more updates and date fixes

.gitignore

@@ -0,0 +1,2 @@
+*~
+config.inc.php

config.inc.php~

@@ -1,22 +0,0 @@
-<?php
-  // User session variables
-  $yaptc_dirpath = '/usr/share/nginx/html/yaptc/'; // absolute path to yaptc
-  $yaptc_webpath = 'http://localhost/yaptc/'; // where is the web url for the root of this app?
-  $yaptc_appname = 'Timecard System'; // name to display in title bar and other headers
-  $yaptc_company = 'Point808'; // name of your company
-  $sql = new PDO('mysql:host=localhost;dbname=yaptc;', 'yaptc', 'yaptcpassw0rd');
-
-  // Other variables probably won't change
-  $_SESSION['yaptc_dir'] = $yaptc_dirpath; 
-  $_SESSION['yaptc_url'] = $yaptc_webpath;
-  $yaptc_inc = $yaptc_dirpath . 'includes/';
-  $yaptc_incweb = $yaptc_webpath . 'includes/';
-
-
-
-  // Has the app been configured (i.e. does a config.inc.php file exist?)
-  if (!file_exists($_SESSION['yaptc_dir'] . 'config.inc.php'))
-  echo "app has not been configured.  please creat a config.inc.php file in your root dir";
-
-?>
-

dashboard.php~

@@ -1,62 +0,0 @@
-<?php
-  session_start();
-
-  // Load config...
-  require_once("config.inc.php");
-
-  // Page title mod
-  $yaptc_pagename = 'Dashboard';
-
-  // Load header
-  require_once($yaptc_inc . "header.inc.php");
-
-  // Load menu
-  require_once($yaptc_inc . "menu.inc.php");
-
-  //************************ CONTENT START ************************
-
-  // If user is not logged in, give error and option to go to login
-  if (!isset($_SESSION['user_id']) || !isset($_SESSION['signature']) || !isset($_SESSION['loggedIn']) || $_SESSION['loggedIn'] != true || $_SESSION['signature'] != md5($_SESSION['user_id'] . $_SERVER['HTTP_USER_AGENT']))
-  {
-    session_destroy();
-
-    echo "not logged in!!!";
-    exit();
-  }
-  else
-  {
-
-// content for logged-in users here
-
-    $query = "SELECT users.id, users.password, users.created, users.username, users.firstname, users.lastname, users.email, usertypes.typename AS usertype
-              FROM users, usertypes
-              WHERE users.id = :id";
-      $stmt = $sql->prepare($query);
-      $stmt->execute(array(':id' => $_SESSION['user_id']));
-      $user = $stmt->fetchObject();
-    echo 'You may make changes to your user profile below if you wish.  Updates will take effect immediately on pressing "Save".';
-    echo '<form class="pure-form" action="profile.php" method="post">';
-    echo '<fieldset class="pure-group" id="userinfo">';
-    echo '<label for="username">Username</label>';
-    echo "<input type=\"text\" class=\"pure-input-1-2\" placeholder=\"$user->username\" value=\"$user->username\" id=\"username\" name=\"username\" readonly>";
-    echo '<label for="created">Created</label>';
-    echo "<input type=\"text\" class=\"pure-input-1-2\" placeholder=\"$user->created\" value=\"$user->created\" id=\"created\" name=\"created\" readonly>";
-    echo '<label for="usertype">User Type</label>';
-    echo "<input type=\"text\" class=\"pure-input-1-2\" placeholder=\"$user->usertype\" value=\"$user->usertype\" id=\"usertype\" name=\"usertype\" readonly>";
-    echo '<label for="firstname">First Name</label>';
-    echo "<input type=\"text\" class=\"pure-input-1-2\" placeholder=\"$user->firstname\" id=\"firstname\" name=\"firstname\">";
-    echo '<label for="lastname">Last Name</label>';
-    echo "<input type=\"text\" class=\"pure-input-1-2\" placeholder=\"$user->lastname\" id=\"lastname\" name=\"lastname\">";
-    echo '<label for="username">Email Address</label>';
-    echo "<input type=\"text\" class=\"pure-input-1-2\" placeholder=\"$user->email\" id=\"username\" name=\"username\">";
-    echo '</fieldset>';
-    echo '<button type="submit" class="pure-button pure-input-1-2 pure-button-primary" value="Update">Save Changes</button>';
-    echo '</form>';
-
-// end logged-in content
-  }
-
-  //************************ CONTENT END ************************
-  // Load footer
-  require_once($yaptc_inc . "footer.inc.php");
-?>

includes/date_time.js~

@@ -1,29 +0,0 @@
-function date_time(id)
-{
-        date = new Date;
-        year = date.getFullYear();
-        month = date.getMonth();
-        months = new Array('January', 'February', 'March', 'April', 'May', 'June', 'Jully', 'August', 'September', 'October', 'November', 'December');
-        d = date.getDate();
-        day = date.getDay();
-        days = new Array('Sunday', 'Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday');
-        h = date.getHours();
-        if(h<10)
-        {
-                h = "0"+h;
-        }
-        m = date.getMinutes();
-        if(m<10)
-        {
-                m = "0"+m;
-        }
-        s = date.getSeconds();
-        if(s<10)
-        {
-                s = "0"+s;
-        }
-        result = ''+days[day]+' '+months[month]+' '+d+' '+year+' '+h+':'+m+':'+s;
-        document.getElementById(id).innerHTML = result;
-        setTimeout('date_time("'+id+'");','1000');
-        return true;
-}

includes/footer.inc.php

@@ -4,6 +4,6 @@
         </div>
 
 </div>
-<script src="<?php echo $yaptc_incweb; ?>ui.js"></script>
+<script src="<?php echo $yaptc_libweb; ?>ui.js"></script>
 </body>
 </html>

includes/footer.inc.php~

@@ -1,8 +0,0 @@
-<p>
-<center>Server Time: <span id="date_time"></span><script type="text/javascript">window.onload = date_time('date_time');</script></center>
-</p>
-</div>
-</div>
-<script src="<?php echo $yaptc_incweb; ?>ui.js"></script>
-</body>
-</html>

includes/head.inc.php~

@@ -1,17 +0,0 @@
-<!doctype html>
-<html lang="en">
-  <head>
-    <meta charset="utf-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <meta name="description" content="YAPTC Timecard system is a time recording application for small businesses.">
-    <title><?php echo $yaptc_appname . " : " . $yaptc_pagename; ?></title>
-    <link rel="stylesheet" href="<?php echo $yaptc_incweb; ?>pure/pure.css">
-    <!--[if lte IE 8]>
-      <link rel="stylesheet" href="css/layouts/side-menu-old-ie.css">
-    <![endif]-->
-    <!--[if gt IE 8]><!-->
-      <link rel="stylesheet" href="css/layouts/side-menu.css">
-    <!--<![endif]-->
-
-  </head>
-  <body>

includes/header.inc.php

@@ -5,8 +5,8 @@
 <meta name="viewport" content="width=device-width, initial-scale=1.0">
 <meta name="description" content="YAPTC Timecard system is a time recording application for small businesses.">
 <title><?php echo $yaptc_company . ">" . $yaptc_appname . ">" . $yaptc_pagename; ?></title>
-<link rel="stylesheet" href="<?php echo $yaptc_incweb; ?>pure/pure.css">
-<script type="text/javascript" src="<?php echo $yaptc_incweb; ?>date_time.js"></script>
+<link rel="stylesheet" href="<?php echo $yaptc_libweb; ?>pure/pure.css">
+<script type="text/javascript" src="<?php echo $yaptc_libweb; ?>date_time.js"></script>
 <!--[if lte IE 8]>
 <link rel="stylesheet" href="<?php echo $yaptc_incweb; ?>side-menu-old-ie.css">
 <![endif]-->

includes/header.inc.php~

@@ -1,18 +0,0 @@
-<!doctype html>
-<html lang="en">
-<head>
-<meta charset="utf-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<meta name="description" content="YAPTC Timecard system is a time recording application for small businesses.">
-<title><?php echo $yaptc_company . ">" . $yaptc_appname . ">" . $yaptc_pagename; ?></title>
-<link rel="stylesheet" href="<?php echo $yaptc_incweb; ?>pure/pure.css">
-<script src="<?php echo $yaptc_incweb; ?>ui.js"></script>
-<script type="text/javascript" src="<?php echo $yaptc_incweb; ?>date_time.js"></script>
-<!--[if lte IE 8]>
-<link rel="stylesheet" href="<?php echo $yaptc_incweb; ?>side-menu-old-ie.css">
-<![endif]-->
-<!--[if gt IE 8]><!-->
-<link rel="stylesheet" href="<?php echo $yaptc_incweb; ?>side-menu.css">
-<!--<![endif]-->
-</head>
-<body>

includes/index.php

@@ -1,4 +1 @@
-<?php
-  // Simple hack to avoid directory listing...
-  header("Location: ../index.php");
-?>
+<?php session_start(); require_once("../config.inc.php"); header("Location: " . $yaptc_webpath . "index.php"); ?>

includes/index.php~

@@ -1,3 +0,0 @@
-<?php
-header("Location: ../index.php");
-?>

includes/menu.inc.php~

@@ -1,46 +0,0 @@
-    <div id="layout">
-      <!-- Menu toggle -->
-      <a href="#menu" id="menuLink" class="menu-link">
-        <!-- Hamburger icon -->
-        <span></span>
-      </a>
-
-      <div id="menu">
-        <div class="pure-menu pure-menu-open">
-          <a class="pure-menu-heading" href="index.php"><?php echo $yaptc_company; ?></a>
-          <ul>
-            <?php
-// eventually i should go back here and oiinly allow menu options to open based on the user type details...
-
-  // If user is not logged in, only show login option
-  if (!isset($_SESSION['user_id']) || !isset($_SESSION['signature']) || !isset($_SESSION['loggedIn']) || $_SESSION['loggedIn'] != true || $_SESSION['signature'] != md5($_SESSION['user_id'] . $_SERVER['HTTP_USER_AGENT']))
-  {
-
-
-              echo '<li'; if ($yaptc_pagename=='Login') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="login.php">Login</a></li>';
-
-  }
-  elseif
-  {
-
-              echo '<li'; if ($yaptc_pagename=='Home') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="index.php">Home</a></li>';
-              echo '<li'; if ($yaptc_pagename=='Profile') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="profile.php">Profile</a></li>';
-              echo '<li'; if ($yaptc_pagename=='Time') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="time.php">Time</a></li>';
-              echo '<li'; if ($yaptc_pagename=='Dashboard') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="dashboard.php">Dashboard</a></li>';
-              echo '<li'; if ($yaptc_pagename=='Reports') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="reports.php">Reports</a></li>';
-              echo '<li'; if ($yaptc_pagename=='Login') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="login.php">Login</a></li>';
-              echo '<li'; if ($yaptc_pagename=='Logout') {echo ' class="pure-menu-selected">';} else {echo '>';} echo '<a href="logout.php">Logout</a></li>';
-}
-            ?>
-          </ul>
-        </div>
-      </div>
-
-      <div id="main">
-
-        <div class="header">
-          <h1><?php echo $yaptc_pagename; ?></h1>
-          <h2><?php if (isset($_SESSION['user_id'])) {echo "User: " . $_SESSION['firstname'] . ' ' . $_SESSION['lastname'];} else {echo "Please log in to use the timecard system";}?></h2>
-        </div>
-
-        <div class="content">

includes/pure/index.php

@@ -1,4 +0,0 @@
-<?php
-  // Simple hack to avoid directory listing...
-  header("Location: ../index.php");
-?>

includes/side-menu.css~

@@ -1,281 +0,0 @@
-
-body {
-    color: #777;
-}
-
-
-.pure-img-responsive {
-    max-width: 100%;
-    height: auto;
-}
-
-/*
-Add transition to containers so they can push in and out.
-*/
-#layout,
-#menu,
-.menu-link {
-    -webkit-transition: all 0.2s ease-out;
-    -moz-transition: all 0.2s ease-out;
-    -ms-transition: all 0.2s ease-out;
-    -o-transition: all 0.2s ease-out;
-    transition: all 0.2s ease-out;
-}
-
-/*
-This is the parent `<div>` that contains the menu and the content area.
-*/
-#layout {
-    position: relative;
-    padding-left: 0;
-}
-    #layout.active {
-        position: relative;
-        left: 150px;
-    }
-        #layout.active #menu {
-            left: 150px;
-            width: 150px;
-        }
-
-        #layout.active .menu-link {
-            left: 150px;
-        }
-/*
-The content `<div>` is where all your content goes.
-*/
-.content {
-    margin: 0 auto;
-    padding: 0 2em;
-    max-width: 800px;
-    margin-bottom: 50px;
-    line-height: 1.6em;
-}
-
-.header {
-     margin: 0;
-     color: #333;
-     text-align: center;
-     padding: 2.5em 2em 0;
-     border-bottom: 1px solid #eee;
- }
-    .header h1 {
-        margin: 0.2em 0;
-        font-size: 3em;
-        font-weight: 300;
-    }
-     .header h2 {
-        font-weight: 300;
-        color: #ccc;
-        padding: 0;
-        margin-top: 0;
-    }
-
-.content-subhead {
-    margin: 50px 0 20px 0;
-    font-weight: 300;
-    color: #888;
-}
-
-
-
-/*
-The `#menu` `<div>` is the parent `<div>` that contains the `.pure-menu` that
-appears on the left side of the page.
-*/
-
-#menu {
-    margin-left: -150px; /* "#menu" width */
-    width: 150px;
-    position: fixed;
-    top: 0;
-    left: 0;
-    bottom: 0;
-    z-index: 1000; /* so the menu or its navicon stays above all content */
-    background: #191818;
-    overflow-y: auto;
-    -webkit-overflow-scrolling: touch;
-}
-    /*
-    All anchors inside the menu should be styled like this.
-    */
-    #menu a {
-        color: #999;
-        border: none;
-        padding: 0.6em 0 0.6em 0.6em;
-    }
-
-    /*
-    Remove all background/borders, since we are applying them to #menu.
-    */
-     #menu .pure-menu,
-     #menu .pure-menu ul {
-        border: none;
-        background: transparent;
-    }
-
-    /*
-    Add that light border to separate items into groups.
-    */
-    #menu .pure-menu ul,
-    #menu .pure-menu .menu-item-divided {
-        border-top: 1px solid #333;
-    }
-        /*
-        Change color of the anchor links on hover/focus.
-        */
-        #menu .pure-menu li a:hover,
-        #menu .pure-menu li a:focus {
-            background: #333;
-        }
-
-    /*
-    This styles the selected menu item `<li>`.
-    */
-    #menu .pure-menu-selected,
-    #menu .pure-menu-heading {
-        background: #1f8dd6;
-    }
-        /*
-        This styles a link within a selected menu item `<li>`.
-        */
-        #menu .pure-menu-selected a {
-            color: #fff;
-        }
-
-    /*
-    This styles the menu heading.
-    */
-    #menu .pure-menu-heading {
-        font-size: 110%;
-        color: #fff;
-        margin: 0;
-    }
-
-/* -- Dynamic Button For Responsive Menu -------------------------------------*/
-
-/*
-The button to open/close the Menu is custom-made and not part of Pure. Here's
-how it works:
-*/
-
-/*
-`.menu-link` represents the responsive menu toggle that shows/hides on
-small screens.
-*/
-.menu-link {
-    position: fixed;
-    display: block; /* show this only on small screens */
-    top: 0;
-    left: 0; /* "#menu width" */
-    background: #000;
-    background: rgba(0,0,0,0.7);
-    font-size: 10px; /* change this value to increase/decrease button size */
-    z-index: 10;
-    width: 2em;
-    height: auto;
-    padding: 2.1em 1.6em;
-}
-
-    .menu-link:hover,
-    .menu-link:focus {
-        background: #000;
-    }
-
-    .menu-link span {
-        position: relative;
-        display: block;
-    }
-
-    .menu-link span,
-    .menu-link span:before,
-    .menu-link span:after {
-        background-color: #fff;
-        width: 100%;
-        height: 0.2em;
-    }
-
-        .menu-link span:before,
-        .menu-link span:after {
-            position: absolute;
-            margin-top: -0.6em;
-            content: " ";
-        }
-
-        .menu-link span:after {
-            margin-top: 0.6em;
-        }
-
-
-/* -- Responsive Styles (Media Queries) ------------------------------------- */
-
-/*
-Hides the menu at `48em`, but modify this based on your app's needs.
-*/
-@media (min-width: 48em) {
-
-    .header,
-    .content {
-        padding-left: 2em;
-        padding-right: 2em;
-    }
-
-    #layout {
-        padding-left: 150px; /* left col width "#menu" */
-        left: 0;
-    }
-    #menu {
-        left: 150px;
-    }
-
-    .menu-link {
-        position: fixed;
-        left: 150px;
-        display: none;
-    }
-
-    #layout.active .menu-link {
-        left: 150px;
-    }
-}
-
-        .button-success,
-        .button-error,
-        .button-warning,
-        .button-secondary {
-            color: white;
-            border-radius: 4px;
-            text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
-        }
-
-        .button-success {
-            background: rgb(28, 184, 65); /* this is a green */
-        }
-
-        .button-error {
-            background: rgb(202, 60, 60); /* this is a maroon */
-        }
-
-        .button-warning {
-            background: rgb(223, 117, 20); /* this is an orange */
-        }
-
-        .button-secondary {
-            background: rgb(66, 184, 221); /* this is a light blue */
-        }
-
-       .button-xsmall {
-            font-size: 70%;
-        }
-
-        .button-small {
-            font-size: 85%;
-        }
-
-        .button-large {
-            font-size: 110%;
-        }
-
-        .button-xlarge {
-            font-size: 125%;
-        }

index.php

@@ -23,7 +23,7 @@ $result = $sql->prepare("SELECT punches.id as punchid, users.id as user, punchty
 $result->execute();
 $last = $result->fetchObject();
 echo "<h2 class=\"content-subhead\">Current Status</h2>";
-echo "<p>You have been Punched $last->type since $last->time.</p>";
+echo "<p>You have been Punched $last->type since " . date('g:i a \o\n M jS, Y', strtotime($last->time)) . ".</p>";
 echo "<h2 class=\"content-subhead\">Quick Punch</h2>";
 echo "<p>Clicking the button below will immediately enter a new punch for you depending on your current status.  Any notes you enter will be attached to the punch for your administrator to review.</p>";
 echo "<form class=\"pure-form pure-form-stacked\">";

index.php~

@@ -1,57 +0,0 @@
-<?php
-session_start();
-require_once("config.inc.php");
-$yaptc_pagename = "Home";
-require_once($yaptc_inc . "header.inc.php");
-require_once($yaptc_inc . "menu.inc.php");
-//********** BEGIN CONTENT **********//
-
-// Is user logged in?  If not, they shouldn't be here - kill all variables and redirect to login...
-if (!isset($_SESSION['user_id']) || !isset($_SESSION['signature']) || !isset($_SESSION['loggedIn']) || $_SESSION['loggedIn'] != true || $_SESSION['signature'] != md5($_SESSION['user_id'] . $_SERVER['HTTP_USER_AGENT']))
-{
-session_start();
-session_unset();
-session_destroy();
-header ("Refresh:3; url=login.php", true, 303);
-echo "<h2 class=\"content-subhead\">You are not logged in!!!</h2>";
-}
-else
-{
-
-$userid = $_SESSION['user_id'];
-$result = $sql->prepare("SELECT punches.id as punchid, users.id as user, punchtypes.id as typeid, punchtypes.punchname as type, punches.time as time, punches.notes as notes, punches.modified as modified FROM punches INNER JOIN users ON punches.userid = users.id INNER JOIN punchtypes ON punches.punchtypeid = punchtypes.id WHERE users.id = $userid ORDER BY punches.id DESC LIMIT 1");
-$result->execute();
-$last = $result->fetchObject();
-echo "<h2 class=\"content-subhead\">Current Status</h2>";
-echo "<p>You have been Punched $last->type since $last->time.</p>";
-echo "<h2 class=\"content-subhead\">Quick Punch</h2>";
-echo "<p>Clicking the button below will immediately enter a new punch for you depending on your current status.  Any notes you enter will be attached to the punch for your administrator to review.</p>";
-echo "<form class=\"pure-form pure-form-stacked\">";
-echo "<fieldset>";
-echo "<input type=\"notes\" placeholder=\"Enter notes if needed\" maxlength=\"255\">";
-echo "<div class=\"pure-controls\">";
-
-
-if ($last->typeid=="00000000001") {
-  //$result = $sql->prepare("INSERT INTO punches (userid, punchtypeid, time) VALUES ($userid, "00000000002", NOW())");
-  //$result->execute();
-  //$punch = $result->fetchObject();
-echo "<button type=\"submit\" class=\"pure-button button-xlarge button-success\">Punch OUT</button>";
-  } else {
-echo "<button type=\"submit\" class=\"pure-button button-xlarge button-success\">Punch IN</button>";
-}
-
-echo "</div>";
-echo "</fieldset>";
-echo "</form>";
-
-
-
-
-
-
-  }
-
-//********** END CONTENT **********//
-require_once($yaptc_inc . "footer.inc.php");
-?>

lib/index.php

@@ -1,4 +1 @@
-<?php
-  // Simple hack to avoid directory listing...
-  header("Location: ../index.php");
-?>
+<?php session_start(); require_once("../config.inc.php"); header("Location: " . $yaptc_webpath . "index.php"); ?>

lib/phpass-0.3/c/index.php

@@ -0,0 +1 @@
+<?php session_start(); require_once("../../../config.inc.php"); header("Location: " . $yaptc_webpath . "index.php"); ?>

lib/phpass-0.3/index.php

@@ -0,0 +1 @@
+<?php session_start(); require_once("../../config.inc.php"); header("Location: " . $yaptc_webpath . "index.php"); ?>

lib/pure/index.php

@@ -0,0 +1 @@
+<?php session_start(); require_once("../../config.inc.php"); header("Location: " . $yaptc_webpath . "index.php"); ?>

login.php~

@@ -1,58 +0,0 @@
-<?php
-session_start();
-require_once("config.inc.php");
-$yaptc_pagename = "Login";
-require_once($yaptc_inc . "header.inc.php");
-require_once($yaptc_inc . "menu.inc.php");
-//********** BEGIN CONTENT **********//
-
-// Is user logged in?  If so, tell them and go to main...
-if (isset($_SESSION['user_id']) && isset($_SESSION['signature']) && isset($_SESSION['loggedIn']) && $_SESSION['loggedIn'] = true && $_SESSION['signature'] = md5($_SESSION['user_id'] . $_SERVER['HTTP_USER_AGENT']))
-{
-header ("Refresh:3; url=index.php", true, 303);
-echo "<h2 class=\"content-subhead\">You are already logged in...</h2>";
-}
-else
-{
-echo "<h2 class=\"content-subhead\">User Login</h2>";
-  echo '<form class="pure-form" action="login.php" method="post">';
-  echo '<fieldset class="pure-group" id="login">';
-  echo '<label for="username">Username</label>';
-  echo '<input type="text" class="pure-input-1-2" placeholder="Username" id="username" name="username">';
-  echo '<label for="password">Password</label>';
-  echo '<input type="password" class="pure-input-1-2" placeholder="Password" id="password" name="password">';
-  echo '</fieldset>';
-  echo '<button type="submit" class="pure-button pure-input-1-2 pure-button-primary" value="Login">Sign in</button>';
-  echo '</form>';
-require_once($yaptc_lib . "phpass-0.3/PasswordHash.php");
-    $hasher = new PasswordHash(8, FALSE);
-    if (!empty($_POST)) {
-      $query = "SELECT id, password, UNIX_TIMESTAMP(created) AS salt, firstname, lastname FROM users WHERE username = :username";
-      $stmt = $sql->prepare($query);
-      $stmt->execute(array(':username' => $_POST['username']));
-      $user = $stmt->fetchObject();
-      if ($user && $user->password == $hasher->CheckPassword($_POST['password'], $user->password)) {
-        session_regenerate_id();
-        $_SESSION['user_id']   = $user->id;
-        $_SESSION['loggedIn']  = TRUE;
-        $_SESSION['signature'] = md5($user->id . $_SERVER['HTTP_USER_AGENT']);
-        $_SESSION['firstname']   = $user->firstname;
-        $_SESSION['lastname']   = $user->lastname;
-        session_write_close();
-        echo "Login successful...";
-         header("Location: index.php");
-
-      }
-      else
-      {
-header ("Refresh:3; url=login.php", true, 303);
-echo "<h2 class=\"content-subhead\">Login failed, please try again...</h2>";
-      }
-    }
-
-  }
-
-
-//********** END CONTENT **********//
-require_once($yaptc_inc . "footer.inc.php");
-?>

logout.php~

@@ -1,28 +0,0 @@
-<?php
-session_start();
-require_once("config.inc.php");
-$yaptc_pagename = "Logout";
-require_once($yaptc_inc . "header.inc.php");
-require_once($yaptc_inc . "menu.inc.php");
-//********** BEGIN CONTENT **********//
-
-// Does user have any session settings active?  Kill them all...
-if (isset($_SESSION['user_id']) || isset($_SESSION['signature']) || isset($_SESSION['loggedIn']) || $_SESSION['loggedIn'] = true || $_SESSION['signature'] = md5($_SESSION['user_id'] . $_SERVER['HTTP_USER_AGENT']))
-{
-session_start();
-session_unset();
-session_destroy();
-header ("Refresh:3; url=index.php", true, 303);
-echo "<h2 class=\"content-subhead\">You have successfully logged out...</h2>";
-}
-else
-{
-session_start();
-session_unset();
-session_destroy();
-header ("Location: login.php");
-}
-
-//********** END CONTENT **********//
-require_once($yaptc_inc . "footer.inc.php");
-?>

profile.php~

@@ -1,57 +0,0 @@
-<?php
-  session_start();
-
-  // Load config...
-  require_once("config.inc.php");
-
-  // Page title mod
-  $yaptc_pagename = 'Profile';
-
-  // Load header
-  require_once($yaptc_inc . "header.inc.php");
-
-  // Load menu
-  require_once($yaptc_inc . "menu.inc.php");
-
-  //************************ CONTENT START ************************
-
-  // If user is not logged in, give error and option to go to login
-  if (!isset($_SESSION['user_id']) || !isset($_SESSION['signature']) || !isset($_SESSION['loggedIn']) || $_SESSION['loggedIn'] != true || $_SESSION['signature'] != md5($_SESSION['user_id'] . $_SERVER['HTTP_USER_AGENT']))
-  {
-    session_destroy();
-
-    echo "not logged in!!!";
-    exit();
-  }
-  else
-  {
-    $query = "SELECT users.id, users.password, users.created, users.username, users.firstname, users.lastname, users.email, usertypes.typename AS usertype
-              FROM users, usertypes
-              WHERE id = :id";
-      $stmt = $sql->prepare($query);
-      $stmt->execute(array(':id' => $_SESSION['user_id']));
-      $user = $stmt->fetchObject();
-    echo 'You may make changes to your user profile below if you wish.  Updates will take effect immediately on pressing "Save".';
-    echo '<form class="pure-form" action="profile.php" method="post">';
-    echo '<fieldset class="pure-group" id="userinfo">';
-    echo '<label for="username">Username</label>';
-    echo "<input type=\"text\" class=\"pure-input-1-2\" placeholder=\"$user->username\" value=\"$user->username\" id=\"username\" name=\"username\" readonly>";
-    echo '<label for="created">Created</label>';
-    echo "<input type=\"text\" class=\"pure-input-1-2\" placeholder=\"$user->created\" value=\"$user->created\" id=\"created\" name=\"created\" readonly>";
-    echo '<label for="usertype">User Type</label>';
-    echo "<input type=\"text\" class=\"pure-input-1-2\" placeholder=\"$user->usertype\" value=\"$user->usertype\" id=\"usertype\" name=\"usertype\" readonly>";
-    echo '<label for="firstname">First Name</label>';
-    echo "<input type=\"text\" class=\"pure-input-1-2\" placeholder=\"$user->firstname\" id=\"firstname\" name=\"firstname\">";
-    echo '<label for="lastname">Last Name</label>';
-    echo "<input type=\"text\" class=\"pure-input-1-2\" placeholder=\"$user->lastname\" id=\"lastname\" name=\"lastname\">";
-    echo '<label for="username">Email Address</label>';
-    echo "<input type=\"text\" class=\"pure-input-1-2\" placeholder=\"$user->email\" id=\"username\" name=\"username\">";
-    echo '</fieldset>';
-    echo '<button type="submit" class="pure-button pure-input-1-2 pure-button-primary" value="Update">Save Changes</button>';
-    echo '</form>';
-  }
-
-  //************************ CONTENT END ************************
-  // Load footer
-  require_once($yaptc_inc . "footer.inc.php");
-?>

register.php~

@@ -1,189 +0,0 @@
-<?php
-
-include 'lib/phpass-0.3/PasswordHash.php';
-
-/**
- * Don't use mysql_ functions. These are for MySQL 4.x and have been deprecated
- * since 2004. MySQLi is fine if you know you'll only be using MySQL databases.
- * PDO doesn't tie you to a specific RDBMS.
- */
-$sql = new mysqli('localhost', 'yaptc', 'yaptcpassw0rd', 'yaptc');
-
-// Create an array to catch any errors in the registration form.
-$errors = array();
-
-/**
- * Make sure the form has been submitted before trying to process it. This is
- * single most common cause of 'undefined index' notices.
- */
-if (!empty($_POST))
-{
-    // First check that required fields have been filled in.
-    if (empty($_POST['username']))
-    {
-        $errors['username'] = "Username cannot be empty.";
-    }
-
-    // OPTIONAL
-    // Restrict usernames to alphanumeric plus space, dot, dash, and underscore.
-    /*
-    if (preg_match('/[^a-zA-Z0-9 .-_]/', $_POST['username']))
-    {
-        $errors['username'] = "Username contains illegal characters.";
-    }
-    */
-
-    if (empty($_POST['password']))
-    {
-        $errors['password'] = "Password cannot be empty.";
-    }
-
-    /**
-     * Note there's no upper limit to password length.
-     */
-    if (strlen($_POST['password']) < 8)
-    {
-        $errors['password'] = "Password must be at least 8 charcaters.";
-    }
-
-    // OPTIONAL
-    // Force passwords to contain at least one number and one special character.
-    /*
-    if (!preg_match('/[0-9]/', $_POST['password']))
-    {
-        $errors['password'] = "Password must contain at least one number.";
-    }
-    if (!preg_match('/[\W]/', $_POST['password']))
-    {
-        $errors['password'] = "Password must contain at least one special character.";
-    }
-    */
-
-    if (empty($_POST['password_confirm']))
-    {
-        $errors['password_confirm'] = "Please confirm password.";
-    }
-
-    if ($_POST['password'] != $_POST['password_confirm'])
-    {
-        $errors['password'] = "Passwords do not match.";
-    }
-
-    $email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
-    if (!$email)
-    {
-        $errors['email'] = "Not a valid email address.";
-    }
-
-    /**
-     * Escape the data we're going to use in our query. Never trust user input.
-     */
-    $username = $sql->real_escape_string($_POST['username']);
-    $email    = $sql->real_escape_string($email);
-
-    /**
-     * Check that the username and email aren't already in our database.
-     *
-     * Note also the absence of SELECT *
-     * Grab the columns you need, nothing more.
-     */
-    $query  = "SELECT username, email
-               FROM users
-               WHERE username = '{$username}' OR email = '{$email}'";
-    $result = $sql->query($query);
-
-    /**
-     * There may well be more than one point of failure, but all we really need
-     * is the first one.
-     */
-    $existing = $result->fetch_object();
-
-    if ($existing)
-    {
-        if ($existing->username == $_POST['username'])
-        {
-            $errors['username'] = "That username is already in use.";
-        }
-        if ($existing->email == $email)
-        {
-            $errors['email'] = "That email address is already in use.";
-        }
-    }
-}
-
-/**
- * If the form has been submitted and no errors were detected, we can proceed
- * to account creation.
- */
-if (!empty($_POST) && empty($errors))
-{
-    /**
-     * Hash password before storing in database
-     */
-    $hasher = new PasswordHash(8, FALSE);
-    $password = $hasher->HashPassword($_POST['password']);
-
-    $query = "INSERT INTO users (username, password, email, created)
-              VALUES ('{$username}', '{$password}', '{$email}', NOW())";
-    $success = $sql->query($query);
-
-    if ($success)
-    {
-        $message = "Account created.";
-    }
-    else
-    {
-        $errors['registration'] = "Account could not be created. Please try again later.";
-    }
-}
-
-?>
-
-<!DOCTYPE html>
-<html>
-    <head>
-        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-        <title>User Registration</title>
-    </head>
-    <body>
-        <?php if (isset($message)): ?>
-        <p class="success"><?php echo $message; ?></p>
-        <?php endif; ?>
-
-        <!-- Note that we're again checking that each array key exists before
-             trying to use it, in order to prevent undefined index notices. -->
-        <?php if (isset($errors['registration'])): ?>
-        <p class="error"><?php echo $errors['registration']; ?></p>
-        <?php endif; ?>
-
-        <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
-            <fieldset id="registration">
-                <label for="username">Username</label>
-                <input type="text" id="username" name="username" />
-                <span class="error">
-                    <?php echo isset($errors['username']) ? $errors['username'] : ''; ?>
-                </span><br />
-
-                <label for="email">Email Address</label>
-                <input type="text" id="email" name="email" />
-                <span class="error">
-                    <?php echo isset($errors['email']) ? $errors['email'] : ''; ?>
-                </span><br />
-
-                <label for="password">Password</label>
-                <input type="password" id="password" name="password" />
-                <span class="error">
-                    <?php echo isset($errors['password']) ? $errors['password'] : ''; ?>
-                </span><br />
-
-                <label for="password_confirm">Confirm Password</label>
-                <input type="password" id="password_confirm" name="password_confirm" />
-                <span class="error">
-                    <?php echo isset($errors['password_confirm']) ? $errors['password_confirm'] : ''; ?>
-                </span><br />
-
-                <input type="submit" value="Submit" />
-            </fieldset>
-        </form>
-    </body>
-</html>

time.php~

@@ -1,82 +0,0 @@
-<?php
-  session_start();
-
-  // Load config...
-  require_once("config.inc.php");
-
-  // Page title mod
-  $yaptc_pagename = 'Time';
-
-  // Load header
-  require_once($yaptc_inc . "header.inc.php");
-
-  // Load menu
-  require_once($yaptc_inc . "menu.inc.php");
-
-  //************************ CONTENT START ************************
-
-  // If user is not logged in, give error and option to go to login
-  if (!isset($_SESSION['user_id']) || !isset($_SESSION['signature']) || !isset($_SESSION['loggedIn']) || $_SESSION['loggedIn'] != true || $_SESSION['signature'] != md5($_SESSION['user_id'] . $_SERVER['HTTP_USER_AGENT']))
-  {
-    session_destroy();
-
-    echo "not logged in!!!";
-    exit();
-  }
-  else
-  {
-
-// content for logged-in users here
-$userid = $_SESSION['user_id'];
-
-$result = $sql->prepare("SELECT punches.id as punchid, users.id as user, punchtypes.punchname as type, punches.time as time, punches.notes as notes, punches.modified as modified FROM punches INNER JOIN users ON punches.userid = users.id INNER JOIN punchtypes ON punches.punchtypeid = punchtypes.id WHERE users.id = $userid ORDER BY punches.id DESC LIMIT 1");
-$result->execute();
-$last = $result->fetchObject();
-echo "You have been punched $last->type since $last->time.";
-
-
-// eventually i will get these in one query - for now this is separate to show all punches vs the last punch and status
-$result = $sql->prepare("SELECT punches.id as punchid, users.id as user, punchtypes.punchname as type, punches.time as time, punches.notes as notes, punches.modified as modified FROM punches INNER JOIN users ON punches.userid = users.id INNER JOIN punchtypes ON punches.punchtypeid = punchtypes.id WHERE users.id = $userid ORDER BY punches.id DESC");
-$result->execute();
-
-
-echo '<table class="pure-table">';
-echo '<thead>';
-echo '<tr>';
-echo '<th>Time</th>';
-echo '<th>Type</th>';
-echo '<th>Changed</th>';
-echo '<th>Notes</th>';
-echo '</tr>';
-echo '</thead>';
-echo '<tbody>';
-while ($row = $result->fetch(PDO::FETCH_ASSOC))
-{
-$time = $row['time'];
-$type = $row['type'];
-$changed = $row['modified'];
-if ($changed == "1") {$chg="YES";} else {$chg="NO";}
-$notes = $row['notes'];
-echo "<tr>";
-echo "<td>$time</td>";
-echo "<td>$type</td>";
-echo "<td>$chg</td>";
-echo "<td>$notes</td>";
-echo "</tr>";
-}
-echo '</tbody>';
-echo '</table>';
-
-
-
-
-
-
-
-// end logged-in content
-  }
-
-  //************************ CONTENT END ************************
-  // Load footer
-  require_once($yaptc_inc . "footer.inc.php");
-?>