示例#1
0
 function genSetNewBatch()
 {
     $this->db = Staple_DB::get();
     $user = new userModel();
     $userId = $user->getId();
     $oldKey = $user->getBatchId();
     $key = sha1(time() . $user->getUsername() . rand(999, 9999999999.0));
     //Check if key exists
     $sql = "SELECT id FROM accounts WHERE batchId = '" . $this->db->real_escape_string($key) . "'";
     if ($this->db->query($sql)->fetch_row() > 0) {
         //Key already in use
         return false;
     } else {
         //Set new key in user account
         $sql = "UPDATE accounts SET batchId='" . $this->db->real_escape_string($key) . "' WHERE id={$userId}";
         if ($this->db->query($sql)) {
             //Log Audit
             $audit = new auditModel();
             $audit->setAction('Timesheet Validation');
             $audit->setUserId($userId);
             $audit->setItem('Batch: ' . $oldKey);
             $audit->save();
             return true;
         } else {
             return false;
         }
     }
 }
示例#2
0
 function adminSave()
 {
     if (isset($this->userId)) {
         //Check for current account.
         $currentUser = new userModel();
         if ($this->userId != $currentUser->getId()) {
             $inTime = strtotime($this->getDate() . " " . $this->getInTime());
             $outTime = strtotime($this->getDate() . " " . $this->getOutTime());
             $sql = "\n                  INSERT INTO timeEntries\n                  (userId,inTime,outTime,lessTime,codeId,note,batchId)\n                  VALUES (\n                  '" . $this->db->real_escape_string($this->userId) . "',\n                  '" . $this->db->real_escape_string($inTime) . "',\n                  '" . $this->db->real_escape_string($outTime) . "',\n                  '" . $this->db->real_escape_string($this->lessTime) . "',\n                  '" . $this->db->real_escape_string($this->codeId) . "',\n                  '" . $this->db->real_escape_string($this->note) . "',\n                  '" . $this->db->real_escape_string("ADMIN ADD") . "'\n                  )\n                ";
             if ($this->db->query($sql)) {
                 $user = new userModel();
                 $audit = new auditModel();
                 $audit->setUserId($this->userId);
                 $audit->setAction('Admin Entry Add');
                 $audit->setItem($user->getUsername() . " added entry for " . $this->getDate() . ". In Time: " . $this->inTime . "/Out Time: " . $this->outTime . "");
                 $audit->save();
                 return true;
             }
         }
     }
 }
示例#3
0
 function resetPin($id)
 {
     $pin = $this->generatePin();
     $this->tempPin = $pin;
     $sql = "UPDATE accounts SET pin='" . $this->db->real_escape_string(sha1($pin)) . "' WHERE id = '" . $this->db->real_escape_string($id) . "'";
     if ($this->db->query($sql)) {
         $account = new userModel();
         $userInfo = $account->userInfo($id);
         $audit = new auditModel();
         $audit->setUserId($userInfo['id']);
         $audit->setAction('PIN Reset');
         $audit->setItem($account->getUsername() . " reset users PIN.");
         $audit->save();
         return true;
     }
 }
示例#4
0
 function save()
 {
     if (isset($this->accountId) && isset($this->payPeriodYear) && isset($this->payPeriodMonth)) {
         //Get current users ID.
         $user = new userModel();
         $supervisorId = $user->getId();
         $supervisorName = $user->getUsername();
         $sql = "INSERT INTO timesheetReview (accountId, payPeriodMonth, payPeriodYear, supervisorId) VALUES ('" . $this->db->real_escape_string($this->accountId) . "','" . $this->db->real_escape_string($this->payPeriodMonth) . "','" . $this->db->real_escape_string($this->payPeriodYear) . "','" . $this->db->real_escape_string($supervisorId) . "')";
         if ($this->db->query($sql)) {
             $employeeUser = new userModel();
             $details = $employeeUser->userInfo($this->accountId);
             $month = $this->payPeriodMonth;
             $dateObj = DateTime::createFromFormat('!m', $month);
             $monthName = $dateObj->format('F');
             $audit = new auditModel();
             $audit->setUserId($this->accountId);
             $audit->setAction('Timesheet Review');
             $audit->setItem($supervisorName . " reviewed " . $details['username'] . " timesheet for " . $monthName . " " . $this->payPeriodYear);
             $audit->save();
             return true;
         }
     }
 }
示例#5
0
 function unlock($id)
 {
     $sql = "\n            SELECT userId FROM timeEntries WHERE id = '" . $this->db->real_escape_string($id) . "';\n        ";
     if ($this->db->query($sql)->num_rows > 0) {
         $query = $this->db->query($sql);
         $result = $query->fetch_assoc();
         $userId = $result['userId'];
         $user = new userModel();
         $user = $user->userInfo($userId);
         $userId = $user['id'];
         $batchId = $user['batchId'];
         //Check if it's for the same user.
         $currentUser = new userModel();
         if ($currentUser->getId() != $userId) {
             $sql = "\n                UPDATE timeEntries SET batchId = '" . $this->db->real_escape_string($batchId) . "' WHERE id = '" . $this->db->real_escape_string($id) . "'\n                ";
             if ($this->db->query($sql)) {
                 $audit = new auditModel();
                 $audit->setUserId($userId);
                 $audit->setAction('Single Entry Unlock');
                 $audit->setItem($this->username . " unlocked time entry " . $id);
                 $audit->save();
                 return true;
             }
         }
     }
 }