MAJOR updatesgit add --all
This commit is contained in:
parent
e54b722bf5
commit
73c7c17219
@ -7,10 +7,9 @@ $yaptc_appname = 'Timecard System'; // Program name to display in
|
|||||||
$yaptc_company = 'Widgets, Inc.'; // Your company name
|
$yaptc_company = 'Widgets, Inc.'; // Your company name
|
||||||
$yaptc_db = new PDO('mysql:host=localhost;dbname=YOUR_DATABASE;charset=utf8', 'YOUR_USER', 'YOUR_PASSWORD'); // Database connection string
|
$yaptc_db = new PDO('mysql:host=localhost;dbname=YOUR_DATABASE;charset=utf8', 'YOUR_USER', 'YOUR_PASSWORD'); // Database connection string
|
||||||
$db = new PDO('mysql:host=localhost;dbname=YOUR_DATABASE;charset=utf8', 'YOUR_USER', 'YOUR_PASSWORD'); // Database connection string
|
$db = new PDO('mysql:host=localhost;dbname=YOUR_DATABASE;charset=utf8', 'YOUR_USER', 'YOUR_PASSWORD'); // Database connection string
|
||||||
$yaptc_adminmsg = ''; // Message will display on all pages!
|
|
||||||
$yaptc_allowadvancedpunch = 'yes'; // Should we allow users to make manual punch entries? set to yes or no
|
$yaptc_allowadvancedpunch = 'yes'; // Should we allow users to make manual punch entries? set to yes or no
|
||||||
$yaptc_min_password = '8'; // Minimum password length
|
$yaptc_min_password = '8'; // Minimum password length
|
||||||
$yaptc_language = 'en'; // Language
|
$yaptc_language = 'en'; // 2-character language code. Used to set HTML header and language template
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -1,8 +1,9 @@
|
|||||||
</div>
|
</div>
|
||||||
<div class="header">
|
<div class="header">
|
||||||
<h2><?php echo lang('SERVER_TIME') . ": " . $timenow; ?></h2>
|
<h2><?php echo lang('SERVER_TIME') . ": " . $timenow . " - - - " . lang('SOFTWARE_VERSION') . ": " . $yaptc_version; ?></h2>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<script src="<?php echo $yaptc_libweb; ?>ui.js"></script>
|
</div>
|
||||||
</body>
|
<script src="<?php echo $yaptc_libweb; ?>ui.js"></script>
|
||||||
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
@ -3,15 +3,65 @@
|
|||||||
// Languages
|
// Languages
|
||||||
function lang($phrase){
|
function lang($phrase){
|
||||||
static $lang = array(
|
static $lang = array(
|
||||||
|
'ACCOUNT_INFO_HEADER' => 'Account Information',
|
||||||
|
'ACCOUNT_INFO_DESC' => 'You may make changes to your user profile below. To change your password, enter a new password twice below and press save. Minimum password length is ',
|
||||||
|
'USER_LIST_HEADER' => 'User List',
|
||||||
|
'USER_LIST_DESC' => 'Delete or Punch users from the actions column. Eventually, password resets will also be enabled.',
|
||||||
|
'PUNCH_HISTORY_HEADER' => 'Punch History',
|
||||||
|
'PUNCH_HISTORY_DESC' => 'The following is your entire punch history, most recent first.',
|
||||||
'NO_PUNCHES' => 'You have no recorded punches',
|
'NO_PUNCHES' => 'You have no recorded punches',
|
||||||
|
'NOT_AUTHORIZED' => 'Not Authorized!',
|
||||||
'OUT' => 'Out',
|
'OUT' => 'Out',
|
||||||
'IN' => 'In',
|
'IN' => 'In',
|
||||||
|
'ADD_USER' => 'Add User',
|
||||||
|
'ADD_USER_DESC' => 'All fields are required! Username and email must be unique. Minimum password length is ',
|
||||||
|
'HOURS' => 'Hours',
|
||||||
|
'FLAG' => 'Flag',
|
||||||
|
'NOTES' => 'Notes',
|
||||||
|
'HOME' => 'Home',
|
||||||
|
'LOGIN' => 'Login',
|
||||||
|
'LOGOUT' => 'Logout',
|
||||||
|
'ACCOUNT' => 'Account',
|
||||||
|
'META_DESC' => 'YAPTC Timecard system is a time recording application for small businesses.',
|
||||||
|
'USERS' => 'Manage Users',
|
||||||
|
'SAVE' => 'Save',
|
||||||
|
'NEW' => 'New',
|
||||||
|
'NAME' => 'Name',
|
||||||
|
'CONFIRM' => 'Confirm',
|
||||||
|
'PUNCH' => 'Punch',
|
||||||
|
'NOTES_PLACEHOLDER' => 'Enter notes if needed',
|
||||||
|
'USERNAME' => 'Username',
|
||||||
|
'DELETE_WARNING' => '********* WARNING! ********** Are you SURE you want to DELETE this user AND ALL ASSOCIATED PUNCHES!?!? There is NO UNDO!',
|
||||||
|
'ACTIONS' => 'Actions',
|
||||||
|
'CREATED' => 'Created',
|
||||||
|
'MIN_PASSWORD_LENGTH' => 'Minimum password length is ',
|
||||||
|
'USERTYPE' => 'User Type',
|
||||||
|
'ILLEGAL_CHARACTERS' => 'Username contains illegal characters',
|
||||||
|
'PASSWORD_NOTMATCH' => 'Passwords do not match',
|
||||||
|
'EMAIL_NOTVALID' => 'Email address not valid',
|
||||||
|
'USERNAME_NOTEMPTY' => 'Username cannot be empty',
|
||||||
|
'PASSWORD_NOTEMPTY' => 'Password cannot be empty',
|
||||||
|
'USERNAME_USED' => 'Username already in use',
|
||||||
|
'EMAIL_USED' => 'Email already in use',
|
||||||
|
'PASSWORD_NOTCONFIRMED' => 'Password must be confirmed',
|
||||||
|
'PASSWORD' => 'Password',
|
||||||
|
'USER' => 'User',
|
||||||
|
'FIRSTNAME' => 'First Name',
|
||||||
|
'LASTNAME' => 'Last Name',
|
||||||
|
'EMAIL' => 'E-Mail',
|
||||||
|
'USER_INFORMATION' => 'User Information',
|
||||||
|
'PUNCH_EDITOR' => 'Punch Edit',
|
||||||
|
'PLEASE_LOG_IN' => 'Please log in to use the timecard system',
|
||||||
|
'REPORTS' => 'Reports',
|
||||||
'SINCE' => 'since',
|
'SINCE' => 'since',
|
||||||
'PUNCH_STATUS' => 'Punch Status',
|
'PUNCH_STATUS' => 'Punch Status',
|
||||||
'SERVER_TIME' => 'Server Time',
|
'SERVER_TIME' => 'Server Time',
|
||||||
'QUICK_PUNCH_PARAGRAPH' => 'Click below to immediately punch your time. You may enter notes for your administrator to review.',
|
'QUICK_PUNCH_PARAGRAPH' => 'Click below to immediately punch your time. You may enter notes for your administrator to review.',
|
||||||
|
'ADVANCED_PUNCH_PARAGRAPH' => 'Click the punch button to immediately punch your time. You may also make changes to the defaults. Note that changing the punch time will result in a flag on the punch for your administrator to review.',
|
||||||
'YOU_HAVE_BEEN_PUNCHED' => 'You have been punched',
|
'YOU_HAVE_BEEN_PUNCHED' => 'You have been punched',
|
||||||
'QUICK_PUNCH' => 'Quick Punch'
|
'QUICK_PUNCH' => 'Quick Punch',
|
||||||
|
'SOFTWARE_VERSION' => 'Software Version',
|
||||||
|
'ADVANCED_PUNCH' => 'Advanced Punch'
|
||||||
);
|
);
|
||||||
return $lang[$phrase];
|
return $lang[$phrase];
|
||||||
}
|
}
|
||||||
@ -20,6 +70,9 @@ function lang($phrase){
|
|||||||
// Current Time
|
// Current Time
|
||||||
$timenow = date('Y-m-d H:i:s');
|
$timenow = date('Y-m-d H:i:s');
|
||||||
|
|
||||||
|
// This Version
|
||||||
|
$yaptc_version = 'yaptc 0.8-beta';
|
||||||
|
|
||||||
// Get user list for users management page
|
// Get user list for users management page
|
||||||
function listUsers($yaptc_db) {
|
function listUsers($yaptc_db) {
|
||||||
$stmt = $yaptc_db->query("SELECT users.id as userid, users.username as username, users.email as email, users.created as created, users.firstname as firstname, users.lastname as lastname, users.usertype as usertypeid, usertypes.typename as usertype
|
$stmt = $yaptc_db->query("SELECT users.id as userid, users.username as username, users.email as email, users.created as created, users.firstname as firstname, users.lastname as lastname, users.usertype as usertypeid, usertypes.typename as usertype
|
||||||
|
@ -1,28 +1,27 @@
|
|||||||
<!doctype html>
|
<!doctype html>
|
||||||
<html lang="en">
|
<html lang="<?php echo $yaptc_language; ?>">
|
||||||
<head>
|
<head>
|
||||||
<meta charset="utf-8">
|
<meta charset="utf-8" />
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
||||||
<meta name="description" content="YAPTC Timecard system is a time recording application for small businesses.">
|
<meta name="description" content="<?php echo lang('META_DESC'); ?>" />
|
||||||
<title><?php echo $yaptc_company . ">" . $yaptc_appname . ">" . $yaptc_pagename; ?></title>
|
<title><?php echo $yaptc_company . " > " . $yaptc_appname . " > " . $yaptc_pagename; ?></title>
|
||||||
<link rel="stylesheet" href="<?php echo $yaptc_libweb; ?>pure/pure.css">
|
<link rel="stylesheet" href="<?php echo $yaptc_libweb; ?>pure/pure.css" />
|
||||||
|
<!--[if lte IE 8]>
|
||||||
|
<link rel="stylesheet" href="<?php echo $yaptc_incweb; ?>side-menu-old-ie.css" />
|
||||||
|
<![endif]-->
|
||||||
<!--[if lte IE 8]>
|
<!--[if gt IE 8]>
|
||||||
<link rel="stylesheet" href="<?php echo $yaptc_incweb; ?>side-menu-old-ie.css">
|
<!-->
|
||||||
<![endif]-->
|
<link rel="stylesheet" href="<?php echo $yaptc_incweb; ?>side-menu.css" />
|
||||||
<!--[if gt IE 8]><!-->
|
<!--
|
||||||
<link rel="stylesheet" href="<?php echo $yaptc_incweb; ?>side-menu.css">
|
<![endif]-->
|
||||||
<!--<![endif]-->
|
<!--[if lte IE 8]>
|
||||||
|
<link rel="stylesheet" href="<?php echo $yaptc_libweb; ?>pure/grids-responsive-old-ie-min.css" />
|
||||||
<!--[if lte IE 8]>
|
<![endif]-->
|
||||||
<link rel="stylesheet" href="<?php echo $yaptc_libweb; ?>pure/grids-responsive-old-ie-min.css">
|
<!--[if gt IE 8]>
|
||||||
<![endif]-->
|
<!-->
|
||||||
<!--[if gt IE 8]><!-->
|
<link rel="stylesheet" href="<?php echo $yaptc_libweb; ?>pure/grids-responsive-min.css" />
|
||||||
<link rel="stylesheet" href="<?php echo $yaptc_libweb; ?>pure/grids-responsive-min.css">
|
<!--
|
||||||
<!--<![endif]-->
|
<![endif]-->
|
||||||
|
</head>
|
||||||
</head>
|
<body>
|
||||||
<body>
|
<div id="layout">
|
||||||
|
|
||||||
|
@ -1,62 +1,35 @@
|
|||||||
<div id="layout">
|
<?php
|
||||||
<!-- Menu toggle -->
|
if (isset($_SESSION['user_id'])): $session_user = getUserInfo($db, $_SESSION['user_id']); endif;
|
||||||
<a href="#menu" id="menuLink" class="menu-link">
|
|
||||||
<!-- Hamburger icon -->
|
|
||||||
<span></span>
|
|
||||||
</a>
|
|
||||||
|
|
||||||
<div id="menu">
|
|
||||||
<div class="pure-menu pure-menu-open">
|
|
||||||
<a class="pure-menu-heading" href="index.php"><?php echo $yaptc_company; ?></a>
|
|
||||||
<ul>
|
|
||||||
<?php
|
|
||||||
|
|
||||||
|
|
||||||
// Get logged-in user's profile information
|
|
||||||
$session_user = getUserInfo($db, $_SESSION['user_id']);
|
|
||||||
$session_status = getSessionStatus();
|
$session_status = getSessionStatus();
|
||||||
|
|
||||||
// Menu Setup
|
|
||||||
|
|
||||||
// For logged-out users
|
|
||||||
if ($session_status == false):
|
|
||||||
echo '<li'; if ($yaptc_pagename=='Login') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="login.php">Login</a></li>';
|
|
||||||
// For logged-in users, depending on access
|
|
||||||
elseif ($session_status == true):
|
|
||||||
// Home
|
|
||||||
echo '<li'; if ($yaptc_pagename=='Home'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="index.php">Home</a></li>';
|
|
||||||
// Profile Menu
|
|
||||||
echo '<li'; if ($yaptc_pagename=='Profile'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="profile.php">Profile</a></li>';
|
|
||||||
// Punch Log Menu
|
|
||||||
echo '<li'; if ($yaptc_pagename=='Punch Log'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="punchlog.php">Punch Log</a></li>';
|
|
||||||
// Users Menu
|
|
||||||
if ($session_user["0"]["usertype"] == "Administrator"):
|
|
||||||
echo '<li'; if ($yaptc_pagename=='Users'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="users.php">Users</a></li>';
|
|
||||||
endif;
|
|
||||||
// Manual Punch
|
|
||||||
if ($session_user["0"]["usertype"] == "Administrator"):
|
|
||||||
echo '<li'; if ($yaptc_pagename=='Manual Punch'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="manualpunch.php">Manual Punch</a></li>';
|
|
||||||
endif;
|
|
||||||
// Reports Menu
|
|
||||||
if ($session_user["0"]["usertype"] == "Administrator"):
|
|
||||||
echo '<li'; if ($yaptc_pagename=='Reports'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="reports.php">Reports</a></li>';
|
|
||||||
endif;
|
|
||||||
// Logout Menu
|
|
||||||
echo '<li'; if ($yaptc_pagename=='Logout'): echo ' class="pure-menu-selected">'; else: echo '>'; endif; echo '<a href="logout.php">Logout</a></li>';
|
|
||||||
|
|
||||||
endif;
|
|
||||||
|
|
||||||
?>
|
?>
|
||||||
</ul>
|
<!-- SIDE MENU -->
|
||||||
</div>
|
<a href="#menu" id="menuLink" class="menu-link"><span></span></a>
|
||||||
</div>
|
<div id="menu">
|
||||||
|
<div class="pure-menu pure-menu-open">
|
||||||
<div id="main">
|
<a class="pure-menu-heading" href="index.php"><?php echo $yaptc_company; ?></a>
|
||||||
|
<ul>
|
||||||
<div class="header">
|
<?php if ($session_status == false): ?>
|
||||||
<h1><?php echo $yaptc_pagename; ?></h1>
|
<!-- MENU FOR ALL LOGGED OUT -->
|
||||||
<h2><?php if (isset($_SESSION['user_id'])): echo "User: " . $session_user["0"]["firstname"] . ' ' . $session_user["0"]["lastname"]; else: echo "Please log in to use the timecard system"; endif; ?></h2>
|
<li class="<?php if ($yaptc_pagename==lang('LOGIN')): echo "pure-menu-selected"; endif; ?>"><a href="login.php"><?php echo lang('LOGIN'); ?></a></li>
|
||||||
<h4><?php if (!empty($adminmessage)): echo "<div class=\"adminmessage\">" . $adminmessage . "</div>"; endif; ?></h4>
|
<?php elseif ($session_status == true): ?>
|
||||||
</div>
|
<!-- MENU FOR ALL LOGGED IN -->
|
||||||
|
<li class="<?php if ($yaptc_pagename==lang('HOME')): echo "pure-menu-selected"; endif; ?>"><a href="index.php"><?php echo lang('HOME'); ?></a></li>
|
||||||
<div class="content">
|
<li class="<?php if ($yaptc_pagename==lang('ACCOUNT')): echo "pure-menu-selected"; endif; ?>"><a href="profile.php"><?php echo lang('ACCOUNT'); ?></a></li>
|
||||||
|
<?php if ($session_user["0"]["usertype"] == "Administrator"): ?>
|
||||||
|
<!-- ADDITIONAL MENU IF LOGGED IN AS ADMIN -->
|
||||||
|
<li class="<?php if ($yaptc_pagename==lang('USERS')): echo "pure-menu-selected"; endif; ?>"><a href="users.php"><?php echo lang('USERS'); ?></a></li>
|
||||||
|
<li class="<?php if ($yaptc_pagename==lang('PUNCH_EDITOR')): echo "pure-menu-selected"; endif; ?>"><a href="manualpunch.php"><?php echo lang('PUNCH_EDITOR'); ?></a></li>
|
||||||
|
<li class="<?php if ($yaptc_pagename==lang('REPORTS')): echo "pure-menu-selected"; endif; ?>"><a href="reports.php"><?php echo lang('REPORTS'); ?></a></li>
|
||||||
|
<?php endif; ?>
|
||||||
|
<!-- MENU FOR ALL LOGGED IN - BOTTOM END -->
|
||||||
|
<li class="<?php if ($yaptc_pagename==lang('LOGOUT')): echo "pure-menu-selected"; endif; ?>"><a href="logout.php"><?php echo lang('LOGOUT'); ?></a></li>
|
||||||
|
<?php endif; ?>
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div id="main">
|
||||||
|
<div class="header">
|
||||||
|
<h1><?php echo $yaptc_pagename; ?></h1>
|
||||||
|
<h2><?php if (isset($_SESSION['user_id'])): echo lang('USER') . ": " . $session_user["0"]["firstname"] . ' ' . $session_user["0"]["lastname"]; else: echo lang('PLEASE_LOG_IN'); endif; ?></h2>
|
||||||
|
</div>
|
||||||
|
<div class="content">
|
||||||
|
@ -38,19 +38,19 @@ body {
|
|||||||
line-height:1em;
|
line-height:1em;
|
||||||
}
|
}
|
||||||
.header {
|
.header {
|
||||||
margin:.25em 0 0 0;
|
margin:.25em 0 1em 0;
|
||||||
color:#333;
|
color:#333;
|
||||||
padding:.0;
|
padding:0;
|
||||||
border-bottom:2px solid #eee;
|
border-bottom:2px solid #eee;
|
||||||
}
|
}
|
||||||
.header h1 {
|
.header h1 {
|
||||||
margin:0;
|
margin:.25em 0 0 0;
|
||||||
font-size:2em;
|
font-size:2em;
|
||||||
font-weight:300;
|
font-weight:300;
|
||||||
padding:0;
|
padding:0;
|
||||||
}
|
}
|
||||||
.header h2 {
|
.header h2 {
|
||||||
margin:0;
|
margin:.25em 0 0 0;
|
||||||
font-size:1em;
|
font-size:1em;
|
||||||
font-weight:300;
|
font-weight:300;
|
||||||
padding:0;
|
padding:0;
|
||||||
@ -63,7 +63,7 @@ body {
|
|||||||
font-size:1.5em;
|
font-size:1.5em;
|
||||||
}
|
}
|
||||||
.content p {
|
.content p {
|
||||||
margin:.25em 0 1em 0;
|
margin:.25em 0 0 0;
|
||||||
font-weight:300;
|
font-weight:300;
|
||||||
color: #888;
|
color: #888;
|
||||||
font-size:1em;
|
font-size:1em;
|
||||||
|
82
index.php
82
index.php
@ -2,15 +2,15 @@
|
|||||||
session_start();
|
session_start();
|
||||||
require_once("config.inc.php");
|
require_once("config.inc.php");
|
||||||
require_once($yaptc_inc . "functions.inc.php");
|
require_once($yaptc_inc . "functions.inc.php");
|
||||||
$yaptc_pagename = "Home";
|
$yaptc_pagename = lang('HOME');
|
||||||
require_once($yaptc_inc . "header.inc.php");
|
require_once($yaptc_inc . "header.inc.php");
|
||||||
require_once($yaptc_inc . "menu.inc.php");
|
require_once($yaptc_inc . "menu.inc.php");
|
||||||
if (getSessionStatus() == false):
|
if (getSessionStatus() == false):
|
||||||
killSession();
|
killSession();
|
||||||
else: ?>
|
else: ?>
|
||||||
<!-- ********** BEGIN CONTENT ********** -->
|
<!-- ********** BEGIN CONTENT ********** -->
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
|
// Get punch status for buttons and times
|
||||||
$session_punch = listPunches($db, $session_user["0"]["userid"], 1);
|
$session_punch = listPunches($db, $session_user["0"]["userid"], 1);
|
||||||
if (!isset($session_punch['0']['intime'])):
|
if (!isset($session_punch['0']['intime'])):
|
||||||
$session_status = lang('OUT');
|
$session_status = lang('OUT');
|
||||||
@ -28,50 +28,52 @@ else:
|
|||||||
$session_message = lang('PUNCH_STATUS') . ": " . $session_status . " " . lang('SINCE') . " " . date('g:i a \o\n M jS, Y', strtotime($statustime));
|
$session_message = lang('PUNCH_STATUS') . ": " . $session_status . " " . lang('SINCE') . " " . date('g:i a \o\n M jS, Y', strtotime($statustime));
|
||||||
endif;
|
endif;
|
||||||
endif;
|
endif;
|
||||||
?>
|
|
||||||
|
|
||||||
|
// Process posted data from quickpunch section
|
||||||
|
if (isset($_POST['quickpunch'])):
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<h2 class="content-subhead"><?php echo lang('QUICK_PUNCH'); ?></h2>
|
|
||||||
<p><?php echo $session_message; ?></p>
|
|
||||||
<p><?php echo lang('QUICK_PUNCH_PARAGRAPH'); ?></p>
|
|
||||||
<form class="pure-form pure-form-stacked" action="index.php" method="post">
|
|
||||||
<fieldset id="punch">
|
|
||||||
<input type="text" name="notes" placeholder="Enter notes if needed" maxlength="255" value="<?php if (isset($notes)): echo $notes; endif; ?>">
|
|
||||||
<?php if ($session_status == lang('IN')): ?>
|
|
||||||
<button type="submit" class="pure-button button-success pure-button-disabled">Punch IN</button>
|
|
||||||
<button type="submit" class="pure-button button-error">Punch OUT</button>
|
|
||||||
<?php elseif ($session_status == lang('OUT')): ?>
|
|
||||||
<button type="submit" class="pure-button button-success">Punch IN</button>
|
|
||||||
<button type="submit" class="pure-button button-error pure-button-disabled">Punch OUT</button>
|
|
||||||
<?php endif; ?>
|
|
||||||
</fieldset>
|
|
||||||
</form>
|
|
||||||
|
|
||||||
<?php
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
$punchtime = date('Y-m-d H:i:s');
|
|
||||||
if (!empty($_POST)):
|
|
||||||
if (!empty($_POST['notes'])): $notes = $_POST['notes']; else: $notes = NULL; endif;
|
if (!empty($_POST['notes'])): $notes = $_POST['notes']; else: $notes = NULL; endif;
|
||||||
if ($session_status == lang('IN')): punchOut($yaptc_db, $punchid, $notes, $punchtime, NULL);
|
if ($session_status == lang('IN')): punchOut($yaptc_db, $punchid, $notes, $timenow, NULL);
|
||||||
|
elseif ($session_status == lang('OUT')): punchIn($yaptc_db, $_SESSION['user_id'], $notes, $timenow, NULL);
|
||||||
|
endif;
|
||||||
|
header('Location: ' . $_SERVER['PHP_SELF']);
|
||||||
|
endif;
|
||||||
|
|
||||||
|
// Process posted data from advancedpunch section
|
||||||
|
if (isset($_POST['advancedpunch'])):
|
||||||
|
if (!empty($_POST['notes'])): $notes = $_POST['notes']; else: $notes = NULL; endif;
|
||||||
|
if (!empty($_POST['punchtime'])): $punchtime = $_POST['punchtime']; else: $punchtime = $timenow; endif;
|
||||||
|
if ($session_status == lang('IN')): punchOut($yaptc_db, $punchid, $notes, $timenow, NULL);
|
||||||
elseif ($session_status == lang('OUT')): punchIn($yaptc_db, $_SESSION['user_id'], $notes, $punchtime, NULL);
|
elseif ($session_status == lang('OUT')): punchIn($yaptc_db, $_SESSION['user_id'], $notes, $punchtime, NULL);
|
||||||
endif;
|
endif;
|
||||||
header('Location: ' . $_SERVER['PHP_SELF']);
|
header('Location: ' . $_SERVER['PHP_SELF']);
|
||||||
endif;
|
endif;
|
||||||
|
|
||||||
|
// HTML section for quick punch only
|
||||||
|
if ($yaptc_allowuseradvancedpunch == "no"): ?>
|
||||||
|
<h2 class="content-subhead"><?php echo lang('QUICK_PUNCH'); ?></h2>
|
||||||
|
<p><?php echo $session_message; ?></p>
|
||||||
|
<p><?php echo lang('QUICK_PUNCH_PARAGRAPH'); ?></p>
|
||||||
|
<form class="pure-form pure-form-stacked" action="index.php" method="post">
|
||||||
|
<fieldset>
|
||||||
|
<input type="text" name="notes" placeholder="<?php echo lang('NOTES_PLACEHOLDER'); ?>" maxlength="255" value="<?php if (isset($notes)): echo $notes; endif; ?>" />
|
||||||
|
<button type="submit" class="pure-button <?php echo lang('PUNCH') . " "; if ($session_status == lang('IN')): echo "button-error"; elseif ($session_status == lang('OUT')): echo "button-success"; endif;?>" name="quickpunch"><?php echo lang('PUNCH') . " "; if ($session_status == lang('IN')): echo lang('OUT'); elseif ($session_status == lang('OUT')): echo lang('IN'); endif;?></button>
|
||||||
|
</fieldset>
|
||||||
|
</form>
|
||||||
|
|
||||||
|
<?php
|
||||||
|
// HTML section for advanced punch only
|
||||||
|
elseif ($yaptc_allowuseradvancedpunch == "yes"): ?>
|
||||||
|
<h2 class="content-subhead"><?php echo lang('ADVANCED_PUNCH'); ?></h2>
|
||||||
|
<p><?php echo $session_message; ?></p>
|
||||||
|
<p><?php echo lang('ADVANCED_PUNCH_PARAGRAPH'); ?></p>
|
||||||
|
<form class="pure-form pure-form-stacked" action="index.php" method="post">
|
||||||
|
<fieldset>
|
||||||
|
<input type="text" name="punchtime" placeholder="<?php echo $timenow; ?>" />
|
||||||
|
<input type="text" name="notes" placeholder="<?php echo lang('NOTES_PLACEHOLDER'); ?>" maxlength="255" value="<?php if (isset($notes)): echo $notes; endif; ?>" />
|
||||||
|
<button type="submit" class="pure-button <?php echo lang('PUNCH') . " "; if ($session_status == lang('IN')): echo "button-error"; elseif ($session_status == lang('OUT')): echo "button-success"; endif;?>" name="advancedpunch"><?php echo lang('PUNCH') . " "; if ($session_status == lang('IN')): echo lang('OUT'); elseif ($session_status == lang('OUT')): echo lang('IN'); endif;?></button>
|
||||||
|
</fieldset>
|
||||||
|
</form>
|
||||||
|
|
||||||
?>
|
<?php endif; ?>
|
||||||
|
<!-- ********** END CONTENT ********** -->
|
||||||
|
|
||||||
|
|
||||||
<!-- ********** END CONTENT ********** -->
|
|
||||||
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>
|
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>
|
||||||
|
32
login.php
32
login.php
@ -2,18 +2,18 @@
|
|||||||
session_start();
|
session_start();
|
||||||
require_once("config.inc.php");
|
require_once("config.inc.php");
|
||||||
require_once($yaptc_inc . "functions.inc.php");
|
require_once($yaptc_inc . "functions.inc.php");
|
||||||
$yaptc_pagename = "Login";
|
$yaptc_pagename = lang('LOGIN');
|
||||||
require_once($yaptc_inc . "header.inc.php");
|
require_once($yaptc_inc . "header.inc.php");
|
||||||
require_once($yaptc_inc . "menu.inc.php");
|
require_once($yaptc_inc . "menu.inc.php");
|
||||||
if (getSessionStatus() == true):
|
if (getSessionStatus() == true):
|
||||||
header ("Refresh:3; url=index.php", true, 303);
|
header('Location: index.php');
|
||||||
echo "<h2 class=\"content-subhead\">You are already logged in...</h2>";
|
|
||||||
else: ?>
|
else: ?>
|
||||||
<!-- ********** BEGIN CONTENT ********** -->
|
<!-- ********** BEGIN CONTENT ********** -->
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
|
// hash password for comparison
|
||||||
require_once($yaptc_lib . "phpass-0.3/PasswordHash.php");
|
require_once($yaptc_lib . "phpass-0.3/PasswordHash.php");
|
||||||
$hasher = new PasswordHash(8, FALSE);
|
$hasher = new PasswordHash(8, FALSE);
|
||||||
|
// compare if posted
|
||||||
if (!empty($_POST)):
|
if (!empty($_POST)):
|
||||||
$query = "SELECT id, password, UNIX_TIMESTAMP(created) AS salt, firstname, lastname FROM users WHERE username = :username";
|
$query = "SELECT id, password, UNIX_TIMESTAMP(created) AS salt, firstname, lastname FROM users WHERE username = :username";
|
||||||
$stmt = $yaptc_db->prepare($query);
|
$stmt = $yaptc_db->prepare($query);
|
||||||
@ -30,20 +30,18 @@ if (!empty($_POST)):
|
|||||||
$_SESSION['lastname'] = $user->lastname;
|
$_SESSION['lastname'] = $user->lastname;
|
||||||
session_write_close();
|
session_write_close();
|
||||||
header("Location: index.php");
|
header("Location: index.php");
|
||||||
else:
|
|
||||||
header("Refresh:3; url=login.php", true, 303);
|
|
||||||
echo "<h2 class=\"content-subhead\">Login failed, please try again...</h2>";
|
|
||||||
endif;
|
endif;
|
||||||
endif;
|
endif;
|
||||||
?>
|
?>
|
||||||
<h2 class="content-subhead">User Login</h2>
|
|
||||||
<form class="pure-form" action="login.php" method="post">
|
|
||||||
<fieldset class="pure-group" id="login">
|
|
||||||
<input type="text" class="pure-input-1" placeholder="Username" id="username" name="username" />
|
|
||||||
<input type="password" class="pure-input-1" placeholder="Password" id="password" name="password" />
|
|
||||||
</fieldset>
|
|
||||||
<button type="submit" class="pure-button button-success pure-input-1 pure-button-primary" value="Login">Sign in</button>
|
|
||||||
</form>
|
|
||||||
|
|
||||||
<!-- ********** END CONTENT ********** -->
|
<h2 class="content-subhead"><?php echo lang('USER_INFORMATION'); ?></h2>
|
||||||
|
<form class="pure-form" action="login.php" method="post">
|
||||||
|
<fieldset class="pure-group" id="login">
|
||||||
|
<input type="text" class="pure-input-1" placeholder="<?php echo lang('USERNAME'); ?>" id="username" name="username" />
|
||||||
|
<input type="password" class="pure-input-1" placeholder="<?php echo lang('PASSWORD'); ?>" id="password" name="password" />
|
||||||
|
</fieldset>
|
||||||
|
<button type="submit" class="pure-button button-success pure-input-1 pure-button-primary" name="login"><?php echo lang('LOGIN'); ?></button>
|
||||||
|
</form>
|
||||||
|
|
||||||
|
<!-- ********** END CONTENT ********** -->
|
||||||
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>
|
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>
|
||||||
|
@ -2,16 +2,13 @@
|
|||||||
session_start();
|
session_start();
|
||||||
require_once("config.inc.php");
|
require_once("config.inc.php");
|
||||||
require_once($yaptc_inc . "functions.inc.php");
|
require_once($yaptc_inc . "functions.inc.php");
|
||||||
$yaptc_pagename = "Logout";
|
$yaptc_pagename = lang('LOGOUT');
|
||||||
require_once($yaptc_inc . "header.inc.php");
|
require_once($yaptc_inc . "header.inc.php");
|
||||||
require_once($yaptc_inc . "menu.inc.php");
|
require_once($yaptc_inc . "menu.inc.php");
|
||||||
if (getSessionStatus() == false):
|
if (getSessionStatus() == false):
|
||||||
killSession();
|
killSession();
|
||||||
else: ?>
|
else: ?>
|
||||||
<!-- ********** BEGIN CONTENT ********** -->
|
<!-- ********** BEGIN CONTENT ********** -->
|
||||||
|
|
||||||
<?php killSession(); ?>
|
<?php killSession(); ?>
|
||||||
<h2 class="content-subhead">Logging out...</h2>
|
<!-- ********** END CONTENT ********** -->
|
||||||
|
|
||||||
<!-- ********** END CONTENT ********** -->
|
|
||||||
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>
|
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>
|
||||||
|
99
profile.php
99
profile.php
@ -2,18 +2,17 @@
|
|||||||
session_start();
|
session_start();
|
||||||
require_once("config.inc.php");
|
require_once("config.inc.php");
|
||||||
require_once($yaptc_inc . "functions.inc.php");
|
require_once($yaptc_inc . "functions.inc.php");
|
||||||
$yaptc_pagename = "Profile";
|
$yaptc_pagename = lang('ACCOUNT');
|
||||||
require_once($yaptc_inc . "header.inc.php");
|
require_once($yaptc_inc . "header.inc.php");
|
||||||
require_once($yaptc_inc . "menu.inc.php");
|
require_once($yaptc_inc . "menu.inc.php");
|
||||||
if (getSessionStatus() == false):
|
if (getSessionStatus() == false):
|
||||||
killSession();
|
killSession();
|
||||||
else: ?>
|
else: ?>
|
||||||
<!-- ********** BEGIN CONTENT ********** -->
|
<!-- ********** BEGIN CONTENT ********** -->
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
if (!empty($_POST)):
|
if (isset($_POST['saveprofile'])):
|
||||||
if (empty($_POST['password']) && empty($_POST['newpassword2'])):
|
if (empty($_POST['password']) && empty($_POST['newpassword2'])):
|
||||||
setUserInfo($db, $session_user["0"]["userid"], $_POST['firstname'], $_POST['lastname'], $_POST['email'], $_POST['usertypeid'], $session_user["0"]["password"]);
|
setUserInfo($db, $session_user["0"]["userid"], $_POST['firstname'], $_POST['lastname'], $_POST['email'], $session_user["0"]["usertypeid"], $session_user["0"]["password"]);
|
||||||
header('Location: ' . $_SERVER['PHP_SELF']);
|
header('Location: ' . $_SERVER['PHP_SELF']);
|
||||||
elseif (strlen($_POST['password']) < $yaptc_min_password):
|
elseif (strlen($_POST['password']) < $yaptc_min_password):
|
||||||
echo "Password must be at least $yaptc_min_password characters.";
|
echo "Password must be at least $yaptc_min_password characters.";
|
||||||
@ -26,51 +25,59 @@ elseif (!empty($_POST['password']) && ($_POST['password'] = $_POST['newpassword2
|
|||||||
require_once($yaptc_lib . "phpass-0.3/PasswordHash.php");
|
require_once($yaptc_lib . "phpass-0.3/PasswordHash.php");
|
||||||
$hasher = new PasswordHash(8, FALSE);
|
$hasher = new PasswordHash(8, FALSE);
|
||||||
$password = $hasher->HashPassword($_POST['password']);
|
$password = $hasher->HashPassword($_POST['password']);
|
||||||
setUserInfo($db, $session_user["0"]["userid"], $_POST['firstname'], $_POST['lastname'], $_POST['email'], $_POST['usertypeid'], $password);
|
setUserInfo($db, $session_user["0"]["userid"], $_POST['firstname'], $_POST['lastname'], $_POST['email'], $session_user["0"]["usertypeid"], $password);
|
||||||
header('Location: ' . $_SERVER['PHP_SELF']);
|
header('Location: ' . $_SERVER['PHP_SELF']);
|
||||||
endif;
|
endif;
|
||||||
endif;
|
endif;
|
||||||
?>
|
?>
|
||||||
|
|
||||||
|
<h2 class="content-subhead"><?php echo lang('ACCOUNT_INFO_HEADER'); ?></h2>
|
||||||
|
<p><?php echo lang('ACCOUNT_INFO_DESC') . $yaptc_min_password; ?></p>
|
||||||
|
<form class="pure-form pure-form-stacked" action="profile.php" method="post">
|
||||||
|
<fieldset>
|
||||||
|
<div class="pure-g">
|
||||||
|
<div class="pure-u-1 pure-u-md-1-3">
|
||||||
|
<label for="username"><?php echo lang('USERNAME'); ?></label>
|
||||||
|
<input type="text" name="username" id="username" maxlength="50" value="<?php echo $session_user["0"]["username"]; ?>" readonly />
|
||||||
|
<label for="created"><?php echo lang('CREATED'); ?></label>
|
||||||
|
<input type="text" name="created" id="created" value="<?php echo $session_user["0"]["created"]; ?>" readonly />
|
||||||
|
<label for="usertype"><?php echo lang('USERTYPE'); ?></label>
|
||||||
|
<input type="text" name="usertype" id="usertype" maxlength="50" value="<?php echo $session_user["0"]["usertype"]; ?>" readonly />
|
||||||
|
</div>
|
||||||
|
<div class="pure-u-1 pure-u-md-1-3">
|
||||||
|
<label for="firstname"><?php echo lang('FIRSTNAME'); ?></label>
|
||||||
|
<input type="text" name="firstname" id="firstname" maxlength="50" value="<?php echo $session_user["0"]["firstname"]; ?>" />
|
||||||
|
<label for="lastname"><?php echo lang('LASTNAME'); ?></label>
|
||||||
|
<input type="text" name="lastname" id="lastname" maxlength="50" value="<?php echo $session_user["0"]["lastname"]; ?>" />
|
||||||
|
<label for="email"><?php echo lang('EMAIL'); ?></label>
|
||||||
|
<input type="text" name="email" id="email" maxlength="100" value="<?php echo $session_user["0"]["email"]; ?>" />
|
||||||
|
</div>
|
||||||
|
<div class="pure-u-1 pure-u-md-1-3">
|
||||||
|
<label for="password"><?php echo lang('NEW') . " " . lang('PASSWORD'); ?></label>
|
||||||
|
<input type="password" name="password" id="password" />
|
||||||
|
<label for="newpassword2"><?php echo lang('CONFIRM') . " " . lang('NEW') . " " . lang('PASSWORD'); ?></label>
|
||||||
|
<input type="password" name="newpassword2" id="newpassword2" />
|
||||||
|
</div>
|
||||||
|
<div class="pure-controls pure-u-1">
|
||||||
|
<button type="submit" name="saveprofile" id="saveprofile" class="pure-input-1 pure-button button-success "><?php echo lang('SAVE'); ?></button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</fieldset>
|
||||||
|
</form>
|
||||||
|
<h2 class="content-subhead"><?php echo lang('PUNCH_HISTORY_HEADER'); ?></h2>
|
||||||
|
<p><?php echo lang('PUNCH_HISTORY_DESC'); ?></p>
|
||||||
|
<table class="pure-table">
|
||||||
|
<thead>
|
||||||
|
<tr><th><?php echo lang('IN') . " / " . lang('OUT'); ?></th><th><?php echo lang('HOURS'); ?></th><th><?php echo lang('FLAG'); ?></th><th><?php echo lang('NOTES'); ?></th></tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
<?php foreach (listPunches($db, $session_user["0"]["userid"]) as $row): ?>
|
||||||
|
<tr>
|
||||||
|
<td><?php echo $row['intime'] . " / " . $row['outtime']; ?></td><td><?php echo $row['punchhours']; ?></td><td><?php echo $row['modified']; ?></td><td><?php echo $row['notes']; ?></td>
|
||||||
|
</tr>
|
||||||
|
<?php endforeach; ?>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
|
||||||
<h2 class="content-subhead">Profile Information</h2>
|
<!-- ********** END CONTENT ********** -->
|
||||||
<p>You may make changes to your user profile below if you wish. Updates will take effect immediately on pressing "Save".</p>
|
|
||||||
<p>To change your password, enter a new password twice below and press save. Password minimum length is <?php echo $yaptc_min_password; ?></p>
|
|
||||||
<form class="pure-form pure-form-stacked" action="profile.php" method="post">
|
|
||||||
<fieldset id="update">
|
|
||||||
<div class="pure-g">
|
|
||||||
<div class="pure-u-1 pure-u-md-1-3">
|
|
||||||
<label for="username">Username</label>
|
|
||||||
<input type="text" name="username" maxlength="50" value="<?php echo $session_user["0"]["username"]; ?>" readonly>
|
|
||||||
<label for="created">Created</label>
|
|
||||||
<input type="text" name="created" value="<?php echo $session_user["0"]["created"]; ?>" readonly>
|
|
||||||
<label for="usertype">User Type</label>
|
|
||||||
<input type="text" name="usertype" maxlength="50" value="<?php echo $session_user["0"]["usertype"]; ?>" readonly>
|
|
||||||
<input type="hidden" name="usertypeid" maxlength="50" value="<?php echo $session_user["0"]["usertypeid"]; ?>" readonly>
|
|
||||||
</div>
|
|
||||||
<div class="pure-u-1 pure-u-md-1-3">
|
|
||||||
<label for="firstname">First Name</label>
|
|
||||||
<input type="text" name="firstname" maxlength="50" value="<?php echo $session_user["0"]["firstname"]; ?>">
|
|
||||||
<label for="lastname">Last Name</label>
|
|
||||||
<input type="text" name="lastname" maxlength="50" value="<?php echo $session_user["0"]["lastname"]; ?>">
|
|
||||||
<label for="email">Email</label>
|
|
||||||
<input type="text" name="email" maxlength="100" value="<?php echo $session_user["0"]["email"]; ?>">
|
|
||||||
</div>
|
|
||||||
<div class="pure-u-1 pure-u-md-1-3">
|
|
||||||
<label for="password">New Password</label>
|
|
||||||
<input type="password" name="password">
|
|
||||||
<label for="newpassword2">Confirm Password</label>
|
|
||||||
<input type="password" name="newpassword2">
|
|
||||||
</div>
|
|
||||||
<div class="pure-controls pure-u-1">
|
|
||||||
<button type="submit" class="pure-input-1 pure-button button-success ">Save</button>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</fieldset>
|
|
||||||
</form>
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<!-- ********** END CONTENT ********** -->
|
|
||||||
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>
|
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>
|
||||||
|
117
punchlog.php
117
punchlog.php
@ -1,117 +0,0 @@
|
|||||||
<?php
|
|
||||||
session_start();
|
|
||||||
require_once("config.inc.php");
|
|
||||||
require_once($yaptc_inc . "functions.inc.php");
|
|
||||||
$yaptc_pagename = "Punch Log";
|
|
||||||
require_once($yaptc_inc . "header.inc.php");
|
|
||||||
require_once($yaptc_inc . "menu.inc.php");
|
|
||||||
if (getSessionStatus() == false):
|
|
||||||
killSession();
|
|
||||||
else: ?>
|
|
||||||
<!-- ********** BEGIN CONTENT ********** -->
|
|
||||||
|
|
||||||
|
|
||||||
<?php
|
|
||||||
$userid = $_SESSION['user_id'];
|
|
||||||
|
|
||||||
// This is to get the current user status - in or out - and the notes and times associated for use in the form
|
|
||||||
$result = $yaptc_db->prepare("SELECT punches.id as punchid, users.id as user, punches.intime as intime, punches.outtime as outtime, punches.notes as notes FROM punches INNER JOIN users ON punches.userid = users.id WHERE users.id = $userid ORDER BY punches.id DESC LIMIT 1");
|
|
||||||
$result->execute();
|
|
||||||
$last = $result->fetchObject();
|
|
||||||
|
|
||||||
// Let's build the page - this is the header with current status IF allowed
|
|
||||||
if ($yaptc_allowadvancedpunch == 'yes'):
|
|
||||||
|
|
||||||
echo "<h2 class=\"content-subhead\">Advanced Punch</h2>";
|
|
||||||
if(!isset($last->user)) {
|
|
||||||
echo "<p>You do not appear to have any punches on record.</p>";
|
|
||||||
$status = "Out";
|
|
||||||
} else {
|
|
||||||
if (!empty($last->outtime)) { $status = "Out"; $statustime = $last->outtime; } else { $status = "In"; $statustime = $last->intime; $punchid = $last->punchid; $notes = $last->notes; }
|
|
||||||
echo "<p>You have been Punched $status since " . date('g:i a \o\n M jS, Y', strtotime($statustime)) . ".</p>";
|
|
||||||
}
|
|
||||||
|
|
||||||
echo "<p>Use this form to enter a specific time on your punch. NOTE: changing the time from the current time will cause a flag on your log for the administrator to review, so we suggest you enter a reason why in the notes field (i.e. forgot punch, working from home, system down, etc).</p>";
|
|
||||||
echo "<form class=\"pure-form pure-form-stacked\" action=\"punchlog.php\" method=\"post\">";
|
|
||||||
echo "<fieldset>";
|
|
||||||
echo "<label for=\"punchtime\">Punch Time</label>";
|
|
||||||
echo "<input type=\"text\" name=\"punchtime\" placeholder=\"$timenow\" maxlength=\"20\">";
|
|
||||||
echo "<label for=\"notes\">Notes</label>";
|
|
||||||
if (isset($notes)) {
|
|
||||||
echo "<input type=\"text\" name=\"notes\" placeholder=\"Enter notes if needed\" maxlength=\"255\" value=\"$notes\">";
|
|
||||||
} else {
|
|
||||||
echo "<input type=\"text\" name=\"notes\" placeholder=\"Enter notes if needed\" maxlength=\"255\">";
|
|
||||||
}
|
|
||||||
echo "<div class=\"pure-controls\">";
|
|
||||||
if ($status=="In") {
|
|
||||||
echo "<button type=\"submit\" class=\"pure-button button-xlarge button-success pure-button-disabled\">Punch IN</button>";
|
|
||||||
echo "<button type=\"submit\" class=\"pure-button button-xlarge button-error\">Punch OUT</button>";
|
|
||||||
} else {
|
|
||||||
echo "<button type=\"submit\" class=\"pure-button button-xlarge button-success\">Punch IN</button>";
|
|
||||||
echo "<button type=\"submit\" class=\"pure-button button-xlarge button-error pure-button-disabled\">Punch OUT</button>";
|
|
||||||
}
|
|
||||||
echo "</div>";
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
// If the posted variables are not empty, we must be trying to insert a new punch. Use the form values to insert new record
|
|
||||||
if (!empty($_POST)) {
|
|
||||||
|
|
||||||
// Is the notes field set? If so, use, otherwise set to null
|
|
||||||
if (isset($_POST['notes'])) { if (!empty($_POST['notes'])) { $p_notes = $_POST['notes']; } else { $p_notes = NULL; } } else { $p_notes = NULL; }
|
|
||||||
|
|
||||||
// Is the punch time field set? If so, use, otherwise set to now
|
|
||||||
if (isset($_POST['punchtime'])) {
|
|
||||||
if (!empty($_POST['punchtime'])) { $p_punchtime = $_POST['punchtime'] . ':00'; $p_modified = "1"; } else { $p_punchtime = $timenow; $p_modified = "0"; }
|
|
||||||
} else { $p_punchtime = $timenow; $p_modified = "0"; }
|
|
||||||
|
|
||||||
// Is the user currently punched in? If so, insert the punch out record, otherwise, insert a new punch in
|
|
||||||
if ($status=="In") {
|
|
||||||
$query = "UPDATE punches SET outtime = :p_punchtime, notes = :p_notes, modified = :p_modified WHERE id = :p_punchid";
|
|
||||||
$stmt = $yaptc_db->prepare($query);
|
|
||||||
$stmt->execute(array(
|
|
||||||
':p_punchid' => $punchid,
|
|
||||||
':p_notes' => $p_notes,
|
|
||||||
':p_punchtime' => $p_punchtime,
|
|
||||||
':p_modified' => $p_modified,
|
|
||||||
));
|
|
||||||
} else {
|
|
||||||
$query = "INSERT INTO punches (userid, notes, intime, modified) VALUES (:p_userid, :p_notes, :p_punchtime, :p_modified)";
|
|
||||||
$stmt = $yaptc_db->prepare($query);
|
|
||||||
$stmt->execute(array(
|
|
||||||
':p_userid' => $_SESSION['user_id'],
|
|
||||||
':p_notes' => $p_notes,
|
|
||||||
':p_punchtime' => $p_punchtime,
|
|
||||||
':p_modified' => $p_modified,
|
|
||||||
));
|
|
||||||
}
|
|
||||||
|
|
||||||
// And then send user back to this page to see the updates
|
|
||||||
header('Location: '.$_SERVER['PHP_SELF']);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Close out the form...
|
|
||||||
echo "</fieldset>";
|
|
||||||
echo "</form>";
|
|
||||||
endif;
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
echo "<h2 class=\"content-subhead\">Punch History</h2>";
|
|
||||||
echo "<p>Below is your full punch history, sorted newest to oldest.</p>";
|
|
||||||
?>
|
|
||||||
|
|
||||||
<table class="pure-table">
|
|
||||||
<thead><tr><th>In</th><th>Out</th><th>Name</th><th>Hours</th><th>Flagged</th><th>Notes</th></tr></thead>
|
|
||||||
<tbody><?php foreach (listPunches($db, $session_user["0"]["userid"]) as $row): ?>
|
|
||||||
<tr><td><?php echo $row['intime']; ?></td><td><?php echo $row['outtime']; ?></td><td><?php echo $row['lastname'] . ", " . $row['firstname']; ?></td><td><?php echo $row['punchhours']; ?></td><td><?php echo $row['modified']; ?></td><td><?php echo $row['notes']; ?></td></tr><?php endforeach; ?>
|
|
||||||
</tbody>
|
|
||||||
</table>
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<!-- ********** END CONTENT ********** -->
|
|
||||||
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>
|
|
146
users.php
146
users.php
@ -2,50 +2,32 @@
|
|||||||
session_start();
|
session_start();
|
||||||
require_once("config.inc.php");
|
require_once("config.inc.php");
|
||||||
require_once($yaptc_inc . "functions.inc.php");
|
require_once($yaptc_inc . "functions.inc.php");
|
||||||
$yaptc_pagename = "Users";
|
$yaptc_pagename = lang('USERS');
|
||||||
require_once($yaptc_inc . "header.inc.php");
|
require_once($yaptc_inc . "header.inc.php");
|
||||||
require_once($yaptc_inc . "menu.inc.php");
|
require_once($yaptc_inc . "menu.inc.php");
|
||||||
if (getSessionStatus() == false):
|
if (getSessionStatus() == false):
|
||||||
killSession();
|
killSession();
|
||||||
else: ?>
|
else: ?>
|
||||||
<!-- ********** BEGIN CONTENT ********** -->
|
<!-- ********** BEGIN CONTENT ********** -->
|
||||||
|
|
||||||
|
<?php if($session_user["0"]["usertype"] !== "Administrator"): header("Location: index.php"); ?>
|
||||||
|
<h2 class="content-subhead"><?php echo lang('NOT_AUTHORIZED'); ?></h2>
|
||||||
|
<?php endif; ?>
|
||||||
|
|
||||||
|
<h2 class="content-subhead"><?php echo lang('ADD_USER'); ?></h2>
|
||||||
|
<p><?php echo lang('ADD_USER_DESC') . $yaptc_min_password; ?></p>
|
||||||
|
|
||||||
<?php if ($session_user["0"]["usertype"] == "Administrator"): ?>
|
|
||||||
<h2 class="content-subhead">Add User</h2>
|
|
||||||
<p>All fields are required! Password must be at least <?php echo $yaptc_min_password; ?> characters. Username and email must be unique.</p>
|
|
||||||
<?php
|
<?php
|
||||||
require_once($yaptc_lib . "phpass-0.3/PasswordHash.php");
|
require_once($yaptc_lib . "phpass-0.3/PasswordHash.php");
|
||||||
if (!empty($_POST['newuser']))
|
if (!empty($_POST['newuser'])):
|
||||||
{
|
if (empty($_POST['username'])): $errors['username'] = lang('USERNAME_NOTEMPTY'); endif;
|
||||||
if (empty($_POST['username']))
|
if (preg_match('/[^a-zA-Z0-9 .-_]/', $_POST['username'])): $errors['username'] = lang('ILLEGAL_CHARACTERS'); endif;
|
||||||
{
|
if (empty($_POST['password'])): $errors['password'] = lang('PASSWORD_NOTEMPTY'); endif;
|
||||||
$errors['username'] = "Username cannot be empty.";
|
if (strlen($_POST['password']) < $yaptc_min_password): $errors['password'] = lang('MIN_PASSWORD_LENGTH') . $yaptc_min_password; endif;
|
||||||
}
|
if (empty($_POST['password_confirm'])): $errors['password_confirm'] = lang('PASSWORD_NOTCONFIRMED'); endif;
|
||||||
if (preg_match('/[^a-zA-Z0-9 .-_]/', $_POST['username']))
|
if ($_POST['password'] != $_POST['password_confirm']): $errors['password_confirm'] = lang('PASSWORD_NOTMATCH'); endif;
|
||||||
{
|
|
||||||
$errors['username'] = "Username contains illegal characters.";
|
|
||||||
}
|
|
||||||
if (empty($_POST['password']))
|
|
||||||
{
|
|
||||||
$errors['password'] = "Password cannot be empty.";
|
|
||||||
}
|
|
||||||
if (strlen($_POST['password']) < $yaptc_min_password)
|
|
||||||
{
|
|
||||||
$errors['password'] = "Password must be at least $yaptc_min_password charcaters.";
|
|
||||||
}
|
|
||||||
if (empty($_POST['password_confirm']))
|
|
||||||
{
|
|
||||||
$errors['password_confirm'] = "Please confirm password.";
|
|
||||||
}
|
|
||||||
if ($_POST['password'] != $_POST['password_confirm'])
|
|
||||||
{
|
|
||||||
$errors['password_confirm'] = "Passwords do not match.";
|
|
||||||
}
|
|
||||||
$email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
|
$email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
|
||||||
if (!$email)
|
if (!$email): $errors['email'] = lang('EMAIL_NOTVALID'); endif;
|
||||||
{
|
|
||||||
$errors['email'] = "Not a valid email address.";
|
|
||||||
}
|
|
||||||
$query = "SELECT username, email
|
$query = "SELECT username, email
|
||||||
FROM users
|
FROM users
|
||||||
WHERE username = :username OR email = :email";
|
WHERE username = :username OR email = :email";
|
||||||
@ -54,26 +36,19 @@ if (!empty($_POST['newuser']))
|
|||||||
':username' => $_POST['username'],
|
':username' => $_POST['username'],
|
||||||
':email' => $email
|
':email' => $email
|
||||||
));
|
));
|
||||||
|
|
||||||
$existing = $stmt->fetchObject();
|
$existing = $stmt->fetchObject();
|
||||||
|
if ($existing):
|
||||||
|
if ($existing->username == $_POST['username']): $errors['username'] = lang('USERNAME_USED'); endif;
|
||||||
|
if ($existing->email == $email): $errors['email'] = lang('PASSWORD_USED'); endif;
|
||||||
|
endif;
|
||||||
|
endif;
|
||||||
|
|
||||||
if ($existing)
|
if (!empty($_POST['newuser']) && empty($errors)):
|
||||||
{
|
|
||||||
if ($existing->username == $_POST['username'])
|
|
||||||
{
|
|
||||||
$errors['username'] = "That username is already in use.";
|
|
||||||
}
|
|
||||||
if ($existing->email == $email)
|
|
||||||
{
|
|
||||||
$errors['email'] = "That email address is already in use.";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!empty($_POST['newuser']) && empty($errors))
|
|
||||||
{
|
|
||||||
$hasher = new PasswordHash(8, FALSE);
|
$hasher = new PasswordHash(8, FALSE);
|
||||||
$password = $hasher->HashPassword($_POST['password']);
|
$password = $hasher->HashPassword($_POST['password']);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
$query = "INSERT INTO users (firstname, lastname, username, password, email, created, usertype)
|
$query = "INSERT INTO users (firstname, lastname, username, password, email, created, usertype)
|
||||||
VALUES (:firstname, :lastname, :username, :password, :email, NOW(), :usertype)";
|
VALUES (:firstname, :lastname, :username, :password, :email, NOW(), :usertype)";
|
||||||
$stmt = $yaptc_db->prepare($query);
|
$stmt = $yaptc_db->prepare($query);
|
||||||
@ -85,17 +60,8 @@ if (!empty($_POST['newuser']) && empty($errors))
|
|||||||
':email' => $_POST['email'],
|
':email' => $_POST['email'],
|
||||||
':usertype' => $_POST['usertype'],
|
':usertype' => $_POST['usertype'],
|
||||||
));
|
));
|
||||||
|
if ($success): $message = "Account created."; else: echo "Account could not be created. Please try again later."; endif;
|
||||||
if ($success)
|
endif;
|
||||||
{
|
|
||||||
$message = "Account created.";
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
echo "Account could not be created. Please try again later.";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<?php if (isset($message)): ?>
|
<?php if (isset($message)): ?>
|
||||||
@ -132,8 +98,8 @@ if (!empty($_POST['newuser']) && empty($errors))
|
|||||||
</div>
|
</div>
|
||||||
<div class="pure-u-1 pure-u-md-1">
|
<div class="pure-u-1 pure-u-md-1">
|
||||||
<label for="usertype">Access Level</label>
|
<label for="usertype">Access Level</label>
|
||||||
<select id="usertype" name="usertype" required />
|
<select id="usertype" name="usertype" required>
|
||||||
<option value="00000000002">User</option>
|
<option value="00000000002" selected>User</option>
|
||||||
<option value="00000000001">Administrator</option>
|
<option value="00000000001">Administrator</option>
|
||||||
</select>
|
</select>
|
||||||
<?php echo isset($errors['usertype']) ? $errors['usertype'] : ''; ?>
|
<?php echo isset($errors['usertype']) ? $errors['usertype'] : ''; ?>
|
||||||
@ -165,42 +131,20 @@ echo "user deleted!";
|
|||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<h2 class="content-subhead">User List</h2>
|
<h2 class="content-subhead"><?php echo lang('USER_LIST_HEADER'); ?></h2>
|
||||||
<p>Current users. To edit, select the edit button in the right column.</p>
|
<p><?php echo lang('USER_LIST_DESC'); ?></p>
|
||||||
<table class="pure-table">
|
<table class="pure-table">
|
||||||
<thead>
|
<thead>
|
||||||
<tr>
|
<tr><th><?php echo lang('NAME'); ?></th><th><?php echo lang('USERNAME'); ?></th><th><?php echo lang('EMAIL'); ?></th><th><?php echo lang('CREATED'); ?></th><th><?php echo lang('USERTYPE'); ?></th><th><?php echo lang('ACTIONS'); ?></th></tr>
|
||||||
<th>First Name</th>
|
</thead>
|
||||||
<th>Last Name</th>
|
<tbody>
|
||||||
<th>Username</th>
|
<?php foreach (getUserInfo($db, "%") as $row): ?>
|
||||||
<th>Email</th>
|
<tr>
|
||||||
<th>Created</th>
|
<td><?php echo $row['lastname'] . ", " . $row['firstname']; ?></td><td><?php echo $row['username']; ?></td><td><?php echo $row['email']; ?></td><td><?php echo $row['created']; ?></td><td><?php echo $row['usertype']; ?></td><td><form method="post" onsubmit="return confirm('<?php echo lang('DELETE_WARNING'); ?>')"><input type="hidden" id="_METHOD" name="_METHOD" value="DELETE" /><input type="hidden" id="deleteid" name="deleteid" value="<?php echo $row['userid']; ?>" /><button class="button-error pure-button" id="deluser" name="deluser" value="deluser" type="submit" <?php if ($row['username'] == "admin"): echo "disabled"; endif; ?>>Delete</button></form></td>
|
||||||
<th>User Type</th>
|
</tr>
|
||||||
<th>Actions</th>
|
<?php endforeach; ?>
|
||||||
</tr>
|
</tbody>
|
||||||
</thead>
|
</table>
|
||||||
<tbody>
|
|
||||||
<tr>
|
|
||||||
<?php
|
|
||||||
foreach (getUserInfo($db, "%") as $row) {
|
|
||||||
echo "<td>" . $row['firstname'] . "</td>";
|
|
||||||
echo "<td>" . $row['lastname'] . "</td>";
|
|
||||||
echo "<td>" . $row['username'] . "</td>";
|
|
||||||
echo "<td>" . $row['email'] . "</td>";
|
|
||||||
echo "<td>" . $row['created'] . "</td>";
|
|
||||||
echo "<td>" . $row['usertype'] . "</td>";
|
|
||||||
?>
|
|
||||||
<td><form method="post" onsubmit="return confirm('WARNING! - WARNING! - WARNING! This will delete the user and ALL punches associated with them. There is NO UNDO! Are you sure?')">
|
|
||||||
<input type="hidden" name="_METHOD" value="DELETE">
|
|
||||||
<input type="hidden" name="deleteid" value="<?php echo $row['userid']; ?>"><button button class="button-error pure-button" name="deluser" value="deluser" type="submit" <?php if ($row['username'] == "admin"): echo "disabled"; endif; ?>>Delete</button></form></td>
|
|
||||||
</tr>
|
|
||||||
<?php } ?>
|
|
||||||
</tbody>
|
|
||||||
</table>
|
|
||||||
|
|
||||||
<?php else: ?>
|
<!-- ********** END CONTENT ********** -->
|
||||||
<h2 class="content-subhead">NOT AUTHORIZED!</h2>
|
|
||||||
<?php endif; ?>
|
|
||||||
|
|
||||||
<!-- ********** END CONTENT ********** -->
|
|
||||||
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>
|
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>
|
||||||
|
Loading…
Reference in New Issue
Block a user