function DisplayPendingAdHocRequestsTableBody($userID)
{
$filter[AD_HOC_EMP_ID] = $userID;
$adHocRequests = RetrieveAdHocAbsenceRequests($filter);
if ($adHocRequests != NULL) {
foreach ($adHocRequests as $request) {
$absenceTypeID = $request[AD_HOC_ABSENCE_TYPE_ID];
$absenceType = RetrieveAbsenceTypeByID($absenceTypeID);
echo '<tr>';
echo '<td>' . $request[AD_HOC_START] . '</td>';
echo '<td>' . $request[AD_HOC_END] . '</td>';
echo '<td>' . $absenceType[ABS_TYPE_NAME] . '</td>';
echo '<td> <button class="btn btn-success" type="submit" ' . 'name="amendAdHoc" value="' . $request[AD_HOC_REQ_ID] . '">Amend' . '</button></td>';
echo '<td> <button class="btn btn-danger" type="submit" ' . 'name="deleteAdHoc" value="' . $request[AD_HOC_REQ_ID] . '">Delete' . '</button></td>';
echo '</tr>';
}
}
}
function PopulateAdHocTable()
{
$requests = RetrieveAdHocAbsenceRequests();
if ($requests != NULL) {
foreach ($requests as $request) {
$employeeID = $request[AD_HOC_EMP_ID];
$employee = RetrieveEmployeeByID($employeeID);
$absenceTypeID = $request[AD_HOC_ABSENCE_TYPE_ID];
$absenceType = RetrieveAbsenceTypeByID($absenceTypeID);
echo '<tr>';
echo '<td>' . $employee[EMP_NAME] . '</td>';
echo '<td>' . $request[AD_HOC_START] . '</td>';
echo '<td>' . $request[AD_HOC_END] . '</td>';
echo '<td>' . $absenceType[ABS_TYPE_NAME] . '</td>';
echo '<td> <button class="btn btn-success" type="submit" name="amend"' . 'value="' . $request[AD_HOC_REQ_ID] . '">Amend</button></td>';
echo '<td> <button class="btn btn-danger" type="submit" name="delete"' . 'value="' . $request[AD_HOC_REQ_ID] . '">Delete</button></td>';
echo '</tr>';
}
}
}
function DisplayApproveAbsenceTableBody()
{
$bookings = RetrieveApprovedAbsenceBookings();
if ($bookings != NULL) {
foreach ($bookings as $booking) {
$employeeID = $booking[APPR_ABS_EMPLOYEE_ID];
$employee = RetrieveEmployeeByID($employeeID);
$absenceTypeID = $booking[APPR_ABS_ABS_TYPE_ID];
$absenceType = RetrieveAbsenceTypeByID($absenceTypeID);
echo "<tr>";
echo "<td>" . $employee[EMP_NAME] . "</td>";
echo "<td>" . $booking[APPR_ABS_START_DATE] . "</td>";
echo "<td>" . $booking[APPR_ABS_END_DATE] . "</td>";
echo "<td>" . $absenceType[ABS_TYPE_NAME] . "</td>";
echo '<td> <button class="btn btn-success" type="submit" name="amend"' . 'value="' . $booking[APPR_ABS_BOOKING_ID] . '">Amend</button></td>';
echo '<td> <button class="btn btn-danger" type="submit" name="delete"' . 'value="' . $booking[APPR_ABS_BOOKING_ID] . '">Delete</button></td>';
echo "</tr>";
}
}
}
function SendShortfallAlertToOfficeManager($employeeID, $startDate, $endDate, $absenceTypeID)
{
$employee = RetrieveEmployeeByID($employeeID);
$employeeName = $employee[EMP_NAME];
$absenceType = RetrieveAbsenceTypeByID($absenceTypeID);
$absenceName = $absenceType[ABS_TYPE_NAME];
$role = RetrieveCompanyRoleByID($employee[EMP_COMPANY_ROLE]);
$roleName = $role[COMP_ROLE_NAME];
$minimumStaff = $role[COMP_ROLE_MIN_STAFF];
$from = "*****@*****.**";
$subject = "URGENT: STAFF SHORTFALL";
$message = "Between {$startDate} and {$endDate} the number of staff performing the " . "role of {$roleName} will be below {$minimumStaff}." . "This is due to {$employeeName} being absent with {$absenceName}.";
$filter[EMP_MANAGER_PERM] = 1;
$managers = RetrieveEmployees($filter);
$success = TRUE;
foreach ($managers as $manager) {
if (!mail($manager[EMP_EMAIL], $subject, $message)) {
$success = FALSE;
}
}
return $success;
}
function DisplaySearchTableBody($startDate, $endDate)
{
date_default_timezone_set('UTC');
$startDate = $_POST["startDate"];
$startDateTime = strtotime($startDate);
$endDate = $endDateTime = strtotime($endDate);
$bookings = RetrieveApprovedAbsenceBookings();
if ($bookings != NULL) {
foreach ($bookings as $booking) {
$bookingStartTime = strtotime($booking[APPR_ABS_START_DATE]);
$bookingEndTime = strtotime($booking[APPR_ABS_START_DATE]);
if ($bookingStartTime >= $startDateTime and $bookingEndTime <= $endDateTime) {
$employee = RetrieveEmployeeByID($booking[APPR_ABS_EMPLOYEE_ID]);
$absenceType = RetrieveAbsenceTypeByID($booking[APPR_ABS_ABS_TYPE_ID]);
echo '<tr>';
echo '<td>' . $employee[EMP_NAME] . '</td>';
echo '<td>' . $booking[APPR_ABS_START_DATE] . '</td>';
echo '<td>' . $booking[APPR_ABS_END_DATE] . '</td>';
echo '<td>' . $absenceType[ABS_TYPE_NAME] . '</td>';
echo '</tr>';
}
}
}
}
function ProcessAbsenceRequest($employeeID, $startDate, $endDate, $absenceTypeID, &$statusMessage)
{
//Assume that booking will be approved. Will be set to FALSE in function
//if necessary.
$bookingApproved = TRUE;
//--------------------------------------------------------------------------
//Check to ensure if the employee has sufficent leave available to cover the
//requested period.
//--------------------------------------------------------------------------
if (HasSufficentAnnualLeave($employeeID, $startDate, $endDate, $absenceTypeID) == FALSE) {
//Employee has insufficent leave available. Deny the request.
$statusMessage .= "Insufficent Annual Leave to cover the period " . "requested.</br>";
$message = "Insufficent Annual Leave to cover the period requested.";
SendDeniedEmail($employeeID, $startDate, $endDate, $message);
$bookingApproved = FALSE;
} else {
//----------------------------------------------------------------------
//Check to ensure there are sufficent staff in the same role as employee
//working to cover the request.
//----------------------------------------------------------------------
if (SufficentStaffInRoleToGrantRequest($employeeID, $startDate, $endDate)) {
//Sufficent staff are available, grant the request.
CreateApprovedAbsenceBooking($employeeID, $startDate, $endDate, $absenceTypeID);
SendApprovedEmail($employeeID, $startDate, $endDate);
$statusMessage .= "Absence Approved from {$startDate} to {$endDate}. " . "Staff notifed via email.</br>";
$bookingApproved = TRUE;
} else {
//------------------------------------------------------------------
// Granting the request would mean going below the minimum staffing
// level for the role. However, if the type of absence requested is
// not deniable, then we have to grant the leave.
//-----------------------------------------------------------------
$absenceType = RetrieveAbsenceTypeByID($absenceTypeID);
if ($absenceType[ABS_TYPE_CAN_BE_DENIED]) {
//Type of leave requested can be denied. Deny the request.
$bookingApproved = FALSE;
$statusMessage .= "Absence Rejected from {$startDate} to {$endDate}." . "Request would leave role below minimum " . "staffing level. Staff notified via email.</br>";
$message = "Absence Rejected from {$startDate} to {$endDate}. " . "Request would leave role below minimum staffing " . "level. Staff notified via email.";
SendDeniedEmail($employeeID, $startDate, $endDate, $message);
} else {
//--------------------------------------------------------------
//Type of leave requested can not be denied. Approve the request.
//But also inform the office manager that we will be going below
//the minimum staffing level.
//--------------------------------------------------------------
$absenceType = RetrieveAbsenceTypeByID($absenceTypeID);
$statusMessage .= "Absence Approved from {$startDate} to {$endDate}." . "Staff notifed via email.</br>";
$statusMessage .= "<em>Note that the " . $absenceType[ABS_TYPE_NAME] . " role will be under the minimum staffing level" . " during this time. </br>";
CreateApprovedAbsenceBooking($employeeID, $startDate, $endDate, $absenceTypeID);
SendApprovedEmail($employeeID, $startDate, $endDate);
SendShortfallAlertToOfficeManager($employeeID, $startDate, $endDate, $absenceTypeID);
$bookingApproved = TRUE;
}
}
}
return $bookingApproved;
}
function UpdateApprovedAbsenceBooking($fields)
{
$statusMessage = "";
//--------------------------------------------------------------------------------
// Validate Input parameters
//--------------------------------------------------------------------------------
$inputIsValid = TRUE;
$validID = false;
$countOfFields = 0;
foreach ($fields as $key => $value) {
if ($key == APPR_ABS_BOOKING_ID) {
$record = RetrieveApprovedAbsenceBookingByID($value);
if ($record != NULL) {
$validID = true;
$countOfFields++;
}
} else {
if ($key == APPR_ABS_EMPLOYEE_ID) {
$countOfFields++;
$record = RetrieveEmployeeByID($value);
if ($record == NULL) {
$statusMessage .= "Unable to locate employee in database</br>";
error_log("Invalid EMP_ID passed to " . "UpdateApprovedAbsenceBooking. Value=" . $value);
$inputIsValid = FALSE;
}
} else {
if ($key == APPR_ABS_START_DATE) {
$countOfFields++;
if (!isValidDate($value)) {
$statusMessage .= "Start date is not a valid date.</br>";
error_log("Invalid APPR_ABS_START_DATE passed to " . "UpdateApprovedAbsenceBooking. Value=" . $value);
$inputIsValid = FALSE;
}
} else {
if ($key == APPR_ABS_END_DATE) {
$countOfFields++;
if (!isValidDate($value)) {
$statusMessage .= "End date is not a valid date.</br>";
error_log("Invalid APPR_ABS_END_DATE passed to " . "UpdateApprovedAbsenceBooking. Value=" . $value);
$inputIsValid = FALSE;
}
} else {
if ($key == APPR_ABS_ABS_TYPE_ID) {
$countOfFields++;
$record = RetrieveAbsenceTypeByID($value);
if ($record == NULL) {
$statusMessage .= "Unable to locate absence type in database</br>";
error_log("Invalid APPR_ABS_ABS_TYPE_ID passed to " . "UpdateApprovedAbsenceBooking. Value=" . $value);
$inputIsValid = FALSE;
}
} else {
$statusMessage .= "Unexpected field found in input</br>";
error_log("Invalid field passed to UpdateApprovedAbsenceBooking." . " {$key}=" . $key);
$inputIsValid = FALSE;
}
}
}
}
}
}
$absenceStartDate = $fields[APPR_ABS_START_DATE];
$absenceEndDate = $fields[APPR_ABS_END_DATE];
if (strtotime($absenceEndDate) < strtotime($absenceStartDate)) {
$statusMessage .= "end Date is before start Date.</br>";
error_log("End Date is before Start Date.");
$inputIsValid = FALSE;
}
if (!$validID) {
$statusMessage .= "No valid ID supplied</br>";
error_log("No valid ID supplied in call to UpdateApprovedAbsenceBooking.");
$inputIsValid = FALSE;
}
if ($countOfFields < 2) {
$statusMessage .= "Insufficent fields supplied</br>";
error_log("Insufficent fields supplied in call to UpdateApprovedAbsenceBooking.");
$inputIsValid = FALSE;
}
//--------------------------------------------------------------------------------
// Only attempt to update a record in the database if the input parameters are ok.
//--------------------------------------------------------------------------------
$success = false;
if ($inputIsValid) {
$success = performSQLUpdate(APPROVED_ABSENCE_BOOKING_TABLE, APPR_ABS_BOOKING_ID, $fields);
if ($success) {
$statusMessage .= "Record updated successfully.</br>";
} else {
$statusMessage .= "Unexpected error encountered when updating database.</br>";
$inputIsValid = false;
}
}
GenerateStatus($inputIsValid, $statusMessage);
return $success;
}
function UpdateAdHocAbsenceRequest($fields)
{
$statusMessage = "";
//-------------------------------------------------------------------------
// Validate Input parameters
//-------------------------------------------------------------------------
$inputIsValid = TRUE;
$validID = false;
$countOfFields = 0;
foreach ($fields as $key => $value) {
if ($key == AD_HOC_REQ_ID) {
$record = RetrieveAdHocAbsenceRequestByID($value);
if ($record != NULL) {
$validID = true;
$countOfFields++;
}
} else {
if ($key == AD_HOC_EMP_ID) {
$countOfFields++;
$record = RetrieveEmployeeByID($value);
if ($record == NULL) {
$statusMessage .= "Employee specified can not be found in the " . "database.</br>";
error_log("Invalid AD_HOC_EMP_ID passed to " . "UpdateAdHocAbsenceRequest." . " Value=" . $value);
$inputIsValid = FALSE;
}
} else {
if ($key == AD_HOC_START) {
$countOfFields++;
if (!isValidDate($value)) {
$statusMessage .= "Start date entered is not a valid date.</br>";
error_log("Invalid AD_HOC_START passed to UpdateAdHocAbsenceRequest." . " Value=" . $value);
$inputIsValid = FALSE;
}
} else {
if ($key == AD_HOC_END) {
$countOfFields++;
if (!isValidDate($value)) {
$statusMessage .= "End date entered is not a valid date.</br>";
error_log("Invalid AD_HOC_END passed to UpdateAdHocAbsenceRequest." . " Value=" . $value);
$inputIsValid = FALSE;
}
} else {
if ($key == AD_HOC_ABSENCE_TYPE_ID) {
$countOfFields++;
$record = RetrieveAbsenceTypeByID($value);
if ($record == NULL) {
$statusMessage .= "Absence Type selected can not be found in the " . "database.</br>";
error_log("Invalid AD_HOC_ABSENCE_TYPE_ID passed to " . "UpdateAdHocAbsenceRequest. Value=" . $value);
$inputIsValid = FALSE;
}
} else {
$statusMessage .= "Unknown field encountered.</br>";
error_log("Invalid field passed to UpdateAdHocAbsenceRequest." . " {$key}=" . $key);
$inputIsValid = FALSE;
}
}
}
}
}
}
$startDate = $fields[AD_HOC_START];
$endDate = $fields[AD_HOC_END];
if (strtotime($endDate) < strtotime($startDate)) {
$statusMessage .= "end Date is before start Date.</br>";
error_log("End Date is before Start Date.");
$inputIsValid = FALSE;
}
if (!$validID) {
$statusMessage .= "No valid record ID found.</br>";
error_log("No valid ID supplied in call to UpdateAbsenceType.");
$inputIsValid = FALSE;
}
if ($countOfFields < 2) {
$statusMessage .= "Insufficent fields supplied in call to UpdateAbsenceType.</br>";
error_log("Insufficent fields supplied in call to UpdateAbsenceType.");
$inputIsValid = FALSE;
}
//-------------------------------------------------------------------------
// Only attempt to update a record in the database if the input parameters
// are ok.
//-------------------------------------------------------------------------
$success = false;
if ($inputIsValid) {
$success = performSQLUpdate(ADHOC_ABSENCE_REQUEST_TABLE, AD_HOC_REQ_ID, $fields);
if ($success) {
$statusMessage .= "Record successfully updated.</br>";
} else {
$statusMessage .= "Unexpected error encountered when updating database." . "Contact your system administrator.</br>";
$inputIsValid = false;
}
}
GenerateStatus($inputIsValid, $statusMessage);
return $success;
}
function UpdateAbsenceType($fields)
{
$statusMessage = "";
//-------------------------------------------------------------------------
// Validate Input parameters
//-------------------------------------------------------------------------
$inputIsValid = TRUE;
$validID = false;
$countOfFields = 0;
foreach ($fields as $key => $value) {
if ($key == ABS_TYPE_ID) {
$record = RetrieveAbsenceTypeByID($value);
if ($record != NULL) {
$validID = true;
$countOfFields++;
}
} else {
if ($key == ABS_TYPE_NAME) {
$countOfFields++;
if (isNullOrEmptyString($value)) {
$statusMessage .= "Invalid absence type name. Can not be empty.</br>";
error_log("Invalid ABS_TYPE_NAME passed to UpdateAbsenceType.");
$inputIsValid = FALSE;
}
} else {
if ($key == ABS_TYPE_USES_LEAVE) {
$countOfFields++;
if ($value != 0 and $value != 1) {
$statusMessage .= "Invalid uses annual leave flag value.</br>";
error_log("Invalid ABS_TYPE_USES_LEAVE passed to UpdateAbsenceType.");
$inputIsValid = FALSE;
}
} else {
if ($key == ABS_TYPE_CAN_BE_DENIED) {
$countOfFields++;
if ($value != 0 and $value != 1) {
$statusMessage .= "Invalid can be denied flag value.</br>";
error_log("Invalid ABS_TYPE_CAN_BE_DENIED passed to UpdateAbsenceType.");
$inputIsValid = FALSE;
}
} else {
$statusMessage .= "Invalid field encountered.</br>";
error_log("Invalid field passed to UpdateAbsenceType. {$key}=" . $key);
$inputIsValid = FALSE;
}
}
}
}
}
if (!$validID) {
$statusMessage .= "No valid ID supplied.</br>";
error_log("No valid ID supplied in call to UpdateAbsenceType.");
$inputIsValid = FALSE;
}
if ($countOfFields < 2) {
$statusMessage .= "Insufficent fields supplied in call.</br>";
error_log("Insufficent fields supplied in call to UpdateAbsenceType.");
$inputIsValid = FALSE;
}
//--------------------------------------------------------------------------------
// Only attempt to update a record in the database if the input parameters are ok.
//--------------------------------------------------------------------------------
$success = false;
if ($inputIsValid) {
$success = performSQLUpdate(ABSENCE_TYPE_TABLE, ABS_TYPE_ID, $fields);
if ($success) {
$statusMessage .= "Record successfully created in Database.</br>";
} else {
$statusMessage .= "Unexpected database error encountered when " . "trying to perform update.</br>";
$inputIsValid = false;
}
}
GenerateStatus($inputIsValid, $statusMessage);
return $success;
}
<?php
include 'sessionmanagement.php';
if (!$isAdministrator) {
header('Location: index.php');
exit;
}
if ($_GET["ID"] != NULL) {
$absenceType = RetrieveAbsenceTypeByID($_GET["ID"]);
$usesLeave = false;
if ($absenceType[ABS_TYPE_USES_LEAVE] == 1) {
$usesLeave = true;
}
$canBeDenied = false;
if ($absenceType[ABS_TYPE_CAN_BE_DENIED] == 1) {
$canBeDenied = true;
}
}
if (isset($_POST["cancel"])) {
$url = "Location:adminAbsenceTypes.php";
header($url);
}
if (isset($_POST["update"])) {
$absenceType[ABS_TYPE_ID] = $_GET["ID"];
$absenceType[ABS_TYPE_NAME] = $_POST["name"];
$usesLeave = "0";
if (isset($_POST["usesLeave"])) {
$usesLeave = "1";
}
$canBeDenied = "0";
if (isset($_POST["canBeDenied"])) {