function showTimeRequestTable($config, $filters, $orderBy = "ORDER BY REFER DESC", $hiddenInput = '') { $mysqli = $config->mysqli; if (isset($_POST['timeRequestTableRows'])) { $totalRows = $_POST['timeRequestTableRows']; $btnPushed = false; for ($i = 0; $i <= $totalRows; $i++) { if (isset($_POST['pendingBtn' . $i])) { $refNo = $_POST['refNo' . $i]; $hrNotes = isset($_POST['hrReason' . $i]) ? $_POST['hrReason' . $i] : ''; sendRequestToPending($config, $refNo, $hrNotes); $btnPushed = true; } elseif (isset($_POST['approve' . $i])) { $postReason = isset($_POST['reason' . $i]) ? $_POST['reason' . $i] : ''; approveLeaveRequest($config, $_POST['refNo' . $i], "APPROVED", $postReason); $btnPushed = true; } elseif (isset($_POST['deny' . $i])) { approveLeaveRequest($config, $_POST['refNo' . $i], "DENIED", $_POST['reason' . $i]); $btnPushed = true; } elseif (isset($_POST['hrApproveBtn' . $i])) { $hrNotes = isset($_POST['hrReason' . $i]) ? $_POST['hrReason' . $i] : isset($_POST['hrOldNotes' . $i]) ? $_POST['hrOldNotes' . $i] : ''; hrApproveLeaveRequest($config, $_POST['refNo' . $i], $hrNotes); $btnPushed = true; } elseif (isset($_POST['expungeBtn' . $i]) || isset($_POST['unExpungeBtn' . $i])) { $toExpungeRefNo = $_POST['refNo' . $i]; $toExpungeIndex = $i; $toExpungeTotalRows = $totalRows; $toExpunge = true; $toUnExpunge = false; if (isset($_POST['unExpungeBtn' . $i])) { $toUnExpunge = true; } $btnPushed = true; } if ($btnPushed) { echo "<script language=\"javascript\" >\r\n document.body.onload = new function () {\r\n window.location.hash = '#editBtn" . $i . "';\r\n }\r\n </script>\r\n "; break; } } } if ($config->adminLvl < 25) { //only allow to search own reference numbers $filters = "'WHERE REQUEST.IDNUM = '" . $config->mysqli->real_escape_string($_SESSION['userIDnum']); } $myq = "SELECT REFER 'RefNo', REQ.MUNIS 'Munis', CONCAT_WS(', ',REQ.LNAME,REQ.FNAME) 'Name', \r\n DATE_FORMAT(USEDATE,'%b %d, %Y - %a') 'Used', STATUS 'Status',\r\n DATE_FORMAT(BEGTIME,'%H%i') 'Start',\r\n DATE_FORMAT(ENDTIME,'%H%i') 'End', HOURS 'Hrs',\r\n T.DESCR 'Type', SUBTYPE 'Subtype', CALLOFF 'Calloff', NOTE 'Comment', \r\n APR.LNAME 'ApprovedBy', \r\n DATE_FORMAT(REQUEST.ApprovedTS,'%b %d, %Y') 'approveTS',\r\n REASON 'Reason', HRAPP_IS 'HR_Approved', HR.LNAME 'HRLName', HR.FNAME 'HRFName', REQUEST.HR_NOTES AS 'HRNOTES'\r\n FROM REQUEST\r\n LEFT JOIN EMPLOYEE AS REQ ON REQ.IDNUM=REQUEST.IDNUM\r\n LEFT JOIN EMPLOYEE AS APR ON APR.IDNUM=REQUEST.APPROVEDBY\r\n LEFT JOIN EMPLOYEE AS HR ON HR.IDNUM=REQUEST.HRAPP_ID\r\n INNER JOIN TIMETYPE AS T ON T.TIMETYPEID=REQUEST.TIMETYPEID\r\n " . $filters . "\r\n " . $config->mysqli->real_escape_string($orderBy) . "\r\n "; $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result, $myq, $debug = FALSE); $theTable = array(array()); $x = 0; $y = 0; $theTable[$x][$y] = "Actions"; $y++; $theTable[$x][$y] = "Ref#"; $y++; $theTable[$x][$y] = "Employee"; $y++; $theTable[$x][$y] = "Date_of_Use"; $y++; $theTable[$x][$y] = "Start Time"; $y++; $theTable[$x][$y] = "End Time"; $y++; $theTable[$x][$y] = "Hours"; $y++; $theTable[$x][$y] = "Type"; $y++; $theTable[$x][$y] = "Subtype"; $y++; $theTable[$x][$y] = "Call Off"; $y++; $theTable[$x][$y] = "Comment"; $y++; $theTable[$x][$y] = 'Status'; $y++; $theTable[$x][$y] = 'Approved By'; $y++; $theTable[$x][$y] = 'Approved Time'; $y++; $theTable[$x][$y] = 'Reason'; $y++; $theTable[$x][$y] = 'HR Approval'; $y++; $theTable[$x][$y] = 'HR Notes'; $y++; $x++; while ($row = $result->fetch_assoc()) { $y = 0; $theTable[$x][$y] = '<input type="submit" id="editBtn' . $x . '" name="editBtn' . $x . '" value="Edit/View" onClick="this.form.action=' . "'?leave=true'" . '; this.form.submit()" />' . '<input type="hidden" name="requestID' . $x . '" value="' . $row['RefNo'] . '" />'; if ($row['Status'] == "EXPUNGED") { $theTable[$x][$y] .= ''; } else { if (!$row['HR_Approved']) { $theTable[$x][$y] .= '<input type="submit" name="expungeBtn' . $x . '" value="Delete" />'; } if ($row['HR_Approved'] && $config->adminLvl >= 50 && $config->adminLvl != 75) { $theTable[$x][$y] .= '<input type="submit" name="expungeBtn' . $x . '" value="Delete" />'; } } $y++; $theTable[$x][$y] = '<input type="hidden" name="refNo' . $x . '" value="' . $row['RefNo'] . '" />' . $row['RefNo']; $y++; $empMunis = $row['Munis']; $empName = $row['Name']; $theTable[$x][$y] = $empName; $y++; $theTable[$x][$y] = $row['Used']; $y++; $theTable[$x][$y] = $row['Start']; $y++; $theTable[$x][$y] = $row['End']; $y++; $theTable[$x][$y] = $row['Hrs']; $y++; $theTable[$x][$y] = $row['Type']; $y++; $theTable[$x][$y] = $row['Subtype']; $y++; $theTable[$x][$y] = $row['Calloff']; $y++; $theTable[$x][$y] = $row['Comment']; $y++; if ($row['Status'] != 'PENDING' && $config->adminLvl >= 25) { $theTable[$x][$y] = $row['Status']; if (!empty($row['Reason'])) { $theTable[$x][$y] .= '<br/><font color="darkred">' . $row['Reason'] . '</font>'; } if (!$row['HR_Approved']) { $theTable[$x][$y] .= '<Br/><input type="submit" name="pendingBtn' . $x . '" value="Send to Pending" />'; } elseif ($row['HR_Approved'] && $config->adminLvl >= 50 && $config->adminLvl != 75) { $theTable[$x][$y] .= '<Br/><input type="submit" name="pendingBtn' . $x . '" value="Send to Pending" />'; } } elseif ($row['Status'] == 'PENDING' && $config->adminLvl >= 25) { $theTable[$x][$y] = $row['Status']; $theTable[$x][$y] .= "<br/><input type='submit' name='approve{$x}' value='APPROVED' size='15'/> "; $theTable[$x][$y] .= "<input type='submit' name='deny{$x}' value='DENIED' size='15'><br/>"; $theTable[$x][$y] .= 'Reason:<br/><textarea rows="2" cols="21" name="reason' . $x . '" ></textarea>'; } else { $theTable[$x][$y] = $row['Status'] . '</br><font color="darkred">' . $row['Reason'] . '</font>'; } $y++; $theTable[$x][$y] = $row['ApprovedBy']; $y++; $theTable[$x][$y] = $row['approveTS']; $y++; $theTable[$x][$y] = $row['Reason']; $y++; if (!$row['HR_Approved'] && $row['Status'] != "DENIED") { $theTable[$x][$y] = 'Pending'; if ($row['Status'] == "APPROVED" && $config->adminLvl >= 50 && $config->adminLvl != 75) { $theTable[$x][$y] = '<font color="darkred">Pending</font>'; $theTable[$x][$y] .= '<input type="submit" name="hrApproveBtn' . $x . '" value="HR Approve" />'; $y++; $theTable[$x][$y] = '<textarea rows="2" cols="21" name="hrReason' . $x . '" ></textarea>'; } else { $y++; $theTable[$x][$y] = ''; } } elseif ($row['Status'] == "DENIED") { $theTable[$x][$y] = 'No Action Required'; $y++; $theTable[$x][$y] = '<font color="darkred"> <input type="hidden" name="hrOldNotes' . $x . '" value="' . $row['HRNOTES'] . '" />' . $row['HRNOTES'] . '</font>'; } else { $theTable[$x][$y] = '<div align="center"><h3><font color="darkred">Approved</font></h3></div>'; $y++; $theTable[$x][$y] = '<font color="darkred"> <input type="hidden" name="hrOldNotes' . $x . '" value="' . $row['HRNOTES'] . '" />' . $row['HRNOTES'] . '</font>'; } $y++; $x++; } if ($config->adminLvl >= 50 && $config->adminLvl != 75) { showSortableTable($theTable, 2, "timeRequestTable"); } else { showSortableTable($theTable, 2, "timeRequestTable"); } echo '<input type="hidden" name="timeRequestTableRows" value="' . $x . '" />'; if ($toExpunge) { echo '</form>'; $hiddenInput .= '<input type="hidden" name="timeRequestTableRows" value="2" /> <input type="hidden" name="expungeBtn1" value="true" /> <input type="hidden" name="refNo1" value="' . $toExpungeRefNo . '" /> '; expungeRequest($config->mysqli, $toExpungeRefNo, $toUnExpunge, $toExpungeIndex, $toExpungeTotalRows, $hiddenInput); echo '<form method=POST name="requestTable">'; } }
function displayUserVerify($config) { $mysqli = $config->mysqli; $myq = "SELECT E.IDNUM, E.ID, E.LNAME, E.FNAME, E.RADIO, E.SUPV, E.HOMEPH, E.CELLPH, E.WORKPH, E.DOB, E.EMERGCON, D.DESCR\n FROM `EMPLOYEE` E\n LEFT JOIN DIVISION AS D USING (DIVISIONID)\n LEFT JOIN EMPLOYEE AS SUP ON E.IDNUM=SUP.IDNUM\n WHERE E.IS_VERIFY = 0\n ORDER BY E.LNAME"; $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result); if ($config->adminLvl >= 50) { $theTable = array(array()); $x = 0; $formName = "userVerify"; echo '<h3>Verify Users</h3><form name="' . $formName . '" method="POST">'; $theTable[$x][0] = "Edit"; $theTable[$x][1] = "Deputy"; $theTable[$x][2] = "Radio #"; $theTable[$x][3] = "Division"; $theTable[$x][4] = "Supervisor"; $theTable[$x][5] = "Home Phone"; $theTable[$x][6] = "Cell Phone"; $theTable[$x][7] = "Work Phone"; $theTable[$x][8] = "Date Of Birth"; $theTable[$x][9] = "Emergency Contact"; while ($row = $result->fetch_assoc()) { $x++; $theTable[$x][0] = '<input type="hidden" name="foundUserID' . $x . '" value= "' . $row['IDNUM'] . '" /> ' . $x . '<input type="radio" name="foundUser' . $x . '" onClick="this.form.action=' . "'?updateProfile=true'" . ';this.form.submit()" />'; $theTable[$x][1] = $row['LNAME'] . ", " . $row['FNAME']; $theTable[$x][2] = $row['RADIO']; $theTable[$x][3] = $row['DESCR']; $theTable[$x][4] = $row['SUPV']; $theTable[$x][5] = $row['HOMEPH']; $theTable[$x][6] = $row['CELLPH']; $theTable[$x][7] = $row['WORKPH']; $theTable[$x][8] = $row['DOB']; $theTable[$x][9] = $row['EMERGCON']; } showSortableTable($theTable, 1); echo '<input type="hidden" name="formName" value="' . $formName . '" /><a href="javascript:window.print()">Print</a></form>'; } else { echo 'Unauthorized Access'; } }
function displaySecLogReport($config) { echo '<h2>Secondary Employement Logs Reports By Date</h2>'; if ($config->adminLvl >= 25) { $dateFrom = isset($_POST['dateFrom']) ? $_POST['dateFrom'] : false; $dateTo = isset($_POST['dateTo']) ? $_POST['dateTo'] : false; echo '<form method="POST" name="secLog">'; if (!$dateFrom) { $dateFrom = Date('m/d/Y', time()); $dateTo = Date('m/d/Y', time()); echo 'Date From '; //echo '<input name="dateSelect" type="text" value="'.$dateSelect.'" />'; displayDateSelect("dateFrom", "dateSel", false, false, true, false); echo ' To '; displayDateSelect("dateTo", "dateSel2", false, false, true, false); echo ' <input id="goBtn" type=submit name="goBtn" value="Go" /><br />'; } else { if ($dateTo < $dateFrom) { echo '<font color="red">Invalid Entry! "To" Date must be greater than or equal to "From" Date</font></br></br>'; } echo '<h3>Date: '; displayDateSelect("dateFrom", "dateSel", $dateFrom, false, false, false); echo ' To '; if ($dateTo < $dateFrom) { $dateTo = $dateFrom; displayDateSelect("dateTo", "dateSel2", $dateTo, true, false, false); } else { displayDateSelect("dateTo", "dateSel2", $dateTo, false, false, false); } echo ' <input id="goBtn" type=submit name="goBtn" value="Go" /><br />'; } $mysqli = $config->mysqli; /*query unions the results of joins on two different tables (EMPLOYEE and RESERVE) depending on the value of SECLOG.IS_RESERVE */ $myq = "SELECT S.GPNUM 'gpID', CONCAT_WS(', ',SEC.LNAME,SEC.FNAME) 'DEPUTYID', S.RADIO, \r\n TIME_FORMAT(TIMEIN,'%H%i') 'TIMEIN',\r\n CONCAT_WS(', ',LOGIN.LNAME,LOGIN.FNAME) 'AUDIT_IN_ID', LOCATION, S.CITY,\r\n TIME_FORMAT(SHIFTSTART,'%H%i') 'SHIFTSTART', TIME_FORMAT(SHIFTEND,'%H%i') 'SHIFTEND',\r\n DRESS, TIME_FORMAT(TIMEOUT,'%H%i') 'TIMEOUT', \r\n CONCAT_WS(', ',LOGOUT.LNAME,LOGOUT.FNAME) 'AUDIT_OUT_ID', \r\n CONCAT_WS(', ',SUP.LNAME,SUP.FNAME) 'SUP_ID', DATE_FORMAT(SUP_TIME,'%m/%d/%y %H%i') 'SUP_TIME',\r\n PHONE, S.IDNUM\r\n FROM SECLOG S\r\n INNER JOIN EMPLOYEE AS SEC ON S.DEPUTYID=SEC.IDNUM\r\n LEFT JOIN EMPLOYEE AS LOGIN ON S.AUDIT_IN_ID=LOGIN.IDNUM\r\n LEFT JOIN EMPLOYEE AS LOGOUT ON S.AUDIT_OUT_ID=LOGOUT.IDNUM\r\n LEFT JOIN EMPLOYEE AS SUP ON S.SUP_ID=SUP.IDNUM\r\n WHERE `SHIFTDATE` BETWEEN '" . Date('Y-m-d', strtotime($dateFrom)) . "'\r\n AND '" . Date('Y-m-d', strtotime($dateTo)) . "'\r\n AND S.IS_RESERVE=0\r\n\r\n UNION\r\n\r\n SELECT S.GPNUM 'gpID', CONCAT_WS(', ',SEC.LNAME,SEC.FNAME) 'DEPUTYID', S.RADIO,\r\n TIME_FORMAT(TIMEIN,'%H%i') 'TIMEIN',\r\n CONCAT_WS(', ',LOGIN.LNAME,LOGIN.FNAME) 'AUDIT_IN_ID', LOCATION, S.CITY,\r\n TIME_FORMAT(SHIFTSTART,'%H%i') 'SHIFTSTART', TIME_FORMAT(SHIFTEND,'%H%i') 'SHIFTEND',\r\n DRESS, TIME_FORMAT(TIMEOUT,'%H%i') 'TIMEOUT', \r\n CONCAT_WS(', ',LOGOUT.LNAME,LOGOUT.FNAME) 'AUDIT_OUT_ID', \r\n CONCAT_WS(', ',SUP.LNAME,SUP.FNAME) 'SUP_ID', DATE_FORMAT(SUP_TIME,'%m/%d/%y %H%i') 'SUP_TIME',\r\n PHONE, S.IDNUM\r\n FROM SECLOG S\r\n INNER JOIN RESERVE AS SEC ON S.DEPUTYID=SEC.IDNUM\r\n LEFT JOIN EMPLOYEE AS LOGIN ON S.AUDIT_IN_ID=LOGIN.IDNUM\r\n LEFT JOIN EMPLOYEE AS LOGOUT ON S.AUDIT_OUT_ID=LOGOUT.IDNUM\r\n LEFT JOIN EMPLOYEE AS SUP ON S.SUP_ID=SUP.IDNUM\r\n WHERE `SHIFTDATE` BETWEEN '" . Date('Y-m-d', strtotime($dateFrom)) . "'\r\n AND '" . Date('Y-m-d', strtotime($dateTo)) . "'\r\n AND S.IS_RESERVE=1\r\n ORDER BY 'gpID'"; $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result, $myq, $debug = false); $echo = ''; $x = 0; $y = 0; //resultTable($mysqli, $result, 'false'); $showAll = true; $theTable = array(array()); $theTable[$x][$y] = "Action"; $y++; $theTable[$x][$y] = "# in Group"; $y++; $theTable[$x][$y] = "Deputy"; $y++; $theTable[$x][$y] = "Radio#"; $y++; $theTable[$x][$y] = "Log In"; $y++; $theTable[$x][$y] = "C/Deputy"; $y++; $theTable[$x][$y] = "Site Name/Address"; $y++; $theTable[$x][$y] = "City/Twp"; $y++; $theTable[$x][$y] = "Contact#"; $y++; $theTable[$x][$y] = "Shift Start"; $y++; $theTable[$x][$y] = "Shift End"; $y++; $theTable[$x][$y] = "Dress"; $y++; $theTable[$x][$y] = "Log Off"; $y++; $theTable[$x][$y] = "C/Deputy"; $y++; $theTable[$x][$y] = "Supervisor"; $y++; $theTable[$x][$y] = "Sign Off"; $y++; $lastGroupID = ''; $groupCounter = 0; while ($row = $result->fetch_assoc()) { if ($row['gpID'] == $lastGroupID && $lastGroupID != 0) { $gpCountSQL = $config->mysqli; $gpCountq = "SELECT GPNUM FROM SECLOG WHERE GPNUM='" . $row['gpID'] . "'"; $gpCountresult = $mysqli->query($gpCountq); SQLerrorCatch($gpCountSQL, $gpCountresult); $theTable[$x][0] .= ', ' . $row['IDNUM']; $theTable[$x][2] = $gpCountresult->num_rows; } else { $groupCounter = 1; if (strcmp($row['TIMEOUT'], "0000") == 0 || $showAll || strcmp($row['SUP_TIME'], "00/00/00 0000") == 0) { $x++; if (strcmp($row['SUP_TIME'], "00/00/00 0000") == 0) { // $theTable[$x][0] = '<input type="submit" name="secLogApproved'.$x.'" value="Approve" /> // <input type="hidden" name="secLogID'.$x.'" value="'.$row['IDNUM'].'" /> // <input type="submit" value="Edit/View" name="secLogRadio'.$x.'" />'; $theTable[$x][0] = 'Ref# ' . $row['IDNUM']; } else { $theTable[$x][0] = 'Ref# ' . $row['IDNUM']; //$theTable[$x][0] .= '<input type="submit" value="Edit/View" name="secLogRadio'.$x.'" /> //<input type="hidden" name="secLogID'.$x.'" value="'.$row['IDNUM'].'" />'; } $y = 1; $theTable[$x][$y] = $groupCounter; $y++; $theTable[$x][$y] = $row['DEPUTYID']; $y++; $theTable[$x][$y] = $row['RADIO']; $y++; $theTable[$x][$y] = $row['TIMEIN']; $y++; $theTable[$x][$y] = $row['AUDIT_IN_ID']; $y++; $theTable[$x][$y] = $row['LOCATION']; $y++; $theTable[$x][$y] = $row['CITY']; $y++; $theTable[$x][$y] = $row['PHONE']; $y++; $theTable[$x][$y] = $row['SHIFTSTART']; $y++; $theTable[$x][$y] = $row['SHIFTEND']; $y++; $theTable[$x][$y] = $row['DRESS']; $y++; $theTable[$x][$y] = $row['TIMEOUT']; $y++; $theTable[$x][$y] = $row['AUDIT_OUT_ID']; $y++; $theTable[$x][$y] = $row['SUP_ID']; $y++; $theTable[$x][$y] = $row['SUP_TIME']; $y++; $lastGroupID = $row['gpID']; } } } //end while loop showSortableTable($theTable, 3); $echo .= '<input type="hidden" name="editRows" value="' . $x . '" />'; echo $echo; } else { echo 'Access Denied'; } }
function showRadioLogDetails($config, $radioLogID, $isEditing = false, $isApprove = false) { $checkOutRadio = isset($_POST['addRadioLog']) ? true : false; $checkInRadio = isset($_POST['checkInRadio']) ? true : false; $updateRadioLog = isset($_POST['updateRadioLog']) ? true : false; $num_deputies = isset($_POST['num_deputies']) ? $_POST['num_deputies'] : 0; $totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : 0; $mysqli = $config->mysqli; $mysqliReserve = connectToSQL($reserveDB = TRUE); if ($checkOutRadio) { //get passed values echo '<h2><font color="red">Results</font></h2>'; if ($num_deputies > 0) { for ($i = 0; $i < $num_deputies; $i++) { $deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : false; $radioCallNum[$i] = isset($_POST['radioCallNum' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['radioCallNum' . $i])) : ''; $isReserve[$i] = isset($_POST['isReserve' . $i]) ? '1' : '0'; } $radioID = isset($_POST['radioID']) ? $mysqli->real_escape_string(strtoupper($_POST['radioID'])) : ''; $podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : ''; $checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : ''; $gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0; for ($i = 0; $i < $num_deputies; $i++) { $gpIDq = "SELECT MAX( GPNUM ) 'gpID' FROM WTS_RADIOLOG"; $gpResult = $mysqli->query($gpIDq); SQLerrorCatch($mysqli, $gpResult); $row = $gpResult->fetch_assoc(); if ($gpID != 0) { $groupID = $gpID; } else { $groupID = 0; if ($num_deputies == 1) { //Set Group ID to 0 or Individual } else { if ($i == 0) { $groupID = $row['gpID'] + 1; } else { $groupID = $row['gpID']; } } } checkOutItem($config, $deputyID[$i], $radioCallNum[$i], $radioID, $checkOutType, $isReserve[$i], $groupID); } } else { echo 'Must select a user.<br />'; } echo '<br />'; //display results and get secLogID just added } if ($checkInRadio) { $radioLogID = isset($_POST['radioLogID']) ? $_POST['radioLogID'] : ''; checkInRadioLog($config, $radioLogID); $isEditing = true; } if ($updateRadioLog) { ////get posted values $radioLogID = isset($_POST['radioLogID']) ? $mysqli->real_escape_string($_POST['radioLogID']) : ''; $radioID = isset($_POST['radioID']) ? $mysqli->real_escape_string(strtoupper($_POST['radioID'])) : ''; $podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : ''; $radioCallNum = isset($_POST['radioCallNum']) ? $mysqli->real_escape_string(strtoupper($_POST['radioCallNum'])) : ''; $checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : ''; updateRadioLog($config, $radioLogID, $radioCallNum, $radioID, $podID, $checkOutType); $isEditing = true; } if ($isEditing) { if ($config->adminLvl >= 0) { $mysqli = $config->mysqli; $myq = "SELECT R.REFNUM, R.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n FROM WTS_RADIOLOG R\r\n JOIN EMPLOYEE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n WHERE R.REFNUM = '" . $radioLogID . "' AND IS_RESERVE=0\r\n UNION\r\n SELECT R.REFNUM, R.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n FROM WTS_RADIOLOG R\r\n JOIN RESERVE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n WHERE R.REFNUM = '" . $radioLogID . "' AND IS_RESERVE=1\r\n "; $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result); $row = $result->fetch_assoc(); if ($row['gpID'] != 0) { //get all users echo '<div align="center">Group Reference #: ' . $row['gpID'] . ' <input type="hidden" name="gpID" value="' . $row['gpID'] . '" /></div>'; $newq = "SELECT R.REFNUM 'refNum', R.GPNUM 'gpID', \r\n CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n FROM WTS_RADIOLOG R\r\n JOIN EMPLOYEE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n WHERE R.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=0\r\n UNION\r\n SELECT R.REFNUM 'refNum', R.GPNUM 'gpID', \r\n CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n FROM WTS_RADIOLOG R\r\n JOIN RESERVE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n WHERE R.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=1\r\n ORDER BY R.REFNUM"; $newResult = $mysqli->query($newq); SQLerrorCatch($mysqli, $newResult); $x = 0; $y = 0; $depTable = array(array()); $depTable[$x][$y] = "Reference#"; $y++; $depTable[$x][$y] = "Deputy"; $y++; $depTable[$x][$y] = "Radio#"; $y++; $depTable[$x][$y] = "Action"; $y++; $x++; while ($newRow = $newResult->fetch_assoc()) { $y = 0; $depTable[$x][$y] = $newRow['refNum'] . ' <input type="hidden" name="radioLogID' . $x . '" value="' . $newRow['refNum'] . '" />'; $y++; $depTable[$x][$y] = $newRow['DEPUTYNAME']; $y++; $depTable[$x][$y] = '<input type="text" name="radioCallNum' . $x . '" value="' . $newRow['RADIO_CALLNUM'] . '" />'; $y++; if (strcmp($newRow['inTime'], "00/00/000 0000") == 0) { $depTable[$x][$y] = '<input type="submit" value="Update" name="updateRadioLog' . $x . '" /> <input type="submit" value="LogOut" name="logoutRadioLog' . $x . '" /><br/>'; $y++; } else { if ($config->adminLvl >= 25) { $depTable[$x][$y] = '<input type="submit" value="Update" name="updateRadioLog' . $x . '" /> Checked in at ' . $newRow['inTime']; $y++; } else { $depTable[$x][$y] = 'Checked in at ' . $newRow['inTime']; $y++; } } $x++; } showSortableTable($depTable, 1); } else { echo '<br/>Reference #: ' . $radioLogID . '<input type="hidden" name="radioLogID" value="' . $radioLogID . '" /><br /> Deputy: ' . $row['DEPUTYNAME'] . '<br/> Radio#: <input type="text" name="radioCallNum" value="' . $row['RADIO_CALLNUM'] . '" /><br/>'; } echo '<div align="left">Add Deputy: <button type="button" name="searchBtn" value="Lookup Employee" onClick="this.form.action=' . "'?userLookup=true'" . ';this.form.submit()" > Lookup Employee</button></div><br/>'; echo '<br/> Radio Number: '; selectRadioInventory($config, "radioID", $row['RADIOID']); echo '<br/><br/>'; if ($row['TYPE'] == "LOANER") { echo '<input type="radio" name="checkOutType" value="LOANER" CHECKED>LOANER</input>'; } else { echo '<input type="radio" name="checkOutType" value="LOANER">LOANER</input>'; } if ($row['TYPE'] == "PERM") { echo '<input type="radio" name="checkOutType" value="PERM" CHECKED>PERMANENT</input>'; } else { echo '<input type="radio" name="checkOutType" value="PERM">PERMANENT</input>'; } if ($row['TYPE'] == "POD") { echo '<input type="radio" name="checkOutType" value="POD" CHECKED>SHIFT ASSIGNMENT</input><br/>'; } else { echo '<input type="radio" name="checkOutType" value="POD">SHIFT ASSIGNMENT</input><br/>'; } echo '<br/>Checked in time: '; if (strcmp($row['inTime'], "00/00/00 0000") == 0) { echo "<font color=red><b>Not Checked back in Yet</b></font><br /><br />"; if ($row['gpID'] != 0) { echo '<input type="submit" name="checkInAllRadio" value="Check in All" />'; } else { echo '<input type="submit" name="checkInRadio" value="Check Back In" />'; } } else { echo $row['inTime'] . '<br /><br />'; } if (strcmp($row['inTime'], "00/00/0000 0000") == 0 || $config->adminLvl >= 25) { if ($row['gpID'] != 0) { echo '<input type="submit" name="updateRadioLogAll" value="Update All" />'; } else { echo '<input type="submit" name="updateRadioLog" value="Update" />'; } } if ($isApprove) { echo '<input type="submit" name="backToApprove" value="Back To Approvals" />'; } else { echo '<input type="submit" name="goBtn" value="Back To Logs" />'; } } else { echo 'Access Denied'; } } if (!$isEditing && !isset($_POST['goBtn'])) { echo '<br/><br/>'; $radioLogID = isset($_POST['secLogID']) ? $mysqli->real_escape_string($_POST['secLogID']) : ''; $radioID = isset($_POST['radioID']) ? $mysqli->real_escape_string(strtoupper($_POST['radioID'])) : ''; $podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : ''; $checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : ''; //debug //var_dump($_POST); //Show previously added deputies $deputyCount = 0; if ($num_deputies > 0) { for ($i = 0; $i < $num_deputies; $i++) { if (!isset($_POST['removeDeputyBtn' . $i])) { $deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : ''; $isReserve[$i] = isset($_POST['isReserve' . $i]) ? true : false; //get this user's information if ($isReserve[$i]) { $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $deputyID[$i]; $result = $mysqliReserve->query($myq); SQLerrorCatch($mysqliReserve, $result); $row = $result->fetch_assoc(); } else { $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $deputyID[$i]; $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result); $row = $result->fetch_assoc(); } if ($i == 0) { $phone = $row['CELLPH']; } echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $deputyID[$i] . '" />'; if ($isReserve[$i] == 1) { echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />'; } echo $row['LNAME'] . ', ' . $row['FNAME']; echo '; Radio Call #: <input type="hidden" name="radioCallNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />' . $row['RADIO']; echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />'; echo '<br/>'; $deputyCount++; } } //End for loop of previously added deputies } //End check for multiple deputies //Get added Deputy $totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : 0; $foundUserFNAME = ''; $foundUserLNAME = ''; $foundUserName = ''; $foundUserID = ''; if ($totalRows > 0) { //get post info providied from search results for ($i = 0; $i <= $totalRows; $i++) { if (isset($_POST['foundUser' . $i])) { $foundUserFNAME = $_POST['foundUserFNAME' . $i]; $foundUserLNAME = $_POST['foundUserLNAME' . $i]; $foundUserName = $_POST['foundUserName' . $i]; $foundUserID = $_POST['foundUserID' . $i]; if (isset($_POST['isReserve' . $i])) { $foundUserIsReserve = true; } else { $foundUserIsReserve = false; } break; } //end if } //end for } if (empty($foundUserID) && $num_deputies == 0) { //security check for central control computer if ($_SERVER['REMOTE_ADDR'] != nslookup('WSRF14900.mahoningcountyoh.gov')) { //'10.1.32.72' //Default first deputy to logged in user on first load $foundUserID = $_SESSION['userIDnum']; $foundUserIsReserve = false; } } if (!empty($foundUserID)) { if ($foundUserIsReserve) { $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $foundUserID; $result = $mysqliReserve->query($myq); SQLerrorCatch($mysqliReserve, $result); } else { $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $foundUserID; $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result); } $row = $result->fetch_assoc(); if ($deputyCount == 0) { $phone = $row['CELLPH']; } echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $foundUserID . '" />'; if ($foundUserIsReserve) { echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />'; } echo $row['LNAME'] . ', ' . $row['FNAME']; echo '; Radio Call#: <input type="hidden" name="radioCallNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />' . $row['RADIO']; echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />'; echo '<br/>'; $deputyCount++; } echo 'Add Deputy: '; displayUserLookup($config); echo '<input type="hidden" name="num_deputies" value="' . $deputyCount . '" />'; $gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0; echo '<br/><br/><input type="hidden" name="gpID" value="' . $gpID . '" /> Radio Number: '; selectRadioInventory($config, "radioID", $radioID); echo '<br/><br/>'; if ($checkOutType == "LOANER") { echo '<input type="radio" name="checkOutType" value="LOANER" CHECKED>LOANER</input>'; } else { echo '<input type="radio" name="checkOutType" value="LOANER">LOANER</input>'; } if ($checkOutType == "PERM") { echo '<input type="radio" name="checkOutType" value="PERM" CHECKED>PERMANENT</input>'; } else { echo '<input type="radio" name="checkOutType" value="PERM">PERMANENT</input>'; } if ($checkOutType == "POD") { echo '<input type="radio" name="checkOutType" value="POD" CHECKED>SHIFT ASSIGNMENT</input><br/>'; } else { echo '<input type="radio" name="checkOutType" value="POD">SHIFT ASSIGNMENT</input><br/>'; } echo '<br/><input type="hidden" name="addBtn" value="true" /> <input type="submit" name="addRadioLog" value="Check Out Radio" /> <input type="submit" name="goBtn" value="Cancel" />'; } }
function overtimeReport($config) { echo '<h3>Employee Overtime Reports</h3>'; if ($config->adminLvl >= 25) { $mysqli = $config->mysqli; //Get variables $repYear = isset($_POST['repYear']) ? $_POST['repYear'] : $config->installYear; //Select year echo '<form method=POST>'; echo '</div><div class="login"><table><tr><td>Report Year: <select name="repYear" onchange="this.form.submit()">'; for ($i = $config->installYear; $i <= date('Y'); $i++) { echo '<option value="' . $i . '"'; if ($repYear == $i) { echo ' SELECTED'; } echo '>' . $i . '</option>'; } echo '</select></td>'; $startDate = new DateTime($repYear . '-01-01'); $endDate = new DateTime($repYear . '-12-31'); if (isset($_POST['viewDetailsBtn']) && !isset($_POST['backBtn'])) { $empID = $_POST['empID']; echo '<td width=470 align=right><input type="submit" name="backBtn" value="Back to List" /> <input type="hidden" name="viewDetailsBtn" value="true" /> <input type="hidden" name="empID" value="' . $empID . '" /> </td></tr></table></div><div class="post">'; empTimeReportByPay($config, $startDate, $endDate, $empID); echo '</form>'; } else { if ($config->adminLvl >= 25) { echo '<td width=470 align=right>Choose a Division: <select name="divisionID" onchange="this.form.submit()">'; if (isset($_POST['divisionID'])) { $myDivID = $_POST['divisionID']; } else { if ($config->adminLvl >= 50) { $myDivID = "All"; } else { $mydivq = "SELECT DIVISIONID FROM EMPLOYEE E WHERE E.IDNUM='" . $_SESSION['userIDnum'] . "'"; $myDivResult = $mysqli->query($mydivq); SQLerrorCatch($mysqli, $myDivResult); $temp = $myDivResult->fetch_assoc(); $myDivID = $temp['DIVISIONID']; } } $alldivq = "SELECT * FROM `DIVISION` WHERE 1"; $allDivResult = $mysqli->query($alldivq); SQLerrorCatch($mysqli, $allDivResult); while ($Divrow = $allDivResult->fetch_assoc()) { echo '<option value="' . $Divrow['DIVISIONID'] . '"'; if ($Divrow['DIVISIONID'] == $myDivID) { echo ' SELECTED '; } echo '>' . $Divrow['DESCR'] . '</option>'; } if ($config->adminLvl >= 25) { if (isset($_POST['divisionID'])) { if ($myDivID == "All") { echo '<option value="All" SELECTED>All</option>'; } else { echo '<option value="All">All</option>'; } } else { if ($myDivID == "All") { echo '<option value="All" SELECTED>All</option>'; } else { echo '<option value="All">All</option>'; } } } echo '</select></td>'; } echo '</tr></table>'; $isApproveStatus = isset($_POST['approvedStatus']) ? true : false; if (!isset($_POST['clicked'])) { $isApproveStatus = true; } $isPendingStatus = isset($_POST['pendingStatus']) ? true : false; echo '<div align=right><form method=POST><input type="hidden" name="clicked" value="true" />'; //Status = approved echo '<input onChange="this.form.submit()" type="checkbox" value="true" name="approvedStatus"'; if ($isApproveStatus) { echo ' CHECKED'; } echo ' />Status: Approved<Br/>'; //status = pending echo '<input onChange="this.form.submit()" type="checkbox" value="true" name="pendingStatus"'; if ($isPendingStatus) { echo ' CHECKED'; } echo ' />Status: Pending<br/>'; echo '</form></div></div><div class="post">'; if ($myDivID == "All") { $myDivID = ""; } else { $myDivID = "AND REQ.DIVISIONID='" . $myDivID . "'"; } $status = ''; if ($isApproveStatus && $isPendingStatus) { $status = "AND (STATUS = 'APPROVED' OR STATUS = 'PENDING')"; } else { if ($isApproveStatus) { $status = "AND STATUS = 'APPROVED'"; } else { if ($isPendingStatus) { $status = "AND STATUS = 'PENDING'"; } else { $status = "AND STATUS=''"; } } } $myq = "SELECT REFER 'RefNo', REQ.IDNUM 'REQID', REQ.MUNIS 'Munis', CONCAT_WS(', ',REQ.LNAME,REQ.FNAME) 'Name', \r\n DATE_FORMAT(USEDATE,'%a %d %b %Y') 'Used', STATUS 'Status',\r\n DATE_FORMAT(BEGTIME,'%H%i') 'Start',\r\n DATE_FORMAT(ENDTIME,'%H%i') 'End', HOURS 'Hrs',\r\n T.DESCR 'Type', SUBTYPE 'Subtype', CALLOFF 'Calloff', NOTE 'Comment', \r\n HRAPP_IS 'HR_Approved', HR.LNAME 'HRLName', HR.FNAME 'HRFName'\r\n FROM REQUEST\r\n LEFT JOIN EMPLOYEE AS REQ ON REQ.IDNUM=REQUEST.IDNUM\r\n LEFT JOIN EMPLOYEE AS HR ON HR.IDNUM=REQUEST.IDNUM\r\n INNER JOIN TIMETYPE AS T ON T.TIMETYPEID=REQUEST.TIMETYPEID\r\n WHERE USEDATE BETWEEN '" . $startDate->format('Y-m-d') . "' AND '" . $endDate->format('Y-m-d') . "'\r\n AND REQUEST.TIMETYPEID='OT'\r\n " . $myDivID . "\r\n " . $status . "\r\n ORDER BY REQ.LNAME"; $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result); $theTable = array(array()); $x = 0; $theTable[$x][0] = "View"; $theTable[$x][1] = "Munis #"; $theTable[$x][2] = "Employee"; $theTable[$x][3] = "Number of Overtime Requests"; $lastUser = ''; $lastUserRow = 0; $recordCounter = 0; while ($row = $result->fetch_assoc()) { if (strcmp($lastUser, $row['Name']) == 0) { $recordCounter++; $theTable[$x][3] = $recordCounter; } else { $x++; $recordCounter = 1; $lastUser = $row['Name']; $theTable[$x][0] = '<form method="POST"> <input type="submit" name="viewDetailsBtn" value="View" /> <input type="hidden" name="empID" value="' . $row['REQID'] . '" /> </form>'; $theTable[$x][1] = $row['Munis']; $theTable[$x][2] = $lastUser; $theTable[$x][3] = $recordCounter; } } //end While loop echo 'number of rows: ' . $x; showSortableTable($theTable, 1); } } else { echo 'Access Denied'; } }
function reservesTable($config) { $prevNum = isset($_POST['prevNum']) ? $_POST['prevNum'] : "0"; $nextNum = isset($_POST['nextNum']) ? $_POST['nextNum'] : "25"; $limit = isset($_POST['limit']) ? $_POST['limit'] : "25"; if (isset($_POST['prevBtn'])) { $prevNum = $prevNum - $limit; $nextNum = $nextNum - $limit; } if (isset($_POST['nextBtn'])) { $prevNum = $prevNum + $limit; $nextNum = $nextNum + $limit; } $mysqli = connectToSQL($reserveDB = TRUE); if ($config->adminLvl >= 75) { $myq = "SELECT * FROM `RESERVE`"; } else { $myq = "SELECT * FROM `RESERVE` WHERE `GRP` != 5"; } $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result); $totalRows = $result->num_rows; if ($config->adminLvl >= 75) { $myq = "SELECT * FROM `RESERVE` ORDER BY `RESERVE`.`RADIO` ASC LIMIT " . $prevNum . ", " . $limit; } else { $myq = "SELECT * FROM `RESERVE` WHERE `GRP` != 5 ORDER BY `RESERVE`.`RADIO` ASC LIMIT " . $prevNum . ", " . $limit; } $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result); $rowCount = 0; $echo = ""; $rowCount = 0; $theTable = array(array()); $theTable[$rowCount][0] = "Edit"; $theTable[$rowCount][1] = "First Name"; $theTable[$rowCount][2] = "Last Name"; $theTable[$rowCount][3] = "Username"; $theTable[$rowCount][4] = "Radio"; $theTable[$rowCount][5] = "Group"; while ($row = $result->fetch_assoc()) { $rowCount++; $theTable[$rowCount][0] = $rowCount . '<input name="foundUser' . $rowCount . '" type="submit" value="Edit/View" />'; $theTable[$rowCount][1] = '<input type="hidden" name="foundUserFNAME' . $rowCount . '" value="' . $row['FNAME'] . '" /> ' . $row['FNAME']; $theTable[$rowCount][2] = '<input type="hidden" name="foundUserLNAME' . $rowCount . '" value="' . $row['LNAME'] . '" />' . $row['LNAME']; $theTable[$rowCount][3] = '<input type="hidden" name="foundUserID' . $rowCount . '" value="' . $row['IDNUM'] . '" />' . $row['FNAME'] . "." . $row['LNAME'] . '<input type="hidden" name="foundUserName' . $rowCount . '" value="' . $row['FNAME'] . "." . $row['LNAME'] . '" />'; $theTable[$rowCount][4] = $row['RADIO']; $theTable[$rowCount][5] = $row['GRP']; } //end While Loop echo "Number of entries found in the reserve database is: " . $totalRows; echo ' '; echo ' '; echo '<input type="hidden" name="searchFullTime" value="false" />'; echo '<input type="hidden" name="searchReserves" value="checked" />'; displayUserLookup($config); echo '<br /><br /><hr />'; echo '<input type="hidden" name="prevNum" value="' . $prevNum . '" />'; echo '<input type="hidden" name="nextNum" value="' . $nextNum . '" />'; $lastRec = $prevNum + $limit; echo 'Showing Records ' . $prevNum . ' to ' . $lastRec; //Spacing characters echo ' '; echo ' '; echo ' '; echo ' '; if (!$prevNum > 0) { echo ' '; echo ' '; } echo 'Records: <select name="limit" onChange="this.form.submit()" > <option value="25"'; if (strcmp($limit, "25") == 0) { echo ' SELECTED'; } echo '>25</option> <option value="50"'; if (strcmp($limit, "50") == 0) { echo ' SELECTED'; } echo '>50</option> </select>'; if ($prevNum > 0) { echo '<input type="submit" name="prevBtn" value="Previous" />'; } if ($limit == $rowCount) { echo '<input type="submit" name="nextBtn" value="Next" />'; } //echo $echo; showSortableTable($theTable, 4); }
function showKeyLogDetails($config, $keyLogID, $isEditing = false, $isApprove = false, $divID = '') { $checkOutKey = isset($_POST['addKeyLog']) ? true : false; $checkInKey = isset($_POST['checkInKey']) ? true : false; $updateKeyLog = isset($_POST['updateKeyLog']) ? true : false; $itemIDs = ''; $debug = ''; $mysqli = $config->mysqli; $mysqliReserve = connectToSQL($reserveDB = TRUE); $num_deputies = isset($_POST['num_deputies']) ? $mysqli->real_escape_string($_POST['num_deputies']) : 0; $totalRows = isset($_POST['totalRows']) ? $mysqli->real_escape_string($_POST['totalRows']) : 0; $invLogComments = isset($_POST['invLogCommments']) ? $mysqli->real_escape_string(strtoupper($_POST['invLogCommments'])) : ''; if ($checkOutKey) { //get passed values echo '<h2><font color="red">Results</font></h2>'; $debug .= 'checking number of deputies ' . $num_deputies . ' <br/>'; if ($num_deputies > 0) { $podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : ''; $gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0; $checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : ''; $nextGroupID = 0; $gpIDq = "SELECT MAX( GPNUM ) 'gpID' FROM WTS_RADIOLOG"; $gpResult = $mysqli->query($gpIDq); SQLerrorCatch($mysqli, $gpResult); $row = $gpResult->fetch_assoc(); $nextGroupID = $row['gpID'] + 1; for ($i = 0; $i < $num_deputies; $i++) { $debug .= 'adding deputy id ' . $i . '<br/>'; $deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : false; $radioCallNum[$i] = isset($_POST['radioCallNum' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['radioCallNum' . $i])) : ''; $isReserve[$i] = isset($_POST['isReserve' . $i]) ? '1' : '0'; $iCount = 0; for ($z = 0; $z < $totalRows; $z++) { $debug .= 'Checkbox id: ' . $z; $itemCheckbox = isset($_POST['itemIDcheckbox' . $z]) ? true : false; if ($itemCheckbox) { $debug .= ' is checked'; $itemIDs[$iCount] = $mysqli->real_escape_string(strtoupper($_POST['itemID' . $z])); $itemType[$iCount] = isset($_POST['itemType' . $z]) ? $mysqli->real_escape_string(strtoupper($_POST['itemType' . $z])) : ''; $iCount++; $isEditing = true; } $debug .= '<br/>'; } $totalItems = sizeof($itemIDs); if ($gpID != 0) { $groupID = $gpID; } else { if ($num_deputies == 1) { //Set Group ID to 0 or Individual $groupID = 0; } else { if ($i == 0) { $groupID = $nextGroupID; } else { $groupID = $nextGroupID - 1; } } } //if only 1 deputy and multiple items if ($groupID == 0 && $totalItems > 1) { $groupID = $nextGroupID; } for ($z = 0; $z < $totalItems; $z++) { $keyLogID = checkOutItem($config, $deputyID[$i], $radioCallNum[$i], $itemIDs[$z], $itemType[$z], $checkOutType, $isReserve[$i], $groupID, $divID); } echo '<input type="submit" name="goBtn" value="Back To Logs" />'; } } else { if (!empty($invLogComments)) { $gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0; $checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : ''; $nextGroupID = 0; $gpIDq = "SELECT MAX( GPNUM ) 'gpID' FROM WTS_RADIOLOG"; $gpResult = $mysqli->query($gpIDq); SQLerrorCatch($mysqli, $gpResult); $row = $gpResult->fetch_assoc(); $groupID = 0; $nextGroupID = $row['gpID'] + 1; $iCount = 0; for ($z = 0; $z < $totalRows; $z++) { $debug .= 'Checkbox id: ' . $z; $itemCheckbox = isset($_POST['itemIDcheckbox' . $z]) ? true : false; if ($itemCheckbox) { $debug .= ' is checked'; $itemIDs[$iCount] = $mysqli->real_escape_string(strtoupper($_POST['itemID' . $z])); $itemType[$iCount] = isset($_POST['itemType' . $z]) ? $mysqli->real_escape_string(strtoupper($_POST['itemType' . $z])) : ''; $iCount++; $isEditing = true; } $debug .= '<br/>'; } $totalItems = sizeof($itemIDs); //if only 1 deputy and multiple items if ($totalItems > 1) { $groupID = $nextGroupID; } for ($z = 0; $z < $totalItems; $z++) { $keyLogID = checkOutItem($config, '', '', $itemIDs[$z], $itemType[$z], $checkOutType, '0', $groupID, $divID, false, $invLogComments); } echo '<input type="submit" name="goBtn" value="Back To Logs" />'; } else { echo 'Must select a user.<br />'; } } echo '<br />'; //popUpMessage($debug); //display results and get secLogID just added } if ($checkInKey) { $keyLogID = isset($_POST['keyLogID']) ? $_POST['keyLogID'] : ''; $hiddenInputs = '<input type="hidden" value="' . $_POST['dateSelect'] . '" name="dateSelect"> <input type="hidden" name="divisionID" value="' . $_POST['divisionID'] . '" /> <input type="hidden" value="' . $keyLogID . '" name="keyLogID"> <input type="hidden" value="true" name="checkInKey">'; checkInRadioLog($config, $keyLogID, $noLog = false, $hiddenInputs); $isEditing = true; } if ($updateKeyLog) { ////get posted values $keyLogID = isset($_POST['keyLogID']) ? $mysqli->real_escape_string($_POST['keyLogID']) : ''; $podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : ''; $radioCallNum = isset($_POST['radioCallNum']) ? $mysqli->real_escape_string(strtoupper($_POST['radioCallNum'])) : ''; $checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : ''; $debug .= 'Updating KeyLogID ' . $keyLogID; for ($z = 0; $z < $totalRows; $z++) { $debug .= 'Checkbox id: ' . $z; $itemCheckbox = isset($_POST['itemIDcheckbox' . $z]) ? true : false; if ($itemCheckbox) { $debug .= ' is checked'; $itemIDs[$z] = $mysqli->real_escape_string(strtoupper($_POST['itemID' . $z])); $itemType[$z] = isset($_POST['itemType' . $z]) ? $mysqli->real_escape_string(strtoupper($_POST['itemType' . $z])) : ''; updateRadioLog($config, $keyLogID, $radioCallNum, $itemIDs[$z], $checkOutType, $invLogComments); $isEditing = true; } $debug .= '<br/>'; } //popUpMessage($debug); $isEditing = true; } if ($isEditing) { $filters = showSelectDivision($config, $divID, "I."); if ($config->adminLvl >= 0) { $mysqli = $config->mysqli; $myq = "SELECT R.REFNUM, R.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime', R.COMMENTS\r\n FROM WTS_RADIOLOG R\r\n JOIN EMPLOYEE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n WHERE R.REFNUM = '" . $keyLogID . "' AND IS_RESERVE=0\r\n UNION\r\n SELECT R.REFNUM, R.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, \r\n R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime', R.COMMENTS\r\n FROM WTS_RADIOLOG R\r\n JOIN RESERVE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n WHERE R.REFNUM = '" . $keyLogID . "' AND IS_RESERVE=1\r\n "; $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result); $row = $result->fetch_assoc(); if ($row['gpID'] != 0 && false) { //get all users echo '<div align="center">Group Reference #: ' . $row['gpID'] . ' <input type="hidden" name="gpID" value="' . $row['gpID'] . '" /></div>'; $newq = "SELECT R.REFNUM 'refNum', R.GPNUM 'gpID', \r\n CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, R.COMMENTS,\r\n R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n FROM WTS_RADIOLOG R\r\n JOIN EMPLOYEE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n WHERE R.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=0\r\n UNION\r\n SELECT R.REFNUM 'refNum', R.GPNUM 'gpID', \r\n CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', R.RADIO_CALLNUM, R.COMMENTS, \r\n R.RADIOID, R.TYPE, DATE_FORMAT (AUDIT_IN_TS, '%m/%d/%y %H%i') 'inTime'\r\n FROM WTS_RADIOLOG R\r\n JOIN RESERVE AS SEC ON SEC.IDNUM=R.DEPUTYID\r\n WHERE R.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=1"; $newResult = $mysqli->query($newq); SQLerrorCatch($mysqli, $newResult, $newq); $x = 0; $y = 0; $depTable = array(array()); $selectedRows = array(); $sRows = 0; $depTable[$x][$y] = "Deputy"; $y++; $depTable[$x][$y] = "Radio#"; $y++; $x++; while ($newRow = $newResult->fetch_assoc()) { $y = 0; $lastDeputy = false; for ($t = 0; $t < sizeof($depTable); $t++) { if ($newRow['DEPUTYNAME'] == $depTable[$t][0]) { $lastDeputy = true; break; } } if (!$lastDeputy && !empty($newRow['DEPUTYNAME'])) { $depTable[$x][$y] = $newRow['DEPUTYNAME']; $y++; $depTable[$x][$y] = '<input type="text" name="radioCallNum' . $x . '" value="' . $newRow['RADIO_CALLNUM'] . '" />'; $y++; $x++; } //echo '<option value="'.$selectedValue.'" SELECTED>'.$row['SERIAL_NUM'].$itemDesc.'</option>'; $selectedRows[$sRows] = $newRow['refNum']; $sRows++; } if (sizeof($depTable) > 0) { showSortableTable($depTable, 0); } else { echo 'Comments (include person\'s name and company): <input size=50 name="invLogCommments" value="' . $invLogComments . '"/><br/><Br/>'; } selectInventory($config, $selectedRows, $filters); } else { echo '<br/>Reference #: ' . $keyLogID . '<input type="hidden" name="keyLogID" value="' . $keyLogID . '" /><br />'; if ($row['DEPUTYNAME'] == "SYSTEM, USER") { echo ' Comments (include person\'s name and company): <br/><input size=50 name="invLogCommments" value="' . $row['COMMENTS'] . '"/><br/><Br/>'; } else { echo 'Deputy: ' . $row['DEPUTYNAME'] . ' Radio#: <input type="text" name="radioCallNum" value="' . $row['RADIO_CALLNUM'] . '" /><br/> '; } $selectedRows[0] = $keyLogID; selectInventory($config, $selectedRows, $filters); } //selectRadioInventory($config, "radioID", $row['RADIOID']); echo '<br/><br/>'; if ($row['TYPE'] == "LOANER") { echo '<input type="radio" name="checkOutType" value="LOANER" CHECKED>LOANER</input>'; } else { echo '<input type="radio" name="checkOutType" value="LOANER">LOANER</input>'; } if ($row['TYPE'] == "SHIFT") { echo '<input type="radio" name="checkOutType" value="SHIFT" CHECKED>SHIFT ASSIGNMENT</input><br/>'; } else { echo '<input type="radio" name="checkOutType" value="SHIFT">SHIFT ASSIGNMENT</input>'; } if ($config->adminLvl >= 25) { if ($row['TYPE'] == "PERM") { echo '<input type="radio" name="checkOutType" value="PERM" CHECKED>PERMANENT</input>'; } else { echo '<input type="radio" name="checkOutType" value="PERM">PERMANENT</input>'; } } echo '<br/><br/>Checked in time: '; if (strcmp($row['inTime'], "00/00/00 0000") == 0) { echo "<font color=red><b>Not Checked back in Yet</b></font><br /><br />"; echo '<input type="submit" name="checkInKey" value="Check Back In" />'; } else { echo '<font color=red>' . $row['inTime'] . '</font><br /><br />'; } if (strcmp($row['inTime'], "00/00/00 0000") == 0 || $config->adminLvl >= 25) { echo '<input type="submit" name="updateKeyLog" value="Update" />'; } if ($isApprove) { echo '<input type="submit" name="backToApprove" value="Back To Approvals" />'; } else { echo '<input type="submit" name="goBtn" value="Back To Logs" />'; } } else { echo 'Access Denied'; } } if (!$isEditing && !isset($_POST['goBtn'])) { $filters = showSelectDivision($config, $divID, "I."); echo '<br/>'; $keyLogID = isset($_POST['keyLogID']) ? $mysqli->real_escape_string($_POST['keyLogID']) : ''; $keyID = isset($_POST['keyID']) ? $mysqli->real_escape_string(strtoupper($_POST['keyID'])) : ''; $podID = isset($_POST['podID']) ? $mysqli->real_escape_string(strtoupper($_POST['podID'])) : ''; $checkOutType = isset($_POST['checkOutType']) ? $mysqli->real_escape_string(strtoupper($_POST['checkOutType'])) : ''; $invLogComments = isset($_POST['invLogCommments']) ? $mysqli->real_escape_string(strtoupper($_POST['invLogCommments'])) : ''; //debug //var_dump($_POST); //Show previously added deputies $deputyCount = 0; if ($num_deputies > 0) { for ($i = 0; $i < $num_deputies; $i++) { if (!isset($_POST['removeDeputyBtn' . $i])) { $deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : ''; $isReserve[$i] = isset($_POST['isReserve' . $i]) ? true : false; //get this user's information if ($isReserve[$i]) { $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $deputyID[$i]; $result = $mysqliReserve->query($myq); SQLerrorCatch($mysqliReserve, $result); $row = $result->fetch_assoc(); } else { $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $deputyID[$i]; $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result); $row = $result->fetch_assoc(); } if ($i == 0) { $phone = $row['CELLPH']; } echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $deputyID[$i] . '" />'; if ($isReserve[$i] == 1) { echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />'; } echo $row['LNAME'] . ', ' . $row['FNAME']; echo '; Radio Call #: <input type="hidden" name="radioCallNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />' . $row['RADIO']; echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />'; echo '<br/>'; $deputyCount++; } } //End for loop of previously added deputies } //End check for multiple deputies //Get added Deputy $totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : 0; $foundUserFNAME = ''; $foundUserLNAME = ''; $foundUserName = ''; $foundUserID = ''; if ($totalRows > 0) { //get post info providied from search results for ($i = 0; $i <= $totalRows; $i++) { if (isset($_POST['foundUser' . $i])) { $foundUserFNAME = $_POST['foundUserFNAME' . $i]; $foundUserLNAME = $_POST['foundUserLNAME' . $i]; $foundUserName = $_POST['foundUserName' . $i]; $foundUserID = $_POST['foundUserID' . $i]; if (isset($_POST['isReserve' . $i])) { $foundUserIsReserve = true; } else { $foundUserIsReserve = false; } break; } //end if } //end for } if (empty($foundUserID) && $num_deputies == 0) { //security check for central control computer if ($_SERVER['REMOTE_ADDR'] != nslookup('WSRF14900.mahoningcountyoh.gov')) { //'10.1.32.72' //Default first deputy to logged in user on first load $foundUserID = $_SESSION['userIDnum']; $foundUserIsReserve = false; } } if (!empty($foundUserID)) { if ($foundUserIsReserve) { $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $foundUserID; $result = $mysqliReserve->query($myq); SQLerrorCatch($mysqliReserve, $result); } else { $myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $foundUserID; $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result); } $row = $result->fetch_assoc(); if ($deputyCount == 0) { $phone = $row['CELLPH']; } echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $foundUserID . '" />'; if ($foundUserIsReserve) { echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />'; } echo $row['LNAME'] . ', ' . $row['FNAME']; echo '; Radio Call#: <input name="radioCallNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />'; echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />'; echo '<br/>'; $deputyCount++; } if (empty($foundUserID) && $deputyCount == 0) { //If no deputy echo 'Add Deputy: '; displayUserLookup($config); echo ' <br/><br/>or Comments (include person\'s name and company): <input size=50 name="invLogCommments" value="' . $invLogComments . '"/>'; } echo '<input type="hidden" name="num_deputies" value="' . $deputyCount . '" />'; $gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0; echo '<br/><br/><input type="hidden" name="gpID" value="' . $gpID . '" />'; selectInventory($config, $itemIDs, $filters); echo '<br/><br/>'; if ($checkOutType == "LOANER" || empty($checkOutType)) { echo '<input type="radio" name="checkOutType" value="LOANER" CHECKED>LOANER</input>'; } else { echo '<input type="radio" name="checkOutType" value="LOANER">LOANER</input>'; } if ($checkOutType == "SHIFT") { echo '<input type="radio" name="checkOutType" value="SHIFT" CHECKED>SHIFT ASSIGNMENT</input><br/>'; } else { echo '<input type="radio" name="checkOutType" value="SHIFT">SHIFT ASSIGNMENT</input>'; } if ($config->adminLvl >= 25) { if ($checkOutType == "PERM") { echo '<input type="radio" name="checkOutType" value="PERM" CHECKED>PERMANENT</input>'; } else { echo '<input type="radio" name="checkOutType" value="PERM">PERMANENT</input>'; } } echo '<br/><br/><input type="hidden" name="checkoutKeyBtn" value="true" /> <input type="submit" name="addKeyLog" value="Check Out Selected Items" /> <input type="submit" name="goBtn" value="Cancel" />'; } }
function displayLogs($config) { if ($config->adminLvl > 75) { echo "<form name='custRange' action='" . $_SERVER['REQUEST_URI'] . "' method='post'>"; echo 'Date Range to Display (Blank will use today\'s Date)'; echo "<p> Start"; if (isset($_POST['start']) && isset($_POST['end'])) { displayDateSelect('start', 'date_1', $_POST['start'], false, false); echo "End"; displayDateSelect('end', 'date_2', $_POST['end'], false, false); } else { displayDateSelect('start', 'date_1', false, false, true); echo "End"; displayDateSelect('end', 'date_2', false, false, true); } echo "<input type='submit' value='Go' /></p>"; //overwrite current period date variables with //those provided by user if (isset($_POST['start']) && isset($_POST['end'])) { $startDate = new DateTime($_POST['start']); $startDate = $startDate->format('Y-m-d'); $endDate = new DateTime($_POST['end']); $endDate = $endDate->format('Y-m-d'); } else { $startDate = date("Y-m-d"); $endDate = date("Y-m-d"); } if ($startDate == $endDate) { $dateQ = "WHERE DATE = '" . $startDate . "'"; } else { $dateQ = "WHERE DATE BETWEEN '" . $startDate . "' AND '" . $endDate . "'"; } $x = 0; $y = 0; $theTable = array(array()); $theTable[$x][$y] = "Event#"; $y++; $theTable[$x][$y] = "User"; $y++; $theTable[$x][$y] = "User IP"; $y++; $theTable[$x][$y] = "Time of Event"; $y++; $theTable[$x][$y] = "Description of Event"; $y++; $mysqli = $config->mysqli; $myq = "SELECT EMP.LNAME 'LName', EMP.FNAME 'FName', WTS_EVENTS.IDNUM 'refNo', \r\n DATE_FORMAT(DATE,'%a %d %b %Y') 'Date',\r\n DATE_FORMAT(TIME,'%H%i') 'Time', \r\n DESCR 'Descr', INET_NTOA(USERIP) 'UserIP'\r\n FROM WTS_EVENTS\r\n LEFT JOIN EMPLOYEE AS EMP ON EMP.IDNUM=WTS_EVENTS.USERID\r\n " . $dateQ; $result = $mysqli->query($myq); SQLerrorCatch($mysqli, $result); while ($row = $result->fetch_assoc()) { $x++; $y = 0; $theTable[$x][$y] = $row['refNo']; $y++; $theTable[$x][$y] = $row['LName'] . ', ' . $row['FName']; $y++; $theTable[$x][$y] = $row['UserIP']; $y++; $theTable[$x][$y] = $row['Date'] . ' ' . $row['Time']; $y++; $theTable[$x][$y] = $row['Descr']; $y++; } echo '<h3>User Event Logs</h3>'; echo 'Showing events between ' . $startDate . ' and ' . $endDate; showSortableTable($theTable, 1); } else { echo '<h3>User Event Logs</h3>Access Denied!'; } }
private function showTable() { if ($this->config->adminLvl >= 50 && $this->config->adminLvl != 75) { showSortableTable($this->currentTable, 2, "timeRequestTable"); } else { showSortableTable($this->currentTable, 2, "timeRequestTable"); } echo '<input type="hidden" name="timeRequestTableRows" value="' . $this->currentRow . '" />'; }