function eventsAction() { $this->_helper->layout->disableLayout(); $this->_helper->viewRenderer->setNoRender(TRUE); $config = Zend_Registry::get("config"); $session = SessionWrapper::getInstance(); $formvalues = $this->_getAllParams(); $acl = getACLInstance(); $user = new UserAccount(); // $user->populate($formvalues['id']); $events = getLeaveRequests("", getYearStart(), getYearEnd()); // debugMessage($events); $jsondata = array(); $i = 0; if (count($events) > 0) { // $jsondata = $events; $leaveoptions = getHoursDaysDropdown(); foreach ($events as $key => $value) { $jsondata[$key]['id'] = $value['id']; $unit = ''; if (!isArrayKeyAnEmptyString($value['durationtype'], $leaveoptions)) { $unit = ' on Leave'; } $jsondata[$key]['title'] = $value['user'] . $unit; $jsondata[$key]['start'] = $value['startdate']; $jsondata[$key]['end'] = $value['enddate']; if (isTimesheetEmployee() && $value['userid'] == $session->getVar('userid') || $acl->checkPermission('Leave', ACTION_APPROVE)) { // $jsondata[$key]['url'] = $this->view->serverUrl($this->view->baseUrl('leave/view/id/'.encode($value['id']))); } } } // debugMessage($jsondata); echo json_encode($jsondata); }
public function viewAction() { $session = SessionWrapper::getInstance(); $failurl = $this->view->baseUrl("index/accessdenied"); $acl = getACLInstance(); $id = decode($this->_getParam('id')); if (!isEmptyString($id) && isTimesheetEmployee() && !isCompanyAdmin() && !isAdmin()) { if ($session->getVar('userid') != $id) { $this->_helper->redirector->gotoUrl($failurl); } } parent::viewAction(); }
public function init() { // initialize the parent controller parent::init(); $session = SessionWrapper::getInstance(); // check whether the user is logged in if (isEmptyString($session->getVar('userid'))) { // clear the session $this->_helper->redirector->gotoSimpleAndExit("login", "user", $this->getRequest()->getModuleName(), array('redirecturl' => encode(Zend_Controller_Front::getInstance()->getRequest()->getRequestUri()))); } $cache = Zend_Registry::get('cache'); // load the acl instance $acl = getACLInstance(); // debugMessage('resource is '.$this->getResourceForACL()." action ".$this->getActionforACL()); exit; if (!$acl->checkPermission($this->getResourceForACL(), $this->getActionforACL())) { // debugMessage('resource is '.$this->getResourceForACL()." action ".$this->getActionforACL()); // redirect to the access denied page $this->_helper->redirector->gotoSimpleAndExit("accessdenied", "index"); } }
function indexAction() { $session = SessionWrapper::getInstance(); $this->_helper->layout->disableLayout(); $this->_helper->viewRenderer->setNoRender(TRUE); $conn = Doctrine_Manager::connection(); $formvalues = $this->_getAllParams(); $userid = $session->getVar('userid'); $companyid = getCompanyID(); $acl = getACLInstance(); $company_query = ""; $company_query = " u.companyid = '" . $companyid . "' AND "; $q = $formvalues['searchword']; $html = ''; $hasdata = false; // ) # search users if loggedin user has access if ($acl->checkPermission('User Account', ACTION_LIST)) { $query = "SELECT u.id FROM useraccount as u \n\t\t\t\tWHERE " . $company_query . "\n\t\t\t (u.firstname like '%" . $q . "%' or \n\t\t\t\tu.lastname like '%" . $q . "%' or \n\t\t\t\tu.othername like '%" . $q . "%' or \n\t\t\t\tu.displayname like '%" . $q . "%' or \n\t\t\t\tu.email like '%" . $q . "%' or \n\t\t\t\tu.phone like '%" . $q . "%' or \n\t\t\t\tu.username like '%" . $q . "%') \n\t\t\t\tGROUP BY u.id\n\t\t\t\torder by u.displayname asc LIMIT 5 "; // debugMessage($query); $result = $conn->fetchAll($query); $count_results = count($result); // debugMessage($result); if ($count_results > 0) { $hasdata = true; $html .= '<div class="separator"><span>Employees</span> <div class="allresults"><a href="' . $this->view->baseUrl('profile/list/searchterm/' . $q) . '" class="blockanchor">...see more results</a></div> </div><ul>'; foreach ($result as $row) { $user = new UserAccount(); $user->populate($row['id']); $b_q = '<b>' . $q . '</b>'; $name = $user->getDisplayName(); $name = str_ireplace($q, $b_q, $name); $position = getDatavariables('EMPLOYEE_POSITIONS', $user->getPosition(), true); $phone = $user->getPhone(); $phone = str_ireplace($q, $b_q, $phone); $email = $user->getEmail(); $email = str_ireplace($q, $b_q, $email); $media = $user->getMediumPicturePath(); $viewurl = $this->view->baseUrl('profile/view/id/' . encode($row['id'])); $html .= ' <li style="height:auto; min-height:90px;" class="display_box" align="left" url="' . $viewurl . '" theid="' . $row['id'] . '"> <a href="' . $viewurl . '" style="color:#666; text-decoration:none;"> <img class="imagecontainer" src="' . $media . '" style="width:78px; height:auto; float:left; margin-right:6px;" /> <div style="margin-left: 70px;"> <span class="name blocked">' . $name . '</span> <span class="name blocked">' . $position . '</span> <span class="blocked" style="margin-top:5px;">Email: ' . $email . '</span> <span class="blocked">Phone: ' . $phone . '</span> </div> </a> </li>'; } } } # add navigation to searchable parameters $result = array('id' => 1, 'users' => ''); # check no data is available for all areas and return no results message if (!$hasdata) { $html .= ' <li class="display_box" align="center" style="height:30px;"> <span style="width:100%; display:block; text-align:center;">No results for <b>' . $q . '</b></span> </li>'; } $html .= '</ul>'; echo $html; }
function isTimesheetEmployee() { $session = SessionWrapper::getInstance(); $acl = getACLInstance(); return $this->getType() == '2' && ($this->getIsTimesheetuser() == '1' || $this->getIsTimesheetuser() == '2') ? true : false; }