X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=predefined_expense_edit.php;h=3f0cb0c8c9dc5c9910a38c9799b0c06e9ad1b199;hb=4334f16faa68ecaec5aceb5c16bb500d62a3688f;hp=220778a980ea5aecfdcce67eefb093d330adc6dc;hpb=fd0872d9e582113346fa1e93557f370286c5c9f2;p=timetracker.git

diff --git a/predefined_expense_edit.php b/predefined_expense_edit.php
index 220778a9..3f0cb0c8 100644
--- a/predefined_expense_edit.php
+++ b/predefined_expense_edit.php
@@ -30,19 +30,27 @@ require_once('initialize.php');
 import('form.Form');
 import('ttPredefinedExpenseHelper');
 
-// Access check.
-if (!ttAccessAllowed('manage_advanced_settings') || !$user->isPluginEnabled('ex')) {
+// Access checks.
+if (!ttAccessAllowed('manage_advanced_settings')) {
   header('Location: access_denied.php');
   exit();
 }
-
+if (!$user->isPluginEnabled('ex')) {
+  header('Location: feature_disabled.php');
+  exit();
+}
 $predefined_expense_id = (int) $request->getParameter('id');
+$predefined_expense = ttPredefinedExpenseHelper::get($predefined_expense_id);
+if (!$predefined_expense) {
+  header('Location: access_denied.php');
+  exit();
+}
+// End of access checks.
 
 if ($request->isPost()) {
   $cl_name = trim($request->getParameter('name'));
   $cl_cost = trim($request->getParameter('cost'));
 } else {
-  $predefined_expense = ttPredefinedExpenseHelper::get($predefined_expense_id);
   $cl_name = $predefined_expense['name'];
   $cl_cost = $predefined_expense['cost'];
 }
@@ -60,7 +68,6 @@ if ($request->isPost()) {
   if ($err->no()) {
     if (ttPredefinedExpenseHelper::update(array(
         'id' => $predefined_expense_id,
-        'team_id' => $user->team_id,
         'name' => $cl_name,
         'cost' => $cl_cost))) {
         header('Location: predefined_expenses.php');