function apply_patch($f) { global $TPL; static $files; // Should never attempt to apply the same patch twice.. in case // there are function declarations in the .php patches. if ($files[$f]) { return; } $files[$f] = true; $db = new db_alloc(); $file = basename($f); $failed = false; $comments = array(); // This is an important patch that converts money from 120.34 to 12034. // We MUST ensure that the user has a currency set before applying this patch. if ($file == "patch-00188-alla.sql") { if (!config::get_config_item('currency')) { alloc_error("No default currency is set! Login to alloc (ignore any errors, you may need to manually change the url to config/config.php after logging in) go to Setup -> Finance and select a Main Currency. And then click the 'Update Transactions That Have No Currency' button. Then return here and apply this patch (patch-188). IT IS REALLY IMPORTANT THAT YOU FOLLOW THESE INSTRUCTIONS as the storage format for monetary amounts has changed.", true); } } // Try for sql file if (strtolower(substr($file, -4)) == ".sql") { list($sql, $comments) = parse_sql_file($f); foreach ($sql as $query) { if (!$db->query($query)) { #$TPL["message"][] = "<b style=\"color:red\">Error:</b> ".$f."<br>".$db->get_error(); $failed = true; alloc_error("<b style=\"color:red\">Error:</b> " . $f . "<br>" . $db->get_error()); } } if (!$failed) { $TPL["message_good"][] = "Successfully Applied: " . $f; } // Try for php file } else { if (strtolower(substr($file, -4)) == ".php") { $str = execute_php_file("../patches/" . $file); if ($str && !defined("FORCE_PATCH_SUCCEED_" . $file)) { #$TPL["message"][] = "<b style=\"color:red\">Error:</b> ".$f."<br>".$str; $failed = true; ob_end_clean(); alloc_error("<b style=\"color:red\">Error:</b> " . $f . "<br>" . $str); } else { $TPL["message_good"][] = "Successfully Applied: " . $f; } } } if (!$failed) { $q = prepare("INSERT INTO patchLog (patchName, patchDesc, patchDate) \n VALUES ('%s','%s','%s')", $file, implode(" ", $comments), date("Y-m-d H:i:s")); $db->query($q); } }
public static function get_config_item_id($name = '') { $db = new db_alloc(); $db->query(prepare("SELECT configID FROM config WHERE name = '%s'", $name)); $db->next_record(); return $db->f('configID'); }
function show_expenseFormList($template_name) { global $db; global $TPL; global $transactionRepeat; $current_user =& singleton("current_user"); $db = new db_alloc(); $transactionRepeat = new transactionRepeat(); if (!$_GET["tfID"] && !$current_user->have_role("admin")) { $tfIDs = $current_user->get_tfIDs(); $tfIDs and $sql = prepare("WHERE tfID in (%s)", $tfIDs); } else { if ($_GET["tfID"]) { $sql = prepare("WHERE tfID = %d", $_GET["tfID"]); } } $db->query("select * FROM transactionRepeat " . $sql); while ($db->next_record()) { $i++; $transactionRepeat->read_db_record($db); $transactionRepeat->set_values(); $TPL["tfName"] = tf::get_name($transactionRepeat->get_value("tfID")); $TPL["fromTfName"] = tf::get_name($transactionRepeat->get_value("fromTfID")); include_template($template_name); } $TPL["tfID"] = $tfID; }
public static function get_list($_FORM) { /* * * Get a list of task history items with sophisticated filtering and somewhat sophisticated output * * (n.b., the output from this generally needs to be post-processed to handle the semantic meaning of changes in various fields) * */ $filter = audit::get_list_filter($_FORM); if (is_array($filter) && count($filter)) { $where_clause = " WHERE " . implode(" AND ", $filter); } if ($_FORM["projectID"]) { $entity = new project(); $entity->set_id($_FORM["projectID"]); $entity->select(); } else { if ($_FORM["taskID"]) { $entity = new task(); $entity->set_id($_FORM["taskID"]); $entity->select(); } } $q = "SELECT *\n FROM audit\n {$where_clause}\n ORDER BY dateChanged"; $db = new db_alloc(); $db->query($q); $items = array(); while ($row = $db->next_record()) { $audit = new audit(); $audit->read_db_record($db); $rows[] = $row; } return $rows; }
function get_rate($projectID, $personID) { // Try to get the person's rate from the following sources: // project.defaultTimeSheetRate // person.defaultTimeSheetRate // config.name == defaultTimeSheetRate // First check the project for a rate $project = new project($projectID); $row = array('rate' => $project->get_value("defaultTimeSheetRate"), 'unit' => $project->get_value("defaultTimeSheetRateUnitID")); if (imp($row['rate']) && $row['unit']) { return $row; } // Next check person, which is in global currency rather than project currency - conversion required $db = new db_alloc(); $q = prepare("SELECT defaultTimeSheetRate as rate, defaultTimeSheetRateUnitID as unit FROM person WHERE personID = %d", $personID); $db->query($q); $row = $db->row(); if (imp($row['rate']) && $row['unit']) { if ($project->get_value("currencyTypeID") != config::get_config_item("currency")) { $row['rate'] = exchangeRate::convert(config::get_config_item("currency"), $row["rate"], $project->get_value("currencyTypeID")); } return $row; } // Lowest priority: global $rate = config::get_config_item("defaultTimeSheetRate"); $unit = config::get_config_item("defaultTimeSheetUnit"); if (imp($rate) && $unit) { if (config::get_config_item("currency") && $project->get_value("currencyTypeID")) { $rate = exchangeRate::convert(config::get_config_item("currency"), $rate, $project->get_value("currencyTypeID")); } return array('rate' => $rate, 'unit' => $unit); } }
function show_timeSheetItems($template_name) { global $date_to_view; $current_user =& singleton("current_user"); global $TPL; $query = prepare("SELECT * \n FROM timeSheetItem \n LEFT JOIN timeSheet ON timeSheetItem.timeSheetID = timeSheet.timeSheetID\n LEFT JOIN project ON timeSheet.projectID = project.projectID\n WHERE dateTimeSheetItem='%s'\n AND timeSheet.personID=%d", date("Y-m-d", $date_to_view), $current_user->get_id()); $db = new db_alloc(); $db->query($query); while ($db->next_record()) { $timeSheetItem = new timeSheetItem(); $timeSheetItem->read_db_record($db); $timeSheetItem->set_values(); if ($timeSheetItem->get_value("unit") == "Hour") { $TPL["daily_hours_total"] += $timeSheetItem->get_value("timeSheetItemDuration"); } $project = new project(); $project->read_db_record($db); $project->set_values(); if ($project->get_value("projectShortName")) { $TPL["item_description"] = $project->get_value("projectShortName"); } else { $TPL["item_description"] = $project->get_value("projectName"); } include_template($template_name); } }
function show_overdue($template_name) { global $db; global $TPL; $current_user =& singleton("current_user"); $db = new db_alloc(); $temp = mktime(0, 0, 0, date("m"), date("d"), date("Y")); $today = date("Y", $temp) . "-" . date("m", $temp) . "-" . date("d", $temp); $q = prepare("SELECT itemName,itemType,item.itemID,dateBorrowed,dateToBeReturned,loan.personID \n FROM loan,item \n WHERE dateToBeReturned < '%s' \n\t\t\t\t\t AND dateReturned = '0000-00-00' \n\t\t\t\t\t AND item.itemID = loan.itemID\n ", $today); if (!have_entity_perm("loan", PERM_READ, $current_user, false)) { $q .= prepare("AND loan.personID = %d", $current_user->get_id()); } $db->query($q); while ($db->next_record()) { $i++; $item = new item(); $loan = new loan(); $item->read_db_record($db); $loan->read_db_record($db); $item->set_values(); $loan->set_values(); $person = new person(); $person->set_id($loan->get_value("personID")); $person->select(); $TPL["person"] = $person->get_name(); $TPL["overdue"] = "<a href=\"" . $TPL["url_alloc_item"] . "itemID=" . $item->get_id() . "&return=true\">Overdue!</a>"; include_template($template_name); } }
function seconds_to_display_time_unit($seconds) { $q = "SELECT * FROM timeUnit"; $db = new db_alloc(); $db->query($q); while ($db->next_record()) { //blag someother time } }
function get_applied_patches() { $rows = array(); $db = new db_alloc(); $db->query("SELECT patchName FROM patchLog ORDER BY patchDate DESC,patchName DESC"); while ($row = $db->row()) { $rows[] = $row["patchName"]; } return $rows; }
public static function get_er($from, $to, $date = "") { static $cache; if (imp($cache[$from][$to][$date])) { return $cache[$from][$to][$date]; } $db = new db_alloc(); if ($date) { $q = prepare("SELECT *\n FROM exchangeRate \n WHERE exchangeRateCreatedDate = '%s'\n AND fromCurrency = '%s'\n AND toCurrency = '%s'\n ", $date, $from, $to); $db->query($q); $row = $db->row(); } if (!$row) { $q = prepare("SELECT *\n FROM exchangeRate \n WHERE fromCurrency = '%s'\n AND toCurrency = '%s'\n ORDER BY exchangeRateCreatedTime DESC\n LIMIT 1\n ", $from, $to); $db->query($q); $row = $db->row(); } $cache[$from][$to][$date] = $row["exchangeRate"]; return $row["exchangeRate"]; }
function set_values($prefix) { global $TPL; $db = new db_alloc(); $db->query("SELECT * FROM invoiceRepeatDate WHERE invoiceRepeatID = %d", $this->get_id()); while ($row = $db->row()) { $rows[] = $row["invoiceDate"]; } $TPL[$prefix . "frequency"] = implode(" ", (array) $rows); return parent::set_values($prefix); }
function get_roles_array($level = "person") { $rows = array(); $db = new db_alloc(); $q = prepare("SELECT * FROM role WHERE roleLevel = '%s' ORDER BY roleSequence", $level); $db->query($q); while ($row = $db->row()) { $rows[$row["roleHandle"]] = $row["roleName"]; } return $rows; }
function get_parent_taskIDs($taskID) { $q = prepare("SELECT taskID,taskName,parentTaskID \n FROM task \n WHERE taskID = %d \n AND (taskID != parentTaskID OR parentTaskID IS NULL)", $taskID); $db = new db_alloc(); $db->query($q); while ($db->next_record()) { $rtn[$db->f("taskName")] = $db->f("taskID"); $arr = get_parent_taskIDs($db->f("parentTaskID")); if (is_array($arr)) { $rtn = array_merge($rtn, $arr); } } return $rtn; }
function show_items($template_name) { global $TPL; global $db; global $db2; $current_user =& singleton("current_user"); $today = date("Y") . "-" . date("m") . "-" . date("d"); $dbUsername = new db_alloc(); $db = new db_alloc(); $db2 = new db_alloc(); $db->query("select * from item order by itemName"); while ($db->next_record()) { $i++; $item = new item(); $item->read_db_record($db); $db2->query("select * from loan where itemID=" . $item->get_id() . " and dateReturned='0000-00-00'"); $db2->next_record(); $loan = new loan(); $loan->read_db_record($db2); $item->set_values(); // you need to have this repeated here for the a href bit below. if ($loan->get_value("dateReturned") == "0000-00-00") { if ($loan->have_perm(PERM_READ_WRITE)) { // if item is overdue if ($loan->get_value("dateToBeReturned") < $today) { $ret = "Return Now!"; } else { $ret = "Return"; } $TPL["itemAction"] = "<td><a href=\"" . $TPL["url_alloc_item"] . "itemID=" . $TPL["itemID"] . "&return=true\">{$ret}</a></td>"; } else { // if you don't have permission to borrow or return item. $TPL["itemAction"] = "<td> </td>"; } $TPL["status"] = "Due " . $loan->get_value("dateToBeReturned"); $dbUsername->query("select username from person where personID=" . $loan->get_value("personID")); $dbUsername->next_record(); $TPL["person"] = "from " . $dbUsername->f("username"); } else { // if the item is available $TPL["status"] = "Available"; $TPL["person"] = ""; $TPL["itemAction"] = "<td><a href=\"" . $TPL["url_alloc_item"] . "itemID=" . $TPL["itemID"] . "&borrow=true\">Borrow</a></td>"; $TPL["dueBack"] = ""; } $loan->set_values(); $item->set_values(); include_template($template_name); } }
function show_commentTemplate($template_name) { global $TPL; // Run query and loop through the records $db = new db_alloc(); $query = "SELECT * FROM commentTemplate ORDER BY commentTemplateType, commentTemplateName"; $db->query($query); while ($db->next_record()) { $commentTemplate = new commentTemplate(); $commentTemplate->read_db_record($db); $commentTemplate->set_values(); $TPL["odd_even"] = $TPL["odd_even"] == "even" ? "odd" : "even"; include_template($template_name); } }
function show_tasks() { $current_user =& singleton("current_user"); global $tasks_date; list($ts_open, $ts_pending, $ts_closed) = task::get_task_status_in_set_sql(); $q = prepare("SELECT * \n FROM task \n WHERE (task.taskStatus NOT IN (" . $ts_closed . ") AND task.taskTypeID = 'Message') \n AND (personID = %d) \n ORDER BY priority\n ", $current_user->get_id()); $db = new db_alloc(); $db->query($q); while ($db->next_record()) { $task = new task(); $task->read_db_record($db); echo $br . $task->get_task_image() . $task->get_task_link(array("return" => "html")); $br = "<br>"; } }
function show_reminder_filter($template) { $current_user =& singleton("current_user"); global $TPL; if ($current_user->have_role("admin") || $current_user->have_role("manage")) { $TPL["reminderActiveOptions"] = page::select_options(array("1" => "Active", "0" => "Inactive"), $_REQUEST["filter_reminderActive"]); $db = new db_alloc(); $db->query("SELECT username,personID FROM person WHERE personActive = 1 ORDER BY username"); while ($db->next_record()) { $recipientOptions[$db->f("personID")] = $db->f("username"); } $TPL["recipientOptions"] = page::select_options($recipientOptions, $_REQUEST["filter_recipient"]); include_template($template); } }
function get_buy_cost($id = false) { $id or $id = $this->get_id(); $db = new db_alloc(); $q = prepare("SELECT amount, currencyTypeID, tax\n FROM productCost\n WHERE isPercentage != 1\n AND productID = %d\n AND productCostActive = true\n ", $id); $db->query($q); while ($row = $db->row()) { if ($row["tax"]) { list($amount_minus_tax, $amount_of_tax) = tax($row["amount"]); $row["amount"] = $amount_minus_tax; } $amount += exchangeRate::convert($row["currencyTypeID"], $row["amount"]); } return $amount; }
function show_people($template_name) { global $person_query; global $project; global $TPL; $db = new db_alloc(); $db->query($person_query); while ($db->next_record()) { $person = new person(); $person->read_db_record($db); $person->set_values("person_"); $TPL["graphTitle"] = urlencode($person->get_name()); include_template($template_name); } }
function show_announcements($template_name) { $current_user =& singleton("current_user"); global $TPL; $query = "SELECT *\n FROM announcement \n WHERE displayFromDate <= CURDATE() AND displayToDate >= CURDATE()\n ORDER BY displayFromDate desc"; $db = new db_alloc(); $db->query($query); while ($db->next_record()) { $announcement = new announcement(); $announcement->read_db_record($db); $announcement->set_tpl_values(); $person = $announcement->get_foreign_object("person"); $TPL["personName"] = $person->get_name(); include_template($this->get_template_dir() . $template_name); } }
function save() { // Just ensure multiple 0 entries cannot be saved. if ($this->get_value("commissionPercent") == 0) { $q = prepare("SELECT * FROM projectCommissionPerson WHERE projectID = %d AND commissionPercent = 0 AND projectCommissionPersonID != %d", $this->get_value("projectID"), $this->get_id()); $db = new db_alloc(); $db->query($q); if ($db->next_record()) { $fail = true; alloc_error("Only one Time Sheet Commission is allowed to be set to 0%"); } } if (!$fail) { parent::save(); } }
function show_announcements($template_name) { global $TPL; $people =& get_cached_table("person"); $query = "SELECT announcement.* \n FROM announcement \n ORDER BY displayFromDate DESC"; $db = new db_alloc(); $db->query($query); while ($db->next_record()) { $announcement = new announcement(); $announcement->read_db_record($db); $announcement->set_values(); $TPL["personName"] = $people[$announcement->get_value("personID")]["name"]; $TPL["odd_even"] = $TPL["odd_even"] == "odd" ? "even" : "odd"; include_template($template_name); } }
function get_skills() { global $TPL; global $skill_class; $skills = array("" => "Any Skill"); $query = "SELECT * FROM skill"; if ($skill_class != "") { $query .= prepare(" WHERE skillClass='%s'", $skill_class); } $query .= " ORDER BY skillClass,skillName"; $db = new db_alloc(); $db->query($query); while ($db->next_record()) { $skill = new skill(); $skill->read_db_record($db); $skills[$skill->get_id()] = sprintf("%s - %s", $skill->get_value('skillClass'), $skill->get_value('skillName')); } return $skills; }
function show_permission_list($template_name) { global $TPL; $roles = permission::get_roles(); if ($_REQUEST["submit"] || $_REQUEST["filter"] != "") { $where = " where tableName like '%" . db_esc($_REQUEST["filter"]) . "%' "; // TODO: Add filtering to permission list } $db = new db_alloc(); $db->query("SELECT * FROM permission {$where} ORDER BY tableName, sortKey"); while ($db->next_record()) { $permission = new permission(); $permission->read_db_record($db); $permission->set_values(); $TPL["actions"] = $permission->describe_actions(); $TPL["odd_even"] = $TPL["odd_even"] == "odd" ? "even" : "odd"; $TPL["roleName"] = $roles[$TPL["roleName"]]; include_template($template_name); } }
function show_person_list($template) { global $TPL; global $tf; $db = new db_alloc(); $TPL["person_buttons"] = ' <button type="submit" name="person_delete" value="1" class="delete_button">Delete<i class="icon-trash"></i></button> <button type="submit" name="person_save" value="1" class="save_button">Save<i class="icon-ok-sign"></i></button>'; $tfID = $tf->get_id(); if ($tfID) { $query = prepare("SELECT * from tfPerson WHERE tfID=%d", $tfID); $db->query($query); while ($db->next_record()) { $tfPerson = new tfPerson(); $tfPerson->read_db_record($db); $tfPerson->set_values("person_"); $person = $tfPerson->get_foreign_object("person"); $TPL["person_username"] = $person->get_value("username"); include_template($template); } } }
function show_transaction_list($template) { global $TPL; global $tflist; global $transactionGroupID; $q = prepare("SELECT *, amount * pow(10,-currencyType.numberToBasic) as amount\n FROM transaction\n LEFT JOIN currencyType on transaction.currencyTypeID = currencyType.currencyTypeID\n WHERE transactionGroupID = %d\n ORDER BY transactionID\n ", $transactionGroupID); $db = new db_alloc(); $db->query($q); while ($row = $db->row()) { $transaction = new transaction(); $transaction->read_array($row); $transaction->set_values(); $tflist = add_inactive_tf($transaction->get_value("tfID"), $tflist); $tflist = add_inactive_tf($transaction->get_value("fromTfID"), $tflist); $TPL["display"] = ""; $TPL["tfList_dropdown"] = page::select_options($tflist, $transaction->get_value("tfID"), 500); $TPL["fromTfList_dropdown"] = page::select_options($tflist, $transaction->get_value("fromTfID"), 500); $TPL["transactionType_dropdown"] = page::select_options(transaction::get_transactionTypes(), $transaction->get_value("transactionType")); $TPL["status_dropdown"] = page::select_options(transaction::get_transactionStatii(), $transaction->get_value("status")); $TPL["link"] = $transaction->get_link("transactionID"); include_template($template); } }
function show_productCost_list($productID, $template, $percent = false) { global $TPL; unset($TPL["display"], $TPL["taxOptions"]); // otherwise the commissions don't display. if ($productID) { $t = new meta("currencyType"); $currency_array = $t->get_assoc_array("currencyTypeID", "currencyTypeID"); $db = new db_alloc(); $query = prepare("SELECT * \n FROM productCost \n WHERE productID = %d \n AND isPercentage = %d\n AND productCostActive = true\n ORDER BY productCostID", $productID, $percent); $db->query($query); while ($db->next_record()) { $productCost = new productCost(); $productCost->read_db_record($db); $productCost->set_tpl_values(); $TPL["currencyOptions"] = page::select_options($currency_array, $productCost->get_value("currencyTypeID")); $TPL["taxOptions"] = page::select_options(array("" => "Exempt", 1 => "Included", 0 => "Excluded"), $productCost->get_value("tax")); // Hardcoded AUD because productCost table uses percent and dollars in same field $percent and $TPL["amount"] = page::money("AUD", $productCost->get_value("amount"), "%mo"); include_template($template); } } }
function show_productSale_list($productSaleID, $template) { global $TPL; global $productSaleItemsDoExist; $productSale = new productSale(); $productSale->set_id($productSaleID); $productSale->select(); $productSale->set_tpl_values(); $taxName = config::get_config_item("taxName"); $product = new product(); $ops = $product->get_assoc_array("productID", "productName"); $query = prepare("SELECT *\n FROM productSaleItem \n WHERE productSaleID = %d", $productSaleID); $db = new db_alloc(); $db->query($query); while ($db->next_record()) { $productSaleItemsDoExist = true; $productSaleItem = new productSaleItem(); $productSaleItem->read_db_record($db); $productSaleItem->set_tpl_values(); $TPL["itemSellPrice"] = $productSaleItem->get_value("sellPrice"); $TPL["itemMargin"] = $productSaleItem->get_amount_margin(); $TPL["itemSpent"] = $productSaleItem->get_amount_spent(); $TPL["itemEarnt"] = $productSaleItem->get_amount_earnt(); $TPL["itemOther"] = $productSaleItem->get_amount_other(); $TPL["itemCosts"] = page::money(config::get_config_item("currency"), product::get_buy_cost($productSaleItem->get_value("productID")) * $productSaleItem->get_value("quantity"), "%s%mo %c"); $TPL["itemTotalUnallocated"] = $productSaleItem->get_amount_unallocated(); $TPL["productList_dropdown"] = page::select_options($ops, $productSaleItem->get_value("productID")); $TPL["productLink"] = "<a href=\"" . $TPL["url_alloc_product"] . "productID=" . $productSaleItem->get_value("productID") . "\">" . page::htmlentities($ops[$productSaleItem->get_value("productID")]) . "</a>"; $TPL["transactions"] = $productSale->get_transactions($productSaleItem->get_id()); if ($taxName) { $TPL["sellPriceTax_check"] = sprintf(" <input type='checkbox' name='sellPriceIncTax[]' value='%d'%s> inc %s", $productSaleItem->get_id(), $productSaleItem->get_value("sellPriceIncTax") ? ' checked' : '', $taxName); $TPL["sellPriceTax_label"] = $productSaleItem->get_value("sellPriceIncTax") ? " inc " . $taxName : " ex " . $taxName; } include_template($template); } }
$db->query($q); // Update currencyType table too $q = prepare("UPDATE currencyType SET currencyTypeSeq = 1, currencyTypeActive = true WHERE currencyTypeID = '%s'", $_POST["currency"]); $db->query($q); $_POST["save"] = true; } if ($_POST["fetch_exchange_rates"]) { $rtn = exchangeRate::download(); $rtn and $TPL["message_good"] = $rtn; } if ($_POST["save"]) { if ($_POST["hoursInDay"]) { $db = new db_alloc(); $day = $_POST["hoursInDay"] * 60 * 60; $q = prepare("UPDATE timeUnit SET timeUnitSeconds = '%d' WHERE timeUnitName = 'day'", $day); $db->query($q); $q = prepare("UPDATE timeUnit SET timeUnitSeconds = '%d' WHERE timeUnitName = 'week'", $day * 5); $db->query($q); $q = prepare("UPDATE timeUnit SET timeUnitSeconds = '%d' WHERE timeUnitName = 'month'", $day * 5 * 4); $db->query($q); } // remove bracketed [Alex Lance <]alla@cyber.com.au[>] bits, leaving just alla@cyber.com.au if ($_POST["AllocFromEmailAddress"]) { $_POST["AllocFromEmailAddress"] = preg_replace("/^.*</", "", $_POST["AllocFromEmailAddress"]); $_POST["AllocFromEmailAddress"] = str_replace(">", "", $_POST["AllocFromEmailAddress"]); } // Save the companyLogo and a smaller version too. if ($_FILES["companyLogo"] && !$_FILES["companyLogo"]["error"]) { $img = image_create_from_file($_FILES["companyLogo"]["tmp_name"]); if ($img) { imagejpeg($img, ALLOC_LOGO, 100);
$_POST["tfID"] or alloc_error("Please select a Destination TF"); $_POST["companyDetails"] or alloc_error("Please provide Company Details"); $_POST["transactionType"] or alloc_error("Please select a Transaction Type"); $_POST["transactionStartDate"] or alloc_error("You must enter the Start date in the format yyyy-mm-dd"); $_POST["transactionFinishDate"] or alloc_error("You must enter the Finish date in the format yyyy-mm-dd"); if (!$TPL["message"]) { !$transactionRepeat->get_value("status") && $transactionRepeat->set_value("status", "pending"); $transactionRepeat->set_value("companyDetails", rtrim($transactionRepeat->get_value("companyDetails"))); $transactionRepeat->save(); alloc_redirect($TPL["url_alloc_transactionRepeat"] . "transactionRepeatID=" . $transactionRepeat->get_id()); } $transactionRepeat->set_values(); } $TPL["reimbursementRequired_checked"] = $transactionRepeat->get_value("reimbursementRequired") ? " checked" : ""; if ($transactionRepeat->get_value("transactionRepeatModifiedUser")) { $db->query("select username from person where personID=%d", $transactionRepeat->get_value("transactionRepeatModifiedUser")); $db->next_record(); $TPL["user"] = $db->f("username"); } if (have_entity_perm("tf", PERM_READ, $current_user, false)) { // Person can access all TF records $q = prepare("SELECT tfID AS value, tfName AS label \n FROM tf \n WHERE tfActive = 1 \n OR tf.tfID = %d \n OR tf.tfID = %d \n ORDER BY tfName", $transactionRepeat->get_value("tfID"), $transactionRepeat->get_value("fromTfID")); } else { if (have_entity_perm("tf", PERM_READ, $current_user, true)) { // Person can only read TF records that they own $q = prepare("SELECT tf.tfID AS value, tf.tfName AS label\n FROM tf, tfPerson \n WHERE tfPerson.personID=%d \n AND tf.tfID=tfPerson.tfID \n AND (tf.tfActive = 1 OR tf.tfID = %d OR tf.tfID = %d)\n ORDER BY tfName", $current_user->get_id(), $transactionRepeat->get_value("tfID"), $transactionRepeat->get_value("fromTfID")); } else { alloc_error("No permissions to generate TF list"); } } //special case for disabled TF. Include it in the list, but also add a warning message.