diff --git a/README.md b/README.md index 08f8e8f..867dba8 100644 --- a/README.md +++ b/README.md @@ -1,23 +1,47 @@ -About -===== +# About -This project is PHP Timeclock v1.04 with the Punchclock v0.8 add-on already installed. +This project is PHP Timeclock with the Punchclock add-on already installed. +# This Fork -Timeclock - What Is It? -======================= +I replaced the phpweather in the left hand sidebar with the saratoga-weather display, which works, and just looks nicer. +See (http://saratoga-weather.org/metars.php) for examples, the original code can be downloaded from +(http://saratoga-weather.org/scripts-metar.php#metar). + +Added two variables in `config.inc.php` to support the improved weather display `$WxTimeZone` and `$WxList`. + +All calls to the various *mysql_* functions have been replaced with calls to *mysqli* functions +where they are compatible, or re-written where nessesary. + +The various problems with un-initialized variables have been fixed. + +All calls to ereg() have been replaced with calls to preg_match and +the regular expressions edited as needed. + +Function calls in the `lib.timeclock.php` which were passing functions as parameters were not quoting +the function names being passed, resulting in "Undefined constant" errors. All of those have been fixed. + +As of 25 January 2017, the system now works in PHP 5.6 and mysql 5.7. + + +# Timeclock - What Is It? (from http://timeclock.sf.net/ ...) -It is a simple yet effective web-based timeclock system. It allows you to track all employee time as well as upcoming vacations and more, and it can replace manual sign-in/sign-out sheets. +It is a simple yet effective web-based timeclock system. It allows you to track all employee time +as well as upcoming vacations and more, and it can replace manual sign-in/sign-out sheets. -An administration piece is included which allows an administrator to add or delete users, change a user's time or password (if using passwords is enabled), and hide the reports from your users where only an admin or a reports user has access to them. These reports can be run to show daily activitiy or for a range of dates, and can be run for all users, or individually for each user. +An administration piece is included which allows an administrator to add or delete users, change a +user's time or password (if using passwords is enabled), and hide the reports from your users where +only an admin or a reports user has access to them. These reports can be run to show daily activitiy +or for a range of dates, and can be run for all users, or individually for each user. -This product is distributed under the GPL. This program is free software; you can redistribute it and/or modify it under the terms of the GNU GeneralPublic License version 2, as published by the Free Software Foundation. +This product is distributed under the GPL. This program is free software; you can redistribute it and/or +modify it under the terms of the GNU GeneralPublic License version 2, as published by the +Free Software Foundation. -Punchclock - What Is It? -======================== +# Punchclock - What Is It? (from http://www.acmebase.org/punchclock/ ...) @@ -25,40 +49,34 @@ Punchclock is a drop-in enhancement to the Open Source PHP Timeclock software. Punchclock enhances PHP Timeclock with 5 extra features: - Computes overtime hours. - Keeps time cards for each employee. - Punchclock entry intended to replace your punchclock at the door. - Personal data entry screen for office personnel and mobile devices. - Flexible export to your spreadsheet or business software. + - Computes overtime hours. + - Keeps time cards for each employee. + - Punchclock entry intended to replace your punchclock at the door. + - Personal data entry screen for office personnel and mobile devices. + - Flexible export to your spreadsheet or business software. -PHP Timeclock -Version 1.04 -http://sourceforge.net/projects/timeclock -Copyright (C) 2006 Ken Papizan +## PHP Timeclock source credits +- Copyright (C) 2006 Ken Papizan -REQUIREMENTS: +### REQUIREMENTS: - - at least PHP 4.1.x, with mysql support + - at least PHP 5.3.x, with mysqli support - MySQL - Webserver -TESTED: - - - PHP 4.34, 5.1.2 with mysql support - - MySQL 3.23.49, 4.0.17, 5.0.18 - - Apache 1.3.22, 1.3.29, 2.2.0 - - Firefox 1.0 - 1.5.0.4, Firefox 1.0 Preview Release, IE 6.0 SP1, IE 6.0 SP2 for XP, IE 7.0 beta 2 +### TESTED: + - PHP 5.6.19 with mysqli support + - MySQL 5.7.22 + - Apache 2.4.18 + Any version of mysql or webserver software that supports php, whether it's an earlier version than what's tested or later, will probably work fine. - - ##Installation -New Install -___ +### New Install - Unpack the distribution into your webserver's document root directory. - Create a database named "timeclock" or whatever you wish to name it. @@ -82,20 +100,27 @@ ___ certain users can run them, then give these users reports level access. -Migration from another verison of 1.04 (ie: old official release) -___ +### Migration from another verison (ie: old official release) - Backup your current install directory and database. - Delete all files in your current install directory. - - Copy all files from a zip of this repo's master branch (https://github.com/andrew867/timeclock/archive/master.zip) into your install directory. - - Modify the new `config.inc.php` file to match your old settings, make sure you correctly set your timezone in php.ini (recommended) or `config.inc.php`. + - Copy all files from a zip of this repo's master branch + (https://github.com/boatright/timeclock/archive/master.zip) into your install directory. + - Modify the new `config.inc.php` file to match your old settings, make sure you correctly + set your timezone in php.ini (recommended) or `config.inc.php`. + - See the notes in config.inc.php about entering the new variables for weather display. +# FAQs ##Roles -Admin level access and reports level access are completely separate from each other. Just because a user has admin level access does not give that user reports level access. You must specifically give them reports level access when you are creating or editing the users, if you choose to secure these reports for these users. To make PHP Timeclock lock down the reports to only these users, set the use_reports_password setting in config.inc.php to "yes". + +Admin level access and reports level access are completely separate from each other. +Just because a user has admin level access does not give that user reports level access. +You must specifically give them reports level access when you are creating or editing the users, +if you choose to secure these reports for these users. To make PHP Timeclock lock down the +reports to only these users, set the use_reports_password setting in config.inc.php to "yes". ##License -________ This software and changes made are licensed under the GNU GENERAL PUBLIC LICENSE 2 as found in docs/LICENSE diff --git a/admin/chngpasswd.php b/admin/chngpasswd.php index 94097a2..4e8de83 100644 --- a/admin/chngpasswd.php +++ b/admin/chngpasswd.php @@ -102,11 +102,11 @@ $get_user = addslashes($get_user); $query = "select empfullname from " . $db_prefix . "employees where empfullname = '" . $get_user . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $username = stripslashes("" . $row['empfullname'] . ""); } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); if (!isset($username)) { echo "username is not defined for this user.\n"; exit; @@ -114,11 +114,11 @@ if (!empty($get_office)) { $query = "select * from " . $db_prefix . "offices where officename = '" . $get_office . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $getoffice = "" . $row['officename'] . ""; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); } if (!isset($getoffice)) { echo "Office is not defined for this user. Go back and associate this user with an office.\n"; @@ -158,11 +158,11 @@ if (!empty($get_office)) { $query = "select * from " . $db_prefix . "offices where officename = '" . $get_office . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $getoffice = "" . $row['officename'] . ""; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); } if (!isset($getoffice)) { echo "Office is not defined for this user. Go back and associate this user with an office.\n"; @@ -229,11 +229,11 @@ if (!empty($post_username)) { $query = "select * from " . $db_prefix . "employees where empfullname = '" . $post_username . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $username = "" . $row['empfullname'] . ""; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); if (!isset($username)) { echo "username is not defined for this user.\n"; exit; @@ -292,7 +292,7 @@ $post_username = addslashes($post_username); $query = "update " . $db_prefix . "employees set employee_passwd = ('" . $new_password . "') where empfullname = ('" . $post_username . "')"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); $post_username = stripslashes($post_username); diff --git a/admin/dbupgrade.php b/admin/dbupgrade.php index 7f051b7..7e208af 100644 --- a/admin/dbupgrade.php +++ b/admin/dbupgrade.php @@ -6,6 +6,73 @@ include 'topmain.php'; echo "$title - Upgrade Database\n"; +function msg_changed($msg) { + echo "Changed: $msg\n"; +} + +function msg_added($msg) { + echo "Added: $msg\n"; +} + +function msg_converted($msg) { + echo "Converted: $msg\n"; +} + +// Ensure that the corresponding table exists, creates it if missing. +// Note: need not create all columns since we will add any missing columns +// with ensure_field. +function ensure_table($table, $columns, $engine = "ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin") { + global $db_name; + global $db_prefix; + $rows = mysqli_num_rows(tc_query("SHOW TABLES LIKE '$db_prefix$table'")); + + if (empty($rows)) { + tc_query("CREATE TABLE $db_prefix$table ($columns) $engine"); + msg_added("$table table has been added to the $db_name database."); + return 1; + } + return 0; +} + +// Ensure field is present and has correct type. Does not check other +// attributes (NULL, default, ...) +function ensure_field($table, $field, $type, $extra) { + global $db_prefix; + $result = tc_query("SHOW FIELDS FROM $db_prefix$table LIKE '$field'"); + + while ($row = mysqli_fetch_array($result)) { + $current_type = "" . $row['Type'] . ""; + if (strtolower($type) !== strtolower($current_type)) { + tc_query("ALTER TABLE $db_prefix$table CHANGE `$field` `$field` $type $extra"); + msg_changed("$field field in $table table has been changed from type $current_type to type $type."); + return 1; + } + } + + if (empty($current_type)) { + tc_query("ALTER TABLE $db_prefix$table ADD `$field` $type $extra;"); + msg_added("$field field has been added to the $table table."); + return 1; + } + + return 0; +} + +// Ensure a simple non-primary/non-unique index is present on the named +// field. If a primary/unique index exists, we won't create another. +function ensure_index($table, $field) { + global $db_prefix; + $rows = mysqli_num_rows(tc_query("SHOW INDEX FROM $db_prefix$table WHERE column_name = ?", $field)); + + if (empty($rows)) { + tc_query("CREATE INDEX {$db_prefix}{$table}_{$field} ON {$db_prefix}{$table} (`{$field}`)"); + msg_added("INDEX has been added to the {$table}.{$field} column."); + return 1; + } + return 0; +} + + $self = $_SERVER['PHP_SELF']; $request = $_SERVER['REQUEST_METHOD']; @@ -22,11 +89,7 @@ exit; } -$count = "0"; -$tmp_count = "0"; -$emp_tstamp_count = "0"; -$info_timestamp_count = "0"; -$passed_or_not = "0"; +$changes_made = 0; $gmt_offset = date('Z'); echo "\n"; @@ -77,29 +140,26 @@ // determine the privileges of the PHP Timeclock user // -$result = mysql_query("show grants for current_user()"); -while ($row = mysql_fetch_array($result)) { +$count = "0"; +$result = tc_query("show grants for current_user()"); +while ($row = mysqli_fetch_array($result)) { $abc = stripslashes("" . $row["0"] . ""); if (((preg_match("/\bgrant\b/i", $abc)) && (preg_match("/\bselect\b/i", $abc)) && (preg_match("/\binsert\b/i", $abc)) && (preg_match("/\bupdate\b/i", $abc)) && (preg_match("/\bdelete\b/i", $abc)) && (preg_match("/\bcreate\b/i", $abc)) && - (preg_match("/\balter\b/i", $abc)) && (preg_match("/\bon `$db_name`\.\* to '$db_username'@'$db_hostname|%\b/i", $abc))) || - (preg_match("/\bgrant all privileges on `$db_name`\.\* to '$db_username'@'$db_hostname|%' \b/i", $abc)) || - (preg_match("/\bgrant all privileges on \*\.\* to '$db_username'@'$db_hostname|%' \b/i", $abc)) + (preg_match("/\balter\b/i", $abc)) && (preg_match("/\bon `\Q$db_name`.*\E to '\Q$db_username\E'@/i", $abc))) || + (preg_match("/\bgrant all privileges on \Q`$db_name`.*\E to '\Q$db_username\E'@'/i", $abc)) || + (preg_match("/\bgrant all privileges on \*\.\* to '\Q$db_username\E'@/i", $abc)) ) { $count++; } } + if (!empty($count)) { if ($request == 'GET') { - $query_admin = "select empfullname from " . $db_prefix . "employees where empfullname = 'admin'"; - $result_admin = mysql_query($query_admin); - - while ($row = mysql_fetch_array($result_admin)) { - $user_admin = "" . $row["empfullname"] . ""; - } + $user_admin = tc_select_value("empfullname", "employees", "empfullname = 'admin'"); echo " \n"; echo "
\n"; @@ -153,360 +213,160 @@ echo " \n"; - // track the database changes that have been made since version 0.9 // - - // employees table additions // - - $field = "employee_passwd"; - $result = mysql_query("SHOW fields from " . $db_prefix . "employees LIKE '" . $field . "'"); - @$rows = mysql_num_rows($result); - - if (empty($rows)) { - $passwd_query = mysql_query("ALTER TABLE " . $db_prefix . "employees ADD $field VARCHAR(25) NOT NULL;"); - echo " \n"; - $passed_or_not = "1"; - } - - $field = "displayname"; - $result = mysql_query("SHOW fields from " . $db_prefix . "employees LIKE '" . $field . "'"); - @$rows = mysql_num_rows($result); - - if (empty($rows)) { - $passwd_query = mysql_query("ALTER TABLE " . $db_prefix . "employees ADD $field VARCHAR(50) NOT NULL;"); - echo " \n"; - $passed_or_not = "1"; - } - - $field = "email"; - $result = mysql_query("SHOW fields from " . $db_prefix . "employees LIKE '" . $field . "'"); - @$rows = mysql_num_rows($result); + // TABLE: audit // + $changes_made += ensure_table("audit", "modified_when bigint(14)"); - if (empty($rows)) { - $passwd_query = mysql_query("ALTER TABLE " . $db_prefix . "employees ADD $field VARCHAR(75) NOT NULL;"); - echo " \n"; - $passed_or_not = "1"; - } + $changes_made += ensure_field("audit", "modified_when", "bigint(14)", ""); + $changes_made += ensure_field("audit", "modified_from", "bigint(14)", "NOT NULL"); + $changes_made += ensure_field("audit", "modified_to", "bigint(14)", "NOT NULL"); + $changes_made += ensure_field("audit", "modified_by_ip", "varchar(39)", "COLLATE utf8_bin NOT NULL DEFAULT ''"); + $changes_made += ensure_field("audit", "modified_by_user", "varchar(50)", "COLLATE utf8_bin NOT NULL DEFAULT ''"); + $changes_made += ensure_field("audit", "modified_why", "varchar(250)", "COLLATE utf8_bin NOT NULL DEFAULT ''"); + $changes_made += ensure_field("audit", "user_modified", "varchar(50)", "COLLATE utf8_bin NOT NULL DEFAULT ''"); - $field = "groups"; - $result = mysql_query("SHOW fields from " . $db_prefix . "employees LIKE '" . $field . "'"); - @$rows = mysql_num_rows($result); + $changes_made += ensure_index("audit", "modified_when"); - if (empty($rows)) { - $passwd_query = mysql_query("ALTER TABLE " . $db_prefix . "employees ADD $field VARCHAR(50) NOT NULL;"); - echo " \n"; - $passed_or_not = "1"; - } + // TABLE: employees // + $changes_made += ensure_table("employees", "empfullname varchar(50) PRIMARY KEY COLLATE utf8_bin"); - $field = "office"; - $result = mysql_query("SHOW fields from " . $db_prefix . "employees LIKE '" . $field . "'"); - @$rows = mysql_num_rows($result); - - if (empty($rows)) { - $passwd_query = mysql_query("ALTER TABLE " . $db_prefix . "employees ADD $field VARCHAR(50) NOT NULL;"); - echo " \n"; - $passed_or_not = "1"; - } - - $field = "admin"; - $result = mysql_query("SHOW fields from " . $db_prefix . "employees LIKE '" . $field . "'"); - @$rows = mysql_num_rows($result); - - if (empty($rows)) { - $passwd_query = mysql_query("ALTER TABLE " . $db_prefix . "employees ADD $field TINYINT(1) NOT NULL default '0';"); - echo " \n"; - $passed_or_not = "1"; - } - - $field = "reports"; - $result = mysql_query("SHOW fields from " . $db_prefix . "employees LIKE '" . $field . "'"); - @$rows = mysql_num_rows($result); - - if (empty($rows)) { - $passwd_query = mysql_query("ALTER TABLE " . $db_prefix . "employees ADD $field TINYINT(1) NOT NULL default '0';"); - echo " \n"; - $passed_or_not = "1"; - } - - $field = "time_admin"; - $result = mysql_query("SHOW fields from " . $db_prefix . "employees LIKE '" . $field . "'"); - @$rows = mysql_num_rows($result); - - if (empty($rows)) { - $passwd_query = mysql_query("ALTER TABLE " . $db_prefix . "employees ADD $field TINYINT(1) NOT NULL default '0';"); - echo " \n"; - $passed_or_not = "1"; - } - - $field = "disabled"; - $result = mysql_query("SHOW fields from " . $db_prefix . "employees LIKE '" . $field . "'"); - @$rows = mysql_num_rows($result); - - if (empty($rows)) { - $passwd_query = mysql_query("ALTER TABLE " . $db_prefix . "employees ADD $field TINYINT(1) NOT NULL default '0';"); - echo " \n"; - $passed_or_not = "1"; - } - - // employees table changes // - - $result = mysql_query("SHOW FIELDS FROM " . $db_prefix . "employees"); - while ($row = mysql_fetch_array($result)) { + $result = tc_query("SHOW FIELDS FROM {$db_prefix}employees"); + while ($row = mysqli_fetch_array($result)) { $name = "" . $row["Field"] . ""; - $type = "" . $row["Type"] . ""; - $tmp_type = strtoupper($type); - - if (($name == 'empfullname') && ($type != 'varchar(50)')) { - $alter_result = mysql_query("ALTER TABLE " . $db_prefix . "employees CHANGE empfullname empfullname VARCHAR(50) NOT NULL"); - echo " \n"; - $passed_or_not = "1"; - } + $type = strtolower("" . $row["Type"] . ""); + + // This one needs some data conversion: if (($name == 'tstamp') && ($type != 'bigint(14)')) { - $alter_result = mysql_query("ALTER TABLE " . $db_prefix . "employees CHANGE tstamp tstamp BIGINT(14) DEFAULT NULL"); - echo " \n"; - $emp_tstamp_count++; - $passed_or_not = "1"; + tc_query("ALTER TABLE {$db_prefix}employees CHANGE tstamp tstamp BIGINT(14) DEFAULT NULL"); + msg_changed("$name field in employees table has been changed from type $type to type BIGINT(14)."); + $changes_made += 1; + + tc_query("UPDATE {$db_prefix}employees SET tstamp = (unix_timestamp(tstamp) - '$gmt_offset')"); + $num_rows = mysqli_affected_rows($GLOBALS["___mysqli_ston"]); + if (!empty($num_rows)) { + msg_converted("$num_rows rows in the employees table were converted from a mysql timestamp to a unix timestamp."); + } } } - mysql_free_result($result); - // info table additions // + $changes_made += ensure_field("employees", "empfullname", "varchar(50)", "PRIMARY KEY COLLATE utf8_bin"); + $changes_made += ensure_field("employees", "tstamp", "bigint(14)", "DEFAULT NULL"); + $changes_made += ensure_field("employees", "employee_passwd", "varchar(25)", "COLLATE utf8_bin NOT NULL DEFAULT ''"); + $changes_made += ensure_field("employees", "displayname", "varchar(50)", "COLLATE utf8_bin NOT NULL DEFAULT ''"); + $changes_made += ensure_field("employees", "email", "varchar(75)", "COLLATE utf8_bin NOT NULL DEFAULT ''"); + $changes_made += ensure_field("employees", "barcode", "varchar(75)", "COLLATE utf8_bin UNIQUE"); + $changes_made += ensure_field("employees", "groups", "varchar(50)", "COLLATE utf8_bin NOT NULL DEFAULT ''"); + $changes_made += ensure_field("employees", "office", "varchar(50)", "COLLATE utf8_bin NOT NULL DEFAULT ''"); + $changes_made += ensure_field("employees", "admin", "tinyint(1)", "NOT NULL DEFAULT '0'"); + $changes_made += ensure_field("employees", "reports", "tinyint(1)", "NOT NULL DEFAULT '0'"); + $changes_made += ensure_field("employees", "time_admin", "tinyint(1)", "NOT NULL DEFAULT '0'"); + $changes_made += ensure_field("employees", "disabled", "tinyint(1)", "NOT NULL DEFAULT '0'"); - $field = "ipaddress"; - $result = mysql_query("SHOW fields from " . $db_prefix . "info LIKE '" . $field . "'"); - @$rows = mysql_num_rows($result); - if (empty($rows)) { - $passwd_query = mysql_query("ALTER TABLE " . $db_prefix . "info ADD $field VARCHAR(39) NOT NULL;"); - echo " \n"; - $passed_or_not = "1"; - } + // TABLE: groups // + $changes_made += ensure_table("groups", "groupid int(10) AUTO_INCREMENT PRIMARY KEY"); - // info table changes // + $changes_made += ensure_field("groups", "groupid", "int(10)", "AUTO_INCREMENT PRIMARY KEY"); + $changes_made += ensure_field("groups", "groupname", "varchar(50)", "COLLATE utf8_bin NOT NULL DEFAULT ''"); + $changes_made += ensure_field("groups", "officeid", "int(10)", "NOT NULL DEFAULT '0'"); - $result = mysql_query("SHOW FIELDS FROM " . $db_prefix . "info"); - while ($row = mysql_fetch_array($result)) { - $name = "" . $row["Field"] . ""; - $type = "" . $row["Type"] . ""; - $tmp_type = strtoupper($type); - - if (($name == 'inout') && ($type != 'varchar(50)')) { - $alter_result = mysql_query("ALTER TABLE " . $db_prefix . "info CHANGE `inout` `inout` VARCHAR(50) NOT NULL"); - echo " \n"; - $passed_or_not = "1"; - } - if (($name == 'timestamp') && ($type != 'bigint(14)')) { - $alter_result = mysql_query("ALTER TABLE " . $db_prefix . "info CHANGE timestamp timestamp BIGINT(14) DEFAULT NULL"); - echo " \n"; - $info_timestamp_count++; - $passed_or_not = "1"; - } - } - mysql_free_result($result); - - // punchlist table additions // - - $field = "in_or_out"; - $result = mysql_query("SHOW fields from " . $db_prefix . "punchlist LIKE '" . $field . "'"); - $rows = mysql_num_rows($result); - - if (empty($rows)) { - $passwd_query = mysql_query("ALTER TABLE " . $db_prefix . "punchlist ADD $field TINYINT(1) NOT NULL default '0';"); - echo " \n"; - $passed_or_not = "1"; - } - // punchlist table changes // + // TABLE: info // + $changes_made += ensure_table("info", "fullname varchar(50) COLLATE utf8_bin NOT NULL DEFAULT ''"); - $result = mysql_query("SHOW FIELDS FROM " . $db_prefix . "punchlist"); - while ($row = mysql_fetch_array($result)) { + $result = tc_query("SHOW FIELDS FROM {$db_prefix}info"); + while ($row = mysqli_fetch_array($result)) { $name = "" . $row["Field"] . ""; - $type = "" . $row["Type"] . ""; - $tmp_type = strtoupper($type); - - if (($name == 'punchitems') && ($type != 'varchar(50)')) { - $alter_result = mysql_query("ALTER TABLE " . $db_prefix . "punchlist CHANGE punchitems punchitems VARCHAR(50) NOT NULL"); - echo " \n"; - $passed_or_not = "1"; - } - } - mysql_free_result($result); - - // add metars table // - - $table = "metars"; - $result = mysql_query("SHOW TABLES LIKE '" . $db_prefix . $table . "'"); - $rows = mysql_num_rows($result); - - if (empty($rows)) { - $metars_query = mysql_query("CREATE TABLE " . $db_prefix . "metars (metar varchar(255) NOT NULL default '', - timestamp timestamp(14) NOT NULL, station varchar(4) NOT NULL default '', - PRIMARY KEY (station), UNIQUE KEY station (station)) TYPE=MyISAM;"); - echo " \n"; - $passed_or_not = "1"; - } - - // add dbversion table // - - $table = "dbversion"; - $result = mysql_query("SHOW TABLES LIKE '" . $db_prefix . $table . "'"); - $rows = mysql_num_rows($result); - - if (empty($rows)) { - $dbversion_query = mysql_query("CREATE TABLE " . $db_prefix . "dbversion (dbversion decimal(5,1) NOT NULL default '0.0', - PRIMARY KEY (dbversion)) TYPE=MyISAM;"); - echo " \n"; - $passed_or_not = "1"; - } - - // dbversion table changes // + $type = strtolower("" . $row["Type"] . ""); - $table = "dbversion"; - $result = mysql_query("SHOW TABLES LIKE '" . $db_prefix . $table . "'"); - $rows = mysql_num_rows($result); - - if (!empty($rows)) { - $dbversion_result = mysql_query("select * from " . $db_prefix . "dbversion"); - while ($row = mysql_fetch_array($dbversion_result)) { - $tmp_dbversion = "" . $row["dbversion"] . ""; - } - if (!isset($tmp_dbversion)) { - $compare_result = mysql_query("INSERT INTO " . $db_prefix . "dbversion (dbversion) VALUES ('" . $dbversion . "');"); - echo " \n"; - $passed_or_not = "1"; - } elseif (@$tmp_dbversion != $dbversion) { - $update_query = "update dbversion set " . $db_prefix . "dbversion = '" . $dbversion . "'"; - $update_result = mysql_query($update_query); - echo " \n"; - $passed_or_not = "1"; + // This one needs some data conversion: + if (($name == 'timestamp') && ($type != 'bigint(14)')) { + tc_query("ALTER TABLE {$db_prefix}info CHANGE timestamp timestamp BIGINT(14) DEFAULT NULL"); + msg_changed("$name field in info table has been changed from type $type to type BIGINT(14)."); + $changes_made += 1; + + tc_query("UPDATE {$db_prefix}info SET timestamp = (unix_timestamp(tstamp) - '$gmt_offset')"); + $num_rows = mysqli_affected_rows($GLOBALS["___mysqli_ston"]); + if (!empty($num_rows)) { + msg_converted("$num_rows rows in the info table were converted from a mysql timestamp to a unix timestamp."); + } } } - // add offices table // + $changes_made += ensure_field("info", "fullname", "varchar(50)", "COLLATE utf8_bin NOT NULL DEFAULT ''"); + $changes_made += ensure_field("info", "inout", "varchar(50)", "COLLATE utf8_bin NOT NULL DEFAULT ''"); + $changes_made += ensure_field("info", "timestamp", "bigint(14)", "DEFAULT NULL"); + $changes_made += ensure_field("info", "notes", "varchar(250)", "COLLATE utf8_bin DEFAULT NULL"); + $changes_made += ensure_field("info", "ipaddress", "varchar(39)", "COLLATE utf8_bin NOT NULL DEFAULT ''"); - $table = "offices"; - $result = mysql_query("SHOW TABLES LIKE '" . $db_prefix . $table . "'"); - $rows = mysql_num_rows($result); + $changes_made += ensure_index("info", "fullname"); + $changes_made += ensure_index("info", "timestamp"); - if (empty($rows)) { - $metars_query = mysql_query("CREATE TABLE " . $db_prefix . "offices (officename varchar(50) NOT NULL default '', - officeid int(10) NOT NULL auto_increment, - PRIMARY KEY (officeid), UNIQUE KEY officeid (officeid)) TYPE=MyISAM;"); - echo " \n"; - $passed_or_not = "1"; - } - // add groups table // + // TABLE: metars // + $changes_made += ensure_table("metars", "station varchar(4) PRIMARY KEY COLLATE utf8_bin"); - $table = "groups"; - $result = mysql_query("SHOW TABLES LIKE '" . $db_prefix . $table . "'"); - $rows = mysql_num_rows($result); + $changes_made += ensure_field("metars", "station", "varchar(4)", "PRIMARY KEY COLLATE utf8_bin"); + $changes_made += ensure_field("metars", "metar", "varchar(255)", "COLLATE utf8_bin NOT NULL DEFAULT ''"); + $changes_made += ensure_field("metars", "timestamp", "timestamp", "NOT NULL"); - if (empty($rows)) { - $metars_query = mysql_query("CREATE TABLE " . $db_prefix . "groups (groupname varchar(50) NOT NULL default '', - groupid int(10) NOT NULL auto_increment, - officeid int(10) NOT NULL default '0', - PRIMARY KEY (groupid), UNIQUE KEY groupid (groupid)) TYPE=MyISAM;"); - echo " \n"; - $passed_or_not = "1"; - } - // add audit table // - - $table = "audit"; - $result = mysql_query("SHOW TABLES LIKE '" . $db_prefix . $table . "'"); - $rows = mysql_num_rows($result); - - if (empty($rows)) { - $audit_query = mysql_query("CREATE TABLE " . $db_prefix . "audit (modified_by_ip varchar(39) NOT NULL default '', - modified_by_user varchar(50) NOT NULL default '', - modified_when bigint(14) NOT NULL, modified_from bigint(14) NOT NULL, - modified_to bigint(14) NOT NULL, modified_why varchar(250) NOT NULL default '', - user_modified varchar(50) NOT NULL, - PRIMARY KEY (modified_when), UNIQUE KEY modified_when (modified_when)) TYPE=MyISAM;"); - echo " \n"; - $passed_or_not = "1"; - } + // TABLE: offices // + $changes_made += ensure_table("offices", "officeid int(10) AUTO_INCREMENT PRIMARY KEY"); - if (isset($recreate_admin)) { + $changes_made += ensure_field("offices", "officeid", "int(10)", "AUTO_INCREMENT PRIMARY KEY"); + $changes_made += ensure_field("offices", "officename", "varchar(50)", "COLLATE utf8_bin NOT NULL DEFAULT ''"); - if ($recreate_admin == '1') { - // add admin user // + // TABLE: punchlist // + $changes_made += ensure_table("punchlist", "punchitems varchar(50) PRIMARY KEY COLLATE utf8_bin"); - $admin = "admin"; + $changes_made += ensure_field("punchlist", "punchitems", "varchar(50)", "PRIMARY KEY COLLATE utf8_bin"); + $changes_made += ensure_field("punchlist", "punchnext", "varchar(50)", "varchar(50) COLLATE utf8_bin NOT NULL DEFAULT ''"); + $changes_made += ensure_field("punchlist", "color", "varchar(7)", "COLLATE utf8_bin NOT NULL DEFAULT ''"); + $changes_made += ensure_field("punchlist", "in_or_out", "tinyint(1)", "DEFAULT NULL"); - $query_admin = "select empfullname from " . $db_prefix . "employees where empfullname = '" . $admin . "'"; - $result_admin = mysql_query($query_admin); - while ($row_admin = mysql_fetch_array($result_admin)) { - $admin_user = stripslashes("" . $row_admin['empfullname'] . ""); - } + // TABLE: dbversion // + $changes_made += ensure_table("dbversion", "dbversion decimal(5,1) NOT NULL DEFAULT '0.0'"); - if (!isset($admin_user)) { - $add_admin_query = mysql_query("INSERT INTO " . $db_prefix . "employees - VALUES ('admin', NULL, 'xy.RY2HT1QTc2', 'administrator', '', '', '', 1, 1, 1, '');"); + $changes_made += ensure_field("dbversion", "dbversion", "decimal(5,1)", "NOT NULL DEFAULT '0.0'"); - echo " \n"; - $passed_or_not = "1"; - } - } + $current_dbversion = tc_select_value("dbversion", "dbversion"); + if (empty($current_dbversion)) { + tc_insert_strings("dbversion", array("dbversion" => $dbversion)); + $changes_made += 1; + msg_changed("the database is now at version $dbversion."); } - - // convert mysql timestamps to unix timestamps // - - if (!empty($emp_tstamp_count)) { - $emp_tstamp_result = mysql_query("update " . $db_prefix . "employees set tstamp = (unix_timestamp(tstamp) - '" . $gmt_offset . "')"); - $employee_rows = mysql_affected_rows(); - - if (!empty($employee_rows)) { - echo " \n"; - } + elseif ($current_dbversion != $dbversion) { + tc_update_strings("dbversion", array("dbversion" => $dbversion)); + msg_changed("the database has been upgraded from version $current_dbversion to version $dbversion."); + $changes_made += 1; } - unset($emp_tstamp_count); - if (!empty($info_timestamp_count)) { - $info_timestamp_result = mysql_query("update " . $db_prefix . "info set timestamp = (unix_timestamp(timestamp) - '" . $gmt_offset . "')"); - $info_rows = mysql_affected_rows(); - - if (!empty($info_rows)) { - echo " \n"; + // Recreate admin // + if (isset($recreate_admin) and $recreate_admin == '1') { + $admin = "admin"; + $admin_user = tc_select_value("empfullname", "employees", "empfullname = ?", $admin); + + if (!isset($admin_user)) { + tc_insert_strings("employees", array( + "empfullname" => $admin, + "employee_passwd" => 'xy.RY2HT1QTc2', + "displayname" => 'administrator', + "admin" => 1, + "reports" => 1, + "time_admin" => 1, + )); + msg_added("$admin user has been added to the $db_name database."); + $changes_made += 1; } } - unset($info_timestamp_count); - if (empty($passed_or_not)) { - echo " \n"; + + if (empty($changes_made)) { + echo "\n"; } else { - echo " \n"; + echo "\n"; } echo "
Added$field field has been added to the employees table.
Added$field field has been added to the employees table.
Added$field field has been added to the employees table.
Added$field field has been added to the employees table.
Added$field field has been added to the employees table.
Added$field field has been added to the employees table.
Added$field field has been added to the employees table.
Added$field field has been added to the employees table.
Added$field field has been added to the employees table.
Changed$name field in employees table has been changed from type $tmp_type to type VARCHAR(50).
Changed$name field in employees table has been changed from type $tmp_type to type BIGINT(14).
Added$field field has been added to the employees table.
Changed$name field in info table has been changed from type $tmp_type to type VARCHAR(50).
Changed$name field in info table has been changed from type $tmp_type to type BIGINT(14).
Added$field field has been added to the punchlist table.
Changed$name field in punchlist table has been changed from type $tmp_type to type VARCHAR(50).
Added$table table has been added to the $db_name database.
Added$table table has been added to the $db_name database.
Changed: the version of the database is $dbversion.
Changed: the version of the database has been changed from $tmp_dbversion to $dbversion.
Added$table table has been added to the $db_name database.
Added$table table has been added to the $db_name database.
Added$table table has been added to the $db_name database.
Added$admin user has been added to the $db_name database.
Converted$employee_rows rows in the employees table were converted from a mysql timestamp to a unix - timestamp.
Converted:$info_rows rows in the info table were converted from a mysql timestamp to a unix timestamp.
No changes were made to the - database.
No changes were made to the database.
Your database is now up to date. -
Your database is now up to date.
\n"; echo " \n"; diff --git a/admin/groupadmin.php b/admin/groupadmin.php index 35f5cc1..8bd2e74 100644 --- a/admin/groupadmin.php +++ b/admin/groupadmin.php @@ -82,13 +82,13 @@ $query = "select * from " . $db_prefix . "groups, " . $db_prefix . "offices where " . $db_prefix . "groups.officeid = " . $db_prefix . "offices.officeid order by " . $db_prefix . "offices.officename, " . $db_prefix . "groups.groupname"; -$result = mysql_query($query); +$result = mysqli_query($GLOBALS["___mysqli_ston"], $query); -while ($row = mysql_fetch_array($result)) { +while ($row = mysqli_fetch_array($result)) { $query2 = "select groups from " . $db_prefix . "employees where groups = '" . $row['groupname'] . "' and office = '" . $row['officename'] . "'"; - $result2 = mysql_query($query2); - @$user_cnt = mysql_num_rows($result2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); + @$user_cnt = mysqli_num_rows($result2); $parent_office = "" . $row['officename'] . ""; diff --git a/admin/groupcreate.php b/admin/groupcreate.php index 4596ef6..d73a966 100644 --- a/admin/groupcreate.php +++ b/admin/groupcreate.php @@ -85,18 +85,18 @@ // query to populate dropdown with parent offices // $query = "select * from " . $db_prefix . "offices order by officename asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); echo " Parent Office:  *\n"; - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); echo " * required \n"; echo " \n"; @@ -166,12 +166,12 @@ if (!empty($select_office_name)) { $query = "select * from " . $db_prefix . "offices where officename = '" . $select_office_name . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $getoffice = "" . $row['officename'] . ""; $officeid = "" . $row['officeid'] . ""; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); } if ((!isset($getoffice)) && ($select_office_name != '1')) { echo "Office is not defined for this user. Go back and associate this user with an office.\n"; @@ -181,9 +181,9 @@ // check for duplicate groupnames with matching officeids // $query = "select * from " . $db_prefix . "groups where groupname = '" . $post_groupname . "' and officeid = '" . @$officeid . "'"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $tmp_groupname = "" . $row['groupname'] . ""; } @@ -255,14 +255,14 @@ // query to populate dropdown with parent offices // $query = "select * from " . $db_prefix . "offices order by officename asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); echo " Parent Office:  *\n"; - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); echo " * required \n"; echo " \n"; @@ -285,7 +285,7 @@ } else { $query = "insert into " . $db_prefix . "groups (groupname, officeid) values ('" . $post_groupname . "', '" . $officeid . "')"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); echo " \n"; echo "
diff --git a/admin/groupdelete.php b/admin/groupdelete.php index d0fcdd8..e6069d8 100644 --- a/admin/groupdelete.php +++ b/admin/groupdelete.php @@ -96,9 +96,9 @@ echo "
\n"; $query = "select * from " . $db_prefix . "groups, " . $db_prefix . "offices where officename = '" . $get_office . "' and groupname = '" . $get_group . "'"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $officename = "" . $row['officename'] . ""; $officeid = "" . $row['officeid'] . ""; @@ -116,8 +116,8 @@ } $query2 = "select * from " . $db_prefix . "employees where office = '" . $get_office . "' and groups = '" . $get_group . "'"; - $result2 = mysql_query($query2); - @$user_cnt = mysql_num_rows($result2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); + @$user_cnt = mysqli_num_rows($result2); if ($user_cnt > 0) { echo " \n"; @@ -194,12 +194,12 @@ if ((!empty($post_officename)) || (!empty($post_officeid)) || ($office_name != 'no_office_users')) { $query = "select * from " . $db_prefix . "offices where officename = '" . $post_officename . "' and officeid = '" . $post_officeid . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $officename = "" . $row['officename'] . ""; $officeid = "" . $row['officeid'] . ""; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); } if ((!isset($officename)) || (!isset($officeid))) { echo "Office name is not defined for this group.\n"; @@ -208,12 +208,12 @@ if ((!empty($post_groupname)) || (!empty($post_groupid)) || ($group_name != 'no_group_users')) { $query = "select * from " . $db_prefix . "groups where groupname = '" . $post_groupname . "' and groupid = '" . $post_groupid . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $groupname = "" . $row['groupname'] . ""; $groupid = "" . $row['groupid'] . ""; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); } if ((!isset($groupname)) || (!isset($groupid))) { echo "Group name is not defined for this group.\n"; @@ -222,12 +222,12 @@ if (!empty($office_name)) { $query = "select * from " . $db_prefix . "offices where officename = '" . $office_name . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $tmp_officename = "" . $row['officename'] . ""; $tmp_officeid = "" . $row['officeid'] . ""; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); if ((!isset($tmp_officename)) || (!isset($tmp_officeid))) { echo "Office name is not defined for this group.\n"; exit; @@ -236,12 +236,12 @@ if (!empty($group_name)) { $query = "select * from " . $db_prefix . "groups where groupname = '" . $group_name . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $tmp_groupname = "" . $row['groupname'] . ""; $tmp_groupid = "" . $row['groupid'] . ""; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); if ((!isset($tmp_groupname)) || (!isset($tmp_groupid))) { echo "Group name is not defined for this group.\n"; exit; @@ -262,8 +262,8 @@ } $query = "select * from " . $db_prefix . "employees where office = '" . $post_officename . "' and groups = '" . $post_groupname . "'"; - $result = mysql_query($query); - @$tmp_user_cnt = mysql_num_rows($result); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + @$tmp_user_cnt = mysqli_num_rows($result); if ($user_cnt != $tmp_user_cnt) { echo "Posted user count does not equal actual user count for this group.\n"; @@ -412,11 +412,11 @@ if ($user_cnt > '0') { $query4 = "update " . $db_prefix . "employees set office = ('" . $office_name . "'), groups = ('" . $group_name . "') where office = ('" . $post_officename . "') and groups = ('" . $post_groupname . "')"; - $result4 = mysql_query($query4); + $result4 = mysqli_query($GLOBALS["___mysqli_ston"], $query4); } $query5 = "delete from " . $db_prefix . "groups where groupid = '" . $post_groupid . "'"; - $result5 = mysql_query($query5); + $result5 = mysqli_query($GLOBALS["___mysqli_ston"], $query5); echo " \n"; diff --git a/admin/groupedit.php b/admin/groupedit.php index 6bf54b0..790cdd2 100644 --- a/admin/groupedit.php +++ b/admin/groupedit.php @@ -95,9 +95,9 @@ echo "
\n"; $query = "select * from " . $db_prefix . "groups, " . $db_prefix . "offices where officename = '" . $get_office . "' and groupname = '" . $get_group . "'"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $officename = "" . $row['officename'] . ""; $officeid = "" . $row['officeid'] . ""; @@ -115,8 +115,8 @@ } $query2 = "select * from " . $db_prefix . "employees where office = '" . $get_office . "' and groups = '" . $get_group . "'"; - $result2 = mysql_query($query2); - @$user_cnt = mysql_num_rows($result2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); + @$user_cnt = mysqli_num_rows($result2); echo " \n"; echo "
Group Name:$post_groupname
\n"; @@ -134,12 +134,12 @@ $query3 = "select * from " . $db_prefix . "offices order by officename asc"; - $result3 = mysql_query($query3); + $result3 = mysqli_query($GLOBALS["___mysqli_ston"], $query3); echo "
New Parent Office:
\n"; - $user_count = mysql_query("select empfullname from " . $db_prefix . "employees where groups = ('" . $get_group . "') and office = ('" . $get_office . "') + $user_count = mysqli_query($GLOBALS["___mysqli_ston"], "select empfullname from " . $db_prefix . "employees where groups = ('" . $get_group . "') and office = ('" . $get_office . "') order by empfullname"); - @$user_count_rows = mysql_num_rows($user_count); + @$user_count_rows = mysqli_num_rows($user_count); - $admin_count = mysql_query("select empfullname from " . $db_prefix . "employees where admin = '1' and groups = ('" . $get_group . "') + $admin_count = mysqli_query($GLOBALS["___mysqli_ston"], "select empfullname from " . $db_prefix . "employees where admin = '1' and groups = ('" . $get_group . "') and office = ('" . $get_office . "')"); - @$admin_count_rows = mysql_num_rows($admin_count); + @$admin_count_rows = mysqli_num_rows($admin_count); - $time_admin_count = mysql_query("select empfullname from " . $db_prefix . "employees where time_admin = '1' and groups = ('" . $get_group . "') + $time_admin_count = mysqli_query($GLOBALS["___mysqli_ston"], "select empfullname from " . $db_prefix . "employees where time_admin = '1' and groups = ('" . $get_group . "') and office = ('" . $get_office . "')"); - @$time_admin_count_rows = mysql_num_rows($time_admin_count); + @$time_admin_count_rows = mysqli_num_rows($time_admin_count); - $reports_count = mysql_query("select empfullname from " . $db_prefix . "employees where reports = '1' and groups = ('" . $get_group . "') + $reports_count = mysqli_query($GLOBALS["___mysqli_ston"], "select empfullname from " . $db_prefix . "employees where reports = '1' and groups = ('" . $get_group . "') and office = ('" . $get_office . "')"); - @$reports_count_rows = mysql_num_rows($reports_count); + @$reports_count_rows = mysqli_num_rows($reports_count); if ($user_count_rows > '0') { @@ -207,9 +207,9 @@ $query = "select empfullname, displayname, email, groups, office, admin, reports, time_admin, disabled from " . $db_prefix . "employees where groups = ('" . $get_group . "') and office = ('" . $get_office . "') order by empfullname"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $empfullname = stripslashes("" . $row['empfullname'] . ""); $displayname = stripslashes("" . $row['displayname'] . ""); @@ -300,11 +300,11 @@ if (!empty($get_office)) { $query = "select * from " . $db_prefix . "offices where officename = '" . $get_office . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $getoffice = "" . $row['officename'] . ""; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); } if (!isset($getoffice)) { echo "Office is not defined for this user. Go back and associate this user with an office.\n"; @@ -313,11 +313,11 @@ if (!empty($get_group)) { $query = "select * from " . $db_prefix . "groups where groupname = '" . $get_group . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $getgroup = "" . $row['groupname'] . ""; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); } if (!isset($getgroup)) { echo "Group is not defined for this user. Go back and associate this user with a group.\n"; @@ -326,12 +326,12 @@ if (!empty($post_officename)) { $query = "select * from " . $db_prefix . "offices where officename = '" . $post_officename . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $officename = "" . $row['officename'] . ""; $tmp_officeid = "" . $row['officeid'] . ""; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); } if (!isset($officename)) { echo "Office name is not defined for this group.\n"; @@ -340,12 +340,12 @@ if (!empty($post_officeid)) { $query = "select * from " . $db_prefix . "offices where officeid = '" . $post_officeid . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $post_officeid = "" . $row['officeid'] . ""; $post_officeid = $tmp_officeid; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); if (!isset($post_officeid)) { echo "Office id is not defined for this group.\n"; exit; @@ -356,11 +356,11 @@ if (!empty($orig_officeid)) { $query = "select * from " . $db_prefix . "offices where officeid = '" . $orig_officeid . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $origofficeid = "" . $row['officeid'] . ""; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); } if (!isset($origofficeid)) { echo "Office name is not defined for this group.\n"; @@ -369,11 +369,11 @@ if (!empty($post_groupid)) { $query = "select * from " . $db_prefix . "groups where groupid = '" . $post_groupid . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $groupid = "" . $row['groupid'] . ""; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); } if (!isset($groupid)) { echo "Group id is not defined for this group.\n"; @@ -381,8 +381,8 @@ } $query = "select * from " . $db_prefix . "employees where office = '" . $get_office . "' and groups = '" . $get_group . "'"; - $result = mysql_query($query); - @$tmp_user_cnt = mysql_num_rows($result); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + @$tmp_user_cnt = mysqli_num_rows($result); if ($user_cnt != $tmp_user_cnt) { echo "Posted user count does not equal actual user count for this group.\n"; @@ -397,9 +397,9 @@ if (empty($string)) { $query = "select * from " . $db_prefix . "groups where groupname = '" . $post_groupname . "' and officeid = '" . $post_officeid . "'"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $dupe = '1'; } } @@ -519,12 +519,12 @@ $query3 = "select * from " . $db_prefix . "offices order by officename asc"; - $result3 = mysql_query($query3); + $result3 = mysqli_query($GLOBALS["___mysqli_ston"], $query3); echo "
New Parent Office:
\n"; - $user_count = mysql_query("select empfullname from " . $db_prefix . "employees where groups = ('" . $get_group . "') and office = ('" . $get_office . "') + $user_count = mysqli_query($GLOBALS["___mysqli_ston"], "select empfullname from " . $db_prefix . "employees where groups = ('" . $get_group . "') and office = ('" . $get_office . "') order by empfullname"); - @$user_count_rows = mysql_num_rows($user_count); + @$user_count_rows = mysqli_num_rows($user_count); - $admin_count = mysql_query("select empfullname from " . $db_prefix . "employees where admin = '1' and groups = ('" . $get_group . "') + $admin_count = mysqli_query($GLOBALS["___mysqli_ston"], "select empfullname from " . $db_prefix . "employees where admin = '1' and groups = ('" . $get_group . "') and office = ('" . $get_office . "')"); - @$admin_count_rows = mysql_num_rows($admin_count); + @$admin_count_rows = mysqli_num_rows($admin_count); - $time_admin_count = mysql_query("select empfullname from " . $db_prefix . "employees where time_admin = '1' and groups = ('" . $get_group . "') + $time_admin_count = mysqli_query($GLOBALS["___mysqli_ston"], "select empfullname from " . $db_prefix . "employees where time_admin = '1' and groups = ('" . $get_group . "') and office = ('" . $get_office . "')"); - @$time_admin_count_rows = mysql_num_rows($time_admin_count); + @$time_admin_count_rows = mysqli_num_rows($time_admin_count); - $reports_count = mysql_query("select empfullname from " . $db_prefix . "employees where reports = '1' and groups = ('" . $get_group . "') + $reports_count = mysqli_query($GLOBALS["___mysqli_ston"], "select empfullname from " . $db_prefix . "employees where reports = '1' and groups = ('" . $get_group . "') and office = ('" . $get_office . "')"); - @$reports_count_rows = mysql_num_rows($reports_count); + @$reports_count_rows = mysqli_num_rows($reports_count); if ($user_count_rows > '0') { @@ -595,9 +595,9 @@ class=table_rows style='padding-left:20px;'>\n"; echo " \n"; @@ -705,21 +705,21 @@ class=table_rows style='padding-left:20px;'>\n"; - $user_count = mysql_query("select empfullname from " . $db_prefix . "employees where groups = ('" . $post_groupname . "') and office = ('" . $post_officename . "') + $user_count = mysqli_query($GLOBALS["___mysqli_ston"], "select empfullname from " . $db_prefix . "employees where groups = ('" . $post_groupname . "') and office = ('" . $post_officename . "') order by empfullname"); - @$user_count_rows = mysql_num_rows($user_count); + @$user_count_rows = mysqli_num_rows($user_count); - $admin_count = mysql_query("select empfullname from " . $db_prefix . "employees where admin = '1' and groups = ('" . $post_groupname . "') and + $admin_count = mysqli_query($GLOBALS["___mysqli_ston"], "select empfullname from " . $db_prefix . "employees where admin = '1' and groups = ('" . $post_groupname . "') and office = ('" . $post_officename . "')"); - @$admin_count_rows = mysql_num_rows($admin_count); + @$admin_count_rows = mysqli_num_rows($admin_count); - $time_admin_count = mysql_query("select empfullname from " . $db_prefix . "employees where time_admin = '1' and groups = ('" . $post_groupname . "') and + $time_admin_count = mysqli_query($GLOBALS["___mysqli_ston"], "select empfullname from " . $db_prefix . "employees where time_admin = '1' and groups = ('" . $post_groupname . "') and office = ('" . $post_officename . "')"); - @$time_admin_count_rows = mysql_num_rows($time_admin_count); + @$time_admin_count_rows = mysqli_num_rows($time_admin_count); - $reports_count = mysql_query("select empfullname from " . $db_prefix . "employees where reports = '1' and groups = ('" . $post_groupname . "') and + $reports_count = mysqli_query($GLOBALS["___mysqli_ston"], "select empfullname from " . $db_prefix . "employees where reports = '1' and groups = ('" . $post_groupname . "') and office = ('" . $post_officename . "')"); - @$reports_count_rows = mysql_num_rows($reports_count); + @$reports_count_rows = mysqli_num_rows($reports_count); if ($user_count_rows > '0') { @@ -750,9 +750,9 @@ class=table_rows style='padding-left:20px;'>\n"; -echo "\n"; -echo "\n"; -echo "\n"; - -setTimeZone(); - -echo "\n"; -?> +\n"; +echo "\n"; +echo "\n"; +echo "\n"; + +setTimeZone(); + +echo "\n"; +?> diff --git a/admin/header_colorpick.php b/admin/header_colorpick.php index 5ffda2e..9729b57 100644 --- a/admin/header_colorpick.php +++ b/admin/header_colorpick.php @@ -1,14 +1,14 @@ -\n"; -echo "\n"; -echo "\n"; -echo "\n"; -echo "\n"; -echo "\n"; - -setTimeZone(); - -echo "\n"; -?> +\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; + +setTimeZone(); + +echo "\n"; +?> diff --git a/admin/header_date.php b/admin/header_date.php index 8234e3c..4c6b546 100644 --- a/admin/header_date.php +++ b/admin/header_date.php @@ -1,15 +1,15 @@ -\n"; -echo "\n"; -echo "\n"; -echo "\n"; -echo "\n"; -echo "\n"; -echo "\n"; - -setTimeZone(); - -echo "\n"; -?> +\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; + +setTimeZone(); + +echo "\n"; +?> diff --git a/admin/header_get.php b/admin/header_get.php index 48c27f8..0e77f42 100644 --- a/admin/header_get.php +++ b/admin/header_get.php @@ -1,15 +1,15 @@ -\n"; -echo "\n"; -echo "\n"; -echo "\n"; -echo "\n"; -include '../scripts/dropdown_get.php'; -echo "\n"; - -setTimeZone(); - -echo "\n"; -?> +\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; +include '../scripts/dropdown_get.php'; +echo "\n"; + +setTimeZone(); + +echo "\n"; +?> diff --git a/admin/header_get_sysedit.php b/admin/header_get_sysedit.php index 0fc9280..abc8296 100644 --- a/admin/header_get_sysedit.php +++ b/admin/header_get_sysedit.php @@ -1,15 +1,15 @@ -\n"; -echo "\n"; -echo "\n"; -echo "\n"; -echo "\n"; -include '../scripts/dropdown_get_sysedit.php'; -echo "\n"; - -setTimeZone(); - -echo "\n"; -?> +\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; +include '../scripts/dropdown_get_sysedit.php'; +echo "\n"; + +setTimeZone(); + +echo "\n"; +?> diff --git a/admin/header_post.php b/admin/header_post.php index 416df1b..248f07a 100644 --- a/admin/header_post.php +++ b/admin/header_post.php @@ -1,15 +1,15 @@ -\n"; -echo "\n"; -echo "\n"; -echo "\n"; -echo "\n"; -include '../scripts/dropdown_post.php'; -echo "\n"; - -setTimeZone(); - -echo "\n"; -?> +\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; +include '../scripts/dropdown_post.php'; +echo "\n"; + +setTimeZone(); + +echo "\n"; +?> diff --git a/admin/header_post_sysedit.php b/admin/header_post_sysedit.php index af69404..a67a7df 100644 --- a/admin/header_post_sysedit.php +++ b/admin/header_post_sysedit.php @@ -1,15 +1,15 @@ -\n"; -echo "\n"; -echo "\n"; -echo "\n"; -echo "\n"; -include '../scripts/dropdown_post_sysedit.php'; -echo "\n"; - -setTimeZone(); - -echo "\n"; -?> +\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; +include '../scripts/dropdown_post_sysedit.php'; +echo "\n"; + +setTimeZone(); + +echo "\n"; +?> diff --git a/admin/index.php b/admin/index.php index 6bb8e74..5dadffa 100644 --- a/admin/index.php +++ b/admin/index.php @@ -1,73 +1,73 @@ -$title - Administration\n"; - -$self = $_SERVER['PHP_SELF']; -$request = $_SERVER['REQUEST_METHOD']; -$row_count = '0'; -$row_color = ($row_count % 2) ? $color2 : $color1; - -if (!isset($_SESSION['valid_user'])) { - - echo "\n"; - echo " \n"; - echo " \n"; - echo "
PHP Timeclock Administration
\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo "
You are not presently logged in, or do not have permission to view this page.
Click here to login.

\n"; - exit; -} - -echo "\n"; -echo " \n"; -echo " \n"; -echo " \n"; include '../footer.php'; - $post_username = stripslashes($post_username); - $display_name = stripslashes($display_name); exit; } - $post_username = stripslashes($post_username); - $display_name = stripslashes($display_name); - $post_username = addslashes($post_username); - $display_name = addslashes($display_name); - - $query3 = "update " . $db_prefix . "employees set displayname = ('" . $display_name . "'), email = ('" . $email_addy . "'), groups = ('" . $group_name . "'), - office = ('" . $office_name . "'), admin = ('" . $admin_perms . "'), reports = ('" . $reports_perms . "'), time_admin = ('" . $time_admin_perms . "'), - disabled = ('" . $post_disabled . "') - where empfullname = ('" . $post_username . "')"; - $result3 = mysql_query($query3); + tc_update_strings("employees", array( + 'displayname' => $display_name, + 'email' => $email_addy, + 'barcode' => $user_barcode, + 'groups' => $group_name, + 'office' => $office_name, + 'admin' => $admin_perms, + 'reports' => $reports_perms, + 'time_admin' => $time_admin_perms, + 'disabled' => $post_disabled + ), "empfullname = ?", $post_username); echo "
\n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo "
Users
User Summary   - User Summary
Create New User   - Create New User
User Search   - User Search
Offices
Office Summary   - Office Summary
Create New Office   - Create New Office
Groups
Group Summary   - Group Summary
Create New Group   - Create New Group
In/Out Status
Status Summary -   Status Summary
Create Status   - Create Status
Miscellaneous
Add/Edit/Delete Time -   Add/Edit/Delete Time
Edit System Settings -   Edit System Settings
Upgrade Database   Upgrade Database
\n"; -echo " \n"; -echo " \n"; -echo " \n"; -$user_count = mysql_query("select empfullname from " . $db_prefix . "employees +$user_count = mysqli_query($GLOBALS["___mysqli_ston"], "select empfullname from " . $db_prefix . "employees order by empfullname"); -@$user_count_rows = mysql_num_rows($user_count); +@$user_count_rows = mysqli_num_rows($user_count); -$admin_count = mysql_query("select empfullname from " . $db_prefix . "employees where admin = '1'"); -@$admin_count_rows = mysql_num_rows($admin_count); +$admin_count = mysqli_query($GLOBALS["___mysqli_ston"], "select empfullname from " . $db_prefix . "employees where admin = '1'"); +@$admin_count_rows = mysqli_num_rows($admin_count); -$time_admin_count = mysql_query("select empfullname from " . $db_prefix . "employees where time_admin = '1'"); -@$time_admin_count_rows = mysql_num_rows($time_admin_count); +$time_admin_count = mysqli_query($GLOBALS["___mysqli_ston"], "select empfullname from " . $db_prefix . "employees where time_admin = '1'"); +@$time_admin_count_rows = mysqli_num_rows($time_admin_count); -$reports_count = mysql_query("select empfullname from " . $db_prefix . "employees where reports = '1'"); -@$reports_count_rows = mysql_num_rows($reports_count); +$reports_count = mysqli_query($GLOBALS["___mysqli_ston"], "select empfullname from " . $db_prefix . "employees where reports = '1'"); +@$reports_count_rows = mysqli_num_rows($reports_count); echo " \n"; - if (!empty($string)) { - $post_username = addslashes($post_username); - } - if (!empty($string2)) { - $displayname = addslashes($display_name); - } - echo " \n"; echo " \n"; + echo " \n"; echo " \n"; } + echo " \n"; echo " \n"; echo "
\n"; - -include '../templates/admin_index_tpl.php'; -include '../footer.php'; -?> +$title - Administration\n"; + +$self = $_SERVER['PHP_SELF']; +$request = $_SERVER['REQUEST_METHOD']; +$row_count = '0'; +$row_color = ($row_count % 2) ? $color2 : $color1; + +if (!isset($_SESSION['valid_user'])) { + + echo "\n"; + echo " \n"; + echo " \n"; + echo "
PHP Timeclock Administration
\n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo "
You are not presently logged in, or do not have permission to view this page.
Click here to login.

\n"; + exit; +} + +echo "\n"; +echo " \n"; +echo " \n"; +echo " \n"; echo " \n"; echo "
\n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo "
Users
User Summary   + User Summary
Create New User   + Create New User
User Search   + User Search
Offices
Office Summary   + Office Summary
Create New Office   + Create New Office
Groups
Group Summary   + Group Summary
Create New Group   + Create New Group
In/Out Status
Status Summary +   Status Summary
Create Status   + Create Status
Miscellaneous
Add/Edit/Delete Time +   Add/Edit/Delete Time
Edit System Settings +   Edit System Settings
Upgrade Database   Upgrade Database
\n"; +echo " \n"; +echo " \n"; +echo " \n"; } - if (!empty($string)) { - $post_statusname = stripslashes($post_statusname); - } - if (!empty($string2)) { - $post_statusname = stripslashes($post_statusname); - } + echo " \n"; echo " \n"; echo "
\n"; + +include '../templates/admin_index_tpl.php'; +include '../footer.php'; +?> diff --git a/admin/officeadmin.php b/admin/officeadmin.php index 3a12d2b..1f8dc8c 100644 --- a/admin/officeadmin.php +++ b/admin/officeadmin.php @@ -81,17 +81,17 @@ $row_count = 0; $query = "select * from " . $db_prefix . "offices order by officename"; -$result = mysql_query($query); +$result = mysqli_query($GLOBALS["___mysqli_ston"], $query); -while ($row = mysql_fetch_array($result)) { +while ($row = mysqli_fetch_array($result)) { $query2 = "select office from " . $db_prefix . "employees where office = '" . $row['officename'] . "'"; - $result2 = mysql_query($query2); - @$user_cnt = mysql_num_rows($result2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); + @$user_cnt = mysqli_num_rows($result2); $query3 = "select * from " . $db_prefix . "groups where officeid = '" . $row['officeid'] . "'"; - $result3 = mysql_query($query3); - @$group_cnt = mysql_num_rows($result3); + $result3 = mysqli_query($GLOBALS["___mysqli_ston"], $query3); + @$group_cnt = mysqli_num_rows($result3); $row_count++; $row_color = ($row_count % 2) ? $color2 : $color1; diff --git a/admin/officecreate.php b/admin/officecreate.php index 37cc96e..54c3a64 100644 --- a/admin/officecreate.php +++ b/admin/officecreate.php @@ -156,9 +156,9 @@ // check for duplicate officenames // $query = "select * from " . $db_prefix . "offices where officename = '" . $post_officename . "'"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $tmp_officename = "" . $row['officename'] . ""; } @@ -315,20 +315,20 @@ if ((@$empty_groupname != '1') && (@$evil_groupname != '1') && (@$groupname_array_cnt == @$unique_groupname_array_cnt)) { $query = "insert into " . $db_prefix . "offices (officename) values ('" . $post_officename . "')"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); $query2 = "select * from " . $db_prefix . "offices where officename = '" . $post_officename . "'"; - $result2 = mysql_query($query2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); - while ($row = mysql_fetch_array($result2)) { + while ($row = mysqli_fetch_array($result2)) { $tmp_officeid = "" . $row['officeid'] . ""; } - mysql_free_result($result2); + ((mysqli_free_result($result2) || (is_object($result2) && (get_class($result2) == "mysqli_result"))) ? true : false); for ($x = 0; $x < $how_many; $x++) { $y = $x + 1; $query3 = "insert into " . $db_prefix . "groups (groupname, officeid) values ('" . $input_group_name[$y] . "', '" . $tmp_officeid . "')"; - $result3 = mysql_query($query3); + $result3 = mysqli_query($GLOBALS["___mysqli_ston"], $query3); } echo " \n"; @@ -431,7 +431,7 @@ class=table_rows colspan=2 width=80% style='padding-left:20px;'> if (!isset($how_many)) { $query = "insert into " . $db_prefix . "offices (officename) values ('" . $post_officename . "')"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); echo "
\n"; echo " \n"; diff --git a/admin/officedelete.php b/admin/officedelete.php index 890f224..e85e577 100644 --- a/admin/officedelete.php +++ b/admin/officedelete.php @@ -92,9 +92,9 @@ echo "
\n"; $query = "select * from " . $db_prefix . "offices where officename = '" . $get_office . "'"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $officename = "" . $row['officename'] . ""; $officeid = "" . $row['officeid'] . ""; @@ -106,12 +106,12 @@ } $query2 = "select office from " . $db_prefix . "employees where office = '" . $get_office . "'"; - $result2 = mysql_query($query2); - @$user_cnt = mysql_num_rows($result2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); + @$user_cnt = mysqli_num_rows($result2); $query3 = "select * from " . $db_prefix . "groups where officeid = '" . $officeid . "'"; - $result3 = mysql_query($query3); - @$group_cnt = mysql_num_rows($result3); + $result3 = mysqli_query($GLOBALS["___mysqli_ston"], $query3); + @$group_cnt = mysqli_num_rows($result3); if ($user_cnt > 0) { echo "
\n"; @@ -208,12 +208,12 @@ class=table_rows width=80% style='padding-left:20px;'> 0) { $query4 = "update " . $db_prefix . "employees set office = ('" . $office_name . "'), groups = ('" . $group_name . "') where office = ('" . $post_officename . "')"; - $result4 = mysql_query($query4); + $result4 = mysqli_query($GLOBALS["___mysqli_ston"], $query4); } $query5 = "delete from " . $db_prefix . "offices where officeid = '" . $post_officeid . "'"; - $result5 = mysql_query($query5); + $result5 = mysqli_query($GLOBALS["___mysqli_ston"], $query5); $query6 = "delete from " . $db_prefix . "groups where officeid = '" . $post_officeid . "'"; - $result6 = mysql_query($query6); + $result6 = mysqli_query($GLOBALS["___mysqli_ston"], $query6); echo " \n"; diff --git a/admin/officeedit.php b/admin/officeedit.php index 5d83c15..5d52f8b 100644 --- a/admin/officeedit.php +++ b/admin/officeedit.php @@ -91,9 +91,9 @@ echo "
\n"; $query = "select * from " . $db_prefix . "offices where officename = '" . $get_office . "'"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $officename = "" . $row['officename'] . ""; $officeid = "" . $row['officeid'] . ""; @@ -109,12 +109,12 @@ } $query2 = "select * from " . $db_prefix . "employees where office = '" . $get_office . "'"; - $result2 = mysql_query($query2); - @$user_cnt = mysql_num_rows($result2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); + @$user_cnt = mysqli_num_rows($result2); $query3 = "select * from " . $db_prefix . "groups where officeid = '" . $officeid . "'"; - $result3 = mysql_query($query3); - @$group_cnt = mysql_num_rows($result3); + $result3 = mysqli_query($GLOBALS["___mysqli_ston"], $query3); + @$group_cnt = mysqli_num_rows($result3); echo " \n"; echo "
Office Name:$post_officename
\n"; @@ -167,15 +167,15 @@ class=table_rows style='padding-left:20px;'>\n"; echo " \n"; @@ -534,15 +534,15 @@ class=table_rows style='padding-left:20px;'>\n"; echo " \n"; echo " \n"; -echo " \n"; +echo " \n"; +echo " \n"; echo " \n"; echo " \n"; echo " \n"; $row_count = 0; -$query = "select * from " . $db_prefix . "punchlist"; -$result = mysql_query($query); +$result = tc_select("*", "punchlist"); -while ($row = mysql_fetch_array($result)) { +while ($row = mysqli_fetch_array($result)) { $punchitem = "" . $row['punchitems'] . ""; + $punchnext = "" . $row['punchnext'] . ""; $color = "" . $row['color'] . ""; $in_or_out = "" . $row['in_or_out'] . ""; @@ -100,7 +101,9 @@ echo " \n"; echo " \n"; - echo " \n"; + echo " \n"; + echo " \n"; echo " \n"; if ((strpos($user_agent, "MSIE 6")) || (strpos($user_agent, "MSIE 5")) || (strpos($user_agent, "MSIE 4")) || (strpos($user_agent, "MSIE 3"))) { diff --git a/admin/statuscreate.php b/admin/statuscreate.php index 982856c..ec7e5f2 100644 --- a/admin/statuscreate.php +++ b/admin/statuscreate.php @@ -75,7 +75,7 @@    Create Status\n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; + echo " \n"; echo " \n"; echo "
 Status NameColorOn PunchColorIn/OutEditDelete
 $row_count $punchitem $color " . ($punchnext ? "→ " : "") . "$punchnext $color$in_or_out_tmp
Status Name: *
Color:Is Status considered 'In' or 'Out'?In Out
On Punch Become:
* required 
\n"; echo " \n"; @@ -101,6 +104,7 @@ $post_statusname = $_POST['post_statusname']; $post_color = $_POST['post_color']; $create_status = $_POST['create_status']; + $punchnext = $_POST['punchnext']; echo "\n"; echo " \n"; @@ -153,23 +157,24 @@ exit; } - $post_statusname = stripslashes($post_statusname); - $post_statusname = addslashes($post_statusname); - - $string = strstr($post_statusname, "\'"); + $string = strstr($post_statusname, "'"); $string2 = strstr($post_statusname, "\""); if (empty($string)) { - $query = "select punchitems from " . $db_prefix . "punchlist where punchitems = '" . $post_statusname . "'"; - $result = mysql_query($query); - - while ($row = mysql_fetch_array($result)) { + $result = tc_select("punchitems", "punchlist", "punchitems = ?", $post_statusname); + while ($row = mysqli_fetch_array($result)) { $dupe = '1'; } } + $punchnext_ok = true; + if (has_value($punchnext)) { + $punchnext_ok = ($punchnext == tc_select_value("punchitems", "punchlist", "punchitems = ?", $punchnext)); + } + if ((empty($post_statusname)) || (empty($post_color)) || (!preg_match('/' . "^([[:alnum:]]| |-|_|\.)+$" . '/i', $post_statusname)) || (isset($dupe)) || ((!preg_match('/' . "^(#[a-fA-F0-9]{6})+$" . '/i', $post_color)) && (!preg_match('/' . "^([a-fA-F0-9]{6})+$" . '/i', $post_color))) || (!empty($string)) || (!empty($string2)) + || !$punchnext_ok ) { if (empty($post_statusname)) { @@ -211,13 +216,11 @@ echo " \n"; echo "
Status already exists. Create another status.
\n"; - } - - if (!empty($string)) { - $post_statusname = stripslashes($post_statusname); - } - if (!empty($string2)) { - $post_statusname = stripslashes($post_statusname); + } elseif (!$punchnext_ok) { + echo " \n"; + echo " \n"; + echo "
+ \"On Punch\" target is invalid!
\n"; } echo "
\n"; @@ -244,12 +247,9 @@ Out
On Punch Become:
* required 
\n"; @@ -264,9 +264,15 @@ exit; } else { - - $query = "insert into " . $db_prefix . "punchlist (punchitems, color, in_or_out) values ('" . $post_statusname . "', '" . $post_color . "', '" . $create_status . "')"; - $result = mysql_query($query); + $result = tc_insert_strings( + "punchlist", + array( + "punchitems" => $post_statusname, + "color" => $post_color, + "in_or_out" => $create_status, + "punchnext" => $punchnext + ) + ); echo " \n"; echo " \n"; @@ -292,6 +298,8 @@ echo " \n"; + echo " \n"; echo " \n"; echo "
Is Status considered 'In' or 'Out'? $create_status_tmp
On Punch:$punchnext
\n"; echo " \n"; diff --git a/admin/statusdelete.php b/admin/statusdelete.php index 940247e..70f1bdd 100644 --- a/admin/statusdelete.php +++ b/admin/statusdelete.php @@ -40,10 +40,9 @@ $get_status = $_GET['statusname']; - $query = "select * from " . $db_prefix . "punchlist where punchitems = '" . $get_status . "'"; - $result = mysql_query($query); + $result = tc_select("*", "punchlist", "punchitems = ?", $get_status); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $punchitem = "" . $row['punchitems'] . ""; $color = "" . $row['color'] . ""; @@ -124,7 +123,7 @@ echo "
\n"; echo " \n"; echo "
- Deleting this status does NOT delete it from the database history. It merely removes it from the list of status + Deleting this status does NOT delete it from the database history. It merely removes it from the list of status choices.
\n"; echo " \n"; echo " @@ -145,11 +144,9 @@ exit; } - $query = "select * from " . $db_prefix . "punchlist where punchitems = '" . $post_statusname . "'"; - $result = mysql_query($query); - - while ($row = mysql_fetch_array($result)) { + $result = tc_select("*", "punchlist", "punchitems = ?", $post_statusname); + while ($row = mysqli_fetch_array($result)) { $punchitem = "" . $row['punchitems'] . ""; $color = "" . $row['color'] . ""; $in_or_out = "" . $row['in_or_out'] . ""; @@ -159,8 +156,7 @@ exit; } - $query2 = "delete from " . $db_prefix . "punchlist where punchitems = ('" . $post_statusname . "')"; - $result2 = mysql_query($query2); + $result2 = tc_delete("punchlist", "punchitems = ?", $post_statusname); if ($post_in_out == '1') { $post_in_out = 'In'; @@ -232,7 +228,7 @@ echo " \n"; echo " \n"; echo " \n"; echo " \n"; diff --git a/admin/statusedit.php b/admin/statusedit.php index d41cfaa..6d68176 100644 --- a/admin/statusedit.php +++ b/admin/statusedit.php @@ -40,14 +40,13 @@ $get_status = $_GET['statusname']; - $query = "select * from " . $db_prefix . "punchlist where punchitems = '" . $get_status . "'"; - $result = mysql_query($query); - - while ($row = mysql_fetch_array($result)) { + $result = tc_select("*", "punchlist", "punchitems = ?", $get_status); + while ($row = mysqli_fetch_array($result)) { $punchitem = "" . $row['punchitems'] . ""; $color = "" . $row['color'] . ""; $in_or_out = "" . $row['in_or_out'] . ""; + $punchnext = "" . $row['punchnext'] . ""; } echo "
Status Name:$post_statusname
Color:$post_color
\n"; @@ -125,6 +124,10 @@ exit; } + echo " \n"; + echo " \n"; echo "
On Punch Become:
* required 
\n"; echo " \n"; @@ -143,36 +146,34 @@ $post_statusname = $_POST['post_statusname']; $post_color = $_POST['post_color']; $create_status = $_POST['create_status']; + $punchnext = $_POST['punchnext']; // begin post validation // if (!empty($get_status)) { - $query = "select * from " . $db_prefix . "punchlist where punchitems = '" . $get_status . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { - $getstatus = "" . $row['punchitems'] . ""; - } - mysql_free_result($result); + $getstatus = tc_select_value("punchitems", "punchlist", "punchitems = ?", $get_status); if (!isset($getstatus)) { echo "Status is not defined.\n"; exit; } } - if (($create_status !== '0') && ($create_status !== '1')) { - exit; + $punchnext_ok = true; + if (has_value($punchnext)) { + $punchnext_ok = ($punchnext == tc_select_value("punchitems", "punchlist", "punchitems = ?", $punchnext)); } - if (get_magic_quotes_gpc()) { - $post_statusname = stripslashes($post_statusname); + + if (($create_status !== '0') && ($create_status !== '1')) { + exit; } - $post_statusname = addslashes($post_statusname); - $string = strstr($post_statusname, "\'"); + $string = strstr($post_statusname, "'"); $string2 = strstr($post_statusname, "\""); if ((empty($post_statusname)) || (empty($post_color)) || (!preg_match('/' . "^([[:alnum:]]| |-|_|.)+$" . '/i', $post_statusname)) || ((!preg_match('/' . "^(#[a-fA-F0-9]{6})+$" . '/i', $post_color)) && (!preg_match('/' . "^([a-fA-F0-9]{6})+$" . '/i', $post_color))) || (!empty($string)) || (!empty($string2)) + || !$punchnext_ok ) { echo "\n"; @@ -258,13 +259,11 @@ echo " \n"; echo "
Double Quotes are not allowed.
\n"; - } - - if (!empty($string)) { - $post_statusname = stripslashes($post_statusname); - } - if (!empty($string2)) { - $post_statusname = stripslashes($post_statusname); + } elseif (!$punchnext_ok) { + echo " \n"; + echo " \n"; + echo "
+ \"On Punch\" target is invalid!
\n"; } echo "
\n"; @@ -295,12 +294,9 @@ exit; } - if (!empty($string)) { - $post_statusname = stripslashes($post_statusname); - } - if (!empty($string2)) { - $post_statusname = stripslashes($post_statusname); - } + echo "
On Punch Become:
* required 
\n"; @@ -317,12 +313,24 @@ } else { - $query = "update " . $db_prefix . "punchlist set punchitems = ('" . $post_statusname . "'), color = ('" . $post_color . "'), in_or_out = ('" . $create_status . "') - where punchitems = ('" . $get_status . "')"; - $result = mysql_query($query); - - $query2 = "update " . $db_prefix . "info set `inout` = ('" . $post_statusname . "') where `inout` = ('" . $get_status . "')"; - $result2 = mysql_query($query2); + tc_update_strings( + "punchlist", + array( + "punchitems" => $post_statusname, + "color" => $post_color, + "in_or_out" => $create_status, + "punchnext" => $punchnext + ), + "punchitems = ?", $get_status + ); + + if ($post_statusname != $get_status) { + tc_update_strings( + "info", + array("inout" => $post_statusname), + "`inout` = ?", $get_status + ); + } echo "\n"; echo " \n"; @@ -397,6 +405,8 @@ echo " \n"; + echo " \n"; echo " \n"; echo "
Is Status considered 'In' or 'Out'?$create_status_tmp
On Punch:$punchnext
\n"; echo " \n"; diff --git a/admin/sysedit.php b/admin/sysedit.php index 1b2ece4..5fe05a8 100644 --- a/admin/sysedit.php +++ b/admin/sysedit.php @@ -343,7 +343,7 @@ echo " \n"; - echo " \n"; + echo " \n"; echo " - - + \n"; $row_count++; $row_color = ($row_count % 2) ? $color2 : $color1; @@ -1317,8 +1316,8 @@ class=table_rows width=80% align=left valign=top>\n"; - echo " \n"; + echo " \n"; echo " - - + \n"; $row_count++; $row_color = ($row_count % 2) ? $color2 : $color1; diff --git a/admin/timeadd.php b/admin/timeadd.php index 5077747..617b046 100644 --- a/admin/timeadd.php +++ b/admin/timeadd.php @@ -101,14 +101,14 @@ $get_user = addslashes($get_user); $query = "select * from " . $db_prefix . "employees where empfullname = '" . $get_user . "' order by empfullname"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $username = stripslashes("" . $row['empfullname'] . ""); $displayname = stripslashes("" . $row['displayname'] . ""); } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); $get_user = stripslashes($_GET['username']); @@ -148,18 +148,18 @@ // query to populate dropdown with statuses // $query2 = "select * from " . $db_prefix . "punchlist order by punchitems asc"; - $result2 = mysql_query($query2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); echo " \n"; - mysql_free_result($result2); + ((mysqli_free_result($result2) || (is_object($result2) && (get_class($result2) == "mysqli_result"))) ? true : false); echo " \n"; @@ -196,8 +196,8 @@ if (!empty($get_user)) { $query = "select * from " . $db_prefix . "employees where empfullname = '" . $get_user . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $tmp_get_user = "" . $row['empfullname'] . ""; } if (!isset($tmp_get_user)) { @@ -208,8 +208,8 @@ if (!empty($post_username)) { $query = "select * from " . $db_prefix . "employees where empfullname = '" . $post_username . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $tmp_username = "" . $row['empfullname'] . ""; } if (!isset($tmp_username)) { @@ -220,8 +220,8 @@ if (!empty($post_displayname)) { $query = "select * from " . $db_prefix . "employees where empfullname = '" . $post_username . "' and displayname = '" . $post_displayname . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $tmp_post_displayname = "" . $row['displayname'] . ""; } if (!isset($tmp_post_displayname)) { @@ -234,13 +234,13 @@ if ($post_statusname != '1') { $query = "select * from " . $db_prefix . "punchlist where punchitems = '" . $post_statusname . "'"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $punchitems = "" . $row['punchitems'] . ""; $color = "" . $row['color'] . ""; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); if (!isset($punchitems)) { echo "Something is fishy here.\n"; exit; @@ -498,14 +498,14 @@ // query to populate dropdown with statuses // $query2 = "select * from " . $db_prefix . "punchlist order by punchitems asc"; - $result2 = mysql_query($query2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); echo " \n"; - mysql_free_result($result2); + ((mysqli_free_result($result2) || (is_object($result2) && (get_class($result2) == "mysqli_result"))) ? true : false); echo " \n"; @@ -548,12 +548,12 @@ // check for duplicate time for $post_username $query = "select * from " . $db_prefix . "info where fullname = '" . $post_username . "'"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); $post_username = stripslashes($post_username); $post_displayname = stripslashes($post_displayname); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $info_table_timestamp = "" . $row['timestamp'] . ""; if ($timestamp == $info_table_timestamp) { @@ -594,14 +594,14 @@ // query to populate dropdown with statuses // $query2 = "select * from " . $db_prefix . "punchlist order by punchitems asc"; - $result2 = mysql_query($query2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); echo " \n"; - mysql_free_result($result2); + ((mysqli_free_result($result2) || (is_object($result2) && (get_class($result2) == "mysqli_result"))) ? true : false); echo " \n"; @@ -626,7 +626,7 @@ exit; } } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); // check to see if this would be the most recent time for $post_username. if so, run the update query for the employees table. @@ -634,16 +634,16 @@ $post_displayname = addslashes($post_displayname); $query = "select * from " . $db_prefix . "employees where empfullname = '" . $post_username . "'"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $employees_table_timestamp = "" . $row['tstamp'] . ""; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); if ($timestamp > $employees_table_timestamp) { $update_query = "update " . $db_prefix . "employees set tstamp = '" . $timestamp . "' where empfullname = '" . $post_username . "'"; - $update_result = mysql_query($update_query); + $update_result = mysqli_query($GLOBALS["___mysqli_ston"], $update_query); } // determine who the authenticated user is for audit log @@ -674,18 +674,18 @@ $query = "insert into " . $db_prefix . "info (fullname, `inout`, timestamp, notes) values ('" . $post_username . "', '" . $post_statusname . "', '" . $timestamp . "', '" . $post_notes . "')"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); // add the results to the audit table if (strtolower($ip_logging) == "yes") { $query2 = "insert into " . $db_prefix . "audit (modified_by_ip, modified_by_user, modified_when, modified_from, modified_to, modified_why, user_modified) values ('" . $connecting_ip . "', '" . $user . "', '" . $time_tz_stamp . "', '0', '" . $timestamp . "', '" . $post_why . "', '" . $post_username . "')"; - $result2 = mysql_query($query2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); } else { $query2 = "insert into " . $db_prefix . "audit (modified_by_user, modified_when, modified_from, modified_to, modified_why, user_modified) values ('" . $user . "', '" . $time_tz_stamp . "', '0', '" . $timestamp . "', '" . $post_why . "', '" . $post_username . "')"; - $result2 = mysql_query($query2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); } $post_username = stripslashes($post_username); diff --git a/admin/timeadmin.php b/admin/timeadmin.php index f25c6a9..777f740 100644 --- a/admin/timeadmin.php +++ b/admin/timeadmin.php @@ -86,9 +86,9 @@ $query = "select empfullname, displayname, email, groups, office, admin, reports, disabled from " . $db_prefix . "employees order by empfullname"; -$result = mysql_query($query); +$result = mysqli_query($GLOBALS["___mysqli_ston"], $query); -while ($row = mysql_fetch_array($result)) { +while ($row = mysqli_fetch_array($result)) { $empfullname = stripslashes("" . $row['empfullname'] . ""); $displayname = stripslashes("" . $row['displayname'] . ""); diff --git a/admin/timedelete.php b/admin/timedelete.php index c0b1d78..6847917 100644 --- a/admin/timedelete.php +++ b/admin/timedelete.php @@ -102,14 +102,14 @@ $get_user = addslashes($get_user); $query = "select * from " . $db_prefix . "employees where empfullname = '" . $get_user . "' order by empfullname"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $username = stripslashes("" . $row['empfullname'] . ""); $displayname = stripslashes("" . $row['displayname'] . ""); } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); $get_user = stripslashes($get_user); @@ -177,8 +177,8 @@ if (!empty($get_user)) { $query = "select * from " . $db_prefix . "employees where empfullname = '" . $get_user . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $tmp_get_user = "" . $row['empfullname'] . ""; } if (!isset($tmp_get_user)) { @@ -189,8 +189,8 @@ if (!empty($post_username)) { $query = "select * from " . $db_prefix . "employees where empfullname = '" . $post_username . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $tmp_username = "" . $row['empfullname'] . ""; } if (!isset($tmp_username)) { @@ -201,8 +201,8 @@ if (!empty($post_displayname)) { $query = "select * from " . $db_prefix . "employees where empfullname = '" . $post_username . "' and displayname = '" . $post_displayname . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $tmp_post_displayname = "" . $row['displayname'] . ""; } if (!isset($tmp_post_displayname)) { @@ -427,12 +427,12 @@ //if ((strlen($final_mysql_timestamp[$x]) != "10") || (!is_integer($final_mysql_timestamp[$x]))) {echo "Something is fishy here.\n"; exit;} $query_sel = "select * from " . $db_prefix . "punchlist where punchitems = '" . $final_inout[$x] . "'"; - $result_sel = mysql_query($query_sel); + $result_sel = mysqli_query($GLOBALS["___mysqli_ston"], $query_sel); - while ($row = mysql_fetch_array($result_sel)) { + while ($row = mysqli_fetch_array($result_sel)) { $punchitems = "" . $row['punchitems'] . ""; } - mysql_free_result($result_sel); + ((mysqli_free_result($result_sel) || (is_object($result_sel) && (get_class($result_sel) == "mysqli_result"))) ? true : false); if (!isset($punchitems)) { echo "Something is fishy here.\n"; exit; @@ -443,8 +443,8 @@ $query5 = "select * from " . $db_prefix . "info where (fullname = '" . $final_username[$x] . "') and (timestamp = '" . $final_mysql_timestamp[$x] . "') and (`inout` = '" . $final_inout[$x] . "') and (notes = '" . $final_notes[$x] . "')"; - $result5 = mysql_query($query5); - @$tmp_num_rows = mysql_num_rows($result5); + $result5 = mysqli_query($GLOBALS["___mysqli_ston"], $query5); + @$tmp_num_rows = mysqli_num_rows($result5); if ((isset($tmp_num_rows)) && (@$tmp_num_rows != '1')) { echo "Something is fishy here.\n"; @@ -470,9 +470,9 @@ //if (!get_magic_quotes_gpc()) {$final_username[$x] = addslashes($final_username[$x]);} $query = "select * from " . $db_prefix . "employees where empfullname = '" . $final_username[$x] . "'"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $tmp_empfullname_1 = stripslashes("" . $row['empfullname'] . ""); $tmp_tstamp_1 = "" . $row['tstamp'] . ""; } @@ -482,9 +482,9 @@ if (($tmp_empfullname_1 == $tmp_tmp_username[$x]) && ($tmp_tstamp_1 == $final_mysql_timestamp[$x])) { $query2 = "select * from " . $db_prefix . "info where fullname = '" . $final_username[$x] . "' order by timestamp desc limit 1,1"; - $result2 = mysql_query($query2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); - while ($row2 = mysql_fetch_array($result2)) { + while ($row2 = mysqli_fetch_array($result2)) { $tmp_empfullname_2 = stripslashes("" . $row2['fullname'] . ""); $tmp_empfullname_2 = addslashes($tmp_empfullname_2); $tmp_tstamp_2 = "" . $row2['timestamp'] . ""; @@ -492,24 +492,24 @@ $query3 = "update " . $db_prefix . "employees set empfullname = '" . $tmp_empfullname_2 . "', tstamp = '" . $tmp_tstamp_2 . "' where empfullname = '" . $tmp_empfullname_2 . "'"; - $result3 = mysql_query($query3); + $result3 = mysqli_query($GLOBALS["___mysqli_ston"], $query3); } // delete the time from the info table for $post_username $query4 = "delete from " . $db_prefix . "info where fullname = '" . $final_username[$x] . "' and timestamp = '" . $final_mysql_timestamp[$x] . "'"; - $result4 = mysql_query($query4); + $result4 = mysqli_query($GLOBALS["___mysqli_ston"], $query4); // add the results to the audit table if (strtolower($ip_logging) == "yes") { $query6 = "insert into " . $db_prefix . "audit (modified_by_ip, modified_by_user, modified_when, modified_from, modified_to, modified_why, user_modified) values ('" . $connecting_ip . "', '" . $user . "', '" . $time_tz_stamp . "', '" . $final_mysql_timestamp[$x] . "', '0', '" . $post_why . "', '" . $final_username[$x] . "')"; - $result6 = mysql_query($query6); + $result6 = mysqli_query($GLOBALS["___mysqli_ston"], $query6); } else { $query6 = "insert into " . $db_prefix . "audit (modified_by_user, modified_when, modified_from, modified_to, modified_why, user_modified) values ('" . $user . "', '" . $time_tz_stamp . "', '" . $final_mysql_timestamp[$x] . "', '0', '" . $post_why . "', '" . $final_username[$x] . "')"; - $result6 = mysql_query($query6); + $result6 = mysqli_query($GLOBALS["___mysqli_ston"], $query6); } echo " \n"; @@ -557,14 +557,14 @@ $query = "select * from " . $db_prefix . "info where (fullname = '" . $post_username . "') and ((timestamp < '" . $calc . "') and (timestamp >= '" . $timestamp . "')) order by timestamp asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); $username = array(); $inout = array(); $notes = array(); $mysql_timestamp = array(); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $time_set = '1'; $username[] = "" . $row['fullname'] . ""; @@ -572,7 +572,7 @@ $notes[] = "" . $row['notes'] . ""; $mysql_timestamp[] = "" . $row['timestamp'] . ""; } - $num_rows = mysql_num_rows($result); + $num_rows = mysqli_num_rows($result); $post_username = stripslashes($post_username); @@ -655,14 +655,14 @@ $query = "select * from " . $db_prefix . "info where (fullname = '" . $post_username . "') and ((timestamp < '" . $calc . "') and (timestamp >= '" . $timestamp . "')) order by timestamp asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); $username = array(); $inout = array(); $notes = array(); $mysql_timestamp = array(); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $time_set = '1'; $username[] = "" . $row['fullname'] . ""; @@ -670,7 +670,7 @@ $notes[] = "" . $row['notes'] . ""; $mysql_timestamp[] = "" . $row['timestamp'] . ""; } - $num_rows = mysql_num_rows($result); + $num_rows = mysqli_num_rows($result); } $post_username = stripslashes($post_username); diff --git a/admin/timeedit.php b/admin/timeedit.php index b10f39e..5a09af2 100644 --- a/admin/timeedit.php +++ b/admin/timeedit.php @@ -101,14 +101,14 @@ $get_user = addslashes($get_user); $query = "select * from " . $db_prefix . "employees where empfullname = '" . $get_user . "' order by empfullname"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $username = stripslashes("" . $row['empfullname'] . ""); $displayname = stripslashes("" . $row['displayname'] . ""); } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); $get_user = stripslashes($get_user); echo " \n"; + echo "\n"; } // if db is out of date, report it here // diff --git a/admin/useradmin.php b/admin/useradmin.php index dc258fb..420f606 100644 --- a/admin/useradmin.php +++ b/admin/useradmin.php @@ -64,18 +64,18 @@ alt='Upgrade Database' />   Upgrade Database\n"; echo "
VARIABLE VALUE DESCRIPTION
MySql DB Settings
mysql DB Settings
db_hostname: $db_hostname This is the hostname for your @@ -971,9 +971,9 @@ class=table_rows width=80% align=left valign=top>all\n"; $query = "select DISTINCT(groupname) from groups order by groupname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { if ("" . $row['groupname'] . "" == $display_group) { echo " \n"; } else { @@ -1058,15 +1058,14 @@ class=table_rows width=80% align=left valign=top>metar:Sets the ICAO (International - Civil Aviation Organization) for your local airport. This is the unique four letter international ID for the airport. METAR - reports are created at roughly 4500 airports from around the world, so you probably live near one of them. The airports make a - report once or twice an hour, and these reports are stored at the National Weather Service and are publically available via HTTP - or FTP. Visit - https://pilotweb.nas.faa.gov/qryhtml/icao/ to find a corresponding ICAO near you. If 'display_weather' is set - to \"no\", this option is ignored. If 'display_weather' is set to \"yes\", you must provide an ICAO here. + $metarIf 'display_weather' is set + to \"no\", this option is ignored. If 'display_weather' is set to \"yes\", you have to set an WxList in config.inc.php.
+ The ICAO (International Civil Aviation Organization) for your weather location is defined in config.inc.php, not here.
+ You can configure the weather display to use reports created at any of roughly 4500 airports from around the world, + so you probably live near one of them. The reports are stored at the National Weather Service and are publically available via HTTP + or FTP.

Visit + https://pilotweb.nas.faa.gov/qryhtml/icao/ to find a corresponding ICAO near you.
VARIABLE VALUE DESCRIPTION
MySql DB Settings
mysql DB Settings
db_hostname: $db_hostname This is the hostname for your @@ -2324,9 +2323,9 @@ class=table_rows width=80% align=left valign=top> \n"; $query = "select DISTINCT(groupname) from groups order by groupname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { if ("" . $row['groupname'] . "" == $post_group_name) { echo " \n"; } else { @@ -2410,15 +2409,14 @@ class=table_rows width=80% align=left valign=top>metar:Sets the ICAO (International - Civil Aviation Organization) for your local airport. This is the unique four letter international ID for the airport. METAR - reports are created at roughly 4500 airports from around the world, so you probably live near one of them. The airports make a - report once or twice an hour, and these reports are stored at the National Weather Service and are publically available via HTTP - or FTP. Visit - https://pilotweb.nas.faa.gov/qryhtml/icao/ to find a corresponding ICAO near you. If 'display_weather' is set - to \"no\", this option is ignored. If 'display_weather' is set to \"yes\", you must provide an ICAO here. + $post_metarIf 'display_weather' is set + to \"no\", this option is ignored. If 'display_weather' is set to \"yes\", you have to set an WxList in config.inc.php.
+ The ICAO (International Civil Aviation Organization) for your weather location is defined in config.inc.php, not here.
+ You can configure the weather display to use reports created at any of roughly 4500 airports from around the world, + so you probably live near one of them. The reports are stored at the National Weather Service and are publically available via HTTP + or FTP.

Visit + https://pilotweb.nas.faa.gov/qryhtml/icao/ to find a corresponding ICAO near you.
Status:  *
Notes:
Status:  *
Notes:
Status:  *
Notes:
\n"; @@ -175,8 +175,8 @@ if (!empty($get_user)) { $query = "select * from " . $db_prefix . "employees where empfullname = '" . $get_user . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $tmp_get_user = "" . $row['empfullname'] . ""; } if (!isset($tmp_get_user)) { @@ -187,8 +187,8 @@ if (!empty($post_username)) { $query = "select * from " . $db_prefix . "employees where empfullname = '" . $post_username . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $tmp_username = "" . $row['empfullname'] . ""; } if (!isset($tmp_username)) { @@ -199,8 +199,8 @@ if (!empty($post_displayname)) { $query = "select * from " . $db_prefix . "employees where empfullname = '" . $post_username . "' and displayname = '" . $post_displayname . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $tmp_post_displayname = "" . $row['displayname'] . ""; } if (!isset($tmp_post_displayname)) { @@ -396,12 +396,12 @@ } $query_sel = "select * from " . $db_prefix . "punchlist where punchitems = '" . $final_inout[$x] . "'"; - $result_sel = mysql_query($query_sel); + $result_sel = mysqli_query($GLOBALS["___mysqli_ston"], $query_sel); - while ($row = mysql_fetch_array($result_sel)) { + while ($row = mysqli_fetch_array($result_sel)) { $punchitems = "" . $row['punchitems'] . ""; } - mysql_free_result($result_sel); + ((mysqli_free_result($result_sel) || (is_object($result_sel) && (get_class($result_sel) == "mysqli_result"))) ? true : false); if (!isset($punchitems)) { echo "Something is fishy here.\n"; exit; @@ -412,8 +412,8 @@ $query5 = "select * from " . $db_prefix . "info where (fullname = '" . $final_username[$x] . "') and (timestamp = '" . $final_mysql_timestamp[$x] . "') and (`inout` = '" . $final_inout[$x] . "')"; - $result5 = mysql_query($query5); - @$tmp_num_rows = mysql_num_rows($result5); + $result5 = mysqli_query($GLOBALS["___mysqli_ston"], $query5); + @$tmp_num_rows = mysqli_num_rows($result5); if ((isset($tmp_num_rows)) && (@$tmp_num_rows != '1')) { echo "Something is fishy here.\n"; @@ -442,6 +442,12 @@ // end post validation // if ($timefmt_24hr == '0') { + + // 12 Hour with or without leading zeros with upper or lower case AM or PM // + // Regex was /^([0-9]?[0-9])+:+([0-9]+[0-9])+([a|p]+m)$/i // + // Now /^([0-1]?[0-9])+:+([0-5]+[0-9])+([a|p]+m)$/i // + // First digit of hours in 12 hour format can not be > 1. // + // First digit of minutes can not be > 5 any time. // if ((!preg_match('/' . "^([0-9]?[0-9])+:+([0-9]+[0-9])+([a|p]+m)$" . '/i', $edit_time_textbox[$x], $time_regs)) && (!preg_match('/' . "^([0-9]?[0-9])+:+([0-9]+[0-9])+( [a|p]+m)$" . '/i', $edit_time_textbox[$x], $time_regs))) { $evil_time = '1'; @@ -458,7 +464,15 @@ } } } elseif ($timefmt_24hr == '1') { - if (!preg_match('/' . "^([0-9]?[0-9])+:+([0-9]+[0-9])+([a|p]+m)$" . '/i', $edit_time_textbox[$x], $time_regs)) { + + // 24 Hour with or without leading zeros with upper or lower case AM or PM // + // Regex was /^([0-9]?[0-9])+:+([0-9]+[0-9])+([a|p]+m)$/i // + // Now /^([0-2]?[0-9])+:+([0-5]+[0-9])+$/ // + // First digit of hours in 24 hour format can not be > 2. // + // First digit of minutes can not be > 5 any time. // + // No am/pm in 24 hour format. No need for case indifferent /i. // + + if (!preg_match('/' . "^([0-2]?[0-9])+:+([0-5]+[0-9])+$" . '/', $edit_time_textbox[$x], $time_regs)) { $evil_time = '1'; } else { @@ -607,9 +621,9 @@ $row_color = ($row_count % 2) ? $color1 : $color2; $query = "select * from " . $db_prefix . "employees where empfullname = '" . $final_username[$x] . "'"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $tmp_tstamp = "" . $row['tstamp'] . ""; } @@ -626,29 +640,29 @@ if ($new_tstamp[$x] > $tmp_tstamp) { $query2 = "update " . $db_prefix . "employees set tstamp = '" . $new_tstamp[$x] . "' where empfullname = '" . $final_username[$x] . "'"; - $result2 = mysql_query($query2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); } elseif ($new_tstamp[$x] < $tmp_tstamp) { $query2 = "select * from " . $db_prefix . "info where fullname = '" . $final_username[$x] . "' order by timestamp desc limit 1,1"; - $result2 = mysql_query($query2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); - while ($row2 = mysql_fetch_array($result2)) { + while ($row2 = mysqli_fetch_array($result2)) { $tmp_tstamp_2 = "" . $row2['timestamp'] . ""; } if ($new_tstamp[$x] > @$tmp_tstamp_2) { $query2 = "update " . $db_prefix . "employees set tstamp = '" . $new_tstamp[$x] . "' where empfullname = '" . $final_username[$x] . "'"; - $result2 = mysql_query($query2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); } elseif ($new_tstamp[$x] < @$tmp_tstamp_2) { $query2 = "update " . $db_prefix . "employees set tstamp = '" . $tmp_tstamp_2 . "' where empfullname = '" . $final_username[$x] . "'"; - $result2 = mysql_query($query2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); } } $query3 = "update " . $db_prefix . "info set timestamp = '" . $new_tstamp[$x] . "' where ((fullname = '" . $final_username[$x] . "') and (`inout` = '" . $final_inout[$x] . "') and (timestamp = '" . $final_mysql_timestamp[$x] . "') and (notes = '" . $final_notes[$x] . "'))"; - $result3 = mysql_query($query3); + $result3 = mysqli_query($GLOBALS["___mysqli_ston"], $query3); // add the results to the audit table @@ -656,11 +670,11 @@ $query4 = "insert into " . $db_prefix . "audit (modified_by_ip, modified_by_user, modified_when, modified_from, modified_to, modified_why, user_modified) values ('" . $connecting_ip . "', '" . $user . "', '" . $time_tz_stamp . "', '" . $final_mysql_timestamp[$x] . "', '" . $new_tstamp[$x] . "', '" . $post_why . "', '" . $final_username[$x] . "')"; - $result4 = mysql_query($query4); + $result4 = mysqli_query($GLOBALS["___mysqli_ston"], $query4); } else { $query4 = "insert into " . $db_prefix . "audit (modified_by_user, modified_when, modified_from, modified_to, modified_why, user_modified) values ('" . $user . "', '" . $time_tz_stamp . "', '" . $final_mysql_timestamp[$x] . "', '" . $new_tstamp[$x] . "', '" . $post_why . "', '" . $final_username[$x] . "')"; - $result4 = mysql_query($query4); + $result4 = mysqli_query($GLOBALS["___mysqli_ston"], $query4); } echo "
@@ -702,14 +716,14 @@ $query = "select * from " . $db_prefix . "info where (fullname = '" . $post_username . "') and ((timestamp < '" . $calc . "') and (timestamp >= '" . $timestamp . "')) order by timestamp asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); $username = array(); $inout = array(); $notes = array(); $mysql_timestamp = array(); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $time_set = '1'; $username[] = "" . $row['fullname'] . ""; @@ -717,7 +731,7 @@ $notes[] = "" . $row['notes'] . ""; $mysql_timestamp[] = "" . $row['timestamp'] . ""; } - $num_rows = mysql_num_rows($result); + $num_rows = mysqli_num_rows($result); } $post_username = stripslashes($post_username); diff --git a/admin/topmain.php b/admin/topmain.php index dec9607..fac35ca 100644 --- a/admin/topmain.php +++ b/admin/topmain.php @@ -11,7 +11,7 @@ } else { - echo "
\n"; echo " \n"; @@ -110,9 +110,9 @@ $query = "select empfullname, displayname, email, groups, office, admin, reports, time_admin, disabled from " . $db_prefix . "employees order by empfullname"; -$result = mysql_query($query); +$result = mysqli_query($GLOBALS["___mysqli_ston"], $query); -while ($row = mysql_fetch_array($result)) { +while ($row = mysqli_fetch_array($result)) { $empfullname = stripslashes("" . $row['empfullname'] . ""); $displayname = stripslashes("" . $row['displayname'] . ""); diff --git a/admin/usercreate.php b/admin/usercreate.php index b285017..742ffff 100644 --- a/admin/usercreate.php +++ b/admin/usercreate.php @@ -90,6 +90,9 @@ echo " \n"; + echo " \n"; echo " \n"; echo " \n"; + echo " \n"; echo " \n"; echo "
Email Address:  *
Barcode: +
Office:
User Account Disabled? Yes  No
Initial Punch: +
* required 
\n"; echo " \n"; @@ -123,31 +129,21 @@ include 'header_post.php'; include 'topmain.php'; - $post_username = stripslashes($_POST['post_username']); - $display_name = stripslashes($_POST['display_name']); + $post_username = $_POST['post_username']; + $display_name = $_POST['display_name']; $password = $_POST['password']; $confirm_password = $_POST['confirm_password']; $email_addy = $_POST['email_addy']; + $user_barcode = value_or_null($_POST['barcode']);// UNIQUE constraint so no empty strings $office_name = $_POST['office_name']; @$group_name = $_POST['group_name']; $admin_perms = $_POST['admin_perms']; $reports_perms = $_POST['reports_perms']; $time_admin_perms = $_POST['time_admin_perms']; $post_disabled = $_POST['disabled']; + $inout = $_POST['inout']; - $post_username = addslashes($post_username); - $display_name = addslashes($display_name); - - $query5 = "select empfullname from " . $db_prefix . "employees where empfullname = '" . $post_username . "' order by empfullname"; - $result5 = mysql_query($query5); - - while ($row = mysql_fetch_array($result5)) { - $tmp_username = "" . $row['empfullname'] . ""; - } - mysql_free_result($result5); - - $post_username = stripslashes($post_username); - $display_name = stripslashes($display_name); + $tmp_username = tc_select_value("empfullname", "employees", "empfullname = ? ORDER by empfullname", $post_username); $string = strstr($post_username, "\""); $string2 = strstr($display_name, "\""); @@ -160,11 +156,6 @@ (($reports_perms != '1') && (!empty($reports_perms))) || (($time_admin_perms != '1') && (!empty($time_admin_perms))) || (($post_disabled != '1') && (!empty($post_disabled))) || (!empty($string)) || (!empty($string2)) ) { - - if (@tmp_username == $post_username) { - $tmp_username = stripslashes($tmp_username); - } - echo "
\n"; echo " \n"; echo "
\n"; @@ -317,41 +308,21 @@ echo "
\n"; } - if (!empty($office_name)) { - $query = "select * from " . $db_prefix . "offices where officename = '" . $office_name . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { - $tmp_officename = "" . $row['officename'] . ""; - } - mysql_free_result($result); - if (!isset($tmp_officename)) { - echo "Office is not defined.\n"; - exit; - } + if (!empty($office_name) + and is_null(tc_select_value("officename", "offices", "officename = ?", $office_name)) + ) { + echo "Office is not defined.\n"; + exit; } - if (!empty($group_name)) { - $query = "select * from " . $db_prefix . "groups where groupname = '" . $group_name . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { - $tmp_groupname = "" . $row['groupname'] . ""; - } - mysql_free_result($result); - if (!isset($tmp_officename)) { - echo "Group is not defined.\n"; - exit; - } + if (!empty($group_name) + and is_null(tc_select_value("groupname", "groups", "groupname = ?", $group_name)) + ) { + echo "Group is not defined.\n"; + exit; } // end post validation // - - if (!empty($string)) { - $post_username = stripslashes($post_username); - } - if (!empty($string2)) { - $display_name = stripslashes($display_name); - } - $password = crypt($password, 'xy'); $confirm_password = crypt($confirm_password, 'xy'); @@ -369,13 +340,6 @@ style='color:red;font-family:Tahoma;font-size:11px;padding-left:20px;'>  *
Password:
Confirm Password:Email Address:  *
Barcode: +
Office:  Yes  No
Initial Punch: +
* required 
\n"; echo " \n"; @@ -438,16 +408,35 @@ exit; } - $post_username = addslashes($post_username); - $display_name = addslashes($display_name); - $password = crypt($password, 'xy'); $confirm_password = crypt($confirm_password, 'xy'); - $query3 = "insert into " . $db_prefix . "employees (empfullname, displayname, employee_passwd, email, groups, office, admin, reports, time_admin, disabled) - values ('" . $post_username . "', '" . $display_name . "', '" . $password . "', '" . $email_addy . "', '" . $group_name . "', '" . $office_name . "', '" . $admin_perms . "', - '" . $reports_perms . "', '" . $time_admin_perms . "', '" . $post_disabled . "')"; - $result3 = mysql_query($query3); + tc_insert_strings("employees", array( + 'empfullname' => $post_username, + 'displayname' => $display_name, + 'employee_passwd' => $password, + 'email' => $email_addy, + 'barcode' => $user_barcode, + 'groups' => $group_name, + 'office' => $office_name, + 'admin' => $admin_perms, + 'reports' => $reports_perms, + 'time_admin' => $time_admin_perms, + 'disabled' => $post_disabled + )); + + if (has_value($inout)) { + $inout = tc_select_value("punchitems", "punchlist", "punchitems = ?", $inout); + if (has_value($inout)) { + $tz_stamp = time(); + $clockin = array("fullname" => $post_username, "inout" => $inout, "timestamp" => $tz_stamp); + if (yes_no_bool($ip_logging)) { + $clockin["ipaddress"] = $connecting_ip; + } + tc_insert_strings("info", $clockin); + tc_update_strings("employees", array("tstamp" => $tz_stamp), "empfullname = ?", $post_username); + } + } echo "
\n"; echo " \n"; @@ -505,16 +494,15 @@ \n"; echo " \n"; - $query4 = "select empfullname, displayname, email, groups, office, admin, reports, time_admin, disabled from " . $db_prefix . "employees - where empfullname = '" . $post_username . "' - order by empfullname"; - $result4 = mysql_query($query4); - - while ($row = mysql_fetch_array($result4)) { - - $username = stripslashes("" . $row['empfullname'] . ""); - $displayname = stripslashes("" . $row['displayname'] . ""); + $result4 = tc_select( + "empfullname, displayname, email, barcode, groups, office, admin, reports, time_admin, disabled", + "employees", "empfullname = ? ORDER BY empfullname", $post_username + ); + while ($row = mysqli_fetch_array($result4)) { + $username = "" . $row['empfullname'] . ""; + $displayname = "" . $row['displayname'] . ""; $user_email = "" . $row['email'] . ""; + $user_barcode = "" . $row['barcode'] . ""; $office = "" . $row['office'] . ""; $groups = "" . $row['groups'] . ""; $admin = "" . $row['admin'] . ""; @@ -522,7 +510,7 @@ $time_admin = "" . $row['time_admin'] . ""; $disabled = "" . $row['disabled'] . ""; } - mysql_free_result($result4); + ((mysqli_free_result($result4) || (is_object($result4) && (get_class($result4) == "mysqli_result"))) ? true : false); echo " \n"; @@ -532,6 +520,8 @@ colspan=2 width=80% style='padding-left:20px;'>***hidden***\n"; echo " \n"; + echo " \n"; echo " \n"; echo " \n"; + echo " \n"; echo " \n"; echo "
Username:$username
Email Address:$user_email
Barcode:$user_barcode
Office:$office
Group:User Account Disabled?$disabled
Initial Punch:$inout
\n"; echo " \n"; diff --git a/admin/userdelete.php b/admin/userdelete.php index 487c12a..660e994 100644 --- a/admin/userdelete.php +++ b/admin/userdelete.php @@ -38,7 +38,7 @@ exit; } - $get_user = stripslashes($_GET['username']); + $get_user = $_GET['username']; @$get_office = $_GET['officename']; echo "
\n"; @@ -91,32 +91,26 @@ echo " \n"; echo " \n"; echo " \n"; + echo " \n"; echo " \n"; echo " \n"; echo " \n"; include '../footer.php'; exit; @@ -232,9 +226,10 @@ include 'header_post.php'; include 'topmain.php'; - $post_username = stripslashes($_POST['post_username']); - $display_name = stripslashes($_POST['display_name']); + $post_username = $_POST['post_username']; + $display_name = $_POST['display_name']; $email_addy = $_POST['email_addy']; + $user_barcode = value_or_null($_POST['barcode']);// UNIQUE constraint so no empty strings $office_name = $_POST['office_name']; @$get_office = $_POST['get_office']; @$group_name = $_POST['group_name']; @@ -254,22 +249,18 @@ if (isset($evil)) { $admin_perms = "1"; } - $post_username = addslashes($post_username); if (!empty($post_username)) { - $query = "select * from " . $db_prefix . "employees where empfullname = '" . $post_username . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { - $tmp_username = "" . $row['empfullname'] . ""; - } + $tmp_username = tc_select_value("empfullname", "employees", "empfullname = ?", $post_username); if (!isset($tmp_username)) { - echo "$tmp_username, $post_username. Something is fishy here.\n"; + echo htmlspecialchars("$tmp_username, $post_username. Something is fishy here.\n"); exit; } } + else { + $tmp_username = ""; + } - $post_username = stripslashes($post_username); - $tmp_post_username = stripslashes($post_username); $string = strstr($display_name, "\""); if ((!preg_match('/' . "^([[:alnum:]]| |-|'|,)+$" . '/i', $display_name)) || (empty($display_name)) || (empty($email_addy)) || (empty($office_name)) || (empty($group_name)) || (!preg_match('/' . "^([[:alnum:]]|_|\.|-)+@([[:alnum:]]|\.|-)+(\.)([a-z]{2,4})$" . '/i', $email_addy)) || (($admin_perms != '1') && (!empty($admin_perms))) || @@ -286,12 +277,12 @@ echo " \n"; echo " \n"; +   Edit User\n"; echo " +   Change Password\n"; echo " \n"; +   Delete User\n"; echo " \n"; echo "
\n"; - $get_user = addslashes($get_user); + $result = tc_select("*", "employees", "empfullname = ? ORDER BY empfullname", $get_user); - $row_count = 0; + while ($row = mysqli_fetch_array($result)) { - $query = "select * from " . $db_prefix . "employees where empfullname = '" . $get_user . "' order by empfullname"; - $result = mysql_query($query); - - while ($row = mysql_fetch_array($result)) { - - $username = stripslashes("" . $row['empfullname'] . ""); - $displayname = stripslashes("" . $row['displayname'] . ""); + $username = "" . $row['empfullname'] . ""; + $displayname = "" . $row['displayname'] . ""; $user_email = "" . $row['email'] . ""; + $user_barcode = "" . $row['barcode'] . ""; $office = "" . $row['office'] . ""; $groups = "" . $row['groups'] . ""; $admin = "" . $row['admin'] . ""; $reports = "" . $row['reports'] . ""; $time_admin = "" . $row['time_admin'] . ""; } - mysql_free_result($result); - $get_user = stripslashes($get_user); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); // make sure you cannot delete the last admin user in the system!! // if (!empty($admin)) { - $admin_count = mysql_query("select empfullname from " . $db_prefix . "employees where admin = '1'"); - @$admin_count_rows = mysql_num_rows($admin_count); + @$admin_count_rows = mysqli_num_rows(tc_select("empfullname", "employees", "admin = '1'")); if (@$admin_count_rows == "1") { $evil = "1"; } @@ -143,6 +137,8 @@ width=80% style='padding-left:20px;'>$displayname
Email Address:$user_email
Barcode:$user_barcode
Office:$office
Group:\n"; echo "
\n"; diff --git a/admin/useredit.php b/admin/useredit.php index 95c817f..060f308 100644 --- a/admin/useredit.php +++ b/admin/useredit.php @@ -43,10 +43,6 @@ $get_user = $_GET['username']; @$get_office = $_GET['officename']; - if (get_magic_quotes_gpc()) { - $get_user = stripslashes($get_user); - } - echo "\n"; echo " \n"; echo " \n"; echo " \n"; + echo " \n"; echo " \n"; echo " \n"; echo "
\n"; @@ -97,21 +93,17 @@ echo "
\n"; - $get_user = addslashes($get_user); - $row_count = 0; + $result = tc_select("*", "employees", "empfullname = ?", $get_user); - $query = "select * from " . $db_prefix . "employees where empfullname = '" . $get_user . "' order by empfullname"; - $result = mysql_query($query); - - while ($row = mysql_fetch_array($result)) { - + while ($row = mysqli_fetch_array($result)) { $row_count++; $row_color = ($row_count % 2) ? $color2 : $color1; - $username = stripslashes("" . $row['empfullname'] . ""); - $displayname = stripslashes("" . $row['displayname'] . ""); + $username = "" . $row['empfullname'] . ""; + $displayname = "" . $row['displayname'] . ""; $user_email = "" . $row['email'] . ""; + $user_barcode = "" . $row['barcode'] . ""; $groups_tmp = "" . $row['groups'] . ""; $office = "" . $row['office'] . ""; $admin = "" . $row['admin'] . ""; @@ -119,13 +111,12 @@ $time_admin = "" . $row['time_admin'] . ""; $disabled = "" . $row['disabled'] . ""; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); // make sure you cannot edit the admin perms for the last admin user in the system!! // if (!empty($admin)) { - $admin_count = mysql_query("select empfullname from " . $db_prefix . "employees where admin = '1'"); - @$admin_count_rows = mysql_num_rows($admin_count); + @$admin_count_rows = mysqli_num_rows(tc_select("empfullname", "employees", "admin = '1'")); if (@$admin_count_rows == "1") { $evil = "1"; } @@ -154,6 +145,9 @@ echo "
Email Address:  *
Barcode: +
Office:
 
User Summary   User Summary
Edit User -   Edit User
Change Password -   Change Password
Delete User -   Delete User
Create New User   Create New User
User Search   @@ -399,38 +390,22 @@ echo "
\n"; } - if (!empty($office_name)) { - $query = "select * from " . $db_prefix . "offices where officename = '" . $office_name . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { - $tmp_officename = "" . $row['officename'] . ""; - } - mysql_free_result($result); - if (!isset($tmp_officename)) { - echo "Office is not defined.\n"; - exit; - } + if (!empty($office_name) + and is_null(tc_select_value("officename", "offices", "officename = ?", $office_name)) + ) { + echo "Office is not defined.\n"; + exit; } - if (!empty($group_name)) { - $query = "select * from " . $db_prefix . "groups where groupname = '" . $group_name . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { - $tmp_groupname = "" . $row['groupname'] . ""; - } - mysql_free_result($result); - if (!isset($tmp_officename)) { - echo "Group is not defined.\n"; - exit; - } + if (!empty($group_name) + and is_null(tc_select_value("groupname", "groups", "groupname = ?", $group_name)) + ) { + echo "Group is not defined.\n"; + exit; } // end post validation // - if (!empty($string)) { - $display_name = stripslashes($display_name); - } - echo "
\n"; echo "
\n"; echo " \n"; @@ -439,14 +414,17 @@ echo " \n"; echo " \n"; echo " \n"; + colspan=2 width=80% style='padding-left:20px;'>$tmp_username\n"; echo " \n"; echo " \n"; + echo " \n"; echo " \n"; echo " \n"; echo "
Username:$tmp_post_username
Display Name:  *
Email Address:  *
Barcode: +
Office:
 
\n"; echo " \n"; @@ -529,12 +506,12 @@ echo " \n"; echo " \n"; +   Edit User\n"; echo " +   Change Password\n"; echo " \n"; +   Delete User\n"; echo " \n"; echo " \n"; echo " \n"; - $query4 = "select empfullname, displayname, email, groups, office, admin, reports, time_admin, disabled from " . $db_prefix . "employees - where empfullname = '" . $post_username . "' - order by empfullname"; - $result4 = mysql_query($query4); - - while ($row = mysql_fetch_array($result4)) { - - $username = stripslashes("" . $row['empfullname'] . ""); - $displayname = stripslashes("" . $row['displayname'] . ""); + $result4 = tc_select( + "empfullname, displayname, email, barcode, groups, office, admin, reports, time_admin, disabled", + "employees", + "empfullname = ? ORDER BY empfullname", + $post_username + ); + while ($row = mysqli_fetch_array($result4)) { + $username = "" . $row['empfullname'] . ""; + $displayname = "" . $row['displayname'] . ""; $user_email = "" . $row['email'] . ""; + $user_barcode = "" . $row['barcode'] . ""; $office = "" . $row['office'] . ""; $groups = "" . $row['groups'] . ""; $admin = "" . $row['admin'] . ""; @@ -600,7 +578,7 @@ $time_admin = "" . $row['time_admin'] . ""; $disabled = "" . $row['disabled'] . ""; } - mysql_free_result($result4); + ((mysqli_free_result($result4) || (is_object($result4) && (get_class($result4) == "mysqli_result"))) ? true : false); echo " \n"; @@ -608,6 +586,8 @@ colspan=2 width=80% style='padding-left:20px;'>$displayname\n"; echo " \n"; + echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "
User Summary   User Summary
Edit User -   Edit User
Change Password -   Change Password
Delete User -   Delete User
Create New User   Create New User
User Search   @@ -583,16 +560,17 @@ echo "
Username:$username
Email Address:$user_email
Barcode:$user_barcode
Office:$office
Group:User Account Disabled?$disabled
\n"; diff --git a/admin/usersearch.php b/admin/usersearch.php index bf8c30e..a63ce7f 100644 --- a/admin/usersearch.php +++ b/admin/usersearch.php @@ -79,19 +79,16 @@ echo " \n"; echo " Username:\n"; + size='25' maxlength='50' name='post_username'>\n"; echo " Display Name:\n"; + size='25' maxlength='50' name='display_name'>\n"; echo " Email Address:\n"; + size='25' maxlength='75' name='email_addy'>\n"; + echo " Barcode:\n"; echo " Office: \n"; + name='post_username' value='$post_username'>\n"; echo " Display Name:\n"; + name='display_name' value='$display_name'>\n"; echo " Email Address:\n"; + name='email_addy' value='$email_addy'>\n"; + echo " Barcode:\n"; echo " Office: + name='email_addy' value=\"$email_addy\"> + + + \n"; + echo " + + Barcode: + \n"; diff --git a/config.inc.php b/config.inc.php index bd0d2a1..a3e080e 100644 --- a/config.inc.php +++ b/config.inc.php @@ -19,7 +19,7 @@ $db_hostname = "localhost"; $db_username = "timeclock"; -$db_password = "P4ssw0rd1!"; +$db_password = "clocktime"; $db_name = "timeclock"; @@ -87,6 +87,24 @@ $use_reports_password = "no"; +/* Choose whether to allow barcode clock-in/out. Options are "yes" or "no". + If "yes" is chosen, the barcode entry will be visible and focused by + default on the main timeclock screen. Scanning the employee barcode will + immediately change their status. +*/ + +$barcode_clockin = "yes"; + + +/* Choose whether to allow selecting employee name from dropdown to + clock-in/out. Options are "yes" or "no". If "yes" is chosen, the a + dropdown (and password entry if enabled) will be displayed on the + timeclock screen and employees will be able to change their status. +*/ + +$manual_clockin = "yes"; + + /* Enable the option to log the ip addresses of the connecting computers when users punch-in/out, or when a time is manually added, edited, or deleted. Default is "yes". */ @@ -141,6 +159,17 @@ /* Choose the way times are displayed. Default is "g:i a". + g 12-hour format of an hour without leading zeros 1 through 12 + G 24-hour format of an hour without leading zeros 0 through 23 + h 12-hour format of an hour with leading zeros 01 through 12 + H 24-hour format of an hour with leading zeros 00 through 23 + + i Minutes with leading zeros + + a Lowercase Ante meridiem and Post meridiem am or pm + A Uppercase Ante meridiem and Post meridiem + + Possibilities for this variable are: $timefmt --> 1) G:i @@ -190,9 +219,7 @@ /* A logo or graphic, this is displayed in the top left of each page. - Set it to "none" to ignore this option. - This can either be a relative path (from the root directory) or URL. -*/ + Set it to "none" to ignore this option. */ $logo = "images/logos/phptimeclock.png"; @@ -317,19 +344,12 @@ /* To display the punch-in/out times in the timezone of the web server, leave this option set - to "yes". If using PHP 5.1+ then leave this as-is, to change the time zone please use - date.timezone in your php.ini. Leaving date.timezone unset may cause PHP to choose the - wrong timezone (see below). Setting this option to "yes" will display the punch-in/out - times according to the timezone through date("Z"). The default setting is "no". */ + to "yes". Setting this option to "no" AND setting the above $use_client_tz option to "no", + will display the punch-in/out times in GMT. Default is "yes". */ $use_server_tz = "no"; -/* If you are using PHP 5.1+ and do not have access to chance your php.ini config file then - uncomment the following line and change it to the correct time zone. */ -//date_default_timezone_set("America/St_Johns"); - - /* --- WEATHER INFO --- */ @@ -338,7 +358,46 @@ $display_weather = "yes"; +/* Display weather in US or metric measurements. Options are "f" or "c". Default is "c" */ + +$weather_units = "c"; + +/* set this list to your local weather station location + the entry format (all fields are required) is + + 'Metar(ICAO) | Name of station | dist-mi | dist-km | direction |' + + Note that the trailing | is required. + You may have two in the array, which will show weather conditions + for two different stations, in which case you enter + array('a|b|c|d|e|','F|G|H|I|J|') + You can find a list of valid ICAO codes at: + https://pilotweb.nas.faa.gov/qryhtml/icao/ */ + +$WxList = array(); +$WxList = array('KTOP|Topeka, Kansas|4|7|NE|'); + +/* NOTE: this *MUST* be set correctly to + translate UTC times to your LOCAL time for the weather displays. + The list of valid timezone names can be found at + + http://us.php.net/manual/en/timezones.php + + pick the one that is closest to your location + + $WxTimeZone = 'America/Los_Angeles'; + or + $WxTimeZone = 'Europe/Brussels'; + + */ + +$WxTimeZone = 'America/Chicago'; + +/* ************************************************************************* + the next two config values are depricated, don't bother to update them. + ************************************************************************* */ + /* ICAO (International Civil Aviation Organization) for your local airport. This is the unique four letter international ID for the airport. METAR reports are created at roughly 4500 airports from around the world, so you probably live near one of them. @@ -348,26 +407,20 @@ $display_weather is set to "no", this option is ignored. If $display_weather is set to "yes", you MUST provide an ICAO here. */ -$metar = "CYYT"; - +$metar = "KTOP"; /* This is the city and country (or can be city and state) of the airport for the ICAO used above. The max length for this field is 100 characters. If $display_weather is set to "no", this option is ignored. */ -$city = "St. Johns, NL, Canada"; - - -/* Display weather in US or metric measurements. Options are "f" or "c". Default is "c" */ - -$weather_units = "c"; +$city = "Topeka, KS"; /* --- APP NAME, VERSION NUMBER, ETC. --- */ $app_name = "PHP Timeclock"; -$app_version = "1.04"; +$app_version = "2.0.0"; /* Sets the title in the header. This is what the page will be named by default when you make a "favorite" or "bookmark" in your browser. Change as you see fit. */ @@ -377,5 +430,6 @@ /* --- DO NOT CHANGE ANYTHING BELOW THIS LINE!!! --- */ + $dbversion = "1.4"; -?> +?> \ No newline at end of file diff --git a/create_tables.sql b/create_tables.sql deleted file mode 100644 index 073cf37..0000000 --- a/create_tables.sql +++ /dev/null @@ -1,150 +0,0 @@ -# if you would like to utilize a table prefix when creating these tables, be sure to reflect that in config.inc.php so the program -# will be aware of it. this option is $db_prefix. if you are unaware of what is meant by utilizing a 'table prefix', then please disregard. - -# -# Table structure for table `audit` -# - -CREATE TABLE audit ( - modified_by_ip VARCHAR(39) NOT NULL DEFAULT '', - modified_by_user VARCHAR(50) NOT NULL DEFAULT '', - modified_when BIGINT(14) NOT NULL, - modified_from BIGINT(14) NOT NULL, - modified_to BIGINT(14) NOT NULL, - modified_why VARCHAR(250) NOT NULL DEFAULT '', - user_modified VARCHAR(50) NOT NULL DEFAULT '', - PRIMARY KEY (modified_when), - UNIQUE KEY modified_when (modified_when) -) - ENGINE =MyISAM; - -# -------------------------------------------------------- - -# -# Table structure for table `dbversion` -# - -CREATE TABLE dbversion ( - dbversion DECIMAL(5, 1) NOT NULL DEFAULT '0.0', - PRIMARY KEY (dbversion) -) - ENGINE =MyISAM; - -# -# Dumping data for table `dbversion` -# - -INSERT INTO dbversion VALUES ('1.4'); - -# -------------------------------------------------------- - -# -# Table structure for table `employees` -# - -CREATE TABLE employees ( - empfullname VARCHAR(50) NOT NULL DEFAULT '', - tstamp BIGINT(14) DEFAULT NULL, - employee_passwd VARCHAR(25) NOT NULL DEFAULT '', - displayname VARCHAR(50) NOT NULL DEFAULT '', - email VARCHAR(75) NOT NULL DEFAULT '', - groups VARCHAR(50) NOT NULL DEFAULT '', - office VARCHAR(50) NOT NULL DEFAULT '', - admin TINYINT(1) NOT NULL DEFAULT '0', - reports TINYINT(1) NOT NULL DEFAULT '0', - time_admin TINYINT(1) NOT NULL DEFAULT '0', - disabled TINYINT(1) NOT NULL DEFAULT '0', - PRIMARY KEY (empfullname) -) - ENGINE =MyISAM; - -# -# Dumping data for table `employees` -# - -INSERT INTO employees VALUES ('admin', NULL, 'xy.RY2HT1QTc2', 'administrator', '', '', '', 1, 1, 1, ''); - -# -------------------------------------------------------- - -# -# Table structure for table `groups` -# - -CREATE TABLE groups ( - groupname VARCHAR(50) NOT NULL DEFAULT '', - groupid INT(10) NOT NULL AUTO_INCREMENT, - officeid INT(10) NOT NULL DEFAULT '0', - PRIMARY KEY (groupid) -) - ENGINE =MyISAM; - -# -------------------------------------------------------- - -# -# Table structure for table `info` -# - -CREATE TABLE info ( - fullname VARCHAR(50) NOT NULL DEFAULT '', - `inout` VARCHAR(50) NOT NULL DEFAULT '', - timestamp BIGINT(14) DEFAULT NULL, - notes VARCHAR(250) DEFAULT NULL, - ipaddress VARCHAR(39) NOT NULL DEFAULT '', - KEY fullname (fullname) -) - ENGINE =MyISAM; - -# -------------------------------------------------------- - -# -# Table structure for table `metars` -# - -CREATE TABLE metars ( - metar VARCHAR(255) NOT NULL DEFAULT '', - timestamp TIMESTAMP NOT NULL, - station VARCHAR(4) NOT NULL DEFAULT '', - PRIMARY KEY (station), - UNIQUE KEY station (station) -) - ENGINE =MyISAM; - -# -------------------------------------------------------- - -# -# Table structure for table `offices` -# - -CREATE TABLE offices ( - officename VARCHAR(50) NOT NULL DEFAULT '', - officeid INT(10) NOT NULL AUTO_INCREMENT, - PRIMARY KEY (officeid) -) - ENGINE =MyISAM; - -# -------------------------------------------------------- - -# -# Table structure for table `punchlist` -# - -CREATE TABLE punchlist ( - punchitems VARCHAR(50) NOT NULL DEFAULT '', - color VARCHAR(7) NOT NULL DEFAULT '', - in_or_out TINYINT(1) DEFAULT NULL, - PRIMARY KEY (punchitems) -) - ENGINE =MyISAM; - -# -# Dumping data for table `punchlist` -# - -INSERT INTO punchlist VALUES ('in', '#009900', 1); -INSERT INTO punchlist VALUES ('out', '#FF0000', 0); -INSERT INTO punchlist VALUES ('break', '#FF9900', 0); -INSERT INTO punchlist VALUES ('lunch', '#0000FF', 0); - -# -------------------------------------------------------- - - diff --git a/display.php b/display.php index d33b8a4..c0ca298 100644 --- a/display.php +++ b/display.php @@ -3,7 +3,7 @@ $row_count = 0; $page_count = 0; -while ($row = mysql_fetch_array($result)) { +while ($row = mysqli_fetch_array($result)) { $display_stamp = "" . $row["timestamp"] . ""; $time = date($timefmt, $display_stamp); @@ -130,5 +130,5 @@ echo " \n"; } -mysql_free_result($result); +((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); ?> diff --git a/docs/CHANGELOG b/docs/CHANGELOG index e743288..5c846b4 100644 --- a/docs/CHANGELOG +++ b/docs/CHANGELOG @@ -1,10 +1,13 @@ -PHP Timeclock -Version 1.04 -http://sourceforge.net/projects/timeclock +PHP Timeclock Changelog Copyright (C) 2006 Ken Papizan -PHP Timeclock Changelog +PHP Timeclock 2.0.0 released 2017-03-09 + + * Barcode punch in/out + + + 1.04 11/15/07 ----------------------- diff --git a/docs/CREDITS b/docs/CREDITS index ecbcce0..bb7c687 100644 --- a/docs/CREDITS +++ b/docs/CREDITS @@ -1,6 +1,4 @@ PHP Timeclock -Version 1.04 -http://sourceforge.net/projects/timeclock Copyright (C) 2006 Ken Papizan diff --git a/docs/INSTALL b/docs/INSTALL index acae3f2..8bebf55 100644 --- a/docs/INSTALL +++ b/docs/INSTALL @@ -1,6 +1,4 @@ PHP Timeclock -Version 1.04 -http://sourceforge.net/projects/timeclock Copyright (C) 2006 Ken Papizan @@ -12,67 +10,66 @@ REQUIREMENTS: --- Javascript enabled web browser -TESTED: +TESTED CONFIGURATIONS: ---- PHP 4.34, 5.1.2 with mysql support ---- MySQL 3.23.49, 4.0.17, 5.0.18 ---- Apache 1.3.22, 1.3.29, 2.2.0 ---- Firefox 1.0 - 1.5.0.4, Firefox 1.0 Preview Release, IE 6.0 SP1, IE 6.0 SP2 for XP, IE 7.0 beta 2 - -Any version of mysql or webserver software that supports php, whether it's an earlier -version than what's tested or later, will probably work fine. Any web browser that supports -css2 should work fine (IE5+, Mozilla 1.0+, Firefox). - -*********************************************************************************************** -Beginning with version 0.9.4, an option has been provided to display punch-in/out times -according to the timezone of the connecting client system. The client must enable cookies and -javascript in their web browser in order to take advantage of this option. -*********************************************************************************************** +Debian 8.0 (Jessie): PHP 5.6.30, MariaDB 10.0, Apache 2.4.10 + packages: apache2 libapache2-mod-php5 php5-mysqlnd + A Dockerfile is available at: https://github.com/duelafn/dockerfiles/tree/master/timecard INSTALLATION: New Install ----------- ---- Unpack the distribution into your webserver's document root directory. +--- Unpack the distribution into your webserver's document root directory. --- Create a database named "timeclock" or whatever you wish to name it. --- Create a mysql user named "timeclock" (or whatever you wish to name it) with a password. - Give this user at least SELECT, UPDATE, INSERT, DELETE, ALTER, and CREATE privileges to ONLY + Give this user at least SELECT, UPDATE, INSERT, DELETE, ALTER, and CREATE privileges to ONLY this database. --- Import the tables using the create_tables.sql script included in this distribution. --- Edit config.inc.php. --- Open index.php with your web browser. ---- Click on the Administration link on the right side of the page. Input "admin" (without the quotes) - for the username and "admin" (without the quotes) for the password. Please change the password +--- Click on the Administration link on the right side of the page. Input "admin" (without the quotes) + for the username and "admin" (without the quotes) for the password. Please change the password for this admin user after the initial setup of PHP Timeclock is complete. ---- Create at least one office by clicking on the Create Office link on the left side of the page. +--- Create at least one office by clicking on the Create Office link on the left side of the page. You MUST create an office to achieve the desired results. Create more offices if needed. ---- Create at least one group by clicking on the Create Group link on the left side of the page. +--- Create at least one group by clicking on the Create Group link on the left side of the page. You MUST create a group to achieve the desired results. Create more groups if needed. --- Add your users by clicking on the Create New Users link, and assign them to the office(s) and - group(s) you created above. Give Sys Admin level access for users who will administrate - PHP Timeclock. Give Time Admin level access for users who will need to edit users' time, but - who will not need Sys Admin level access. If you require the reports to be secured so only - certain users can run them, then give these users reports level access. - - *** Admin level access and reports level access are completely separate from each other. Just - *** because a user has admin level access does not give that user reports level access. You must - *** specifically give them reports level access when you are creating or editing the users, - *** if you choose to secure these reports for these users. To make PHP Timeclock lock down the + group(s) you created above. Give Sys Admin level access for users who will administrate + PHP Timeclock. Give Time Admin level access for users who will need to edit users' time, but + who will not need Sys Admin level access. If you require the reports to be secured so only + certain users can run them, then give these users reports level access. + + *** Admin level access and reports level access are completely separate from each other. Just + *** because a user has admin level access does not give that user reports level access. You must + *** specifically give them reports level access when you are creating or editing the users, + *** if you choose to secure these reports for these users. To make PHP Timeclock lock down the *** reports to only these users, set the use_reports_password setting in config.inc.php to "yes". +Upgrading from 1.04 +------------------- +--- Backup and move your current installation. +--- Unpack the distribution into your webserver's document root directory. +--- Edit config.inc.php or simply replace the new config.inc.php with your previous config.inc.php. +--- Either login to PHP Timeclock and run the Upgrade Database script within the Admin section, or + upgrade the database by running the upgrade scripts in the "sql" directory, one at a time, until + your database is upgraded to the latest version. + + Upgrading from 1.02 or 1.03 --------------------------- --- Backup and move your current installation. ---- Unpack the distribution into your webserver's document root directory. +--- Unpack the distribution into your webserver's document root directory. --- Edit config.inc.php or simply replace the new config.inc.php with your previous config.inc.php. Upgrading from 1.01 or 1.0 -------------------------- --- Backup and move your current installation. ---- Unpack the distribution into your webserver's document root directory. +--- Unpack the distribution into your webserver's document root directory. --- Edit config.inc.php. --- Either login to PHP Timeclock and run the Upgrade Database script within the Admin section, or upgrade the database by running the queries that are contained in the alter_tables.sql script. @@ -81,44 +78,42 @@ Upgrading from 1.01 or 1.0 Upgrading from 0.9.4 or 0.9.4-1 ------------------------------- --- Backup and move your current installation. ---- Unpack the distribution into your webserver's document root directory. ---- Upgrade the database by running the queries that are contained in the +--- Unpack the distribution into your webserver's document root directory. +--- Upgrade the database by running the queries that are contained in the alter_tables.sql script included in this distribution against the PHP Timeclock - database. The Upgrade Database link in the Administration section of PHP Timeclock will - not work for this particular upgrade since the admin user needs to be added to the database - initially. Meaning, you cannot even get to the Upgrade Database page until the admin user + database. The Upgrade Database link in the Administration section of PHP Timeclock will + not work for this particular upgrade since the admin user needs to be added to the database + initially. Meaning, you cannot even get to the Upgrade Database page until the admin user is added to the database. --- Edit config.inc.php. --- Open index.php with your web browser. ---- Click on the Administration link on the right side of the page. Input "admin" (without the quotes) - for the username and "admin" (without the quotes) for the password. Please change the password +--- Click on the Administration link on the right side of the page. Input "admin" (without the quotes) + for the username and "admin" (without the quotes) for the password. Please change the password for this admin user after the initial setup of PHP Timeclock is complete. ---- Create at least one office by clicking on the Create Office link on the left side of the page. +--- Create at least one office by clicking on the Create Office link on the left side of the page. You MUST create an office to achieve the desired results. Create more offices if needed. ---- Create at least one group by clicking on the Create Group link on the left side of the page. +--- Create at least one group by clicking on the Create Group link on the left side of the page. You MUST create a group to achieve the desired results. Create more groups if needed. ---- Edit your users by clicking on the User Summary link, then click on their username, and then - assign them to the office(s) and group(s) you created above. Give Sys Admin level access for - users who will administrate PHP Timeclock. Give Time Admin level access for users who will +--- Edit your users by clicking on the User Summary link, then click on their username, and then + assign them to the office(s) and group(s) you created above. Give Sys Admin level access for + users who will administrate PHP Timeclock. Give Time Admin level access for users who will need to edit users' time, but who will not need Sys Admin level access. If you require the reports to be secured so only certain users can run them, then give these users reports - level access. + level access. - *** Admin level access and reports level access are completely separate from each other. Just - *** because a user has admin level access does not give that user reports level access. You must - *** specifically give them reports level access when you are creating or editing the users, - *** if you choose to secure these reports for these users. To make PHP Timeclock lock down the + *** Admin level access and reports level access are completely separate from each other. Just + *** because a user has admin level access does not give that user reports level access. You must + *** specifically give them reports level access when you are creating or editing the users, + *** if you choose to secure these reports for these users. To make PHP Timeclock lock down the *** reports to only these users, set the use_reports_password setting in config.inc.php to "yes". -Upgrading from releases prior to 0.9.4 +Upgrading from releases prior to 0.9.4 -------------------------------------- --- The best way to upgrade from versions prior to 0.9.4 is to download version 0.9.4 and upgrade to that version first. Then follow the upgrade instructions included - in that version of the distribution. + in that version of the distribution. The reason for doing it this way is that the timestamps are stored differently for versions - 0.9.4 and higher than in previous versions. Upgrading to 0.9.4 first will preserve the + 0.9.4 and higher than in previous versions. Upgrading to 0.9.4 first will preserve the punch-in/out history for each user. - - diff --git a/docs/README b/docs/README index a6ecfc3..27e49a6 100644 --- a/docs/README +++ b/docs/README @@ -1,6 +1,4 @@ PHP Timeclock -Version 1.04 -http://sourceforge.net/projects/timeclock Copyright (C) 2006 Ken Papizan diff --git a/docs/TODO b/docs/TODO index f4f8dd7..93e39f8 100644 --- a/docs/TODO +++ b/docs/TODO @@ -1,6 +1,4 @@ PHP Timeclock -Version 1.04 -http://sourceforge.net/projects/timeclock Copyright (C) 2006 Ken Papizan diff --git a/footer.php b/footer.php index fb5289c..e861c72 100644 --- a/footer.php +++ b/footer.php @@ -2,17 +2,13 @@ // display 'Powered by' info in bottom right of each page // -echo " Powered by Apache ± MySql - ±"; +echo " "; -if ($email == "none") { - echo " PHP"; -} else { - echo " PHP • $email"; +if ($email != "none") { + echo "$email • "; } -echo " • $app_name $app_version\n"; +echo "$app_name $app_version\n"; echo " \n"; echo " \n"; echo " \n"; diff --git a/functions.php b/functions.php index 781ff04..46c99c7 100644 --- a/functions.php +++ b/functions.php @@ -1,5 +1,157 @@ $value) { + $refs[$key] = &$params[$key]; + } + array_unshift($refs, $types); + return call_user_func_array(array($stmt, 'bind_param'), @$refs); +} + +function tc_execute($query, $params = array(), $types = null) { + if (!($stmt = $GLOBALS["___mysqli_ston"]->prepare($query))) { + error_log("Failed to prepare $query: " . mysqli_error($GLOBALS["___mysqli_ston"])); + return false; + } + _tc_bind_param($stmt, $params, $types); + if (!$stmt->execute()) { + error_log("Failed to execute: " . $stmt->error); + return false; + } + return $stmt->close(); +} + +function tc_query($query, $params = array(), $types = null) { + if (!($stmt = $GLOBALS["___mysqli_ston"]->prepare($query))) { + error_log("Failed to prepare $query: " . mysqli_error($GLOBALS["___mysqli_ston"])); + return false; + } + _tc_bind_param($stmt, $params, $types); + if (!$stmt->execute()) { + error_log("Failed to execute: " . $stmt->error); + return false; + } + return $stmt->get_result(); +} + +function tc_select($what, $from, $where = '1=1', $params = array(), $types = null) { + global $db_prefix; + return tc_query("SELECT $what FROM ${db_prefix}$from WHERE $where", $params, $types); +} + +function tc_select_value($what, $from, $where = '1=1', $params = array(), $types = null) { + global $db_prefix; + $result = tc_query("SELECT $what FROM ${db_prefix}$from WHERE $where", $params, $types); + $value = null; + while ($row = mysqli_fetch_array($result)) { + $value = $row[0]; + } + return $value; +} + +function tc_delete($from, $where, $params = array(), $types = null) { + global $db_prefix; + return tc_query("DELETE FROM ${db_prefix}$from WHERE $where", $params, $types); +} + +function tc_insert_strings($db, $keyvals) { + global $db_prefix; + $keys = ''; + $places = ''; + $types = ''; + $values = array(); + foreach ($keyvals as $key => $value) { + if (!empty($keys)) { + $keys .= ","; + $places .= ","; + } + $keys .= "`$key`"; + $places .= "?"; + $types .= "s"; + $values[] = "$value"; + } + tc_execute("INSERT INTO ${db_prefix}$db ($keys) VALUES ($places)", $values, $types); + return mysqli_insert_id($GLOBALS["___mysqli_ston"]); +} + +function tc_update_strings($db, $keyvals, $where = '1=1', $bind = array(), $types = null) { + global $db_prefix; + $places = ''; + $set_types = ''; + $values = array(); + foreach ($keyvals as $key => $value) { + if (!empty($places)) { + $places .= ","; + } + $places .= "`$key` = ?"; + $set_types .= "s"; + $values[] = "$value"; + } + if (!is_array($bind)) { + $bind = array($bind); + } + if (!is_null($types)) { + $types = $set_types . $types; + } + tc_execute("UPDATE ${db_prefix}$db SET $places WHERE $where", array_merge($values, $bind), $types); +} + +function btag($tag, $attr = array()) { + $begin = array(htmlentities($tag)); + foreach ($attr as $key => $value) { + $begin[] = htmlentities($key) . "=\"" . htmlentities($value) . "\""; + } + return "<" . implode(" ", $begin) . ">"; +} + +function tag($tag, $content = "", $attr = array()) { + return btag($tag, $attr) . htmlentities($content) . ""; +} + +function html_options($result, $selected='') { + $rv = array(); + while ($row = mysqli_fetch_array($result)) { + $value = htmlentities($row[0]); + $display = htmlentities(is_null(@$row[1]) ? $row[0] : $row[1]); + $sel = ($row[0] == $selected) ? " selected" : ""; + $rv[] = "\n"; + } + return implode("", $rv); +} + +function yes_no_bool($val, $default=false) { + if (strtolower(@$val) == 'yes') { + return true; + } + if (strtolower(@$val) == 'no') { + return false; + } + return $default; +} + +function value_or_null($val) { + return ((strlen(trim(@$val)) == 0) ? null : $val); +} + +function has_value($val) { + return (strlen(trim(@$val)) != 0); +} + function secsToHours($secs, $round_time) { /* The logic for this function was written by Adam Woodbeck, who initially wrote it to round to the @@ -84,9 +236,9 @@ function secsToHours($secs, $round_time) { function disabled_acct($get_user) { $query = "select empfullname, disabled from employees where empfullname = '" . addslashes($get_user) . "'"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { if ("" . $row["disabled"] . "" == 1) { echo "\n"; diff --git a/get-metar-conditions-inc.php b/get-metar-conditions-inc.php new file mode 100644 index 0000000..3c71766 --- /dev/null +++ b/get-metar-conditions-inc.php @@ -0,0 +1,1317 @@ + Mostly Cloudy + [1] => 2 + [2] => day_partly_cloudy.gif + [3] => Cloudy +) + +KCDR='2011/01/23 00:01 KCDR 230001Z AUTO 02018KT 1/4SM -SN FZFG BKN007 OVC012 M06/M07 A2986 RMK AO2 PRESRR P0000' +Array +( + [0] => Light Snow, Freezing Fog, Overcast + [1] => 16 + [2] => night_snow.gif + [3] => Snow +) + +WIOO='2011/01/22 23:30 WIOO 222330Z 00000KT 3000 FU FEW011CB BKN008 25/25 Q1011 TEMPO AT0000 5000 -RA' +Array +( + [0] => Smoke, Mostly Cloudy + [1] => 7 + [2] => haze.gif + [3] => Haze +) + + +Author: Ken True - webmaster@saratoga-weather.org (with a lot of code borrowed from my own works and others :) +Referemce: METAR Coding http://www.ofcm.gov/fmh-1/pdf/L-CH12.pdf from Federal Meteorological Handbook No. 1 (FCM-H1-2005) +Also see: http://en.wikipedia.org/wiki/METAR for more descriptions. +Note: Runway conditions are not decoded by this function. + +Version 1.00 - 21-Jan-2011 - initial release +Version 1.01 - 24-Mar-2011 - added optional return of large-icon .jpg image name for condition and $metar array. +Version 1.02 - 10-Aug-2011 - fixes for function name collisions with *-mesomap.php programs +Version 1.03 - 01-Oct-2011 - added support for alternative animated icon set from http://www.meteotreviglio.com/ +Version 1.04 - 09-Oct-2011 - fixed issue with 'RA' (rain) condition non-detection +Version 1.05 - 17-Nov-2011 - added $metarGMT optional return and UOM specs +Version 1.06 - 19-Nov-2011 - fixed formatting for Wind Chill +Version 1.07 - 19-Nov-2011 - fixed runway decode for European METARs +Version 1.08 - 22-Nov-2011 - fixed Notice: type errata +Version 1.09 - 23-Nov-2011 - fix for metar reports with >1 runway reports or limited visibility reports +Version 1.10 - 24-Nov-2011 - fix for CAVOK with km/miles selection based on wind units +Version 1.11 - 29-Nov-2011 - added cloud-details return for wxmetar.php page +Version 1.12 - 04-May-2012 - added fix for variable wind decode like VRB02G03KT +Version 1.13 - 31-Aug-2012 - added fixes for incomplete visibility and multiple conditions decode +Version 1.14 - 23-May-2016 - chg source to tgftp.nws.noaa.gov/data from weather.noaa.gov/pub/data (deprecated site) + +*/ +global $Debug, $GMCVersion; + +$GMCVersion = 'get-metar-conditions-inc.php - Version 1.14 - 23-May-2016'; + +if (isset($_REQUEST['sce']) && ( strtolower($_REQUEST['sce']) == 'view' or + strtolower($_REQUEST['sce']) == 'show') ) { + //--self downloader -- + $filenameReal = __FILE__; + $download_size = filesize($filenameReal); + header('Pragma: public'); + header('Cache-Control: private'); + header('Cache-Control: no-cache, must-revalidate'); + header("Content-type: text/plain"); + header("Accept-Ranges: bytes"); + header("Content-Length: $download_size"); + header('Connection: close'); + + readfile($filenameReal); + exit; +} +// local settings +$cacheFileDir = './'; // default cache file directory + +global $cacheFileDir; +//------------ override from Settings.php -------------------- +global $SITE; +if(isset($SITE['cacheFileDir'])) {$cacheFileDir = $SITE['cacheFileDir']; } +//------------ end override from Settings.php ---------------- +# ------------------------------------------------------------------------------ +# main function mtr_conditions +#------------------------------------------------------------------------------- + +function mtr_conditions ($icao,$curtime='',$sunrise='',$sunset='',$useJpgIcon=false,$UOM='°F,mph,inHg,in') { + global $lang, $Debug, $mtrInfo, $metarPtr, $group, $GMCVersion; + global $Icons, $IconsLarge, $IconsText, $cacheFileDir; + $metarCacheName = $cacheFileDir."metarcache-$icao.txt"; + $metarRefetchSeconds = 600; // fetch every 10 minutes + list($uomTemp,$uomWind,$uomBaro,$uomRain) = explode(',',$UOM.',,,,'); + global $UOMS; + $UOMS = array( + 'TEMP' => "$uomTemp", + 'WIND' => "$uomWind", + 'BARO' => "$uomBaro", + 'RAIN' => "$uomRain" + ); + + if(isset($_REQUEST['cache']) and strtolower($_REQUEST['cache']) == 'refresh') { + $metarRefetchSeconds = 0; + } + if(isset($_REQUEST['cache']) and strtolower($_REQUEST['cache']) == 'norefresh') { + $metarRefetchSeconds = 9999999; + } + + $mtrInfo = array(); + $Debug .= "\n"; +// $Debug .= "\n"; + if(isset($icao) and strlen($icao) == 4) { + + $Debug .= "\n"; + $host = 'tgftp.nws.noaa.gov'; + $path = '/data/observations/metar/stations/'; + $metarURL = 'http://' . $host . $path . $icao . '.TXT'; + + $html = ''; + $raw = ''; +// get the metar data from the cache or from the URL if the cache is 'stale' + if (file_exists($metarCacheName) and filemtime($metarCacheName) + $metarRefetchSeconds > time()) { + $WhereLoaded = "from cache $metarCacheName"; + $html = implode('', file($metarCacheName)); + } else { + $WhereLoaded = "from URL $metarURL"; + $rawhtml = mtr_fetchUrlWithoutHanging($metarURL); + $i = strpos($rawhtml,"\r\n\r\n"); + $headers = substr($rawhtml,0,$i-1); + $content = substr($rawhtml,$i+2); + $RC = ''; + if (preg_match("|^HTTP\/\S+ (.*)\r\n|",$rawhtml,$matches)) { + $RC = trim($matches[1]); + } + if(!preg_match('|200 |',$RC)) { + $t = array("unable to load $icao data RC=$RC",5,'day_partly_cloudy.gif',"unable to load $icao data RC=$RC",array(),$metarGMT); + $Debug .= "\n"; + return $t; + } + if(preg_match('|Content-Encoding: gzip|Ui',$headers)) { + $Debug .= "\n"; + // $Debug .= "\n"; + $err = 'None'; + $html = trim(mtr_gzdecode($content,$err)); + $Debug .= "\n"; + if($err <> 'None') { + $Debug .= "\n"; + } + } else { + $html = $content; + } + $fp = fopen($metarCacheName, "w"); + if($fp) { + $write = fputs($fp, $html); + fclose($fp); + } else { + $Debug .= "\n"; + } + } // end of get the METAR from cache or URL + $raw_metar = preg_replace("/[\n\r ]+/", ' ', trim(implode(' ', (array)$html))); + $Debug .= "\n"; + $Debug .= "\n"; + $metar = trim($raw_metar); + $metarDate = preg_replace('|/|','-',substr($metar,0,16)) . ':00 GMT'; + $metarGMT = strtotime($metarDate); + $age = abs(time() - $metarGMT); // age in seconds + $Debug .= "\n"; + + mtr_load_iconDefs(); // initialize ICON defs to use and lookup arrays + +/* + Metar formatter expects + CYXU='2010/11/30 23:00 CYXU 302300Z 15013G18KT 5SM -RA BR OVC005 11/10 A2969 RMK SF8 SLP059' +*/ + +// Clean up the metar.. some are not properly formatted, human made, most likely + $unprocMetar = $metar; + $metar = preg_replace('|[\r\n]+|is','',$metar); // remove internal newlines + $metar = preg_replace('|/////KT|is','VRB00KT',$metar); // replace bogus wind report + $metar = preg_replace('|@|is','',$metar); // remove strange @ in metar + $metar = preg_replace('|///|is',' ',$metar); // remove strange standalone slashes + $metar = preg_replace('| /|is',' ',$metar); // remove strange standalone slashes + $metar = preg_replace('| / |is',' ',$metar); // remove strange standalone slashes + $metar = preg_replace('| \s+|is',' ',$metar); // remove multiple spaces + $metar = preg_replace('| COR |i',' ',$metar); // remove COR (correction) from raw metar + $metar = preg_replace('|(\d{5}) KT|i','${1}KT',$metar); // fix any space in wind value + $metar = preg_replace('| 999 |',' 9999 ',$metar); // fix malformed unlimited visibility + $metar = preg_replace('| LRA |',' -RA ',$metar); // fix malformed light rain + $metar = preg_replace('| HRA |',' +RA ',$metar); // fix malformed light rain + // $metar = preg_replace('| (\d)SM|i',' 0${1}SM',$metar); // fix malformed visibility to two digits + // $metar = preg_replace('| (\d+) (\d+)/(\d+)SM |i',' $1_$2/${3}SM ',$metar); // fix NOAA visibility + + mtr_process($metar,$icao); // actually parse the metar for conditions.. results in $mtrInfo array + + // assemble the conditions string: + // use conditions first + // use sky (clouds) second + // + $mtrInfo['RAW-METAR'] = $unprocMetar; + $Sky = isset($mtrInfo['CLOUDS'])?trim($mtrInfo['CLOUDS']):''; + $Weather = isset($mtrInfo['CONDITIONS'])?trim($mtrInfo['CONDITIONS']):''; + + $Conds = $Weather; // Choose any conditions report first + + if($Sky <> '' and $Conds <> '') {$Conds .= ", $Sky"; } // append a clouds descriptor if available + if($Conds == '' and $Sky <> '') {$Conds = $Sky; } // no weathercond .. use sky only + + $iconnumber = mtr_get_iconnumber('',$Conds,$sunrise,$sunset); + if(!$useJpgIcon) { + $useicon = $Icons[$iconnumber]; + } else { + $useicon = $IconsLarge[$iconnumber]; + } + $icondescr = $IconsText[$iconnumber]; + + $t = array($Conds,$iconnumber,$useicon,$icondescr,$mtrInfo,$metarGMT); + } else { + $t = array("$icao not loaded",5,'day_partly_cloudy.gif',"unable to load data RC=$RC",array(),$metarGMT); + } // end of ICAO processing + + $Debug .= "\n"; + return $t; +} +// ------------------------------------------------------------ + +// get contents from one URL and return as string + function mtr_fetchUrlWithoutHanging($url,$useFopen=false) { +// thanks to Tom at Carterlake.org for this script fragment + global $Debug, $needCookie,$timeStamp,$TOTALtime; + $overall_start = time(); + if (! $useFopen) { + // Set maximum number of seconds (can have floating-point) to wait for feed before displaying page without feed + $numberOfSeconds=5; + + // Suppress error reporting so Web site visitors are unaware if the feed fails + error_reporting(0); + + // Extract resource path and domain from URL ready for fsockopen + $FullUrl = $url; + $urlParts = parse_url($url); + + $domain = $urlParts['host']; + if(isset($urlParts['port'])) { + $port = $urlParts['port']; + } else { + $port = 80; + } + $resourcePath = $urlParts['path']; + $resourcePath = preg_replace('|nocache|','?'.$timeStamp,$resourcePath); + if(isset($urlParts['query'])) {$resourcePath .= "?" . $urlParts['query']; } + if(isset($urlParts['fragment'])) {$resourcePath .= "#" . $urlParts['fragment']; } + $T_start = mtr_microtime_float(); + $hostIP = gethostbyname($domain); + $T_dns = mtr_microtime_float(); + $ms_dns = sprintf("%01.3f",round($T_dns - $T_start,3)); + + $Debug .= "\n"; +// print "GET $resourcePath HTTP/1.1 \n Host: $domain Port: $port IP=$hostIP\n"; + + // Establish a connection + $socketConnection = fsockopen($hostIP, $port, $errno, $errstr, $numberOfSeconds); + $T_connect = mtr_microtime_float(); + $T_puts = 0; + $T_gets = 0; + $T_close = 0; + + if (!$socketConnection) + { + // You may wish to remove the following debugging line on a live Web site + $Debug .= "\n"; +// print "Network error: $errstr ($errno)\n"; + } // end if + else { + $xml = ''; + $getString = "GET $resourcePath HTTP/1.1\r\nHost: $domain\r\nConnection: Close\r\n"; + if (isset($needCookie[$domain])) { + $getString .= $needCookie[$domain] . "\r\n"; + $Debug .= "\n"; + } + $getString .= "User-agent: Mesomap Loader\r\nAccept: text/plain,text/html\r\nAccept-Encoding: gzip;q=0,compress;q=0\r\n"; + $getString .= "\r\n"; +// print "Sending:\n$getString\n\n"; + fputs($socketConnection, $getString); + $T_puts = mtr_microtime_float(); + + // Loop until end of file + $TGETstats = array(); + $TGETcount = 0; + while (!feof($socketConnection)) + { + $T_getstart = mtr_microtime_float(); + $xml .= fgets($socketConnection, 16384); + $T_getend = mtr_microtime_float(); + $TGETcount++; + $TGETstats[$TGETcount] = sprintf("%01.3f",round($T_getend - $T_getstart,3)); + } // end while + $T_gets = mtr_microtime_float(); + fclose ($socketConnection); + $T_close = mtr_microtime_float(); + } // end else + $ms_connect = sprintf("%01.3f",round($T_connect - $T_dns,3)); + + if($T_close > 0) { + $ms_puts = sprintf("%01.3f",round($T_puts - $T_connect,3)); + $ms_gets = sprintf("%01.3f",round($T_gets - $T_puts,3)); + $ms_close = sprintf("%01.3f",round($T_close - $T_gets,3)); + $ms_total = sprintf("%01.3f",round($T_close - $T_start,3)); + } else { + $ms_puts = 'n/a'; + $ms_gets = 'n/a'; + $ms_close = 'n/a'; + $ms_total = sprintf("%01.3f",round($T_connect - $T_start,3)); + } + + $Debug .= "\n"; +// print "HTTP stats: dns=$ms_dns conn=$ms_connect put=$ms_puts get($TGETcount blocks)=$ms_gets close=$ms_close total=$ms_total secs \n"; +// foreach ($TGETstats as $block => $mstimes) { +// print "HTTP Block $block took $mstimes\n"; +// } + $TOTALtime+= ($T_close - $T_start); + $overall_end = time(); + $overall_elapsed = $overall_end - $overall_start; + $Debug .= "\n"; +// print "fetch function elapsed= $overall_elapsed secs.\n"; + return($xml); + } else { +// print "\n"; + $T_start = mtr_microtime_float(); + + $xml = implode('',file($url)); + $T_close = mtr_microtime_float(); + $ms_total = sprintf("%01.3f",round($T_close - $T_start,3)); + $Debug .= "\n"; +// print " file() stats: total=$ms_total secs.\n"; + $TOTALtime+= ($T_close - $T_start); + $overall_end = time(); + $overall_elapsed = $overall_end - $overall_start; + $Debug .= "\n"; +// print "fetch function elapsed= $overall_elapsed secs.\n"; + return($xml); + } + + } // end mtr_fetchUrlWithoutHanging +// ------------------------------------------------------------------ + +function mtr_microtime_float() +{ + list($usec, $sec) = explode(" ", microtime()); + return ((float)$usec + (float)$sec); +} +// ------------------------------------------------------------------ +function mtr_gzdecode($rawdata,&$error='',&$filename='',$maxlength=null) +{ + //0d0a1f8b0800000000000003454d390ec3300cdbfb0aee45654a71e463ed5ef40bdd0214feff5adb49130814285122d502535082 + if(strcmp(substr($data,0,2),"\x0d\x0a")) { // got an extra \r\n in the data? + $data = substr($rawdata,2); + } else { + $data = $rawdata; + } + $len = strlen($data); + if ($len < 18 || strcmp(substr($data,0,2),"\x1f\x8b")) { + $error = "Not in GZIP format."; + return null; // Not GZIP format (See RFC 1952) + } + $method = ord(substr($data,2,1)); // Compression method + $flags = ord(substr($data,3,1)); // Flags + if ($flags & 31 != $flags) { + $error = "Reserved bits not allowed."; + return null; + } + // NOTE: $mtime may be negative (PHP integer limitations) + $mtime = unpack("V", substr($data,4,4)); + $mtime = $mtime[1]; + $xfl = substr($data,8,1); + $os = substr($data,8,1); + $headerlen = 10; + $extralen = 0; + $extra = ""; + if ($flags & 4) { + // 2-byte length prefixed EXTRA data in header + if ($len - $headerlen - 2 < 8) { + return false; // invalid + } + $extralen = unpack("v",substr($data,8,2)); + $extralen = $extralen[1]; + if ($len - $headerlen - 2 - $extralen < 8) { + return false; // invalid + } + $extra = substr($data,10,$extralen); + $headerlen += 2 + $extralen; + } + $filenamelen = 0; + $filename = ""; + if ($flags & 8) { + // C-style string + if ($len - $headerlen - 1 < 8) { + return false; // invalid + } + $filenamelen = strpos(substr($data,$headerlen),chr(0)); + if ($filenamelen === false || $len - $headerlen - $filenamelen - 1 < 8) { + return false; // invalid + } + $filename = substr($data,$headerlen,$filenamelen); + $headerlen += $filenamelen + 1; + } + $commentlen = 0; + $comment = ""; + if ($flags & 16) { + // C-style string COMMENT data in header + if ($len - $headerlen - 1 < 8) { + return false; // invalid + } + $commentlen = strpos(substr($data,$headerlen),chr(0)); + if ($commentlen === false || $len - $headerlen - $commentlen - 1 < 8) { + return false; // Invalid header format + } + $comment = substr($data,$headerlen,$commentlen); + $headerlen += $commentlen + 1; + } + $headercrc = ""; + if ($flags & 2) { + // 2-bytes (lowest order) of CRC32 on header present + if ($len - $headerlen - 2 < 8) { + return false; // invalid + } + $calccrc = crc32(substr($data,0,$headerlen)) & 0xffff; + $headercrc = unpack("v", substr($data,$headerlen,2)); + $headercrc = $headercrc[1]; + if ($headercrc != $calccrc) { + $error = "Header checksum failed."; + return false; // Bad header CRC + } + $headerlen += 2; + } + // GZIP FOOTER + $datacrc = unpack("V",substr($data,-8,4)); + $datacrc = sprintf('%u',$datacrc[1] & 0xFFFFFFFF); + $isize = unpack("V",substr($data,-4)); + $isize = $isize[1]; + // decompression: + $bodylen = $len-$headerlen-8; + if ($bodylen < 1) { + // IMPLEMENTATION BUG! + return null; + } + $body = substr($data,$headerlen,$bodylen); + $data = ""; + if ($bodylen > 0) { + switch ($method) { + case 8: + // Currently the only supported compression method: + $data = gzinflate($body,$maxlength); + break; + default: + $error = "Unknown compression method."; + return false; + } + } // zero-byte body content is allowed + // Verifiy CRC32 + $crc = sprintf("%u",crc32($data)); + $crcOK = $crc == $datacrc; + $lenOK = $isize == strlen($data); + if (!$lenOK || !$crcOK) { + $error = ( $lenOK ? '' : 'Length check FAILED. ') . ( $crcOK ? '' : 'Checksum FAILED.'); + return false; + } + return $data; +} +// ------------------------------------------------------------------ +function mtr_load_iconDefs () { + +global $Icons, $IconsLarge, $IconsText, $Conditions, $Debug; + + // CURRENT CONDITIONS ICONS FOR clientraw.txt + // create array for icons. There are 35 possible values in clientraw.txt + // It would be simpler to do this with array() but to make it easier to + // modify each element is defined individually. Each index [#] corresponds + // to the value provided in clientraw.txt + $Icons[0] = "day_clear.gif"; // image sunny.visible + $Icons[1] = "night_clear.gif"; // image clearnight.visible + $Icons[2] = "day_partly_cloudy.gif"; // image cloudy.visible + $Icons[3] = "day_partly_cloudy.gif"; // image cloudy2.visible + $Icons[4] = "night_partly_cloudy.gif"; // image night cloudy.visible + $Icons[5] = "day_clear.gif"; // image dry.visible + $Icons[6] = "fog.gif"; // image fog.visible + $Icons[7] = "haze-sm.gif"; // image haze.visible + $Icons[8] = "day_heavy_rain.gif"; // image heavyrain.visible + $Icons[9] = "day_mostly_sunny.gif"; // image mainlyfine.visible + $Icons[10] = "mist-sm.gif"; // image mist.visible + $Icons[11] = "fog.gif"; // image night fog.visible + $Icons[12] = "night_heavy_rain.gif"; // image night heavyrain.visible + $Icons[13] = "night_cloudy.gif"; // image night overcast.visible + $Icons[14] = "night_rain.gif"; // image night rain.visible + $Icons[15] = "night_light_rain.gif"; // image night showers.visible + $Icons[16] = "night_snow.gif"; // image night snow.visible + $Icons[17] = "night_tstorm.gif"; // image night thunder.visible + $Icons[18] = "day_cloudy.gif"; // image overcast.visible + $Icons[19] = "day_partly_cloudy.gif"; // image partlycloudy.visible + $Icons[20] = "day_rain.gif"; // image rain.visible + $Icons[21] = "day_rain.gif"; // image rain2.visible + $Icons[22] = "day_light_rain.gif"; // image showers2.visible + $Icons[23] = "sleet.gif"; // image sleet.visible + $Icons[24] = "sleet.gif"; // image sleetshowers.visible + $Icons[25] = "day_snow.gif"; // image snow.visible + $Icons[26] = "day_snow.gif"; // image snowmelt.visible + $Icons[27] = "day_snow.gif"; // image snowshowers2.visible + $Icons[28] = "day_clear.gif"; // image sunny.visible + $Icons[29] = "day_tstorm.gif"; // image thundershowers.visible + $Icons[30] = "day_tstorm.gif"; // image thundershowers2.visible + $Icons[31] = "day_tstorm.gif"; // image thunderstorms.visible + $Icons[32] = "tornado.gif"; // image tornado.visible + $Icons[33] = "windy-sm.gif"; // image windy.visible + $Icons[34] = "day_partly_cloudy.gif"; // stopped rainning + $Icons[35] = "windyrain-sm.gif"; // wind + rain + + $IconsText[0] = 'Sunny'; + $IconsText[1] = 'Clear'; + $IconsText[2] = 'Cloudy'; + $IconsText[3] = 'Cloudy2'; + $IconsText[4] = 'Partly Cloudy'; + $IconsText[5] = 'Dry'; + $IconsText[6] = 'Fog'; + $IconsText[7] = 'Haze'; + $IconsText[8] = 'Heavy Rain'; + $IconsText[9] = 'Mainly Fine'; + $IconsText[10] = 'Mist'; + $IconsText[11] = 'Fog'; + $IconsText[12] = 'Heavy Rain'; + $IconsText[13] = 'Overcast'; + $IconsText[14] = 'Rain'; + $IconsText[15] = 'Showers'; + $IconsText[16] = 'Snow'; + $IconsText[17] = 'Thunder'; + $IconsText[18] = 'Overcast'; + $IconsText[19] = 'Partly Cloudy'; + $IconsText[20] = 'Rain'; + $IconsText[21] = 'Rain2'; + $IconsText[22] = 'Showers2'; + $IconsText[23] = 'Sleet'; + $IconsText[24] = 'Sleet Showers'; + $IconsText[25] = 'Snow'; + $IconsText[26] = 'Snow Melt'; + $IconsText[27] = 'Snow Showers2'; + $IconsText[28] = 'Sunny'; + $IconsText[29] = 'Thunder Showers'; + $IconsText[30] = 'Thunder Showers2'; + $IconsText[31] = 'Thunder Storms'; + $IconsText[32] = 'Tornado'; + $IconsText[33] = 'Windy'; + $IconsText[34] = 'Stopped Raining'; + $IconsText[35] = 'Wind/Rain'; + + $IconsLarge = array( + "skc.jpg", // 0 imagesunny.visible + "nskc.jpg", // 1 imageclearnight.visible + "bkn.jpg", // 2 imagecloudy.visible + "sct.jpg", // 3 imagecloudy2.visible + "nbkn.jpg", // 4 imagecloudynight.visible + "sct.jpg", // 5 imagedry.visible + "fg.jpg", // 6 imagefog.visible + "hazy.jpg", // 7 imagehaze.visible + "ra.jpg", // 8 imageheavyrain.visible + "few.jpg", // 9 imagemainlyfine.visible + "mist.jpg", // 10 imagemist.visible + "nfg.jpg", // 11 imagenightfog.visible + "nra.jpg", // 12 imagenightheavyrain.visible + "novc.jpg", // 13 imagenightovercast.visible + "nra.jpg", // 14 imagenightrain.visible + "nshra.jpg", // 15 imagenightshowers.visible + "nsn.jpg", // 16 imagenightsnow.visible + "ntsra.jpg", // 17 imagenightthunder.visible + "ovc.jpg", // 18 imageovercast.visible + "sct.jpg", // 19 imagepartlycloudy.visible + "ra.jpg", // 20 imagerain.visible + "ra.jpg", // 21 imagerain2.visible + "shra.jpg", // 22 imageshowers2.visible + "ip.jpg", // 23 imagesleet.visible + "ip.jpg", // 24 imagesleetshowers.visible + "sn.jpg", // 25 imagesnow.visible + "sn.jpg", // 26 imagesnowmelt.visible + "sn.jpg", // 27 imagesnowshowers2.visible + "skc.jpg", // 28 imagesunny.visible + "scttsra.jpg", // 29 imagethundershowers.visible + "hi_tsra.jpg", // 30 imagethundershowers2.visible + "tsra.jpg", // 31 imagethunderstorms.visible + "nsvrtsra.jpg", // 32 imagetornado.visible + "wind.jpg", // 33 imagewindy.visible + "ra1.jpg", // 34 stopped rainning + "windyrain.jpg" // 35 windy/rain + ); + + + +/* the following is a lookup table for conditions text from the metar to return + the WD Icon number above. It is sorted such that the most severe conditions + are at the top of the list, with least severe at the bottom. This is done + so that significant weather icon will prevail when multiple conditions/sky cover + messages are emitted by the METAR station. + + tornado/waterspout + thunder (in any form) + Ice / Snow/ Freezing / Sleet + Rain + Fog + Haze/Smoke/Dust/Volcano + cloud cover + +*/ + +$Condstring = ' +# +cond|tornado|32|32|Severe storm| +cond|thunder|31|17|Thunder storm| +cond|ice|23|23|Sleet| +cond|snow|25|16|Snow| +cond|freezing rain|23|23|FrzgRn| +cond|freezing drizzle|23|23|FrzgRn| +cond|freezing fog|6|11|FrzgFog| +cond|hail|23|23|Hail| +cond|heavy rain|8|12|Rain| +cond|light rain|22|15|Rain| +cond|showers|22|15|Showers| +cond|rain|20|14|Rain| +cond|fog|6|11|Fog| +cond|drizzle|22|15|Drizzle| +cond|mist|10|10|Mist| +cond|haze|7|7|Haze| +cond|dust|7|7|Dust| +cond|smoke|7|7|Smoke| +cond|volcanic|7|7|Volcanic Ash| +cond|sand|7|7|Sand| +cond|overcast|18|18|Overcast| +cond|mostly cloudy|2|4|Mostly Cloudy| +cond|partly cloudy|19|4|Partly Cloudy| +cond|few clouds|9|4|Few Clouds| +cond|clear|0|1|Clear| +cond|cloud|19|4|Variable Clouds| +# +'; + +$config = explode("\n",$Condstring); +foreach ($config as $key => $rec) { // load the parser condition strings + $recin = trim($rec); + if ($recin and substr($recin,0,1) <> '#') { // got a non comment record + list($type,$keyword,$dayicon,$nighticon,$condition) = explode('|',$recin . '|||||'); + + if (isset($type) and strtolower($type) == 'cond' and isset($condition)) { + $Conditions["$keyword"] = "$dayicon\t$nighticon\t$condition"; +// $Debig .= "\n"; + } + } // end if not comment or blank +} // end loading of loop over config recs + + + +return; + +} +// ------------------------------------------------------------------ +function mtr_get_iconnumber ($time,$condString,$sunrise,$sunset) { + // Many thanks to Larry at Anole Computer for the basis of + // this routine. + // adapted by Ken True to be compatible with WD icon set + global $Icons, $IconsText, $Conditions, $Debug; + + $Debug .= "\n"; + if(!preg_match('/^\d{1,2}:\d{2}[:\d{2}]{0,1}\s*[am|pm]*$/i',$sunrise)) { $sunrise = ''; } + if(!preg_match('/^\d{1,2}:\d{2}[:\d{2}]{0,1}\s*[am|pm]*$/i',$sunset)) { $sunset = ''; } + + $sunrise2 = mtr_fixupTime(($sunrise<>'')?"$sunrise":"6:00a"); + $sunset2 = mtr_fixupTime(($sunset<>'')?"$sunset":"7:00p"); + $time2 = mtr_fixupTime(($time<>'')?"$time":date("H:i",time())); + if ($time2 >= $sunrise2 and $time2 <= $sunset2) { + $daynight = 'day'; + } // end if + else { + $daynight = 'night'; + } // end else + $Debug .= "\n"; + $condString = trim($condString); + reset($Conditions); // Do search in load order + + $iconnumb = 5; // default is a sunny icon + // scan over the conditions table and see if an icon fits the description in the table + foreach ($Conditions as $cond => $condrec) { // look for matching condition + + if(preg_match("!$cond!i",$condString,$mtemp)) { + list($dayicon,$nighticon,$condition) = explode("\t",$condrec); + if (preg_match('|night|i',$daynight)) { + $iconnumb = $nighticon; + } else { + $iconnumb = $dayicon; + } + break; + } + } // end of conditions search + + return $iconnumb; +} +// ------------------------------------------------------------------ +function mtr_fixupTime ($intime) { + global $Debug; + $tfixed = preg_replace('/\s+([AM|PM])/i',"$1",$intime); + $tfixed = preg_replace('/^(\S+)\s+(\S+)$/is',"$2",$tfixed); + $t = explode(':',$tfixed); + if (preg_match('/p/i',$tfixed)) { $t[0] = $t[0] + 12; } + if ($t[0] > 23) {$t[0] = 12; } + if (preg_match('/^12.*a/i',$tfixed)) { $t[0] = 0; } + if ($t[0] < '10') {$t[0] = sprintf("%02d",$t[0]); } // leading zero on hour. + $t2 = join(':',$t); // put time back to gether; + $t2 = preg_replace('/[^\d\:]/is','',$t2); // strip out the am/pm if any + $Debug .= "\n"; + return($t2); + +} + +// --------------------------------------------------------- + +function mtr_process($metar,$icao) { + global $lang,$Debug, $mtrInfo, $metarPtr, $group,$UOMS; + $Debug .= "\n"; + $Debug .= "\n"; + // This function directs the examination of each group of the METAR. The problem + // with a METAR is that not all the groups have to be there. Some groups could be + // missing. Fortunately, the groups must be in a specific order. (This function + // also assumes that a METAR is well-formed, that is, no typographical mistakes.) + // This function uses a function variable to organize the sequence in which to + // decode each group. Each function checks to see if it can decode the current + // METAR part. If not, then the group pointer is advanced for the next function + // to try. If yes, the function decodes that part of the METAR and advances the + // METAR pointer and group pointer. (If the function can be called again to + // decode similar information, then the group pointer does not get advanced.) + // This function was modified by Ken True - webmaster@saratoga-weather.org to + // work with the template sets. + $lang = 'en'; + foreach ($mtrInfo as $i => $value) { // clear out prior contents + unset($mtrInfo[$i]); +// $mtrInfo[$i] = ''; + } +// $Debug .= "\n"; + $mtrInfo['STATION'] = $icao; + $mtrInfo['METAR'] = $metar; + + if ($metar != '') { + $metarParts = explode(' ',$metar); + $groupName = array('mtr_get_station', + 'mtr_get_time', + 'mtr_get_station_type', + 'mtr_get_wind', + 'mtr_get_var_wind', + 'mtr_get_visibility', + 'mtr_get_runway', + 'mtr_get_conditions', + 'mtr_get_cloud_cover', + 'mtr_get_temperature', + 'mtr_get_altimeter'); + $metarPtr = 3; // mtr_get_station identity is ignored + $group = 1; // start with Time + + while ($group < count($groupName)) { + $part = $metarParts[$metarPtr]; + $Debug .= "\n"; + $groupName[$group]($part); // $groupName is a function variable + } + } else { + $mtrInfo['ERROR'] = 'Data not available'; + } + $Debug .= "\n"; +} + +//---------------------------------------------------------------- +// Ignore station code. Script assumes this matches requesting +// $station. This function is never called. It is here for +// completeness of documentation. +function mtr_get_station($part) +{ global $lang,$Debug, $mtrInfo, $metarPtr, $group; + if (strlen($part) == 4 and $group == 0) + { + $group++; + $metarPtr++; + } +} + +function mtr_get_time($part) +{ global $lang,$Debug, $mtrInfo, $metarPtr, $group; + // Ignore observation time. This information is found in the + // first line of the NWS file. + // Format is ddhhmmZ where dd = day, hh = hours, mm = minutes + // in UTC time. + if (substr($part,-1) == 'Z') { + $dd = substr($part,0,2); + $hh = substr($part,2,2); + $mm = substr($part,4,2); + + $metarPtr++; + } + $group++; +} + +function mtr_get_station_type($part) +{ global $lang,$Debug, $mtrInfo, $metarPtr, $group; + // Ignore station type if present. + if ($part == 'AUTO' || $part == 'COR') + $metarPtr++; + $group++; +} + + function mtr_speed($part, $unit) + { + global $lang,$Debug, $mtrInfo, $metarPtr, $group, $UOMS; + // Convert wind speed into miles per hour. + // Some other common conversion factors (to 6 significant digits): + // 1 mi/hr = 1.15080 knots = 0.621371 km/hr = 2.23694 m/s + // 1 ft/s = 1.68781 knots = 0.911344 km/hr = 3.28084 m/s + // 1 knot = 0.539957 km/hr = 1.94384 m/s + // 1 km/hr = 1.852 knots = 3.6 m/s + // 1 m/s = 0.514444 knots = 0.277778 km/s + if ($unit == 'KT') + $speed = 1.1508 * $part; // from knots + elseif ($unit == 'MPS') + $speed = 2.23694 * $part; // from meters per second + else + $speed = 0.621371 * $part; // from km per hour + $speedkph = $speed / 0.621371; + if (preg_match('|mph|i',$UOMS['WIND'])) + $speed ="" . round($speed) . " mph (". round($speedkph) . " km/h)"; + else + $speed = "" . round($speedkph) . " km/h"; + return $speed; + } + +//------------------------------------------------------------------------- +// Decodes wind direction and speed information. +// Format is dddssKT where ddd = degrees from North, ss = speed, +// KT for knots or dddssGggKT where G stands for gust and gg = gust +// speed. (ss or gg can be a 3-digit number.) +// KT can be replaced with MPH for meters per second or KMH for +//kilometers per hour. +function mtr_get_wind($part) +{ global $lang,$Debug, $mtrInfo, $metarPtr, $group; + + + if (preg_match('/^([0-9G]{5,10}|VRB[0-9G]{2,7})(KT|MPS|KMH)$/',$part,$pieces)) + { + $part = $pieces[1]; + $unit = $pieces[2]; + if ($part == '00000') + { + $mtrInfo['WIND'] = 'calm'; // no wind + } + else + { + preg_match('/([0-9]{3}|VRB)([0-9]{2,3})G?([0-9]{2,3})?/',$part,$pieces); + if ($pieces[1] == 'VRB') + $direction = 'varies'; + else + { + $angle = (integer) $pieces[1]; + $compass = array('N','NNE','NE','ENE','E','ESE','SE','SSE', + 'S','SSW','SW','WSW','W','WNW','NW','NNW'); + $direction = $compass[round($angle / 22.5) % 16]; + } + if (!isset($pieces[3]) or (isset($pieces[3]) and $pieces[3] == 0 ) ) { + $gust = ''; + } else { + $gust = ', gusting to ' . mtr_speed($pieces[3], $unit); + } + if ($unit == 'KT') { + $speed = 1.1508 * $pieces[2]; // from knots + } elseif ($unit == 'MPS') { + $speed = 2.23694 * $pieces[2]; // from meters per second + } else { + $speed = 0.621371 * $pieces[2]; // from km per hour + } + + $mtrInfo['WINDMPH'] = $direction . ' at ' . round($speed) . ' mph'; + $mtrInfo['WIND'] = $direction . ' at ' . mtr_speed($pieces[2], $unit) . $gust; + } + $metarPtr++; + } + $group++; +} + +function mtr_get_var_wind($part) +{ global $lang,$Debug, $mtrInfo, $metarPtr, $group; + // Ignore variable wind direction information if present. + // Format is fffVttt where V stands for varies from fff + // degrees to ttt degrees. + if (preg_match('/([0-9]{3})V([0-9]{3})/',$part,$pieces)) + $metarPtr++; + $group++; +} + + +//------------------------------------------------------------------ +// Decodes visibility information. This function will be called a +// second time if visibility is limited to an integer mile plus a +// fraction part. +// Format is mmSM for mm = statute miles, or m n/dSM for m = mile +// and n/d = fraction of a mile, or just a 4-digit number nnnn (with +// leading zeros) for nnnn = meters. + +function mtr_get_visibility($part) { + + global $lang,$Debug, $mtrInfo, $metarPtr, $group, $UOMS; + static $integerMile = ''; + if (strlen($part) == 1) + { + // visibility is limited to a whole mile plus a fraction part + $integerMile = $part . ' '; + $metarPtr++; + } + elseif (preg_match('|^\d{4}$|',$part)) { + // international code for meters of visibility + $kmVis = round($part/1000); + $miVis = round($part/1609); + if ($miVis > 1) {$unit = ' miles';} else {$unit = ' mile';} + if (preg_match('|mph|i',$UOMS['WIND'])) { + $mtrInfo['VISIBILITY'] = " $miVis $unit ($kmVis km)"; + } else { + $mtrInfo['VISIBILITY'] = "$kmVis km"; + } + $integerMile = ''; + $metarPtr++; + $group++; + } + elseif (substr($part,-2) == 'SM') + { + // visibility is in miles + $part = substr($part,0,strlen($part)-2); + if (substr($part,0,1) == 'M') + { + $prefix = 'less than '; + $part = substr($part, 1); + } + else + $prefix = ''; + + if (preg_match('|mph|i',$UOMS['WIND'])) + { + if (($integerMile == '' && preg_match('![/]!',$part,$pieces)) || $part == '1') + $unit = ' mile'; + else + $unit = ' miles'; + } + $kmVis = round( $part * 1.6 ); + if (preg_match('|mph|i',$UOMS['WIND'])) + $mtrInfo['VISIBILITY'] = $prefix . $integerMile . + " $part $unit ($kmVis km)"; + else + $mtrInfo['VISIBILITY'] = "$kmVis km"; + $integerMile = ''; + $metarPtr++; + $group++; + } + elseif (substr($part,-2) == 'KM') + { + // unknown (Reported by NFFN in Fiji) + $integerMile = ''; + $metarPtr++; + $group++; + } + elseif (preg_match('/^([0-9]{4})/',$part,$pieces)) + { + // visibility is in meters + $distance = round($part/ 621.4, 1); // convert to miles + if ($distance > 5) + $distance = round($distance); + if ($distance <= 1) + $unit = ' mile'; + else + $unit = ' miles'; + $mtrInfo['VISIBILITY'] = $distance . $unit; + $integerMile = ''; + $metarPtr++; + $group++; + } + elseif ($part == 'CAVOK') + { + // good weather + if (preg_match('|mph|i',$UOMS['WIND'])) { + $mtrInfo['VISIBILITY'] = 'greater than 7 miles (10 km)'; // or 10 km + } else { + $mtrInfo['VISIBILITY'] = 'greater than 10 km'; // or 10 km + } + $mtrInfo['CONDITIONS'] = 'Clear'; +// $mtrInfo['CLOUDS'] = 'clear skies'; + $metarPtr++; + $group += 4; // can skip the next 3 groups + } + else + { + $group++; + } +} + +function mtr_get_runway($part) +{ global $lang,$Debug, $mtrInfo, $metarPtr, $group; + // Ignore runway information if present. Maybe called a second time. + // Format is Rrrr/vvvvFT where rrr = runway number and + // vvvv = visibility in feet. +// if (substr($part,0,1) == 'R') + if(preg_match('|^\d{4}[NESW]+$|',$part)) { + // WMO formatted limited visibility + $metarPtr++; + return; + } + if(preg_match('|^R\d\d|',$part)) { + $metarPtr++; + } else { + $group++; + } +} + + + +function mtr_get_conditions($part) { +global $lang,$Debug, $mtrInfo, $metarPtr, $group; + // Decodes current weather conditions. This function maybe called several times + // to decode all conditions. To learn more about weather condition codes, visit section + // 12.6.8 - Present Weather Group of the Federal Meteorological Handbook No. 1 at + // www.nws.noaa.gov/oso/oso1/oso12/fmh1/fmh1ch12.htm + if(preg_match('|^R\d\d|',$part)) { // more than one runway conditions report? + $metarPtr++; + } + static $conditions = ''; + $Debug .= "\n"; + static $wxCode = array( + 'VC' => 'Nearby ', + 'MI' => 'Shallow ', + 'PR' => 'Partial ', + 'BC' => 'Patches of ', + 'DR' => 'Low Drifting ', + 'BL' => 'Blowing ', + 'SH' => 'Showers', + 'TS' => 'Thunderstorm', + 'FZ' => 'Freezing ', + 'DZ' => 'Drizzle', + 'RA' => 'Rain', + 'SN' => 'Snow', + 'SG' => 'Snow Grains', + 'IC' => 'Ice Crystals', + 'PE' => 'Ice Pellets', + 'GR' => 'Hail', + 'GS' => 'Small Hail', // and/or snow pellets + 'UP' => '', // leave 'Unknown' out of the conditions .. reads better :) + 'BR' => 'Mist', + 'FG' => 'Fog', + 'FU' => 'Smoke', + 'VA' => 'Volcanic Ash', + 'DU' => 'Widespread Dust', + 'SA' => 'Sand', + 'HZ' => 'Haze', + 'PY' => 'Spray', + 'PO' => 'Well-developed Dust/Sand Whirls', + 'SQ' => 'Squalls', + 'FC' => 'Funnel Cloud, Tornado, or Waterspout', + 'SS' => 'Sandstorm/Duststorm'); + if (preg_match('/^(-|\+|VC)?(TS|SH|FZ|BL|DR|MI|BC|PR|RA|DZ|SN|SG|GR|GS|PE|IC|UP|BR|FG|FU|VA|DU|SA|HZ|PY|PO|SQ|FC|SS|DS)+$/',$part,$pieces)) { + $Debug .= "\n"; + $join = (strlen($conditions) == 0)?'':', '; // append conditions with a ', ' between + if (substr($part,0,1) == '-') { + $prefix = 'Light '; + $part = substr($part,1); + } + elseif (substr($part,0,1) == '+') { + $prefix = 'Heavy '; + $part = substr($part,1); + } + elseif (substr($part,0,2) == 'VC') { + $prefix = 'Nearby '; + $part = substr($part,2); + } + else $prefix = ''; // moderate conditions have no descriptor + $conditions .= $join . $prefix; + // The 'showers' code 'SH' is moved behind the next 2-letter code to make the English translation read better. + if (substr($part,0,2) == 'SH') $part = substr($part,2,2) . substr($part,0,2). substr($part, 4); + while ($code = substr($part,0,2)) { + $join = (strlen($conditions) < 1)?' ':', '; + $conditions .= $wxCode[$code]. $join; + $part = substr($part,2); + } + $conditions = preg_replace('|, $|','',$conditions); // remove trailing comma if any + $conditions = preg_replace('| , |is',', ',$conditions); // replace space before comma + $conditions = preg_replace('|\s+|is',' ',$conditions); // remove multiple spaces + $mtrInfo['CONDITIONS'] = $conditions; +// $Debug .= "\n"; + $metarPtr++; + } + else { + $mtrInfo['CONDITIONS'] = $conditions; + $group++; +// $Debug .= "\n"; + $conditions = ''; +// $Debug .= "\n"; + } +} + +function mtr_get_cloud_cover($part) { +global $lang,$Debug, $mtrInfo, $metarPtr, $group, $UOMS; + // Decodes cloud cover information. This function maybe called several times + // to decode all cloud layer observations. Only the last layer is saved. + // Format is SKC or CLR for clear skies, or cccnnn where ccc = 3-letter code and + // nnn = altitude of cloud layer in hundreds of feet. 'VV' seems to be used for + // very low cloud layers. (Other conversion factor: 1 m = 3.28084 ft) + $doMetric = preg_match('|C|',$UOMS['TEMP']); + static $cloudCode = array( + 'SKC' => 'Clear', + 'CLR' => 'Clear', + 'FEW' => 'Few Clouds', + 'FW' => 'Few Clouds', + 'SCT' => 'Partly Cloudy', + 'BKN' => 'Mostly Cloudy', + 'BK' => 'Mostly Cloudy', + 'OVC' => 'Overcast', +// 'NSC' => 'No significant clouds', // official designation.. we map to Partly Cloudy + 'NSC' => 'Partly Cloudy', +// 'NCD' => 'No cloud detected', // official designation .. we map to Clear + 'NCD' => 'Clear', +// 'TCU' => 'Towering Cumulus', // official designation .. we map to Thunder Storm + 'TCU' => 'Thunderstorm', +// 'CB' => 'Cumulonimbus', // official designation .. we map to Thunder Storm + 'CB' => 'Thunderstorm', + 'VV' => 'Overcast'); + $Debug .= "\n"; + if ($part == 'VV') { + $metarPtr++; + } + + if ($part == 'SKC' || $part == 'CLR' || $part == 'NSC' || $part == 'NCD'|| $part == 'TCU'|| $part == 'CB') { + $mtrInfo['CLOUDS'] = $cloudCode[$part]; + $metarPtr++; + $group++; + } + else { + if (preg_match('/^([A-Z]{2,3})([0-9]{3})/',$part,$pieces)) { // codes for CB and TCU are ignored + $mtrInfo['CLOUDS'] = $cloudCode[$pieces[1]]; + $altitude = (integer) 100 * $pieces[2]; // units are feet + $altitudeM = round($altitude/3.28084); + if(!isset($mtrInfo['CLOUD-DETAILS'])) {$mtrInfo['CLOUD-DETAILS'] = '';} + if($doMetric) { + $mtrInfo['CLOUD-DETAILS'] .= $cloudCode[$pieces[1]]." ${altitudeM} m\t"; + } else { + $mtrInfo['CLOUD-DETAILS'] .= $cloudCode[$pieces[1]]." ${altitude} ft\t"; + } + if ($pieces[1] == 'VV') { + $mtrInfo['CLOUDS'] = "Overcast"; + } else { + + } + $metarPtr++; + } + else { + $group++; + } + } +} + + function mtr_get_heat_index($tempF, $rh) + { global $lang,$Debug, $mtrInfo, $metarPtr, $group, $UOMS; + // Calculate Heat Index based on temperature in F and relative + //humidity (65 = 65%) + if ($tempF > 79 && $rh > 39) + { + $hiF = -42.379 + 2.04901523 * $tempF + 10.14333127 * + $rh - 0.22475541 * $tempF * $rh; + $hiF += -0.00683783 * pow($tempF, 2) - 0.05481717 * pow($rh, 2); + $hiF += 0.00122874 * pow($tempF, 2) * $rh + 0.00085282 * $tempF + * pow($rh, 2); + $hiF += -0.00000199 * pow($tempF, 2) * pow($rh, 2); + $hiF = round($hiF); + $hiC = round(($hiF - 32) / 1.8); + if(preg_match('|C|',$UOMS['TEMP'])) { + $mtrInfo['HEAT INDEX'] = "$hiC°C"; + } else { + $mtrInfo['HEAT INDEX'] = "$hiF°F ($hiC°C)"; + } + } + } + + function mtr_get_wind_chill($tempF) + { + global $lang,$Debug, $mtrInfo, $metarPtr, $group,$UOMS; + + // Calculate Wind Chill Temperature based on temperature in F and + // wind speed in miles per hour + if (isset($mtrInfo['WINDMPH']) and $tempF < 51 && $mtrInfo['WINDMPH'] !== 'calm') + { + $pieces = explode(' ', $mtrInfo['WINDMPH']); + $windspeed = (integer) $pieces[2]; // wind speed must be in mph + if ($windspeed > 3) + { + $chillF = 35.74 + 0.6215 * $tempF - 35.75 * pow($windspeed, 0.16) + + 0.4275 * $tempF * pow($windspeed, 0.16); + $chillF = round($chillF); + $chillC = round(($chillF - 32) / 1.8); + if(preg_match('|C|',$UOMS['TEMP'])) { + $mtrInfo['WIND CHILL'] = "$chillC°C"; + } else { + $mtrInfo['WIND CHILL'] = "$chillF°F ($chillC°C)"; + } + } + } + } + +//------------------------------------------------------------------------- +// Decodes temperature and dew point information. Relative humidity is +// calculated. Also, depending on the temperature, Heat Index or Wind +// Chill Temperature is calculated. +// Format is tt/dd where tt = temperature and dd = dew point temperature. +// All units are in Celsius. A 'M' preceeding the tt or dd indicates a +// negative temperature. Some stations do not report dew point, so the +// format is tt/ or tt/XX. +function mtr_get_temperature($part) +{ + global $lang, $Debug, $mtrInfo, $metarPtr, $group, $UOMS; + + if (preg_match('/^(M?[0-9]{2})\/(M?[0-9]{2}|[X]{2})?$/',$part,$pieces)) + { + $doMetric = preg_match('|C|',$UOMS['TEMP']); + + $tempC = (integer) strtr($pieces[1], 'M', '-'); + $tempF = round(1.8 * $tempC + 32); + if (!$doMetric) { + $mtrInfo['TEMP'] = $tempF . "°F (" . $tempC . "°C)"; + } else { + $mtrInfo['TEMP'] = $tempC . "°C"; + } + mtr_get_wind_chill($tempF); + if (isset($pieces[2]) and strlen($pieces[2]) != 0 && $pieces[2] != 'XX') + { + $dewC = (integer) strtr($pieces[2], 'M', '-'); + $dewF = round(1.8 * $dewC + 32); + if (!$doMetric) { + $mtrInfo['DEWPT'] = $dewF . "°F (" . $dewC . "°C)"; + } else { + $mtrInfo['DEWPT'] = $dewC . "°C"; + } + $rh = round(100 * pow((112 - (0.1 * $tempC) + $dewC) / + (112 + (0.9 * $tempC)), 8)); + $mtrInfo['HUMIDITY'] = $rh . '%'; + mtr_get_heat_index($tempF, $rh); + } + $metarPtr++; + $group++; + } + else + { + $group++; + } +} + + +//----------------------------------------------------------------------- +// Decodes altimeter or barometer information. +// Format is Annnn where nnnn represents a real number as nn.nn in +// inches of Hg, +// or Qpppp where pppp = hectoPascals. +// Some other common conversion factors: +// 1 millibar = 1 hPa +// 1 in Hg = 0.02953 hPa +// 1 mm Hg = 25.4 in Hg = 0.750062 hPa +// 1 lb/sq in = 0.491154 in Hg = 0.014504 hPa +// 1 atm = 0.33421 in Hg = 0.0009869 hPa + +function mtr_get_altimeter($part) +{ global $Debug, $mtrInfo, $metarPtr, $group, $UOMS; + if (preg_match('/^(A|Q)([0-9]{4})/',$part,$pieces)) + { + if ($pieces[1] == 'A') + { + $pressureIN = substr($pieces[2],0,2) . '.' . substr($pieces[2],2); + // units are inches Hg, converts to hectoPascals + $pressureHPA = round($pressureIN / 0.02953,1); + } + else + { + $pressureHPA = (integer) $pieces[2]; // units are hectoPascals + $pressureIN = round(0.02953 * $pressureHPA,2); // convert to inches Hg + } + if(preg_match('|inhg|i',$UOMS['BARO'])) { + $mtrInfo['BAROMETER'] = "$pressureIN inHg ($pressureHPA hPa)"; + } else { + $mtrInfo['BAROMETER'] = "$pressureHPA hPa"; + } + $metarPtr++; + $group++; + } + else + { + $group++; + } +} + + +// end of the mtr_process function set +//---------------------------------------------- + +?> \ No newline at end of file diff --git a/header.php b/header.php index c3692aa..5aaffef 100644 --- a/header.php +++ b/header.php @@ -30,16 +30,16 @@ // connect to db anc check for correct db version // -@ $db = mysql_pconnect($db_hostname, $db_username, $db_password); +@ $db = ($GLOBALS["___mysqli_ston"] = mysqli_connect($db_hostname, $db_username, $db_password)); if (!$db) { echo "Error: Could not connect to the database. Please try again later."; exit; } -mysql_select_db($db_name); +mysqli_select_db($GLOBALS["___mysqli_ston"], $db_name); $table = "dbversion"; -$result = mysql_query("SHOW TABLES LIKE '" . $db_prefix . $table . "'"); -@$rows = mysql_num_rows($result); +$result = mysqli_query($GLOBALS["___mysqli_ston"], "SHOW TABLES LIKE '" . $db_prefix . $table . "'"); +@$rows = mysqli_num_rows($result); if ($rows == "1") { $dbexists = "1"; @@ -47,8 +47,8 @@ $dbexists = "0"; } -$db_version_result = mysql_query("select * from " . $db_prefix . "dbversion"); -while (@$row = mysql_fetch_array($db_version_result)) { +$db_version_result = mysqli_query($GLOBALS["___mysqli_ston"], "select * from " . $db_prefix . "dbversion"); +while (@$row = mysqli_fetch_array($db_version_result)) { @$my_dbversion = "" . $row["dbversion"] . ""; } diff --git a/include-metar-display.php b/include-metar-display.php new file mode 100644 index 0000000..14378c1 --- /dev/null +++ b/include-metar-display.php @@ -0,0 +1,354 @@ +
+\n"; + +if(file_exists("get-metar-conditions-inc.php")) { + include_once("get-metar-conditions-inc.php"); + print "\n"; +} else { + print "

Unable to find/load get-metar-conditions-inc.php.

\n"; + return; +} + + + +$UOM = "$uomTemp,$uomWind,$uomBaro,$uomRain"; +//$UOM = "°C,km/h,hPa,mm"; +// +$toDisplay = array( // keys in $mtr array to display (if they exist) and in this order +'TEMP' => 'Temperature', +'WIND CHILL' => 'Wind Chill', +'HEAT INDEX' => 'Heat Index', +'WIND' => 'Wind', +'DEWPT' => 'Dew Point', +'HUMIDITY' => 'Humidity', +'BAROMETER' => 'Barometer', +'CONDITIONS' => 'Summary', +'CLOUDS' => 'Clouds', +'VISIBILITY' => 'Visibility', +'CLOUD-DETAILS' => 'Cloud details', +); + +// Get translation values if available +foreach ($toDisplay as $key => $val) { + $toDisplay[$key] = langtransstr($val); +} + +if ($mtrLang <> 'en') { // try changing windrose graphics test for the Calm graphic + $tfile = preg_replace('|^'.$wrName.'|',$wrName.$mtrLang.'-',$wrCalm); + print "\n"; + if (file_exists($condIconDir.$tfile)) { + $wrCalm = $tfile; // change the PHP dashboard settings too + $wrName = $wrName . $mtrLang . '-'; + print "\n"; + } +} +$maxCols = 1; +if(isset($SITE['CSSscreen']) and preg_match('|wide|',$SITE['CSSscreen'])) { + $maxCols = 3; +} +$thisCol = 0; + +echo "
\n"; +echo "\n"; + +foreach ($MetarList as $idx => $Mrec) { + + list($mtrICAO,$mtrName,$mtrDistanceM,$mtrDistanceK,$direction) = explode('|',$Mrec.'|||||'); + if($mtrICAO == '') { continue;} + $Debug = ''; + list($condwords,$iconnum,$condicon,$condicondesc,$mtr,$metarGMT) = + mtr_conditions($mtrICAO, $time, $sunrise, $sunset, true,$UOM); + + $metarUpdated = date($SITE['timeFormat'],$metarGMT); + if(isset($_REQUEST['debug']) and strtolower($_REQUEST['debug']) == 'y') { + print $Debug; + print "\n"; + } + +// now $mtr array contains the decoded values +foreach ($toDisplay as $key => $legend) { + + if (!isset($mtr[$key]) or strlen($mtr[$key]) < 1) { continue; } + if($key == 'CONDITIONS' or $key == 'CLOUDS') { + $mtr[$key] = fixupCondition($mtr[$key]); // handle translations if needed + } + if($key == 'CLOUD-DETAILS') { + $cd = explode("\t",$mtr[$key]); + foreach ($cd as $k => $cdrec) { + if(preg_match('/^(.*) (\d+.*)$/',$cdrec,$matches)) { + + $cd[$k] = fixupCondition($matches[1]) . " ".$matches[2]; + print "\n"; + } + } + + $mtr[$key] = join("
\n",$cd); + } + if($key == 'WIND') { + $t = explode(" ",$mtr[$key]); + $dirlabel = $t[0]; + if(isset($t[0])) $t[0] = langtransstr($t[0]); // translate wind direction + if(isset($t[1])) $t[1] = ''; // remove 'at' + $mtr[$key] = join(' ',$t); + } +} +// time to format the output for display +if($thisCol >= $maxCols) { + print "\n"; + print "\n"; + print "\n"; + $thisCol = 0; +} + +?> + +
 
+ + + + + + + + + + + + $legend) { + + if (!isset($mtr[$key]) or strlen($mtr[$key]) < 1) { continue; } + if ($key == 'WIND') {continue;} + $t = $mtr[$key]; + if ($key == 'VISIBILITY') { + $t = preg_replace('|greater than|i',langtransstr('greater than'),$t); + } + $t = preg_replace('|\((.*)\)|U'," , $1",$t); // fix parenthesis issue in RTL language + print " \n"; + print " \n"; + print " \n"; + print " \n"; +} + + print " \n"; + print " \n"; + print " \n"; + if(isset($_REQUEST['debug']) and strtolower($_REQUEST['debug']) == 'y') { + print " \n"; + print " \n"; + print " \n"; + } +?> + +
+ '' and $mtrDistanceK <> '') { + echo "
".langtransstr('Distance from station').": "; + if($direction <> '') { + echo " ".langtransstr($direction). " "; + } + if(isset($SITE['uomDistance']) and preg_match('|mi|i',$SITE['uomDistance'])) { + echo "${mtrDistanceM}mi, "; + } + //echo "${mtrDistanceK}km"; + + } ?> +
+ + $maxAge) { + print "
".langtransstr('NOT Current')."\n"; + } + ?> +
+ <?php $t1 = fixupCondition($condwords); + echo $t1; ?>
+ + 		+ + + '') ) { // use calm instead + $wr = $condIconDir . $wrCalm; + } + $t = preg_match('|calm|i',$mtr['WIND'])?langtransstr('Calm'):$mtr['WIND']; + $t = preg_replace('|varies|i',langtransstr('varies'),$t); + $t = preg_replace('|gusting to|',langtransstr('Gust').":",$t); + $t = preg_replace('|\((.*)\)|U'," , $1",$t); + // fix parenthesis issue in RTL language + + ?> + <?php echo $wrtext; ?>
+ : + + +
${legend}:".$t."
".$mtr['RAW-METAR']."
".$mtr['METAR']."
+
+ + + + '.jpg') { + $tempicon = preg_replace('|\.jpg|',$condIconType,$tempicon); + } + return($tempicon); + } + +// Function to process %Currentsolarcondition% string and +// remove duplicate stuff, then fix capitalization, and translate from English if needed +// + function fixupCondition( $inCond ) { + global $DebugMode; + + $Cond = str_replace('_',' ',trim($inCond)); + $Cond = strtolower($Cond); + $dt = ''; + + $vals = array(); + if(strpos($Cond,'/') !==false) { + $dt .= "\n"; + $vals = explode("/",$Cond); + } + if(strpos($Cond,',') !==false) { + $dt .= "\n"; + $vals = explode(",",$Cond); + } + $ocnt = count($vals); + if($ocnt < 1) { return(langtransstr(trim($inCond))); } + foreach ($vals as $k => $v) { + if($DebugMode) { $dt .= "\n"; } + $v = ucfirst(strtolower(trim($v))); + $vals[$k] = langtransstr($v); + if($DebugMode) { $dt .= "\n"; } + } + + if($vals[0] == '') {$junk = array_shift($vals);} + if(isset($vals[2]) and $vals[0] == $vals[2]) {$junk = array_pop($vals);} + reset($vals); + $t = join(', ',$vals); + +// return($Cond . "' orig=$ocnt n=" . count($vals) ." t='$t'"); + if($DebugMode) { + $t = "" . $dt . $t; + } + return($t); + + } +?> \ No newline at end of file diff --git a/index.php b/index.php index add5457..ec6b9f0 100644 --- a/index.php +++ b/index.php @@ -1,3 +1,3 @@ - + diff --git a/leftmain.php b/leftmain.php index 5b6f994..727e253 100644 --- a/leftmain.php +++ b/leftmain.php @@ -7,11 +7,18 @@ // set cookie if 'Remember Me?' checkbox is checked, or reset cookie if 'Reset Cookie?' is checked // +if ($show_display_name == "yes") { + $emp_name_field = "displayname"; +} else { + $emp_name_field = "empfullname"; +} + if ($request == 'POST') { @$remember_me = $_POST['remember_me']; @$reset_cookie = $_POST['reset_cookie']; - @$fullname = stripslashes($_POST['left_fullname']); - @$displayname = stripslashes($_POST['left_displayname']); + @$fullname = $_POST['left_fullname']; + @$displayname = $_POST['left_displayname']; + @$barcode = (yes_no_bool($barcode_clockin) ? $_POST['left_barcode'] : ""); if ((isset($remember_me)) && ($remember_me != '1')) { echo "Something is fishy here.\n"; exit; @@ -22,206 +29,62 @@ } // begin post validation // - - if ($show_display_name == "yes") { - - if (isset($displayname)) { - $displayname = addslashes($displayname); - $query = "select displayname from " . $db_prefix . "employees where displayname = '" . $displayname . "'"; - $emp_name_result = mysql_query($query); - - while ($row = mysql_fetch_array($emp_name_result)) { - $tmp_displayname = "" . $row['displayname'] . ""; - } - if ((!isset($tmp_displayname)) && (!empty($displayname))) { - echo "Username is not in the database.\n"; - exit; - } - $displayname = stripslashes($displayname); + $errors = array(); + + if (has_value($barcode)) { + $tmp_name = tc_select_value($emp_name_field, "employees", "barcode = ?", $barcode); + if (!has_value($tmp_name)) { + $errors[] = "Invalid barcode '$barcode'"; + } elseif (isset($emp_name) and $emp_name != $tmp_name) { + $errors[] = "Username / Barcode mismatch"; + } else { + $emp_name = $tmp_name; } + } - } elseif ($show_display_name == "no") { - - if (isset($fullname)) { - $fullname = addslashes($fullname); - $query = "select empfullname from " . $db_prefix . "employees where empfullname = '" . $fullname . "'"; - $emp_name_result = mysql_query($query); - - while ($row = mysql_fetch_array($emp_name_result)) { - $tmp_empfullname = "" . $row['empfullname'] . ""; + $tmp_name = ''; + if (yes_no_bool($show_display_name)) { + if (has_value($displayname)) { + $tmp_name = tc_select_value($emp_name_field, "employees", "displayname = ?", $displayname); + if (!has_value($tmp_name)) { + $errors[] = "Invalid username '$displayname'"; } - if ((!isset($tmp_empfullname)) && (!empty($fullname))) { - echo "Username is not in the database.\n"; - exit; + } + } else { + if (has_value($fullname)) { + $tmp_name = tc_select_value($emp_name_field, "employees", "empfullname = ?", $fullname); + if (!has_value($tmp_name)) { + $errors[] = "Invalid username '$fullname'"; } - $fullname = stripslashes($fullname); } + } + if (has_value($tmp_name)) { + if (isset($emp_name) and $emp_name != $tmp_name) { + $errors[] = "Username / Barcode mismatch"; + } else { + $emp_name = $tmp_name; + } } // end post validation // - if (isset($remember_me)) { - - if ($show_display_name == "yes") { - setcookie("remember_me", stripslashes($displayname), time() + (60 * 60 * 24 * 365 * 2)); - } elseif ($show_display_name == "no") { - setcookie("remember_me", stripslashes($fullname), time() + (60 * 60 * 24 * 365 * 2)); + if (empty($errors)) { + if (isset($remember_me)) { + setcookie("remember_me", $emp_name, time() + (60 * 60 * 24 * 365 * 2)); + } elseif (isset($reset_cookie)) { + setcookie("remember_me", "", time() - 3600); } - - } elseif (isset($reset_cookie)) { - setcookie("remember_me", "", time() - 3600); } ob_end_flush(); } -if ($display_weather == 'yes') { - - include 'phpweather.php'; - $metar = get_metar($metar); - $data = process_metar($metar); - - if ($weather_units == "f") { - $mph = " mph"; - $miles = " miles"; - - // weather info // - - if (!isset($data['temp_f'])) { - $temp = ''; - } else { - $temp = $data['temp_f']; - } - if (!isset($data['windchill_f'])) { - $windchill = ''; - } else { - $windchill = $data['windchill_f']; - } - if (!isset($data['wind_dir_text_short'])) { - $wind_dir = ''; - } else { - $wind_dir = $data['wind_dir_text_short']; - } - if (!isset($data['wind_miles_per_hour'])) { - $wind = ''; - } else { - $wind = round($data['wind_miles_per_hour']); - } - if ($wind == 0) { - $wind_dir = 'None'; - $mph = ''; - $wind = ''; - } else { - $wind_dir = $wind_dir; - } - if (!isset($data['visibility_miles'])) { - $visibility = ''; - } else { - $visibility = $data['visibility_miles'] . $miles; - } - if (!isset($data['rel_humidity'])) { - $humidity = 'None'; - } else { - $humidity = round($data['rel_humidity'], 0); - } - if (!isset($data['time'])) { - $time = ''; - } else { - $time = date($timefmt, $data['time']); - } - if (!isset($data['cloud_layer1_condition'])) { - $cloud_cover = ''; - } else { - $cloud_cover = $data['cloud_layer1_condition']; - } - if (($temp <> '') && ($temp >= '70') && ($humidity <> '')) { - $heatindex = number_format(-42.379 + (2.04901523 * $temp) + (10.1433312 * $humidity) - (0.22475541 * $temp * $humidity) - - (0.00683783 * ($temp * $temp)) - (0.05481717 * ($humidity * $humidity)) - + (0.00122874 * ($temp * $temp) * $humidity) + (0.00085282 * $temp * ($humidity * $humidity)) - - (0.00000199 * ($temp * $temp) * ($humidity * $humidity))); - } - } else { - $mph = " kmh"; - $miles = " km"; - - // weather info // - if (!isset($data['temp_c'])) { - $temp = ''; - } else { - $temp = $data['temp_c']; - } - if (!isset($data['temp_f'])) { - $tempF = ''; - } else { - $tempF = $data['temp_f']; - } - if (!isset($data['windchill_c'])) { - $windchill = ''; - } else { - $windchill = $data['windchill_c']; - } - if (!isset($data['wind_dir_text_short'])) { - $wind_dir = ''; - } else { - $wind_dir = $data['wind_dir_text_short']; - } - if (!isset($data['wind_meters_per_second'])) { - $wind = ''; - } else { - $wind = round($data['wind_meters_per_second'] / 1000 * 60 * 60); - } - if ($wind == 0) { - $wind_dir = 'None'; - $mph = ''; - $wind = ''; - } else { - $wind_dir = $wind_dir; - } - if (!isset($data['visibility_km'])) { - $visibility = ''; - } else { - $visibility = $data['visibility_km'] . $miles; - } - if (!isset($data['rel_humidity'])) { - $humidity = 'None'; - } else { - $humidity = round($data['rel_humidity'], 0); - } - if (!isset($data['time'])) { - $time = ''; - } else { - $time = date($timefmt, $data['time']); - } - if (!isset($data['cloud_layer1_condition'])) { - $cloud_cover = ''; - } else { - $cloud_cover = $data['cloud_layer1_condition']; - } - if (($tempF <> '') && ($tempF >= '70') && ($humidity <> '')) { - $heatindexF = number_format(-42.379 + (2.04901523 * $tempF) + (10.1433312 * $humidity) - (0.22475541 * $tempF * $humidity) - - (0.00683783 * ($tempF * $tempF)) - (0.05481717 * ($humidity * $humidity)) - + (0.00122874 * ($tempF * $tempF) * $humidity) + (0.00085282 * $tempF * ($humidity * $humidity)) - - (0.00000199 * ($tempF * $tempF) * ($humidity * $humidity))); - $heatindex = round(($heatindexF - 32) * 5 / 9); - } - } - - if ((isset($heatindex)) || ($windchill <> '')) { - if (!isset($heatindex)) { - $feelslike = $windchill; - } else { - $feelslike = $heatindex; - } - } else { - $feelslike = $temp; - } -} echo "\n"; echo " \n"; -echo " \n"; if ($request == 'POST') { @@ -387,88 +208,55 @@ class=misc_items style='padding-left:0px;padding-right:0px;' tabindex=5>\n"; - echo "
\n"; +echo " \n"; echo " \n"; // display links in top left of each page // @@ -240,7 +103,7 @@ // display form to submit signin/signout information // -echo " \n"; +echo " \n"; if ($links == "none") { echo " \n"; @@ -248,134 +111,92 @@ echo " \n"; } -echo " \n"; -echo " \n"; -echo " \n"; -echo " + + +BARCODE_CLOCKIN; +} - while ($row = mysql_fetch_array($emp_name_result)) { +if (yes_no_bool($barcode_clockin) and yes_no_bool($manual_clockin)) { + echo ''; +} - $abc = stripslashes("" . $row['displayname'] . ""); +if (yes_no_bool($manual_clockin)) { + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; - mysql_free_result($emp_name_result); echo " \n"; -} else { - - $query = "select empfullname from " . $db_prefix . "employees where disabled <> '1' and empfullname <> 'admin' order by empfullname"; - $emp_name_result = mysql_query($query); - echo " \n"; + echo " \n"; + echo " \n"; + } - $def = stripslashes("" . $row['empfullname'] . ""); - if ((isset($_COOKIE['remember_me'])) && (stripslashes($_COOKIE['remember_me']) == $def)) { - echo " \n"; - } else { - echo " \n"; - } + echo " \n"; + echo " \n"; - mysql_free_result($emp_name_result); - echo " \n"; -} - -// determine whether to use encrypted passwords or not // -if ($use_passwd == "yes") { - echo " \n"; + echo " \n"; + echo " \n"; echo " \n"; + echo "\n"; + + if (!isset($_COOKIE['remember_me'])) { + echo " \n"; + } elseif (isset($_COOKIE['remember_me'])) { + echo " \n"; + } echo " \n"; } -echo " \n"; -echo " \n"; -$query = "select punchitems from " . $db_prefix . "punchlist"; -$punchlist_result = mysql_query($query); -echo " \n"; -mysql_free_result($punchlist_result); - -echo " \n"; -echo " \n"; -echo " \n"; - -if (!isset($_COOKIE['remember_me'])) { - echo " \n"; -} elseif (isset($_COOKIE['remember_me'])) { - echo " \n"; +if (yes_no_bool($display_weather)) { + echo ''; } -echo " \n"; -echo " \n"; -if ($display_weather == "yes") { - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - - if ($humidity == 'None') { - echo " \n"; - } else { - echo " \n"; - } - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; -} - -echo " \n"; echo "
Please sign in below:
Name:
\n"; - -// query to populate dropdown with employee names // - -if ($show_display_name == "yes") { - - $query = "select displayname from " . $db_prefix . "employees where disabled <> '1' and empfullname <> 'admin' order by displayname"; - $emp_name_result = mysql_query($query); - echo " Barcode:
+ + +
Please sign in below:
Name:
\n"; - if ((isset($_COOKIE['remember_me'])) && (stripslashes($_COOKIE['remember_me']) == $abc)) { - echo " \n"; - } else { - echo " \n"; - } + // query to populate dropdown with employee names // + if ($show_display_name == "yes") { + echo " \n"; } + echo " \n"; + echo html_options( + tc_select($emp_name_field, "employees", "disabled <> '1' AND empfullname <> 'admin' ORDER BY $emp_name_field"), + @$_COOKIE['remember_me'] + ); echo "
Password:
"; + echo "
In/Out:
\n"; - } + // populate dropdown with punchlist items // + echo "
Password:
Notes:
"; - echo "
+ +
Remember Me?
+ +
Reset Cookie?
In/Out:
\n"; - -// query to populate dropdown with punchlist items // +echo "
Notes:
"; -echo "
- -
Remember Me?
- -
Reset Cookie?
'; + include 'sidebar-metar-display.php'; + echo '
Weather Conditions:
$city
Currently: $temp°
Feels Like: $feelslike°
Skies: $cloud_cover
Wind: $wind_dir $wind$mph
Humidity: $humidity
Humidity: $humidity%
Visibility: $visibility
Last Updated: $time
\n"; - echo " \n"; - echo "
\n"; - echo "
\n"; - echo "You have not chosen a username or a status. Please try again.\n"; - include 'footer.php'; - exit; - } - - if (!$displayname) { - echo " 		\n"; - echo " \n"; - echo " \n"; - echo " "; + +// display the logo in top left of each page. This will be $logo you setup in config.inc.php. // +// It will also link you back to your index page. // + +if ($logo == "none") { + echo " \n"; +} else { + echo "\n"; +} + +// if db is out of date, report it here // + +if (($dbexists <> "1") || (@$my_dbversion <> $dbversion)) { + echo " \n"; +} + +// display a 'reset cookie' message if $use_client_tz = "yes" // + +if ($date_link == "none") { + + if ($use_client_tz == "yes") { + echo " \n"; + } + + echo " \n"; + } + + echo " \n"; +echo "
\n"; - echo "
\n"; - echo "You have not chosen a username. Please try again.\n"; - include 'footer.php'; - exit; - } - - } elseif ($show_display_name == "no") { - - if (!$fullname && !$inout) { - echo " 		\n"; - echo " \n"; - echo " \n"; - echo " +
\n"; - echo "
\n"; - echo "You have not chosen a username or a status. Please try again.\n"; - include 'footer.php'; - exit; - } - - if (!$fullname) { - echo " 		\n"; - echo " \n"; - echo " \n"; - echo " -
\n"; - echo "
\n"; - echo "You have not chosen a username. Please try again.\n"; - include 'footer.php'; - exit; - } - + if (!has_value($emp_name) && !has_value($inout)) { + $errors[] = "You have not chosen a username or a status. Please try again."; + } + elseif (!has_value($emp_name)) { + $errors[] = "You have not chosen a username. Please try again."; + } + elseif (!has_value($inout)) { + $errors[] = "You have not chosen a status. Please try again."; } - if (!$inout) { + if (!empty($errors)) { echo " 		\n"; echo " \n"; echo " \n"; echo " diff --git a/punchclock/entry.php b/punchclock/entry.php index 5612268..2632e00 100644 --- a/punchclock/entry.php +++ b/punchclock/entry.php @@ -66,19 +66,19 @@ // Post employee time. $inout = $_POST['inout']; - $q_inout = mysql_real_escape_string($inout); + $q_inout = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $inout); $h_inout = htmlentities($inout); $notes = isset($_POST['notes']) ? $_POST['notes'] : ''; - $q_notes = mysql_real_escape_string($notes); + $q_notes = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $notes); $h_notes = htmlentities($notes); - $q_empfullname = mysql_real_escape_string($empfullname); + $q_empfullname = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $empfullname); // Validate and get inout display color. $query = "select color from " . $db_prefix . "punchlist where punchitems = '$q_inout'"; - $punchlist_result = mysql_query($query); - $inout_color = mysql_result($punchlist_result, 0, 0); + $punchlist_result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + $inout_color = mysqli_result($punchlist_result, 0, 0); if (!$inout_color) { #print error_msg("In/Out Status is not in the database."); trigger_error('In/Out Status is not in the database.', E_USER_WARNING); @@ -101,11 +101,11 @@ where empfullname = '$q_empfullname' End_Of_SQL; - if (mysql_query($insert_query)) { - mysql_query($update_query) - or trigger_error('entry: cannot update tstamp in employee record. ' . mysql_error(), E_USER_WARNING); + if (mysqli_query($GLOBALS["___mysqli_ston"], $insert_query)) { + mysqli_query($GLOBALS["___mysqli_ston"], $update_query) + or trigger_error('entry: cannot update tstamp in employee record. ' . mysqli_error($GLOBALS["___mysqli_ston"]), E_USER_WARNING); } else { - trigger_error('entry: cannot insert timestamp into info record. ' . mysql_error(), E_USER_WARNING); + trigger_error('entry: cannot insert timestamp into info record. ' . mysqli_error($GLOBALS["___mysqli_ston"]), E_USER_WARNING); } # Uncomment next to display success message. The entry status display also shows last punch-in/out. @@ -212,12 +212,12 @@ // query to produce buttons for the punchlist items // $query = "select punchitems,color,in_or_out from " . $db_prefix . "punchlist order by in_or_out desc, color, punchitems"; - $punchlist_result = mysql_query($query); - while ($row = mysql_fetch_array($punchlist_result)) { + $punchlist_result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($punchlist_result)) { $punchclass = $row['in_or_out'] ? 'punch-in' : 'punch-out'; echo "\n"; } - mysql_free_result($punchlist_result); + ((mysqli_free_result($punchlist_result) || (is_object($punchlist_result) && (get_class($punchlist_result) == "mysqli_result"))) ? true : false); ?> diff --git a/punchclock/entry_status.php b/punchclock/entry_status.php index 33391c7..bd4f989 100644 --- a/punchclock/entry_status.php +++ b/punchclock/entry_status.php @@ -1,61 +1,61 @@ - -
\n"; echo "
\n"; - echo "You have not chosen a status. Please try again.\n"; + echo implode("
\n", $errors); include 'footer.php'; exit; } - @$fullname = addslashes($fullname); - @$displayname = addslashes($displayname); - // configure timestamp to insert/update // $time = time(); @@ -480,31 +268,19 @@ class=misc_items style='padding-left:0px;padding-right:0px;' tabindex=5> $fullname, "inout" => $inout, "timestamp" => $tz_stamp, "notes" => $notes); if (strtolower($ip_logging) == "yes") { - $query = "insert into " . $db_prefix . "info (fullname, `inout`, timestamp, notes, ipaddress) values ('" . $fullname . "', '" . $inout . "', - '" . $tz_stamp . "', '" . $notes . "', '" . $connecting_ip . "')"; - } else { - $query = "insert into " . $db_prefix . "info (fullname, `inout`, timestamp, notes) values ('" . $fullname . "', '" . $inout . "', '" . $tz_stamp . "', - '" . $notes . "')"; + $clockin["ipaddress"] = $connecting_ip; } - $result = mysql_query($query); - - $update_query = "update " . $db_prefix . "employees set tstamp = '" . $tz_stamp . "' where empfullname = '" . $fullname . "'"; - $other_result = mysql_query($update_query); + tc_insert_strings("info", $clockin); + tc_update_strings("employees", array("tstamp" => $tz_stamp), "empfullname = ?", $fullname); echo "\n"; echo "\n"; @@ -512,43 +288,26 @@ class=misc_items style='padding-left:0px;padding-right:0px;' tabindex=5> $fullname, "inout" => $inout, "timestamp" => $tz_stamp, "notes" => $notes); if (strtolower($ip_logging) == "yes") { - $query = "insert into " . $db_prefix . "info (fullname, `inout`, timestamp, notes, ipaddress) values ('" . $fullname . "', '" . $inout . "', - '" . $tz_stamp . "', '" . $notes . "', '" . $connecting_ip . "')"; - } else { - $query = "insert into " . $db_prefix . "info (fullname, `inout`, timestamp, notes) values ('" . $fullname . "', '" . $inout . "', '" . $tz_stamp . "', - '" . $notes . "')"; + $clockin["ipaddress"] = $connecting_ip; } - $result = mysql_query($query); - - $update_query = "update " . $db_prefix . "employees set tstamp = '" . $tz_stamp . "' where empfullname = '" . $fullname . "'"; - $other_result = mysql_query($update_query); + tc_insert_strings("info", $clockin); + tc_update_strings("employees", array("tstamp" => $tz_stamp), "empfullname = ?", $fullname); echo "\n"; echo "\n"; @@ -561,14 +320,7 @@ class=misc_items style='padding-left:0px;padding-right:0px;' tabindex=5>\n"; echo " 		\n"; echo "
\n"; - - if ($show_display_name == "yes") { - $strip_fullname = stripslashes($displayname); - } else { - $strip_fullname = stripslashes($fullname); - } - - echo "You have entered the wrong password for $strip_fullname. Please try again."; + echo "You have entered the wrong password for $emp_name. Please try again."; include 'footer.php'; exit; } diff --git a/login.php b/login.php index 9556af5..c9da725 100644 --- a/login.php +++ b/login.php @@ -14,9 +14,9 @@ $query = "select empfullname, employee_passwd, admin, time_admin from " . $db_prefix . "employees where empfullname = '" . $login_userid . "'"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $admin_username = "" . $row['empfullname'] . ""; $admin_password = "" . $row['employee_passwd'] . ""; diff --git a/login_reports.php b/login_reports.php index d4163f7..d51ae73 100644 --- a/login_reports.php +++ b/login_reports.php @@ -14,9 +14,9 @@ $query = "select empfullname, employee_passwd, reports from " . $db_prefix . "employees where empfullname = '" . $login_userid . "'"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $reports_username = "" . $row['empfullname'] . ""; $reports_password = "" . $row['employee_passwd'] . ""; diff --git a/logout.php b/logout.php index af77605..171cb99 100644 --- a/logout.php +++ b/logout.php @@ -1,17 +1,17 @@ - window.location.href = 'index.php';"; -?> + window.location.href = 'index.php';"; +?> diff --git a/metar-display.php b/metar-display.php new file mode 100644 index 0000000..60b8950 --- /dev/null +++ b/metar-display.php @@ -0,0 +1,118 @@ + + + + +Local Weather + + + + + + +\n"; +# end of utility functions +?> + +Metar display script from Saratoga-Weather.org

\n"; + } else { + print "

Sorry.. include-metar-display.php not found

\n"; + } +?> + + + \ No newline at end of file diff --git a/metar-images/E.gif b/metar-images/E.gif new file mode 100644 index 0000000..0f359bd Binary files /dev/null and b/metar-images/E.gif differ diff --git a/metar-images/ENE.gif b/metar-images/ENE.gif new file mode 100644 index 0000000..d283354 Binary files /dev/null and b/metar-images/ENE.gif differ diff --git a/metar-images/ESE.gif b/metar-images/ESE.gif new file mode 100644 index 0000000..ebdc519 Binary files /dev/null and b/metar-images/ESE.gif differ diff --git a/metar-images/N.gif b/metar-images/N.gif new file mode 100644 index 0000000..c76e43d Binary files /dev/null and b/metar-images/N.gif differ diff --git a/metar-images/NE.gif b/metar-images/NE.gif new file mode 100644 index 0000000..ff683fa Binary files /dev/null and b/metar-images/NE.gif differ diff --git a/metar-images/NNE.gif b/metar-images/NNE.gif new file mode 100644 index 0000000..c5dc9e4 Binary files /dev/null and b/metar-images/NNE.gif differ diff --git a/metar-images/NNW.gif b/metar-images/NNW.gif new file mode 100644 index 0000000..82aa82f Binary files /dev/null and b/metar-images/NNW.gif differ diff --git a/metar-images/NW.gif b/metar-images/NW.gif new file mode 100644 index 0000000..3406147 Binary files /dev/null and b/metar-images/NW.gif differ diff --git a/metar-images/S.gif b/metar-images/S.gif new file mode 100644 index 0000000..262c269 Binary files /dev/null and b/metar-images/S.gif differ diff --git a/metar-images/SE.gif b/metar-images/SE.gif new file mode 100644 index 0000000..b471f4b Binary files /dev/null and b/metar-images/SE.gif differ diff --git a/metar-images/SSE.gif b/metar-images/SSE.gif new file mode 100644 index 0000000..2bf6eff Binary files /dev/null and b/metar-images/SSE.gif differ diff --git a/metar-images/SSW.gif b/metar-images/SSW.gif new file mode 100644 index 0000000..18aeb21 Binary files /dev/null and b/metar-images/SSW.gif differ diff --git a/metar-images/SW.gif b/metar-images/SW.gif new file mode 100644 index 0000000..fd72a72 Binary files /dev/null and b/metar-images/SW.gif differ diff --git a/metar-images/W.gif b/metar-images/W.gif new file mode 100644 index 0000000..8a9a907 Binary files /dev/null and b/metar-images/W.gif differ diff --git a/metar-images/WNW.gif b/metar-images/WNW.gif new file mode 100644 index 0000000..a155e3a Binary files /dev/null and b/metar-images/WNW.gif differ diff --git a/metar-images/WSW.gif b/metar-images/WSW.gif new file mode 100644 index 0000000..e3ff7dd Binary files /dev/null and b/metar-images/WSW.gif differ diff --git a/metar-images/bkn.gif b/metar-images/bkn.gif new file mode 100644 index 0000000..980e5ee Binary files /dev/null and b/metar-images/bkn.gif differ diff --git a/metar-images/bkn.jpg b/metar-images/bkn.jpg new file mode 100644 index 0000000..9ae5b40 Binary files /dev/null and b/metar-images/bkn.jpg differ diff --git a/metar-images/dust.gif b/metar-images/dust.gif new file mode 100644 index 0000000..8a2400c Binary files /dev/null and b/metar-images/dust.gif differ diff --git a/metar-images/dust.jpg b/metar-images/dust.jpg new file mode 100644 index 0000000..81a636e Binary files /dev/null and b/metar-images/dust.jpg differ diff --git a/metar-images/falling-old.gif b/metar-images/falling-old.gif new file mode 100644 index 0000000..add86ab Binary files /dev/null and b/metar-images/falling-old.gif differ diff --git a/metar-images/falling.gif b/metar-images/falling.gif new file mode 100644 index 0000000..613d76f Binary files /dev/null and b/metar-images/falling.gif differ diff --git a/metar-images/few.gif b/metar-images/few.gif new file mode 100644 index 0000000..beb224c Binary files /dev/null and b/metar-images/few.gif differ diff --git a/metar-images/few.jpg b/metar-images/few.jpg new file mode 100644 index 0000000..69d0612 Binary files /dev/null and b/metar-images/few.jpg differ diff --git a/metar-images/fg.gif b/metar-images/fg.gif new file mode 100644 index 0000000..9ac8354 Binary files /dev/null and b/metar-images/fg.gif differ diff --git a/metar-images/fg.jpg b/metar-images/fg.jpg new file mode 100644 index 0000000..2be8ee4 Binary files /dev/null and b/metar-images/fg.jpg differ diff --git a/metar-images/hazy.gif b/metar-images/hazy.gif new file mode 100644 index 0000000..db17831 Binary files /dev/null and b/metar-images/hazy.gif differ diff --git a/metar-images/hazy.jpg b/metar-images/hazy.jpg new file mode 100644 index 0000000..7f87c64 Binary files /dev/null and b/metar-images/hazy.jpg differ diff --git a/metar-images/hi_ntsra.gif b/metar-images/hi_ntsra.gif new file mode 100644 index 0000000..21ba8ae Binary files /dev/null and b/metar-images/hi_ntsra.gif differ diff --git a/metar-images/hi_ntsra.jpg b/metar-images/hi_ntsra.jpg new file mode 100644 index 0000000..833ab67 Binary files /dev/null and b/metar-images/hi_ntsra.jpg differ diff --git a/metar-images/hi_tsra.gif b/metar-images/hi_tsra.gif new file mode 100644 index 0000000..35fae10 Binary files /dev/null and b/metar-images/hi_tsra.gif differ diff --git a/metar-images/hi_tsra.jpg b/metar-images/hi_tsra.jpg new file mode 100644 index 0000000..6e03160 Binary files /dev/null and b/metar-images/hi_tsra.jpg differ diff --git a/metar-images/index.php b/metar-images/index.php new file mode 100644 index 0000000..a013bb9 --- /dev/null +++ b/metar-images/index.php @@ -0,0 +1,11 @@ + + + + +Nothing to see here... + + + +

Nothing to see here... move along.

+ + \ No newline at end of file diff --git a/metar-images/ip.gif b/metar-images/ip.gif new file mode 100644 index 0000000..7a8d8c5 Binary files /dev/null and b/metar-images/ip.gif differ diff --git a/metar-images/ip.jpg b/metar-images/ip.jpg new file mode 100644 index 0000000..cc5db3e Binary files /dev/null and b/metar-images/ip.jpg differ diff --git a/metar-images/mist.gif b/metar-images/mist.gif new file mode 100644 index 0000000..db17831 Binary files /dev/null and b/metar-images/mist.gif differ diff --git a/metar-images/mist.jpg b/metar-images/mist.jpg new file mode 100644 index 0000000..475acaf Binary files /dev/null and b/metar-images/mist.jpg differ diff --git a/metar-images/nbkn.gif b/metar-images/nbkn.gif new file mode 100644 index 0000000..cd7c2b5 Binary files /dev/null and b/metar-images/nbkn.gif differ diff --git a/metar-images/nbkn.jpg b/metar-images/nbkn.jpg new file mode 100644 index 0000000..0b4bbdd Binary files /dev/null and b/metar-images/nbkn.jpg differ diff --git a/metar-images/nfew.gif b/metar-images/nfew.gif new file mode 100644 index 0000000..ac834e8 Binary files /dev/null and b/metar-images/nfew.gif differ diff --git a/metar-images/nfew.jpg b/metar-images/nfew.jpg new file mode 100644 index 0000000..bba1d84 Binary files /dev/null and b/metar-images/nfew.jpg differ diff --git a/metar-images/nfg.gif b/metar-images/nfg.gif new file mode 100644 index 0000000..ef263a0 Binary files /dev/null and b/metar-images/nfg.gif differ diff --git a/metar-images/nfg.jpg b/metar-images/nfg.jpg new file mode 100644 index 0000000..bf17736 Binary files /dev/null and b/metar-images/nfg.jpg differ diff --git a/metar-images/night_clear.gif b/metar-images/night_clear.gif new file mode 100644 index 0000000..64b97fa Binary files /dev/null and b/metar-images/night_clear.gif differ diff --git a/metar-images/night_cloudy.gif b/metar-images/night_cloudy.gif new file mode 100644 index 0000000..4633334 Binary files /dev/null and b/metar-images/night_cloudy.gif differ diff --git a/metar-images/night_heavy_rain.gif b/metar-images/night_heavy_rain.gif new file mode 100644 index 0000000..e9ba258 Binary files /dev/null and b/metar-images/night_heavy_rain.gif differ diff --git a/metar-images/night_light_rain.gif b/metar-images/night_light_rain.gif new file mode 100644 index 0000000..355bb93 Binary files /dev/null and b/metar-images/night_light_rain.gif differ diff --git a/metar-images/night_partly_cloudy.gif b/metar-images/night_partly_cloudy.gif new file mode 100644 index 0000000..7078967 Binary files /dev/null and b/metar-images/night_partly_cloudy.gif differ diff --git a/metar-images/night_rain.gif b/metar-images/night_rain.gif new file mode 100644 index 0000000..d8aa5b3 Binary files /dev/null and b/metar-images/night_rain.gif differ diff --git a/metar-images/night_sleet.gif b/metar-images/night_sleet.gif new file mode 100644 index 0000000..6d281fa Binary files /dev/null and b/metar-images/night_sleet.gif differ diff --git a/metar-images/night_snow.gif b/metar-images/night_snow.gif new file mode 100644 index 0000000..8bd5ae3 Binary files /dev/null and b/metar-images/night_snow.gif differ diff --git a/metar-images/night_tstorm.gif b/metar-images/night_tstorm.gif new file mode 100644 index 0000000..1ccefad Binary files /dev/null and b/metar-images/night_tstorm.gif differ diff --git a/metar-images/novc.gif b/metar-images/novc.gif new file mode 100644 index 0000000..cbf1a1f Binary files /dev/null and b/metar-images/novc.gif differ diff --git a/metar-images/novc.jpg b/metar-images/novc.jpg new file mode 100644 index 0000000..52c5e5e Binary files /dev/null and b/metar-images/novc.jpg differ diff --git a/metar-images/nra.gif b/metar-images/nra.gif new file mode 100644 index 0000000..8fb6924 Binary files /dev/null and b/metar-images/nra.gif differ diff --git a/metar-images/nra.jpg b/metar-images/nra.jpg new file mode 100644 index 0000000..e00d107 Binary files /dev/null and b/metar-images/nra.jpg differ diff --git a/metar-images/nsct.gif b/metar-images/nsct.gif new file mode 100644 index 0000000..924faf9 Binary files /dev/null and b/metar-images/nsct.gif differ diff --git a/metar-images/nsct.jpg b/metar-images/nsct.jpg new file mode 100644 index 0000000..6a6ef9e Binary files /dev/null and b/metar-images/nsct.jpg differ diff --git a/metar-images/nscttra.gif b/metar-images/nscttra.gif new file mode 100644 index 0000000..8ff3c3b Binary files /dev/null and b/metar-images/nscttra.gif differ diff --git a/metar-images/nscttsra.jpg b/metar-images/nscttsra.jpg new file mode 100644 index 0000000..87ec037 Binary files /dev/null and b/metar-images/nscttsra.jpg differ diff --git a/metar-images/nshra.gif b/metar-images/nshra.gif new file mode 100644 index 0000000..7ff1872 Binary files /dev/null and b/metar-images/nshra.gif differ diff --git a/metar-images/nshra.jpg b/metar-images/nshra.jpg new file mode 100644 index 0000000..f87d0f8 Binary files /dev/null and b/metar-images/nshra.jpg differ diff --git a/metar-images/nskc.gif b/metar-images/nskc.gif new file mode 100644 index 0000000..a1da282 Binary files /dev/null and b/metar-images/nskc.gif differ diff --git a/metar-images/nskc.jpg b/metar-images/nskc.jpg new file mode 100644 index 0000000..0fdc789 Binary files /dev/null and b/metar-images/nskc.jpg differ diff --git a/metar-images/nsn.gif b/metar-images/nsn.gif new file mode 100644 index 0000000..96b144c Binary files /dev/null and b/metar-images/nsn.gif differ diff --git a/metar-images/nsn.jpg b/metar-images/nsn.jpg new file mode 100644 index 0000000..e086e6c Binary files /dev/null and b/metar-images/nsn.jpg differ diff --git a/metar-images/nsvrtsra.gif b/metar-images/nsvrtsra.gif new file mode 100644 index 0000000..4215230 Binary files /dev/null and b/metar-images/nsvrtsra.gif differ diff --git a/metar-images/nsvrtsra.jpg b/metar-images/nsvrtsra.jpg new file mode 100644 index 0000000..2a24933 Binary files /dev/null and b/metar-images/nsvrtsra.jpg differ diff --git a/metar-images/ntsra.gif b/metar-images/ntsra.gif new file mode 100644 index 0000000..c1c7d74 Binary files /dev/null and b/metar-images/ntsra.gif differ diff --git a/metar-images/ntsra.jpg b/metar-images/ntsra.jpg new file mode 100644 index 0000000..afdcf4c Binary files /dev/null and b/metar-images/ntsra.jpg differ diff --git a/metar-images/nwind.jpg b/metar-images/nwind.jpg new file mode 100644 index 0000000..a2952db Binary files /dev/null and b/metar-images/nwind.jpg differ diff --git a/metar-images/ovc.gif b/metar-images/ovc.gif new file mode 100644 index 0000000..3b8831c Binary files /dev/null and b/metar-images/ovc.gif differ diff --git a/metar-images/ovc.jpg b/metar-images/ovc.jpg new file mode 100644 index 0000000..c5d00b5 Binary files /dev/null and b/metar-images/ovc.jpg differ diff --git a/metar-images/ra.gif b/metar-images/ra.gif new file mode 100644 index 0000000..64a9416 Binary files /dev/null and b/metar-images/ra.gif differ diff --git a/metar-images/ra.jpg b/metar-images/ra.jpg new file mode 100644 index 0000000..822cb22 Binary files /dev/null and b/metar-images/ra.jpg differ diff --git a/metar-images/ra1.gif b/metar-images/ra1.gif new file mode 100644 index 0000000..64a9416 Binary files /dev/null and b/metar-images/ra1.gif differ diff --git a/metar-images/ra1.jpg b/metar-images/ra1.jpg new file mode 100644 index 0000000..bf8d7fc Binary files /dev/null and b/metar-images/ra1.jpg differ diff --git a/metar-images/readme-graphics.txt b/metar-images/readme-graphics.txt new file mode 100644 index 0000000..afed085 --- /dev/null +++ b/metar-images/readme-graphics.txt @@ -0,0 +1,33 @@ +readme.txt for the Icon set for AJAX conditions, trends and wind direction arrows. +---------------------------------------------------------------------------------- +The wind arrows are from Ken True at Saratoga-weather.org + +Feel free to replace them with any .gif set of 16 direction arrows with size of +height="14", width="14" transparent background GIFs. + +The trend arrows with transparent background are from Johnny at http://www.wetlaufer.com/wx/ + +The conditions Icons are from Larry (anole) at http://weather.anolecomputer.com/ from his excellent +PHP Weather Sticker script and are used with his permission. + +Note: if you merge this icon set into a different directory, be sure to change the setting + +var imagedir = './ajax-images'; // place for wind arrows, rising/falling arrows, etc. + +assignment in the ajaxWDwx.js script to point to the new directory relative to the current page and +without a trailing '/'. Failure to set this correctly will result in broken images for wind, trend and +current summary icon. + + + +Ken True, 14-Dec-2006 http://saratoga-weather.org/scripts.php + +Addition 07-Nov-2007 +wr-*.gif : new wind-rose graphics 58x58px + +*.jpg : new conditions graphics 58x55px from NOAA forecast images + +Addition 01-Oct-2011 + +Conditions icons in animated .gif format from Paolo at http://www.meteotreviglio.com/ +Included with his kind permission. \ No newline at end of file diff --git a/metar-images/rising.gif b/metar-images/rising.gif new file mode 100644 index 0000000..50b9b33 Binary files /dev/null and b/metar-images/rising.gif differ diff --git a/metar-images/sct.gif b/metar-images/sct.gif new file mode 100644 index 0000000..8a0f13b Binary files /dev/null and b/metar-images/sct.gif differ diff --git a/metar-images/sct.jpg b/metar-images/sct.jpg new file mode 100644 index 0000000..4f813f8 Binary files /dev/null and b/metar-images/sct.jpg differ diff --git a/metar-images/scttsra.gif b/metar-images/scttsra.gif new file mode 100644 index 0000000..214ed22 Binary files /dev/null and b/metar-images/scttsra.gif differ diff --git a/metar-images/scttsra.jpg b/metar-images/scttsra.jpg new file mode 100644 index 0000000..1feecb6 Binary files /dev/null and b/metar-images/scttsra.jpg differ diff --git a/metar-images/shra.gif b/metar-images/shra.gif new file mode 100644 index 0000000..912c275 Binary files /dev/null and b/metar-images/shra.gif differ diff --git a/metar-images/shra.jpg b/metar-images/shra.jpg new file mode 100644 index 0000000..412afc8 Binary files /dev/null and b/metar-images/shra.jpg differ diff --git a/metar-images/shra2.gif b/metar-images/shra2.gif new file mode 100644 index 0000000..912c275 Binary files /dev/null and b/metar-images/shra2.gif differ diff --git a/metar-images/shra2.jpg b/metar-images/shra2.jpg new file mode 100644 index 0000000..69fe76b Binary files /dev/null and b/metar-images/shra2.jpg differ diff --git a/metar-images/skc.gif b/metar-images/skc.gif new file mode 100644 index 0000000..71dcaaa Binary files /dev/null and b/metar-images/skc.gif differ diff --git a/metar-images/skc.jpg b/metar-images/skc.jpg new file mode 100644 index 0000000..6ebbbf0 Binary files /dev/null and b/metar-images/skc.jpg differ diff --git a/metar-images/sn.gif b/metar-images/sn.gif new file mode 100644 index 0000000..d0b8cde Binary files /dev/null and b/metar-images/sn.gif differ diff --git a/metar-images/sn.jpg b/metar-images/sn.jpg new file mode 100644 index 0000000..74119b9 Binary files /dev/null and b/metar-images/sn.jpg differ diff --git a/metar-images/spacer.gif b/metar-images/spacer.gif new file mode 100644 index 0000000..fc25609 Binary files /dev/null and b/metar-images/spacer.gif differ diff --git a/metar-images/tsra.gif b/metar-images/tsra.gif new file mode 100644 index 0000000..a09b6ac Binary files /dev/null and b/metar-images/tsra.gif differ diff --git a/metar-images/tsra.jpg b/metar-images/tsra.jpg new file mode 100644 index 0000000..ce0c1fa Binary files /dev/null and b/metar-images/tsra.jpg differ diff --git a/metar-images/wind.gif b/metar-images/wind.gif new file mode 100644 index 0000000..a3943a7 Binary files /dev/null and b/metar-images/wind.gif differ diff --git a/metar-images/wind.jpg b/metar-images/wind.jpg new file mode 100644 index 0000000..a9834ef Binary files /dev/null and b/metar-images/wind.jpg differ diff --git a/metar-images/windyrain.gif b/metar-images/windyrain.gif new file mode 100644 index 0000000..de4f1e8 Binary files /dev/null and b/metar-images/windyrain.gif differ diff --git a/metar-images/windyrain.jpg b/metar-images/windyrain.jpg new file mode 100644 index 0000000..a54c8e6 Binary files /dev/null and b/metar-images/windyrain.jpg differ diff --git a/metar-images/wr-E.gif b/metar-images/wr-E.gif new file mode 100644 index 0000000..06468b4 Binary files /dev/null and b/metar-images/wr-E.gif differ diff --git a/metar-images/wr-E.png b/metar-images/wr-E.png new file mode 100644 index 0000000..d7ed6c6 Binary files /dev/null and b/metar-images/wr-E.png differ diff --git a/metar-images/wr-ENE.gif b/metar-images/wr-ENE.gif new file mode 100644 index 0000000..d8e815e Binary files /dev/null and b/metar-images/wr-ENE.gif differ diff --git a/metar-images/wr-ENE.png b/metar-images/wr-ENE.png new file mode 100644 index 0000000..7d1246b Binary files /dev/null and b/metar-images/wr-ENE.png differ diff --git a/metar-images/wr-ESE.gif b/metar-images/wr-ESE.gif new file mode 100644 index 0000000..4e8e977 Binary files /dev/null and b/metar-images/wr-ESE.gif differ diff --git a/metar-images/wr-ESE.png b/metar-images/wr-ESE.png new file mode 100644 index 0000000..38a89fb Binary files /dev/null and b/metar-images/wr-ESE.png differ diff --git a/metar-images/wr-N.gif b/metar-images/wr-N.gif new file mode 100644 index 0000000..dd3b7da Binary files /dev/null and b/metar-images/wr-N.gif differ diff --git a/metar-images/wr-N.png b/metar-images/wr-N.png new file mode 100644 index 0000000..c68a585 Binary files /dev/null and b/metar-images/wr-N.png differ diff --git a/metar-images/wr-NE.gif b/metar-images/wr-NE.gif new file mode 100644 index 0000000..8fbd138 Binary files /dev/null and b/metar-images/wr-NE.gif differ diff --git a/metar-images/wr-NE.png b/metar-images/wr-NE.png new file mode 100644 index 0000000..1d5e72d Binary files /dev/null and b/metar-images/wr-NE.png differ diff --git a/metar-images/wr-NNE.gif b/metar-images/wr-NNE.gif new file mode 100644 index 0000000..2c3e66f Binary files /dev/null and b/metar-images/wr-NNE.gif differ diff --git a/metar-images/wr-NNE.png b/metar-images/wr-NNE.png new file mode 100644 index 0000000..6c507cb Binary files /dev/null and b/metar-images/wr-NNE.png differ diff --git a/metar-images/wr-NNW.gif b/metar-images/wr-NNW.gif new file mode 100644 index 0000000..497c18b Binary files /dev/null and b/metar-images/wr-NNW.gif differ diff --git a/metar-images/wr-NNW.png b/metar-images/wr-NNW.png new file mode 100644 index 0000000..e58c715 Binary files /dev/null and b/metar-images/wr-NNW.png differ diff --git a/metar-images/wr-NW.gif b/metar-images/wr-NW.gif new file mode 100644 index 0000000..652b550 Binary files /dev/null and b/metar-images/wr-NW.gif differ diff --git a/metar-images/wr-NW.png b/metar-images/wr-NW.png new file mode 100644 index 0000000..86c6c93 Binary files /dev/null and b/metar-images/wr-NW.png differ diff --git a/metar-images/wr-S.gif b/metar-images/wr-S.gif new file mode 100644 index 0000000..2706211 Binary files /dev/null and b/metar-images/wr-S.gif differ diff --git a/metar-images/wr-S.png b/metar-images/wr-S.png new file mode 100644 index 0000000..6396440 Binary files /dev/null and b/metar-images/wr-S.png differ diff --git a/metar-images/wr-SE.gif b/metar-images/wr-SE.gif new file mode 100644 index 0000000..5bde704 Binary files /dev/null and b/metar-images/wr-SE.gif differ diff --git a/metar-images/wr-SE.png b/metar-images/wr-SE.png new file mode 100644 index 0000000..bae545e Binary files /dev/null and b/metar-images/wr-SE.png differ diff --git a/metar-images/wr-SSE.gif b/metar-images/wr-SSE.gif new file mode 100644 index 0000000..5a9f5e4 Binary files /dev/null and b/metar-images/wr-SSE.gif differ diff --git a/metar-images/wr-SSE.png b/metar-images/wr-SSE.png new file mode 100644 index 0000000..31965b7 Binary files /dev/null and b/metar-images/wr-SSE.png differ diff --git a/metar-images/wr-SSW.gif b/metar-images/wr-SSW.gif new file mode 100644 index 0000000..24a71bc Binary files /dev/null and b/metar-images/wr-SSW.gif differ diff --git a/metar-images/wr-SSW.png b/metar-images/wr-SSW.png new file mode 100644 index 0000000..aa191c6 Binary files /dev/null and b/metar-images/wr-SSW.png differ diff --git a/metar-images/wr-SW.gif b/metar-images/wr-SW.gif new file mode 100644 index 0000000..3bfa01a Binary files /dev/null and b/metar-images/wr-SW.gif differ diff --git a/metar-images/wr-SW.png b/metar-images/wr-SW.png new file mode 100644 index 0000000..45ce24e Binary files /dev/null and b/metar-images/wr-SW.png differ diff --git a/metar-images/wr-W.gif b/metar-images/wr-W.gif new file mode 100644 index 0000000..ae5aa9a Binary files /dev/null and b/metar-images/wr-W.gif differ diff --git a/metar-images/wr-W.png b/metar-images/wr-W.png new file mode 100644 index 0000000..2c6e465 Binary files /dev/null and b/metar-images/wr-W.png differ diff --git a/metar-images/wr-WNW.gif b/metar-images/wr-WNW.gif new file mode 100644 index 0000000..5fa1c33 Binary files /dev/null and b/metar-images/wr-WNW.gif differ diff --git a/metar-images/wr-WNW.png b/metar-images/wr-WNW.png new file mode 100644 index 0000000..44be573 Binary files /dev/null and b/metar-images/wr-WNW.png differ diff --git a/metar-images/wr-WSW.gif b/metar-images/wr-WSW.gif new file mode 100644 index 0000000..732d2a8 Binary files /dev/null and b/metar-images/wr-WSW.gif differ diff --git a/metar-images/wr-WSW.png b/metar-images/wr-WSW.png new file mode 100644 index 0000000..911b293 Binary files /dev/null and b/metar-images/wr-WSW.png differ diff --git a/metar-images/wr-animation.gif b/metar-images/wr-animation.gif new file mode 100644 index 0000000..8c85210 Binary files /dev/null and b/metar-images/wr-animation.gif differ diff --git a/metar-images/wr-calm.gif b/metar-images/wr-calm.gif new file mode 100644 index 0000000..e9886d2 Binary files /dev/null and b/metar-images/wr-calm.gif differ diff --git a/metar-images/wr-calm.png b/metar-images/wr-calm.png new file mode 100644 index 0000000..53edbf2 Binary files /dev/null and b/metar-images/wr-calm.png differ diff --git a/phpweather.php b/phpweather.php deleted file mode 100644 index 29a46ad..0000000 --- a/phpweather.php +++ /dev/null @@ -1,600 +0,0 @@ - 'Clear', - 'CLR' => 'Clear', - 'VV' => 'Vertical Visibility', - 'FEW' => 'Partly Cloudy', - 'SCT' => 'Scattered Clouds', - 'BKN' => 'Partly Cloudy', - 'OVC' => 'Overcast'); - -/* Offset in hours to add to the time of a report. If all your times - * are 2 hours off, then set this to -2. */ -$weather_offset = 0; - -/* Make a connection to the MySQL database: */ -if (mysql_pconnect($db_hostname, $db_username, $db_password)) { - mysql_select_db($db_name); -} else { - echo "

Unable to connect to MySQL database!

"; -} - -function store_speed($value, $windunit, &$meterspersec, &$knots, &$milesperhour) { - /* - * Helper function to convert and store speed based on unit. - * &$meterspersec, &$knots and &$milesperhour are passed on - * reference - */ - if ($windunit == 'KT') { - /* The windspeed measured in knots: */ - $knots = number_format($value); - /* The windspeed measured in meters per second, rounded to one - * decimal place: */ - $meterspersec = number_format($value * 0.51444, 1); - /* The windspeed measured in miles per hour, rounded to one - * decimal place: */ - $milesperhour = number_format($value * 1.1507695060844667, 1); - } elseif ($windunit == 'MPS') { - /* The windspeed measured in meters per second: */ - $meterspersec = number_format($value); - /* The windspeed measured in knots, rounded to one decimal - * place: */ - $knots = number_format($value / 0.51444, 1); - /* The windspeed measured in miles per hour, rounded to one - * decimal place: */ - $milesperhour = number_format($value / 0.51444 * 1.1507695060844667, 1); - } elseif ($windunit == 'KMH') { - /* The windspeed measured in kilometers per hour: */ - $meterspersec = number_format($value * 1000 / 3600, 1); - $knots = number_format($value * 1000 / 3600 / 0.51444, 1); - /* The windspeed measured in miles per hour, rounded to one - * decimal place: */ - $milesperhour = number_format($knots * 1.1507695060844667, 1); - } -} - -function get_metar($station, $always_use_cache = 0) { - /* - * Looks in the database, and fetches a new metar is nesceary. If - * $always_use_cache is true, then it ignores the timestamp of the - * METAR and just returns it. - * - * You should pass a ICAO station identifier, eg. 'EKYT' for - * Aalborg, Denmark. - */ - - global $conn, $dbmMetar, $dbmTimestamp, $db_prefix; - - $query = "SELECT metar, UNIX_TIMESTAMP(timestamp) FROM " . $db_prefix . "metars WHERE station = '$station'"; - $result = mysql_query($query); - @$metar_rows = mysql_num_rows($result); /* this suppresses a php error message if the metars db has not yet been created. */ - if (isset($metar_rows)) { /* found station */ - list($metar, $timestamp) = mysql_fetch_row($result); - } - - if (isset($metar)) { /* found station */ - if ($always_use_cache || $timestamp > time() - 3600) { - /* We have asked explicit for a cached metar, or the metar is - * still fresh. */ - return $metar; - } else { - /* We looked in the cache, but the metar was too old. */ - return fetch_metar($station, 0); - } - } else { - /* The station is new - we fetch a new METAR */ - return fetch_metar($station, 1); - } -} - -function fetch_metar($station, $new) { - /* - * Fetches a new METER from weather.noaa.gov. If the $new variable - * is true, the metar is inserted, else it will replace the old - * metar. The new METAR is returned. - */ - global $conn, $dbmMetar, $dbmTimestamp; - - $metar = ''; - $station = strtoupper($station); - - /* We use the @ notation, because it might fail. */ - $file = @file('http://weather.noaa.gov/pub/data/' . - "observations/metar/stations/$station.TXT"); - - /* Here we test to see if we actually got a METAR. */ - if (is_array($file)) { - $date = trim($file[0]); - $metar = trim($file[1]); - for ($i = 2; $i < count($file); $i++) { - $metar .= ' ' . trim($file[i]); - } - - /* The date is in the form 2000/10/09 14:50 UTC. This seperates - the different parts. */ - $date_parts = explode(':', strtr($date, '/ ', '::')); - $date_unixtime = gmmktime($date_parts[3], $date_parts[4], - 0, $date_parts[1], $date_parts[2], - $date_parts[0]); - - if (!ereg('[0-9]{6}Z', $metar)) { - /* Some reports dont even have a time-part, so we insert the - * current time. This might not be the time of the report, but - * it was broken anyway :-) */ - $metar = gmdate('dHi', $date_unixtime) . 'Z ' . $metar; - } - - if ($date_unixtime < (time() - 3300)) { - /* The timestamp in the metar is more than 55 minutes old. We - * adjust the timestamp, so that we won't try to fetch a new - * METAR within the next 5 minutes. After 5 minutes, the - * timestamp will again be more than 1 hour old. */ - $date_unixtime = time() - 3300; - } - - } else { - /* If we end up here, it means that there was no file, we then set - * the metar to and empty string. We set the date to time() - 3000 - * to give the server 10 minutes of peace. If the file is - * unavailable, we don't want to stress the server. */ - $metar = ''; - $date_unixtime = time() - 3000; - } - - /* It might seam strange, that we make a local date, but MySQL - * expects a local when we insert the METAR. */ - $date = date('Y/m/d H:i', $date_unixtime); - - if ($new) { - /* Insert the new record */ - $query = "INSERT INTO " . $db_prefix . "metars SET station = '$station', " . - "metar = '$metar', timestamp = '$date'"; - } else { - /* Update the old record */ - $query = "UPDATE " . $db_prefix . "metars SET metar = '$metar', " . - "timestamp = '$date' WHERE station = '$station'"; - } - mysql_query($query); - - return $metar; -} - -function process_metar($metar) { - /* This function decodes a raw METAR. The result is an associative - * array with entries like 'temp_c', 'visibility_miles' etc. */ - - global $strings, $wind_dir_text_short_array, $wind_dir_text_array, - $cloud_condition_array, $weather_array, $weather_offset; - - $temp_visibility_miles = ''; - $cloud_layers = 0; - $decoded_metar['remarks'] = ''; - $decoded_metar['weather'] = ''; - - $cloud_coverage = array('SKC' => '0', - 'CLR' => '0', - 'VV' => '8/8', - 'FEW' => '1/8 - 2/8', - 'SCT' => '3/8 - 4/8', - 'BKN' => '5/8 - 7/8', - 'OVC' => '8/8'); - - $decoded_metar['metar'] = $metar; - $parts = split('[ ]+', $metar); - $num_parts = count($parts); - for ($i = 0; $i < $num_parts; $i++) { - $part = $parts[$i]; - - if (ereg('RMK|TEMPO|BECMG', $part)) { - /* The rest of the METAR is either a remark or temporary - * information. We skip the rest of the METAR. */ - $decoded_metar['remarks'] .= ' ' . $part; - break; - } elseif ($part == 'METAR') { - /* - * Type of Report: METAR - */ - $decoded_metar['type'] = 'METAR'; - } elseif ($part == 'SPECI') { - /* - * Type of Report: SPECI - */ - $decoded_metar['type'] = 'SPECI'; - } elseif (ereg('^[A-Z]{4}$', $part) && !isset($decoded_metar['station'])) { - /* - * Station Identifier - */ - $decoded_metar['station'] = $part; - } elseif (ereg('([0-9]{2})([0-9]{2})([0-9]{2})Z', $part, $regs)) { - /* - * Date and Time of Report - * We return a standard Unix UTC/GMT timestamp suitable for - * gmdate() - */ - $decoded_metar['time'] = gmmktime($regs[2] + $weather_offset, $regs[3], 0, - gmdate('m'), $regs[1], gmdate('Y')); - } elseif (ereg('(AUTO|COR|RTD|CC[A-Z]|RR[A-Z])', $part, $regs)) { - /* - * Report Modifier: AUTO, COR, CCx or RRx - */ - $decoded_metar['report_mod'] = $regs[1]; - } elseif (ereg('([0-9]{3}|VRB)([0-9]{2,3}).*(KT|MPS|KMH)', $part, $regs)) { - /* Wind Group */ - $windunit = $regs[3]; /* do ereg in two parts to retrieve unit first */ - /* now do ereg to get the actual values */ - ereg("([0-9]{3}|VRB)([0-9]{2,3})(G([0-9]{2,3})?$windunit)", $part, $regs); - if ($regs[1] == 'VRB') { - $decoded_metar['wind_deg'] = $strings['wind_vrb_long']; - $decoded_metar['wind_dir_text'] = $strings['wind_vrb_long']; - $decoded_metar['wind_dir_text_short'] = $strings['wind_vrb_short']; - } else { - $decoded_metar['wind_deg'] = $regs[1]; - $decoded_metar['wind_dir_text'] = - $wind_dir_text_array[intval(round($regs[1] / 22.5))]; - $decoded_metar['wind_dir_text_short'] = - $wind_dir_text_short_array[intval(round($regs[1] / 22.5))]; - } - store_speed($regs[2], - $windunit, - $decoded_metar['wind_meters_per_second'], - $decoded_metar['wind_knots'], - $decoded_metar['wind_miles_per_hour']); - - if (isset($regs[4])) { - /* We have a report with information about the gust. First we - have the gust measured in knots: */ - store_speed($regs[4], $windunit, - $decoded_metar['wind_gust_meters_per_second'], - $decoded_metar['wind_gust_knots'], - $decoded_metar['wind_gust_miles_per_hour']); - } - } elseif (ereg('^([0-9]{3})V([0-9]{3})$', $part, $regs)) { - /* - * Variable wind-direction - */ - $decoded_metar['wind_var_beg'] = $regs[1]; - $decoded_metar['wind_var_end'] = $regs[2]; - } elseif ($part == 9999) { - /* A strange value. When you look at other pages you see it - interpreted like this (where I use > to signify 'Greater - than'): */ - $decoded_metar['visibility_miles'] = '>6.2'; - $decoded_metar['visibility_km'] = '>10'; - } elseif (ereg('^([0-9]{4})$', $part, $regs)) { - /* - * Visibility in meters (4 digits only) - */ - $decoded_metar['visibility_km'] = number_format($regs[1] / 1000, 1); - $decoded_metar['visibility_miles'] = - number_format(($regs[1] / 1000) / 1.609344, 1); - } elseif (ereg('^[0-9]$', $part)) { - /* - * Temp Visibility Group, single digit followed by space - */ - $temp_visibility_miles = $part; - } elseif (ereg('^M?(([0-9]?)[ ]?([0-9])(/?)([0-9]*))SM$', - $temp_visibility_miles . ' ' . - $parts[$i], $regs) - ) { - /* - * Visibility Group - */ - if ($regs[4] == '/') { - $vis_miles = $regs[2] + $regs[3] / $regs[5]; - } else { - $vis_miles = $regs[1]; - } - if ($regs[0][0] == 'M') { - /* The visibility measured in miles, prefixed with < to - indicate 'Less than' */ - $decoded_metar['visibility_miles'] = - '<' . number_format($vis_miles, 1); - /* The visibility measured in kilometers. The value is rounded - to one decimal place, prefixed with < to indicate 'Less - than' */ - $decoded_metar['visibility_km'] = - '<' . number_format($vis_miles * 1.609344, 1); - } else { - /* The visibility measured in mile.s */ - $decoded_metar['visibility_miles'] = number_format($vis_miles, 1); - /* The visibility measured in kilometers, rounded to one - decimal place. */ - $decoded_metar['visibility_km'] = - number_format($vis_miles * 1.609344, 1); - } - } elseif ($part == 'CAVOK') { - /* CAVOK: Used when the visibility is greather than 10 - kilometers, the lowest cloud-base is at 5000 feet and there - is no significant weather. */ - $decoded_metar['visibility_km'] = '>10'; - $decoded_metar['visibility_miles'] = '>6.2'; - $decoded_metar['cloud_layer1_condition'] = 'CAVOK'; - } elseif (ereg('^R([0-9][0-9][RLC]?)/([MP]?[0-9]{4})V?(P?[0-9]{4})?F?T?$', $part, $regs)) { - $decoded_metar['runway_nr'] = $regs[1]; - if ($regs[3]) { - /* We have both min and max visibility. */ - $prefix = ''; - if ($regs[2][0] == 'M') { - /* Less than. */ - $prefix = '<'; - $regs[2] = substr($regs[2], 1); - } - $decoded_metar['runway_vis_min_ft'] = $prefix . number_format($regs[2]); - $decoded_metar['runway_vis_min_meter'] = $prefix . number_format($regs[2] * 0.3048); - - $prefix = ''; - if ($regs[3][0] == 'P') { - /* Greather than. */ - $prefix = '>'; - $regs[3] = substr($regs[3], 1); - } - $decoded_metar['runway_vis_max_ft'] = $prefix . number_format($regs[3]); - $decoded_metar['runway_vis_max_meter'] = $prefix . number_format($regs[3] * 0.3048); - - } else { - /* We only have a single visibility. */ - $prefix = ''; - if ($regs[2][0] == 'M') { - $prefix = '<'; - $regs[2] = substr($regs[2], 1); - } elseif ($regs[2][0] == 'P') { - $prefix = '>'; - $regs[2] = substr($regs[2], 1); - } - $decoded_metar['runway_vis_ft'] = $prefix . number_format($regs[2]); - $decoded_metar['runway_vis_meter'] = $prefix . number_format($regs[2] * 0.3048); - } - } elseif (ereg('^(-|\+|VC)?(TS|SH|FZ|BL|DR|MI|BC|PR|RA|DZ|SN|SG|GR|' . - 'GS|PE|IC|UP|BR|FG|FU|VA|DU|SA|HZ|PY|PO|SQ|FC|SS|DS)+$', - $part) - ) { - /* - * Current weather-group - */ - if ($part[0] == '-') { - /* A light phenomenon */ - $decoded_metar['weather'] .= $strings['light']; - $part = substr($part, 1); - } elseif ($part[0] == '+') { - /* A heavy phenomenon */ - $decoded_metar['weather'] .= $strings['heavy']; - $part = substr($part, 1); - } elseif ($part[0] . $part[1] == 'VC') { - /* Proximity Qualifier */ - $decoded_metar['weather'] .= $strings['nearby']; - $part = substr($part, 2); - } else { - /* no intensity code => moderate phenomenon */ - $decoded_metar['weather'] .= $strings['moderate']; - } - - while ($bite = substr($part, 0, 2)) { - /* Now we take the first two letters and determine what they - mean. We append this to the variable so that we gradually - build up a phrase. */ - $decoded_metar['weather'] .= $weather_array[$bite]; - /* Here we chop off the two first letters, so that we can take - a new bite at top of the while-loop. */ - $part = substr($part, 2); - } - } elseif (ereg('(SKC|CLR)', $part, $regs)) { - /* - * Cloud-layer-group. - * There can be up to three of these groups, so we store them as - * cloud_layer1, cloud_layer2 and cloud_layer3. - */ - $cloud_layers++; - /* Again we have to translate the code-characters to a - meaningful string. */ - $decoded_metar['cloud_layer' . $cloud_layers . '_condition'] = - $cloud_condition_array[$regs[1]]; - $decoded_metar['cloud_layer' . $cloud_layers . '_coverage'] = - $cloud_coverage[$regs[1]]; - } elseif (ereg('^(VV|FEW|SCT|BKN|OVC)([0-9]{3})(CB|TCU)?$', - $part, $regs) - ) { - /* We have found (another) a cloud-layer-group. There can be up - to three of these groups, so we store them as cloud_layer1, - cloud_layer2 and cloud_layer3. */ - $cloud_layers++; - /* Again we have to translate the code-characters to a - meaningful string. */ - if ($regs[1] == 'OVC') { - $clouds_str_temp = ''; - } else { - $clouds_str_temp = $strings['clouds']; - } - if ($regs[3] == 'CB') { - /* cumulonimbus (CB) clouds were observed. */ - $decoded_metar['cloud_layer' . $cloud_layers . '_condition'] = - $cloud_condition_array[$regs[1]] . $strings['clouds_cb']; - } elseif ($regs[3] == 'TCU') { - /* towering cumulus (TCU) clouds were observed. */ - $decoded_metar['cloud_layer' . $cloud_layers . '_condition'] = - $cloud_condition_array[$regs[1]] . $strings['clouds_tcu']; - } else { - $decoded_metar['cloud_layer' . $cloud_layers . '_condition'] = - $cloud_condition_array[$regs[1]] . $clouds_str_temp; - } - $decoded_metar['cloud_layer' . $cloud_layers . '_coverage'] = - $cloud_coverage[$regs[1]]; - $decoded_metar['cloud_layer' . $cloud_layers . '_altitude_ft'] = - $regs[2] * 100; - $decoded_metar['cloud_layer' . $cloud_layers . '_altitude_m'] = - round($regs[2] * 30.48); - } elseif (ereg('^(M?[0-9]{2})/(M?[0-9]{2})?$', $part, $regs)) { - /* - * Temperature/Dew Point Group - * The temperature and dew-point measured in Celsius. - */ - $decoded_metar['temp_c'] = number_format(strtr($regs[1], 'M', '-')); - $decoded_metar['dew_c'] = number_format(strtr($regs[2], 'M', '-')); - /* The temperature and dew-point measured in Fahrenheit, rounded - to the nearest degree. */ - $decoded_metar['temp_f'] = round(strtr($regs[1], 'M', '-') * (9 / 5) + 32); - $decoded_metar['dew_f'] = round(strtr($regs[2], 'M', '-') * (9 / 5) + 32); - } elseif (ereg('A([0-9]{4})', $part, $regs)) { - /* - * Altimeter - * The pressure measured in inHg - */ - $decoded_metar['altimeter_inhg'] = number_format($regs[1] / 100, 2); - /* The pressure measured in mmHg, hPa and atm */ - $decoded_metar['altimeter_mmhg'] = number_format($regs[1] * 0.254, 1); - $decoded_metar['altimeter_hpa'] = number_format($regs[1] * 0.33863881578947); - $decoded_metar['altimeter_atm'] = number_format($regs[1] * 3.3421052631579e-4, 3); - } elseif (ereg('Q([0-9]{4})', $part, $regs)) { - /* - * Altimeter - * This is strange, the specification doesnt say anything about - * the Qxxxx-form, but it's in the METARs. - */ - /* The pressure measured in hPa */ - $decoded_metar['altimeter_hpa'] = number_format($regs[1]); - /* The pressure measured in mmHg, inHg and atm */ - $decoded_metar['altimeter_mmhg'] = number_format($regs[1] * 0.7500616827, 1); - $decoded_metar['altimeter_inhg'] = number_format($regs[1] * 0.0295299875, 2); - $decoded_metar['altimeter_atm'] = number_format($regs[1] * 9.869232667e-4, 3); - } elseif (ereg('^T([0-9]{4})([0-9]{4})', $part, $regs)) { - /* - * Temperature/Dew Point Group, coded to tenth of degree. - * The temperature and dew-point measured in Celsius. - */ - store_temp($regs[1], $decoded_metar, 'temp_c', 'temp_f'); - store_temp($regs[2], $decoded_metar, 'dew_c', 'dew_f'); - } elseif (ereg('^T([0-9]{4}$)', $part, $regs)) { - store_temp($regs[1], $decoded_metar, 'temp_c', 'temp_f'); - } elseif (ereg('^1([0-9]{4}$)', $part, $regs)) { - /* - * 6 hour maximum temperature Celsius, coded to tenth of degree - */ - store_temp($regs[1], $decoded_metar, 'temp_max6h_c', 'temp_max6h_f'); - } elseif (ereg('^2([0-9]{4}$)', $part, $regs)) { - /* - * 6 hour minimum temperature Celsius, coded to tenth of degree - */ - store_temp($regs[1], $decoded_metar, 'temp_min6h_c', 'temp_min6h_f'); - } elseif (ereg('^4([0-9]{4})([0-9]{4})$', $part, $regs)) { - /* - * 24 hour maximum and minimum temperature Celsius, coded to - * tenth of degree - */ - store_temp($regs[1], $decoded_metar, 'temp_max24h_c', 'temp_max24h_f'); - store_temp($regs[2], $decoded_metar, 'temp_min24h_c', 'temp_min24h_f'); - } elseif (ereg('^P([0-9]{4})', $part, $regs)) { - /* - * Precipitation during last hour in hundredths of an inch - * (store as inches) - */ - $decoded_metar['precip_in'] = number_format($regs[1] / 100, 2); - $decoded_metar['precip_mm'] = number_format($regs[1] * 0.254, 2); - } elseif (ereg('^6([0-9]{4})', $part, $regs)) { - /* - * Precipitation during last 3 or 6 hours in hundredths of an - * inch (store as inches) - */ - $decoded_metar['precip_6h_in'] = number_format($regs[1] / 100, 2); - $decoded_metar['precip_6h_mm'] = number_format($regs[1] * 0.254, 2); - } elseif (ereg('^7([0-9]{4})', $part, $regs)) { - /* - * Precipitation during last 24 hours in hundredths of an inch - * (store as inches) - */ - $decoded_metar['precip_24h_in'] = number_format($regs[1] / 100, 2); - $decoded_metar['precip_24h_mm'] = number_format($regs[1] * 0.254, 2); - } elseif (ereg('^4/([0-9]{3})', $part, $regs)) { - /* - * Snow depth in inches - */ - $decoded_metar['snow_in'] = number_format($regs[1]); - $decoded_metar['snow_mm'] = number_format($regs[1] * 25.4); - } else { - /* - * If we couldn't match the group, we assume that it was a - * remark. - */ - $decoded_metar['remarks'] .= ' ' . $part; - } - } - /* - * Relative humidity - */ - $decoded_metar['rel_humidity'] = number_format(pow(10, - (1779.75 * ($decoded_metar['dew_c'] - $decoded_metar['temp_c']) / - ((237.3 + $decoded_metar['dew_c']) * (237.3 + $decoded_metar['temp_c'])) - + 2)), 1); - - /* - * Humidity index - */ - $e = 6.112 * pow(10, 7.5 * $decoded_metar['temp_c'] - / (237.7 + $decoded_metar['temp_c'])) - * $decoded_metar['rel_humidity'] / 100; - $decoded_metar['humidex_c'] = - number_format($decoded_metar['temp_c'] + 5 / 9 * ($e - 10), 1); - $decoded_metar['humidex_f'] = - number_format($decoded_metar['humidex_c'] * 9 / 5 + 32, 1); - - /* - * Windchill. - * - * This is only appropriate if temp < 40f and windspeed > 3 mph - */ - if ($decoded_metar['temp_f'] <= '40' && - $decoded_metar['wind_miles_per_hour'] > '3' - ) { - $decoded_metar['windchill_f'] = - number_format(35.74 + 0.6215 * $decoded_metar['temp_f'] - - 35.75 * pow((float)$decoded_metar['wind_miles_per_hour'], 0.16) + - 0.4275 * $decoded_metar['temp_f'] * - pow((float)$decoded_metar['wind_miles_per_hour'], 0.16)); - $decoded_metar['windchill_c'] = - number_format(13.112 + 0.6215 * $decoded_metar['temp_c'] - - 13.37 * pow(($decoded_metar['wind_miles_per_hour'] / 1.609), 0.16) + - 0.3965 * $decoded_metar['temp_c'] * - pow(($decoded_metar['wind_miles_per_hour'] / 1.609), 0.16)); - } - - return $decoded_metar; -} - -?> \ No newline at end of file diff --git a/punchclock/class.Timecard.php b/punchclock/class.Timecard.php index 7060bb7..15e5d85 100644 --- a/punchclock/class.Timecard.php +++ b/punchclock/class.Timecard.php @@ -75,11 +75,11 @@ function walk($onBefore = null, $onEveryRow = null, $onAfter = null) { if ($this->begin_local_timestamp < $local_timestamp) { // Get previous record to timecard to see if employee is already signed in at beginning of the period. - $result = mysql_query($this->_query_prev_record($begin_utm_timestamp)) - or trigger_error('Timecard->walk: no previous result: ' . mysql_error(), E_USER_WARNING); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $this->_query_prev_record($begin_utm_timestamp)) + or trigger_error('Timecard->walk: no previous result: ' . mysqli_error($GLOBALS["___mysqli_ston"]), E_USER_WARNING); - if ($result && mysql_num_rows($result) > 0) { - $this->row = mysql_fetch_array($result); + if ($result && mysqli_num_rows($result) > 0) { + $this->row = mysqli_fetch_array($result); if ($this->row['in_or_out'] == 1) { $row_count++; @@ -92,17 +92,17 @@ function walk($onBefore = null, $onEveryRow = null, $onAfter = null) { if ($onBefore) $onBefore($this); } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); } } // Get timecard entries. $query = $this->_query($begin_utm_timestamp, $end_utm_timestamp); - $result = mysql_query($query) - or trigger_error('Timecard->walk: no result: ' . mysql_error(), E_USER_WARNING); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query) + or trigger_error('Timecard->walk: no result: ' . mysqli_error($GLOBALS["___mysqli_ston"]), E_USER_WARNING); // Process timecard entries. - while (($this->next_row = mysql_fetch_array($result))) { + while (($this->next_row = mysqli_fetch_array($result))) { $row_count++; $this->end_time = local_timestamp($this->next_row['timestamp']); // normalize timestamp to local time if ($row_count == 1) { @@ -181,7 +181,7 @@ function walk($onBefore = null, $onEveryRow = null, $onAfter = null) { $onAfter($this); } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); return array($row_count, $this->total_hours, $this->overtime_hours, $this->today_hours); } @@ -190,7 +190,7 @@ function walk($onBefore = null, $onEveryRow = null, $onAfter = null) { function _query($begin_utm_timestamp, $end_utm_timestamp) { // Find records on an employee's timecard global $db_prefix, $default_in_or_out; - $q_empfullname = mysql_real_escape_string($this->empfullname); + $q_empfullname = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $this->empfullname); return <<empfullname); + $q_empfullname = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $this->empfullname); return << + diff --git a/punchclock/css/jquery.suggest.css b/punchclock/css/jquery.suggest.css index ebf8480..6dd8f7b 100644 --- a/punchclock/css/jquery.suggest.css +++ b/punchclock/css/jquery.suggest.css @@ -1,31 +1,31 @@ - -.ac_results { - border: 1px solid gray; - background-color: white; - padding: 0; - margin: 0; - list-style: none; - position: absolute; - z-index: 10000; - display: none; - - min-width: 170px; -} - -.ac_results li { - padding: 2px 5px; - white-space: nowrap; - color: #101010; - text-align: left; -} - -.ac_over { - cursor: pointer; - background-color: #F0F0B8; -} - -.ac_match { - text-decoration: underline; - color: black; -} - + +.ac_results { + border: 1px solid gray; + background-color: white; + padding: 0; + margin: 0; + list-style: none; + position: absolute; + z-index: 10000; + display: none; + + min-width: 170px; +} + +.ac_results li { + padding: 2px 5px; + white-space: nowrap; + color: #101010; + text-align: left; +} + +.ac_over { + cursor: pointer; + background-color: #F0F0B8; +} + +.ac_match { + text-decoration: underline; + color: black; +} + diff --git a/punchclock/css/nyroModal.css b/punchclock/css/nyroModal.css index 5d98267..7deaf4f 100644 --- a/punchclock/css/nyroModal.css +++ b/punchclock/css/nyroModal.css @@ -1,119 +1,119 @@ -div#nyroModalFull { - font-size: 12px; - color: #777; -} - -div#nyroModalLoading { - border: 4px solid #777; - width: 150px; - height: 150px; - text-indent: -9999em; - background: #fff url(../images/nyroModal/ajaxLoader.gif) no-repeat; - background-position: center; -} - -div#nyroModalLoading.error { - border: 4px solid #f66; - line-height: 20px; - padding: 20px; - width: 300px; - height: 100px; - text-indent: 0; - background: #fff; -} - -div#nyroModalWrapper { - background: #fff; - border: 4px solid #777; -} - -a#closeBut { - position: absolute; - display: block; - top: -13px; - right: -13px; - width: 12px; - height: 12px; - text-indent: -9999em; - background: url(../images/nyroModal/close.gif) no-repeat; - outline: 0; -} - -h1#nyroModalTitle { - margin: -34px 0px 0px 0px; - padding: 2px 0px 3px 6px; - color: #ddd; - background-color: #748771; -} - -div#nyroModalContent { - overflow: auto; -} - -div.wrapper div#nyroModalContent { - padding: 5px; -} - -div.wrapperImg div#nyroModalContent { - position: relative; - overflow: hidden; - text-align: center; -} - -div.wrapperImg img { - vertical-align: baseline; -} - -div.wrapperImg div#nyroModalContent div { - position: absolute; - bottom: 0; - left: 0; - background: black; - padding: 10px; - margin: 10px; - border: 1px white dotted; - overflow: hidden; - opacity: 0.2; - filter: alpha(opacity=20); -} - -div.wrapperImg div#nyroModalContent div:hover { - opacity: 0.5; - filter: alpha(opacity=50); - cursor: help; -} - -a.nyroModalPrev, a.nyroModalNext { - z-index: 105; - outline: none; - position: absolute; - top: 0; - height: 100%; - width: 40%; - cursor: pointer; - text-indent: -9999em; - background: left 20% no-repeat; - background-image: url(data:image/gif;base64,AAAA); /* Trick IE6 */ -} - -div.wrapperSwf a.nyroModalPrev, div.wrapperSwf a.nyroModalNext, div.wrapper a.nyroModalPrev, div.wrapper a.nyroModalNext { - height: 60%; - width: 20%; -} - -a.nyroModalPrev { - left: 0; -} - -a.nyroModalPrev:hover { - background-image: url(../images/nyroModal/prev.gif); -} - -a.nyroModalNext { - right: 0; - background-position: right 20%; -} - -a.nyroModalNext:hover { - background-image: url(../images/nyroModal/next.gif); -} +div#nyroModalFull { + font-size: 12px; + color: #777; +} + +div#nyroModalLoading { + border: 4px solid #777; + width: 150px; + height: 150px; + text-indent: -9999em; + background: #fff url(../images/nyroModal/ajaxLoader.gif) no-repeat; + background-position: center; +} + +div#nyroModalLoading.error { + border: 4px solid #f66; + line-height: 20px; + padding: 20px; + width: 300px; + height: 100px; + text-indent: 0; + background: #fff; +} + +div#nyroModalWrapper { + background: #fff; + border: 4px solid #777; +} + +a#closeBut { + position: absolute; + display: block; + top: -13px; + right: -13px; + width: 12px; + height: 12px; + text-indent: -9999em; + background: url(../images/nyroModal/close.gif) no-repeat; + outline: 0; +} + +h1#nyroModalTitle { + margin: -34px 0px 0px 0px; + padding: 2px 0px 3px 6px; + color: #ddd; + background-color: #748771; +} + +div#nyroModalContent { + overflow: auto; +} + +div.wrapper div#nyroModalContent { + padding: 5px; +} + +div.wrapperImg div#nyroModalContent { + position: relative; + overflow: hidden; + text-align: center; +} + +div.wrapperImg img { + vertical-align: baseline; +} + +div.wrapperImg div#nyroModalContent div { + position: absolute; + bottom: 0; + left: 0; + background: black; + padding: 10px; + margin: 10px; + border: 1px white dotted; + overflow: hidden; + opacity: 0.2; + filter: alpha(opacity=20); +} + +div.wrapperImg div#nyroModalContent div:hover { + opacity: 0.5; + filter: alpha(opacity=50); + cursor: help; +} + +a.nyroModalPrev, a.nyroModalNext { + z-index: 105; + outline: none; + position: absolute; + top: 0; + height: 100%; + width: 40%; + cursor: pointer; + text-indent: -9999em; + background: left 20% no-repeat; + background-image: url(data:image/gif;base64,AAAA); /* Trick IE6 */ +} + +div.wrapperSwf a.nyroModalPrev, div.wrapperSwf a.nyroModalNext, div.wrapper a.nyroModalPrev, div.wrapper a.nyroModalNext { + height: 60%; + width: 20%; +} + +a.nyroModalPrev { + left: 0; +} + +a.nyroModalPrev:hover { + background-image: url(../images/nyroModal/prev.gif); +} + +a.nyroModalNext { + right: 0; + background-position: right 20%; +} + +a.nyroModalNext:hover { + background-image: url(../images/nyroModal/next.gif); +} diff --git a/punchclock/css/punchclock.css b/punchclock/css/punchclock.css index 7e529a9..418510f 100644 --- a/punchclock/css/punchclock.css +++ b/punchclock/css/punchclock.css @@ -1,435 +1,435 @@ -/* - * Punchclock styles - */ - -body, td, th { - font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; - font-size: 11px; -} - -body { - color: #222; - background-color: #FFF; - margin: 0px; - padding: 0px; -} - -a:hover { - font-size: inherit; - text-decoration: underline; -} - -img { - border: 0; -} - -.page { - margin: 8px; - border: solid #748771 1px; - background-color: #FCFCFF; - color: #222; -} - -.content { - max-width: 760px; - margin: 0px auto; -} - -.footer { - height: 24px; - clear: both; -} - -.message { - color: #090; - margin: 16px 16px 4px; - font-size: 13px; - padding: 6px 6px 6px 30px; - border: solid #BBB 1px; - background: url(../../images/icons/accept.png) no-repeat 5px 6px; -} - -.error { - color: #F00; - margin: 16px 16px 4px; - font-size: 13px; - padding: 6px 6px 6px 30px; - border: solid #BBB 1px; - background: url(../../images/icons/cancel.png) no-repeat 5px 6px; -} - -tr.odd { - background-color: #EFEFEF; -} - -tr.even { - background-color: #FBFBFB; -} - -table.emp_list { - margin-top: 12px; -} - -table.emp_list thead { - line-height: 28px; - background-color: inherit; - margin-bottom: 12px; -} - -table.emp_list thead th { - font-size: 11px; - padding: 2px 10px 0px; - white-space: nowrap; - border-bottom: solid #CCC 1px; -} - -table.emp_list thead th a { - color: #27408b; -} - -table.emp_list tbody { - overflow-y: auto; - overflow-x: hidden; -} - -/* scroll the body of the table */ -table.emp_list tbody tr:hover { - color: #000; - background-color: #FFD; -} - -table.emp_list tbody td { - font-size: 11px; - padding: 8px 10px; - cursor: pointer; - white-space: nowrap; - overflow: hidden; -} - -table.emp_list tbody td a { - color: #27408b; - text-decoration: none; -} - -table.emp_list tbody td a:hover { - text-decoration: underline; - color: #853d27; -} - -.export { - max-width: 600px; -} - -.export h2 { - margin: 2px 6px; - text-align: center; -} - -.export h3 { - margin: 18px 6px 6px; - padding: 0; -} - -.export h4 { - margin: 6px 6px; - padding: 0; -} - -.export p { - margin: 3px 6px; - padding: 0; - font-size: 11px; -} - -.export .select-buttons { - margin-top: 18px; -} - -.export .select-button { - margin-right: 12px; - padding: 6px; - border: solid inherit 1px; -} - -table.export_items { -} - -table.export_items thead { - line-height: 28px; - background-color: inherit; - margin-bottom: 12px; -} - -table.export_items thead th { - font-size: 11px; - padding: 2px 10px 0px; - white-space: nowrap; - border-bottom: solid #CCC 1px; - cursor: default; -} - -table.export_items thead th a { - color: #27408b; -} - -table.export_items tbody { - overflow-y: auto; - overflow-x: hidden; -} - -/* scroll the body of the table */ -table.export_items tbody tr:hover { - color: #000; - background-color: #FFD; -} - -table.export_items tbody td { - font-size: 11px; - padding: 8px 10px; - cursor: default; - white-space: nowrap; - overflow: hidden; -} - -table.export_items tbody td a { - color: #27408b; - text-decoration: none; -} - -table.export_items tbody td a:hover { - text-decoration: underline; - color: #853d27; -} - -#sorttable_sortfwdind { - font-size: 15px; - font-weight: normal; -} - -#sorttable_sortrevind { - font-size: 15px; - font-weight: normal; -} - -.options { - margin: 12px 0px 0px 6px; -} - -.options a:link, .options a:active, .options a:visited { - text-decoration: none; - padding-left: 13px; - background: url(../images/right.gif) left center no-repeat; -} - -.options a.open:link, .options a.open:active, .options a.open:visited { - padding-left: 13px; - background: url(../images/down.gif) left center no-repeat; -} - -#options { - border: solid #CCC 1px; - padding: 6px; -} - -#timeclock { - clear: both; - text-align: center; - font-size: 20px; - margin-top: 10px; -} - -#message { - font-size: 11px; - text-align: center; - color: #000; - background-color: #FC0; - width: 27ex; - padding: 1px; - margin: 0px auto; - z-index: 1; - visibility: visible; -} - -#entry #message { - visibility: hidden; -} - -#office { - float: left; - width: 33%; - font-size: 12px; - font-weight: normal; - margin: 0; - padding: 3px; -} - -#entry_form { - margin: 16px; -} - -#employee_entry_form { - clear: both; - max-width: 450px; - margin: 16px; -} - -#password_entry_form { - clear: both; - margin: 16px; -} - -#password_change_form { - margin: 16px; -} - -#password_change_form p { - margin: 3px 16px 3px 32px; -} - -#select_offices { - float: left; -} - -#select_groups { - float: right; -} - -#printer_friendly { - font-size: 11px; - margin-left: 6px; -} - -.punch-in, .punch-out { - font-size: 14px; - font-weight: normal; - float: left; -} - -#entry .punch-in, #entry .punch-out { - float: none; -} - -/* for mobile safari */ -.hours-summary { - float: right; - margin: 10px 12px 0px 0px; -} - -.hours-summary th { - text-align: right; -} - -.hours-summary td { - text-align: right; -} - -.refresh-link { - float: right; - margin-right: 10px; - font-weight: normal; -} - -.buttons { - float: left; - margin-top: 30px; - margin-left: 10px; -} - -#nyroModalWrapper .buttons { - margin-left: 0; -} - -.timecard { - max-width: 600px; -} - -.timecard h2 { - margin: 2px 6px; - text-align: center; -} - -.timecard h3 { - margin: 6px 6px; - padding: 0; -} - -.timecard h4 { - margin: 6px 6px; - padding: 0; -} - -.timecard p { - margin: 3px 6px; - padding: 0; - font-size: 11px; -} - -.timecard_list { - margin: 12px 0px; -} - -.timecard_list td { - padding: 4px 6px; -} - -.timecard_list th { - padding: 4px 6px; - border-bottom: solid #CCC 1px; -} - -.timecard_list .hrs { - border-left: solid #CCC 1px; -} - -.timecard_list .ovt { -} - -.timecard_list .total { -} - -.timecard_list .notes { - border-left: solid #CCC 1px; - min-width: 16ex; -} - -.timecard_list .total_row td { - border-top: solid #CCC 1px; - font-weight: bold; -} - -.timecard_list .total_row .hrs { - border-left: solid #FFF 1px; - border-top: solid #CCC 1px; -} - -.timecard_list .total_row .ovt { - border-top: solid #CCC 1px; -} - -.timecard_list .total_row .total { - border-top: solid #CCC 1px; -} - -.timecard_list .total_row .notes { - border-left: solid #FFF 1px; -} - -.nav-buttons { - float: right; - margin-top: 4px; - margin-right: 4px; -} - -.nav-buttons a { - margin: 0px; - padding: 0px; -} - -.totals { - margin-top: 9px; -} - -.tip { - margin-left: 12px; - color: #999; -} +/* + * Punchclock styles + */ + +body, td, th { + font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; +} + +body { + color: #222; + background-color: #FFF; + margin: 0px; + padding: 0px; +} + +a:hover { + font-size: inherit; + text-decoration: underline; +} + +img { + border: 0; +} + +.page { + margin: 8px; + border: solid #748771 1px; + background-color: #FCFCFF; + color: #222; +} + +.content { + max-width: 760px; + margin: 0px auto; +} + +.footer { + height: 24px; + clear: both; +} + +.message { + color: #090; + margin: 16px 16px 4px; + font-size: 13px; + padding: 6px 6px 6px 30px; + border: solid #BBB 1px; + background: url(../../images/icons/accept.png) no-repeat 5px 6px; +} + +.error { + color: #F00; + margin: 16px 16px 4px; + font-size: 13px; + padding: 6px 6px 6px 30px; + border: solid #BBB 1px; + background: url(../../images/icons/cancel.png) no-repeat 5px 6px; +} + +tr.odd { + background-color: #EFEFEF; +} + +tr.even { + background-color: #FBFBFB; +} + +table.emp_list { + margin-top: 12px; +} + +table.emp_list thead { + line-height: 28px; + background-color: inherit; + margin-bottom: 12px; +} + +table.emp_list thead th { + font-size: 11px; + padding: 2px 10px 0px; + white-space: nowrap; + border-bottom: solid #CCC 1px; +} + +table.emp_list thead th a { + color: #27408b; +} + +table.emp_list tbody { + overflow-y: auto; + overflow-x: hidden; +} + +/* scroll the body of the table */ +table.emp_list tbody tr:hover { + color: #000; + background-color: #FFD; +} + +table.emp_list tbody td { + font-size: 11px; + padding: 8px 10px; + cursor: pointer; + white-space: nowrap; + overflow: hidden; +} + +table.emp_list tbody td a { + color: #27408b; + text-decoration: none; +} + +table.emp_list tbody td a:hover { + text-decoration: underline; + color: #853d27; +} + +.export { + max-width: 600px; +} + +.export h2 { + margin: 2px 6px; + text-align: center; +} + +.export h3 { + margin: 18px 6px 6px; + padding: 0; +} + +.export h4 { + margin: 6px 6px; + padding: 0; +} + +.export p { + margin: 3px 6px; + padding: 0; + font-size: 11px; +} + +.export .select-buttons { + margin-top: 18px; +} + +.export .select-button { + margin-right: 12px; + padding: 6px; + border: solid inherit 1px; +} + +table.export_items { +} + +table.export_items thead { + line-height: 28px; + background-color: inherit; + margin-bottom: 12px; +} + +table.export_items thead th { + font-size: 11px; + padding: 2px 10px 0px; + white-space: nowrap; + border-bottom: solid #CCC 1px; + cursor: default; +} + +table.export_items thead th a { + color: #27408b; +} + +table.export_items tbody { + overflow-y: auto; + overflow-x: hidden; +} + +/* scroll the body of the table */ +table.export_items tbody tr:hover { + color: #000; + background-color: #FFD; +} + +table.export_items tbody td { + font-size: 11px; + padding: 8px 10px; + cursor: default; + white-space: nowrap; + overflow: hidden; +} + +table.export_items tbody td a { + color: #27408b; + text-decoration: none; +} + +table.export_items tbody td a:hover { + text-decoration: underline; + color: #853d27; +} + +#sorttable_sortfwdind { + font-size: 15px; + font-weight: normal; +} + +#sorttable_sortrevind { + font-size: 15px; + font-weight: normal; +} + +.options { + margin: 12px 0px 0px 6px; +} + +.options a:link, .options a:active, .options a:visited { + text-decoration: none; + padding-left: 13px; + background: url(../images/right.gif) left center no-repeat; +} + +.options a.open:link, .options a.open:active, .options a.open:visited { + padding-left: 13px; + background: url(../images/down.gif) left center no-repeat; +} + +#options { + border: solid #CCC 1px; + padding: 6px; +} + +#timeclock { + clear: both; + text-align: center; + font-size: 20px; + margin-top: 10px; +} + +#message { + font-size: 11px; + text-align: center; + color: #000; + background-color: #FC0; + width: 27ex; + padding: 1px; + margin: 0px auto; + z-index: 1; + visibility: visible; +} + +#entry #message { + visibility: hidden; +} + +#office { + float: left; + width: 33%; + font-size: 12px; + font-weight: normal; + margin: 0; + padding: 3px; +} + +#entry_form { + margin: 16px; +} + +#employee_entry_form { + clear: both; + max-width: 450px; + margin: 16px; +} + +#password_entry_form { + clear: both; + margin: 16px; +} + +#password_change_form { + margin: 16px; +} + +#password_change_form p { + margin: 3px 16px 3px 32px; +} + +#select_offices { + float: left; +} + +#select_groups { + float: right; +} + +#printer_friendly { + font-size: 11px; + margin-left: 6px; +} + +.punch-in, .punch-out { + font-size: 14px; + font-weight: normal; + float: left; +} + +#entry .punch-in, #entry .punch-out { + float: none; +} + +/* for mobile safari */ +.hours-summary { + float: right; + margin: 10px 12px 0px 0px; +} + +.hours-summary th { + text-align: right; +} + +.hours-summary td { + text-align: right; +} + +.refresh-link { + float: right; + margin-right: 10px; + font-weight: normal; +} + +.buttons { + float: left; + margin-top: 30px; + margin-left: 10px; +} + +#nyroModalWrapper .buttons { + margin-left: 0; +} + +.timecard { + max-width: 600px; +} + +.timecard h2 { + margin: 2px 6px; + text-align: center; +} + +.timecard h3 { + margin: 6px 6px; + padding: 0; +} + +.timecard h4 { + margin: 6px 6px; + padding: 0; +} + +.timecard p { + margin: 3px 6px; + padding: 0; + font-size: 11px; +} + +.timecard_list { + margin: 12px 0px; +} + +.timecard_list td { + padding: 4px 6px; +} + +.timecard_list th { + padding: 4px 6px; + border-bottom: solid #CCC 1px; +} + +.timecard_list .hrs { + border-left: solid #CCC 1px; +} + +.timecard_list .ovt { +} + +.timecard_list .total { +} + +.timecard_list .notes { + border-left: solid #CCC 1px; + min-width: 16ex; +} + +.timecard_list .total_row td { + border-top: solid #CCC 1px; + font-weight: bold; +} + +.timecard_list .total_row .hrs { + border-left: solid #FFF 1px; + border-top: solid #CCC 1px; +} + +.timecard_list .total_row .ovt { + border-top: solid #CCC 1px; +} + +.timecard_list .total_row .total { + border-top: solid #CCC 1px; +} + +.timecard_list .total_row .notes { + border-left: solid #FFF 1px; +} + +.nav-buttons { + float: right; + margin-top: 4px; + margin-right: 4px; +} + +.nav-buttons a { + margin: 0px; + padding: 0px; +} + +.totals { + margin-top: 9px; +} + +.tip { + margin-left: 12px; + color: #999; +} diff --git a/punchclock/entry.ajax.php b/punchclock/entry.ajax.php index e239fae..ec7f827 100644 --- a/punchclock/entry.ajax.php +++ b/punchclock/entry.ajax.php @@ -13,12 +13,12 @@ require_once 'lib.common.php'; require_once 'lib.timecard.php'; require_once "$TIMECLOCK_PATH/functions.php"; -turn_off_magic_quotes(); +//turn_off_magic_quotes(); // Connect to db. -$db = mysql_connect($db_hostname, $db_username, $db_password) +$db = ($GLOBALS["___mysqli_ston"] = mysqli_connect($db_hostname, $db_username, $db_password)) or die("Could not connect to the database."); -mysql_select_db($db_name); +mysqli_select_db($GLOBALS["___mysqli_ston"], $db_name); // Parse arguments. $emp = isset($_GET['emp']) ? $_GET['emp'] : null; @@ -49,19 +49,19 @@ // Post employee time. $inout = $_POST['inout']; - $q_inout = mysql_real_escape_string($inout); + $q_inout = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $inout); $h_inout = htmlentities($inout); $notes = isset($_POST['notes']) ? $_POST['notes'] : ''; - $q_notes = mysql_real_escape_string($notes); + $q_notes = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $notes); $h_notes = htmlentities($notes); - $q_empfullname = mysql_real_escape_string($empfullname); + $q_empfullname = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $empfullname); // Validate and get inout display color. $query = "select color from " . $db_prefix . "punchlist where punchitems = '$q_inout'"; - $punchlist_result = mysql_query($query); - $inout_color = mysql_result($punchlist_result, 0, 0); + $punchlist_result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + $inout_color = mysqli_result($punchlist_result, 0, 0); if (!$inout_color) { #print error_msg("In/Out Status is not in the database."); trigger_error('In/Out Status is not in the database.', E_USER_WARNING); @@ -83,11 +83,11 @@ where empfullname = '$q_empfullname' End_Of_SQL; - if (mysql_query($insert_query)) { - mysql_query($update_query) - or trigger_error('punchclock: cannot update tstamp in employee record. ' . mysql_error(), E_USER_WARNING); + if (mysqli_query($GLOBALS["___mysqli_ston"], $insert_query)) { + mysqli_query($GLOBALS["___mysqli_ston"], $update_query) + or trigger_error('punchclock: cannot update tstamp in employee record. ' . mysqli_error($GLOBALS["___mysqli_ston"]), E_USER_WARNING); } else { - trigger_error('punchclock: cannot insert timestamp into info record. ' . mysql_error(), E_USER_WARNING); + trigger_error('punchclock: cannot insert timestamp into info record. ' . mysqli_error($GLOBALS["___mysqli_ston"]), E_USER_WARNING); } // Update display line on punchclock list and close form. @@ -258,8 +258,8 @@ // query to produce buttons for punchlist items // $query = "select punchitems,color,in_or_out from " . $db_prefix . "punchlist order by in_or_out desc, color, punchitems"; - $punchlist_result = mysql_query($query); - while ($row = mysql_fetch_array($punchlist_result)) { + $punchlist_result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($punchlist_result)) { $punchclass = $row['in_or_out'] ? 'punch-in' : 'punch-out'; ## Note: nyroModel plays with submit buttons so the following does not work. ## The value of the submit button is not passed to the server. As a workaround @@ -267,7 +267,7 @@ ##echo "\n"; echo "\n"; } - mysql_free_result($punchlist_result); + ((mysqli_free_result($punchlist_result) || (is_object($punchlist_result) && (get_class($punchlist_result) == "mysqli_result"))) ? true : false); ?>
- - - - - - - - - - - - - - - - - - -
In/OutTimeDateHrsNote
+ + + + + + + + + + + + + + + + + + + + +
In/OutTimeDateHrsNote
diff --git a/punchclock/export.php b/punchclock/export.php index ef778ea..32467be 100644 --- a/punchclock/export.php +++ b/punchclock/export.php @@ -198,13 +198,13 @@ $office_name = isset($_POST['office_name']) ? $_POST['office_name'] : null; // Program options. -$c_reg_ot = bool($_POST['c_reg_ot']); -$c_inout = bool($_POST['c_inout']); -$c_date = bool($_POST['c_date']); -$c_employee = bool($_POST['c_employee']); -$c_name = bool($_POST['c_name']); -$c_group = bool($_POST['c_group']); -$c_office = bool($_POST['c_office']); +$c_reg_ot = isset($_POST['c_reg_ot']) ? bool($_POST['c_reg_ot']) : null; +$c_inout = isset($_POST['c_inout']) ? bool($_POST['c_inout']) : null; +$c_date = isset($_POST['c_date']) ? bool($_POST['c_date']) : null; +$c_employee = isset($_POST['c_employee']) ? bool($_POST['c_employee']) : null; +$c_name = isset($_POST['c_name']) ? bool($_POST['c_name']) : null; +$c_group = isset($_POST['c_group']) ? bool($_POST['c_group']) : null; +$c_office = isset($_POST['c_office']) ? bool($_POST['c_office']) : null; //////////////////////////////////////// $PAGE_TITLE = "Export - $title"; diff --git a/punchclock/export_display.php b/punchclock/export_display.php index d71ae03..bb107f6 100644 --- a/punchclock/export_display.php +++ b/punchclock/export_display.php @@ -17,9 +17,9 @@ $begin_utm_timestamp = utm_timestamp($begin_local_timestamp); $end_utm_timestamp = utm_timestamp($end_local_timestamp); -$employee_clause = $user_name == 'All' ? '' : " and {$db_prefix}employees.empfullname = '" . mysql_real_escape_string($user_name) . "'\n"; -$office_clause = $office_name == 'All' ? '' : " and {$db_prefix}employees.office = '" . mysql_real_escape_string($office_name) . "'\n"; -$groups_clause = $group_name == 'All' ? '' : " and {$db_prefix}employees.groups = '" . mysql_real_escape_string($group_name) . "'\n"; +$employee_clause = $user_name == 'All' ? '' : " and {$db_prefix}employees.empfullname = '" . mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $user_name) . "'\n"; +$office_clause = $office_name == 'All' ? '' : " and {$db_prefix}employees.office = '" . mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $office_name) . "'\n"; +$groups_clause = $group_name == 'All' ? '' : " and {$db_prefix}employees.groups = '" . mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $group_name) . "'\n"; // Select employees whose timecards need to be scanned. $query = <<walk(null, record_hours, null); + list($timecard_row_count, $total_hours, $overtime_hours) = $tc->walk(null, 'record_hours', null); $begin = $end; } @@ -83,8 +83,8 @@ {$group_by_clause}{$order_by_clause} End_Of_SQL; -$result = mysql_query($query) -or trigger_error("export_display: Cannot select hours. " . mysql_error(), E_USER_WARNING); +$result = mysqli_query($GLOBALS["___mysqli_ston"], $query) +or trigger_error("export_display: Cannot select hours. " . mysqli_error($GLOBALS["___mysqli_ston"]), E_USER_WARNING); // Print export page header. $begin_date = date('l F j, Y', $begin_local_timestamp); @@ -140,7 +140,7 @@ // Build export table html. $row_count = 0; -while ($row = mysql_fetch_array($result)) { +while ($row = mysqli_fetch_array($result)) { if ($row_count == 0) { // Table header @@ -184,11 +184,23 @@ $hours = sprintf("%01.02f", $row['sum_hours']); $reg_ot = $row['reg_ot'] == 'O' ? 'OT' : 'Reg'; - $h_inout = htmlentities($row['inout']); - $h_color = $row['color'] ? htmlentities($row['color']) : 'inherit'; + if (isset($row['inout'])) { + $h_inout = htmlentities($row['inout']); + } else { + $h_inout = ''; + } + if (isset($row['color'])) { + $h_color = $row['color'] ? htmlentities($row['color']) : 'inherit'; + } else { + $h_color = 'inherit'; + } $date = $row['hours_date']; $h_empfullname = htmlentities($row['empfullname']); - $h_name = htmlentities($row['displayname']); + if (isset($row['displayname'])) { + $h_name = htmlentities($row['displayname']); + } else { + $h_name = ''; + } $h_groups = htmlentities($row['groups']); $h_office = htmlentities($row['office']); @@ -236,7 +248,7 @@ End_Of_HTML; -mysql_free_result($result); +((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); //////////////////////////////////////// function setup_record_hours() { @@ -254,9 +266,9 @@ function setup_record_hours() { `office` varchar(50) ) End_Of_SQL; - mysql_query("DROP TABLE IF EXISTS t_computed_hours"); - mysql_query($sql) - or trigger_error("export_display: Cannot create temporary table t_computed_hours. " . mysql_error(), E_USER_WARNING); + mysqli_query($GLOBALS["___mysqli_ston"], "DROP TABLE IF EXISTS t_computed_hours"); + mysqli_query($GLOBALS["___mysqli_ston"], $sql) + or trigger_error("export_display: Cannot create temporary table t_computed_hours. " . mysqli_error($GLOBALS["___mysqli_ston"]), E_USER_WARNING); } function record_hours($tc) { @@ -288,38 +300,38 @@ function record_hours($tc) { if (round($hours, 3) > 0) { $reg_ot = 'R'; - $q_inout = mysql_real_escape_string($tc->row['inout']); - $q_color = mysql_real_escape_string($tc->row['color']); - $q_employee = mysql_real_escape_string($tc->row['fullname']); - $q_name = mysql_real_escape_string($tc->row['displayname']); - $q_group = mysql_real_escape_string($tc->row['groups']); - $q_office = mysql_real_escape_string($tc->row['office']); + $q_inout = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $tc->row['inout']); + $q_color = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $tc->row['color']); + $q_employee = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $tc->row['fullname']); + $q_name = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $tc->row['displayname']); + $q_group = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $tc->row['groups']); + $q_office = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $tc->row['office']); #$date = date('Y-m-d H:i',$start_time); ## debug $date = date('Y-m-d', $start_time); $sql = << 0) { $reg_ot = 'O'; - $q_inout = mysql_real_escape_string($tc->row['inout']); - $q_color = mysql_real_escape_string($tc->row['color']); - $q_employee = mysql_real_escape_string($tc->row['fullname']); - $q_name = mysql_real_escape_string($tc->row['displayname']); - $q_group = mysql_real_escape_string($tc->row['groups']); - $q_office = mysql_real_escape_string($tc->row['office']); + $q_inout = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $tc->row['inout']); + $q_color = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $tc->row['color']); + $q_employee = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $tc->row['fullname']); + $q_name = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $tc->row['displayname']); + $q_group = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $tc->row['groups']); + $q_office = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $tc->row['office']); #$date = date('Y-m-d H:i',$start_time); ## debug $date = date('Y-m-d', $start_time); $sql = << - - - - - - - + + + + + + + + diff --git a/punchclock/footer_timeclock.php b/punchclock/footer_timeclock.php index 398321d..43cbed0 100644 --- a/punchclock/footer_timeclock.php +++ b/punchclock/footer_timeclock.php @@ -1,10 +1,10 @@ - -
-
+ +
+
diff --git a/punchclock/header.php b/punchclock/header.php index 1657d8f..fd4dbf9 100644 --- a/punchclock/header.php +++ b/punchclock/header.php @@ -1,59 +1,59 @@ -\n"; // puts IE6 in quirks mode -?> - - - - - <?php echo $PAGE_TITLE; ?> - - 0) - echo "$PAGE_META\n"; ?> - - - - - - 0) - echo "$PAGE_STYLE\n"; ?> - - - 0) - echo "$PAGE_SCRIPT\n"; ?> - - 0) - echo " id=\"$PAGE_BODY_ID\""; ?>> -
- - - - 0) - echo "$PAGE_CONTENT_HEADER\n"; ?> -
+\n"; // puts IE6 in quirks mode +?> + + + + + <?php echo $PAGE_TITLE; ?> + + 0) + echo "$PAGE_META\n"; ?> + + + + + + 0) + echo "$PAGE_STYLE\n"; ?> + + + 0) + echo "$PAGE_SCRIPT\n"; ?> + + 0) + echo " id=\"$PAGE_BODY_ID\""; ?>> +
+ + + + 0) + echo "$PAGE_CONTENT_HEADER\n"; ?> +
diff --git a/punchclock/header_reports.php b/punchclock/header_reports.php index 09faea8..3f5d799 100644 --- a/punchclock/header_reports.php +++ b/punchclock/header_reports.php @@ -1,28 +1,28 @@ -)/', "$1\n$PAGE_TITLE", $header); - -print $header; -?> +)/', "$1\n$PAGE_TITLE", $header); + +print $header; +?> diff --git a/punchclock/header_timeclock.php b/punchclock/header_timeclock.php index 1a86621..f371980 100644 --- a/punchclock/header_timeclock.php +++ b/punchclock/header_timeclock.php @@ -1,23 +1,23 @@ - + diff --git a/punchclock/index.php b/punchclock/index.php index 45aaa50..af9a588 100644 --- a/punchclock/index.php +++ b/punchclock/index.php @@ -1,9 +1,9 @@ - + diff --git a/punchclock/lib.common.php b/punchclock/lib.common.php index 3d850ed..06135ea 100644 --- a/punchclock/lib.common.php +++ b/punchclock/lib.common.php @@ -5,6 +5,19 @@ require_once 'config.inc.php'; +//////////////////////////////////////// +function mysqli_result($res,$row=0,$col=0){ + $numrows = mysqli_num_rows($res); + if ($numrows && $row <= ($numrows-1) && $row >=0){ + mysqli_data_seek($res,$row); + $resrow = (is_numeric($col)) ? mysqli_fetch_row($res) : mysqli_fetch_assoc($res); + if (isset($resrow[$col])){ + return $resrow[$col]; + } + } + return false; +} + //////////////////////////////////////// function make_id($empfullname) { // Make an DOM ID string from the employee id @@ -22,19 +35,19 @@ function lookup_employee($empfullname) { // Return valid empfullname or null global $db_prefix; $name = null; - $q_empfullname = mysql_real_escape_string($empfullname); - $result = mysql_query("SELECT empfullname FROM {$db_prefix}employees WHERE empfullname = '$q_empfullname'"); - if (!$result || mysql_num_rows($result) == 0) { + $q_empfullname = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $empfullname); + $result = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT empfullname FROM {$db_prefix}employees WHERE empfullname = '$q_empfullname'"); + if (!$result || mysqli_num_rows($result) == 0) { // Check if displayname was entered. - $q_empfullname = mysql_real_escape_string(strtolower($empfullname)); - $result = mysql_query("SELECT empfullname FROM {$db_prefix}employees WHERE lower(displayname) = '$q_empfullname'") - or trigger_error('lookup_employee: no result: ' . mysql_error(), E_USER_WARNING); + $q_empfullname = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], strtolower($empfullname)); + $result = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT empfullname FROM {$db_prefix}employees WHERE lower(displayname) = '$q_empfullname'") + or trigger_error('lookup_employee: no result: ' . mysqli_error($GLOBALS["___mysqli_ston"]), E_USER_WARNING); } - if ($result && mysql_num_rows($result) == 1) { - $name = mysql_result($result, 0, 0); + if ($result && mysqli_num_rows($result) == 1) { + $name = mysqli_result($result, 0, 0); } if ($result) - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); return $name; } @@ -42,15 +55,15 @@ function lookup_employee($empfullname) { //////////////////////////////////////// function get_employee_name($empfullname) { global $db_prefix; - $q_empfullname = mysql_real_escape_string($empfullname); - $result = mysql_query("SELECT displayname FROM {$db_prefix}employees WHERE empfullname = '$q_empfullname'"); + $q_empfullname = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $empfullname); + $result = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT displayname FROM {$db_prefix}employees WHERE empfullname = '$q_empfullname'"); if (!$result) { - trigger_error('get_employee_name: no result: ' . mysql_error(), E_USER_WARNING); + trigger_error('get_employee_name: no result: ' . mysqli_error($GLOBALS["___mysqli_ston"]), E_USER_WARNING); return false; } - $name = mysql_result($result, 0, 0); - mysql_free_result($result); + $name = mysqli_result($result, 0, 0); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); return $name; } @@ -58,15 +71,15 @@ function get_employee_name($empfullname) { //////////////////////////////////////// function get_employee_password($empfullname) { global $db_prefix; - $q_empfullname = mysql_real_escape_string($empfullname); - $result = mysql_query("SELECT employee_passwd FROM {$db_prefix}employees WHERE empfullname = '$q_empfullname'"); + $q_empfullname = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $empfullname); + $result = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT employee_passwd FROM {$db_prefix}employees WHERE empfullname = '$q_empfullname'"); if (!$result) { - trigger_error('get_employee_password: no result: ' . mysql_error(), E_USER_WARNING); + trigger_error('get_employee_password: no result: ' . mysqli_error($GLOBALS["___mysqli_ston"]), E_USER_WARNING); return false; } - $password = mysql_result($result, 0, 0); - mysql_free_result($result); + $password = mysqli_result($result, 0, 0); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); return $password; } @@ -86,15 +99,15 @@ function is_valid_password($empfullname, $password) { function save_employee_password($empfullname, $new_password) { global $db_prefix; $password = crypt($new_password, 'xy'); - $q_empfullname = mysql_real_escape_string($empfullname); - $q_password = mysql_real_escape_string($password); - $result = mysql_query("UPDATE {$db_prefix}employees SET employee_passwd = '$q_password' WHERE empfullname = '$q_empfullname'"); + $q_empfullname = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $empfullname); + $q_password = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $password); + $result = mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$db_prefix}employees SET employee_passwd = '$q_password' WHERE empfullname = '$q_empfullname'"); if (!$result) { - trigger_error('save_employee_password: cannot save new password: ' . mysql_error(), E_USER_WARNING); + trigger_error('save_employee_password: cannot save new password: ' . mysqli_error($GLOBALS["___mysqli_ston"]), E_USER_WARNING); return false; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); return true; } @@ -104,7 +117,7 @@ function get_employee_status($empfullname) { // Get employee's current punch-in/out status and time. // Return array of in/out(1/0), punch code, timestamp, and notes. global $db_prefix; - $q_empfullname = mysql_real_escape_string($empfullname); + $q_empfullname = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $empfullname); $query = << '1' and employees.empfullname = '$q_empfullname' End_Of_SQL; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); if (!$result) { - trigger_error('get_employee_status: no result: ' . mysql_error(), E_USER_WARNING); + trigger_error('get_employee_status: no result: ' . mysqli_error($GLOBALS["___mysqli_ston"]), E_USER_WARNING); return false; } - $row = mysql_fetch_assoc($result); - mysql_free_result($result); + $row = mysqli_fetch_assoc($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); return array($row['in_or_out'], $row['color'], $row['inout'], $row['timestamp'], $row['notes']); } @@ -310,9 +323,9 @@ function turn_off_magic_quotes() { remove_magic_quotes($_POST); remove_magic_quotes($_COOKIE); remove_magic_quotes($_REQUEST); - ini_set('magic_quotes_gpc', 0); + //ini_set('magic_quotes_gpc', 0); } - set_magic_quotes_runtime(0); + //set_magic_quotes_runtime(0); } function remove_magic_quotes(&$array) { diff --git a/punchclock/lib.select.php b/punchclock/lib.select.php index cc972be..9b131be 100644 --- a/punchclock/lib.select.php +++ b/punchclock/lib.select.php @@ -33,8 +33,8 @@ function select_options($arg, $val = null) { return _select_options_arr($arg, $lookup); $html = ''; // initialize return string $db = isset($GLOBALS['db']) ? $GLOBALS['db'] : null; - $result = mysql_query($arg, $db); - while ($row = mysql_fetch_row($result)) { + $result = mysqli_query( $db, $arg); + while ($row = mysqli_fetch_row($result)) { if (count($row) < 2) $row[1] = $row[0]; $selected = isset($lookup[$row[0]]) ? ' selected="selected"' : ''; diff --git a/punchclock/lib.timecard.php b/punchclock/lib.timecard.php index dec50e9..abe5a9a 100644 --- a/punchclock/lib.timecard.php +++ b/punchclock/lib.timecard.php @@ -161,7 +161,7 @@ function print_footer($tc) { // Print timecard. $tc = new Timecard($empfullname, $begin_local_timestamp, $end_local_timestamp); - list($row_count, $total_hours, $overtime_hours, $today_hours) = $tc->walk(print_header, print_row, print_footer); + list($row_count, $total_hours, $overtime_hours, $today_hours) = $tc->walk('print_header', 'print_row', 'print_footer'); if ($row_count <= 0) print error_msg("No records were found."); diff --git a/punchclock/login.php b/punchclock/login.php index 20f5222..0ca3015 100644 --- a/punchclock/login.php +++ b/punchclock/login.php @@ -1,181 +1,181 @@ - -End_Of_HTML; - - $PAGE_SCRIPT = << - -End_Of_HTML; - - include 'header.php'; - if ($msg) - print msg($msg); - if ($error_msg) - print error_msg($error_msg); - print << -
- - - - - - - - - -
   Enter your name -
Employee Name: -  *
 
* required 
- - - -
-
-
- -End_Of_HTML; - - include 'footer.php'; - exit; -} - -//////////////////////////////////////// -if ($use_passwd == 'yes') { - $authenticated = isset($_SESSION['authenticated']) ? ($_SESSION['authenticated'] == $empfullname) : false; - - if ((!$authenticated) && (isset($_SESSION['time_admin_valid_user']) || isset($_SESSION['valid_user']))) { - // Allow time administrators and system administrators to bypass the password screen. - $_SESSION['authenticated'] = $empfullname; - $authenticated = true; - } - - if (!$authenticated && $password) { - - // Validate password - if (is_valid_password($empfullname, $password)) { - $_SESSION['authenticated'] = $empfullname; - $authenticated = true; - } else { - $error_msg .= "Password is incorrect. Please try again.\n"; - } - } - - if (!$authenticated) { - $u_empfullname = rawurlencode($empfullname); - $h_empfullname = htmlentities($empfullname); - $h_name_header = $show_display_name == 'yes' ? htmlentities(get_employee_name($empfullname)) : $h_empfullname; - - // Security: make sure no one is already authenticated before displaying password screen. - unset($_SESSION['authenticated']); - - // Authenticate employee - $PAGE_TITLE = "Login - $title"; - $PAGE_SCRIPT = <<$(function(){ $('form input:first').focus(); }); -End_Of_HTML; - include 'header.php'; - if ($msg) - print msg($msg); - if ($error_msg) - print error_msg($error_msg); - print << -
- - - - - - - - - - - -
   Enter your password -
$h_name_header
Password: -  *
- Forgot your password -    - Change your password
 
* required 
- - - -
- -
-
-End_Of_HTML; - include 'footer.php'; - exit; - } -} - -//////////////////////////////////////// -// Successful login -$_SESSION['authenticated'] = $empfullname; -$return_url = preg_replace('/\bemp(fullname)?=.*?&(.*)$/', '$2', $return_url); // remove possible emp= from url -$return_url .= (preg_match('/[?]/', $return_url) ? '&' : '?') . "emp=" . rawurlencode($empfullname); // add emp= argument to url -exit_next($return_url); -?> + +End_Of_HTML; + + $PAGE_SCRIPT = << + +End_Of_HTML; + + include 'header.php'; + if ($msg) + print msg($msg); + if ($error_msg) + print error_msg($error_msg); + print << +
+ + + + + + + + + +
   Enter your name +
Employee Name: +  *
 
* required 
+ + + +
+
+
+ +End_Of_HTML; + + include 'footer.php'; + exit; +} + +//////////////////////////////////////// +if ($use_passwd == 'yes') { + $authenticated = isset($_SESSION['authenticated']) ? ($_SESSION['authenticated'] == $empfullname) : false; + + if ((!$authenticated) && (isset($_SESSION['time_admin_valid_user']) || isset($_SESSION['valid_user']))) { + // Allow time administrators and system administrators to bypass the password screen. + $_SESSION['authenticated'] = $empfullname; + $authenticated = true; + } + + if (!$authenticated && $password) { + + // Validate password + if (is_valid_password($empfullname, $password)) { + $_SESSION['authenticated'] = $empfullname; + $authenticated = true; + } else { + $error_msg .= "Password is incorrect. Please try again.\n"; + } + } + + if (!$authenticated) { + $u_empfullname = rawurlencode($empfullname); + $h_empfullname = htmlentities($empfullname); + $h_name_header = $show_display_name == 'yes' ? htmlentities(get_employee_name($empfullname)) : $h_empfullname; + + // Security: make sure no one is already authenticated before displaying password screen. + unset($_SESSION['authenticated']); + + // Authenticate employee + $PAGE_TITLE = "Login - $title"; + $PAGE_SCRIPT = <<$(function(){ $('form input:first').focus(); }); +End_Of_HTML; + include 'header.php'; + if ($msg) + print msg($msg); + if ($error_msg) + print error_msg($error_msg); + print << +
+ + + + + + + + + + + +
   Enter your password +
$h_name_header
Password: +  *
+ Forgot your password +    + Change your password
 
* required 
+ + + +
+ +
+
+End_Of_HTML; + include 'footer.php'; + exit; + } +} + +//////////////////////////////////////// +// Successful login +$_SESSION['authenticated'] = $empfullname; +$return_url = preg_replace('/\bemp(fullname)?=.*?&(.*)$/', '$2', $return_url); // remove possible emp= from url +$return_url .= (preg_match('/[?]/', $return_url) ? '&' : '?') . "emp=" . rawurlencode($empfullname); // add emp= argument to url +exit_next($return_url); +?> diff --git a/punchclock/menu.php b/punchclock/menu.php index af5a4a5..06d4895 100644 --- a/punchclock/menu.php +++ b/punchclock/menu.php @@ -34,10 +34,10 @@ Please re-enter and confirm your new password."); diff --git a/punchclock/password.php b/punchclock/password.php index ea8ffd6..1199dbf 100644 --- a/punchclock/password.php +++ b/punchclock/password.php @@ -61,7 +61,7 @@ $_SESSION['login_msg'] = "Your password has been changed.\n"; exit_next($return_url); } else { - print error_msg("Cannot save your new password. " . mysql_error()); + print error_msg("Cannot save your new password. " . mysqli_error($GLOBALS["___mysqli_ston"])); } } else { print error_msg("Your new password and the confirm password do not match.
Please re-enter and confirm your new password."); diff --git a/punchclock/punchclock.php b/punchclock/punchclock.php index 9e36435..52db2d7 100644 --- a/punchclock/punchclock.php +++ b/punchclock/punchclock.php @@ -29,7 +29,7 @@ if (isset($_REQUEST['office'])) { $office = $_REQUEST['office']; $h_office = htmlentities($office); - $q_office = mysql_real_escape_string($office); + $q_office = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $office); $u_office = rawurlencode($office); $display_office = $office ? $office : 'all'; // override config option @@ -39,10 +39,12 @@ if (isset($_REQUEST['group'])) { $group = $_REQUEST['group']; $h_group = htmlentities($group); - $q_group = mysql_real_escape_string($group); + $q_group = mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $group); $u_group = rawurlencode($group); $display_group = $group ? $group : 'all'; // override config option +} else { + $group = ''; } if ($punchclock_select_offices == "yes") { diff --git a/punchclock/punchclock_display.php b/punchclock/punchclock_display.php index 8af53cf..2ca698c 100644 --- a/punchclock/punchclock_display.php +++ b/punchclock/punchclock_display.php @@ -13,8 +13,8 @@ $sortdirection = 'asc'; // Construct query -$office_clause = $display_office == 'all' ? '' : " and {$db_prefix}employees.office = '" . mysql_real_escape_string($display_office) . "'\n"; -$groups_clause = $display_group == 'all' ? '' : " and {$db_prefix}employees.groups = '" . mysql_real_escape_string($display_group) . "'\n"; +$office_clause = $display_office == 'all' ? '' : " and {$db_prefix}employees.office = '" . mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $display_office) . "'\n"; +$groups_clause = $display_group == 'all' ? '' : " and {$db_prefix}employees.groups = '" . mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $display_group) . "'\n"; $query = << diff --git a/punchclock/scripts/dragtable.js b/punchclock/scripts/dragtable.js index 9d07b17..fe11994 100644 --- a/punchclock/scripts/dragtable.js +++ b/punchclock/scripts/dragtable.js @@ -1,538 +1,538 @@ -/* - dragtable v1.0 - June 26, 2008 - Dan Vanderkam, http://danvk.org/dragtable/ - http://code.google.com/p/dragtable/ - - Instructions: - - Download this file - - Add to your HTML. - - Add class="draggable" to any table you might like to reorder. - - Drag the headers around to reorder them. - - This is code was based on: - - Stuart Langridge's SortTable (kryogenix.org/code/browser/sorttable) - - Mike Hall's draggable class (http://www.brainjar.com/dhtml/drag/) - - A discussion of permuting table columns on comp.lang.javascript - - Licensed under the MIT license. - */ - -// Here's the notice from Mike Hall's draggable script: -//***************************************************************************** -// Do not remove this notice. -// -// Copyright 2001 by Mike Hall. -// See http://www.brainjar.com for terms of use. -//***************************************************************************** -dragtable = { - // How far should the mouse move before it's considered a drag, not a click? - dragRadius2: 100, - setMinDragDistance: function (x) { - dragtable.dragRadius2 = x * x; - }, - - // How long should cookies persist? (in days) - cookieDays: 365, - setCookieDays: function (x) { - dragtable.cookieDays = x; - }, - - // Determine browser and version. - // TODO: eliminate browser sniffing except where it's really necessary. - Browser: function () { - var ua, s, i; - - this.isIE = false; - this.isNS = false; - this.version = null; - ua = navigator.userAgent; - - s = "MSIE"; - if ((i = ua.indexOf(s)) >= 0) { - this.isIE = true; - this.version = parseFloat(ua.substr(i + s.length)); - return; - } - - s = "Netscape6/"; - if ((i = ua.indexOf(s)) >= 0) { - this.isNS = true; - this.version = parseFloat(ua.substr(i + s.length)); - return; - } - - // Treat any other "Gecko" browser as NS 6.1. - s = "Gecko"; - if ((i = ua.indexOf(s)) >= 0) { - this.isNS = true; - this.version = 6.1; - return; - } - }, - browser: null, - - // Detect all draggable tables and attach handlers to their headers. - init: function () { - // Don't initialize twice - if (arguments.callee.done) return; - arguments.callee.done = true; - if (_dgtimer) clearInterval(_dgtimer); - if (!document.createElement || !document.getElementsByTagName) return; - - dragtable.dragObj.zIndex = 0; - dragtable.browser = new dragtable.Browser(); - forEach(document.getElementsByTagName('table'), function (table) { - if (table.className.search(/\bdraggable\b/) != -1) { - dragtable.makeDraggable(table); - } - }); - }, - - // The thead business is taken straight from sorttable. - makeDraggable: function (table) { - if (table.getElementsByTagName('thead').length == 0) { - the = document.createElement('thead'); - the.appendChild(table.rows[0]); - table.insertBefore(the, table.firstChild); - } - - // Safari doesn't support table.tHead, sigh - if (table.tHead == null) { - table.tHead = table.getElementsByTagName('thead')[0]; - } - - var headers = table.tHead.rows[0].cells; - for (var i = 0; i < headers.length; i++) { - headers[i].onmousedown = dragtable.dragStart; - } - - // Replay reorderings from cookies if there are any. - if (dragtable.cookiesEnabled() && table.id && - table.className.search(/\bforget-ordering\b/) == -1) { - dragtable.replayDrags(table); - } - }, - - // Global object to hold drag information. - dragObj: new Object(), - - // Climb up the DOM until there's a tag that matches. - findUp: function (elt, tag) { - do { - if (elt.nodeName && elt.nodeName.search(tag) != -1) - return elt; - } while (elt = elt.parentNode); - return null; - }, - - // clone an element, copying its style and class. - fullCopy: function (elt, deep) { - var new_elt = elt.cloneNode(deep); - new_elt.className = elt.className; - forEach(elt.style, - function (value, key, object) { - if (value == null) return; - if (typeof(value) == "string" && value.length == 0) return; - - new_elt.style[key] = elt.style[key]; - }); - return new_elt; - }, - - eventPosition: function (event) { - var x, y; - if (dragtable.browser.isIE) { - x = window.event.clientX + document.documentElement.scrollLeft - + document.body.scrollLeft; - y = window.event.clientY + document.documentElement.scrollTop - + document.body.scrollTop; - return {x: x, y: y}; - } - return {x: event.pageX, y: event.pageY}; - }, - - // Determine the position of this element on the page. Many thanks to Magnus - // Kristiansen for help making this work with "position: fixed" elements. - absolutePosition: function (elt, stopAtRelative) { - var ex = 0, ey = 0; - do { - var curStyle = dragtable.browser.isIE ? elt.currentStyle - : window.getComputedStyle(elt, ''); - var supportFixed = !(dragtable.browser.isIE && - dragtable.browser.version < 7); - if (stopAtRelative && curStyle.position == 'relative') { - break; - } else if (supportFixed && curStyle.position == 'fixed') { - // Get the fixed el's offset - ex += parseInt(curStyle.left, 10); - ey += parseInt(curStyle.top, 10); - // Compensate for scrolling - ex += document.body.scrollLeft; - ey += document.body.scrollTop; - // End the loop - break; - } else { - ex += elt.offsetLeft; - ey += elt.offsetTop; - } - } while (elt = elt.offsetParent); - return {x: ex, y: ey}; - }, - - // MouseDown handler -- sets up the appropriate mousemove/mouseup handlers - // and fills in the global dragtable.dragObj object. - dragStart: function (event, id) { - var el; - var x, y; - var dragObj = dragtable.dragObj; - - var browser = dragtable.browser; - if (browser.isIE) - dragObj.origNode = window.event.srcElement; - else - dragObj.origNode = event.target; - var pos = dragtable.eventPosition(event); - - // Drag the entire table cell, not just the element that was clicked. - dragObj.origNode = dragtable.findUp(dragObj.origNode, /T[DH]/); - - // Since a column header can't be dragged directly, duplicate its contents - // in a div and drag that instead. - // TODO: I can assume a tHead... - var table = dragtable.findUp(dragObj.origNode, "TABLE"); - dragObj.table = table; - dragObj.startCol = dragtable.findColumn(table, pos.x); - if (dragObj.startCol == -1) return; - - var new_elt = dragtable.fullCopy(table, false); - new_elt.style.margin = '0'; - - // Copy the entire column - var copySectionColumn = function (sec, col) { - var new_sec = dragtable.fullCopy(sec, false); - forEach(sec.rows, function (row) { - var cell = row.cells[col]; - var new_tr = dragtable.fullCopy(row, false); - if (row.offsetHeight) new_tr.style.height = row.offsetHeight + "px"; - var new_td = dragtable.fullCopy(cell, true); - if (cell.offsetWidth) new_td.style.width = cell.offsetWidth + "px"; - new_tr.appendChild(new_td); - new_sec.appendChild(new_tr); - }); - return new_sec; - }; - - // First the heading - if (table.tHead) { - new_elt.appendChild(copySectionColumn(table.tHead, dragObj.startCol)); - } - forEach(table.tBodies, function (tb) { - new_elt.appendChild(copySectionColumn(tb, dragObj.startCol)); - }); - if (table.tFoot) { - new_elt.appendChild(copySectionColumn(table.tFoot, dragObj.startCol)); - } - - var obj_pos = dragtable.absolutePosition(dragObj.origNode, true); - new_elt.style.position = "absolute"; - new_elt.style.left = obj_pos.x + "px"; - new_elt.style.top = obj_pos.y + "px"; - new_elt.style.width = dragObj.origNode.offsetWidth + "px"; - new_elt.style.height = dragObj.origNode.offsetHeight + "px"; - new_elt.style.opacity = 0.7; - - // Hold off adding the element until this is clearly a drag. - dragObj.addedNode = false; - dragObj.tableContainer = dragObj.table.parentNode || document.body; - dragObj.elNode = new_elt; - - // Save starting positions of cursor and element. - dragObj.cursorStartX = pos.x; - dragObj.cursorStartY = pos.y; - dragObj.elStartLeft = parseInt(dragObj.elNode.style.left, 10); - dragObj.elStartTop = parseInt(dragObj.elNode.style.top, 10); - - if (isNaN(dragObj.elStartLeft)) dragObj.elStartLeft = 0; - if (isNaN(dragObj.elStartTop)) dragObj.elStartTop = 0; - - // Update element's z-index. - dragObj.elNode.style.zIndex = ++dragObj.zIndex; - - // Capture mousemove and mouseup events on the page. - if (browser.isIE) { - document.attachEvent("onmousemove", dragtable.dragMove); - document.attachEvent("onmouseup", dragtable.dragEnd); - window.event.cancelBubble = true; - window.event.returnValue = false; - } else { - document.addEventListener("mousemove", dragtable.dragMove, true); - document.addEventListener("mouseup", dragtable.dragEnd, true); - event.preventDefault(); - } - }, - - // Move the floating column header with the mouse - // TODO: Reorder columns as the mouse moves for a more interactive feel. - dragMove: function (event) { - var x, y; - var dragObj = dragtable.dragObj; - - // Get cursor position with respect to the page. - var pos = dragtable.eventPosition(event); - - var dx = dragObj.cursorStartX - pos.x; - var dy = dragObj.cursorStartY - pos.y; - if (!dragObj.addedNode && dx * dx + dy * dy > dragtable.dragRadius2) { - dragObj.tableContainer.insertBefore(dragObj.elNode, dragObj.table); - dragObj.addedNode = true; - } - - // Move drag element by the same amount the cursor has moved. - var style = dragObj.elNode.style; - style.left = (dragObj.elStartLeft + pos.x - dragObj.cursorStartX) + "px"; - style.top = (dragObj.elStartTop + pos.y - dragObj.cursorStartY) + "px"; - - if (dragtable.browser.isIE) { - window.event.cancelBubble = true; - window.event.returnValue = false; - } else { - event.preventDefault(); - } - }, - - // Stop capturing mousemove and mouseup events. - // Determine which (if any) column we're over and shuffle the table. - dragEnd: function (event) { - if (dragtable.browser.isIE) { - document.detachEvent("onmousemove", dragtable.dragMove); - document.detachEvent("onmouseup", dragtable.dragEnd); - } else { - document.removeEventListener("mousemove", dragtable.dragMove, true); - document.removeEventListener("mouseup", dragtable.dragEnd, true); - } - - // If the floating header wasn't added, the mouse didn't move far enough. - var dragObj = dragtable.dragObj; - if (!dragObj.addedNode) { - return; - } - dragObj.tableContainer.removeChild(dragObj.elNode); - - // Determine whether the drag ended over the table, and over which column. - var pos = dragtable.eventPosition(event); - var table_pos = dragtable.absolutePosition(dragObj.table); - if (pos.y < table_pos.y || - pos.y > table_pos.y + dragObj.table.offsetHeight) { - return; - } - var targetCol = dragtable.findColumn(dragObj.table, pos.x); - if (targetCol != -1 && targetCol != dragObj.startCol) { - dragtable.moveColumn(dragObj.table, dragObj.startCol, targetCol); - if (dragObj.table.id && dragtable.cookiesEnabled() && - dragObj.table.className.search(/\bforget-ordering\b/) == -1) { - dragtable.rememberDrag(dragObj.table.id, dragObj.startCol, targetCol); - } - } - }, - - // Which column does the x value fall inside of? x should include scrollLeft. - findColumn: function (table, x) { - var header = table.tHead.rows[0].cells; - for (var i = 0; i < header.length; i++) { - //var left = header[i].offsetLeft; - var pos = dragtable.absolutePosition(header[i]); - //if (left <= x && x <= left + header[i].offsetWidth) { - if (pos.x <= x && x <= pos.x + header[i].offsetWidth) { - return i; - } - } - return -1; - }, - - // Move a column of table from start index to finish index. - // Based on the "Swapping table columns" discussion on comp.lang.javascript. - // Assumes there are columns at sIdx and fIdx - moveColumn: function (table, sIdx, fIdx) { - var row, cA; - var i = table.rows.length; - while (i--) { - row = table.rows[i] - var x = row.removeChild(row.cells[sIdx]); - if (fIdx < row.cells.length) { - row.insertBefore(x, row.cells[fIdx]); - } else { - row.appendChild(x); - } - } - - // For whatever reason, sorttable tracks column indices this way. - // Without a manual update, clicking one column will sort on another. - var headrow = table.tHead.rows[0].cells; - for (var i = 0; i < headrow.length; i++) { - headrow[i].sorttable_columnindex = i; - } - }, - - // Are cookies enabled? We should not attempt to set cookies on a local file. - cookiesEnabled: function () { - return (window.location.protocol != 'file:') && navigator.cookieEnabled; - }, - - // Store a column swap in a cookie for posterity. - rememberDrag: function (id, a, b) { - var cookieName = "dragtable-" + id; - var prev = dragtable.readCookie(cookieName); - var new_val = ""; - if (prev) new_val = prev + ","; - new_val += a + "/" + b; - dragtable.createCookie(cookieName, new_val, dragtable.cookieDays); - }, - - // Replay all column swaps for a table. - replayDrags: function (table) { - if (!dragtable.cookiesEnabled()) return; - var dragstr = dragtable.readCookie("dragtable-" + table.id); - if (!dragstr) return; - var drags = dragstr.split(','); - for (var i = 0; i < drags.length; i++) { - var pair = drags[i].split("/"); - if (pair.length != 2) continue; - var a = parseInt(pair[0]); - var b = parseInt(pair[1]); - if (isNaN(a) || isNaN(b)) continue; - dragtable.moveColumn(table, a, b); - } - }, - - // Cookie functions based on http://www.quirksmode.org/js/cookies.html - // Cookies won't work for local files. - cookiesEnabled: function () { - return (window.location.protocol != 'file:') && navigator.cookieEnabled; - }, - - createCookie: function (name, value, days) { - if (days) { - var date = new Date(); - date.setTime(date.getTime() + (days * 24 * 60 * 60 * 1000)); - var expires = "; expires=" + date.toGMTString(); - } - else var expires = ""; - - var path = document.location.pathname; - document.cookie = name + "=" + value + expires + "; path=" + path - }, - - readCookie: function (name) { - var nameEQ = name + "="; - var ca = document.cookie.split(';'); - for (var i = 0; i < ca.length; i++) { - var c = ca[i]; - while (c.charAt(0) == ' ') c = c.substring(1, c.length); - if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length, c.length); - } - return null; - }, - - eraseCookie: function (name) { - dragtable.createCookie(name, "", -1); - } - -} - -/* ****************************************************************** - Supporting functions: bundled here to avoid depending on a library - ****************************************************************** */ - -// Dean Edwards/Matthias Miller/John Resig -// has a hook for dragtable.init already been added? (see below) -var dgListenOnLoad = false; - -/* for Mozilla/Opera9 */ -if (document.addEventListener) { - dgListenOnLoad = true; - document.addEventListener("DOMContentLoaded", dragtable.init, false); -} - -/* for Internet Explorer */ -/*@cc_on @*/ -/*@if (@_win32) - dgListenOnLoad = true; - document.write(" to your HTML. + - Add class="draggable" to any table you might like to reorder. + - Drag the headers around to reorder them. + + This is code was based on: + - Stuart Langridge's SortTable (kryogenix.org/code/browser/sorttable) + - Mike Hall's draggable class (http://www.brainjar.com/dhtml/drag/) + - A discussion of permuting table columns on comp.lang.javascript + + Licensed under the MIT license. + */ + +// Here's the notice from Mike Hall's draggable script: +//***************************************************************************** +// Do not remove this notice. +// +// Copyright 2001 by Mike Hall. +// See http://www.brainjar.com for terms of use. +//***************************************************************************** +dragtable = { + // How far should the mouse move before it's considered a drag, not a click? + dragRadius2: 100, + setMinDragDistance: function (x) { + dragtable.dragRadius2 = x * x; + }, + + // How long should cookies persist? (in days) + cookieDays: 365, + setCookieDays: function (x) { + dragtable.cookieDays = x; + }, + + // Determine browser and version. + // TODO: eliminate browser sniffing except where it's really necessary. + Browser: function () { + var ua, s, i; + + this.isIE = false; + this.isNS = false; + this.version = null; + ua = navigator.userAgent; + + s = "MSIE"; + if ((i = ua.indexOf(s)) >= 0) { + this.isIE = true; + this.version = parseFloat(ua.substr(i + s.length)); + return; + } + + s = "Netscape6/"; + if ((i = ua.indexOf(s)) >= 0) { + this.isNS = true; + this.version = parseFloat(ua.substr(i + s.length)); + return; + } + + // Treat any other "Gecko" browser as NS 6.1. + s = "Gecko"; + if ((i = ua.indexOf(s)) >= 0) { + this.isNS = true; + this.version = 6.1; + return; + } + }, + browser: null, + + // Detect all draggable tables and attach handlers to their headers. + init: function () { + // Don't initialize twice + if (arguments.callee.done) return; + arguments.callee.done = true; + if (_dgtimer) clearInterval(_dgtimer); + if (!document.createElement || !document.getElementsByTagName) return; + + dragtable.dragObj.zIndex = 0; + dragtable.browser = new dragtable.Browser(); + forEach(document.getElementsByTagName('table'), function (table) { + if (table.className.search(/\bdraggable\b/) != -1) { + dragtable.makeDraggable(table); + } + }); + }, + + // The thead business is taken straight from sorttable. + makeDraggable: function (table) { + if (table.getElementsByTagName('thead').length == 0) { + the = document.createElement('thead'); + the.appendChild(table.rows[0]); + table.insertBefore(the, table.firstChild); + } + + // Safari doesn't support table.tHead, sigh + if (table.tHead == null) { + table.tHead = table.getElementsByTagName('thead')[0]; + } + + var headers = table.tHead.rows[0].cells; + for (var i = 0; i < headers.length; i++) { + headers[i].onmousedown = dragtable.dragStart; + } + + // Replay reorderings from cookies if there are any. + if (dragtable.cookiesEnabled() && table.id && + table.className.search(/\bforget-ordering\b/) == -1) { + dragtable.replayDrags(table); + } + }, + + // Global object to hold drag information. + dragObj: new Object(), + + // Climb up the DOM until there's a tag that matches. + findUp: function (elt, tag) { + do { + if (elt.nodeName && elt.nodeName.search(tag) != -1) + return elt; + } while (elt = elt.parentNode); + return null; + }, + + // clone an element, copying its style and class. + fullCopy: function (elt, deep) { + var new_elt = elt.cloneNode(deep); + new_elt.className = elt.className; + forEach(elt.style, + function (value, key, object) { + if (value == null) return; + if (typeof(value) == "string" && value.length == 0) return; + + new_elt.style[key] = elt.style[key]; + }); + return new_elt; + }, + + eventPosition: function (event) { + var x, y; + if (dragtable.browser.isIE) { + x = window.event.clientX + document.documentElement.scrollLeft + + document.body.scrollLeft; + y = window.event.clientY + document.documentElement.scrollTop + + document.body.scrollTop; + return {x: x, y: y}; + } + return {x: event.pageX, y: event.pageY}; + }, + + // Determine the position of this element on the page. Many thanks to Magnus + // Kristiansen for help making this work with "position: fixed" elements. + absolutePosition: function (elt, stopAtRelative) { + var ex = 0, ey = 0; + do { + var curStyle = dragtable.browser.isIE ? elt.currentStyle + : window.getComputedStyle(elt, ''); + var supportFixed = !(dragtable.browser.isIE && + dragtable.browser.version < 7); + if (stopAtRelative && curStyle.position == 'relative') { + break; + } else if (supportFixed && curStyle.position == 'fixed') { + // Get the fixed el's offset + ex += parseInt(curStyle.left, 10); + ey += parseInt(curStyle.top, 10); + // Compensate for scrolling + ex += document.body.scrollLeft; + ey += document.body.scrollTop; + // End the loop + break; + } else { + ex += elt.offsetLeft; + ey += elt.offsetTop; + } + } while (elt = elt.offsetParent); + return {x: ex, y: ey}; + }, + + // MouseDown handler -- sets up the appropriate mousemove/mouseup handlers + // and fills in the global dragtable.dragObj object. + dragStart: function (event, id) { + var el; + var x, y; + var dragObj = dragtable.dragObj; + + var browser = dragtable.browser; + if (browser.isIE) + dragObj.origNode = window.event.srcElement; + else + dragObj.origNode = event.target; + var pos = dragtable.eventPosition(event); + + // Drag the entire table cell, not just the element that was clicked. + dragObj.origNode = dragtable.findUp(dragObj.origNode, /T[DH]/); + + // Since a column header can't be dragged directly, duplicate its contents + // in a div and drag that instead. + // TODO: I can assume a tHead... + var table = dragtable.findUp(dragObj.origNode, "TABLE"); + dragObj.table = table; + dragObj.startCol = dragtable.findColumn(table, pos.x); + if (dragObj.startCol == -1) return; + + var new_elt = dragtable.fullCopy(table, false); + new_elt.style.margin = '0'; + + // Copy the entire column + var copySectionColumn = function (sec, col) { + var new_sec = dragtable.fullCopy(sec, false); + forEach(sec.rows, function (row) { + var cell = row.cells[col]; + var new_tr = dragtable.fullCopy(row, false); + if (row.offsetHeight) new_tr.style.height = row.offsetHeight + "px"; + var new_td = dragtable.fullCopy(cell, true); + if (cell.offsetWidth) new_td.style.width = cell.offsetWidth + "px"; + new_tr.appendChild(new_td); + new_sec.appendChild(new_tr); + }); + return new_sec; + }; + + // First the heading + if (table.tHead) { + new_elt.appendChild(copySectionColumn(table.tHead, dragObj.startCol)); + } + forEach(table.tBodies, function (tb) { + new_elt.appendChild(copySectionColumn(tb, dragObj.startCol)); + }); + if (table.tFoot) { + new_elt.appendChild(copySectionColumn(table.tFoot, dragObj.startCol)); + } + + var obj_pos = dragtable.absolutePosition(dragObj.origNode, true); + new_elt.style.position = "absolute"; + new_elt.style.left = obj_pos.x + "px"; + new_elt.style.top = obj_pos.y + "px"; + new_elt.style.width = dragObj.origNode.offsetWidth + "px"; + new_elt.style.height = dragObj.origNode.offsetHeight + "px"; + new_elt.style.opacity = 0.7; + + // Hold off adding the element until this is clearly a drag. + dragObj.addedNode = false; + dragObj.tableContainer = dragObj.table.parentNode || document.body; + dragObj.elNode = new_elt; + + // Save starting positions of cursor and element. + dragObj.cursorStartX = pos.x; + dragObj.cursorStartY = pos.y; + dragObj.elStartLeft = parseInt(dragObj.elNode.style.left, 10); + dragObj.elStartTop = parseInt(dragObj.elNode.style.top, 10); + + if (isNaN(dragObj.elStartLeft)) dragObj.elStartLeft = 0; + if (isNaN(dragObj.elStartTop)) dragObj.elStartTop = 0; + + // Update element's z-index. + dragObj.elNode.style.zIndex = ++dragObj.zIndex; + + // Capture mousemove and mouseup events on the page. + if (browser.isIE) { + document.attachEvent("onmousemove", dragtable.dragMove); + document.attachEvent("onmouseup", dragtable.dragEnd); + window.event.cancelBubble = true; + window.event.returnValue = false; + } else { + document.addEventListener("mousemove", dragtable.dragMove, true); + document.addEventListener("mouseup", dragtable.dragEnd, true); + event.preventDefault(); + } + }, + + // Move the floating column header with the mouse + // TODO: Reorder columns as the mouse moves for a more interactive feel. + dragMove: function (event) { + var x, y; + var dragObj = dragtable.dragObj; + + // Get cursor position with respect to the page. + var pos = dragtable.eventPosition(event); + + var dx = dragObj.cursorStartX - pos.x; + var dy = dragObj.cursorStartY - pos.y; + if (!dragObj.addedNode && dx * dx + dy * dy > dragtable.dragRadius2) { + dragObj.tableContainer.insertBefore(dragObj.elNode, dragObj.table); + dragObj.addedNode = true; + } + + // Move drag element by the same amount the cursor has moved. + var style = dragObj.elNode.style; + style.left = (dragObj.elStartLeft + pos.x - dragObj.cursorStartX) + "px"; + style.top = (dragObj.elStartTop + pos.y - dragObj.cursorStartY) + "px"; + + if (dragtable.browser.isIE) { + window.event.cancelBubble = true; + window.event.returnValue = false; + } else { + event.preventDefault(); + } + }, + + // Stop capturing mousemove and mouseup events. + // Determine which (if any) column we're over and shuffle the table. + dragEnd: function (event) { + if (dragtable.browser.isIE) { + document.detachEvent("onmousemove", dragtable.dragMove); + document.detachEvent("onmouseup", dragtable.dragEnd); + } else { + document.removeEventListener("mousemove", dragtable.dragMove, true); + document.removeEventListener("mouseup", dragtable.dragEnd, true); + } + + // If the floating header wasn't added, the mouse didn't move far enough. + var dragObj = dragtable.dragObj; + if (!dragObj.addedNode) { + return; + } + dragObj.tableContainer.removeChild(dragObj.elNode); + + // Determine whether the drag ended over the table, and over which column. + var pos = dragtable.eventPosition(event); + var table_pos = dragtable.absolutePosition(dragObj.table); + if (pos.y < table_pos.y || + pos.y > table_pos.y + dragObj.table.offsetHeight) { + return; + } + var targetCol = dragtable.findColumn(dragObj.table, pos.x); + if (targetCol != -1 && targetCol != dragObj.startCol) { + dragtable.moveColumn(dragObj.table, dragObj.startCol, targetCol); + if (dragObj.table.id && dragtable.cookiesEnabled() && + dragObj.table.className.search(/\bforget-ordering\b/) == -1) { + dragtable.rememberDrag(dragObj.table.id, dragObj.startCol, targetCol); + } + } + }, + + // Which column does the x value fall inside of? x should include scrollLeft. + findColumn: function (table, x) { + var header = table.tHead.rows[0].cells; + for (var i = 0; i < header.length; i++) { + //var left = header[i].offsetLeft; + var pos = dragtable.absolutePosition(header[i]); + //if (left <= x && x <= left + header[i].offsetWidth) { + if (pos.x <= x && x <= pos.x + header[i].offsetWidth) { + return i; + } + } + return -1; + }, + + // Move a column of table from start index to finish index. + // Based on the "Swapping table columns" discussion on comp.lang.javascript. + // Assumes there are columns at sIdx and fIdx + moveColumn: function (table, sIdx, fIdx) { + var row, cA; + var i = table.rows.length; + while (i--) { + row = table.rows[i] + var x = row.removeChild(row.cells[sIdx]); + if (fIdx < row.cells.length) { + row.insertBefore(x, row.cells[fIdx]); + } else { + row.appendChild(x); + } + } + + // For whatever reason, sorttable tracks column indices this way. + // Without a manual update, clicking one column will sort on another. + var headrow = table.tHead.rows[0].cells; + for (var i = 0; i < headrow.length; i++) { + headrow[i].sorttable_columnindex = i; + } + }, + + // Are cookies enabled? We should not attempt to set cookies on a local file. + cookiesEnabled: function () { + return (window.location.protocol != 'file:') && navigator.cookieEnabled; + }, + + // Store a column swap in a cookie for posterity. + rememberDrag: function (id, a, b) { + var cookieName = "dragtable-" + id; + var prev = dragtable.readCookie(cookieName); + var new_val = ""; + if (prev) new_val = prev + ","; + new_val += a + "/" + b; + dragtable.createCookie(cookieName, new_val, dragtable.cookieDays); + }, + + // Replay all column swaps for a table. + replayDrags: function (table) { + if (!dragtable.cookiesEnabled()) return; + var dragstr = dragtable.readCookie("dragtable-" + table.id); + if (!dragstr) return; + var drags = dragstr.split(','); + for (var i = 0; i < drags.length; i++) { + var pair = drags[i].split("/"); + if (pair.length != 2) continue; + var a = parseInt(pair[0]); + var b = parseInt(pair[1]); + if (isNaN(a) || isNaN(b)) continue; + dragtable.moveColumn(table, a, b); + } + }, + + // Cookie functions based on http://www.quirksmode.org/js/cookies.html + // Cookies won't work for local files. + cookiesEnabled: function () { + return (window.location.protocol != 'file:') && navigator.cookieEnabled; + }, + + createCookie: function (name, value, days) { + if (days) { + var date = new Date(); + date.setTime(date.getTime() + (days * 24 * 60 * 60 * 1000)); + var expires = "; expires=" + date.toGMTString(); + } + else var expires = ""; + + var path = document.location.pathname; + document.cookie = name + "=" + value + expires + "; path=" + path + }, + + readCookie: function (name) { + var nameEQ = name + "="; + var ca = document.cookie.split(';'); + for (var i = 0; i < ca.length; i++) { + var c = ca[i]; + while (c.charAt(0) == ' ') c = c.substring(1, c.length); + if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length, c.length); + } + return null; + }, + + eraseCookie: function (name) { + dragtable.createCookie(name, "", -1); + } + +} + +/* ****************************************************************** + Supporting functions: bundled here to avoid depending on a library + ****************************************************************** */ + +// Dean Edwards/Matthias Miller/John Resig +// has a hook for dragtable.init already been added? (see below) +var dgListenOnLoad = false; + +/* for Mozilla/Opera9 */ +if (document.addEventListener) { + dgListenOnLoad = true; + document.addEventListener("DOMContentLoaded", dragtable.init, false); +} + +/* for Internet Explorer */ +/*@cc_on @*/ +/*@if (@_win32) + dgListenOnLoad = true; + document.write(" to your HTML - Add class="sortable" to any table you'd like to make sortable - Click on the headers to sort - - Thanks to many, many people for contributions and suggestions. - Licenced as X11: http://www.kryogenix.org/code/browser/licence.html - This basically means: do what you want with it. - */ - - -var stIsIE = /*@cc_on!@*/false; - -sorttable = { - init: function () { - // quit if this function has already been called - if (arguments.callee.done) return; - // flag this function so we don't do the same thing twice - arguments.callee.done = true; - // kill the timer - if (_timer) clearInterval(_timer); - - if (!document.createElement || !document.getElementsByTagName) return; - - sorttable.DATE_RE = /^(\d\d?)[\/\.-](\d\d?)[\/\.-]((\d\d)?\d\d)$/; - - forEach(document.getElementsByTagName('table'), function (table) { - if (table.className.search(/\bsortable\b/) != -1) { - sorttable.makeSortable(table); - } - }); - - }, - - makeSortable: function (table) { - if (table.getElementsByTagName('thead').length == 0) { - // table doesn't have a tHead. Since it should have, create one and - // put the first table row in it. - the = document.createElement('thead'); - the.appendChild(table.rows[0]); - table.insertBefore(the, table.firstChild); - } - // Safari doesn't support table.tHead, sigh - if (table.tHead == null) table.tHead = table.getElementsByTagName('thead')[0]; - - if (table.tHead.rows.length != 1) return; // can't cope with two header rows - - // Sorttable v1 put rows with a class of "sortbottom" at the bottom (as - // "total" rows, for example). This is B&R, since what you're supposed - // to do is put them in a tfoot. So, if there are sortbottom rows, - // for backwards compatibility, move them to tfoot (creating it if needed). - sortbottomrows = []; - for (var i = 0; i < table.rows.length; i++) { - if (table.rows[i].className.search(/\bsortbottom\b/) != -1) { - sortbottomrows[sortbottomrows.length] = table.rows[i]; - } - } - if (sortbottomrows) { - if (table.tFoot == null) { - // table doesn't have a tfoot. Create one. - tfo = document.createElement('tfoot'); - table.appendChild(tfo); - } - for (var i = 0; i < sortbottomrows.length; i++) { - tfo.appendChild(sortbottomrows[i]); - } - delete sortbottomrows; - } - - // work through each column and calculate its type - headrow = table.tHead.rows[0].cells; - for (var i = 0; i < headrow.length; i++) { - // manually override the type with a sorttable_type attribute - if (!headrow[i].className.match(/\bsorttable_nosort\b/)) { // skip this col - mtch = headrow[i].className.match(/\bsorttable_([a-z0-9]+)\b/); - if (mtch) { - override = mtch[1]; - } - if (mtch && typeof sorttable["sort_" + override] == 'function') { - headrow[i].sorttable_sortfunction = sorttable["sort_" + override]; - } else { - headrow[i].sorttable_sortfunction = sorttable.guessType(table, i); - } - // make it clickable to sort - headrow[i].sorttable_columnindex = i; - headrow[i].sorttable_tbody = table.tBodies[0]; - dean_addEvent(headrow[i], "click", function (e) { - - if (this.className.search(/\bsorttable_sorted\b/) != -1) { - // if we're already sorted by this column, just - // reverse the table, which is quicker - sorttable.reverse(this.sorttable_tbody); - this.className = this.className.replace('sorttable_sorted', - 'sorttable_sorted_reverse'); - this.removeChild(document.getElementById('sorttable_sortfwdind')); - sortrevind = document.createElement('span'); - sortrevind.id = "sorttable_sortrevind"; - sortrevind.innerHTML = stIsIE ? ' 5' : ' ▴'; - this.appendChild(sortrevind); - return; - } - if (this.className.search(/\bsorttable_sorted_reverse\b/) != -1) { - // if we're already sorted by this column in reverse, just - // re-reverse the table, which is quicker - sorttable.reverse(this.sorttable_tbody); - this.className = this.className.replace('sorttable_sorted_reverse', - 'sorttable_sorted'); - this.removeChild(document.getElementById('sorttable_sortrevind')); - sortfwdind = document.createElement('span'); - sortfwdind.id = "sorttable_sortfwdind"; - sortfwdind.innerHTML = stIsIE ? ' 6' : ' ▾'; - this.appendChild(sortfwdind); - return; - } - - // remove sorttable_sorted classes - theadrow = this.parentNode; - forEach(theadrow.childNodes, function (cell) { - if (cell.nodeType == 1) { // an element - cell.className = cell.className.replace('sorttable_sorted_reverse', ''); - cell.className = cell.className.replace('sorttable_sorted', ''); - } - }); - sortfwdind = document.getElementById('sorttable_sortfwdind'); - if (sortfwdind) { - sortfwdind.parentNode.removeChild(sortfwdind); - } - sortrevind = document.getElementById('sorttable_sortrevind'); - if (sortrevind) { - sortrevind.parentNode.removeChild(sortrevind); - } - - this.className += ' sorttable_sorted'; - sortfwdind = document.createElement('span'); - sortfwdind.id = "sorttable_sortfwdind"; - sortfwdind.innerHTML = stIsIE ? ' 6' : ' ▾'; - this.appendChild(sortfwdind); - - // build an array to sort. This is a Schwartzian transform thing, - // i.e., we "decorate" each row with the actual sort key, - // sort based on the sort keys, and then put the rows back in order - // which is a lot faster because you only do getInnerText once per row - row_array = []; - col = this.sorttable_columnindex; - rows = this.sorttable_tbody.rows; - for (var j = 0; j < rows.length; j++) { - row_array[row_array.length] = [sorttable.getInnerText(rows[j].cells[col]), rows[j]]; - } - /* If you want a stable sort, uncomment the following line */ - //sorttable.shaker_sort(row_array, this.sorttable_sortfunction); - /* and comment out this one */ - row_array.sort(this.sorttable_sortfunction); - - tb = this.sorttable_tbody; - for (var j = 0; j < row_array.length; j++) { - tb.appendChild(row_array[j][1]); - } - - delete row_array; - }); - } - } - }, - - guessType: function (table, column) { - // guess the type of a column based on its first non-blank row - sortfn = sorttable.sort_alpha; - for (var i = 0; i < table.tBodies[0].rows.length; i++) { - text = sorttable.getInnerText(table.tBodies[0].rows[i].cells[column]); - if (text != '') { - if (text.match(/^-?[�$�]?[\d,.]+%?$/)) { - return sorttable.sort_numeric; - } - // check for a date: dd/mm/yyyy or dd/mm/yy - // can have / or . or - as separator - // can be mm/dd as well - possdate = text.match(sorttable.DATE_RE) - if (possdate) { - // looks like a date - first = parseInt(possdate[1]); - second = parseInt(possdate[2]); - if (first > 12) { - // definitely dd/mm - return sorttable.sort_ddmm; - } else if (second > 12) { - return sorttable.sort_mmdd; - } else { - // looks like a date, but we can't tell which, so assume - // that it's dd/mm (English imperialism!) and keep looking - sortfn = sorttable.sort_ddmm; - } - } - } - } - return sortfn; - }, - - getInnerText: function (node) { - // gets the text we want to use for sorting for a cell. - // strips leading and trailing whitespace. - // this is *not* a generic getInnerText function; it's special to sorttable. - // for example, you can override the cell text with a customkey attribute. - // it also gets .value for fields. - - hasInputs = (typeof node.getElementsByTagName == 'function') && - node.getElementsByTagName('input').length; - - if (node.getAttribute("sorttable_customkey") != null) { - return node.getAttribute("sorttable_customkey"); - } - else if (typeof node.textContent != 'undefined' && !hasInputs) { - return node.textContent.replace(/^\s+|\s+$/g, ''); - } - else if (typeof node.innerText != 'undefined' && !hasInputs) { - return node.innerText.replace(/^\s+|\s+$/g, ''); - } - else if (typeof node.text != 'undefined' && !hasInputs) { - return node.text.replace(/^\s+|\s+$/g, ''); - } - else { - switch (node.nodeType) { - case 3: - if (node.nodeName.toLowerCase() == 'input') { - return node.value.replace(/^\s+|\s+$/g, ''); - } - case 4: - return node.nodeValue.replace(/^\s+|\s+$/g, ''); - break; - case 1: - case 11: - var innerText = ''; - for (var i = 0; i < node.childNodes.length; i++) { - innerText += sorttable.getInnerText(node.childNodes[i]); - } - return innerText.replace(/^\s+|\s+$/g, ''); - break; - default: - return ''; - } - } - }, - - reverse: function (tbody) { - // reverse the rows in a tbody - newrows = []; - for (var i = 0; i < tbody.rows.length; i++) { - newrows[newrows.length] = tbody.rows[i]; - } - for (var i = newrows.length - 1; i >= 0; i--) { - tbody.appendChild(newrows[i]); - } - delete newrows; - }, - - /* sort functions - each sort function takes two parameters, a and b - you are comparing a[0] and b[0] */ - sort_numeric: function (a, b) { - aa = parseFloat(a[0].replace(/[^0-9.-]/g, '')); - if (isNaN(aa)) aa = 0; - bb = parseFloat(b[0].replace(/[^0-9.-]/g, '')); - if (isNaN(bb)) bb = 0; - return aa - bb; - }, - sort_alpha: function (a, b) { - if (a[0] == b[0]) return 0; - if (a[0] < b[0]) return -1; - return 1; - }, - sort_ddmm: function (a, b) { - mtch = a[0].match(sorttable.DATE_RE); - y = mtch[3]; - m = mtch[2]; - d = mtch[1]; - if (m.length == 1) m = '0' + m; - if (d.length == 1) d = '0' + d; - dt1 = y + m + d; - mtch = b[0].match(sorttable.DATE_RE); - y = mtch[3]; - m = mtch[2]; - d = mtch[1]; - if (m.length == 1) m = '0' + m; - if (d.length == 1) d = '0' + d; - dt2 = y + m + d; - if (dt1 == dt2) return 0; - if (dt1 < dt2) return -1; - return 1; - }, - sort_mmdd: function (a, b) { - mtch = a[0].match(sorttable.DATE_RE); - y = mtch[3]; - d = mtch[2]; - m = mtch[1]; - if (m.length == 1) m = '0' + m; - if (d.length == 1) d = '0' + d; - dt1 = y + m + d; - mtch = b[0].match(sorttable.DATE_RE); - y = mtch[3]; - d = mtch[2]; - m = mtch[1]; - if (m.length == 1) m = '0' + m; - if (d.length == 1) d = '0' + d; - dt2 = y + m + d; - if (dt1 == dt2) return 0; - if (dt1 < dt2) return -1; - return 1; - }, - - shaker_sort: function (list, comp_func) { - // A stable sort function to allow multi-level sorting of data - // see: http://en.wikipedia.org/wiki/Cocktail_sort - // thanks to Joseph Nahmias - var b = 0; - var t = list.length - 1; - var swap = true; - - while (swap) { - swap = false; - for (var i = b; i < t; ++i) { - if (comp_func(list[i], list[i + 1]) > 0) { - var q = list[i]; - list[i] = list[i + 1]; - list[i + 1] = q; - swap = true; - } - } // for - t--; - - if (!swap) break; - - for (var i = t; i > b; --i) { - if (comp_func(list[i], list[i - 1]) < 0) { - var q = list[i]; - list[i] = list[i - 1]; - list[i - 1] = q; - swap = true; - } - } // for - b++; - - } // while(swap) - } -} - -/* ****************************************************************** - Supporting functions: bundled here to avoid depending on a library - ****************************************************************** */ - -// Dean Edwards/Matthias Miller/John Resig - -/* for Mozilla/Opera9 */ -if (document.addEventListener) { - document.addEventListener("DOMContentLoaded", sorttable.init, false); -} - -/* for Internet Explorer */ -/*@cc_on @*/ -/*@if (@_win32) - document.write(" to your HTML + Add class="sortable" to any table you'd like to make sortable + Click on the headers to sort + + Thanks to many, many people for contributions and suggestions. + Licenced as X11: http://www.kryogenix.org/code/browser/licence.html + This basically means: do what you want with it. + */ + + +var stIsIE = /*@cc_on!@*/false; + +sorttable = { + init: function () { + // quit if this function has already been called + if (arguments.callee.done) return; + // flag this function so we don't do the same thing twice + arguments.callee.done = true; + // kill the timer + if (_timer) clearInterval(_timer); + + if (!document.createElement || !document.getElementsByTagName) return; + + sorttable.DATE_RE = /^(\d\d?)[\/\.-](\d\d?)[\/\.-]((\d\d)?\d\d)$/; + + forEach(document.getElementsByTagName('table'), function (table) { + if (table.className.search(/\bsortable\b/) != -1) { + sorttable.makeSortable(table); + } + }); + + }, + + makeSortable: function (table) { + if (table.getElementsByTagName('thead').length == 0) { + // table doesn't have a tHead. Since it should have, create one and + // put the first table row in it. + the = document.createElement('thead'); + the.appendChild(table.rows[0]); + table.insertBefore(the, table.firstChild); + } + // Safari doesn't support table.tHead, sigh + if (table.tHead == null) table.tHead = table.getElementsByTagName('thead')[0]; + + if (table.tHead.rows.length != 1) return; // can't cope with two header rows + + // Sorttable v1 put rows with a class of "sortbottom" at the bottom (as + // "total" rows, for example). This is B&R, since what you're supposed + // to do is put them in a tfoot. So, if there are sortbottom rows, + // for backwards compatibility, move them to tfoot (creating it if needed). + sortbottomrows = []; + for (var i = 0; i < table.rows.length; i++) { + if (table.rows[i].className.search(/\bsortbottom\b/) != -1) { + sortbottomrows[sortbottomrows.length] = table.rows[i]; + } + } + if (sortbottomrows) { + if (table.tFoot == null) { + // table doesn't have a tfoot. Create one. + tfo = document.createElement('tfoot'); + table.appendChild(tfo); + } + for (var i = 0; i < sortbottomrows.length; i++) { + tfo.appendChild(sortbottomrows[i]); + } + delete sortbottomrows; + } + + // work through each column and calculate its type + headrow = table.tHead.rows[0].cells; + for (var i = 0; i < headrow.length; i++) { + // manually override the type with a sorttable_type attribute + if (!headrow[i].className.match(/\bsorttable_nosort\b/)) { // skip this col + mtch = headrow[i].className.match(/\bsorttable_([a-z0-9]+)\b/); + if (mtch) { + override = mtch[1]; + } + if (mtch && typeof sorttable["sort_" + override] == 'function') { + headrow[i].sorttable_sortfunction = sorttable["sort_" + override]; + } else { + headrow[i].sorttable_sortfunction = sorttable.guessType(table, i); + } + // make it clickable to sort + headrow[i].sorttable_columnindex = i; + headrow[i].sorttable_tbody = table.tBodies[0]; + dean_addEvent(headrow[i], "click", function (e) { + + if (this.className.search(/\bsorttable_sorted\b/) != -1) { + // if we're already sorted by this column, just + // reverse the table, which is quicker + sorttable.reverse(this.sorttable_tbody); + this.className = this.className.replace('sorttable_sorted', + 'sorttable_sorted_reverse'); + this.removeChild(document.getElementById('sorttable_sortfwdind')); + sortrevind = document.createElement('span'); + sortrevind.id = "sorttable_sortrevind"; + sortrevind.innerHTML = stIsIE ? ' 5' : ' ▴'; + this.appendChild(sortrevind); + return; + } + if (this.className.search(/\bsorttable_sorted_reverse\b/) != -1) { + // if we're already sorted by this column in reverse, just + // re-reverse the table, which is quicker + sorttable.reverse(this.sorttable_tbody); + this.className = this.className.replace('sorttable_sorted_reverse', + 'sorttable_sorted'); + this.removeChild(document.getElementById('sorttable_sortrevind')); + sortfwdind = document.createElement('span'); + sortfwdind.id = "sorttable_sortfwdind"; + sortfwdind.innerHTML = stIsIE ? ' 6' : ' ▾'; + this.appendChild(sortfwdind); + return; + } + + // remove sorttable_sorted classes + theadrow = this.parentNode; + forEach(theadrow.childNodes, function (cell) { + if (cell.nodeType == 1) { // an element + cell.className = cell.className.replace('sorttable_sorted_reverse', ''); + cell.className = cell.className.replace('sorttable_sorted', ''); + } + }); + sortfwdind = document.getElementById('sorttable_sortfwdind'); + if (sortfwdind) { + sortfwdind.parentNode.removeChild(sortfwdind); + } + sortrevind = document.getElementById('sorttable_sortrevind'); + if (sortrevind) { + sortrevind.parentNode.removeChild(sortrevind); + } + + this.className += ' sorttable_sorted'; + sortfwdind = document.createElement('span'); + sortfwdind.id = "sorttable_sortfwdind"; + sortfwdind.innerHTML = stIsIE ? ' 6' : ' ▾'; + this.appendChild(sortfwdind); + + // build an array to sort. This is a Schwartzian transform thing, + // i.e., we "decorate" each row with the actual sort key, + // sort based on the sort keys, and then put the rows back in order + // which is a lot faster because you only do getInnerText once per row + row_array = []; + col = this.sorttable_columnindex; + rows = this.sorttable_tbody.rows; + for (var j = 0; j < rows.length; j++) { + row_array[row_array.length] = [sorttable.getInnerText(rows[j].cells[col]), rows[j]]; + } + /* If you want a stable sort, uncomment the following line */ + //sorttable.shaker_sort(row_array, this.sorttable_sortfunction); + /* and comment out this one */ + row_array.sort(this.sorttable_sortfunction); + + tb = this.sorttable_tbody; + for (var j = 0; j < row_array.length; j++) { + tb.appendChild(row_array[j][1]); + } + + delete row_array; + }); + } + } + }, + + guessType: function (table, column) { + // guess the type of a column based on its first non-blank row + sortfn = sorttable.sort_alpha; + for (var i = 0; i < table.tBodies[0].rows.length; i++) { + text = sorttable.getInnerText(table.tBodies[0].rows[i].cells[column]); + if (text != '') { + if (text.match(/^-?[�$�]?[\d,.]+%?$/)) { + return sorttable.sort_numeric; + } + // check for a date: dd/mm/yyyy or dd/mm/yy + // can have / or . or - as separator + // can be mm/dd as well + possdate = text.match(sorttable.DATE_RE) + if (possdate) { + // looks like a date + first = parseInt(possdate[1]); + second = parseInt(possdate[2]); + if (first > 12) { + // definitely dd/mm + return sorttable.sort_ddmm; + } else if (second > 12) { + return sorttable.sort_mmdd; + } else { + // looks like a date, but we can't tell which, so assume + // that it's dd/mm (English imperialism!) and keep looking + sortfn = sorttable.sort_ddmm; + } + } + } + } + return sortfn; + }, + + getInnerText: function (node) { + // gets the text we want to use for sorting for a cell. + // strips leading and trailing whitespace. + // this is *not* a generic getInnerText function; it's special to sorttable. + // for example, you can override the cell text with a customkey attribute. + // it also gets .value for fields. + + hasInputs = (typeof node.getElementsByTagName == 'function') && + node.getElementsByTagName('input').length; + + if (node.getAttribute("sorttable_customkey") != null) { + return node.getAttribute("sorttable_customkey"); + } + else if (typeof node.textContent != 'undefined' && !hasInputs) { + return node.textContent.replace(/^\s+|\s+$/g, ''); + } + else if (typeof node.innerText != 'undefined' && !hasInputs) { + return node.innerText.replace(/^\s+|\s+$/g, ''); + } + else if (typeof node.text != 'undefined' && !hasInputs) { + return node.text.replace(/^\s+|\s+$/g, ''); + } + else { + switch (node.nodeType) { + case 3: + if (node.nodeName.toLowerCase() == 'input') { + return node.value.replace(/^\s+|\s+$/g, ''); + } + case 4: + return node.nodeValue.replace(/^\s+|\s+$/g, ''); + break; + case 1: + case 11: + var innerText = ''; + for (var i = 0; i < node.childNodes.length; i++) { + innerText += sorttable.getInnerText(node.childNodes[i]); + } + return innerText.replace(/^\s+|\s+$/g, ''); + break; + default: + return ''; + } + } + }, + + reverse: function (tbody) { + // reverse the rows in a tbody + newrows = []; + for (var i = 0; i < tbody.rows.length; i++) { + newrows[newrows.length] = tbody.rows[i]; + } + for (var i = newrows.length - 1; i >= 0; i--) { + tbody.appendChild(newrows[i]); + } + delete newrows; + }, + + /* sort functions + each sort function takes two parameters, a and b + you are comparing a[0] and b[0] */ + sort_numeric: function (a, b) { + aa = parseFloat(a[0].replace(/[^0-9.-]/g, '')); + if (isNaN(aa)) aa = 0; + bb = parseFloat(b[0].replace(/[^0-9.-]/g, '')); + if (isNaN(bb)) bb = 0; + return aa - bb; + }, + sort_alpha: function (a, b) { + if (a[0] == b[0]) return 0; + if (a[0] < b[0]) return -1; + return 1; + }, + sort_ddmm: function (a, b) { + mtch = a[0].match(sorttable.DATE_RE); + y = mtch[3]; + m = mtch[2]; + d = mtch[1]; + if (m.length == 1) m = '0' + m; + if (d.length == 1) d = '0' + d; + dt1 = y + m + d; + mtch = b[0].match(sorttable.DATE_RE); + y = mtch[3]; + m = mtch[2]; + d = mtch[1]; + if (m.length == 1) m = '0' + m; + if (d.length == 1) d = '0' + d; + dt2 = y + m + d; + if (dt1 == dt2) return 0; + if (dt1 < dt2) return -1; + return 1; + }, + sort_mmdd: function (a, b) { + mtch = a[0].match(sorttable.DATE_RE); + y = mtch[3]; + d = mtch[2]; + m = mtch[1]; + if (m.length == 1) m = '0' + m; + if (d.length == 1) d = '0' + d; + dt1 = y + m + d; + mtch = b[0].match(sorttable.DATE_RE); + y = mtch[3]; + d = mtch[2]; + m = mtch[1]; + if (m.length == 1) m = '0' + m; + if (d.length == 1) d = '0' + d; + dt2 = y + m + d; + if (dt1 == dt2) return 0; + if (dt1 < dt2) return -1; + return 1; + }, + + shaker_sort: function (list, comp_func) { + // A stable sort function to allow multi-level sorting of data + // see: http://en.wikipedia.org/wiki/Cocktail_sort + // thanks to Joseph Nahmias + var b = 0; + var t = list.length - 1; + var swap = true; + + while (swap) { + swap = false; + for (var i = b; i < t; ++i) { + if (comp_func(list[i], list[i + 1]) > 0) { + var q = list[i]; + list[i] = list[i + 1]; + list[i + 1] = q; + swap = true; + } + } // for + t--; + + if (!swap) break; + + for (var i = t; i > b; --i) { + if (comp_func(list[i], list[i - 1]) < 0) { + var q = list[i]; + list[i] = list[i - 1]; + list[i - 1] = q; + swap = true; + } + } // for + b++; + + } // while(swap) + } +} + +/* ****************************************************************** + Supporting functions: bundled here to avoid depending on a library + ****************************************************************** */ + +// Dean Edwards/Matthias Miller/John Resig + +/* for Mozilla/Opera9 */ +if (document.addEventListener) { + document.addEventListener("DOMContentLoaded", sorttable.init, false); +} + +/* for Internet Explorer */ +/*@cc_on @*/ +/*@if (@_win32) + document.write(" -End_Of_HTML; -?> +$timeclock + +End_Of_HTML; +?> diff --git a/punchclock/timecard.ajax.php b/punchclock/timecard.ajax.php index 59f2138..71d2e8e 100644 --- a/punchclock/timecard.ajax.php +++ b/punchclock/timecard.ajax.php @@ -39,9 +39,9 @@ $local_timestamp_in_week += $one_week; // Connect to db. -$db = mysql_connect($db_hostname, $db_username, $db_password) +$db = ($GLOBALS["___mysqli_ston"] = mysqli_connect($db_hostname, $db_username, $db_password)) or die("Could not connect to the database."); -mysql_select_db($db_name); +mysqli_select_db($GLOBALS["___mysqli_ston"], $db_name); $u_empfullname = rawurlencode($empfullname); diff --git a/punchclock/timecard.php b/punchclock/timecard.php index bfcd871..2207ee2 100644 --- a/punchclock/timecard.php +++ b/punchclock/timecard.php @@ -1,95 +1,95 @@ - -.nav-buttons { float:right; margin-top:8px; margin-right:8px; } -@media print { - .page { width:50%; min-width:400px; } - .buttons { display:none; } - .nav-buttons { display:none; } - .topmain_row_color { display:none; } - .misc_items { color:#222; } -} - -End_Of_HTML; -$PAGE_CONTENT_HEADER = << -PreviousNext - -End_Of_HTML; - -include 'header.php'; - -print timecard_html($empfullname, $local_timestamp_in_week); - -print << -
- -End_Of_HTML; - -include 'footer.php'; + +.nav-buttons { float:right; margin-top:8px; margin-right:8px; } +@media print { + .page { width:50%; min-width:400px; } + .buttons { display:none; } + .nav-buttons { display:none; } + .topmain_row_color { display:none; } + .misc_items { color:#222; } +} + +End_Of_HTML; +$PAGE_CONTENT_HEADER = << +PreviousNext + +End_Of_HTML; + +include 'header.php'; + +print timecard_html($empfullname, $local_timestamp_in_week); + +print << +
+ +End_Of_HTML; + +include 'footer.php'; diff --git a/reports/audit.php b/reports/audit.php index 7326cc6..30af2f9 100644 --- a/reports/audit.php +++ b/reports/audit.php @@ -410,9 +410,9 @@ $query = "select * from " . $db_prefix . "audit where modified_when >= '" . $from_timestamp . "' and modified_when <= '" . $to_timestamp . "' order by modified_when asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $modified_when[] = "" . $row["modified_when"] . ""; $modified_from[] = "" . $row["modified_from"] . ""; diff --git a/reports/get_csv.php b/reports/get_csv.php index 9e3ca67..2b87b3f 100644 --- a/reports/get_csv.php +++ b/reports/get_csv.php @@ -3,12 +3,12 @@ include '../config.inc.php'; include '../functions.php'; -@$db = mysql_pconnect($db_hostname, $db_username, $db_password); +@$db = ($GLOBALS["___mysqli_ston"] = mysqli_connect($db_hostname, $db_username, $db_password)); if (!$db) { echo "Error: Could not connect to the database. Please try again later."; exit; } -mysql_select_db($db_name); +mysqli_select_db($GLOBALS["___mysqli_ston"], $db_name); if (($_GET['rpt'] == 'timerpt') && (isset($_GET['display_ip'])) && (isset($_GET['csv'])) && (isset($_GET['office'])) && (isset($_GET['group'])) && (isset($_GET['fullname'])) && (isset($_GET['from'])) && (isset($_GET['to'])) && (isset($_GET['tzo'])) @@ -38,36 +38,36 @@ if (($office_name == "All") && ($group_name == "All") && ($fullname == "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees WHERE tstamp IS NOT NULL order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif ((empty($office_name)) && (empty($group_name)) && ($fullname == 'All')) { $query = "select empfullname, displayname from " . $db_prefix . "employees WHERE tstamp IS NOT NULL order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif ((empty($office_name)) && (empty($group_name)) && ($fullname != 'All')) { $query = "select empfullname, displayname from " . $db_prefix . "employees WHERE tstamp IS NOT NULL and empfullname = '" . $fullname . "' order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name == "All") && ($fullname == "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and tstamp IS NOT NULL order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name != "All") && ($fullname == "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and groups = '" . $group_name . "' and tstamp IS NOT NULL order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name != "All") && ($fullname != "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and groups = '" . $group_name . "' and empfullname = '" . $fullname . "' and tstamp IS NOT NULL order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } } else { @@ -75,41 +75,41 @@ if (($office_name == "All") && ($group_name == "All") && ($fullname == "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees WHERE tstamp IS NOT NULL order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif ((empty($office_name)) && (empty($group_name)) && ($fullname == 'All')) { $query = "select empfullname, displayname from " . $db_prefix . "employees WHERE tstamp IS NOT NULL order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif ((empty($office_name)) && (empty($group_name)) && ($fullname != 'All')) { $query = "select empfullname, displayname from " . $db_prefix . "employees WHERE tstamp IS NOT NULL and empfullname = '" . $fullname . "' order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name == "All") && ($fullname == "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and tstamp IS NOT NULL order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name != "All") && ($fullname == "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and groups = '" . $group_name . "' and tstamp IS NOT NULL order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name != "All") && ($fullname != "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and groups = '" . $group_name . "' and empfullname = '" . $fullname . "' and tstamp IS NOT NULL order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } } - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $employees_empfullname[] = stripslashes("" . $row['empfullname'] . ""); $employees_displayname[] = stripslashes("" . $row['displayname'] . ""); @@ -141,9 +141,9 @@ and " . $db_prefix . "info.`inout` = " . $db_prefix . "punchlist.punchitems and " . $db_prefix . "employees.empfullname = '" . $employees_empfullname[$x] . "' order by " . $db_prefix . "info.timestamp asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $display_stamp = "" . $row["timestamp"] . ""; $time = date($timefmt, $display_stamp); @@ -237,36 +237,36 @@ if (($office_name == "All") && ($group_name == "All") && ($fullname == "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees WHERE tstamp IS NOT NULL order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif ((empty($office_name)) && (empty($group_name)) && ($fullname == 'All')) { $query = "select empfullname, displayname from " . $db_prefix . "employees WHERE tstamp IS NOT NULL order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif ((empty($office_name)) && (empty($group_name)) && ($fullname != 'All')) { $query = "select empfullname, displayname from " . $db_prefix . "employees WHERE tstamp IS NOT NULL and empfullname = '" . $fullname . "' order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name == "All") && ($fullname == "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and tstamp IS NOT NULL order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name != "All") && ($fullname == "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and groups = '" . $group_name . "' and tstamp IS NOT NULL order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name != "All") && ($fullname != "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and groups = '" . $group_name . "' and empfullname = '" . $fullname . "' and tstamp IS NOT NULL order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } @@ -275,41 +275,41 @@ if (($office_name == "All") && ($group_name == "All") && ($fullname == "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees WHERE tstamp IS NOT NULL order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif ((empty($office_name)) && (empty($group_name)) && ($fullname == 'All')) { $query = "select empfullname, displayname from " . $db_prefix . "employees WHERE tstamp IS NOT NULL order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif ((empty($office_name)) && (empty($group_name)) && ($fullname != 'All')) { $query = "select empfullname, displayname from " . $db_prefix . "employees WHERE tstamp IS NOT NULL and empfullname = '" . $fullname . "' order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name == "All") && ($fullname == "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and tstamp IS NOT NULL order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name != "All") && ($fullname == "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and groups = '" . $group_name . "' and tstamp IS NOT NULL order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name != "All") && ($fullname != "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and groups = '" . $group_name . "' and empfullname = '" . $fullname . "' and tstamp IS NOT NULL order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } } - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $employees_empfullname[] = stripslashes("" . $row['empfullname'] . ""); $employees_displayname[] = stripslashes("" . $row['displayname'] . ""); @@ -342,9 +342,9 @@ and " . $db_prefix . "info.timestamp < '" . $to_timestamp . "' and " . $db_prefix . "info.`inout` = " . $db_prefix . "punchlist.punchitems and " . $db_prefix . "employees.empfullname = '" . $employees_empfullname[$x] . "' order by " . $db_prefix . "info.timestamp asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $info_fullname[] = stripslashes("" . $row['fullname'] . ""); $info_inout[] = "" . $row['inout'] . ""; @@ -915,9 +915,9 @@ $query = "select * from " . $db_prefix . "audit where modified_when >= '" . $from_timestamp . "' and modified_when <= '" . $to_timestamp . "' order by modified_when asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $modified_when[] = "" . $row["modified_when"] . ""; $modified_from[] = "" . $row["modified_from"] . ""; diff --git a/reports/header.reports.inc.php b/reports/header.reports.inc.php index 54edd75..f767709 100644 --- a/reports/header.reports.inc.php +++ b/reports/header.reports.inc.php @@ -27,24 +27,24 @@ // check for correct db version // -@ $db = mysql_pconnect($db_hostname, $db_username, $db_password); +@ $db = ($GLOBALS["___mysqli_ston"] = mysqli_connect($db_hostname, $db_username, $db_password)); if (!$db) { echo "Error: Could not connect to the database. Please try again later."; exit; } -mysql_select_db($db_name); +mysqli_select_db($GLOBALS["___mysqli_ston"], $db_name); $table = "dbversion"; -$result = mysql_query("SHOW TABLES LIKE '" . $db_prefix . $table . "'"); -@$rows = mysql_num_rows($result); +$result = mysqli_query($GLOBALS["___mysqli_ston"], "SHOW TABLES LIKE '" . $db_prefix . $table . "'"); +@$rows = mysqli_num_rows($result); if ($rows == "1") { $dbexists = "1"; } else { $dbexists = "0"; } -$db_version_result = mysql_query("select * from " . $db_prefix . "dbversion"); -while (@$row = mysql_fetch_array($db_version_result)) { +$db_version_result = mysqli_query($GLOBALS["___mysqli_ston"], "select * from " . $db_prefix . "dbversion"); +while (@$row = mysqli_fetch_array($db_version_result)) { @$my_dbversion = "" . $row["dbversion"] . ""; } diff --git a/reports/header_get_reports.php b/reports/header_get_reports.php index be02c7c..c7b7819 100644 --- a/reports/header_get_reports.php +++ b/reports/header_get_reports.php @@ -1,16 +1,16 @@ -\n"; -echo "\n"; -echo "\n"; -echo "\n"; -echo "\n"; -echo "\n"; -include '../scripts/dropdown_get_reports.php'; -echo "\n"; - -setTimeZone(); - -echo "\n"; -?> +\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; +include '../scripts/dropdown_get_reports.php'; +echo "\n"; + +setTimeZone(); + +echo "\n"; +?> diff --git a/reports/header_post_reports.php b/reports/header_post_reports.php index 7e1fe31..6d713e5 100644 --- a/reports/header_post_reports.php +++ b/reports/header_post_reports.php @@ -1,16 +1,16 @@ -\n"; -echo "\n"; -echo "\n"; -echo "\n"; -echo "\n"; -echo "\n"; -include '../scripts/dropdown_post_reports.php'; -echo "\n"; - -setTimeZone(); - -echo "\n"; -?> +\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; +echo "\n"; +include '../scripts/dropdown_post_reports.php'; +echo "\n"; + +setTimeZone(); + +echo "\n"; +?> diff --git a/reports/index.php b/reports/index.php index 3a0530b..5235493 100644 --- a/reports/index.php +++ b/reports/index.php @@ -1,49 +1,49 @@ -$title\n"; - include '../admin/header.php'; - include 'topmain.php'; - - echo "\n"; - echo " \n"; - echo " \n"; - echo "
PHP Timeclock Reports
\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo "
You are not presently logged in, or do not have permission to view this page.
Click here to login.

\n"; - exit; - } -} - -include '../admin/header.php'; - -if ($use_reports_password == "yes") { - include 'topmain.php'; -} else { - include 'topmain.php'; -} -echo "$title - Reports\n"; - -echo "\n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -include '../footer.php'; -?> - +$title\n"; + include '../admin/header.php'; + include 'topmain.php'; + + echo "
Run Reports
• Daily Time Report •
• Hours Worked Report •
• Audit Log •
\n"; + echo " \n"; + echo " \n"; + echo "
PHP Timeclock Reports
\n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo "
You are not presently logged in, or do not have permission to view this page.
Click here to login.

\n"; + exit; + } +} + +include '../admin/header.php'; + +if ($use_reports_password == "yes") { + include 'topmain.php'; +} else { + include 'topmain.php'; +} +echo "$title - Reports\n"; + +echo "\n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +include '../footer.php'; +?> + diff --git a/reports/timerpt.php b/reports/timerpt.php index e2e1f48..351f85d 100644 --- a/reports/timerpt.php +++ b/reports/timerpt.php @@ -57,20 +57,20 @@ if ($username_dropdown_only == "yes") { $query = "select * from " . $db_prefix . "employees order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); echo " \n"; - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); } else { echo " \n"; - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); } else { echo " \n"; + echo "\n"; } // if db is out of date, report it here // diff --git a/reports/total_hours.php b/reports/total_hours.php index 7d1d677..749b0db 100644 --- a/reports/total_hours.php +++ b/reports/total_hours.php @@ -8,6 +8,16 @@ include '../config.inc.php'; +if (!isset($tzo)) { + settype($tzo, "integer"); + if (isset($_COOKIE['tzoffset'])) { + $tzo = $_COOKIE['tzoffset']; + $tzo = $tzo * 60; + } else { + $tzo = 0; + } +} + if ($use_reports_password == "yes") { if (!isset($_SESSION['valid_reports_user'])) { @@ -58,20 +68,20 @@ if ($username_dropdown_only == "yes") { $query = "select empfullname from " . $db_prefix . "employees order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); echo " \n"; - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); } else { echo " \n"; - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); } else { echo " \n"; -echo " \n"; +echo " \n"; echo " - \n"; $row_count++; $row_color = ($row_count % 2) ? $color2 : $color1; diff --git a/timeclock.php b/timeclock.php index 3cbbe6a..ad02a79 100644 --- a/timeclock.php +++ b/timeclock.php @@ -69,7 +69,7 @@ and " . $db_prefix . "info.`inout` = " . $db_prefix . "punchlist.punchitems and ((" . $db_prefix . "info.timestamp < '" . $a . "') and (" . $db_prefix . "info.timestamp >= '" . $b . "')) and " . $db_prefix . "employees.disabled <> '1' and " . $db_prefix . "employees.empfullname <> 'admin' order by `$sortcolumn` $sortdirection"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($display_current_users == "yes") && ($display_office != "all") && ($display_group == "all")) { $current_users_date = strtotime(date($datefmt)); @@ -84,7 +84,7 @@ and ((" . $db_prefix . "info.timestamp < '" . $a . "') and (" . $db_prefix . "info.timestamp >= '" . $b . "')) and " . $db_prefix . "employees.disabled <> '1' and " . $db_prefix . "employees.empfullname <> 'admin' order by `$sortcolumn` $sortdirection"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($display_current_users == "yes") && ($display_office == "all") && ($display_group != "all")) { $current_users_date = strtotime(date($datefmt)); @@ -99,7 +99,7 @@ and ((" . $db_prefix . "info.timestamp < '" . $a . "') and (" . $db_prefix . "info.timestamp >= '" . $b . "')) and " . $db_prefix . "employees.disabled <> '1' and " . $db_prefix . "employees.empfullname <> 'admin' order by `$sortcolumn` $sortdirection"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($display_current_users == "yes") && ($display_office != "all") && ($display_group != "all")) { $current_users_date = strtotime(date($datefmt)); @@ -115,7 +115,7 @@ and (" . $db_prefix . "info.timestamp >= '" . $b . "')) and " . $db_prefix . "employees.disabled <> '1' and " . $db_prefix . "employees.empfullname <> 'admin' order by `$sortcolumn` $sortdirection"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($display_current_users == "no") && ($display_office == "all") && ($display_group == "all")) { $query = "select " . $db_prefix . "info.*, " . $db_prefix . "employees.*, " . $db_prefix . "punchlist.* @@ -124,7 +124,7 @@ and " . $db_prefix . "info.`inout` = " . $db_prefix . "punchlist.punchitems and " . $db_prefix . "employees.disabled <> '1' and " . $db_prefix . "employees.empfullname <> 'admin' order by `$sortcolumn` $sortdirection"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($display_current_users == "no") && ($display_office != "all") && ($display_group == "all")) { $query = "select " . $db_prefix . "info.*, " . $db_prefix . "employees.*, " . $db_prefix . "punchlist.* @@ -133,7 +133,7 @@ and " . $db_prefix . "info.`inout` = " . $db_prefix . "punchlist.punchitems and " . $db_prefix . "employees.office = '" . $display_office . "' and " . $db_prefix . "employees.disabled <> '1' and " . $db_prefix . "employees.empfullname <> 'admin' order by `$sortcolumn` $sortdirection"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($display_current_users == "no") && ($display_office == "all") && ($display_group != "all")) { $query = "select " . $db_prefix . "info.*, " . $db_prefix . "employees.*, " . $db_prefix . "punchlist.* @@ -142,7 +142,7 @@ and " . $db_prefix . "info.`inout` = " . $db_prefix . "punchlist.punchitems and " . $db_prefix . "employees.groups = '" . $display_group . "' and " . $db_prefix . "employees.disabled <> '1' and " . $db_prefix . "employees.empfullname <> 'admin' order by `$sortcolumn` $sortdirection"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($display_current_users == "no") && ($display_office != "all") && ($display_group != "all")) { $query = "select " . $db_prefix . "info.*, " . $db_prefix . "employees.*, " . $db_prefix . "punchlist.* @@ -152,7 +152,7 @@ and " . $db_prefix . "employees.groups = '" . $display_group . "' and " . $db_prefix . "employees.disabled <> '1' and " . $db_prefix . "employees.empfullname <> 'admin' order by `$sortcolumn` $sortdirection"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } $time = time(); diff --git a/topmain.php b/topmain.php index f88b31f..18670c7 100644 --- a/topmain.php +++ b/topmain.php @@ -1,98 +1,98 @@ -\n"; -echo " "; - -// display the logo in top left of each page. This will be $logo you setup in config.inc.php. // -// It will also link you back to your index page. // - -if ($logo == "none") { - echo " \n"; -} else { - echo "\n"; -} - -// if db is out of date, report it here // - -if (($dbexists <> "1") || (@$my_dbversion <> $dbversion)) { - echo " \n"; -} - -// display a 'reset cookie' message if $use_client_tz = "yes" // - -if ($date_link == "none") { - - if ($use_client_tz == "yes") { - echo " \n"; - } - - echo " \n"; - } - - echo " \n"; -echo "
Run Reports
• Daily Time Report •
• Hours Worked Report •
• Audit Log •
Username:  *
Choose Office: @@ -147,9 +147,9 @@ if ($fullname != "All") { $query = "select * from " . $db_prefix . "employees where empfullname = '" . $fullname . "'"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $empfullname = stripslashes("" . $row['empfullname'] . ""); $displayname = stripslashes("" . $row['displayname'] . ""); } @@ -162,8 +162,8 @@ if (($office_name != "All") && (!empty($office_name))) { $query = "select officename from " . $db_prefix . "offices where officename = '" . $office_name . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $getoffice = "" . $row['officename'] . ""; } if (!isset($getoffice)) { @@ -173,8 +173,8 @@ } if (($group_name != "All") && (!empty($group_name))) { $query = "select groupname from " . $db_prefix . "groups where groupname = '" . $group_name . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $getgroup = "" . $row['groupname'] . ""; } if (!isset($getgroup)) { @@ -425,20 +425,20 @@ if ($username_dropdown_only == "yes") { $query = "select * from " . $db_prefix . "employees order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); echo "
Username:  *
Choose Office: 'admin' order by " . $db_prefix . "info.timestamp asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $display_stamp = "" . $row["timestamp"] . ""; $time = date($timefmt, $display_stamp); diff --git a/reports/topmain.php b/reports/topmain.php index bc5ec0c..e639418 100644 --- a/reports/topmain.php +++ b/reports/topmain.php @@ -11,7 +11,7 @@ } else { - echo "
Username:  *
Choose Office: @@ -239,9 +249,9 @@ if ($fullname != "All") { $query = "select empfullname, displayname from " . $db_prefix . "employees where empfullname = '" . $fullname . "'"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $empfullname = stripslashes("" . $row['empfullname'] . ""); $displayname = stripslashes("" . $row['displayname'] . ""); } @@ -254,8 +264,8 @@ if (($office_name != "All") && (!empty($office_name))) { $query = "select officename from " . $db_prefix . "offices where officename = '" . $office_name . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $getoffice = "" . $row['officename'] . ""; } if (!isset($getoffice)) { @@ -265,8 +275,8 @@ } if (($group_name != "All") && (!empty($group_name))) { $query = "select groupname from " . $db_prefix . "groups where groupname = '" . $group_name . "'"; - $result = mysql_query($query); - while ($row = mysql_fetch_array($result)) { + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); + while ($row = mysqli_fetch_array($result)) { $getgroup = "" . $row['groupname'] . ""; } if (!isset($getgroup)) { @@ -574,20 +584,20 @@ if ($username_dropdown_only == "yes") { $query = "select empfullname from " . $db_prefix . "employees order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); echo "
Username:  *
Choose Office: 'admin' order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif ((empty($office_name)) && (empty($group_name)) && ($fullname == 'All')) { $query = "select empfullname, displayname from " . $db_prefix . "employees WHERE tstamp IS NOT NULL and empfullname <> 'admin' order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif ((empty($office_name)) && (empty($group_name)) && ($fullname != 'All')) { $query = "select empfullname, displayname from " . $db_prefix . "employees WHERE tstamp IS NOT NULL and empfullname = '" . $fullname . "' and empfullname <> 'admin' order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name == "All") && ($fullname == "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and tstamp IS NOT NULL and empfullname <> 'admin' order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name != "All") && ($fullname == "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and groups = '" . $group_name . "' and tstamp IS NOT NULL and empfullname <> 'admin' order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name != "All") && ($fullname != "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and groups = '" . $group_name . "' and empfullname = '" . $fullname . "' and empfullname <> 'admin' and tstamp IS NOT NULL order by displayname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } @@ -878,42 +888,42 @@ $query = "select empfullname, displayname from " . $db_prefix . "employees WHERE tstamp IS NOT NULL and empfullname <> 'admin' order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif ((empty($office_name)) && (empty($group_name)) && ($fullname == 'All')) { $query = "select empfullname, displayname from " . $db_prefix . "employees WHERE tstamp IS NOT NULL and empfullname <> 'admin' order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif ((empty($office_name)) && (empty($group_name)) && ($fullname != 'All')) { $query = "select empfullname, displayname from " . $db_prefix . "employees WHERE tstamp IS NOT NULL and empfullname = '" . $fullname . "' and empfullname <> 'admin' order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name == "All") && ($fullname == "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and tstamp IS NOT NULL and empfullname <> 'admin' order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name != "All") && ($fullname == "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and groups = '" . $group_name . "' and tstamp IS NOT NULL and empfullname <> 'admin' order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } elseif (($office_name != "All") && ($group_name != "All") && ($fullname != "All")) { $query = "select empfullname, displayname from " . $db_prefix . "employees where office = '" . $office_name . "' and groups = '" . $group_name . "' and empfullname = '" . $fullname . "' and empfullname <> 'admin' and tstamp IS NOT NULL order by empfullname asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); } } - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $employees_empfullname[] = stripslashes("" . $row['empfullname'] . ""); $employees_displayname[] = stripslashes("" . $row['displayname'] . ""); @@ -946,9 +956,9 @@ and " . $db_prefix . "info.timestamp < '" . $to_timestamp . "' and " . $db_prefix . "info.`inout` = " . $db_prefix . "punchlist.punchitems and " . $db_prefix . "employees.empfullname = '" . $employees_empfullname[$x] . "' and " . $db_prefix . "employees.empfullname <> 'admin' order by " . $db_prefix . "info.timestamp asc"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row = mysql_fetch_array($result)) { + while ($row = mysqli_fetch_array($result)) { $info_fullname[] = stripslashes("" . $row['fullname'] . ""); $info_inout[] = "" . $row['inout'] . ""; diff --git a/resetcookie.php b/resetcookie.php index 69ff361..4185583 100644 --- a/resetcookie.php +++ b/resetcookie.php @@ -1,6 +1,6 @@ -\n"; -echo "\n"; -echo "\n"; -?> +\n"; +echo "\n"; +echo "\n"; +?> diff --git a/scripts/dropdown_get.php b/scripts/dropdown_get.php index c5ec536..c60fff2 100644 --- a/scripts/dropdown_get.php +++ b/scripts/dropdown_get.php @@ -11,10 +11,10 @@ function office_names() { @$office_name = $_GET['officename']; $query = "select * from ".$db_prefix."offices"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); $cnt=1; - while ($row=mysql_fetch_array($result)) { + while ($row=mysqli_fetch_array($result)) { if (isset($abc)) { echo "select.options[$cnt] = new Option(\"".$row['officename']."\");\n"; echo "select.options[$cnt].value = \"".$row['officename']."\";\n"; @@ -26,7 +26,7 @@ function office_names() { } $cnt++; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); ?> } @@ -43,9 +43,9 @@ function group_names() { @@ -53,12 +53,12 @@ function group_names() { if (groups_select.options[groups_select.selectedIndex].value != '') { diff --git a/scripts/dropdown_get_reports.php b/scripts/dropdown_get_reports.php index 0169d87..6c0ed82 100644 --- a/scripts/dropdown_get_reports.php +++ b/scripts/dropdown_get_reports.php @@ -14,10 +14,10 @@ function office_names() { } @@ -44,9 +44,9 @@ function group_names() { if (offices_select.options[offices_select.selectedIndex].text == "") { @@ -54,12 +54,12 @@ function group_names() { $query2 = "select * from ".$db_prefix."offices, ".$db_prefix."groups where ".$db_prefix."groups.officeid = ".$db_prefix."offices.officeid and ".$db_prefix."offices.officename = '".$office_row."' order by ".$db_prefix."groups.groupname asc"; - $result2 = mysql_query($query2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); echo "groups_select.options[0] = new Option(\"All\");\n"; echo "groups_select.options[0].value = 'All';\n"; $cnt = 1; - while ($row2=mysql_fetch_array($result2)) { + while ($row2=mysqli_fetch_array($result2)) { $groups = "".$row2['groupname'].""; echo "groups_select.options[$cnt] = new Option(\"$groups\");\n"; echo "groups_select.options[$cnt].value = \"$groups\";\n"; @@ -69,8 +69,8 @@ function group_names() { } if (users_select.options[users_select.selectedIndex].value != 'All') { users_select.length = 0; @@ -107,9 +107,9 @@ function user_names() { if (offices_select.options[offices_select.selectedIndex].text == "") { @@ -117,9 +117,9 @@ function user_names() { $query2 = "select * from ".$db_prefix."offices, ".$db_prefix."groups where ".$db_prefix."groups.officeid = ".$db_prefix."offices.officeid and ".$db_prefix."offices.officename = '".$office_row."' order by ".$db_prefix."groups.groupname asc"; - $result2 = mysql_query($query2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); - while ($row2=mysql_fetch_array($result2)) { + while ($row2=mysqli_fetch_array($result2)) { $groups = "".$row2['groupname'].""; ?> @@ -127,13 +127,13 @@ function user_names() { 'admin' order by empfullname asc"; - $result3 = mysql_query($query3); + $result3 = mysqli_query($GLOBALS["___mysqli_ston"], $query3); echo "users_select.options[0] = new Option(\"All\");\n"; echo "users_select.options[0].value = 'All';\n"; $usercnt = 1; - while ($row3=mysql_fetch_array($result3)) { + while ($row3=mysqli_fetch_array($result3)) { $users = "".$row3['empfullname'].""; echo "users_select.options[$usercnt] = new Option(\"$users\");\n"; echo "users_select.options[$usercnt].value = \"$users\";\n"; @@ -147,9 +147,9 @@ function user_names() { } if (groups_select.options[groups_select.selectedIndex].value == 'All') { } @@ -45,9 +45,9 @@ function group_names() { @@ -57,12 +57,12 @@ function group_names() { $query2 = "select * from ".$db_prefix."offices, ".$db_prefix."groups where ".$db_prefix."groups.officeid = ".$db_prefix."offices.officeid and ".$db_prefix."offices.officename = '".$office_row."' order by ".$db_prefix."groups.groupname asc"; - $result2 = mysql_query($query2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); echo "groups_select.options[0] = new Option(\"all\");\n"; echo "groups_select.options[0].value = 'all';\n"; $cnt = 1; - while ($row2=mysql_fetch_array($result2)) { + while ($row2=mysqli_fetch_array($result2)) { $groups = "".$row2['groupname'].""; echo "groups_select.options[$cnt] = new Option(\"$groups\");\n"; echo "groups_select.options[$cnt].value = \"$groups\";\n"; @@ -73,8 +73,8 @@ function group_names() { } if (groups_select.options[groups_select.selectedIndex].value != 'all') { @@ -88,10 +88,10 @@ function group_names() { echo "groups_select.options[0].value = 'all';\n"; $query3 = "select * from ".$db_prefix."groups order by groupname asc"; - $result3 = mysql_query($query3); + $result3 = mysqli_query($GLOBALS["___mysqli_ston"], $query3); $cnt=1; - while ($row3=mysql_fetch_array($result3)) { + while ($row3=mysqli_fetch_array($result3)) { if ("".$row3['groupname']."" == stripslashes($display_group)) { echo "groups_select.options[$cnt] = new Option(\"".$row3['groupname']."\",\"".$row3['groupname']."\", true, true);\n"; } else { @@ -100,7 +100,7 @@ function group_names() { } $cnt++; } - mysql_free_result($result3); + ((mysqli_free_result($result3) || (is_object($result3) && (get_class($result3) == "mysqli_result"))) ? true : false); ?> } } diff --git a/scripts/dropdown_post.php b/scripts/dropdown_post.php index 60082a9..c64ee79 100644 --- a/scripts/dropdown_post.php +++ b/scripts/dropdown_post.php @@ -11,10 +11,10 @@ function office_names() { @$office_name = $_POST['office_name']; $query = "select * from ".$db_prefix."offices"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); $cnt=1; - while ($row=mysql_fetch_array($result)) { + while ($row=mysqli_fetch_array($result)) { if ("".$row['officename']."" == stripslashes($office_name)) { echo "select.options[$cnt] = new Option(\"".$row['officename']."\",\"".$row['officename']."\", true, true);\n"; } else { @@ -23,7 +23,7 @@ function office_names() { } $cnt++; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); ?> } @@ -40,9 +40,9 @@ function group_names() { @@ -50,12 +50,12 @@ function group_names() { if (groups_select.options[groups_select.selectedIndex].value != '') { diff --git a/scripts/dropdown_post_reports.php b/scripts/dropdown_post_reports.php index cc8dcdb..05b6780 100644 --- a/scripts/dropdown_post_reports.php +++ b/scripts/dropdown_post_reports.php @@ -13,10 +13,10 @@ function office_names() { @$office_name = $_POST['office_name']; $query = "select * from ".$db_prefix."offices"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); $cnt=1; - while ($row=mysql_fetch_array($result)) { + while ($row=mysqli_fetch_array($result)) { if ("".$row['officename']."" == stripslashes($office_name)) { echo "select.options[$cnt] = new Option(\"".$row['officename']."\",\"".$row['officename']."\", true, true);\n"; } else { @@ -25,7 +25,7 @@ function office_names() { } $cnt++; } - mysql_free_result($result); + ((mysqli_free_result($result) || (is_object($result) && (get_class($result) == "mysqli_result"))) ? true : false); ?> } @@ -47,9 +47,9 @@ function group_names() { @$group_name = $_POST['group_name']; $query = "select * from ".$db_prefix."offices"; - $result = mysql_query($query); + $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); - while ($row=mysql_fetch_array($result)) { + while ($row=mysqli_fetch_array($result)) { $office_row = addslashes("".$row['officename'].""); ?> @@ -57,12 +57,12 @@ function group_names() { if (users_select.options[users_select.selectedIndex].value != 'All') { users_select.length = 0; @@ -110,9 +110,9 @@ function user_names() { if (offices_select.options[offices_select.selectedIndex].text == "") { @@ -120,8 +120,8 @@ function user_names() { $query2 = "select * from ".$db_prefix."offices, ".$db_prefix."groups where ".$db_prefix."groups.officeid = ".$db_prefix."offices.officeid and ".$db_prefix."offices.officename = '".$office_row."' order by ".$db_prefix."groups.groupname asc"; - $result2 = mysql_query($query2); - while ($row2=mysql_fetch_array($result2)) { + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); + while ($row2=mysqli_fetch_array($result2)) { $groups = "".$row2['groupname'].""; ?> @@ -129,13 +129,13 @@ function user_names() { 'admin' order by empfullname asc"; - $result3 = mysql_query($query3); + $result3 = mysqli_query($GLOBALS["___mysqli_ston"], $query3); echo "users_select.options[0] = new Option(\"All\");\n"; echo "users_select.options[0].value = 'All';\n"; $usercnt = 1; - while ($row3=mysql_fetch_array($result3)) { + while ($row3=mysqli_fetch_array($result3)) { $users = "".$row3['empfullname'].""; echo "users_select.options[$usercnt] = new Option(\"$users\");\n"; echo "users_select.options[$usercnt].value = \"$users\";\n"; @@ -149,9 +149,9 @@ function user_names() { } if (groups_select.options[groups_select.selectedIndex].value == 'All') { } @@ -41,9 +41,9 @@ function group_names() { @@ -52,12 +52,12 @@ function group_names() { $query2 = "select * from ".$db_prefix."offices, ".$db_prefix."groups where ".$db_prefix."groups.officeid = ".$db_prefix."offices.officeid and ".$db_prefix."offices.officename = '".$office_row."' order by ".$db_prefix."groups.groupname asc"; - $result2 = mysql_query($query2); + $result2 = mysqli_query($GLOBALS["___mysqli_ston"], $query2); echo "groups_select.options[0] = new Option(\"all\");\n"; echo "groups_select.options[0].value = 'all';\n"; $cnt = 1; - while ($row2=mysql_fetch_array($result2)) { + while ($row2=mysqli_fetch_array($result2)) { $groups = "".$row2['groupname'].""; echo "groups_select.options[$cnt] = new Option(\"$groups\");\n"; echo "groups_select.options[$cnt].value = \"$groups\";\n"; @@ -68,8 +68,8 @@ function group_names() { } if (groups_select.options[groups_select.selectedIndex].value != 'all') { @@ -83,10 +83,10 @@ function group_names() { echo "groups_select.options[0].value = 'all';\n"; $query3 = "select * from ".$db_prefix."groups order by groupname asc"; - $result3 = mysql_query($query3); + $result3 = mysqli_query($GLOBALS["___mysqli_ston"], $query3); $cnt=1; - while ($row3=mysql_fetch_array($result3)) { + while ($row3=mysqli_fetch_array($result3)) { if ("".$row3['groupname']."" == stripslashes($display_group)) { echo "groups_select.options[$cnt] = new Option(\"".$row3['groupname']."\",\"".$row3['groupname']."\", true, true);\n"; } else { @@ -95,7 +95,7 @@ function group_names() { } $cnt++; } - mysql_free_result($result3); + ((mysqli_free_result($result3) || (is_object($result3) && (get_class($result3) == "mysqli_result"))) ? true : false); ?> } } diff --git a/sidebar-metar-display.php b/sidebar-metar-display.php new file mode 100644 index 0000000..8e807c4 --- /dev/null +++ b/sidebar-metar-display.php @@ -0,0 +1,103 @@ + + + + +\n"; +# end of utility functions +?> + +Metar display script from Saratoga-Weather.org

\n"; + } else { + print "

Sorry.. include-metar-display.php not found

\n"; + } +?> diff --git a/alter_tables.sql b/sql/alter_tables.sql similarity index 89% rename from alter_tables.sql rename to sql/alter_tables.sql index d2716f0..85338a1 100644 --- a/alter_tables.sql +++ b/sql/alter_tables.sql @@ -1,6 +1,19 @@ # if you would like to utilize a table prefix when upgrading these tables, be sure to use the one you have setup in config.inc.php. # this option is $db_prefix. if you are unaware of what is meant by utilizing a 'table prefix', then please disregard. +-- Database upgrades may be performed automatically in the app under +-- "Administration -> Upgrade Database" as long as the database connection +-- used by your web app has the required privileges. Otherwise you must +-- perform the upgrade manually. +-- +-- When upgrading from versions older than 1.04, perform the upgrades +-- described in this file in order to reach dbversion 1.4. +-- +-- To upgrade from dbversion 1.4 or newer, run the upgrade scripts in this +-- directory, one at a time, until your database is upgraded to the latest +-- version. + + ################################################################### # # diff --git a/sql/create_tables.sql b/sql/create_tables.sql new file mode 100644 index 0000000..ed7e3ac --- /dev/null +++ b/sql/create_tables.sql @@ -0,0 +1,134 @@ + +-- if you would like to utilize a table prefix when creating these tables, +-- be sure to reflect that in config.inc.php so the program will be aware +-- of it. this option is $db_prefix. if you are unaware of what is meant by +-- utilizing a 'table prefix', then please disregard. + + +-- -------------------------------------------------------- +-- +-- Table structure for table `audit` +-- + +CREATE TABLE `audit` ( + `modified_when` bigint(14), + `modified_from` bigint(14) NOT NULL, + `modified_to` bigint(14) NOT NULL, + `modified_by_ip` varchar(39) COLLATE utf8_bin NOT NULL DEFAULT '', + `modified_by_user` varchar(50) COLLATE utf8_bin NOT NULL DEFAULT '', + `modified_why` varchar(250) COLLATE utf8_bin NOT NULL DEFAULT '', + `user_modified` varchar(50) COLLATE utf8_bin NOT NULL DEFAULT '' +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin; + +CREATE INDEX audit_modified_when ON audit (modified_when); + + +-- -------------------------------------------------------- +-- +-- Table structure for table `dbversion` +-- + +CREATE TABLE `dbversion` ( + `dbversion` decimal(5,1) PRIMARY KEY +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin; + +INSERT INTO dbversion VALUES ('1.4'); + + +-- -------------------------------------------------------- +-- +-- Table structure for table `employees` +-- + +CREATE TABLE `employees` ( + `empfullname` varchar(50) PRIMARY KEY COLLATE utf8_bin, + `tstamp` bigint(14) DEFAULT NULL, + `employee_passwd` varchar(25) COLLATE utf8_bin NOT NULL DEFAULT '', + `displayname` varchar(50) COLLATE utf8_bin NOT NULL DEFAULT '', + `email` varchar(75) COLLATE utf8_bin NOT NULL DEFAULT '', + `barcode` varchar(75) COLLATE utf8_bin UNIQUE, + `groups` varchar(50) COLLATE utf8_bin NOT NULL DEFAULT '', + `office` varchar(50) COLLATE utf8_bin NOT NULL DEFAULT '', + `admin` tinyint(1) NOT NULL DEFAULT '0', + `reports` tinyint(1) NOT NULL DEFAULT '0', + `time_admin` tinyint(1) NOT NULL DEFAULT '0', + `disabled` tinyint(1) NOT NULL DEFAULT '0' +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin; + + +-- -------------------------------------------------------- +-- +-- Table structure for table `groups` +-- + +CREATE TABLE `groups` ( + `groupid` int(10) AUTO_INCREMENT PRIMARY KEY, + `groupname` varchar(50) COLLATE utf8_bin NOT NULL DEFAULT '', + `officeid` int(10) NOT NULL DEFAULT '0' +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin; + + +-- -------------------------------------------------------- +-- +-- Table structure for table `info` +-- + +CREATE TABLE `info` ( + `fullname` varchar(50) COLLATE utf8_bin NOT NULL DEFAULT '', + `inout` varchar(50) COLLATE utf8_bin NOT NULL DEFAULT '', + `timestamp` bigint(14) DEFAULT NULL, + `notes` varchar(250) COLLATE utf8_bin DEFAULT NULL, + `ipaddress` varchar(39) COLLATE utf8_bin NOT NULL DEFAULT '' +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin; + +CREATE INDEX info_fullname ON info (fullname); +CREATE INDEX info_timestamp ON info (`timestamp`); + + +-- -------------------------------------------------------- +-- +-- Table structure for table `metars` +-- + +CREATE TABLE `metars` ( + `station` varchar(4) PRIMARY KEY COLLATE utf8_bin, + `metar` varchar(255) COLLATE utf8_bin NOT NULL DEFAULT '', + `timestamp` timestamp NOT NULL +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin; + + +-- -------------------------------------------------------- +-- +-- Table structure for table `offices` +-- + +CREATE TABLE `offices` ( + `officeid` int(10) AUTO_INCREMENT PRIMARY KEY, + `officename` varchar(50) COLLATE utf8_bin NOT NULL DEFAULT '' +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin; + + +-- -------------------------------------------------------- +-- +-- Table structure for table `punchlist` +-- + +CREATE TABLE `punchlist` ( + `punchitems` varchar(50) PRIMARY KEY COLLATE utf8_bin, + `punchnext` varchar(50) COLLATE utf8_bin NOT NULL DEFAULT '', + `color` varchar(7) COLLATE utf8_bin NOT NULL DEFAULT '', + `in_or_out` tinyint(1) DEFAULT NULL +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin; + + +-- -------------------------------------------------------- +-- +-- Insert default data. Version, admin login, etc. +-- + +INSERT INTO employees VALUES ('admin', NULL, 'xy.RY2HT1QTc2', 'administrator', '', '', '', 1, 1, 1, ''); +INSERT INTO dbversion VALUES ('1.5'); +INSERT INTO punchlist VALUES ('in', '#009900', 1); +INSERT INTO punchlist VALUES ('out', '#FF0000', 0); +INSERT INTO punchlist VALUES ('break', '#FF9900', 0); +INSERT INTO punchlist VALUES ('lunch', '#0000FF', 0); diff --git a/sql/upgrade_v1.4-v2.0.sql b/sql/upgrade_v1.4-v2.0.sql new file mode 100644 index 0000000..f9df17f --- /dev/null +++ b/sql/upgrade_v1.4-v2.0.sql @@ -0,0 +1,5 @@ + +ALTER TABLE `employees` ADD `barcode` varchar(75) COLLATE utf8_bin UNIQUE; +ALTER TABLE `punchlist` ADD `punchnext` varchar(50) COLLATE utf8_bin NOT NULL DEFAULT ''; + +UPDATE `dbversion` SET `dbversion` = '1.5'; diff --git a/templates/admin_index_tpl.php b/templates/admin_index_tpl.php index 444e524..726a7ae 100644 --- a/templates/admin_index_tpl.php +++ b/templates/admin_index_tpl.php @@ -6,7 +6,7 @@ echo "
VARIABLE VALUE DESCRIPTION
MySql DB Settings
mysql DB Settings
db_hostname: $db_hostname This is the hostname for your @@ -289,13 +289,13 @@ $row_color = ($row_count % 2) ? $color2 : $color1; echo "
metar: $metarSets the ICAO (International - Civil Aviation Organization) for your local airport. This is the unique four letter international ID for the airport. METAR - reports are created at roughly 4500 airports from around the world, so you probably live near one of them. The airports make a - report once or twice an hour, and these reports are stored at the National Weather Service and are publically available via HTTP - or FTP. Visit - https://pilotweb.nas.faa.gov/qryhtml/icao/ to find a corresponding ICAO near you. If 'display_weather' is set - to \"no\", this option is ignored. If 'display_weather' is set to \"yes\", you MUST provide an ICAO here. + If 'display_weather' is set + to \"no\", this option is ignored. If 'display_weather' is set to \"yes\", you have to set an WxList in config.inc.php.
+ The ICAO (International Civil Aviation Organization) for your weather location is defined in config.inc.php, not here.
+ You can configure the weather display to use reports created at any of roughly 4500 airports from around the world, + so you probably live near one of them. The reports are stored at the National Weather Service and are publically available via HTTP + or FTP.

Visit + https://pilotweb.nas.faa.gov/qryhtml/icao/ to find a corresponding ICAO near you.

***Your database is out of date.***
-    Upgrade it via the admin section.

 -

If the times below appear to be an hour off, click here to reset.
- If that doesn't work, restart your web browser and reset again.

"; - -} else { - - if ($use_client_tz == "yes") { - echo " -

If the times below appear to be an hour off, click here to reset.
- If that doesn't work, restart your web browser and reset again.

"; -} - -// display today's date in top right of each page. This will link to $date_link you setup in config.inc.php. // - -$todaydate = date('F j, Y'); -echo "$todaydate  
\n"; - -// display the topbar // - -echo "\n"; -echo " \n"; - -if (isset($_SESSION['valid_user'])) { - $logged_in_user = $_SESSION['valid_user']; - echo " \n"; - echo " \n"; -} else if (isset($_SESSION['time_admin_valid_user'])) { - $logged_in_user = $_SESSION['time_admin_valid_user']; - echo " \n"; - echo " \n"; -} else if (isset($_SESSION['valid_reports_user'])) { - $logged_in_user = $_SESSION['valid_reports_user']; - echo " \n"; - echo " \n"; -} - -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; -echo " \n"; - -if ($use_reports_password == "yes") { - echo " \n"; -} elseif ($use_reports_password == "no") { - echo " \n"; -} - -echo " \n"; -echo " \n"; - -if ((isset($_SESSION['valid_user'])) || (isset($_SESSION['valid_reports_user'])) || (isset($_SESSION['time_admin_valid_user']))) { - echo " \n"; - echo " \n"; -} - -echo "
logged in as: $logged_in_userlogged in as: $logged_in_userlogged in as: $logged_in_user   - Home     - Administration    Reports  Reports    Punchclock    - Logout  
\n"; -?> +\n"; +echo "

***Your database is out of date.***
+    Upgrade it via the admin section.

 +

If the times below appear to be an hour off, click here to reset.
+ If that doesn't work, restart your web browser and reset again.

"; + +} else { + + if ($use_client_tz == "yes") { + echo " +

If the times below appear to be an hour off, click here to reset.
+ If that doesn't work, restart your web browser and reset again.

"; +} + +// display today's date in top right of each page. This will link to $date_link you setup in config.inc.php. // + +$todaydate = date('F j, Y'); +echo "$todaydate  
\n"; + +// display the topbar // + +echo "\n"; +echo " \n"; + +if (isset($_SESSION['valid_user'])) { + $logged_in_user = $_SESSION['valid_user']; + echo " \n"; + echo " \n"; +} else if (isset($_SESSION['time_admin_valid_user'])) { + $logged_in_user = $_SESSION['time_admin_valid_user']; + echo " \n"; + echo " \n"; +} else if (isset($_SESSION['valid_reports_user'])) { + $logged_in_user = $_SESSION['valid_reports_user']; + echo " \n"; + echo " \n"; +} + +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; +echo " \n"; + +if ($use_reports_password == "yes") { + echo " \n"; +} elseif ($use_reports_password == "no") { + echo " \n"; +} + +echo " \n"; +echo " \n"; + +if ((isset($_SESSION['valid_user'])) || (isset($_SESSION['valid_reports_user'])) || (isset($_SESSION['time_admin_valid_user']))) { + echo " \n"; + echo " \n"; +} + +echo "
logged in as: $logged_in_userlogged in as: $logged_in_userlogged in as: $logged_in_user   + Home     + Administration    Reports  Reports    Punchclock    + Logout  
\n"; +?> diff --git a/tzoffset.php b/tzoffset.php index 935be76..6aed76f 100644 --- a/tzoffset.php +++ b/tzoffset.php @@ -1,30 +1,30 @@ - - - - + + + +