<?php
/*
* Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de>
*
* Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA
* Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen
* http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode
*/
require_once __DIR__ . '/../../includes/auth.inc';
require_once __DIR__ . '/../../includes/functions.inc';
require_once __DIR__ . '/../../includes/functions.inc';
$tze = new tze();
$oDatenbank = $tze->mysql();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$action = filter_input(INPUT_POST, 'action');
$mode = filter_input(INPUT_POST, 'mode');
$id = filter_input(INPUT_POST, 'id', FILTER_VALIDATE_INT);
if ($mode == "admin") {
#
# Admin Status Prüfen
#
if (!$_SESSION['iAdmin'] == 1) {
exit_error('unzureichende Rechte!');
} else {
// ziehe Projekte Liste
if ($action == 'projekt-list') {
$strQuery = "SELECT id, Projekt FROM `projekte` WHERE id > 0 AND deleted != 1";
$request = $oDatenbank->query($strQuery);
$rows = array();
while ($row = $request->fetch_assoc()) {
# Auf HTTPS umleiten und beenden
$redirect = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location: {$redirect}");
exit;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST' && filter_input(INPUT_POST, 'action') === "login") {
require_once __DIR__ . '/../includes/mysql.inc';
require_once __DIR__ . '/../includes/passwordLib.inc';
$regexPattern = array("options" => array("regexp" => "/^[a-zA-Z0-9]+\$/"));
$sLogin = filter_input(INPUT_POST, 'tze_login', FILTER_VALIDATE_REGEXP, $regexPattern);
if (is_null($sLogin) || !$sLogin) {
sleep(3);
exit('{"Result":"ERROR","Message":"Login ungültig!"}');
}
$sPassword = filter_input(INPUT_POST, 'tze_passwd');
$Datenbank = tze::mysql();
$result = $Datenbank->query("SELECT * FROM ma WHERE sLogin = '******' AND `deleted` <> '1'");
if (!$result) {
$sError = "Fehler mit der Datenbank!";
} else {
if ($result->num_rows !== 1) {
$sError = "Name oder Passwort falsch!";
} else {
$row = $result->fetch_assoc();
if (!$row["bLogin_Allowed"]) {
$sError = "Hinweis: Login ist gesperrt!";
} else {
if (!password_verify($sPassword, $row["sPassword_hash"])) {
$sError = "Name oder Passwort falsch!";
} else {
session_start();
<?php
/*
* Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de>
*
* Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA-3.0
* Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen
* http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode
*/
require_once __DIR__ . '/../../includes/auth.inc';
require_once __DIR__ . '/../../includes/functions.inc';
require_once __DIR__ . '/../../includes/PHPExcel.php';
$tze = new tze();
$oDatenbank = $tze->mysql();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (filter_input(INPUT_POST, 'mode') == "admin") {
#
# Admin Status Prüfen
#
if (!$_SESSION['iAdmin'] == 1) {
exit_error('unzureichende Rechte!');
} else {
// Datum einlesen
$Date = filter_input(INPUT_POST, 'Date', FILTER_SANITIZE_STRIPPED);
// Datum SQL passend formatieren
$Date = $tze->sqlDate($Date);
// Arbeitsmappe erstellen
$objPHPExcel = new PHPExcel();
//Projekte einlesen
$query = 'select * from projekte where deleted != 1';
$projects = $tze->get_Results($query);
<?php
/*
* Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de>
*
* Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA
* Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen
* http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode
*/
require_once __DIR__ . '/../../includes/auth.inc';
$tze = new tze();
$oDatenbank = $tze->mysql();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (filter_input(INPUT_POST, 'mode') == "admin") {
#
# Admin Status Prüfen
#
if (!$_SESSION['iAdmin'] == 1) {
exit_error('unzureichende Rechte!');
} else {
// Tabelle Mitarbeiter
if (filter_input(INPUT_POST, 'action') == 'get-users') {
$Date = filter_input(INPUT_POST, 'Date', FILTER_SANITIZE_STRIPPED);
$Date = $tze->sqlDate($Date);
$strQuery = 'select
userId as iUserID, sVorname, sNachname, iArbeitszeit,
sec_to_time(iArbeitszeit * 60 * 60) as Arbeitszeit,
zeiten.AZ, zeiten.PZ, zeiten.iProjekt, zeiten.Projekt,
zeiten.`Status`, zeiten.`working`, zeiten.`timestamp`
from ma_view mitarbeiter
left join (
<?php
#
# Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de>
#
# Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA
# Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen
# http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode
#
// Nur Fehler melden
// error_reporting(E_ERROR);
$strSubSiteName = 'Verwaltung';
require_once __DIR__ . '/../includes/auth.inc';
$tze = new tze();
$Datenbank = $tze->mysql();
#
# Admin Status Prüfen
#
$result = $Datenbank->query("SELECT iAdmin FROM ma WHERE userId = '" . $_SESSION['userId'] . "'");
if ($result) {
if ($result->num_rows === 1) {
$row = $result->fetch_assoc();
if (!$row["iAdmin"]) {
header('Location: ' . $sProject_URL . 'login.php');
exit;
}
}
}
$stylesheets[] = "/o2bo/res/jquery-ui-timepicker-addon.css";
?>
<!DOCTYPE html>
<?php
#
# Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de>
#
# Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA
# Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen
# http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode
#
require_once __DIR__ . '/../../includes/auth.inc';
require_once __DIR__ . '/../../includes/functions.inc';
require_once __DIR__ . '/../../includes/passwordLib.inc';
$tze = new tze();
function Neues_Passwort()
{
// Generate Custom PW
$chars = "abcdefghijkmnpqrtuvwxyz";
$chars .= strtoupper($chars) . "023456789";
$len = strlen($chars);
$temppw = '';
for ($i = 0; $i < 8; $i++) {
$temppw .= substr($chars, rand(0, $len - 1), 1);
}
// the finished password
return str_shuffle($temppw);
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (filter_input(INPUT_POST, 'mode') == "admin") {
#
# Admin Status Prüfen
#
<?php
/*
* Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de>
*
* Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA-3.0
* Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen
* http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode
*/
require_once __DIR__ . '/../../includes/auth.inc';
require_once __DIR__ . '/../../includes/functions.inc';
$tze = new tze();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (filter_input(INPUT_POST, 'mode') == "admin") {
#
# Admin Status Prüfen
#
if (!$_SESSION['iAdmin'] == 1) {
exit_error('unzureichende Rechte!');
} else {
if (filter_input(INPUT_POST, 'action') == "list") {
$jtSorting = filter_input(INPUT_POST, 'jtSorting', FILTER_SANITIZE_STRIPPED);
if (!empty($jtSorting)) {
$sort = "Order by {$jtSorting}";
} else {
$sort = '';
}
$rows = $tze->get_Results("select * from dispoCodes where deleted = false {$sort}");
$json_data = json_encode(["Result" => "OK", "Records" => $rows]);
exit($json_data);
}
<?php
#
# Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de>
#
# Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA
# Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen
# http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode
#
require_once __DIR__ . '/../../includes/auth.inc';
require_once __DIR__ . '/../../includes/functions.inc';
$tze = new tze();
$oDatenbank = $tze->mysql();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$jtSorting = filter_input(INPUT_POST, 'jtSorting', FILTER_SANITIZE_STRIPPED);
if (is_null($sort)) {
$jtSorting = '';
} else {
$jtSorting = " order by {$jtSorting} ";
}
// öfter benötigte Variablen...
$jtStartIndex = filter_input(INPUT_POST, 'jtStartIndex', FILTER_SANITIZE_NUMBER_INT);
$jtPageSize = filter_input(INPUT_POST, 'jtPageSize', FILTER_SANITIZE_NUMBER_INT);
$jtSorting = filter_input(INPUT_POST, 'jtSorting', FILTER_SANITIZE_STRIPPED);
if (!empty($jtPageSize)) {
$jtStartIndex = !empty($jtPageSize) ? $jtStartIndex : 0;
$limit = " LIMIT {$jtStartIndex}, {$jtPageSize} ";
} else {
$limit = "";
}
if (!empty($jtSorting)) {
<?php
/*
* Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de>
*
* Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA
* Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen
* http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode
*/
require_once __DIR__ . '/../../includes/auth.inc';
require_once __DIR__ . '/../../includes/functions.inc';
require_once __DIR__ . '/../../includes/PHPExcel.php';
$tze = new tze();
$oDatenbank = $tze->mysql();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (filter_input(INPUT_POST, 'mode') == "admin") {
#
# Admin Status Prüfen
#
if (!$_SESSION['iAdmin'] == 1) {
exit_error('unzureichende Rechte!');
} else {
$Date = filter_input(INPUT_POST, 'Date', FILTER_SANITIZE_STRIPPED);
$Date = $tze->sqlDate($Date);
$objPHPExcel = new PHPExcel();
$dispoCodesArray = $tze->get_Results("select * from dispoCodes");
foreach ($dispoCodesArray as $code) {
$dispoCodes .= 'sum( if (icat = ' . $code['id'] . ', time_to_sec(Duration), 0)) / 24 / 60 / 60 as `' . $code['code'] . ". " . $code['ButtonLabel'] . '`, ';
$dispoHeaders .= 'zeiten.`' . $code['code'] . ". " . $code['ButtonLabel'] . '`, ';
}
$dispoCodes = substr($dispoCodes, 0, -2);
<?php
#
# Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de>
#
# Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA
# Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen
# http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode
#
$strSubSiteName = 'Passwort';
require_once __DIR__ . '/../includes/auth.inc';
require_once __DIR__ . '/../includes/functions.inc';
require_once __DIR__ . '/../includes/passwordLib.inc';
$tze = new tze();
$oDB = $tze->mysql();
$sError = "";
$sIntro = "";
if ($_SESSION["bForce_Update_PW"]) {
$sIntro = "<p>Das Passwort muss geändert werden!</p>\n";
}
$iPasswordUserID = $_SESSION['userId'];
$result = $tze->get_Results('SELECT * FROM ma WHERE userId = ?', 'i', $iPasswordUserID);
if ($result) {
if (count($result) == 1) {
$sUserName = $result[0]["sLogin"] . " (" . $result[0]['sVorname'] . " " . $result[0]['sNachname'] . ")";
$sOldPassword_hash = $result[0]["sPassword_hash"];
} else {
$sUserName = "******"font-size: smaller; color: #800000;\">User nicht gefunden!</span>\n";
}
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
<?php
#
# Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de>
#
# Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA
# Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen
# http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode
#
require_once __DIR__ . '/../../includes/auth.inc';
require_once __DIR__ . '/../../includes/functions.inc';
$tze = new tze();
$Datenbank = $tze->mysql();
# iUserID auf Session-Wert einstellen
$iUserID = $_SESSION['userId'];
$strTime = date('Y-m-d H:i:s');
$strDate = date('Y-m-d');
$iLastProj = null;
$iLastCat = null;
# letzen, nicht beendeten Tag abrufen
$QueryLastDay = 'SELECT id, iProjekt, iCat, MAX(Time_Start), Date FROM `ze_full` WHERE iUserID = ' . $_SESSION['userId'] . ' and Time_End = "0000-00-00 00:00:00"';
$result = $Datenbank->query($QueryLastDay);
if ($result) {
$row = $result->fetch_assoc();
if ($row['id'] > 0) {
$strDate = $row['Date'];
$strID = $row['id'];
$iLastProj = $row['iProjekt'];
$iLastCat = $row['iCat'];
}
}
