/** * Get Request Handler * * This method is called when a request is a GET * * @return array */ public function executeGet() { $valid = $this->hasRequiredParameters($this->requiredParams); if ($valid instanceof Frapi_Error) { return $valid; } $username = $this->getParam('username'); $password = $this->getParam('password'); // Attempt to login as user, a little bit of a hack as we currently // require the $_POST['login'] var to be set as well as a global AppUI $AppUI = new CAppUI(); $GLOBALS['AppUI'] = $AppUI; $_POST['login'] = '******'; if (!$AppUI->login($username, $password)) { throw new Frapi_Error('INVALID_LOGIN'); } $task = new CTask(); $tasks = $task->getAllowedRecords($AppUI->user_id); $return_tasks = array(); foreach ($tasks as $task_id => $task_name) { $temp_task = new CTask(); $temp_task->loadFull($AppUI, $task_id); unset($temp_task->_query, $temp_task->_error, $temp_task->_tbl_prefix, $temp_task->_tbl, $temp_task->_tbl_key, $temp_task->_tbl_module); $return_tasks[$task_id] = (array) $temp_task; } $this->data['tasks'] = $return_tasks; $this->data['success'] = true; $this->setTemplateFileName('TasksGet'); return $this->toArray(); }
/** * Get Request Handler * * This method is called when a request is a GET * * @return array */ public function executeGet() { $valid = $this->hasRequiredParameters($this->requiredParams); if ($valid instanceof Frapi_Error) { return $valid; } $username = $this->getParam('username'); $password = $this->getParam('password'); $task_id = $this->getParam('task_id', self::TYPE_INT); // Attempt to login as user, a little bit of a hack as we currently // require the $_POST['login'] var to be set as well as a global AppUI $AppUI = new CAppUI(); $GLOBALS['AppUI'] = $AppUI; $_POST['login'] = '******'; if (!$AppUI->login($username, $password)) { throw new Frapi_Error('INVALID_LOGIN'); } $task = new CTask(); $allowed_tasks = $task->getAllowedRecords($AppUI->user_id); // Task ID is the key, so lets get them in to an array so we can // easily check $allowed_tasks = array_keys($allowed_tasks); if (!in_array($task_id, $allowed_tasks)) { throw new Frapi_Error('PERMISSION_ERROR'); } // User has permission so load the project for display $task_departments = $task->getTaskDepartments($AppUI, $task_id); $task_contacts = $task->getTaskContacts($AppUI, $task_id); $task = (array) $task->load($task_id); $task['task_departments'] = array(); foreach ($task_departments as $key => $value) { $task['task_departments'][] = $value['dept_id']; } $task['task_contacts'] = array(); foreach ($task_contacts as $key => $value) { $task['task_contacts'][] = $value['contact_id']; } // Remove the data that is not for display unset($task['_tbl_prefix'], $task['_tbl'], $task['_tbl_key'], $task['_error'], $task['_query'], $task['_tbl_module']); $this->data['task'] = $task; $this->data['success'] = true; $this->setTemplateFileName('Task'); return $this->toArray(); }
$project = new CProject(); $projects = $project->getAllowedRecords($AppUI->user_id, 'projects.project_id,project_name', 'project_name', null, $extra, 'projects'); $q = new DBQuery(); $q->addTable('projects'); $q->addQuery('projects.project_id, company_name'); $q->addJoin('companies', 'co', 'co.company_id = project_company'); $idx_companies = $q->loadHashList(); $q->clear(); foreach ($projects as $prj_id => $prj_name) { $projects[$prj_id] = $idx_companies[$prj_id] . ': ' . $prj_name; } asort($projects); $projects = arrayMerge(array('0' => $AppUI->_('(None)', UI_OUTPUT_RAW)), $projects); $extra = array(); $task = new CTask(); $tasks = $task->getAllowedRecords($AppUI->user_id, 'task_id,task_name', 'task_name', null, $extra); $tasks = arrayMerge(array('0' => $AppUI->_('(None)', UI_OUTPUT_RAW)), $tasks); if (!$project_id) { //$AppUI->redirect('m=projects&pd=1'); // setup the title block $ttl = 'ProjectDesigner'; $titleBlock = new CTitleBlock($ttl, 'projectdesigner.png', $m, $m . '.' . $a); $titleBlock->addCrumb('?m=projects', 'projects list'); $titleBlock->addCell(); if ($canAddProject) { $titleBlock->addCell('<input type="submit" class="button" value="' . $AppUI->_('new project') . '">', '', '<form action="?m=projects&a=addedit" method="post" accept-charset="utf-8">', '</form>'); } $titleBlock->show(); ?> <script language="javascript"> function submitIt() {
public function getAllowedRecords($uid, $fields = '*', $orderby = '', $index = null, $extra = null) { global $AppUI; $oTsk = new CTask(); $aTasks = $oTsk->getAllowedRecords($uid, 'task_id, task_name'); if (count($aTasks)) { $buffer = '(task_log_task IN (' . implode(',', array_keys($aTasks)) . ') OR task_log_task IS NULL OR task_log_task = \'\' OR task_log_task = 0)'; if ($extra['where'] != '') { $extra['where'] = $extra['where'] . ' AND ' . $buffer; } else { $extra['where'] = $buffer; } } else { // There are no allowed tasks, so don't allow task_logs. if ($extra['where'] != '') { $extra['where'] = $extra['where'] . ' AND 1 = 0 '; } else { $extra['where'] = '1 = 0'; } } return parent::getAllowedRecords($uid, $fields, $orderby, $index, $extra); }