} if ($obj_employee->data["staff_code"]) { if (!$obj_employee->verify_code_staff()) { log_write("error", "staff-edit-process", "Another staff member already has this code - please choose a unique code or leave blank for a default."); $_SESSION["error"]["staff_code-error"] = 1; } } // return to input page in event of any errors if ($_SESSION["error"]["message"]) { if ($obj_employee->id) { header("Location: ../index.php?page=hr/staff-view.php&id=" . $obj_employee->id); exit(0); } else { header("Location: ../index.php?page=hr/staff-add.php"); exit(0); } } /* Process Data */ // create/update employee information $obj_employee->action_update(); // display updated details header("Location: ../index.php?page=hr/staff-view.php&id=" . $obj_employee->id); exit(0); } else { // user does not have perms to view this page/isn't logged on error_render_noperms(); header("Location: ../index.php?page=message.php"); exit(0); }
function set_employee_details($id, $name_staff, $staff_code, $staff_position, $contact_phone, $contact_fax, $contact_email, $date_start, $date_end) { log_debug("hr_staff_manager", "Executing set_employee_details({$id}, values...)"); if (user_permissions_get("staff_write")) { $obj_employee = new hr_staff(); /* Load POST Data */ $obj_employee->id = @security_script_input_predefined("int", $id); $obj_employee->data["name_staff"] = @security_script_input_predefined("any", $name_staff); $obj_employee->data["staff_code"] = @security_script_input_predefined("any", $staff_code); $obj_employee->data["staff_position"] = @security_script_input_predefined("any", $staff_position); $obj_employee->data["contact_phone"] = @security_script_input_predefined("any", $contact_phone); $obj_employee->data["contact_fax"] = @security_script_input_predefined("any", $contact_fax); $obj_employee->data["contact_email"] = @security_script_input_predefined("email", $contact_email); $obj_employee->data["date_start"] = @security_script_input_predefined("date", $date_start); $obj_employee->data["date_end"] = @security_script_input_predefined("date", $date_end); foreach (array_keys($obj_employee->data) as $key) { if ($obj_employee->data[$key] == "error") { throw new SoapFault("Sender", "INVALID_INPUT"); } } /* Error Handling */ // verify employee ID (if editing an existing employee) if ($obj_employee->id) { if (!$obj_employee->verify_id()) { throw new SoapFault("Sender", "INVALID_ID"); } } // make sure we don't choose a staff name that has already been taken if (!$obj_employee->verify_name_staff()) { throw new SoapFault("Sender", "DUPLICATE_NAME_STAFF"); } // make sure we don't choose a staff code that has already been taken if ($obj_employee->data["staff_code"]) { if (!$obj_employee->verify_code_staff()) { throw new SoapFault("Sender", "DUPLICATE_CODE_STAFF"); } } /* Perform Changes */ if ($obj_employee->action_update()) { return $obj_employee->id; } else { throw new SoapFault("Sender", "UNEXPECTED_ACTION_ERROR"); } } else { throw new SoapFault("Sender", "ACCESS DENIED"); } }