X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=quotas.php;h=0336d44c38fccd3b3bd5fd0a9df8a4acd3a93286;hb=67ff88b9d0f11b6f63c06823828df337063a7d6f;hp=2e64e425d7f078bf6a8359c29ca909613d212dc3;hpb=2e5d329bb88d0cda3515cccaea70575867b482fd;p=timetracker.git

diff --git a/quotas.php b/quotas.php
index 2e64e425..0336d44c 100644
--- a/quotas.php
+++ b/quotas.php
@@ -30,6 +30,7 @@ require_once('initialize.php');
 require_once('plugins/MonthlyQuota.class.php');
 import('form.Form');
 import('ttTeamHelper');
+import('ttTimeHelper');
 
 // Access check.
 if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('mq')) {
@@ -69,27 +70,38 @@ $months = $i18n->monthNames;
 $quota = new MonthlyQuota();
 
 if ($request->isPost()){
-  // TODO: Add parameter validation.
-  $res = false;
-  if ($_POST['btn_hours']){
-
-    // User changed workday hours for team.
-    $hours = (int)$request->getParameter('workdayHours');
-    $res = ttTeamHelper::update($user->team_id, array('name'=>$user->team,'workday_hours'=>$hours));
+  // Validate user input.
+  for ($i = 0; $i < count($months); $i++){
+    $val = $request->getParameter($months[$i]);
+    if (!ttTimeHelper::isValidQuota($val))
+      $err->add($i18n->getKey('error.field'), $months[$i]);
   }
-  if ($_POST['btn_submit']){
-    // User pressed the Save button under monthly quotas table.
-    $postedYear = $request->getParameter('year');
-    $selectedYear = intval($postedYear);
-    for ($i = 0; $i < count($months); $i++){
-      $res = $quota->update($postedYear, $i+1, $request->getParameter($months[$i]));
+  // Finished validating user input.
+
+  if ($err->no()) {
+
+    $res = false;
+    if ($_POST['btn_hours']){
+
+      // User changed workday hours for team.
+      $hours = (int)$request->getParameter('workdayHours');
+      $res = ttTeamHelper::update($user->team_id, array('name'=>$user->team,'workday_hours'=>$hours));
+    }
+    if ($_POST['btn_submit']){
+      // User pressed the Save button under monthly quotas table.
+      $postedYear = $request->getParameter('year');
+      $selectedYear = intval($postedYear);
+      for ($i = 0; $i < count($months); $i++){
+        $res = $quota->update($postedYear, $i+1, $request->getParameter($months[$i]));
+      }
+    }
+    if ($res) {
+      // header('Location: profile_edit.php');
+      header('Location: quotas.php'); // For debugging.
+      exit();
+    } else {
+      $err->add($i18n->getKey('error.db'));
     }
-  }
-  if ($res) {
-    header('Location: profile_edit.php');
-    exit();
-  } else {
-    $err->add($i18n->getKey('error.db'));
   }
 }
 
@@ -103,9 +115,10 @@ for ($i=0; $i < count($months); $i++) {
   $value = "";
   if (array_key_exists($i+1, $monthsData)){
     $value = $monthsData[$i+1];
+    $value = ttTimeHelper::toAbsDuration($value * 60, true);
   }
   $name = $months[$i];
-  $form->addInput(array('type'=>'text','name'=>$name,'maxlength'=>3,'value'=> $value,'style'=>'width:50px'));
+  $form->addInput(array('type'=>'text','name'=>$name,'maxlength'=>6,'value'=> $value,'style'=>'width:70px'));
 }
 
 $smarty->assign('months', $months);