Bug 17023: Fix XSS in cataloguing/z3950_search.pl
[koha.git] / acqui / invoice.pl
blob08e3ee8a2ffdae750a7e04f63033bb3cdd6ce782
1 #!/usr/bin/perl
3 # Copyright 2011 BibLibre SARL
4 # This file is part of Koha.
6 # Koha is free software; you can redistribute it and/or modify it
7 # under the terms of the GNU General Public License as published by
8 # the Free Software Foundation; either version 3 of the License, or
9 # (at your option) any later version.
11 # Koha is distributed in the hope that it will be useful, but
12 # WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 # GNU General Public License for more details.
16 # You should have received a copy of the GNU General Public License
17 # along with Koha; if not, see <http://www.gnu.org/licenses>.
19 =head1 NAME
21 invoice.pl
23 =head1 DESCRIPTION
25 Invoice details
27 =cut
29 use strict;
30 use warnings;
32 use CGI qw ( -utf8 );
33 use C4::Auth;
34 use C4::Output;
35 use C4::Acquisition;
36 use C4::Budgets;
38 use Koha::Acquisition::Bookseller;
39 use Koha::Acquisition::Currencies;
40 use Koha::DateUtils;
41 use Koha::Misc::Files;
43 my $input = new CGI;
44 my ( $template, $loggedinuser, $cookie, $flags ) = get_template_and_user(
46 template_name => 'acqui/invoice.tt',
47 query => $input,
48 type => 'intranet',
49 authnotrequired => 0,
50 flagsrequired => { 'acquisition' => '*' },
51 debug => 1,
55 my $invoiceid = $input->param('invoiceid');
56 my $op = $input->param('op');
58 my $invoice_files;
59 if ( C4::Context->preference('AcqEnableFiles') ) {
60 $invoice_files = Koha::Misc::Files->new(
61 tabletag => 'aqinvoices', recordid => $invoiceid );
64 if ( $op && $op eq 'close' ) {
65 CloseInvoice($invoiceid);
66 my $referer = $input->param('referer');
67 if ($referer) {
68 print $input->redirect($referer);
69 exit 0;
72 elsif ( $op && $op eq 'reopen' ) {
73 ReopenInvoice($invoiceid);
74 my $referer = $input->param('referer');
75 if ($referer) {
76 print $input->redirect($referer);
77 exit 0;
80 elsif ( $op && $op eq 'mod' ) {
81 my $shipmentcost = $input->param('shipmentcost');
82 my $shipment_budget_id = $input->param('shipment_budget_id');
83 ModInvoice(
84 invoiceid => $invoiceid,
85 shipmentdate => output_pref( { str => scalar $input->param('shipmentdate'), dateformat => 'iso', dateonly => 1 } ),
86 billingdate => output_pref( { str => scalar $input->param('billingdate'), dateformat => 'iso', dateonly => 1 } ),
87 shipmentcost => $shipmentcost,
88 shipmentcost_budgetid => $shipment_budget_id
90 if ($input->param('reopen')) {
91 ReopenInvoice($invoiceid);
92 } elsif ($input->param('close')) {
93 CloseInvoice($invoiceid);
94 } elsif ($input->param('merge')) {
95 my @sources = $input->multi_param('merge');
96 MergeInvoices($invoiceid, \@sources);
97 defined($invoice_files) && $invoice_files->MergeFileRecIds(@sources);
99 $template->param( modified => 1 );
101 elsif ( $op && $op eq 'delete' ) {
102 DelInvoice($invoiceid);
103 defined($invoice_files) && $invoice_files->DelAllFiles();
104 my $referer = $input->param('referer') || 'invoices.pl';
105 if ($referer) {
106 print $input->redirect($referer);
107 exit 0;
112 my $details = GetInvoiceDetails($invoiceid);
113 my $bookseller = Koha::Acquisition::Bookseller->fetch({ id => $details->{booksellerid} });
114 my @orders_loop = ();
115 my $orders = $details->{'orders'};
116 my @foot_loop;
117 my %foot;
118 my $total_quantity = 0;
119 my $total_gste = 0;
120 my $total_gsti = 0;
121 my $total_gstvalue = 0;
122 foreach my $order (@$orders) {
123 $order = C4::Acquisition::populate_order_with_prices(
125 order => $order,
126 booksellerid => $bookseller->{id},
127 receiving => 1,
130 my $line = get_infos( $order, $bookseller);
132 $foot{$$line{gstrate}}{gstrate} = $$line{gstrate};
133 $foot{$$line{gstrate}}{gstvalue} += $$line{gstvalue};
134 $total_gstvalue += $$line{gstvalue};
135 $foot{$$line{gstrate}}{quantity} += $$line{quantity};
136 $total_quantity += $$line{quantity};
137 $foot{$$line{gstrate}}{totalgste} += $$line{totalgste};
138 $total_gste += $$line{totalgste};
139 $foot{$$line{gstrate}}{totalgsti} += $$line{totalgsti};
140 $total_gsti += $$line{totalgsti};
142 $line->{orderline} = $line->{parent_ordernumber};
143 push @orders_loop, $line;
146 push @foot_loop, map {$_} values %foot;
148 my $format = "%.2f";
149 my $budgets = GetBudgets();
150 my @budgets_loop;
151 my $shipmentcost_budgetid = $details->{shipmentcost_budgetid};
152 foreach my $budget (@$budgets) {
153 next unless CanUserUseBudget( $loggedinuser, $budget, $flags );
154 my %line = %{$budget};
155 if ( $shipmentcost_budgetid
156 and $budget->{budget_id} == $shipmentcost_budgetid )
158 $line{selected} = 1;
160 push @budgets_loop, \%line;
163 $template->param(
164 invoiceid => $details->{'invoiceid'},
165 invoicenumber => $details->{'invoicenumber'},
166 suppliername => $details->{'suppliername'},
167 booksellerid => $details->{'booksellerid'},
168 shipmentdate => $details->{'shipmentdate'},
169 billingdate => $details->{'billingdate'},
170 invoiceclosedate => $details->{'closedate'},
171 shipmentcost => $details->{'shipmentcost'},
172 orders_loop => \@orders_loop,
173 foot_loop => \@foot_loop,
174 total_quantity => $total_quantity,
175 total_gste => sprintf( $format, $total_gste ),
176 total_gsti => sprintf( $format, $total_gsti ),
177 total_gstvalue => sprintf( $format, $total_gstvalue ),
178 total_gste_shipment => sprintf( $format, $total_gste + $details->{shipmentcost}),
179 total_gsti_shipment => sprintf( $format, $total_gsti + $details->{shipmentcost}),
180 invoiceincgst => $bookseller->{invoiceincgst},
181 currency => Koha::Acquisition::Currencies->get_active,
182 budgets_loop => \@budgets_loop,
185 defined( $invoice_files ) && $template->param( files => $invoice_files->GetFilesInfo() );
187 # FIXME
188 # Fonction dupplicated from basket.pl
189 # Code must to be exported. Where ??
190 sub get_infos {
191 my $order = shift;
192 my $bookseller = shift;
193 my $qty = $order->{'quantity'} || 0;
194 if ( !defined $order->{quantityreceived} ) {
195 $order->{quantityreceived} = 0;
197 my $budget = GetBudget( $order->{'budget_id'} );
199 my %line = %{ $order };
200 $line{order_received} = ( $qty == $order->{'quantityreceived'} );
201 $line{budget_name} = $budget->{budget_name};
203 if ( $line{uncertainprice} ) {
204 $template->param( uncertainprices => 1 );
205 $line{rrp} .= ' (Uncertain)';
207 if ( $line{'title'} ) {
208 my $volume = $order->{'volume'};
209 my $seriestitle = $order->{'seriestitle'};
210 $line{'title'} .= " / $seriestitle" if $seriestitle;
211 $line{'title'} .= " / $volume" if $volume;
214 return \%line;
217 output_html_with_http_headers $input, $cookie, $template->output;