Ejemplo n.º 1
0
 function genSetNewBatch()
 {
     $this->db = Staple_DB::get();
     $user = new userModel();
     $userId = $user->getId();
     $oldKey = $user->getBatchId();
     $key = sha1(time() . $user->getUsername() . rand(999, 9999999999.0));
     //Check if key exists
     $sql = "SELECT id FROM accounts WHERE batchId = '" . $this->db->real_escape_string($key) . "'";
     if ($this->db->query($sql)->fetch_row() > 0) {
         //Key already in use
         return false;
     } else {
         //Set new key in user account
         $sql = "UPDATE accounts SET batchId='" . $this->db->real_escape_string($key) . "' WHERE id={$userId}";
         if ($this->db->query($sql)) {
             //Log Audit
             $audit = new auditModel();
             $audit->setAction('Timesheet Validation');
             $audit->setUserId($userId);
             $audit->setItem('Batch: ' . $oldKey);
             $audit->save();
             return true;
         } else {
             return false;
         }
     }
 }
Ejemplo n.º 2
0
 function adminSave()
 {
     if (isset($this->userId)) {
         //Check for current account.
         $currentUser = new userModel();
         if ($this->userId != $currentUser->getId()) {
             $inTime = strtotime($this->getDate() . " " . $this->getInTime());
             $outTime = strtotime($this->getDate() . " " . $this->getOutTime());
             $sql = "\n                  INSERT INTO timeEntries\n                  (userId,inTime,outTime,lessTime,codeId,note,batchId)\n                  VALUES (\n                  '" . $this->db->real_escape_string($this->userId) . "',\n                  '" . $this->db->real_escape_string($inTime) . "',\n                  '" . $this->db->real_escape_string($outTime) . "',\n                  '" . $this->db->real_escape_string($this->lessTime) . "',\n                  '" . $this->db->real_escape_string($this->codeId) . "',\n                  '" . $this->db->real_escape_string($this->note) . "',\n                  '" . $this->db->real_escape_string("ADMIN ADD") . "'\n                  )\n                ";
             if ($this->db->query($sql)) {
                 $user = new userModel();
                 $audit = new auditModel();
                 $audit->setUserId($this->userId);
                 $audit->setAction('Admin Entry Add');
                 $audit->setItem($user->getUsername() . " added entry for " . $this->getDate() . ". In Time: " . $this->inTime . "/Out Time: " . $this->outTime . "");
                 $audit->save();
                 return true;
             }
         }
     }
 }
Ejemplo n.º 3
0
 function resetPin($id)
 {
     $pin = $this->generatePin();
     $this->tempPin = $pin;
     $sql = "UPDATE accounts SET pin='" . $this->db->real_escape_string(sha1($pin)) . "' WHERE id = '" . $this->db->real_escape_string($id) . "'";
     if ($this->db->query($sql)) {
         $account = new userModel();
         $userInfo = $account->userInfo($id);
         $audit = new auditModel();
         $audit->setUserId($userInfo['id']);
         $audit->setAction('PIN Reset');
         $audit->setItem($account->getUsername() . " reset users PIN.");
         $audit->save();
         return true;
     }
 }
Ejemplo n.º 4
0
 function save()
 {
     if (isset($this->accountId) && isset($this->payPeriodYear) && isset($this->payPeriodMonth)) {
         //Get current users ID.
         $user = new userModel();
         $supervisorId = $user->getId();
         $supervisorName = $user->getUsername();
         $sql = "INSERT INTO timesheetReview (accountId, payPeriodMonth, payPeriodYear, supervisorId) VALUES ('" . $this->db->real_escape_string($this->accountId) . "','" . $this->db->real_escape_string($this->payPeriodMonth) . "','" . $this->db->real_escape_string($this->payPeriodYear) . "','" . $this->db->real_escape_string($supervisorId) . "')";
         if ($this->db->query($sql)) {
             $employeeUser = new userModel();
             $details = $employeeUser->userInfo($this->accountId);
             $month = $this->payPeriodMonth;
             $dateObj = DateTime::createFromFormat('!m', $month);
             $monthName = $dateObj->format('F');
             $audit = new auditModel();
             $audit->setUserId($this->accountId);
             $audit->setAction('Timesheet Review');
             $audit->setItem($supervisorName . " reviewed " . $details['username'] . " timesheet for " . $monthName . " " . $this->payPeriodYear);
             $audit->save();
             return true;
         }
     }
 }
Ejemplo n.º 5
0
 function loadExpired()
 {
     $user = new userModel();
     $uid = $user->getId();
     $sql = "SELECT * FROM privateMessages WHERE sentId = '" . $this->db->real_escape_string($uid) . "' AND expireDate <= CURRENT_TIMESTAMP ORDER BY postDate DESC";
     $query = $this->db->query($sql);
     $data = array();
     while ($row = $query->fetch_assoc()) {
         $message = array();
         $message['id'] = $row['id'];
         $message['message'] = $row['message'];
         $message['expireDate'] = $row['expireDate'];
         $message['postDate'] = $row['postDate'];
         $user = new userModel();
         $message['sendId'] = $user->getUsername();
         $sentTo = $user->userInfo($row['userId']);
         $message['sentTo'] = $sentTo['firstName'] . " " . $sentTo['lastName'];
         $message['reviewDate'] = $row['reviewDate'];
         $message['reviewed'] = $row['reviewed'];
         $data[] = $message;
     }
     return $data;
 }