2 changes: 1 addition & 1 deletion app/models/research.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -358,7 +358,7 @@ def self.get_for(user_id)

SqlHelper.validate_token([user_id])

return Research.where("user_id=#{user_id}").first
return Research.where("user_id=#{user_id.to_i}").first
end

#=== self.get_q_codes
Expand Down
14 changes: 7 additions & 7 deletions app/models/setting.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
#
#Original by:: Sysphonic
#Authors:: MORITA Shintaro
#Copyright:: Copyright (c) 2007-2011 MORITA Shintaro, Sysphonic. All rights reserved.
#Copyright:: Copyright (c) 2007-2015 MORITA Shintaro, Sysphonic. All rights reserved.
#License:: New BSD License (See LICENSE file)
#URL:: {http://sysphonic.com/}[http://sysphonic.com/]
#
Expand Down Expand Up @@ -33,7 +33,7 @@ def self.get_for(user_id, category=nil)
SqlHelper.validate_token([user_id, category])

con = []
con << "(user_id=#{user_id})"
con << "(user_id=#{user_id.to_i})"
con << "(category='#{category}')" unless category.nil?

settings = Setting.where(con.join(' and ')).to_a
Expand Down Expand Up @@ -63,7 +63,7 @@ def self.get_value(user_id, category, key)
SqlHelper.validate_token([user_id, category, key])

con = []
con << "(user_id=#{user_id})"
con << "(user_id=#{user_id.to_i})"
con << "(category='#{category}')"
con << "(xkey='#{key}')"

Expand All @@ -88,7 +88,7 @@ def self.save_value(user_id, category, key, value)
SqlHelper.validate_token([user_id, category, key])

con = []
con << "(user_id=#{user_id})"
con << "(user_id=#{user_id.to_i})"
con << "(category='#{category}')"
con << "(xkey='#{key}')"

Expand Down Expand Up @@ -127,7 +127,7 @@ def self.get_for_group(group_id, category=nil)
SqlHelper.validate_token([group_id, category])

con = []
con << "(group_id=#{group_id})"
con << "(group_id=#{group_id.to_i})"
con << "(category='#{category}')" unless category.nil?

settings = Setting.where(con.join(' and ')).to_a
Expand Down Expand Up @@ -157,7 +157,7 @@ def self.get_group_value(group_id, category, key)
SqlHelper.validate_token([group_id, category, key])

con = []
con << "(group_id=#{group_id})"
con << "(group_id=#{group_id.to_i})"
con << "(category='#{category}')"
con << "(xkey='#{key}')"

Expand All @@ -182,7 +182,7 @@ def self.save_group_value(group_id, category, key, value)
SqlHelper.validate_token([group_id, category, key])

con = []
con << "(group_id=#{group_id})"
con << "(group_id=#{group_id.to_i})"
con << "(category='#{category}')"
con << "(xkey='#{key}')"

Expand Down
4 changes: 2 additions & 2 deletions app/models/team.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -367,7 +367,7 @@ def self.get_team_folder(team_id)

SqlHelper.validate_token([team_id])
begin
return Folder.where("(owner_id=#{team_id}) and (xtype='#{Folder::XTYPE_TEAM}')").first
return Folder.where("(owner_id=#{team_id.to_i}) and (xtype='#{Folder::XTYPE_TEAM}')").first
rescue => evar
Log.add_error(nil, evar)
return nil
Expand Down Expand Up @@ -411,7 +411,7 @@ def remove_application(user_ids)

user_con_a = []
user_ids.each do |user_id|
user_con_a << "(user_id=#{user_id})"
user_con_a << "(user_id=#{user_id.to_i})"
end

con << '(' + user_con_a.join(' or ') + ')'
Expand Down
4 changes: 2 additions & 2 deletions app/models/timecard.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -429,7 +429,7 @@ def self.get_for(user_id, date_s)

SqlHelper.validate_token([user_id, date_s])
begin
con = "(user_id=#{user_id}) and (date='#{date_s}')"
con = "(user_id=#{user_id.to_i}) and (date='#{date_s}')"
return Timecard.where(con).first
rescue
end
Expand All @@ -452,7 +452,7 @@ def self.find_term(user_id, start_date, end_date)
start_s = start_date.strftime(Schedule::SYS_DATE_FORM)
end_s = end_date.strftime(Schedule::SYS_DATE_FORM)

con = "(user_id=#{user_id}) and (date >= '#{start_s}') and (date <= '#{end_s}')"
con = "(user_id=#{user_id.to_i}) and (date >= '#{start_s}') and (date <= '#{end_s}')"
ary = Timecard.where(con).order('date ASC').to_a
timecards_h = Hash.new
unless ary.nil?
Expand Down
2 changes: 1 addition & 1 deletion app/models/toy.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,7 @@ def self.on_desktop?(user, xtype, target_id)

SqlHelper.validate_token([xtype, target_id])

con = "(user_id=#{user.id}) and (xtype='#{xtype}') and (target_id=#{target_id})"
con = "(user_id=#{user.id}) and (xtype='#{xtype}') and (target_id=#{target_id.to_i})"

begin
toy = Toy.where(con).first
Expand Down
4 changes: 2 additions & 2 deletions app/models/user.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -780,7 +780,7 @@ def get_my_folder
def self.get_my_folder(user_id)

SqlHelper.validate_token([user_id])
return Folder.where("(owner_id=#{user_id}) and (xtype='#{Folder::XTYPE_USER}')").first
return Folder.where("(owner_id=#{user_id.to_i}) and (xtype='#{Folder::XTYPE_USER}')").first
end

#=== create_my_folder
Expand Down Expand Up @@ -1166,7 +1166,7 @@ def self.update_xorder(title, order)
end

SqlHelper.validate_token([order])
User.update_all("xorder=#{order}", con)
User.update_all("xorder=#{order.to_i}", con)
end

#=== rename_title
Expand Down
29 changes: 21 additions & 8 deletions app/views/folders/show_tree.html.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ var modified_teams = 0;
<input type="button" value="<%= t('btn.new') %>" onclick="onCreateClicked(getPos(this));" style="width:80px;" />
<input type="button" value="<%= t('btn.rename') %>" onclick="onRenameFolderClicked(getPos(this));" style="width:80px;" />
<input type="button" value="<%= t('btn.delete') %>" onclick="doDelete();" style="width:80px;" />
<input type="button" value="<%= t('btn.move') %>" onclick="doMove();" style="width:80px;" />
<input type="button" value="<%= t('btn.move') %>" onclick="onMoveFolderClicked();" style="width:80px;" />
</td>
<% else %>
<td style="padding:5px 20px; text-align:left;">
Expand Down Expand Up @@ -492,7 +492,7 @@ function _doDelete(folder_id)
);
}

function doMove()
function onMoveFolderClicked()
{
if (document.form_folder_tree.selKeeper.value == "") {
msg("<%= t('folder.select') %>");
Expand All @@ -514,13 +514,26 @@ function doMove()

ThetisBox.openTree("folderTree:"+folder_id, true);

var addParams = new Array();
addParams.push("id="+folder_id);
addParams.push("authenticity_token=<%= form_authenticity_token %>");

var thetisBox = new ThetisBox;
thetisBox.progress = true;
thetisBox.setAdditionalParams(new Array("id="+folder_id, "authenticity_token=<%= form_authenticity_token %>"));
thetisBox.show("CENTER", "", "TREE", "<%= url_for(:controller => 'folders', :action => 'move') %>", "<%= t('folder.select_dest')%>", "");
thetisBox.setAdditionalParams(addParams);
thetisBox.setFormTag("<form action=\"\" method=\"post\" onsubmit=\"doMoveFolder(this); return false;\">");
thetisBox.show("CENTER", "", "TREE", "", "<%= t('folder.select_dest')%>", "");
thetisBox.setTree("<%= url_for(:controller => 'folders', :action => 'ajax_get_tree') %>?id="+folder_id, "0");
}

function doMoveFolder(frmTree)
{
prog("TOP-RIGHT");

frmTree.method = "post";
frmTree.action = "<%= url_for(:controller => 'folders', :action => 'move') %>";
frmTree.submit();
}

function selectFolder(folder_id)
{
var select_opt = _z("select_opt");
Expand Down Expand Up @@ -640,7 +653,7 @@ function doApplyAuthUsers(folder_id)
addParams.push("id=" + folder_id);
addParams.push(Form.serialize(document.form_folder_auth));

doUpdateView("get", "<%= url_for(:controller => 'folders', :action => 'set_auth_users') %>", addParams);
doUpdateView("post", "<%= url_for(:controller => 'folders', :action => 'set_auth_users') %>", addParams);
}

function selectTabGroups(folder_id)
Expand Down Expand Up @@ -669,7 +682,7 @@ function doApplyAuthGroups(folder_id)
addParams.push("id=" + folder_id);
addParams.push(Form.serialize(document.form_folder_auth));

doUpdateView("get", "<%= url_for(:controller => 'folders', :action => 'set_auth_groups') %>", addParams);
doUpdateView("post", "<%= url_for(:controller => 'folders', :action => 'set_auth_groups') %>", addParams);
}

function selectTabTeams(folder_id)
Expand Down Expand Up @@ -698,7 +711,7 @@ function doApplyAuthTeams(folder_id)
addParams.push("id=" + folder_id);
addParams.push(Form.serialize(document.form_folder_auth));

doUpdateView("get", "<%= url_for(:controller => 'folders', :action => 'set_auth_teams') %>", addParams);
doUpdateView("post", "<%= url_for(:controller => 'folders', :action => 'set_auth_teams') %>", addParams);
}

function showGroupTreeToSelect(group_id)
Expand Down
2 changes: 1 addition & 1 deletion app/views/frames/_footer.html.erb
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@

<table style="width:100%; height:8px; padding:0px; border-spacing:0px;" background="<%= THETIS_RELATIVE_URL_ROOT %>/images/woody.png">
<tr>
<td style="text-align:center; color:white; font-size:8px; line-height:1.0;">
<td style="text-align:center; color:white; font-size:8px; line-height:1.0; padding:0px;">
<a href="javascript:this.onclick()" style="color:white; text-decoration:none; cursor:pointer;" onclick="openWindow('<%= url_for(:controller => 'frames', :action => 'about') %>',600, 360, 'about'); return false;">&copy;2007-2015 Thetis Developers</a>
</td>
</tr>
Expand Down
23 changes: 18 additions & 5 deletions app/views/groups/show_tree.html.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
<input type="button" value="<%= t('btn.new') %>" onclick="onCreateGroupClicked(getPos(this));" style="width:80px;" />
<input type="button" value="<%= t('btn.rename') %>" onclick="onRenameGroupClicked(getPos(this));" style="width:80px;" />
<input type="button" value="<%= t('btn.delete') %>" onclick="doDelete();" style="width:80px;" />
<input type="button" value="<%= t('btn.move') %>" onclick="doMove();" style="width:80px;"/>
<input type="button" value="<%= t('btn.move') %>" onclick="onMoveGroupClicked();" style="width:80px;"/>
<% else %>
<%= t('group.only_admin_can_edit_tree') %>
<% end %>
Expand Down Expand Up @@ -279,7 +279,7 @@ function _doDelete(group_id)
);
}

function doMove()
function onMoveGroupClicked()
{
if (document.form_group_tree.selKeeper.value == "") {
msg("<%= t('group.select') %>");
Expand All @@ -294,13 +294,26 @@ function doMove()

ThetisBox.openTree("groupTree:"+group_id, true);

var addParams = new Array();
addParams.push("id="+group_id);
addParams.push("authenticity_token=<%= form_authenticity_token %>");

var thetisBox = new ThetisBox;
thetisBox.progress = true;
thetisBox.setAdditionalParams(new Array("id="+group_id, "authenticity_token=<%= form_authenticity_token %>"));
thetisBox.show("CENTER", "", "TREE", "<%= url_for(:controller => 'groups', :action => 'move') %>", "<%= t('group.select_dest')%>", "");
thetisBox.setAdditionalParams(addParams);
thetisBox.setFormTag("<form action=\"\" method=\"post\" onsubmit=\"doMoveGroup(this); return false;\">");
thetisBox.show("CENTER", "", "TREE", "", "<%= t('group.select_dest')%>", "");
thetisBox.setTree("<%= url_for(:controller => 'groups', :action => 'ajax_get_tree') %>?id="+group_id, "0");
}

function doMoveGroup(frmTree)
{
prog("TOP-RIGHT");

frmTree.method = "post";
frmTree.action = "<%= url_for(:controller => 'groups', :action => 'move') %>";
frmTree.submit();
}

function doGetUsers(group_id)
{
var addParams = new Array();
Expand Down
3 changes: 2 additions & 1 deletion app/views/mail_filters/list.html.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -228,12 +228,13 @@ doExecNowFilters = function(mail_account_id, folder_id)
var addParams = new Array();
addParams.push("mail_account_id="+mail_account_id);
addParams.push("mail_folder_id="+folder_id);
addParams.push("authenticity_token=<%= form_authenticity_token %>");

var thetisBoxProgress = prog("TOP-RIGHT");
new Ajax.Request(
"<%= url_for(:controller => 'mail_filters', :action => 'do_execute') %>",
{
method:"get",
method:"post",
asynchronous:true,
evalScripts:true,
parameters:addParams.join("&"),
Expand Down
22 changes: 16 additions & 6 deletions app/views/mail_folders/show_tree.html.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@
<a class="context_menu_item" href="javascript:this.onclick()" onclick="onRenameFolderClicked(); return false;">
<%= t('btn.rename') %>
</a>
<a class="context_menu_item" href="javascript:this.onclick()" onclick="doMove(); return false;">
<a class="context_menu_item" href="javascript:this.onclick()" onclick="onMoveFolderClicked(); return false;">
<%= t('btn.move') %>
</a>
<a class="context_menu_item" href="javascript:this.onclick()" onclick="doDelete(); return false;">
Expand Down Expand Up @@ -650,7 +650,7 @@ function _doDelete(folder_id)
);
}

function doMove()
function onMoveFolderClicked()
{
if (document.form_folder_tree.selKeeper.value == "") {
msg("<%= t('folder.select') %>");
Expand All @@ -671,19 +671,29 @@ function doMove()

ThetisBox.openTree("mailTree:"+folder_id, true);

var thetisBox = new ThetisBox;
thetisBox.progress = true;
var addParams = new Array();
<% unless params[:mail_account_xtype].nil? %>
addParams.push("mail_account_xtype=<%= params[:mail_account_xtype] %>");
<% end %>
addParams.push("id="+folder_id);
addParams.push("authenticity_token=<%= form_authenticity_token %>");

var thetisBox = new ThetisBox;
thetisBox.setAdditionalParams(addParams);
thetisBox.show("CENTER", "", "TREE", "<%= url_for(:controller => 'mail_folders', :action => 'move') %>", "<%= t('folder.select_dest') %>", "");
thetisBox.setFormTag("<form action=\"\" method=\"post\" onsubmit=\"doMoveFolder(this); return false;\">");
thetisBox.show("CENTER", "", "TREE", "", "<%= t('folder.select_dest') %>", "");
thetisBox.setTree("<%= url_for(:controller => 'mail_folders', :action => 'ajax_get_tree') %>?id="+folder_id, "0");
}

function doMoveFolder(frmTree)
{
prog("TOP-RIGHT");

frmTree.method = "post";
frmTree.action = "<%= url_for(:controller => 'mail_folders', :action => 'move') %>";
frmTree.submit();
}

function doSelectTree(folder_id)
{
var menuId = "a_mailTree:" + folder_id;
Expand Down Expand Up @@ -1008,7 +1018,7 @@ function _doEmpty(folder_id)
}

invalidateAccountSummary();
doUpdateViewMails("get", "<%= url_for(:controller => 'mail_folders', :action => 'empty') %>", addParams, folder_id);
doUpdateViewMails("post", "<%= url_for(:controller => 'mail_folders', :action => 'empty') %>", addParams, folder_id);
}


Expand Down
2 changes: 1 addition & 1 deletion config/locales/de.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -431,7 +431,7 @@ de:
select_dest: "Bitte wählen Sie das Ziel zu verschieben aus."
delete_info1: "] wird gelöscht."
delete_info2: "(Falls Gruppenordner ist nicht leer, wird das mit R/W (Lesen u. Schreiben) Befugnisse der Mitgliedern weiterbleiben. Wenn keine Mitgliedern in Gruppe geben und keine andere Befugnisse zu Gruppenordner angegeben werden, wird das Veröffentlicht.)"
select_to_show: "(Bitte wählen Sie Gruppe zu zeigen aus.)"
select_to_show: "Bitte wählen Sie Gruppe zu zeigen aus."
select_to_change_to: "Bitte wählen Sie Gruppe zu ersetzen durch aus."
select_to_add: "Bitte wählen Sie Gruppe hinzuzufügen."
other_group: "Andere Gruppe"
Expand Down
2 changes: 1 addition & 1 deletion config/locales/en.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -431,7 +431,7 @@ en:
select_dest: "Please select destination group."
delete_info1: "] will be deleted."
delete_info2: "(If Group Folder is not empty, it will remain with members' R/W authorities. When no members in the Group and no other authorities specified to Group Folder, it will be PUBLIC.)"
select_to_show: "(Please select a group to show.)"
select_to_show: "Please select a group to show."
select_to_change_to: "Please select group to change to."
select_to_add: "Please select group to add."
other_group: "Other Group"
Expand Down
2 changes: 1 addition & 1 deletion config/locales/ja.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -435,7 +435,7 @@ ja:
select_dest: "移動先を選択してください。"
delete_info1: "」を削除します。"
delete_info2: "(グループフォルダが空でなければメンバーの読み書き権限付きで残されます。グループにメンバーがおらず他に権限が設定されていない時は、グループフォルダは全ユーザーからアクセス可能になります。)"
select_to_show: "表示するグループを選択してください"
select_to_show: "表示するグループを選択してください"
select_to_change_to: "変更先のグループを選択してください。"
select_to_add: "追加するグループを選択してください。"
other_group: "他のグループ"
Expand Down