$obj_employee->data["contact_phone"] = @security_form_input_predefined("any", "contact_phone", 0, ""); $obj_employee->data["contact_fax"] = @security_form_input_predefined("any", "contact_fax", 0, ""); $obj_employee->data["contact_email"] = @security_form_input_predefined("email", "contact_email", 0, ""); $obj_employee->data["date_start"] = @security_form_input_predefined("date", "date_start", 1, ""); $obj_employee->data["date_end"] = @security_form_input_predefined("date", "date_end", 0, ""); /* Error Handling */ // verify employee ID if ($obj_employee->id) { if (!$obj_employee->verify_id()) { log_write("error", "staff-edit-process", "The employee you have attempted to edit - " . $obj_employee->id . " - does not exist in this system."); } } // make sure we don't choose a staff name that has already been taken if (!$obj_employee->verify_name_staff()) { log_write("error", "staff-edit-process", "Another staff member already has this name - please choose a unique name."); $_SESSION["error"]["name_staff-error"] = 1; } if ($obj_employee->data["staff_code"]) { if (!$obj_employee->verify_code_staff()) { log_write("error", "staff-edit-process", "Another staff member already has this code - please choose a unique code or leave blank for a default."); $_SESSION["error"]["staff_code-error"] = 1; } } // return to input page in event of any errors if ($_SESSION["error"]["message"]) { if ($obj_employee->id) { header("Location: ../index.php?page=hr/staff-view.php&id=" . $obj_employee->id); exit(0); } else {
function set_employee_details($id, $name_staff, $staff_code, $staff_position, $contact_phone, $contact_fax, $contact_email, $date_start, $date_end) { log_debug("hr_staff_manager", "Executing set_employee_details({$id}, values...)"); if (user_permissions_get("staff_write")) { $obj_employee = new hr_staff(); /* Load POST Data */ $obj_employee->id = @security_script_input_predefined("int", $id); $obj_employee->data["name_staff"] = @security_script_input_predefined("any", $name_staff); $obj_employee->data["staff_code"] = @security_script_input_predefined("any", $staff_code); $obj_employee->data["staff_position"] = @security_script_input_predefined("any", $staff_position); $obj_employee->data["contact_phone"] = @security_script_input_predefined("any", $contact_phone); $obj_employee->data["contact_fax"] = @security_script_input_predefined("any", $contact_fax); $obj_employee->data["contact_email"] = @security_script_input_predefined("email", $contact_email); $obj_employee->data["date_start"] = @security_script_input_predefined("date", $date_start); $obj_employee->data["date_end"] = @security_script_input_predefined("date", $date_end); foreach (array_keys($obj_employee->data) as $key) { if ($obj_employee->data[$key] == "error") { throw new SoapFault("Sender", "INVALID_INPUT"); } } /* Error Handling */ // verify employee ID (if editing an existing employee) if ($obj_employee->id) { if (!$obj_employee->verify_id()) { throw new SoapFault("Sender", "INVALID_ID"); } } // make sure we don't choose a staff name that has already been taken if (!$obj_employee->verify_name_staff()) { throw new SoapFault("Sender", "DUPLICATE_NAME_STAFF"); } // make sure we don't choose a staff code that has already been taken if ($obj_employee->data["staff_code"]) { if (!$obj_employee->verify_code_staff()) { throw new SoapFault("Sender", "DUPLICATE_CODE_STAFF"); } } /* Perform Changes */ if ($obj_employee->action_update()) { return $obj_employee->id; } else { throw new SoapFault("Sender", "UNEXPECTED_ACTION_ERROR"); } } else { throw new SoapFault("Sender", "ACCESS DENIED"); } }