$post_data = json_encode(array('error' => $post_data), JSON_FORCE_OBJECT);
echo $post_data;
}
break;
case 'get_attendance':
if (isset($_GET['session_id']) && $_GET['session_id'] != "" && isset($_GET['token']) && $_GET['token'] != "") {
getAttendance($conn, $_GET['token'], $_GET['session_id']);
} else {
$post_data = array('message' => 'missing parameters', 'comment' => 'require param [session_id]');
$post_data = json_encode(array('error' => $post_data), JSON_FORCE_OBJECT);
echo $post_data;
}
break;
case 'add_attendance':
if (isset($_GET['session_id']) && $_GET['session_id'] != "" && isset($_GET['status_set']) && $_GET['status_set'] != "" && isset($_GET['taken_by']) && $_GET['taken_by'] != "" && isset($_GET['data']) && $_GET['data'] != "" && isset($_GET['time']) && $_GET['time'] != "") {
addAttendance($conn, $_GET['session_id'], $_GET['status_set'], $_GET['taken_by'], $_GET['time'], $_GET['data']);
} else {
$post_data = array('message' => 'missing parameters', 'comment' => 'require param [session_id,status_set,taken_by,time,data]');
$post_data = json_encode(array('error' => $post_data), JSON_FORCE_OBJECT);
echo $post_data;
}
break;
case 'add_session':
if (isset($_GET['attendance_id']) && $_GET['attendance_id'] != "" && isset($_GET['session_date']) && $_GET['session_date'] != "" && isset($_GET['duration']) && $_GET['duration'] != "" && isset($_GET['time_modified']) && $_GET['time_modified'] != "" && isset($_GET['description']) && $_GET['description'] != "") {
addSession($conn, $_GET['attendance_id'], $_GET['session_date'], $_GET['duration'], $_GET['time_modified'], $_GET['description']);
} else {
$post_data = array('message' => 'missing parameters', 'comment' => 'require param [attendance_id,session_date,duration,time_modified,description]');
$post_data = json_encode(array('error' => $post_data), JSON_FORCE_OBJECT);
echo $post_data;
}
break;
} else {
$smarty->assign("url", "./index.php?page=listMembers");
}
$smarty->display('redirect.tpl');
break;
case 'addAttendance':
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++//
$formData['member'] = db_clean_int($_POST['member']);
$formData['meeting'] = db_clean_int($_POST['meeting']);
//Verify form
if (!secureform_test_pk($verify_key, $verify_action, $formData['meeting'])) {
$smarty->assign("url", "./index.php?page=addAttendance&meeting=" . $formData['meeting']);
$smarty->display('redirectError.tpl');
exit;
}
addAttendance($formData['member'], $formData['meeting']);
$smarty->assign("url", "./index.php?page=listAttendance&meeting=" . $formData['meeting']);
$smarty->display('redirect.tpl');
break;
case 'updateAttendance':
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++//
$formData['position'] = db_clean_int($_POST['position']);
$formData['status'] = db_clean_int($_POST['status']);
$formData['id'] = db_clean_int($_POST['id']);
//Verify form
if (!secureform_test_pk($verify_key, $verify_action, $formData['id'])) {
$smarty->assign("url", "./index.php?page=updateAttendance&attendance=" . $formData['id']);
$smarty->display('redirectError.tpl');
exit;
}
$meeting = retreiveAttendanceMeetingId($formData['id']);
* Time: 18:28
*/
include_once 'tools.php';
include_once 'SQLSafe.php';
$SQLSafe = new SQLSafe();
$userID = $_POST['userID'];
$date = $_POST['date'];
$status = $_POST['status'];
function addAttendance($userID, $date, $status)
{
$conn = tools::connectDatabase();
$check = 'bad';
$data = array();
$result = mysqli_query($conn, "SELECT * FROM Attendances WHERE EmployeeID={$userID}");
while ($row = mysqli_fetch_array($result)) {
array_push($data, $row['Date']);
}
for ($i = 0; $i < count($data); $i++) {
if ($data[$i] == $date) {
$check = "good";
}
}
if ($check == "good") {
echo "failed";
} else {
mysqli_query($conn, "INSERT INTO Attendances(EmployeeID,StatusID,Date) VALUES('{$userID}','{$status}','{$date}') ");
echo "success";
}
}
addAttendance($userID, $date, $status);
