public function Config()
{
$this->mysqli = connectToSQL();
$myq = "SELECT * FROM CONFIG;";
$result = $this->mysqli->query($myq);
$result->data_seek(0);
//moves internal pointer to 0, fetch starts here
while ($row = $result->fetch_assoc()) {
//fetch assoc array && pointer++
if (strcmp($row['Variable'], "WebTitle") == 0) {
$this->webTitle = $row['Value'];
}
if (strcmp($row['Variable'], "Ver") == 0) {
$this->version = $row['Value'];
}
if (strcmp($row['Variable'], "Domain") == 0) {
$this->domain = $row['Value'];
}
if (strcmp($row['Variable'], "ldap_server") == 0) {
$this->ldap_server = $row['Value'];
}
if (strcmp($row['Variable'], "ldap_user") == 0) {
$this->ldapUser = $row['Value'];
}
if (strcmp($row['Variable'], "ldap_user_pass") == 0) {
$this->ldapPass = $row['Value'];
}
if (strcmp($row['Variable'], "install_year") == 0) {
$this->installYear = $row['Value'];
}
}
$this->anchorID = false;
$this->showPrinterFriendly = true;
//Prepare for Mahoning County Domain Migration
$this->ldap_MCO_domain = "mahoningcountyoh.gov";
$this->ldap_MCO_server = "10.2.35.25";
$this->ldap_MCO_OU = "OU=Sheriff,OU=Departments,";
$this->ldap_MCSO_OUS = array("OU=Sheriff,OU=Departments,", "OU=E-911,OU=ADMIN BLDG,OU=Departments,");
}
function delUser($user)
{
$errorText = '';
//remove user from database
$mysqli = connectToSQL();
$myq = "DELETE FROM EMPLOYEE WHERE ID='" . $mysqli->real_escape_string($user) . "'";
$result = $mysqli->query($myq);
if (!$result) {
$errorText = "No such user";
} else {
$errorText = "The User, " . $user . " has been Removed";
}
return $errorText;
}
function displayUsers()
{
/*
* Shows all users and gives the option to edit any fields
*/
$admin = $_SESSION['admin'];
if ($admin >= 50 && isValidUser()) {
$mysqli = connectToSQL();
$myq = "SELECT *\r\n FROM EMPLOYEE";
$result = $mysqli->query($myq);
if (!$result) {
throw new Exception("Database Error [{$mysqli->errno}] {$mysqli->error}");
}
//build table
resultTable($mysqli, $result);
//write any updates to DB when Save is pressed
if (isset($_POST['saveBtn'])) {
//saveBtn created in resultTable()
$result = $mysqli->query($myq);
$i = 0;
$fieldNameArray = array();
$values = array();
while ($finfo = mysqli_fetch_field($result)) {
$tableName = $finfo->orgtable;
$fieldNameArray[$i] = $finfo->orgname;
$values["{$fieldNameArray[$i]}"] = $fieldNameArray[$i] . "=" . "'" . $mysqli->real_escape_string($_POST["{$fieldNameArray[$i]}"]) . "'";
$i++;
}
//turn the array into comma seperated values
$csvValues = implode(',', $values);
$updateQuery = "UPDATE " . $tableName . " SET " . $csvValues . " \r\n WHERE " . $values['ID'];
echo "<br>" . $updateQuery;
$updateResult = $mysqli->query($updateQuery);
if (!$updateResult) {
throw new Exception("Database Error [{$mysqli->errno}] {$mysqli->error}");
}
}
}
}
function displayLeaveApproval($config)
{
$mysqli = $config->mysqli;
?>
<form method="post" name="approveBtn"><?php
echo '<h3>Leave Requests Pending Approval</h3>';
approvePOSTLeaveRequests($config);
/*
* Form used to approve leave
*
*/
$admin = $_SESSION['admin'];
if ($admin >= 25) {
$divisionID = isset($_POST['divisionID']) ? $_POST['divisionID'] : false;
$mysqli = connectToSQL();
echo '<div align="center"><a href="?lookup=true">Request Lookup by Employee</a><br/><br />
Show Submitted Requests for the following division:
<select name="divisionID" onchange="this.form.submit()">';
if (isset($_POST['divisionID'])) {
$divisionID = $_POST['divisionID'];
} else {
if ($admin >= 50) {
$divisionID = "All";
} else {
$mydivq = "SELECT DIVISIONID FROM EMPLOYEE E WHERE E.IDNUM='" . $config->mysqli->real_escape_string($_SESSION['userIDnum']) . "'";
$myDivResult = $mysqli->query($mydivq);
SQLerrorCatch($mysqli, $myDivResult);
$temp = $myDivResult->fetch_assoc();
$divisionID = $temp['DIVISIONID'];
}
}
$alldivq = "SELECT * FROM `DIVISION` WHERE 1";
$allDivResult = $mysqli->query($alldivq);
SQLerrorCatch($mysqli, $allDivResult);
while ($Divrow = $allDivResult->fetch_assoc()) {
echo '<option value="' . $Divrow['DIVISIONID'] . '"';
if ($Divrow['DIVISIONID'] == $divisionID) {
echo ' SELECTED ';
}
echo '>' . $Divrow['DESCR'] . '</option>';
}
if ($divisionID == "All") {
echo '<option value="All" SELECTED>All</option>';
} else {
echo '<option value="All">All</option>';
}
echo '</select>';
echo '</div><br />';
//Page Breaks Setup
$prevNum = isset($_POST['prevNum']) ? $_POST['prevNum'] : "0";
$nextNum = isset($_POST['nextNum']) ? $_POST['nextNum'] : "25";
$limit = isset($_POST['limit']) ? $_POST['limit'] : "25";
if (isset($_POST['prevBtn'])) {
$prevNum = $prevNum - $limit;
$nextNum = $nextNum - $limit;
}
if (isset($_POST['nextBtn'])) {
$prevNum = $prevNum + $limit;
$nextNum = $nextNum + $limit;
}
//$shift = isset($_POST['shiftID']) ? $_POST['shiftID'] : '%';
// i did add this to a where clause, didn't seem to work: AND E.ASSIGN LIKE '%".$shift."%'
if (strcmp($divisionID, "All") == 0) {
$myq = "SELECT * \r\n FROM REQUEST R, TIMETYPE T, EMPLOYEE E\r\n WHERE R.TIMETYPEID=T.TIMETYPEID\r\n AND R.IDNUM=E.IDNUM\r\n AND STATUS='PENDING'";
} else {
$myq = "SELECT * \r\n FROM REQUEST R, TIMETYPE T, EMPLOYEE E\r\n WHERE R.TIMETYPEID=T.TIMETYPEID\r\n AND R.IDNUM=E.IDNUM\r\n AND STATUS='PENDING'\r\n AND E.DIVISIONID IN (" . $config->mysqli->real_escape_string($divisionID) . ")";
}
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
$totalRows = $result->num_rows;
if (strcmp($divisionID, "All") == 0) {
$myq = "SELECT DISTINCT REFER 'RefNo', RADIO 'Radio', CONCAT_WS(', ',LNAME,FNAME) 'Employee', \r\n DATE_FORMAT(REQDATE,'%b %d %Y %H%i') 'Requested', \r\n DATE_FORMAT(USEDATE,'%b %d %Y') 'Used', DATE_FORMAT(BEGTIME,'%H%i') 'Start',\r\n DATE_FORMAT(ENDTIME,'%H%i') 'End', HOURS 'Hrs',\r\n T.DESCR 'Type', SUBTYPE 'Subtype', NOTE 'Comment', STATUS 'Status' \r\n FROM REQUEST R, TIMETYPE T, EMPLOYEE E\r\n WHERE R.TIMETYPEID=T.TIMETYPEID\r\n AND R.IDNUM=E.IDNUM\r\n AND STATUS='PENDING'\r\n ORDER BY REFER \r\n LIMIT " . $config->mysqli->real_escape_string($prevNum) . ", " . $config->mysqli->real_escape_string($limit);
} else {
$myq = "SELECT DISTINCT REFER 'RefNo', RADIO 'Radio', CONCAT_WS(', ',LNAME,FNAME) 'Employee', \r\n DATE_FORMAT(REQDATE,'%b %d %Y %H%i') 'Requested', \r\n DATE_FORMAT(USEDATE,'%b %d %Y') 'Used', DATE_FORMAT(BEGTIME,'%H%i') 'Start',\r\n DATE_FORMAT(ENDTIME,'%H%i') 'End', HOURS 'Hrs',\r\n T.DESCR 'Type', SUBTYPE 'Subtype', NOTE 'Comment', STATUS 'Status' \r\n FROM REQUEST R, TIMETYPE T, EMPLOYEE E\r\n WHERE R.TIMETYPEID=T.TIMETYPEID\r\n AND R.IDNUM=E.IDNUM\r\n AND STATUS='PENDING'\r\n AND E.DIVISIONID IN (" . $config->mysqli->real_escape_string($divisionID) . ")\r\n ORDER BY REFER \r\n LIMIT " . $config->mysqli->real_escape_string($prevNum) . ", " . $config->mysqli->real_escape_string($limit);
}
//echo $myq; //DEBUG
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
//build table
//resultTable($mysqli, $result);
$x = 0;
$y = 0;
$theTable = array(array());
$echo = '<table><tr>';
$result->data_seek(0);
while ($finfo = $result->fetch_field()) {
$echo .= "<th>" . $finfo->name . "</th>";
$theTable[$x][$y] = $finfo->name;
$y++;
}
$x++;
$echo .= '</tr>';
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
$result->data_seek(0);
$rowCount = 0;
while ($row = $result->fetch_array(MYSQLI_NUM)) {
$echo .= "<tr>";
$refNo = '';
//$refs[$rowCount] = $row[0]; //save ref # in an array
for ($i = 0; $i < $mysqli->field_count; $i++) {
$echo .= "<td style='white-space: nowrap'>";
if ($i == 0) {
$refNo = $row[$i];
$echo .= '<input type="hidden" name="refNum' . $rowCount . '" value="' . $row[$i] . '" />';
$theTable[$x][$i] = '<input type="hidden" name="refNum' . $rowCount . '" value="' . $row[$i] . '" />' . $row[$i];
} else {
$echo .= "{$row[$i]}</td>";
$theTable[$x][$i] = $row[$i];
}
}
$echo .= "</tr>";
$echo .= "<td style='white-space: nowrap'></td><td>";
$echo .= "<input type='radio' name='approve{$rowCount}' value='APPROVED' /> Approved</td> \r\n <td style='white-space: nowrap'><input type='radio' name='approve{$rowCount}' value='DENIED'> Denied</td>\r\n <td style='white-space: nowrap' colspan='8'>Reason:<input type='text' name='reason{$rowCount}' size='50'/></td>";
$x++;
$y = 0;
$theTable[$x][$y] = '';
$y++;
$theTable[$x][$y] = "<input type='radio' name='approve{$rowCount}' value='APPROVED' /> Approved";
$y++;
$theTable[$x][$y] = "<input type='radio' name='approve{$rowCount}' value='DENIED'> Denied";
$y++;
$theTable[$x][$y] = "<td colspan='8'>Reason:<input type='text' name='reason{$rowCount}' size='50'/>";
$y++;
$theTable[$x][$y] = '';
$y++;
$rowCount++;
$x++;
}
echo '<hr />';
echo '<div align="center">Number of entries found in the reserve database is: ' . $totalRows . '</div>';
echo ' ';
echo ' ';
echo '<input type="hidden" name="searchFullTime" value="false" />';
echo '<input type="hidden" name="searchReserves" value="checked" />';
echo '<input type="hidden" name="prevNum" value="' . $prevNum . '" />';
echo '<input type="hidden" name="nextNum" value="' . $nextNum . '" />';
$lastRec = $prevNum + $limit;
echo '<br/>';
echo 'Showing Records ' . $prevNum . ' to ' . $lastRec;
//Spacing characters
echo ' ';
echo ' ';
echo ' ';
echo ' ';
if (!$prevNum > 0) {
echo ' ';
echo ' ';
}
echo 'Records: <select name="limit" onChange="this.form.submit()" >
<option value="25"';
if (strcmp($limit, "25") == 0) {
echo ' SELECTED';
}
echo '>25</option>
<option value="50"';
if (strcmp($limit, "50") == 0) {
echo ' SELECTED';
}
echo '>50</option>
</select>';
if ($prevNum > 0) {
echo '<input type="submit" name="prevBtn" value="Previous" />';
}
if ($limit == $rowCount) {
echo '<input type="submit" name="nextBtn" value="Next" />';
}
echo '<br/>';
//echo $echo;
showSortableTable($theTable, 1, $tableID = 'timeApprove', $rowsToSortNext = array(), $noSort = true);
echo '<input type="hidden" name="totalRows" value="' . $rowCount . '" />';
echo '</table> <p><input type="submit" name="approveBtn" value="Save"></p></form>';
} else {
echo "Permission Denied.";
}
}
function showRadioLogDetails($config, $radioLogID, $isEditing = false, $isApprove = false)
{
$checkOutRadio = isset($_POST['addRadioLog']) ? true : false;
$checkInRadio = isset($_POST['checkInRadio']) ? true : false;
$updateRadioLog = isset($_POST['updateRadioLog']) ? true : false;
$num_deputies = isset($_POST['num_deputies']) ? $_POST['num_deputies'] : 0;
$totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : 0;
$mysqli = $config->mysqli;
$mysqliReserve = connectToSQL($reserveDB = TRUE);
if ($checkOutRadio) {
//get passed values
echo '<h2><font color="red">Results</font></h2>';
if ($num_deputies > 0) {
for ($i = 0; $i < $num_deputies; $i++) {
$deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : false;
$radioCallNum[$i] = isset($_POST['radioCallNum' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['radioCallNum' . $i])) : '';
$isReserve[$i] = isset($_POST['isReserve' . $i]) ? '1' : '0';
}
$radioID = isset($_POST['radioID']) ? $mysqli->real_escape_string(strtoupper($_POST['radioID'])) : '';
$podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : '';
$checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : '';
$gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
for ($i = 0; $i < $num_deputies; $i++) {
$gpIDq = "SELECT MAX( GPNUM ) 'gpID' FROM WTS_RADIOLOG";
$gpResult = $mysqli->query($gpIDq);
SQLerrorCatch($mysqli, $gpResult);
$row = $gpResult->fetch_assoc();
if ($gpID != 0) {
$groupID = $gpID;
} else {
$groupID = 0;
if ($num_deputies == 1) {
//Set Group ID to 0 or Individual
} else {
if ($i == 0) {
$groupID = $row['gpID'] + 1;
} else {
$groupID = $row['gpID'];
}
}
}
checkOutItem($config, $deputyID[$i], $radioCallNum[$i], $radioID, $checkOutType, $isReserve[$i], $groupID);
}
} else {
echo 'Must select a user.<br />';
}
echo '<br />';
//display results and get secLogID just added
}
if ($checkInRadio) {
$radioLogID = isset($_POST['radioLogID']) ? $_POST['radioLogID'] : '';
checkInRadioLog($config, $radioLogID);
$isEditing = true;
}
if ($updateRadioLog) {
////get posted values
$radioLogID = isset($_POST['radioLogID']) ? $mysqli->real_escape_string($_POST['radioLogID']) : '';
$radioID = isset($_POST['radioID']) ? $mysqli->real_escape_string(strtoupper($_POST['radioID'])) : '';
$podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : '';
$radioCallNum = isset($_POST['radioCallNum']) ? $mysqli->real_escape_string(strtoupper($_POST['radioCallNum'])) : '';
$checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : '';
updateRadioLog($config, $radioLogID, $radioCallNum, $radioID, $podID, $checkOutType);
$isEditing = true;
}
if ($isEditing) {
if ($config->adminLvl >= 0) {
$mysqli = $config->mysqli;
$myq = "SELECT R.REFNUM, R.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n FROM WTS_RADIOLOG R\r\n JOIN EMPLOYEE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n WHERE R.REFNUM = '" . $radioLogID . "' AND IS_RESERVE=0\r\n UNION\r\n SELECT R.REFNUM, R.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n FROM WTS_RADIOLOG R\r\n JOIN RESERVE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n WHERE R.REFNUM = '" . $radioLogID . "' AND IS_RESERVE=1\r\n ";
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
$row = $result->fetch_assoc();
if ($row['gpID'] != 0) {
//get all users
echo '<div align="center">Group Reference #: ' . $row['gpID'] . '
<input type="hidden" name="gpID" value="' . $row['gpID'] . '" /></div>';
$newq = "SELECT R.REFNUM 'refNum', R.GPNUM 'gpID', \r\n CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n FROM WTS_RADIOLOG R\r\n JOIN EMPLOYEE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n WHERE R.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=0\r\n UNION\r\n SELECT R.REFNUM 'refNum', R.GPNUM 'gpID', \r\n CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n FROM WTS_RADIOLOG R\r\n JOIN RESERVE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n WHERE R.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=1\r\n ORDER BY R.REFNUM";
$newResult = $mysqli->query($newq);
SQLerrorCatch($mysqli, $newResult);
$x = 0;
$y = 0;
$depTable = array(array());
$depTable[$x][$y] = "Reference#";
$y++;
$depTable[$x][$y] = "Deputy";
$y++;
$depTable[$x][$y] = "Radio#";
$y++;
$depTable[$x][$y] = "Action";
$y++;
$x++;
while ($newRow = $newResult->fetch_assoc()) {
$y = 0;
$depTable[$x][$y] = $newRow['refNum'] . '
<input type="hidden" name="radioLogID' . $x . '" value="' . $newRow['refNum'] . '" />';
$y++;
$depTable[$x][$y] = $newRow['DEPUTYNAME'];
$y++;
$depTable[$x][$y] = '<input type="text" name="radioCallNum' . $x . '" value="' . $newRow['RADIO_CALLNUM'] . '" />';
$y++;
if (strcmp($newRow['inTime'], "00/00/000 0000") == 0) {
$depTable[$x][$y] = '<input type="submit" value="Update" name="updateRadioLog' . $x . '" />
<input type="submit" value="LogOut" name="logoutRadioLog' . $x . '" /><br/>';
$y++;
} else {
if ($config->adminLvl >= 25) {
$depTable[$x][$y] = '<input type="submit" value="Update" name="updateRadioLog' . $x . '" />
Checked in at ' . $newRow['inTime'];
$y++;
} else {
$depTable[$x][$y] = 'Checked in at ' . $newRow['inTime'];
$y++;
}
}
$x++;
}
showSortableTable($depTable, 1);
} else {
echo '<br/>Reference #: ' . $radioLogID . '<input type="hidden" name="radioLogID" value="' . $radioLogID . '" /><br />
Deputy: ' . $row['DEPUTYNAME'] . '<br/>
Radio#: <input type="text" name="radioCallNum" value="' . $row['RADIO_CALLNUM'] . '" /><br/>';
}
echo '<div align="left">Add Deputy: <button type="button" name="searchBtn"
value="Lookup Employee" onClick="this.form.action=' . "'?userLookup=true'" . ';this.form.submit()" >
Lookup Employee</button></div><br/>';
echo '<br/> Radio Number: ';
selectRadioInventory($config, "radioID", $row['RADIOID']);
echo '<br/><br/>';
if ($row['TYPE'] == "LOANER") {
echo '<input type="radio" name="checkOutType" value="LOANER" CHECKED>LOANER</input>';
} else {
echo '<input type="radio" name="checkOutType" value="LOANER">LOANER</input>';
}
if ($row['TYPE'] == "PERM") {
echo '<input type="radio" name="checkOutType" value="PERM" CHECKED>PERMANENT</input>';
} else {
echo '<input type="radio" name="checkOutType" value="PERM">PERMANENT</input>';
}
if ($row['TYPE'] == "POD") {
echo '<input type="radio" name="checkOutType" value="POD" CHECKED>SHIFT ASSIGNMENT</input><br/>';
} else {
echo '<input type="radio" name="checkOutType" value="POD">SHIFT ASSIGNMENT</input><br/>';
}
echo '<br/>Checked in time: ';
if (strcmp($row['inTime'], "00/00/00 0000") == 0) {
echo "<font color=red><b>Not Checked back in Yet</b></font><br /><br />";
if ($row['gpID'] != 0) {
echo '<input type="submit" name="checkInAllRadio" value="Check in All" />';
} else {
echo '<input type="submit" name="checkInRadio" value="Check Back In" />';
}
} else {
echo $row['inTime'] . '<br /><br />';
}
if (strcmp($row['inTime'], "00/00/0000 0000") == 0 || $config->adminLvl >= 25) {
if ($row['gpID'] != 0) {
echo '<input type="submit" name="updateRadioLogAll" value="Update All" />';
} else {
echo '<input type="submit" name="updateRadioLog" value="Update" />';
}
}
if ($isApprove) {
echo '<input type="submit" name="backToApprove" value="Back To Approvals" />';
} else {
echo '<input type="submit" name="goBtn" value="Back To Logs" />';
}
} else {
echo 'Access Denied';
}
}
if (!$isEditing && !isset($_POST['goBtn'])) {
echo '<br/><br/>';
$radioLogID = isset($_POST['secLogID']) ? $mysqli->real_escape_string($_POST['secLogID']) : '';
$radioID = isset($_POST['radioID']) ? $mysqli->real_escape_string(strtoupper($_POST['radioID'])) : '';
$podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : '';
$checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : '';
//debug
//var_dump($_POST);
//Show previously added deputies
$deputyCount = 0;
if ($num_deputies > 0) {
for ($i = 0; $i < $num_deputies; $i++) {
if (!isset($_POST['removeDeputyBtn' . $i])) {
$deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : '';
$isReserve[$i] = isset($_POST['isReserve' . $i]) ? true : false;
//get this user's information
if ($isReserve[$i]) {
$myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $deputyID[$i];
$result = $mysqliReserve->query($myq);
SQLerrorCatch($mysqliReserve, $result);
$row = $result->fetch_assoc();
} else {
$myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $deputyID[$i];
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
$row = $result->fetch_assoc();
}
if ($i == 0) {
$phone = $row['CELLPH'];
}
echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $deputyID[$i] . '" />';
if ($isReserve[$i] == 1) {
echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />';
}
echo $row['LNAME'] . ', ' . $row['FNAME'];
echo '; Radio Call #: <input type="hidden" name="radioCallNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />' . $row['RADIO'];
echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />';
echo '<br/>';
$deputyCount++;
}
}
//End for loop of previously added deputies
}
//End check for multiple deputies
//Get added Deputy
$totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : 0;
$foundUserFNAME = '';
$foundUserLNAME = '';
$foundUserName = '';
$foundUserID = '';
if ($totalRows > 0) {
//get post info providied from search results
for ($i = 0; $i <= $totalRows; $i++) {
if (isset($_POST['foundUser' . $i])) {
$foundUserFNAME = $_POST['foundUserFNAME' . $i];
$foundUserLNAME = $_POST['foundUserLNAME' . $i];
$foundUserName = $_POST['foundUserName' . $i];
$foundUserID = $_POST['foundUserID' . $i];
if (isset($_POST['isReserve' . $i])) {
$foundUserIsReserve = true;
} else {
$foundUserIsReserve = false;
}
break;
}
//end if
}
//end for
}
if (empty($foundUserID) && $num_deputies == 0) {
//security check for central control computer
if ($_SERVER['REMOTE_ADDR'] != nslookup('WSRF14900.mahoningcountyoh.gov')) {
//'10.1.32.72'
//Default first deputy to logged in user on first load
$foundUserID = $_SESSION['userIDnum'];
$foundUserIsReserve = false;
}
}
if (!empty($foundUserID)) {
if ($foundUserIsReserve) {
$myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $foundUserID;
$result = $mysqliReserve->query($myq);
SQLerrorCatch($mysqliReserve, $result);
} else {
$myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $foundUserID;
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
}
$row = $result->fetch_assoc();
if ($deputyCount == 0) {
$phone = $row['CELLPH'];
}
echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $foundUserID . '" />';
if ($foundUserIsReserve) {
echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />';
}
echo $row['LNAME'] . ', ' . $row['FNAME'];
echo '; Radio Call#: <input type="hidden" name="radioCallNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />' . $row['RADIO'];
echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />';
echo '<br/>';
$deputyCount++;
}
echo 'Add Deputy: ';
displayUserLookup($config);
echo '<input type="hidden" name="num_deputies" value="' . $deputyCount . '" />';
$gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
echo '<br/><br/><input type="hidden" name="gpID" value="' . $gpID . '" /> Radio Number: ';
selectRadioInventory($config, "radioID", $radioID);
echo '<br/><br/>';
if ($checkOutType == "LOANER") {
echo '<input type="radio" name="checkOutType" value="LOANER" CHECKED>LOANER</input>';
} else {
echo '<input type="radio" name="checkOutType" value="LOANER">LOANER</input>';
}
if ($checkOutType == "PERM") {
echo '<input type="radio" name="checkOutType" value="PERM" CHECKED>PERMANENT</input>';
} else {
echo '<input type="radio" name="checkOutType" value="PERM">PERMANENT</input>';
}
if ($checkOutType == "POD") {
echo '<input type="radio" name="checkOutType" value="POD" CHECKED>SHIFT ASSIGNMENT</input><br/>';
} else {
echo '<input type="radio" name="checkOutType" value="POD">SHIFT ASSIGNMENT</input><br/>';
}
echo '<br/><input type="hidden" name="addBtn" value="true" />
<input type="submit" name="addRadioLog" value="Check Out Radio" />
<input type="submit" name="goBtn" value="Cancel" />';
}
}
function showSecLogDetails($config, $secLogID, $isEditing = false, $isApprove = false)
{
$addSecLog = isset($_POST['addSecLog']) ? true : false;
$logoutSecLog = isset($_POST['logoutSecLog']) ? true : false;
$updateSecLog = isset($_POST['updateSecLog']) ? true : false;
$num_deputies = isset($_POST['num_deputies']) ? $_POST['num_deputies'] : 0;
$totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : 0;
$mysqli = $config->mysqli;
$mysqliReserve = connectToSQL($reserveDB = TRUE);
if ($addSecLog) {
//get passed values
if ($num_deputies > 0) {
for ($i = 0; $i < $num_deputies; $i++) {
$deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : false;
$radioNum[$i] = isset($_POST['radioNum' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['radioNum' . $i])) : '';
$isReserve[$i] = isset($_POST['isReserve' . $i]) ? '1' : '0';
}
}
$address = isset($_POST['address']) ? $mysqli->real_escape_string(strtoupper($_POST['address'])) : '';
$city = isset($_POST['city']) ? $mysqli->real_escape_string(strtoupper($_POST['city'])) : '';
$phone = isset($_POST['phone']) ? $mysqli->real_escape_string($_POST['phone']) : '';
$shiftStart1 = !empty($_POST['shiftStart1']) ? $mysqli->real_escape_string($_POST['shiftStart1']) : '00';
$shiftStart2 = !empty($_POST['shiftStart2']) ? $mysqli->real_escape_string($_POST['shiftStart2']) : '00';
$shiftStart = $shiftStart1 . $shiftStart2 . "00";
$shiftEnd1 = !empty($_POST['shiftEnd1']) ? $mysqli->real_escape_string($_POST['shiftEnd1']) : '00';
$shiftEnd2 = !empty($_POST['shiftEnd2']) ? $mysqli->real_escape_string($_POST['shiftEnd2']) : '00';
$shiftEnd = $shiftEnd1 . $shiftEnd2 . "00";
$dress = isset($_POST['dress']) ? $mysqli->real_escape_string($_POST['dress']) : '';
$gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
//add to database
echo '<h2>Results</h2>';
if ($num_deputies > 0) {
for ($i = 0; $i < $num_deputies; $i++) {
$gpIDq = "SELECT MAX( GPNUM ) 'gpID' FROM SECLOG";
$gpResult = $mysqli->query($gpIDq);
SQLerrorCatch($mysqli, $gpResult);
$row = $gpResult->fetch_assoc();
if ($gpID != 0) {
$groupID = $gpID;
} else {
$groupID = 0;
if ($num_deputies == 1) {
//Set Group ID to 0 or Individual
} else {
if ($i == 0) {
$groupID = $row['gpID'] + 1;
} else {
$groupID = $row['gpID'];
}
}
}
$myq = "INSERT INTO `SECLOG` ( `IDNUM` ,`DEPUTYID` ,`RADIO` ,`TIMEIN` ,`AUDIT_IN_ID` ,\r\n `AUDIT_IN_TIME` ,`AUDIT_IN_IP` ,`LOCATION` ,`CITY` ,`PHONE` ,`SHIFTDATE` ,`SHIFTSTART` ,\r\n `SHIFTEND` ,`DRESS` ,`TIMEOUT` ,`AUDIT_OUT_ID` ,`AUDIT_OUT_TIME` ,`AUDIT_OUT_IP` ,`SUP_ID` ,\r\n `SUP_TIME` ,`SUP_IP`, IS_RESERVE, GPNUM) VALUES (\r\n NULL , '" . $deputyID[$i] . "', '" . $radioNum[$i] . "', NOW(), '" . $_SESSION['userIDnum'] . "', NOW(), INET_ATON('" . $_SERVER['REMOTE_ADDR'] . "'), \r\n '" . $address . "', '" . $city . "', '" . $phone . "', '" . Date('Y-m-d', strtotime($_POST['dateSelect'])) . "', \r\n '" . $shiftStart . "', '" . $shiftEnd . "', '" . $dress . "', '', '', '', '', '', '', ''," . $isReserve[$i] . ",\r\n '" . $groupID . "');";
$result = $mysqli->query($myq);
if (!SQLerrorCatch($mysqli, $result)) {
$secLogID = $mysqli->insert_id;
addLog($config, 'Secondary Log #' . $secLogID . ' Added');
echo 'Successfully Added Secondary Employment Log, Reference Number: ' . $secLogID . '<br />';
$isEditing = true;
} else {
echo 'Failed to add Secondary Employment Log, try again.<br />';
}
}
} else {
echo 'Must select a user.<br />';
}
echo '<br />';
//display results and get secLogID just added
}
if ($logoutSecLog) {
$secLogID = isset($_POST['secLogID']) ? $_POST['secLogID'] : '';
logOutSecLog($config, $secLogID);
$isEditing = true;
}
if ($updateSecLog) {
////get posted values
$secLogID = isset($_POST['secLogID']) ? $mysqli->real_escape_string($_POST['secLogID']) : '';
$radioNum = isset($_POST['radioNum']) ? $mysqli->real_escape_string($_POST['radioNum']) : '';
$address = isset($_POST['address']) ? $mysqli->real_escape_string($_POST['address']) : '';
$city = isset($_POST['city']) ? $mysqli->real_escape_string($_POST['city']) : '';
$phone = isset($_POST['phone']) ? $mysqli->real_escape_string($_POST['phone']) : '';
$shiftStart1 = isset($_POST['shiftStart1']) ? $mysqli->real_escape_string($_POST['shiftStart1']) : '';
$shiftStart2 = isset($_POST['shiftStart2']) ? $mysqli->real_escape_string($_POST['shiftStart2']) : '';
$shiftStart = $shiftStart1 . $shiftStart2 . "00";
$shiftEnd1 = isset($_POST['shiftEnd1']) ? $mysqli->real_escape_string($_POST['shiftEnd1']) : '';
$shiftEnd2 = isset($_POST['shiftEnd2']) ? $mysqli->real_escape_string($_POST['shiftEnd2']) : '';
$shiftEnd = $shiftEnd1 . $shiftEnd2 . "00";
$dress = isset($_POST['dress']) ? $mysqli->real_escape_string($_POST['dress']) : '';
updateSecLog($config, $secLogID, $radioNum, $address, $city, $phone, $shiftStart1, $shiftStart2, $shiftEnd1, $shiftEnd2, $dress);
$isEditing = true;
}
if ($isEditing) {
if ($config->adminLvl >= 0) {
$mysqli = $config->mysqli;
$myq = "SELECT S.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', S.RADIO, LOCATION, S.CITY, PHONE,\r\n SHIFTSTART, SHIFTEND, DRESS, S.IDNUM, S.TIMEOUT\r\n FROM SECLOG S\r\n JOIN EMPLOYEE AS SEC ON SEC.IDNUM=S.DEPUTYID\r\n WHERE S.IDNUM = '" . $secLogID . "' AND IS_RESERVE=0\r\n UNION\r\n SELECT S.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', S.RADIO, LOCATION, S.CITY, PHONE,\r\n SHIFTSTART, SHIFTEND, DRESS, S.IDNUM, S.TIMEOUT\r\n FROM SECLOG S\r\n JOIN RESERVE AS SEC ON SEC.IDNUM=S.DEPUTYID\r\n WHERE S.IDNUM = '" . $secLogID . "' AND IS_RESERVE=1\r\n ORDER BY IDNUM";
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
$row = $result->fetch_assoc();
if ($row['gpID'] != 0) {
//get all users
echo '<div align="center">Group Reference #: ' . $row['gpID'] . '
<input type="hidden" name="gpID" value="' . $row['gpID'] . '" /></div>';
$newq = "SELECT S.IDNUM 'refNum', S.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', S.RADIO, LOCATION, S.CITY, PHONE,\r\n SHIFTSTART, SHIFTEND, DRESS, S.IDNUM, S.TIMEOUT\r\n FROM SECLOG S\r\n JOIN EMPLOYEE AS SEC ON SEC.IDNUM=S.DEPUTYID\r\n WHERE S.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=0\r\n UNION\r\n SELECT S.IDNUM 'refNum', S.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', S.RADIO, LOCATION, S.CITY, PHONE,\r\n SHIFTSTART, SHIFTEND, DRESS, S.IDNUM, S.TIMEOUT\r\n FROM SECLOG S\r\n JOIN RESERVE AS SEC ON SEC.IDNUM=S.DEPUTYID\r\n WHERE S.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=1\r\n ORDER BY IDNUM";
$newResult = $mysqli->query($newq);
SQLerrorCatch($mysqli, $newResult);
$x = 0;
$y = 0;
$depTable = array(array());
$depTable[$x][$y] = "Reference#";
$y++;
$depTable[$x][$y] = "Deputy";
$y++;
$depTable[$x][$y] = "Radio#";
$y++;
$depTable[$x][$y] = "Action";
$y++;
$x++;
while ($newRow = $newResult->fetch_assoc()) {
$y = 0;
$depTable[$x][$y] = $newRow['refNum'] . '
<input type="hidden" name="secLogID' . $x . '" value="' . $newRow['refNum'] . '" />';
$y++;
$depTable[$x][$y] = $newRow['DEPUTYNAME'];
$y++;
$depTable[$x][$y] = '<input type="text" name="radioNum' . $x . '" value="' . $newRow['RADIO'] . '" />';
$y++;
if (strcmp($newRow['TIMEOUT'], "00:00:00") == 0) {
$depTable[$x][$y] = '<input type="submit" value="Update" name="updateSecLog' . $x . '" />
<input type="submit" value="LogOut" name="logoutSecLog' . $x . '" /><br/>';
if ($config->adminLvl >= 25) {
$depTable[$x][$y] .= '<input type="submit" name="changeDeputy' . $x . '" value="Change Deputy" />';
}
$y++;
} else {
if ($config->adminLvl >= 25) {
$depTable[$x][$y] = '<input type="submit" value="Update" name="updateSecLog' . $x . '" />
Logged Out at ' . $newRow['TIMEOUT'];
$y++;
} else {
$depTable[$x][$y] = 'Logged Out at ' . $newRow['TIMEOUT'];
$y++;
}
}
$x++;
}
showSortableTable($depTable, 1);
} else {
$x = 0;
$y = 0;
$depTable = array(array());
$depTable[$x][$y] = "Reference#";
$y++;
$depTable[$x][$y] = "Deputy";
$y++;
$depTable[$x][$y] = "Radio#";
$y++;
$depTable[$x][$y] = "Action";
$y++;
$x++;
$y = 0;
$depTable[$x][$y] = $secLogID . '<input type="hidden" name="secLogID" value="' . $secLogID . '" />';
$y++;
$depTable[$x][$y] = $row['DEPUTYNAME'];
$y++;
$depTable[$x][$y] = $row['DEPUTYNAME'];
$y++;
if ($config->adminLvl >= 25) {
$depTable[$x][$y] = '<input type="submit" name="changeDeputy1" value="Change Deputy" />';
} else {
$depTable[$x][$y] = '';
}
$y++;
showSortableTable($depTable, 1);
// echo 'Reference #: '.$secLogID.'<input type="hidden" name="secLogID" value="'.$secLogID.'" /><br />
// Deputy: '.$row['DEPUTYNAME'].'<br/>
// Radio#: <input type="text" name="radioNum" value="'.$row['RADIO'].'" />
// <input type="submit" name="changeDeputy1" value="Change Deputy" /><br/>';
}
echo '<div align="left">Add Deputy: <button type="button" name="searchBtn"
value="Lookup Employee" onClick="this.form.action=' . "'?userLookup=true'" . ';this.form.submit()" >
Lookup Employee</button></div><br/>';
echo 'Site Name or Address: <input type="text" name="address" value="' . $row['LOCATION'] . '" /><br/>
City/Twp: <input type="text" name="city" value="' . $row['CITY'] . '" /><br/>
Contact#: <input type="text" name="phone" value="' . $row['PHONE'] . '" /><br/>
Shift Start Time: ';
$temp = explode(":", $row['SHIFTSTART']);
showTimeSelector("shiftStart", $temp[0], $temp[1], false);
echo ' <br/>
Shift End Time: ';
$temp = explode(":", $row['SHIFTEND']);
showTimeSelector("shiftEnd", $temp[0], $temp[1], false);
echo '<br/>
Dress: <select name="dress">
<option value=""></option>
<option value="U"';
if (strcmp($row['DRESS'], "U") == 0) {
echo ' SELECTED ';
}
echo '>Uniform</option>
<option value="PC"';
if (strcmp($row['DRESS'], "PC") == 0) {
echo ' SELECTED ';
}
echo '>Plain Clothes</option>
</select><br/>';
echo 'Logged Off Time: ';
if (strcmp($row['TIMEOUT'], "00:00:00") == 0) {
echo "Not Logged Off Yet<br /><br />";
if ($row['gpID'] != 0) {
echo '<input type="submit" name="logoutSecLogAll" value="LogOut All" />';
} else {
echo '<input type="submit" name="logoutSecLog" value="LogOut" />';
}
} else {
echo $row['TIMEOUT'] . '<br /><br />';
}
if (strcmp($row['TIMEOUT'], "00:00:00") == 0 || $config->adminLvl >= 25) {
if ($row['gpID'] != 0) {
echo '<input type="submit" name="updateSecLogAll" value="Update All" />';
} else {
echo '<input type="submit" name="updateSecLog" value="Update" />';
}
}
if ($isApprove) {
echo '<input type="submit" name="backToApprove" value="Back To Approvals" />';
} else {
echo '<input type="submit" name="goBtn" value="Back To Logs" />';
}
} else {
echo 'Access Denied';
}
}
if (!$isEditing && !isset($_POST['goBtn'])) {
$secLogID = isset($_POST['secLogID']) ? $_POST['secLogID'] : $_SESSION['userIDnum'];
$radioNum = isset($_POST['radioNum']) ? $_POST['radioNum'] : '';
$address = isset($_POST['address']) ? $_POST['address'] : '';
$city = isset($_POST['city']) ? $_POST['city'] : '';
$phone = isset($_POST['phone']) ? $_POST['phone'] : '';
$shiftStart1 = isset($_POST['shiftStart1']) ? $_POST['shiftStart1'] : '';
$shiftStart2 = isset($_POST['shiftStart2']) ? $_POST['shiftStart2'] : '';
$shiftEnd1 = isset($_POST['shiftEnd1']) ? $_POST['shiftEnd1'] : '';
$shiftEnd2 = isset($_POST['shiftEnd2']) ? $_POST['shiftEnd2'] : '';
$dress = isset($_POST['dress']) ? $_POST['dress'] : '';
$dateSelect = isset($_POST['dateSelect']) ? $_POST['dateSelect'] : '';
//debug
//var_dump($_POST);
//Show previously added deputies
$deputyCount = 0;
if ($num_deputies > 0) {
for ($i = 0; $i < $num_deputies; $i++) {
if (!isset($_POST['removeDeputyBtn' . $i])) {
$deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : '';
$isReserve[$i] = isset($_POST['isReserve' . $i]) ? true : false;
//get this user's information
if ($isReserve[$i]) {
$myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $deputyID[$i];
$result = $mysqliReserve->query($myq);
SQLerrorCatch($mysqliReserve, $result);
$row = $result->fetch_assoc();
} else {
$myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $deputyID[$i];
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
$row = $result->fetch_assoc();
}
if ($i == 0) {
$phone = $row['CELLPH'];
}
echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $deputyID[$i] . '" />';
if ($isReserve[$i] == 1) {
echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />';
}
echo $row['LNAME'] . ', ' . $row['FNAME'];
echo '; Radio#: <input type="hidden" name="radioNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />' . $row['RADIO'];
echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />';
echo '<br/>';
$deputyCount++;
}
}
//End for loop of previously added deputies
}
//End check for multiple deputies
//Get added Deputy
$totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : 0;
$foundUserFNAME = '';
$foundUserLNAME = '';
$foundUserName = '';
$foundUserID = '';
if ($totalRows > 0) {
//get post info providied from search results
for ($i = 0; $i <= $totalRows; $i++) {
if (isset($_POST['foundUser' . $i])) {
$foundUserFNAME = $_POST['foundUserFNAME' . $i];
$foundUserLNAME = $_POST['foundUserLNAME' . $i];
$foundUserName = $_POST['foundUserName' . $i];
$foundUserID = $_POST['foundUserID' . $i];
if (isset($_POST['isReserve' . $i])) {
$foundUserIsReserve = true;
} else {
$foundUserIsReserve = false;
}
break;
}
//end if
}
//end for
}
if (empty($foundUserID) && $num_deputies == 0) {
if ($_SERVER['REMOTE_ADDR'] != nslookup('WSRF14900.mahoningcountyoh.gov')) {
//'10.1.32.72'
$foundUserID = $_SESSION['userIDnum'];
$foundUserIsReserve = false;
}
}
if (!empty($foundUserID)) {
if ($foundUserIsReserve) {
$myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $foundUserID;
$result = $mysqliReserve->query($myq);
SQLerrorCatch($mysqliReserve, $result);
} else {
$myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $foundUserID;
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
}
$row = $result->fetch_assoc();
if ($deputyCount == 0) {
$phone = $row['CELLPH'];
}
echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $foundUserID . '" />';
if ($foundUserIsReserve) {
echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />';
}
echo $row['LNAME'] . ', ' . $row['FNAME'];
echo '; Radio#: <input type="hidden" name="radioNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />' . $row['RADIO'];
echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />';
echo '<br/>';
$deputyCount++;
}
echo 'Add Deputy: ';
displayUserLookup($config);
echo '<br />';
echo '<input type="hidden" name="num_deputies" value="' . $deputyCount . '" />';
$gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
echo '<input type="hidden" name="gpID" value="' . $gpID . '" />';
echo 'Site Name or Address: <input type="text" name="address" value="' . $address . '" /><br/>
City/Twp: <input type="text" name="city" value="' . $city . '" /><br/>
Contact#: <input type="text" name="phone" value="' . $phone . '" /><br/>
Shift Start Time: ';
showTimeSelector("shiftStart", $shiftStart1, $shiftStart2, false);
echo ' <br/>
Shift End Time: ';
showTimeSelector("shiftEnd", $shiftEnd1, $shiftEnd2, false);
echo '<br/>
Dress: <select name="dress">
<option value=""></option>
<option value="U"';
if ($dress == 'U') {
echo ' selected ';
}
echo '>Uniform</option>
<option value="PC"';
if ($dress == 'PC') {
echo ' selected ';
}
echo '>Plain Clothes</option>
</select><br/><br />
<input type="hidden" name="addBtn" value="true" />
<input type="submit" name="addSecLog" value="Add" />
<input type="submit" name="goBtn" value="Cancel" />';
}
}
function searchReserves($config, $userToFind, $rowCount, $isSelect = true)
{
$mysqli = connectToSQL($reserveDB = TRUE);
if ($config->adminLvl < 75) {
$myq = "SELECT * FROM `RESERVE` WHERE `GRP` != 5 AND `LNAME` LIKE CONVERT(_utf8 '%" . $userToFind . "%' USING latin1) COLLATE latin1_swedish_ci ";
} else {
$myq = "SELECT * FROM `RESERVE` WHERE `LNAME` LIKE CONVERT(_utf8 '%" . $userToFind . "%' USING latin1) COLLATE latin1_swedish_ci ";
}
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
$begin = $rowCount;
$echo = "";
while ($row = $result->fetch_assoc()) {
$rowCount++;
$echo .= '<div align="center"><table width="400"><tr><td>';
if ($isSelect) {
$echo .= '<input name="foundUser' . $rowCount . '" type="radio" onClick="this.form.action=\'?' . $_POST['formName'] . "=true'" . ';this.form.submit()" />Select</td><td>';
}
$echo .= '<input type="hidden" name="foundUserFNAME' . $rowCount . '" value="' . $row['FNAME'] . '" /> First name: ' . $row['FNAME'] . "<br />";
$echo .= '<input type="hidden" name="foundUserLNAME' . $rowCount . '" value="' . $row['LNAME'] . '" /> Last Name: ' . $row['LNAME'] . "<br />";
$echo .= '<input type="hidden" name="foundUserID' . $rowCount . '" value="' . $row['IDNUM'] . '" /> Username: '******'FNAME'] . "." . $row['LNAME'] . '<br />';
$echo .= '<input type="hidden" name="foundUserName' . $rowCount . '" value="' . $row['FNAME'] . "." . $row['LNAME'] . '" />';
$echo .= "Rank: Reserve Group " . $row['GRP'] . "<br />";
$echo .= '<input type="hidden" name="isReserve' . $rowCount . '" value="true" />"';
$echo .= "</td></tr></table></div><br /><hr />";
}
//end While Loop
$rowsAdded = $rowCount - $begin;
if ($rowsAdded > 0) {
echo "Number of entries found in the reserve database is " . $rowsAdded . "<br /><br /><hr />";
echo $echo;
}
return $rowsAdded;
}
function displayAdminAnnounce($config)
{
echo '<div align="center"><h2>Announcement Manager</h3></div> ';
if ($config->adminLvl >= 30) {
$editorDisplay = isset($_GET['editAnnounce']) ? $_GET['editAnnounce'] : false;
if (!$editorDisplay && !isset($_POST['addAnnounce'])) {
//Show available announcements to edit (or add new)
$mysqli = connectToSQL();
$myq = "SELECT * FROM `NEWS` WHERE 1";
$result = $mysqli->query($myq);
if (!$result) {
throw new Exception("Database Error [{$mysqli->errno}] {$mysqli->error}");
}
$result->data_seek(0);
while ($row = $result->fetch_assoc()) {
echo '<a href="' . $_SERVER['REQUEST_URI'] . '&editAnnounce=' . $row['IDNUM'] . '" >' . $row['TITLE'] . '</a><br />
Published: ' . $row['TSTAMP'] . ' <br />by ' . $row['AUDITID'] . '<br /><br />';
}
?>
<form action="<?php
echo $_SERVER['REQUEST_URI'];
?>
" method="post" name="registerform">
<input type="submit" name="addAnnounce" value="Add Announcement" />
</form>
<?php
}
if (isset($_GET['editAnnounce'])) {
//User attempting to edit, get passed form fields
$editorID = isset($_POST['editorID']) ? $_POST['editorID'] : $_GET['editAnnounce'];
$editorTitle = isset($_POST['editorTitle']) ? $_POST['editorTitle'] : '';
$editorShort = isset($_POST['editorShort']) ? $_POST['editorShort'] : '';
$editorDivID = isset($_POST['editorDivID']) ? $_POST['editorDivID'] : '';
$editorOldShort = isset($_POST['editorOldShort']) ? $_POST['editorOldShort'] : '';
$editorPublish = isset($_POST['editorPublish']) ? $_POST['editorPublish'] : '1';
$editorData = isset($_POST['editor110']) ? $_POST['editor110'] : '';
if (isset($_POST['editor110']) && !isset($_POST['editorPublish'])) {
$editorPublish = 0;
}
if (!isset($_POST['editorOldShort'])) {
//no valid announcement was passed so get data within SQL
$mysqli = connectToSQL();
$myq = "SELECT `SHORTNAME` , `TITLE` , `BODY` , `PUBLISH`, `DIVID` FROM `NEWS` \r\n WHERE `IDNUM` = '" . $editorID . "'";
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
$result->data_seek(0);
$row = $result->fetch_assoc();
$editorTitle = $row['TITLE'];
$editorShort = $row['SHORTNAME'];
$editorDivID = $row['DIVID'];
$editorPublish = $row['PUBLISH'];
$editorData = $row['BODY'];
}
?>
<a href="<?php
echo $_SERVER['PHP_SELF'];
?>
?isAnounceAdmin=true" >Back</a>
<script type="text/javascript" src="ckeditor/ckeditor.js"></script>
<form action ="<?php
echo $_SERVER['REQUEST_URI'];
?>
" method="post">
<p>
<?php
echo '<input type="hidden" name="editorID" value="' . $editorID . '" />';
?>
Announcement Title: <input type="text" name="editorTitle" value="<?php
if (isset($editorTitle)) {
echo $editorTitle;
}
?>
"/><br /><br />
Short Name: <?php
if (isset($editorShort)) {
echo $editorShort;
}
?>
<br /><br />
Publish to Division: <?php
displayDivisionID("editorDivID", $editorDivID, $showAllOpt = true);
?>
<br/><Br/>
<input type="hidden" name="editorOldShort" value="<?php
echo $editorShort;
?>
" />
Publish Announcement: <input type="checkbox" name="editorPublish" value="1" <?php
if ($editorPublish == 0) {
} else {
echo 'checked="checked"';
}
?>
/><br /><br />
<textarea id="editor1" name="editor110"><?php
echo $editorData;
?>
</textarea>
<script type="text/javascript">
CKEDITOR.replace( 'editor110' );
</script>
</p>
<p>
<input type="submit" name="saveBtn" value="Save" />
</p>
</form>
<?php
if (isset($_POST['saveBtn'])) {
//User pressed Save Button, so update with presented information
$mysqli = connectToSQL();
$myq = "UPDATE `PAYROLL`.`NEWS` SET \r\n `SHORTNAME` = '" . $editorOldShort . "',\r\n `TITLE` = '" . $editorTitle . "',\r\n `BODY` = '" . $editorData . "',\r\n `PUBLISH` = '" . $editorPublish . "',\r\n `DIVID` = '" . $editorDivID . "',\r\n `TSTAMP` = NOW( ),\r\n `AUDITID` = '" . strtoupper($_SESSION['userName']) . "',\r\n `IP` = 'INET_ATON(\\'" . $_SERVER['REMOTE_ADDR'] . "\\')' \r\n WHERE IDNUM= '" . $editorID . "' LIMIT 1 ;";
$result = $mysqli->query($myq);
if (!SQLerrorCatch($mysqli, $result)) {
addLog($config, 'Announcement Updated with title ' . $editorTitle);
echo '<h3>Successful Save</h3>';
}
}
}
if (isset($_POST['addAnnounce'])) {
//User pressed Add an Announcement
$editorTitle = isset($_POST['editorTitle']) ? $_POST['editorTitle'] : '';
$editorShort = isset($_POST['editorShort']) ? $_POST['editorShort'] : '';
$editorDivID = isset($_POST['editorDivID']) ? $_POST['editorDivID'] : '1';
$editorPublish = isset($_POST['editorPublish']) ? $_POST['editorPublish'] : '1';
$editorData = isset($_POST['editor110']) ? $_POST['editor110'] : '';
if (isset($_POST['editor110']) && !isset($_POST['editorPublish'])) {
$editorPublish = 0;
}
$isShort = false;
if (isset($_POST['saveBtn']) && empty($editorShort)) {
$isShort = true;
}
?>
<a href="<?php
echo $_SERVER['PHP_SELF'];
?>
?isAnounceAdmin=true" >Back</a>
<script type="text/javascript" src="ckeditor/ckeditor.js"></script>
<form action ="<?php
echo $_SERVER['REQUEST_URI'];
?>
" method="post">
<p>
Announcement Title: <input type="text" name="editorTitle" value="<?php
if (isset($editorTitle)) {
echo $editorTitle;
}
?>
"/><br /><br />
Short Name: <input type="text" name="editorShort" value="<?php
if (isset($editorShort)) {
echo $editorShort;
}
?>
" <?php
if ($isShort) {
echo "style=\"background:#FFFFFF;border:1px solid #FF0000;\"";
}
?>
/><br /><br />
Publish to Division: <?php
displayDivisionID("editorDivID", $editorDivID, $showAllOpt = true);
?>
<br/><Br/>
Publish Announcement: <input type="checkbox" name="editorPublish" value="1" <?php
if ($editorPublish == 0) {
} else {
echo 'checked="checked"';
}
?>
/><br /><br />
<textarea id="editor1" name="editor110"><?php
echo $editorData;
?>
</textarea>
<script type="text/javascript">
CKEDITOR.replace( 'editor110' );
</script>
</p>
<p>
<input type="hidden" name="addAnnounce" value="Add Announcement" />
<input type="submit" name="saveBtn" value="Save" />
</p>
</form>
<?php
if (isset($_POST['saveBtn'])) {
//Save button pressed, save data to database
$mysqli = connectToSQL();
//$myq = "INSERT INTO `PAYROLL`.`NEWS` (`SHORTNAME`, `TITLE`, `BODY`, `PUBLISH`, `TSTAMP`, `AUDITID`, 'IP') VALUES ('".$editorShort."', '".$editorTitle."', '".$editorData."', '".$editorPublish."', NOW(), 'awturner', '10.1.30.57');";
$myq = "INSERT INTO `NEWS` (`SHORTNAME`, `TITLE`, `BODY`, DIVID, `PUBLISH`, `TSTAMP`, `AUDITID`, `IP`) \r\n VALUES ('" . $editorShort . "', '" . $editorTitle . "', '" . $editorData . "', '" . $editorDivID . "', '" . $editorPublish . "', NOW(), '" . strtoupper($_SESSION['userName']) . "', INET_ATON('{$_SERVER['REMOTE_ADDR']}'))";
$result = $mysqli->query($myq);
if (!$result) {
throw new Exception("Database Error [{$mysqli->errno}] {$mysqli->error}");
} else {
addLog($config, 'Announcement Added with title ' . $editorTitle);
echo '<h3>Successful Save</h3>';
}
}
}
echo '<div align="center">Note: No Announcement is private to the selected division.<br/>
All users may see the announcement if published</div><Br/>';
} else {
echo 'Access Denied';
}
}
function reserveDetails($config, $reserveID)
{
$mysqli = connectToSQL($reserveDB = TRUE);
echo 'Details for: ' . $reserveID . '<input type="hidden" name="reserveID" value="' . $reserveID . '" />';
if ($config->adminLvl >= 75) {
$updateBtn = isset($_POST['updateBtn']) ? true : false;
if ($updateBtn) {
$group = isset($_POST['resGroup']) ? $mysqli->real_escape_string($_POST['resGroup']) : "";
$fName = isset($_POST['foundUserFNAME']) ? $mysqli->real_escape_string($_POST['foundUserFNAME']) : "";
$lName = isset($_POST['foundUserLNAME']) ? $mysqli->real_escape_string($_POST['foundUserLNAME']) : "";
$radio = isset($_POST['radioNum']) ? $mysqli->real_escape_string($_POST['radioNum']) : "";
$address = isset($_POST['address']) ? $mysqli->real_escape_string($_POST['address']) : "";
$city = isset($_POST['city']) ? $mysqli->real_escape_string($_POST['city']) : "";
$state = isset($_POST['state']) ? $mysqli->real_escape_string($_POST['state']) : "";
$zip = isset($_POST['zip']) ? $mysqli->real_escape_string($_POST['zip']) : "";
$hPhone = isset($_POST['hPhone']) ? $mysqli->real_escape_string($_POST['hPhone']) : "";
$cPhone = isset($_POST['cPhone']) ? $mysqli->real_escape_string($_POST['cPhone']) : "";
$wPhone = isset($_POST['wPhone']) ? $mysqli->real_escape_string($_POST['wPhone']) : "";
$tis = isset($_POST['tis']) ? $mysqli->real_escape_string($_POST['tis']) : "";
$agency = isset($_POST['agency']) ? $mysqli->real_escape_string($_POST['agency']) : "";
$notes = isset($_POST['notes']) ? $mysqli->real_escape_string($_POST['notes']) : "";
if (empty($fName) || empty($lName) || empty($group)) {
echo '<br />Must provide all the highlighted items<br /> Did not Save<br />';
} else {
//Update Fields
$myq = "UPDATE `RESERVE`.`RESERVE` SET\r\n `GRP` = " . $group . ",\r\n `LNAME` = '" . $lName . "',\r\n `FNAME` = '" . $fName . "',\r\n `RADIO` = '" . $radio . "',\r\n `ADDRESS` = '" . $address . "',\r\n `CITY` = '" . $city . "',\r\n `ST` = '" . $state . "',\r\n `ZIP` = '" . $zip . "',\r\n `HOMEPH` = '" . $hPhone . "',\r\n `CELLPH` = '" . $cPhone . "',\r\n `WORKPH` = '" . $wPhone . "',\r\n `TIS` = '" . $tis . "',\r\n `AGENCY` = '" . $agency . "',\r\n `NOTES` = '" . $notes . "' \r\n WHERE `IDNUM` = " . $reserveID;
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
addLog($config, 'Reserve with ID ' . $reserveID . ' Updated');
echo 'Reserve Successfully Updated.<br/>';
}
} else {
$myq = "SELECT * FROM `RESERVE` WHERE `IDNUM` = " . $reserveID;
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
$row = $result->fetch_assoc();
$group = $row['GRP'];
$fName = $row['FNAME'];
$lName = $row['LNAME'];
$radio = $row['RADIO'];
$address = $row['ADDRESS'];
$city = $row['CITY'];
$state = $row['ST'];
$zip = $row['ZIP'];
$hPhone = $row['HOMEPH'];
$cPhone = $row['CELLPH'];
$wPhone = $row['WORKPH'];
$tis = $row['TIS'];
$agency = $row['AGENCY'];
$notes = $row['NOTES'];
}
echo '</div><div align="left" class="login"><table>';
echo '<tr><td> </td><td>First Name: </td><td><input type="text" name="foundUserFNAME" value="' . $fName . '" /></td></tr>';
echo '<tr><td></td><td>Last Name: </td><td><input type="text" name="foundUserLNAME" value="' . $lName . '" /></td></tr>';
echo '<tr><td></td><td>Group: </td><td><select name="resGroup">
<option value="">Select Group</option>
<option value="1"';
if ($group == "1") {
echo " SELECTED";
}
echo '>Group 1</option>
<option value="2"';
if ($group == "2") {
echo " SELECTED";
}
echo '>Group 2</option>
<option value="3"';
if ($group == "3") {
echo " SELECTED";
}
echo '>Group 3</option>
<option value="4"';
if ($group == "4") {
echo " SELECTED";
}
echo '>Group 4</option>
<option value="5"';
if ($group == "5") {
echo " SELECTED";
}
echo '>Group 5</option>
</select></td></tr>';
echo '<tr><td></td><td>Radio#: </td><td><input type="text" name="radioNum" value="' . $radio . '" /></td></tr>';
echo '<tr><td></td><td>Address: </td><td><input type="text" name="address" value="' . $address . '" /></td></tr>';
echo '<tr><td></td><td>City: </td><td><input type="text" name="city" value="' . $city . '" /></td></tr>';
echo '<tr><td></td><td>State: </td><td><input type="text" name="state" value="' . $state . '" /></td></tr>';
echo '<tr><td></td><td>ZIP: </td><td><input type="text" name="zip" value="' . $zip . '" /></td></tr>';
echo '<tr><td></td><td>Home Phone: </td><td><input type="text" name="hPhone" value="' . $hPhone . '" /></td></tr>';
echo '<tr><td></td><td>Cell Phone: </td><td><input type="text" name="cPhone" value="' . $cPhone . '" /></td></tr>';
echo '<tr><td></td><td>Work Phone: </td><td><input type="text" name="wPhone" value="' . $wPhone . '" /></td></tr>';
echo '<tr><td></td><td>Time in Service: </td><td>';
displayDateSelect("tis", "tis", $tis, false, false);
echo '</td></tr>';
echo '<tr><td></td><td>Agency: </td><td><input type="text" name="agency" value="' . $agency . '" /></td></tr>';
echo '<tr><td></td><td>Additional Notes: </td><td><input type="text" name="notes" value="' . $notes . '" /></td></tr><tr><td></td></tr>';
echo '<tr><td></td><td><input type="submit" name="updateBtn" value="Update and Save" /></td><td>';
echo '<input type="submit" name="delBtn" value="Delete Reserve" /> <input type="submit" name="goBackBtn" value="Back To Reserves" /></td></tr>';
echo '</table></div>';
}
}
private function searchReserves()
{
$mysqli = connectToSQL($reserveDB = TRUE);
if ($this->config->adminLvl < 75) {
$myq = "SELECT * FROM `RESERVE` WHERE `GRP` != 5 AND \r\n `LNAME` LIKE CONVERT(_utf8 '%" . $this->config->mysqli->real_escape_string($this->searchUser) . "%' USING latin1) \r\n COLLATE latin1_swedish_ci ";
} else {
$myq = "SELECT * FROM `RESERVE` WHERE \r\n `LNAME` LIKE CONVERT(_utf8 '%" . $this->config->mysqli->real_escape_string($this->searchUser) . "%' USING latin1) \r\n COLLATE latin1_swedish_ci ";
}
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result, $myq);
$begin = $this->rowCount;
$echo = "";
while ($row = $result->fetch_assoc()) {
$this->rowCount++;
$echo .= '<div align="center"><table width="400"><tr><td>';
$echo .= '<input name="foundUser' . $this->rowCount . '" type="submit" value="Select" /></td><td>';
$echo .= '<input type="hidden" name="foundUserFNAME' . $this->rowCount . '" value="' . $row['FNAME'] . '" /> First name: ' . $row['FNAME'] . "<br />";
$echo .= '<input type="hidden" name="foundUserLNAME' . $this->rowCount . '" value="' . $row['LNAME'] . '" /> Last Name: ' . $row['LNAME'] . "<br />";
$echo .= '<input type="hidden" name="foundUserID' . $this->rowCount . '" value="' . $row['IDNUM'] . '" /> Username: '******'FNAME'] . "." . $row['LNAME'] . '<br />';
$echo .= '<input type="hidden" name="foundUserName' . $this->rowCount . '" value="' . $row['FNAME'] . "." . $row['LNAME'] . '" />';
$echo .= "Rank: Reserve Group " . $row['GRP'] . "<br />";
$echo .= '<input type="hidden" name="isReserve' . $this->rowCount . '" value="true" />"';
$echo .= "</td></tr></table></div><br /><hr />";
}
//end While Loop
$rowsAdded = $this->rowCount - $begin;
echo "Number of entries found in the reserve database is " . $rowsAdded . "<br /><br /><hr />";
if ($rowsAdded > 0) {
echo $echo;
}
}
function showKeyLogDetails($config, $keyLogID, $isEditing = false, $isApprove = false, $divID = '')
{
$checkOutKey = isset($_POST['addKeyLog']) ? true : false;
$checkInKey = isset($_POST['checkInKey']) ? true : false;
$updateKeyLog = isset($_POST['updateKeyLog']) ? true : false;
$itemIDs = '';
$debug = '';
$mysqli = $config->mysqli;
$mysqliReserve = connectToSQL($reserveDB = TRUE);
$num_deputies = isset($_POST['num_deputies']) ? $mysqli->real_escape_string($_POST['num_deputies']) : 0;
$totalRows = isset($_POST['totalRows']) ? $mysqli->real_escape_string($_POST['totalRows']) : 0;
$invLogComments = isset($_POST['invLogCommments']) ? $mysqli->real_escape_string(strtoupper($_POST['invLogCommments'])) : '';
if ($checkOutKey) {
//get passed values
echo '<h2><font color="red">Results</font></h2>';
$debug .= 'checking number of deputies ' . $num_deputies . ' <br/>';
if ($num_deputies > 0) {
$podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : '';
$gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
$checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : '';
$nextGroupID = 0;
$gpIDq = "SELECT MAX( GPNUM ) 'gpID' FROM WTS_RADIOLOG";
$gpResult = $mysqli->query($gpIDq);
SQLerrorCatch($mysqli, $gpResult);
$row = $gpResult->fetch_assoc();
$nextGroupID = $row['gpID'] + 1;
for ($i = 0; $i < $num_deputies; $i++) {
$debug .= 'adding deputy id ' . $i . '<br/>';
$deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : false;
$radioCallNum[$i] = isset($_POST['radioCallNum' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['radioCallNum' . $i])) : '';
$isReserve[$i] = isset($_POST['isReserve' . $i]) ? '1' : '0';
$iCount = 0;
for ($z = 0; $z < $totalRows; $z++) {
$debug .= 'Checkbox id: ' . $z;
$itemCheckbox = isset($_POST['itemIDcheckbox' . $z]) ? true : false;
if ($itemCheckbox) {
$debug .= ' is checked';
$itemIDs[$iCount] = $mysqli->real_escape_string(strtoupper($_POST['itemID' . $z]));
$itemType[$iCount] = isset($_POST['itemType' . $z]) ? $mysqli->real_escape_string(strtoupper($_POST['itemType' . $z])) : '';
$iCount++;
$isEditing = true;
}
$debug .= '<br/>';
}
$totalItems = sizeof($itemIDs);
if ($gpID != 0) {
$groupID = $gpID;
} else {
if ($num_deputies == 1) {
//Set Group ID to 0 or Individual
$groupID = 0;
} else {
if ($i == 0) {
$groupID = $nextGroupID;
} else {
$groupID = $nextGroupID - 1;
}
}
}
//if only 1 deputy and multiple items
if ($groupID == 0 && $totalItems > 1) {
$groupID = $nextGroupID;
}
for ($z = 0; $z < $totalItems; $z++) {
$keyLogID = checkOutItem($config, $deputyID[$i], $radioCallNum[$i], $itemIDs[$z], $itemType[$z], $checkOutType, $isReserve[$i], $groupID, $divID);
}
echo '<input type="submit" name="goBtn" value="Back To Logs" />';
}
} else {
if (!empty($invLogComments)) {
$gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
$checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : '';
$nextGroupID = 0;
$gpIDq = "SELECT MAX( GPNUM ) 'gpID' FROM WTS_RADIOLOG";
$gpResult = $mysqli->query($gpIDq);
SQLerrorCatch($mysqli, $gpResult);
$row = $gpResult->fetch_assoc();
$groupID = 0;
$nextGroupID = $row['gpID'] + 1;
$iCount = 0;
for ($z = 0; $z < $totalRows; $z++) {
$debug .= 'Checkbox id: ' . $z;
$itemCheckbox = isset($_POST['itemIDcheckbox' . $z]) ? true : false;
if ($itemCheckbox) {
$debug .= ' is checked';
$itemIDs[$iCount] = $mysqli->real_escape_string(strtoupper($_POST['itemID' . $z]));
$itemType[$iCount] = isset($_POST['itemType' . $z]) ? $mysqli->real_escape_string(strtoupper($_POST['itemType' . $z])) : '';
$iCount++;
$isEditing = true;
}
$debug .= '<br/>';
}
$totalItems = sizeof($itemIDs);
//if only 1 deputy and multiple items
if ($totalItems > 1) {
$groupID = $nextGroupID;
}
for ($z = 0; $z < $totalItems; $z++) {
$keyLogID = checkOutItem($config, '', '', $itemIDs[$z], $itemType[$z], $checkOutType, '0', $groupID, $divID, false, $invLogComments);
}
echo '<input type="submit" name="goBtn" value="Back To Logs" />';
} else {
echo 'Must select a user.<br />';
}
}
echo '<br />';
//popUpMessage($debug);
//display results and get secLogID just added
}
if ($checkInKey) {
$keyLogID = isset($_POST['keyLogID']) ? $_POST['keyLogID'] : '';
$hiddenInputs = '<input type="hidden" value="' . $_POST['dateSelect'] . '" name="dateSelect">
<input type="hidden" name="divisionID" value="' . $_POST['divisionID'] . '" />
<input type="hidden" value="' . $keyLogID . '" name="keyLogID">
<input type="hidden" value="true" name="checkInKey">';
checkInRadioLog($config, $keyLogID, $noLog = false, $hiddenInputs);
$isEditing = true;
}
if ($updateKeyLog) {
////get posted values
$keyLogID = isset($_POST['keyLogID']) ? $mysqli->real_escape_string($_POST['keyLogID']) : '';
$podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : '';
$radioCallNum = isset($_POST['radioCallNum']) ? $mysqli->real_escape_string(strtoupper($_POST['radioCallNum'])) : '';
$checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : '';
$debug .= 'Updating KeyLogID ' . $keyLogID;
for ($z = 0; $z < $totalRows; $z++) {
$debug .= 'Checkbox id: ' . $z;
$itemCheckbox = isset($_POST['itemIDcheckbox' . $z]) ? true : false;
if ($itemCheckbox) {
$debug .= ' is checked';
$itemIDs[$z] = $mysqli->real_escape_string(strtoupper($_POST['itemID' . $z]));
$itemType[$z] = isset($_POST['itemType' . $z]) ? $mysqli->real_escape_string(strtoupper($_POST['itemType' . $z])) : '';
updateRadioLog($config, $keyLogID, $radioCallNum, $itemIDs[$z], $checkOutType, $invLogComments);
$isEditing = true;
}
$debug .= '<br/>';
}
//popUpMessage($debug);
$isEditing = true;
}
if ($isEditing) {
$filters = showSelectDivision($config, $divID, "I.");
if ($config->adminLvl >= 0) {
$mysqli = $config->mysqli;
$myq = "SELECT R.REFNUM, R.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime', R.COMMENTS\r\n FROM WTS_RADIOLOG R\r\n JOIN EMPLOYEE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n WHERE R.REFNUM = '" . $keyLogID . "' AND IS_RESERVE=0\r\n UNION\r\n SELECT R.REFNUM, R.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime', R.COMMENTS\r\n FROM WTS_RADIOLOG R\r\n JOIN RESERVE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n WHERE R.REFNUM = '" . $keyLogID . "' AND IS_RESERVE=1\r\n ";
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
$row = $result->fetch_assoc();
if ($row['gpID'] != 0 && false) {
//get all users
echo '<div align="center">Group Reference #: ' . $row['gpID'] . '
<input type="hidden" name="gpID" value="' . $row['gpID'] . '" /></div>';
$newq = "SELECT R.REFNUM 'refNum', R.GPNUM 'gpID', \r\n CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, R.COMMENTS,\r\n R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n FROM WTS_RADIOLOG R\r\n JOIN EMPLOYEE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n WHERE R.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=0\r\n UNION\r\n SELECT R.REFNUM 'refNum', R.GPNUM 'gpID', \r\n CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, R.COMMENTS, \r\n R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n FROM WTS_RADIOLOG R\r\n JOIN RESERVE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n WHERE R.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=1";
$newResult = $mysqli->query($newq);
SQLerrorCatch($mysqli, $newResult, $newq);
$x = 0;
$y = 0;
$depTable = array(array());
$selectedRows = array();
$sRows = 0;
$depTable[$x][$y] = "Deputy";
$y++;
$depTable[$x][$y] = "Radio#";
$y++;
$x++;
while ($newRow = $newResult->fetch_assoc()) {
$y = 0;
$lastDeputy = false;
for ($t = 0; $t < sizeof($depTable); $t++) {
if ($newRow['DEPUTYNAME'] == $depTable[$t][0]) {
$lastDeputy = true;
break;
}
}
if (!$lastDeputy && !empty($newRow['DEPUTYNAME'])) {
$depTable[$x][$y] = $newRow['DEPUTYNAME'];
$y++;
$depTable[$x][$y] = '<input type="text" name="radioCallNum' . $x . '" value="' . $newRow['RADIO_CALLNUM'] . '" />';
$y++;
$x++;
}
//echo '<option value="'.$selectedValue.'" SELECTED>'.$row['SERIAL_NUM'].$itemDesc.'</option>';
$selectedRows[$sRows] = $newRow['refNum'];
$sRows++;
}
if (sizeof($depTable) > 0) {
showSortableTable($depTable, 0);
} else {
echo 'Comments (include person\'s name and company): <input size=50 name="invLogCommments" value="' . $invLogComments . '"/><br/><Br/>';
}
selectInventory($config, $selectedRows, $filters);
} else {
echo '<br/>Reference #: ' . $keyLogID . '<input type="hidden" name="keyLogID" value="' . $keyLogID . '" /><br />';
if ($row['DEPUTYNAME'] == "SYSTEM, USER") {
echo ' Comments (include person\'s name and company): <br/><input size=50 name="invLogCommments" value="' . $row['COMMENTS'] . '"/><br/><Br/>';
} else {
echo 'Deputy: ' . $row['DEPUTYNAME'] . '
Radio#: <input type="text" name="radioCallNum" value="' . $row['RADIO_CALLNUM'] . '" /><br/>
';
}
$selectedRows[0] = $keyLogID;
selectInventory($config, $selectedRows, $filters);
}
//selectRadioInventory($config, "radioID", $row['RADIOID']);
echo '<br/><br/>';
if ($row['TYPE'] == "LOANER") {
echo '<input type="radio" name="checkOutType" value="LOANER" CHECKED>LOANER</input>';
} else {
echo '<input type="radio" name="checkOutType" value="LOANER">LOANER</input>';
}
if ($row['TYPE'] == "SHIFT") {
echo '<input type="radio" name="checkOutType" value="SHIFT" CHECKED>SHIFT ASSIGNMENT</input><br/>';
} else {
echo '<input type="radio" name="checkOutType" value="SHIFT">SHIFT ASSIGNMENT</input>';
}
if ($config->adminLvl >= 25) {
if ($row['TYPE'] == "PERM") {
echo '<input type="radio" name="checkOutType" value="PERM" CHECKED>PERMANENT</input>';
} else {
echo '<input type="radio" name="checkOutType" value="PERM">PERMANENT</input>';
}
}
echo '<br/><br/>Checked in time: ';
if (strcmp($row['inTime'], "00/00/00 0000") == 0) {
echo "<font color=red><b>Not Checked back in Yet</b></font><br /><br />";
echo '<input type="submit" name="checkInKey" value="Check Back In" />';
} else {
echo '<font color=red>' . $row['inTime'] . '</font><br /><br />';
}
if (strcmp($row['inTime'], "00/00/00 0000") == 0 || $config->adminLvl >= 25) {
echo '<input type="submit" name="updateKeyLog" value="Update" />';
}
if ($isApprove) {
echo '<input type="submit" name="backToApprove" value="Back To Approvals" />';
} else {
echo '<input type="submit" name="goBtn" value="Back To Logs" />';
}
} else {
echo 'Access Denied';
}
}
if (!$isEditing && !isset($_POST['goBtn'])) {
$filters = showSelectDivision($config, $divID, "I.");
echo '<br/>';
$keyLogID = isset($_POST['keyLogID']) ? $mysqli->real_escape_string($_POST['keyLogID']) : '';
$keyID = isset($_POST['keyID']) ? $mysqli->real_escape_string(strtoupper($_POST['keyID'])) : '';
$podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : '';
$checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : '';
$invLogComments = isset($_POST['invLogCommments']) ? $mysqli->real_escape_string(strtoupper($_POST['invLogCommments'])) : '';
//debug
//var_dump($_POST);
//Show previously added deputies
$deputyCount = 0;
if ($num_deputies > 0) {
for ($i = 0; $i < $num_deputies; $i++) {
if (!isset($_POST['removeDeputyBtn' . $i])) {
$deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : '';
$isReserve[$i] = isset($_POST['isReserve' . $i]) ? true : false;
//get this user's information
if ($isReserve[$i]) {
$myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $deputyID[$i];
$result = $mysqliReserve->query($myq);
SQLerrorCatch($mysqliReserve, $result);
$row = $result->fetch_assoc();
} else {
$myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $deputyID[$i];
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
$row = $result->fetch_assoc();
}
if ($i == 0) {
$phone = $row['CELLPH'];
}
echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $deputyID[$i] . '" />';
if ($isReserve[$i] == 1) {
echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />';
}
echo $row['LNAME'] . ', ' . $row['FNAME'];
echo '; Radio Call #: <input type="hidden" name="radioCallNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />' . $row['RADIO'];
echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />';
echo '<br/>';
$deputyCount++;
}
}
//End for loop of previously added deputies
}
//End check for multiple deputies
//Get added Deputy
$totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : 0;
$foundUserFNAME = '';
$foundUserLNAME = '';
$foundUserName = '';
$foundUserID = '';
if ($totalRows > 0) {
//get post info providied from search results
for ($i = 0; $i <= $totalRows; $i++) {
if (isset($_POST['foundUser' . $i])) {
$foundUserFNAME = $_POST['foundUserFNAME' . $i];
$foundUserLNAME = $_POST['foundUserLNAME' . $i];
$foundUserName = $_POST['foundUserName' . $i];
$foundUserID = $_POST['foundUserID' . $i];
if (isset($_POST['isReserve' . $i])) {
$foundUserIsReserve = true;
} else {
$foundUserIsReserve = false;
}
break;
}
//end if
}
//end for
}
if (empty($foundUserID) && $num_deputies == 0) {
//security check for central control computer
if ($_SERVER['REMOTE_ADDR'] != nslookup('WSRF14900.mahoningcountyoh.gov')) {
//'10.1.32.72'
//Default first deputy to logged in user on first load
$foundUserID = $_SESSION['userIDnum'];
$foundUserIsReserve = false;
}
}
if (!empty($foundUserID)) {
if ($foundUserIsReserve) {
$myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $foundUserID;
$result = $mysqliReserve->query($myq);
SQLerrorCatch($mysqliReserve, $result);
} else {
$myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $foundUserID;
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
}
$row = $result->fetch_assoc();
if ($deputyCount == 0) {
$phone = $row['CELLPH'];
}
echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $foundUserID . '" />';
if ($foundUserIsReserve) {
echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />';
}
echo $row['LNAME'] . ', ' . $row['FNAME'];
echo '; Radio Call#: <input name="radioCallNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />';
echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />';
echo '<br/>';
$deputyCount++;
}
if (empty($foundUserID) && $deputyCount == 0) {
//If no deputy
echo 'Add Deputy: ';
displayUserLookup($config);
echo ' <br/><br/>or Comments (include person\'s name and company): <input size=50 name="invLogCommments" value="' . $invLogComments . '"/>';
}
echo '<input type="hidden" name="num_deputies" value="' . $deputyCount . '" />';
$gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
echo '<br/><br/><input type="hidden" name="gpID" value="' . $gpID . '" />';
selectInventory($config, $itemIDs, $filters);
echo '<br/><br/>';
if ($checkOutType == "LOANER" || empty($checkOutType)) {
echo '<input type="radio" name="checkOutType" value="LOANER" CHECKED>LOANER</input>';
} else {
echo '<input type="radio" name="checkOutType" value="LOANER">LOANER</input>';
}
if ($checkOutType == "SHIFT") {
echo '<input type="radio" name="checkOutType" value="SHIFT" CHECKED>SHIFT ASSIGNMENT</input><br/>';
} else {
echo '<input type="radio" name="checkOutType" value="SHIFT">SHIFT ASSIGNMENT</input>';
}
if ($config->adminLvl >= 25) {
if ($checkOutType == "PERM") {
echo '<input type="radio" name="checkOutType" value="PERM" CHECKED>PERMANENT</input>';
} else {
echo '<input type="radio" name="checkOutType" value="PERM">PERMANENT</input>';
}
}
echo '<br/><br/><input type="hidden" name="checkoutKeyBtn" value="true" />
<input type="submit" name="addKeyLog" value="Check Out Selected Items" />
<input type="submit" name="goBtn" value="Cancel" />';
}
}
public function wts_inv_log($config)
{
$this->config = $config;
$this->mysqliReserve = connectToSQL($reserveDB = TRUE);
}