include "../config/database.class.php";
include "../objects/staff.class.php";
$database = new Database();
$db = $database->getConnection();
$originalOption = new Staff($db);
if (isset($_GET['id'])) {
$id = $_GET['id'];
$originalOption->Id = $id;
$originalOption->selectById();
}
if (isset($_POST['update'])) {
$updatedOption = new Staff($db);
$updatedOption->Id = $_POST['id'];
$updatedOption->FirstName = $_POST['firstname'];
$updatedOption->LastName = $_POST['lastname'];
if ($updatedOption->update() == true) {
header("location:staff.php");
} else {
echo "<script>alert('There was an error updating this item');window.location = 'staff.php' </script>";
}
}
if (isset($_POST['delete'])) {
$updatedOption = new Staff($db);
$updatedOption->Id = $_POST['id'];
if ($updatedOption->delete() == true) {
header("location:staff.php");
} else {
echo "<script>alert('There was an error deleting this item');window.location = 'staff.php' </script>";
}
}
?>
$errors['err']='Uknown command!';
}
}else{
$errors['err']='No groups selected.';
}
}
break;
case 'staff':
include_once(INCLUDE_DIR.'class.staff.php');
$do=strtolower($_POST['do']);
switch($do){
case 'update':
$staff = new Staff($_POST['staff_id']);
if($staff && $staff->getId()) {
if($staff->update($_POST,$errors))
$msg='Staff profile updated successfully';
elseif(!$errors['err'])
$errors['err']='Error updating the user';
}else{
$errors['err']='Internal error';
}
break;
case 'create':
if(($uID=Staff::create($_POST,$errors)))
$msg=Format::htmlchars($_POST['firstname'].' '.$_POST['lastname']).' added successfully';
elseif(!$errors['err'])
$errors['err']='Unable to add the user. Internal error';
break;
case 'mass_process':
//ok..at this point..look WMA.
}
$staff->refresh();
} elseif (isset($_POST['type']) && $_POST['type'] === "info") {
// Looks like we're trying to update our staffing information in the database.
$id = $_SESSION['id'];
$staff->available = $_POST['available'];
$staff->Fname = $_POST['Fname'];
$staff->Lname = $_POST['Lname'];
$staff->city = $_POST['city'];
$staff->state = $_POST['state'];
$staff->zip = $_POST['zip'];
$staff->workType = $_POST['workType'];
$staff->experience = $_POST['experience'];
$staff->education = $_POST['education'];
$staff->salary = $_POST['salary'];
if ($staff->update()) {
$message = "Information was successfully updated.";
} else {
$message = "Encountered an error. Information could not be updated.";
}
} elseif (isset($_POST['type']) && $_POST['type'] === "account") {
// Looks like we're trying to update our account information in the database.
if (isset($_POST['current_pwd'])) {
$user = new User($_SESSION['id'], $_POST['current_pwd'], "id");
// Only allow information to be changed if we can log in with the account.
if ($user->isLoggedIn) {
if (isset($_POST['email'])) {
$email = $_POST['email'];
if ($user->update("Email", trim($_POST['email']))) {
$message = "Email address has been successfully changed.";
}
