+
+ // createGroup function creates a new group.
+ private function createGroup($fields) {
+ global $user;
+ global $i18n;
+ $mdb2 = getConnection();
+
+ $columns = '(parent_id, org_id, name, description, currency, decimal_mark, lang, date_format, time_format'.
+ ', week_start, tracking_mode, project_required, task_required, record_type, bcc_email'.
+ ', allow_ip, password_complexity, plugins, lock_spec'.
+ ', workday_minutes, config, created, created_ip, created_by)';
+
+ $values = ' values (';
+ $values .= $mdb2->quote($fields['parent_id']);
+ $values .= ', '.$mdb2->quote($fields['org_id']);
+ $values .= ', '.$mdb2->quote(trim($fields['name']));
+ $values .= ', '.$mdb2->quote(trim($fields['description']));
+ $values .= ', '.$mdb2->quote(trim($fields['currency']));
+ $values .= ', '.$mdb2->quote($fields['decimal_mark']);
+ $values .= ', '.$mdb2->quote($fields['lang']);
+ $values .= ', '.$mdb2->quote($fields['date_format']);
+ $values .= ', '.$mdb2->quote($fields['time_format']);
+ $values .= ', '.(int)$fields['week_start'];
+ $values .= ', '.(int)$fields['tracking_mode'];
+ $values .= ', '.(int)$fields['project_required'];
+ $values .= ', '.(int)$fields['task_required'];
+ $values .= ', '.(int)$fields['record_type'];
+ $values .= ', '.$mdb2->quote($fields['bcc_email']);
+ $values .= ', '.$mdb2->quote($fields['allow_ip']);
+ $values .= ', '.$mdb2->quote($fields['password_complexity']);
+ $values .= ', '.$mdb2->quote($fields['plugins']);
+ $values .= ', '.$mdb2->quote($fields['lock_spec']);
+ $values .= ', '.(int)$fields['workday_minutes'];
+ $values .= ', '.$mdb2->quote($fields['config']);
+ $values .= ', now(), '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', '.$user->id;
+ $values .= ')';
+
+ $sql = 'insert into tt_groups '.$columns.$values;
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error')) {
+ $this->errors->add($i18n->get('error.db'));
+ return false;
+ }
+
+ $group_id = $mdb2->lastInsertID('tt_groups', 'id');
+ return $group_id;
+ }
+
+ // insertMonthlyQuota - a helper function to insert a monthly quota.
+ private function insertMonthlyQuota($fields) {
+ $mdb2 = getConnection();
+
+ $group_id = (int) $fields['group_id'];
+ $org_id = (int) $fields['org_id'];
+ $year = (int) $fields['year'];
+ $month = (int) $fields['month'];
+ $minutes = (int) $fields['minutes'];
+
+ $sql = "INSERT INTO tt_monthly_quotas (group_id, org_id, year, month, minutes)".
+ " values ($group_id, $org_id, $year, $month, $minutes)";
+ $affected = $mdb2->exec($sql);
+ return (!is_a($affected, 'PEAR_Error'));
+ }
+
+ // insertPredefinedExpense - a helper function to insert a predefined expense.
+ private function insertPredefinedExpense($fields) {
+ $mdb2 = getConnection();
+
+ $group_id = (int) $fields['group_id'];
+ $org_id = (int) $fields['org_id'];
+ $name = $mdb2->quote($fields['name']);
+ $cost = $mdb2->quote($fields['cost']);
+
+ $sql = "INSERT INTO tt_predefined_expenses (group_id, org_id, name, cost)".
+ " values ($group_id, $org_id, $name, $cost)";
+ $affected = $mdb2->exec($sql);
+ return (!is_a($affected, 'PEAR_Error'));
+ }
+
+ // insertExpense - a helper function to insert an expense item.
+ private function insertExpense($fields) {
+ global $user;
+ $mdb2 = getConnection();
+
+ $group_id = (int) $fields['group_id'];
+ $org_id = (int) $fields['org_id'];
+ $date = $fields['date'];
+ $user_id = (int) $fields['user_id'];
+ $client_id = $fields['client_id'];
+ $project_id = $fields['project_id'];
+ $name = $fields['name'];
+ $cost = str_replace(',', '.', $fields['cost']);
+ $invoice_id = $fields['invoice_id'];
+ $status = $fields['status'];
+ $paid = (int) $fields['paid'];
+ $created = ', now(), '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', '.$user->id;
+
+ $sql = "insert into tt_expense_items".
+ " (date, user_id, group_id, org_id, client_id, project_id, name, cost, invoice_id, paid, created, created_ip, created_by, status)".
+ " values (".$mdb2->quote($date).", $user_id, $group_id, $org_id, ".$mdb2->quote($client_id).", ".$mdb2->quote($project_id).
+ ", ".$mdb2->quote($name).", ".$mdb2->quote($cost).", ".$mdb2->quote($invoice_id).", $paid $created, ".$mdb2->quote($status).")";
+ $affected = $mdb2->exec($sql);
+ return (!is_a($affected, 'PEAR_Error'));
+ }
+
+ // insertTask function inserts a new task into database.
+ private function insertTask($fields)
+ {
+ $mdb2 = getConnection();
+
+ $group_id = (int) $fields['group_id'];
+ $org_id = (int) $fields['org_id'];
+ $name = $fields['name'];
+ $description = $fields['description'];
+ $projects = $fields['projects'];
+ $status = $fields['status'];
+
+ $sql = "insert into tt_tasks (group_id, org_id, name, description, status)
+ values ($group_id, $org_id, ".$mdb2->quote($name).", ".$mdb2->quote($description).", ".$mdb2->quote($status).")";
+ $affected = $mdb2->exec($sql);
+ $last_id = 0;
+ if (is_a($affected, 'PEAR_Error'))
+ return false;
+
+ $last_id = $mdb2->lastInsertID('tt_tasks', 'id');
+ return $last_id;
+ }
+
+ // insertUserProjectBind - inserts a user to project bind into tt_user_project_binds table.
+ private function insertUserProjectBind($fields) {
+ $mdb2 = getConnection();
+
+ $group_id = (int) $fields['group_id'];
+ $org_id = (int) $fields['org_id'];
+ $user_id = (int) $fields['user_id'];
+ $project_id = (int) $fields['project_id'];
+ $rate = $mdb2->quote($fields['rate']);
+ $status = $mdb2->quote($fields['status']);
+
+ $sql = "insert into tt_user_project_binds (user_id, project_id, group_id, org_id, rate, status)".
+ " values($user_id, $project_id, $group_id, $org_id, $rate, $status)";
+ $affected = $mdb2->exec($sql);
+ return (!is_a($affected, 'PEAR_Error'));
+ }
+
+ // insertUser - inserts a user into database.
+ private function insertUser($fields) {
+ global $user;
+ $mdb2 = getConnection();
+
+ $group_id = (int) $fields['group_id'];
+ $org_id = (int) $fields['org_id'];
+
+ $columns = '(login, password, name, group_id, org_id, role_id, client_id, rate, quota_percent, email, created, created_ip, created_by, status)';
+
+ $values = 'values (';
+ $values .= $mdb2->quote($fields['login']);
+ $values .= ', '.$mdb2->quote($fields['password']);
+ $values .= ', '.$mdb2->quote($fields['name']);
+ $values .= ', '.$group_id;
+ $values .= ', '.$org_id;
+ $values .= ', '.(int)$fields['role_id'];
+ $values .= ', '.$mdb2->quote($fields['client_id']);
+ $values .= ', '.$mdb2->quote($fields['rate']);
+ $values .= ', '.$mdb2->quote($fields['quota_percent']);
+ $values .= ', '.$mdb2->quote($fields['email']);
+ $values .= ', now(), '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', '.$user->id;
+ $values .= ', '.$mdb2->quote($fields['status']);
+ $values .= ')';
+
+ $sql = "insert into tt_users $columns $values";
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error')) return false;
+
+ $last_id = $mdb2->lastInsertID('tt_users', 'id');
+ return $last_id;
+ }
+
+ // insertProject - a helper function to insert a project as well as project to task binds.
+ private function insertProject($fields)
+ {
+ $mdb2 = getConnection();
+
+ $group_id = (int) $fields['group_id'];
+ $org_id = (int) $fields['org_id'];
+ $name = $fields['name'];
+ $description = $fields['description'];
+ $tasks = $fields['tasks'];
+ $comma_separated = implode(',', $tasks); // This is a comma-separated list of associated task ids.
+ $status = $fields['status'];
+
+ $sql = "insert into tt_projects (group_id, org_id, name, description, tasks, status)
+ values ($group_id, $org_id, ".$mdb2->quote($name).", ".$mdb2->quote($description).", ".$mdb2->quote($comma_separated).", ".$mdb2->quote($status).")";
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error'))
+ return false;
+
+ $last_id = $mdb2->lastInsertID('tt_projects', 'id');
+
+ // Insert binds into tt_project_task_binds table.
+ if (is_array($tasks)) {
+ foreach ($tasks as $task_id) {
+ $sql = "insert into tt_project_task_binds (project_id, task_id, group_id, org_id)".
+ " values($last_id, $task_id, $group_id, $org_id)";
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error'))
+ return false;
+ }
+ }
+
+ return $last_id;
+ }
+
+ // insertRole - inserts a role into tt_roles table.
+ private function insertRole($fields)
+ {
+ $mdb2 = getConnection();
+
+ $group_id = (int) $fields['group_id'];
+ $org_id = (int) $fields['org_id'];
+ $name = $fields['name'];
+ $rank = (int) $fields['rank'];
+ $description = $fields['description'];
+ $rights = $fields['rights'];
+ $status = $fields['status'];
+
+ $sql = "insert into tt_roles (group_id, org_id, name, rank, description, rights, status)
+ values ($group_id, $org_id, ".$mdb2->quote($name).", $rank, ".$mdb2->quote($description).", ".$mdb2->quote($rights).", ".$mdb2->quote($status).")";
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error'))
+ return false;
+
+ $last_id = $mdb2->lastInsertID('tt_roles', 'id');
+ return $last_id;
+ }
+
+ // insertInvoice - inserts an invoice in database.
+ private function insertInvoice($fields)
+ {
+ $mdb2 = getConnection();
+
+ $group_id = (int) $fields['group_id'];
+ $org_id = (int) $fields['org_id'];
+ $name = $fields['name'];
+ $client_id = (int) $fields['client_id'];
+ $date = $fields['date'];
+ $status = $fields['status'];
+
+ // Insert a new invoice record.
+ $sql = "insert into tt_invoices (group_id, org_id, name, date, client_id, status)".
+ " values($group_id, $org_id, ".$mdb2->quote($name).", ".$mdb2->quote($date).", $client_id, ".$mdb2->quote($fields['status']).")";
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error')) return false;
+
+ $last_id = $mdb2->lastInsertID('tt_invoices', 'id');
+ return $last_id;
+ }
+
+ // The insertClient function inserts a new client as well as client to project binds.
+ private function insertClient($fields)
+ {
+ $mdb2 = getConnection();
+
+ $group_id = (int) $fields['group_id'];
+ $org_id = (int) $fields['org_id'];
+ $name = $fields['name'];
+ $address = $fields['address'];
+ $tax = $fields['tax'];
+ $projects = $fields['projects'];
+ if ($projects)
+ $comma_separated = implode(',', $projects); // This is a comma-separated list of associated projects ids.
+ $status = $fields['status'];
+
+ $tax = str_replace(',', '.', $tax);
+ if ($tax == '') $tax = 0;
+
+ $sql = "insert into tt_clients (group_id, org_id, name, address, tax, projects, status)".
+ " values ($group_id, $org_id, ".$mdb2->quote($name).", ".$mdb2->quote($address).", $tax, ".$mdb2->quote($comma_separated).", ".$mdb2->quote($status).")";
+
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error'))
+ return false;
+
+ $last_id = $mdb2->lastInsertID('tt_clients', 'id');
+
+ if (count($projects) > 0)
+ foreach ($projects as $p_id) {
+ $sql = "insert into tt_client_project_binds (client_id, project_id, group_id, org_id) values($last_id, $p_id, $group_id, $org_id)";
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error'))
+ return false;
+ }
+
+ return $last_id;
+ }
+
+ // insertFavReport - inserts a favorite report in database.
+ private function insertFavReport($fields) {
+ $mdb2 = getConnection();
+
+ $group_id = (int) $fields['group_id'];
+ $org_id = (int) $fields['org_id'];
+
+ $sql = "insert into tt_fav_reports".
+ " (name, user_id, group_id, org_id, client_id, cf_1_option_id, project_id, task_id,".
+ " billable, invoice, paid_status, users, period, period_start, period_end,".
+ " show_client, show_invoice, show_paid, show_ip,".
+ " show_project, show_start, show_duration, show_cost,".
+ " show_task, show_end, show_note, show_custom_field_1, show_work_units,".
+ " group_by1, group_by2, group_by3, show_totals_only)".
+ " values(".
+ $mdb2->quote($fields['name']).", ".$fields['user_id'].", $group_id, $org_id, ".
+ $mdb2->quote($fields['client']).", ".$mdb2->quote($fields['option']).", ".
+ $mdb2->quote($fields['project']).", ".$mdb2->quote($fields['task']).", ".
+ $mdb2->quote($fields['billable']).", ".$mdb2->quote($fields['invoice']).", ".
+ $mdb2->quote($fields['paid_status']).", ".
+ $mdb2->quote($fields['users']).", ".$mdb2->quote($fields['period']).", ".
+ $mdb2->quote($fields['from']).", ".$mdb2->quote($fields['to']).", ".
+ $fields['chclient'].", ".$fields['chinvoice'].", ".$fields['chpaid'].", ".$fields['chip'].", ".
+ $fields['chproject'].", ".$fields['chstart'].", ".$fields['chduration'].", ".$fields['chcost'].", ".
+ $fields['chtask'].", ".$fields['chfinish'].", ".$fields['chnote'].", ".$fields['chcf_1'].", ".$fields['chunits'].", ".
+ $mdb2->quote($fields['group_by1']).", ".$mdb2->quote($fields['group_by2']).", ".
+ $mdb2->quote($fields['group_by3']).", ".$fields['chtotalsonly'].")";
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error'))
+ return false;
+
+ $last_id = $mdb2->lastInsertID('tt_fav_reports', 'id');
+ return $last_id;
+ }
+
+ // insertNotification function inserts a new notification into database.
+ private function insertNotification($fields)
+ {
+ $mdb2 = getConnection();
+
+ $group_id = (int) $fields['group_id'];
+ $org_id = (int) $fields['org_id'];
+ $cron_spec = $fields['cron_spec'];
+ $last = (int) $fields['last'];
+ $next = (int) $fields['next'];
+ $report_id = (int) $fields['report_id'];
+ $email = $fields['email'];
+ $cc = $fields['cc'];
+ $subject = $fields['subject'];
+ $report_condition = $fields['report_condition'];
+ $status = $fields['status'];
+
+ $sql = "insert into tt_cron".
+ " (group_id, org_id, cron_spec, last, next, report_id, email, cc, subject, report_condition, status)".
+ " values ($group_id, $org_id, ".$mdb2->quote($cron_spec).", $last, $next, $report_id, ".$mdb2->quote($email).", ".$mdb2->quote($cc).", ".$mdb2->quote($subject).", ".$mdb2->quote($report_condition).", ".$mdb2->quote($status).")";
+ $affected = $mdb2->exec($sql);
+ return (!is_a($affected, 'PEAR_Error'));
+ }
+
+ // insertUserParam - a helper function to insert a user parameter.
+ private function insertUserParam($fields) {
+ $mdb2 = getConnection();
+
+ $group_id = (int) $fields['group_id'];
+ $org_id = (int) $fields['org_id'];
+ $user_id = (int) $fields['user_id'];
+ $param_name = $fields['param_name'];
+ $param_value = $fields['param_value'];
+
+ $sql = "insert into tt_config".
+ " (user_id, group_id, org_id, param_name, param_value)".
+ " values ($user_id, $group_id, $org_id, ".$mdb2->quote($param_name).", ".$mdb2->quote($param_value).")";
+ $affected = $mdb2->exec($sql);
+ return (!is_a($affected, 'PEAR_Error'));
+ }
+
+ // insertCustomField - a helper function to insert a custom field.
+ private function insertCustomField($fields) {
+ $mdb2 = getConnection();
+
+ $group_id = (int) $fields['group_id'];
+ $org_id = (int) $fields['org_id'];
+ $type = (int) $fields['type'];
+ $label = $fields['label'];
+ $required = (int) $fields['required'];
+ $status = $fields['status'];
+
+ $sql = "insert into tt_custom_fields".
+ " (group_id, org_id, type, label, required, status)".
+ " values($group_id, $org_id, $type, ".$mdb2->quote($label).", $required, ".$mdb2->quote($status).")";
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error'))
+ return false;
+
+ $last_id = $mdb2->lastInsertID('tt_custom_fields', 'id');
+ return $last_id;
+ }
+
+ // insertCustomFieldOption - a helper function to insert a custom field option.
+ private function insertCustomFieldOption($fields) {
+ $mdb2 = getConnection();
+
+ $group_id = (int) $fields['group_id'];
+ $org_id = (int) $fields['org_id'];
+ $field_id = (int) $fields['field_id'];
+ $value = $fields['value'];
+
+ $sql = "insert into tt_custom_field_options (group_id, org_id, field_id, value)".
+ " values ($group_id, $org_id, $field_id, ".$mdb2->quote($value).")";
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error'))
+ return false;
+
+ $last_id = $mdb2->lastInsertID('tt_custom_field_options', 'id');
+ return $last_id;
+ }
+
+ // insertLogEntry - a helper function to insert a time log entry.
+ private function insertLogEntry($fields) {
+ global $user;
+ $mdb2 = getConnection();
+
+ $group_id = (int) $fields['group_id'];
+ $org_id = (int) $fields['org_id'];
+ $user_id = (int) $fields['user_id'];
+ $date = $fields['date'];
+ $start = $fields['start'];
+ $duration = $fields['duration'];
+ $client_id = $fields['client_id'];
+ $project_id = $fields['project_id'];
+ $task_id = $fields['task_id'];
+ $invoice_id = $fields['invoice_id'];
+ $comment = $fields['comment'];
+ $billable = (int) $fields['billable'];
+ $paid = (int) $fields['paid'];
+ $status = $fields['status'];
+
+ $sql = "insert into tt_log".
+ " (user_id, group_id, org_id, date, start, duration, client_id, project_id, task_id, invoice_id, comment".
+ ", billable, paid, created, created_ip, created_by, status)".
+ " values ($user_id, $group_id, $org_id".
+ ", ".$mdb2->quote($date).
+ ", ".$mdb2->quote($start).
+ ", ".$mdb2->quote($duration).
+ ", ".$mdb2->quote($client_id).
+ ", ".$mdb2->quote($project_id).
+ ", ".$mdb2->quote($task_id).
+ ", ".$mdb2->quote($invoice_id).
+ ", ".$mdb2->quote($comment).
+ ", $billable, $paid".
+ ", now(), ".$mdb2->quote($_SERVER['REMOTE_ADDR']).", ".$user->id.
+ ", ". $mdb2->quote($status).")";
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error')) {
+ $this->errors->add($i18n->get('error.db')); // TODO: review whether or not to add error here in all insert calls.
+ return false;
+ }
+
+ $log_id = $mdb2->lastInsertID('tt_log', 'id');
+ return $log_id;
+ }
+
+ // insertCustomFieldLogEntry - a helper function to insert a custom field log entry.
+ private function insertCustomFieldLogEntry($fields) {
+ $mdb2 = getConnection();
+
+ $group_id = (int) $fields['group_id'];
+ $org_id = (int) $fields['org_id'];
+ $log_id = (int) $fields['log_id'];
+ $field_id = (int) $fields['field_id'];
+ $option_id = $fields['option_id'];
+ $value = $fields['value'];
+ $status = $fields['status'];
+
+ $sql = "insert into tt_custom_field_log (group_id, org_id, log_id, field_id, option_id, value, status)".
+ " values ($group_id, $org_id, $log_id, $field_id, ".$mdb2->quote($option_id).", ".$mdb2->quote($value).", ".$mdb2->quote($status).")";
+ $affected = $mdb2->exec($sql);
+ return (!is_a($affected, 'PEAR_Error'));
+ }
+
+ // getTopRole returns top role id.
+ private function getTopRole() {
+ $mdb2 = getConnection();
+
+ $sql = "select id from tt_roles where group_id = 0 and rank = ".MAX_RANK." and status = 1";
+ $res = $mdb2->query($sql);
+
+ if (!is_a($res, 'PEAR_Error')) {
+ $val = $res->fetchRow();
+ if ($val['id'])
+ return $val['id'];
+ }
+ return false;
+ }
+
+ // The loginExists function detrmines if a login already exists.
+ private function loginExists($login) {
+ $mdb2 = getConnection();
+
+ $sql = "select id from tt_users where login = ".$mdb2->quote($login)." and (status = 1 or status = 0)";
+ $res = $mdb2->query($sql);
+ if (!is_a($res, 'PEAR_Error')) {
+ if ($val = $res->fetchRow()) {
+ return true;
+ }
+ }
+ return false;
+ }