<?php
session_start();
include "Helpers/Reject.php";
Reject::permission($_SESSION['NewUser']);
$_SESSION['redir'] = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
$isBossFlex = isset($_SESSION['bossflex']);
if ($isBossFlex) {
include "DB/Models/BossFlexEmployee.php";
/** @var BossFlexEmployee $Employee */
$Employee = unserialize($_SESSION['NewUser']);
$employeeProperties = $Employee->getProperties();
} else {
include "DB/Models/Employee.php";
/** @var Employee $Employee */
$Employee = unserialize($_SESSION['NewUser']);
$employeeProperties = $Employee->getProperties();
}
?>
<html>
<body>
<h2>Register</h2>
<h3>Please fill out all information below</h3>
<form action="RegistrationComplete.php" method="post">
<p>Password <br>
<input type="password" name="password"></p>
<?php
if ($isBossFlex) {
foreach (BossFlexEmployee::$displayItems as $key => $value) {
<?php
session_start();
include "../../bossflex/Helpers/Reject.php";
Reject::permission($_SESSION['hradmin']);
if (!isset($_GET['Email']) || !isset($_GET['Disable'])) {
header('Location:https://' . $_SESSION['redir'] . "?result=A server error occurred. Please try again.");
}
include "../../bossflex/DB/Models/User.php";
/** @var User $User */
$User = User::getUserByEmail($_GET['Email']);
if ($User->getCID() != $_SESSION['hradmin']['CID'] && $_SESSION['hradmin']['CID'] != 1 || !$User) {
header('Location:https://' . $_SESSION['redir'] . "?result=Error: Incorrect data received");
}
if ($_GET['Disable'] == 1) {
if ($_SESSION['hradmin']['CID'] == 1) {
User::disableUser($User->getUID(), 6);
} else {
User::disableUser($User->getUID(), 4);
}
header('Location:https://' . $_SESSION['redir'] . "?result=" . $User->getEmail() . " disabled");
} else {
User::enableUser($User->getUID());
header('Location:https://' . $_SESSION['redir'] . "?result=" . $User->getEmail() . " enabled");
}
<?php
session_start();
include "../../bossflex/Helpers/Reject.php";
Reject::permission($_SESSION['bfUser']);
include "../../bossflex/DB/Models/BossFlexEmployee.php";
include "../../bossflex/DB/Models/Employee.php";
include "../../bossflex/DB/Models/User.php";
include "../../bossflex/DB/Models/Company.php";
include "../../bossflex/DB/Models/Ticket.php";
include "../../bossflex/Helpers/BFPage.php";
include "../../bossflex/Helpers/Material.php";
$bfEmp = BossFlexEmployee::getEmployeeByBFID($_SESSION['bfUser']['EID']);
$User = User::getUserByUID($_SESSION['bfUser']['UID']);
$tickets = Ticket::assignedTicketList($bfEmp);
$ticketData = Ticket::numTicketsPerDayLastMonth();
$error = false;
$success = false;
if (isset($_GET['s'])) {
$success = urldecode($_GET['s']);
}
//Handle Profile Changes
$first = $_POST['first'];
$last = $_POST['last'];
$email = $_POST['email'];
if (isset($first) && isset($last) && isset($email)) {
$User->setEmail($email);
$User->saveToDB();
$bfEmp->setFname($first);
$bfEmp->setLname($last);
$bfEmp->saveToDB();
<?php
session_start();
include "../Helpers/Reject.php";
Reject::permission($_SESSION['HR']);
include "../DB/Models/Employee.php";
include "../DB/Models/Company.php";
include "../Helpers/Material.php";
include "../Helpers/HRAccountPage.php";
$employees = Employee::getEmployeeListForCompany($_SESSION['HR']['CID']);
$cname = Company::getCompanyByID($_SESSION['HR']['CID'])->getCname();
$error = false;
$success = false;
if ($_FILES['accountChanges']['name']) {
if (!$_FILES['accountChanges']['error']) {
$ext = strtolower(end(explode('.', $_FILES['accountChanges']['name'])));
if ($ext == "csv") {
$csv = array_map('str_getcsv', file($_FILES['accountChanges']['tmp_name']));
if ($csv) {
include "../DB/Models/Ticket.php";
$new_file_name = $_SESSION['HR']['UID'] . date(" - Y-m-d H-i-s.") . $ext;
$uploadDir = 'uploads/accountchanges/' . $_SESSION['HR']['CID'] . '/';
$uploadPath = $uploadDir . $new_file_name;
if (is_dir($uploadDir) === false) {
mkdir($uploadDir, 0777, true);
}
move_uploaded_file($_FILES['accountChanges']['tmp_name'], $uploadPath);
Employee::processAccountChanges($csv, $_SESSION['HR']['CID'], $_SESSION['HR']['UID']);
$success = "Changes Submitted";
} else {
$error = "Error Processing CSV File";
<?php
session_start();
require_once "../Reject.php";
require_once "../Controllers/UserController.php";
$permission = false;
if (!Reject::hasAPIPermission()) {
$user = $_POST['username'];
$pass = $_POST['password'];
if (isset($user) && isset($pass)) {
if (UserController::login($user, $pass)) {
$permission = true;
}
}
} else {
$permission = true;
}
if (!$permission) {
echo 'Auth Failed';
exit;
}
if (!isset($_POST['function'])) {
exit;
}
$function = json_decode($_POST['function']);
if ($function['control'] == 'user') {
if (isset($function['control']['add'])) {
$users = json_decode($function['control']['add']);
}
}
