X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/timetracker.git/blobdiff_plain/7b6cfb2cceac61a6e899590ac8ac9fa8cb326c6a..dff61baa6b8f972c0a74119258b81e6884a9191f:/expenses.php

diff --git a/expenses.php b/expenses.php
index eb11e73a..9a345422 100644
--- a/expenses.php
+++ b/expenses.php
@@ -42,6 +42,10 @@ if (!$user->isPluginEnabled('ex')) {
   header('Location: feature_disabled.php');
   exit();
 }
+if (!$user->exists()) {
+  header('Location: access_denied.php'); // Nobody to enter expenses for.
+  exit();
+}
 if ($user->behalf_id && (!$user->can('track_expenses') || !$user->checkBehalfId())) {
   header('Location: access_denied.php'); // Trying on behalf, but no right or wrong user.
   exit();
@@ -65,9 +69,6 @@ if ($request->isPost() && $userChanged) {
   $user->setOnBehalfUser($user_id);
 } else {
   $user_id = $user->getUser();
-  // Handle a situation for no users in on behalf group.
-  if ($user->behalfGroup && $user_id == $user->id)
-    $user_id = null;
 }
 
 // Initialize and store date in session.