<?php /* * Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de> * * Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA * Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen * http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode */ require_once __DIR__ . '/../../includes/auth.inc'; require_once __DIR__ . '/../../includes/functions.inc'; require_once __DIR__ . '/../../includes/functions.inc'; $tze = new tze(); $oDatenbank = $tze->mysql(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $action = filter_input(INPUT_POST, 'action'); $mode = filter_input(INPUT_POST, 'mode'); $id = filter_input(INPUT_POST, 'id', FILTER_VALIDATE_INT); if ($mode == "admin") { # # Admin Status Prüfen # if (!$_SESSION['iAdmin'] == 1) { exit_error('unzureichende Rechte!'); } else { // ziehe Projekte Liste if ($action == 'projekt-list') { $strQuery = "SELECT id, Projekt FROM `projekte` WHERE id > 0 AND deleted != 1"; $request = $oDatenbank->query($strQuery); $rows = array(); while ($row = $request->fetch_assoc()) {
# Auf HTTPS umleiten und beenden $redirect = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; header("Location: {$redirect}"); exit; } if ($_SERVER['REQUEST_METHOD'] == 'POST' && filter_input(INPUT_POST, 'action') === "login") { require_once __DIR__ . '/../includes/mysql.inc'; require_once __DIR__ . '/../includes/passwordLib.inc'; $regexPattern = array("options" => array("regexp" => "/^[a-zA-Z0-9]+\$/")); $sLogin = filter_input(INPUT_POST, 'tze_login', FILTER_VALIDATE_REGEXP, $regexPattern); if (is_null($sLogin) || !$sLogin) { sleep(3); exit('{"Result":"ERROR","Message":"Login ungültig!"}'); } $sPassword = filter_input(INPUT_POST, 'tze_passwd'); $Datenbank = tze::mysql(); $result = $Datenbank->query("SELECT * FROM ma WHERE sLogin = '******' AND `deleted` <> '1'"); if (!$result) { $sError = "Fehler mit der Datenbank!"; } else { if ($result->num_rows !== 1) { $sError = "Name oder Passwort falsch!"; } else { $row = $result->fetch_assoc(); if (!$row["bLogin_Allowed"]) { $sError = "Hinweis: Login ist gesperrt!"; } else { if (!password_verify($sPassword, $row["sPassword_hash"])) { $sError = "Name oder Passwort falsch!"; } else { session_start();
<?php /* * Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de> * * Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA-3.0 * Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen * http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode */ require_once __DIR__ . '/../../includes/auth.inc'; require_once __DIR__ . '/../../includes/functions.inc'; require_once __DIR__ . '/../../includes/PHPExcel.php'; $tze = new tze(); $oDatenbank = $tze->mysql(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (filter_input(INPUT_POST, 'mode') == "admin") { # # Admin Status Prüfen # if (!$_SESSION['iAdmin'] == 1) { exit_error('unzureichende Rechte!'); } else { // Datum einlesen $Date = filter_input(INPUT_POST, 'Date', FILTER_SANITIZE_STRIPPED); // Datum SQL passend formatieren $Date = $tze->sqlDate($Date); // Arbeitsmappe erstellen $objPHPExcel = new PHPExcel(); //Projekte einlesen $query = 'select * from projekte where deleted != 1'; $projects = $tze->get_Results($query);
<?php /* * Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de> * * Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA * Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen * http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode */ require_once __DIR__ . '/../../includes/auth.inc'; $tze = new tze(); $oDatenbank = $tze->mysql(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (filter_input(INPUT_POST, 'mode') == "admin") { # # Admin Status Prüfen # if (!$_SESSION['iAdmin'] == 1) { exit_error('unzureichende Rechte!'); } else { // Tabelle Mitarbeiter if (filter_input(INPUT_POST, 'action') == 'get-users') { $Date = filter_input(INPUT_POST, 'Date', FILTER_SANITIZE_STRIPPED); $Date = $tze->sqlDate($Date); $strQuery = 'select userId as iUserID, sVorname, sNachname, iArbeitszeit, sec_to_time(iArbeitszeit * 60 * 60) as Arbeitszeit, zeiten.AZ, zeiten.PZ, zeiten.iProjekt, zeiten.Projekt, zeiten.`Status`, zeiten.`working`, zeiten.`timestamp` from ma_view mitarbeiter left join (
<?php # # Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de> # # Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA # Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen # http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode # // Nur Fehler melden // error_reporting(E_ERROR); $strSubSiteName = 'Verwaltung'; require_once __DIR__ . '/../includes/auth.inc'; $tze = new tze(); $Datenbank = $tze->mysql(); # # Admin Status Prüfen # $result = $Datenbank->query("SELECT iAdmin FROM ma WHERE userId = '" . $_SESSION['userId'] . "'"); if ($result) { if ($result->num_rows === 1) { $row = $result->fetch_assoc(); if (!$row["iAdmin"]) { header('Location: ' . $sProject_URL . 'login.php'); exit; } } } $stylesheets[] = "/o2bo/res/jquery-ui-timepicker-addon.css"; ?> <!DOCTYPE html>
<?php # # Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de> # # Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA # Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen # http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode # require_once __DIR__ . '/../../includes/auth.inc'; require_once __DIR__ . '/../../includes/functions.inc'; require_once __DIR__ . '/../../includes/passwordLib.inc'; $tze = new tze(); function Neues_Passwort() { // Generate Custom PW $chars = "abcdefghijkmnpqrtuvwxyz"; $chars .= strtoupper($chars) . "023456789"; $len = strlen($chars); $temppw = ''; for ($i = 0; $i < 8; $i++) { $temppw .= substr($chars, rand(0, $len - 1), 1); } // the finished password return str_shuffle($temppw); } if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (filter_input(INPUT_POST, 'mode') == "admin") { # # Admin Status Prüfen #
<?php /* * Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de> * * Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA-3.0 * Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen * http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode */ require_once __DIR__ . '/../../includes/auth.inc'; require_once __DIR__ . '/../../includes/functions.inc'; $tze = new tze(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (filter_input(INPUT_POST, 'mode') == "admin") { # # Admin Status Prüfen # if (!$_SESSION['iAdmin'] == 1) { exit_error('unzureichende Rechte!'); } else { if (filter_input(INPUT_POST, 'action') == "list") { $jtSorting = filter_input(INPUT_POST, 'jtSorting', FILTER_SANITIZE_STRIPPED); if (!empty($jtSorting)) { $sort = "Order by {$jtSorting}"; } else { $sort = ''; } $rows = $tze->get_Results("select * from dispoCodes where deleted = false {$sort}"); $json_data = json_encode(["Result" => "OK", "Records" => $rows]); exit($json_data); }
<?php # # Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de> # # Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA # Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen # http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode # require_once __DIR__ . '/../../includes/auth.inc'; require_once __DIR__ . '/../../includes/functions.inc'; $tze = new tze(); $oDatenbank = $tze->mysql(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $jtSorting = filter_input(INPUT_POST, 'jtSorting', FILTER_SANITIZE_STRIPPED); if (is_null($sort)) { $jtSorting = ''; } else { $jtSorting = " order by {$jtSorting} "; } // öfter benötigte Variablen... $jtStartIndex = filter_input(INPUT_POST, 'jtStartIndex', FILTER_SANITIZE_NUMBER_INT); $jtPageSize = filter_input(INPUT_POST, 'jtPageSize', FILTER_SANITIZE_NUMBER_INT); $jtSorting = filter_input(INPUT_POST, 'jtSorting', FILTER_SANITIZE_STRIPPED); if (!empty($jtPageSize)) { $jtStartIndex = !empty($jtPageSize) ? $jtStartIndex : 0; $limit = " LIMIT {$jtStartIndex}, {$jtPageSize} "; } else { $limit = ""; } if (!empty($jtSorting)) {
<?php /* * Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de> * * Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA * Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen * http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode */ require_once __DIR__ . '/../../includes/auth.inc'; require_once __DIR__ . '/../../includes/functions.inc'; require_once __DIR__ . '/../../includes/PHPExcel.php'; $tze = new tze(); $oDatenbank = $tze->mysql(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (filter_input(INPUT_POST, 'mode') == "admin") { # # Admin Status Prüfen # if (!$_SESSION['iAdmin'] == 1) { exit_error('unzureichende Rechte!'); } else { $Date = filter_input(INPUT_POST, 'Date', FILTER_SANITIZE_STRIPPED); $Date = $tze->sqlDate($Date); $objPHPExcel = new PHPExcel(); $dispoCodesArray = $tze->get_Results("select * from dispoCodes"); foreach ($dispoCodesArray as $code) { $dispoCodes .= 'sum( if (icat = ' . $code['id'] . ', time_to_sec(Duration), 0)) / 24 / 60 / 60 as `' . $code['code'] . ". " . $code['ButtonLabel'] . '`, '; $dispoHeaders .= 'zeiten.`' . $code['code'] . ". " . $code['ButtonLabel'] . '`, '; } $dispoCodes = substr($dispoCodes, 0, -2);
<?php # # Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de> # # Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA # Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen # http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode # $strSubSiteName = 'Passwort'; require_once __DIR__ . '/../includes/auth.inc'; require_once __DIR__ . '/../includes/functions.inc'; require_once __DIR__ . '/../includes/passwordLib.inc'; $tze = new tze(); $oDB = $tze->mysql(); $sError = ""; $sIntro = ""; if ($_SESSION["bForce_Update_PW"]) { $sIntro = "<p>Das Passwort muss geändert werden!</p>\n"; } $iPasswordUserID = $_SESSION['userId']; $result = $tze->get_Results('SELECT * FROM ma WHERE userId = ?', 'i', $iPasswordUserID); if ($result) { if (count($result) == 1) { $sUserName = $result[0]["sLogin"] . " (" . $result[0]['sVorname'] . " " . $result[0]['sNachname'] . ")"; $sOldPassword_hash = $result[0]["sPassword_hash"]; } else { $sUserName = "******"font-size: smaller; color: #800000;\">User nicht gefunden!</span>\n"; } } if ($_SERVER['REQUEST_METHOD'] == 'POST') {
<?php # # Copyright (c) 2015, Johannes Boost <jjjb at usw-tools.de> # # Lizenziert unter: Creative Commons Lizenzvertrag - CC-BY-NC-SA # Namensnennung - Nicht-kommerziell - Weitergabe unter gleichen Bedingungen # http://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode # require_once __DIR__ . '/../../includes/auth.inc'; require_once __DIR__ . '/../../includes/functions.inc'; $tze = new tze(); $Datenbank = $tze->mysql(); # iUserID auf Session-Wert einstellen $iUserID = $_SESSION['userId']; $strTime = date('Y-m-d H:i:s'); $strDate = date('Y-m-d'); $iLastProj = null; $iLastCat = null; # letzen, nicht beendeten Tag abrufen $QueryLastDay = 'SELECT id, iProjekt, iCat, MAX(Time_Start), Date FROM `ze_full` WHERE iUserID = ' . $_SESSION['userId'] . ' and Time_End = "0000-00-00 00:00:00"'; $result = $Datenbank->query($QueryLastDay); if ($result) { $row = $result->fetch_assoc(); if ($row['id'] > 0) { $strDate = $row['Date']; $strID = $row['id']; $iLastProj = $row['iProjekt']; $iLastCat = $row['iCat']; } }