projects / timetracker.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Added team_id to project delete and update queries to reduce risk of misuse.
[timetracker.git] / profile_edit.php
diff --git a/profile_edit.php b/profile_edit.php
index fc13d0c..9c27ab4 100644 (file)
--- a/profile_edit.php
+++ b/profile_edit.php
@@ -29,9 +29,10 @@
 require_once('initialize.php');
 import('form.Form');
 import('ttUserHelper');
+import('ttRoleHelper');
 
 // Access check.
-if (!ttAccessCheck(right_data_entry|right_view_reports)) {
+if (!ttAccessAllowed('manage_own_settings')) {
   header('Location: access_denied.php');
   exit();
 }
@@ -62,6 +63,7 @@ if ($request->isPost()) {
     $cl_project_required = $request->getParameter('project_required');
     $cl_task_required = $request->getParameter('task_required');
     $cl_record_type = $request->getParameter('record_type');
+    $cl_punch_mode = $request->getParameter('punch_mode');
     $cl_allow_overlap = $request->getParameter('allow_overlap');
     $cl_future_entries = $request->getParameter('future_entries');
     $cl_uncompleted_indicators = $request->getParameter('uncompleted_indicators');
@@ -98,6 +100,7 @@ if ($request->isPost()) {
     $cl_project_required = $user->project_required;
     $cl_task_required = $user->task_required;
     $cl_record_type = $user->record_type;
+    $cl_punch_mode = $user->punch_mode;
     $cl_allow_overlap = $user->allow_overlap;
     $cl_future_entries = $user->future_entries;
     $cl_uncompleted_indicators = $user->uncompleted_indicators;
@@ -148,7 +151,7 @@ if ($user->canManageTeam()) {
     $longname_lang[] = array('id'=>I18n::getLangFromFilename($lfile),'name'=>$lname);
   }
   $longname_lang = mu_sort($longname_lang, 'name');
-  $form->addInput(array('type'=>'combobox','name'=>'lang','style'=>'width: 150px','data'=>$longname_lang,'datakeys'=>array('id','name'),'value'=>$cl_lang));
+  $form->addInput(array('type'=>'combobox','name'=>'lang','style'=>'width: 200px','data'=>$longname_lang,'datakeys'=>array('id','name'),'value'=>$cl_lang));
 
   $DECIMAL_MARK_OPTIONS = array(array('id'=>'.','name'=>'.'),array('id'=>',','name'=>','));
   $form->addInput(array('type'=>'combobox','name'=>'decimal_mark','style'=>'width: 150px','data'=>$DECIMAL_MARK_OPTIONS,'datakeys'=>array('id','name'),'value'=>$cl_decimal_mark,
@@ -162,8 +165,8 @@ if ($user->canManageTeam()) {
   $form->addInput(array('type'=>'combobox','name'=>'date_format','style'=>'width: 150px;','data'=>$DATE_FORMAT_OPTIONS,'datakeys'=>array('id','name'),'value'=>$cl_date_format,
     'onchange'=>'MakeFormatPreview("date_format_preview", this);'));
   $TIME_FORMAT_OPTIONS = array(
-    array('id'=>'%H:%M','name'=>$i18n->getKey('form.profile.24_hours')),
-    array('id'=>'%I:%M %p','name'=>$i18n->getKey('form.profile.12_hours')));
+    array('id'=>'%H:%M','name'=>$i18n->get('form.profile.24_hours')),
+    array('id'=>'%I:%M %p','name'=>$i18n->get('form.profile.12_hours')));
   $form->addInput(array('type'=>'combobox','name'=>'time_format','style'=>'width: 150px;','data'=>$TIME_FORMAT_OPTIONS,'datakeys'=>array('id','name'),'value'=>$cl_time_format,
     'onchange'=>'MakeFormatPreview("time_format_preview", this);'));
 
@@ -179,20 +182,23 @@ if ($user->canManageTeam()) {
 
   // Prepare tracking mode choices.
   $tracking_mode_options = array();
-  $tracking_mode_options[MODE_TIME] = $i18n->getKey('form.profile.mode_time');
-  $tracking_mode_options[MODE_PROJECTS] = $i18n->getKey('form.profile.mode_projects');
-  $tracking_mode_options[MODE_PROJECTS_AND_TASKS] = $i18n->getKey('form.profile.mode_projects_and_tasks');
+  $tracking_mode_options[MODE_TIME] = $i18n->get('form.profile.mode_time');
+  $tracking_mode_options[MODE_PROJECTS] = $i18n->get('form.profile.mode_projects');
+  $tracking_mode_options[MODE_PROJECTS_AND_TASKS] = $i18n->get('form.profile.mode_projects_and_tasks');
   $form->addInput(array('type'=>'combobox','name'=>'tracking_mode','style'=>'width: 150px;','data'=>$tracking_mode_options,'value'=>$cl_tracking_mode,'onchange'=>'handleTaskRequiredCheckbox()'));
   $form->addInput(array('type'=>'checkbox','name'=>'project_required','value'=>$cl_project_required));
   $form->addInput(array('type'=>'checkbox','name'=>'task_required','value'=>$cl_task_required));
 
   // Prepare record type choices.
   $record_type_options = array();
-  $record_type_options[TYPE_ALL] = $i18n->getKey('form.profile.type_all');
-  $record_type_options[TYPE_START_FINISH] = $i18n->getKey('form.profile.type_start_finish');
-  $record_type_options[TYPE_DURATION] = $i18n->getKey('form.profile.type_duration');
+  $record_type_options[TYPE_ALL] = $i18n->get('form.profile.type_all');
+  $record_type_options[TYPE_START_FINISH] = $i18n->get('form.profile.type_start_finish');
+  $record_type_options[TYPE_DURATION] = $i18n->get('form.profile.type_duration');
   $form->addInput(array('type'=>'combobox','name'=>'record_type','style'=>'width: 150px;','data'=>$record_type_options,'value'=>$cl_record_type));
 
+  // Punch mode checkbox.
+  $form->addInput(array('type'=>'checkbox','name'=>'punch_mode','value'=>$cl_punch_mode));
+
   // Allow overlap checkbox.
   $form->addInput(array('type'=>'checkbox','name'=>'allow_overlap','value'=>$cl_allow_overlap));
 
@@ -221,30 +227,30 @@ if ($user->canManageTeam()) {
   $form->addInput(array('type'=>'checkbox','name'=>'quotas','value'=>$cl_quotas,'onchange'=>'handlePluginCheckboxes()'));
   $form->addInput(array('type'=>'checkbox','name'=>'week_view','value'=>$cl_week_view,'onchange'=>'handlePluginCheckboxes()'));
 }
-$form->addInput(array('type'=>'submit','name'=>'btn_save','value'=>$i18n->getKey('button.save')));
+$form->addInput(array('type'=>'submit','name'=>'btn_save','value'=>$i18n->get('button.save')));
 
 if ($request->isPost()) {
   // Validate user input.
-  if (!ttValidString($cl_name)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.person_name'));
+  if (!ttValidString($cl_name)) $err->add($i18n->get('error.field'), $i18n->get('label.person_name'));
   if ($can_change_login) {
-    if (!ttValidString($cl_login)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.login'));
+    if (!ttValidString($cl_login)) $err->add($i18n->get('error.field'), $i18n->get('label.login'));
 
     // New login must be unique.
     if ($cl_login != $user->login && ttUserHelper::getUserByLogin($cl_login))
-      $err->add($i18n->getKey('error.user_exists'));
+      $err->add($i18n->get('error.user_exists'));
   }
   if (!$auth->isPasswordExternal() && ($cl_password1 || $cl_password2)) {
-    if (!ttValidString($cl_password1)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.password'));
-    if (!ttValidString($cl_password2)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.confirm_password'));
+    if (!ttValidString($cl_password1)) $err->add($i18n->get('error.field'), $i18n->get('label.password'));
+    if (!ttValidString($cl_password2)) $err->add($i18n->get('error.field'), $i18n->get('label.confirm_password'));
     if ($cl_password1 !== $cl_password2)
-      $err->add($i18n->getKey('error.not_equal'), $i18n->getKey('label.password'), $i18n->getKey('label.confirm_password'));
+      $err->add($i18n->get('error.not_equal'), $i18n->get('label.password'), $i18n->get('label.confirm_password'));
   }
-  if (!ttValidEmail($cl_email, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.email'));
+  if (!ttValidEmail($cl_email, true)) $err->add($i18n->get('error.field'), $i18n->get('label.email'));
   if ($user->canManageTeam()) {
-    if (!ttValidString($cl_team, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.team_name'));
-    if (!ttValidString($cl_currency, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.currency'));
+    if (!ttValidString($cl_team, true)) $err->add($i18n->get('error.field'), $i18n->get('label.team_name'));
+    if (!ttValidString($cl_currency, true)) $err->add($i18n->get('error.field'), $i18n->get('label.currency'));
     if ($user->isManager()) {
-      if (!ttValidEmail($cl_bcc_email, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.bcc'));
+      if (!ttValidEmail($cl_bcc_email, true)) $err->add($i18n->get('error.field'), $i18n->get('label.bcc'));
     }
   }
   // Finished validating user input.
@@ -293,6 +299,8 @@ if ($request->isPost()) {
       // Prepare config string.
       if ($cl_show_holidays)
         $config .= ',show_holidays';
+      if ($cl_punch_mode)
+        $config .= ',punch_mode';
       if ($cl_allow_overlap)
         $config .= ',allow_overlap';
       if ($cl_future_entries)
@@ -330,13 +338,13 @@ if ($request->isPost()) {
       header('Location: time.php');
       exit();
     } else
-      $err->add($i18n->getKey('error.db'));
+      $err->add($i18n->get('error.db'));
   }
 } // isPost
 
 $smarty->assign('auth_external', $auth->isPasswordExternal());
 $smarty->assign('forms', array($form->getName()=>$form->toArray()));
 $smarty->assign('onload', 'onLoad="handleTaskRequiredCheckbox(); handlePluginCheckboxes();"');
-$smarty->assign('title', $i18n->getKey('title.profile'));
+$smarty->assign('title', $i18n->get('title.profile'));
 $smarty->assign('content_page_name', 'profile_edit.tpl');
 $smarty->display('index.tpl');
Unnamed repository; edit this file 'description' to name the repository.