return false;
}
+ // getPredefinedExpenses - obtains all predefined expenses for group.
+ function getPredefinedExpenses() {
+ global $user;
+ $mdb2 = getConnection();
+
+ $result = array();
+ $sql = "select * from tt_predefined_expenses where group_id = $this->group_id"; // TODO: add " and org_id = $user->org_id" when possible.
+ $res = $mdb2->query($sql);
+ $result = array();
+ if (!is_a($res, 'PEAR_Error')) {
+ while ($val = $res->fetchRow()) {
+ $result[] = $val;
+ }
+ return $result;
+ }
+ return false;
+ }
+
// writeData writes group data into file.
function writeData() {
// Write group info.
$group = $this->getGroupData();
- $group_part = "<group name=\"".htmlentities($group['name'])."\"";
- $group_part .= " currency=\"".htmlentities($group['currency'])."\"";
+ $group_part = "<group name=\"".htmlspecialchars($group['name'])."\"";
+ $group_part .= " currency=\"".htmlspecialchars($group['currency'])."\"";
$group_part .= " decimal_mark=\"".$group['decimal_mark']."\"";
$group_part .= " lang=\"".$group['lang']."\"";
$group_part .= " date_format=\"".$group['date_format']."\"";
// Write group info.
fwrite($this->file, $this->indentation.$group_part);
+ unset($group);
+ unset($group_part);
// Prepare user map.
$users = $this->getUsers();
fwrite($this->file, $this->indentation." <roles>\n");
foreach ($roles as $role) {
$role_part = $this->indentation.' '."<role id=\"".$this->roleMap[$role['id']]."\"";
- $role_part .= " name=\"".htmlentities($role['name'])."\"";
- $role_part .= " description=\"".htmlentities($role['description'])."\"";
+ $role_part .= " name=\"".htmlspecialchars($role['name'])."\"";
+ $role_part .= " description=\"".htmlspecialchars($role['description'])."\"";
$role_part .= " rank=\"".$role['rank']."\"";
- $role_part .= " rights=\"".htmlentities($role['rights'])."\"";
+ $role_part .= " rights=\"".htmlspecialchars($role['rights'])."\"";
$role_part .= " status=\"".$role['status']."\"";
$role_part .= "></role>\n";
fwrite($this->file, $role_part);
}
fwrite($this->file, $this->indentation." </roles>\n");
+ unset($roles);
+ unset($role_part);
// Write tasks.
fwrite($this->file, $this->indentation." <tasks>\n");
foreach ($tasks as $task) {
$task_part = $this->indentation.' '."<task id=\"".$this->taskMap[$task['id']]."\"";
- $task_part .= " name=\"".htmlentities($task['name'])."\"";
- $task_part .= " description=\"".htmlentities($task['description'])."\"";
+ $task_part .= " name=\"".htmlspecialchars($task['name'])."\"";
+ $task_part .= " description=\"".htmlspecialchars($task['description'])."\"";
$task_part .= " status=\"".$task['status']."\"";
$task_part .= "></task>\n";
fwrite($this->file, $task_part);
}
fwrite($this->file, $this->indentation." </tasks>\n");
+ unset($tasks);
+ unset($task_part);
// Write projects.
fwrite($this->file, $this->indentation." <projects>\n");
$tasks_str = implode(',', $tasks_mapped);
}
$project_part = $this->indentation.' '."<project id=\"".$this->projectMap[$project_item['id']]."\"";
- $project_part .= " name=\"".htmlentities($project_item['name'])."\"";
- $project_part .= " description=\"".htmlentities($project_item['description'])."\"";
+ $project_part .= " name=\"".htmlspecialchars($project_item['name'])."\"";
+ $project_part .= " description=\"".htmlspecialchars($project_item['description'])."\"";
$project_part .= " tasks=\"".$tasks_str."\"";
$project_part .= " status=\"".$project_item['status']."\"";
$project_part .= "></project>\n";
fwrite($this->file, $project_part);
}
fwrite($this->file, $this->indentation." </projects>\n");
+ unset($projects);
+ unset($project_part);
// Write clients.
fwrite($this->file, $this->indentation." <clients>\n");
$projects_str = implode(',', $projects_mapped);
}
$client_part = $this->indentation.' '."<client id=\"".$this->clientMap[$client_item['id']]."\"";
- $client_part .= " name=\"".htmlentities($client_item['name'])."\"";
- $client_part .= " address=\"".htmlentities($client_item['address'])."\"";
+ $client_part .= " name=\"".htmlspecialchars($client_item['name'])."\"";
+ $client_part .= " address=\"".htmlspecialchars($client_item['address'])."\"";
$client_part .= " tax=\"".$client_item['tax']."\"";
$client_part .= " projects=\"".$projects_str."\"";
$client_part .= " status=\"".$client_item['status']."\"";
fwrite($this->file, $client_part);
}
fwrite($this->file, $this->indentation." </clients>\n");
+ unset($clients);
+ unset($client_part);
// Write users.
fwrite($this->file, $this->indentation." <users>\n");
foreach ($users as $user_item) {
$role_id = $user_item['rank'] == 512 ? 0 : $this->roleMap[$user_item['role_id']]; // Special role_id 0 (not null) for top manager.
$user_part = $this->indentation.' '."<user id=\"".$this->userMap[$user_item['id']]."\"";
- $user_part .= " name=\"".htmlentities($user_item['name'])."\"";
- $user_part .= " login=\"".htmlentities($user_item['login'])."\"";
+ $user_part .= " name=\"".htmlspecialchars($user_item['name'])."\"";
+ $user_part .= " login=\"".htmlspecialchars($user_item['login'])."\"";
$user_part .= " password=\"".$user_item['password']."\"";
$user_part .= " role_id=\"".$role_id."\"";
$user_part .= " client_id=\"".$this->clientMap[$user_item['client_id']]."\"";
fwrite($this->file, $user_part);
}
fwrite($this->file, $this->indentation." </users>\n");
+ unset($users);
+ unset($user_part);
// Write user to project binds.
fwrite($this->file, $this->indentation." <user_project_binds>\n");
fwrite($this->file, $bind_part);
}
fwrite($this->file, $this->indentation." </user_project_binds>\n");
+ unset($user_binds);
+ unset($bind_part);
// Write invoices.
fwrite($this->file, $this->indentation." <invoices>\n");
foreach ($invoices as $invoice_item) {
$invoice_part = $this->indentation.' '."<invoice id=\"".$this->invoiceMap[$invoice_item['id']]."\"";
- $invoice_part .= " name=\"".htmlentities($invoice_item['name'])."\"";
+ $invoice_part .= " name=\"".htmlspecialchars($invoice_item['name'])."\"";
$invoice_part .= " date=\"".$invoice_item['date']."\"";
$invoice_part .= " client_id=\"".$this->clientMap[$invoice_item['client_id']]."\"";
$invoice_part .= " status=\"".$invoice_item['status']."\"";
fwrite($this->file, $invoice_part);
}
fwrite($this->file, $this->indentation." </invoices>\n");
+ unset($invoices);
+ unset($invoice_part);
// Write time log entries and build logMap at the same time.
fwrite($this->file, $this->indentation." <log>\n");
$key = 0;
- foreach ($users as $user_item) {
- $records = ttTimeHelper::getAllRecords($user_item['id']);
+ foreach ($this->userMap as $key => $value) {
+ $user_id = $key;
+ $records = ttTimeHelper::getAllRecords($user_id);
foreach ($records as $record) {
$key++;
$this->logMap[$record['id']] = $key;
$log_part .= " project_id=\"".$this->projectMap[$record['project_id']]."\"";
$log_part .= " task_id=\"".$this->taskMap[$record['task_id']]."\"";
$log_part .= " invoice_id=\"".$this->invoiceMap[$record['invoice_id']]."\"";
- $log_part .= " comment=\"".htmlentities($record['comment'])."\"";
+ $log_part .= " comment=\"".htmlspecialchars($record['comment'])."\"";
$log_part .= " billable=\"".$record['billable']."\"";
$log_part .= " paid=\"".$record['paid']."\"";
$log_part .= " status=\"".$record['status']."\"";
}
fwrite($this->file, $this->indentation." </log>\n");
unset($records);
+ unset($log_part);
// Write custom fields.
fwrite($this->file, $this->indentation." <custom_fields>\n");
foreach ($custom_fields as $custom_field) {
$custom_field_part = $this->indentation.' '."<custom_field id=\"".$this->customFieldMap[$custom_field['id']]."\"";
$custom_field_part .= " type=\"".$custom_field['type']."\"";
- $custom_field_part .= " label=\"".htmlentities($custom_field['label'])."\"";
+ $custom_field_part .= " label=\"".htmlspecialchars($custom_field['label'])."\"";
$custom_field_part .= " required=\"".$custom_field['required']."\"";
$custom_field_part .= " status=\"".$custom_field['status']."\"";
$custom_field_part .= "></custom_field>\n";
}
fwrite($this->file, $this->indentation." </custom_fields>\n");
unset($custom_fields);
+ unset($custom_field_part);
// Write custom field options.
fwrite($this->file, $this->indentation." <custom_field_options>\n");
foreach ($custom_field_options as $option) {
$custom_field_option_part = $this->indentation.' '."<custom_field_option id=\"".$this->customFieldOptionMap[$option['id']]."\"";
$custom_field_option_part .= " field_id=\"".$this->customFieldMap[$option['field_id']]."\"";
- $custom_field_option_part .= " value=\"".htmlentities($option['value'])."\"";
+ $custom_field_option_part .= " value=\"".htmlspecialchars($option['value'])."\"";
$custom_field_option_part .= "></custom_field_option>\n";
fwrite($this->file, $custom_field_option_part);
}
fwrite($this->file, $this->indentation." </custom_field_options>\n");
unset($custom_field_options);
+ unset($custom_field_option_part);
+
+ // Write custom field log.
+ $custom_field_log = ttTeamHelper::getCustomFieldLog($this->group_id);
+ fwrite($this->file, $this->indentation." <custom_field_log>\n");
+ foreach ($custom_field_log as $entry) {
+ $custom_field_log_part = $this->indentation.' '."<custom_field_log_entry log_id=\"".$this->logMap[$entry['log_id']]."\"";
+ $custom_field_log_part .= " field_id=\"".$this->customFieldMap[$entry['field_id']]."\"";
+ $custom_field_log_part .= " option_id=\"".$this->customFieldOptionMap[$entry['option_id']]."\"";
+ $custom_field_log_part .= " value=\"".htmlspecialchars($entry['value'])."\"";
+ $custom_field_log_part .= " status=\"".$entry['status']."\"";
+ $custom_field_log_part .= "></custom_field_log_entry>\n";
+ fwrite($this->file, $custom_field_log_part);
+ }
+ fwrite($this->file, $this->indentation." </custom_field_log>\n");
+ unset($custom_field_log);
+ unset($custom_field_log_part);
+
+ // Write expense items.
+ $expense_items = ttTeamHelper::getExpenseItems($this->group_id);
+ fwrite($this->file, $this->indentation." <expense_items>\n");
+ foreach ($expense_items as $expense_item) {
+ $expense_item_part = $this->indentation.' '."<expense_item date=\"".$expense_item['date']."\"";
+ $expense_item_part .= " user_id=\"".$this->userMap[$expense_item['user_id']]."\"";
+ $expense_item_part .= " client_id=\"".$this->clientMap[$expense_item['client_id']]."\"";
+ $expense_item_part .= " project_id=\"".$this->projectMap[$expense_item['project_id']]."\"";
+ $expense_item_part .= " name=\"".htmlspecialchars($expense_item['name'])."\"";
+ $expense_item_part .= " cost=\"".$expense_item['cost']."\"";
+ $expense_item_part .= " invoice_id=\"".$this->invoiceMap[$expense_item['invoice_id']]."\"";
+ $expense_item_part .= " paid=\"".$expense_item['paid']."\"";
+ $expense_item_part .= " status=\"".$expense_item['status']."\"";
+ $expense_item_part .= "></expense_item>\n";
+ fwrite($this->file, $expense_item_part);
+ }
+ fwrite($this->file, $this->indentation." </expense_items>\n");
+ unset($expense_items);
+ unset($expense_item_part);
+
+ // Write predefined expenses.
+ $predefined_expenses = $this->getPredefinedExpenses();
+ fwrite($this->file, $this->indentation." <predefined_expenses>\n");
+ foreach ($predefined_expenses as $predefined_expense) {
+ $predefined_expense_part = $this->indentation.' '."<predefined_expense name=\"".htmlspecialchars($predefined_expense['name'])."\"";
+ $predefined_expense_part .= " cost=\"".$predefined_expense['cost']."\"";
+ $predefined_expense_part .= "></predefined_expense>\n";
+ fwrite($this->file, $predefined_expense_part);
+ }
+ fwrite($this->file, $this->indentation." </predefined_expenses>\n");
+ unset($predefined_expenses);
+ unset($predefined_expense_part);
+
+ // Write monthly quotas.
+ $quotas = ttTeamHelper::getMonthlyQuotas($this->group_id);
+ fwrite($this->file, $this->indentation." <monthly_quotas>\n");
+ foreach ($quotas as $quota) {
+ $quota_part = $this->indentation.' '."<monthly_quota year=\"".$quota['year']."\"";
+ $quota_part .= " month=\"".$quota['month']."\"";
+ $quota_part .= " minutes=\"".$quota['minutes']."\"";
+ $quota_part .= "></monthly_quota>\n";
+ fwrite($this->file, $quota_part);
+ }
+ fwrite($this->file, $this->indentation." </monthly_quotas>\n");
+ unset($quotas);
+ unset($quota_part);
+
+ // Write fav reports.
+ $fav_reports = ttTeamHelper::getFavReports($this->group_id);
+ fwrite($this->file, $this->indentation." <fav_reports>\n");
+ foreach ($fav_reports as $fav_report) {
+ $user_list = '';
+ if (strlen($fav_report['users']) > 0) {
+ $arr = explode(',', $fav_report['users']);
+ foreach ($arr as $k=>$v) {
+ if (array_key_exists($arr[$k], $this->userMap))
+ $user_list .= (strlen($user_list) == 0? '' : ',').$this->userMap[$v];
+ }
+ }
+ $fav_report_part = $this->indentation.' '."<fav_report user_id=\"".$this->userMap[$fav_report['user_id']]."\"";
+ $fav_report_part .= " name=\"".htmlspecialchars($fav_report['name'])."\"";
+ $fav_report_part .= " client_id=\"".$this->clientMap[$fav_report['client_id']]."\"";
+ $fav_report_part .= " cf_1_option_id=\"".$this->customFieldOptionMap[$fav_report['cf_1_option_id']]."\"";
+ $fav_report_part .= " project_id=\"".$this->projectMap[$fav_report['project_id']]."\"";
+ $fav_report_part .= " task_id=\"".$this->taskMap[$fav_report['task_id']]."\"";
+ $fav_report_part .= " billable=\"".$fav_report['billable']."\"";
+ $fav_report_part .= " users=\"".$user_list."\"";
+ $fav_report_part .= " period=\"".$fav_report['period']."\"";
+ $fav_report_part .= " period_start=\"".$fav_report['period_start']."\"";
+ $fav_report_part .= " period_end=\"".$fav_report['period_end']."\"";
+ $fav_report_part .= " show_client=\"".$fav_report['show_client']."\"";
+ $fav_report_part .= " show_invoice=\"".$fav_report['show_invoice']."\"";
+ $fav_report_part .= " show_paid=\"".$fav_report['show_paid']."\"";
+ $fav_report_part .= " show_ip=\"".$fav_report['show_ip']."\"";
+ $fav_report_part .= " show_project=\"".$fav_report['show_project']."\"";
+ $fav_report_part .= " show_start=\"".$fav_report['show_start']."\"";
+ $fav_report_part .= " show_duration=\"".$fav_report['show_duration']."\"";
+ $fav_report_part .= " show_cost=\"".$fav_report['show_cost']."\"";
+ $fav_report_part .= " show_task=\"".$fav_report['show_task']."\"";
+ $fav_report_part .= " show_end=\"".$fav_report['show_end']."\"";
+ $fav_report_part .= " show_note=\"".$fav_report['show_note']."\"";
+ $fav_report_part .= " show_custom_field_1=\"".$fav_report['show_custom_field_1']."\"";
+ $fav_report_part .= " show_work_units=\"".$fav_report['show_work_units']."\"";
+ $fav_report_part .= " group_by1=\"".$fav_report['group_by1']."\"";
+ $fav_report_part .= " group_by2=\"".$fav_report['group_by2']."\"";
+ $fav_report_part .= " group_by3=\"".$fav_report['group_by3']."\"";
+ $fav_report_part .= " show_totals_only=\"".$fav_report['show_totals_only']."\"";
+ $fav_report_part .= "></fav_report>\n";
+ fwrite($this->file, $fav_report_part);
+ }
+ fwrite($this->file, $this->indentation." </fav_reports>\n");
+ unset($fav_reports);
+ unset($fav_report_part);
+
+ // We are mostly done with writing this group data, destroy all maps.
+ unset($this->roleMap);
+ unset($this->userMap);
+ unset($this->taskMap);
+ unset($this->projectMap);
+ unset($this->clientMap);
+ unset($this->invoiceMap);
+ unset($this->logMap);
+ unset($this->customFieldMap);
+ unset($this->customFieldOptionMap);
// Call self recursively for all subgroups.
foreach ($this->subgroups as $subgroup) {
$subgroup_helper = new ttGroupExportHelper($subgroup['id'], $this->file, $this->indentation.' ');
$subgroup_helper->writeData();
}
+ unset($this->subgroups);
fwrite($this->file, $this->indentation."</group>\n");
}