function DisplayMainVacationRequestTableBody($userID)
{
$employee = RetrieveEmployeeByID($userID);
$mainVacationRequest = RetrieveMainVacationRequestByID($employee[EMP_MAIN_VACATION_REQ_ID]);
if ($mainVacationRequest != NULL) {
echo '<tr>';
echo '<td>' . $mainVacationRequest[MAIN_VACATION_1ST_START] . '</td>';
echo '<td>' . $mainVacationRequest[MAIN_VACATION_1ST_END] . '</td>';
echo '<td>' . $mainVacationRequest[MAIN_VACATION_2ND_START] . '</td>';
echo '<td>' . $mainVacationRequest[MAIN_VACATION_2ND_END] . '</td>';
echo '<td> <button class="btn btn-success" type="submit" name="amendMain"' . 'value="' . $mainVacationRequest[MAIN_VACATION_REQ_ID] . '">Amend</button></td>';
echo '<td> <button class="btn btn-danger" type="submit" name="deleteMain"' . 'value="' . $mainVacationRequest[MAIN_VACATION_REQ_ID] . '">Delete</button></td>';
echo '</tr>';
}
}
function ApproveMainVacationRequest($requestID, $useFirst)
{
$statusMessage = "";
$succeeded = true;
$absenceType = GetAnnualLeaveAbsenceTypeID();
$request = RetrieveMainVacationRequestByID($requestID);
if ($request != NULL) {
$start = $request[MAIN_VACATION_1ST_START];
$end = $request[MAIN_VACATION_1ST_END];
if (!$useFirst) {
$start = $request[MAIN_VACATION_2ND_START];
$end = $request[MAIN_VACATION_2ND_END];
}
$succeeded = ProcessAbsenceRequest($request[MAIN_VACATION_EMP_ID], $start, $end, $absenceType, $statusMessage);
if ($succeeded) {
DeleteMainVacationRequest($requestID);
}
} else {
$statusMessage .= "Error: Unable to process your request." . "The MainVacationRequest ID of {$requestID} " . "could not be found in the database. Please " . "contact your system administrator.</br>";
$succeeded = false;
}
GenerateStatus($succeeded, $statusMessage);
}
function DeleteMainVacationRequest($ID)
{
$result = 0;
$record = RetrieveMainVacationRequestByID($ID);
if ($record != NULL) {
$employee = RetrieveEmployeeByID($record[MAIN_VACATION_EMP_ID]);
if ($employee) {
$employee[EMP_MAIN_VACATION_REQ_ID] = NULL;
UpdateEmployee($employee);
}
$sql = "DELETE FROM mainVacationRequestTable WHERE mainVacationRequestID=" . $ID . ";";
$result = performSQL($sql);
}
return $result;
}
<?php
include 'sessionmanagement.php';
//sets $userID,$isAdministrator and $isManager
$employee = RetrieveEmployeeByID($userID);
$requestID = $employee[EMP_MAIN_VACATION_REQ_ID];
$today = date("Y-m-d");
$firstChoiceStart = $today;
$firstChoiceEnd = $today;
$secondChoiceStart = $today;
$secondChoiceEnd = $today;
if ($requestID != NULL) {
$mainVacationRequest = RetrieveMainVacationRequestByID($requestID);
$firstChoiceStart = $mainVacationRequest[MAIN_VACATION_1ST_START];
$firstChoiceEnd = $mainVacationRequest[MAIN_VACATION_1ST_END];
$secondChoiceStart = $mainVacationRequest[MAIN_VACATION_2ND_START];
$secondChoiceEnd = $mainVacationRequest[MAIN_VACATION_2ND_END];
}
if (isset($_POST["submit"])) {
ClearStatus();
$request = CreateMainVactionRequest($userID, $_POST["firstChoiceStart"], $_POST["firstChoiceEnd"], $_POST["secondChoiceStart"], $_POST["secondChoiceEnd"]);
if ($request != NULL) {
$url = "Location:index.php";
header($url);
}
}
?>
<!DOCTYPE html>
<html>
<head>
function UpdateEmployee($fields)
{
$statusMessage = "";
//-------------------------------------------------------------------------
// Validate Input parameters
//-------------------------------------------------------------------------
$inputIsValid = TRUE;
$validID = false;
$countOfFields = 0;
foreach ($fields as $key => $value) {
if ($key == EMP_ID) {
$record = RetrieveEmployeeByID($value);
if ($record != NULL) {
$validID = true;
$countOfFields++;
}
} else {
if ($key == EMP_NAME) {
$countOfFields++;
if (isNullOrEmptyString($value)) {
$statusMessage .= "Employee name can not be blank.</br>";
error_log("Invalid EMP_NAME passed to UpdateEmployee.");
$inputIsValid = FALSE;
}
} else {
if ($key == EMP_EMAIL) {
$countOfFields++;
if (!filter_var($value, FILTER_VALIDATE_EMAIL)) {
$statusMessage .= "Email address is not in a valid format.</br>";
error_log("Invalid email address passed to UpdateEmployee.");
$inputIsValid = FALSE;
}
} else {
if ($key == EMP_PASSWORD) {
//No validation on password, since this is an MD5 encoded string.
$countOfFields++;
} else {
if ($key == EMP_DATEJOINED) {
$countOfFields++;
if (!isValidDate($value)) {
$statusMessage .= "Date Joined value is not a valid date</br>";
error_log("Invalid EMP_DATEJOINED passed to UpdateEmployee.");
$inputIsValid = FALSE;
}
} else {
if ($key == EMP_LEAVE_ENTITLEMENT) {
$countOfFields++;
if (!is_numeric($value)) {
$statusMessage .= "Employee Leave Entitlement must be a numeric value.</br>";
error_log("Invalid EMP_LEAVE_ENTITLEMENT passed to UpdateEmployee.");
$inputIsValid = FALSE;
}
} else {
if ($key == EMP_MAIN_VACATION_REQ_ID) {
if ($value != NULL) {
$record = RetrieveMainVacationRequestByID($value);
if ($record == NULL) {
$statusMessage .= "Main Vacation Request ID not found in database.</br>";
error_log("Invalid EMP_MAIN_VACATION_REQ_ID passed to UpdateEmployee.");
$inputIsValid = FALSE;
}
}
} else {
if ($key == EMP_COMPANY_ROLE) {
$countOfFields++;
$record = RetrieveCompanyRoleByID($value);
if ($record == NULL) {
$statusMessage .= "Company Role ID not found in database.</br>";
error_log("Invalid EMP_COMPANY_ROLE passed to UpdateEmployee.");
$inputIsValid = FALSE;
}
} else {
if ($key == EMP_ADMIN_PERM) {
$countOfFields++;
} else {
if ($key == EMP_MANAGER_PERM) {
$countOfFields++;
} else {
$statusMessage .= "Unrecognised field of {$key} encountered.</br>";
error_log("Invalid field passed to UpdateEmployee. {$key}=" . $key);
$inputIsValid = FALSE;
}
}
}
}
}
}
}
}
}
}
}
if (!$validID) {
$statusMessage .= "No valid ID supplied.</br>";
error_log("No valid ID supplied in call to UpdateEmployee.");
$inputIsValid = FALSE;
}
if ($countOfFields < 2) {
$statusMessage .= "Insufficent fields supplied.</br>";
error_log("Insufficent fields supplied in call to UpdateEmployee.");
$inputIsValid = FALSE;
}
//-------------------------------------------------------------------------
// Only attempt to update a record in the database if the input parameters
// are ok.
//-------------------------------------------------------------------------
$success = false;
if ($inputIsValid) {
$success = performSQLUpdate(EMPLOYEE_TABLE, EMP_ID, $fields);
if ($success) {
$statusMessage .= "Record has been successfully updated.";
} else {
$inputIsValid = false;
$statusMessage .= "Unexpected Database error encountered. Please " . "contact your system administrator.";
}
}
GenerateStatus($inputIsValid, $statusMessage);
return $success;
}
<?php
include 'sessionmanagement.php';
$returnURL = "index.php";
if (isset($_GET["back"])) {
$returnURL = $_GET["back"];
}
if ($_GET["ID"] != NULL) {
$record = RetrieveMainVacationRequestByID($_GET["ID"]);
if (!$isAdministrator) {
if ($record[MAIN_VACATION_EMP_ID] != $userID) {
header('Location: index.php');
exit;
}
}
$employee = RetrieveEmployeeByID($record[MAIN_VACATION_EMP_ID]);
}
if (isset($_POST["cancel"])) {
ClearStatus();
header("Location:" . $returnURL);
exit;
}
if (isset($_POST["update"])) {
ClearStatus();
$record[MAIN_VACATION_REQ_ID] = $_GET["ID"];
$record[MAIN_VACATION_EMP_ID] = $employee[EMP_ID];
$record[MAIN_VACATION_1ST_START] = $_POST["firstChoiceStart"];
$record[MAIN_VACATION_1ST_END] = $_POST["firstChoiceEnd"];
$record[MAIN_VACATION_2ND_START] = $_POST["secondChoiceStart"];
$record[MAIN_VACATION_2ND_END] = $_POST["secondChoiceEnd"];
$success = UpdateMainVacactionRequest($record);
