X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/timetracker.git/blobdiff_plain/6ebd9b5c4aa66017858979cf00ac1db700f9d643..b5426618bbd3ee3178a86f6318b321632047f25b:/plugins/CustomFields.class.php?ds=sidebyside diff --git a/plugins/CustomFields.class.php b/plugins/CustomFields.class.php index 0e450b14..885f60b9 100644 --- a/plugins/CustomFields.class.php +++ b/plugins/CustomFields.class.php @@ -52,7 +52,7 @@ class CustomFields { // If we have a dropdown obtain options for it. if ((count($this->fields) > 0) && ($this->fields[0]['type'] == CustomFields::TYPE_DROPDOWN)) { - $sql = "select id, value from tt_custom_field_options where field_id = ".$this->fields[0]['id']." order by value"; + $sql = "select id, value from tt_custom_field_options where field_id = ".$this->fields[0]['id']." and status = 1 order by value"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { while ($val = $res->fetchRow()) { @@ -66,7 +66,7 @@ class CustomFields { global $user; $mdb2 = getConnection(); - $group_id = $user->getActiveGroup(); + $group_id = $user->getGroup(); $org_id = $user->org_id; $sql = "insert into tt_custom_field_log (group_id, org_id, log_id, field_id, option_id, value)". @@ -118,7 +118,7 @@ class CustomFields { global $user; $mdb2 = getConnection(); - $group_id = $user->getActiveGroup(); + $group_id = $user->getGroup(); $org_id = $user->org_id; // Check if the option exists. @@ -173,7 +173,7 @@ class CustomFields { return false; // Delete the option. - $sql = "delete from tt_custom_field_options where id = $id"; + $sql = "update tt_custom_field_options set status = NULL where id = $id"; $affected = $mdb2->exec($sql); return (!is_a($affected, 'PEAR_Error')); } @@ -194,7 +194,7 @@ class CustomFields { return false; // Get options. - $sql = "select id, value from tt_custom_field_options where field_id = $field_id order by value"; + $sql = "select id, value from tt_custom_field_options where field_id = $field_id and status = 1 order by value"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { while ($val = $res->fetchRow()) { @@ -237,8 +237,12 @@ class CustomFields { global $user; $mdb2 = getConnection(); + $group_id = $user->getGroup(); + $org_id = $user->org_id; + $fields = array(); - $sql = "select id, type, label from tt_custom_fields where group_id = $user->group_id and status = 1 and type > 0"; + $sql = "select id, type, label from tt_custom_fields". + " where group_id = $group_id and org_id = $org_id and status = 1 and type > 0"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { while ($val = $res->fetchRow()) { @@ -254,7 +258,11 @@ class CustomFields { global $user; $mdb2 = getConnection(); - $sql = "select label, type, required from tt_custom_fields where id = $id and group_id = $user->group_id"; + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select label, type, required from tt_custom_fields". + " where id = $id and group_id = $group_id and org_id = $org_id"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { $val = $res->fetchRow(); @@ -283,7 +291,7 @@ class CustomFields { static function insertField($field_name, $field_type, $required) { global $user; $mdb2 = getConnection(); - $group_id = $user->getActiveGroup(); + $group_id = $user->getGroup(); $org_id = $user->org_id; $sql = "insert into tt_custom_fields (group_id, org_id, type, label, required, status)". " values($group_id, $org_id, $field_type, ".$mdb2->quote($field_name).", $required, 1)"; @@ -295,44 +303,39 @@ class CustomFields { static function updateField($id, $name, $type, $required) { global $user; $mdb2 = getConnection(); - $sql = "update tt_custom_fields set label = ".$mdb2->quote($name).", type = $type, required = $required where id = $id and group_id = $user->group_id"; + $group_id = $user->getGroup(); + $org_id = $user->org_id; + $sql = "update tt_custom_fields set label = ".$mdb2->quote($name).", type = $type, required = $required". + " where id = $id and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); return (!is_a($affected, 'PEAR_Error')); } // The deleteField deletes a custom field, its options and log entries for group. static function deleteField($field_id) { - - // Our overall intention is to keep the code simple and manageable. - // If a user wishes to delete a field, we will delete all its options and log entries. - // Otherwise we have to do conditional queries depending on field status (this complicates things). - global $user; $mdb2 = getConnection(); - // First make sure that the field is ours so that we can safely delete it. - $sql = "select group_id from tt_custom_fields where id = $field_id"; - $res = $mdb2->query($sql); - if (is_a($res, 'PEAR_Error')) - return false; - $val = $res->fetchRow(); - if ($user->group_id != $val['group_id']) - return false; + $group_id = $user->getGroup(); + $org_id = $user->org_id; - // Mark log entries as deleted. - $sql = "update tt_custom_field_log set status = NULL where field_id = $field_id"; + // Mark log entries as deleted. TODO: why are we doing this? Research impact. + $sql = "update tt_custom_field_log set status = null". + " where field_id = $field_id and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; - // Delete field options. - $sql = "delete from tt_custom_field_options where field_id = $field_id"; + // Mark field options as deleted. + $sql = "update tt_custom_field_options set status = null". + " where field_id = $field_id and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; - // Delete the field. - $sql = "delete from tt_custom_fields where id = $field_id and group_id = $user->group_id"; + // Mark custom field as deleted. + $sql = "update tt_custom_fields set status = null". + " where id = $field_id and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); return (!is_a($affected, 'PEAR_Error')); }