X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=mobile%2Fexpense_edit.php;h=654d1698d76892f9094963441008a9799691dbda;hb=fb5b1697fdd701ada644b7e25f22a93a0893107c;hp=0f657973c695d51e5889124303a9b7026867abae;hpb=f8292d356ef3ac53b2bb1183dd462f7c453c20e5;p=timetracker.git

diff --git a/mobile/expense_edit.php b/mobile/expense_edit.php
index 0f657973..654d1698 100644
--- a/mobile/expense_edit.php
+++ b/mobile/expense_edit.php
@@ -30,6 +30,7 @@ require_once('../initialize.php');
 import('form.Form');
 import('ttGroupHelper');
 import('DateAndTime');
+import('ttTimeHelper');
 import('ttExpenseHelper');
 
 // Access checks.
@@ -44,14 +45,17 @@ if (!$user->isPluginEnabled('ex')) {
 $cl_id = (int)$request->getParameter('id');
 // Get the expense item we are editing.
 $expense_item = ttExpenseHelper::getItem($cl_id);
-if (!$expense_item || $expense_item['invoice_id']) {
-  // Prohibit editing not ours or invoiced items.
+if (!$expense_item || $expense_item['approved'] || $expense_item['invoice_id']) {
+  // Prohibit editing not ours, approved, or invoiced items.
   header('Location: access_denied.php');
   exit();
 }
+// End of access checks.
 
 $item_date = new DateAndTime(DB_DATEFORMAT, $expense_item['date']);
 $confirm_save = $user->getConfigOption('confirm_save');
+$trackingMode = $user->getTrackingMode();
+$show_project = MODE_PROJECTS == $trackingMode || MODE_PROJECTS_AND_TASKS == $trackingMode;
 
 // Initialize variables.
 $cl_date = $cl_client = $cl_project = $cl_item_name = $cl_cost = null;
@@ -62,7 +66,7 @@ if ($request->isPost()) {
   $cl_item_name = trim($request->getParameter('item_name'));
   $cl_cost = trim($request->getParameter('cost'));
 } else {
-  $cl_date = $item_date->toString($user->date_format);
+  $cl_date = $item_date->toString($user->getDateFormat());
   $cl_client = $expense_item['client_id'];
   $cl_project = $expense_item['project_id'];
   $cl_item_name = $expense_item['name'];
@@ -73,7 +77,7 @@ if ($request->isPost()) {
 $form = new Form('expenseItemForm');
 
 // Dropdown for clients in MODE_TIME. Use all active clients.
-if (MODE_TIME == $user->tracking_mode && $user->isPluginEnabled('cl')) {
+if (MODE_TIME == $trackingMode && $user->isPluginEnabled('cl')) {
   $active_clients = ttGroupHelper::getActiveClients(true);
   $form->addInput(array('type'=>'combobox',
     'onchange'=>'fillProjectDropdown(this.value);',
@@ -86,7 +90,7 @@ if (MODE_TIME == $user->tracking_mode && $user->isPluginEnabled('cl')) {
   // Note: in other modes the client list is filtered to relevant clients only. See below.
 }
 
-if (MODE_PROJECTS == $user->tracking_mode || MODE_PROJECTS_AND_TASKS == $user->tracking_mode) {
+if ($show_project) {
   // Dropdown for projects assigned to user.
   $project_list = $user->getAssignedProjects();
   $form->addInput(array('type'=>'combobox',
@@ -151,24 +155,25 @@ $form->addInput(array('type'=>'submit','name'=>'btn_delete','value'=>$i18n->get(
 
 if ($request->isPost()) {
   // Validate user input.
-  if ($user->isPluginEnabled('cl') && $user->isPluginEnabled('cm') && !$cl_client)
+  if ($user->isPluginEnabled('cl') && $user->isOptionEnabled('client_required') && !$cl_client)
     $err->add($i18n->get('error.client'));
-  if (MODE_PROJECTS == $user->tracking_mode || MODE_PROJECTS_AND_TASKS == $user->tracking_mode) {
-    if (!$cl_project) $err->add($i18n->get('error.project'));
-  }
+  if ($show_project && !$cl_project)
+    $err->add($i18n->get('error.project'));
   if (!ttValidString($cl_item_name)) $err->add($i18n->get('error.field'), $i18n->get('label.item'));
   if (!ttValidFloat($cl_cost)) $err->add($i18n->get('error.field'), $i18n->get('label.cost'));
   if (!ttValidDate($cl_date)) $err->add($i18n->get('error.field'), $i18n->get('label.date'));
 
   // This is a new date for the expense item.
-  $new_date = new DateAndTime($user->date_format, $cl_date);
+  $new_date = new DateAndTime($user->getDateFormat(), $cl_date);
 
   // Prohibit creating entries in future.
-  if (!$user->future_entries) {
+  if (!$user->getConfigOption('future_entries')) {
     $browser_today = new DateAndTime(DB_DATEFORMAT, $request->getParameter('browser_today', null));
     if ($new_date->after($browser_today))
       $err->add($i18n->get('error.future_date'));
   }
+  if (!ttTimeHelper::canAdd()) $err->add($i18n->get('error.expired'));
+  // Finished validating input data.
 
   // Save record.
   if ($request->getParameter('btn_save')) {
@@ -187,7 +192,7 @@ if ($request->isPost()) {
 
     // Now, an update.
     if ($err->no()) {
-      if (ttExpenseHelper::update(array('id'=>$cl_id,'date'=>$new_date->toString(DB_DATEFORMAT),'user_id'=>$user->getUser(),
+      if (ttExpenseHelper::update(array('id'=>$cl_id,'date'=>$new_date->toString(DB_DATEFORMAT),
           'client_id'=>$cl_client,'project_id'=>$cl_project,'name'=>$cl_item_name,'cost'=>$cl_cost))) {
         header('Location: expenses.php?date='.$new_date->toString(DB_DATEFORMAT));
         exit();
@@ -222,11 +227,12 @@ if ($confirm_save) {
   $smarty->assign('confirm_save', true);
   $smarty->assign('entry_date', $cl_date);
 }
+$smarty->assign('forms', array($form->getName()=>$form->toArray()));
+$smarty->assign('show_project', $show_project);
 $smarty->assign('predefined_expenses', $predefined_expenses);
 $smarty->assign('client_list', $client_list);
 $smarty->assign('project_list', $project_list);
 $smarty->assign('task_list', $task_list);
-$smarty->assign('forms', array($form->getName()=>$form->toArray()));
 $smarty->assign('title', $i18n->get('title.edit_expense'));
 $smarty->assign('content_page_name', 'mobile/expense_edit.tpl');
 $smarty->display('mobile/index.tpl');