Major overhauls, added admin punch as well

2015-02-24 10:37:52 -05:00
parent 7c85d55315
commit 65204a6c59
12 changed files with 356 additions and 764 deletions
--- a/includes/functions.inc.php
+++ b/includes/functions.inc.php
@@ -9,27 +9,7 @@ ORDER BY users.lastname ASC;");
   return $stmt->fetchAll(PDO::FETCH_ASSOC);
 }

-// Update user profile
-function updateUserProfile($yaptc_db, $userid, $firstname, $lastname, $email)
-{
-$stmt = $yaptc_db->prepare("UPDATE users SET firstname = :firstname, lastname = :lastname, email = :email WHERE id = :userid;");
-$stmt->execute(array(
-    ':userid' => $userid,
-    ':firstname' => $firstname,
-    ':lastname' => $lastname,
-    ':email' => $email,
-    ));
-}

-// Update user profile
-function updateUserPassword($yaptc_db, $userid, $password)
-{
-$stmt = $yaptc_db->prepare("UPDATE users SET password = :password WHERE id = :userid;");
-$stmt->execute(array(
-    ':userid' => $userid,
-    ':password' => $password,
-    ));
-}


 // Get login status - returns true or false
@@ -51,37 +31,29 @@ function killSession()
    header("Location: login.php");
 }

-// Get user access level.  Call with $sql passed or it will not work correctly
-function getSessionAccess($yaptc_db)
-{
-    if (isset($_SESSION['user_id'])) {
-        $query3 = "SELECT users.id as userid, usertypes.typename AS usertype FROM yaptc.users INNER JOIN yaptc.usertypes ON users.usertype = usertypes.id WHERE users.id = :id";
-        $stmt3  = $yaptc_db->prepare($query3);
-        $stmt3->execute(array(
-            ':id' => $_SESSION['user_id']
-        ));
-        $user3 = $stmt3->fetchObject();
-        return $user3->usertype;
-    }
-}
+

 // Punch Out
-function punchOut($yaptc_db, $punchid, $notes)
+function punchOut($yaptc_db, $punchid, $notes, $outtime, $modified=NULL)
 {
-$stmt = $yaptc_db->prepare("UPDATE punches SET punches.outtime = NOW(), punches.notes = :notes WHERE punches.id = :punchid;");
+$stmt = $yaptc_db->prepare("UPDATE punches SET punches.outtime = :outtime, punches.notes = :notes, punches.modified = :modified WHERE punches.id = :punchid;");
 $stmt->execute(array(
    ':punchid' => $punchid,
+    ':modified' => $modified,
+    ':outtime' => $outtime,
    ':notes' => $notes
    ));
 }

 // Punch In
-function punchIn($yaptc_db, $userid, $notes)
+function punchIn($yaptc_db, $userid, $notes, $punchtime, $modified=NULL)
 {
-$stmt = $yaptc_db->prepare("INSERT INTO punches (punches.userid, punches.notes, punches.intime) VALUES (:userid, :notes, NOW());");
+$stmt = $yaptc_db->prepare("INSERT INTO punches (punches.userid, punches.notes, punches.intime, punches.modified) VALUES (:userid, :notes, :punchtime, :modified);");
 $stmt->execute(array(
    ':userid' => $userid,
-    ':notes' => $notes
+    ':notes' => $notes,
+    ':punchtime' => $punchtime,
+    ':modified' => $modified
    ));
 }

@@ -96,16 +68,140 @@ function getPunchStatus($yaptc_db, $userid)
    return array ($result['punchid'], $result['userid'], $result['intime'], $result['outtime'], $result['notes']);
 }

+
+
+// List punches sorted by intime.  Pass uid or % for all.  Pass limit to restrict row results.  Default is set to tons of 9's because no wildcard exists for limit in mysql or pgsql
+function listPunches($db, $uid, $limit = "999999999999999") {
+    $stmt = $db->prepare('
+        SELECT
+        ROUND(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600,2) AS punchhours,
+        punches.id as punchid,
+        punches.intime as intime,
+        punches.outtime as outtime,
+        users.id AS userid,
+        users.firstname as firstname,
+        users.lastname as lastname,
+        REPLACE (punches.modified, "1", "YES") as modified,
+        punches.notes as notes
+        FROM yaptc.punches
+        INNER JOIN yaptc.users ON punches.userid = users.id
+        WHERE users.id LIKE :uid
+        ORDER BY punches.intime DESC
+        LIMIT :limit
+    ');
+    $stmt->execute(array(
+        ':uid' => $uid,
+        ':limit' => $limit,
+    ));
+    return $stmt->fetchAll(PDO::FETCH_ASSOC);
+}
+
+// Get user info from user id.  Pass uid or % for all.
+function getUserInfo($db, $uid) {
+    $stmt = $db->prepare('
+        SELECT
+        users.id AS userid,
+        users.username AS username,
+        users.firstname AS firstname,
+        users.lastname AS lastname,
+        users.email AS email,
+        usertypes.typename AS usertype,
+        usertypes.id AS usertypeid,
+        users.created AS created,
+        users.password AS password
+        FROM yaptc.users
+        INNER JOIN yaptc.usertypes ON users.usertype = usertypes.id
+        WHERE users.id LIKE :uid
+        ORDER BY users.lastname ASC;
+    ');
+    $stmt->execute(array(
+        ':uid' => $uid
+    ));
+    return $stmt->fetchAll(PDO::FETCH_ASSOC);
+}
+
+
+// Update user profile
+function updateUserPassword($yaptc_db, $userid, $password)
+{
+$stmt = $yaptc_db->prepare("UPDATE users SET password = :password WHERE id = :userid;");
+$stmt->execute(array(
+    ':userid' => $userid,
+    ':password' => $password,
+    ));
+}
+
+
+
+// Set user info from user id
+function setUserInfo($db, $uid, $firstname, $lastname, $email, $usertypeid, $password) {
+    $stmt = $db->prepare('
+        UPDATE
+        yaptc.users
+        SET
+        firstname = :firstname,
+        lastname = :lastname,
+        email = :email,
+        usertype = :usertypeid,
+        password = :password
+        WHERE id = :uid
+    ');
+    $stmt->execute(array(
+        ':uid' => $uid,
+        ':firstname' => $firstname,
+        ':lastname' => $lastname,
+        ':email' => $email,
+        ':usertypeid' => $usertypeid,
+        ':password' => $password,
+    ));
+
+}
+
 // Report - Weekly Hours by Week then User
-function reportWeeklyByUser($yaptc_db) {
-   $stmt = $yaptc_db->query("SELECT YEAR(punches.intime) AS g_year, WEEK(punches.intime) AS g_week, ROUND(SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600),2) AS punchhours, punches.id as punchid, users.id as user, users.username as username, users.firstname as firstname, users.lastname as lastname, punches.intime as intime, punches.outtime as outtime, punches.notes as notes, punches.modified as modified FROM punches INNER JOIN users ON punches.userid = users.id GROUP BY g_year, g_week, users.username;");
-   return $stmt->fetchAll(PDO::FETCH_ASSOC);
+function reportWeeklyByUser($yaptc_db)
+{
+    $statement = $yaptc_db->prepare('
+        SELECT
+        YEAR(punches.intime) AS g_year,
+        WEEK(punches.intime) AS g_week,
+        ROUND(SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600),2) AS punchhours,
+        punches.intime as intime,
+        punches.outtime as outtime,
+        users.firstname as firstname,
+        users.lastname as lastname,
+        REPLACE (punches.modified, "1", "YES") as modified,
+        punches.notes as notes
+        FROM yaptc.punches
+        INNER JOIN yaptc.users ON punches.userid = users.id
+        GROUP BY g_year, g_week, users.username
+    ');
+    $statement->execute();
+    return $statement->fetchAll(PDO::FETCH_ASSOC);
 }

 // Report - Monthly Hours by Month then User
-function reportMonthlyByUser($yaptc_db) {
-   $stmt = $yaptc_db->query("SELECT YEAR(punches.intime) AS g_year, MONTHNAME(punches.intime) AS g_month, ROUND(SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600),2) AS punchhours, punches.id as punchid, users.id as user, users.username as username, users.firstname as firstname, users.lastname as lastname, punches.intime as intime, punches.outtime as outtime, punches.notes as notes, punches.modified as modified FROM punches INNER JOIN users ON punches.userid = users.id GROUP BY g_year, g_month, users.username;");
-   return $stmt->fetchAll(PDO::FETCH_ASSOC);
+function reportMonthlyByUser($yaptc_db)
+{
+    $statement = $yaptc_db->prepare('
+        SELECT
+        YEAR(punches.intime) AS g_year,
+        MONTHNAME(punches.intime) AS g_month,
+        ROUND(SUM(TIME_TO_SEC(TIMEDIFF(punches.outtime, punches.intime))/3600),2) AS punchhours,
+        punches.intime as intime,
+        punches.outtime as outtime,
+        users.firstname as firstname,
+        users.lastname as lastname,
+        REPLACE (punches.modified, "1", "YES") as modified,
+        punches.notes as notes
+        FROM yaptc.punches
+        INNER JOIN yaptc.users ON punches.userid = users.id
+        GROUP BY g_year, g_month, users.username;
+    ');
+    $statement->execute();
+    return $statement->fetchAll(PDO::FETCH_ASSOC);
 }

+
+
+// EOF
 ?>
--- a/includes/menu.inc.php
+++ b/includes/menu.inc.php
@@ -12,38 +12,39 @@
            <?php


-// Get login status and access level
-if (getSessionStatus() == true) { $userLogged = true; $userAccess = getSessionAccess($yaptc_db); } else { $userLogged = false; $userAccess = ""; }
+// Get logged-in user's profile information
+$session_user = getUserInfo($db, $_SESSION['user_id']);
+$session_status = getSessionStatus();

-// All menu options - only ones with permissions allowed are shown to logged-in users.
-// Home
-if ($userLogged == true) {
-  echo '<li'; if ($yaptc_pagename=='Home') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="index.php">Home</a></li>';
-  }
-// Profile
-if ($userLogged == true) {
-  echo '<li'; if ($yaptc_pagename=='Profile') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="profile.php">Profile</a></li>';
-  }
-// Punch Log
-if ($userLogged == true) {
-  echo '<li'; if ($yaptc_pagename=='Punch Log') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="punchlog.php">Punch Log</a></li>';
-  }
-// Users
-if ($userLogged == true && $userAccess == "Administrator") {
-  echo '<li'; if ($yaptc_pagename=='Users') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="users.php">Users</a></li>';
-  }
-// Reports
-if ($userLogged == true && $userAccess == "Administrator") {
-  echo '<li'; if ($yaptc_pagename=='Reports') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="reports.php">Reports</a></li>';
-  }       
-// Logout
-if ($userLogged == true) {
-  echo '<li'; if ($yaptc_pagename=='Logout') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="logout.php">Logout</a></li>';
-  }
-// Login
-if ($userLogged == false) {
+// Menu Setup
+
+// For logged-out users
+if ($session_status == false):
  echo '<li'; if ($yaptc_pagename=='Login') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="login.php">Login</a></li>';
-  }
+// For logged-in users, depending on access
+elseif ($session_status == true):
+// Home
+echo '<li'; if ($yaptc_pagename=='Home'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="index.php">Home</a></li>';
+// Profile Menu
+echo '<li'; if ($yaptc_pagename=='Profile'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="profile.php">Profile</a></li>';
+// Punch Log Menu
+echo '<li'; if ($yaptc_pagename=='Punch Log'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="punchlog.php">Punch Log</a></li>';
+// Users Menu
+if ($session_user["0"]["usertype"] == "Administrator"):
+  echo '<li'; if ($yaptc_pagename=='Users'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="users.php">Users</a></li>';
+endif;
+// Manual Punch
+if ($session_user["0"]["usertype"] == "Administrator"):
+  echo '<li'; if ($yaptc_pagename=='Manual Punch'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="manualpunch.php">Manual Punch</a></li>';
+endif;
+// Reports Menu
+if ($session_user["0"]["usertype"] == "Administrator"):
+  echo '<li'; if ($yaptc_pagename=='Reports'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="reports.php">Reports</a></li>';
+endif;
+// Logout Menu
+echo '<li'; if ($yaptc_pagename=='Logout'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="logout.php">Logout</a></li>';
+
+endif;

 ?>
          </ul>
@@ -54,7 +55,7 @@ if ($userLogged == false) {

        <div class="header">
          <h1><?php echo $yaptc_pagename; ?></h1>
-          <h2><?php if (isset($_SESSION['user_id'])): echo "Logged as: " . $_SESSION['firstname'] . ' ' . $_SESSION['lastname']; else: echo "Please log in to use the timecard system"; endif; ?></h2>
+          <h2><?php if (isset($_SESSION['user_id'])): echo "User: " . $session_user["0"]["firstname"] . ' ' . $session_user["0"]["lastname"]; else: echo "Please log in to use the timecard system"; endif; ?></h2>
          <h4><?php if (!empty($adminmessage)): echo "<div class=\"adminmessage\">" . $adminmessage . "</div>"; endif; ?></h4>
        </div>

--- a/includes/side-menu.css
+++ b/includes/side-menu.css
@@ -31,32 +31,33 @@ body {
 }
 /*The content `<div>` is where all your content goes.*/
 .content {
-	margin:0 auto;
-	padding:0 2em;
+	margin:0;
+	padding:0;
 	max-width:800px;
 	margin-bottom:50px;
-	line-height:1.6em;
+	line-height:1em;
 }
 .header {
 	margin:0;
 	color:#333;
-	text-align:center;
-	padding:2.5em 2em 0;
-	border-bottom:1px solid #eee;
+	padding:.0;
+	border-bottom:2px solid #eee;
 }
 .header h1 {
-	margin:0.2em 0;
+	margin:0;
 	font-size:3em;
 	font-weight:300;
+	padding:0;	
 }
 .header h2 {
+	margin:0;
+	font-size:1em;
 	font-weight:300;
-	color:#ccc;
 	padding:0;
-	margin-top:0;
+	color:#888;
 }
-.content-subhead {
-	margin:50px 0 20px 0;
+.content-subhead {		
+	margin:1em 0 0 0;	
 	font-weight:300;
 	color: #888;
 }