X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/timetracker.git/blobdiff_plain/8fc038ec7505483c193e290423623b6a66ee3797..f18a557af5593668fe61b8e86db4bcf50970e0bd:/WEB-INF/lib/ttProjectHelper.class.php

diff --git a/WEB-INF/lib/ttProjectHelper.class.php b/WEB-INF/lib/ttProjectHelper.class.php
index 47783d59..5e59a928 100644
--- a/WEB-INF/lib/ttProjectHelper.class.php
+++ b/WEB-INF/lib/ttProjectHelper.class.php
@@ -159,23 +159,26 @@ class ttProjectHelper {
     global $user;
     $mdb2 = getConnection();
 
+    $group_id = $user->getActiveGroup();
+    $org_id = $user->org_id;
+
     // Start with project itself. Reason: if the passed in project_id is bogus,
     // we'll fail right here and don't damage any other data.
 
     // Mark project as deleted and remove associated tasks.
-    $sql = "update tt_projects set status = NULL, tasks = NULL where id = $id and group_id = ".$user->getActiveGroup();
+    $sql = "update tt_projects set status = NULL, tasks = NULL where id = $id and group_id = $group_id and org_id = $org_id";
     $affected = $mdb2->exec($sql);
     if (is_a($affected, 'PEAR_Error') || 0 == $affected)
       return false; // An error ocurred, or 0 rows updated.
 
     // Delete user binds to this project.
-    $sql = "delete from tt_user_project_binds where project_id = $id";
+    $sql = "delete from tt_user_project_binds where project_id = $id and group_id = $group_id and org_id = $org_id";
     $affected = $mdb2->exec($sql);
     if (is_a($affected, 'PEAR_Error'))
       return false;
 
     // Delete task binds to this project.
-    $sql = "delete from tt_project_task_binds where project_id = $id";
+    $sql = "delete from tt_project_task_binds where project_id = $id and group_id = $group_id and org_id = $org_id";
     $affected = $mdb2->exec($sql);
     if (is_a($affected, 'PEAR_Error'))
       return false;
@@ -226,7 +229,8 @@ class ttProjectHelper {
     $all_tasks = ttTeamHelper::getAllTasks($group_id);
     foreach ($all_tasks as $task) {
       if(in_array($task['id'], $tasks)) {
-        $sql = "insert into tt_project_task_binds (project_id, task_id) values($last_id, ".$task['id'].")";
+        $sql = "insert into tt_project_task_binds (project_id, task_id, group_id, org_id)".
+          " values($last_id, ".$task['id'].", $group_id, $org_id)";
         $affected = $mdb2->exec($sql);
         if (is_a($affected, 'PEAR_Error'))
           return false;
@@ -240,7 +244,9 @@ class ttProjectHelper {
   static function update($fields) {
     global $user;
     $mdb2 = getConnection();
-    
+
+    $group_id = $user->getActiveGroup();
+    $org_id = $user->org_id;
     $project_id = $fields['id']; // Project we are updating.
     $name = $fields['name']; // Project name.
     $description = $fields['description']; // Project description.
@@ -271,8 +277,6 @@ class ttProjectHelper {
       while ($row = $res->fetchRow()) {
         $user_rate[$row['id']] = $row['rate'];
       }
-      $group_id = $user->getActiveGroup();
-      $org_id = $user->org_id;
       foreach ($users_to_add as $id) {
         $sql = "insert into tt_user_project_binds (user_id, project_id, group_id, org_id, rate, status)".
           " values($id, $project_id, $group_id, $org_id, ".$user_rate[$id].", 1)";
@@ -308,7 +312,8 @@ class ttProjectHelper {
         return false;
     }    
     foreach ($task_binds_to_add as $task_id) {
-      $sql = "insert into tt_project_task_binds (project_id, task_id) values($project_id, $task_id)";
+      $sql = "insert into tt_project_task_binds (project_id, task_id, group_id, org_id)".
+        " values($project_id, $task_id, $group_id, $org_id)";
       $affected = $mdb2->exec($sql);
       if (is_a($affected, 'PEAR_Error'))
         return false;