function accounts($ids = null)
 {
     $user = new userModel();
     $id = $user->getId();
     $authLevel = $user->getAuthLevel();
     $accounts = new userModel();
     $users = $accounts->listActive();
     $data = array();
     if ($ids == null) {
         if (count($users) > 0) {
             foreach ($users as $user) {
                 if ($user['type'] == 'part') {
                     $type = 'Part Time';
                 }
                 if ($user['type'] == 'full') {
                     $type = 'Full Time';
                 }
                 if ($user['supervisorId'] == $id) {
                     $data[$user['id']] = $user['lastName'] . ", " . $user['firstName'] . " ({$type})";
                 } elseif ($authLevel >= 900) {
                     $data[$user['id']] = $user['lastName'] . ", " . $user['firstName'] . " ({$type})";
                 }
             }
         }
     } else {
         if (count($users) > 0) {
             foreach ($users as $user) {
                 $data[] = $user['id'];
             }
         }
     }
     return $data;
 }
Пример #2
0
 public function accounts($ids = null)
 {
     $user = new userModel();
     $id = $user->getId();
     $authLevel = $user->getAuthLevel();
     $accounts = new userModel();
     $users = $accounts->listAll();
     $data = array();
     if ($ids == null) {
         if ($user->getAuthLevel() >= 900) {
             $data['all'] = "All Accounts";
         }
         foreach ($users as $user) {
             if ($user['supervisorId'] == $id) {
                 $data[$user['id']] = $user['lastName'] . ", " . $user['firstName'] . " (" . $user['type'] . ")";
             } elseif ($authLevel >= 900) {
                 $data[$user['id']] = $user['lastName'] . ", " . $user['firstName'] . " (" . $user['type'] . ")";
             }
         }
     } else {
         $data[] = "all";
         foreach ($users as $user) {
             $data[] = $user['id'];
         }
     }
     return $data;
 }
Пример #3
0
 function getStaffIds($inactive = null)
 {
     $auth = Staple_Auth::get();
     $user = new userModel($auth->getAuthId());
     $userId = $user->getId();
     $authLevel = $user->getAuthLevel();
     $data = array();
     if ($authLevel >= 900) {
         if ($inactive == 1) {
             $sql = "\n                SELECT id, firstName, lastName FROM accounts WHERE status = 0 ORDER BY lastName ASC\n                ";
         } else {
             $sql = "\n                SELECT id, firstName, lastName FROM accounts WHERE status = 1 ORDER BY lastName ASC\n                ";
         }
     } else {
         if ($inactive == 1) {
             $sql = "\n                SELECT id, firstName, lastName FROM accounts WHERE status = 0 AND supervisorId = '" . $this->db->real_escape_string($userId) . "' ORDER BY lastName ASC\n                ";
         } else {
             $sql = "\n                SELECT id, firstName, lastName FROM accounts WHERE status = 1 AND supervisorId = '" . $this->db->real_escape_string($userId) . "' ORDER BY lastName ASC\n                ";
         }
     }
     $query = $this->db->query($sql);
     while ($result = $query->fetch_assoc()) {
         $data[$result['id']] = $result['lastName'] . ", " . $result['firstName'];
     }
     return $data;
 }
Пример #4
0
 public function _start()
 {
     $this->_setLayout('main');
     $auth = Staple_Auth::get();
     $user = new userModel();
     $user->userInfo($auth->getAuthId());
     $this->userId = $user->getId();
     $this->accountLevel = $user->getAuthLevel();
 }
Пример #5
0
 public function _start()
 {
     $this->_setLayout('main');
     $auth = Staple_Auth::get();
     $this->authLevel = $auth->getAuthLevel();
     $user = new userModel();
     $this->uid = $user->getId();
     if ($this->authLevel < 500) {
         header("location:" . $this->_link(array('index', 'index')) . "");
     }
 }
Пример #6
0
 function getYears()
 {
     $db = Staple_DB::get();
     //Get user ID from Auth
     $user = new userModel();
     $userId = $user->getId();
     //$sql = "SELECT YEAR(FROM_UNIXTIME(inTime)) AS 'year' FROM timeEntries WHERE userId = $userId GROUP BY year ORDER by year ASC";
     $sql = "SELECT YEAR(FROM_UNIXTIME(inTime)) AS 'year' FROM timeEntries GROUP BY year ORDER by year ASC";
     if ($db->query($sql)->num_rows > 0) {
         $query = $db->query($sql);
         $data = array();
         while ($result = $query->fetch_assoc()) {
             $data[$result['year']] = $result['year'];
         }
         return $data;
     } else {
         return array();
     }
 }
Пример #7
0
 public function _start()
 {
     $user = new userModel();
     $this->authLevel = $user->getAuthLevel();
     $this->userId = $user->getId();
 }
Пример #8
0
 function genSetNewBatch()
 {
     $this->db = Staple_DB::get();
     $user = new userModel();
     $userId = $user->getId();
     $oldKey = $user->getBatchId();
     $key = sha1(time() . $user->getUsername() . rand(999, 9999999999.0));
     //Check if key exists
     $sql = "SELECT id FROM accounts WHERE batchId = '" . $this->db->real_escape_string($key) . "'";
     if ($this->db->query($sql)->fetch_row() > 0) {
         //Key already in use
         return false;
     } else {
         //Set new key in user account
         $sql = "UPDATE accounts SET batchId='" . $this->db->real_escape_string($key) . "' WHERE id={$userId}";
         if ($this->db->query($sql)) {
             //Log Audit
             $audit = new auditModel();
             $audit->setAction('Timesheet Validation');
             $audit->setUserId($userId);
             $audit->setItem('Batch: ' . $oldKey);
             $audit->save();
             return true;
         } else {
             return false;
         }
     }
 }
Пример #9
0
 function adminSave()
 {
     if (isset($this->userId)) {
         //Check for current account.
         $currentUser = new userModel();
         if ($this->userId != $currentUser->getId()) {
             $inTime = strtotime($this->getDate() . " " . $this->getInTime());
             $outTime = strtotime($this->getDate() . " " . $this->getOutTime());
             $sql = "\n                  INSERT INTO timeEntries\n                  (userId,inTime,outTime,lessTime,codeId,note,batchId)\n                  VALUES (\n                  '" . $this->db->real_escape_string($this->userId) . "',\n                  '" . $this->db->real_escape_string($inTime) . "',\n                  '" . $this->db->real_escape_string($outTime) . "',\n                  '" . $this->db->real_escape_string($this->lessTime) . "',\n                  '" . $this->db->real_escape_string($this->codeId) . "',\n                  '" . $this->db->real_escape_string($this->note) . "',\n                  '" . $this->db->real_escape_string("ADMIN ADD") . "'\n                  )\n                ";
             if ($this->db->query($sql)) {
                 $user = new userModel();
                 $audit = new auditModel();
                 $audit->setUserId($this->userId);
                 $audit->setAction('Admin Entry Add');
                 $audit->setItem($user->getUsername() . " added entry for " . $this->getDate() . ". In Time: " . $this->inTime . "/Out Time: " . $this->outTime . "");
                 $audit->save();
                 return true;
             }
         }
     }
 }
Пример #10
0
 function save()
 {
     if (isset($this->accountId) && isset($this->payPeriodYear) && isset($this->payPeriodMonth)) {
         //Get current users ID.
         $user = new userModel();
         $supervisorId = $user->getId();
         $supervisorName = $user->getUsername();
         $sql = "INSERT INTO timesheetReview (accountId, payPeriodMonth, payPeriodYear, supervisorId) VALUES ('" . $this->db->real_escape_string($this->accountId) . "','" . $this->db->real_escape_string($this->payPeriodMonth) . "','" . $this->db->real_escape_string($this->payPeriodYear) . "','" . $this->db->real_escape_string($supervisorId) . "')";
         if ($this->db->query($sql)) {
             $employeeUser = new userModel();
             $details = $employeeUser->userInfo($this->accountId);
             $month = $this->payPeriodMonth;
             $dateObj = DateTime::createFromFormat('!m', $month);
             $monthName = $dateObj->format('F');
             $audit = new auditModel();
             $audit->setUserId($this->accountId);
             $audit->setAction('Timesheet Review');
             $audit->setItem($supervisorName . " reviewed " . $details['username'] . " timesheet for " . $monthName . " " . $this->payPeriodYear);
             $audit->save();
             return true;
         }
     }
 }
Пример #11
0
 private function loadSupervisorMessages()
 {
     $user = new userModel();
     $userId = $user->getId();
     $date = new DateTime();
     $date->setTime(0, 0, 0);
     $sql = "SELECT id FROM privateMessages WHERE supervisorId = '" . $userId . "' AND expireDate >= '" . $date->format('U') . "' ORDER BY postDate ASC";
     $query = $this->db->query($sql);
     $data = array();
     while ($result = $query->fetch_assoc()) {
         $message = new privateMessageModel();
         $data[] = $message->supervisorLoad($result['id']);
     }
     return $data;
 }
Пример #12
0
 function save()
 {
     if (isset($this->id)) {
         //update
         $sql = "UPDATE privateMessages SET message = '" . $this->message . "', expireDate ='" . $this->expireDate . "' WHERE id = '" . $this->id . "' ";
         if ($this->db->query($sql)) {
             return true;
         }
     } else {
         //save
         $date = new DateTime();
         $datetime = $date->format('U');
         $user = new userModel();
         $superId = $user->getId();
         $sentId = $user->getId();
         $sql = "INSERT INTO privateMessages (message,postDate,expireDate,userId,supervisorId,sentId) VALUES ('" . $this->message . "','" . $datetime . "','" . $this->expireDate . "','" . $this->userId . "','" . $superId . "','" . $sentId . "')";
         if ($this->db->query($sql)) {
             return true;
         }
     }
 }
Пример #13
0
 function unlock($id)
 {
     $sql = "\n            SELECT userId FROM timeEntries WHERE id = '" . $this->db->real_escape_string($id) . "';\n        ";
     if ($this->db->query($sql)->num_rows > 0) {
         $query = $this->db->query($sql);
         $result = $query->fetch_assoc();
         $userId = $result['userId'];
         $user = new userModel();
         $user = $user->userInfo($userId);
         $userId = $user['id'];
         $batchId = $user['batchId'];
         //Check if it's for the same user.
         $currentUser = new userModel();
         if ($currentUser->getId() != $userId) {
             $sql = "\n                UPDATE timeEntries SET batchId = '" . $this->db->real_escape_string($batchId) . "' WHERE id = '" . $this->db->real_escape_string($id) . "'\n                ";
             if ($this->db->query($sql)) {
                 $audit = new auditModel();
                 $audit->setUserId($userId);
                 $audit->setAction('Single Entry Unlock');
                 $audit->setItem($this->username . " unlocked time entry " . $id);
                 $audit->save();
                 return true;
             }
         }
     }
 }