From 65204a6c591c9ad4bcbb5e3b468db6ce3e410328 Mon Sep 17 00:00:00 2001
From: Josh North <josh.north@point808.com>
Date: Tue, 24 Feb 2015 10:37:52 -0500
Subject: [PATCH] Major overhauls, added admin punch as well

---
 config.inc.php.example     |   2 +-
 includes/functions.inc.php | 184 +++++++++++++----
 includes/menu.inc.php      |  63 +++---
 includes/side-menu.css     |  23 ++-
 index.php                  |  17 +-
 lib/pure/HISTORY.md        | 413 -------------------------------------
 lib/pure/README.md         | 170 ---------------
 manualpunch.php            |  95 +++++++++
 profile.php                |  65 +++---
 punchlog.php               |  46 ++---
 reports.php                |  23 ++-
 users.php                  |  19 +-
 12 files changed, 356 insertions(+), 764 deletions(-)
 delete mode 100755 lib/pure/HISTORY.md
 delete mode 100755 lib/pure/README.md
 create mode 100755 manualpunch.php

diff --git a/config.inc.php.example b/config.inc.php.example
index ecd3c63..038d0f6 100755
--- a/config.inc.php.example
+++ b/config.inc.php.example
@@ -8,7 +8,7 @@ $yaptc_company  = 'Widgets, Inc.';                // Your company name
 $yaptc_db       = new PDO('mysql:host=localhost;dbname=YOUR_DATABASE;charset=utf8', 'YOUR_USER', 'YOUR_PASSWORD'); // Database connection string
 $yaptc_adminmsg = '';                             // Message will display on all pages!
 $yaptc_allowadvancedpunch = 'yes';                // Should we allow users to make manual punch entries? set to yes or no
-
+$yaptc_min_password = '8';                        // Minimum password length
 
 
 
diff --git a/includes/functions.inc.php b/includes/functions.inc.php
index 1b41ba3..7b6f2b1 100755
--- a/includes/functions.inc.php
+++ b/includes/functions.inc.php
@@ -9,27 +9,7 @@ ORDER BY users.lastname ASC;");
    return $stmt->fetchAll(PDO::FETCH_ASSOC);
 }
 
-// Update user profile
-function updateUserProfile($yaptc_db, $userid, $firstname, $lastname, $email)
-{
-$stmt = $yaptc_db->prepare("UPDATE users SET firstname = :firstname, lastname = :lastname, email = :email WHERE id = :userid;");
-$stmt->execute(array(
-    ':userid' => $userid,
-    ':firstname' => $firstname,
-    ':lastname' => $lastname,
-    ':email' => $email,
-    ));
-}
 
-// Update user profile
-function updateUserPassword($yaptc_db, $userid, $password)
-{
-$stmt = $yaptc_db->prepare("UPDATE users SET password = :password WHERE id = :userid;");
-$stmt->execute(array(
-    ':userid' => $userid,
-    ':password' => $password,
-    ));
-}
 
 
 // Get login status - returns true or false
@@ -51,37 +31,29 @@ function killSession()
     header("Location: login.php");
 }
 
-// Get user access level.  Call with $sql passed or it will not work correctly
-function getSessionAccess($yaptc_db)
-{
-    if (isset($_SESSION['user_id'])) {
-        $query3 = "SELECT users.id as userid, usertypes.typename AS usertype FROM yaptc.users INNER JOIN yaptc.usertypes ON users.usertype = usertypes.id WHERE users.id = :id";
-        $stmt3  = $yaptc_db->prepare($query3);
-        $stmt3->execute(array(
-            ':id' => $_SESSION['user_id']
-        ));
-        $user3 = $stmt3->fetchObject();
-        return $user3->usertype;
-    }
-}
+
 
 // Punch Out
-function punchOut($yaptc_db, $punchid, $notes)
+function punchOut($yaptc_db, $punchid, $notes, $outtime, $modified=NULL)
 {
-$stmt = $yaptc_db->prepare("UPDATE punches SET punches.outtime = NOW(), punches.notes = :notes WHERE punches.id = :punchid;");
+$stmt = $yaptc_db->prepare("UPDATE punches SET punches.outtime = :outtime, punches.notes = :notes, punches.modified = :modified WHERE punches.id = :punchid;");
 $stmt->execute(array(
     ':punchid' => $punchid,
+    ':modified' => $modified,
+    ':outtime' => $outtime,
     ':notes' => $notes
     ));
 }
 
 // Punch In
-function punchIn($yaptc_db, $userid, $notes)
+function punchIn($yaptc_db, $userid, $notes, $punchtime, $modified=NULL)
 {
-$stmt = $yaptc_db->prepare("INSERT INTO punches (punches.userid, punches.notes, punches.intime) VALUES (:userid, :notes, NOW());");
+$stmt = $yaptc_db->prepare("INSERT INTO punches (punches.userid, punches.notes, punches.intime, punches.modified) VALUES (:userid, :notes, :punchtime, :modified);");
 $stmt->execute(array(
     ':userid' => $userid,
-    ':notes' => $notes
+    ':notes' => $notes,
+    ':punchtime' => $punchtime,
+    ':modified' => $modified
     ));
 }
 
@@ -96,16 +68,140 @@ function getPunchStatus($yaptc_db, $userid)
     return array ($result['punchid'], $result['userid'], $result['intime'], $result['outtime'], $result['notes']);
 }
 
+
+
+// List punches sorted by intime.  Pass uid or % for all.  Pass limit to restrict row results.  Default is set to tons of 9's because no wildcard exists for limit in mysql or pgsql
+function listPunches($db, $uid, $limit = "999999999999999") {
+    $stmt = $db->prepare('
+        SELECT
+        ROUND(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600,2) AS punchhours,
+        punches.id as punchid,
+        punches.intime as intime,
+        punches.outtime as outtime,
+        users.id AS userid,
+        users.firstname as firstname,
+        users.lastname as lastname,
+        REPLACE (punches.modified, "1", "YES") as modified,
+        punches.notes as notes
+        FROM yaptc.punches
+        INNER JOIN yaptc.users ON punches.userid = users.id
+        WHERE users.id LIKE :uid
+        ORDER BY punches.intime DESC
+        LIMIT :limit
+    ');
+    $stmt->execute(array(
+        ':uid' => $uid,
+        ':limit' => $limit,
+    ));
+    return $stmt->fetchAll(PDO::FETCH_ASSOC);
+}
+
+// Get user info from user id.  Pass uid or % for all.
+function getUserInfo($db, $uid) {
+    $stmt = $db->prepare('
+        SELECT
+        users.id AS userid,
+        users.username AS username,
+        users.firstname AS firstname,
+        users.lastname AS lastname,
+        users.email AS email,
+        usertypes.typename AS usertype,
+        usertypes.id AS usertypeid,
+        users.created AS created,
+        users.password AS password
+        FROM yaptc.users
+        INNER JOIN yaptc.usertypes ON users.usertype = usertypes.id
+        WHERE users.id LIKE :uid
+        ORDER BY users.lastname ASC;
+    ');
+    $stmt->execute(array(
+        ':uid' => $uid
+    ));
+    return $stmt->fetchAll(PDO::FETCH_ASSOC);
+}
+
+
+// Update user profile
+function updateUserPassword($yaptc_db, $userid, $password)
+{
+$stmt = $yaptc_db->prepare("UPDATE users SET password = :password WHERE id = :userid;");
+$stmt->execute(array(
+    ':userid' => $userid,
+    ':password' => $password,
+    ));
+}
+
+
+
+// Set user info from user id
+function setUserInfo($db, $uid, $firstname, $lastname, $email, $usertypeid, $password) {
+    $stmt = $db->prepare('
+        UPDATE
+        yaptc.users
+        SET
+        firstname = :firstname,
+        lastname = :lastname,
+        email = :email,
+        usertype = :usertypeid,
+        password = :password
+        WHERE id = :uid
+    ');
+    $stmt->execute(array(
+        ':uid' => $uid,
+        ':firstname' => $firstname,
+        ':lastname' => $lastname,
+        ':email' => $email,
+        ':usertypeid' => $usertypeid,
+        ':password' => $password,
+    ));
+
+}
+
 // Report - Weekly Hours by Week then User
-function reportWeeklyByUser($yaptc_db) {
-   $stmt = $yaptc_db->query("SELECT YEAR(punches.intime) AS g_year, WEEK(punches.intime) AS g_week, ROUND(SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600),2) AS punchhours, punches.id as punchid, users.id as user, users.username as username, users.firstname as firstname, users.lastname as lastname, punches.intime as intime, punches.outtime as outtime, punches.notes as notes, punches.modified as modified FROM punches INNER JOIN users ON punches.userid = users.id GROUP BY g_year, g_week, users.username;");
-   return $stmt->fetchAll(PDO::FETCH_ASSOC);
+function reportWeeklyByUser($yaptc_db)
+{
+    $statement = $yaptc_db->prepare('
+        SELECT
+        YEAR(punches.intime) AS g_year,
+        WEEK(punches.intime) AS g_week,
+        ROUND(SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600),2) AS punchhours,
+        punches.intime as intime,
+        punches.outtime as outtime,
+        users.firstname as firstname,
+        users.lastname as lastname,
+        REPLACE (punches.modified, "1", "YES") as modified,
+        punches.notes as notes
+        FROM yaptc.punches
+        INNER JOIN yaptc.users ON punches.userid = users.id
+        GROUP BY g_year, g_week, users.username
+    ');
+    $statement->execute();
+    return $statement->fetchAll(PDO::FETCH_ASSOC);
 }
 
 // Report - Monthly Hours by Month then User
-function reportMonthlyByUser($yaptc_db) {
-   $stmt = $yaptc_db->query("SELECT YEAR(punches.intime) AS g_year, MONTHNAME(punches.intime) AS g_month, ROUND(SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600),2) AS punchhours, punches.id as punchid, users.id as user, users.username as username, users.firstname as firstname, users.lastname as lastname, punches.intime as intime, punches.outtime as outtime, punches.notes as notes, punches.modified as modified FROM punches INNER JOIN users ON punches.userid = users.id GROUP BY g_year, g_month, users.username;");
-   return $stmt->fetchAll(PDO::FETCH_ASSOC);
+function reportMonthlyByUser($yaptc_db)
+{
+    $statement = $yaptc_db->prepare('
+        SELECT
+        YEAR(punches.intime) AS g_year,
+        MONTHNAME(punches.intime) AS g_month,
+        ROUND(SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600),2) AS punchhours,
+        punches.intime as intime,
+        punches.outtime as outtime,
+        users.firstname as firstname,
+        users.lastname as lastname,
+        REPLACE (punches.modified, "1", "YES") as modified,
+        punches.notes as notes
+        FROM yaptc.punches
+        INNER JOIN yaptc.users ON punches.userid = users.id
+        GROUP BY g_year, g_month, users.username;
+    ');
+    $statement->execute();
+    return $statement->fetchAll(PDO::FETCH_ASSOC);
 }
 
+
+
+// EOF
 ?>
diff --git a/includes/menu.inc.php b/includes/menu.inc.php
index 0090857..83e8dd0 100755
--- a/includes/menu.inc.php
+++ b/includes/menu.inc.php
@@ -12,38 +12,39 @@
             <?php
 
 
-// Get login status and access level
-if (getSessionStatus() == true) { $userLogged = true; $userAccess = getSessionAccess($yaptc_db); } else { $userLogged = false; $userAccess = ""; }
+// Get logged-in user's profile information
+$session_user = getUserInfo($db, $_SESSION['user_id']);
+$session_status = getSessionStatus();
 
-// All menu options - only ones with permissions allowed are shown to logged-in users.
-// Home
-if ($userLogged == true) {
-  echo '<li'; if ($yaptc_pagename=='Home') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="index.php">Home</a></li>';
-  }
-// Profile
-if ($userLogged == true) {
-  echo '<li'; if ($yaptc_pagename=='Profile') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="profile.php">Profile</a></li>';
-  }
-// Punch Log
-if ($userLogged == true) {
-  echo '<li'; if ($yaptc_pagename=='Punch Log') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="punchlog.php">Punch Log</a></li>';
-  }
-// Users
-if ($userLogged == true && $userAccess == "Administrator") {
-  echo '<li'; if ($yaptc_pagename=='Users') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="users.php">Users</a></li>';
-  }
-// Reports
-if ($userLogged == true && $userAccess == "Administrator") {
-  echo '<li'; if ($yaptc_pagename=='Reports') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="reports.php">Reports</a></li>';
-  }       
-// Logout
-if ($userLogged == true) {
-  echo '<li'; if ($yaptc_pagename=='Logout') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="logout.php">Logout</a></li>';
-  }
-// Login
-if ($userLogged == false) {
+// Menu Setup
+
+// For logged-out users
+if ($session_status == false):
   echo '<li'; if ($yaptc_pagename=='Login') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="login.php">Login</a></li>';
-  }
+// For logged-in users, depending on access
+elseif ($session_status == true):
+// Home
+echo '<li'; if ($yaptc_pagename=='Home'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="index.php">Home</a></li>';
+// Profile Menu
+echo '<li'; if ($yaptc_pagename=='Profile'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="profile.php">Profile</a></li>';
+// Punch Log Menu
+echo '<li'; if ($yaptc_pagename=='Punch Log'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="punchlog.php">Punch Log</a></li>';
+// Users Menu
+if ($session_user["0"]["usertype"] == "Administrator"):
+  echo '<li'; if ($yaptc_pagename=='Users'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="users.php">Users</a></li>';
+endif;
+// Manual Punch
+if ($session_user["0"]["usertype"] == "Administrator"):
+  echo '<li'; if ($yaptc_pagename=='Manual Punch'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="manualpunch.php">Manual Punch</a></li>';
+endif;
+// Reports Menu
+if ($session_user["0"]["usertype"] == "Administrator"):
+  echo '<li'; if ($yaptc_pagename=='Reports'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="reports.php">Reports</a></li>';
+endif;
+// Logout Menu
+echo '<li'; if ($yaptc_pagename=='Logout'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="logout.php">Logout</a></li>';
+
+endif;
 
 ?>
           </ul>
@@ -54,7 +55,7 @@ if ($userLogged == false) {
 
         <div class="header">
           <h1><?php echo $yaptc_pagename; ?></h1>
-          <h2><?php if (isset($_SESSION['user_id'])): echo "Logged as: " . $_SESSION['firstname'] . ' ' . $_SESSION['lastname']; else: echo "Please log in to use the timecard system"; endif; ?></h2>
+          <h2><?php if (isset($_SESSION['user_id'])): echo "User: " . $session_user["0"]["firstname"] . ' ' . $session_user["0"]["lastname"]; else: echo "Please log in to use the timecard system"; endif; ?></h2>
           <h4><?php if (!empty($adminmessage)): echo "<div class=\"adminmessage\">" . $adminmessage . "</div>"; endif; ?></h4>
         </div>
 
diff --git a/includes/side-menu.css b/includes/side-menu.css
index e017617..dbe4a1f 100755
--- a/includes/side-menu.css
+++ b/includes/side-menu.css
@@ -31,32 +31,33 @@ body {
 }
 /*The content `<div>` is where all your content goes.*/
 .content {
-	margin:0 auto;
-	padding:0 2em;
+	margin:0;
+	padding:0;
 	max-width:800px;
 	margin-bottom:50px;
-	line-height:1.6em;
+	line-height:1em;
 }
 .header {
 	margin:0;
 	color:#333;
-	text-align:center;
-	padding:2.5em 2em 0;
-	border-bottom:1px solid #eee;
+	padding:.0;
+	border-bottom:2px solid #eee;
 }
 .header h1 {
-	margin:0.2em 0;
+	margin:0;
 	font-size:3em;
 	font-weight:300;
+	padding:0;	
 }
 .header h2 {
+	margin:0;
+	font-size:1em;
 	font-weight:300;
-	color:#ccc;
 	padding:0;
-	margin-top:0;
+	color:#888;
 }
-.content-subhead {
-	margin:50px 0 20px 0;
+.content-subhead {		
+	margin:1em 0 0 0;	
 	font-weight:300;
 	color: #888;
 }
diff --git a/index.php b/index.php
index 1e2262f..e95bc01 100755
--- a/index.php
+++ b/index.php
@@ -10,13 +10,15 @@ killSession();
 else: ?>
 <!-- ********** BEGIN CONTENT ********** -->
 
-<?php $punchStatus = getPunchStatus($yaptc_db, $_SESSION['user_id']); ?>
 <h2 class="content-subhead">Current Status</h2>
-<?php if (!isset($punchStatus['0'])): $status = "Out"; ?>
+<?php
+$timenow = date('Y-m-d H:i');
+$session_punch = listPunches($db, $session_user["0"]["userid"], 1);
+if (!isset($session_punch['0']['intime'])): $status = "Out"; ?>
     <p>You do not appear to have any punches on record.</p>
 <?php else:
-    if (!empty($punchStatus['3'])): $status = "Out"; $statustime = $punchStatus['3'];
-        else: $status = "In"; $statustime = $punchStatus['2']; $punchid = $punchStatus['0']; $notes = $punchStatus['4'];
+    if (!empty($session_punch['0']['outtime'])): $status = "Out"; $statustime = $session_punch['0']['outtime'];
+        else: $status = "In"; $statustime = $session_punch['0']['intime']; $punchid = $session_punch['0']['punchid']; $notes = $session_punch['0']['notes'];
     endif; ?>
 <p>You have been Punched <?php echo $status; ?> since <?php echo date('g:i a \o\n M jS, Y', strtotime($statustime)); ?>.</p>
 <?php endif; ?>
@@ -37,6 +39,7 @@ else: ?>
 </form>
 
 <?php
+$punchtime = $timenow . ':00';
 if (!empty($_POST)):
     if (isset($_POST['notes'])):
         if (!empty($_POST['notes'])): $notes = $_POST['notes'];
@@ -44,11 +47,13 @@ if (!empty($_POST)):
             endif;
         else: $notes = NULL;
         endif;
-    if ($status == "In"): punchOut($yaptc_db, $punchid, $notes);
-        elseif ($status == "Out"): punchIn($yaptc_db, $_SESSION['user_id'], $notes);
+    if ($status == "In"): punchOut($yaptc_db, $punchid, $notes, $punchtime, 0);
+        elseif ($status == "Out"): punchIn($yaptc_db, $_SESSION['user_id'], $notes, $punchtime, 0);
         endif;
     header('Location: ' . $_SERVER['PHP_SELF']);
     endif; ?>
 
+
+
 <!-- ********** END CONTENT ********** -->
 <?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>
diff --git a/lib/pure/HISTORY.md b/lib/pure/HISTORY.md
deleted file mode 100755
index 445de01..0000000
--- a/lib/pure/HISTORY.md
+++ /dev/null
@@ -1,413 +0,0 @@
-Pure Change History
-===================
-
-0.5.0 (2014-05-27)
-------------------
-
-### Base
-
-* Added the `.pure-img` class name for make images scale with the viewport in
-  fluid layouts.
-
-### Grids
-
-* __[!]__ Removed `.pure-g-r` from core, in favor of a mobile-first responsive
-  grid system. ([#24][], [#267][])
-
-  To use the mobile-first grid system, you need to pull in `pure.css`, along
-  with `grids-responsive.css`. We also have `grids-responsive-old-ie.css` that
-  you can serve to IE < 9 users so that they can view a desktop-version of your
-  website:
-
-    ```html
-    <link rel="stylesheet" href="http://yui.yahooapis.com/pure/0.5.0-rc-1/pure-min.css">
-
-    <!--[if lt IE 9]>
-        <link rel="stylesheet" href="http://yui.yahooapis.com/pure/0.5.0-rc-1/grids-responsive-old-ie-min.css">
-    <![endif]-->
-    <!--[if gt IE 8]><!-->
-        <link rel="stylesheet" href="http://yui.yahooapis.com/pure/0.5.0-rc-1/grids-responsive-min.css">
-    <!--<![endif]-->
-    ```
-
-  Find out more about the new grid system at <http://purecss.io/grids/>.
-
-### Tables
-
-* Switched cell padding in Tables from `px` to `em` units, and also increased
-  the amount of padding to `padding: 0.5em 1em`.
-
-
-[#24]: https://github.com/yui/pure/issues/24
-[#267]: https://github.com/yui/pure/pull/267
-
-
-0.4.2 (2014-02-13)
-------------------
-
-* Added `main` to Pure's `bower.json` file to allow easier integration with
-  build processes and tooling. ([#286][] @stevenvachon)
-
-### Forms
-
-* Improved how `<input type="color">` elements look in Chrome by fixing
-  paddings. ([#283][] @jpetto)
-
-* Removed `font-size` rules from `<input>`, `<legend>`, and `<fieldset>`
-  elements within `.pure-form`. Font sizes are now inherited from the
-  application's CSS file. ([#265][])
-
-* Invalid `<input>` elements within a Pure Form no longer explicitly set a
-  `border-width`. ([#295][] @kwando)
-
-
-[#265]: https://github.com/yui/pure/issues/265
-[#283]: https://github.com/yui/pure/issues/283
-[#286]: https://github.com/yui/pure/issues/286
-[#295]: https://github.com/yui/pure/issues/295
-
-
-0.4.1 (2014-02-06)
-------------------
-
-### Base
-
-* Elements that have Pure classnames which set a `display` declaration _and_ use
-  the `hidden` HTML attribute will now properly be hidden. With these changes,
-  the following button will be hidden from view:
-
-    ```html
-    <button class="pure-button" hidden>No showy</button>
-    ```
-
-  A new rule for the `[hidden]` selector has been added with the declaration:
-  `display: none !important;`. This is a time where it's appropriate for a
-  project like Pure to use `!important`. ([#177][])
-
-### Buttons
-
-* Removed all the occurrences of `-ms-linear-gradient()` from Buttons since it
-  has never been in the final version of IE 10. ([#200][]: @AurelioDeRosa)
-
-* `<input>` Buttons now have the same height as non-input buttons.
-  `font-family: inherit;` has been added to the `.pure-button` selector to
-  normalize the difference in height. ([#221][] @narcis-radu)
-
-* Buttons now have visually uniform default `padding` on all four sides. The
-  left/right padding is 2x the top/bottom padding. ([#191][] @achalv)
-
-### Forms
-
-* Added `vertical-align: top;` to `<textarea>`s within `.pure-form-aligned`
-  Forms to fix an alignment issue where its label was aligned to the middle.
-  ([#174][] @rictorres, @ItsAsbreuk)
-
-* Added styling for `<input>` elements that don't have a `type` attribute.
-  ([#261][] @dougdavies)
-
-### Grids
-
-* Added all non-reduced fractions to Grids default 5ths- and 24ths-based units.
-  There are now styles specified for `.pure-u-1-24` – `.pure-u-24-24`. All 5ths-
-  based units and reduced factions still remain; e.g., both `.pure-u-12-24` and
-  `.pure-u-1-2` exist. ([#144][] @mike-engel)
-
-* Removed `grids-units.css` from `src/`, this file is now generated via a Grunt
-  task. The units generation is done via the new
-  [`rework-pure-grids`][rework-pure-grids] [Rework][] plugin, and it can be used
-  to create any custom nth-based units for Pure's Grids system.
-
-### Menus
-
-* Removed hard-coded height for horizontal menus. ([#164][])
-
-
-[#144]: https://github.com/yui/pure/issues/144
-[#164]: https://github.com/yui/pure/issues/164
-[#174]: https://github.com/yui/pure/issues/174
-[#177]: https://github.com/yui/pure/issues/177
-[#191]: https://github.com/yui/pure/issues/191
-[#200]: https://github.com/yui/pure/issues/200
-[#221]: https://github.com/yui/pure/issues/221
-[#261]: https://github.com/yui/pure/issues/261
-
-[rework-pure-grids]: https://github.com/ericf/rework-pure-grids
-[Rework]: https://github.com/visionmedia/rework
-
-
-0.4.0 (2014-02-06)
-------------------
-
-* __[!]__ Corrupted release build, use `0.4.1`.
-
-
-0.3.0 (2013-09-09)
-------------------
-
-* __[!]__ Pure now requires the Base module (which is Normalize.css) to be on
-  the page. Pure has essentially always required the styles provided by
-  Normalize.css via the Base module, and this now makes it a firm requirement.
-  The `pure-min.css` and `pure-nr-min.css` rollup files already include the Base
-  module.
-
-  **Note:** When using a [custom subset][Customize] of Pure, be sure to include
-  the Base module.
-
-* Added non-minified rollup files: `pure.css` and `pure-nr.css`. These files are
-  created in addition to the minified rollups: `pure-min.css` and
-  `pure-nr-min.css`. The minified rollups _should_ be used in production.
-  ([#171][] @omeid)
-
-### Base
-
-* __[!]__ Removed Normalize.css from checked-in `src/`. Bower is now used to
-  programmatically import Normalize.css into `bower_components/` if it's not
-  already installed. Normalize.css is still bundled with Pure, this change is a
-  development-time change only. ([#160][])
-
-### Buttons
-
-* Removed `-webkit-font-smoothing: antialiased` rule from Buttons. Pure should
-  not dictate sub-pixel font rendering, that should be left to the person's
-  browser settings and/or the developer. ([#170][] @dchest)
-
-### Forms
-
-* __[!]__ Removed `forms-core.css`. This was a copy of Normalize.css' form
-  related styles. Now that Pure requires the Base module (Normalize.css) to be
-  on the page, the Forms Core submodule is no longer needed. ([#160][])
-
-* Added `:focus` styles to `[readonly]` `<input>` elements. ([#143][])
-
-* Removed `-webkit-font-smoothing: antialiased` rule from Forms input styles.
-  Pure should not dictate sub-pixel font rendering, that should be left to the
-  person's browser settings and/or the developer. ([#185][] @dchest)
-
-### Grids
-
-* __[!]__ Improved support for Grids across OS/browser combinations, and its
-  ability to withstand the use of non-default fonts when set by either the
-  person in their browser settings or by the developer using custom fonts.
-
-  Grids now uses CSS3 Flexbox when possible to avoid the side-effects of setting
-  a negative `letter-spacing` — the fallback for older browsers. Grids also now
-  uses a specific font stack on `.pure-g` and `.pure-g-r` classes to ensure the
-  greatest OS/browser compatibility when non-default fonts are being used. By
-  default grid units will now have `font-family: sans-serif;` applied — this is
-  the default font stack Pure's Base module (Normalize.css) applies to the
-  `<body>`.
-
-  This is a **breaking change** if you are using any non-default fonts in your
-  web project. Fortunately, it's quite easy to make sure your custom font stacks
-  apply to content within Pure Girds. Instead of applying your custom font to
-  only the `<body>` element, apply it to the grid units as well:
-
-    ```css
-    body,
-    .pure-g [class *= "pure-u"],
-    .pure-g-r [class *= "pure-u"] {
-        /* Set you're content font stack here: */
-        font-family: Georgia, Times, "Times New Roman", serif;
-    }
-    ```
-
-  Refer to the [Grids Documentation][Grids-fonts] for more details on using
-  non-default fonts with Pure Grids.
-  ([#41][], [#162][], [#166][], [#189][]: @adapterik @dannyfritz, @pandeiro)
-
-* Fixed grid units from falling to a new line on IE 6 and IE 7. Grid units now
-  have a separate `*width` value for these older versions of IE. This value is
-  `0.005%` less than the standard `width` value. This fix does not affect modern
-  browsers because it uses the star hack. ([#154][])
-
-* Added a `height: auto` rule to images within a `.pure-g-r` so that their
-  aspect ratios are maintained when the page is resized. ([#172][]: @dchest)
-
-
-[#41]: https://github.com/yui/pure/issues/41
-[#143]: https://github.com/yui/pure/issues/143
-[#154]: https://github.com/yui/pure/issues/154
-[#160]: https://github.com/yui/pure/issues/160
-[#162]: https://github.com/yui/pure/issues/162
-[#166]: https://github.com/yui/pure/issues/166
-[#170]: https://github.com/yui/pure/issues/170
-[#171]: https://github.com/yui/pure/issues/171
-[#172]: https://github.com/yui/pure/issues/172
-[#185]: https://github.com/yui/pure/issues/185
-[#189]: https://github.com/yui/pure/issues/189
-
-[Customize]: http://purecss.io/customize/
-[Grids-fonts]: http://purecss.io/grids/#using-grids-with-custom-fonts
-
-
-0.2.1 (2013-07-17)
-------------------
-
-### Forms
-
-* __[!]__ Made `[readonly]` `<input>`s look visually different to `[disabled]`
-  and regular `<input>`s. ([#102][]: @jaseg)
-
-* Fixed copy/paste bug that mapped text inputs to `.pure-form` instead of
-  `.pure-group`. The `.pure-form-group input` styles are now applied to all
-  text-ish `<input>` elements. ([#96][])
-
-* Fixed `.pure-input-rounded` styles to now apply correctly. The change to use
-  more specific selectors for text-ish inputs in v0.2.0 caused the
-  `.pure-input-rounded` selector to not apply because it was less specific. This
-  selector now has right specificity. ([#109][]: @AurelioDeRosa)
-
-* Added `display: block` to `<textarea>`s in `.pure-form-stacked` `<form>`s to
-  fix an alignment issue for subsequent elements. ([#90][]: @AurelioDeRosa)
-
-* Removed the gray `color` from `.pure-form label`. This allows `<label>`s to
-  inherit their foreground color. ([#89][]: @AurelioDeRosa)
-
-### Grids
-
-* __[!]__ Changed `.pure-u-1` grid unit to now use `width: 100%` instead of
-  `display: block` to achieve taking up the full width of its container. This
-  makes it easier to override and align since it's using `display: inline-block`
-  like the other grid units. ([#94][])
-
-* Fixed `width` value typo in `.pure-u-1-6`, changed it from `16.656%` to
-  `16.666%`. ([#115][]: @chilts)
-
-### Menus
-
-* __[!]__ Fixed broken styling of active paginator items by using Grids CSS
-  rules to layout items horizontally; this makes sure the active item isn't
-  overlapped. ([#127][])
-
-### Tables
-
-* Removed `white-space: nowrap` from `.pure-table thead`. This fixes issues
-  where tables inside of grids would break the grid. ([#95][]: @AurelioDeRosa)
-
-
-[#89]: https://github.com/yui/pure/issues/89
-[#90]: https://github.com/yui/pure/issues/90
-[#94]: https://github.com/yui/pure/issues/94
-[#95]: https://github.com/yui/pure/issues/95
-[#96]: https://github.com/yui/pure/issues/96
-[#102]: https://github.com/yui/pure/issues/102
-[#109]: https://github.com/yui/pure/issues/109
-[#115]: https://github.com/yui/pure/issues/115
-[#127]: https://github.com/yui/pure/issues/127
-[#172]: https://github.com/yui/pure/pull/172
-
-
-0.2.0 (2013-06-11)
-------------------
-
-* __[!]__ Fixed accessibility mistake by removing `a:focus {outline: none;}`
-  rule from `buttons-core.css`.
-
-* __[!]__ Improved `:focus` styles by applying the same rules that are used by
-  `:hover` styles. When overriding Pure's `:hover` styles, be sure to include
-  `:focus` selectors as well.
-
-* Added improvements to developer workflow:
-
-    * Added basic Tests using CSSLint via `grunt test` ([#25][])
-
-    * Integrated Travis CI which runs `grunt test` on pushes to `master` and for
-      pull requests.
-
-    * Added `grunt watch` task which runs tests and build.
-
-    * Added support to `pure-site` for serving `pure` locally during
-      development. ([#46][], [yui/pure-site#111][])
-
-* Removed vendor prefixes for `box-shadow`, `text-shadow`, `border-radius`. All
-  modern browsers support the non-prefixed versions of these properties.
-  ([#23][])
-
-### Forms
-
-* __[!]__ Replaced `.pure-help-inline` with `.pure-form-message-inline`. We
-  still support the older classname but it is deprecated and will be going away
-  in a future release. ([#32][]: @dannytatom)
-
-* Added a new class called `.pure-form-message`. It works the same way as
-  `.pure-form-message-inline` but is meant for block elements.
-  ([#32][]: @dannytatom)
-
-* Added focus styles for file, radio, and checkbox `<input>`s to improve
-  accessibility. ([#42][]: @codepb)
-
-* `<textarea>`s now have the same styling as `<input>`s. ([#49][]: @rcbdev)
-
-* `.pure-form input` rules are now more specific by targetting only "texty"
-  `<inputs>`. This prevents these styles from affecting "buttony" `<input>`s.
-  ([#54][])
-
-### Grids
-
-* Elements with classnames before the responsive grid's unit classnames now
-  works correctly. Before units were targeted using the `^=` ("starts with")
-  selector, which meant that if another classname preceded the unit classname,
-  then the rule would not apply. ([#44][])
-
-### Menus
-
-* Added `.pure-menu-separator` classname that can be used to visually
-  separate horizontal menu items. ([#53][]: @codepb, @mseri)
-
-* Focused menus have an `outline: none` by default. Instead, menu-items that
-  have been opened to display children (in a drop-down menu) get a slight
-  background (`#dedede`) for accessibility. ([#22][])
-
-
-[#22]: https://github.com/yui/pure/issues/22
-[#23]: https://github.com/yui/pure/issues/23
-[#25]: https://github.com/yui/pure/issues/25
-[#32]: https://github.com/yui/pure/issues/32
-[#42]: https://github.com/yui/pure/issues/42
-[#44]: https://github.com/yui/pure/issues/44
-[#46]: https://github.com/yui/pure/issues/46
-[#49]: https://github.com/yui/pure/issues/49
-[#53]: https://github.com/yui/pure/issues/53
-[#54]: https://github.com/yui/pure/issues/54
-
-[yui/pure-site#111]: https://github.com/yui/pure-site/issues/111
-
-
-0.1.0 (2013-05-24)
-------------------
-
-* __[!]__ Initial public release.
-
-* Upgraded Normalize.css to 1.1.2.
-
-* Integrated Bower into `grunt import` process.
-
-* Cleaned up manual test files, removing unnecessary CSS files and cruft.
-
-### Buttons
-
-* Added `border-radius: 2px` to enhance the appearance the they are click-able.
-
-### Menus
-
-* Removed `border-radius` from vertical menus.
-
-* Replaced blue hover for menus with light grey (`#eee`)
-
-* Removed `font-weight: bold` from selected menu items.
-
-
-0.0.2 (2013-05-16)
-------------------
-
-* __[!]__ Renamed to Pure.
-
-* __[!]__ Renamed CSS classname prefix to `pure`.
-
-* Preview release (2).
-
-
-0.0.1 (2013-05-14)
-------------------
-
-* Preview release.
diff --git a/lib/pure/README.md b/lib/pure/README.md
deleted file mode 100755
index 879c5cd..0000000
--- a/lib/pure/README.md
+++ /dev/null
@@ -1,170 +0,0 @@
-Pure
-====
-
-[![Pure](http://f.cl.ly/items/2y0M0E2Q3a2H0z1N1Y19/pure-banner.png)][Pure]
-
-A set of small, responsive CSS modules that you can use in every web project.
-[http://purecss.io/][Pure]
-
-[![Build Status](https://travis-ci.org/yui/pure.png?branch=master)][Build Status]
-
-**Use From the CDN:**
-
-```html
-<link rel="stylesheet" href="http://yui.yahooapis.com/pure/0.5.0/pure-min.css">
-```
-
-Note: You can [customize which Pure modules you need][customize].
-
-**Install with Bower:**
-
-```shell
-$ bower install --save pure
-```
-
-
-[Pure]: http://purecss.io/
-[Bower]: http://bower.io/
-[Build Status]: https://travis-ci.org/yui/pure
-[customize]: http://purecss.io/customize/
-
-
-Features
---------
-
-Pure is meant to be a starting point for every website or web app. We take care
-of all the CSS work that every site needs, without making it look cookie-cutter:
-
-* A responsive grid that can be customized to your needs.
-
-* A solid base built on [Normalize.css][] to fix cross-browser compatibility
-  issues.
-
-* Consistently styled buttons that work with `<a>` and `<button>` elements.
-
-* Styles for vertical and horizontal menus, including support for dropdown
-  menus.
-
-* Useful form alignments that look great on all screen sizes.
-
-* Various common table styles.
-
-* An extremely minimalist look that is super-easy to customize.
-
-* Responsive by default, with a non-responsive option.
-
-* Easy one-click customization with the [Skin Builder][].
-
-* Extremely small file size: **4.5KB minified + gzip**.
-
-
-[Normalize.css]: http://necolas.github.io/normalize.css/
-[Skin Builder]: http://yui.github.io/skinbuilder/?mode=pure
-
-
-Get Started
------------
-
-To get started using Pure, go to the [Pure CSS website][Pure]. The website has
-extensive documentation and examples necessary to get you started using Pure.
-
-You can include the Pure CSS file in your project by fetching it from Yahoo's
-CDN:
-
-```html
-<link rel="stylesheet" href="http://yui.yahooapis.com/pure/0.5.0/pure-min.css">
-```
-
-You can also install Pure using [Bower][], using the following command:
-
-```shell
-$ bower install --save pure
-```
-
-
-Build From Source
------------------
-
-Optionally, you can build Pure from its source on Github. To do this, you'll
-need to have Node.js and npm installed. We use [Grunt][] to build Pure.
-
-```shell
-$ git clone git@github.com:yui/pure.git
-$ cd pure
-$ npm install
-$ grunt
-```
-
-### Build Files
-
-Now, all Pure CSS files should be built into the `pure/build/` directory. All
-files that are in this build directory are also available on the CDN. The naming
-conventions of the files in the `build/` directory follow these rules:
-
-* `[module]-core.css`: The minimal set of styles, ususally structural, that
-  provide the base on which the rest of the module's styles build.
-
-* `[module]-nr.css`: Rollup of `[module]-core.css` + `[module].css` +
-  `[module]-[feature].css` from the `src/[module]/` dir. This is the
-  non-responsive version of a module.
-
-* `[module].css`: Rollup of `[module]-nr.css` + `[module]-r.css` from the
-  `build/` dir. This is the responsive version of a module.
-
-* `*-min.css`: A minified file version of the files of the same name.
-
-* `pure.css`: A rollup of all `[module].css` files in the `build/` dir. This is
-  a responsive roll-up of everything, non-minified.
-
-* `pure-min.css`: Minified version of `pure.css` that should be used in
-  production.
-
-* `pure-nr.css`: A Rollup of all modules without @media queries. This is a
-  non-responsive roll-up of everything, non-minified.
-
-* `pure-nr-min.css`: Minified version of `pure-nr.css` that should be used in
-  production.
-
-
-[Grunt]: http://gruntjs.com/
-
-
-Browser Support and Testing
----------------------------
-
-Pure is tested and works in:
-
-* IE 7+
-* Latest Stable: Firefox, Chrome, Safari
-* iOS 6.x, 7.x
-* Android 4.x
-
-
-Docs and Website
-----------------
-
-[Pure's website][Pure] is also open source, so please open any issues or pull
-requests for the docs and website over at the [`pure-site`][pure-site]
-repository.
-
-
-[pure-site]: https://github.com/yui/pure-site
-
-
-Contributing
-------------
-
-See the [CONTRIBUTING file][] for information on how to contribute to Pure.
-
-
-[CONTRIBUTING file]: https://github.com/yui/pure/blob/master/CONTRIBUTING.md
-
-
-License
--------
-
-This software is free to use under the Yahoo! Inc. BSD license.
-See the [LICENSE file][] for license text and copyright information.
-
-
-[LICENSE file]: https://github.com/yui/pure/blob/master/LICENSE.md
diff --git a/manualpunch.php b/manualpunch.php
new file mode 100755
index 0000000..c2aa48c
--- /dev/null
+++ b/manualpunch.php
@@ -0,0 +1,95 @@
+<?php
+session_start();
+require_once("config.inc.php");
+require_once($yaptc_inc . "functions.inc.php");
+$yaptc_pagename = "Manual Punch";
+require_once($yaptc_inc . "header.inc.php");
+require_once($yaptc_inc . "menu.inc.php");
+if (getSessionStatus() == false):
+killSession();
+else: ?>
+<!-- ********** BEGIN CONTENT ********** -->
+
+
+<?php
+$timenow = date('Y-m-d H:i');
+if (!empty($_POST)) {
+
+
+if (isset($_POST['notes'])) { if (!empty($_POST['notes'])) { $notes = $_POST['notes']; } else { $notes = NULL; } } else { $notes = NULL; }
+if (isset($_POST['punchtime'])) {
+// this needs work to check existing modified flag!!! i.e. if already set to 1, leave as 1!!!
+  if (!empty($_POST['punchtime'])) { $punchtime = $_POST['punchtime'] . ':00'; $modified = "1"; } else { $punchtime = $timenow . ':00'; }
+} else { $punchtime = $timenow . ':00'; }
+
+// Is the user currently punched in?  If so, insert the punch out record, otherwise, insert a new punch in
+if ($_POST['status']=="In") {
+  punchOut($yaptc_db, $_POST['punchid'], $notes, $punchtime, $modified);
+  } else {
+  punchIn($yaptc_db, $_POST['userid'], $notes, $punchtime, $modified);
+  }
+
+header('Location: '.$_SERVER['PHP_SELF']);
+}
+
+
+
+
+
+
+if ($session_user["0"]["usertype"] == "Administrator"): ?>
+<h2 class="content-subhead">User Status</h2>
+<p>Below is the current state of all users.  You may enter punches for them using the buttons, or edit existing punches in the next section.</p>
+
+<table class="pure-table">
+<thead>
+<tr>
+<th>Name</th>
+<th>Status</th>
+<th>Notes</th>
+<th>Actions</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<?php
+
+foreach (getUserInfo($db, "%") as $row) {
+echo "<td>" . $row['lastname'] . ", " . $row['firstname'] . "</td>";
+
+$user_punch = listPunches($db, $row['userid'], 1);
+if (!$user_punch): $status = "Out"; $statustime = "No Punches"; $notes="";
+elseif (!empty($user_punch['0']['outtime'])): $status = "Out"; $statustime = date('g:i a \o\n M jS, Y', strtotime($user_punch['0']['outtime'])); $punchid = ""; $notes="";
+else: $status = "In"; $statustime = date('g:i a \o\n M jS, Y', strtotime($user_punch['0']['intime'])); $punchid = $user_punch['0']['punchid']; if (!empty($user_punch['0']['notes'])): $notes = $user_punch['0']['notes']; else: $notes=""; endif;
+endif;
+
+echo "<td>" . $status . " since " . $statustime . "</td>"; ?>
+<form method="post" onsubmit="return confirm('Are you sure you want to punch this user NOW?')">
+<td><input type="text" name="notes" placeholder="<?php echo $notes; ?>"></td>
+<td>
+<input type="hidden" name="_METHOD" value="PUNCH">
+<input type="hidden" name="userid" value="<?php echo $row['userid']; ?>">
+<input type="hidden" name="punchid" value="<?php echo $punchid; ?>">
+<input type="hidden" name="status" value="<?php echo $status; ?>">
+<input type="text" name="punchtime" placeholder="<?php echo $timenow; ?>" maxlength="20">
+<?php if ($status == "In"): ?>
+    <button type="submit" name="punchuser" value="punchuser" class="pure-button button-error">Punch OUT</button>
+<?php elseif ($status == "Out"): ?>
+    <button type="submit" name="punchuser" value="punchuser" class="pure-button button-success">Punch IN</button>
+<?php endif; ?>
+</form>
+
+
+</td>
+</tr>
+<?php } ?>
+</tbody>
+</table>
+
+<?php else: ?>
+<h2 class="content-subhead">NOT AUTHORIZED!</h2>
+<?php endif; ?>
+
+
+<!-- ********** END CONTENT ********** -->
+<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>
diff --git a/profile.php b/profile.php
index ee9159c..84ce2dc 100755
--- a/profile.php
+++ b/profile.php
@@ -7,73 +7,60 @@ require_once($yaptc_inc . "header.inc.php");
 require_once($yaptc_inc . "menu.inc.php");
 if (getSessionStatus() == false):
 killSession();
-else:
-//********** BEGIN CONTENT **********// ?>
+else: ?>
+<!-- ********** BEGIN CONTENT ********** -->
 
 <?php
 if (!empty($_POST)):
     if (empty($_POST['password']) && empty($_POST['newpassword2'])):
-        updateUserProfile($yaptc_db, $_SESSION['user_id'], $_POST['firstname'], $_POST['lastname'], $_POST['email']);
+        setUserInfo($db, $session_user["0"]["userid"], $_POST['firstname'], $_POST['lastname'], $_POST['email'], $_POST['usertypeid'], $session_user["0"]["password"]);
         header('Location: ' . $_SERVER['PHP_SELF']);
-    elseif ($_POST['password'] != $_POST['newpassword2']):
-        $errors['newpassword2'] = "New passwords do not match.";
-    elseif (!empty($_POST['password']) && ($_POST['password'] = $_POST['newpassword2'])):
+elseif (strlen($_POST['password']) < $yaptc_min_password):
+echo "Password must be at least $yaptc_min_password characters.";
+elseif (!empty($_POST['password']) && empty($_POST['newpassword2'])):
+echo "Please confirm password if you wish to change it";
+elseif ($_POST['password'] != $_POST['newpassword2']):
+echo "New passwords do not match";
+elseif (!empty($_POST['password']) && ($_POST['password'] = $_POST['newpassword2'])):
+// change pw
 require_once($yaptc_lib . "phpass-0.3/PasswordHash.php");
     $hasher = new PasswordHash(8, FALSE);
     $password = $hasher->HashPassword($_POST['password']);
-        updateUserPassword($yaptc_db, $_SESSION['user_id'], $password);
-        updateUserProfile($yaptc_db, $_SESSION['user_id'], $_POST['firstname'], $_POST['lastname'], $_POST['email']);
-echo $_POST['password'];
-echo $password;
+setUserInfo($db, $session_user["0"]["userid"], $_POST['firstname'], $_POST['lastname'], $_POST['email'], $_POST['usertypeid'], $password);
         header('Location: ' . $_SERVER['PHP_SELF']);
-
-
-    endif;
-
-
+endif;
 endif;
 ?>
 
 
-<?php
-
-$query = "SELECT users.id, users.password, users.created, users.username, users.firstname, users.lastname, users.email, usertypes.typename AS usertype FROM yaptc.users INNER JOIN yaptc.usertypes ON users.usertype = usertypes.id WHERE users.id = :id";
-  $stmt = $yaptc_db->prepare($query);
-  $stmt->execute(array(':id' => $_SESSION['user_id']));
-  $user = $stmt->fetchObject();
-?>
-
-<?php if (isset($errors['update'])): ?>
-        <p class="error"><?php echo $errors['update']; ?></p>
-        <?php endif; ?>
-
 <h2 class="content-subhead">Profile Information</h2>
 <p>You may make changes to your user profile below if you wish. Updates will take effect immediately on pressing "Save".</p>
-<p>To change your password, enter a new password twice below and press save.</p>
+<p>To change your password, enter a new password twice below and press save.  Password minimum length is <?php echo $yaptc_min_password; ?></p>
 <form class="pure-form pure-form-stacked" action="profile.php" method="post">
 <fieldset id="update">
 <div class="pure-g">
 <div class="pure-u-1 pure-u-md-1-3">
 <label for="username">Username</label>
-<input type="text" name="username" maxlength="50" value="<?php echo $user->username; ?>" readonly>
+<input type="text" name="username" maxlength="50" value="<?php echo $session_user["0"]["username"]; ?>" readonly>
 <label for="created">Created</label>
-<input type="text" name="created" value="<?php echo $user->created; ?>" readonly>
+<input type="text" name="created" value="<?php echo $session_user["0"]["created"]; ?>" readonly>
 <label for="usertype">User Type</label>
-<input type="text" name="usertype" maxlength="50" value="<?php echo $user->usertype; ?>" readonly>
+<input type="text" name="usertype" maxlength="50" value="<?php echo $session_user["0"]["usertype"]; ?>" readonly>
+<input type="hidden" name="usertypeid" maxlength="50" value="<?php echo $session_user["0"]["usertypeid"]; ?>" readonly>
 </div>
 <div class="pure-u-1 pure-u-md-1-3">
 <label for="firstname">First Name</label>
-<input type="text" name="firstname" maxlength="50" value="<?php echo $user->firstname; ?>">
+<input type="text" name="firstname" maxlength="50" value="<?php echo $session_user["0"]["firstname"]; ?>">
 <label for="lastname">Last Name</label>
-<input type="text" name="lastname" maxlength="50" value="<?php echo $user->lastname; ?>">
+<input type="text" name="lastname" maxlength="50" value="<?php echo $session_user["0"]["lastname"]; ?>">
 <label for="email">Email</label>
-<input type="text" name="email" maxlength="100" value="<?php echo $user->email; ?>">
+<input type="text" name="email" maxlength="100" value="<?php echo $session_user["0"]["email"]; ?>">
 </div>
 <div class="pure-u-1 pure-u-md-1-3">
 <label for="password">New Password</label>
-<input type="password" name="password" maxlength="50">
+<input type="password" name="password">
 <label for="newpassword2">Confirm Password</label>
-<input type="password" name="newpassword2" maxlength="50">
+<input type="password" name="newpassword2">
 </div>
 <div class="pure-controls pure-u-1">
 <button type="submit" class="pure-input-1 pure-button button-success ">Save</button>
@@ -85,7 +72,5 @@ $query = "SELECT users.id, users.password, users.created, users.username, users.
 
 
 
-<?php //********** END CONTENT **********//
-endif;
-require_once($yaptc_inc . "footer.inc.php");
-?>
+<!-- ********** END CONTENT ********** -->
+<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>
diff --git a/punchlog.php b/punchlog.php
index a785f4d..da8808b 100755
--- a/punchlog.php
+++ b/punchlog.php
@@ -10,6 +10,7 @@ killSession();
 else: ?>
 <!-- ********** BEGIN CONTENT ********** -->
 
+
 <?php
 $userid = $_SESSION['user_id'];
 $timenow = date('Y-m-d H:i');
@@ -96,43 +97,22 @@ echo "</fieldset>";
 echo "</form>";
 endif;
 
+
+
+
 echo "<h2 class=\"content-subhead\">Punch History</h2>";
 echo "<p>Below is your full punch history, sorted newest to oldest.</p>";
-$result = $yaptc_db->prepare("SELECT punches.id as punchid, users.id as user, punches.intime as intime, punches.outtime as outtime, punches.notes as notes, punches.modified as modified FROM punches INNER JOIN users ON punches.userid = users.id WHERE users.id = $userid ORDER BY punches.id DESC");
-$result->execute();
-echo '<table class="pure-table">';
-echo '<thead>';
-echo '<tr>';
-echo '<th>Time In</th>';
-echo '<th>Time Out</th>';
-echo '<th>Hours</th>';
-echo '<th>Flag</th>';
-echo '<th>Notes</th>';
-echo '</tr>';
-echo '</thead>';
-echo '<tbody>';
-while ($row = $result->fetch(PDO::FETCH_ASSOC))
-{
-$intime = $row['intime'];
-$outtime = $row['outtime'];
-$date1 = new DateTime($intime);
-$date2 = new DateTime($outtime);
-$seconds = abs($date1->getTimestamp()-$date2->getTimestamp());
-$flag = $row['modified'];
-if ($flag == "1") {$flg="YES";} else {$flg="";}
-$notes = $row['notes'];
-echo "<tr>";
-echo "<td>$intime</td>";
-echo "<td>$outtime</td>";
-echo "<td>" . number_format((float)(($seconds/60)/60), 2, '.', '') . "</td>";
-echo "<td>$flg</td>";
-echo "<td>$notes</td>";
-echo "</tr>";
-}
-echo '</tbody>';
-echo '</table>';
 ?>
 
+<table class="pure-table">
+<thead><tr><th>In</th><th>Out</th><th>Name</th><th>Hours</th><th>Flagged</th><th>Notes</th></tr></thead>
+        <tbody><?php foreach (listPunches($db, $session_user["0"]["userid"]) as $row): ?>
+        <tr><td><?php echo $row['intime']; ?></td><td><?php echo $row['outtime']; ?></td><td><?php echo $row['lastname'] . ", " . $row['firstname']; ?></td><td><?php echo $row['punchhours']; ?></td><td><?php echo $row['modified']; ?></td><td><?php echo $row['notes']; ?></td></tr><?php endforeach; ?>
+        </tbody>
+        </table>
+
+
+
 
 <!-- ********** END CONTENT ********** -->
 <?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>
diff --git a/reports.php b/reports.php
index 350f301..8057609 100755
--- a/reports.php
+++ b/reports.php
@@ -10,9 +10,9 @@ killSession();
 else: ?>
 <!-- ********** BEGIN CONTENT ********** -->
 
-<?php if ($userLogged == true && $userAccess == "Administrator"): ?>
-<h2 class="content-subhead">Punch History</h2>
-<p>Below is your company punch history.  The below drop-down can be used to select pre-configured reports.  Other reports are currently being written.</p>
+<?php if ($session_user["0"]["usertype"] == "Administrator"): ?>
+<h2 class="content-subhead">History Reports</h2>
+<p>The drop-down below can be used to select pre-configured reports.  Other reports are currently being written.</p>
 <form class="pure-form pure-form-stacked" action="reports.php" method="post">
 <fieldset>
 <div class="pure-g">
@@ -27,6 +27,7 @@ else: ?>
 <?php endif; ?>
 <option value="Hours per week per user">Hours per week per user</option>
 <option value="Hours per month per user">Hours per month per user</option>
+<option value="All Punches">All Punches</option>
 </select>
 </div>
 </div>
@@ -34,18 +35,26 @@ else: ?>
 </fieldset>
 </form>
 
+
 <?php if (isset($_POST['reporttype'])): ?>
     <?php if ($_POST['reporttype'] == "Hours per week per user"): ?><table class="pure-table">
-        <thead><tr><th>Year</th><th>Week#</th><th>Username</th><th>Hours</th></tr></thead>
+        <thead><tr><th>Year</th><th>Week#</th><th>Name</th><th>Hours</th></tr></thead>
         <tbody><?php foreach (reportWeeklyByUser($yaptc_db) as $row): ?>
-        <tr><td><?php echo $row['g_year']; ?></td><td><?php echo $row['g_week']; ?></td><td><?php echo $row['username']; ?></td><td><?php echo $row['punchhours']; ?></td></tr><?php endforeach; ?>
+        <tr><td><?php echo $row['g_year']; ?></td><td><?php echo $row['g_week']; ?></td><td><?php echo $row['lastname'] . ", " . $row['firstname']; ?></td><td><?php echo $row['punchhours']; ?></td></tr><?php endforeach; ?>
         </tbody>
         </table>
     <?php endif; ?>
     <?php if ($_POST['reporttype'] == "Hours per month per user"): ?><table class="pure-table">
-        <thead><tr><th>Year</th><th>Month</th><th>Username</th><th>Hours</th></tr></thead>
+        <thead><tr><th>Year</th><th>Month</th><th>Name</th><th>Hours</th></tr></thead>
         <tbody><?php foreach (reportMonthlyByUser($yaptc_db) as $row): ?>
-        <tr><td><?php echo $row['g_year']; ?></td><td><?php echo $row['g_month']; ?></td><td><?php echo $row['username']; ?></td><td><?php echo $row['punchhours']; ?></td></tr><?php endforeach; ?>
+        <tr><td><?php echo $row['g_year']; ?></td><td><?php echo $row['g_month']; ?></td><td><?php echo $row['lastname'] . ", " . $row['firstname']; ?></td><td><?php echo $row['punchhours']; ?></td></tr><?php endforeach; ?>
+        </tbody>
+        </table>
+    <?php endif; ?>
+    <?php if ($_POST['reporttype'] == "All Punches"): ?><table class="pure-table">
+        <thead><tr><th>In</th><th>Out</th><th>Name</th><th>Hours</th><th>Flagged</th><th>Notes</th></tr></thead>
+        <tbody><?php foreach (listPunches($db, "%") as $row): ?>
+        <tr><td><?php echo $row['intime']; ?></td><td><?php echo $row['outtime']; ?></td><td><?php echo $row['lastname'] . ", " . $row['firstname']; ?></td><td><?php echo $row['punchhours']; ?></td><td><?php echo $row['modified']; ?></td><td><?php echo $row['notes']; ?></td></tr><?php endforeach; ?>
         </tbody>
         </table>
     <?php endif; ?>
diff --git a/users.php b/users.php
index e8c5335..6dab714 100755
--- a/users.php
+++ b/users.php
@@ -10,9 +10,9 @@ killSession();
 else: ?>
 <!-- ********** BEGIN CONTENT ********** -->
 
-<?php if ($userLogged == true && $userAccess == "Administrator"): ?>
+<?php if ($session_user["0"]["usertype"] == "Administrator"): ?>
 <h2 class="content-subhead">Add User</h2>
-<p>All fields are required!  Password must be 4+ characters.  Username and email must be unique.</p>
+<p>All fields are required!  Password must be at least <?php echo $yaptc_min_password; ?> characters.  Username and email must be unique.</p>
 <?php
 require_once($yaptc_lib . "phpass-0.3/PasswordHash.php");
 if (!empty($_POST['newuser']))
@@ -29,9 +29,9 @@ if (!empty($_POST['newuser']))
     {
         $errors['password'] = "Password cannot be empty.";
     }
-    if (strlen($_POST['password']) < 4)
+    if (strlen($_POST['password']) < $yaptc_min_password)
     {
-        $errors['password'] = "Password must be at least 4 charcaters.";
+        $errors['password'] = "Password must be at least $yaptc_min_password charcaters.";
     }
     if (empty($_POST['password_confirm']))
     {
@@ -111,17 +111,20 @@ if (!empty($_POST['newuser']) && empty($errors))
         <form class="pure-form" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
             <fieldset id="registration" class="pure-group">
         <div class="pure-g">
-            <div class="pure-u-1 pure-u-md-1-2">
+            <div class="pure-u-1 pure-u-md-1-3">
                 <input type="text" class="pure-input" id="firstname" name="firstname" placeholder="First Name" required />
                     <?php echo isset($errors['firstname']) ? $errors['firstname'] : ''; ?>
                 <input type="text" class="pure-input" id="lastname" name="lastname" placeholder="Last Name" required />
                     <?php echo isset($errors['lastname']) ? $errors['lastname'] : ''; ?>
+</div>
+            <div class="pure-u-1 pure-u-md-1-3">
                 <input type="text" class="pure-input" id="username" name="username" placeholder="Username" required />
                     <?php echo isset($errors['username']) ? $errors['username'] : ''; ?>
-</div>
-            <div class="pure-u-1 pure-u-md-1-2">
+
                 <input type="text" class="pure-input" id="email" name="email" placeholder="Email" />
                     <?php echo isset($errors['email']) ? $errors['email'] : ''; ?>
+</div>
+            <div class="pure-u-1 pure-u-md-1-3">
                 <input type="password" class="pure-input" id="password" name="password" placeholder="Password" required />
                     <?php echo isset($errors['password']) ? $errors['password'] : ''; ?>
                 <input type="password" class="pure-input" id="password_confirm" name="password_confirm" placeholder="Confirm Password" required />
@@ -179,7 +182,7 @@ echo "user deleted!";
 <tbody>
 <tr>
 <?php
-foreach (listUsers($yaptc_db) as $row) {
+foreach (getUserInfo($db, "%") as $row) {
 echo "<td>" . $row['firstname'] . "</td>";
 echo "<td>" . $row['lastname'] . "</td>";
 echo "<td>" . $row['username'] . "</td>";