Ejemplo n.º 1
0
function showSecLogDetails($config, $secLogID, $isEditing = false, $isApprove = false)
{
    $addSecLog = isset($_POST['addSecLog']) ? true : false;
    $logoutSecLog = isset($_POST['logoutSecLog']) ? true : false;
    $updateSecLog = isset($_POST['updateSecLog']) ? true : false;
    $num_deputies = isset($_POST['num_deputies']) ? $_POST['num_deputies'] : 0;
    $totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : 0;
    $mysqli = $config->mysqli;
    $mysqliReserve = connectToSQL($reserveDB = TRUE);
    if ($addSecLog) {
        //get passed values
        if ($num_deputies > 0) {
            for ($i = 0; $i < $num_deputies; $i++) {
                $deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : false;
                $radioNum[$i] = isset($_POST['radioNum' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['radioNum' . $i])) : '';
                $isReserve[$i] = isset($_POST['isReserve' . $i]) ? '1' : '0';
            }
        }
        $address = isset($_POST['address']) ? $mysqli->real_escape_string(strtoupper($_POST['address'])) : '';
        $city = isset($_POST['city']) ? $mysqli->real_escape_string(strtoupper($_POST['city'])) : '';
        $phone = isset($_POST['phone']) ? $mysqli->real_escape_string($_POST['phone']) : '';
        $shiftStart1 = !empty($_POST['shiftStart1']) ? $mysqli->real_escape_string($_POST['shiftStart1']) : '00';
        $shiftStart2 = !empty($_POST['shiftStart2']) ? $mysqli->real_escape_string($_POST['shiftStart2']) : '00';
        $shiftStart = $shiftStart1 . $shiftStart2 . "00";
        $shiftEnd1 = !empty($_POST['shiftEnd1']) ? $mysqli->real_escape_string($_POST['shiftEnd1']) : '00';
        $shiftEnd2 = !empty($_POST['shiftEnd2']) ? $mysqli->real_escape_string($_POST['shiftEnd2']) : '00';
        $shiftEnd = $shiftEnd1 . $shiftEnd2 . "00";
        $dress = isset($_POST['dress']) ? $mysqli->real_escape_string($_POST['dress']) : '';
        $gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
        //add to database
        echo '<h2>Results</h2>';
        if ($num_deputies > 0) {
            for ($i = 0; $i < $num_deputies; $i++) {
                $gpIDq = "SELECT MAX( GPNUM ) 'gpID' FROM SECLOG";
                $gpResult = $mysqli->query($gpIDq);
                SQLerrorCatch($mysqli, $gpResult);
                $row = $gpResult->fetch_assoc();
                if ($gpID != 0) {
                    $groupID = $gpID;
                } else {
                    $groupID = 0;
                    if ($num_deputies == 1) {
                        //Set Group ID to 0 or Individual
                    } else {
                        if ($i == 0) {
                            $groupID = $row['gpID'] + 1;
                        } else {
                            $groupID = $row['gpID'];
                        }
                    }
                }
                $myq = "INSERT INTO `SECLOG` ( `IDNUM` ,`DEPUTYID` ,`RADIO` ,`TIMEIN` ,`AUDIT_IN_ID` ,\r\n                    `AUDIT_IN_TIME` ,`AUDIT_IN_IP` ,`LOCATION` ,`CITY` ,`PHONE` ,`SHIFTDATE` ,`SHIFTSTART` ,\r\n                    `SHIFTEND` ,`DRESS` ,`TIMEOUT` ,`AUDIT_OUT_ID` ,`AUDIT_OUT_TIME` ,`AUDIT_OUT_IP` ,`SUP_ID` ,\r\n                    `SUP_TIME` ,`SUP_IP`, IS_RESERVE, GPNUM) VALUES (\r\n                    NULL , '" . $deputyID[$i] . "', '" . $radioNum[$i] . "', NOW(), '" . $_SESSION['userIDnum'] . "', NOW(), INET_ATON('" . $_SERVER['REMOTE_ADDR'] . "'), \r\n                        '" . $address . "', '" . $city . "', '" . $phone . "', '" . Date('Y-m-d', strtotime($_POST['dateSelect'])) . "', \r\n                        '" . $shiftStart . "', '" . $shiftEnd . "', '" . $dress . "', '', '', '', '', '', '', ''," . $isReserve[$i] . ",\r\n                    '" . $groupID . "');";
                $result = $mysqli->query($myq);
                if (!SQLerrorCatch($mysqli, $result)) {
                    $secLogID = $mysqli->insert_id;
                    addLog($config, 'Secondary Log #' . $secLogID . ' Added');
                    echo 'Successfully Added Secondary Employment Log, Reference Number: ' . $secLogID . '<br />';
                    $isEditing = true;
                } else {
                    echo 'Failed to add Secondary Employment Log, try again.<br />';
                }
            }
        } else {
            echo 'Must select a user.<br />';
        }
        echo '<br />';
        //display results and get secLogID just added
    }
    if ($logoutSecLog) {
        $secLogID = isset($_POST['secLogID']) ? $_POST['secLogID'] : '';
        logOutSecLog($config, $secLogID);
        $isEditing = true;
    }
    if ($updateSecLog) {
        ////get posted values
        $secLogID = isset($_POST['secLogID']) ? $mysqli->real_escape_string($_POST['secLogID']) : '';
        $radioNum = isset($_POST['radioNum']) ? $mysqli->real_escape_string($_POST['radioNum']) : '';
        $address = isset($_POST['address']) ? $mysqli->real_escape_string($_POST['address']) : '';
        $city = isset($_POST['city']) ? $mysqli->real_escape_string($_POST['city']) : '';
        $phone = isset($_POST['phone']) ? $mysqli->real_escape_string($_POST['phone']) : '';
        $shiftStart1 = isset($_POST['shiftStart1']) ? $mysqli->real_escape_string($_POST['shiftStart1']) : '';
        $shiftStart2 = isset($_POST['shiftStart2']) ? $mysqli->real_escape_string($_POST['shiftStart2']) : '';
        $shiftStart = $shiftStart1 . $shiftStart2 . "00";
        $shiftEnd1 = isset($_POST['shiftEnd1']) ? $mysqli->real_escape_string($_POST['shiftEnd1']) : '';
        $shiftEnd2 = isset($_POST['shiftEnd2']) ? $mysqli->real_escape_string($_POST['shiftEnd2']) : '';
        $shiftEnd = $shiftEnd1 . $shiftEnd2 . "00";
        $dress = isset($_POST['dress']) ? $mysqli->real_escape_string($_POST['dress']) : '';
        updateSecLog($config, $secLogID, $radioNum, $address, $city, $phone, $shiftStart1, $shiftStart2, $shiftEnd1, $shiftEnd2, $dress);
        $isEditing = true;
    }
    if ($isEditing) {
        if ($config->adminLvl >= 0) {
            $mysqli = $config->mysqli;
            $myq = "SELECT S.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', S.RADIO, LOCATION, S.CITY, PHONE,\r\n                        SHIFTSTART, SHIFTEND, DRESS, S.IDNUM, S.TIMEOUT\r\n                    FROM SECLOG S\r\n                    JOIN EMPLOYEE AS SEC ON SEC.IDNUM=S.DEPUTYID\r\n                    WHERE S.IDNUM = '" . $secLogID . "' AND IS_RESERVE=0\r\n                    UNION\r\n                    SELECT S.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', S.RADIO, LOCATION, S.CITY, PHONE,\r\n                        SHIFTSTART, SHIFTEND, DRESS, S.IDNUM, S.TIMEOUT\r\n                    FROM SECLOG S\r\n                    JOIN RESERVE AS SEC ON SEC.IDNUM=S.DEPUTYID\r\n                    WHERE S.IDNUM = '" . $secLogID . "' AND IS_RESERVE=1\r\n                    ORDER BY IDNUM";
            $result = $mysqli->query($myq);
            SQLerrorCatch($mysqli, $result);
            $row = $result->fetch_assoc();
            if ($row['gpID'] != 0) {
                //get all users
                echo '<div align="center">Group Reference #: ' . $row['gpID'] . '
                    <input type="hidden" name="gpID" value="' . $row['gpID'] . '" /></div>';
                $newq = "SELECT S.IDNUM 'refNum', S.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', S.RADIO, LOCATION, S.CITY, PHONE,\r\n                        SHIFTSTART, SHIFTEND, DRESS, S.IDNUM, S.TIMEOUT\r\n                    FROM SECLOG S\r\n                    JOIN EMPLOYEE AS SEC ON SEC.IDNUM=S.DEPUTYID\r\n                    WHERE S.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=0\r\n                    UNION\r\n                    SELECT S.IDNUM 'refNum', S.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', S.RADIO, LOCATION, S.CITY, PHONE,\r\n                        SHIFTSTART, SHIFTEND, DRESS, S.IDNUM, S.TIMEOUT\r\n                    FROM SECLOG S\r\n                    JOIN RESERVE AS SEC ON SEC.IDNUM=S.DEPUTYID\r\n                    WHERE S.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=1\r\n                    ORDER BY IDNUM";
                $newResult = $mysqli->query($newq);
                SQLerrorCatch($mysqli, $newResult);
                $x = 0;
                $y = 0;
                $depTable = array(array());
                $depTable[$x][$y] = "Reference#";
                $y++;
                $depTable[$x][$y] = "Deputy";
                $y++;
                $depTable[$x][$y] = "Radio#";
                $y++;
                $depTable[$x][$y] = "Action";
                $y++;
                $x++;
                while ($newRow = $newResult->fetch_assoc()) {
                    $y = 0;
                    $depTable[$x][$y] = $newRow['refNum'] . '
                        <input type="hidden" name="secLogID' . $x . '" value="' . $newRow['refNum'] . '" />';
                    $y++;
                    $depTable[$x][$y] = $newRow['DEPUTYNAME'];
                    $y++;
                    $depTable[$x][$y] = '<input type="text" name="radioNum' . $x . '" value="' . $newRow['RADIO'] . '" />';
                    $y++;
                    if (strcmp($newRow['TIMEOUT'], "00:00:00") == 0) {
                        $depTable[$x][$y] = '<input type="submit" value="Update" name="updateSecLog' . $x . '" />
                                <input type="submit" value="LogOut" name="logoutSecLog' . $x . '" /><br/>';
                        if ($config->adminLvl >= 25) {
                            $depTable[$x][$y] .= '<input type="submit" name="changeDeputy' . $x . '" value="Change Deputy" />';
                        }
                        $y++;
                    } else {
                        if ($config->adminLvl >= 25) {
                            $depTable[$x][$y] = '<input type="submit" value="Update" name="updateSecLog' . $x . '" />
                                Logged Out at ' . $newRow['TIMEOUT'];
                            $y++;
                        } else {
                            $depTable[$x][$y] = 'Logged Out at ' . $newRow['TIMEOUT'];
                            $y++;
                        }
                    }
                    $x++;
                }
                showSortableTable($depTable, 1);
            } else {
                $x = 0;
                $y = 0;
                $depTable = array(array());
                $depTable[$x][$y] = "Reference#";
                $y++;
                $depTable[$x][$y] = "Deputy";
                $y++;
                $depTable[$x][$y] = "Radio#";
                $y++;
                $depTable[$x][$y] = "Action";
                $y++;
                $x++;
                $y = 0;
                $depTable[$x][$y] = $secLogID . '<input type="hidden" name="secLogID" value="' . $secLogID . '" />';
                $y++;
                $depTable[$x][$y] = $row['DEPUTYNAME'];
                $y++;
                $depTable[$x][$y] = $row['DEPUTYNAME'];
                $y++;
                if ($config->adminLvl >= 25) {
                    $depTable[$x][$y] = '<input type="submit" name="changeDeputy1" value="Change Deputy" />';
                } else {
                    $depTable[$x][$y] = '';
                }
                $y++;
                showSortableTable($depTable, 1);
                //                 echo 'Reference #: '.$secLogID.'<input type="hidden" name="secLogID" value="'.$secLogID.'" /><br />
                //                    Deputy: '.$row['DEPUTYNAME'].'<br/>
                //                    Radio#: <input type="text" name="radioNum" value="'.$row['RADIO'].'" />
                //                        <input type="submit" name="changeDeputy1" value="Change Deputy" /><br/>';
            }
            echo '<div align="left">Add Deputy: <button type="button"  name="searchBtn" 
                value="Lookup Employee" onClick="this.form.action=' . "'?userLookup=true'" . ';this.form.submit()" >
                Lookup Employee</button></div><br/>';
            echo 'Site Name or Address: <input type="text" name="address" value="' . $row['LOCATION'] . '" /><br/>
                City/Twp: <input type="text" name="city" value="' . $row['CITY'] . '" /><br/>
                Contact#: <input type="text" name="phone" value="' . $row['PHONE'] . '" /><br/>
                Shift Start Time: ';
            $temp = explode(":", $row['SHIFTSTART']);
            showTimeSelector("shiftStart", $temp[0], $temp[1], false);
            echo ' <br/>
                Shift End Time: ';
            $temp = explode(":", $row['SHIFTEND']);
            showTimeSelector("shiftEnd", $temp[0], $temp[1], false);
            echo '<br/>
                Dress: <select name="dress">
                    <option value=""></option>
                    <option value="U"';
            if (strcmp($row['DRESS'], "U") == 0) {
                echo ' SELECTED ';
            }
            echo '>Uniform</option>
                    <option value="PC"';
            if (strcmp($row['DRESS'], "PC") == 0) {
                echo ' SELECTED ';
            }
            echo '>Plain Clothes</option>
                </select><br/>';
            echo 'Logged Off Time: ';
            if (strcmp($row['TIMEOUT'], "00:00:00") == 0) {
                echo "Not Logged Off Yet<br /><br />";
                if ($row['gpID'] != 0) {
                    echo '<input type="submit" name="logoutSecLogAll" value="LogOut All" />';
                } else {
                    echo '<input type="submit" name="logoutSecLog" value="LogOut" />';
                }
            } else {
                echo $row['TIMEOUT'] . '<br /><br />';
            }
            if (strcmp($row['TIMEOUT'], "00:00:00") == 0 || $config->adminLvl >= 25) {
                if ($row['gpID'] != 0) {
                    echo '<input type="submit" name="updateSecLogAll" value="Update All" />';
                } else {
                    echo '<input type="submit" name="updateSecLog" value="Update" />';
                }
            }
            if ($isApprove) {
                echo '<input type="submit" name="backToApprove" value="Back To Approvals" />';
            } else {
                echo '<input type="submit" name="goBtn" value="Back To Logs" />';
            }
        } else {
            echo 'Access Denied';
        }
    }
    if (!$isEditing && !isset($_POST['goBtn'])) {
        $secLogID = isset($_POST['secLogID']) ? $_POST['secLogID'] : $_SESSION['userIDnum'];
        $radioNum = isset($_POST['radioNum']) ? $_POST['radioNum'] : '';
        $address = isset($_POST['address']) ? $_POST['address'] : '';
        $city = isset($_POST['city']) ? $_POST['city'] : '';
        $phone = isset($_POST['phone']) ? $_POST['phone'] : '';
        $shiftStart1 = isset($_POST['shiftStart1']) ? $_POST['shiftStart1'] : '';
        $shiftStart2 = isset($_POST['shiftStart2']) ? $_POST['shiftStart2'] : '';
        $shiftEnd1 = isset($_POST['shiftEnd1']) ? $_POST['shiftEnd1'] : '';
        $shiftEnd2 = isset($_POST['shiftEnd2']) ? $_POST['shiftEnd2'] : '';
        $dress = isset($_POST['dress']) ? $_POST['dress'] : '';
        $dateSelect = isset($_POST['dateSelect']) ? $_POST['dateSelect'] : '';
        //debug
        //var_dump($_POST);
        //Show previously added deputies
        $deputyCount = 0;
        if ($num_deputies > 0) {
            for ($i = 0; $i < $num_deputies; $i++) {
                if (!isset($_POST['removeDeputyBtn' . $i])) {
                    $deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : '';
                    $isReserve[$i] = isset($_POST['isReserve' . $i]) ? true : false;
                    //get this user's information
                    if ($isReserve[$i]) {
                        $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $deputyID[$i];
                        $result = $mysqliReserve->query($myq);
                        SQLerrorCatch($mysqliReserve, $result);
                        $row = $result->fetch_assoc();
                    } else {
                        $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $deputyID[$i];
                        $result = $mysqli->query($myq);
                        SQLerrorCatch($mysqli, $result);
                        $row = $result->fetch_assoc();
                    }
                    if ($i == 0) {
                        $phone = $row['CELLPH'];
                    }
                    echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $deputyID[$i] . '" />';
                    if ($isReserve[$i] == 1) {
                        echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />';
                    }
                    echo $row['LNAME'] . ', ' . $row['FNAME'];
                    echo ';  Radio#: <input type="hidden" name="radioNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />' . $row['RADIO'];
                    echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />';
                    echo '<br/>';
                    $deputyCount++;
                }
            }
            //End for loop of previously added deputies
        }
        //End check for multiple deputies
        //Get added Deputy
        $totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : 0;
        $foundUserFNAME = '';
        $foundUserLNAME = '';
        $foundUserName = '';
        $foundUserID = '';
        if ($totalRows > 0) {
            //get post info providied from search results
            for ($i = 0; $i <= $totalRows; $i++) {
                if (isset($_POST['foundUser' . $i])) {
                    $foundUserFNAME = $_POST['foundUserFNAME' . $i];
                    $foundUserLNAME = $_POST['foundUserLNAME' . $i];
                    $foundUserName = $_POST['foundUserName' . $i];
                    $foundUserID = $_POST['foundUserID' . $i];
                    if (isset($_POST['isReserve' . $i])) {
                        $foundUserIsReserve = true;
                    } else {
                        $foundUserIsReserve = false;
                    }
                    break;
                }
                //end if
            }
            //end for
        }
        if (empty($foundUserID) && $num_deputies == 0) {
            if ($_SERVER['REMOTE_ADDR'] != nslookup('WSRF14900.mahoningcountyoh.gov')) {
                //'10.1.32.72'
                $foundUserID = $_SESSION['userIDnum'];
                $foundUserIsReserve = false;
            }
        }
        if (!empty($foundUserID)) {
            if ($foundUserIsReserve) {
                $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $foundUserID;
                $result = $mysqliReserve->query($myq);
                SQLerrorCatch($mysqliReserve, $result);
            } else {
                $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $foundUserID;
                $result = $mysqli->query($myq);
                SQLerrorCatch($mysqli, $result);
            }
            $row = $result->fetch_assoc();
            if ($deputyCount == 0) {
                $phone = $row['CELLPH'];
            }
            echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $foundUserID . '" />';
            if ($foundUserIsReserve) {
                echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />';
            }
            echo $row['LNAME'] . ', ' . $row['FNAME'];
            echo ';  Radio#: <input type="hidden" name="radioNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />' . $row['RADIO'];
            echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />';
            echo '<br/>';
            $deputyCount++;
        }
        echo 'Add Deputy: ';
        displayUserLookup($config);
        echo '<br />';
        echo '<input type="hidden" name="num_deputies" value="' . $deputyCount . '" />';
        $gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
        echo '<input type="hidden" name="gpID" value="' . $gpID . '" />';
        echo 'Site Name or Address: <input type="text" name="address" value="' . $address . '" /><br/>
            City/Twp: <input type="text" name="city" value="' . $city . '" /><br/>
            Contact#: <input type="text" name="phone" value="' . $phone . '" /><br/>
            Shift Start Time: ';
        showTimeSelector("shiftStart", $shiftStart1, $shiftStart2, false);
        echo ' <br/>
            Shift End Time: ';
        showTimeSelector("shiftEnd", $shiftEnd1, $shiftEnd2, false);
        echo '<br/>
            Dress: <select name="dress">
                <option value=""></option>
                <option value="U"';
        if ($dress == 'U') {
            echo ' selected ';
        }
        echo '>Uniform</option>
                <option value="PC"';
        if ($dress == 'PC') {
            echo ' selected ';
        }
        echo '>Plain Clothes</option>
            </select><br/><br />
            <input type="hidden" name="addBtn" value="true" />
            <input type="submit" name="addSecLog" value="Add" />
            <input type="submit" name="goBtn" value="Cancel" />';
    }
}
function displayLeaveForm($config)
{
    $mysqli = $config->mysqli;
    //check if we're coming from an edit button on the submitted report
    $totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : false;
    $updatingRequest = isset($_POST['formName']) ? $_POST['formName'] : false;
    $updatingRequest = isset($_POST['duplicateBtn']) ? "duplicateRequest" : $updatingRequest;
    $findBtn = isset($_POST['findBtn']) ? true : false;
    $requestAccepted = false;
    //echo "updatingRequest = $updatingRequest"; //DEBUG
    if ($totalRows && $updatingRequest && !$findBtn) {
        for ($i = 0; $i < $totalRows; $i++) {
            if (isset($_POST['editBtn' . $i])) {
                $referNum = $_POST['requestID' . $i];
            }
        }
        if (!empty($referNum)) {
            $myq = 'SELECT REQUEST.IDNUM, TIMETYPEID, BEGTIME, ENDTIME, NOTE, CALLOFF, USEDATE, SUBTYPE,
                LNAME, FNAME
                FROM REQUEST, EMPLOYEE
                WHERE EMPLOYEE.IDNUM=REQUEST.IDNUM
                AND REFER=' . $config->mysqli->real_escape_string($referNum);
            $result = $mysqli->query($myq);
            SQLerrorCatch($mysqli, $result);
            $row = $result->fetch_assoc();
            //set posts to pre-fill form from record we want to edit
            $_POST['referNum'] = $referNum;
            $_POST['type'] = $row['TIMETYPEID'];
            $_POST['ID'] = $row['IDNUM'];
            $_POST['beg1'] = substr($row['BEGTIME'], 0, 2);
            $_POST['beg2'] = substr($row['BEGTIME'], 3, 2);
            $_POST['end1'] = substr($row['ENDTIME'], 0, 2);
            $_POST['end2'] = substr($row['ENDTIME'], 3, 2);
            $_POST['comment'] = $row['NOTE'];
            $_POST['calloff'] = $row['CALLOFF'];
            $_POST['usedate'] = $row['USEDATE'];
            $_POST['subtype'] = $row['SUBTYPE'];
            $foundUserFNAME = $row['FNAME'];
            $foundUserLNAME = $row['LNAME'];
            $foundUserID = $row['IDNUM'];
            //var_dump($_POST);
        }
    }
    //Get all passed variables
    $postID = isset($_POST['ID']) ? $_POST['ID'] : $_SESSION['userIDnum'];
    $postThruDate = isset($_POST['thrudate']) ? $_POST['thrudate'] : false;
    $shiftLength = isset($_POST['shift']) ? $_POST['shift'] : '';
    $postBeg1 = isset($_POST['beg1']) ? $_POST['beg1'] : null;
    $postBeg2 = isset($_POST['beg2']) ? $_POST['beg2'] : null;
    if (!empty($postBeg1) && !empty($postBeg2)) {
        $postBegin = $postBeg1 . $postBeg2;
    } else {
        $postBegin = false;
    }
    $postEnd1 = isset($_POST['end1']) ? $_POST['end1'] : null;
    $postEnd2 = isset($_POST['end2']) ? $_POST['end2'] : null;
    if (!empty($postEnd1) && !empty($postEnd2)) {
        $postEnding = $postEnd1 . $postEnd2;
    } else {
        $postEnding = false;
    }
    if (!isset($_POST['shift'])) {
        if ($postBegin == $postEnding) {
            $postBegin = false;
            $postEnding = false;
        }
    }
    $type = isset($_POST['type']) ? $mysqli->real_escape_string($_POST['type']) : false;
    $comment = isset($_POST['comment']) ? $mysqli->real_escape_string($_POST['comment']) : false;
    $calloff = isset($_POST['calloff']) ? $_POST['calloff'] : 'NO';
    $auditid = $_SESSION['userIDnum'];
    $postUseDate = isset($_POST['usedate']) ? $_POST['usedate'] : false;
    if (!$postUseDate) {
        $isDateUse = false;
    } else {
        $isDateUse = true;
    }
    $subtype = isset($_POST['subtype']) ? $mysqli->real_escape_string($_POST['subtype']) : 'NONE';
    //Submit Button Pressed.  Add record to the database
    if (isset($_POST['submit']) || isset($_POST['update'])) {
        $ID = $mysqli->real_escape_string(strtoupper($postID));
        $usedate = new DateTime($mysqli->real_escape_string($postUseDate));
        if (!$postThruDate) {
            $daysOff = 0;
        } else {
            $thrudate = new DateTime($mysqli->real_escape_string($postThruDate));
            $daysOffInterval = $usedate->diff($thrudate);
            //number days in given range
            $daysOff = $daysOffInterval->format("%d");
        }
        $beg = new DateTime($mysqli->real_escape_string($postBegin));
        //setting end to beginning so I can add a shift to it if need be
        $end = new DateTime($mysqli->real_escape_string($postBegin));
        if (empty($shiftLength)) {
            //not using a shift length so take the entered time
            $end = new DateTime($mysqli->real_escape_string($postEnding));
        } else {
            //add a shift to the start time
            $end->add(new DateInterval('PT' . $shiftLength . 'H'));
        }
        if ($end < $beg) {
            //add a day to $end if the times crossed midnight
            $end = $end->add(new DateInterval("P1D"));
        }
        //interval calculation in hours
        $endSec = strtotime($end->format("Y-m-d H:i:s"));
        $begSec = strtotime($beg->format("Y-m-d H:i:s"));
        $hours = ($endSec - $begSec) / 3600;
        //SQL TIME format
        $beg = $beg->format("H:i:s");
        $end = $end->format("H:i:s");
        if ($isDateUse) {
            if (!empty($postEnding) || !empty($postBegin)) {
                //query to insert the record. loops until number of days is reached
                if (!isset($_POST['update'])) {
                    $confirmBtn = isset($_POST['confirmBtn']) ? true : false;
                    $noBtn = isset($_POST['noBtn']) ? true : false;
                    for ($i = 0; $i <= $daysOff; $i++) {
                        //Check if useDate is already submitted
                        $myq = "SELECT `REFER` , `IDNUM`, `TIMETYPEID` , `USEDATE` , `ENDTIME` , `BEGTIME` , `SUBTYPE`\r\n                        FROM `REQUEST`\r\n                        WHERE `TIMETYPEID` LIKE '" . $type . "'\r\n                        AND `IDNUM` = '" . $ID . "'\r\n                        AND `USEDATE` = '" . $usedate->format('Y-m-d') . "'";
                        $result = $mysqli->query($myq);
                        SQLerrorCatch($mysqli, $result);
                        if ($result->num_rows > 0 && !$confirmBtn && !$noBtn) {
                            $refNums = "";
                            while ($row = $result->fetch_assoc()) {
                                $refNums .= $row['REFER'] . ', ';
                            }
                            popUpMessage('<div align="center"><form method="POST" action="' . $_SERVER['REQUEST_URI'] . '">                    
                            You already submitted for this type of request on ' . $usedate->format('Y-m-d') . '<br/>
                            Please see Reference Numbers: <br/>' . $refNums . '<br/><br/><h4>Are you sure you want to submit another?</h4>
                                <input type="submit" name="confirmBtn" value="Yes" /> <input type="submit" name="noBtn" value="No" />
                                <input type="hidden" name="type" value="' . $type . '" />
                                <input type="hidden" name="subtype" value="' . $subtype . '" />
                                <input type="hidden" name="shift" value="' . $shiftLength . '" />
                                <input type="hidden" name="ID" value="' . $ID . '" />
                                <input type="hidden" name="usedate" value="' . $postUseDate . '" />
                                <input type="hidden" name="thrudate" value="' . $postThruDate . '" />
                                <input type="hidden" name="beg1" value="' . $postBeg1 . '" />
                                <input type="hidden" name="beg2" value="' . $postBeg2 . '" />
                                <input type="hidden" name="end1" value="' . $postEnd1 . '" />
                                <input type="hidden" name="end2" value="' . $postEnd2 . '" />
                                <input type="hidden" name="comment" value="' . $comment . '" />
                                <input type="hidden" name="calloff" value="' . $calloff . '" />
                                <input type="hidden" name="submit" value="true" />
                                </form></div>');
                        } else {
                            if ($noBtn) {
                                echo 'Canceled Submitting Request.';
                            } else {
                                if (($type == 'OT' || $type == 'AG') && strtotime($usedate->format('Y-m-d')) > strtotime(date('Y-m-d'))) {
                                    echo '<font color="red">Can not submit for Overtime or Comp Time Gain unless it is on or after the date of use</font>';
                                } else {
                                    $myq = "INSERT INTO REQUEST (IDNUM, USEDATE, BEGTIME, ENDTIME, \r\n                            HOURS, TIMETYPEID, SUBTYPE, NOTE, STATUS, REQDATE, \r\n                            AUDITID, IP, CALLOFF)\r\n                                VALUES ('{$ID}', '" . $usedate->format('Y-m-d') . "', '{$beg}', '{$end}', '{$hours}', '{$type}', '{$subtype}', \r\n                                        '{$comment}', 'PENDING', NOW(),'{$auditid}',INET_ATON('{$_SERVER['REMOTE_ADDR']}'), '{$calloff}')";
                                    //echo $myq; //DEBUG
                                    $usedate->modify("+1 day");
                                    //add one more day for the next iteration if multiple days off
                                    $result = $mysqli->query($myq);
                                    //show SQL error msg if query failed
                                    if (SQLerrorCatch($mysqli, $result)) {
                                        echo 'Request not accepted.';
                                    } else {
                                        $refInsert = $mysqli->insert_id;
                                        addLog($config, 'New Time Request Submitted with Ref# ' . $refInsert);
                                        echo '<h3>Request accepted. The reference number for this request is <b>' . $refInsert . '</b>.</h3>';
                                        $requestAccepted = true;
                                    }
                                }
                            }
                        }
                        //end validation check
                    }
                    //end for loop
                }
            } else {
                echo '<font color="red" >Must provide a valid Start and End time!</font><br /><br />';
            }
        } else {
            echo '<font color="red" >Must provide a valid Date!</font><br /><br />';
        }
        //update an existing record instead of inserting a new one
        if (isset($_POST['update'])) {
            $myq = "UPDATE REQUEST SET USEDATE='" . $config->mysqli->real_escape_string($usedate->format('Y-m-d')) . "', \r\n                BEGTIME='" . $config->mysqli->real_escape_string($beg) . "', \r\n                ENDTIME='" . $config->mysqli->real_escape_string($end) . "', \r\n                HOURS='" . $config->mysqli->real_escape_string($hours) . "', \r\n                TIMETYPEID='" . $config->mysqli->real_escape_string($type) . "', \r\n                SUBTYPE='" . $config->mysqli->real_escape_string($subtype) . "', \r\n                NOTE='" . $config->mysqli->real_escape_string($comment) . "', \r\n                AUDITID='" . $config->mysqli->real_escape_string($auditid) . "', \r\n                IP=INET_ATON('" . $config->mysqli->real_escape_string($_SERVER['REMOTE_ADDR']) . "'), \r\n                CALLOFF='" . $config->mysqli->real_escape_string($calloff) . "'\r\n                WHERE REFER=" . $config->mysqli->real_escape_string($_POST['referNum']);
            //echo $myq; //DEBUG
            $result = $mysqli->query($myq);
            //show SQL error msg if query failed
            if (SQLerrorCatch($mysqli, $result)) {
                echo 'Error: Request not updated.';
            } else {
                addLog($config, 'Updated Time Request with Ref# ' . $_POST['referNum']);
                echo '<h3>Request updated successfully.</h3>';
            }
        }
        //end of "is update button pressed?"
    }
    //end of 'is submit or update pressed?'
    if (!isset($_POST['searchBtn'])) {
        ?>
    <h2>Employee Request</h2>
    <?php 
    } else {
        echo '<h3>Lookup User</h3>';
    }
    ?>
      
 <form name="leave" id="leave" method="post" action="<?php 
    echo $_SERVER['REQUEST_URI'];
    ?>
">
      <input type='hidden' name='formName' value='leave' />
     <?php 
    if (isset($_POST['referNum'])) {
        echo 'Reference Request #' . $_POST['referNum'] . '<input type="hidden" name="referNum" value="' . $_POST['referNum'] . '" />';
    }
    $type = isset($_POST['type']) ? $_POST['type'] : '';
    $myq = "SELECT DESCR FROM TIMETYPE WHERE TIMETYPEID='" . $config->mysqli->real_escape_string($type) . "'";
    $result = $mysqli->query($myq);
    SQLerrorCatch($mysqli, $result);
    $typeDescr = $result->fetch_assoc();
    if (!empty($type)) {
        //$_POST['type'] is set
        //hidden field with type set
        echo "<input type='hidden' name='type' value='" . $type . "'>";
        //Lookup Users button pressed
        if (isset($_POST['searchBtn']) || isset($_POST['findBtn'])) {
            //Save any inputed values
            echo '<input type="hidden" name="subtype" value="' . $subtype . '" />';
            echo '<input type="hidden" name="ID" value="' . $postID . '" />';
            echo '<input type="hidden" name="usedate" value="' . $postUseDate . '" />';
            echo '<input type="hidden" name="thrudate" value="' . $postThruDate . '" />';
            echo '<input type="hidden" name="beg1" value="' . $postBeg1 . '" />';
            echo '<input type="hidden" name="beg2" value="' . $postBeg2 . '" />';
            echo '<input type="hidden" name="end1" value="' . $postEnd1 . '" />';
            echo '<input type="hidden" name="end2" value="' . $postEnd2 . '" />';
            echo '<input type="hidden" name="comment" value="' . $comment . '" />';
            echo '<input type="hidden" name="calloff" value="' . $calloff . '" />';
            //Get additional search inputs
            $searchUser = isset($_POST['searchUser']) ? $_POST['searchUser'] : '';
            $isFullTime = isset($_POST['fullTime']) ? true : false;
            $isReserve = isset($_POST['reserve']) ? true : false;
            echo '<input type="checkbox" name="fullTime" ';
            if ($isFullTime) {
                echo 'CHECKED';
            }
            echo ' />Full Time Employee&nbsp;&nbsp;  ';
            echo '<input type="checkbox" name="reserve" ';
            if ($isReserve) {
                echo 'CHECKED';
            }
            echo ' />Reserves<br />';
            echo '<input type="text" name="searchUser" value="' . $searchUser . '" /><input type="submit" name="findBtn" value="Search" /><br /><br />';
            if (isset($_POST['findBtn'])) {
                $rowCount = 0;
                if (!empty($searchUser) && $isFullTime) {
                    $rowCount = selectUserSearch($config, $searchUser, $rowCount, true);
                }
                if ($isReserve) {
                    $rowCount2 = searchReserves($config, $searchUser, $rowCount);
                } else {
                    $rowCount2 = $rowCount;
                }
                $rowCount3 = searchDatabase($config, $searchUser, $rowCount2);
                $totalRowsFound = $rowCount + $rowCount2 + $rowCount3;
                echo '<input type="hidden" name="totalRows" value="' . $totalRowsFound . '" />';
            }
            //end lookup button pressed
        } else {
            $foundUserFNAME = isset($foundUserFNAME) ? $foundUserFNAME : '';
            $foundUserLNAME = isset($foundUserLNAME) ? $foundUserLNAME : '';
            $foundUserName = isset($foundUserName) ? $foundUserName : '';
            $foundUserID = isset($foundUserID) ? $foundUserID : '';
            $totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : '';
            if ($totalRows > 0) {
                //get post info providied from search results
                for ($i = 0; $i <= $totalRows; $i++) {
                    if (isset($_POST['foundUser' . $i])) {
                        $foundUserFNAME = $_POST['foundUserFNAME' . $i];
                        $foundUserLNAME = $_POST['foundUserLNAME' . $i];
                        $foundUserName = $_POST['foundUserName' . $i];
                        $foundUserID = $_POST['foundUserID' . $i];
                        if (isset($_POST['isReserve' . $i])) {
                            echo '<input type="hidden" name="isReserve" value="true" />';
                        }
                        break;
                    }
                    //end if
                }
                //end for
            }
            //echo "<p><h3>Type of Request: </h3>" . $typeDescr['DESCR'] . "</p>";
            echo "<p><h3>Type of Request: </h3>";
            selectTimeType($config, "type", $type);
            echo "</p>";
            //subtype choice
            echo "Subtype: ";
            $myq = "SELECT NAME FROM SUBTYPE";
            $result = $mysqli->query($myq);
            SQLerrorCatch($mysqli, $result);
            ?>
  <select name="subtype"> <?php 
            while ($row = $result->fetch_assoc()) {
                if (strcmp($row['NAME'], $subtype) == 0) {
                    echo '<option value="' . $row["NAME"] . '" SELECTED >' . $row["NAME"] . '</option>';
                } else {
                    echo '<option value="' . $row["NAME"] . '">' . $row["NAME"] . '</option>';
                }
            }
            echo "</select> </br>";
            if ($_SESSION['admin'] < 25) {
                //if normal user, allow only their own user name
                echo "<p>User ID: " . $_SESSION['userName'] . "<input type='hidden' name='ID' value='" . $_SESSION['userIDnum'] . "'></p>";
            } else {
                //allow any user to be picked for a calloff entry
                $isCallOff = "";
                if (isset($_POST['calloff'])) {
                    echo '<input type="checkbox" id="calloff" name="calloff" value="YES" CHECKED />';
                } else {
                    echo '<input type="checkbox" id="calloff" name="calloff" value="YES" />';
                }
                //echo 'onclick=\'addLookupButton("leave");\'';
                echo 'Call Off (ie. REPORT OFF)<br/>';
                echo "Employee: ";
                //user ID passed from search
                if ($totalRows > 0) {
                    echo '<input type="hidden" name="ID" value="' . $foundUserID . '" />' . $foundUserLNAME . ', ' . $foundUserFNAME;
                } else {
                    //dropDownMenu($mysqli, 'FULLNAME', 'EMPLOYEE', $postID, 'ID');
                    $myq = "SELECT `IDNUM` , `LNAME` , `FNAME` \r\n                            FROM `EMPLOYEE`\r\n                            WHERE `IDNUM` = " . $config->mysqli->real_escape_string($postID);
                    $result = $mysqli->query($myq);
                    SQLerrorCatch($mysqli, $result);
                    $row = $result->fetch_assoc();
                    echo $row['LNAME'] . ', ' . $row['FNAME'] . "<input type='hidden' name='ID' value='" . $postID . "'>";
                }
                echo ' <input type="submit" name="searchBtn" value="Lookup Employee" />';
                ?>
                    <script language="JavaScript" type="text/javascript">   
                    function addLookupButton(formName) {
//                        var _form = document.getElementById(formName);
//                        var _calloff = document.getElementById('calloff');
//                        if(_calloff.checked){
//                            if(document.getElementById('jsearchBtn')){}
//                            else{
//                                var _search = document.createElement('input');
//                                _search.type = "submit";
//                                _search.name = "searchBtn";
//                                _search.value = "Lookup Employee";
//                                _search.id = "jsearchBtn";
//                                _search.onclick = function(){_form.submit()};
//                                //_form.appendChild(_search);
//                                _form.insertBefore(_search, _calloff);
//                            }   
//                        }
//                        else{
//                            if(document.getElementById('jsearchBtn')){
//                                var _oldSearch = document.getElementById('jsearchBtn');
//                                _form.removeChild(_oldSearch);
//                            }
//                        }
                    }
                    </script>
                    <?php 
            }
            ?>
                <p>Date of use/accumulation: <?php 
            displayDateSelect('usedate', 'date_1', $postUseDate, true, !$isDateUse);
            ?>
                    Through date (optional): <?php 
            displayDateSelect('thrudate', 'date_2');
            ?>
</p>
                <p>Start time: <?php 
            showTimeSelector("beg", $postBeg1, $postBeg2);
            ?>
                <?php 
            if ($type == 'PR') {
                echo "<input type='radio' name='shift' value='8'>8 hour shift";
                echo "<input type='radio' name='shift' value='12'>12 hour shift";
                echo "</br>(Personal time must be used for an entire shift.)";
            } else {
                ?>
 End time: <?php 
                showTimeSelector("end", $postEnd1, $postEnd2);
                ?>
</p> <?php 
            }
            ?>
 


                </br>
                <p>Comment: <textarea rows="3" cols="40" name="comment" ><?php 
            echo $comment;
            ?>
</textarea></p>
                <?php 
            //popUpMessage($updatingRequest);
            if ($updatingRequest === 'submittedRequests' || $requestAccepted) {
                echo '<p><input type="hidden" name="formName" value="submittedRequests" />
                        <input type="submit" name="update" value="Update Request">
                        <input type="submit" name="duplicateBtn" value="Duplicate Request" />
                        <INPUT TYPE="button" value="Back to My Requests" onClick="parent.location=\'wts_index.php?myReq=true\'"></p>';
            } else {
                if (strpos($updatingRequest, 'hrEmpRep=true')) {
                    echo '<p><input type="hidden" name="formName" value="submittedRequests" />
                        <input type="submit" name="update" value="Update Request">
                        <input type="submit" name="duplicateBtn" value="Duplicate Request" />
                        <INPUT TYPE="button" value="Back to Approvals" onClick="parent.location=\'' . $updatingRequest . '\'"></p>';
                } else {
                    echo '<p><input type="submit" name="submit" value="Submit for Approval"></p>';
                }
            }
            ?>

        </form> 


        <?php 
        }
    } else {
        //intitial choice of type
        echo "<p><h3>Type of Request: </h3>";
        dropDownMenu($mysqli, 'DESCR', 'TIMETYPE', FALSE, 'type');
        echo "</p>";
    }
}
Ejemplo n.º 3
0
 public function showMainRequestForm()
 {
     //Show all available remaining options
     $this->config->showPrinterFriendly = true;
     echo '<h2>Complete additional fields</h2>';
     echo 'Starting Date: ';
     displayDateSelect('useDate', 'date_1', $this->useDate, true, true);
     if (!$this->isEditing) {
         echo ' Through date (optional): ';
         displayDateSelect('endDate', 'date_2', $this->endDate);
     } else {
         echo '<input type="hidden" name="endDate" value="" />';
     }
     echo '<br/><br/>';
     echo 'Start time: ';
     showTimeSelector("begTime", $this->begTime1, $this->begTime2);
     if ($this->subTypeInfo['LIMIT_8_12'] == '1' || $this->typeID == '2') {
         //Limit is enabled or Type is Personal
         if (!empty($this->shiftHours)) {
             if ($this->shiftHourRadio == "8" || $this->shiftHours == "8") {
                 echo " How long is your shift? <input type='radio' name='shiftHour' value='8' CHECKED>8 Hours";
                 echo "<input type='radio' name='shiftHour' value='12'>12 Hours<br/>";
             } elseif ($this->shiftHourRadio == "12" || $this->shiftHours == "12") {
                 echo " How long is your shift? <input type='radio' name='shiftHour' value='8'>8 Hours";
                 echo "<input type='radio' name='shiftHour' value='12' CHECKED>12 Hours<br/>";
             } else {
                 echo " How long is your shift? <input type='radio' name='shiftHour' value='8'>8 Hours";
                 echo "<input type='radio' name='shiftHour' value='12'>12 Hours";
                 echo ' <font color="red">Error in shift selection! </font><br/>';
             }
         } else {
             echo " How long is your shift? <input type='radio' name='shiftHour' value='8'>8 Hours";
             echo "<input type='radio' name='shiftHour' value='12'>12 Hours<br/>";
         }
     } else {
         echo ' End time: ';
         showTimeSelector("endTime", $this->endTime1, $this->endTime2);
     }
     if (!empty($this->shiftHours)) {
         echo ' Total Hours: ' . $this->shiftHours;
     }
     echo '<br/><br/>';
     echo 'Comment: <textarea rows="3" cols="40" name="empComment" >' . $this->empComment . '</textarea>';
     echo '<br/><br/>';
     if (!empty($this->submitDate)) {
         echo '<font color="darkred">Submitted on ' . $this->submitDate . ' by ' . $this->auditName . '</font>';
         echo '<br/><br/>';
     }
     if (!$this->isEditing) {
         echo '<input type="submit" name="submitBtn" value="Submit for Approval">';
     } else {
         if ($this->status != "APPROVED") {
             echo '<input type="hidden" name="reqID" value="' . $this->reqID . '" />';
             echo '<input type="submit" name="updateReqBtn" value="Update Request ' . $this->reqID . '">';
         }
         echo '<input type="submit" name="duplicateReqBtn" value="Duplicate Request" />';
     }
 }