Point808/yaptc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

major updates to functions, split off from config file, etc

Browse Source
This commit is contained in:
Josh North 2015-02-20 05:16:28 -05:00
parent d74c62649e
commit 45911a2da1
10 changed files with 201 additions and 248 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
LICENSE (pickadate)
View File

@ -1,7 +0,0 @@
Copyright 2014 Amsul, http://amsul.ca
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

90
config.inc.php.example
View File

@ -9,83 +9,17 @@ $yaptc_db = new PDO('mysql:host=localhost;dbname=YOUR_DATABASE;charset=utf
$yaptc_adminmsg = ''; // Message will display on all pages!
//********** NO NEED TO EDIT PAST HERE **********//
$_SESSION['yaptc_dir'] = $yaptc_dirpath;
$_SESSION['yaptc_url'] = $yaptc_webpath;
$yaptc_inc = $yaptc_dirpath . 'includes/';
$yaptc_incweb = $yaptc_webpath . 'includes/';
$yaptc_lib = $yaptc_dirpath . 'lib/';
$yaptc_libweb = $yaptc_webpath . 'lib/';
// db settings
$yaptc_db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$yaptc_db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
// Get user list for users management page
function listUsers($yaptc_db) {
$stmt = $yaptc_db->query("SELECT users.id as userid, users.username as username, users.email as email, users.created as created, users.firstname as firstname, users.lastname as lastname, users.usertype as usertypeid, usertypes.typename as usertype
FROM yaptc.users
INNER JOIN usertypes ON users.usertype = usertypes.id
ORDER BY users.lastname ASC;");
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
// Update user profile
function updateUserProfile($yaptc_db, $userid, $firstname, $lastname, $email)
{
$stmt = $yaptc_db->prepare("UPDATE users SET firstname = :firstname, lastname = :lastname, email = :email WHERE id = :userid;");
$stmt->execute(array(
':userid' => $userid,
':firstname' => $firstname,
':lastname' => $lastname,
':email' => $email
));
}
// Get login status - returns true or false
function getSessionStatus()
{
if (!isset($_SESSION['user_id']) || !isset($_SESSION['signature']) || !isset($_SESSION['loggedIn']) || $_SESSION['loggedIn'] != true || $_SESSION['signature'] != md5($_SESSION['user_id'] . $_SERVER['HTTP_USER_AGENT'])) {
return false;
} else {
return true;
}
}
// Kick user and go to login
function killSession()
{
session_unset();
session_destroy();
session_write_close();
header("Location: login.php");
}
// Get user access level. Call with $sql passed or it will not work correctly
function getSessionAccess($yaptc_db)
{
if (isset($_SESSION['user_id'])) {
$query3 = "SELECT users.id as userid, usertypes.typename AS usertype FROM users, usertypes WHERE users.id = :id";
$stmt3 = $yaptc_db->prepare($query3);
$stmt3->execute(array(
':id' => $_SESSION['user_id']
));
$user3 = $stmt3->fetchObject();
return $user3->usertype;
}
}
// Report - Weekly Hours by Week then User
function reportWeeklyByUser($yaptc_db) {
$stmt = $yaptc_db->query("SELECT YEAR(punches.intime) AS g_year, WEEK(punches.intime) AS g_week, ROUND(SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600),2) AS punchhours, punches.id as punchid, users.id as user, users.username as username, users.firstname as firstname, users.lastname as lastname, punches.intime as intime, punches.outtime as outtime, punches.notes as notes, punches.modified as modified FROM punches INNER JOIN users ON punches.userid = users.id GROUP BY g_year, g_week, users.username;");
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
// Report - Monthly Hours by Month then User
function reportMonthlyByUser($yaptc_db) {
$stmt = $yaptc_db->query("SELECT YEAR(punches.intime) AS g_year, MONTHNAME(punches.intime) AS g_month, ROUND(SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600),2) AS punchhours, punches.id as punchid, users.id as user, users.username as username, users.firstname as firstname, users.lastname as lastname, punches.intime as intime, punches.outtime as outtime, punches.notes as notes, punches.modified as modified FROM punches INNER JOIN users ON punches.userid = users.id GROUP BY g_year, g_month, users.username;");
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
$yaptc_db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // Advanced PDO handling
$yaptc_db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); // Advanced PDO handling
$_SESSION['yaptc_dir'] = $yaptc_dirpath; // Put absolute directory path in session
$_SESSION['yaptc_url'] = $yaptc_webpath; // Put absolute url path in session
$yaptc_inc = $yaptc_dirpath . 'includes/'; // Concatenate an includes directory path
$yaptc_incweb = $yaptc_webpath . 'includes/'; // Concatenate an includes url path
$yaptc_lib = $yaptc_dirpath . 'lib/'; // Concatenate a lib directory path
$yaptc_libweb = $yaptc_webpath . 'lib/'; // Concatenate a lib url path
?>

101
includes/functions.inc.php Executable file
View File

@ -0,0 +1,101 @@
<?php
// Get user list for users management page
function listUsers($yaptc_db) {
$stmt = $yaptc_db->query("SELECT users.id as userid, users.username as username, users.email as email, users.created as created, users.firstname as firstname, users.lastname as lastname, users.usertype as usertypeid, usertypes.typename as usertype
FROM yaptc.users
INNER JOIN usertypes ON users.usertype = usertypes.id
ORDER BY users.lastname ASC;");
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
// Update user profile
function updateUserProfile($yaptc_db, $userid, $firstname, $lastname, $email)
{
$stmt = $yaptc_db->prepare("UPDATE users SET firstname = :firstname, lastname = :lastname, email = :email WHERE id = :userid;");
$stmt->execute(array(
':userid' => $userid,
':firstname' => $firstname,
':lastname' => $lastname,
':email' => $email
));
}
// Get login status - returns true or false
function getSessionStatus()
{
if (!isset($_SESSION['user_id']) || !isset($_SESSION['signature']) || !isset($_SESSION['loggedIn']) || $_SESSION['loggedIn'] != true || $_SESSION['signature'] != md5($_SESSION['user_id'] . $_SERVER['HTTP_USER_AGENT'])) {
return false;
} else {
return true;
}
}
// Kick user and go to login
function killSession()
{
session_unset();
session_destroy();
session_write_close();
header("Location: login.php");
}
// Get user access level. Call with $sql passed or it will not work correctly
function getSessionAccess($yaptc_db)
{
if (isset($_SESSION['user_id'])) {
$query3 = "SELECT users.id as userid, usertypes.typename AS usertype FROM users, usertypes WHERE users.id = :id";
$stmt3 = $yaptc_db->prepare($query3);
$stmt3->execute(array(
':id' => $_SESSION['user_id']
));
$user3 = $stmt3->fetchObject();
return $user3->usertype;
}
}
// Punch Out
function punchOut($yaptc_db, $punchid, $notes)
{
$stmt = $yaptc_db->prepare("UPDATE punches SET punches.outtime = NOW(), punches.notes = :notes WHERE punches.id = :punchid;");
$stmt->execute(array(
':punchid' => $punchid,
':notes' => $notes
));
}
// Punch In
function punchIn($yaptc_db, $userid, $notes)
{
$stmt = $yaptc_db->prepare("INSERT INTO punches (punches.userid, punches.notes, punches.intime) VALUES (:userid, :notes, NOW());");
$stmt->execute(array(
':userid' => $userid,
':notes' => $notes
));
}
// Get punch status - returns array
function getPunchStatus($yaptc_db, $userid)
{
$stmt = $yaptc_db->prepare("SELECT punches.id as punchid, users.id as userid, punches.intime as intime, punches.outtime as outtime, punches.notes as notes FROM punches INNER JOIN users ON punches.userid = users.id WHERE users.id = :userid ORDER BY punches.intime DESC LIMIT 1;");
$stmt->execute(array(
':userid' => $userid
));
$result = $stmt->fetch( PDO::FETCH_ASSOC );
return array ($result['punchid'], $result['userid'], $result['intime'], $result['outtime'], $result['notes']);
}
// Report - Weekly Hours by Week then User
function reportWeeklyByUser($yaptc_db) {
$stmt = $yaptc_db->query("SELECT YEAR(punches.intime) AS g_year, WEEK(punches.intime) AS g_week, ROUND(SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600),2) AS punchhours, punches.id as punchid, users.id as user, users.username as username, users.firstname as firstname, users.lastname as lastname, punches.intime as intime, punches.outtime as outtime, punches.notes as notes, punches.modified as modified FROM punches INNER JOIN users ON punches.userid = users.id GROUP BY g_year, g_week, users.username;");
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
// Report - Monthly Hours by Month then User
function reportMonthlyByUser($yaptc_db) {
$stmt = $yaptc_db->query("SELECT YEAR(punches.intime) AS g_year, MONTHNAME(punches.intime) AS g_month, ROUND(SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600),2) AS punchhours, punches.id as punchid, users.id as user, users.username as username, users.firstname as firstname, users.lastname as lastname, punches.intime as intime, punches.outtime as outtime, punches.notes as notes, punches.modified as modified FROM punches INNER JOIN users ON punches.userid = users.id GROUP BY g_year, g_month, users.username;");
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
?>

146
index.php
View File

@ -1,112 +1,56 @@
<?php
session_start();
require_once("config.inc.php");
require_once($yaptc_inc . "functions.inc.php");
$yaptc_pagename = "Home";
require_once($yaptc_inc . "header.inc.php");
require_once($yaptc_inc . "menu.inc.php");
if (getSessionStatus() == false):
killSession();
else:
//********** BEGIN CONTENT **********// ?>
else: ?>
<!-- ********** BEGIN CONTENT ********** -->
<?php $punchStatus = getPunchStatus($yaptc_db, $_SESSION['user_id']); ?>
<h2 class="content-subhead">Current Status</h2>
<?php if (!isset($punchStatus['0'])): $status = "Out"; ?>
<p>You do not appear to have any punches on record.</p>
<?php else:
if (!empty($punchStatus['3'])): $status = "Out"; $statustime = $punchStatus['3'];
else: $status = "In"; $statustime = $punchStatus['2']; $punchid = $punchStatus['0']; $notes = $punchStatus['4'];
endif; ?>
<p>You have been Punched <?php echo $status; ?> since <?php echo date('g:i a \o\n M jS, Y', strtotime($statustime)); ?>.</p>
<?php endif; ?>
<h2 class="content-subhead">Quick Punch</h2>
<p>Clicking the button below will immediately enter a new punch for you depending on your current status. Any notes you enter will be attached to the punch for your administrator to review.</p>
<form class="pure-form pure-form-stacked" action="index.php" method="post">
<fieldset>
<input class="pure-input-1" type="text" name="notes" placeholder="Enter notes if needed" maxlength="255" value="<?php if (isset($notes)): echo $notes; endif; ?>">
<div class="pure-controls">
<?php if ($status == "In"): ?>
<button type="submit" class="pure-button button-xlarge button-success pure-button-disabled">Punch IN</button>
<button type="submit" class="pure-button button-xlarge button-error">Punch OUT</button>
<?php elseif ($status == "Out"): ?>
<button type="submit" class="pure-button button-xlarge button-success">Punch IN</button>
<button type="submit" class="pure-button button-xlarge button-error pure-button-disabled">Punch OUT</button>
<?php endif; ?>
</div>
</fieldset>
</form>
<?php
$userid = $_SESSION['user_id'];
// This is to get the current user status - in or out - and the notes and times associated for use in the form
$result = $yaptc_db->prepare("SELECT punches.id as punchid, users.id as user, punches.intime as intime, punches.outtime as outtime, punches.notes as notes FROM punches INNER JOIN users ON punches.userid = users.id WHERE users.id = $userid ORDER BY punches.id DESC LIMIT 1");
$result->execute();
$last = $result->fetchObject();
// Let's build the page - this is the header with current status
echo "<h2 class=\"content-subhead\">Current Status</h2>";
if (!isset($last->user)) {
echo "<p>You do not appear to have any punches on record.</p>";
$status = "Out";
} //!isset($last->user)
else {
if (!empty($last->outtime)) {
$status = "Out";
$statustime = $last->outtime;
} //!empty($last->outtime)
else {
$status = "In";
$statustime = $last->intime;
$punchid = $last->punchid;
$notes = $last->notes;
}
echo "<p>You have been Punched $status since " . date('g:i a \o\n M jS, Y', strtotime($statustime)) . ".</p>";
}
echo "<h2 class=\"content-subhead\">Quick Punch</h2>";
echo "<p>Clicking the button below will immediately enter a new punch for you depending on your current status. Any notes you enter will be attached to the punch for your administrator to review.</p>";
echo "<form class=\"pure-form pure-form-stacked\" action=\"index.php\" method=\"post\">";
echo "<fieldset>";
if (isset($notes)) {
echo "<input class=\"pure-input-1\" type=\"text\" name=\"notes\" placeholder=\"Enter notes if needed\" maxlength=\"255\" value=\"$notes\">";
} //isset($notes)
else {
echo "<input class=\"pure-input-1\" type=\"text\" name=\"notes\" placeholder=\"Enter notes if needed\" maxlength=\"255\">";
}
echo "<div class=\"pure-controls\">";
if ($status == "In") {
echo "<button type=\"submit\" class=\"pure-button button-xlarge button-success pure-button-disabled\">Punch IN</button>";
echo "<button type=\"submit\" class=\"pure-button button-xlarge button-error\">Punch OUT</button>";
} //$status == "In"
else {
echo "<button type=\"submit\" class=\"pure-button button-xlarge button-success\">Punch IN</button>";
echo "<button type=\"submit\" class=\"pure-button button-xlarge button-error pure-button-disabled\">Punch OUT</button>";
}
echo "</div>";
// If the posted variables are not empty, we must be trying to insert a new punch. Use the form values to insert new record
if (!empty($_POST)) {
// Is the notes field set? If so, use, otherwise set to null
if (isset($_POST['notes'])) {
if (!empty($_POST['notes'])) {
$p_notes = $_POST['notes'];
} //!empty($_POST['notes'])
else {
$p_notes = NULL;
}
} //isset($_POST['notes'])
else {
$p_notes = NULL;
}
// Is the user currently punched in? If so, insert the punch out record, otherwise, insert a new punch in
if ($status == "In") {
$query = "UPDATE punches SET outtime = NOW(), notes = :p_notes WHERE id = :p_punchid";
$stmt = $yaptc_db->prepare($query);
$stmt->execute(array(
':p_punchid' => $punchid,
':p_notes' => $p_notes
));
} //$status == "In"
else {
$query = "INSERT INTO punches (userid, notes, intime) VALUES (:p_userid, :p_notes, NOW())";
$stmt = $yaptc_db->prepare($query);
$stmt->execute(array(
':p_userid' => $_SESSION['user_id'],
':p_notes' => $p_notes
));
}
// And then send user back to this page to see the updates
header('Location: ' . $_SERVER['PHP_SELF']);
} //!empty($_POST)
// Close out the form...
echo "</fieldset>";
echo "</form>";
?>
<?php //********** END CONTENT **********//
if (!empty($_POST)):
if (isset($_POST['notes'])):
if (!empty($_POST['notes'])): $notes = $_POST['notes'];
else: $notes = NULL;
endif;
require_once($yaptc_inc . "footer.inc.php");
?>
else: $notes = NULL;
endif;
if ($status == "In"): punchOut($yaptc_db, $punchid, $notes);
elseif ($status == "Out"): punchIn($yaptc_db, $_SESSION['user_id'], $notes);
endif;
header('Location: ' . $_SERVER['PHP_SELF']);
endif; ?>
<!-- ********** END CONTENT ********** -->
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>

30
login.php
View File

@ -1,24 +1,15 @@
<?php
session_start();
require_once("config.inc.php");
require_once($yaptc_inc . "functions.inc.php");
$yaptc_pagename = "Login";
require_once($yaptc_inc . "header.inc.php");
require_once($yaptc_inc . "menu.inc.php");
if (getSessionStatus() == true):
header ("Refresh:3; url=index.php", true, 303);
echo "<h2 class=\"content-subhead\">You are already logged in...</h2>";
else:
//********** BEGIN CONTENT **********// ?>
<h2 class="content-subhead">User Login</h2>
<form class="pure-form" action="login.php" method="post">
<fieldset class="pure-group" id="login">
<input type="text" class="pure-input-1" placeholder="Username" id="username" name="username" />
<input type="password" class="pure-input-1" placeholder="Password" id="password" name="password" />
</fieldset>
<button type="submit" class="pure-button button-success pure-input-1 pure-button-primary" value="Login">Sign in</button>
</form>
else: ?>
<!-- ********** BEGIN CONTENT ********** -->
<?php
require_once($yaptc_lib . "phpass-0.3/PasswordHash.php");
@ -45,9 +36,14 @@ if (!empty($_POST)):
endif;
endif;
?>
<h2 class="content-subhead">User Login</h2>
<form class="pure-form" action="login.php" method="post">
<fieldset class="pure-group" id="login">
<input type="text" class="pure-input-1" placeholder="Username" id="username" name="username" />
<input type="password" class="pure-input-1" placeholder="Password" id="password" name="password" />
</fieldset>
<button type="submit" class="pure-button button-success pure-input-1 pure-button-primary" value="Login">Sign in</button>
</form>
<?php //********** END CONTENT **********//
endif;
require_once($yaptc_inc . "footer.inc.php");
?>
<!-- ********** END CONTENT ********** -->
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>

29
logout.php
View File

@ -1,28 +1,17 @@
<?php
session_start();
require_once("config.inc.php");
require_once($yaptc_inc . "functions.inc.php");
$yaptc_pagename = "Logout";
require_once($yaptc_inc . "header.inc.php");
require_once($yaptc_inc . "menu.inc.php");
//********** BEGIN CONTENT **********//
if (getSessionStatus() == false):
killSession();
else: ?>
<!-- ********** BEGIN CONTENT ********** -->
// Does user have any session settings active? Kill them all...
if (isset($_SESSION['user_id']) || isset($_SESSION['signature']) || isset($_SESSION['loggedIn']) || $_SESSION['loggedIn'] = true || $_SESSION['signature'] = md5($_SESSION['user_id'] . $_SERVER['HTTP_USER_AGENT']))
{
session_start();
session_unset();
session_destroy();
header ("Refresh:3; url=login.php", true, 303);
echo "<h2 class=\"content-subhead\">You have successfully logged out...</h2>";
}
else
{
session_start();
session_unset();
session_destroy();
header ("Location: login.php");
}
<?php killSession(); ?>
<h2 class="content-subhead">Logging out...</h2>
//********** END CONTENT **********//
require_once($yaptc_inc . "footer.inc.php");
?>
<!-- ********** END CONTENT ********** -->
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>

1
profile.php
View File

@ -1,6 +1,7 @@
<?php
session_start();
require_once("config.inc.php");
require_once($yaptc_inc . "functions.inc.php");
$yaptc_pagename = "Profile";
require_once($yaptc_inc . "header.inc.php");
require_once($yaptc_inc . "menu.inc.php");

18
punchlog.php
View File

@ -1,14 +1,16 @@
<?php
session_start();
require_once("config.inc.php");
require_once($yaptc_inc . "functions.inc.php");
$yaptc_pagename = "Punch Log";
require_once($yaptc_inc . "header.inc.php");
require_once($yaptc_inc . "menu.inc.php");
if (getSessionStatus() == false) {
if (getSessionStatus() == false):
killSession();
} else {
//********** BEGIN CONTENT **********//
else: ?>
<!-- ********** BEGIN CONTENT ********** -->
<?php
$userid = $_SESSION['user_id'];
$timenow = date('Y-m-d H:i');
@ -127,10 +129,8 @@ echo "</tr>";
}
echo '</tbody>';
echo '</table>';
//********** END CONTENT **********//
}
require_once($yaptc_inc . "footer.inc.php");
?>
<!-- ********** END CONTENT ********** -->
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>

13
reports.php
View File

@ -1,13 +1,14 @@
<?php
session_start();
require_once("config.inc.php");
require_once($yaptc_inc . "functions.inc.php");
$yaptc_pagename = "Reports";
require_once($yaptc_inc . "header.inc.php");
require_once($yaptc_inc . "menu.inc.php");
if (getSessionStatus() == false):
killSession();
else:
//********** BEGIN CONTENT **********// ?>
else: ?>
<!-- ********** BEGIN CONTENT ********** -->
<h2 class="content-subhead">Punch History</h2>
<p>Below is your company punch history. The below drop-down can be used to select pre-configured reports. Other reports are currently being written.</p>
@ -51,9 +52,5 @@ else:
<p>No query to display. Please select from the dropdown above...</p>
<?php endif; ?>
<?php //********** END CONTENT **********//
endif;
require_once($yaptc_inc . "footer.inc.php");
?>
<!-- ********** END CONTENT ********** -->
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>

14
users.php
View File

@ -1,13 +1,14 @@
<?php
session_start();
require_once("config.inc.php");
require_once($yaptc_inc . "functions.inc.php");
$yaptc_pagename = "Users";
require_once($yaptc_inc . "header.inc.php");
require_once($yaptc_inc . "menu.inc.php");
if (getSessionStatus() == false) {
if (getSessionStatus() == false):
killSession();
} else {
//********** BEGIN CONTENT **********// ?>
else: ?>
<!-- ********** BEGIN CONTENT ********** -->
<h2 class="content-subhead">Add User</h2>
<p>All fields are required! Password must be 8+ characters. Username and email must be unique.</p>
@ -140,8 +141,6 @@ if (!empty($_POST['newuser']) && empty($errors))
<?php
}
// delete user only if submitted by button
if (!empty($_POST['deluser']))
@ -196,6 +195,5 @@ echo "<td>" . $row['usertype'] . "</td>";
</table>
<?php //********** END CONTENT **********//
require_once($yaptc_inc . "footer.inc.php");
?>
<!-- ********** END CONTENT ********** -->
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>