X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=admin_group_edit.php;h=ee639d0425685e0c833258e69dbe5b17bc4ea3c1;hb=8dade986970598d2c58e2484342e413bf30be4db;hp=a1157fbe3b3a560e057cc1c2b255ec1668c389fa;hpb=09538ad1b33e506c716b09a8d55ec4f0ad8c4508;p=timetracker.git

diff --git a/admin_group_edit.php b/admin_group_edit.php
index a1157fbe..ee639d04 100644
--- a/admin_group_edit.php
+++ b/admin_group_edit.php
@@ -29,17 +29,23 @@
 require_once('initialize.php');
 import('form.Form');
 import('ttUserHelper');
-import('ttTeamHelper');
+import('ttAdmin');
 
 // Access checks.
 if (!ttAccessAllowed('administer_site')) {
   header('Location: access_denied.php');
   exit();
 }
+$group_id = (int)$request->getParameter('id');
+$group_name = ttAdmin::getGroupName($group_id);
+if (!($group_id && $group_name)) {
+  header('Location: access_denied.php');
+  exit();
+}
 // End of access checks.
 
-$group_id = $request->getParameter('id');
-$group_details = ttTeamHelper::getTeamDetails($group_id);
+$org_details = ttAdmin::getOrgDetails($group_id);
+if (!$org_details) $err->add($i18n->get('error.db'));
 
 if ($request->isPost()) {
   $cl_group_name = trim($request->getParameter('group_name'));
@@ -51,13 +57,13 @@ if ($request->isPost()) {
   }
   $cl_manager_email = trim($request->getParameter('manager_email'));
 } else {
-  $cl_group_name = $group_details['team_name'];
-  $cl_manager_name = $group_details['manager_name'];
-  $cl_manager_login = $group_details['manager_login'];
+  $cl_group_name = $org_details['group_name'];
+  $cl_manager_name = $org_details['manager_name'];
+  $cl_manager_login = $org_details['manager_login'];
   if (!$auth->isPasswordExternal()) {
     $cl_password1 = $cl_password2 = '';
   }
-  $cl_manager_email = $group_details['manager_email'];
+  $cl_manager_email = $org_details['manager_email'];
 }
 
 $form = new Form('groupForm');
@@ -75,24 +81,46 @@ $form->addInput(array('type'=>'submit','name'=>'btn_cancel','value'=>$i18n->get(
 
 if ($request->isPost()) {
   if ($request->getParameter('btn_save')) {
-    // Create fields array for ttAdmin instance.
-    $fields = array(
-      'old_group_name' => $group_details['team_name'],
-      'new_group_name' => $cl_group_name,
-      'user_id' => $group_details['manager_id'],
-      'user_name' => $cl_manager_name,
-      'old_login' => $group_details['manager_login'],
-      'new_login' => $cl_manager_login,
-      'password1' => $cl_password1,
-      'password2' => $cl_password2,
-      'email' => $cl_manager_email);
 
-    import('ttAdmin');
-    $admin = new ttAdmin($err);
-    $result = $admin->updateGroup($group_id, $fields);
-    if ($result) {
-      header('Location: admin_groups.php');
-      exit();
+    // Validate user input.
+    if (!ttValidString($cl_group_name))
+      $err->add($i18n->get('error.field'), $i18n->get('label.group_name'));
+    if (!ttValidString($cl_manager_name))
+      $err->add($i18n->get('error.field'), $i18n->get('label.manager_name'));
+    if (!ttValidString($cl_manager_login))
+      $err->add($i18n->get('error.field'), $i18n->get('label.manager_login'));
+    // If we change login, it must be unique.
+    if ($cl_manager_login != $org_details['manager_login']) {
+      if (ttUserHelper::getUserByLogin($cl_manager_login)) {
+        $err->add($i18n->get('error.user_exists'));
+      }
+    }
+    if (!$auth->isPasswordExternal() && ($cl_password1 || $cl_password2)) {
+      if (!ttValidString($cl_password1))
+        $err->add($i18n->get('error.field'), $i18n->get('label.password'));
+      if (!ttValidString($cl_password2))
+        $err->add($i18n->get('error.field'), $i18n->get('label.confirm_password'));
+      if ($cl_password1 !== $cl_password2)
+        $err->add($i18n->get('error.not_equal'), $i18n->get('label.password'), $i18n->get('label.confirm_password'));
+    }
+    if (!ttValidEmail($cl_manager_email, true))
+      $err->add($i18n->get('error.field'), $i18n->get('label.email'));
+
+    if ($err->no()) {
+      if (ttAdmin::updateGroup(array('group_id' => $group_id,
+        'old_group_name' => $org_details['group_name'],
+        'new_group_name' => $cl_group_name,
+        'user_id' => $org_details['manager_id'],
+        'user_name' => $cl_manager_name,
+        'old_login' => $org_details['manager_login'],
+        'new_login' => $cl_manager_login,
+        'password1' => $cl_password1,
+        'password2' => $cl_password2,
+        'email' => $cl_manager_email))) {
+        header('Location: admin_groups.php');
+        exit();
+      } else
+        $err->add($i18n->get('error.db'));
     }
   }