import('ttFavReportHelper');
import('ttNotificationHelper');
-// Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('no')) {
+// Access checks.
+if (!ttAccessAllowed('manage_advanced_settings')) {
header('Location: access_denied.php');
exit();
}
+if (!$user->isPluginEnabled('no')) {
+ header('Location: feature_disabled.php');
+ exit();
+}
+if (!$user->exists()) {
+ header('Location: access_denied.php'); // No users in subgroup.
+ exit();
+}
+$notification_id = (int)$request->getParameter('id');
+$notification = ttNotificationHelper::get($notification_id);
+if (!$notification) {
+ header('Location: access_denied.php'); // Wrong notification id.
+ exit();
+}
+if ($request->isPost()) {
+ $cl_fav_report_id = (int) $request->getParameter('fav_report');
+ if ($cl_fav_report_id && !ttFavReportHelper::get($cl_fav_report_id)) {
+ header('Location: access_denied.php'); // Invalid fav report id in post.
+ exit();
+ }
+}
+// End of access checks.
-$notification_id = (int) $request->getParameter('id');
-$fav_reports = ttFavReportHelper::getReports($user->id);
+$fav_reports = ttFavReportHelper::getReports();
if ($request->isPost()) {
- $cl_fav_report = trim($request->getParameter('fav_report'));
$cl_cron_spec = trim($request->getParameter('cron_spec'));
$cl_email = trim($request->getParameter('email'));
$cl_cc = trim($request->getParameter('cc'));
$cl_report_condition = trim($request->getParameter('report_condition'));
} else {
$notification = ttNotificationHelper::get($notification_id);
- $cl_fav_report = $notification['report_id'];
+ $cl_fav_report_id = $notification['report_id'];
$cl_cron_spec = $notification['cron_spec'];
$cl_email = $notification['email'];
$cl_cc = $notification['cc'];
$form->addInput(array('type'=>'combobox',
'name'=>'fav_report',
'style'=>'width: 250px;',
- 'value'=>$cl_fav_report,
+ 'value'=>$cl_fav_report_id,
'data'=>$fav_reports,
'datakeys'=>array('id','name'),
- 'empty'=>array(''=>$i18n->getKey('dropdown.select'))));
+ 'empty'=>array(''=>$i18n->get('dropdown.select'))));
$form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'cron_spec','style'=>'width: 250px;','value'=>$cl_cron_spec));
$form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'email','style'=>'width: 250px;','value'=>$cl_email));
$form->addInput(array('type'=>'text','name'=>'cc','style'=>'width: 300px;','value'=>$cl_cc));
$form->addInput(array('type'=>'text','name'=>'subject','style'=>'width: 300px;','value'=>$cl_subject));
$form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'report_condition','style'=>'width: 250px;','value'=>$cl_report_condition));
-$form->addInput(array('type'=>'submit','name'=>'btn_submit','value'=>$i18n->getKey('button.save')));
+$form->addInput(array('type'=>'submit','name'=>'btn_submit','value'=>$i18n->get('button.save')));
if ($request->isPost()) {
// Validate user input.
- if (!$cl_fav_report) $err->add($i18n->getKey('error.report'));
- if (!ttValidCronSpec($cl_cron_spec)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.cron_schedule'));
- if (!ttValidEmail($cl_email)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.email'));
- if (!ttValidEmail($cl_cc, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('form.mail.cc'));
- if (!ttValidString($cl_subject, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('form.mail.subject'));
- if (!ttValidCondition($cl_report_condition)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.condition'));
+ if (!$cl_fav_report_id) $err->add($i18n->get('error.report'));
+ if (!ttValidCronSpec($cl_cron_spec)) $err->add($i18n->get('error.field'), $i18n->get('label.schedule'));
+ if (!ttValidEmail($cl_email)) $err->add($i18n->get('error.field'), $i18n->get('label.email'));
+ if (!ttValidEmail($cl_cc, true)) $err->add($i18n->get('error.field'), $i18n->get('label.cc'));
+ if (!ttValidString($cl_subject, true)) $err->add($i18n->get('error.field'), $i18n->get('label.subject'));
+ if (!ttValidCondition($cl_report_condition)) $err->add($i18n->get('error.field'), $i18n->get('label.condition'));
if ($err->no()) {
// Calculate next execution time.
if (ttNotificationHelper::update(array(
'id' => $notification_id,
- 'team_id' => $user->team_id,
'cron_spec' => $cl_cron_spec,
'next' => $next,
- 'report_id' => $cl_fav_report,
+ 'report_id' => $cl_fav_report_id,
'email' => $cl_email,
'cc' => $cl_cc,
'subject' => $cl_subject,
header('Location: notifications.php');
exit();
} else
- $err->add($i18n->getKey('error.db'));
+ $err->add($i18n->get('error.db'));
}
} // isPost
$smarty->assign('forms', array($form->getName()=>$form->toArray()));
-$smarty->assign('title', $i18n->getKey('title.edit_notification'));
+$smarty->assign('title', $i18n->get('title.edit_notification'));
$smarty->assign('content_page_name', 'notification_edit.tpl');
$smarty->display('index.tpl');