function DisplayMainVacationRequestTableBody($userID) { $employee = RetrieveEmployeeByID($userID); $mainVacationRequest = RetrieveMainVacationRequestByID($employee[EMP_MAIN_VACATION_REQ_ID]); if ($mainVacationRequest != NULL) { echo '<tr>'; echo '<td>' . $mainVacationRequest[MAIN_VACATION_1ST_START] . '</td>'; echo '<td>' . $mainVacationRequest[MAIN_VACATION_1ST_END] . '</td>'; echo '<td>' . $mainVacationRequest[MAIN_VACATION_2ND_START] . '</td>'; echo '<td>' . $mainVacationRequest[MAIN_VACATION_2ND_END] . '</td>'; echo '<td> <button class="btn btn-success" type="submit" name="amendMain"' . 'value="' . $mainVacationRequest[MAIN_VACATION_REQ_ID] . '">Amend</button></td>'; echo '<td> <button class="btn btn-danger" type="submit" name="deleteMain"' . 'value="' . $mainVacationRequest[MAIN_VACATION_REQ_ID] . '">Delete</button></td>'; echo '</tr>'; } }
function ApproveMainVacationRequest($requestID, $useFirst) { $statusMessage = ""; $succeeded = true; $absenceType = GetAnnualLeaveAbsenceTypeID(); $request = RetrieveMainVacationRequestByID($requestID); if ($request != NULL) { $start = $request[MAIN_VACATION_1ST_START]; $end = $request[MAIN_VACATION_1ST_END]; if (!$useFirst) { $start = $request[MAIN_VACATION_2ND_START]; $end = $request[MAIN_VACATION_2ND_END]; } $succeeded = ProcessAbsenceRequest($request[MAIN_VACATION_EMP_ID], $start, $end, $absenceType, $statusMessage); if ($succeeded) { DeleteMainVacationRequest($requestID); } } else { $statusMessage .= "Error: Unable to process your request." . "The MainVacationRequest ID of {$requestID} " . "could not be found in the database. Please " . "contact your system administrator.</br>"; $succeeded = false; } GenerateStatus($succeeded, $statusMessage); }
function DeleteMainVacationRequest($ID) { $result = 0; $record = RetrieveMainVacationRequestByID($ID); if ($record != NULL) { $employee = RetrieveEmployeeByID($record[MAIN_VACATION_EMP_ID]); if ($employee) { $employee[EMP_MAIN_VACATION_REQ_ID] = NULL; UpdateEmployee($employee); } $sql = "DELETE FROM mainVacationRequestTable WHERE mainVacationRequestID=" . $ID . ";"; $result = performSQL($sql); } return $result; }
<?php include 'sessionmanagement.php'; //sets $userID,$isAdministrator and $isManager $employee = RetrieveEmployeeByID($userID); $requestID = $employee[EMP_MAIN_VACATION_REQ_ID]; $today = date("Y-m-d"); $firstChoiceStart = $today; $firstChoiceEnd = $today; $secondChoiceStart = $today; $secondChoiceEnd = $today; if ($requestID != NULL) { $mainVacationRequest = RetrieveMainVacationRequestByID($requestID); $firstChoiceStart = $mainVacationRequest[MAIN_VACATION_1ST_START]; $firstChoiceEnd = $mainVacationRequest[MAIN_VACATION_1ST_END]; $secondChoiceStart = $mainVacationRequest[MAIN_VACATION_2ND_START]; $secondChoiceEnd = $mainVacationRequest[MAIN_VACATION_2ND_END]; } if (isset($_POST["submit"])) { ClearStatus(); $request = CreateMainVactionRequest($userID, $_POST["firstChoiceStart"], $_POST["firstChoiceEnd"], $_POST["secondChoiceStart"], $_POST["secondChoiceEnd"]); if ($request != NULL) { $url = "Location:index.php"; header($url); } } ?> <!DOCTYPE html> <html> <head>
function UpdateEmployee($fields) { $statusMessage = ""; //------------------------------------------------------------------------- // Validate Input parameters //------------------------------------------------------------------------- $inputIsValid = TRUE; $validID = false; $countOfFields = 0; foreach ($fields as $key => $value) { if ($key == EMP_ID) { $record = RetrieveEmployeeByID($value); if ($record != NULL) { $validID = true; $countOfFields++; } } else { if ($key == EMP_NAME) { $countOfFields++; if (isNullOrEmptyString($value)) { $statusMessage .= "Employee name can not be blank.</br>"; error_log("Invalid EMP_NAME passed to UpdateEmployee."); $inputIsValid = FALSE; } } else { if ($key == EMP_EMAIL) { $countOfFields++; if (!filter_var($value, FILTER_VALIDATE_EMAIL)) { $statusMessage .= "Email address is not in a valid format.</br>"; error_log("Invalid email address passed to UpdateEmployee."); $inputIsValid = FALSE; } } else { if ($key == EMP_PASSWORD) { //No validation on password, since this is an MD5 encoded string. $countOfFields++; } else { if ($key == EMP_DATEJOINED) { $countOfFields++; if (!isValidDate($value)) { $statusMessage .= "Date Joined value is not a valid date</br>"; error_log("Invalid EMP_DATEJOINED passed to UpdateEmployee."); $inputIsValid = FALSE; } } else { if ($key == EMP_LEAVE_ENTITLEMENT) { $countOfFields++; if (!is_numeric($value)) { $statusMessage .= "Employee Leave Entitlement must be a numeric value.</br>"; error_log("Invalid EMP_LEAVE_ENTITLEMENT passed to UpdateEmployee."); $inputIsValid = FALSE; } } else { if ($key == EMP_MAIN_VACATION_REQ_ID) { if ($value != NULL) { $record = RetrieveMainVacationRequestByID($value); if ($record == NULL) { $statusMessage .= "Main Vacation Request ID not found in database.</br>"; error_log("Invalid EMP_MAIN_VACATION_REQ_ID passed to UpdateEmployee."); $inputIsValid = FALSE; } } } else { if ($key == EMP_COMPANY_ROLE) { $countOfFields++; $record = RetrieveCompanyRoleByID($value); if ($record == NULL) { $statusMessage .= "Company Role ID not found in database.</br>"; error_log("Invalid EMP_COMPANY_ROLE passed to UpdateEmployee."); $inputIsValid = FALSE; } } else { if ($key == EMP_ADMIN_PERM) { $countOfFields++; } else { if ($key == EMP_MANAGER_PERM) { $countOfFields++; } else { $statusMessage .= "Unrecognised field of {$key} encountered.</br>"; error_log("Invalid field passed to UpdateEmployee. {$key}=" . $key); $inputIsValid = FALSE; } } } } } } } } } } } if (!$validID) { $statusMessage .= "No valid ID supplied.</br>"; error_log("No valid ID supplied in call to UpdateEmployee."); $inputIsValid = FALSE; } if ($countOfFields < 2) { $statusMessage .= "Insufficent fields supplied.</br>"; error_log("Insufficent fields supplied in call to UpdateEmployee."); $inputIsValid = FALSE; } //------------------------------------------------------------------------- // Only attempt to update a record in the database if the input parameters // are ok. //------------------------------------------------------------------------- $success = false; if ($inputIsValid) { $success = performSQLUpdate(EMPLOYEE_TABLE, EMP_ID, $fields); if ($success) { $statusMessage .= "Record has been successfully updated."; } else { $inputIsValid = false; $statusMessage .= "Unexpected Database error encountered. Please " . "contact your system administrator."; } } GenerateStatus($inputIsValid, $statusMessage); return $success; }
<?php include 'sessionmanagement.php'; $returnURL = "index.php"; if (isset($_GET["back"])) { $returnURL = $_GET["back"]; } if ($_GET["ID"] != NULL) { $record = RetrieveMainVacationRequestByID($_GET["ID"]); if (!$isAdministrator) { if ($record[MAIN_VACATION_EMP_ID] != $userID) { header('Location: index.php'); exit; } } $employee = RetrieveEmployeeByID($record[MAIN_VACATION_EMP_ID]); } if (isset($_POST["cancel"])) { ClearStatus(); header("Location:" . $returnURL); exit; } if (isset($_POST["update"])) { ClearStatus(); $record[MAIN_VACATION_REQ_ID] = $_GET["ID"]; $record[MAIN_VACATION_EMP_ID] = $employee[EMP_ID]; $record[MAIN_VACATION_1ST_START] = $_POST["firstChoiceStart"]; $record[MAIN_VACATION_1ST_END] = $_POST["firstChoiceEnd"]; $record[MAIN_VACATION_2ND_START] = $_POST["secondChoiceStart"]; $record[MAIN_VACATION_2ND_END] = $_POST["secondChoiceEnd"]; $success = UpdateMainVacactionRequest($record);