if ($user->isPluginEnabled('cl'))
$left_joins .= " left join tt_clients c on (ei.client_id = c.id)";
- $sql = "select ei.id, ei.date, ei.client_id, ei.project_id, ei.name, ei.cost, ei.invoice_id, ei.paid $client_field, p.name as project_name".
+ $sql = "select ei.id, ei.date, ei.client_id, ei.project_id, ei.name, ei.cost, ei.invoice_id, ei.approved,".
+ " ei.paid $client_field, p.name as project_name".
" from tt_expense_items ei $left_joins".
" where ei.id = $id and ei.group_id = $group_id and ei.org_id = $org_id and ei.user_id = $user_id and ei.status = 1";
$res = $mdb2->query($sql);
$left_joins .= " left join tt_clients c on (ei.client_id = c.id)";
$sql = "select ei.id as id $client_field, p.name as project, ei.name as item, ei.cost as cost,".
- " ei.invoice_id from tt_expense_items ei $left_joins".
+ " ei.invoice_id, ei.approved from tt_expense_items ei $left_joins".
" where ei.date = ".$mdb2->quote($date)." and ei.user_id = $user_id".
" and ei.group_id = $group_id and ei.org_id = $org_id and ei.status = 1 order by ei.id";
{/if}
<td valign="top">{$item.item|escape}</td>
<td valign="top" align="right">{$item.cost}</td>
- <td valign="top" align="center">{if $item.invoice_id} {else}<a href='expense_edit.php?id={$item.id}'>{$i18n.label.edit}</a>{/if}</td>
+ <td valign="top" align="center">
+ {if $item.approved || $item.invoice_id}
+
+ {else}
+ <a href='expense_edit.php?id={$item.id}'>{$i18n.label.edit}</a>
+ {/if}
+ </td>
</tr>
{/foreach}
</table>
<br>
<table cellspacing="0" cellpadding="4" width="100%" border="0">
<tr>
- <td align="center"> Anuko Time Tracker 1.18.53.4832 | Copyright © <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
+ <td align="center"> Anuko Time Tracker 1.18.53.4833 | Copyright © <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
<a href="https://www.anuko.com/lp/tt_4.htm" target="_blank">{$i18n.footer.credits}</a> |
<a href="https://www.anuko.com/lp/tt_5.htm" target="_blank">{$i18n.footer.license}</a> |
<a href="https://www.anuko.com/lp/tt_7.htm" target="_blank">{$i18n.footer.improve}</a>
{if $show_project}
<td valign="top">{$item.project|escape}</td>
{/if}
- <td valign="top">{if $item.invoice_id} {$item.item|escape} {else}<a href="expense_edit.php?id={$item.id}">{$item.item|escape}</a>{/if}</td>
+ <td valign="top">
+ {if $item.approved || $item.invoice_id}
+ {$item.item|escape}
+ {else}
+ <a href="expense_edit.php?id={$item.id}">{$item.item|escape}</a>
+ {/if}
+ </td>
<td valign="top" align="right">{$item.cost}</td>
</tr>
{/foreach}
$cl_id = (int)$request->getParameter('id');
// Get the expense item we are deleting.
$expense_item = ttExpenseHelper::getItem($cl_id);
-if (!$expense_item || $expense_item['invoice_id']) {
- // Prohibit deleting not ours or invoiced items.
+if (!$expense_item || $expense_item['approved'] || $expense_item['invoice_id']) {
+ // Prohibit deleting not ours, approved, or invoiced items.
header('Location: access_denied.php');
exit();
}
$cl_id = (int)$request->getParameter('id');
// Get the expense item we are editing.
$expense_item = ttExpenseHelper::getItem($cl_id);
-if (!$expense_item || $expense_item['invoice_id']) {
- // Prohibit editing not ours or invoiced items.
+if (!$expense_item || $expense_item['approved'] || $expense_item['invoice_id']) {
+ // Prohibit editing not ours, approved, or invoiced items.
header('Location: access_denied.php');
exit();
}
$cl_id = (int)$request->getParameter('id');
// Get the expense item we are deleting.
$expense_item = ttExpenseHelper::getItem($cl_id);
-if (!$expense_item || $expense_item['invoice_id']) {
- // Prohibit deleting not ours or invoiced items.
+if (!$expense_item || $expense_item['approved'] || $expense_item['invoice_id']) {
+ // Prohibit deleting not ours, approved, or invoiced items.
header('Location: access_denied.php');
exit();
}
$cl_id = (int)$request->getParameter('id');
// Get the expense item we are editing.
$expense_item = ttExpenseHelper::getItem($cl_id);
-if (!$expense_item || $expense_item['invoice_id']) {
- // Prohibit editing not ours or invoiced items.
+if (!$expense_item || $expense_item['approved'] || $expense_item['invoice_id']) {
+ // Prohibit editing not ours, approved, or invoiced items.
header('Location: access_denied.php');
exit();
}