X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=plugins%2FCustomFields.class.php;h=d9762b58d0487a0efb95a69afbb0c269dba91a03;hb=ab53f7a7b9b0e0ca43b6950c3389cd3889e74d82;hp=f9592f1c81c2c31a69c105d76cd504dbd3496eaf;hpb=4c604b5ccea2fabc586adaa6c5b8c0fde601255c;p=timetracker.git diff --git a/plugins/CustomFields.class.php b/plugins/CustomFields.class.php index f9592f1c..d9762b58 100644 --- a/plugins/CustomFields.class.php +++ b/plugins/CustomFields.class.php @@ -33,15 +33,20 @@ class CustomFields { const TYPE_TEXT = 1; // A text field. const TYPE_DROPDOWN = 2; // A dropdown field with pre-defined values. - var $fields = array(); // Array of custom fields for team. + var $fields = array(); // Array of custom fields for group. var $options = array(); // Array of options for a dropdown custom field. // Constructor. - function __construct($team_id) { + function __construct() { + global $user; $mdb2 = getConnection(); + $group_id = $user->getGroup(); + $org_id = $user->org_id; + // Get fields. - $sql = "select id, type, label, required from tt_custom_fields where team_id = $team_id and status = 1 and type > 0"; + $sql = "select id, type, label, required from tt_custom_fields". + " where group_id = $group_id and org_id = $org_id and status = 1 and type > 0"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { while ($val = $res->fetchRow()) { @@ -52,7 +57,8 @@ class CustomFields { // If we have a dropdown obtain options for it. if ((count($this->fields) > 0) && ($this->fields[0]['type'] == CustomFields::TYPE_DROPDOWN)) { - $sql = "select id, value from tt_custom_field_options where field_id = ".$this->fields[0]['id']." order by value"; + $sql = "select id, value from tt_custom_field_options". + " where field_id = ".$this->fields[0]['id']." and group_id = $group_id and org_id = $org_id and status = 1 order by value"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { while ($val = $res->fetchRow()) { @@ -63,9 +69,14 @@ class CustomFields { } function insert($log_id, $field_id, $option_id, $value) { - + global $user; $mdb2 = getConnection(); - $sql = "insert into tt_custom_field_log (log_id, field_id, option_id, value) values($log_id, $field_id, ".$mdb2->quote($option_id).", ".$mdb2->quote($value).")"; + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "insert into tt_custom_field_log (group_id, org_id, log_id, field_id, option_id, value)". + " values($group_id, $org_id, $log_id, $field_id, ".$mdb2->quote($option_id).", ".$mdb2->quote($value).")"; $affected = $mdb2->exec($sql); return (!is_a($affected, 'PEAR_Error')); } @@ -86,20 +97,30 @@ class CustomFields { } function delete($log_id) { - + global $user; $mdb2 = getConnection(); - $sql = "update tt_custom_field_log set status = NULL where log_id = $log_id"; + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "update tt_custom_field_log set status = null". + " where log_id = $log_id and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); return (!is_a($affected, 'PEAR_Error')); } function get($log_id) { - $fields = array(); - + global $user; $mdb2 = getConnection(); - $sql = "select id, field_id, option_id, value from tt_custom_field_log where log_id = $log_id and status = 1"; + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select id, field_id, option_id, value from tt_custom_field_log". + " where log_id = $log_id and group_id = $group_id and org_id = $org_id and status = 1"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { + $fields = array(); while ($val = $res->fetchRow()) { $fields[] = $val; } @@ -110,12 +131,16 @@ class CustomFields { // insertOption adds a new option to a custom field. static function insertOption($field_id, $option_name) { - + global $user; $mdb2 = getConnection(); + $group_id = $user->getGroup(); + $org_id = $user->org_id; + // Check if the option exists. $id = 0; - $sql = "select id from tt_custom_field_options where field_id = $field_id and value = ".$mdb2->quote($option_name); + $sql = "select id from tt_custom_field_options". + " where field_id = $field_id and group_id = $group_id and org_id = $org_id and value = ".$mdb2->quote($option_name); $res = $mdb2->query($sql); if (is_a($res, 'PEAR_Error')) return false; @@ -123,7 +148,8 @@ class CustomFields { // Insert option. if (!$id) { - $sql = "insert into tt_custom_field_options (field_id, value) values($field_id, ".$mdb2->quote($option_name).")"; + $sql = "insert into tt_custom_field_options (group_id, org_id, field_id, value)". + " values($group_id, $org_id, $field_id, ".$mdb2->quote($option_name).")"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; @@ -133,10 +159,14 @@ class CustomFields { // updateOption updates option name. static function updateOption($id, $option_name) { - + global $user; $mdb2 = getConnection(); - $sql = "update tt_custom_field_options set value = ".$mdb2->quote($option_name)." where id = $id"; + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "update tt_custom_field_options set value = ".$mdb2->quote($option_name). + " where id = $id and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); return (!is_a($affected, 'PEAR_Error')); } @@ -146,25 +176,22 @@ class CustomFields { global $user; $mdb2 = getConnection(); - $field_id = CustomFields::getFieldIdForOption($id); + $group_id = $user->getGroup(); + $org_id = $user->org_id; - // First make sure that the field is ours. - $sql = "select team_id from tt_custom_fields where id = $field_id"; - $res = $mdb2->query($sql); - if (is_a($res, 'PEAR_Error')) - return false; - $val = $res->fetchRow(); - if ($user->team_id != $val['team_id']) - return false; + $field_id = CustomFields::getFieldIdForOption($id); + if (!$field_id) return false; - // Delete log entries with this option. - $sql = "update tt_custom_field_log set status = NULL where field_id = $field_id and value = ".$mdb2->quote($id); + // Delete log entries with this option. TODO: why? Research impact. + $sql = "update tt_custom_field_log set status = null". + " where field_id = $field_id and group_id = $group_id and org_id = $org_id and value = ".$mdb2->quote($id); $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; // Delete the option. - $sql = "delete from tt_custom_field_options where id = $id"; + $sql = "update tt_custom_field_options set status = null". + " where id = $id and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); return (!is_a($affected, 'PEAR_Error')); } @@ -173,21 +200,16 @@ class CustomFields { static function getOptions($field_id) { global $user; $mdb2 = getConnection(); - $options = array(); - // First make sure that the field is ours. - $sql = "select team_id from tt_custom_fields where id = $field_id"; - $res = $mdb2->query($sql); - if (is_a($res, 'PEAR_Error')) - return false; - $val = $res->fetchRow(); - if ($user->team_id != $val['team_id']) - return false; + $group_id = $user->getGroup(); + $org_id = $user->org_id; // Get options. - $sql = "select id, value from tt_custom_field_options where field_id = $field_id order by value"; + $sql = "select id, value from tt_custom_field_options". + " where field_id = $field_id and group_id = $group_id and org_id = $org_id and status = 1 order by value"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { + $options = array(); while ($val = $res->fetchRow()) { $options[$val['id']] = $val['value']; } @@ -201,19 +223,11 @@ class CustomFields { global $user; $mdb2 = getConnection(); - $field_id = CustomFields::getFieldIdForOption($id); + $group_id = $user->getGroup(); + $org_id = $user->org_id; - // First make sure that the field is ours. - $sql = "select team_id from tt_custom_fields where id = $field_id"; - $res = $mdb2->query($sql); - if (is_a($res, 'PEAR_Error')) - return false; - $val = $res->fetchRow(); - if ($user->team_id != $val['team_id']) - return false; - - // Get option name. - $sql = "select value from tt_custom_field_options where id = $id"; + $sql = "select value from tt_custom_field_options". + " where id = $id and group_id = $group_id and org_id = $org_id and status = 1"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { $val = $res->fetchRow(); @@ -223,13 +237,17 @@ class CustomFields { return false; } - // getFields returns an array of custom fields for team. + // getFields returns an array of custom fields for group. static function getFields() { global $user; $mdb2 = getConnection(); + $group_id = $user->getGroup(); + $org_id = $user->org_id; + $fields = array(); - $sql = "select id, type, label from tt_custom_fields where team_id = $user->team_id and status = 1 and type > 0"; + $sql = "select id, type, label from tt_custom_fields". + " where group_id = $group_id and org_id = $org_id and status = 1 and type > 0"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { while ($val = $res->fetchRow()) { @@ -245,7 +263,11 @@ class CustomFields { global $user; $mdb2 = getConnection(); - $sql = "select label, type, required from tt_custom_fields where id = $id and team_id = $user->team_id"; + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select label, type, required from tt_custom_fields". + " where id = $id and group_id = $group_id and org_id = $org_id"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { $val = $res->fetchRow(); @@ -258,9 +280,14 @@ class CustomFields { // getFieldIdForOption returns field id from an associated option id. static function getFieldIdForOption($option_id) { + global $user; $mdb2 = getConnection(); - $sql = "select field_id from tt_custom_field_options where id = $option_id"; + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select field_id from tt_custom_field_options". + " where id = $option_id and group_id = $group_id and org_id = $org_id"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { $val = $res->fetchRow(); @@ -270,57 +297,59 @@ class CustomFields { return false; } - // The insertField inserts a custom field for team. + // The insertField inserts a custom field for group. static function insertField($field_name, $field_type, $required) { global $user; $mdb2 = getConnection(); - $sql = "insert into tt_custom_fields (team_id, type, label, required, status) values($user->team_id, $field_type, ".$mdb2->quote($field_name).", $required, 1)"; + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "insert into tt_custom_fields (group_id, org_id, type, label, required, status)". + " values($group_id, $org_id, $field_type, ".$mdb2->quote($field_name).", $required, 1)"; $affected = $mdb2->exec($sql); return (!is_a($affected, 'PEAR_Error')); } - // The updateField updates custom field for team. + // The updateField updates custom field for group. static function updateField($id, $name, $type, $required) { global $user; $mdb2 = getConnection(); - $sql = "update tt_custom_fields set label = ".$mdb2->quote($name).", type = $type, required = $required where id = $id and team_id = $user->team_id"; + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "update tt_custom_fields set label = ".$mdb2->quote($name).", type = $type, required = $required". + " where id = $id and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); return (!is_a($affected, 'PEAR_Error')); } - // The deleteField deletes a custom field, its options and log entries for team. + // The deleteField deletes a custom field, its options and log entries for group. static function deleteField($field_id) { - - // Our overall intention is to keep the code simple and manageable. - // If a user wishes to delete a field, we will delete all its options and log entries. - // Otherwise we have to do conditional queries depending on field status (this complicates things). - global $user; $mdb2 = getConnection(); - // First make sure that the field is ours so that we can safely delete it. - $sql = "select team_id from tt_custom_fields where id = $field_id"; - $res = $mdb2->query($sql); - if (is_a($res, 'PEAR_Error')) - return false; - $val = $res->fetchRow(); - if ($user->team_id != $val['team_id']) - return false; + $group_id = $user->getGroup(); + $org_id = $user->org_id; - // Mark log entries as deleted. - $sql = "update tt_custom_field_log set status = NULL where field_id = $field_id"; + // Mark log entries as deleted. TODO: why are we doing this? Research impact. + $sql = "update tt_custom_field_log set status = null". + " where field_id = $field_id and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; - // Delete field options. - $sql = "delete from tt_custom_field_options where field_id = $field_id"; + // Mark field options as deleted. + $sql = "update tt_custom_field_options set status = null". + " where field_id = $field_id and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; - // Delete the field. - $sql = "delete from tt_custom_fields where id = $field_id and team_id = $user->team_id"; + // Mark custom field as deleted. + $sql = "update tt_custom_fields set status = null". + " where id = $field_id and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); return (!is_a($affected, 'PEAR_Error')); }