<?php
$idNo = $_SESSION['idNo'];
$count = 0;
require_once 'includes/database_master.inc.php';
$database_master = new DatabaseMaster();
$query = "SELECT *\n FROM projects\n WHERE submittedTo = {$idNo} AND status='pending';\n ";
$queryResult = $database_master->queryCount($query);
$count += $queryResult;
$query1 = "SELECT *\n FROM reports\n WHERE reportedTo = {$idNo} AND status='pending';\n ";
$queryResult1 = $database_master->queryCount($query1);
$count += $queryResult1;
if ($count > 0) {
?>
<span class="badge"><?php
echo $count;
?>
</span>
<?php
}
?>
<?php
require_once 'includes/database_master.inc.php';
require_once 'includes/page_master.inc.php';
$page_master = new PageMaster();
$database_master = new DatabaseMaster();
$filename = "node_list";
$query = "SELECT n.*, c.*\n FROM node AS n\n LEFT JOIN cabinet AS c\n ON n.cabinetNo = c.cabinetNo";
$result = $database_master->querySelect($query);
$file_ending = "xls";
header("Content-Type: application/xls");
header("Content-Disposition: attachment; filename={$filename}.xls");
header("Pragma: no-cache");
header("Expires: 0");
echo "Node Name\t";
echo "Node Type\t";
echo "SIN #\t";
echo "Electric Meter #\t";
echo "Cabinet #\t";
echo "Cabinet Type\t";
echo "Homing CO\t";
echo "Location\t";
print "\n";
foreach ($result as $row) {
$null = "NOT FOUND";
echo $row['nodeName'] . "\t";
echo $row['node_type'] . "\t";
if (empty($row['sinNo'])) {
echo $null . "\t";
} else {
echo $row['sinNo'] . "\t";
<?php
require_once 'includes/database_master.inc.php';
require_once 'includes/session_master.inc.php';
require_once 'includes/page_master.inc.php';
$database_master = new DatabaseMaster();
$page_master = new PageMaster();
$session_master = new SessionMaster();
$cabinetNo = $_POST['cabinetNo'];
$nodeName = $_POST['nodeName'];
$nodeType = $_POST['nodeType'];
$sinNumber = $_POST['sinNumber'];
$ElectricMeterNo = $_POST['ElectricMeterNo'];
$office = $_POST['office'];
$nodeLocation = $_POST['nodelocation'];
$cabinetNo = $database_master->escapeString($cabinetNo);
$nodeName = $database_master->escapeString($nodeName);
$sinNumber = $database_master->escapeString($sinNumber);
$ElectricMeterNo = $database_master->escapeString($ElectricMeterNo);
$office = $database_master->escapeString($office);
$nodeLocation = $database_master->escapeString($nodeLocation);
$nodeName = $database_master->escapeString($nodeName);
$query = "INSERT INTO node (nodeName, sinNo, electricMeterNo, node_type, cabinetNo, central_officeName, nodeLocation)\n\t\t\t VALUES ('{$nodeName}','{$sinNumber}', '{$ElectricMeterNo}','{$node_type}','{$cabinetNo}','{$office}','{$nodeLocation}')";
if ($database_master->queryUpdate($query)) {
$page_master->redirectUser('index.php?add_node=success');
} else {
$page_master->redirectUser('index.php?add_node=failed');
}
<?php
require_once 'includes/database_master.inc.php';
require_once 'includes/page_master.inc.php';
require_once 'includes/session_master.inc.php';
$database_master = new DatabaseMaster();
$page_master = new PageMaster();
$session_master = new SessionMaster();
$query = "DELETE FROM users WHERE idNo=" . $_GET['idNo'];
if ($database_master->queryUpdate($query)) {
$page_master->redirectUser('index.php?user_delete=success&user='******'idNo']);
} else {
$page_master->redirectUser('index.php?user_delete=failed');
}
<?php
require_once 'includes/database_master.inc.php';
require_once 'includes/page_master.inc.php';
require_once 'includes/session_master.inc.php';
$database_master = new DatabaseMaster();
$page_master = new PageMaster();
$idNo = $_POST['idNo'];
$idNo = $database_master->escapeString($idNo);
$password = $_POST['password'];
$password = $database_master->escapeString($password);
$query = "SELECT idNo FROM users WHERE idNo = '{$idNo}' AND password = SHA('{$password}')";
$queryResult = $database_master->querySelect($query);
if (is_array($queryResult) && count($queryResult)) {
$session_master = new SessionMaster();
$session_master->logUserIn($idNo);
$page_master->redirectUser("index.php");
} else {
$page_master->redirectUser('index.php?error=login');
}
<?php
require_once 'includes/database_master.inc.php';
require_once 'includes/page_master.inc.php';
require_once 'includes/session_master.inc.php';
$database_master = new DatabaseMaster();
$page_master = new PageMaster();
$session_master = new SessionMaster();
$title = $_POST['title'];
$title = $database_master->escapeString($title);
$idNo = $_POST['idNo'];
$idNo = $database_master->escapeString($idNo);
$idNoFrom = $_SESSION['idNo'];
$idNoFrom = $database_master->escapeString($idNoFrom);
if (isset($_POST['nodeName'])) {
$nodeName = $_POST['nodeName'];
$nodeName = "'" . $database_master->escapeString($nodeName) . "'";
$cabinetNo = 'null';
} else {
$cabinetNo = $_POST['cabinetNo'];
$cabinetNo = "'" . $database_master->escapeString($cabinetNo) . "'";
$nodeName = 'null';
}
$faultDescription = $_POST['faultDescription'];
$faultDescription = $database_master->escapeString($faultDescription);
$redirectPage = 'index.php?';
if ($database_master->checkIdNo($idNo)) {
$errors['idNo'] = $idNo;
$redirectPage .= 'id=' . $idNo;
}
if (isset($_POST['nodeName']) && $database_master->checkNodeName($nodeName)) {
<?php
include "includes/database_master.inc.php";
session_start();
if ($_GET['type'] == 'cabinetNo' && !empty($_GET['name_startsWith'])) {
$database_master = new DatabaseMaster();
$query = "SELECT cabinetNo FROM cabinet WHERE cabinetNo LIKE '" . strtoupper($_GET['name_startsWith']) . "%' LIMIT 10";
$data = $database_master->querySearch($query, 'cabinetNo');
echo json_encode($data);
} else {
if ($_GET['type'] == 'employee' && !empty($_GET['name_startsWith'])) {
$database_master = new DatabaseMaster();
$query = "SELECT CONCAT(firstName, ' ', lastName, '(', idNo, ')') as employee FROM users \n\t\t\tWHERE (firstName LIKE '" . strtoupper($_GET['name_startsWith']) . "%'\n\t\t\tOR lastName LIKE'" . strtoupper($_GET['name_startsWith']) . "%'\n\t\t\tOR CONCAT(firstName, ' ', lastName) LIKE'" . strtoupper($_GET['name_startsWith']) . "%'\n\t\t\tOR idNo LIKE '" . strtoupper($_GET['name_startsWith']) . "%') \n\t\t\tAND NOT idNo=" . $_SESSION['idNo'] . " LIMIT 10";
$data = $database_master->querySearch($query, 'employee');
echo json_encode($data);
} else {
if ($_GET['type'] == 'nodeName' && !empty($_GET['name_startsWith'])) {
$database_master = new DatabaseMaster();
$query = "SELECT nodeName FROM node WHERE nodeName LIKE '" . strtoupper($_GET['name_startsWith']) . "%' LIMIT 10";
$data = $database_master->querySearch($query, 'nodeName');
echo json_encode($data);
}
}
}
<?php
require_once 'includes/database_master.inc.php';
require_once 'includes/page_master.inc.php';
require_once 'includes/session_master.inc.php';
$database_master = new DatabaseMaster();
$page_master = new PageMaster();
$session_master = new SessionMaster();
$idNo = $_POST['idno'];
$idNo = $database_master->escapeString($idNo);
$firstName = $_POST['firstname'];
$firstName = $database_master->escapeString($firstName);
$lastName = $_POST['lastname'];
$lastName = $database_master->escapeString($lastName);
$password = $_POST['password'];
$password = $database_master->escapeString($password);
$repass = $_POST['repass'];
$repass = $database_master->escapeString($repass);
$user_type = $_POST['user_type'];
$user_type = $database_master->escapeString($user_type);
$office = $_POST['office'];
$office = $database_master->escapeString($office);
$position = $_POST['position'];
$position = $database_master->escapeString($position);
$redirectPage = 'index.php?';
if (!$database_master->checkIdNo($idNo)) {
$errors['idNo'] = $idNo;
$redirectPage .= 'id=' . $idNo;
}
if ($password != $repass) {
$errors['password'] = "******";
<?php
require_once 'includes/database_master.inc.php';
require_once 'includes/session_master.inc.php';
require_once 'includes/page_master.inc.php';
$database_master = new DatabaseMaster();
$page_master = new PageMaster();
$session_master = new SessionMaster();
$cabinetNo = $_POST['cabinetNo'];
$cabinetType = $_POST['cabinetType'];
$cabinetNo = $database_master->escapeString($cabinetNo);
$cabinetType = $database_master->escapeString($cabinetType);
$query = "INSERT INTO cabinet (cabinetNo, cabinet_type) VALUES ('{$cabinetNo}', '{$cabinetType}')";
if ($database_master->queryUpdate($query)) {
$page_master->redirectUser('index.php?cab_add=success');
} else {
$page_master->redirectUser('index.php?cab_add=failed');
}