Added last access handling.

[timetracker.git] / invoice_delete.php

diff --git a/invoice_delete.php b/invoice_delete.php
index 7db539a..6fd8270 100644 (file)
--- a/invoice_delete.php
+++ b/invoice_delete.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttInvoiceHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessAllowed('manage_invoices') || !$user->isPluginEnabled('iv')) {
   header('Location: access_denied.php');
   exit();
 }
@@ -46,7 +46,7 @@ $form->addInput(array('type'=>'combobox',
     'name'=>'delete_invoice_entries',
     'data'=>array('0'=>$i18n->getKey('dropdown.do_not_delete'),'1'=>$i18n->getKey('dropdown.delete')),
 ));
-$form->addInput(array('type'=>'submit','name'=>'btn_delete','value'=>$i18n->getKey('label.delete')));
+$form->addInput(array('type'=>'submit','name'=>'btn_delete','value'=>$i18n->getKey('label.delete'),'onclick'=>'return confirm_deleting_entries();'));
 $form->addInput(array('type'=>'submit','name'=>'btn_cancel','value'=>$i18n->getKey('button.cancel')));
 
 if ($request->isPost()) {