$unbalanced_amount = 0; } if ($arg_edit_split == 1) { foreach ($_REQUEST as $var => $val) { if (!ereg("split_tag_id([0-9]*)", $var, $parts)) { continue; } $split_id = 0 + $parts[1]; $split_tag_id = 0 + $val; if ($split_tag_id == 0) { continue; } $k = sprintf("split_amt%d", $split_id); $split_amount = @$_REQUEST[$k]; if ($split_id == 0) { $split_id = get_seq(); query("insert into splits (split_id, tid, " . " tag_id, split_amount)" . " values (?,?,?,?)", array($split_id, $arg_tid, $split_tag_id, $split_amount)); } else { if (($sp = @$splits[$split_id]) != NULL) { if ($sp->tag_id != $split_tag_id || abs($sp->amount - $split_amount) > 0.001) { query("update splits set" . " tag_id = ?, split_amount = ?" . " where split_id = ?", $split_id); } } } } flash("Ok"); $t = sprintf("trans.php?tid=%d", $arg_tid); redirect($t); } $body .= "<h1>Transaction details</h1>\n"; $body .= "<form action='trans.php'>\n";
query("delete from tags where tag_id = ?", $arg_tag_id); query("update splits set tag_id = null where tag_id = ?", $arg_tag_id); flash("Deleted"); redirect("tags.php"); } if ($arg_update == 1) { get_tags(); foreach ($_REQUEST as $var => $val) { if (!ereg("^tag([0-9]*)", $var, $parts)) { continue; } $tag_id = 0 + $parts[1]; $val = trim($val); if ($tag_id == 0) { if ($val) { $tag_id = get_seq(); query("insert into tags (tag_id, name)" . " values (?,?)", array($tag_id, $val)); continue; } } if ($val) { $old_name = @$tag_id_to_name[$tag_id]; if (strcmp($old_name, $val) != 0) { query("update tags set name = ?" . " where tag_id = ?", array($val, $tag_id)); } } } flash("Ok"); if ($arg_return_to) { redirect($arg_return_to); }
function checkUser() { global $kga, $conn; $p = $kga['server_prefix']; if (isset($_COOKIE['kimai_usr']) && isset($_COOKIE['kimai_key']) && $_COOKIE['kimai_usr'] != "0" && $_COOKIE['kimai_key'] != "0") { $kimai_usr = addslashes($_COOKIE['kimai_usr']); $kimai_key = addslashes($_COOKIE['kimai_key']); if (get_seq($kimai_usr) != $kimai_key) { kickUser(); } else { if (strncmp($kimai_usr, 'knd_', 4) == 0) { $knd_name = MySQL::SQLValue(substr($kimai_usr, 4)); $query = "SELECT knd_ID FROM {$p}knd WHERE knd_name = {$knd_name} AND NOT knd_trash = '1';"; $conn->Query($query); $row = $conn->RowArray(0, MYSQL_ASSOC); $knd_ID = $row['knd_ID']; if ($knd_ID < 1) { kickUser(); } } else { $query = "SELECT usr_ID,usr_sts,usr_grp FROM {$p}usr WHERE usr_name = '{$kimai_usr}' AND usr_active = '1' AND NOT usr_trash = '1';"; $conn->Query($query); $row = $conn->RowArray(0, MYSQL_ASSOC); $usr_ID = $row['usr_ID']; $usr_sts = $row['usr_sts']; // User Status -> 0=Admin | 1=GroupLeader | 2=User $usr_grp = $row['usr_grp']; $usr_name = $kimai_usr; if ($usr_ID < 1) { kickUser(); } } } } else { kickUser(); } if (isset($knd_ID) && $knd_ID < 1 || isset($usr_ID) && $usr_ID < 1) { kickUser(); } // load configuration and language get_global_config(); if (strncmp($kimai_usr, 'knd_', 4) == 0) { get_customer_config($knd_ID); } else { get_user_config($usr_ID); } // override default language if user has chosen a language in the prefs if ($kga['conf']['lang'] != "") { $kga['language'] = $kga['conf']['lang']; $kga['lang'] = array_replace_recursive($kga['lang'], include WEBROOT . "language/{$kga['language']}.php"); } return isset($kga['usr']) ? $kga['usr'] : null; }
// =================================== // = current database setup correct? = // =================================== checkDBversion("."); // ========================= // = User requested logout = // ========================= if ($_REQUEST['a'] == "logout") { setcookie("kimai_key", "0"); setcookie("kimai_usr", "0"); } // =========================== // = User already logged in? = // =========================== if (isset($_COOKIE['kimai_usr']) && isset($_COOKIE['kimai_key']) && $_COOKIE['kimai_usr'] != '0' && $_COOKIE['kimai_key'] != '0' && !$_REQUEST['a'] == "logout") { if (get_seq($_COOKIE['kimai_usr']) == $_COOKIE['kimai_key']) { header("Location: core/kimai.php"); exit; } } // ============================================== // = Login active? If not redirect to interface = // ============================================== get_global_config(); if (!$kga['conf']['login']) { header("Location: core/kimai.php"); exit; } // ============================================== // = Is the client really a browser?? (or IE ;) = // ==============================================