X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=expense_delete.php;h=06c9690b0fca79cfd673e56f13268dd584935183;hb=e59d57b1fcf105382028dcfc0157a6ca84b0dc46;hp=d0b11cc87116de9e3b05d141e45061ee32f7eb75;hpb=9e82b53fc5d8cb1e54b5fde774fa68a916f28b4c;p=timetracker.git diff --git a/expense_delete.php b/expense_delete.php index d0b11cc8..06c9690b 100644 --- a/expense_delete.php +++ b/expense_delete.php @@ -32,7 +32,7 @@ import('DateAndTime'); import('ttExpenseHelper'); // Access check. -if (!ttAccessCheck(right_data_entry)) { +if (!ttAccessAllowed('track_own_expenses') || !$user->isPluginEnabled('ex')) { header('Location: access_denied.php'); exit(); } @@ -41,26 +41,15 @@ $cl_id = $request->getParameter('id'); $expense_item = ttExpenseHelper::getItem($cl_id, $user->getActiveUser()); // Prohibit deleting invoiced records. -if ($expense_item['invoice_id']) die($i18n->getKey('error.sys')); +if ($expense_item['invoice_id']) die($i18n->get('error.sys')); if ($request->isPost()) { if ($request->getParameter('delete_button')) { // Delete button pressed. - // Determine if it's okay to delete the record. - - // Determine lock date. - $lock_interval = $user->lock_interval; - $lockdate = 0; - if ($lock_interval > 0) { - $lockdate = new DateAndTime(); - $lockdate->decDay($lock_interval); - } - if ($lockdate) { - $item_date = new DateAndTime(DB_DATEFORMAT); - $item_date->parseVal($expense_item['date'], DB_DATEFORMAT); - if ($item_date->before($lockdate)) - $err->add($i18n->getKey('error.period_locked')); - } + // Determine if it is okay to delete the record. + $item_date = new DateAndTime(DB_DATEFORMAT, $expense_item['date']); + if ($user->isDateLocked($item_date)) + $err->add($i18n->get('error.range_locked')); if ($err->no()) { // Mark the record as deleted. @@ -68,22 +57,22 @@ if ($request->isPost()) { header('Location: expenses.php'); exit(); } else - $err->add($i18n->getKey('error.db')); + $err->add($i18n->get('error.db')); } } if ($request->getParameter('cancel_button')) { // Cancel button pressed. header('Location: expenses.php'); exit(); } -} // POST +} // isPost $form = new Form('expenseItemForm'); $form->addInput(array('type'=>'hidden','name'=>'id','value'=>$cl_id)); -$form->addInput(array('type'=>'submit','name'=>'delete_button','value'=>$i18n->getKey('label.delete'))); -$form->addInput(array('type'=>'submit','name'=>'cancel_button','value'=>$i18n->getKey('button.cancel'))); +$form->addInput(array('type'=>'submit','name'=>'delete_button','value'=>$i18n->get('label.delete'))); +$form->addInput(array('type'=>'submit','name'=>'cancel_button','value'=>$i18n->get('button.cancel'))); $smarty->assign('expense_item', $expense_item); $smarty->assign('forms', array($form->getName() => $form->toArray())); -$smarty->assign('title', $i18n->getKey('title.delete_expense')); +$smarty->assign('title', $i18n->get('title.delete_expense')); $smarty->assign('content_page_name', 'expense_delete.tpl'); $smarty->display('index.tpl');