function add_timespan() { if (!can_manage_time(logged_user(), true)) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } $object_id = get_id('object_id'); $object_manager = array_var($_GET, 'object_manager'); if (!is_valid_function_name($object_manager)) { flash_error(lang('invalid request')); ajx_current("empty"); return; } // if $object = get_object_by_manager_and_id($object_id, $object_manager); if (!$object instanceof ProjectDataObject || !$object->canAddTimeslot(logged_user())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } // if $timeslot_data = array_var($_POST, 'timeslot'); $hours = array_var($timeslot_data, 'time'); if (strpos($hours, ',') && !strpos($hours, '.')) { $hours = str_replace(',', '.', $hours); } $timeslot = new Timeslot(); $dt = DateTimeValueLib::now(); $dt2 = DateTimeValueLib::now(); $timeslot->setEndTime($dt); $dt2 = $dt2->add('h', -$hours); $timeslot->setStartTime($dt2); $timeslot->setDescription(array_var($timeslot_data, 'description')); $timeslot->setUserId(logged_user()->getId()); $timeslot->setObjectManager($object_manager); $timeslot->setObjectId($object_id); /* Billing */ $billing_category_id = logged_user()->getDefaultBillingId(); $project = $object->getProject(); $timeslot->setBillingId($billing_category_id); $hourly_billing = $project->getBillingAmount($billing_category_id); $timeslot->setHourlyBilling($hourly_billing); $timeslot->setFixedBilling($hourly_billing * $hours); $timeslot->setIsFixedBilling(false); try { DB::beginWork(); $timeslot->save(); ApplicationLogs::createLog($timeslot, $timeslot->getWorkspaces(), ApplicationLogs::ACTION_OPEN); DB::commit(); flash_success(lang('success create timeslot')); ajx_current("reload"); } catch (Exception $e) { DB::rollback(); ajx_current("empty"); flash_error($e->getMessage()); } // try }
/** * Construct request object * * @param string $matched_route * @param array $url_params * @return Request */ function __construct($matched_route, $url_params) { $this->matched_route = $matched_route; $this->url_params = $url_params; $reserved = array('module', 'controller', 'action'); // reserved variable name $_GET = array(); if (is_foreachable($url_params)) { foreach ($url_params as $k => $v) { if (in_array($k, $reserved)) { if (!is_valid_function_name($v)) { return new InvalidParamError($k, $v, "'{$v}' is not a valid {$k} name", true); } // if } else { $_GET[$k] = $v; } // if } // foreach } // if }
/** * This function will return ID from array variables. Default settings will get 'id' * variable from $_GET. If ID is not found function will return NULL * * @param string $var_name Variable name. Default is 'id' * @param array $from Extract ID from this array. If NULL $_GET will be used * @param mixed $default Default value is returned in case of any error * @return integer */ function get_id($var_name = 'id', $from = null, $default = null) { $var_name = trim($var_name); if ($var_name == '') { return $default; } // empty varname? if (is_null($from)) { $from = $_GET; } if (!is_array($from)) { return $default; } // $from is array? if (!is_valid_function_name($var_name)) { return $default; } // $var_name is valid? $value = array_var($from, $var_name, $default); return is_numeric($value) ? (int) $value : $default; }
/** * Add comment * * Through this controller only logged users can post (no anonymous comments here) * * @param void * @return null */ function add() { $this->setTemplate('add_comment'); $object_id = get_id('object_id'); $object_manager = array_var($_GET, 'object_manager'); if (!is_valid_function_name($object_manager)) { flash_error(lang('invalid request')); $this->redirectToUrl(active_project()->getOverviewUrl()); } // if $object = get_object_by_manager_and_id($object_id, $object_manager); if (!$object instanceof ProjectDataObject || !$object->canComment(logged_user())) { flash_error(lang('no access permissions')); $this->redirectToUrl(active_project()->getOverviewUrl()); } // if $comment = new Comment(); $comment_data = array_var($_POST, 'comment'); tpl_assign('comment_form_object', $object); tpl_assign('comment', $comment); tpl_assign('comment_data', $comment_data); if (is_array($comment_data)) { try { try { $attached_files = ProjectFiles::handleHelperUploads(active_project()); } catch (Exception $e) { $attached_files = null; } // try $comment->setFromAttributes($comment_data); $comment->setRelObjectId($object_id); $comment->setRelObjectManager($object_manager); if (!logged_user()->isMemberOfOwnerCompany()) { $comment->setIsPrivate(false); } // if if ($object instanceof ProjectMessage || $object instanceof ProjectFile) { if ($object->getIsPrivate()) { $comment->setIsPrivate(true); } // if } // if DB::beginWork(); $comment->save(); if (is_array($attached_files)) { foreach ($attached_files as $attached_file) { $comment->attachFile($attached_file); } // foreach } // if ApplicationLogs::createLog($comment, active_project(), ApplicationLogs::ACTION_ADD); // Subscribe user to message (if $object is message) if ($object instanceof ProjectMessage) { if (!$object->isSubscriber(logged_user())) { $object->subscribeUser(logged_user()); } // if } // if DB::commit(); flash_success(lang('success add comment')); $redirect_to = $comment->getViewUrl(); if (!is_valid_url($redirect_to)) { $redirect_to = $object->getViewUrl(); } // if $this->redirectToUrl($redirect_to); } catch (Exception $e) { DB::rollback(); tpl_assign('error', $e); } // try } // if }
/** * This function will return object by the manager class and object ID * * @param integer $object_id * @param string $manager_class * @return ApplicationDataObject */ function get_object_by_manager_and_id($object_id, $manager_class) { trace(__FILE__, "get_object_by_manager_and_id($object_id, $manager_class)"); $object_id = (integer) $object_id; $manager_class = trim($manager_class); if (!is_valid_function_name($manager_class) || !class_exists($manager_class, true)) { throw new Error("Class '$manager_class' does not exist"); } // if $code = "return $manager_class::findById($object_id);"; $object = eval($code); return $object instanceof DataObject ? $object : null; } // get_object_by_manager_and_id
/** * This function will return object by the manager class and object ID * * @param integer $object_id * @param string $manager_class * @return ApplicationDataObject */ function get_object_by_manager_and_id($object_id, $manager_class) { trace(__FILE__, "get_object_by_manager_and_id({$object_id}, {$manager_class})"); $object_id = (int) $object_id; $manager_class = trim($manager_class); if (!is_valid_function_name($manager_class) || !class_exists($manager_class, true)) { throw new Error("Class '{$manager_class}' does not exist"); } // if $code = "return {$manager_class}::findById({$object_id});"; try { $object = eval($code); } catch (Exception $e) { $object = null; } return $object instanceof DataObject ? $object : null; }
/** * Return matched request action * * @access public * @param void * @return string */ function request_action() { $action = trim(array_var($_GET, 'a', DEFAULT_ACTION)); return $action && is_valid_function_name($action) ? $action : DEFAULT_ACTION; } // request_action
/** * Add comment * * Through this controller only logged users can post (no anonymous comments here) * * @param void * @return null */ function add() { $this->setTemplate('add_comment'); $object_id = get_id('object_id'); $object_manager = array_var($_GET, 'object_manager'); if (!is_valid_function_name($object_manager)) { flash_error(lang('invalid request')); $this->redirectToUrl(active_project()->getOverviewUrl()); } // if $object = get_object_by_manager_and_id($object_id, $object_manager); if (!$object instanceof ProjectDataObject || !$object->canComment(logged_user())) { flash_error(lang('no access permissions')); $this->redirectToUrl(active_project()->getOverviewUrl()); } // if $comment = new Comment(); $comment_data = array_var($_POST, 'comment'); if (!is_array($comment_data)) { $comment_data = array('text' => '', 'is_private' => config_option('default_private', false)); // array } // if tpl_assign('comment_form_object', $object); tpl_assign('comment', $comment); tpl_assign('comment_data', $comment_data); if (is_array($comment_data)) { try { try { $attached_files = ProjectFiles::handleHelperUploads(active_project()); } catch (Exception $e) { $attached_files = null; } // try $comment->setFromAttributes($comment_data); $comment->setRelObjectId($object_id); $comment->setRelObjectManager($object_manager); if (!logged_user()->isMemberOfOwnerCompany()) { $comment->setIsPrivate(false); } // if if ($object instanceof ProjectMessage || $object instanceof ProjectFile) { if ($object->getIsPrivate()) { $comment->setIsPrivate(true); } // if } // if DB::beginWork(); $comment->save(); if (is_array($attached_files)) { foreach ($attached_files as $attached_file) { $comment->attachFile($attached_file); } // foreach } // if ApplicationLogs::createLog($comment, active_project(), ApplicationLogs::ACTION_ADD); // Subscribe user to object (if $object is subscribible) if ($object->isSubscribable()) { if (!$object->isSubscriber(logged_user())) { $object->subscribeUser(logged_user()); } // if } // if DB::commit(); // Try to send notification on comments other than Messages (messages already managed by subscription) if (!$comment->getObject() instanceof ProjectMessage) { // Try to send notifications but don't break submission in case of an error // define all the users to be notified - here all project users, from all companies. // Restrictions if comment is private is taken into account in newOtherComment() try { $notify_people = array(); $project_companies = active_project()->getCompanies(); foreach ($project_companies as $project_company) { $company_users = $project_company->getUsersOnProject(active_project()); if (is_array($company_users)) { foreach ($company_users as $company_user) { if (array_var($comment_data, 'notify_company_' . $project_company->getId()) == 'checked' || array_var($comment_data, 'notify_user_' . $company_user->getId())) { $notify_people[] = $company_user; } // if } // if } // if } // if Notifier::newOtherComment($comment, $notify_people); // send notification email... } catch (Exception $e) { Logger::log("Error: Notification failed, " . $e->getMessage(), Logger::ERROR); } // try } // if flash_success(lang('success add comment')); $redirect_to = $comment->getViewUrl(); if (!is_valid_url($redirect_to)) { $redirect_to = $object->getObjectUrl(); } // if $this->redirectToUrl($redirect_to); } catch (Exception $e) { DB::rollback(); tpl_assign('error', $e); } // try } // if }
/** * Add comment * * Through this controller only logged users can post (no anonymous comments here) * * @param void * @return null */ function add() { $this->setTemplate('add_comment'); $object_id = get_id('object_id'); $object_manager = array_var($_GET, 'object_manager'); if (!is_valid_function_name($object_manager)) { flash_error(lang('invalid request')); ajx_current("empty"); return; } // if $object = get_object_by_manager_and_id($object_id, $object_manager); if (!$object instanceof ProjectDataObject || !$object->canComment(logged_user())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } // if $comment = new Comment(); $comment_data = array_var($_POST, 'comment'); tpl_assign('comment_form_object', $object); tpl_assign('comment', $comment); tpl_assign('comment_data', $comment_data); if (is_array($comment_data)) { try { try { $attached_files = ProjectFiles::handleHelperUploads(active_or_personal_project()); } catch (Exception $e) { $attached_files = null; } // try $comment->setFromAttributes($comment_data); $comment->setRelObjectId($object_id); $comment->setRelObjectManager($object_manager); // if(!logged_user()->isMemberOfOwnerCompany()) { $comment->setIsPrivate(false); // } // if DB::beginWork(); $comment->save(); if (is_array($attached_files)) { foreach ($attached_files as $attached_file) { $comment->attachFile($attached_file); } // foreach } // if // Subscribe user to object if (!$object->isSubscriber(logged_user())) { $object->subscribeUser(logged_user()); } // if if (strlen($comment->getText()) < 100) { $comment_head = $comment->getText(); } else { $lastpos = strpos($comment->getText(), " ", 100); if ($lastpos === false) { $comment_head = $comment->getText(); } else { $comment_head = substr($comment->getText(), 0, $lastpos) . "..."; } } $comment_head = html_to_text($comment_head); ApplicationLogs::createLog($object, $object->getWorkspaces(), ApplicationLogs::ACTION_COMMENT, false, null, true, $comment_head); DB::commit(); flash_success(lang('success add comment')); ajx_current("reload"); } catch (Exception $e) { DB::rollback(); ajx_current("empty"); flash_error($e->getMessage()); } // try } // if }