code

include.ini.php

@@ -133,9 +133,11 @@ function _isDocAdmin($username) {
 }
 
 function _isVipReportAdmin($username) {
-     return strtolower($username) == "doc.alice" || strtolower($username) == "maria" || strtolower($username) == "chud"
-           || strtolower($username) == "doc.sansa1" || strtolower($username) == "ra.admin"
-           || strtolower($username) == "doc.tianna" || strtolower($username) == "it.andywu" || strtolower($username) == "ra.admin";
+    return strtolower($username) == "doc.alice" || strtolower($username) == "maria" 
+           || strtolower($username) == "chud" || strtolower($username) == "doc.sansa1" 
+           || strtolower($username) == "doc.tianna" || strtolower($username) == "it.andywu" 
+           || strtolower($username) == "ra.admin" || strtolower($username) == "jon.walker@kln.com" 
+           || strtolower($username) == "mark.szymanowski@kln.com";
 }
 
 function _customerFilerSearchHandNew($user, $schemas = "public", $p = 'place_of_delivery', $s = 'shipper_id', $c = 'consignee_id', $b = 'billto_id', $n = 'notify_party_id', $d = 'port_of_discharge_code') {

service/ocean_order.class.php

@@ -232,8 +232,8 @@ class ocean_order {
             }
 
             try {
-                //$allow_extend = "|.pdf|.xlsx|.docx|";
-                $allow_extend = "|.pdf|";
+                $allow_extend = "|.pdf|.xlsx|.docx|";
+                //$allow_extend = "|.pdf|";
                 $file_name = $_FILES['file']["name"];
                 $errorMsg = "";
                 $sql = "";

service/report.class.php

@@ -226,9 +226,11 @@ class report {
             $description = common::check_input($_POST['report_description']);
             $level = common::check_input($_POST['report_level']);
             $access_type = common::check_input($_POST['access_type']);
-            $party_ids = $_POST['party_ids'];
-            $group_names = $_POST['group_names'];
-            $system_account = $_POST['system_account'];
+
+            //Specific Roles 和 对应有值的时候，才取，否则取空数组更新
+            $party_ids = $access_type == "Specific Roles" && !empty($_POST['party_ids']) ? $_POST['party_ids'] : array();
+            $group_names = $access_type == "Specific Roles" && !empty($_POST['group_names']) ? $_POST['group_names'] : array();
+            $system_account = $access_type == "Specific Roles" && !empty($_POST['system_account']) ? $_POST['system_account'] : array();
 
             //单独处理字段id
             $fieldsList = $_POST['fieldsList'];
@@ -257,18 +259,16 @@ class report {
                 if (!empty($access_type)) {
                     $updateSqlSet.= ", access_type = '$access_type' ";
                 }
-                if (!empty($party_ids)) {
-                    $party_ids_filed= common::toPgTextArrayLiteral($party_ids);
-                    $updateSqlSet.= ", party_ids = $party_ids_filed";
-                }
-                if (!empty($group_names)) {
-                    $group_names_filed = common::toPgTextArrayLiteral($group_names);
-                    $updateSqlSet.= ", group_names = $group_names_filed";
-                }
-                if (!empty($field_ids)) {
-                    $ids_filed =  common::toPgTextArrayLiteral($field_ids);
-                    $updateSqlSet.= ", field_ids = $ids_filed";
-                }
+               
+                $party_ids_filed= common::toPgTextArrayLiteral($party_ids);
+                $updateSqlSet.= ", party_ids = $party_ids_filed";
+                
+                $group_names_filed = common::toPgTextArrayLiteral($group_names);
+                $updateSqlSet.= ", group_names = $group_names_filed";
+                
+                $ids_filed =  common::toPgTextArrayLiteral($field_ids);
+                $updateSqlSet.= ", field_ids = $ids_filed";
+                
                 if (!empty($system_account)) {
                     $system_account_filed = common::toPgTextArrayLiteral($system_account);
                     $updateSqlSet.= ", system_account = $system_account_filed";