X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=invoice_send.php;h=48bc14f072a55d61737cb912ae99c94fe6b1cec6;hb=2ccee198591bc2ad5d80b5e1076246449d9232c1;hp=bc290a6662ebb3db2dc3a2250b0568b35c108c7a;hpb=db2ca21db73a2ea52155510e1e0300541d6b9ef6;p=timetracker.git

diff --git a/invoice_send.php b/invoice_send.php
index bc290a66..48bc14f0 100644
--- a/invoice_send.php
+++ b/invoice_send.php
@@ -32,7 +32,7 @@ import('ttInvoiceHelper');
 import('ttSysConfig');
 
 // Access check.
-if (!ttAccessCheck(right_view_invoices) || !$user->isPluginEnabled('iv')) {
+if (!(ttAccessAllowed('manage_invoices') || ttAccessAllowed('view_own_invoices')) || !$user->isPluginEnabled('iv')) {
   header('Location: access_denied.php');
   exit();
 }
@@ -67,8 +67,8 @@ $form->addInput(array('type'=>'submit','name'=>'btn_send','value'=>$i18n->getKey
 if ($request->isPost()) {
   // Validate user input.
   if (!ttValidEmailList($cl_receiver)) $err->add($i18n->getKey('error.field'), $i18n->getKey('form.mail.to'));
-  if (!ttValidEmailList($cl_cc, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('form.mail.cc'));
-  if (!ttValidString($cl_subject)) $err->add($i18n->getKey('error.field'), $i18n->getKey('form.mail.subject'));
+  if (!ttValidEmailList($cl_cc, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.cc'));
+  if (!ttValidString($cl_subject)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.subject'));
   if (!ttValidString($cl_comment, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.comment'));
 
   if ($err->no()) {
@@ -86,6 +86,8 @@ if ($request->isPost()) {
     $mailer->setReceiver($cl_receiver);
     if (isset($cl_cc))
       $mailer->setReceiverCC($cl_cc);
+    if (!empty($user->bcc_email))
+      $mailer->setReceiverBCC($user->bcc_email);
     $mailer->setMailMode(MAIL_MODE);
     if ($mailer->send($cl_subject, $body))
       $msg->add($i18n->getKey('form.mail.invoice_sent'));