function alert_PostPayrollValidation($config)
{
    if ($config->adminLvl == 50) {
        $dismiss = isset($_POST['dismissPostValidBtn']) ? true : false;
        $dismiss = isset($_GET['postPayrollValid']) ? true : $dismiss;
        //No dismissal session variable for real time alerting
        $dismissTime = isset($_SESSION['dismissPayrollValid']) ? $_SESSION['dismissPayrollValid'] : false;
        if (!$dismiss) {
            $current_timestamp = strtotime(date('Y-m-d H:i'));
            $compare_timestamp = strtotime("-30 minute", $current_timestamp);
            if (strtotime($dismissTime) >= $compare_timestamp) {
                //popUpMessage('Will not display message '.strtotime($dismissTime). ' vs '.$compare_timestamp);
            } else {
                $mysqli = $config->mysqli;
                //Get approved time request submitted to HR if date of use is prior to last pay period and
                //current date is after end of payperiod
                //determine last day of last approved pay period
                $today = date('Y-m-d');
                $myq = "SELECT COUNT(REFER), MAX(USEDATE) 'endDate', MIN(USEDATE) 'startDate'\r\n                    FROM REQUEST\r\n                    WHERE (STATUS='APPROVED' OR STATUS='DENIED')\r\n                    AND HRAPP_IS = '0'\r\n                    AND USEDATE <= (SELECT PPEND FROM PAYPERIOD WHERE PPEND = (SELECT PPBEG-1 FROM PAYPERIOD WHERE '" . $today . "' BETWEEN PPBEG AND PPEND))";
                $result = $mysqli->query($myq);
                SQLerrorCatch($mysqli, $result, $myq);
                if ($result->num_rows > 0) {
                    $_SESSION['dismissPayrollValid'] = date('Y-m-d H:i');
                    $row = $result->fetch_assoc();
                    popUpMessage('<div align="center"><form name="verifyAlert" method="POST" action="?hrEmpRep=true&cust=true&postPayrollValid=true">
                        New Time Request after validation!
                        <input type="submit" name="dismissPostValidBtn" value="Go to Alert" />
                        <input type="hidden" name="start" value="' . $row['startDate'] . '" />
                        <input type="hidden" name="end" value="' . $row['endDate'] . '" />
                        </form></div>', 'ALERT');
                }
            }
        } else {
            $_SESSION['dismissPayrollValid'] = date('Y-m-d H:i');
        }
    }
}
function expungeRequest($mysqli, $referNum, $unExpunge = false, $delBtnIndex = false, $totalRows = false, $extraInputs = '')
{
    $confirmBtn = isset($_POST['confirmBtn']) ? true : false;
    if ($unExpunge) {
        if (!isset($_POST['okBtn'])) {
            $myq = "UPDATE REQUEST \r\n                SET STATUS='PENDING'\r\n                WHERE REFER=" . $mysqli->real_escape_string($referNum);
            $result = $mysqli->query($myq);
            if (!SQLerrorCatch($mysqli, $result, $myq, $debug = false)) {
                $configNew = new Config();
                $configNew->setAdmin(isset($_SESSION['admin']) ? $_SESSION['admin'] : -1);
                popUpMessage('Request ' . $referNum . ' Has been placed back into PENDING State. 
                        <div align="center"><form method="POST">
                        ' . $extraInputs . '                    
                        <input type="submit" name="okBtn" value="OK" />
                        </form></div>');
                addLog($configNew->mysqli, 'UnExpunged Time Request with Ref# ' . $referNum);
            }
        }
    } else {
        if ($confirmBtn && !empty($_POST['expungedReason']) && $_SESSION['admin']) {
            $myq = "UPDATE REQUEST \r\n                    SET STATUS='EXPUNGED',\r\n                    HRAPP_ID='0',\r\n                    EX_REASON='" . $mysqli->real_escape_string($_POST['expungedReason']) . "',\r\n                    AUDITID='" . $mysqli->real_escape_string($_SESSION['userIDnum']) . "',\r\n                    IP= INET_ATON('" . $mysqli->real_escape_string($_SERVER['REMOTE_ADDR']) . "')\r\n                    WHERE REFER='" . $mysqli->real_escape_string($referNum) . "'";
            $result = $mysqli->query($myq);
            if (!SQLerrorCatch($mysqli, $result, $myq, $debug = false)) {
                $configNew = new Config();
                $configNew->setAdmin(isset($_SESSION['admin']) ? $_SESSION['admin'] : -1);
                addLog($configNew, 'Expunged Time Request with Ref# ' . $referNum);
                popUpMessage('Request ' . $referNum . ' expunged. 
                                <div align="center"><form method="POST" action="' . $_SERVER['REQUEST_URI'] . '">
                                ' . $extraInputs . '                     
                                <input type="submit" name="okBtn" value="OK" />
                                </form></div>');
            }
        } else {
            if (!isset($_POST['okBtn'])) {
                $result = "";
                if (isset($_POST['expungedReason'])) {
                    if (empty($_POST['expungedReason'])) {
                        $result = '<font color="red">Requires a Reason</font><br/>';
                    }
                }
                $echo = '<div align="center"><form method="POST" action="' . $_SERVER['REQUEST_URI'] . '">
                    <input name="deleteBtn' . $delBtnIndex . '" type="hidden" value="' . $referNum . '" />
                    <input type="hidden" name="totalRows" value="' . $totalRows . '" />
                    Request ' . $referNum . ' to be expunged<br/>   ' . $result . '
                    Reason:<textarea name="expungedReason"></textarea><br/>
                    <input type="submit" name="confirmBtn" value="CONFIRM EXPUNGE" />
                    <input type="submit" name="okBtn" value="CANCEL" />
                    ' . $extraInputs . ' 
                    </form></div>';
                popUpMessage($echo);
            }
        }
    }
}
function checkInRadioLog($config, $radioLogID, $noLog = false, $hiddenInputs = '')
{
    $mysqli = $config->mysqli;
    $checkq = "SELECT PRIORITY_TYPE, TYPE.DESCR 'Type', I.IDNUM 'IDNUM'\r\n        FROM WTS_INVENTORY I\r\n        LEFT JOIN WTS_INV_TYPE TYPE ON TYPE.IDNUM=I.TYPE\r\n        WHERE I.IDNUM=(SELECT RADIOID FROM WTS_RADIOLOG WHERE REFNUM='" . $radioLogID . "')";
    $checkResult = $mysqli->query($checkq);
    SQLerrorCatch($mysqli, $checkResult, $checkq);
    $row = $checkResult->fetch_assoc();
    $validInputs = true;
    $wasCheckedIn = false;
    $ereason = isset($_POST['ereason']) ? $_POST['ereason'] : '';
    if ($row['PRIORITY_TYPE'] == "EMERGENCY") {
        $ereaesonBtn = isset($_POST['ereaesonBtn']) ? true : false;
        if (!$ereaesonBtn) {
            popUpMessage('Emergency Reason: <br/>
                <form method="POST"><input name="ereason"/><br/>
                <input type="submit" name="ereaesonBtn" value="Submit Reason" />' . $hiddenInputs . '
                </form>');
            $validInputs = false;
        }
    } else {
        if ($row['Type'] == "VEHICLE") {
            $vStatusBtn = isset($_POST['vStatusBtn']) ? true : false;
            $showPopUp = true;
            $error = '';
            if ($vStatusBtn) {
                $vmilage = isset($_POST['vmilage']) ? $_POST['vmilage'] : '';
                $vIssues = isset($_POST['vIssues']) ? $_POST['vIssues'] : '';
                if (!empty($vmilage)) {
                    $error = vehUpdateHistory($config, $row['IDNUM'], $vmilage, $vIssues);
                    if (!$error) {
                        $showPopUp = false;
                        $validInputs = true;
                    } else {
                        $error .= '<br/>';
                        $showPopUp = true;
                    }
                } else {
                    $showPopUp = true;
                }
            }
            if ($showPopUp) {
                popUpMessage('</form><div align="center"><form method="POST">
                ' . $error . '
                Ending Milage: <input type="text" name="vmilage"/><br/>
                New Maintenance Issues:<textarea name="vIssues"></textarea><br/>
                <input type="submit" name="vStatusBtn" value="Submit Vehilce Report" />' . $hiddenInputs . '
                </form></div><form method="POST">', "Update Vehicle History");
                $validInputs = false;
            }
        }
    }
    if ($validInputs) {
        $myq = "UPDATE WTS_RADIOLOG SET CHECKEDOUT = '0', `AUDIT_IN_ID` = '" . $_SESSION['userIDnum'] . "',\r\n            `AUDIT_IN_TS` = NOW(), `EREASON` = '" . $ereason . "',\r\n            `AUDIT_IN_IP` = INET_ATON('" . $_SERVER['REMOTE_ADDR'] . "') WHERE WTS_RADIOLOG.REFNUM = '" . $radioLogID . "' LIMIT 1";
        $myUpdate = "UPDATE `WTS_INVENTORY` SET `QUANTITY_AVAILABLE`=`QUANTITY_AVAILABLE` + 1 \r\n              WHERE IDNUM = (SELECT RADIOID FROM WTS_RADIOLOG WHERE WTS_RADIOLOG.REFNUM = '" . $radioLogID . "') LIMIT 1;";
        $result = $mysqli->query($myq);
        if (!SQLerrorCatch($mysqli, $result, $myq)) {
            $resultUpdate = $mysqli->query($myUpdate);
            if (!SQLerrorCatch($mysqli, $resultUpdate, $myUpdate)) {
                $wasCheckedIn = true;
                if (!$noLog) {
                    echo '<font color="red">Successfully checked item back in with Reference Number: ' . $radioLogID . '</font><br /><br/>';
                    addLog($config, 'Radio log #' . $radioLogID . ' checked back in');
                }
            } else {
                //Attempt to fix ALL QUANTITY Errors
                $myupdate = "UPDATE `WTS_INVENTORY` \r\n                    SET `QUANTITY_AVAILABLE`=`QUANTITY` - \r\n                    (SELECT COUNT(CHECKEDOUT) FROM WTS_RADIOLOG WHERE CHECKEDOUT = 1 AND WTS_RADIOLOG.RADIOID = `WTS_INVENTORY`.IDNUM)";
                $result = $mysqli->query($myupdate);
                SQLerrorCatch($mysqli, $result, $myupdate);
                echo '<h2>Results</h2><font color="red">ERROR - Failed to update quantities, attempted Global Fix</font><br /><Br />';
            }
        } else {
            echo '<h2>Results</h2><font color="red">Failed to check radio back in, try again.</font><br /><Br />';
        }
    }
    return $wasCheckedIn;
}
function selectUserSearch($config, $userToFind, $rowCount, $select = false)
{
    //LDAP Search
    $cnx = ldap_connect($config->ldap_server);
    $user = $config->ldapUser;
    $pass = $config->ldapPass;
    $ldaprdn = $user . '@' . $config->domain;
    ldap_set_option($cnx, LDAP_OPT_PROTOCOL_VERSION, 3);
    //Set the LDAP Protocol used by your AD service
    ldap_set_option($cnx, LDAP_OPT_REFERRALS, 0);
    //This was necessary for my AD to do anything
    if ($ldapbind = ldap_bind($cnx, $ldaprdn, $pass)) {
        //Split given domain into LDAP Base DN
        $temp = explode(".", $config->domain);
        $dn = null;
        foreach ($temp as $dc) {
            if (empty($dn)) {
                $dn = "DC=" . $dc;
            } else {
                $dn = $dn . ",DC=" . $dc;
            }
        }
        error_reporting(E_ALL ^ E_NOTICE);
        //Suppress some unnecessary messages
        $filter = "(&(objectCategory=person)(objectClass=user)";
        $filter .= "(|(samaccountname=*" . $userToFind . "*)(sn=*" . $userToFind . "*)(displayname=*" . $userToFind . "*)";
        $filter .= "(mail=*" . $userToFind . "*)(department=*" . $userToFind . "*)(title=*" . $userToFind . "*)))";
        //Search fields
        $res = ldap_search($cnx, $dn, $filter);
        $totalRows = ldap_count_entries($cnx, $res);
        $info = ldap_get_entries($cnx, $res);
        echo "Number of entries in Active Directory returned is " . $totalRows . "<br /><br /><hr />";
        for ($i = 0; $i < $info["count"]; $i++) {
            //echo "dn is: " . $info[$i]["dn"] . "<br />";
            echo '<div align="center"><table width="400"><tr><td>';
            if ($select) {
                echo '<input name="foundUser' . $rowCount . '" type="radio" onClick="this.form.action=\'?' . $_POST['formName'] . "=true'" . ';this.form.submit()" />Select</td><td>';
            }
            echo "Display Name: " . $info[$i]["displayname"][0] . "<br />";
            echo '<input type="hidden" name="foundUserFNAME' . $rowCount . '" value="' . $info[$i]["givenname"][0] . '" />First name: ' . $info[$i]["givenname"][0] . "<br />";
            echo '<input type="hidden" name="foundUserLNAME' . $rowCount . '" value="' . $info[$i]["sn"][0] . '" /> Last Name: ' . $info[$i]["sn"][0] . "<br />";
            echo '<input type="hidden" name="foundUserName' . $rowCount . '" value="' . $info[$i]["samaccountname"][0] . '" /> Username: '******'<br />';
            //Check user in Employee Database and output IDNUM if found
            $searchResult = searchDatabase($config, $info[$i]["samaccountname"][0], $i, false);
            if ($searchResult < 1) {
                //User not in database, so register the user
                registerUser($info[$i]["samaccountname"][0], "temp01", "temp01", 0, 1);
            }
            //Get user's IDNUM
            $mysqli = $config->mysqli;
            $myq = "SELECT *\r\n                FROM `EMPLOYEE`\r\n                WHERE `ID` =  '" . strtoupper($info[$i]["samaccountname"][0]) . "'";
            $result = $mysqli->query($myq);
            SQLerrorCatch($mysqli, $result);
            $row = $result->fetch_assoc();
            echo "Rank: " . $row['GRADE'] . "<br />";
            //echo "Department: " . $row['DESCR'] . "<br />";
            if ($searchResult < 1) {
                //Update newly created user's information with their Active Directory Info
                $myq = "UPDATE `PAYROLL`.`EMPLOYEE` SET \r\n                    `LNAME` = '" . strtoupper($info[$i]["sn"][0]) . "',\r\n                    `FNAME` = '" . strtoupper($info[$i]["givenname"][0]) . "'\r\n                    WHERE EMPLOYEE.IDNUM = '" . $row['IDNUM'] . "'";
                //Perform SQL Query
                $result = $mysqli->query($myq);
                //show SQL error msg if query failed
                if (!SQLerrorCatch($mysqli, $result)) {
                    $result = "Successfully Updated Profile";
                }
            }
            echo "Title: " . $info[$i]["title"][0] . "<br />";
            echo "Department: " . $info[$i]["department"][0] . "<br />";
            echo "Email: " . $info[$i]["mail"][0] . "<br />";
            echo '<input type="hidden" name="foundUserID' . $rowCount . '" value="' . $row['IDNUM'] . '" />';
            echo "</td></tr></table></div><br /><hr />";
            $rowCount++;
        }
    } else {
        popUpMessage("Could Not Bind to LDAP to perform search");
    }
    return $totalRows;
}
Exemple #5
0
function isValidUser($config)
{
    if (!isset($_SESSION['validUser']) || $_SESSION['validUser'] != true) {
        return false;
    } else {
        $timeout = 60;
        //minutes
        if ($_SESSION['timeout'] + $timeout * 60 < time()) {
            //User has been inactive for 30 minutes
            popUpMessage("Your Session has Timed Out. Please log back in");
            logoutUser($config, "Session Timeout after " . $timeout . " Minutes");
            return false;
        } else {
            return true;
        }
    }
}
Exemple #6
0
function SQLerrorCatch($mysqli, $result, $myq = '', $debug = false)
{
    $dbgTrace = debug_backtrace();
    $dbgMsg = "<table><tr><th>Debug backtrace begin:</th></tr>";
    foreach ($dbgTrace as $dbgIndex => $dbgInfo) {
        $dbgMsg .= '<tr width=300><td>' . $dbgInfo['file'] . ' (line ' . $dbgInfo['line'] . ') -> ' . $dbgInfo['function'] . '</td></tr>';
    }
    $dbgMsg .= '<tr><td>Querey Used:</td></tr><tr><td>' . $myq . '</td></tr>';
    $dbgMsg .= "<tr><td> </td></tr><tr><th>Debug backtrace end</th></tr></table>";
    $isError = false;
    try {
        if (!$result) {
            throw new Exception("Database Error [{$mysqli->errno}] {$mysqli->error}");
        }
    } catch (Exception $e) {
        $message = $e->getMessage();
        $isError = true;
        popUpMessage($dbgMsg . '<br/><br/> ' . $message, "Error Message", $width = '800');
        return true;
    }
    if ($debug && !$isError) {
        popUpMessage($dbgMsg, "Debug Message", $width = '800');
    }
    return $isError;
}
function displayReserves($config)
{
    echo '<h3>Reserves Manager</h3>';
    if ($config->adminLvl >= 75) {
        //get passed variables
        $addBtn = isset($_POST['addBtn']) ? true : false;
        $editSelect = isset($_POST['totalRows']) ? $_POST['totalRows'] : false;
        $reserveID = isset($_POST['reserveID']) ? $_POST['reserveID'] : false;
        $goBackBtn = isset($_POST['goBackBtn']) ? true : false;
        $delBtn = isset($_POST['delBtn']) ? true : false;
        $delBtn = isset($_POST['noBtn']) ? false : $delBtn;
        if ($goBackBtn) {
            $addBtn = false;
            $reserveID = false;
        }
        if (isset($_POST['totalRows']) && !$reserveID) {
            for ($i = 0; $i <= $editSelect; $i++) {
                if (isset($_POST['foundUser' . $i])) {
                    $reserveID = $_POST['foundUserID' . $i];
                    break;
                }
            }
        }
        if ($delBtn) {
            $confirmBtn = isset($_POST['confirmBtn']) ? true : false;
            $mysqli = connectToSQL($reserveDB = TRUE);
            if (!$confirmBtn) {
                //Confirm Delete Record
                popUpMessage('Are you Sure? <br/>
                    <form method="POST" name="confirmForm">
                    <input type="submit" name="confirmBtn" value="Yes" />
                    <input type="submit" name="noBtn" value="Cancel" />
                    <input type="hidden" name="delBtn" value="true" />
                    <input type="hidden" name="reserveID" value="' . $reserveID . '" />
                    </form>');
            } else {
                $myq = "DELETE FROM `RESERVE`\r\n                    WHERE `IDNUM` = " . $reserveID . " LIMIT 1";
                $result = $mysqli->query($myq);
                SQLerrorCatch($mysqli, $result);
                addLog($config, 'Reserve with ID ' . $reserveID . ' Deleted');
                $reserveID = false;
                echo 'Reserve Successfully Removed.<br/>';
            }
        }
        //Main Content
        echo '<form name="resManage" method="POST" action="' . $_SERVER['REQUEST_URI'] . '" >';
        echo '<input type="hidden" name="formName" value="resManage" />';
        if (!$addBtn && !$reserveID) {
            reservesTable($config);
            echo '<input type="submit" name="addBtn" value="Add Reserve" />';
        }
        if ($addBtn) {
            //get return to location
            $prevNum = isset($_POST['prevNum']) ? $_POST['prevNum'] : "0";
            $nextNum = isset($_POST['nextNum']) ? $_POST['nextNum'] : "25";
            $limit = isset($_POST['limit']) ? $_POST['limit'] : "25";
            echo '<input type="hidden" name="prevNum" value="' . $prevNum . '" />';
            echo '<input type="hidden" name="nextNum" value="' . $nextNum . '" />';
            echo '<input type="hidden" name="limit" value="' . $limit . '" />';
            showAddReserve($config);
        }
        if (!empty($reserveID)) {
            //get return to location
            $prevNum = isset($_POST['prevNum']) ? $_POST['prevNum'] : "0";
            $nextNum = isset($_POST['nextNum']) ? $_POST['nextNum'] : "25";
            $limit = isset($_POST['limit']) ? $_POST['limit'] : "25";
            echo '<input type="hidden" name="prevNum" value="' . $prevNum . '" />';
            echo '<input type="hidden" name="nextNum" value="' . $nextNum . '" />';
            echo '<input type="hidden" name="limit" value="' . $limit . '" />';
            reserveDetails($config, $reserveID);
        }
        //End Content
        echo '</form>';
    } else {
        echo '<h3>Access Denied!</h3>';
    }
}
 private function showAreYouSureMessage()
 {
     if ($this->isShowAreYouSureMessage) {
         $this->hiddenInputs .= '<input type="hidden" name="reqID" value="' . $this->reqID . '" />
                             <input type="hidden" name="typeID" value="' . $this->typeID . '" />
                             <input type="hidden" name="subTypeID" value="' . $this->subTypeID . '" />
                             <input type="hidden" name="empID" value="' . $this->empID . '" />
                             <input type="hidden" name="useDate" value="' . $this->useDate . '" />
                             <input type="hidden" name="endDate" value="' . $this->endDate . '" />
                             <input type="hidden" name="begTime1" value="' . $this->begTime1 . '" />
                             <input type="hidden" name="begTime2" value="' . $this->begTime2 . '" />
                             <input type="hidden" name="endTime1" value="' . $this->endTime1 . '" />
                             <input type="hidden" name="endTime2" value="' . $this->endTime2 . '" />
                             <input type="hidden" name="empComment" value="' . $this->empComment . '" />
                             <input type="hidden" name="shiftHour" value="' . $this->shiftHourRadio . '" />
                             ';
         popUpMessage('<div align="center"><form method="POST" name="areYouSure">                    
                        ' . $this->reason . '<br/><br/><h4>Are you sure you want to submit another?</h4>
                             <input type="submit" name="confirmBtn" value="Yes" /> 
                             <input type="submit" name="noBtn" value="No" />
                             ' . $this->hiddenInputs . '
                             </form></div>');
     }
 }
 public function expungeRequest($extraInputs = '')
 {
     $confirmBtn = isset($_POST['confirmBtn']) ? true : false;
     if ($this->toUnExpunge) {
         if (!isset($_POST['okBtn'])) {
             $myq = "UPDATE REQUEST \r\n                SET STATUS='PENDING'\r\n                WHERE REFER=" . $this->config->mysqli->real_escape_string($this->toExpungeRefNo);
             $result = $this->mysqli->query($myq);
             if (!SQLerrorCatch($this->config->mysqli, $result, $myq, $debug = false)) {
                 popUpMessage('Request ' . $this->toExpungeRefNo . ' Has been placed back into PENDING State. 
                     <div align="center"><form method="POST">
                     ' . $extraInputs . '                    
                     <input type="submit" name="okBtn" value="OK" />
                     </form></div>');
                 addLog($this->config, 'UnExpunged Time Request with Ref# ' . $this->toExpungeRefNo);
             }
         }
     } else {
         if ($confirmBtn && !empty($_POST['expungedReason'])) {
             $tempRequestForm = new time_request_form($this->config);
             $tempRequestForm->reqID = $this->toExpungeRefNo;
             if ($_SESSION['admin'] || $_SESSION['userIDnum'] == $tempRequestForm->empID) {
                 $myq = "UPDATE REQUEST \r\n                        SET STATUS='EXPUNGED',\r\n                        HRAPP_ID='0',\r\n                        EX_REASON='" . $this->config->mysqli->real_escape_string($_POST['expungedReason']) . "',\r\n                        AUDITID='" . $this->config->mysqli->real_escape_string($_SESSION['userIDnum']) . "',\r\n                        IP= INET_ATON('" . $this->config->mysqli->real_escape_string($_SERVER['REMOTE_ADDR']) . "')\r\n                        WHERE REFER='" . $this->config->mysqli->real_escape_string($this->toExpungeRefNo) . "'";
                 $result = $this->config->mysqli->query($myq);
                 if (!SQLerrorCatch($this->config->mysqli, $result, $myq, $debug = false)) {
                     addLog($this->config, 'Expunged Time Request with Ref# ' . $this->toExpungeRefNo);
                     popUpMessage('Request ' . $this->toExpungeRefNo . ' expunged. 
                                 <div align="center"><form method="POST" action="' . $_SERVER['REQUEST_URI'] . '">
                                 ' . $extraInputs . '                     
                                 <input type="submit" name="okBtn" value="OK" />
                                 </form></div>');
                 }
             } else {
                 popUpMessage('Cannot Expunge request, please see a supervisor 
                     <div align="center"><form method="POST" action="' . $_SERVER['REQUEST_URI'] . '">
                     ' . $extraInputs . '                     
                     <input type="submit" name="okBtn" value="OK" />
                     </form></div>');
             }
         } else {
             if (!isset($_POST['okBtn'])) {
                 $result = "";
                 if (isset($_POST['expungedReason'])) {
                     if (empty($_POST['expungedReason'])) {
                         $result = '<font color="red">Requires a Reason</font><br/>';
                     }
                 }
                 $echo = '<div align="center"><form method="POST">
                 <input name="deleteBtn' . $this->toExpungeIndex . '" type="hidden" value="' . $this->toExpungeRefNo . '" />
                 <input type="hidden" name="totalRows" value="' . $this->toExpungeTotalRows . '" />
                 Request ' . $this->toExpungeRefNo . ' to be expunged<br/>   ' . $result . '
                 Reason:<textarea name="expungedReason"></textarea><br/>
                 <input type="submit" name="confirmBtn" value="CONFIRM EXPUNGE" />
                 <input type="submit" name="okBtn" value="CANCEL" />
                 ' . $extraInputs . ' 
                 </form></div>';
                 popUpMessage($echo);
             }
         }
     }
 }