projects / web.mtrack / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
php8
[web.mtrack] / MTrackWeb / Watch.php
diff --git a/MTrackWeb/Watch.php b/MTrackWeb/Watch.php
index d7e7aa3..329e627 100644 (file)
--- a/MTrackWeb/Watch.php
+++ b/MTrackWeb/Watch.php
@@ -29,6 +29,7 @@ class MTrackWeb_Watch extends MTrackWeb
         // watcher list
         // who is currently watching
         if (!$this->authUser) {
+            $this->jerr("not authenticated");
             return ''; // no subscriptin data available to public..
         }
         
@@ -38,9 +39,20 @@ class MTrackWeb_Watch extends MTrackWeb
         
         $this->objname = preg_replace('/[^a-z_]+/i', '', $this->objname );
         $obj = DB_DataObject::factory($this->objname );
-        if (!$obj->get($this->objid) || $obj->project_id != $this->currentProject()) {
+        
+        // if it's a project watch.. do not do this..
+        if (!$obj->get($this->objid)) {
             $this->jerr("invalid object");
         }
+        if ($this->objname == 'Projects') {
+            if ($this->objid != $this->currentProject()) {
+                $this->jerr("invalid project id");
+            }
+        } else {
+            if ($obj->project_id != $this->currentProject()) {
+                $this->jerr("invalid project id on object");
+            }
+        }
         
         
        // DB_DataObject::debugLevel(1);
@@ -61,8 +73,22 @@ class MTrackWeb_Watch extends MTrackWeb
         }
         $this->subscribers = $existing;
         
-        
-        
+        if ($this->objname != 'Projects') {
+            $w = DB_DataObjecT::Factory('core_watch');
+            $w->ontable = 'Projects';
+            $w->onid = $this->currentProject();
+            $w->autoJoin();
+            $existing = $w->fetchAll();
+            
+            $this->selfsubscribe = true;
+            foreach($existing as $w) {
+                if ($this->authUser->id == $w->person_id) {
+                    $this->selfsubscribe = false;
+                }
+            }
+            $this->project_subscribers = $existing;
+
+        }
         //print_r($existing);
         /* 
         require_once 'HTML/Template/Flexy/Element.php';
@@ -84,6 +110,7 @@ class MTrackWeb_Watch extends MTrackWeb
     {
         
         if (!$this->authUser) {
+            $this->jerr("not authenticated");
             return ''; // no subscriptin data available to public..
         }
         
@@ -103,7 +130,7 @@ class MTrackWeb_Watch extends MTrackWeb
                 die("INVALID REQUEST.");
             }
         }
-        $table = preg_replace('/[^a-z_]+/', '', $table);
+        $table = preg_replace('/[^a-z_]+/i', '', $table);
         
         // question ... who do we allow to watch what..
         $o = DB_DataObject::factory($table);
@@ -111,9 +138,15 @@ class MTrackWeb_Watch extends MTrackWeb
             die('invalid table');
         }
         $o->get((int)$id);
-        if (empty($o->project_id) || $o->project_id != $this->currentProject()) {
-            die("invalid - project id does not match");
-            // unless it's a project..
+        if ($table != 'Projects') {
+            if (empty($o->project_id) || $o->project_id != $this->currentProject()) {
+                die("invalid - project id does not match");
+                // unless it's a project..
+            }
+        }  else {
+            if ($id != $this->currentProject()) {
+                die("invalid - project id does not match");
+            }
         }
         
         
Copy of Wez's mtrack