From 45911a2da1601775b99d0146cedd0746b7508684 Mon Sep 17 00:00:00 2001 From: Josh North Date: Fri, 20 Feb 2015 05:16:28 -0500 Subject: [PATCH] major updates to functions, split off from config file, etc --- LICENSE (pickadate) | 7 -- config.inc.php.example | 90 +++-------------------- includes/functions.inc.php | 101 +++++++++++++++++++++++++ index.php | 146 ++++++++++++------------------------- login.php | 30 ++++---- logout.php | 29 +++----- profile.php | 1 + punchlog.php | 18 ++--- reports.php | 13 ++-- users.php | 14 ++-- 10 files changed, 201 insertions(+), 248 deletions(-) delete mode 100755 LICENSE (pickadate) create mode 100755 includes/functions.inc.php diff --git a/LICENSE (pickadate) b/LICENSE (pickadate) deleted file mode 100755 index 826bab2..0000000 --- a/LICENSE (pickadate) +++ /dev/null @@ -1,7 +0,0 @@ -Copyright 2014 Amsul, http://amsul.ca - -Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/config.inc.php.example b/config.inc.php.example index cbdec40..b50cf08 100755 --- a/config.inc.php.example +++ b/config.inc.php.example @@ -9,83 +9,17 @@ $yaptc_db = new PDO('mysql:host=localhost;dbname=YOUR_DATABASE;charset=utf $yaptc_adminmsg = ''; // Message will display on all pages! + + + + //********** NO NEED TO EDIT PAST HERE **********// -$_SESSION['yaptc_dir'] = $yaptc_dirpath; -$_SESSION['yaptc_url'] = $yaptc_webpath; -$yaptc_inc = $yaptc_dirpath . 'includes/'; -$yaptc_incweb = $yaptc_webpath . 'includes/'; -$yaptc_lib = $yaptc_dirpath . 'lib/'; -$yaptc_libweb = $yaptc_webpath . 'lib/'; - -// db settings -$yaptc_db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); -$yaptc_db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); - -// Get user list for users management page -function listUsers($yaptc_db) { - $stmt = $yaptc_db->query("SELECT users.id as userid, users.username as username, users.email as email, users.created as created, users.firstname as firstname, users.lastname as lastname, users.usertype as usertypeid, usertypes.typename as usertype -FROM yaptc.users -INNER JOIN usertypes ON users.usertype = usertypes.id -ORDER BY users.lastname ASC;"); - return $stmt->fetchAll(PDO::FETCH_ASSOC); -} - -// Update user profile -function updateUserProfile($yaptc_db, $userid, $firstname, $lastname, $email) -{ -$stmt = $yaptc_db->prepare("UPDATE users SET firstname = :firstname, lastname = :lastname, email = :email WHERE id = :userid;"); -$stmt->execute(array( - ':userid' => $userid, - ':firstname' => $firstname, - ':lastname' => $lastname, - ':email' => $email - )); -} - - -// Get login status - returns true or false -function getSessionStatus() -{ - if (!isset($_SESSION['user_id']) || !isset($_SESSION['signature']) || !isset($_SESSION['loggedIn']) || $_SESSION['loggedIn'] != true || $_SESSION['signature'] != md5($_SESSION['user_id'] . $_SERVER['HTTP_USER_AGENT'])) { - return false; - } else { - return true; - } -} - -// Kick user and go to login -function killSession() -{ - session_unset(); - session_destroy(); - session_write_close(); - header("Location: login.php"); -} - -// Get user access level. Call with $sql passed or it will not work correctly -function getSessionAccess($yaptc_db) -{ - if (isset($_SESSION['user_id'])) { - $query3 = "SELECT users.id as userid, usertypes.typename AS usertype FROM users, usertypes WHERE users.id = :id"; - $stmt3 = $yaptc_db->prepare($query3); - $stmt3->execute(array( - ':id' => $_SESSION['user_id'] - )); - $user3 = $stmt3->fetchObject(); - return $user3->usertype; - } -} - -// Report - Weekly Hours by Week then User -function reportWeeklyByUser($yaptc_db) { - $stmt = $yaptc_db->query("SELECT YEAR(punches.intime) AS g_year, WEEK(punches.intime) AS g_week, ROUND(SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600),2) AS punchhours, punches.id as punchid, users.id as user, users.username as username, users.firstname as firstname, users.lastname as lastname, punches.intime as intime, punches.outtime as outtime, punches.notes as notes, punches.modified as modified FROM punches INNER JOIN users ON punches.userid = users.id GROUP BY g_year, g_week, users.username;"); - return $stmt->fetchAll(PDO::FETCH_ASSOC); -} - -// Report - Monthly Hours by Month then User -function reportMonthlyByUser($yaptc_db) { - $stmt = $yaptc_db->query("SELECT YEAR(punches.intime) AS g_year, MONTHNAME(punches.intime) AS g_month, ROUND(SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600),2) AS punchhours, punches.id as punchid, users.id as user, users.username as username, users.firstname as firstname, users.lastname as lastname, punches.intime as intime, punches.outtime as outtime, punches.notes as notes, punches.modified as modified FROM punches INNER JOIN users ON punches.userid = users.id GROUP BY g_year, g_month, users.username;"); - return $stmt->fetchAll(PDO::FETCH_ASSOC); -} - +$yaptc_db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // Advanced PDO handling +$yaptc_db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); // Advanced PDO handling +$_SESSION['yaptc_dir'] = $yaptc_dirpath; // Put absolute directory path in session +$_SESSION['yaptc_url'] = $yaptc_webpath; // Put absolute url path in session +$yaptc_inc = $yaptc_dirpath . 'includes/'; // Concatenate an includes directory path +$yaptc_incweb = $yaptc_webpath . 'includes/'; // Concatenate an includes url path +$yaptc_lib = $yaptc_dirpath . 'lib/'; // Concatenate a lib directory path +$yaptc_libweb = $yaptc_webpath . 'lib/'; // Concatenate a lib url path ?> diff --git a/includes/functions.inc.php b/includes/functions.inc.php new file mode 100755 index 0000000..d7e42e3 --- /dev/null +++ b/includes/functions.inc.php @@ -0,0 +1,101 @@ +query("SELECT users.id as userid, users.username as username, users.email as email, users.created as created, users.firstname as firstname, users.lastname as lastname, users.usertype as usertypeid, usertypes.typename as usertype +FROM yaptc.users +INNER JOIN usertypes ON users.usertype = usertypes.id +ORDER BY users.lastname ASC;"); + return $stmt->fetchAll(PDO::FETCH_ASSOC); +} + +// Update user profile +function updateUserProfile($yaptc_db, $userid, $firstname, $lastname, $email) +{ +$stmt = $yaptc_db->prepare("UPDATE users SET firstname = :firstname, lastname = :lastname, email = :email WHERE id = :userid;"); +$stmt->execute(array( + ':userid' => $userid, + ':firstname' => $firstname, + ':lastname' => $lastname, + ':email' => $email + )); +} + + +// Get login status - returns true or false +function getSessionStatus() +{ + if (!isset($_SESSION['user_id']) || !isset($_SESSION['signature']) || !isset($_SESSION['loggedIn']) || $_SESSION['loggedIn'] != true || $_SESSION['signature'] != md5($_SESSION['user_id'] . $_SERVER['HTTP_USER_AGENT'])) { + return false; + } else { + return true; + } +} + +// Kick user and go to login +function killSession() +{ + session_unset(); + session_destroy(); + session_write_close(); + header("Location: login.php"); +} + +// Get user access level. Call with $sql passed or it will not work correctly +function getSessionAccess($yaptc_db) +{ + if (isset($_SESSION['user_id'])) { + $query3 = "SELECT users.id as userid, usertypes.typename AS usertype FROM users, usertypes WHERE users.id = :id"; + $stmt3 = $yaptc_db->prepare($query3); + $stmt3->execute(array( + ':id' => $_SESSION['user_id'] + )); + $user3 = $stmt3->fetchObject(); + return $user3->usertype; + } +} + +// Punch Out +function punchOut($yaptc_db, $punchid, $notes) +{ +$stmt = $yaptc_db->prepare("UPDATE punches SET punches.outtime = NOW(), punches.notes = :notes WHERE punches.id = :punchid;"); +$stmt->execute(array( + ':punchid' => $punchid, + ':notes' => $notes + )); +} + +// Punch In +function punchIn($yaptc_db, $userid, $notes) +{ +$stmt = $yaptc_db->prepare("INSERT INTO punches (punches.userid, punches.notes, punches.intime) VALUES (:userid, :notes, NOW());"); +$stmt->execute(array( + ':userid' => $userid, + ':notes' => $notes + )); +} + +// Get punch status - returns array +function getPunchStatus($yaptc_db, $userid) +{ + $stmt = $yaptc_db->prepare("SELECT punches.id as punchid, users.id as userid, punches.intime as intime, punches.outtime as outtime, punches.notes as notes FROM punches INNER JOIN users ON punches.userid = users.id WHERE users.id = :userid ORDER BY punches.intime DESC LIMIT 1;"); + $stmt->execute(array( + ':userid' => $userid + )); + $result = $stmt->fetch( PDO::FETCH_ASSOC ); + return array ($result['punchid'], $result['userid'], $result['intime'], $result['outtime'], $result['notes']); +} + +// Report - Weekly Hours by Week then User +function reportWeeklyByUser($yaptc_db) { + $stmt = $yaptc_db->query("SELECT YEAR(punches.intime) AS g_year, WEEK(punches.intime) AS g_week, ROUND(SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600),2) AS punchhours, punches.id as punchid, users.id as user, users.username as username, users.firstname as firstname, users.lastname as lastname, punches.intime as intime, punches.outtime as outtime, punches.notes as notes, punches.modified as modified FROM punches INNER JOIN users ON punches.userid = users.id GROUP BY g_year, g_week, users.username;"); + return $stmt->fetchAll(PDO::FETCH_ASSOC); +} + +// Report - Monthly Hours by Month then User +function reportMonthlyByUser($yaptc_db) { + $stmt = $yaptc_db->query("SELECT YEAR(punches.intime) AS g_year, MONTHNAME(punches.intime) AS g_month, ROUND(SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600),2) AS punchhours, punches.id as punchid, users.id as user, users.username as username, users.firstname as firstname, users.lastname as lastname, punches.intime as intime, punches.outtime as outtime, punches.notes as notes, punches.modified as modified FROM punches INNER JOIN users ON punches.userid = users.id GROUP BY g_year, g_month, users.username;"); + return $stmt->fetchAll(PDO::FETCH_ASSOC); +} + +?> diff --git a/index.php b/index.php index 5b3e0c7..054a256 100755 --- a/index.php +++ b/index.php @@ -1,112 +1,56 @@ +else: ?> + + + +

Current Status

+ +

You do not appear to have any punches on record.

+ +

You have been Punched since .

+ + +

Quick Punch

+

Clicking the button below will immediately enter a new punch for you depending on your current status. Any notes you enter will be attached to the punch for your administrator to review.

+
+
+ +
+ + + + + + + +
+
+
- - - - -// This is to get the current user status - in or out - and the notes and times associated for use in the form -$result = $yaptc_db->prepare("SELECT punches.id as punchid, users.id as user, punches.intime as intime, punches.outtime as outtime, punches.notes as notes FROM punches INNER JOIN users ON punches.userid = users.id WHERE users.id = $userid ORDER BY punches.id DESC LIMIT 1"); - $result->execute(); - $last = $result->fetchObject(); - - // Let's build the page - this is the header with current status - echo "

Current Status

"; - if (!isset($last->user)) { - echo "

You do not appear to have any punches on record.

"; - $status = "Out"; - } //!isset($last->user) - else { - if (!empty($last->outtime)) { - $status = "Out"; - $statustime = $last->outtime; - } //!empty($last->outtime) - else { - $status = "In"; - $statustime = $last->intime; - $punchid = $last->punchid; - $notes = $last->notes; - } - echo "

You have been Punched $status since " . date('g:i a \o\n M jS, Y', strtotime($statustime)) . ".

"; - } - echo "

Quick Punch

"; - - echo "

Clicking the button below will immediately enter a new punch for you depending on your current status. Any notes you enter will be attached to the punch for your administrator to review.

"; - echo "
"; - echo "
"; - if (isset($notes)) { - echo ""; - } //isset($notes) - else { - echo ""; - } - echo "
"; - if ($status == "In") { - echo ""; - echo ""; - } //$status == "In" - else { - echo ""; - echo ""; - } - echo "
"; - - // If the posted variables are not empty, we must be trying to insert a new punch. Use the form values to insert new record - if (!empty($_POST)) { - - // Is the notes field set? If so, use, otherwise set to null - if (isset($_POST['notes'])) { - if (!empty($_POST['notes'])) { - $p_notes = $_POST['notes']; - } //!empty($_POST['notes']) - else { - $p_notes = NULL; - } - } //isset($_POST['notes']) - else { - $p_notes = NULL; - } - - // Is the user currently punched in? If so, insert the punch out record, otherwise, insert a new punch in - if ($status == "In") { - $query = "UPDATE punches SET outtime = NOW(), notes = :p_notes WHERE id = :p_punchid"; - $stmt = $yaptc_db->prepare($query); - $stmt->execute(array( - ':p_punchid' => $punchid, - ':p_notes' => $p_notes - )); - } //$status == "In" - else { - $query = "INSERT INTO punches (userid, notes, intime) VALUES (:p_userid, :p_notes, NOW())"; - $stmt = $yaptc_db->prepare($query); - $stmt->execute(array( - ':p_userid' => $_SESSION['user_id'], - ':p_notes' => $p_notes - )); - } - - // And then send user back to this page to see the updates - header('Location: ' . $_SERVER['PHP_SELF']); - } //!empty($_POST) - - // Close out the form... - echo "
"; - echo "
"; -?> - - - + + diff --git a/login.php b/login.php index ab9ef20..d356f3e 100755 --- a/login.php +++ b/login.php @@ -1,24 +1,15 @@ You are already logged in..."; -else: -//********** BEGIN CONTENT **********// ?> - - -

User Login

-
-
- - -
- -
+else: ?> + +

User Login

+
+
+ + +
+ +
- - + + diff --git a/logout.php b/logout.php index 132f434..8b1cb75 100755 --- a/logout.php +++ b/logout.php @@ -1,28 +1,17 @@ + -// Does user have any session settings active? Kill them all... -if (isset($_SESSION['user_id']) || isset($_SESSION['signature']) || isset($_SESSION['loggedIn']) || $_SESSION['loggedIn'] = true || $_SESSION['signature'] = md5($_SESSION['user_id'] . $_SERVER['HTTP_USER_AGENT'])) -{ -session_start(); -session_unset(); -session_destroy(); -header ("Refresh:3; url=login.php", true, 303); -echo "

You have successfully logged out...

"; -} -else -{ -session_start(); -session_unset(); -session_destroy(); -header ("Location: login.php"); -} + +

Logging out...

-//********** END CONTENT **********// -require_once($yaptc_inc . "footer.inc.php"); -?> + + diff --git a/profile.php b/profile.php index 4f6ceeb..4bb01a0 100755 --- a/profile.php +++ b/profile.php @@ -1,6 +1,7 @@ + +"; } echo ''; echo ''; - - - -//********** END CONTENT **********// -} -require_once($yaptc_inc . "footer.inc.php"); ?> + + + + diff --git a/reports.php b/reports.php index 8eeffb3..58dd5b1 100755 --- a/reports.php +++ b/reports.php @@ -1,13 +1,14 @@ +else: ?> +

Punch History

Below is your company punch history. The below drop-down can be used to select pre-configured reports. Other reports are currently being written.

@@ -51,9 +52,5 @@ else:

No query to display. Please select from the dropdown above...

- - - + + diff --git a/users.php b/users.php index 4622f87..13c90d8 100755 --- a/users.php +++ b/users.php @@ -1,13 +1,14 @@ +else: ?> +

Add User

All fields are required! Password must be 8+ characters. Username and email must be unique.

@@ -140,8 +141,6 @@ if (!empty($_POST['newuser']) && empty($errors)) " . $row['usertype'] . ""; - + +