Changeset 901 for trunk/Modules/Finance/UserState.php

Timestamp:

Feb 17, 2021, 9:27:32 PM (4 years ago)

Author:

chronos

Message:

• Added: Documents section accessible from users panel.
• Added: Contract model moved to separate module Contract.
• Added: New action to generate PDF from Contract.
• Fixed: Allow users to download files only by hash instead of direct id.
• Added: Support for SHA1 as allowed mysql function.

File:

• trunk/Modules/Finance/UserState.php (modified) (5 diffs)

trunk/Modules/Finance/UserState.php

@@ -11 +11 @@
   }
 
-  function ShowFinanceOperation(int $Subject): string
+  function ShowFinanceOperation(int $SubjectId): string
   {
-    $UserOperationTableQuery = '((SELECT `Text`, `Time`, `Value`, `File`, `BillCode`, NULL AS `PeriodFrom`, NULL AS `PeriodTo`, `DocumentLineCode`.`Name` AS `BillName` '.
+    $UserOperationTableQuery = '((SELECT `Text`, `FinanceOperation`.`Time`, `Value`, `File`.`Hash` AS `FileHash`, `BillCode`, NULL AS `PeriodFrom`, NULL AS `PeriodTo`, `DocumentLineCode`.`Name` AS `BillName` '.
       'FROM `FinanceOperation` '.
       'LEFT JOIN `DocumentLineCode` ON `DocumentLineCode`.`Id`=`FinanceOperation`.`BillCode` '.
-      'WHERE (`Subject`='.$Subject['Id'].') '.
+      'LEFT JOIN `File` ON `File`.`Id`=`FinanceOperation`.`File` '.
+      'WHERE (`Subject`='.$SubjectId.') '.
       ') UNION ALL '.
       '(SELECT (SELECT GROUP_CONCAT(`Description` SEPARATOR ",") FROM `FinanceInvoiceItem` WHERE `FinanceInvoice`=`FinanceInvoice`.`Id`) AS `Text`, '.
-      '`Time`, -`Value`, `File`, `BillCode`, `PeriodFrom`, `PeriodTo`, `DocumentLineCode`.`Name` AS `BillName` FROM `FinanceInvoice` '.
+      '`FinanceInvoice`.`Time`, -`Value`, `File`.`Hash` AS `FileHash`, `BillCode`, `PeriodFrom`, `PeriodTo`, `DocumentLineCode`.`Name` AS `BillName` '.
+      'FROM `FinanceInvoice` '.
       'LEFT JOIN `DocumentLineCode` ON `DocumentLineCode`.`Id`=`FinanceInvoice`.`BillCode` '.
-      'WHERE (`Subject`='.$Subject['Id'].') AND (`VisibleToUser` = 1)))';
+      'LEFT JOIN `File` ON `File`.`Id`=`FinanceInvoice`.`File` '.
+      'WHERE (`Subject`='.$SubjectId.') AND (`VisibleToUser` = 1)))';
 
     $Output = '<div style="text-align:center">Výpis finančních operací</div>';
@@ -56 +59 @@
       if ($Row['Value'] > 0) $Row['Value'] = '+'.$Row['Value'];
       if ($Row['BillName'] == '') $Row['BillName'] = 'PDF';
-      if ($Row['File'] > 0) $Invoice = '<a href="'.$this->System->Link('/file?id='.$Row['File']).'">'.$Row['BillName'].'</a>';
+      if ($Row['FileHash'] != '') $Invoice = '<a href="'.$this->System->Link('/file?h='.$Row['FileHash']).'">'.$Row['BillName'].'</a>';
         else $Invoice = NotBlank($Row['BillName']);
       if ($Row['PeriodFrom'] != '') $Period = HumanDate($Row['PeriodFrom']).' - '.HumanDate($Row['PeriodTo']);
@@ -102 +105 @@
     } else return $this->SystemMessage('Položka nenalezena', 'Zákazník nenalezen');
 
-
     // Load subject info
     $DbResult = $this->Database->query('SELECT * FROM `Subject` WHERE `Id`='.$Customer['Subject']);
@@ -109 +111 @@
       $Subject = $DbResult->fetch_assoc();
     } else return $this->SystemMessage('Položka nenalezena', 'Subjekt nenalezen');
-
 
     $Output = '<table width="100%" border="0" cellspacing="0" cellpadding="3"><tr><td valign="top">';
@@ -124 +125 @@
 
     // Tabulka operaci
-    $Output .= $this->ShowFinanceOperation($Subject);
+    $Output .= $this->ShowFinanceOperation($Subject['Id']);
 
     $Output .= '</td><td valign="top">';