diff --git a/.gitignore b/.gitignore index 6e24876..38b4809 100755 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,5 @@ old data/ tmp/ +db_backups/* +!db_backups/README diff --git a/TODO b/TODO index de907f1..96fce1f 100755 --- a/TODO +++ b/TODO @@ -1,5 +1,6 @@ Issues : ======== +* Check CSRF everywhere ? Improvements : ============== diff --git a/inc/GlobalPaybacks.class.php b/inc/GlobalPaybacks.class.php index 00d05aa..011a0cd 100644 --- a/inc/GlobalPaybacks.class.php +++ b/inc/GlobalPaybacks.class.php @@ -39,7 +39,7 @@ // Setters // ======= public function setId($id) { - $this->users_in->setInvoiceId($id); + $this->users_in->setPaybackId($id); $this->id = (int) $id; } diff --git a/inc/UsersInGlobalPayback.class.php b/inc/UsersInGlobalPayback.class.php index 9c35374..f408269 100644 --- a/inc/UsersInGlobalPayback.class.php +++ b/inc/UsersInGlobalPayback.class.php @@ -6,12 +6,12 @@ protected $payback_id = 0, $users_list; //users_list is a 2D array of users_id and amount between them //user1 owes amount to user2 - protected $TABLE_NAME = "Users_in_GlobalPayback"; + protected $TABLE_NAME = "Users_in_GlobalPaybacks"; protected $fields = array( 'global_payback_id'=>'int', 'user1_id'=>'int', 'user2_id'=>'int', - 'amount'=>'float' + 'amount'=>'int' ); public function __construct() { @@ -114,9 +114,9 @@ foreach($this->users_list as $user1=>$temp) { foreach($temp as $user2=>$amount) { - $query->bindParam(':user1_id', intval($user1)); - $query->bindParam(':user2_id', intval($user2)); - $query->bindParam(':amount', floatval($amount)); + $query->bindValue(':user1_id', intval($user1)); + $query->bindValue(':user2_id', intval($user2)); + $query->bindValue(':amount', floatval($amount)); $query->execute(); } } diff --git a/index.php b/index.php index 8f105e7..2d66b9c 100644 --- a/index.php +++ b/index.php @@ -678,8 +678,11 @@ case "manage_paybacks": if(empty($_GET['new'])) { + $global_paybacks = new GlobalPayback(); + $global_paybacks = $global_paybacks->load(); + $tpl->assign('list', true); - $tpl->assign('global_paybacks', array(array("id"=>1, "date"=>"now"))); + $tpl->assign('global_paybacks', $global_paybacks); } else { if(!empty($_POST['users_in'])) { @@ -689,7 +692,7 @@ if(!is_dir('db_backups')) { mkdir('db_backups'); } - system("mysqldump -h ".MYSQL_HOST." -u ".MYSQL_LOGIN." -p ".MYSQL_PASSWORD." ".MYSQL_DB." > db_backup/".date('d-m-Y_H:i')); + system("mysqldump -h ".MYSQL_HOST." -u ".MYSQL_LOGIN." -p ".MYSQL_PASSWORD." ".MYSQL_DB." > db_backups/".date('d-m-Y_H:i')); $users_in = array(); foreach($_POST['users_in'] as $user1_id) { @@ -704,7 +707,7 @@ $users_in[$user1_id][$user2_id] = 0; } else { - $users_in[$user1_id][$user2_id] = -$users_in[$user1_id][$user2_id]; + $users_in[$user1_id][$user2_id] = -$users_in[$user2_id][$user1_id]; $users_in[$user2_id][$user1_id] = 0; } } @@ -763,6 +766,8 @@ } } + var_dump($users_in); + $global_payback->setUsersIn($users_in); $global_payback->setDate(date('i'), date('G'), date('j'), date('n'), date('Y')); $global_payback->save(); @@ -771,7 +776,7 @@ ($cached_files = glob(raintpl::$cache_dir."*.rtpl.php")) or ($cached_files = array()); array_map("unlink", $cached_files); - header('location: index.php?do=edit_users&'.$get_redir); + header('location: index.php?do=manage_paybacks&'.$get_redir); exit(); } diff --git a/install.php b/install.php index 712c76e..365a71d 100644 --- a/install.php +++ b/install.php @@ -39,6 +39,13 @@ //Create table "Paybacks" $db->query('CREATE TABLE IF NOT EXISTS '.$mysql_prefix.'Paybacks (id INT(11) NOT NULL AUTO_INCREMENT PRIMARY KEY, date DATETIME, invoice_id INT(11), KEY invoice_id (invoice_id), amount INT(11), from_user INT(11), to_user INT(11)) DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci'); + + // Create table "GlobalPaybacks" + $db->query('CREATE TABLE IF NOT EXISTS '.$mysql_prefix.'GlobalPaybacks (id INT(11) NOT NULL AUTO_INCREMENT PRIMARY KEY, date DATETIME) DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci'); + + // Create table "Users_in_GlobalPaybacks" + $db->query('CREATE TABLE IF NOT EXISTS '.$mysql_prefix.'Users_in_GlobalPaybacks (global_payback_id INT(11) NOT NULL, KEY global_payback_id (global_payback_id), user1_id INT(11), user2_id INT(11), amount INT(11)) DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci'); + } catch (PDOException $e) { $error = 'Unable to connect to database and create database, check your credentials and config.
Error message : '.$e->getMessage().'.'; } diff --git a/tpl/default_en/manage_paybacks.html b/tpl/default_en/manage_paybacks.html index c57ad74..bd8360a 100644 --- a/tpl/default_en/manage_paybacks.html +++ b/tpl/default_en/manage_paybacks.html @@ -4,12 +4,12 @@

Manage global paybacks

Add a new global payback

- {if condition="count($global_paybacks) > 0"} + {if condition="$global_paybacks !== FALSE"}

List of previous global paybacks :

{loop="$global_paybacks"} -
{$value['date']}
-
Payback n°{$value['id']}
+
{$value->getDate()}
+
Payback n°{$value->getId()}
{/loop}
{/if} diff --git a/tpl/default_fr/manage_paybacks.html b/tpl/default_fr/manage_paybacks.html index 7b1a096..d194180 100644 --- a/tpl/default_fr/manage_paybacks.html +++ b/tpl/default_fr/manage_paybacks.html @@ -4,12 +4,12 @@

Gérer les remboursements globaux

Ajouter un remboursement global

- {if condition="count($global_paybacks) > 0"} + {if condition="$global_paybacks !== FALSE"}

Liste des remboursements globaux précédents :

{loop="$global_paybacks"} -
{$value['date']}
-
Remboursement n°{$value['id']}
+
{$value->getDate()}
+
Remboursement n°{$value->getId()}
{/loop}
{/if}