<?php
include 'functions.php';
if (!empty($_POST)) {
if (!empty($_POST['submit'])) {
$submit = $_POST['submit'];
if ($submit == 'add') {
if (!empty($_POST['departmentName']) && !empty($_POST['selectedUniversity']) && !empty($_POST['secretaryUsername']) && !empty($_POST['secretaryUsername'])) {
$departmentName = $_POST['departmentName'];
$selectedUniversity = $_POST['selectedUniversity'];
$secretaryUsername = $_POST['secretaryUsername'];
$secretaryPassword = $_POST['secretaryPassword'];
addDepartment($selectedUniversity, $departmentName);
$departmentId = mysqli_insert_id($GLOBALS['dbLink']);
$isExecutedSuccessful = addSecretary($secretaryUsername, $secretaryPassword, $departmentId);
}
} else {
if ($submit == 'rename') {
if (!empty($_POST['selectedUniversity']) && !empty($_POST['selectedDepartment']) && !empty($_POST['departmentName'])) {
$selectedUniversity = $_POST['selectedUniversity'];
$selectedDepartment = $_POST['selectedDepartment'];
$departmentName = $_POST['departmentName'];
$isExecutedSuccessful = renameDepartment($selectedUniversity, $selectedDepartment, $departmentName);
}
} else {
if ($submit == 'change') {
if (!empty($_POST['selectedDepartmentId']) && !empty($_POST['selectedSecretaryId'])) {
$selectedDepartmentId = $_POST['selectedDepartmentId'];
$secretaryId = $_POST['selectedSecretaryId'];
if (!empty($_POST['secretaryUsername'])) {
$username = $_POST['secretaryUsername'];
$app->redirect($app->urlFor('editUser', array('user' => $userID)));
} else {
$app->redirect($app->urlFor('userList', array('active' => 'active')));
}
});
$app->get('/admin/departments', function () use($app) {
$app->redirect($app->urlFor('departmentsList'));
});
$app->get('/admin/departments/list', function () use($app) {
$app->render('html/departments.html', array('departments' => getDepartments($app->db)));
})->name('departmentsList');
$app->get('/admin/departments/add', function () use($app) {
$app->render('html/adddepartment.html');
});
$app->post('/admin/departments/add', function () use($app) {
$result = addDepartment($app->db, $app->request->post('name'));
if ($app->request->post('ajax') === 'true') {
if (is_numeric($result)) {
$app->halt(200, $result);
} else {
$app->halt(409, $result);
}
} else {
if (is_numeric($result)) {
$app->redirect($app->urlFor('departmentsList'));
} else {
$app->flash('error', $result);
$app->redirect($app->urlFor('departmentAdd'));
}
}
})->name('departmentAdd');
}
}
function addDepartment($dDB, $dept_name, $dept_desc)
{
$re = $dDB->addDepartment($dept_name, $dept_desc);
if ($re) {
$html = "";
$html = $html . '<tr><td>' . $dept_name . '</td><td colspan="2">' . $dept_desc . '</td></tr>';
echo $html;
}
}
require_once '../DB/initDB.php';
require_once '../DB/leaveDB.php';
require_once '../DB/userDB.php';
require_once '../DB/departmentDB.php';
require_once '../checkid.php';
$lDB = new leaveDB();
$uDB = new userDB();
$dDB = new departmentDB();
$param = mysql_escape_string(trim($_POST['param']));
if ($param == approveRequest) {
$uid = mysql_escape_string(trim($_POST['uid']));
approveRequest($uDB, $uid);
} elseif ($param == rejectRequest) {
$uid = mysql_escape_string(trim($_POST['uid']));
rejectRequest($uDB, $uid);
} elseif ($param == addDepartment) {
$dept_name = mysql_escape_string(trim($_POST['dept_name']));
$dept_desc = mysql_escape_string(trim($_POST['dept_desc']));
addDepartment($dDB, $dept_desc, $dept_name);
}
}
if ($_POST["jobGroup"] != "") {
$group = $_POST["jobGroup"];
} else {
$group = $_POST["dep_id"];
}
addJob($_POST["job_name"], $_POST["start_time"], $_POST["end_time"], $start_time2, $end_time2, $_POST["job_hours"], $group);
}
//delete job
if ($_POST["procedure"] == "Delete") {
deleteJob($_POST["jobid"]);
}
//############## Department Functions ################
//add category
if ($_POST["procedure"] == "ADD_DEPARTMENT") {
addDepartment($_POST["dep_name"]);
//delete category
} else {
if ($_POST["procedure"] == "DELETE_DEPARTMENT") {
deleteDepartment($_POST["dep_id"]);
//edit category
} else {
if ($_POST["procedure"] == "EDIT_DEPARTMENT") {
editDepartment($_POST["dep_id"], $_POST["dep_newName"]);
}
}
}
//################ Job Group Functions ##############
//add group
if ($_POST["procedure"] == "ADD_GROUP") {
addGroup($_POST["grp_name"], $_POST["dep_id"]);
$db_conn = databaseConnect();
// Connect to DB
// Functions that do NOT generate content to browser
// This is necessary to escape the 'warning headers already
switch (getCurrentAction()) {
case "insertJob":
addJob();
break;
case "updateJob":
updateJob();
break;
case "deleteJob":
deleteJob();
break;
case "insertDepartment":
addDepartment();
break;
case "updateDepartment":
updateDepartment();
break;
case "deleteDepartment":
deleteDepartment();
break;
case "insertEmployee":
addEmployee();
break;
case "updateEmployee":
updateEmployee();
break;
case "deleteEmployee":
deleteEmployee();
