Mistake in index.php

This commit is contained in:
Phyks 2013-09-26 17:21:46 +02:00
parent 4de572bdaf
commit 4d8b63e0c4
2 changed files with 23 additions and 11 deletions

5
TODO
View File

@ -1,3 +1,8 @@
Issues :
========
* Check box on invoice form when modifying guests
* Regenerate token
Improvements : Improvements :
============== ==============
* User groups * User groups

View File

@ -259,7 +259,7 @@
$user_id = $current_user->getId(); $user_id = $current_user->getId();
} }
if(checkToken(600, 'password')) { if(check_token(600, 'password')) {
$user = new User(); $user = new User();
$user = $user->load(array('id'=>$user_id), true); $user = $user->load(array('id'=>$user_id), true);
$user->newJsonToken(); $user->newJsonToken();
@ -277,7 +277,7 @@
case 'delete_user': case 'delete_user':
if($_GET['user_id'] != $current_user->getId()) { if($_GET['user_id'] != $current_user->getId()) {
if(checkToken(600, 'edit_users')) { if(check_token(600, 'edit_users')) {
$user = new User(); $user = new User();
$user->setId($_GET['user_id']); $user->setId($_GET['user_id']);
$user->delete(); $user->delete();
@ -337,7 +337,7 @@
case 'edit_notice': case 'edit_notice':
if(isset($_POST['notice'])) { if(isset($_POST['notice'])) {
if(checkToken(600, 'settings')) { if(check_token(600, 'settings')) {
setNotice($_POST['notice']); setNotice($_POST['notice']);
// Clear the cache // Clear the cache
@ -516,7 +516,7 @@
case 'delete_invoice': case 'delete_invoice':
if(!empty($_GET['id'])) { if(!empty($_GET['id'])) {
if(checkToken(600, 'invoice')) { if(check_token(600, 'invoice')) {
$invoice = new Invoice(); $invoice = new Invoice();
$invoice = $invoice->load(array('id'=>(int) $_GET['id']), true); $invoice = $invoice->load(array('id'=>(int) $_GET['id']), true);
@ -559,7 +559,7 @@
case 'confirm_payback': case 'confirm_payback':
if(!empty($_GET['from']) && !empty($_GET['to']) && !empty($_GET['invoice_id']) && $_GET['from'] != $_GET['to']) { if(!empty($_GET['from']) && !empty($_GET['to']) && !empty($_GET['invoice_id']) && $_GET['from'] != $_GET['to']) {
if($_GET['to'] == $current_user->getId() || $current_user->getAdmin()) { if($_GET['to'] == $current_user->getId() || $current_user->getAdmin()) {
if(checkToken(600, 'invoice')) { if(check_token(600, 'invoice')) {
$invoice = new Invoice(); $invoice = new Invoice();
$invoice = $invoice->load(array('id'=>(int) $_GET['invoice_id']), true); $invoice = $invoice->load(array('id'=>(int) $_GET['invoice_id']), true);
@ -613,7 +613,7 @@
case 'delete_payback': case 'delete_payback':
if(!empty($_GET['from']) && !empty($_GET['to']) && !empty($_GET['invoice_id'])) { if(!empty($_GET['from']) && !empty($_GET['to']) && !empty($_GET['invoice_id'])) {
if($_GET['to'] == $current_user->getId() || $current_user->getAdmin()) { if($_GET['to'] == $current_user->getId() || $current_user->getAdmin()) {
if(checkToken(600, 'invoice')) { if(check_token(600, 'invoice')) {
$paybacks = new Payback(); $paybacks = new Payback();
$paybacks = $paybacks->load(array('to_user'=>(int) $_GET['to'], 'from_user'=> (int) $_GET['from'], 'invoice_id'=> (int) $_GET['invoice_id'])); $paybacks = $paybacks->load(array('to_user'=>(int) $_GET['to'], 'from_user'=> (int) $_GET['from'], 'invoice_id'=> (int) $_GET['invoice_id']));
@ -651,7 +651,7 @@
case 'payall': case 'payall':
if(!empty($_GET['from']) && !empty($_GET['to'])) { if(!empty($_GET['from']) && !empty($_GET['to'])) {
if($_GET['to'] == $current_user->getId() || $current_user->getAdmin()) { if($_GET['to'] == $current_user->getId() || $current_user->getAdmin()) {
if(checkToken(600, 'invoice')) { if(check_token(600, 'invoice')) {
// Confirm all paybacks when to is buyer // Confirm all paybacks when to is buyer
$invoices = new Invoice(); $invoices = new Invoice();
$invoices = $invoices->load(array('buyer'=>(int) $_GET['to'])); $invoices = $invoices->load(array('buyer'=>(int) $_GET['to']));
@ -745,7 +745,7 @@
$tpl->assign('list', true); $tpl->assign('list', true);
$tpl->assign('global_paybacks', $global_paybacks); $tpl->assign('global_paybacks', $global_paybacks);
$tpl->assign('payback', generateToken('global_payback')); $tpl->assign('payback', generate_token('global_payback'));
$tpl->draw('see_paybacks'); $tpl->draw('see_paybacks');
break; break;
@ -753,7 +753,7 @@
case "confirm_global_paybacks": case "confirm_global_paybacks":
if(!empty($_GET['from']) && !empty($_GET['to']) && !empty($_GET['payback_id']) && $_GET['from'] != $_GET['to']) { if(!empty($_GET['from']) && !empty($_GET['to']) && !empty($_GET['payback_id']) && $_GET['from'] != $_GET['to']) {
if($_GET['to'] == $current_user->getId() || $current_user->getAdmin()) { if($_GET['to'] == $current_user->getId() || $current_user->getAdmin()) {
if(checkToken(600, 'global_payback')) { if(check_token(600, 'global_payback')) {
$global_payback = new GlobalPayback(); $global_payback = new GlobalPayback();
$global_payback = $global_payback->load(array('id'=>(int) $_GET['payback_id']), true); $global_payback = $global_payback->load(array('id'=>(int) $_GET['payback_id']), true);
@ -814,7 +814,7 @@
} }
else { else {
if(!empty($_POST['users_in'])) { if(!empty($_POST['users_in'])) {
if(checkToken(600, 'global_payback')) { if(check_token(600, 'global_payback')) {
$global_payback = new GlobalPayback(); $global_payback = new GlobalPayback();
// Backup database // Backup database
@ -925,7 +925,7 @@
$tpl->assign('users', $users_list); $tpl->assign('users', $users_list);
} }
$tpl->assign('payback', generateToken('global_payback')); $tpl->assign('payback', generate_token('global_payback'));
$tpl->draw('manage_paybacks'); $tpl->draw('manage_paybacks');
break; break;
@ -953,6 +953,13 @@
} }
if($invoices_list === false) $invoices_list = array(); if($invoices_list === false) $invoices_list = array();
else {
$sort_keys = array();
foreach($invoices_list as $key=>$entry) {
$sort_keys[$key] = $entry->getDate();
}
array_multisort($sort_keys, SORT_DESC, $invoices_list);
}
$paybacks = array(); $paybacks = array();
foreach($invoices_list as $invoice) { foreach($invoices_list as $invoice) {