X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=expenses.php;h=2c25bde66e0c91b254fc7be13f5bcf0c9f945524;hb=HEAD;hp=eb11e73a3b74300d9dddbfa6d347dc7ca7c947d2;hpb=7b6cfb2cceac61a6e899590ac8ac9fa8cb326c6a;p=timetracker.git diff --git a/expenses.php b/expenses.php index eb11e73a..2c25bde6 100644 --- a/expenses.php +++ b/expenses.php @@ -31,6 +31,7 @@ import('form.Form'); import('ttUserHelper'); import('ttGroupHelper'); import('DateAndTime'); +import('ttTimeHelper'); import('ttExpenseHelper'); // Access checks. @@ -42,6 +43,10 @@ if (!$user->isPluginEnabled('ex')) { header('Location: feature_disabled.php'); exit(); } +if (!$user->exists()) { + header('Location: access_denied.php'); // Nobody to enter expenses for. + exit(); +} if ($user->behalf_id && (!$user->can('track_expenses') || !$user->checkBehalfId())) { header('Location: access_denied.php'); // Trying on behalf, but no right or wrong user. exit(); @@ -65,9 +70,6 @@ if ($request->isPost() && $userChanged) { $user->setOnBehalfUser($user_id); } else { $user_id = $user->getUser(); - // Handle a situation for no users in on behalf group. - if ($user->behalfGroup && $user_id == $user->id) - $user_id = null; } // Initialize and store date in session. @@ -188,7 +190,7 @@ $form->addInput(array('type'=>'submit','name'=>'btn_submit','onclick'=>'browser_ if ($request->isPost()) { if ($request->getParameter('btn_submit')) { // Validate user input. - if ($user->isPluginEnabled('cl') && $user->isPluginEnabled('cm') && !$cl_client) + if ($user->isPluginEnabled('cl') && $user->isOptionEnabled('client_required') && !$cl_client) $err->add($i18n->get('error.client')); if ($show_project && !$cl_project) $err->add($i18n->get('error.project')); @@ -201,6 +203,7 @@ if ($request->isPost()) { if ($selected_date->after($browser_today)) $err->add($i18n->get('error.future_date')); } + if (!ttTimeHelper::canAdd()) $err->add($i18n->get('error.expired')); // Finished validating input data. // Prohibit creating entries in locked range.