X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=cf_custom_field_delete.php;h=c8a13369281167ab5f5cfec91e96de30c9825a39;hb=HEAD;hp=86fa7d87100be6f8cec838418bca37d4d16aca50;hpb=9e82b53fc5d8cb1e54b5fde774fa68a916f28b4c;p=timetracker.git

diff --git a/cf_custom_field_delete.php b/cf_custom_field_delete.php
index 86fa7d87..c8a13369 100644
--- a/cf_custom_field_delete.php
+++ b/cf_custom_field_delete.php
@@ -30,13 +30,22 @@ require_once('initialize.php');
 require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
-// Access check.
-if (!ttAccessCheck(right_manage_team)) {
+// Access checks.
+if (!ttAccessAllowed('manage_custom_fields')) {
   header('Location: access_denied.php');
   exit();
 }
-
-$id = $request->getParameter('id');
+if (!$user->isPluginEnabled('cf')) {
+  header('Location: feature_disabled.php');
+  exit();
+}
+$id = (int)$request->getParameter('id');
+$field = CustomFields::getField($id);
+if (!$field) {
+  header('Location: access_denied.php');
+  exit();
+}
+// End of access checks.
 
 $form = new Form('fieldDeleteForm');
 
@@ -48,7 +57,7 @@ if ($request->isPost()) {
       header('Location: cf_custom_fields.php');
       exit();
     } else
-      $err->add($i18n->getKey('error.db'));
+      $err->add($i18n->get('error.db'));
   }
   if ($request->getParameter('btn_cancel')) {
     // Cancel button pressed.
@@ -56,20 +65,14 @@ if ($request->isPost()) {
     exit();
   }
 } else {
-  $field = CustomFields::getField($id);	
-  if (false === $field)
-    $err->add($i18n->getKey('error.db'));
-
-  if ($err->no()) {
-    $form->addInput(array('type'=>'hidden','name'=>'id','value'=>$id));
-    $form->addInput(array('type'=>'submit','name'=>'btn_delete','value'=>$i18n->getKey('label.delete')));
-    $form->addInput(array('type'=>'submit','name'=>'btn_cancel','value'=>$i18n->getKey('button.cancel')));
-  }
+  $form->addInput(array('type'=>'hidden','name'=>'id','value'=>$id));
+  $form->addInput(array('type'=>'submit','name'=>'btn_delete','value'=>$i18n->get('label.delete')));
+  $form->addInput(array('type'=>'submit','name'=>'btn_cancel','value'=>$i18n->get('button.cancel')));
 }
 
 $smarty->assign('field', $field['label']);
 $smarty->assign('forms', array($form->getName()=>$form->toArray()));
 $smarty->assign('onload', 'onLoad="document.fieldDeleteForm.btn_cancel.focus()"');
-$smarty->assign('title', $i18n->getKey('title.cf_delete_custom_field'));
+$smarty->assign('title', $i18n->get('title.cf_delete_custom_field'));
 $smarty->assign('content_page_name', 'cf_custom_field_delete.tpl');
 $smarty->display('index.tpl');