import('form.Form');
import('ttGroupHelper');
import('DateAndTime');
+import('ttTimeHelper');
import('ttExpenseHelper');
// Access checks.
$cl_id = (int)$request->getParameter('id');
// Get the expense item we are editing.
$expense_item = ttExpenseHelper::getItem($cl_id);
-if (!$expense_item || $expense_item['invoice_id']) {
- // Prohibit editing not ours or invoiced items.
+if (!$expense_item || $expense_item['approved'] || $expense_item['invoice_id']) {
+ // Prohibit editing not ours, approved, or invoiced items.
header('Location: access_denied.php');
exit();
}
// Validate user input.
if ($user->isPluginEnabled('cl') && $user->isPluginEnabled('cm') && !$cl_client)
$err->add($i18n->get('error.client'));
- if (MODE_PROJECTS == $trackingMode || MODE_PROJECTS_AND_TASKS == $trackingMode) {
- if (!$cl_project) $err->add($i18n->get('error.project'));
- }
+ if ($show_project && !$cl_project)
+ $err->add($i18n->get('error.project'));
if (!ttValidString($cl_item_name)) $err->add($i18n->get('error.field'), $i18n->get('label.item'));
if (!ttValidFloat($cl_cost)) $err->add($i18n->get('error.field'), $i18n->get('label.cost'));
if (!ttValidDate($cl_date)) $err->add($i18n->get('error.field'), $i18n->get('label.date'));
// This is a new date for the expense item.
- $new_date = new DateAndTime($user->date_format, $cl_date);
+ $new_date = new DateAndTime($user->getDateFormat(), $cl_date);
// Prohibit creating entries in future.
- if (!$user->future_entries) {
+ if (!$user->getConfigOption('future_entries')) {
$browser_today = new DateAndTime(DB_DATEFORMAT, $request->getParameter('browser_today', null));
if ($new_date->after($browser_today))
$err->add($i18n->get('error.future_date'));
}
+ if (!ttTimeHelper::canAdd()) $err->add($i18n->get('error.expired'));
+ // Finished validating user input.
// Save record.
if ($request->getParameter('btn_save')) {
// Now, an update.
if ($err->no()) {
- if (ttExpenseHelper::update(array('id'=>$cl_id,'date'=>$new_date->toString(DB_DATEFORMAT),'user_id'=>$user->getUser(),
+ if (ttExpenseHelper::update(array('id'=>$cl_id,'date'=>$new_date->toString(DB_DATEFORMAT),
'client_id'=>$cl_client,'project_id'=>$cl_project,'name'=>$cl_item_name,'cost'=>$cl_cost,'paid'=>$cl_paid))) {
header('Location: expenses.php?date='.$new_date->toString(DB_DATEFORMAT));
exit();
$smarty->assign('confirm_save', true);
$smarty->assign('entry_date', $cl_date);
}
+$smarty->assign('forms', array($form->getName()=>$form->toArray()));
+$smarty->assign('show_project', $show_project);
$smarty->assign('predefined_expenses', $predefined_expenses);
$smarty->assign('client_list', $client_list);
$smarty->assign('project_list', $project_list);
$smarty->assign('task_list', $task_list);
-$smarty->assign('forms', array($form->getName()=>$form->toArray()));
$smarty->assign('title', $i18n->get('title.edit_expense'));
$smarty->assign('content_page_name', 'expense_edit.tpl');
$smarty->display('index.tpl');