND ct.id = $form->{"$form->{ct}_id"}|;
} else {
if ($form->{ $form->{ct} }) {
$name = $form->like(lc $form->{ $form->{ct} });
$where .= qq| AND lower(ct.name) LIKE '$name'| if $form->{ $form->{ct} };
}
if ($form->{$ct_id}) {
$where .= qq| AND (ct.id = | . conv_i($form->{$ct_id}) . qq|)|;
} elsif ($form->{ $form->{ct} }) {
$where .= qq| AND (ct.name ILIKE | . $dbh->quote('%' . $form->{$ct} . '%') . qq|)|;
}
my $dpt_join;
if ($form->{department}) {
($null, $department_id) = split /--/, $form->{department};
$dpt_join = qq|
JOIN department d ON (a.department_id = d.id)
|;
$where .= qq| AND a.department_id = $department_id|;
}
$dpt_join = qq| JOIN department d ON (a.department_id = d.id) |;
$where .= qq| AND (a.department_id = | . conv_i($department_id, 'NULL') . qq|)|;
}
my $q_details = qq|
-- between 0-30 days
SELECT ${ct}.id AS ctid, ${ct}.name,
street, zipcode, city, country, contact, email,
phone as customerphone, fax as customerfax, ${ct}number,
"invnumber", "transdate",
(amount - paid) as "c0", 0.00 as "c30", 0.00 as "c60", 0.00 as "c90",
"duedate", invoice, ${arap}.id,
(SELECT $buysell
FROM exchangerate
WHERE (${arap}.curr = exchangerate.curr)
AND (exchangerate.transdate = ${arap}.transdate)) AS exchangerate
FROM ${arap}, ${ct}
WHERE (paid != amount)
AND (${arap}.storno IS FALSE)
AND (${arap}.${ct}_id = ${ct}.id)
AND (${ct}.id = ?)
AND (transdate <= (date $todate - interval '0 days'))
AND (transdate >= (date $todate - interval '30 days'))
UNION
-- between 31-60 days
SELECT ${ct}.id AS ctid, ${ct}.name,
street, zipcode, city, country, contact, email,
phone as customerphone, fax as customerfax, ${ct}number,
"invnumber", "transdate",
0.00 as "c0", (amount - paid) as "c30", 0.00 as "c60", 0.00 as "c90",
"duedate", invoice, ${arap}.id,
(SELECT $buysell
FROM exchangerate
WHERE (${arap}.curr = exchangerate.curr)
AND (exchangerate.transdate = ${arap}.transdate)) AS exchangerate
FROM ${arap}, ${ct}
WHERE (paid != amount)
AND (${arap}.storno IS FALSE)
AND (${arap}.${ct}_id = ${ct}.id)
AND (${ct}.id = ?)
AND (transdate < (date $todate - interval '30 days'))
AND (transdate >= (date $todate - interval '60 days'))
UNION
-- between 61-90 days
SELECT ${ct}.id AS ctid, ${ct}.name,
street, zipcode, city, country, contact, email,
phone as customerphone, fax as customerfax, ${ct}number,
"invnumber", "transdate",
0.00 as "c0", 0.00 as "c30", (amount - paid) as "c60", 0.00 as "c90",
"duedate", invoice, ${arap}.id,
(SELECT $buysell
FROM exchangerate
WHERE (${arap}.curr = exchangerate.curr)
AND (exchangerate.transdate = ${arap}.transdate)) AS exchangerate
FROM ${arap}, ${ct}
WHERE (paid != amount)
AND (${arap}.storno IS FALSE)
AND (${arap}.${ct}_id = ${ct}.id)
AND (${ct}.id = ?)
AND (transdate < (date $todate - interval '60 days'))
AND (transdate >= (date $todate - interval '90 days'))
UNION
-- over 90 days
SELECT ${ct}.id AS ctid, ${ct}.name,
street, zipcode, city, country, contact, email,
phone as customerphone, fax as customerfax, ${ct}number,
"invnumber", "transdate",
0.00 as "c0", 0.00 as "c30", 0.00 as "c60", (amount - paid) as "c90",
"duedate", invoice, ${arap}.id,
(SELECT $buysell
FROM exchangerate
WHERE (${arap}.curr = exchangerate.curr)
AND (exchangerate.transdate = ${arap}.transdate)) AS exchangerate
FROM ${arap}, ${ct}
WHERE (paid != amount)
AND (${arap}.storno IS FALSE)
AND (${arap}.${ct}_id = ${ct}.id)
AND (${ct}.id = ?)
AND (transdate < (date $todate - interval '90 days'))
ORDER BY ctid, transdate, invnumber |;
my $sth_details = prepare_query($form, $dbh, $q_details);
# select outstanding vendors or customers, depends on $ct
my $query = qq|SELECT DISTINCT ct.id, ct.name
FROM $form->{ct} ct, $form->{arap} a
$dpt_join
WHERE $where
AND a.$form->{ct}_id = ct.id
AND a.paid != a.amount
AND (a.transdate <= '$form->{todate}')
ORDER BY ct.name|;
my $sth = $dbh->prepare($query);
$sth->execute || $form->dberror;
my $buysell = ($form->{arap} eq 'ar') ? 'buy' : 'sell';
my $query =
qq|SELECT DISTINCT ct.id, ct.name
FROM $ct ct, $arap a
$dpt_join
WHERE $where
AND (a.${ct_id} = ct.id)
AND (a.paid != a.amount)
AND (a.transdate <= $todate)
ORDER BY ct.name|;
my $sth = prepare_execute_query($form, $dbh, $query);
$form->{AG} = [];
# for each company that has some stuff outstanding
while (my ($id) = $sth->fetchrow_array) {
do_statement($form, $sth_details, $q_details, $id, $id, $id, $id);
$query = qq|
-- between 0-30 days
SELECT $form->{ct}.id AS ctid, $form->{ct}.name,
street, zipcode, city, country, contact, email,
phone as customerphone, fax as customerfax, $form->{ct}number,
"invnumber", "transdate",
(amount - paid) as "c0", 0.00 as "c30", 0.00 as "c60", 0.00 as "c90",
"duedate", invoice, $form->{arap}.id,
(SELECT $buysell FROM exchangerate
WHERE $form->{arap}.curr = exchangerate.curr
AND exchangerate.transdate = $form->{arap}.transdate) AS exchangerate
FROM $form->{arap}, $form->{ct}
WHERE paid != amount
AND $form->{arap}.storno IS FALSE
AND $form->{arap}.$form->{ct}_id = $form->{ct}.id
AND $form->{ct}.id = $id
AND (
transdate <= (date '$form->{todate}' - interval '0 days')
AND transdate >= (date '$form->{todate}' - interval '30 days')
)
UNION
-- between 31-60 days
SELECT $form->{ct}.id AS ctid, $form->{ct}.name,
street, zipcode, city, country, contact, email,
phone as customerphone, fax as customerfax, $form->{ct}number,
"invnumber", "transdate",
0.00 as "c0", (amount - paid) as "c30", 0.00 as "c60", 0.00 as "c90",
"duedate", invoice, $form->{arap}.id,
(SELECT $buysell FROM exchangerate
WHERE $form->{arap}.curr = exchangerate.curr
AND exchangerate.transdate = $form->{arap}.transdate) AS exchangerate
FROM $form->{arap}, $form->{ct}
WHERE paid != amount
AND $form->{arap}.storno IS FALSE
AND $form->{arap}.$form->{ct}_id = $form->{ct}.id
AND $form->{ct}.id = $id
AND (
transdate < (date '$form->{todate}' - interval '30 days')
AND transdate >= (date '$form->{todate}' - interval '60 days')
)
UNION
-- between 61-90 days
SELECT $form->{ct}.id AS ctid, $form->{ct}.name,
street, zipcode, city, country, contact, email,
phone as customerphone, fax as customerfax, $form->{ct}number,
"invnumber", "transdate",
0.00 as "c0", 0.00 as "c30", (amount - paid) as "c60", 0.00 as "c90",
"duedate", invoice, $form->{arap}.id,
(SELECT $buysell FROM exchangerate
WHERE $form->{arap}.curr = exchangerate.curr
AND exchangerate.transdate = $form->{arap}.transdate) AS exchangerate
FROM $form->{arap}, $form->{ct}
WHERE paid != amount
AND $form->{arap}.storno IS FALSE
AND $form->{arap}.$form->{ct}_id = $form->{ct}.id
AND $form->{ct}.id = $id
AND (
transdate < (date '$form->{todate}' - interval '60 days')
AND transdate >= (date '$form->{todate}' - interval '90 days')
)
UNION
-- over 90 days
SELECT $form->{ct}.id AS ctid, $form->{ct}.name,
street, zipcode, city, country, contact, email,
phone as customerphone, fax as customerfax, $form->{ct}number,
"invnumber", "transdate",
0.00 as "c0", 0.00 as "c30", 0.00 as "c60", (amount - paid) as "c90",
"duedate", invoice, $form->{arap}.id,
(SELECT $buysell FROM exchangerate
WHERE $form->{arap}.curr = exchangerate.curr
AND exchangerate.transdate = $form->{arap}.transdate) AS exchangerate
FROM $form->{arap}, $form->{ct}
... Dieser Diff wurde abgeschnitten, weil er die maximale Anzahl anzuzeigender Zeilen überschreitet.

Auch abrufbar als: Unified diff