Improved sfety of inner join for timesheet assignment.

[timetracker.git] / time.php

diff --git a/time.php b/time.php
index 5a9b521..f7b1c12 100644 (file)
--- a/time.php
+++ b/time.php
@@ -56,7 +56,7 @@ if ($request->isPost()) {
 }
 // End of access checks.
 
-// Determine user for which we display this page.
+// Determine user for whom we display this page.
 if ($request->isPost() && $userChanged) {
   $user_id = $request->getParameter('user');
   $user->setOnBehalfUser($user_id);
@@ -131,9 +131,9 @@ $form = new Form('timeRecordForm');
 if ($user->can('track_time')) {
   $rank = $user->getMaxRankForGroup($group_id);
   if ($user->can('track_own_time'))
-    $options = array('group_id'=>$group_id,'status'=>ACTIVE,'max_rank'=>$rank,'include_self'=>true,'self_first'=>true);
+    $options = array('status'=>ACTIVE,'max_rank'=>$rank,'include_self'=>true,'self_first'=>true);
   else
-    $options = array('group_id'=>$group_id,'status'=>ACTIVE,'max_rank'=>$rank);
+    $options = array('status'=>ACTIVE,'max_rank'=>$rank);
   $user_list = $user->getUsers($options);
   if (count($user_list) >= 1) {
     $form->addInput(array('type'=>'combobox',
@@ -347,7 +347,7 @@ if ($request->isPost()) {
   } elseif ($request->getParameter('btn_stop')) {
     // Stop button pressed to finish an uncompleted record.
     $record_id = $request->getParameter('record_id');
-    $record = ttTimeHelper::getRecord($record_id, $user_id);
+    $record = ttTimeHelper::getRecord($record_id);
     $browser_date = $request->getParameter('browser_date');
     $browser_time = $request->getParameter('browser_time');