Beispiel #1
* Submit changes to a person @ingroup pages
function personEditSubmit()
    global $PH;
    global $auth;
    global $g_user_profile_names;
    global $g_user_profiles;
    ### cancel ? ###
    if (get('form_do_cancel')) {
        if (!$PH->showFromPage()) {
            $PH->show('home', array());
    ### Validate form integrity
    if (!validateFormCrc()) {
        $PH->abortWarning(__('Invalid checksum for hidden form elements'));
    ### get person ####
    $id = getOnePassedId('person');
    ### temporary obj, not in db
    if ($id == 0) {
        $person = new Person(array('id' => 0));
    } else {
        if (!($person = Person::getEditableById($id))) {
            $PH->abortWarning(__("Could not get person"));
    ### person category ###
    $pcategory = get('pcategory');
    if ($pcategory != NULL) {
        if ($pcategory == -1) {
            $person->category = PCATEGORY_STAFF;
        } else {
            if ($pcategory == -2) {
                $person->category = PCATEGORY_CONTACT;
            } else {
                $person->category = $pcategory;
    ### validate rights ###
    if ($auth->cur_user->id == $person->id && $auth->cur_user->user_rights & RIGHT_PERSON_EDIT_SELF || $auth->cur_user->user_rights & RIGHT_PERSON_EDIT || $auth->cur_user->user_rights & RIGHT_PERSON_CREATE && $person->id == 0) {
        $pass = true;
    } else {
        $PH->abortWarning(__("not allowed to edit"), ERROR_RIGHTS);
    $flag_ok = true;
    # update valid?
    # retrieve all possible values from post-data
    # NOTE:
    # - this could be an security-issue.
    # - TODO: as some kind of form-edit-behaviour to field-definition
    foreach ($person->fields as $f) {
        $name = $f->name;
    ### rights & theme & profile ###
    if ($auth->cur_user->user_rights & RIGHT_PERSON_EDIT_RIGHTS) {
         * if profile != -1, it will OVERWRITE (or reinit) user_rights
         * therefore persEdit set profil to 0 if rights don't fit profile. It will
         * then be skipped here
        $profile_num = get('person_profile');
        if (!is_null($profile_num)) {
            if ($profile_num != -1) {
                $person->profile = $profile_num;
                if (isset($g_user_profiles[$profile_num]['default_user_rights'])) {
                    $rights = $g_user_profiles[$profile_num]['default_user_rights'];
                     * add warning on changed profile
                    if ($person->user_rights != $rights && $person->id) {
                        new FeedbackHint(__('The changed profile <b>does not affect existing project roles</b>! Those has to be adjusted inside the projects.'));
                    $person->user_rights = $rights;
                } else {
                    trigger_error("Undefined profile requested ({$profile_num})", E_USER_ERROR);
    ### can login ###
    if ($auth->cur_user->user_rights & RIGHT_PERSON_EDIT_RIGHTS || $auth->cur_user->user_rights & RIGHT_PERSON_CREATE && $auth->cur_user->user_rights & RIGHT_PROJECT_ASSIGN && $person->id == 0) {
         * NOTE, if checkbox is not rendered in editForm, user-account will be disabled!
         * there seems no way the be sure the checkbox has been rendered, if it is not checked in form
        if ($can_login = get('person_can_login')) {
            $person->can_login = 1;
        } else {
            $person->can_login = 0;
    $period = get('person_notification_period');
    ### turn off ###
    if ($period === 0 || $period === "0") {
        $person->settings &= USER_SETTING_NOTIFICATIONS ^ RIGHT_ALL;
        $person->notification_period = 0;
    } else {
        $person->settings |= USER_SETTING_NOTIFICATIONS;
        $person->notification_period = $period;
        if ($person->can_login && !$person->personal_email && !$person->office_email) {
            $flag_ok = false;
            $person->fields['office_email']->required = true;
            $person->fields['personal_email']->required = true;
            new FeedbackWarning(__("Sending notifactions requires an email-address."));
    if (get('person_html_mail')) {
        $person->settings |= USER_SETTING_HTML_MAIL;
    } else {
        $person->settings &= USER_SETTING_HTML_MAIL ^ RIGHT_ALL;
    ### effort style ###
    if ($effort_style = get('person_effort_style')) {
        if ($effort_style == EFFORT_STYLE_TIMES) {
            $person->settings &= USER_SETTING_EFFORTS_AS_DURATION ^ RIGHT_ALL;
        } else {
            if ($effort_style == EFFORT_STYLE_DURATION) {
                $person->settings |= USER_SETTING_EFFORTS_AS_DURATION;
            } else {
                trigger_error("undefined person effort style", E_USER_WARNING);
    ### filter own changes ###
    if (get('person_filter_own_changes')) {
        $person->settings |= USER_SETTING_FILTER_OWN_CHANGES;
    } else {
        $person->settings &= USER_SETTING_FILTER_OWN_CHANGES ^ RIGHT_ALL;
    ### enable bookmarks ###
    if (get('person_enable_bookmarks')) {
        $person->settings |= USER_SETTING_ENABLE_BOOKMARKS;
    } else {
        $person->settings &= USER_SETTING_ENABLE_BOOKMARKS ^ RIGHT_ALL;
    if (get('person_enable_efforts')) {
        $person->settings |= USER_SETTING_ENABLE_EFFORTS;
    } else {
        $person->settings &= USER_SETTING_ENABLE_EFFORTS ^ RIGHT_ALL;
    $zone = get('person_time_zone');
    if ($zone != NULL && $person->time_zone != 1.0 * $zone) {
        $person->time_zone = 1.0 * $zone;
        if ($zone == TIME_OFFSET_AUTO) {
            new FeedbackMessage(__("Using auto detection of time zone requires this user to relogin."));
        } else {
            $person->time_offset = $zone * 60.0 * 60.0;
            if ($person->id == $auth->cur_user->id) {
                $auth->cur_user->time_offset = $zone * 60.0 * 60.0;
    $theme = get('person_theme');
    if ($theme != NULL) {
        $person->theme = $theme;
        ### update immediately / without page-reload ####
        if ($person->id == $auth->cur_user->id) {
            $auth->cur_user->theme = $theme;
    $language = get('person_language');
    global $g_languages;
    if (isset($g_languages[$language])) {
        $person->language = $language;
        ### update immediately / without page-reload ####
        if ($person->id == $auth->cur_user->id) {
            $auth->cur_user->language = $language;
    $t_nickname = get('person_nickname');
    ### check if changed nickname is unique
    if ($person->can_login || $person->nickname != "") {
         * actually this should be mb_strtolower, but this is not installed by default
        if ($person->nickname != strtolower($person->nickname)) {
            new FeedbackMessage(__("Nickname has been converted to lowercase"));
            $person->nickname = strtolower($person->nickname);
        ### authentication ###
        $p_auth = get('person_auth');
        if ($p_auth) {
            $person->ldap = 1;
        } else {
            $person->ldap = 0;
        if ($p2 = Person::getByNickname($t_nickname)) {
            # another person with this nick?
            if ($p2->id != $person->id) {
                new FeedbackWarning(__("Nickname has to be unique"));
                $person->fields['nickname']->required = true;
                $flag_ok = false;
    ### password entered? ###
    $t_password1 = get('person_password1');
    $t_password2 = get('person_password2');
    $flag_password_ok = true;
    if (($t_password1 || $t_password2) && $t_password1 != "__dont_change__") {
        ### check if password match ###
        if ($t_password1 !== $t_password2) {
            new FeedbackWarning(__("Passwords do not match"));
            $person->fields['password']->required = true;
            $flag_ok = false;
            $flag_password_ok = false;
        ### check if password is good enough ###
        if ($person->can_login) {
            $password_length = strlen($t_password1);
            $password_count_numbers = strlen(preg_replace('/[\\d]/', '', $t_password1));
            $password_count_special = strlen(preg_replace('/[\\w]/', '', $t_password1));
            $password_value = -7 + $password_length + $password_count_numbers * 2 + $password_count_special * 8;
            if ($password_value < confGet('CHECK_PASSWORD_LEVEL')) {
                new FeedbackWarning(__("Password is too weak (please add numbers, special chars or length)"));
                $flag_ok = false;
                $flag_password_ok = false;
        if ($flag_password_ok) {
            $person->password = md5($t_password1);
    if ($flag_ok && $person->can_login) {
        if (!$person->nickname) {
            new FeedbackWarning(__("Login-accounts require a unique nickname"));
            $person->fields['nickname']->required = true;
            $person->fields['nickname']->invalid = true;
            $flag_ok = false;
    ### repeat form if invalid data ###
    if (!$flag_ok) {
        $PH->show('personEdit', NULL, $person);
     * store indentifier-string for login from notification & reminder - mails
    $person->identifier = $person->calcIdentifierString();
    ### insert new object ###
    if ($person->id == 0) {
        if ($person->settings & USER_SETTING_NOTIFICATIONS && $person->can_login) {
            $person->settings |= USER_SETTING_SEND_ACTIVATION;
            new FeedbackHint(sprintf(__("A notification / activation  will be mailed to <b>%s</b> when you log out."), $person->name) . " " . sprintf(__("Read more about %s."), $PH->getWikiLink('notifications')));
        $person->notification_last = getGMTString(time() - $person->notification_period * 60 * 60 * 24 - 1);
        $person->cookie_string = $person->calcCookieString();
        if ($person->insert()) {
            ### link to a company ###
            if ($c_id = get('company')) {
                require_once confGet('DIR_STREBER') . 'db/';
                if ($c = Company::getVisibleById($c_id)) {
                    require_once confGet('DIR_STREBER') . 'db/';
                    $e = new Employment(array('id' => 0, 'person' => $person->id, 'company' => $c->id));
            ## assigne to project ##
            require_once confGet('DIR_STREBER') . 'db/';
            $prj_num = get('assigned_prj');
            if (isset($prj_num)) {
                if ($prj_num != -1) {
                    if ($p = Project::getVisibleById($prj_num)) {
                        $prj_person = new ProjectPerson(array('person' => $person->id, 'project' => $p->id, 'name' => $g_user_profile_names[$person->profile]));
            new FeedbackMessage(sprintf(__('Person %s created'), $person->getLink()));
        } else {
            new FeedbackError(__("Could not insert object"));
    } else {
        new FeedbackMessage(sprintf(__('Updated settings for %s.'), $person->getLink()));
    if ($auth->cur_user->id == $person->id) {
        $auth->cur_user = $person;
    ### notify on change ###
    ### store cookie, if accountActivation ###
    if (get('tuid')) {
    ### create another person ###
    if (get('create_another')) {
        if ($c_id = get('company')) {
            $PH->show('personNew', array('company' => $c_id));
        } else {
    } else {
        ### display fromPage ####
        if (!$PH->showFromPage()) {
            $PH->show('home', array());
Beispiel #2
* Submit changes to a comment @ingroup pages
function commentEditSubmit()
    global $PH;
    global $auth;
    ### cancel ###
    if (get('form_do_cancel')) {
        if (!$PH->showFromPage()) {
    ### Validate integrety ###
    if (!validateFormCrc()) {
        $PH->abortWarning(__('Invalid checksum for hidden form elements'));
    ### get comment ####
    $id = getOnePassedId('comment');
    ### new object? ###
    if ($id == 0) {
        $comment = new Comment(array());
    } else {
        $comment = Comment::getVisibleById($id);
        if (!$comment) {
            $PH->abortWarning("Could not get comment");
    # retrieve all possible values from post-data
    # NOTE:
    # - this could be an security-issue.
    # - TODO: as some kind of form-edit-behaviour to field-definition
    foreach ($comment->fields as $f) {
        $name = $f->name;
    if ($tmp = get('comment_project')) {
        $comment->project = $tmp;
    $task = NULL;
    if ($tmp = get('comment_task')) {
        if ($task = Task::getVisibleById($tmp)) {
            $comment->task = $task->id;
            $comment->project = $task->project;
    if ($tmp = get('comment_occasion')) {
        $comment->occasion = $tmp;
    ### be sure the comment is connected somewhere ###
    # Comments to comments are deprecated
    if (!$comment->project || !$comment->task) {
        $PH->abortWarning("ERROR:Comment not connected anywhere. This is an internal error and should be reported");
    ### change task update modification date ###
    if ($task) {
        ### Check if now longer new ###
        if ($task->status == STATUS_NEW) {
            global $auth;
            if ($task->created < $auth->cur_user->last_login) {
                $task->status = STATUS_OPEN;
                $task->update(array('modified', 'status'));
    ### detect spam
    validateNotSpam($comment->description . " " . $comment->name);
    ### get pub-level
    $pub_level = intval(get('comment_pub_level'));
    if (!$pub_level) {
        $pub_level = PUB_LEVEL_OPEN;
    $pp = $task->getProjectPerson();
    if ($pub_level > $pp->level_create) {
        $pub_level = $pp->level_create;
    $comment->pub_level = $pub_level;
    ### write to db ###
    if ($comment->id == 0) {
    } else {
    ### display taskView ####
    if (!$PH->showFromPage()) {
Beispiel #3
* Submitting changes to version @ingroup pages
function versionEditSubmit()
    global $PH;
    ### get version ####
    $id = getOnePassedId('version');
    if ($id == 0) {
        $version = new Version(array('id' => 0));
    } else {
        $version = Version::getEditableById($id);
        if (!$version) {
            $PH->abortWarning(__("Could not get version"));
    ### cancel ###
    if (get('form_do_cancel')) {
        if (!$PH->showFromPage()) {
            $PH->show('projView', array('prj' => $version->project));
    ### Validate integrety ###
    if (!validateFormCrc()) {
        $PH->abortWarning(__('Invalid checksum for hidden form elements'));
    ### get project ###
    $version->project = get('version_project');
    if (!($project = Project::getVisibleById($version->project))) {
        $PH->abortWarning(__("Could not get project of version"));
    # retrieve all possible values from post-data
    # NOTE:
    # - this could be an security-issue.
    # - TODO: as some kind of form-edit-behaviour to field-definition
    foreach ($version->fields as $f) {
        $name = $f->name;
    ### pub level ###
    if ($pub_level = get('version_pub_level')) {
        ### not a new version ###
        if ($version->id) {
            if ($pub_level > $version->getValidUserSetPublicLevels()) {
                $PH->abortWarning('invalid data', ERROR_RIGHTS);
        #else {
        #    #@@@ check for person create rights
        $version->pub_level = $pub_level;
    ### go back to from if validation fails ###
    $failure = false;
    if (!$version->name) {
        $failure = true;
        new FeedbackWarning(__("Name required"));
    if ($failure) {
        $PH->show('versionEdit', NULL, $version);
    ### write to db ###
    if ($version->id == 0) {
    } else {
    if (!$PH->showFromPage()) {
        $PH->show('projView', array('prj' => $version->project));
Beispiel #4
* Submit changes to a task
* @ingroup pages
function taskEditSubmit()
    global $PH;
    global $auth;
    require_once confGet('DIR_STREBER') . 'db/';
     * keep a list of items linking to this task, task is new
     * we have to change the linking id after(!) inserting the task
    $link_items = array();
    ### temporary object or from database? ###
    $tsk_id = getOnePassedId('tsk', '', true, 'invalid id');
    if ($tsk_id == 0) {
        $task = new Task(array('id' => 0, 'project' => get('task_project')));
        $was_category = 0;
        # undefined category for new tasks
        $was_resolved_version = 0;
    } else {
        if (!($task = Task::getVisiblebyId($tsk_id))) {
            $PH->abortWarning("invalid task-id");
        $was_category = $task->category;
        $was_resolved_version = $task->resolved_version;
    ### cancel? ###
    if (get('form_do_cancel')) {
        if (!$PH->showFromPage()) {
            $PH->show('taskView', array('tsk' => $task->id));
    ### Validate integrety ###
    if (!validateFormCrc()) {
        $PH->abortWarning(__('Invalid checksum for hidden form elements'));
    $was_a_folder = $task->category == TCATEGORY_FOLDER ? true : false;
    $was_released_as = $task->is_released;
    ### get project ###
    if (!($project = Project::getVisiblebyId($task->project))) {
        $PH->abortWarning("task without project?");
     * adding comment (from quick edit) does only require view right...
    $added_comment = false;
    ### check for request feedback
    if ($request_feedback = get('request_feedback')) {
        $team_members_by_nickname = array();
        foreach ($project->getProjectPeople() as $pp) {
            $team_members_by_nickname[$pp->getPerson()->nickname] = $pp->getPerson();
        $requested_people = array();
        foreach (explode('\\s*,\\s*', $request_feedback) as $nickname) {
            ### now check if this nickname is a team member
            if ($nickname = trim($nickname)) {
                if (isset($team_members_by_nickname[$nickname])) {
                    $person = $team_members_by_nickname[$nickname];
                    ### update to itemperson table...
                    if ($view = ItemPerson::getAll(array('person' => $person->id, 'item' => $task->id))) {
                        $view[0]->feedback_requested_by = $auth->cur_user->id;
                    } else {
                        $new_view = new ItemPerson(array('item' => $task->id, 'person' => $person->id, 'feedback_requested_by' => $auth->cur_user->id));
                    $requested_people[] = "<b>" . asHtml($nickname) . "</b>";
                } else {
                    new FeedbackWarning(sprintf(__("Nickname not known in this project: %s"), "<b>" . asHtml($nickname) . "</b>"));
        if ($requested_people) {
            new FeedbackMessage(sprintf(__('Requested feedback from: %s.'), join($requested_people, ", ")));
    ### only insert the comment, when comment name or description are valid
    if (get('comment_name') || get('comment_description')) {
        require_once confGet('DIR_STREBER') . 'pages/';
        $valid_comment = true;
        ### new object? ###
        $comment = new Comment(array('name' => get('comment_name'), 'description' => get('comment_description'), 'project' => $task->project, 'task' => $task->id));
        validateNotSpam($comment->name . $comment->description);
        ### write to db ###
        if ($valid_comment) {
            if (!$comment->insert()) {
                new FeedbackWarning(__("Failed to add comment"));
            } else {
                ### change task update modification date ###
                if (isset($task)) {
                    ### Check if now longer new ###
                    if ($task->status == STATUS_NEW) {
                        global $auth;
                        if ($task->created < $auth->cur_user->last_login) {
                            $task->status = STATUS_OPEN;
                    $task->update(array('modified', 'status'));
                $added_comment = true;
    if ($task->id != 0 && !Task::getEditableById($task->id)) {
        if ($added_comment) {
            ### display taskView ####
            if (!$PH->showFromPage()) {
                $PH->show('home', array());
        } else {
            $PH->abortWarning(__("Not enough rights to edit task"));
    $status_old = $task->status;
    # retrieve all possible values from post-data (with field->view_in_forms == true)
    # NOTE:
    # - this could be an security-issue.
    # @@@ TODO: as some kind of form-edit-behaviour to field-definition
    foreach ($task->fields as $f) {
        $name = $f->name;
    ### category ###
    $was_of_category = $task->category;
    if (!is_null($c = get('task_category'))) {
        global $g_tcategory_names;
        if (isset($g_tcategory_names[$c])) {
            $task->category = $c;
        } else {
            trigger_error("ignoring unknown task category '{$c}'", E_USER_NOTICE);
     * @@@pixtur 2006-11-17: actually this has been depreciated. is_folder updated
     * for backward compatibility only.
    $task->is_folder = $task->category == TCATEGORY_FOLDER ? 1 : 0;
    ### Check if now longer new ###
    if ($status_old == $task->status && $task->status == STATUS_NEW) {
        global $auth;
        if ($task->created < $auth->cur_user->last_login) {
            $task->status = STATUS_OPEN;
    $assigned_people = array();
    $task_assignments = array();
    if ($task->id) {
        foreach ($task->getAssignedPeople() as $p) {
            $assigned_people[$p->id] = $p;
        foreach ($task->getAssignments() as $ta) {
            $task_assignments[$ta->person] = $ta;
    $team = array();
    foreach ($project->getPeople() as $p) {
        $team[$p->id] = $p;
    $new_task_assignments = array();
    # store assigments after(!) validation
    $forwarded = 0;
    $forward_comment = '';
    $old_task_assignments = array();
    if (isset($task_assignments)) {
        foreach ($task_assignments as $id => $t_old) {
            $id_new = get('task_assigned_to_' . $id);
            $forward_state = get('task_forward_to_' . $id);
            if ($forward_state) {
                $forwarded = 1;
            } else {
                $forwarded = 0;
            $forward_comment = get('task_forward_comment_to_' . $id);
            if ($id_new === NULL) {
                log_message("failure. Can't change no longer existing assigment (person-id={$id} item-id={$t_old->id})", LOG_MESSAGE_DEBUG);
                #$PH->abortWarning("failure. Can't change no longer existing assigment",ERROR_NOTE);
            if ($id == $id_new) {
                if ($tp = TaskPerson::getTaskPeople(array('person' => $id, 'task' => $task->id))) {
                    $tp[0]->forward = $forwarded;
                    $tp[0]->forward_comment = $forward_comment;
                    $old_task_assignments[] = $tp[0];
                #echo " [$id] {$team[$id]->name} still assigned<br>";
            if ($id_new == 0) {
                if (!$t_old) {
                #echo " [$id] {$team[$id]->name} unassigned<br>";
            #$t_new= $task_assignments[$id_new];
            $p_new = @$team[$id_new];
            if (!isset($p_new)) {
                $PH->abortWarning("failure during form-value passing", ERROR_BUG);
            #echo " [$id] assignment changed from {$team[$id]->name} to {$team[$id_new]->name}<br>";
            $t_old->comment = sprintf(__("unassigned to %s", "task-assignment comment"), $team[$id_new]->name);
            $new_assignment = new TaskPerson(array('person' => $team[$id_new]->id, 'task' => $task->id, 'comment' => sprintf(__("formerly assigned to %s", "task-assigment comment"), $team[$id]->name), 'project' => $project->id, 'forward' => $forwarded, 'forward_comment' => $forward_comment));
            $new_task_assignments[] = $new_assignment;
            $link_items[] = $new_assignment;
    ### check new assigments ###
    $count = 0;
    while ($id_new = get('task_assign_to_' . $count)) {
        $forward_state = get('task_forward_to_' . $count);
        if ($forward_state) {
            $forwarded = 1;
        } else {
            $forwarded = 0;
        $forward_comment = get('task_forward_comment_to_' . $count);
        ### check if already assigned ###
        if (isset($task_assignments[$id_new])) {
            if ($tp = TaskPerson::getTaskPeople(array('person' => $id_new, 'task' => $task->id))) {
                $tp[0]->forward = $forwarded;
                $tp[0]->forward_comment = $forward_comment;
                $old_task_assignments[] = $tp[0];
            #new FeedbackMessage(sprintf(__("task was already assigned to %s"),$team[$id_new]->name));
        } else {
            if (!isset($team[$id_new])) {
                $PH->abortWarning("unknown person id {$id_new}", ERROR_DATASTRUCTURE);
            $new_assignment = new TaskPerson(array('person' => $team[$id_new]->id, 'task' => $task->id, 'comment' => "", 'project' => $project->id, 'forward' => $forwarded, 'forward_comment' => $forward_comment));
             * BUG?
             * - inserting the new assigment before sucessfully validating the
             *   task will lead to double-entries in the database.
            $new_task_assignments[] = $new_assignment;
            $link_items[] = $new_assignment;
    if ($task->isOfCategory(array(TCATEGORY_VERSION, TCATEGORY_MILESTONE))) {
        if ($is_released = get('task_is_released')) {
            if (!is_null($is_released)) {
                $task->is_released = $is_released;
    ### pub level ###
    if ($pub_level = get('task_pub_level')) {
        if ($task->id) {
            if ($pub_level > $task->getValidUserSetPublicLevels()) {
                $PH->abortWarning('invalid data', ERROR_RIGHTS);
        #else {
        #    #@@@ check for person create rights
        $task->pub_level = $pub_level;
    ### check project ###
    if ($task->id == 0) {
        if (!($task->project = get('task_project'))) {
            $PH->abortWarning("task requires project to be set");
    ### get parent_task ###
    $is_ok = true;
    $parent_task = NULL;
    if ($task->parent_task) {
        $parent_task = Task::getVisibleById($task->parent_task);
    ### validate ###
    if (!$task->name) {
        new FeedbackWarning(__("Task requires name"));
        $task->fields['name']->required = true;
        $task->fields['name']->invalid = true;
        $is_ok = false;
    } else {
        if ($task->id == 0) {
            $other_tasks = array();
            if ($parent_task) {
                $other_tasks = Task::getAll(array('project' => $project->id, 'parent_task' => $parent_task->id, 'status_min' => STATUS_NEW, 'status_max' => STATUS_CLOSED, 'visible_only' => false));
            } else {
                $other_tasks = Task::getAll(array('project' => $project->id, 'parent_task' => 0, 'status_min' => STATUS_NEW, 'status_max' => STATUS_CLOSED, 'visible_only' => false));
            foreach ($other_tasks as $ot) {
                if (!strcasecmp($task->name, $ot->name)) {
                    $is_ok = false;
                    new FeedbackWarning(sprintf(__('Task called %s already exists'), $ot->getLink(false)));
    ### automatically close resolved tasks ###
    if ($task->resolve_reason && $task->status < STATUS_COMPLETED) {
        $task->status = STATUS_COMPLETED;
        new FeedbackMessage(sprintf(__('Because task is resolved, its status has been changed to completed.')));
    ### Check if resolved tasks should be completed ###
    if ($task->resolved_version != 0 && $task->status < STATUS_COMPLETED) {
        new FeedbackWarning(sprintf(__('Task has resolved version but is not completed?')));
        $task->fields['resolved_version']->invalid = true;
        $task->fields['status']->invalid = true;
        $is_ok = false;
    ### Check if completion should be 100% ###
    if ($task->status >= STATUS_COMPLETED) {
        $task->completion = 100;
    ### repeat form if invalid data ###
    if (!$is_ok) {
        $PH->show('taskEdit', NULL, $task);
    #--- write to database -----------------------------------------------------------------------
    #--- be sure parent-task is folder ---
    if ($parent_task) {
        if ($parent_task->isMilestoneOrVersion()) {
            if ($parent_task->is_folder) {
                $parent_task->is_folder = 0;
                $parent_task->update(array('is_folder'), false);
            $PH->abortWarning(__("Milestones may not have sub tasks"));
        } else {
            if ($parent_task->category != TCATEGORY_FOLDER) {
                $parent_task->category = TCATEGORY_FOLDER;
                $parent_task->is_folder = 1;
                if ($parent_task->update()) {
                    new FeedbackMessage(__("Turned parent task into a folder. Note, that folders are only listed in tree"));
                } else {
                    trigger_error(__("Failed, adding to parent-task"), E_USER_WARNING);
                    $PH->abortWarning(__("Failed, adding to parent-task"));
    ### ungroup child tasks? ###
    if ($was_a_folder && $task->category != TCATEGORY_FOLDER) {
        $num_subtasks = $task->ungroupSubtasks();
        # @@@ does this work???
         * note: ALSO invisible tasks should be updated, so do not check for visibility here.
        $parent = Task::getById($task->parent_task);
        $parent_str = $parent ? $parent->name : __('Project');
        if ($num_subtasks) {
            new FeedbackMessage(sprintf(__("NOTICE: Ungrouped %s subtasks to <b>%s</b>"), $num_subtasks, $parent_str));
    if ($task->id && !get('task_issue_report')) {
        $task_issue_report = $task->issue_report;
    } else {
        if ($task->issue_report != get('task_issue_report')) {
            trigger_error("Requesting invalid issue report id for task!", E_USER_WARNING);
            $task_issue_report = get('task_issue_report');
        } else {
            $task_issue_report = 0;
    ### consider issue-report? ###
    #$task_issue_report= get('task_issue_report');
    if ($task->category == TCATEGORY_BUG || isset($task_issue_report) && $task_issue_report) {
        ### new report as / temporary ###
        if ($task_issue_report == 0 || $task_issue_report == -1) {
            $issue = new Issue(array('id' => 0, 'project' => $project->id, 'task' => $task->id));
            ### querry form-information ###
            foreach ($issue->fields as $f) {
                $name = $f->name;
            global $g_reproducibility_names;
            if (!is_null($rep = get('issue_reproducibility'))) {
                if (isset($g_reproducibility_names[$rep])) {
                    $issue->reproducibility = intval($rep);
                } else {
                    $issue->reproducibility = REPRODUCIBILITY_UNDEFINED;
            global $g_severity_names;
            if (!is_null($sev = get('issue_severity'))) {
                if (isset($g_severity_names[$sev])) {
                    $issue->severity = intval($sev);
                } else {
                    $issue->severity = SEVERITY_UNDEFINED;
            ### write to db ###
            if (!$issue->insert()) {
                trigger_error("Failed to insert issue to db", E_USER_WARNING);
            } else {
                $link_items[] = $issue;
                $task->issue_report = $issue->id;
        } else {
            if ($issue = Issue::getById($task_issue_report)) {
                ### querry form-information ###
                foreach ($issue->fields as $f) {
                    $name = $f->name;
                global $g_reproducibility_names;
                if (!is_null($rep = get('issue_reproducibility'))) {
                    if (isset($g_reproducibility_names[$rep])) {
                        $issue->reproducibility = intval($rep);
                    } else {
                        $issue->reproducibility = REPRODUCIBILITY_UNDEFINED;
                global $g_severity_names;
                if (!is_null($sev = get('issue_severity'))) {
                    if (isset($g_severity_names[$sev])) {
                        $issue->severity = intval($sev);
                    } else {
                        $issue->severity = SEVERITY_UNDEFINED;
                ### write to db ###
                if (!$issue->update()) {
                    trigger_error("Failed to write issue to DB (id={$issue->id})", E_USER_WARNING);
                if ($task->issue_report != $issue->id) {
                    # additional check, actually not necessary
                    trigger_error("issue-report as invalid id ({$issue->id}). Should be ({$task->issue_report}) Please report this bug.", E_USER_WARNING);
            } else {
                trigger_error("Could not get issue with id {$task->issue_report} from database", E_USER_WARNING);
    ### write to db ###
    if ($task->id == 0) {
        ### write task-assigments ###
        foreach ($new_task_assignments as $nta) {
        ### now we now the id of the new task, link the other items
        foreach ($link_items as $i) {
            $i->task = $task->id;
        new FeedbackMessage(sprintf(__("Created %s %s with ID %s", "Created <type> <name> with ID <id>..."), $task->getLabel(), $task->getLink(false), $task->id));
    } else {
        ### write task-assigments ###
        foreach ($new_task_assignments as $nta) {
        foreach ($old_task_assignments as $ota) {
        new FeedbackMessage(sprintf(__("Changed %s %s with ID %s", "type,link,id"), $task->getLabel(), $task->getLink(false), $task->id));
        $project->update(array(), true);
    ### add any recently resolved tasks if this is a just released version  ###
    if ($task->category == TCATEGORY_VERSION && $was_category != TCATEGORY_VERSION) {
        if ($resolved_tasks = Task::getAll(array('project' => $task->project, 'status_min' => 0, 'status_max' => 10, 'resolved_version' => RESOLVED_IN_NEXT_VERSION))) {
            foreach ($resolved_tasks as $rt) {
                $rt->resolved_version = $task->id;
            new FeedbackMessage(sprintf(__('Marked %s tasks to be resolved in this version.'), count($resolved_tasks)));
    ### notify on change ###
    ### create another task ###
    if (get('create_another')) {
        ### build dummy form ###
        $newtask = new Task(array('id' => 0, 'name' => __('Name'), 'project' => $task->project, 'state' => 1, 'prio' => $task->prio, 'label' => $task->label, 'parent_task' => $task->parent_task, 'for_milestone' => $task->for_milestone, 'category' => $task->category));
        $PH->show('taskEdit', array('tsk' => $newtask->id), $newtask);
    } else {
        ### go to task, if new
        if ($tsk_id == 0) {
            $PH->show('taskView', array('tsk' => $task->id));
        } else {
            if (!$PH->showFromPage()) {
                $PH->show('home', array());
* Submit data of a newly registered person @ingroup pages
function personRegisterSubmit()
    global $PH;
    global $auth;
    ### cancel ? ###
    if (get('form_do_cancel')) {
        if (!$PH->showFromPage()) {
            $PH->show('home', array());
    if (!validateFormCrc()) {
        $PH->abortWarning(__('Invalid checksum for hidden form elements'));
    $person = new Person(array('id' => 0));
    $person->user_rights = RIGHT_PERSON_EDIT_SELF;
    ### person category ###
    $pcategory = get('pcategory');
    if ($pcategory != NULL) {
        if ($pcategory == -1) {
            $person->category = PCATEGORY_STAFF;
        } else {
            if ($pcategory == -2) {
                $person->category = PCATEGORY_CONTACT;
            } else {
                $person->category = $pcategory;
    $flag_ok = true;
    # update valid?
    # retrieve all possible values from post-data
    # NOTE:
    # - this could be an security-issue.
    # - TODO: as some kind of form-edit-behaviour to field-definition
    foreach ($person->fields as $f) {
        $name = $f->name;
    $person->can_login = 1;
    $period = get('person_notification_period');
    ### turn off ###
    if ($period === 0 || $period === "0") {
        $person->settings &= USER_SETTING_NOTIFICATIONS ^ RIGHT_ALL;
        $person->notification_period = 0;
    } else {
        $person->settings |= USER_SETTING_NOTIFICATIONS;
        $person->notification_period = $period;
        if ($person->can_login && !$person->personal_email && !$person->office_email) {
            $flag_ok = false;
            $person->fields['office_email']->required = true;
            $person->fields['personal_email']->required = true;
            new FeedbackWarning(__("Sending notifactions requires an email-address."));
    if (get('person_html_mail')) {
        $person->settings |= USER_SETTING_HTML_MAIL;
    } else {
        $person->settings &= USER_SETTING_HTML_MAIL ^ RIGHT_ALL;
    $zone = get('person_time_zone');
    if ($zone != NULL && $person->time_zone != 1.0 * $zone) {
        $person->time_zone = 1.0 * $zone;
        if ($zone == TIME_OFFSET_AUTO) {
            new FeedbackMessage(__("Using auto detection of time zone requires this user to relogin."));
        } else {
            $person->time_offset = $zone * 60.0 * 60.0;
            if ($person->id == $auth->cur_user->id) {
                $auth->cur_user->time_offset = $zone * 60.0 * 60.0;
    $theme = get('person_theme');
    if ($theme != NULL) {
        $person->theme = $theme;
        ### update immediately / without page-reload ####
        if ($person->id == $auth->cur_user->id) {
            $auth->cur_user->theme = $theme;
    $language = get('person_language');
    global $g_languages;
    if (isset($g_languages[$language])) {
        $person->language = $language;
        ### update immediately / without page-reload ####
        if ($person->id == $auth->cur_user->id) {
            $auth->cur_user->language = $language;
    if (!$person->name) {
        new FeedbackWarning(__("Login-accounts require a full name."));
        $person->fields['name']->required = true;
        $person->fields['name']->invalid = true;
        $flag_ok = false;
    if (!$person->office_email) {
        new FeedbackWarning(__("Please enter an e-mail address."));
        $person->fields['office_email']->required = true;
        $person->fields['office_email']->invalid = true;
        $flag_ok = false;
    $t_nickname = get('person_nickname');
    if (!$person->nickname) {
        new FeedbackWarning(__("Login-accounts require a unique nickname"));
        $person->fields['nickname']->required = true;
        $person->fields['nickname']->invalid = true;
        $flag_ok = false;
    ### check if changed nickname is unique
    if ($person->can_login || $person->nickname != "") {
         * \todo actually this should be mb_strtolower, but this is not installed by default
        if ($person->nickname != strtolower($person->nickname)) {
            new FeedbackMessage(__("Nickname has been converted to lowercase"));
            $person->nickname = strtolower($person->nickname);
        if ($p2 = Person::getByNickname($t_nickname)) {
            # another person with this nick?
            if ($p2->id != $person->id) {
                new FeedbackWarning(__("Nickname has to be unique"));
                $person->fields['nickname']->required = true;
                $flag_ok = false;
    ### password entered? ###
    $t_password1 = get('person_password1');
    $t_password2 = get('person_password2');
    $flag_password_ok = true;
    if (($t_password1 || $t_password2) && $t_password1 != "__dont_change__") {
        ### check if password match ###
        if ($t_password1 !== $t_password2) {
            new FeedbackWarning(__("Passwords do not match"));
            $person->fields['password']->required = true;
            $flag_ok = false;
            $flag_password_ok = false;
            $person->cookie_string = $auth->cur_user->calcCookieString();
    ### check if password is good enough ###
    $password_length = strlen($t_password1);
    $password_count_numbers = strlen(preg_replace('/[\\d]/', '', $t_password1));
    $password_count_special = strlen(preg_replace('/[\\w]/', '', $t_password1));
    $password_value = -7 + $password_length + $password_count_numbers * 2 + $password_count_special * 4;
    if ($password_value < confGet('CHECK_PASSWORD_LEVEL')) {
        new FeedbackWarning(__("Password is too weak (please add numbers, special chars or length)"));
        $flag_ok = false;
        $flag_password_ok = false;
    if ($flag_password_ok) {
        $person->password = md5($t_password1);
    if (!validateFormCaptcha()) {
        new FeedbackWarning(__("Please copy the text from the image."));
        $flag_ok = false;
    ### repeat form if invalid data ###
    if (!$flag_ok) {
        $PH->show('personRegister', NULL, $person);
     * store indentifier-string for login from notification & reminder - mails
    $person->identifier = $person->calcIdentifierString();
    ### insert new object ###
    if ($person->settings & USER_SETTING_NOTIFICATIONS && $person->can_login) {
        $person->settings |= USER_SETTING_SEND_ACTIVATION;
        new FeedbackHint(sprintf(__("A notification / activation  will be mailed to <b>%s</b> when you log out."), $person->name) . " " . sprintf(__("Read more about %s."), $PH->getWikiLink('notifications')));
    $person->notification_last = getGMTString(time() - $person->notification_period * 60 * 60 * 24 - 1);
    $person->cookie_string = $person->calcCookieString();
    if ($person->insert()) {
        new FeedbackHint(__("Thank you for registration! After your request has been approved by a moderator, you will can an email."));
        ### link to a company ###
        if ($c_id = get('company')) {
            require_once confGet('DIR_STREBER') . 'db/';
            if ($c = Company::getVisibleById($c_id)) {
                require_once confGet('DIR_STREBER') . 'db/';
                $e = new Employment(array('id' => 0, 'person' => $person->id, 'company' => $c->id));
        ## assigne to project ##
        require_once confGet('DIR_STREBER') . 'db/';
        $prj_num = confGet('REGISTER_NEW_USERS_TO_PROJECT');
        global $g_user_profile_names;
        if (isset($prj_num)) {
            if ($prj_num != -1) {
                if ($p = Project::getVisibleById($prj_num)) {
                    $prj_person = new ProjectPerson(array('person' => $person->id, 'project' => $p->id, 'name' => $g_user_profile_names[$person->profile]));
        new FeedbackMessage(sprintf(__('Person %s created'), $person->getLink()));
        ### automatically login ###
        $foo = array('login_name' => $person->nickname, 'login_password_md5' => $person->password);
        $PH->show('loginFormSubmit', array());
    } else {
        new FeedbackError(__("Could not insert object"));
    ### display fromPage ####
    if (!$PH->showFromPage()) {
        $PH->show('home', array());
Beispiel #6
* submit changes to one bookmark @ingroup pages
function itemBookmarkEditSubmit()
    global $PH;
    global $auth;
    ### cancel ? ###
    if (get('form_do_cancel')) {
        if (!$PH->showFromPage()) {
            $PH->show('home', array());
    ### Validate form crc
    if (!validateFormCrc()) {
        $PH->abortWarning(__('Invalid checksum for hidden form elements'));
    ### get bookmark ####
    $id = getOnePassedId('bookmark');
    $bm_id = getOnePassedId('bookmark_id');
    $is_already_bookmark = getOnePassedId('is_already_bookmark');
    $count = 0;
    if ($bm_id != 0 && $is_already_bookmark) {
        if (!($bookmark = ItemPerson::getAll(array('item' => $id, 'person' => $auth->cur_user->id, 'is_bookmark' => 1)))) {
            $PH->abortWarning(__('Could not get bookmark'));
    } elseif ($bm_id != 0 && !$is_already_bookmark) {
        if (!($bookmark = ItemPerson::getAll(array('item' => $id, 'person' => $auth->cur_user->id)))) {
            $PH->abortWarning(__('Could not get bookmark'));
    } elseif ($bm_id == 0) {
        $date = getGMTString();
        $bookmark = new ItemPerson(array('id' => 0, 'item' => $id, 'person' => $auth->cur_user->id, 'is_bookmark' => 1, 'created' => $date));
    if ($bm_id != 0) {
        $bookmark = $bookmark[0];
    # retrieve all possible values from post-data
    # NOTE:
    # - this could be an security-issue.
    # - TODO: as some kind of form-edit-behaviour to field-definition
    foreach ($bookmark->fields as $f) {
    $notify_on_change = get('notify_on_change');
    if ($notify_on_change) {
        $bookmark->notify_on_change = 1;
        $bookmark->notify_date = getGMTString();
    } else {
        $bookmark->notify_on_change = 0;
    $notify_period = get('notify_period');
    if (!is_null($notify_period)) {
        $bookmark->notify_if_unchanged = $notify_period;
    if ($bm_id != 0 && $is_already_bookmark) {
    } elseif ($bm_id != 0 && !$is_already_bookmark) {
        $bookmark->is_bookmark = 1;
        $bookmark->created = getGMTString();
    } elseif ($bm_id == 0) {
    if ($count) {
        new FeedbackMessage(sprintf(__("Added %s bookmark(s)."), $count));
    ### display fromPage ####
    if (!$PH->showFromPage()) {
        $PH->show('home', array());
* Submit changes to a project @ingroup pages
function projEditSubmit()
    global $PH;
    global $auth;
    log_message("projEditSubmit()", LOG_MESSAGE_DEBUG);
    ### Validate form integrity ###
    if (!validateFormCrc()) {
        $PH->abortWarning(__('Invalid checksum for hidden form elements'));
    ### get project ####
    $project_id = getOnePassedId('prj');
    if ($project_id == 0) {
        $project = new Project(array());
    } else {
        if (!($project = Project::getEditableById($project_id))) {
            $PH->abortWarning("Could not get project");
    ### cancel ###
    if (get('form_do_cancel')) {
        if (!$PH->showFromPage()) {
            $PH->show('projView', array('prj' => $project->id));
    log_message(" :edit request time validated()", LOG_MESSAGE_DEBUG);
    # retrieve all possible values from post-data
    # NOTE:
    # - this could be an security-issue.
    # - TODO: as some kind of form-edit-behaviour to field-definition
    foreach ($project->fields as $f) {
        $name = $f->name;
    ### project company ###
    if (!is_null(get('project_company'))) {
        $project->company = intval(get('project_company'));
        if (!is_null(get($form_name))) {
            $project->settings |= $setting;
        } else {
            $project->settings &= $setting ^ PROJECT_SETTING_ALL;
    log_message(" :validated", LOG_MESSAGE_DEBUG);
    ### write to db ###
    if ($project->id == 0) {
        ### if new project add creator to team ###
        if ($person = Person::getVisibleById($project->created_by)) {
            ### effort-style
            $adjust_effort_style = $person->settings & USER_SETTING_EFFORTS_AS_DURATION ? EFFORT_STYLE_DURATION : EFFORT_STYLE_TIMES;
            $pp_new = new ProjectPerson(array('id' => 0, 'person' => $person->id, 'project' => $project->id, 'adjust_effort_style' => $adjust_effort_style, 'pub_level' => PUB_LEVEL_CLIENT));
            ### add project-right ###
            log_message(" :inserting...", LOG_MESSAGE_DEBUG);
            log_message(" :inserted", LOG_MESSAGE_DEBUG);
        } else {
            trigger_error("creator of person not visible?", E_USER_WARNING);
    } else {
        log_message(" :updating...", LOG_MESSAGE_DEBUG);
        log_message(" :updated", LOG_MESSAGE_DEBUG);
    ### notify on change ###
    ### automatically view new project ###
    if ($project_id == 0) {
        ### create another person ###
        if (get('create_another')) {
        } else {
            $PH->show('projView', array('prj' => $project->id));
    } else {
        ### display taskView ####
        if (!$PH->showFromPage()) {
            $PH->show('projView', array('prj' => $project->id));
Beispiel #8
* Submit changes to an effort  @ingroup pages
function effortEditSubmit()
    global $PH;
    global $auth;
    ### Validate form crc
    if (!validateFormCrc()) {
        $PH->abortWarning(__('Invalid checksum for hidden form elements'));
    ### get effort ####
    $id = getOnePassedId('effort');
    if ($id == 0) {
        $effort = new Effort(array('id' => 0));
    } else {
        $effort = Effort::getEditableById($id);
        if (!$effort) {
            $PH->abortWarning(__("Could not get effort"));
    ### cancel ###
    if (get('form_do_cancel')) {
        if (!$PH->showFromPage()) {
            $PH->show('projView', array('prj' => $effort->project));
    ### get project ###
    $effort->project = get('effort_project');
    if (!($project = Project::getVisibleById($effort->project))) {
        $PH->abortWarning(__("Could not get project of effort"));
    if (!$project->isPersonVisibleTeamMember($auth->cur_user)) {
        $PH->abortWarning("ERROR: Insufficient rights");
    ### get person ###
    if ($effort->person = get('effort_person')) {
        if (!($person = Person::getVisibleById($effort->person))) {
            $PH->abortWarning(__("Could not get person of effort"));
    # retrieve all possible values from post-data
    # NOTE:
    # - this could be an security-issue.
    # - TODO: as some kind of form-edit-behaviour to field-definition
    foreach ($effort->fields as $f) {
        $name = $f->name;
    ### times as duration ###
    if ($as_duration = get('effort_as_duration')) {
        $effort->as_duration = $as_duration;
        ### make sure day of time_end stays the same if date changes... ###
        if (($time_start = $effort->time_start) && ($time_end = $effort->time_end)) {
            $effort->time_end = gmdate("Y-m-d", strToClientTime($time_end)) . " " . gmdate("H:i:s", strToClientTime($time_end));
            $effort->time_start = gmdate("Y-m-d", strToClientTime($time_end)) . " " . gmdate("00:00:00", strToClientTime($time_end));
        } else {
            trigger_error("Getting time_start and time_end failed", E_USER_WARNING);
    ### pub level ###
    if ($pub_level = get('effort_pub_level')) {
        ### not a new effort ###
        if ($effort->id) {
            if ($pub_level > $effort->getValidUserSetPublicLevels()) {
                $PH->abortWarning('invalid data', ERROR_RIGHTS);
        #else {
        #  #@@@ check for person create rights
        $effort->pub_level = $pub_level;
    ## effort status ##
    if ($effort_status = get('effort_status')) {
        $effort->status = $effort_status;
    if ($effort_billing = get('effort_billing')) {
        $effort->billing = intval($effort_billing);
    if ($effort_productivity = get('effort_productivity')) {
        $effort->productivity = intval($effort_productivity);
    ### link to task ###
    $task_id = get('effort_task');
    if (!is_null($task_id)) {
        if ($task_id == 0) {
            $effort->task = 0;
        } else {
            if ($task = Task::getVisibleById($task_id)) {
                $effort->task = $task->id;
    ### go back to from if validation fails ###
    $failure = false;
    if (!$effort->name) {
        $failure = true;
        new FeedbackWarning(__("Name required"));
    if (strToGMTime($effort->time_end) - strToGMTime($effort->time_start) < 0) {
        $failure = true;
        new FeedbackWarning(__("Cannot start before end."));
    ### validation of the Datetime fields###
    if (!$as_duration) {
        if (strToGMTime($effort->time_start) == 0) {
            $failure = true;
            $name = $effort->fields['time_start']->name;
            $field_id = $effort->_type . '_' . $name;
            $value_time = get($field_id . '_time');
            new FeedbackWarning(sprintf(__("<b>%s</b> is not a valid value for start time."), $value_time));
            $effort->time_start = getGMTString();
        if (strToGMTime($effort->time_end) == 0) {
            $failure = true;
            $name = $effort->fields['time_end']->name;
            $field_id = $effort->_type . '_' . $name;
            $value_time = get($field_id . '_time');
            new FeedbackWarning(sprintf(__("<b>%s</b> is not a valid value for end time."), $value_time));
            $effort->time_end = getGMTString();
    } else {
        ##As duration
        if (strToGMTime($effort->time_end) == 0) {
            $failure = true;
            $name = $effort->fields['time_end']->name;
            $field_id = $effort->_type . '_' . $name;
            $value_time = get($field_id . '_time');
            new FeedbackWarning(sprintf(__("<b>%s</b> is not a valid value for hours."), $value_time));
            $effort->time_end = gmdate("Y-m-d", time()) . " 00:00:00";
    if ($failure) {
        $PH->show('effortEdit', NULL, $effort);
    ### write to db ###
    if ($effort->id == 0) {
    } else {
    ### display taskView ####
    if (!$PH->showFromPage()) {
        $PH->show('projView', array('prj' => $effort->project));
Beispiel #9
* Submit change to a company
* @ingroup pages
function companyEditSubmit()
    global $PH;
    global $auth;
    ### cancel ###
    if (get('form_do_cancel')) {
        if (!$PH->showFromPage()) {
            $PH->show('home', array());
    ### Validate integrety ###
    if (!validateFormCrc()) {
        $PH->abortWarning(__('Invalid checksum for hidden form elements'));
    ### get company ####
    $id = getOnePassedId('company');
    ### temporary object ###
    if ($id == 0) {
        $company = new Company(array());
    } else {
        $company = Company::getEditableById($id);
        if (!$company) {
            $PH->abortWarning("Could not get company");
        ### Validate item has not been editted since
    ### company category ###
    $ccategory = get('ccategory');
    if ($ccategory != NULL) {
        $company->category = $ccategory;
    # retrieve all possible values from post-data
    # NOTE:
    # - this could be an security-issue.
    # - TODO: as some kind of form-edit-behaviour to field-definition
    foreach ($company->fields as $f) {
        $name = $f->name;
    ### write to db ###
    if ($company->id == 0) {
        if ($company->insert()) {
            ### link to a company ###
            if ($p_id = get('person')) {
                require_once confGet('DIR_STREBER') . 'db/';
                if ($p = Person::getVisibleById($p_id)) {
                    require_once confGet('DIR_STREBER') . 'db/';
                    $e = new Employment(array('id' => 0, 'person' => $p->id, 'company' => $company->id));
        ### show 'create another' -form
        if (get('create_another')) {
            $PH->show('companyNew', array());
    } else {
    ### notify on change/unchange ###
    ### display taskView ####
    if (!$PH->showFromPage()) {
        $PH->show('home', array());
* Submit changes to a team member @ingroup pages
function projectPersonEditSubmit()
    global $PH;
    ### Validate form integrity ###
    if (!validateFormCrc()) {
        $PH->abortWarning(__('Invalid checksum for hidden form elements'));
    ### get projectperson ####
    $id = getOnePassedId('projectperson', true, 'invalid id');
    if ($id == 0) {
        $pp = new ProjectPerson(array('id' => 0));
    } else {
        $pp = new ProjectPerson($id);
        if (!$pp) {
            $PH->abortWarning("Could not get project person");
    ### cancel ###
    if (get('form_do_cancel')) {
        if (!$PH->showFromPage()) {
            $PH->show('projView', array('prj' => $pp->project));
    ### get project ###
    if (!($project = new Project($pp->project))) {
        $PH->abortWarning("ERROR: could not get project", ERROR_FATAL);
    ### get person ###
    if (!($person = new Person($pp->person))) {
        $PH->abortWarning("ERROR: could not get project", ERROR_FATAL);
    # retrieve all possible values from post-data
    # NOTE:
    # - this could be an security-issue.
    # - TODO: as some kind of form-edit-behaviour to field-definition
    foreach ($pp->fields as $f) {
        $name = $f->name;
    ### set rights role ###
     * if profile != 0, it will OVERWRITE (or reinit) user_rights
     * therefore persEdit set profil to 0 if rights don't fit profile. It will
     * then be skipped here
    if ($profile = intval(get('person_profile'))) {
        global $g_user_profile_names;
        global $g_user_profiles;
        #if($profile_settings= $g_user_profiles[$g_user_profile_names[$profile]]) {
        if ($profile_settings = $g_user_profiles[$profile]) {
            $pp->level_view = $profile_settings['level_view'];
            $pp->level_edit = $profile_settings['level_edit'];
            $pp->level_create = $profile_settings['level_create'];
            $pp->level_delete = $profile_settings['level_delete'];
            $pp->level_reduce = $profile_settings['level_reduce'];
            $pp->role = $profile;
            new FeedbackMessage(sprintf(__('Changed role of <b>%s</b> to <b>%s</b>'), $person->name, $g_user_profile_names[$profile]));
        } else {
            trigger_error("undefined profile requested.", E_USER_WARNING);
    ### pub level ###
    if ($pub_level = get('projectperson_pub_level')) {
        if ($pp->id) {
            if ($pub_level > $pp->getValidUserSetPublicLevels()) {
                $PH->abortWarning('invalid data', ERROR_RIGHTS);
        #else {
        #    #@@@ check for person create rights
        $pp->pub_level = $pub_level;
    ### effort-style ###
    if ($effort_style = get('projectperson_effort_style')) {
        $pp->adjust_effort_style = $effort_style;
    ### write to db ###
    if ($pp->id == 0) {
    } else {
    ### return to from-page ###
    if (!$PH->showFromPage()) {
        $PH->show('projView', array('prj' => $pp->project));
Beispiel #11
* Submit information to a file @ingroup pages
function fileEditSubmit()
    global $PH;
    ### Validate form crc
    if (!validateFormCrc()) {
        $PH->abortWarning(__('Invalid checksum for hidden form elements'));
    $id = getOnePassedId('file');
    ### temp new file-object ####
    if ($id == 0) {
        $file = new File(array('id' => 0));
        $file->mimetype = get('file_mimetype') ? urldecode(get('file_mimetype')) : NULL;
        $file->org_filename = get('file_org_filename') ? urldecode(get('file_org_filename')) : NULL;
        $file->tmp_filename = get('file_tmp_filename') ? urldecode(get('file_tmp_filename')) : NULL;
        $file->tmp_dir = get('file_tmp_dir') ? get('file_tmp_dir') : NULL;
        ### make sure file is not already uploaded ###
        #if(!file_exists("_uploads/". $file->tmp_dir)) {
        #    $PH->abortWarning("Not again");
        $file->filesize = intval(get('file_filesize'));
        $file->is_image = intval(get('file_is_image'));
        $file->version = intval(get('file_version'));
        $file->parent_item = intval(get('file_parent_item'));
        $file->org_file = intval(get('file_org_file'));
    } else {
        $file = File::getEditableById($id);
        if (!$file) {
            $PH->abortWarning(__("Could not get file"));
    ### cancel ###
    if (get('form_do_cancel')) {
        if (!$PH->showFromPage()) {
            $PH->show('projView', array('prj' => $file->project));
    $file->project = get('file_project');
    if (!($project = Project::getVisibleById($file->project))) {
        $PH->abortWarning(__("Could not get project of file"));
    if (!is_null(get('file_name'))) {
        $file->name = get('file_name');
    if (!is_null(get('file_description'))) {
        $file->description = get('file_description');
    if (!is_null(get('file_status'))) {
        $file->status = get('file_status');
    ### pub level ###
    if ($pub_level = get('file_pub_level')) {
        ### not a new file ###
        if ($file->id) {
            if ($pub_level > $file->getValidUserSetPublicLevels()) {
                $PH->abortWarning('invalid data', ERROR_RIGHTS);
        } else {
            #@@@ check for person create rights
            $foo = true;
        $file->pub_level = $pub_level;
    ### go back to from if validation fails ###
    $failure = false;
    if ($file->name == "") {
        $failure = true;
        $PH->messages[] = __("Please enter a proper filename");
    if ($failure) {
        $PH->show('fileEdit', NULL, $file);
    ### write to db ###
    if ($file->id == 0) {
        $latest_file = NULL;
        if ($file->org_file) {
            if (!($org_file = File::getEditableById($file->org_file))) {
                $PH->abortWarning("unable to write parent file", ERROR_RIGHTS);
            if (!($latest_file = $org_file->getLatest())) {
                $PH->abortWarning("unable to get latest file", ERROR_RIGHTS);
        if (!$file->insert()) {
            $PH->abortWarning("Could not insert file to db");
        ### updated former latest file? ###
        if ($latest_file) {
            $latest_file->is_latest = 0;
            new FeedbackMessage(sprintf(__("Uploaded new version of file with Id %s"), $file->id));
        } else {
            new FeedbackMessage(sprintf(__("Uploaded new file with Id %s"), $file->id));
    } else {
        new FeedbackMessage(sprintf(__("Updated file with Id %s"), $file->id));
    ### update date of parent items ? ###
    if ($item = DbProjectItem::getEditableById($file->parent_item)) {
    ### display taskView ####
    if (!$PH->showFromPage()) {
        $PH->show('projView', array('prj' => $file->project));