deleteStd();
break;
case 'deleteFac':
deleteFac();
break;
case 'addEmp':
addEmp();
break;
case 'addStudent':
addStudent();
break;
case 'addFaculty':
addFaculty();
break;
case 'editEmp':
editEmp();
break;
case 'editStudent':
editStudent();
break;
case 'editFaculty':
editFaculty();
break;
default:
// if action is not defined or unknown
// move to main user page
header('Location: index.php');
}
function makeComplain()
{
//echo 'Make Complain...';
function writeEmp($_POST)
{
$_POST = var_makesafe($_POST);
global $_FILES;
extract($_POST);
if (isset($back)) {
return editEmp();
}
//------------------------------------ Jean -----------------------------------
$comp_uif += 0;
$comp_sdl += 0;
$comp_provident += 0;
$emp_provident += 0;
$emp_uif += 0;
//-----------------------------------------------------------------------------
$comp_pension += 0;
$emp_pension += 0;
$comp_ret += 0;
$emp_ret += 0;
$comp_medical += 0;
$emp_medical += 0;
# validate input
require_lib("validate");
$v = new validate();
# Limit field lengths as per database settings
$v->isOk($empnum, "num", 1, 20, "Invalid employee number.");
$v->isOk($enum, "string", 1, 20, "Invalid emp num");
$v->isOk($sname, "string", 1, 50, "Invalid surname.");
$v->isOk($fnames, "string", 1, 50, "Invalid first names.");
$v->isOk($sex, "string", 1, 1, "Invalid sex.");
$v->isOk($marital, "string", 0, 10, "Invalid marital status.");
$v->isOk($designation, "string", 0, 100, "Invalid designation.");
$v->isOk($resident, "string", 1, 5, "Invalid residential status.");
$v->isOk($hiredate, "date", 1, 10, "Invalid hire date.");
$v->isOk($telno, "string", 0, 30, "Invalid telephone no.");
$v->isOk($email, "email", 0, 50, "Invalid email address.");
$v->isOk($hpweek, "float", 1, 5, "Invalid hours per week.");
$v->isOk($novert, "float", 1, 9, "Invalid normal overtime.");
$v->isOk($hovert, "float", 1, 9, "Invalid holiday overtime.");
$v->isOk($paytype, "string", 1, 15, "Invalid pay type.");
$v->isOk($bankname, "string", 0, 50, "Invalid bank name.");
$v->isOk($bankcode, "string", 0, 8, "Invalid bank code.");
$v->isOk($bankacctype, "string", 0, 50, "Invalid bank account type.");
$v->isOk($bankaccno, "num", 0, 50, "Invalid bank account no.");
$v->isOk($vaclea, "num", 1, 5, "Invalid vacation leave days.");
$v->isOk($siclea, "num", 1, 5, "Invalid sick leave days.");
$v->isOk($stdlea, "num", 1, 5, "Invalid study leave days.");
$v->isOk($res1, "string", 1, 50, "Invalid residential address. (line 1)");
$v->isOk($res2, "string", 0, 50, "Invalid residential address. (line 2)");
$v->isOk($res3, "string", 0, 50, "Invalid residential address. (line 3)");
$v->isOk($res4, "string", 0, 50, "Invalid residential address. (line 4)");
$v->isOk($pos1, "string", 0, 50, "Invalid postal address. (line 1)");
$v->isOk($pos2, "string", 0, 50, "Invalid postal address. (line 2)");
$v->isOk($pcode, "string", 0, 16, "Invalid postal code.");
$v->isOk($contsname, "string", 0, 50, "Invalid contact surname.");
$v->isOk($contfnames, "string", 0, 50, "Invalid first names.");
$v->isOk($contres1, "string", 0, 50, "Invalid contact address. (line 1)");
$v->isOk($contres2, "string", 0, 50, "Invalid contact address. (line 2)");
$v->isOk($contres3, "string", 0, 50, "Invalid contact address. (line 3)");
$v->isOk($conttelno, "string", 0, 30, "Invalid contact telephone no.");
$v->isOk($idnum . $passportnum, "string", 1, 30, "Invalid id/passport num (VAL).");
if (!empty($idnum)) {
$v->isOk($idnum, "string", 6, 30, "Invalid id number.");
}
$v->isOk($taxref, "string", 0, 30, "Invalid tax ref no.");
$v->isOk($department, "string", 0, 50, "Invalid department");
$v->isOk($occ_cat, "string", 0, 50, "Invalid Occupational Category");
$v->isOk($occ_level, "string", 0, 50, "Invalid Occupational Level");
$v->isOk($pos_filled, "string", 0, 50, "Invalid Position Files");
$v->isOk($temporary, "string", 0, 50, "Invalid Temporary Data");
$v->isOk($termination_date, "date", 1, 10, "{$termination_date} Invalid termination date.");
$v->isOk($recruitment_from, "string", 0, 50, "Invalid Recruitment From");
$v->isOk($employment_reason, "string", 0, 50, "Invalid Employment Reason");
$v->isOk($union_name, "string", 0, 50, "Invalid Union Name");
$v->isOk($union_mem_num, "string", 0, 50, "Invalid Union Member Name");
$v->isOk($union_pos, "string", 0, 50, "Invalid Union Position");
$v->isOk($race, "string", 0, 50, "Invalid Race");
$v->isOk($disabled_stat, "string", 0, 50, "Invalid Disabled Status");
$v->isOk($emp_group, "num", 1, 10, "Invalid Employee Group.");
$v->isOK($person_nature, "string", 1, 1, "Invalid Nature Of Person Selection.");
$v->isOK($medical_aid, "num", 1, 4, "Invalid Medical Aid Selected.");
$v->isOK($medical_aid_number, "string", 0, 25, "Invalid Medical Aid Number.");
if (strlen($idnum) >= 6) {
$bd_year = substr($idnum, 0, 2);
$bd_month = substr($idnum, 2, 2);
$bd_day = substr($idnum, 4, 2);
if (!(is_numeric($bd_year) && is_numeric($bd_month) && is_numeric($bd_day) && checkdate($bd_month, $bd_day, $bd_year))) {
$v->addError("", "Invalid id num (BD).");
}
}
if (isset($allowances)) {
foreach ($allowances as $key => $value) {
$v->isOk($allowances[$key], "float", 0, 20, "Invalid allowance amount " . ($key + 1) . ".");
}
}
if (isset($deductid)) {
foreach ($deductid as $key => $value) {
$v->isOk($deductid[$key], "num", 1, 20, "Invalid deductions ID.");
}
}
if (isset($deductions)) {
foreach ($deductions as $key => $value) {
$v->isOk($deductions[$key], "float", 0, 20, "Invalid deduction amount" . ($key + 1) . ".");
$v->isOk($comp_deductions[$key], "float", 0, 20, "Invalid deduction employer contribution amount" . ($key + 1) . ".");
}
}
if (isset($allowid)) {
foreach ($allowid as $key => $value) {
$v->isOk($allowid[$key], "num", 1, 20, "Invalid allowance ID.");
}
}
if (isset($allowtax)) {
foreach ($allowtax as $key => $value) {
$v->isOk($allowtax[$key], "string", 2, 20, "Invalid allowance tax " . ($key + 1) . ".");
}
}
# display errors, if any
if ($v->isError()) {
$confirmCust = "";
$errors = $v->getErrors();
foreach ($errors as $e) {
$confirmCust .= "<li class='err'>{$e['msg']}</li>";
}
return editEmp($confirmCust);
}
db_connect();
# deal with logo image
if ($changelogo == "yes") {
if (empty($_FILES["logo"])) {
return "<li class='err'> Please select an image to upload from your hard drive.</li>";
}
if (is_uploaded_file($_FILES["logo"]["tmp_name"])) {
# Check file ext
if (preg_match("/(image\\/jpeg|image\\/png|image\\/gif)/", $_FILES["logo"]["type"], $extension)) {
$type = $_FILES["logo"]["type"];
// open file in "read, binary" mode
$img = "";
$file = fopen($_FILES['logo']['tmp_name'], "rb");
while (!feof($file)) {
// fread is binary safe
$img .= fread($file, 1024);
}
fclose($file);
# base 64 encoding
$img = base64_encode($img);
db_connect();
$Sl = "DELETE FROM eimgs WHERE emp='{$empnum}'";
$Ry = db_exec($Sl) or errDie("Error removing prev imgs.");
$Sl = "INSERT INTO eimgs (emp,image, imagetype) VALUES ('{$empnum}','{$img}','{$type}')";
$Ry = db_exec($Sl) or errDie("Unable to upload company logo Image to DB.", SELF);
# to show IMG
//$logoimg = "<br><img src='compinfo/getimg.php' width=230 height=47><br><br>";
//$logo = "compinfo/getimg.php";
} else {
return "<li class='err'>Please note that we only accept images of the types PNG,GIF and JPEG.</li>";
}
} else {
return "<li class='err'>Unable to upload file, Please check file permissions.</li>";
}
}
# if data is ok, write to db
db_connect();
//------------------------------------ Jean -----------------------------------
$comp_sdl += 0;
$comp_uif += 0;
$comp_provident += 0;
$emp_provident += 0;
$emp_uif += 0;
//-----------------------------------------------------------------------------
$comp_pension += 0;
$emp_pension += 0;
$comp_ret += 0;
$emp_ret += 0;
$comp_medical += 0;
$emp_medical += 0;
$sal_bonus += 0;
$all_travel += 0;
/* FOR AUDITING PURPOSES THESE VALUES HAVE BEEN HARDCODED */
$comp_sdl = 1;
$comp_uif = 1;
$emp_uif = 1;
/* DONE */
$basic_sal = sprint($basic_sal);
if ($resident == "Yes") {
$resident = "TRUE";
} else {
$resident = "FALSE";
}
$sql = "\n\t\tUPDATE employees \n\t\tSET idnum='{$idnum}', passportnum='{$passportnum}', sex='{$sex}', sname='{$sname}', fnames='{$fnames}', marital='{$marital}', \n\t\t\tresident='{$resident}', hiredate='{$hiredate}', telno='{$telno}', email='{$email}', basic_sal='{$basic_sal}', \n\t\t\thpweek='{$hpweek}', novert='{$novert}', hovert='{$hovert}', paytype='{$paytype}', taxref='{$taxref}', enum='{$enum}', \n\t\t\tpayprd_day='{$payprd_day}', bankname='{$bankname}', bankcode='{$bankcode}', bankacctype='{$bankacctype}', \n\t\t\tbankaccno='{$bankaccno}', vaclea='{$vaclea}', siclea='{$siclea}', stdlea='{$stdlea}', res1='{$res1}', res2='{$res2}', \n\t\t\tres3='{$res3}', res4='{$res4}', pos1='{$pos1}', pos2='{$pos2}', pcode='{$pcode}', contsname='{$contsname}', \n\t\t\tcontfnames='{$contfnames}', contres1='{$contres1}', contres2='{$contres2}', contres3='{$contres3}', \n\t\t\tconttelno='{$conttelno}', designation='{$designation}', basic_sal_annum='{$basic_sal_annum}', sal_bonus='{$sal_bonus}', \n\t\t\tsal_bonus_month='{$sal_bonus_month}', all_travel='{$all_travel}', comp_uif='{$comp_uif}', comp_sdl='{$comp_sdl}', \n\t\t\temp_uif='{$emp_uif}', comp_pension='{$comp_pension}', emp_pension='{$emp_pension}', comp_ret='{$comp_ret}', \n\t\t\temp_ret='{$emp_ret}', comp_medical='{$comp_medical}', emp_medical='{$emp_medical}', emp_meddeps='{$emp_meddeps}', \n\t\t\tcomp_provident='{$comp_provident}', emp_provident='{$emp_provident}', comp_other='{$comp_other}', \n\t\t\temp_other='{$emp_other}', payprd='{$payprd}', saltyp='{$saltyp}', department = '{$department}', occ_cat = '{$occ_cat}', \n\t\t\tocc_level = '{$occ_level}', pos_filled = '{$pos_filled}', temporary = '{$temporary}', \n\t\t\ttermination_date = '{$termination_date}', recruitment_from = '{$recruitment_from}', \n\t\t\temployment_reason = '{$employment_reason}', union_name = '{$union_name}', union_mem_num = '{$union_mem_num}', \n\t\t\tunion_pos = '{$union_pos}', race = '{$race}', disabled_stat = '{$disabled_stat}', fringe_car1='{$fringe_car1}', \n\t\t\tfringe_car1_contrib='{$fringe_car1_contrib}', fringe_car1_fuel='{$fringe_car1_fuel}', \n\t\t\tfringe_car1_service='{$fringe_car1_service}', fringe_car2='{$fringe_car2}', \n\t\t\tfringe_car2_contrib='{$fringe_car2_contrib}', fringe_car2_fuel='{$fringe_car2_fuel}', \n\t\t\tfringe_car2_service='{$fringe_car2_service}', flag=NULL,prevemp_remun='{$prevemp_remun}', \n\t\t\tprevemp_tax='{$prevemp_tax}', emp_group='{$emp_group}', person_nature = '{$person_nature}', \n\t\t\tmedical_aid = '{$medical_aid}', medical_aid_number = '{$medical_aid_number}', emp_usescales = '{$emp_usescales}' \n\t\tWHERE empnum = '{$empnum}' AND div = '" . USER_DIV . "'";
$nwEmpRslt = db_exec($sql) or errDie("Unable to update employee information.");
//-----------------------------------------------------------------------------
if (isset($allowid)) {
# Remove old details
$sql = "DELETE FROM empallow WHERE empnum = '{$empnum}' AND div = '" . USER_DIV . "'";
$allowRslt = db_exec($sql);
# write Allowances to db
foreach ($allowid as $i => $id) {
if (empty($allowances[$i]) || $allowances[$i] == 0) {
continue;
}
# Insert new records
$allowances[$i] += 0;
$allowances[$i] = sprint($allowances[$i]);
$sql = "\n\t\t\t\tINSERT INTO empallow (\n\t\t\t\t\tallowid, empnum, type, amount, accid, div\n\t\t\t\t) VALUES (\n\t\t\t\t\t'{$id}', '{$empnum}', '{$allowtype[$i]}', '{$allowances[$i]}', '{$allowaccid[$i]}', '" . USER_DIV . "'\n\t\t\t\t)";
$allowRslt = db_exec($sql) or errDie("Unable to process Employee allowances in database.");
}
}
if (isset($subsname)) {
$inssub = new dbUpdate("emp_subsistence", "cubit");
foreach ($subsname as $sid => $sn) {
$subsamt[$sid] += 0;
$cols = grp(m("subid", $sid), m("empnum", $empnum), m("amount", $subsamt[$sid]), m("days", $subsdays[$sid]), m("accid", $subsacc[$sid]));
$inssub->setOpt($cols, wgrp(m("subid", $sid), m("empnum", $empnum)));
$inssub->run(DB_REPLACE);
}
}
if (isset($deductid)) {
# Remove old records
$sql = "DELETE FROM empdeduct WHERE empnum = '{$empnum}' AND div = '" . USER_DIV . "'";
$deductRslt = db_exec($sql);
# write Deductions to db
foreach ($deductid as $i => $id) {
if (isset($ltsal_checked[$i])) {
$ltsal = "y";
} else {
$ltsal = "n";
}
# Insert new records
if (empty($deductions[$i]) || $deductions[$i] == 0) {
continue;
}
if (empty($comp_deductions[$i])) {
$comp_deductions[$i] = 0;
}
$deductions[$i] += 0;
$deductions[$i] = sprint($deductions[$i]);
$comp_deductions[$i] += 0;
$sql = "\n\t\t\t\tINSERT INTO empdeduct (\n\t\t\t\t\tdedid, empnum, amount, employer_amount, div, type, \n\t\t\t\t\temployer_type, grosdeduct, accid\n\t\t\t\t) VALUES (\n\t\t\t\t\t'{$id}', '{$empnum}', '{$deductions[$i]}', '{$comp_deductions[$i]}', '" . USER_DIV . "', '{$deducttype[$i]}', \n\t\t\t\t\t'{$deducttype[$i]}', '{$ltsal}', '{$deductaccid[$i]}'\n\t\t\t\t)";
$deductRslt = db_exec($sql) or errDie("Unable to process Employee deductions in database.");
}
}
if (isset($fringeid)) {
$sql = "DELETE FROM empfringe WHERE empnum='{$empnum}' AND div='" . USER_DIV . "'";
$rslt = db_exec($sql) or errDie("Error updating fringe benefits (DEL).");
foreach ($fringeid as $i => $id) {
if (empty($fringebens[$i]) || $fringebens[$i] == 0) {
continue;
}
$fringebens[$i] += 0;
$sql = "\n\t\t\t\tINSERT INTO empfringe (\n\t\t\t\t\tfringeid, empnum, amount, type, accid, div\n\t\t\t\t) VALUES (\n\t\t\t\t\t'{$id}', '{$empnum}', '{$fringebens[$i]}', '{$fringetype[$i]}', '{$fringeexpacc[$i]}', '" . USER_DIV . "'\n\t\t\t\t)";
$rslt = db_exec($sql) or errDie("Error updating fringe benefits (INS#{$id}).");
}
}
db_conn('cubit');
$Sl = "SELECT * FROM costcenters";
$Ri = db_exec($Sl);
$i = 0;
$Sl = "DELETE FROM empc WHERE emp='{$empnum}'";
$Rl = db_exec($Sl);
while ($data = pg_fetch_array($Ri)) {
if ($ct[$data['ccid']] > 0) {
$Sl = "INSERT INTO empc(cid,emp,amount) VALUES ('{$data['ccid']}','{$empnum}','" . $ct[$data['ccid']] . "')";
$Rl = db_exec($Sl);
}
$i++;
}
# Provide some info on status
$writeEmp = "\n\t\t<table " . TMPL_tblDflts . " width='50%'>\n\t\t\t<tr>\n\t\t\t\t<th>Employee details edited</th>\n\t\t\t</tr>\n\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t<td>Employee details for employee number, {$enum}, has been successfully edited.</td>\n\t\t\t</tr>\n\t\t</table>" . mkQuickLinks(ql("../admin-employee-add.php", "Add Employee"));
return $writeEmp;
}