Point808/yaptc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

optimization, begin refactor, basic reports

Browse Source
This commit is contained in:
Josh North 2015-02-18 05:13:53 -05:00
parent 6a4e186800
commit 437eaa1fbb
6 changed files with 204 additions and 149 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
config.inc.php.example
View File

@ -6,7 +6,7 @@
$yaptc_appname = 'Timecard System'; // Program name to display in title bar
$yaptc_company = 'Widgets, Inc.'; // Your company name
$sql = new PDO('mysql:host=localhost;dbname=your_database;', 'your_user', 'your_password'); // Database connection string
$adminmessage = ''; // Message will display on all pages!
//********** NO NEED TO EDIT PAST HERE **********//
@ -17,4 +17,3 @@
$yaptc_lib = $yaptc_dirpath . 'lib/';
$yaptc_libweb = $yaptc_webpath . 'lib/';
?>

1
includes/menu.inc.php
View File

@ -40,6 +40,7 @@
<div class="header">
<h1><?php echo $yaptc_pagename; ?></h1>
<h2><?php if (isset($_SESSION['user_id'])) {echo "User: " . $_SESSION['firstname'] . ' ' . $_SESSION['lastname'];} else {echo "Please log in to use the timecard system";}?></h2>
<h4><?php if (!empty($adminmessage)) {echo "<div class=\"successmessage\">" . $adminmessage . "</div>"; } ?></h4>
</div>
<div class="content">

60
index.php
View File

@ -17,25 +17,31 @@ else
{
//********** BEGIN CONTENT **********//
$userid = $_SESSION['user_id'];
// This is to get the current user status - in or out - and the notes and times associated for use in the form
$result = $sql->prepare("SELECT punches.id as punchid, users.id as user, punches.intime as intime, punches.outtime as outtime, punches.notes as notes FROM punches INNER JOIN users ON punches.userid = users.id WHERE users.id = $userid ORDER BY punches.id DESC LIMIT 1");
$result->execute();
$last = $result->fetchObject();
// Let's build the page - this is the header with current status
echo "<h2 class=\"content-subhead\">Current Status</h2>";
if(!isset($last->user))
{
echo "<p>You do not appear to have any punches on record.</p>";
$status = "Out";
}
else
{
if (!empty($last->outtime)) { $status = "Out"; $statustime = $last->outtime; } else { $status = "In"; $statustime = $last->intime; $punchid = $last->punchid; $notes = $last->notes; }
if(!isset($last->user)) {
echo "<p>You do not appear to have any punches on record.</p>";
$status = "Out";
} else {
if (!empty($last->outtime)) { $status = "Out"; $statustime = $last->outtime; } else { $status = "In"; $statustime = $last->intime; $punchid = $last->punchid; $notes = $last->notes; }
echo "<p>You have been Punched $status since " . date('g:i a \o\n M jS, Y', strtotime($statustime)) . ".</p>";
}
echo "<h2 class=\"content-subhead\">Quick Punch</h2>";
echo "<p>Clicking the button below will immediately enter a new punch for you depending on your current status. Any notes you enter will be attached to the punch for your administrator to review.</p>";
echo "<form class=\"pure-form pure-form-stacked\" action=\"index.php\" method=\"post\">";
echo "<fieldset>";
if (isset($notes)) {
echo "<input class=\"pure-input-1\" type=\"text\" name=\"notes\" placeholder=\"Enter notes if needed\" maxlength=\"255\" value=\"$notes\">";
} else {
echo "<input class=\"pure-input-1\" type=\"text\" name=\"notes\" placeholder=\"Enter notes if needed\" maxlength=\"255\">";
}
echo "<div class=\"pure-controls\">";
if ($status=="In") {
echo "<button type=\"submit\" class=\"pure-button button-xlarge button-success pure-button-disabled\">Punch IN</button>";
@ -46,32 +52,34 @@ echo "<button type=\"submit\" class=\"pure-button button-xlarge button-error pur
}
echo "</div>";
if (!empty($_POST)) {
if (!empty($_POST['notes'])) {
$p_notes = $_POST['notes'];
} else {
$p_notes = "";
}
// If the posted variables are not empty, we must be trying to insert a new punch. Use the form values to insert new record
if (!empty($_POST)) {
// Is the notes field set? If so, use, otherwise set to null
if (isset($_POST['notes'])) { if (!empty($_POST['notes'])) { $p_notes = $_POST['notes']; } else { $p_notes = NULL; } } else { $p_notes = NULL; }
// Is the user currently punched in? If so, insert the punch out record, otherwise, insert a new punch in
if ($status=="In") {
$query = "UPDATE punches SET outtime = NOW(), notes = :p_notes WHERE id = :p_punchid";
$stmt = $sql->prepare($query);
$stmt->execute(array(
':p_punchid' => $punchid,
':p_notes' => $p_notes,
$query = "UPDATE punches SET outtime = NOW(), notes = :p_notes WHERE id = :p_punchid";
$stmt = $sql->prepare($query);
$stmt->execute(array(
':p_punchid' => $punchid,
':p_notes' => $p_notes,
));
} else {
$query = "INSERT INTO punches (userid, notes, intime) VALUES (:p_userid, :p_notes, NOW())";
$stmt = $sql->prepare($query);
$stmt->execute(array(
':p_userid' => $_SESSION['user_id'],
':p_notes' => $p_notes,
$query = "INSERT INTO punches (userid, notes, intime) VALUES (:p_userid, :p_notes, NOW())";
$stmt = $sql->prepare($query);
$stmt->execute(array(
':p_userid' => $_SESSION['user_id'],
':p_notes' => $p_notes,
));
}
}
// And then send user back to this page to see the updates
header('Location: '.$_SERVER['PHP_SELF']);
exit;
}
// Close out the form...
echo "</fieldset>";
echo "</form>";

80
profile.php
View File

@ -4,7 +4,6 @@ require_once("config.inc.php");
$yaptc_pagename = "Profile";
require_once($yaptc_inc . "header.inc.php");
require_once($yaptc_inc . "menu.inc.php");
//********** BEGIN CONTENT **********//
// Is user logged in? If not, they shouldn't be here - kill all variables and redirect to login...
if (!isset($_SESSION['user_id']) || !isset($_SESSION['signature']) || !isset($_SESSION['loggedIn']) || $_SESSION['loggedIn'] != true || $_SESSION['signature'] != md5($_SESSION['user_id'] . $_SERVER['HTTP_USER_AGENT']))
{
@ -16,43 +15,46 @@ echo "<h2 class=\"content-subhead\">You are not logged in!!!</h2>";
}
else
{
echo "<h2 class=\"content-subhead\">Profile Information</h2>";
echo "<p>You may make changes to your user profile below if you wish. Updates will take effect immediately on pressing \"Save\".</p>";
$query = "SELECT users.id, users.password, users.created, users.username, users.firstname, users.lastname, users.email, usertypes.typename AS usertype
FROM users, usertypes
WHERE users.id = :id";
$stmt = $sql->prepare($query);
$stmt->execute(array(':id' => $_SESSION['user_id']));
$user = $stmt->fetchObject();
echo "<form class=\"pure-form pure-form-aligned\" action=\"profile.php\" method=\"post\">";
echo "<fieldset>";
echo "<div class=\"pure-control-group\">";
echo "<label for=\"username\">Username</label>";
echo "<input class=\"pure-input-1-2\" type=\"text\" name=\"username\" maxlength=\"50\" value=\"$user->username\" readonly>";
echo "</div>";
echo "<div class=\"pure-control-group\">";
echo "<label for=\"created\">Created</label>";
echo "<input class=\"pure-input-1-2\" type=\"text\" name=\"created\" value=\"$user->created\" readonly>";
echo "</div>";
echo "<div class=\"pure-control-group\">";
echo "<label for=\"usertype\">User Type</label>";
echo "<input class=\"pure-input-1-2\" type=\"text\" name=\"usertype\" maxlength=\"50\" value=\"$user->usertype\" readonly>";
echo "</div>";
echo "<div class=\"pure-control-group\">";
echo "<label for=\"firstname\">First Name</label>";
echo "<input class=\"pure-input-1-2\" type=\"text\" name=\"firstname\" maxlength=\"50\" value=\"$user->firstname\">";
echo "</div>";
echo "<div class=\"pure-control-group\">";
echo "<label for=\"lastname\">Last Name</label>";
echo "<input class=\"pure-input-1-2\" type=\"text\" name=\"lastname\" maxlength=\"50\" value=\"$user->lastname\">";
echo "</div>";
echo "<div class=\"pure-control-group\">";
echo "<label for=\"email\">Email</label>";
echo "<input class=\"pure-input-1-2\" type=\"text\" name=\"email\" maxlength=\"100\" value=\"$user->email\">";
echo "</div>";
echo "<div class=\"pure-controls\">";
echo "<button type=\"submit\" class=\"pure-button button-xlarge button-success\">Save</button>";
echo "</div>";
//********** BEGIN CONTENT **********//
$query = "SELECT users.id, users.password, users.created, users.username, users.firstname, users.lastname, users.email, usertypes.typename AS usertype FROM users, usertypes WHERE users.id = :id";
$stmt = $sql->prepare($query);
$stmt->execute(array(':id' => $_SESSION['user_id']));
$user = $stmt->fetchObject();
?>
<h2 class\"content-subhead">Profile Information</h2>
<p>You may make changes to your user profile below if you wish. Updates will take effect immediately on pressing "Save".</p>
<form class="pure-form pure-form-aligned" action="profile.php" method="post">
<fieldset>
<div class="pure-control-group">
<label for="username">Username</label>
<input type="text" name="username" maxlength="50" value="<?php echo $user->username; ?>" readonly>
</div>
<div class="pure-control-group">
<label for="created">Created</label>
<input type="text" name="created" value="<?php echo $user->created; ?>" readonly>
</div>
<div class="pure-control-group">
<label for="usertype">User Type</label>
<input type="text" name="usertype" maxlength="50" value="<?php echo $user->usertype; ?>" readonly>
</div>
<div class="pure-control-group">
<label for="firstname">First Name</label>
<input type="text" name="firstname" maxlength="50" value="<?php echo $user->firstname; ?>">
</div>
<div class="pure-control-group">
<label for="lastname">Last Name</label>
<input type="text" name="lastname" maxlength="50" value="<?php echo $user->lastname; ?>">
</div>
<div class="pure-control-group">
<label for="email">Email</label>
<input type="text" name="email" maxlength="100" value="<?php echo $user->email; ?>">
</div>
<div class="pure-controls">
<button type="submit" class="pure-button button-xlarge button-success">Save</button>
</div>
<?php
if (!empty($_POST)) {
$query = "UPDATE users SET firstname = :firstname, lastname = :lastname, email = :email WHERE id = :userid";
$stmt = $sql->prepare($query);
@ -67,10 +69,10 @@ exit;
}
echo "</fieldset>";
echo "</form>";
}
//********** END CONTENT **********//
}
require_once($yaptc_inc . "footer.inc.php");
?>

102
punchlog.php
View File

@ -17,48 +17,34 @@ else
{
//********** BEGIN CONTENT **********//
$userid = $_SESSION['user_id'];
$nowarray = explode("-", date("Y-m-d-H-i"));
$timenow = date('Y-m-d H:i');
// This is to get the current user status - in or out - and the notes and times associated for use in the form
$result = $sql->prepare("SELECT punches.id as punchid, users.id as user, punches.intime as intime, punches.outtime as outtime, punches.notes as notes FROM punches INNER JOIN users ON punches.userid = users.id WHERE users.id = $userid ORDER BY punches.id DESC LIMIT 1");
$result->execute();
$last = $result->fetchObject();
// Let's build the page - this is the header with current status
echo "<h2 class=\"content-subhead\">Advanced Punch</h2>";
if(!isset($last->user))
{
$status = "Out";
}
else
{
if (!empty($last->outtime)) { $status = "Out"; $statustime = $last->outtime; } else { $status = "In"; $statustime = $last->intime; $punchid = $last->punchid; $notes = $last->notes; }
if(!isset($last->user)) {
echo "<p>You do not appear to have any punches on record.</p>";
$status = "Out";
} else {
if (!empty($last->outtime)) { $status = "Out"; $statustime = $last->outtime; } else { $status = "In"; $statustime = $last->intime; $punchid = $last->punchid; $notes = $last->notes; }
echo "<p>You have been Punched $status since " . date('g:i a \o\n M jS, Y', strtotime($statustime)) . ".</p>";
}
echo "<p>Use this form to enter a specific time on your punch. NOTE: changing the time from the current time will cause a flag on your log for the administrator to review, so we suggest you enter a reason why in the notes field (i.e. forgot punch, working from home, system down, etc).</p>";
echo "<form class=\"pure-form pure-form-stacked\" action=\"punchlog.php\" method=\"post\">";
echo "<fieldset>";
echo "<div class=\"pure-g\">";
echo "<div class=\"pure-u-1 pure-u-md-1-3\">";
echo "<label for=\"year\">Year</label>";
echo "<input type=\"text\" name=\"year\" maxlength=\"4\" placeholder=" . $nowarray[0] . ">";
echo "</div>";
echo "<div class=\"pure-u-1 pure-u-md-1-3\">";
echo "<label for=\"month\">Month</label>";
echo "<input type=\"text\" name=\"month\" maxlength=\"2\" placeholder=" . $nowarray[1] . ">";
echo "</div>";
echo "<div class=\"pure-u-1 pure-u-md-1-3\">";
echo "<label for=\"day\">Day</label>";
echo "<input type=\"text\" name=\"day\" maxlength=\"2\" placeholder=" . $nowarray[2] . ">";
echo "</div>";
echo "<div class=\"pure-u-1 pure-u-md-1-3\">";
echo "<label for=\"hour\">Hour (24-hr format)</label>";
echo "<input type=\"text\" name=\"hour\" maxlength=\"2\" placeholder=" . $nowarray[3] . ">";
echo "</div>";
echo "<div class=\"pure-u-1 pure-u-md-1-3\">";
echo "<label for=\"minute\">Minute</label>";
echo "<input type=\"text\" name=\"minute\" maxlength=\"2\" placeholder=" . $nowarray[4] . ">";
echo "</div>";
echo "<div class=\"pure-u-1 pure-u-md-1-3\">";
echo "<label for=\"punchtime\">Punch Time</label>";
echo "<input type=\"text\" name=\"punchtime\" placeholder=\"$timenow\" maxlength=\"20\">";
echo "<label for=\"notes\">Notes</label>";
if (isset($notes)) {
echo "<input type=\"text\" name=\"notes\" placeholder=\"Enter notes if needed\" maxlength=\"255\" value=\"$notes\">";
echo "</div>";
echo "</div>";
} else {
echo "<input type=\"text\" name=\"notes\" placeholder=\"Enter notes if needed\" maxlength=\"255\">";
}
echo "<div class=\"pure-controls\">";
if ($status=="In") {
echo "<button type=\"submit\" class=\"pure-button button-xlarge button-success pure-button-disabled\">Punch IN</button>";
@ -68,39 +54,47 @@ echo "<button type=\"submit\" class=\"pure-button button-xlarge button-success\"
echo "<button type=\"submit\" class=\"pure-button button-xlarge button-error pure-button-disabled\">Punch OUT</button>";
}
echo "</div>";
if (!empty($_POST)) {
if (!empty($_POST['notes'])) {
$p_notes = $_POST['notes'];
} else {
$p_notes = "";
}
$p_punchtime = $_POST['year'] . "-" . $_POST['month'] . "-" . $_POST['day'] . " " . $_POST['hour'] . ":" . $_POST['minute'] . ":00";
// If the posted variables are not empty, we must be trying to insert a new punch. Use the form values to insert new record
if (!empty($_POST)) {
// Is the notes field set? If so, use, otherwise set to null
if (isset($_POST['notes'])) { if (!empty($_POST['notes'])) { $p_notes = $_POST['notes']; } else { $p_notes = NULL; } } else { $p_notes = NULL; }
// Is the punch time field set? If so, use, otherwise set to now
if (isset($_POST['punchtime'])) {
if (!empty($_POST['punchtime'])) { $p_punchtime = $_POST['punchtime'] . ':00'; $p_modified = "1"; } else { $p_punchtime = $timenow . ':00'; $p_modified = "0"; }
} else { $p_punchtime = $timenow . ':00'; $p_modified = "0"; }
// Is the user currently punched in? If so, insert the punch out record, otherwise, insert a new punch in
if ($status=="In") {
$query = "UPDATE punches SET outtime = :p_punchtime, notes = :p_notes WHERE id = :p_punchid";
$stmt = $sql->prepare($query);
$stmt->execute(array(
$query = "UPDATE punches SET outtime = :p_punchtime, notes = :p_notes, modified = :p_modified WHERE id = :p_punchid";
$stmt = $sql->prepare($query);
$stmt->execute(array(
':p_punchid' => $punchid,
':p_notes' => $p_notes,
':p_punchtime' => $p_punchtime
':p_punchtime' => $p_punchtime,
':p_modified' => $p_modified,
));
} else {
$query = "INSERT INTO punches (userid, notes, intime) VALUES (:p_userid, :p_notes, :p_punchtime)";
$stmt = $sql->prepare($query);
$stmt->execute(array(
':p_userid' => $_SESSION['user_id'],
$query = "INSERT INTO punches (userid, notes, intime, modified) VALUES (:p_userid, :p_notes, :p_punchtime, :p_modified)";
$stmt = $sql->prepare($query);
$stmt->execute(array(
':p_userid' => $_SESSION['user_id'],
':p_notes' => $p_notes,
':p_punchtime' => $p_punchtime
':p_punchtime' => $p_punchtime,
':p_modified' => $p_modified,
));
}
}
// And then send user back to this page to see the updates
header('Location: '.$_SERVER['PHP_SELF']);
exit;
}
// Close out the form...
echo "</fieldset>";
echo "</form>";

107
reports.php
View File

@ -16,18 +16,21 @@ echo "<h2 class=\"content-subhead\">You are not logged in!!!</h2>";
else
{
//********** BEGIN CONTENT **********//
echo "<h2 class=\"content-subhead\">Punch History</h2>";
echo "<p>Below is your company punch history. You can use the form boxes to narrow down the results as needed, by date, user, or a combination.</p>";
echo "<p>Below is your company punch history. The below drop-down can be used to select pre-configured reports. Other reports are currently being written.</p>";
echo "<form class=\"pure-form pure-form-stacked\" action=\"reports.php\" method=\"post\">";
echo " <fieldset>";
echo " <div class=\"pure-g\">";
echo " <div class=\"pure-u-1 pure-u-md-1-3\">";
echo " <label for=\"order\">Sort Order</label>";
echo " <select name=\"order\" class=\"pure-input-1-2\">";
echo " <option>Newest to Oldest</option>";
echo " <option>Oldest to Newest</option>";
echo " <div class=\"pure-u-1\">";
echo " <label for=\"reporttype\">Report Type</label>";
echo " <select name=\"reporttype\" class=\"pure-input-1-2\">";
if (isset($_POST['reporttype'])) { echo "<option value=\"" . $_POST['reporttype'] . "\">" . $_POST['reporttype'] . "</option><option>----------</option>";}
else { echo "<option></option>";}
echo " <option value=\"Hours per week per user\">Hours per week per user</option>";
echo " <option value=\"Hours per month per user\">Hours per month per user</option>";
echo " </select>";
echo " </div>";
echo " </div>";
@ -35,18 +38,15 @@ echo " <button type=\"submit\" class=\"pure-button pure-button-primary\">
echo " </fieldset>";
echo "</form>";
// tag order to query depending on drop-down
if ($_POST['order'] == "Newest to Oldest") {
$order="ORDER BY punches.id DESC"; }
else {
$order="ORDER BY punches.id"; }
// actual query
if (isset($_POST['reporttype'])) {
if ($_POST['reporttype'] == "Hours per week per user") {
$query = "SELECT
YEAR(punches.intime) AS g_year,
WEEK(punches.intime) AS g_week,
SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600) AS punchhours,
punches.id as punchid,
users.id as user,
users.username as username,
users.firstname as firstname,
users.lastname as lastname,
punches.intime as intime,
@ -54,34 +54,85 @@ $query = "SELECT
punches.notes as notes,
punches.modified as modified
FROM punches
INNER JOIN users ON punches.userid = users.id $order";
$stmt = $sql->prepare($query);
INNER JOIN users ON punches.userid = users.id
GROUP BY g_year, g_week, users.username;";
$stmt = $sql->prepare($query);
$stmt->execute();
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
//set up table header and open table
echo '<table class="pure-table">';
echo '<thead>';
echo '<tr>';
echo '<th>First Name</th>';
echo '<th>Last Name</th>';
echo '<th>Time In</th>';
echo '<th>Time Out</th>';
echo '<th>Year</th>';
echo '<th>Week#</th>';
echo '<th>Username</th>';
echo '<th>Hours</th>';
echo '<th>Flag</th>';
echo '<th>Notes</th>';
echo '</tr>';
echo '</thead>';
echo '<tbody>';
// $rows is an array containing all records...
foreach ($rows as $row)
echo "<tr><td>" . $row['firstname'] . "</td><td>" . $row['lastname'] . "</td><td>" . $row['intime'] . "</td><td>" . $row['outtime'] . "</td><td>" . $row['hours'] . "</td><td>" . $row['flag'] . "</td><td>" . $row['notes'] . "</td></tr>";
foreach ($rows as $row) {
echo "<tr>";
echo "<td>" . $row['g_year'] . "</td>";
echo "<td>" . $row['g_week'] . "</td>";
echo "<td>" . $row['username'] . "</td>";
echo "<td>" . $row['punchhours'] . "</td>";
echo "</tr>";
}
echo '</tbody>';
echo '</table>';
}
elseif ($_POST['reporttype'] == "Hours per month per user") {
$query = "SELECT
YEAR(punches.intime) AS g_year,
MONTH(punches.intime) AS g_month,
SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600) AS punchhours,
punches.id as punchid,
users.id as user,
users.username as username,
users.firstname as firstname,
users.lastname as lastname,
punches.intime as intime,
punches.outtime as outtime,
punches.notes as notes,
punches.modified as modified
FROM punches
INNER JOIN users ON punches.userid = users.id
GROUP BY g_year, g_month, users.username;";
$stmt = $sql->prepare($query);
$stmt->execute();
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
//set up table header and open table
echo '<table class="pure-table">';
echo '<thead>';
echo '<tr>';
echo '<th>Year</th>';
echo '<th>Month</th>';
echo '<th>Username</th>';
echo '<th>Hours</th>';
echo '</tr>';
echo '</thead>';
echo '<tbody>';
// $rows is an array containing all records...
foreach ($rows as $row) {
echo "<tr>";
echo "<td>" . $row['g_year'] . "</td>";
echo "<td>" . $row['g_month'] . "</td>";
echo "<td>" . $row['username'] . "</td>";
echo "<td>" . $row['punchhours'] . "</td>";
echo "</tr>";
}
echo '</tbody>';
echo '</table>';
}
else {
echo "no query";
}
} else { echo "no query"; }
//********** END CONTENT **********//
}