X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=time_files.php;h=33273da457e8fe30f1ca10ed7f78fa2355cf3ec6;hb=2b39252b38f5bd1be462224fe781a40f5b0ddf95;hp=2ba0efceaa5a985301b628173d71afea0fdf0260;hpb=f30b876933acf131cbdfbf89ae7717faffa85f2d;p=timetracker.git diff --git a/time_files.php b/time_files.php index 2ba0efce..33273da4 100644 --- a/time_files.php +++ b/time_files.php @@ -36,17 +36,16 @@ if (!(ttAccessAllowed('track_own_time') || ttAccessAllowed('track_time'))) { header('Location: access_denied.php'); exit(); } +if (!$user->isPluginEnabled('at')) { + header('Location: feature_disabled.php'); + exit(); +} $cl_id = (int)$request->getParameter('id'); -$time_rec = ttTimeHelper::getRecord($cl_id); +$time_rec = ttTimeHelper::getRecordForFileView($cl_id); if (!$time_rec) { header('Location: access_denied.php'); exit(); } -if (!$user->isPluginEnabled('at')) { - header('Location: feature_disabled.php'); - exit(); -} -// TODO: review access checks, specifically for on behalf operations. // End of access checks. if ($request->isPost()) { @@ -58,8 +57,7 @@ $files = $fileHelper::getEntityFiles($cl_id, 'time'); $form = new Form('fileUploadForm'); $form->addInput(array('type'=>'hidden','name'=>'id','value'=>$cl_id)); -$form->addInput(array('type'=>'upload','name'=>'newfile','value'=>$i18n->get('button.submit'),'maxsize'=>67108864)); // 64 MB file upload limit. -// Note: for the above limit to work make sure to set upload_max_filesize and post_max_size in php.ini to at least 64M. +$form->addInput(array('type'=>'upload','name'=>'newfile','value'=>$i18n->get('button.submit'))); $form->addInput(array('type'=>'textarea','name'=>'description','style'=>'width: 250px; height: 40px;','value'=>$cl_description)); $form->addInput(array('type'=>'submit','name'=>'btn_submit','value'=>$i18n->get('button.add'))); @@ -83,8 +81,7 @@ if ($request->isPost()) { } } // isPost -$canEdit = !($time_rec['approved'] || $time_rec['timesheet_id'] || $time_rec['invoice_id']); -$smarty->assign('can_edit', $canEdit); +$smarty->assign('can_edit', $time_rec['can_edit']); $smarty->assign('forms', array($form->getName()=>$form->toArray())); $smarty->assign('files', $files); $smarty->assign('title', $i18n->get('title.time_files'));