$post_data = json_encode(array('error' => $post_data), JSON_FORCE_OBJECT); echo $post_data; } break; case 'get_attendance': if (isset($_GET['session_id']) && $_GET['session_id'] != "" && isset($_GET['token']) && $_GET['token'] != "") { getAttendance($conn, $_GET['token'], $_GET['session_id']); } else { $post_data = array('message' => 'missing parameters', 'comment' => 'require param [session_id]'); $post_data = json_encode(array('error' => $post_data), JSON_FORCE_OBJECT); echo $post_data; } break; case 'add_attendance': if (isset($_GET['session_id']) && $_GET['session_id'] != "" && isset($_GET['status_set']) && $_GET['status_set'] != "" && isset($_GET['taken_by']) && $_GET['taken_by'] != "" && isset($_GET['data']) && $_GET['data'] != "" && isset($_GET['time']) && $_GET['time'] != "") { addAttendance($conn, $_GET['session_id'], $_GET['status_set'], $_GET['taken_by'], $_GET['time'], $_GET['data']); } else { $post_data = array('message' => 'missing parameters', 'comment' => 'require param [session_id,status_set,taken_by,time,data]'); $post_data = json_encode(array('error' => $post_data), JSON_FORCE_OBJECT); echo $post_data; } break; case 'add_session': if (isset($_GET['attendance_id']) && $_GET['attendance_id'] != "" && isset($_GET['session_date']) && $_GET['session_date'] != "" && isset($_GET['duration']) && $_GET['duration'] != "" && isset($_GET['time_modified']) && $_GET['time_modified'] != "" && isset($_GET['description']) && $_GET['description'] != "") { addSession($conn, $_GET['attendance_id'], $_GET['session_date'], $_GET['duration'], $_GET['time_modified'], $_GET['description']); } else { $post_data = array('message' => 'missing parameters', 'comment' => 'require param [attendance_id,session_date,duration,time_modified,description]'); $post_data = json_encode(array('error' => $post_data), JSON_FORCE_OBJECT); echo $post_data; } break;
} else { $smarty->assign("url", "./index.php?page=listMembers"); } $smarty->display('redirect.tpl'); break; case 'addAttendance': //++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++// $formData['member'] = db_clean_int($_POST['member']); $formData['meeting'] = db_clean_int($_POST['meeting']); //Verify form if (!secureform_test_pk($verify_key, $verify_action, $formData['meeting'])) { $smarty->assign("url", "./index.php?page=addAttendance&meeting=" . $formData['meeting']); $smarty->display('redirectError.tpl'); exit; } addAttendance($formData['member'], $formData['meeting']); $smarty->assign("url", "./index.php?page=listAttendance&meeting=" . $formData['meeting']); $smarty->display('redirect.tpl'); break; case 'updateAttendance': //++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++// $formData['position'] = db_clean_int($_POST['position']); $formData['status'] = db_clean_int($_POST['status']); $formData['id'] = db_clean_int($_POST['id']); //Verify form if (!secureform_test_pk($verify_key, $verify_action, $formData['id'])) { $smarty->assign("url", "./index.php?page=updateAttendance&attendance=" . $formData['id']); $smarty->display('redirectError.tpl'); exit; } $meeting = retreiveAttendanceMeetingId($formData['id']);
* Time: 18:28 */ include_once 'tools.php'; include_once 'SQLSafe.php'; $SQLSafe = new SQLSafe(); $userID = $_POST['userID']; $date = $_POST['date']; $status = $_POST['status']; function addAttendance($userID, $date, $status) { $conn = tools::connectDatabase(); $check = 'bad'; $data = array(); $result = mysqli_query($conn, "SELECT * FROM Attendances WHERE EmployeeID={$userID}"); while ($row = mysqli_fetch_array($result)) { array_push($data, $row['Date']); } for ($i = 0; $i < count($data); $i++) { if ($data[$i] == $date) { $check = "good"; } } if ($check == "good") { echo "failed"; } else { mysqli_query($conn, "INSERT INTO Attendances(EmployeeID,StatusID,Date) VALUES('{$userID}','{$status}','{$date}') "); echo "success"; } } addAttendance($userID, $date, $status);