function remove($id) { $this->db = Staple_DB::get(); if ($id !== null) { $auth = Staple_Auth::get(); $user = new userModel($auth->getAuthId()); $userId = $user->getId(); $accountLevel = $user->getAuthLevel(); $entry = new timeEntryModel($id); $fullDate = $entry->getFullDate(); $inTime = $entry->getInTime(); $outTime = $entry->getOutTime(); $effectedUserId = $entry->getUserId(); $effectedUser = new userModel(); $account = $effectedUser->userInfo($effectedUserId); //Check for admin account delete if ($accountLevel >= 900) { $sql = "DELETE FROM timeEntries WHERE id = '" . $this->db->real_escape_string($id) . "'"; //AND userId <> '".$this->db->real_escape_string($userId)."' if ($this->db->query($sql)) { $audit = new auditModel(); $audit->setUserId($account['id']); $audit->setAction('Admin Entry Remove'); $audit->setItem($user->getUsername() . " removed entry for " . $fullDate . " In Time: " . $inTime . " Out Time: " . $outTime . ""); $audit->save(); return true; } } else { //Check if validated if ($this->validated($id)) { $sql = "DELETE FROM timeEntries WHERE id = '" . $this->db->real_escape_string($id) . "' AND userId = '" . $this->db->real_escape_string($userId) . "'"; if ($this->db->query($sql)) { return true; } } } } }
public function edit($id = null) { if ($id != null) { $entry = new timeEntryModel($id); $data['inTime'] = $entry->getInTime(); $data['outTime'] = $entry->getOutTime(); $data['date'] = $entry->getDate(); $data['lessTime'] = $entry->getLessTime(); $data['code'] = $entry->getCodeId(); $this->view->id = $entry->getId(); $form = new editTimeForm(); $form->setAction($this->_link(array('timesheet', 'edit', $id))); $form->addData($data); //Check for form submission if ($form->wasSubmitted()) { //Add submitted data to the form $form->addData($_POST); //Check form validation if ($form->validate()) { //Export form data into an array $data = $form->exportFormData(); //Check if dates are within the current pay period. $date = new DateTime(); if ($date->format('d') > 25) { $date->modify('+1 month'); } $maxDate = $date->setDate($date->format('Y'), $date->format('m'), 25)->setTime(23, 59, 59)->getTimestamp(); $minDate = $date->modify('-1 month +1 day')->setTime(0, 0, 0)->getTimestamp(); $userDate = strtotime($data['date']); //Date is within pay period if ($userDate >= $minDate && $userDate <= $maxDate) { //Create a new entry object and set properties $entry = new timeEntryModel(); $entry->setId($id); $entry->setDate($data['date']); $entry->setInTime($data['inTime']); $entry->setOutTime($data['outTime']); $entry->setLessTime($data['lessTime']); $entry->setCodeId($data['code']); //Save entry data to table. if ($entry->save()) { //Return a new time form with success message $form->successMessage = array("<i class=\"fa fa-check\"></i> Entry saved for " . $data['date'] . ""); $this->view->form = $form; } else { //Return the same form with a warning message $message = "<i class=\"fa fa-warning\"></i> Cannot insert overlapping time entries. If you are updating an already existing entry, remove that entry and submit a new one."; $form->errorMessage = array($message); $this->view->form = $form; } } else { //Return the same form with error message. $form->errorMessage = array("<i class='fa fa-warning'></i> You may only submit time for the current date period."); $this->view->form = $form; } } else { //Return form with invalid data. $this->view->form = $form; } } else { //Return form $this->view->form = $form; } } else { header("location: " . $this->_link(array('timesheet')) . ""); } }