Example #1
0
 public function Config()
 {
     $this->mysqli = connectToSQL();
     $myq = "SELECT * FROM CONFIG;";
     $result = $this->mysqli->query($myq);
     $result->data_seek(0);
     //moves internal pointer to 0, fetch starts here
     while ($row = $result->fetch_assoc()) {
         //fetch assoc array && pointer++
         if (strcmp($row['Variable'], "WebTitle") == 0) {
             $this->webTitle = $row['Value'];
         }
         if (strcmp($row['Variable'], "Ver") == 0) {
             $this->version = $row['Value'];
         }
         if (strcmp($row['Variable'], "Domain") == 0) {
             $this->domain = $row['Value'];
         }
         if (strcmp($row['Variable'], "ldap_server") == 0) {
             $this->ldap_server = $row['Value'];
         }
         if (strcmp($row['Variable'], "ldap_user") == 0) {
             $this->ldapUser = $row['Value'];
         }
         if (strcmp($row['Variable'], "ldap_user_pass") == 0) {
             $this->ldapPass = $row['Value'];
         }
         if (strcmp($row['Variable'], "install_year") == 0) {
             $this->installYear = $row['Value'];
         }
     }
     $this->anchorID = false;
     $this->showPrinterFriendly = true;
     //Prepare for Mahoning County Domain Migration
     $this->ldap_MCO_domain = "mahoningcountyoh.gov";
     $this->ldap_MCO_server = "10.2.35.25";
     $this->ldap_MCO_OU = "OU=Sheriff,OU=Departments,";
     $this->ldap_MCSO_OUS = array("OU=Sheriff,OU=Departments,", "OU=E-911,OU=ADMIN BLDG,OU=Departments,");
 }
Example #2
0
function delUser($user)
{
    $errorText = '';
    //remove user from database
    $mysqli = connectToSQL();
    $myq = "DELETE FROM EMPLOYEE WHERE ID='" . $mysqli->real_escape_string($user) . "'";
    $result = $mysqli->query($myq);
    if (!$result) {
        $errorText = "No such user";
    } else {
        $errorText = "The User, " . $user . " has been Removed";
    }
    return $errorText;
}
Example #3
0
function displayUsers()
{
    /*
     * Shows all users and gives the option to edit any fields
     */
    $admin = $_SESSION['admin'];
    if ($admin >= 50 && isValidUser()) {
        $mysqli = connectToSQL();
        $myq = "SELECT *\r\n                FROM EMPLOYEE";
        $result = $mysqli->query($myq);
        if (!$result) {
            throw new Exception("Database Error [{$mysqli->errno}] {$mysqli->error}");
        }
        //build table
        resultTable($mysqli, $result);
        //write any updates to DB when Save is pressed
        if (isset($_POST['saveBtn'])) {
            //saveBtn created in resultTable()
            $result = $mysqli->query($myq);
            $i = 0;
            $fieldNameArray = array();
            $values = array();
            while ($finfo = mysqli_fetch_field($result)) {
                $tableName = $finfo->orgtable;
                $fieldNameArray[$i] = $finfo->orgname;
                $values["{$fieldNameArray[$i]}"] = $fieldNameArray[$i] . "=" . "'" . $mysqli->real_escape_string($_POST["{$fieldNameArray[$i]}"]) . "'";
                $i++;
            }
            //turn the array into comma seperated values
            $csvValues = implode(',', $values);
            $updateQuery = "UPDATE " . $tableName . " SET " . $csvValues . " \r\n            WHERE " . $values['ID'];
            echo "<br>" . $updateQuery;
            $updateResult = $mysqli->query($updateQuery);
            if (!$updateResult) {
                throw new Exception("Database Error [{$mysqli->errno}] {$mysqli->error}");
            }
        }
    }
}
function displayLeaveApproval($config)
{
    $mysqli = $config->mysqli;
    ?>
<form method="post" name="approveBtn"><?php 
    echo '<h3>Leave Requests Pending Approval</h3>';
    approvePOSTLeaveRequests($config);
    /*
     * Form used to approve leave
     * 
     */
    $admin = $_SESSION['admin'];
    if ($admin >= 25) {
        $divisionID = isset($_POST['divisionID']) ? $_POST['divisionID'] : false;
        $mysqli = connectToSQL();
        echo '<div align="center"><a href="?lookup=true">Request Lookup by Employee</a><br/><br />
            Show Submitted Requests for the following division: 
            <select name="divisionID" onchange="this.form.submit()">';
        if (isset($_POST['divisionID'])) {
            $divisionID = $_POST['divisionID'];
        } else {
            if ($admin >= 50) {
                $divisionID = "All";
            } else {
                $mydivq = "SELECT DIVISIONID FROM EMPLOYEE E WHERE E.IDNUM='" . $config->mysqli->real_escape_string($_SESSION['userIDnum']) . "'";
                $myDivResult = $mysqli->query($mydivq);
                SQLerrorCatch($mysqli, $myDivResult);
                $temp = $myDivResult->fetch_assoc();
                $divisionID = $temp['DIVISIONID'];
            }
        }
        $alldivq = "SELECT * FROM `DIVISION` WHERE 1";
        $allDivResult = $mysqli->query($alldivq);
        SQLerrorCatch($mysqli, $allDivResult);
        while ($Divrow = $allDivResult->fetch_assoc()) {
            echo '<option value="' . $Divrow['DIVISIONID'] . '"';
            if ($Divrow['DIVISIONID'] == $divisionID) {
                echo ' SELECTED ';
            }
            echo '>' . $Divrow['DESCR'] . '</option>';
        }
        if ($divisionID == "All") {
            echo '<option value="All" SELECTED>All</option>';
        } else {
            echo '<option value="All">All</option>';
        }
        echo '</select>';
        echo '</div><br />';
        //Page Breaks Setup
        $prevNum = isset($_POST['prevNum']) ? $_POST['prevNum'] : "0";
        $nextNum = isset($_POST['nextNum']) ? $_POST['nextNum'] : "25";
        $limit = isset($_POST['limit']) ? $_POST['limit'] : "25";
        if (isset($_POST['prevBtn'])) {
            $prevNum = $prevNum - $limit;
            $nextNum = $nextNum - $limit;
        }
        if (isset($_POST['nextBtn'])) {
            $prevNum = $prevNum + $limit;
            $nextNum = $nextNum + $limit;
        }
        //$shift = isset($_POST['shiftID']) ? $_POST['shiftID'] : '%';
        //  i did add this to a where clause, didn't seem to work: AND E.ASSIGN LIKE '%".$shift."%'
        if (strcmp($divisionID, "All") == 0) {
            $myq = "SELECT *                         \r\n                        FROM REQUEST R, TIMETYPE T, EMPLOYEE E\r\n                        WHERE R.TIMETYPEID=T.TIMETYPEID\r\n                        AND   R.IDNUM=E.IDNUM\r\n                        AND STATUS='PENDING'";
        } else {
            $myq = "SELECT *                         \r\n                        FROM REQUEST R, TIMETYPE T, EMPLOYEE E\r\n                        WHERE R.TIMETYPEID=T.TIMETYPEID\r\n                        AND   R.IDNUM=E.IDNUM\r\n                        AND STATUS='PENDING'\r\n                        AND E.DIVISIONID IN (" . $config->mysqli->real_escape_string($divisionID) . ")";
        }
        $result = $mysqli->query($myq);
        SQLerrorCatch($mysqli, $result);
        $totalRows = $result->num_rows;
        if (strcmp($divisionID, "All") == 0) {
            $myq = "SELECT DISTINCT REFER 'RefNo', RADIO 'Radio', CONCAT_WS(', ',LNAME,FNAME) 'Employee', \r\n                            DATE_FORMAT(REQDATE,'%b %d %Y %H%i') 'Requested', \r\n                            DATE_FORMAT(USEDATE,'%b %d %Y') 'Used', DATE_FORMAT(BEGTIME,'%H%i') 'Start',\r\n                            DATE_FORMAT(ENDTIME,'%H%i') 'End', HOURS 'Hrs',\r\n                            T.DESCR 'Type', SUBTYPE 'Subtype', NOTE 'Comment', STATUS 'Status'                         \r\n                        FROM REQUEST R, TIMETYPE T, EMPLOYEE E\r\n                        WHERE R.TIMETYPEID=T.TIMETYPEID\r\n                        AND   R.IDNUM=E.IDNUM\r\n                        AND STATUS='PENDING'\r\n                        ORDER BY REFER \r\n                        LIMIT " . $config->mysqli->real_escape_string($prevNum) . ",  " . $config->mysqli->real_escape_string($limit);
        } else {
            $myq = "SELECT DISTINCT REFER 'RefNo', RADIO 'Radio', CONCAT_WS(', ',LNAME,FNAME) 'Employee', \r\n                            DATE_FORMAT(REQDATE,'%b %d %Y %H%i') 'Requested', \r\n                            DATE_FORMAT(USEDATE,'%b %d %Y') 'Used', DATE_FORMAT(BEGTIME,'%H%i') 'Start',\r\n                            DATE_FORMAT(ENDTIME,'%H%i') 'End', HOURS 'Hrs',\r\n                            T.DESCR 'Type', SUBTYPE 'Subtype', NOTE 'Comment', STATUS 'Status'                         \r\n                        FROM REQUEST R, TIMETYPE T, EMPLOYEE E\r\n                        WHERE R.TIMETYPEID=T.TIMETYPEID\r\n                        AND   R.IDNUM=E.IDNUM\r\n                        AND STATUS='PENDING'\r\n                        AND E.DIVISIONID IN (" . $config->mysqli->real_escape_string($divisionID) . ")\r\n                        ORDER BY REFER \r\n                        LIMIT " . $config->mysqli->real_escape_string($prevNum) . ",  " . $config->mysqli->real_escape_string($limit);
        }
        //echo $myq; //DEBUG
        $result = $mysqli->query($myq);
        SQLerrorCatch($mysqli, $result);
        //build table
        //resultTable($mysqli, $result);
        $x = 0;
        $y = 0;
        $theTable = array(array());
        $echo = '<table><tr>';
        $result->data_seek(0);
        while ($finfo = $result->fetch_field()) {
            $echo .= "<th>" . $finfo->name . "</th>";
            $theTable[$x][$y] = $finfo->name;
            $y++;
        }
        $x++;
        $echo .= '</tr>';
        $result = $mysqli->query($myq);
        SQLerrorCatch($mysqli, $result);
        $result->data_seek(0);
        $rowCount = 0;
        while ($row = $result->fetch_array(MYSQLI_NUM)) {
            $echo .= "<tr>";
            $refNo = '';
            //$refs[$rowCount] = $row[0]; //save ref # in an array
            for ($i = 0; $i < $mysqli->field_count; $i++) {
                $echo .= "<td style='white-space: nowrap'>";
                if ($i == 0) {
                    $refNo = $row[$i];
                    $echo .= '<input type="hidden" name="refNum' . $rowCount . '" value="' . $row[$i] . '" />';
                    $theTable[$x][$i] = '<input type="hidden" name="refNum' . $rowCount . '" value="' . $row[$i] . '" />' . $row[$i];
                } else {
                    $echo .= "{$row[$i]}</td>";
                    $theTable[$x][$i] = $row[$i];
                }
            }
            $echo .= "</tr>";
            $echo .= "<td style='white-space: nowrap'></td><td>";
            $echo .= "<input type='radio' name='approve{$rowCount}' value='APPROVED' /> Approved</td> \r\n                    <td style='white-space: nowrap'><input type='radio' name='approve{$rowCount}' value='DENIED'> Denied</td>\r\n                    <td style='white-space: nowrap' colspan='8'>Reason:<input type='text' name='reason{$rowCount}' size='50'/></td>";
            $x++;
            $y = 0;
            $theTable[$x][$y] = '';
            $y++;
            $theTable[$x][$y] = "<input type='radio' name='approve{$rowCount}' value='APPROVED' /> Approved";
            $y++;
            $theTable[$x][$y] = "<input type='radio' name='approve{$rowCount}' value='DENIED'> Denied";
            $y++;
            $theTable[$x][$y] = "<td colspan='8'>Reason:<input type='text' name='reason{$rowCount}' size='50'/>";
            $y++;
            $theTable[$x][$y] = '';
            $y++;
            $rowCount++;
            $x++;
        }
        echo '<hr />';
        echo '<div align="center">Number of entries found in the reserve database is: ' . $totalRows . '</div>';
        echo '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
        echo '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
        echo '<input type="hidden" name="searchFullTime" value="false" />';
        echo '<input type="hidden" name="searchReserves" value="checked" />';
        echo '<input type="hidden" name="prevNum" value="' . $prevNum . '" />';
        echo '<input type="hidden" name="nextNum" value="' . $nextNum . '" />';
        $lastRec = $prevNum + $limit;
        echo '<br/>';
        echo 'Showing Records ' . $prevNum . ' to ' . $lastRec;
        //Spacing characters
        echo '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
        echo '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
        echo '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
        echo '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
        if (!$prevNum > 0) {
            echo '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
            echo '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
        }
        echo 'Records: <select name="limit" onChange="this.form.submit()" >
            <option value="25"';
        if (strcmp($limit, "25") == 0) {
            echo ' SELECTED';
        }
        echo '>25</option>
            <option value="50"';
        if (strcmp($limit, "50") == 0) {
            echo ' SELECTED';
        }
        echo '>50</option>
            </select>';
        if ($prevNum > 0) {
            echo '<input type="submit" name="prevBtn" value="Previous" />';
        }
        if ($limit == $rowCount) {
            echo '<input type="submit" name="nextBtn" value="Next" />';
        }
        echo '<br/>';
        //echo $echo;
        showSortableTable($theTable, 1, $tableID = 'timeApprove', $rowsToSortNext = array(), $noSort = true);
        echo '<input type="hidden" name="totalRows" value="' . $rowCount . '" />';
        echo '</table> <p><input type="submit" name="approveBtn" value="Save"></p></form>';
    } else {
        echo "Permission Denied.";
    }
}
Example #5
0
function showRadioLogDetails($config, $radioLogID, $isEditing = false, $isApprove = false)
{
    $checkOutRadio = isset($_POST['addRadioLog']) ? true : false;
    $checkInRadio = isset($_POST['checkInRadio']) ? true : false;
    $updateRadioLog = isset($_POST['updateRadioLog']) ? true : false;
    $num_deputies = isset($_POST['num_deputies']) ? $_POST['num_deputies'] : 0;
    $totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : 0;
    $mysqli = $config->mysqli;
    $mysqliReserve = connectToSQL($reserveDB = TRUE);
    if ($checkOutRadio) {
        //get passed values
        echo '<h2><font color="red">Results</font></h2>';
        if ($num_deputies > 0) {
            for ($i = 0; $i < $num_deputies; $i++) {
                $deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : false;
                $radioCallNum[$i] = isset($_POST['radioCallNum' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['radioCallNum' . $i])) : '';
                $isReserve[$i] = isset($_POST['isReserve' . $i]) ? '1' : '0';
            }
            $radioID = isset($_POST['radioID']) ? $mysqli->real_escape_string(strtoupper($_POST['radioID'])) : '';
            $podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : '';
            $checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : '';
            $gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
            for ($i = 0; $i < $num_deputies; $i++) {
                $gpIDq = "SELECT MAX( GPNUM ) 'gpID' FROM WTS_RADIOLOG";
                $gpResult = $mysqli->query($gpIDq);
                SQLerrorCatch($mysqli, $gpResult);
                $row = $gpResult->fetch_assoc();
                if ($gpID != 0) {
                    $groupID = $gpID;
                } else {
                    $groupID = 0;
                    if ($num_deputies == 1) {
                        //Set Group ID to 0 or Individual
                    } else {
                        if ($i == 0) {
                            $groupID = $row['gpID'] + 1;
                        } else {
                            $groupID = $row['gpID'];
                        }
                    }
                }
                checkOutItem($config, $deputyID[$i], $radioCallNum[$i], $radioID, $checkOutType, $isReserve[$i], $groupID);
            }
        } else {
            echo 'Must select a user.<br />';
        }
        echo '<br />';
        //display results and get secLogID just added
    }
    if ($checkInRadio) {
        $radioLogID = isset($_POST['radioLogID']) ? $_POST['radioLogID'] : '';
        checkInRadioLog($config, $radioLogID);
        $isEditing = true;
    }
    if ($updateRadioLog) {
        ////get posted values
        $radioLogID = isset($_POST['radioLogID']) ? $mysqli->real_escape_string($_POST['radioLogID']) : '';
        $radioID = isset($_POST['radioID']) ? $mysqli->real_escape_string(strtoupper($_POST['radioID'])) : '';
        $podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : '';
        $radioCallNum = isset($_POST['radioCallNum']) ? $mysqli->real_escape_string(strtoupper($_POST['radioCallNum'])) : '';
        $checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : '';
        updateRadioLog($config, $radioLogID, $radioCallNum, $radioID, $podID, $checkOutType);
        $isEditing = true;
    }
    if ($isEditing) {
        if ($config->adminLvl >= 0) {
            $mysqli = $config->mysqli;
            $myq = "SELECT R.REFNUM, R.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n                        R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n                    FROM WTS_RADIOLOG R\r\n                    JOIN EMPLOYEE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n                    WHERE R.REFNUM = '" . $radioLogID . "' AND IS_RESERVE=0\r\n                    UNION\r\n                    SELECT R.REFNUM, R.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n                        R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n                    FROM WTS_RADIOLOG R\r\n                    JOIN RESERVE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n                    WHERE R.REFNUM = '" . $radioLogID . "' AND IS_RESERVE=1\r\n                    ";
            $result = $mysqli->query($myq);
            SQLerrorCatch($mysqli, $result);
            $row = $result->fetch_assoc();
            if ($row['gpID'] != 0) {
                //get all users
                echo '<div align="center">Group Reference #: ' . $row['gpID'] . '
                    <input type="hidden" name="gpID" value="' . $row['gpID'] . '" /></div>';
                $newq = "SELECT R.REFNUM 'refNum', R.GPNUM 'gpID', \r\n                        CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n                        R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n                    FROM WTS_RADIOLOG R\r\n                    JOIN EMPLOYEE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n                    WHERE R.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=0\r\n                    UNION\r\n                    SELECT R.REFNUM 'refNum', R.GPNUM 'gpID', \r\n                        CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n                        R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n                    FROM WTS_RADIOLOG R\r\n                    JOIN RESERVE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n                    WHERE R.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=1\r\n                    ORDER BY R.REFNUM";
                $newResult = $mysqli->query($newq);
                SQLerrorCatch($mysqli, $newResult);
                $x = 0;
                $y = 0;
                $depTable = array(array());
                $depTable[$x][$y] = "Reference#";
                $y++;
                $depTable[$x][$y] = "Deputy";
                $y++;
                $depTable[$x][$y] = "Radio#";
                $y++;
                $depTable[$x][$y] = "Action";
                $y++;
                $x++;
                while ($newRow = $newResult->fetch_assoc()) {
                    $y = 0;
                    $depTable[$x][$y] = $newRow['refNum'] . '
                        <input type="hidden" name="radioLogID' . $x . '" value="' . $newRow['refNum'] . '" />';
                    $y++;
                    $depTable[$x][$y] = $newRow['DEPUTYNAME'];
                    $y++;
                    $depTable[$x][$y] = '<input type="text" name="radioCallNum' . $x . '" value="' . $newRow['RADIO_CALLNUM'] . '" />';
                    $y++;
                    if (strcmp($newRow['inTime'], "00/00/000 0000") == 0) {
                        $depTable[$x][$y] = '<input type="submit" value="Update" name="updateRadioLog' . $x . '" />
                                <input type="submit" value="LogOut" name="logoutRadioLog' . $x . '" /><br/>';
                        $y++;
                    } else {
                        if ($config->adminLvl >= 25) {
                            $depTable[$x][$y] = '<input type="submit" value="Update" name="updateRadioLog' . $x . '" />
                                Checked in at ' . $newRow['inTime'];
                            $y++;
                        } else {
                            $depTable[$x][$y] = 'Checked in at ' . $newRow['inTime'];
                            $y++;
                        }
                    }
                    $x++;
                }
                showSortableTable($depTable, 1);
            } else {
                echo '<br/>Reference #: ' . $radioLogID . '<input type="hidden" name="radioLogID" value="' . $radioLogID . '" /><br />
                    Deputy: ' . $row['DEPUTYNAME'] . '<br/>
                    Radio#: <input type="text" name="radioCallNum" value="' . $row['RADIO_CALLNUM'] . '" /><br/>';
            }
            echo '<div align="left">Add Deputy: <button type="button"  name="searchBtn" 
                value="Lookup Employee" onClick="this.form.action=' . "'?userLookup=true'" . ';this.form.submit()" >
                Lookup Employee</button></div><br/>';
            echo '<br/> Radio Number: ';
            selectRadioInventory($config, "radioID", $row['RADIOID']);
            echo '<br/><br/>';
            if ($row['TYPE'] == "LOANER") {
                echo '<input type="radio" name="checkOutType" value="LOANER" CHECKED>LOANER</input>';
            } else {
                echo '<input type="radio" name="checkOutType" value="LOANER">LOANER</input>';
            }
            if ($row['TYPE'] == "PERM") {
                echo '<input type="radio" name="checkOutType" value="PERM" CHECKED>PERMANENT</input>';
            } else {
                echo '<input type="radio" name="checkOutType" value="PERM">PERMANENT</input>';
            }
            if ($row['TYPE'] == "POD") {
                echo '<input type="radio" name="checkOutType" value="POD" CHECKED>SHIFT ASSIGNMENT</input><br/>';
            } else {
                echo '<input type="radio" name="checkOutType" value="POD">SHIFT ASSIGNMENT</input><br/>';
            }
            echo '<br/>Checked in time: ';
            if (strcmp($row['inTime'], "00/00/00 0000") == 0) {
                echo "<font color=red><b>Not Checked back in Yet</b></font><br /><br />";
                if ($row['gpID'] != 0) {
                    echo '<input type="submit" name="checkInAllRadio" value="Check in All" />';
                } else {
                    echo '<input type="submit" name="checkInRadio" value="Check Back In" />';
                }
            } else {
                echo $row['inTime'] . '<br /><br />';
            }
            if (strcmp($row['inTime'], "00/00/0000 0000") == 0 || $config->adminLvl >= 25) {
                if ($row['gpID'] != 0) {
                    echo '<input type="submit" name="updateRadioLogAll" value="Update All" />';
                } else {
                    echo '<input type="submit" name="updateRadioLog" value="Update" />';
                }
            }
            if ($isApprove) {
                echo '<input type="submit" name="backToApprove" value="Back To Approvals" />';
            } else {
                echo '<input type="submit" name="goBtn" value="Back To Logs" />';
            }
        } else {
            echo 'Access Denied';
        }
    }
    if (!$isEditing && !isset($_POST['goBtn'])) {
        echo '<br/><br/>';
        $radioLogID = isset($_POST['secLogID']) ? $mysqli->real_escape_string($_POST['secLogID']) : '';
        $radioID = isset($_POST['radioID']) ? $mysqli->real_escape_string(strtoupper($_POST['radioID'])) : '';
        $podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : '';
        $checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : '';
        //debug
        //var_dump($_POST);
        //Show previously added deputies
        $deputyCount = 0;
        if ($num_deputies > 0) {
            for ($i = 0; $i < $num_deputies; $i++) {
                if (!isset($_POST['removeDeputyBtn' . $i])) {
                    $deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : '';
                    $isReserve[$i] = isset($_POST['isReserve' . $i]) ? true : false;
                    //get this user's information
                    if ($isReserve[$i]) {
                        $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $deputyID[$i];
                        $result = $mysqliReserve->query($myq);
                        SQLerrorCatch($mysqliReserve, $result);
                        $row = $result->fetch_assoc();
                    } else {
                        $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $deputyID[$i];
                        $result = $mysqli->query($myq);
                        SQLerrorCatch($mysqli, $result);
                        $row = $result->fetch_assoc();
                    }
                    if ($i == 0) {
                        $phone = $row['CELLPH'];
                    }
                    echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $deputyID[$i] . '" />';
                    if ($isReserve[$i] == 1) {
                        echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />';
                    }
                    echo $row['LNAME'] . ', ' . $row['FNAME'];
                    echo ';  Radio Call #: <input type="hidden" name="radioCallNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />' . $row['RADIO'];
                    echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />';
                    echo '<br/>';
                    $deputyCount++;
                }
            }
            //End for loop of previously added deputies
        }
        //End check for multiple deputies
        //Get added Deputy
        $totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : 0;
        $foundUserFNAME = '';
        $foundUserLNAME = '';
        $foundUserName = '';
        $foundUserID = '';
        if ($totalRows > 0) {
            //get post info providied from search results
            for ($i = 0; $i <= $totalRows; $i++) {
                if (isset($_POST['foundUser' . $i])) {
                    $foundUserFNAME = $_POST['foundUserFNAME' . $i];
                    $foundUserLNAME = $_POST['foundUserLNAME' . $i];
                    $foundUserName = $_POST['foundUserName' . $i];
                    $foundUserID = $_POST['foundUserID' . $i];
                    if (isset($_POST['isReserve' . $i])) {
                        $foundUserIsReserve = true;
                    } else {
                        $foundUserIsReserve = false;
                    }
                    break;
                }
                //end if
            }
            //end for
        }
        if (empty($foundUserID) && $num_deputies == 0) {
            //security check for central control computer
            if ($_SERVER['REMOTE_ADDR'] != nslookup('WSRF14900.mahoningcountyoh.gov')) {
                //'10.1.32.72'
                //Default first deputy to logged in user on first load
                $foundUserID = $_SESSION['userIDnum'];
                $foundUserIsReserve = false;
            }
        }
        if (!empty($foundUserID)) {
            if ($foundUserIsReserve) {
                $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $foundUserID;
                $result = $mysqliReserve->query($myq);
                SQLerrorCatch($mysqliReserve, $result);
            } else {
                $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $foundUserID;
                $result = $mysqli->query($myq);
                SQLerrorCatch($mysqli, $result);
            }
            $row = $result->fetch_assoc();
            if ($deputyCount == 0) {
                $phone = $row['CELLPH'];
            }
            echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $foundUserID . '" />';
            if ($foundUserIsReserve) {
                echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />';
            }
            echo $row['LNAME'] . ', ' . $row['FNAME'];
            echo ';  Radio Call#: <input type="hidden" name="radioCallNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />' . $row['RADIO'];
            echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />';
            echo '<br/>';
            $deputyCount++;
        }
        echo 'Add Deputy: ';
        displayUserLookup($config);
        echo '<input type="hidden" name="num_deputies" value="' . $deputyCount . '" />';
        $gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
        echo '<br/><br/><input type="hidden" name="gpID" value="' . $gpID . '" /> Radio Number: ';
        selectRadioInventory($config, "radioID", $radioID);
        echo '<br/><br/>';
        if ($checkOutType == "LOANER") {
            echo '<input type="radio" name="checkOutType" value="LOANER" CHECKED>LOANER</input>';
        } else {
            echo '<input type="radio" name="checkOutType" value="LOANER">LOANER</input>';
        }
        if ($checkOutType == "PERM") {
            echo '<input type="radio" name="checkOutType" value="PERM" CHECKED>PERMANENT</input>';
        } else {
            echo '<input type="radio" name="checkOutType" value="PERM">PERMANENT</input>';
        }
        if ($checkOutType == "POD") {
            echo '<input type="radio" name="checkOutType" value="POD" CHECKED>SHIFT ASSIGNMENT</input><br/>';
        } else {
            echo '<input type="radio" name="checkOutType" value="POD">SHIFT ASSIGNMENT</input><br/>';
        }
        echo '<br/><input type="hidden" name="addBtn" value="true" />
            <input type="submit" name="addRadioLog" value="Check Out Radio" />
            <input type="submit" name="goBtn" value="Cancel" />';
    }
}
Example #6
0
function showSecLogDetails($config, $secLogID, $isEditing = false, $isApprove = false)
{
    $addSecLog = isset($_POST['addSecLog']) ? true : false;
    $logoutSecLog = isset($_POST['logoutSecLog']) ? true : false;
    $updateSecLog = isset($_POST['updateSecLog']) ? true : false;
    $num_deputies = isset($_POST['num_deputies']) ? $_POST['num_deputies'] : 0;
    $totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : 0;
    $mysqli = $config->mysqli;
    $mysqliReserve = connectToSQL($reserveDB = TRUE);
    if ($addSecLog) {
        //get passed values
        if ($num_deputies > 0) {
            for ($i = 0; $i < $num_deputies; $i++) {
                $deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : false;
                $radioNum[$i] = isset($_POST['radioNum' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['radioNum' . $i])) : '';
                $isReserve[$i] = isset($_POST['isReserve' . $i]) ? '1' : '0';
            }
        }
        $address = isset($_POST['address']) ? $mysqli->real_escape_string(strtoupper($_POST['address'])) : '';
        $city = isset($_POST['city']) ? $mysqli->real_escape_string(strtoupper($_POST['city'])) : '';
        $phone = isset($_POST['phone']) ? $mysqli->real_escape_string($_POST['phone']) : '';
        $shiftStart1 = !empty($_POST['shiftStart1']) ? $mysqli->real_escape_string($_POST['shiftStart1']) : '00';
        $shiftStart2 = !empty($_POST['shiftStart2']) ? $mysqli->real_escape_string($_POST['shiftStart2']) : '00';
        $shiftStart = $shiftStart1 . $shiftStart2 . "00";
        $shiftEnd1 = !empty($_POST['shiftEnd1']) ? $mysqli->real_escape_string($_POST['shiftEnd1']) : '00';
        $shiftEnd2 = !empty($_POST['shiftEnd2']) ? $mysqli->real_escape_string($_POST['shiftEnd2']) : '00';
        $shiftEnd = $shiftEnd1 . $shiftEnd2 . "00";
        $dress = isset($_POST['dress']) ? $mysqli->real_escape_string($_POST['dress']) : '';
        $gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
        //add to database
        echo '<h2>Results</h2>';
        if ($num_deputies > 0) {
            for ($i = 0; $i < $num_deputies; $i++) {
                $gpIDq = "SELECT MAX( GPNUM ) 'gpID' FROM SECLOG";
                $gpResult = $mysqli->query($gpIDq);
                SQLerrorCatch($mysqli, $gpResult);
                $row = $gpResult->fetch_assoc();
                if ($gpID != 0) {
                    $groupID = $gpID;
                } else {
                    $groupID = 0;
                    if ($num_deputies == 1) {
                        //Set Group ID to 0 or Individual
                    } else {
                        if ($i == 0) {
                            $groupID = $row['gpID'] + 1;
                        } else {
                            $groupID = $row['gpID'];
                        }
                    }
                }
                $myq = "INSERT INTO `SECLOG` ( `IDNUM` ,`DEPUTYID` ,`RADIO` ,`TIMEIN` ,`AUDIT_IN_ID` ,\r\n                    `AUDIT_IN_TIME` ,`AUDIT_IN_IP` ,`LOCATION` ,`CITY` ,`PHONE` ,`SHIFTDATE` ,`SHIFTSTART` ,\r\n                    `SHIFTEND` ,`DRESS` ,`TIMEOUT` ,`AUDIT_OUT_ID` ,`AUDIT_OUT_TIME` ,`AUDIT_OUT_IP` ,`SUP_ID` ,\r\n                    `SUP_TIME` ,`SUP_IP`, IS_RESERVE, GPNUM) VALUES (\r\n                    NULL , '" . $deputyID[$i] . "', '" . $radioNum[$i] . "', NOW(), '" . $_SESSION['userIDnum'] . "', NOW(), INET_ATON('" . $_SERVER['REMOTE_ADDR'] . "'), \r\n                        '" . $address . "', '" . $city . "', '" . $phone . "', '" . Date('Y-m-d', strtotime($_POST['dateSelect'])) . "', \r\n                        '" . $shiftStart . "', '" . $shiftEnd . "', '" . $dress . "', '', '', '', '', '', '', ''," . $isReserve[$i] . ",\r\n                    '" . $groupID . "');";
                $result = $mysqli->query($myq);
                if (!SQLerrorCatch($mysqli, $result)) {
                    $secLogID = $mysqli->insert_id;
                    addLog($config, 'Secondary Log #' . $secLogID . ' Added');
                    echo 'Successfully Added Secondary Employment Log, Reference Number: ' . $secLogID . '<br />';
                    $isEditing = true;
                } else {
                    echo 'Failed to add Secondary Employment Log, try again.<br />';
                }
            }
        } else {
            echo 'Must select a user.<br />';
        }
        echo '<br />';
        //display results and get secLogID just added
    }
    if ($logoutSecLog) {
        $secLogID = isset($_POST['secLogID']) ? $_POST['secLogID'] : '';
        logOutSecLog($config, $secLogID);
        $isEditing = true;
    }
    if ($updateSecLog) {
        ////get posted values
        $secLogID = isset($_POST['secLogID']) ? $mysqli->real_escape_string($_POST['secLogID']) : '';
        $radioNum = isset($_POST['radioNum']) ? $mysqli->real_escape_string($_POST['radioNum']) : '';
        $address = isset($_POST['address']) ? $mysqli->real_escape_string($_POST['address']) : '';
        $city = isset($_POST['city']) ? $mysqli->real_escape_string($_POST['city']) : '';
        $phone = isset($_POST['phone']) ? $mysqli->real_escape_string($_POST['phone']) : '';
        $shiftStart1 = isset($_POST['shiftStart1']) ? $mysqli->real_escape_string($_POST['shiftStart1']) : '';
        $shiftStart2 = isset($_POST['shiftStart2']) ? $mysqli->real_escape_string($_POST['shiftStart2']) : '';
        $shiftStart = $shiftStart1 . $shiftStart2 . "00";
        $shiftEnd1 = isset($_POST['shiftEnd1']) ? $mysqli->real_escape_string($_POST['shiftEnd1']) : '';
        $shiftEnd2 = isset($_POST['shiftEnd2']) ? $mysqli->real_escape_string($_POST['shiftEnd2']) : '';
        $shiftEnd = $shiftEnd1 . $shiftEnd2 . "00";
        $dress = isset($_POST['dress']) ? $mysqli->real_escape_string($_POST['dress']) : '';
        updateSecLog($config, $secLogID, $radioNum, $address, $city, $phone, $shiftStart1, $shiftStart2, $shiftEnd1, $shiftEnd2, $dress);
        $isEditing = true;
    }
    if ($isEditing) {
        if ($config->adminLvl >= 0) {
            $mysqli = $config->mysqli;
            $myq = "SELECT S.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', S.RADIO, LOCATION, S.CITY, PHONE,\r\n                        SHIFTSTART, SHIFTEND, DRESS, S.IDNUM, S.TIMEOUT\r\n                    FROM SECLOG S\r\n                    JOIN EMPLOYEE AS SEC ON SEC.IDNUM=S.DEPUTYID\r\n                    WHERE S.IDNUM = '" . $secLogID . "' AND IS_RESERVE=0\r\n                    UNION\r\n                    SELECT S.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', S.RADIO, LOCATION, S.CITY, PHONE,\r\n                        SHIFTSTART, SHIFTEND, DRESS, S.IDNUM, S.TIMEOUT\r\n                    FROM SECLOG S\r\n                    JOIN RESERVE AS SEC ON SEC.IDNUM=S.DEPUTYID\r\n                    WHERE S.IDNUM = '" . $secLogID . "' AND IS_RESERVE=1\r\n                    ORDER BY IDNUM";
            $result = $mysqli->query($myq);
            SQLerrorCatch($mysqli, $result);
            $row = $result->fetch_assoc();
            if ($row['gpID'] != 0) {
                //get all users
                echo '<div align="center">Group Reference #: ' . $row['gpID'] . '
                    <input type="hidden" name="gpID" value="' . $row['gpID'] . '" /></div>';
                $newq = "SELECT S.IDNUM 'refNum', S.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', S.RADIO, LOCATION, S.CITY, PHONE,\r\n                        SHIFTSTART, SHIFTEND, DRESS, S.IDNUM, S.TIMEOUT\r\n                    FROM SECLOG S\r\n                    JOIN EMPLOYEE AS SEC ON SEC.IDNUM=S.DEPUTYID\r\n                    WHERE S.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=0\r\n                    UNION\r\n                    SELECT S.IDNUM 'refNum', S.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', S.RADIO, LOCATION, S.CITY, PHONE,\r\n                        SHIFTSTART, SHIFTEND, DRESS, S.IDNUM, S.TIMEOUT\r\n                    FROM SECLOG S\r\n                    JOIN RESERVE AS SEC ON SEC.IDNUM=S.DEPUTYID\r\n                    WHERE S.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=1\r\n                    ORDER BY IDNUM";
                $newResult = $mysqli->query($newq);
                SQLerrorCatch($mysqli, $newResult);
                $x = 0;
                $y = 0;
                $depTable = array(array());
                $depTable[$x][$y] = "Reference#";
                $y++;
                $depTable[$x][$y] = "Deputy";
                $y++;
                $depTable[$x][$y] = "Radio#";
                $y++;
                $depTable[$x][$y] = "Action";
                $y++;
                $x++;
                while ($newRow = $newResult->fetch_assoc()) {
                    $y = 0;
                    $depTable[$x][$y] = $newRow['refNum'] . '
                        <input type="hidden" name="secLogID' . $x . '" value="' . $newRow['refNum'] . '" />';
                    $y++;
                    $depTable[$x][$y] = $newRow['DEPUTYNAME'];
                    $y++;
                    $depTable[$x][$y] = '<input type="text" name="radioNum' . $x . '" value="' . $newRow['RADIO'] . '" />';
                    $y++;
                    if (strcmp($newRow['TIMEOUT'], "00:00:00") == 0) {
                        $depTable[$x][$y] = '<input type="submit" value="Update" name="updateSecLog' . $x . '" />
                                <input type="submit" value="LogOut" name="logoutSecLog' . $x . '" /><br/>';
                        if ($config->adminLvl >= 25) {
                            $depTable[$x][$y] .= '<input type="submit" name="changeDeputy' . $x . '" value="Change Deputy" />';
                        }
                        $y++;
                    } else {
                        if ($config->adminLvl >= 25) {
                            $depTable[$x][$y] = '<input type="submit" value="Update" name="updateSecLog' . $x . '" />
                                Logged Out at ' . $newRow['TIMEOUT'];
                            $y++;
                        } else {
                            $depTable[$x][$y] = 'Logged Out at ' . $newRow['TIMEOUT'];
                            $y++;
                        }
                    }
                    $x++;
                }
                showSortableTable($depTable, 1);
            } else {
                $x = 0;
                $y = 0;
                $depTable = array(array());
                $depTable[$x][$y] = "Reference#";
                $y++;
                $depTable[$x][$y] = "Deputy";
                $y++;
                $depTable[$x][$y] = "Radio#";
                $y++;
                $depTable[$x][$y] = "Action";
                $y++;
                $x++;
                $y = 0;
                $depTable[$x][$y] = $secLogID . '<input type="hidden" name="secLogID" value="' . $secLogID . '" />';
                $y++;
                $depTable[$x][$y] = $row['DEPUTYNAME'];
                $y++;
                $depTable[$x][$y] = $row['DEPUTYNAME'];
                $y++;
                if ($config->adminLvl >= 25) {
                    $depTable[$x][$y] = '<input type="submit" name="changeDeputy1" value="Change Deputy" />';
                } else {
                    $depTable[$x][$y] = '';
                }
                $y++;
                showSortableTable($depTable, 1);
                //                 echo 'Reference #: '.$secLogID.'<input type="hidden" name="secLogID" value="'.$secLogID.'" /><br />
                //                    Deputy: '.$row['DEPUTYNAME'].'<br/>
                //                    Radio#: <input type="text" name="radioNum" value="'.$row['RADIO'].'" />
                //                        <input type="submit" name="changeDeputy1" value="Change Deputy" /><br/>';
            }
            echo '<div align="left">Add Deputy: <button type="button"  name="searchBtn" 
                value="Lookup Employee" onClick="this.form.action=' . "'?userLookup=true'" . ';this.form.submit()" >
                Lookup Employee</button></div><br/>';
            echo 'Site Name or Address: <input type="text" name="address" value="' . $row['LOCATION'] . '" /><br/>
                City/Twp: <input type="text" name="city" value="' . $row['CITY'] . '" /><br/>
                Contact#: <input type="text" name="phone" value="' . $row['PHONE'] . '" /><br/>
                Shift Start Time: ';
            $temp = explode(":", $row['SHIFTSTART']);
            showTimeSelector("shiftStart", $temp[0], $temp[1], false);
            echo ' <br/>
                Shift End Time: ';
            $temp = explode(":", $row['SHIFTEND']);
            showTimeSelector("shiftEnd", $temp[0], $temp[1], false);
            echo '<br/>
                Dress: <select name="dress">
                    <option value=""></option>
                    <option value="U"';
            if (strcmp($row['DRESS'], "U") == 0) {
                echo ' SELECTED ';
            }
            echo '>Uniform</option>
                    <option value="PC"';
            if (strcmp($row['DRESS'], "PC") == 0) {
                echo ' SELECTED ';
            }
            echo '>Plain Clothes</option>
                </select><br/>';
            echo 'Logged Off Time: ';
            if (strcmp($row['TIMEOUT'], "00:00:00") == 0) {
                echo "Not Logged Off Yet<br /><br />";
                if ($row['gpID'] != 0) {
                    echo '<input type="submit" name="logoutSecLogAll" value="LogOut All" />';
                } else {
                    echo '<input type="submit" name="logoutSecLog" value="LogOut" />';
                }
            } else {
                echo $row['TIMEOUT'] . '<br /><br />';
            }
            if (strcmp($row['TIMEOUT'], "00:00:00") == 0 || $config->adminLvl >= 25) {
                if ($row['gpID'] != 0) {
                    echo '<input type="submit" name="updateSecLogAll" value="Update All" />';
                } else {
                    echo '<input type="submit" name="updateSecLog" value="Update" />';
                }
            }
            if ($isApprove) {
                echo '<input type="submit" name="backToApprove" value="Back To Approvals" />';
            } else {
                echo '<input type="submit" name="goBtn" value="Back To Logs" />';
            }
        } else {
            echo 'Access Denied';
        }
    }
    if (!$isEditing && !isset($_POST['goBtn'])) {
        $secLogID = isset($_POST['secLogID']) ? $_POST['secLogID'] : $_SESSION['userIDnum'];
        $radioNum = isset($_POST['radioNum']) ? $_POST['radioNum'] : '';
        $address = isset($_POST['address']) ? $_POST['address'] : '';
        $city = isset($_POST['city']) ? $_POST['city'] : '';
        $phone = isset($_POST['phone']) ? $_POST['phone'] : '';
        $shiftStart1 = isset($_POST['shiftStart1']) ? $_POST['shiftStart1'] : '';
        $shiftStart2 = isset($_POST['shiftStart2']) ? $_POST['shiftStart2'] : '';
        $shiftEnd1 = isset($_POST['shiftEnd1']) ? $_POST['shiftEnd1'] : '';
        $shiftEnd2 = isset($_POST['shiftEnd2']) ? $_POST['shiftEnd2'] : '';
        $dress = isset($_POST['dress']) ? $_POST['dress'] : '';
        $dateSelect = isset($_POST['dateSelect']) ? $_POST['dateSelect'] : '';
        //debug
        //var_dump($_POST);
        //Show previously added deputies
        $deputyCount = 0;
        if ($num_deputies > 0) {
            for ($i = 0; $i < $num_deputies; $i++) {
                if (!isset($_POST['removeDeputyBtn' . $i])) {
                    $deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : '';
                    $isReserve[$i] = isset($_POST['isReserve' . $i]) ? true : false;
                    //get this user's information
                    if ($isReserve[$i]) {
                        $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $deputyID[$i];
                        $result = $mysqliReserve->query($myq);
                        SQLerrorCatch($mysqliReserve, $result);
                        $row = $result->fetch_assoc();
                    } else {
                        $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $deputyID[$i];
                        $result = $mysqli->query($myq);
                        SQLerrorCatch($mysqli, $result);
                        $row = $result->fetch_assoc();
                    }
                    if ($i == 0) {
                        $phone = $row['CELLPH'];
                    }
                    echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $deputyID[$i] . '" />';
                    if ($isReserve[$i] == 1) {
                        echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />';
                    }
                    echo $row['LNAME'] . ', ' . $row['FNAME'];
                    echo ';  Radio#: <input type="hidden" name="radioNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />' . $row['RADIO'];
                    echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />';
                    echo '<br/>';
                    $deputyCount++;
                }
            }
            //End for loop of previously added deputies
        }
        //End check for multiple deputies
        //Get added Deputy
        $totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : 0;
        $foundUserFNAME = '';
        $foundUserLNAME = '';
        $foundUserName = '';
        $foundUserID = '';
        if ($totalRows > 0) {
            //get post info providied from search results
            for ($i = 0; $i <= $totalRows; $i++) {
                if (isset($_POST['foundUser' . $i])) {
                    $foundUserFNAME = $_POST['foundUserFNAME' . $i];
                    $foundUserLNAME = $_POST['foundUserLNAME' . $i];
                    $foundUserName = $_POST['foundUserName' . $i];
                    $foundUserID = $_POST['foundUserID' . $i];
                    if (isset($_POST['isReserve' . $i])) {
                        $foundUserIsReserve = true;
                    } else {
                        $foundUserIsReserve = false;
                    }
                    break;
                }
                //end if
            }
            //end for
        }
        if (empty($foundUserID) && $num_deputies == 0) {
            if ($_SERVER['REMOTE_ADDR'] != nslookup('WSRF14900.mahoningcountyoh.gov')) {
                //'10.1.32.72'
                $foundUserID = $_SESSION['userIDnum'];
                $foundUserIsReserve = false;
            }
        }
        if (!empty($foundUserID)) {
            if ($foundUserIsReserve) {
                $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $foundUserID;
                $result = $mysqliReserve->query($myq);
                SQLerrorCatch($mysqliReserve, $result);
            } else {
                $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $foundUserID;
                $result = $mysqli->query($myq);
                SQLerrorCatch($mysqli, $result);
            }
            $row = $result->fetch_assoc();
            if ($deputyCount == 0) {
                $phone = $row['CELLPH'];
            }
            echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $foundUserID . '" />';
            if ($foundUserIsReserve) {
                echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />';
            }
            echo $row['LNAME'] . ', ' . $row['FNAME'];
            echo ';  Radio#: <input type="hidden" name="radioNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />' . $row['RADIO'];
            echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />';
            echo '<br/>';
            $deputyCount++;
        }
        echo 'Add Deputy: ';
        displayUserLookup($config);
        echo '<br />';
        echo '<input type="hidden" name="num_deputies" value="' . $deputyCount . '" />';
        $gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
        echo '<input type="hidden" name="gpID" value="' . $gpID . '" />';
        echo 'Site Name or Address: <input type="text" name="address" value="' . $address . '" /><br/>
            City/Twp: <input type="text" name="city" value="' . $city . '" /><br/>
            Contact#: <input type="text" name="phone" value="' . $phone . '" /><br/>
            Shift Start Time: ';
        showTimeSelector("shiftStart", $shiftStart1, $shiftStart2, false);
        echo ' <br/>
            Shift End Time: ';
        showTimeSelector("shiftEnd", $shiftEnd1, $shiftEnd2, false);
        echo '<br/>
            Dress: <select name="dress">
                <option value=""></option>
                <option value="U"';
        if ($dress == 'U') {
            echo ' selected ';
        }
        echo '>Uniform</option>
                <option value="PC"';
        if ($dress == 'PC') {
            echo ' selected ';
        }
        echo '>Plain Clothes</option>
            </select><br/><br />
            <input type="hidden" name="addBtn" value="true" />
            <input type="submit" name="addSecLog" value="Add" />
            <input type="submit" name="goBtn" value="Cancel" />';
    }
}
Example #7
0
function searchReserves($config, $userToFind, $rowCount, $isSelect = true)
{
    $mysqli = connectToSQL($reserveDB = TRUE);
    if ($config->adminLvl < 75) {
        $myq = "SELECT *  FROM `RESERVE` WHERE `GRP` != 5 AND `LNAME` LIKE CONVERT(_utf8 '%" . $userToFind . "%' USING latin1) COLLATE latin1_swedish_ci ";
    } else {
        $myq = "SELECT *  FROM `RESERVE` WHERE `LNAME` LIKE CONVERT(_utf8 '%" . $userToFind . "%' USING latin1) COLLATE latin1_swedish_ci ";
    }
    $result = $mysqli->query($myq);
    SQLerrorCatch($mysqli, $result);
    $begin = $rowCount;
    $echo = "";
    while ($row = $result->fetch_assoc()) {
        $rowCount++;
        $echo .= '<div align="center"><table width="400"><tr><td>';
        if ($isSelect) {
            $echo .= '<input name="foundUser' . $rowCount . '" type="radio" onClick="this.form.action=\'?' . $_POST['formName'] . "=true'" . ';this.form.submit()" />Select</td><td>';
        }
        $echo .= '<input type="hidden" name="foundUserFNAME' . $rowCount . '" value="' . $row['FNAME'] . '" /> First name: ' . $row['FNAME'] . "<br />";
        $echo .= '<input type="hidden" name="foundUserLNAME' . $rowCount . '" value="' . $row['LNAME'] . '" /> Last Name: ' . $row['LNAME'] . "<br />";
        $echo .= '<input type="hidden" name="foundUserID' . $rowCount . '" value="' . $row['IDNUM'] . '" /> Username: '******'FNAME'] . "." . $row['LNAME'] . '<br />';
        $echo .= '<input type="hidden" name="foundUserName' . $rowCount . '" value="' . $row['FNAME'] . "." . $row['LNAME'] . '" />';
        $echo .= "Rank: Reserve Group " . $row['GRP'] . "<br />";
        $echo .= '<input type="hidden" name="isReserve' . $rowCount . '" value="true" />"';
        $echo .= "</td></tr></table></div><br /><hr />";
    }
    //end While Loop
    $rowsAdded = $rowCount - $begin;
    if ($rowsAdded > 0) {
        echo "Number of entries found in the reserve database is " . $rowsAdded . "<br /><br /><hr />";
        echo $echo;
    }
    return $rowsAdded;
}
Example #8
0
function displayAdminAnnounce($config)
{
    echo '<div align="center"><h2>Announcement Manager</h3></div> ';
    if ($config->adminLvl >= 30) {
        $editorDisplay = isset($_GET['editAnnounce']) ? $_GET['editAnnounce'] : false;
        if (!$editorDisplay && !isset($_POST['addAnnounce'])) {
            //Show available announcements to edit (or add new)
            $mysqli = connectToSQL();
            $myq = "SELECT * FROM `NEWS` WHERE 1";
            $result = $mysqli->query($myq);
            if (!$result) {
                throw new Exception("Database Error [{$mysqli->errno}] {$mysqli->error}");
            }
            $result->data_seek(0);
            while ($row = $result->fetch_assoc()) {
                echo '<a href="' . $_SERVER['REQUEST_URI'] . '&editAnnounce=' . $row['IDNUM'] . '" >' . $row['TITLE'] . '</a><br /> 
                        Published: ' . $row['TSTAMP'] . ' <br />by ' . $row['AUDITID'] . '<br /><br />';
            }
            ?>
            <form action="<?php 
            echo $_SERVER['REQUEST_URI'];
            ?>
" method="post" name="registerform">
                <input type="submit" name="addAnnounce" value="Add Announcement" />
            </form>
            <?php 
        }
        if (isset($_GET['editAnnounce'])) {
            //User attempting to edit, get passed form fields
            $editorID = isset($_POST['editorID']) ? $_POST['editorID'] : $_GET['editAnnounce'];
            $editorTitle = isset($_POST['editorTitle']) ? $_POST['editorTitle'] : '';
            $editorShort = isset($_POST['editorShort']) ? $_POST['editorShort'] : '';
            $editorDivID = isset($_POST['editorDivID']) ? $_POST['editorDivID'] : '';
            $editorOldShort = isset($_POST['editorOldShort']) ? $_POST['editorOldShort'] : '';
            $editorPublish = isset($_POST['editorPublish']) ? $_POST['editorPublish'] : '1';
            $editorData = isset($_POST['editor110']) ? $_POST['editor110'] : '';
            if (isset($_POST['editor110']) && !isset($_POST['editorPublish'])) {
                $editorPublish = 0;
            }
            if (!isset($_POST['editorOldShort'])) {
                //no valid announcement was passed so get data within SQL
                $mysqli = connectToSQL();
                $myq = "SELECT `SHORTNAME` , `TITLE` , `BODY` , `PUBLISH`, `DIVID`  FROM `NEWS` \r\n                    WHERE `IDNUM` = '" . $editorID . "'";
                $result = $mysqli->query($myq);
                SQLerrorCatch($mysqli, $result);
                $result->data_seek(0);
                $row = $result->fetch_assoc();
                $editorTitle = $row['TITLE'];
                $editorShort = $row['SHORTNAME'];
                $editorDivID = $row['DIVID'];
                $editorPublish = $row['PUBLISH'];
                $editorData = $row['BODY'];
            }
            ?>
            <a href="<?php 
            echo $_SERVER['PHP_SELF'];
            ?>
?isAnounceAdmin=true" >Back</a>
            <script type="text/javascript" src="ckeditor/ckeditor.js"></script>
            <form action ="<?php 
            echo $_SERVER['REQUEST_URI'];
            ?>
" method="post">
                <p>
                <?php 
            echo '<input type="hidden" name="editorID" value="' . $editorID . '" />';
            ?>
                Announcement Title: <input type="text" name="editorTitle" value="<?php 
            if (isset($editorTitle)) {
                echo $editorTitle;
            }
            ?>
"/><br /><br />
                Short Name: <?php 
            if (isset($editorShort)) {
                echo $editorShort;
            }
            ?>
<br /><br />
                Publish to Division: <?php 
            displayDivisionID("editorDivID", $editorDivID, $showAllOpt = true);
            ?>
<br/><Br/>
                <input type="hidden" name="editorOldShort" value="<?php 
            echo $editorShort;
            ?>
" />
                Publish Announcement: <input type="checkbox" name="editorPublish" value="1" <?php 
            if ($editorPublish == 0) {
            } else {
                echo 'checked="checked"';
            }
            ?>
 /><br /><br />
                            <textarea id="editor1" name="editor110"><?php 
            echo $editorData;
            ?>
</textarea>
                            <script type="text/javascript">
                                    CKEDITOR.replace( 'editor110' );
                            </script>
                    </p>
                    <p>
                            <input type="submit" name="saveBtn" value="Save" />
                    </p>
            </form>
            <?php 
            if (isset($_POST['saveBtn'])) {
                //User pressed Save Button, so update with presented information
                $mysqli = connectToSQL();
                $myq = "UPDATE `PAYROLL`.`NEWS` SET \r\n                    `SHORTNAME` = '" . $editorOldShort . "',\r\n                    `TITLE` = '" . $editorTitle . "',\r\n                    `BODY` = '" . $editorData . "',\r\n                    `PUBLISH` = '" . $editorPublish . "',\r\n                    `DIVID` = '" . $editorDivID . "',\r\n                    `TSTAMP` = NOW( ),\r\n                    `AUDITID` = '" . strtoupper($_SESSION['userName']) . "',\r\n                    `IP` = 'INET_ATON(\\'" . $_SERVER['REMOTE_ADDR'] . "\\')' \r\n                    WHERE IDNUM= '" . $editorID . "' LIMIT 1 ;";
                $result = $mysqli->query($myq);
                if (!SQLerrorCatch($mysqli, $result)) {
                    addLog($config, 'Announcement Updated with title ' . $editorTitle);
                    echo '<h3>Successful Save</h3>';
                }
            }
        }
        if (isset($_POST['addAnnounce'])) {
            //User pressed Add an Announcement
            $editorTitle = isset($_POST['editorTitle']) ? $_POST['editorTitle'] : '';
            $editorShort = isset($_POST['editorShort']) ? $_POST['editorShort'] : '';
            $editorDivID = isset($_POST['editorDivID']) ? $_POST['editorDivID'] : '1';
            $editorPublish = isset($_POST['editorPublish']) ? $_POST['editorPublish'] : '1';
            $editorData = isset($_POST['editor110']) ? $_POST['editor110'] : '';
            if (isset($_POST['editor110']) && !isset($_POST['editorPublish'])) {
                $editorPublish = 0;
            }
            $isShort = false;
            if (isset($_POST['saveBtn']) && empty($editorShort)) {
                $isShort = true;
            }
            ?>
            <a href="<?php 
            echo $_SERVER['PHP_SELF'];
            ?>
?isAnounceAdmin=true" >Back</a>
            <script type="text/javascript" src="ckeditor/ckeditor.js"></script>
            <form action ="<?php 
            echo $_SERVER['REQUEST_URI'];
            ?>
" method="post">
                <p>
                Announcement Title: <input type="text" name="editorTitle" value="<?php 
            if (isset($editorTitle)) {
                echo $editorTitle;
            }
            ?>
"/><br /><br />
                Short Name: <input type="text" name="editorShort" value="<?php 
            if (isset($editorShort)) {
                echo $editorShort;
            }
            ?>
" <?php 
            if ($isShort) {
                echo "style=\"background:#FFFFFF;border:1px solid #FF0000;\"";
            }
            ?>
 /><br /><br />
                Publish to Division: <?php 
            displayDivisionID("editorDivID", $editorDivID, $showAllOpt = true);
            ?>
<br/><Br/>
                Publish Announcement: <input type="checkbox" name="editorPublish" value="1" <?php 
            if ($editorPublish == 0) {
            } else {
                echo 'checked="checked"';
            }
            ?>
 /><br /><br />
                            <textarea id="editor1" name="editor110"><?php 
            echo $editorData;
            ?>
</textarea>
                            <script type="text/javascript">
                                    CKEDITOR.replace( 'editor110' );
                            </script>
                    </p>
                    <p>
                            <input type="hidden" name="addAnnounce" value="Add Announcement" />
                            <input type="submit" name="saveBtn" value="Save" />
                    </p>
            </form>
            <?php 
            if (isset($_POST['saveBtn'])) {
                //Save button pressed, save data to database
                $mysqli = connectToSQL();
                //$myq = "INSERT INTO `PAYROLL`.`NEWS` (`SHORTNAME`, `TITLE`, `BODY`, `PUBLISH`, `TSTAMP`, `AUDITID`, 'IP') VALUES ('".$editorShort."', '".$editorTitle."', '".$editorData."', '".$editorPublish."', NOW(), 'awturner', '10.1.30.57');";
                $myq = "INSERT INTO `NEWS` (`SHORTNAME`, `TITLE`, `BODY`, DIVID, `PUBLISH`, `TSTAMP`, `AUDITID`, `IP`) \r\n                        VALUES ('" . $editorShort . "', '" . $editorTitle . "', '" . $editorData . "', '" . $editorDivID . "', '" . $editorPublish . "', NOW(), '" . strtoupper($_SESSION['userName']) . "', INET_ATON('{$_SERVER['REMOTE_ADDR']}'))";
                $result = $mysqli->query($myq);
                if (!$result) {
                    throw new Exception("Database Error [{$mysqli->errno}] {$mysqli->error}");
                } else {
                    addLog($config, 'Announcement Added with title ' . $editorTitle);
                    echo '<h3>Successful Save</h3>';
                }
            }
        }
        echo '<div align="center">Note: No Announcement is private to the selected division.<br/>
        All users may see the announcement if published</div><Br/>';
    } else {
        echo 'Access Denied';
    }
}
Example #9
0
function reserveDetails($config, $reserveID)
{
    $mysqli = connectToSQL($reserveDB = TRUE);
    echo 'Details for: ' . $reserveID . '<input type="hidden" name="reserveID" value="' . $reserveID . '" />';
    if ($config->adminLvl >= 75) {
        $updateBtn = isset($_POST['updateBtn']) ? true : false;
        if ($updateBtn) {
            $group = isset($_POST['resGroup']) ? $mysqli->real_escape_string($_POST['resGroup']) : "";
            $fName = isset($_POST['foundUserFNAME']) ? $mysqli->real_escape_string($_POST['foundUserFNAME']) : "";
            $lName = isset($_POST['foundUserLNAME']) ? $mysqli->real_escape_string($_POST['foundUserLNAME']) : "";
            $radio = isset($_POST['radioNum']) ? $mysqli->real_escape_string($_POST['radioNum']) : "";
            $address = isset($_POST['address']) ? $mysqli->real_escape_string($_POST['address']) : "";
            $city = isset($_POST['city']) ? $mysqli->real_escape_string($_POST['city']) : "";
            $state = isset($_POST['state']) ? $mysqli->real_escape_string($_POST['state']) : "";
            $zip = isset($_POST['zip']) ? $mysqli->real_escape_string($_POST['zip']) : "";
            $hPhone = isset($_POST['hPhone']) ? $mysqli->real_escape_string($_POST['hPhone']) : "";
            $cPhone = isset($_POST['cPhone']) ? $mysqli->real_escape_string($_POST['cPhone']) : "";
            $wPhone = isset($_POST['wPhone']) ? $mysqli->real_escape_string($_POST['wPhone']) : "";
            $tis = isset($_POST['tis']) ? $mysqli->real_escape_string($_POST['tis']) : "";
            $agency = isset($_POST['agency']) ? $mysqli->real_escape_string($_POST['agency']) : "";
            $notes = isset($_POST['notes']) ? $mysqli->real_escape_string($_POST['notes']) : "";
            if (empty($fName) || empty($lName) || empty($group)) {
                echo '<br />Must provide all the highlighted items<br /> Did not Save<br />';
            } else {
                //Update Fields
                $myq = "UPDATE `RESERVE`.`RESERVE` SET\r\n                    `GRP` = " . $group . ",\r\n                    `LNAME` = '" . $lName . "',\r\n                    `FNAME` = '" . $fName . "',\r\n                    `RADIO` = '" . $radio . "',\r\n                    `ADDRESS` = '" . $address . "',\r\n                    `CITY` = '" . $city . "',\r\n                    `ST` = '" . $state . "',\r\n                    `ZIP` = '" . $zip . "',\r\n                    `HOMEPH` = '" . $hPhone . "',\r\n                    `CELLPH` = '" . $cPhone . "',\r\n                    `WORKPH` = '" . $wPhone . "',\r\n                    `TIS` = '" . $tis . "',\r\n                    `AGENCY` = '" . $agency . "',\r\n                    `NOTES` = '" . $notes . "' \r\n                    WHERE `IDNUM` = " . $reserveID;
                $result = $mysqli->query($myq);
                SQLerrorCatch($mysqli, $result);
                addLog($config, 'Reserve with ID ' . $reserveID . ' Updated');
                echo 'Reserve Successfully Updated.<br/>';
            }
        } else {
            $myq = "SELECT * FROM `RESERVE` WHERE `IDNUM` = " . $reserveID;
            $result = $mysqli->query($myq);
            SQLerrorCatch($mysqli, $result);
            $row = $result->fetch_assoc();
            $group = $row['GRP'];
            $fName = $row['FNAME'];
            $lName = $row['LNAME'];
            $radio = $row['RADIO'];
            $address = $row['ADDRESS'];
            $city = $row['CITY'];
            $state = $row['ST'];
            $zip = $row['ZIP'];
            $hPhone = $row['HOMEPH'];
            $cPhone = $row['CELLPH'];
            $wPhone = $row['WORKPH'];
            $tis = $row['TIS'];
            $agency = $row['AGENCY'];
            $notes = $row['NOTES'];
        }
        echo '</div><div align="left" class="login"><table>';
        echo '<tr><td>&nbsp;&nbsp;&nbsp;&nbsp;</td><td>First Name: </td><td><input type="text" name="foundUserFNAME" value="' . $fName . '" /></td></tr>';
        echo '<tr><td></td><td>Last Name: </td><td><input type="text" name="foundUserLNAME" value="' . $lName . '" /></td></tr>';
        echo '<tr><td></td><td>Group: </td><td><select name="resGroup">
            <option value="">Select Group</option>            
            <option value="1"';
        if ($group == "1") {
            echo " SELECTED";
        }
        echo '>Group 1</option>
            <option value="2"';
        if ($group == "2") {
            echo " SELECTED";
        }
        echo '>Group 2</option>
            <option value="3"';
        if ($group == "3") {
            echo " SELECTED";
        }
        echo '>Group 3</option>
            <option value="4"';
        if ($group == "4") {
            echo " SELECTED";
        }
        echo '>Group 4</option>
            <option value="5"';
        if ($group == "5") {
            echo " SELECTED";
        }
        echo '>Group 5</option>
            </select></td></tr>';
        echo '<tr><td></td><td>Radio#: </td><td><input type="text" name="radioNum" value="' . $radio . '" /></td></tr>';
        echo '<tr><td></td><td>Address: </td><td><input type="text" name="address" value="' . $address . '" /></td></tr>';
        echo '<tr><td></td><td>City: </td><td><input type="text" name="city" value="' . $city . '" /></td></tr>';
        echo '<tr><td></td><td>State: </td><td><input type="text" name="state" value="' . $state . '" /></td></tr>';
        echo '<tr><td></td><td>ZIP: </td><td><input type="text" name="zip" value="' . $zip . '" /></td></tr>';
        echo '<tr><td></td><td>Home Phone: </td><td><input type="text" name="hPhone" value="' . $hPhone . '" /></td></tr>';
        echo '<tr><td></td><td>Cell Phone: </td><td><input type="text" name="cPhone" value="' . $cPhone . '" /></td></tr>';
        echo '<tr><td></td><td>Work Phone: </td><td><input type="text" name="wPhone" value="' . $wPhone . '" /></td></tr>';
        echo '<tr><td></td><td>Time in Service: </td><td>';
        displayDateSelect("tis", "tis", $tis, false, false);
        echo '</td></tr>';
        echo '<tr><td></td><td>Agency: </td><td><input type="text" name="agency" value="' . $agency . '" /></td></tr>';
        echo '<tr><td></td><td>Additional Notes: </td><td><input type="text" name="notes" value="' . $notes . '" /></td></tr><tr><td></td></tr>';
        echo '<tr><td></td><td><input type="submit" name="updateBtn" value="Update and Save" /></td><td>';
        echo '<input type="submit" name="delBtn" value="Delete Reserve" /> <input type="submit" name="goBackBtn" value="Back To Reserves" /></td></tr>';
        echo '</table></div>';
    }
}
Example #10
0
 private function searchReserves()
 {
     $mysqli = connectToSQL($reserveDB = TRUE);
     if ($this->config->adminLvl < 75) {
         $myq = "SELECT *  FROM `RESERVE` WHERE `GRP` != 5 AND \r\n                `LNAME` LIKE CONVERT(_utf8 '%" . $this->config->mysqli->real_escape_string($this->searchUser) . "%' USING latin1) \r\n                    COLLATE latin1_swedish_ci ";
     } else {
         $myq = "SELECT *  FROM `RESERVE` WHERE \r\n                `LNAME` LIKE CONVERT(_utf8 '%" . $this->config->mysqli->real_escape_string($this->searchUser) . "%' USING latin1) \r\n                    COLLATE latin1_swedish_ci ";
     }
     $result = $mysqli->query($myq);
     SQLerrorCatch($mysqli, $result, $myq);
     $begin = $this->rowCount;
     $echo = "";
     while ($row = $result->fetch_assoc()) {
         $this->rowCount++;
         $echo .= '<div align="center"><table width="400"><tr><td>';
         $echo .= '<input name="foundUser' . $this->rowCount . '" type="submit"  value="Select" /></td><td>';
         $echo .= '<input type="hidden" name="foundUserFNAME' . $this->rowCount . '" value="' . $row['FNAME'] . '" /> First name: ' . $row['FNAME'] . "<br />";
         $echo .= '<input type="hidden" name="foundUserLNAME' . $this->rowCount . '" value="' . $row['LNAME'] . '" /> Last Name: ' . $row['LNAME'] . "<br />";
         $echo .= '<input type="hidden" name="foundUserID' . $this->rowCount . '" value="' . $row['IDNUM'] . '" /> Username: '******'FNAME'] . "." . $row['LNAME'] . '<br />';
         $echo .= '<input type="hidden" name="foundUserName' . $this->rowCount . '" value="' . $row['FNAME'] . "." . $row['LNAME'] . '" />';
         $echo .= "Rank: Reserve Group " . $row['GRP'] . "<br />";
         $echo .= '<input type="hidden" name="isReserve' . $this->rowCount . '" value="true" />"';
         $echo .= "</td></tr></table></div><br /><hr />";
     }
     //end While Loop
     $rowsAdded = $this->rowCount - $begin;
     echo "Number of entries found in the reserve database is " . $rowsAdded . "<br /><br /><hr />";
     if ($rowsAdded > 0) {
         echo $echo;
     }
 }
Example #11
0
function showKeyLogDetails($config, $keyLogID, $isEditing = false, $isApprove = false, $divID = '')
{
    $checkOutKey = isset($_POST['addKeyLog']) ? true : false;
    $checkInKey = isset($_POST['checkInKey']) ? true : false;
    $updateKeyLog = isset($_POST['updateKeyLog']) ? true : false;
    $itemIDs = '';
    $debug = '';
    $mysqli = $config->mysqli;
    $mysqliReserve = connectToSQL($reserveDB = TRUE);
    $num_deputies = isset($_POST['num_deputies']) ? $mysqli->real_escape_string($_POST['num_deputies']) : 0;
    $totalRows = isset($_POST['totalRows']) ? $mysqli->real_escape_string($_POST['totalRows']) : 0;
    $invLogComments = isset($_POST['invLogCommments']) ? $mysqli->real_escape_string(strtoupper($_POST['invLogCommments'])) : '';
    if ($checkOutKey) {
        //get passed values
        echo '<h2><font color="red">Results</font></h2>';
        $debug .= 'checking number of deputies ' . $num_deputies . ' <br/>';
        if ($num_deputies > 0) {
            $podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : '';
            $gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
            $checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : '';
            $nextGroupID = 0;
            $gpIDq = "SELECT MAX( GPNUM ) 'gpID' FROM WTS_RADIOLOG";
            $gpResult = $mysqli->query($gpIDq);
            SQLerrorCatch($mysqli, $gpResult);
            $row = $gpResult->fetch_assoc();
            $nextGroupID = $row['gpID'] + 1;
            for ($i = 0; $i < $num_deputies; $i++) {
                $debug .= 'adding deputy id ' . $i . '<br/>';
                $deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : false;
                $radioCallNum[$i] = isset($_POST['radioCallNum' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['radioCallNum' . $i])) : '';
                $isReserve[$i] = isset($_POST['isReserve' . $i]) ? '1' : '0';
                $iCount = 0;
                for ($z = 0; $z < $totalRows; $z++) {
                    $debug .= 'Checkbox id: ' . $z;
                    $itemCheckbox = isset($_POST['itemIDcheckbox' . $z]) ? true : false;
                    if ($itemCheckbox) {
                        $debug .= ' is checked';
                        $itemIDs[$iCount] = $mysqli->real_escape_string(strtoupper($_POST['itemID' . $z]));
                        $itemType[$iCount] = isset($_POST['itemType' . $z]) ? $mysqli->real_escape_string(strtoupper($_POST['itemType' . $z])) : '';
                        $iCount++;
                        $isEditing = true;
                    }
                    $debug .= '<br/>';
                }
                $totalItems = sizeof($itemIDs);
                if ($gpID != 0) {
                    $groupID = $gpID;
                } else {
                    if ($num_deputies == 1) {
                        //Set Group ID to 0 or Individual
                        $groupID = 0;
                    } else {
                        if ($i == 0) {
                            $groupID = $nextGroupID;
                        } else {
                            $groupID = $nextGroupID - 1;
                        }
                    }
                }
                //if only 1 deputy and multiple items
                if ($groupID == 0 && $totalItems > 1) {
                    $groupID = $nextGroupID;
                }
                for ($z = 0; $z < $totalItems; $z++) {
                    $keyLogID = checkOutItem($config, $deputyID[$i], $radioCallNum[$i], $itemIDs[$z], $itemType[$z], $checkOutType, $isReserve[$i], $groupID, $divID);
                }
                echo '<input type="submit" name="goBtn" value="Back To Logs" />';
            }
        } else {
            if (!empty($invLogComments)) {
                $gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
                $checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : '';
                $nextGroupID = 0;
                $gpIDq = "SELECT MAX( GPNUM ) 'gpID' FROM WTS_RADIOLOG";
                $gpResult = $mysqli->query($gpIDq);
                SQLerrorCatch($mysqli, $gpResult);
                $row = $gpResult->fetch_assoc();
                $groupID = 0;
                $nextGroupID = $row['gpID'] + 1;
                $iCount = 0;
                for ($z = 0; $z < $totalRows; $z++) {
                    $debug .= 'Checkbox id: ' . $z;
                    $itemCheckbox = isset($_POST['itemIDcheckbox' . $z]) ? true : false;
                    if ($itemCheckbox) {
                        $debug .= ' is checked';
                        $itemIDs[$iCount] = $mysqli->real_escape_string(strtoupper($_POST['itemID' . $z]));
                        $itemType[$iCount] = isset($_POST['itemType' . $z]) ? $mysqli->real_escape_string(strtoupper($_POST['itemType' . $z])) : '';
                        $iCount++;
                        $isEditing = true;
                    }
                    $debug .= '<br/>';
                }
                $totalItems = sizeof($itemIDs);
                //if only 1 deputy and multiple items
                if ($totalItems > 1) {
                    $groupID = $nextGroupID;
                }
                for ($z = 0; $z < $totalItems; $z++) {
                    $keyLogID = checkOutItem($config, '', '', $itemIDs[$z], $itemType[$z], $checkOutType, '0', $groupID, $divID, false, $invLogComments);
                }
                echo '<input type="submit" name="goBtn" value="Back To Logs" />';
            } else {
                echo 'Must select a user.<br />';
            }
        }
        echo '<br />';
        //popUpMessage($debug);
        //display results and get secLogID just added
    }
    if ($checkInKey) {
        $keyLogID = isset($_POST['keyLogID']) ? $_POST['keyLogID'] : '';
        $hiddenInputs = '<input type="hidden" value="' . $_POST['dateSelect'] . '" name="dateSelect">
                        <input type="hidden" name="divisionID" value="' . $_POST['divisionID'] . '" /> 
                        <input type="hidden" value="' . $keyLogID . '" name="keyLogID">
                        <input type="hidden" value="true" name="checkInKey">';
        checkInRadioLog($config, $keyLogID, $noLog = false, $hiddenInputs);
        $isEditing = true;
    }
    if ($updateKeyLog) {
        ////get posted values
        $keyLogID = isset($_POST['keyLogID']) ? $mysqli->real_escape_string($_POST['keyLogID']) : '';
        $podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : '';
        $radioCallNum = isset($_POST['radioCallNum']) ? $mysqli->real_escape_string(strtoupper($_POST['radioCallNum'])) : '';
        $checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : '';
        $debug .= 'Updating KeyLogID ' . $keyLogID;
        for ($z = 0; $z < $totalRows; $z++) {
            $debug .= 'Checkbox id: ' . $z;
            $itemCheckbox = isset($_POST['itemIDcheckbox' . $z]) ? true : false;
            if ($itemCheckbox) {
                $debug .= ' is checked';
                $itemIDs[$z] = $mysqli->real_escape_string(strtoupper($_POST['itemID' . $z]));
                $itemType[$z] = isset($_POST['itemType' . $z]) ? $mysqli->real_escape_string(strtoupper($_POST['itemType' . $z])) : '';
                updateRadioLog($config, $keyLogID, $radioCallNum, $itemIDs[$z], $checkOutType, $invLogComments);
                $isEditing = true;
            }
            $debug .= '<br/>';
        }
        //popUpMessage($debug);
        $isEditing = true;
    }
    if ($isEditing) {
        $filters = showSelectDivision($config, $divID, "I.");
        if ($config->adminLvl >= 0) {
            $mysqli = $config->mysqli;
            $myq = "SELECT R.REFNUM, R.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n                        R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime', R.COMMENTS\r\n                    FROM WTS_RADIOLOG R\r\n                    JOIN EMPLOYEE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n                    WHERE R.REFNUM = '" . $keyLogID . "' AND IS_RESERVE=0\r\n                    UNION\r\n                    SELECT R.REFNUM, R.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n                        R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime', R.COMMENTS\r\n                    FROM WTS_RADIOLOG R\r\n                    JOIN RESERVE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n                    WHERE R.REFNUM = '" . $keyLogID . "' AND IS_RESERVE=1\r\n                    ";
            $result = $mysqli->query($myq);
            SQLerrorCatch($mysqli, $result);
            $row = $result->fetch_assoc();
            if ($row['gpID'] != 0 && false) {
                //get all users
                echo '<div align="center">Group Reference #: ' . $row['gpID'] . '
                    <input type="hidden" name="gpID" value="' . $row['gpID'] . '" /></div>';
                $newq = "SELECT R.REFNUM 'refNum', R.GPNUM 'gpID', \r\n                        CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, R.COMMENTS,\r\n                        R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n                    FROM WTS_RADIOLOG R\r\n                    JOIN EMPLOYEE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n                    WHERE R.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=0\r\n                    UNION\r\n                    SELECT R.REFNUM 'refNum', R.GPNUM 'gpID', \r\n                        CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, R.COMMENTS, \r\n                        R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n                    FROM WTS_RADIOLOG R\r\n                    JOIN RESERVE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n                    WHERE R.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=1";
                $newResult = $mysqli->query($newq);
                SQLerrorCatch($mysqli, $newResult, $newq);
                $x = 0;
                $y = 0;
                $depTable = array(array());
                $selectedRows = array();
                $sRows = 0;
                $depTable[$x][$y] = "Deputy";
                $y++;
                $depTable[$x][$y] = "Radio#";
                $y++;
                $x++;
                while ($newRow = $newResult->fetch_assoc()) {
                    $y = 0;
                    $lastDeputy = false;
                    for ($t = 0; $t < sizeof($depTable); $t++) {
                        if ($newRow['DEPUTYNAME'] == $depTable[$t][0]) {
                            $lastDeputy = true;
                            break;
                        }
                    }
                    if (!$lastDeputy && !empty($newRow['DEPUTYNAME'])) {
                        $depTable[$x][$y] = $newRow['DEPUTYNAME'];
                        $y++;
                        $depTable[$x][$y] = '<input type="text" name="radioCallNum' . $x . '" value="' . $newRow['RADIO_CALLNUM'] . '" />';
                        $y++;
                        $x++;
                    }
                    //echo '<option value="'.$selectedValue.'" SELECTED>'.$row['SERIAL_NUM'].$itemDesc.'</option>';
                    $selectedRows[$sRows] = $newRow['refNum'];
                    $sRows++;
                }
                if (sizeof($depTable) > 0) {
                    showSortableTable($depTable, 0);
                } else {
                    echo 'Comments (include person\'s name and company): <input size=50 name="invLogCommments" value="' . $invLogComments . '"/><br/><Br/>';
                }
                selectInventory($config, $selectedRows, $filters);
            } else {
                echo '<br/>Reference #: ' . $keyLogID . '<input type="hidden" name="keyLogID" value="' . $keyLogID . '" /><br />';
                if ($row['DEPUTYNAME'] == "SYSTEM, USER") {
                    echo ' Comments (include person\'s name and company): <br/><input size=50 name="invLogCommments" value="' . $row['COMMENTS'] . '"/><br/><Br/>';
                } else {
                    echo 'Deputy: ' . $row['DEPUTYNAME'] . '
                    Radio#: <input type="text" name="radioCallNum" value="' . $row['RADIO_CALLNUM'] . '" /><br/>
                        ';
                }
                $selectedRows[0] = $keyLogID;
                selectInventory($config, $selectedRows, $filters);
            }
            //selectRadioInventory($config, "radioID", $row['RADIOID']);
            echo '<br/><br/>';
            if ($row['TYPE'] == "LOANER") {
                echo '<input type="radio" name="checkOutType" value="LOANER" CHECKED>LOANER</input>';
            } else {
                echo '<input type="radio" name="checkOutType" value="LOANER">LOANER</input>';
            }
            if ($row['TYPE'] == "SHIFT") {
                echo '<input type="radio" name="checkOutType" value="SHIFT" CHECKED>SHIFT ASSIGNMENT</input><br/>';
            } else {
                echo '<input type="radio" name="checkOutType" value="SHIFT">SHIFT ASSIGNMENT</input>';
            }
            if ($config->adminLvl >= 25) {
                if ($row['TYPE'] == "PERM") {
                    echo '<input type="radio" name="checkOutType" value="PERM" CHECKED>PERMANENT</input>';
                } else {
                    echo '<input type="radio" name="checkOutType" value="PERM">PERMANENT</input>';
                }
            }
            echo '<br/><br/>Checked in time: ';
            if (strcmp($row['inTime'], "00/00/00 0000") == 0) {
                echo "<font color=red><b>Not Checked back in Yet</b></font><br /><br />";
                echo '<input type="submit" name="checkInKey" value="Check Back In" />';
            } else {
                echo '<font color=red>' . $row['inTime'] . '</font><br /><br />';
            }
            if (strcmp($row['inTime'], "00/00/00 0000") == 0 || $config->adminLvl >= 25) {
                echo '<input type="submit" name="updateKeyLog" value="Update" />';
            }
            if ($isApprove) {
                echo '<input type="submit" name="backToApprove" value="Back To Approvals" />';
            } else {
                echo '<input type="submit" name="goBtn" value="Back To Logs" />';
            }
        } else {
            echo 'Access Denied';
        }
    }
    if (!$isEditing && !isset($_POST['goBtn'])) {
        $filters = showSelectDivision($config, $divID, "I.");
        echo '<br/>';
        $keyLogID = isset($_POST['keyLogID']) ? $mysqli->real_escape_string($_POST['keyLogID']) : '';
        $keyID = isset($_POST['keyID']) ? $mysqli->real_escape_string(strtoupper($_POST['keyID'])) : '';
        $podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : '';
        $checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : '';
        $invLogComments = isset($_POST['invLogCommments']) ? $mysqli->real_escape_string(strtoupper($_POST['invLogCommments'])) : '';
        //debug
        //var_dump($_POST);
        //Show previously added deputies
        $deputyCount = 0;
        if ($num_deputies > 0) {
            for ($i = 0; $i < $num_deputies; $i++) {
                if (!isset($_POST['removeDeputyBtn' . $i])) {
                    $deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : '';
                    $isReserve[$i] = isset($_POST['isReserve' . $i]) ? true : false;
                    //get this user's information
                    if ($isReserve[$i]) {
                        $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $deputyID[$i];
                        $result = $mysqliReserve->query($myq);
                        SQLerrorCatch($mysqliReserve, $result);
                        $row = $result->fetch_assoc();
                    } else {
                        $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $deputyID[$i];
                        $result = $mysqli->query($myq);
                        SQLerrorCatch($mysqli, $result);
                        $row = $result->fetch_assoc();
                    }
                    if ($i == 0) {
                        $phone = $row['CELLPH'];
                    }
                    echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $deputyID[$i] . '" />';
                    if ($isReserve[$i] == 1) {
                        echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />';
                    }
                    echo $row['LNAME'] . ', ' . $row['FNAME'];
                    echo ';  Radio Call #: <input type="hidden" name="radioCallNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />' . $row['RADIO'];
                    echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />';
                    echo '<br/>';
                    $deputyCount++;
                }
            }
            //End for loop of previously added deputies
        }
        //End check for multiple deputies
        //Get added Deputy
        $totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : 0;
        $foundUserFNAME = '';
        $foundUserLNAME = '';
        $foundUserName = '';
        $foundUserID = '';
        if ($totalRows > 0) {
            //get post info providied from search results
            for ($i = 0; $i <= $totalRows; $i++) {
                if (isset($_POST['foundUser' . $i])) {
                    $foundUserFNAME = $_POST['foundUserFNAME' . $i];
                    $foundUserLNAME = $_POST['foundUserLNAME' . $i];
                    $foundUserName = $_POST['foundUserName' . $i];
                    $foundUserID = $_POST['foundUserID' . $i];
                    if (isset($_POST['isReserve' . $i])) {
                        $foundUserIsReserve = true;
                    } else {
                        $foundUserIsReserve = false;
                    }
                    break;
                }
                //end if
            }
            //end for
        }
        if (empty($foundUserID) && $num_deputies == 0) {
            //security check for central control computer
            if ($_SERVER['REMOTE_ADDR'] != nslookup('WSRF14900.mahoningcountyoh.gov')) {
                //'10.1.32.72'
                //Default first deputy to logged in user on first load
                $foundUserID = $_SESSION['userIDnum'];
                $foundUserIsReserve = false;
            }
        }
        if (!empty($foundUserID)) {
            if ($foundUserIsReserve) {
                $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $foundUserID;
                $result = $mysqliReserve->query($myq);
                SQLerrorCatch($mysqliReserve, $result);
            } else {
                $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $foundUserID;
                $result = $mysqli->query($myq);
                SQLerrorCatch($mysqli, $result);
            }
            $row = $result->fetch_assoc();
            if ($deputyCount == 0) {
                $phone = $row['CELLPH'];
            }
            echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $foundUserID . '" />';
            if ($foundUserIsReserve) {
                echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />';
            }
            echo $row['LNAME'] . ', ' . $row['FNAME'];
            echo ';  Radio Call#: <input name="radioCallNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />';
            echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />';
            echo '<br/>';
            $deputyCount++;
        }
        if (empty($foundUserID) && $deputyCount == 0) {
            //If no deputy
            echo 'Add Deputy: ';
            displayUserLookup($config);
            echo ' <br/><br/>or Comments (include person\'s name and company): <input size=50 name="invLogCommments" value="' . $invLogComments . '"/>';
        }
        echo '<input type="hidden" name="num_deputies" value="' . $deputyCount . '" />';
        $gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
        echo '<br/><br/><input type="hidden" name="gpID" value="' . $gpID . '" />';
        selectInventory($config, $itemIDs, $filters);
        echo '<br/><br/>';
        if ($checkOutType == "LOANER" || empty($checkOutType)) {
            echo '<input type="radio" name="checkOutType" value="LOANER" CHECKED>LOANER</input>';
        } else {
            echo '<input type="radio" name="checkOutType" value="LOANER">LOANER</input>';
        }
        if ($checkOutType == "SHIFT") {
            echo '<input type="radio" name="checkOutType" value="SHIFT" CHECKED>SHIFT ASSIGNMENT</input><br/>';
        } else {
            echo '<input type="radio" name="checkOutType" value="SHIFT">SHIFT ASSIGNMENT</input>';
        }
        if ($config->adminLvl >= 25) {
            if ($checkOutType == "PERM") {
                echo '<input type="radio" name="checkOutType" value="PERM" CHECKED>PERMANENT</input>';
            } else {
                echo '<input type="radio" name="checkOutType" value="PERM">PERMANENT</input>';
            }
        }
        echo '<br/><br/><input type="hidden" name="checkoutKeyBtn" value="true" />
            <input type="submit" name="addKeyLog" value="Check Out Selected Items" />
            <input type="submit" name="goBtn" value="Cancel" />';
    }
}
Example #12
0
 public function wts_inv_log($config)
 {
     $this->config = $config;
     $this->mysqliReserve = connectToSQL($reserveDB = TRUE);
 }