Validate global paybacks

2013-09-24 16:48:42 +02:00 · 2013-09-24 16:48:42 +02:00 · dc8a4fbd95
parent faed9a9a37
commit dc8a4fbd95
4 changed files with 35 additions and 3 deletions
--- a/1
+++ b/1
@ -2,7 +2,6 @@ Issues :
 ========
 * Check CSRF everywhere
 * Close a global payback
-* View see_paybacks in english
 * Sort global paybacks DESC by DATE or id

 Improvements :
--- a/index.php
+++ b/index.php
@ -698,6 +698,39 @@
            $tpl->draw('see_paybacks');
            break;

+        case "confirm_global_paybacks":
+            if(!empty($_GET['from']) && !empty($_GET['to']) && !empty($_GET['payback_id']) && $_GET['from'] != $_GET['to']) {
+                if($_GET['to'] == $current_user->getId() || $current_user->getAdmin()) {
+                    $global_payback = new GlobalPayback();
+                    $global_payback = $global_payback->load(array('id'=>(int) $_GET['payback_id']), true);
+
+                    $users_in = $global_payback->getUsersIn()->get();
+
+                    $users_in[(int) $_GET['from']][(int) $_GET['to']] = 0;
+                    $users_in[(int) $_GET['to']][(int) $_GET['from']] = 0;
+
+                    $global_payback->setUsersIn($users_in);
+
+                    $global_payback->save();
+
+                    // Clear the cache
+                    ($cached_files = glob(raintpl::$cache_dir."*.rtpl.php")) or ($cached_files = array());
+                    array_map("unlink", $cached_files);
+
+                    header('location: index.php');
+                    exit();
+
+                }
+                else {
+                    $tpl->assign('error', $errors['unauthorized']);
+                    $tpl->draw('index');
+                }
+            }
+            else {
+                header('location: index.php?'.$get_redir);
+            }
+            break;
+
        case "manage_paybacks":
            if(empty($_GET['new'])) {
                $global_paybacks = new GlobalPayback();
--- a/tpl/default_en/see_paybacks.html
+++ b/tpl/default_en/see_paybacks.html
@ -32,7 +32,7 @@
                    {else}
                        <td>
                            {if condition="$table[$key1][$key2] != 0"}
-                                <a href="?do=confirm_global_paybacks&amp;from={$key1}&amp;to={$key2}" title="Confirm payback">{$table[$key1][$key2]}</a>
+                                <a href="?do=confirm_global_paybacks&amp;from={$key1}&amp;to={$key2}&amp;payback_id={$global_paybacks->getId()}" title="Confirm payback">{$table[$key1][$key2]}</a>
                            {else}
                                -
                            {/if}
--- a/tpl/default_fr/see_paybacks.html
+++ b/tpl/default_fr/see_paybacks.html
@ -32,7 +32,7 @@
                    {else}
                        <td>
                            {if condition="$table[$key1][$key2] != 0"}
-                                <a href="?do=confirm_global_paybacks&amp;from={$key1}&amp;to={$key2}" title="Confirmer le remboursement">{$table[$key1][$key2]}</a>
+                                <a href="?do=confirm_global_paybacks&amp;from={$key1}&amp;to={$key2}&amp;payback_id={$global_paybacks->getId()}" title="Confirmer le remboursement">{$table[$key1][$key2]}</a>
                            {else}
                                -
                            {/if}