function accounts($ids = null)
{
$user = new userModel();
$id = $user->getId();
$authLevel = $user->getAuthLevel();
$accounts = new userModel();
$users = $accounts->listActive();
$data = array();
if ($ids == null) {
if (count($users) > 0) {
foreach ($users as $user) {
if ($user['type'] == 'part') {
$type = 'Part Time';
}
if ($user['type'] == 'full') {
$type = 'Full Time';
}
if ($user['supervisorId'] == $id) {
$data[$user['id']] = $user['lastName'] . ", " . $user['firstName'] . " ({$type})";
} elseif ($authLevel >= 900) {
$data[$user['id']] = $user['lastName'] . ", " . $user['firstName'] . " ({$type})";
}
}
}
} else {
if (count($users) > 0) {
foreach ($users as $user) {
$data[] = $user['id'];
}
}
}
return $data;
}
public function accounts($ids = null)
{
$user = new userModel();
$id = $user->getId();
$authLevel = $user->getAuthLevel();
$accounts = new userModel();
$users = $accounts->listAll();
$data = array();
if ($ids == null) {
if ($user->getAuthLevel() >= 900) {
$data['all'] = "All Accounts";
}
foreach ($users as $user) {
if ($user['supervisorId'] == $id) {
$data[$user['id']] = $user['lastName'] . ", " . $user['firstName'] . " (" . $user['type'] . ")";
} elseif ($authLevel >= 900) {
$data[$user['id']] = $user['lastName'] . ", " . $user['firstName'] . " (" . $user['type'] . ")";
}
}
} else {
$data[] = "all";
foreach ($users as $user) {
$data[] = $user['id'];
}
}
return $data;
}
function getStaffIds($inactive = null)
{
$auth = Staple_Auth::get();
$user = new userModel($auth->getAuthId());
$userId = $user->getId();
$authLevel = $user->getAuthLevel();
$data = array();
if ($authLevel >= 900) {
if ($inactive == 1) {
$sql = "\n SELECT id, firstName, lastName FROM accounts WHERE status = 0 ORDER BY lastName ASC\n ";
} else {
$sql = "\n SELECT id, firstName, lastName FROM accounts WHERE status = 1 ORDER BY lastName ASC\n ";
}
} else {
if ($inactive == 1) {
$sql = "\n SELECT id, firstName, lastName FROM accounts WHERE status = 0 AND supervisorId = '" . $this->db->real_escape_string($userId) . "' ORDER BY lastName ASC\n ";
} else {
$sql = "\n SELECT id, firstName, lastName FROM accounts WHERE status = 1 AND supervisorId = '" . $this->db->real_escape_string($userId) . "' ORDER BY lastName ASC\n ";
}
}
$query = $this->db->query($sql);
while ($result = $query->fetch_assoc()) {
$data[$result['id']] = $result['lastName'] . ", " . $result['firstName'];
}
return $data;
}
public function _start()
{
$this->_setLayout('main');
$auth = Staple_Auth::get();
$user = new userModel();
$user->userInfo($auth->getAuthId());
$this->userId = $user->getId();
$this->accountLevel = $user->getAuthLevel();
}
public function _start()
{
$this->_setLayout('main');
$auth = Staple_Auth::get();
$this->authLevel = $auth->getAuthLevel();
$user = new userModel();
$this->uid = $user->getId();
if ($this->authLevel < 500) {
header("location:" . $this->_link(array('index', 'index')) . "");
}
}
function getYears()
{
$db = Staple_DB::get();
//Get user ID from Auth
$user = new userModel();
$userId = $user->getId();
//$sql = "SELECT YEAR(FROM_UNIXTIME(inTime)) AS 'year' FROM timeEntries WHERE userId = $userId GROUP BY year ORDER by year ASC";
$sql = "SELECT YEAR(FROM_UNIXTIME(inTime)) AS 'year' FROM timeEntries GROUP BY year ORDER by year ASC";
if ($db->query($sql)->num_rows > 0) {
$query = $db->query($sql);
$data = array();
while ($result = $query->fetch_assoc()) {
$data[$result['year']] = $result['year'];
}
return $data;
} else {
return array();
}
}
public function _start()
{
$user = new userModel();
$this->authLevel = $user->getAuthLevel();
$this->userId = $user->getId();
}
function genSetNewBatch()
{
$this->db = Staple_DB::get();
$user = new userModel();
$userId = $user->getId();
$oldKey = $user->getBatchId();
$key = sha1(time() . $user->getUsername() . rand(999, 9999999999.0));
//Check if key exists
$sql = "SELECT id FROM accounts WHERE batchId = '" . $this->db->real_escape_string($key) . "'";
if ($this->db->query($sql)->fetch_row() > 0) {
//Key already in use
return false;
} else {
//Set new key in user account
$sql = "UPDATE accounts SET batchId='" . $this->db->real_escape_string($key) . "' WHERE id={$userId}";
if ($this->db->query($sql)) {
//Log Audit
$audit = new auditModel();
$audit->setAction('Timesheet Validation');
$audit->setUserId($userId);
$audit->setItem('Batch: ' . $oldKey);
$audit->save();
return true;
} else {
return false;
}
}
}
function adminSave()
{
if (isset($this->userId)) {
//Check for current account.
$currentUser = new userModel();
if ($this->userId != $currentUser->getId()) {
$inTime = strtotime($this->getDate() . " " . $this->getInTime());
$outTime = strtotime($this->getDate() . " " . $this->getOutTime());
$sql = "\n INSERT INTO timeEntries\n (userId,inTime,outTime,lessTime,codeId,note,batchId)\n VALUES (\n '" . $this->db->real_escape_string($this->userId) . "',\n '" . $this->db->real_escape_string($inTime) . "',\n '" . $this->db->real_escape_string($outTime) . "',\n '" . $this->db->real_escape_string($this->lessTime) . "',\n '" . $this->db->real_escape_string($this->codeId) . "',\n '" . $this->db->real_escape_string($this->note) . "',\n '" . $this->db->real_escape_string("ADMIN ADD") . "'\n )\n ";
if ($this->db->query($sql)) {
$user = new userModel();
$audit = new auditModel();
$audit->setUserId($this->userId);
$audit->setAction('Admin Entry Add');
$audit->setItem($user->getUsername() . " added entry for " . $this->getDate() . ". In Time: " . $this->inTime . "/Out Time: " . $this->outTime . "");
$audit->save();
return true;
}
}
}
}
function save()
{
if (isset($this->accountId) && isset($this->payPeriodYear) && isset($this->payPeriodMonth)) {
//Get current users ID.
$user = new userModel();
$supervisorId = $user->getId();
$supervisorName = $user->getUsername();
$sql = "INSERT INTO timesheetReview (accountId, payPeriodMonth, payPeriodYear, supervisorId) VALUES ('" . $this->db->real_escape_string($this->accountId) . "','" . $this->db->real_escape_string($this->payPeriodMonth) . "','" . $this->db->real_escape_string($this->payPeriodYear) . "','" . $this->db->real_escape_string($supervisorId) . "')";
if ($this->db->query($sql)) {
$employeeUser = new userModel();
$details = $employeeUser->userInfo($this->accountId);
$month = $this->payPeriodMonth;
$dateObj = DateTime::createFromFormat('!m', $month);
$monthName = $dateObj->format('F');
$audit = new auditModel();
$audit->setUserId($this->accountId);
$audit->setAction('Timesheet Review');
$audit->setItem($supervisorName . " reviewed " . $details['username'] . " timesheet for " . $monthName . " " . $this->payPeriodYear);
$audit->save();
return true;
}
}
}
private function loadSupervisorMessages()
{
$user = new userModel();
$userId = $user->getId();
$date = new DateTime();
$date->setTime(0, 0, 0);
$sql = "SELECT id FROM privateMessages WHERE supervisorId = '" . $userId . "' AND expireDate >= '" . $date->format('U') . "' ORDER BY postDate ASC";
$query = $this->db->query($sql);
$data = array();
while ($result = $query->fetch_assoc()) {
$message = new privateMessageModel();
$data[] = $message->supervisorLoad($result['id']);
}
return $data;
}
function save()
{
if (isset($this->id)) {
//update
$sql = "UPDATE privateMessages SET message = '" . $this->message . "', expireDate ='" . $this->expireDate . "' WHERE id = '" . $this->id . "' ";
if ($this->db->query($sql)) {
return true;
}
} else {
//save
$date = new DateTime();
$datetime = $date->format('U');
$user = new userModel();
$superId = $user->getId();
$sentId = $user->getId();
$sql = "INSERT INTO privateMessages (message,postDate,expireDate,userId,supervisorId,sentId) VALUES ('" . $this->message . "','" . $datetime . "','" . $this->expireDate . "','" . $this->userId . "','" . $superId . "','" . $sentId . "')";
if ($this->db->query($sql)) {
return true;
}
}
}
function unlock($id)
{
$sql = "\n SELECT userId FROM timeEntries WHERE id = '" . $this->db->real_escape_string($id) . "';\n ";
if ($this->db->query($sql)->num_rows > 0) {
$query = $this->db->query($sql);
$result = $query->fetch_assoc();
$userId = $result['userId'];
$user = new userModel();
$user = $user->userInfo($userId);
$userId = $user['id'];
$batchId = $user['batchId'];
//Check if it's for the same user.
$currentUser = new userModel();
if ($currentUser->getId() != $userId) {
$sql = "\n UPDATE timeEntries SET batchId = '" . $this->db->real_escape_string($batchId) . "' WHERE id = '" . $this->db->real_escape_string($id) . "'\n ";
if ($this->db->query($sql)) {
$audit = new auditModel();
$audit->setUserId($userId);
$audit->setAction('Single Entry Unlock');
$audit->setItem($this->username . " unlocked time entry " . $id);
$audit->save();
return true;
}
}
}
}