Example #1
0
if (isset($_SESSION['userid'])) {
    if ($_SESSION['type'] == 0) {
        require_once 'helper/Validation.php';
        //email validation
        $smarty->assign('CSS_URL', CSS_URL);
        $smarty->display('header.tpl');
        $smarty->assign('username', $_SESSION['username']);
        $smarty->display('userheader.tpl');
        if (isset($_POST['submit'])) {
            $valid = new validation();
            if ($valid->IsValidateemail($_POST['email']) && $_POST['username'] != NULL && $_POST['password'] != NULL && $_POST['contact'] != NULL && $_POST['address'] != NULL && $_POST['name'] != NULL && $_POST['department'] != NULL && $_POST['salary'] != NULL) {
                $login = new login();
                $login->add($_POST['username'], $_POST['password'], 1);
                //adding record to login table
                $userid = $login->getId($_POST['username']);
                $staff = new staff();
                $staff->add($userid, $_POST['email'], $_POST['username'], $_POST['contact'], $_POST['address'], $_POST['name'], $_POST['department'], $_POST['salary']);
                //adding record to staff table
            } else {
                echo "COMPLETE INFORMATION NECCESSARY";
            }
        }
        $smarty->display('newstaff.tpl');
        //including newstaff template
        $smarty->display('footer.tpl');
        //include footer file
    } else {
        header('Location:' . URL . 'notauthorised.php');
    }
} else {
    header('Location:' . URL . 'noaccess.php');
Example #2
0
$ticket = new ticket();
$ticket->db_open();
$user = new user();
$user->db_open();
if (isset($_GET['tid']) && filter_var($_GET['tid'], FILTER_VALIDATE_INT)) {
    $tid = $_GET['tid'];
} else {
    $tid = '0';
}
if ($_SESSION['userlevel'] != 1 && $_SESSION['userlevel'] != "") {
    $admin = true;
} else {
    $admin = false;
}
if (isset($_POST['action']) && $_POST['action'] == 'Delete' && $admin) {
    $staff = new staff();
    $staff->db_open();
    $delete = $staff->delete_ticket($_GET['tid']);
    if ($delete) {
        header('Location: index.php');
    } else {
        $error = htmlspecialchars($staff->get_error(), ENT_QUOTES);
    }
}
if (isset($_POST['action']) && $_POST['action'] == 'Close' && $admin) {
    $close = $ticket->close_ticket($_GET['tid']);
    if (!$close) {
        $error = htmlspecialchars($staff->get_error(), ENT_QUOTES);
    }
}
if (isset($_POST['action']) && $_POST['action'] == 'Open' && $admin) {
Example #3
0
 $login = new login();
 if ($login->checkAuthentication($_POST['username'], $_POST['password'])) {
     $_SESSION['username'] = $_POST['username'];
     //setting session parameters
     $_SESSION['type'] = $login->get('type', $_POST['username']);
     $_SESSION['userid'] = $login->get('userid', $_POST['username']);
     $time = date("d-m-Y  h:i:sa");
     $_SESSION['last_login'] = strtotime($time);
     $login->update('last_login', $_SESSION['last_login'], $_SESSION['userid']);
     //add last login
     switch ($_SESSION['type']) {
         case 0:
             header('Location:' . URL . 'adminhp.php');
             break;
         case 1:
             $staff = new staff();
             $_SESSION['staffid'] = $staff->get('staffid', $_POST['username']);
             switch ($_SESSION['staffid']) {
                 case 0:
                     header('Location:' . URL . 'transporthp.php');
                     break;
                 case 1:
                     header('Location:' . URL . 'accounthp.php');
                     break;
                 case 2:
                     header('Location:' . URL . 'managinghp.php');
                     break;
             }
             break;
         case 2:
             header('Location:' . URL . 'userhp.php');
Example #4
0
<?php

/*
 * Author: Sari Haj Hussein
 */
session_start();
if (!isset($_SESSION['login']) || !$_SESSION['login'] == "yes" || $_SESSION['userlevel'] != 3) {
    header("Location: index.php");
    exit;
}
include 'classes/ticket.php';
include 'classes/staff.php';
$ticket = new ticket();
$ticket->db_open();
if (isset($_POST['deldepartment']) || isset($_POST['adddepartment']) || isset($_POST['delproduct']) || isset($_POST['addproduct'])) {
    $staff = new staff();
    $staff->db_open();
    if (isset($_POST['deldepartment'])) {
        $edit = $staff->edit_departments($_POST['deldepartment'], 'del');
    } elseif (isset($_POST['adddepartment'])) {
        $edit = $staff->edit_departments($_POST['adddepartment'], 'add');
    } elseif (isset($_POST['delproduct'])) {
        $edit = $staff->edit_products($_POST['delproduct'], 'del');
    } elseif (isset($_POST['addproduct'])) {
        $edit = $staff->edit_products($_POST['addproduct'], 'add');
    }
    if ($edit) {
        $successmsg = "Operation successfull";
    } else {
        $errormsg = $staff->get_error();
    }
Example #5
0
?>
<?php// echo $form->labelEx($model,'fk_componentDetail'); ?>
		<?php 
?>
<?php// echo $form->textField($model,'fk_componentDetail',array('size'=>7,'maxlength'=>7)); ?>
		<?php 
?>
<?php// echo $form->error($model,'fk_componentDetail'); ?>
	</div>
-->
	<div class="row">
		<?php 
echo $form->labelEx($model, 'fk_staff');
?>
		<?php 
echo $form->dropDownList($model, 'fk_staff', CHtml::listData(staff::model()->findAll(array('order' => 'fullName ASC')), 'id', 'fullName'), array('prompt' => 'Select Staff'));
?>
		<?php 
echo $form->error($model, 'fk_staff');
?>
	</div>

	<div class="row">
		<?php 
echo $form->labelEx($model, 'dateIssued');
?>
		<?php 
//Date picker widget for purchase date
?>
		<?php 
$this->widget('zii.widgets.jui.CJuiDatePicker', array('model' => $model, 'attribute' => 'dateIssued', 'options' => array('showOn' => 'both', 'dateFormat' => 'yy-mm-dd', 'changeYear' => true, 'changeMonth' => true, 'yearRange' => '2000:2099')));