posaune

[timetracker.git] / expenses.php

diff --git a/expenses.php b/expenses.php
index eb11e73..2c25bde 100644 (file)
--- a/expenses.php
+++ b/expenses.php
@@ -31,6 +31,7 @@ import('form.Form');
 import('ttUserHelper');
 import('ttGroupHelper');
 import('DateAndTime');
+import('ttTimeHelper');
 import('ttExpenseHelper');
 
 // Access checks.
@@ -42,6 +43,10 @@ if (!$user->isPluginEnabled('ex')) {
   header('Location: feature_disabled.php');
   exit();
 }
+if (!$user->exists()) {
+  header('Location: access_denied.php'); // Nobody to enter expenses for.
+  exit();
+}
 if ($user->behalf_id && (!$user->can('track_expenses') || !$user->checkBehalfId())) {
   header('Location: access_denied.php'); // Trying on behalf, but no right or wrong user.
   exit();
@@ -65,9 +70,6 @@ if ($request->isPost() && $userChanged) {
   $user->setOnBehalfUser($user_id);
 } else {
   $user_id = $user->getUser();
-  // Handle a situation for no users in on behalf group.
-  if ($user->behalfGroup && $user_id == $user->id)
-    $user_id = null;
 }
 
 // Initialize and store date in session.
@@ -188,7 +190,7 @@ $form->addInput(array('type'=>'submit','name'=>'btn_submit','onclick'=>'browser_
 if ($request->isPost()) {
   if ($request->getParameter('btn_submit')) {
     // Validate user input.
-    if ($user->isPluginEnabled('cl') && $user->isPluginEnabled('cm') && !$cl_client)
+    if ($user->isPluginEnabled('cl') && $user->isOptionEnabled('client_required') && !$cl_client)
       $err->add($i18n->get('error.client'));
     if ($show_project && !$cl_project)
       $err->add($i18n->get('error.project'));
@@ -201,6 +203,7 @@ if ($request->isPost()) {
       if ($selected_date->after($browser_today))
         $err->add($i18n->get('error.future_date'));
     }
+    if (!ttTimeHelper::canAdd()) $err->add($i18n->get('error.expired'));
     // Finished validating input data.
 
     // Prohibit creating entries in locked range.