function showSecLogDetails($config, $secLogID, $isEditing = false, $isApprove = false)
{
$addSecLog = isset($_POST['addSecLog']) ? true : false;
$logoutSecLog = isset($_POST['logoutSecLog']) ? true : false;
$updateSecLog = isset($_POST['updateSecLog']) ? true : false;
$num_deputies = isset($_POST['num_deputies']) ? $_POST['num_deputies'] : 0;
$totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : 0;
$mysqli = $config->mysqli;
$mysqliReserve = connectToSQL($reserveDB = TRUE);
if ($addSecLog) {
//get passed values
if ($num_deputies > 0) {
for ($i = 0; $i < $num_deputies; $i++) {
$deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : false;
$radioNum[$i] = isset($_POST['radioNum' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['radioNum' . $i])) : '';
$isReserve[$i] = isset($_POST['isReserve' . $i]) ? '1' : '0';
}
}
$address = isset($_POST['address']) ? $mysqli->real_escape_string(strtoupper($_POST['address'])) : '';
$city = isset($_POST['city']) ? $mysqli->real_escape_string(strtoupper($_POST['city'])) : '';
$phone = isset($_POST['phone']) ? $mysqli->real_escape_string($_POST['phone']) : '';
$shiftStart1 = !empty($_POST['shiftStart1']) ? $mysqli->real_escape_string($_POST['shiftStart1']) : '00';
$shiftStart2 = !empty($_POST['shiftStart2']) ? $mysqli->real_escape_string($_POST['shiftStart2']) : '00';
$shiftStart = $shiftStart1 . $shiftStart2 . "00";
$shiftEnd1 = !empty($_POST['shiftEnd1']) ? $mysqli->real_escape_string($_POST['shiftEnd1']) : '00';
$shiftEnd2 = !empty($_POST['shiftEnd2']) ? $mysqli->real_escape_string($_POST['shiftEnd2']) : '00';
$shiftEnd = $shiftEnd1 . $shiftEnd2 . "00";
$dress = isset($_POST['dress']) ? $mysqli->real_escape_string($_POST['dress']) : '';
$gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
//add to database
echo '<h2>Results</h2>';
if ($num_deputies > 0) {
for ($i = 0; $i < $num_deputies; $i++) {
$gpIDq = "SELECT MAX( GPNUM ) 'gpID' FROM SECLOG";
$gpResult = $mysqli->query($gpIDq);
SQLerrorCatch($mysqli, $gpResult);
$row = $gpResult->fetch_assoc();
if ($gpID != 0) {
$groupID = $gpID;
} else {
$groupID = 0;
if ($num_deputies == 1) {
//Set Group ID to 0 or Individual
} else {
if ($i == 0) {
$groupID = $row['gpID'] + 1;
} else {
$groupID = $row['gpID'];
}
}
}
$myq = "INSERT INTO `SECLOG` ( `IDNUM` ,`DEPUTYID` ,`RADIO` ,`TIMEIN` ,`AUDIT_IN_ID` ,\r\n `AUDIT_IN_TIME` ,`AUDIT_IN_IP` ,`LOCATION` ,`CITY` ,`PHONE` ,`SHIFTDATE` ,`SHIFTSTART` ,\r\n `SHIFTEND` ,`DRESS` ,`TIMEOUT` ,`AUDIT_OUT_ID` ,`AUDIT_OUT_TIME` ,`AUDIT_OUT_IP` ,`SUP_ID` ,\r\n `SUP_TIME` ,`SUP_IP`, IS_RESERVE, GPNUM) VALUES (\r\n NULL , '" . $deputyID[$i] . "', '" . $radioNum[$i] . "', NOW(), '" . $_SESSION['userIDnum'] . "', NOW(), INET_ATON('" . $_SERVER['REMOTE_ADDR'] . "'), \r\n '" . $address . "', '" . $city . "', '" . $phone . "', '" . Date('Y-m-d', strtotime($_POST['dateSelect'])) . "', \r\n '" . $shiftStart . "', '" . $shiftEnd . "', '" . $dress . "', '', '', '', '', '', '', ''," . $isReserve[$i] . ",\r\n '" . $groupID . "');";
$result = $mysqli->query($myq);
if (!SQLerrorCatch($mysqli, $result)) {
$secLogID = $mysqli->insert_id;
addLog($config, 'Secondary Log #' . $secLogID . ' Added');
echo 'Successfully Added Secondary Employment Log, Reference Number: ' . $secLogID . '<br />';
$isEditing = true;
} else {
echo 'Failed to add Secondary Employment Log, try again.<br />';
}
}
} else {
echo 'Must select a user.<br />';
}
echo '<br />';
//display results and get secLogID just added
}
if ($logoutSecLog) {
$secLogID = isset($_POST['secLogID']) ? $_POST['secLogID'] : '';
logOutSecLog($config, $secLogID);
$isEditing = true;
}
if ($updateSecLog) {
////get posted values
$secLogID = isset($_POST['secLogID']) ? $mysqli->real_escape_string($_POST['secLogID']) : '';
$radioNum = isset($_POST['radioNum']) ? $mysqli->real_escape_string($_POST['radioNum']) : '';
$address = isset($_POST['address']) ? $mysqli->real_escape_string($_POST['address']) : '';
$city = isset($_POST['city']) ? $mysqli->real_escape_string($_POST['city']) : '';
$phone = isset($_POST['phone']) ? $mysqli->real_escape_string($_POST['phone']) : '';
$shiftStart1 = isset($_POST['shiftStart1']) ? $mysqli->real_escape_string($_POST['shiftStart1']) : '';
$shiftStart2 = isset($_POST['shiftStart2']) ? $mysqli->real_escape_string($_POST['shiftStart2']) : '';
$shiftStart = $shiftStart1 . $shiftStart2 . "00";
$shiftEnd1 = isset($_POST['shiftEnd1']) ? $mysqli->real_escape_string($_POST['shiftEnd1']) : '';
$shiftEnd2 = isset($_POST['shiftEnd2']) ? $mysqli->real_escape_string($_POST['shiftEnd2']) : '';
$shiftEnd = $shiftEnd1 . $shiftEnd2 . "00";
$dress = isset($_POST['dress']) ? $mysqli->real_escape_string($_POST['dress']) : '';
updateSecLog($config, $secLogID, $radioNum, $address, $city, $phone, $shiftStart1, $shiftStart2, $shiftEnd1, $shiftEnd2, $dress);
$isEditing = true;
}
if ($isEditing) {
if ($config->adminLvl >= 0) {
$mysqli = $config->mysqli;
$myq = "SELECT S.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', S.RADIO, LOCATION, S.CITY, PHONE,\r\n SHIFTSTART, SHIFTEND, DRESS, S.IDNUM, S.TIMEOUT\r\n FROM SECLOG S\r\n JOIN EMPLOYEE AS SEC ON SEC.IDNUM=S.DEPUTYID\r\n WHERE S.IDNUM = '" . $secLogID . "' AND IS_RESERVE=0\r\n UNION\r\n SELECT S.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', S.RADIO, LOCATION, S.CITY, PHONE,\r\n SHIFTSTART, SHIFTEND, DRESS, S.IDNUM, S.TIMEOUT\r\n FROM SECLOG S\r\n JOIN RESERVE AS SEC ON SEC.IDNUM=S.DEPUTYID\r\n WHERE S.IDNUM = '" . $secLogID . "' AND IS_RESERVE=1\r\n ORDER BY IDNUM";
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
$row = $result->fetch_assoc();
if ($row['gpID'] != 0) {
//get all users
echo '<div align="center">Group Reference #: ' . $row['gpID'] . '
<input type="hidden" name="gpID" value="' . $row['gpID'] . '" /></div>';
$newq = "SELECT S.IDNUM 'refNum', S.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', S.RADIO, LOCATION, S.CITY, PHONE,\r\n SHIFTSTART, SHIFTEND, DRESS, S.IDNUM, S.TIMEOUT\r\n FROM SECLOG S\r\n JOIN EMPLOYEE AS SEC ON SEC.IDNUM=S.DEPUTYID\r\n WHERE S.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=0\r\n UNION\r\n SELECT S.IDNUM 'refNum', S.GPNUM 'gpID', CONCAT_WS(', ', LNAME, FNAME) 'DEPUTYNAME', S.RADIO, LOCATION, S.CITY, PHONE,\r\n SHIFTSTART, SHIFTEND, DRESS, S.IDNUM, S.TIMEOUT\r\n FROM SECLOG S\r\n JOIN RESERVE AS SEC ON SEC.IDNUM=S.DEPUTYID\r\n WHERE S.GPNUM = '" . $row['gpID'] . "' AND IS_RESERVE=1\r\n ORDER BY IDNUM";
$newResult = $mysqli->query($newq);
SQLerrorCatch($mysqli, $newResult);
$x = 0;
$y = 0;
$depTable = array(array());
$depTable[$x][$y] = "Reference#";
$y++;
$depTable[$x][$y] = "Deputy";
$y++;
$depTable[$x][$y] = "Radio#";
$y++;
$depTable[$x][$y] = "Action";
$y++;
$x++;
while ($newRow = $newResult->fetch_assoc()) {
$y = 0;
$depTable[$x][$y] = $newRow['refNum'] . '
<input type="hidden" name="secLogID' . $x . '" value="' . $newRow['refNum'] . '" />';
$y++;
$depTable[$x][$y] = $newRow['DEPUTYNAME'];
$y++;
$depTable[$x][$y] = '<input type="text" name="radioNum' . $x . '" value="' . $newRow['RADIO'] . '" />';
$y++;
if (strcmp($newRow['TIMEOUT'], "00:00:00") == 0) {
$depTable[$x][$y] = '<input type="submit" value="Update" name="updateSecLog' . $x . '" />
<input type="submit" value="LogOut" name="logoutSecLog' . $x . '" /><br/>';
if ($config->adminLvl >= 25) {
$depTable[$x][$y] .= '<input type="submit" name="changeDeputy' . $x . '" value="Change Deputy" />';
}
$y++;
} else {
if ($config->adminLvl >= 25) {
$depTable[$x][$y] = '<input type="submit" value="Update" name="updateSecLog' . $x . '" />
Logged Out at ' . $newRow['TIMEOUT'];
$y++;
} else {
$depTable[$x][$y] = 'Logged Out at ' . $newRow['TIMEOUT'];
$y++;
}
}
$x++;
}
showSortableTable($depTable, 1);
} else {
$x = 0;
$y = 0;
$depTable = array(array());
$depTable[$x][$y] = "Reference#";
$y++;
$depTable[$x][$y] = "Deputy";
$y++;
$depTable[$x][$y] = "Radio#";
$y++;
$depTable[$x][$y] = "Action";
$y++;
$x++;
$y = 0;
$depTable[$x][$y] = $secLogID . '<input type="hidden" name="secLogID" value="' . $secLogID . '" />';
$y++;
$depTable[$x][$y] = $row['DEPUTYNAME'];
$y++;
$depTable[$x][$y] = $row['DEPUTYNAME'];
$y++;
if ($config->adminLvl >= 25) {
$depTable[$x][$y] = '<input type="submit" name="changeDeputy1" value="Change Deputy" />';
} else {
$depTable[$x][$y] = '';
}
$y++;
showSortableTable($depTable, 1);
// echo 'Reference #: '.$secLogID.'<input type="hidden" name="secLogID" value="'.$secLogID.'" /><br />
// Deputy: '.$row['DEPUTYNAME'].'<br/>
// Radio#: <input type="text" name="radioNum" value="'.$row['RADIO'].'" />
// <input type="submit" name="changeDeputy1" value="Change Deputy" /><br/>';
}
echo '<div align="left">Add Deputy: <button type="button" name="searchBtn"
value="Lookup Employee" onClick="this.form.action=' . "'?userLookup=true'" . ';this.form.submit()" >
Lookup Employee</button></div><br/>';
echo 'Site Name or Address: <input type="text" name="address" value="' . $row['LOCATION'] . '" /><br/>
City/Twp: <input type="text" name="city" value="' . $row['CITY'] . '" /><br/>
Contact#: <input type="text" name="phone" value="' . $row['PHONE'] . '" /><br/>
Shift Start Time: ';
$temp = explode(":", $row['SHIFTSTART']);
showTimeSelector("shiftStart", $temp[0], $temp[1], false);
echo ' <br/>
Shift End Time: ';
$temp = explode(":", $row['SHIFTEND']);
showTimeSelector("shiftEnd", $temp[0], $temp[1], false);
echo '<br/>
Dress: <select name="dress">
<option value=""></option>
<option value="U"';
if (strcmp($row['DRESS'], "U") == 0) {
echo ' SELECTED ';
}
echo '>Uniform</option>
<option value="PC"';
if (strcmp($row['DRESS'], "PC") == 0) {
echo ' SELECTED ';
}
echo '>Plain Clothes</option>
</select><br/>';
echo 'Logged Off Time: ';
if (strcmp($row['TIMEOUT'], "00:00:00") == 0) {
echo "Not Logged Off Yet<br /><br />";
if ($row['gpID'] != 0) {
echo '<input type="submit" name="logoutSecLogAll" value="LogOut All" />';
} else {
echo '<input type="submit" name="logoutSecLog" value="LogOut" />';
}
} else {
echo $row['TIMEOUT'] . '<br /><br />';
}
if (strcmp($row['TIMEOUT'], "00:00:00") == 0 || $config->adminLvl >= 25) {
if ($row['gpID'] != 0) {
echo '<input type="submit" name="updateSecLogAll" value="Update All" />';
} else {
echo '<input type="submit" name="updateSecLog" value="Update" />';
}
}
if ($isApprove) {
echo '<input type="submit" name="backToApprove" value="Back To Approvals" />';
} else {
echo '<input type="submit" name="goBtn" value="Back To Logs" />';
}
} else {
echo 'Access Denied';
}
}
if (!$isEditing && !isset($_POST['goBtn'])) {
$secLogID = isset($_POST['secLogID']) ? $_POST['secLogID'] : $_SESSION['userIDnum'];
$radioNum = isset($_POST['radioNum']) ? $_POST['radioNum'] : '';
$address = isset($_POST['address']) ? $_POST['address'] : '';
$city = isset($_POST['city']) ? $_POST['city'] : '';
$phone = isset($_POST['phone']) ? $_POST['phone'] : '';
$shiftStart1 = isset($_POST['shiftStart1']) ? $_POST['shiftStart1'] : '';
$shiftStart2 = isset($_POST['shiftStart2']) ? $_POST['shiftStart2'] : '';
$shiftEnd1 = isset($_POST['shiftEnd1']) ? $_POST['shiftEnd1'] : '';
$shiftEnd2 = isset($_POST['shiftEnd2']) ? $_POST['shiftEnd2'] : '';
$dress = isset($_POST['dress']) ? $_POST['dress'] : '';
$dateSelect = isset($_POST['dateSelect']) ? $_POST['dateSelect'] : '';
//debug
//var_dump($_POST);
//Show previously added deputies
$deputyCount = 0;
if ($num_deputies > 0) {
for ($i = 0; $i < $num_deputies; $i++) {
if (!isset($_POST['removeDeputyBtn' . $i])) {
$deputyID[$i] = isset($_POST['deputyID' . $i]) ? $mysqli->real_escape_string(strtoupper($_POST['deputyID' . $i])) : '';
$isReserve[$i] = isset($_POST['isReserve' . $i]) ? true : false;
//get this user's information
if ($isReserve[$i]) {
$myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $deputyID[$i];
$result = $mysqliReserve->query($myq);
SQLerrorCatch($mysqliReserve, $result);
$row = $result->fetch_assoc();
} else {
$myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $deputyID[$i];
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
$row = $result->fetch_assoc();
}
if ($i == 0) {
$phone = $row['CELLPH'];
}
echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $deputyID[$i] . '" />';
if ($isReserve[$i] == 1) {
echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />';
}
echo $row['LNAME'] . ', ' . $row['FNAME'];
echo '; Radio#: <input type="hidden" name="radioNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />' . $row['RADIO'];
echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />';
echo '<br/>';
$deputyCount++;
}
}
//End for loop of previously added deputies
}
//End check for multiple deputies
//Get added Deputy
$totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : 0;
$foundUserFNAME = '';
$foundUserLNAME = '';
$foundUserName = '';
$foundUserID = '';
if ($totalRows > 0) {
//get post info providied from search results
for ($i = 0; $i <= $totalRows; $i++) {
if (isset($_POST['foundUser' . $i])) {
$foundUserFNAME = $_POST['foundUserFNAME' . $i];
$foundUserLNAME = $_POST['foundUserLNAME' . $i];
$foundUserName = $_POST['foundUserName' . $i];
$foundUserID = $_POST['foundUserID' . $i];
if (isset($_POST['isReserve' . $i])) {
$foundUserIsReserve = true;
} else {
$foundUserIsReserve = false;
}
break;
}
//end if
}
//end for
}
if (empty($foundUserID) && $num_deputies == 0) {
if ($_SERVER['REMOTE_ADDR'] != nslookup('WSRF14900.mahoningcountyoh.gov')) {
//'10.1.32.72'
$foundUserID = $_SESSION['userIDnum'];
$foundUserIsReserve = false;
}
}
if (!empty($foundUserID)) {
if ($foundUserIsReserve) {
$myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM RESERVE WHERE IDNUM=' . $foundUserID;
$result = $mysqliReserve->query($myq);
SQLerrorCatch($mysqliReserve, $result);
} else {
$myq = 'SELECT RADIO, CELLPH, LNAME, FNAME FROM EMPLOYEE WHERE IDNUM=' . $foundUserID;
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
}
$row = $result->fetch_assoc();
if ($deputyCount == 0) {
$phone = $row['CELLPH'];
}
echo 'Deputy: <input type="hidden" name="deputyID' . $deputyCount . '" value="' . $foundUserID . '" />';
if ($foundUserIsReserve) {
echo '<input type="hidden" name="isReserve' . $deputyCount . '" value="true" />';
}
echo $row['LNAME'] . ', ' . $row['FNAME'];
echo '; Radio#: <input type="hidden" name="radioNum' . $deputyCount . '" value="' . $row['RADIO'] . '" />' . $row['RADIO'];
echo '<input type="submit" name="removeDeputyBtn' . $deputyCount . '" value="Remove" />';
echo '<br/>';
$deputyCount++;
}
echo 'Add Deputy: ';
displayUserLookup($config);
echo '<br />';
echo '<input type="hidden" name="num_deputies" value="' . $deputyCount . '" />';
$gpID = isset($_POST['gpID']) ? $_POST['gpID'] : 0;
echo '<input type="hidden" name="gpID" value="' . $gpID . '" />';
echo 'Site Name or Address: <input type="text" name="address" value="' . $address . '" /><br/>
City/Twp: <input type="text" name="city" value="' . $city . '" /><br/>
Contact#: <input type="text" name="phone" value="' . $phone . '" /><br/>
Shift Start Time: ';
showTimeSelector("shiftStart", $shiftStart1, $shiftStart2, false);
echo ' <br/>
Shift End Time: ';
showTimeSelector("shiftEnd", $shiftEnd1, $shiftEnd2, false);
echo '<br/>
Dress: <select name="dress">
<option value=""></option>
<option value="U"';
if ($dress == 'U') {
echo ' selected ';
}
echo '>Uniform</option>
<option value="PC"';
if ($dress == 'PC') {
echo ' selected ';
}
echo '>Plain Clothes</option>
</select><br/><br />
<input type="hidden" name="addBtn" value="true" />
<input type="submit" name="addSecLog" value="Add" />
<input type="submit" name="goBtn" value="Cancel" />';
}
}
function displayLeaveForm($config)
{
$mysqli = $config->mysqli;
//check if we're coming from an edit button on the submitted report
$totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : false;
$updatingRequest = isset($_POST['formName']) ? $_POST['formName'] : false;
$updatingRequest = isset($_POST['duplicateBtn']) ? "duplicateRequest" : $updatingRequest;
$findBtn = isset($_POST['findBtn']) ? true : false;
$requestAccepted = false;
//echo "updatingRequest = $updatingRequest"; //DEBUG
if ($totalRows && $updatingRequest && !$findBtn) {
for ($i = 0; $i < $totalRows; $i++) {
if (isset($_POST['editBtn' . $i])) {
$referNum = $_POST['requestID' . $i];
}
}
if (!empty($referNum)) {
$myq = 'SELECT REQUEST.IDNUM, TIMETYPEID, BEGTIME, ENDTIME, NOTE, CALLOFF, USEDATE, SUBTYPE,
LNAME, FNAME
FROM REQUEST, EMPLOYEE
WHERE EMPLOYEE.IDNUM=REQUEST.IDNUM
AND REFER=' . $config->mysqli->real_escape_string($referNum);
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
$row = $result->fetch_assoc();
//set posts to pre-fill form from record we want to edit
$_POST['referNum'] = $referNum;
$_POST['type'] = $row['TIMETYPEID'];
$_POST['ID'] = $row['IDNUM'];
$_POST['beg1'] = substr($row['BEGTIME'], 0, 2);
$_POST['beg2'] = substr($row['BEGTIME'], 3, 2);
$_POST['end1'] = substr($row['ENDTIME'], 0, 2);
$_POST['end2'] = substr($row['ENDTIME'], 3, 2);
$_POST['comment'] = $row['NOTE'];
$_POST['calloff'] = $row['CALLOFF'];
$_POST['usedate'] = $row['USEDATE'];
$_POST['subtype'] = $row['SUBTYPE'];
$foundUserFNAME = $row['FNAME'];
$foundUserLNAME = $row['LNAME'];
$foundUserID = $row['IDNUM'];
//var_dump($_POST);
}
}
//Get all passed variables
$postID = isset($_POST['ID']) ? $_POST['ID'] : $_SESSION['userIDnum'];
$postThruDate = isset($_POST['thrudate']) ? $_POST['thrudate'] : false;
$shiftLength = isset($_POST['shift']) ? $_POST['shift'] : '';
$postBeg1 = isset($_POST['beg1']) ? $_POST['beg1'] : null;
$postBeg2 = isset($_POST['beg2']) ? $_POST['beg2'] : null;
if (!empty($postBeg1) && !empty($postBeg2)) {
$postBegin = $postBeg1 . $postBeg2;
} else {
$postBegin = false;
}
$postEnd1 = isset($_POST['end1']) ? $_POST['end1'] : null;
$postEnd2 = isset($_POST['end2']) ? $_POST['end2'] : null;
if (!empty($postEnd1) && !empty($postEnd2)) {
$postEnding = $postEnd1 . $postEnd2;
} else {
$postEnding = false;
}
if (!isset($_POST['shift'])) {
if ($postBegin == $postEnding) {
$postBegin = false;
$postEnding = false;
}
}
$type = isset($_POST['type']) ? $mysqli->real_escape_string($_POST['type']) : false;
$comment = isset($_POST['comment']) ? $mysqli->real_escape_string($_POST['comment']) : false;
$calloff = isset($_POST['calloff']) ? $_POST['calloff'] : 'NO';
$auditid = $_SESSION['userIDnum'];
$postUseDate = isset($_POST['usedate']) ? $_POST['usedate'] : false;
if (!$postUseDate) {
$isDateUse = false;
} else {
$isDateUse = true;
}
$subtype = isset($_POST['subtype']) ? $mysqli->real_escape_string($_POST['subtype']) : 'NONE';
//Submit Button Pressed. Add record to the database
if (isset($_POST['submit']) || isset($_POST['update'])) {
$ID = $mysqli->real_escape_string(strtoupper($postID));
$usedate = new DateTime($mysqli->real_escape_string($postUseDate));
if (!$postThruDate) {
$daysOff = 0;
} else {
$thrudate = new DateTime($mysqli->real_escape_string($postThruDate));
$daysOffInterval = $usedate->diff($thrudate);
//number days in given range
$daysOff = $daysOffInterval->format("%d");
}
$beg = new DateTime($mysqli->real_escape_string($postBegin));
//setting end to beginning so I can add a shift to it if need be
$end = new DateTime($mysqli->real_escape_string($postBegin));
if (empty($shiftLength)) {
//not using a shift length so take the entered time
$end = new DateTime($mysqli->real_escape_string($postEnding));
} else {
//add a shift to the start time
$end->add(new DateInterval('PT' . $shiftLength . 'H'));
}
if ($end < $beg) {
//add a day to $end if the times crossed midnight
$end = $end->add(new DateInterval("P1D"));
}
//interval calculation in hours
$endSec = strtotime($end->format("Y-m-d H:i:s"));
$begSec = strtotime($beg->format("Y-m-d H:i:s"));
$hours = ($endSec - $begSec) / 3600;
//SQL TIME format
$beg = $beg->format("H:i:s");
$end = $end->format("H:i:s");
if ($isDateUse) {
if (!empty($postEnding) || !empty($postBegin)) {
//query to insert the record. loops until number of days is reached
if (!isset($_POST['update'])) {
$confirmBtn = isset($_POST['confirmBtn']) ? true : false;
$noBtn = isset($_POST['noBtn']) ? true : false;
for ($i = 0; $i <= $daysOff; $i++) {
//Check if useDate is already submitted
$myq = "SELECT `REFER` , `IDNUM`, `TIMETYPEID` , `USEDATE` , `ENDTIME` , `BEGTIME` , `SUBTYPE`\r\n FROM `REQUEST`\r\n WHERE `TIMETYPEID` LIKE '" . $type . "'\r\n AND `IDNUM` = '" . $ID . "'\r\n AND `USEDATE` = '" . $usedate->format('Y-m-d') . "'";
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
if ($result->num_rows > 0 && !$confirmBtn && !$noBtn) {
$refNums = "";
while ($row = $result->fetch_assoc()) {
$refNums .= $row['REFER'] . ', ';
}
popUpMessage('<div align="center"><form method="POST" action="' . $_SERVER['REQUEST_URI'] . '">
You already submitted for this type of request on ' . $usedate->format('Y-m-d') . '<br/>
Please see Reference Numbers: <br/>' . $refNums . '<br/><br/><h4>Are you sure you want to submit another?</h4>
<input type="submit" name="confirmBtn" value="Yes" /> <input type="submit" name="noBtn" value="No" />
<input type="hidden" name="type" value="' . $type . '" />
<input type="hidden" name="subtype" value="' . $subtype . '" />
<input type="hidden" name="shift" value="' . $shiftLength . '" />
<input type="hidden" name="ID" value="' . $ID . '" />
<input type="hidden" name="usedate" value="' . $postUseDate . '" />
<input type="hidden" name="thrudate" value="' . $postThruDate . '" />
<input type="hidden" name="beg1" value="' . $postBeg1 . '" />
<input type="hidden" name="beg2" value="' . $postBeg2 . '" />
<input type="hidden" name="end1" value="' . $postEnd1 . '" />
<input type="hidden" name="end2" value="' . $postEnd2 . '" />
<input type="hidden" name="comment" value="' . $comment . '" />
<input type="hidden" name="calloff" value="' . $calloff . '" />
<input type="hidden" name="submit" value="true" />
</form></div>');
} else {
if ($noBtn) {
echo 'Canceled Submitting Request.';
} else {
if (($type == 'OT' || $type == 'AG') && strtotime($usedate->format('Y-m-d')) > strtotime(date('Y-m-d'))) {
echo '<font color="red">Can not submit for Overtime or Comp Time Gain unless it is on or after the date of use</font>';
} else {
$myq = "INSERT INTO REQUEST (IDNUM, USEDATE, BEGTIME, ENDTIME, \r\n HOURS, TIMETYPEID, SUBTYPE, NOTE, STATUS, REQDATE, \r\n AUDITID, IP, CALLOFF)\r\n VALUES ('{$ID}', '" . $usedate->format('Y-m-d') . "', '{$beg}', '{$end}', '{$hours}', '{$type}', '{$subtype}', \r\n '{$comment}', 'PENDING', NOW(),'{$auditid}',INET_ATON('{$_SERVER['REMOTE_ADDR']}'), '{$calloff}')";
//echo $myq; //DEBUG
$usedate->modify("+1 day");
//add one more day for the next iteration if multiple days off
$result = $mysqli->query($myq);
//show SQL error msg if query failed
if (SQLerrorCatch($mysqli, $result)) {
echo 'Request not accepted.';
} else {
$refInsert = $mysqli->insert_id;
addLog($config, 'New Time Request Submitted with Ref# ' . $refInsert);
echo '<h3>Request accepted. The reference number for this request is <b>' . $refInsert . '</b>.</h3>';
$requestAccepted = true;
}
}
}
}
//end validation check
}
//end for loop
}
} else {
echo '<font color="red" >Must provide a valid Start and End time!</font><br /><br />';
}
} else {
echo '<font color="red" >Must provide a valid Date!</font><br /><br />';
}
//update an existing record instead of inserting a new one
if (isset($_POST['update'])) {
$myq = "UPDATE REQUEST SET USEDATE='" . $config->mysqli->real_escape_string($usedate->format('Y-m-d')) . "', \r\n BEGTIME='" . $config->mysqli->real_escape_string($beg) . "', \r\n ENDTIME='" . $config->mysqli->real_escape_string($end) . "', \r\n HOURS='" . $config->mysqli->real_escape_string($hours) . "', \r\n TIMETYPEID='" . $config->mysqli->real_escape_string($type) . "', \r\n SUBTYPE='" . $config->mysqli->real_escape_string($subtype) . "', \r\n NOTE='" . $config->mysqli->real_escape_string($comment) . "', \r\n AUDITID='" . $config->mysqli->real_escape_string($auditid) . "', \r\n IP=INET_ATON('" . $config->mysqli->real_escape_string($_SERVER['REMOTE_ADDR']) . "'), \r\n CALLOFF='" . $config->mysqli->real_escape_string($calloff) . "'\r\n WHERE REFER=" . $config->mysqli->real_escape_string($_POST['referNum']);
//echo $myq; //DEBUG
$result = $mysqli->query($myq);
//show SQL error msg if query failed
if (SQLerrorCatch($mysqli, $result)) {
echo 'Error: Request not updated.';
} else {
addLog($config, 'Updated Time Request with Ref# ' . $_POST['referNum']);
echo '<h3>Request updated successfully.</h3>';
}
}
//end of "is update button pressed?"
}
//end of 'is submit or update pressed?'
if (!isset($_POST['searchBtn'])) {
?>
<h2>Employee Request</h2>
<?php
} else {
echo '<h3>Lookup User</h3>';
}
?>
<form name="leave" id="leave" method="post" action="<?php
echo $_SERVER['REQUEST_URI'];
?>
">
<input type='hidden' name='formName' value='leave' />
<?php
if (isset($_POST['referNum'])) {
echo 'Reference Request #' . $_POST['referNum'] . '<input type="hidden" name="referNum" value="' . $_POST['referNum'] . '" />';
}
$type = isset($_POST['type']) ? $_POST['type'] : '';
$myq = "SELECT DESCR FROM TIMETYPE WHERE TIMETYPEID='" . $config->mysqli->real_escape_string($type) . "'";
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
$typeDescr = $result->fetch_assoc();
if (!empty($type)) {
//$_POST['type'] is set
//hidden field with type set
echo "<input type='hidden' name='type' value='" . $type . "'>";
//Lookup Users button pressed
if (isset($_POST['searchBtn']) || isset($_POST['findBtn'])) {
//Save any inputed values
echo '<input type="hidden" name="subtype" value="' . $subtype . '" />';
echo '<input type="hidden" name="ID" value="' . $postID . '" />';
echo '<input type="hidden" name="usedate" value="' . $postUseDate . '" />';
echo '<input type="hidden" name="thrudate" value="' . $postThruDate . '" />';
echo '<input type="hidden" name="beg1" value="' . $postBeg1 . '" />';
echo '<input type="hidden" name="beg2" value="' . $postBeg2 . '" />';
echo '<input type="hidden" name="end1" value="' . $postEnd1 . '" />';
echo '<input type="hidden" name="end2" value="' . $postEnd2 . '" />';
echo '<input type="hidden" name="comment" value="' . $comment . '" />';
echo '<input type="hidden" name="calloff" value="' . $calloff . '" />';
//Get additional search inputs
$searchUser = isset($_POST['searchUser']) ? $_POST['searchUser'] : '';
$isFullTime = isset($_POST['fullTime']) ? true : false;
$isReserve = isset($_POST['reserve']) ? true : false;
echo '<input type="checkbox" name="fullTime" ';
if ($isFullTime) {
echo 'CHECKED';
}
echo ' />Full Time Employee ';
echo '<input type="checkbox" name="reserve" ';
if ($isReserve) {
echo 'CHECKED';
}
echo ' />Reserves<br />';
echo '<input type="text" name="searchUser" value="' . $searchUser . '" /><input type="submit" name="findBtn" value="Search" /><br /><br />';
if (isset($_POST['findBtn'])) {
$rowCount = 0;
if (!empty($searchUser) && $isFullTime) {
$rowCount = selectUserSearch($config, $searchUser, $rowCount, true);
}
if ($isReserve) {
$rowCount2 = searchReserves($config, $searchUser, $rowCount);
} else {
$rowCount2 = $rowCount;
}
$rowCount3 = searchDatabase($config, $searchUser, $rowCount2);
$totalRowsFound = $rowCount + $rowCount2 + $rowCount3;
echo '<input type="hidden" name="totalRows" value="' . $totalRowsFound . '" />';
}
//end lookup button pressed
} else {
$foundUserFNAME = isset($foundUserFNAME) ? $foundUserFNAME : '';
$foundUserLNAME = isset($foundUserLNAME) ? $foundUserLNAME : '';
$foundUserName = isset($foundUserName) ? $foundUserName : '';
$foundUserID = isset($foundUserID) ? $foundUserID : '';
$totalRows = isset($_POST['totalRows']) ? $_POST['totalRows'] : '';
if ($totalRows > 0) {
//get post info providied from search results
for ($i = 0; $i <= $totalRows; $i++) {
if (isset($_POST['foundUser' . $i])) {
$foundUserFNAME = $_POST['foundUserFNAME' . $i];
$foundUserLNAME = $_POST['foundUserLNAME' . $i];
$foundUserName = $_POST['foundUserName' . $i];
$foundUserID = $_POST['foundUserID' . $i];
if (isset($_POST['isReserve' . $i])) {
echo '<input type="hidden" name="isReserve" value="true" />';
}
break;
}
//end if
}
//end for
}
//echo "<p><h3>Type of Request: </h3>" . $typeDescr['DESCR'] . "</p>";
echo "<p><h3>Type of Request: </h3>";
selectTimeType($config, "type", $type);
echo "</p>";
//subtype choice
echo "Subtype: ";
$myq = "SELECT NAME FROM SUBTYPE";
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
?>
<select name="subtype"> <?php
while ($row = $result->fetch_assoc()) {
if (strcmp($row['NAME'], $subtype) == 0) {
echo '<option value="' . $row["NAME"] . '" SELECTED >' . $row["NAME"] . '</option>';
} else {
echo '<option value="' . $row["NAME"] . '">' . $row["NAME"] . '</option>';
}
}
echo "</select> </br>";
if ($_SESSION['admin'] < 25) {
//if normal user, allow only their own user name
echo "<p>User ID: " . $_SESSION['userName'] . "<input type='hidden' name='ID' value='" . $_SESSION['userIDnum'] . "'></p>";
} else {
//allow any user to be picked for a calloff entry
$isCallOff = "";
if (isset($_POST['calloff'])) {
echo '<input type="checkbox" id="calloff" name="calloff" value="YES" CHECKED />';
} else {
echo '<input type="checkbox" id="calloff" name="calloff" value="YES" />';
}
//echo 'onclick=\'addLookupButton("leave");\'';
echo 'Call Off (ie. REPORT OFF)<br/>';
echo "Employee: ";
//user ID passed from search
if ($totalRows > 0) {
echo '<input type="hidden" name="ID" value="' . $foundUserID . '" />' . $foundUserLNAME . ', ' . $foundUserFNAME;
} else {
//dropDownMenu($mysqli, 'FULLNAME', 'EMPLOYEE', $postID, 'ID');
$myq = "SELECT `IDNUM` , `LNAME` , `FNAME` \r\n FROM `EMPLOYEE`\r\n WHERE `IDNUM` = " . $config->mysqli->real_escape_string($postID);
$result = $mysqli->query($myq);
SQLerrorCatch($mysqli, $result);
$row = $result->fetch_assoc();
echo $row['LNAME'] . ', ' . $row['FNAME'] . "<input type='hidden' name='ID' value='" . $postID . "'>";
}
echo ' <input type="submit" name="searchBtn" value="Lookup Employee" />';
?>
<script language="JavaScript" type="text/javascript">
function addLookupButton(formName) {
// var _form = document.getElementById(formName);
// var _calloff = document.getElementById('calloff');
// if(_calloff.checked){
// if(document.getElementById('jsearchBtn')){}
// else{
// var _search = document.createElement('input');
// _search.type = "submit";
// _search.name = "searchBtn";
// _search.value = "Lookup Employee";
// _search.id = "jsearchBtn";
// _search.onclick = function(){_form.submit()};
// //_form.appendChild(_search);
// _form.insertBefore(_search, _calloff);
// }
// }
// else{
// if(document.getElementById('jsearchBtn')){
// var _oldSearch = document.getElementById('jsearchBtn');
// _form.removeChild(_oldSearch);
// }
// }
}
</script>
<?php
}
?>
<p>Date of use/accumulation: <?php
displayDateSelect('usedate', 'date_1', $postUseDate, true, !$isDateUse);
?>
Through date (optional): <?php
displayDateSelect('thrudate', 'date_2');
?>
</p>
<p>Start time: <?php
showTimeSelector("beg", $postBeg1, $postBeg2);
?>
<?php
if ($type == 'PR') {
echo "<input type='radio' name='shift' value='8'>8 hour shift";
echo "<input type='radio' name='shift' value='12'>12 hour shift";
echo "</br>(Personal time must be used for an entire shift.)";
} else {
?>
End time: <?php
showTimeSelector("end", $postEnd1, $postEnd2);
?>
</p> <?php
}
?>
</br>
<p>Comment: <textarea rows="3" cols="40" name="comment" ><?php
echo $comment;
?>
</textarea></p>
<?php
//popUpMessage($updatingRequest);
if ($updatingRequest === 'submittedRequests' || $requestAccepted) {
echo '<p><input type="hidden" name="formName" value="submittedRequests" />
<input type="submit" name="update" value="Update Request">
<input type="submit" name="duplicateBtn" value="Duplicate Request" />
<INPUT TYPE="button" value="Back to My Requests" onClick="parent.location=\'wts_index.php?myReq=true\'"></p>';
} else {
if (strpos($updatingRequest, 'hrEmpRep=true')) {
echo '<p><input type="hidden" name="formName" value="submittedRequests" />
<input type="submit" name="update" value="Update Request">
<input type="submit" name="duplicateBtn" value="Duplicate Request" />
<INPUT TYPE="button" value="Back to Approvals" onClick="parent.location=\'' . $updatingRequest . '\'"></p>';
} else {
echo '<p><input type="submit" name="submit" value="Submit for Approval"></p>';
}
}
?>
</form>
<?php
}
} else {
//intitial choice of type
echo "<p><h3>Type of Request: </h3>";
dropDownMenu($mysqli, 'DESCR', 'TIMETYPE', FALSE, 'type');
echo "</p>";
}
}
public function showMainRequestForm()
{
//Show all available remaining options
$this->config->showPrinterFriendly = true;
echo '<h2>Complete additional fields</h2>';
echo 'Starting Date: ';
displayDateSelect('useDate', 'date_1', $this->useDate, true, true);
if (!$this->isEditing) {
echo ' Through date (optional): ';
displayDateSelect('endDate', 'date_2', $this->endDate);
} else {
echo '<input type="hidden" name="endDate" value="" />';
}
echo '<br/><br/>';
echo 'Start time: ';
showTimeSelector("begTime", $this->begTime1, $this->begTime2);
if ($this->subTypeInfo['LIMIT_8_12'] == '1' || $this->typeID == '2') {
//Limit is enabled or Type is Personal
if (!empty($this->shiftHours)) {
if ($this->shiftHourRadio == "8" || $this->shiftHours == "8") {
echo " How long is your shift? <input type='radio' name='shiftHour' value='8' CHECKED>8 Hours";
echo "<input type='radio' name='shiftHour' value='12'>12 Hours<br/>";
} elseif ($this->shiftHourRadio == "12" || $this->shiftHours == "12") {
echo " How long is your shift? <input type='radio' name='shiftHour' value='8'>8 Hours";
echo "<input type='radio' name='shiftHour' value='12' CHECKED>12 Hours<br/>";
} else {
echo " How long is your shift? <input type='radio' name='shiftHour' value='8'>8 Hours";
echo "<input type='radio' name='shiftHour' value='12'>12 Hours";
echo ' <font color="red">Error in shift selection! </font><br/>';
}
} else {
echo " How long is your shift? <input type='radio' name='shiftHour' value='8'>8 Hours";
echo "<input type='radio' name='shiftHour' value='12'>12 Hours<br/>";
}
} else {
echo ' End time: ';
showTimeSelector("endTime", $this->endTime1, $this->endTime2);
}
if (!empty($this->shiftHours)) {
echo ' Total Hours: ' . $this->shiftHours;
}
echo '<br/><br/>';
echo 'Comment: <textarea rows="3" cols="40" name="empComment" >' . $this->empComment . '</textarea>';
echo '<br/><br/>';
if (!empty($this->submitDate)) {
echo '<font color="darkred">Submitted on ' . $this->submitDate . ' by ' . $this->auditName . '</font>';
echo '<br/><br/>';
}
if (!$this->isEditing) {
echo '<input type="submit" name="submitBtn" value="Submit for Approval">';
} else {
if ($this->status != "APPROVED") {
echo '<input type="hidden" name="reqID" value="' . $this->reqID . '" />';
echo '<input type="submit" name="updateReqBtn" value="Update Request ' . $this->reqID . '">';
}
echo '<input type="submit" name="duplicateReqBtn" value="Duplicate Request" />';
}
}