header('Location: access_denied.php');
exit();
}
+if (!$user->isPluginEnabled('at')) {
+ header('Location: feature_disabled.php');
+ exit();
+}
$cl_id = (int)$request->getParameter('id');
-$time_rec = ttTimeHelper::getRecord($cl_id);
+$time_rec = ttTimeHelper::getRecordForFileView($cl_id);
if (!$time_rec) {
header('Location: access_denied.php');
exit();
}
-if (!$user->isPluginEnabled('at')) {
- header('Location: feature_disabled.php');
- exit();
-}
-// TODO: review access checks, specifically for on behalf operations.
// End of access checks.
if ($request->isPost()) {
$form = new Form('fileUploadForm');
$form->addInput(array('type'=>'hidden','name'=>'id','value'=>$cl_id));
-$form->addInput(array('type'=>'upload','name'=>'newfile','value'=>$i18n->get('button.submit'),'maxsize'=>67108864)); // 64 MB file upload limit.
-// Note: for the above limit to work make sure to set upload_max_filesize and post_max_size in php.ini to at least 64M.
+$form->addInput(array('type'=>'upload','name'=>'newfile','value'=>$i18n->get('button.submit')));
$form->addInput(array('type'=>'textarea','name'=>'description','style'=>'width: 250px; height: 40px;','value'=>$cl_description));
$form->addInput(array('type'=>'submit','name'=>'btn_submit','value'=>$i18n->get('button.add')));
}
} // isPost
-$canEdit = !($time_rec['approved'] || $time_rec['timesheet_id'] || $time_rec['invoice_id']);
-$smarty->assign('can_edit', $canEdit);
+$smarty->assign('can_edit', $time_rec['can_edit']);
$smarty->assign('forms', array($form->getName()=>$form->toArray()));
$smarty->assign('files', $files);
$smarty->assign('title', $i18n->get('title.time_files'));
projects / timetracker.git / blobdiff