X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=invoice_send.php;h=e94e8050fd49a8a211a884f93c831f805c0e40d5;hb=4ebe6fd29283633e5ae7cdb399cc144c38af25fb;hp=f0e30bc4bfe83958571e5d54fb5797632a069999;hpb=4dcb88a76a3de466ee6116ae0852f53ba2b259a5;p=timetracker.git diff --git a/invoice_send.php b/invoice_send.php index f0e30bc4..e94e8050 100644 --- a/invoice_send.php +++ b/invoice_send.php @@ -29,10 +29,10 @@ require_once('initialize.php'); import('form.Form'); import('ttInvoiceHelper'); -import('ttSysConfig'); +import('ttUserConfig'); // Access checks. -if (!(ttAccessAllowed('manage_invoices') || ttAccessAllowed('view_own_invoices'))) { +if (!(ttAccessAllowed('manage_invoices') || ttAccessAllowed('view_client_invoices'))) { header('Location: access_denied.php'); exit(); } @@ -40,14 +40,15 @@ if (!$user->isPluginEnabled('iv')) { header('Location: feature_disabled.php'); exit(); } - $cl_invoice_id = (int)$request->getParameter('id'); -$invoice = ttInvoiceHelper::getInvoice($cl_invoice_id); -$sc = new ttSysConfig($user->id); +$invoice = ttInvoiceHelper::getInvoice($cl_invoice_id); +if (!$invoice) { + header('Location: access_denied.php'); + exit(); +} +// End of access checks. -// Security check. -if (!$cl_invoice_id || !$invoice) - die ($i18n->get('error.sys')); +$uc = new ttUserConfig(); if ($request->isPost()) { $cl_receiver = trim($request->getParameter('receiver')); @@ -55,9 +56,9 @@ if ($request->isPost()) { $cl_subject = trim($request->getParameter('subject')); $cl_comment = trim($request->getParameter('comment')); } else { - $cl_receiver = $sc->getValue(SYSC_LAST_INVOICE_EMAIL); - $cl_cc = $sc->getValue(SYSC_LAST_INVOICE_CC); - $cl_subject = $i18n->get('title.invoice').' '.$invoice['name'].', '.$user->team; + $cl_receiver = $uc->getValue(SYSC_LAST_INVOICE_EMAIL); + $cl_cc = $uc->getValue(SYSC_LAST_INVOICE_CC); + $cl_subject = $i18n->get('title.invoice').' '.$invoice['name'].', '.$user->group_name; } $form = new Form('mailForm'); @@ -77,8 +78,8 @@ if ($request->isPost()) { if ($err->no()) { // Save last invoice emails for future use. - $sc->setValue(SYSC_LAST_INVOICE_EMAIL, $cl_receiver); - $sc->setValue(SYSC_LAST_INVOICE_CC, $cl_cc); + $uc->setValue(SYSC_LAST_INVOICE_EMAIL, $cl_receiver); + $uc->setValue(SYSC_LAST_INVOICE_CC, $cl_cc); $body = ttInvoiceHelper::prepareInvoiceBody($cl_invoice_id, $cl_comment);