c276d719cd
Added a simple CSRF protection
46 lines
2.2 KiB
HTML
Executable File
46 lines
2.2 KiB
HTML
Executable File
{include="header"}
|
|
|
|
<h2>Add a bill</h2>
|
|
|
|
<form method="post" action="index.php?do=new_invoice" id="invoice_form">
|
|
<p>
|
|
<label for="what">What ? </label>
|
|
</p>
|
|
<textarea name="what" id="what" rows="10">{$what_post}</textarea>
|
|
<p>
|
|
<label for="amount">Amount : </label>
|
|
<input type="text" name="amount" id="amount" {if condition="$amount_post != 0"} value="{$amount_post}" {/if} size="5"/> {$currency}
|
|
</p>
|
|
<p>
|
|
<label for="date_day">Date : </label>
|
|
<select name="date_day" id="date_day">
|
|
{loop="days"}
|
|
<option value="{$value}" {if condition="$value == $day_post"}selected{/if}>{$value}</option>
|
|
{/loop}
|
|
</select> /
|
|
<select name="date_month" id="date_month" onchange="set_days_month_year();">
|
|
{loop="months"}
|
|
<option value="{$value}" {if condition="$value == $month_post"}selected{/if}>{$value}</option>
|
|
{/loop}
|
|
</select> /
|
|
<select name="date_year" id="date_year" onchange="set_days_month_year();">
|
|
{loop="years"}
|
|
<option value="{$value}" {if condition="$value == $year_post"}selected{/if}>{$value}</option>
|
|
{/loop}
|
|
</select>
|
|
</p>
|
|
<p>
|
|
Users in ?
|
|
{loop="users"}
|
|
<br/><input type="checkbox" name="users_in[]" value="{$value->getId()}" id="users_in_{$value->getId()}" {if condition="$current_user->getId() == $value->getId() || in_array($value->getId(), $users_in)"} checked {/if}/> <label for="users_in_{$value->getId()}">{$value->getDisplayName()}</label> and <input type="text" name="guest_user_{$value->getId()}" id="guest_user_{$value->getId()}" size="1" {if condition="in_array($value->getId(), $users_in)"} value="{$guests[$value->getId()]}" {else} value="0" {/if} onkeyup="guest_user_label({$value->getId()});"/><label for="guest_user_{$value->getId()}" id="guest_user_{$value->getId()}_label"> guest</label>.
|
|
{/loop}
|
|
</p>
|
|
<p>
|
|
<input type="submit" value="Add"/>
|
|
{if condition="$id != 0"}<input type="hidden" name="id" value="{$id}"/>{/if}
|
|
<input type="hidden" name="token" value="{$token"}/>
|
|
</p>
|
|
</form>
|
|
|
|
{include="footer"}
|