From 153f07a1201765d059f5cdbec1222214cd3fa23a Mon Sep 17 00:00:00 2001
From: Josh North <josh.north@point808.com>
Date: Thu, 11 May 2017 17:22:44 +0000
Subject: [PATCH] minor fixes to work with php 7 - finally

---
 config.inc.php.example     | 10 ++++------
 includes/functions.inc.php | 16 ++++++++--------
 includes/menu.inc.php      |  2 +-
 index.php                  |  9 +++++++--
 manualpunch.php            | 12 ++++++------
 mysql.sql                  | 14 +++++++-------
 profile.php                | 12 ++++++------
 reports.php                |  2 +-
 users.php                  |  8 ++++----
 9 files changed, 44 insertions(+), 41 deletions(-)

diff --git a/config.inc.php.example b/config.inc.php.example
index 787ad5b..7633760 100755
--- a/config.inc.php.example
+++ b/config.inc.php.example
@@ -1,16 +1,16 @@
 <?php
 //********** PLEASE EDIT THE FOLLOWING **********//
 // Paths and directories must include a trailing slash!!!
-$yaptc_dirpath  = '/usr/share/nginx/html/yaptc/'; // Absolute directory path to the root of this program
+$yaptc_dirpath  = '/var/www/html/yaptc/';         // Absolute directory path to the root of this program
 $yaptc_webpath  = 'http://server-ip/yaptc/';      // Absolute URL to the root of this program
 $yaptc_appname  = 'Timecard System';              // Program name to display in title bar
 $yaptc_company  = 'Widgets, Inc.';                // Your company name
-$db             = new PDO('mysql:host=localhost;dbname=YOUR_DATABASE;charset=utf8', 'YOUR_USER', 'YOUR_PASSWORD'); // Database connection string
+$yaptc_db       = new PDO('mysql:host=localhost;dbname=YOUR_DATABASE;charset=utf8', 'YOUR_USER', 'YOUR_PASSWORD'); // Database connection string
 $yaptc_allowuseradvancedpunch = 'yes';            // Should we allow users to make manual punch entries?
 $yaptc_min_password = '8';                        // Minimum password length
 $yaptc_language = 'en';                           // 2-character language code for header and template.  See http://www.w3schools.com/tags/ref_language_codes.asp
-$timezone       = 'America/New_York';             // Primary timezone of system - eventually to work across timezones...
-$rowsperpage    = '25';                           // How many rows per page for tables?
+$yaptc_timezone       = 'America/New_York';             // Primary timezone of system - eventually to work across timezones...
+$yaptc_rowsperpage    = '25';                           // How many rows per page for tables?
 
 
 
@@ -18,8 +18,6 @@ $rowsperpage    = '25';                           // How many rows per page for
 //********** NO NEED TO EDIT PAST HERE **********//
 $yaptc_db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // Advanced PDO handling
 $yaptc_db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);         // Advanced PDO handling
-$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);       // Advanced PDO handling
-$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);               // Advanced PDO handling
 $_SESSION['yaptc_dir'] = $yaptc_dirpath;                            // Put absolute directory path in session
 $_SESSION['yaptc_url'] = $yaptc_webpath;                            // Put absolute url path in session
 $yaptc_inc             = $yaptc_dirpath . 'includes/';              // Concatenate an includes directory path
diff --git a/includes/functions.inc.php b/includes/functions.inc.php
index d1e15b3..4856097 100755
--- a/includes/functions.inc.php
+++ b/includes/functions.inc.php
@@ -76,10 +76,10 @@ function lang($phrase){
 $timenow = date('Y-m-d H:i:s');
 
 // This Version
-$yaptc_version = 'yaptc 0.8-beta';
+$yaptc_version = 'yaptc 0.9-beta';
 
 // Timezone from config
-date_default_timezone_set("$timezone");
+date_default_timezone_set("$yaptc_timezone");
 
 // Get user list for users management page
 function listUsers($yaptc_db) {
@@ -171,8 +171,8 @@ function getPunchStatus($yaptc_db, $userid)
 }
 
 // List punches sorted by intime.  Pass uid or % for all.  Pass limit to restrict row results.  Default is set to tons of 9's because no wildcard exists for limit in mysql or pgsql.  Limit can also include offset for pagination, i.e. "20,10" for a result of 10 records starting 20 records in
-function listPunches($db, $uid, $limit = "999999999999999", $offset = "0") {
-    $stmt = $db->prepare('
+function listPunches($yaptc_db, $uid, $limit = "999999999999999", $offset = "0") {
+    $stmt = $yaptc_db->prepare('
         SELECT
         ROUND(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600,2) AS punchhours,
         punches.id as punchid,
@@ -198,8 +198,8 @@ function listPunches($db, $uid, $limit = "999999999999999", $offset = "0") {
 }
 
 // Get user info from user id.  Pass uid or % for all.
-function getUserInfo($db, $uid, $limit = "999999999999999", $offset = "0") {
-    $stmt = $db->prepare('
+function getUserInfo($yaptc_db, $uid, $limit = "999999999999999", $offset = "0") {
+    $stmt = $yaptc_db->prepare('
         SELECT
         users.id AS userid,
         users.username AS username,
@@ -238,8 +238,8 @@ $stmt->execute(array(
 
 
 // Set user info from user id
-function setUserInfo($db, $uid, $firstname, $lastname, $email, $usertypeid, $password) {
-    $stmt = $db->prepare('
+function setUserInfo($yaptc_db, $uid, $firstname, $lastname, $email, $usertypeid, $password) {
+    $stmt = $yaptc_db->prepare('
         UPDATE
         yaptc.users
         SET
diff --git a/includes/menu.inc.php b/includes/menu.inc.php
index 2d65623..4ff2ee4 100755
--- a/includes/menu.inc.php
+++ b/includes/menu.inc.php
@@ -1,5 +1,5 @@
 <?php
-if (isset($_SESSION['user_id'])): $session_user = getUserInfo($db, $_SESSION['user_id'], "1", "0"); endif;
+if (isset($_SESSION['user_id'])): $session_user = getUserInfo($yaptc_db, $_SESSION['user_id'], "1", "0"); endif;
 $session_status = getSessionStatus();
 ?>
             <!-- SIDE MENU -->
diff --git a/index.php b/index.php
index 5cd249e..7de8104 100755
--- a/index.php
+++ b/index.php
@@ -1,6 +1,11 @@
 <?php
 session_start();
-require_once("config.inc.php");
+if(file_exists("config.inc.php")){
+  require_once("config.inc.php");
+}else{
+echo "Configuration file not found - please complete setup before continuing.";
+exit;
+}
 require_once($yaptc_inc . "functions.inc.php");
 $yaptc_pagename = lang('HOME');
 $yaptc_pageicon = '<i class="fa fa-home"></i>';
@@ -12,7 +17,7 @@ else: ?>
                     <!-- ********** BEGIN CONTENT ********** -->
 <?php
 // Get punch status for buttons and times
-$session_punch = listPunches($db, $session_user["0"]["userid"], 1);
+$session_punch = listPunches($yaptc_db, $session_user["0"]["userid"], 1);
 if (!isset($session_punch['0']['intime'])):
     $session_status = lang('OUT');
     $session_message = lang('PUNCH_STATUS') . ": " . lang('NO_PUNCHES');
diff --git a/manualpunch.php b/manualpunch.php
index 5d655a7..34de25a 100755
--- a/manualpunch.php
+++ b/manualpunch.php
@@ -48,10 +48,10 @@ header('Location: '.$_SERVER['PHP_SELF']);
 
 <?php 
 if (!empty($_POST['editpunch'])) {
-editPunch($db, $_POST['editpunch'], $_POST[$_POST['editpunch'] . "-intime"], $_POST[$_POST['editpunch'] . "-outtime"], $_POST[$_POST['editpunch'] . "-notes"]);
+editPunch($yaptc_db, $_POST['editpunch'], $_POST[$_POST['editpunch'] . "-intime"], $_POST[$_POST['editpunch'] . "-outtime"], $_POST[$_POST['editpunch'] . "-notes"]);
 }
 if (!empty($_POST['deletepunch'])) {
-deletePunch($db, $_POST['deletepunch']);
+deletePunch($yaptc_db, $_POST['deletepunch']);
 }
 
 // Set up pagination
@@ -62,10 +62,10 @@ if(!empty($_GET['pnum'])):
         $page_num = 1;
     endif;
 endif;
-$offset = ($page_num - 1) * $rowsperpage;
-$row_count = count(listPunches($db, "%"));
+$offset = ($page_num - 1) * $yaptc_rowsperpage;
+$row_count = count(listPunches($yaptc_db, "%"));
 $page_count = 0;
-if (0 === $row_count): else: $page_count = (int)ceil($row_count / $rowsperpage); if($page_num > $page_count): $page_num = 1; endif; endif;
+if (0 === $row_count): else: $page_count = (int)ceil($row_count / $yaptc_rowsperpage); if($page_num > $page_count): $page_num = 1; endif; endif;
 ?>
 
 
@@ -79,7 +79,7 @@ if (0 === $row_count): else: $page_count = (int)ceil($row_count / $rowsperpage);
                                 <tr><th><?php echo lang('IN') . "/" . lang('OUT'); ?></th><th><?php echo lang('NAME'); ?></th><th><?php echo lang('HOURS'); ?></th><th><?php echo lang('FLAG'); ?></th><th><?php echo lang('NOTES'); ?></th><th><?php echo lang('ACTIONS'); ?></th></tr>
                             </thead>
                             <tbody>
-<?php foreach (listPunches($db, "%", $rowsperpage, $offset) as $row): ?>
+<?php foreach (listPunches($yaptc_db, "%", $yaptc_rowsperpage, $offset) as $row): ?>
                                 <tr>
                                     <td><input type="text" name="<?php echo $row['punchid']; ?>-intime" value="<?php echo $row['intime']; ?>" /><input type="text" name="<?php echo $row['punchid']; ?>-outtime" value="<?php echo $row['outtime']; ?>" /></td><td><?php echo $row['lastname'] . ", " . $row['firstname']; ?></td><td><?php echo $row['punchhours']; ?></td><td><?php echo $row['modified']; ?></td><td><input type="text" name="<?php echo $row['punchid']; ?>-notes" value="<?php echo $row['notes']; ?>" /></td><td><nobr><button type="submit" name="editpunch" value="<?php echo $row['punchid']; ?>" class="pure-button button-success"><i class="fa fa-floppy-o fa-lg"></i></button> <button type="submit" name="deletepunch" value="<?php echo $row['punchid']; ?>" class="pure-button button-error"><i class="fa fa-trash-o fa-lg"></i></button></nobr></td>
                                 </tr>
diff --git a/mysql.sql b/mysql.sql
index 33fa612..85f8fbb 100755
--- a/mysql.sql
+++ b/mysql.sql
@@ -25,8 +25,8 @@ DROP TABLE IF EXISTS `punches`;
 /*!40101 SET @saved_cs_client     = @@character_set_client */;
 /*!40101 SET character_set_client = utf8 */;
 CREATE TABLE `punches` (
-  `id` int(11) unsigned zerofill NOT NULL AUTO_INCREMENT,
-  `userid` int(11) unsigned zerofill NOT NULL,
+  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
+  `userid` int(11) unsigned NOT NULL,
   `notes` varchar(255) DEFAULT NULL,
   `modified` tinyint(4) DEFAULT NULL,
   `intime` datetime NOT NULL,
@@ -54,14 +54,14 @@ DROP TABLE IF EXISTS `users`;
 /*!40101 SET @saved_cs_client     = @@character_set_client */;
 /*!40101 SET character_set_client = utf8 */;
 CREATE TABLE `users` (
-  `id` int(11) unsigned zerofill NOT NULL AUTO_INCREMENT,
+  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
   `username` varchar(50) NOT NULL,
   `password` varchar(60) NOT NULL,
   `email` varchar(100) DEFAULT NULL,
   `created` datetime NOT NULL,
   `firstname` varchar(50) DEFAULT NULL,
   `lastname` varchar(50) DEFAULT NULL,
-  `usertype` int(11) unsigned zerofill NOT NULL,
+  `usertype` int(11) unsigned NOT NULL,
   PRIMARY KEY (`id`),
   KEY `users_ibfk_1` (`usertype`),
   CONSTRAINT `users_ibfk_1` FOREIGN KEY (`usertype`) REFERENCES `usertypes` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
@@ -74,7 +74,7 @@ CREATE TABLE `users` (
 
 LOCK TABLES `users` WRITE;
 /*!40000 ALTER TABLE `users` DISABLE KEYS */;
-INSERT INTO `users` VALUES (00000000001,'admin','$2a$08$6WUE0S4UEYJO5.GMoCzjAO.W8y4Gage/tC7.SWEppWxwQO2ccjMgy','admin@example.com','2015-02-18 19:50:31','System','Administrator',00000000001);
+INSERT INTO `users` VALUES (1,'admin','$2a$08$6WUE0S4UEYJO5.GMoCzjAO.W8y4Gage/tC7.SWEppWxwQO2ccjMgy','admin@example.com','2015-02-18 19:50:31','System','Administrator',1);
 /*!40000 ALTER TABLE `users` ENABLE KEYS */;
 UNLOCK TABLES;
 
@@ -86,7 +86,7 @@ DROP TABLE IF EXISTS `usertypes`;
 /*!40101 SET @saved_cs_client     = @@character_set_client */;
 /*!40101 SET character_set_client = utf8 */;
 CREATE TABLE `usertypes` (
-  `id` int(11) unsigned zerofill NOT NULL AUTO_INCREMENT,
+  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
   `typename` varchar(50) CHARACTER SET latin1 NOT NULL,
   PRIMARY KEY (`id`)
 ) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8;
@@ -98,7 +98,7 @@ CREATE TABLE `usertypes` (
 
 LOCK TABLES `usertypes` WRITE;
 /*!40000 ALTER TABLE `usertypes` DISABLE KEYS */;
-INSERT INTO `usertypes` VALUES (00000000001,'Administrator'),(00000000002,'User');
+INSERT INTO `usertypes` VALUES (1,'Administrator'),(2,'User');
 /*!40000 ALTER TABLE `usertypes` ENABLE KEYS */;
 UNLOCK TABLES;
 /*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;
diff --git a/profile.php b/profile.php
index 4c45708..e7b52a4 100755
--- a/profile.php
+++ b/profile.php
@@ -13,7 +13,7 @@ else: ?>
 <?php
 if (isset($_POST['saveprofile'])):
     if (empty($_POST['password']) && empty($_POST['newpassword2'])):
-        setUserInfo($db, $session_user["0"]["userid"], $_POST['firstname'], $_POST['lastname'], $_POST['email'], $session_user["0"]["usertypeid"], $session_user["0"]["password"]);
+        setUserInfo($yaptc_db, $session_user["0"]["userid"], $_POST['firstname'], $_POST['lastname'], $_POST['email'], $session_user["0"]["usertypeid"], $session_user["0"]["password"]);
         header('Location: ' . $_SERVER['PHP_SELF']);
 elseif (strlen($_POST['password']) < $yaptc_min_password):
 echo "Password must be at least $yaptc_min_password characters.";
@@ -26,7 +26,7 @@ elseif (!empty($_POST['password']) && ($_POST['password'] = $_POST['newpassword2
 require_once($yaptc_lib . "phpass-0.3/PasswordHash.php");
     $hasher = new PasswordHash(8, FALSE);
     $password = $hasher->HashPassword($_POST['password']);
-setUserInfo($db, $session_user["0"]["userid"], $_POST['firstname'], $_POST['lastname'], $_POST['email'], $session_user["0"]["usertypeid"], $password);
+setUserInfo($yaptc_db, $session_user["0"]["userid"], $_POST['firstname'], $_POST['lastname'], $_POST['email'], $session_user["0"]["usertypeid"], $password);
         header('Location: ' . $_SERVER['PHP_SELF']);
 endif;
 endif;
@@ -39,10 +39,10 @@ if(!empty($_GET['pnum'])):
         $page_num = 1;
     endif;
 endif;
-$offset = ($page_num - 1) * $rowsperpage;
-$row_count = count(listPunches($db, $session_user["0"]["userid"]));
+$offset = ($page_num - 1) * $yaptc_rowsperpage;
+$row_count = count(listPunches($yaptc_db, $session_user["0"]["userid"]));
 $page_count = 0;
-if (0 === $row_count): else: $page_count = (int)ceil($row_count / $rowsperpage); if($page_num > $page_count): $page_num = 1; endif; endif;
+if (0 === $row_count): else: $page_count = (int)ceil($row_count / $yaptc_rowsperpage); if($page_num > $page_count): $page_num = 1; endif; endif;
 ?>
 
                     <h2 class="content-subhead"><?php echo lang('ACCOUNT_INFO_HEADER'); ?></h2>
@@ -89,7 +89,7 @@ if (0 === $row_count): else: $page_count = (int)ceil($row_count / $rowsperpage);
                             <tr><th><?php echo lang('IN') . " / " . lang('OUT'); ?></th><th><?php echo lang('HOURS'); ?></th><th><?php echo lang('FLAG'); ?></th><th><?php echo lang('NOTES'); ?></th></tr>
                         </thead>
                         <tbody>
-<?php foreach (listPunches($db, $session_user["0"]["userid"], $rowsperpage, $offset) as $row): ?>
+<?php foreach (listPunches($yaptc_db, $session_user["0"]["userid"], $yaptc_rowsperpage, $offset) as $row): ?>
                             <tr>
                                 <td><?php echo $row['intime'] . " / " . $row['outtime']; ?></td><td><?php echo $row['punchhours']; ?></td><td><?php echo $row['modified']; ?></td><td><?php echo $row['notes']; ?></td>
                             </tr>
diff --git a/reports.php b/reports.php
index a77ac32..bd3a867 100755
--- a/reports.php
+++ b/reports.php
@@ -55,7 +55,7 @@ else: ?>
     <?php endif; ?>
     <?php if ($_POST['reporttype'] == "All Punches"): ?><table class="pure-table pure-table-striped">
         <thead><tr><th>In</th><th>Out</th><th>Name</th><th>Hours</th><th>Flagged</th><th>Notes</th></tr></thead>
-        <tbody><?php foreach (listPunches($db, "%") as $row): ?>
+        <tbody><?php foreach (listPunches($yaptc_db, "%") as $row): ?>
         <tr><td><?php echo $row['intime']; ?></td><td><?php echo $row['outtime']; ?></td><td><?php echo $row['lastname'] . ", " . $row['firstname']; ?></td><td><?php echo $row['punchhours']; ?></td><td><?php echo $row['modified']; ?></td><td><?php echo $row['notes']; ?></td></tr><?php endforeach; ?>
         </tbody>
         </table>
diff --git a/users.php b/users.php
index 0ded193..553e901 100755
--- a/users.php
+++ b/users.php
@@ -138,10 +138,10 @@ if(!empty($_GET['pnum'])):
         $page_num = 1;
     endif;
 endif;
-$offset = ($page_num - 1) * $rowsperpage;
-$row_count = count(getUserInfo($db, "%"));
+$offset = ($page_num - 1) * $yaptc_rowsperpage;
+$row_count = count(getUserInfo($yaptc_db, "%"));
 $page_count = 0;
-if (0 === $row_count): else: $page_count = (int)ceil($row_count / $rowsperpage); if($page_num > $page_count): $page_num = 1; endif; endif;
+if (0 === $row_count): else: $page_count = (int)ceil($row_count / $yaptc_rowsperpage); if($page_num > $page_count): $page_num = 1; endif; endif;
 ?>
 
                     <h2 class="content-subhead"><i class="fa fa-list"></i> <?php echo lang('USER_LIST_HEADER'); ?></h2>
@@ -152,7 +152,7 @@ if (0 === $row_count): else: $page_count = (int)ceil($row_count / $rowsperpage);
                             <tr><th><?php echo lang('NAME'); ?></th><th><?php echo lang('USERNAME'); ?></th><th><?php echo lang('EMAIL'); ?></th><th><?php echo lang('CREATED'); ?></th><th><?php echo lang('USERTYPE'); ?></th><th><?php echo lang('ACTIONS'); ?></th></tr>
                         </thead>
                         <tbody>
-<?php foreach (getUserInfo($db, "%", $rowsperpage, $offset) as $row): ?>
+<?php foreach (getUserInfo($yaptc_db, "%", $yaptc_rowsperpage, $offset) as $row): ?>
                             <tr>
                                 <td><?php echo $row['lastname'] . ", " . $row['firstname']; ?></td><td><?php echo $row['username']; ?></td><td><?php echo $row['email']; ?></td><td><?php echo $row['created']; ?></td><td><?php echo $row['usertype']; ?></td><td><form method="post" onsubmit="return confirm('<?php echo lang('DELETE_WARNING'); ?>')"><input type="hidden" id="_METHOD" name="_METHOD" value="DELETE" /><input type="hidden" id="deleteid" name="deleteid" value="<?php echo $row['userid']; ?>" /><button class="button-error pure-button" id="deluser" name="deluser" value="deluser" type="submit" <?php if ($row['username'] == "admin"): echo "disabled"; endif; ?>><i class="fa fa-trash"></i> </button></form></td>
                             </tr>