X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=WEB-INF%2Flib%2FttReportHelper.class.php;h=26478c3b73dd30b7b333dfbd3c2833336077509e;hb=54bb71ed8e6b7f79e3b26bc1c8a70a95793950c8;hp=744ef97b024093a24f926b64ab00cea9de4ca8ed;hpb=aa93160fd2b4cccce4e14c96cc1c3e5e43218e4c;p=timetracker.git diff --git a/WEB-INF/lib/ttReportHelper.class.php b/WEB-INF/lib/ttReportHelper.class.php index 744ef97b..26478c3b 100644 --- a/WEB-INF/lib/ttReportHelper.class.php +++ b/WEB-INF/lib/ttReportHelper.class.php @@ -40,6 +40,9 @@ class ttReportHelper { static function getWhere($options) { global $user; + $group_id = $user->getGroup(); + $org_id = $user->org_id; + // Prepare dropdown parts. $dropdown_parts = ''; if ($options['client_id']) @@ -61,17 +64,18 @@ class ttReportHelper { if ($user->can('view_reports') || $user->can('view_all_reports') || $user->isClient()) $user_list_part = " and l.user_id in ($userlist)"; else - $user_list_part = " and l.user_id = ".$user->id; - $user_list_part .= " and l.group_id = ".$user->getActiveGroup(); + $user_list_part = " and l.user_id = ".$user->getUser(); + $user_list_part .= " and l.group_id = $group_id and l.org_id = $org_id"; // Prepare sql query part for where. + $dateFormat = $user->getDateFormat(); if ($options['period']) - $period = new Period($options['period'], new DateAndTime($user->date_format)); + $period = new Period($options['period'], new DateAndTime($dateFormat)); else { $period = new Period(); $period->setPeriod( - new DateAndTime($user->date_format, $options['period_start']), - new DateAndTime($user->date_format, $options['period_end'])); + new DateAndTime($dateFormat, $options['period_start']), + new DateAndTime($dateFormat, $options['period_end'])); } $where = " where l.status = 1 and l.date >= '".$period->getStartDate(DB_DATEFORMAT)."' and l.date <= '".$period->getEndDate(DB_DATEFORMAT)."'". " $user_list_part $dropdown_parts"; @@ -100,7 +104,7 @@ class ttReportHelper { $user_list_part = " and ei.user_id in ($userlist)"; else $user_list_part = " and ei.user_id = ".$user->id; - $user_list_part .= " and ei.group_id = ".$user->getActiveGroup(); + $user_list_part .= " and ei.group_id = ".$user->getGroup(); // Prepare sql query part for where. if ($options['period']) @@ -157,7 +161,7 @@ class ttReportHelper { // Add custom field. $include_cf_1 = $options['show_custom_field_1'] || $grouping_by_cf_1; if ($include_cf_1) { - $custom_fields = new CustomFields($user->group_id); + $custom_fields = new CustomFields(); $cf_1_type = $custom_fields->fields[0]['type']; if ($cf_1_type == CustomFields::TYPE_TEXT) { array_push($fields, 'cfl.value as cf_1'); @@ -564,35 +568,45 @@ class ttReportHelper { } // The assignToInvoice assigns a set of records to a specific invoice. - static function assignToInvoice($invoice_id, $time_log_ids, $expense_item_ids) - { + static function assignToInvoice($invoice_id, $time_log_ids, $expense_item_ids) { + global $user; $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + if ($time_log_ids) { $sql = "update tt_log set invoice_id = ".$mdb2->quote($invoice_id). - " where id in(".join(', ', $time_log_ids).")"; + " where id in(".join(', ', $time_log_ids).") and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) die($affected->getMessage()); } if ($expense_item_ids) { $sql = "update tt_expense_items set invoice_id = ".$mdb2->quote($invoice_id). - " where id in(".join(', ', $expense_item_ids).")"; + " where id in(".join(', ', $expense_item_ids).") and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) die($affected->getMessage()); } } // The markPaid marks a set of records as either paid or unpaid. - static function markPaid($time_log_ids, $expense_item_ids, $paid = true) - { + static function markPaid($time_log_ids, $expense_item_ids, $paid = true) { + global $user; $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + $paid_val = (int) $paid; if ($time_log_ids) { - $sql = "update tt_log set paid = $paid_val where id in(".join(', ', $time_log_ids).")"; + $sql = "update tt_log set paid = $paid_val". + " where id in(".join(', ', $time_log_ids).") and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) die($affected->getMessage()); } if ($expense_item_ids) { - $sql = "update tt_expense_items set paid = $paid_val where id in(".join(', ', $expense_item_ids).")"; + $sql = "update tt_expense_items set paid = $paid_val". + " where id in(".join(', ', $expense_item_ids).") and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) die($affected->getMessage()); } @@ -616,7 +630,7 @@ class ttReportHelper { // Use custom fields plugin if it is enabled. if ($user->isPluginEnabled('cf')) - $custom_fields = new CustomFields($user->group_id); + $custom_fields = new CustomFields(); // Define some styles to use in email. $style_title = 'text-align: center; font-size: 15pt; font-family: Arial, Helvetica, sans-serif;'; @@ -1010,7 +1024,7 @@ class ttReportHelper { // Check users. $users_in_bean = $bean->getAttribute('users'); if (is_array($users_in_bean)) { - $users_in_group = ttTeamHelper::getUsers(); + $users_in_group = ttGroupHelper::getUsers(); foreach ($users_in_group as $user_in_group) { $valid_ids[] = $user_in_group['id']; } @@ -1460,7 +1474,7 @@ class ttReportHelper { $join .= ' left join tt_tasks t on (l.task_id = t.id)'; } if (ttReportHelper::groupingBy('cf_1', $options)) { - $custom_fields = new CustomFields($user->group_id); + $custom_fields = new CustomFields(); if ($custom_fields->fields[0]['type'] == CustomFields::TYPE_TEXT) $join .= ' left join tt_custom_field_log cfl on (l.id = cfl.log_id and cfl.status = 1) left join tt_custom_field_options cfo on (cfl.value = cfo.id)'; elseif ($custom_fields->fields[0]['type'] == CustomFields::TYPE_DROPDOWN)