break;
} elseif (isset($_POST['sqlState']) && isset($_POST['capturemode']) && $_GET['capturemode'] == 'updatemode') {
$extObject = $extractor->reloadData($_POST);
$view_controller->reDirect($_GET, $extObject);
break;
} else {
$view_controller->reDirect($_GET);
break;
}
// end of admin module
break;
case 'hr':
$view_controller = new EmpViewController();
if (isset($_POST['delState']) && $_POST['delState'] == 'DeleteMode' && $locRights['delete']) {
$arrList[0] = $_POST['chkLocID'];
$view_controller->delParser(trim($_GET['reqcode']), $arrList);
}
if (isset($_GET['VIEW']) && $_GET['VIEW'] == 'MAIN' && $locRights['view']) {
if ($_SESSION['isAdmin'] == 'No' && !$_SESSION['isSupervisor']) {
die('You are not authorized to view this page');
}
$view_controller->viewList($_GET, $_POST);
break;
}
$authorize = new authorize($_SESSION['empID'], $_SESSION['isAdmin']);
$supervisor = false;
/* Set permission to the employee information view for non admins */
if (isset($_GET['reqcode']) && $_GET['reqcode'] === "EMP" && !$authorize->isAdmin()) {
/* Supervisors can only access their subordinates */
if ($authorize->isSupervisor()) {
/* Don't allow if trying to view own details or trying to view details of non-subordinate
