I'm facing a problem and I would like to seek your help. I have downloaded a opensource php application to run on our company intranet. First I would like to provide my complete environment details.
WAMP Server 2.0i
Php V 5.2.7 (downgraded from 5.3.0 to get rid off ereg deprecated errors)
My SQL 5.1.36
OS - Windows Server 2003 R2
Port - 8080 (80 is used by IIS)
I have setup 3 applications on my wampserver(Timesheet/Joomla/Facility Booking) . All the three apps are running well on my server. I have created 3 different users and 3 different databases.
However, my Timesheet application is not running from other computer in our network. Well it's running but not able to connect to database. I mentioned the warnings and notices below. I'm able to login to the phpmyadmin from other computer to that database. So I feel the problem is with php source code. I have never worked on php before and your help is much appreciated.
I think there is no problem with apache or my sql as I don't see any errors related to this. These are from php error log which are displayed when I access the app.
Warnings and Notice
[14-Jan-2010 18:30:11] PHP Notice: Undefined variable: dbexists in C:\wamp\www\timesheet\topmain.php on line 47
[14-Jan-2010 18:30:11] PHP Warning: mysql_query() [<a href='function.mysql-query'>function.mysql-query</a>]: Access denied for user 'ODBC'@'localhost' (using password: NO) in C:\wamp\www\timesheet\leftmain.php on line 236
[14-Jan-2010 18:30:11] PHP Warning: mysql_query() [<a href='function.mysql-query'>function.mysql-query</a>]: A link to the server could not be established in C:\wamp\www\timesheet\leftmain.php on line 236
[14-Jan-2010 18:30:11] PHP Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\wamp\www\timesheet\leftmain.php on line 243
[14-Jan-2010 18:30:11] PHP Warning: mysql_free_result(): supplied argument is not a valid MySQL result resource in C:\wamp\www\timesheet\leftmain.php on line 266
[14-Jan-2010 18:30:11] PHP Warning: mysql_query() [<a href='function.mysql-query'>function.mysql-query</a>]: Access denied for user 'ODBC'@'localhost' (using password: NO) in C:\wamp\www\timesheet\leftmain.php on line 330
[14-Jan-2010 18:30:11] PHP Warning: mysql_query() [<a href='function.mysql-query'>function.mysql-query</a>]: A link to the server could not be established in C:\wamp\www\timesheet\leftmain.php on line 330
[14-Jan-2010 18:30:11] PHP Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\wamp\www\timesheet\leftmain.php on line 338
[14-Jan-2010 18:30:11] PHP Warning: mysql_free_result(): supplied argument is not a valid MySQL result resource in C:\wamp\www\timesheet\leftmain.php on line 349
[14-Jan-2010 18:30:11] PHP Warning: mysql_query() [<a href='function.mysql-query'>function.mysql-query</a>]: Access denied for user 'ODBC'@'localhost' (using password: NO) in C:\wamp\www\timesheet\timeclock.php on line 120
[14-Jan-2010 18:30:11] PHP Warning: mysql_query() [<a href='function.mysql-query'>function.mysql-query</a>]: A link to the server could not be established in C:\wamp\www\timesheet\timeclock.php on line 120
[14-Jan-2010 18:30:11] PHP Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\wamp\www\timesheet\display.php on line 54
[14-Jan-2010 18:30:11] PHP Warning: mysql_free_result(): supplied argument is not a valid MySQL result resource in C:\wamp\www\timesheet\display.php on line 320
I have attached all files related. Sorry for long post this thing is driving me nuts since a week. Thanks in advance. Have a great weekend.
Tmelock.php
Code: Select all
session_start();
include 'config.inc.php';
include 'header.php';
if (! isset($_GET['printer_friendly'])) {
if (isset($_SESSION['valid_user'])) {
$set_logout = "1";
}
include 'topmain.php';
include 'leftmain.php';
}
echo "
<!-- Display current employee status' -->
<title>
$title
</title>";
$current_page = "timeclock.php";
if (! isset($_GET['printer_friendly'])) {
echo "
<td align=left class=right_main scope=col>
<table width=100% height=100% border=0 cellpadding=5 cellspacing=1>
<tr class=right_main_text>
<td valign=top>";
}
// code to allow sorting by Name, In/Out, Date, Notes //
if ($show_display_name == "yes") {
if (! isset($_GET['sortcolumn'])) {
$sortcolumn = "displayname";
} else {
$sortcolumn = $_GET['sortcolumn'];
}
} else {
if (! isset($_GET['sortcolumn'])) {
$sortcolumn = "fullname";
} else {
$sortcolumn = $_GET['sortcolumn'];
}
}
if (! isset($_GET['sortdirection'])) {
$sortdirection = "asc";
} else {
$sortdirection = $_GET['sortdirection'];
}
if ($sortdirection == "asc") {
$sortnewdirection = "desc";
} else {
$sortnewdirection = "asc";
}
// determine what users, office, and/or group will be displayed on main page //
if (($display_current_users == "yes") && ($display_office == "all") && ($display_group == "all")) {
$current_users_date = strtotime(date($datefmt));
$calc = 86400;
$a = $current_users_date + $calc - @$tzo;
$b = $current_users_date - @$tzo;
$query = "select ".$db_prefix."info.*, ".$db_prefix."employees.*, ".$db_prefix."punchlist.* from ".$db_prefix."info, ".$db_prefix."employees, ".$db_prefix."punchlist where ".$db_prefix."info.timestamp = ".$db_prefix."employees.tstamp and ".$db_prefix."info.fullname = ".$db_prefix."employees.empfullname and ".$db_prefix."info.`inout` = ".$db_prefix."punchlist.punchitems and ((".$db_prefix."info.timestamp < '".$a."') and (".$db_prefix."info.timestamp >= '".$b."')) and ".$db_prefix."employees.disabled <> '1' and ".$db_prefix."employees.empfullname <> 'admin' order by `$sortcolumn` $sortdirection";
$result = mysql_query($query);
} elseif (($display_current_users == "yes") && ($display_office != "all") && ($display_group == "all")) {
$current_users_date = strtotime(date($datefmt));
$calc = 86400;
$a = $current_users_date + $calc - @$tzo;
$b = $current_users_date - @$tzo;
$query = "select ".$db_prefix."info.*, ".$db_prefix."employees.*, ".$db_prefix."punchlist.* from ".$db_prefix."info, ".$db_prefix."employees, ".$db_prefix."punchlist where ".$db_prefix."info.timestamp = ".$db_prefix."employees.tstamp and ".$db_prefix."info.fullname = ".$db_prefix."employees.empfullname and ".$db_prefix."info.`inout` = ".$db_prefix."punchlist.punchitems and ".$db_prefix."employees.office = '".$display_office."' and ((".$db_prefix."info.timestamp < '".$a."') and (".$db_prefix."info.timestamp >= '".$b."')) and ".$db_prefix."employees.disabled <> '1' and ".$db_prefix."employees.empfullname <> 'admin' order by `$sortcolumn` $sortdirection";
$result = mysql_query($query);
} elseif (($display_current_users == "yes") && ($display_office == "all") && ($display_group != "all")) {
$current_users_date = strtotime(date($datefmt));
$calc = 86400;
$a = $current_users_date + $calc - @$tzo;
$b = $current_users_date - @$tzo;
$query = "select ".$db_prefix."info.*, ".$db_prefix."employees.*, ".$db_prefix."punchlist.* from ".$db_prefix."info, ".$db_prefix."employees, ".$db_prefix."punchlist where ".$db_prefix."info.timestamp = ".$db_prefix."employees.tstamp and ".$db_prefix."info.fullname = ".$db_prefix."employees.empfullname and ".$db_prefix."info.`inout` = ".$db_prefix."punchlist.punchitems and ".$db_prefix."employees.groups = '".$display_group."' and ((".$db_prefix."info.timestamp < '".$a."') and (".$db_prefix."info.timestamp >= '".$b."')) and ".$db_prefix."employees.disabled <> '1' and ".$db_prefix."employees.empfullname <> 'admin' order by `$sortcolumn` $sortdirection";
$result = mysql_query($query);
} elseif (($display_current_users == "yes") && ($display_office != "all") && ($display_group != "all")) {
$current_users_date = strtotime(date($datefmt));
$calc = 86400;
$a = $current_users_date + $calc - @$tzo;
$b = $current_users_date - @$tzo;
$query = "select ".$db_prefix."info.*, ".$db_prefix."employees.*, ".$db_prefix."punchlist.* from ".$db_prefix."info, ".$db_prefix."employees, ".$db_prefix."punchlist where ".$db_prefix."info.timestamp = ".$db_prefix."employees.tstamp and ".$db_prefix."info.fullname = ".$db_prefix."employees.empfullname and ".$db_prefix."info.`inout` = ".$db_prefix."punchlist.punchitems and ".$db_prefix."employees.office = '".$display_office."' and ".$db_prefix."employees.groups = '".$display_group."' and ((".$db_prefix."info.timestamp < '".$a."') and (".$db_prefix."info.timestamp >= '".$b."')) and ".$db_prefix."employees.disabled <> '1' and ".$db_prefix."employees.empfullname <> 'admin' order by `$sortcolumn` $sortdirection";
$result = mysql_query($query);
} elseif (($display_current_users == "no") && ($display_office == "all") && ($display_group == "all")) {
$query = "select ".$db_prefix."info.*, ".$db_prefix."employees.*, ".$db_prefix."punchlist.* from ".$db_prefix."info, ".$db_prefix."employees, ".$db_prefix."punchlist where ".$db_prefix."info.timestamp = ".$db_prefix."employees.tstamp and ".$db_prefix."info.fullname = ".$db_prefix."employees.empfullname and ".$db_prefix."info.`inout` = ".$db_prefix."punchlist.punchitems and ".$db_prefix."employees.disabled <> '1' and ".$db_prefix."employees.empfullname <> 'admin' order by `$sortcolumn` $sortdirection";
$result = mysql_query($query);
} elseif (($display_current_users == "no") && ($display_office != "all") && ($display_group == "all")) {
$query = "select ".$db_prefix."info.*, ".$db_prefix."employees.*, ".$db_prefix."punchlist.* from ".$db_prefix."info, ".$db_prefix."employees, ".$db_prefix."punchlist where ".$db_prefix."info.timestamp = ".$db_prefix."employees.tstamp and ".$db_prefix."info.fullname = ".$db_prefix."employees.empfullname and ".$db_prefix."info.`inout` = ".$db_prefix."punchlist.punchitems and ".$db_prefix."employees.office = '".$display_office."' and ".$db_prefix."employees.disabled <> '1' and ".$db_prefix."employees.empfullname <> 'admin' order by `$sortcolumn` $sortdirection";
$result = mysql_query($query);
} elseif (($display_current_users == "no") && ($display_office == "all") && ($display_group != "all")) {
$query = "select ".$db_prefix."info.*, ".$db_prefix."employees.*, ".$db_prefix."punchlist.* from ".$db_prefix."info, ".$db_prefix."employees, ".$db_prefix."punchlist where ".$db_prefix."info.timestamp = ".$db_prefix."employees.tstamp and ".$db_prefix."info.fullname = ".$db_prefix."employees.empfullname and ".$db_prefix."info.`inout` = ".$db_prefix."punchlist.punchitems and ".$db_prefix."employees.groups = '".$display_group."' and ".$db_prefix."employees.disabled <> '1' and ".$db_prefix."employees.empfullname <> 'admin' order by `$sortcolumn` $sortdirection";
$result = mysql_query($query);
} elseif (($display_current_users == "no") && ($display_office != "all") && ($display_group != "all")) {
$query = "select ".$db_prefix."info.*, ".$db_prefix."employees.*, ".$db_prefix."punchlist.* from ".$db_prefix."info, ".$db_prefix."employees, ".$db_prefix."punchlist where ".$db_prefix."info.timestamp = ".$db_prefix."employees.tstamp and ".$db_prefix."info.fullname = ".$db_prefix."employees.empfullname and ".$db_prefix."info.`inout` = ".$db_prefix."punchlist.punchitems and ".$db_prefix."employees.office = '".$display_office."' and ".$db_prefix."employees.groups = '".$display_group."' and ".$db_prefix."employees.disabled <> '1' and ".$db_prefix."employees.empfullname <> 'admin' order by `$sortcolumn` $sortdirection";
$result = mysql_query($query);
}
$time = time();
$tclock_hour = gmdate('H',$time);
$tclock_min = gmdate('i',$time);
$tclock_sec = gmdate('s',$time);
$tclock_month = gmdate('m',$time);
$tclock_day = gmdate('d',$time);
$tclock_year = gmdate('Y',$time);
$tclock_stamp = mktime ($tclock_hour, $tclock_min, $tclock_sec, $tclock_month, $tclock_day, $tclock_year);
$tclock_stamp = $tclock_stamp + @$tzo;
$tclock_time = date($timefmt, $tclock_stamp);
$tclock_date = date($datefmt, $tclock_stamp);
$report_name="Current Status Report";
echo "
<table width=100% align=center class=misc_items border=0 cellpadding=3 cellspacing=0>";
if (! isset($_GET['printer_friendly'])) {
echo "
<tr class=display_hide>";
} else {
echo "
<tr>";
}
echo "
<td nowrap style='font-size:9px;color:#000000;padding-left:10px;'>
$report_name ----> As of: $tclock_time, $tclock_date
</td>
</tr>
</table>";
// Add the current status of the employees are retrieved from the querry stored in $result
include 'display.php';
echo "
</table>
</td>
</tr>";
if (! isset($_GET['printer_friendly'])) {
include 'footer.php';
}
?>
Topmain.php
Code: Select all
echo "
<!-- Top Level Interface -->
<table class=header width=100% border=0 cellpadding=0 cellspacing=1>
<tr>";
// display the logo in top left of each page. This will be $logo you setup in config.inc.php. //
// It will also link you back to your index page. //
if ($logo == "none") {
echo "
<td height=35 align=left> </td>";
} else {
echo "
<td align=left>
<a href='index.php'>
<img border=0 src='$logo'>
</a>
</td>";
}
// if db is out of date, report it here //
if (($dbexists <> "1") || (@$my_dbversion <> $dbversion)) {
echo "
<td no class=notprint valign=middle align=left style='font-size:13;font-weight:bold;color:#AA0000'>
<p>
***Your database is out of date.*** <br />
Upgrade it via the admin section.
</p>
</td>";
}
// display a 'reset cookie' message if $use_client_tz = "yes" //
if ($date_link == "none") {
if ($use_client_tz == "yes") {
echo "
<td class=notprint valign=middle align=right style='font-size:9px;'>
<p>
If the times below appear to be an hour off, click
<a href='resetcookie.php' style='font-size:9px;'>
here
</a> to reset. <br />
If that doesn't work, restart your web browser and reset again.
</p>
</td>";
}
echo "
<td colspan=2 scope=col align=right valign=middle>
<a style='color:#000000;font-family:Tahoma;font-size:10pt;text-decoration:none;'>";
} else {
if ($use_client_tz == "yes") {
echo "
<td class=notprint valign=middle align=right style='font-size:9px;'>
<p>
If the times below appear to be an hour off, click
<a href='resetcookie.php' style='font-size:9px;'>
here
</a> to reset. <br />
If that doesn't work, restart your web browser and reset again.
</p>
</td>";
}
echo "
<td colspan=2 scope=col align=right valign=middle>
<a href='$date_link' style='color:#000000;font-family:Tahoma;font-size:10pt; text-decoration:none;'>";
}
// display today's date in top right of each page. This will link to $date_link you setup in config.inc.php. //
$todaydate=date('F j, Y');
echo "
$todaydate
</a>
</td>
</tr>
</table>";
// display the topbar //
echo "
<table class=topmain_row_color width=100% border=0 cellpadding=0 cellspacing=0>
<tr>";
if (isset($_SESSION['valid_user'])) {
$logged_in_user = $_SESSION['valid_user'];
echo "
<td align=left valign=middle width=10 style='padding-left:12px;'>
<img src='images/icons/user_orange.png' border='0'>
</td>
<td align=left valign=middle style='color:#000000;font-family:Tahoma;font-size:10pt;padding-left:8px;'>
Logged in as: $logged_in_user
</td>";
} else if (isset($_SESSION['time_admin_valid_user'])) {
$logged_in_user = $_SESSION['time_admin_valid_user'];
echo "
<td align=left valign=middle width=10 style='padding-left:12px;'>
<img src='images/icons/user_red.png' border='0'>
</td>
<td align=left valign=middle style='color:#000000;font-family:Tahoma;font-size:10pt;padding-left:8px;'>
Logged in as: $logged_in_user
</td>";
} else if (isset($_SESSION['valid_reports_user'])) {
$logged_in_user = $_SESSION['valid_reports_user'];
echo "
<td align=left valign=middle width=10 style='padding-left:12px;'>
<img src='images/icons/user_suit.png' border='0'>
</td>
<td align=left valign=middle style='color:#000000;font-family:Tahoma;font-size:10pt;padding-left:8px;'>
Logged in as: $logged_in_user
</td>";
} else if (isset($_SESSION['valid_report_employee'])) {
$logged_in_user = $_SESSION['valid_report_employee'];
echo "
<td align=left valign=middle width=10 style='padding-left:12px;'>
<img src='images/icons/user_suit.png' border='0'>
</td>
<td align=left valign=middle style='color:#000000;font-family:Tahoma;font-size:10pt;padding-left:8px;'>
Logged in as: $logged_in_user
</td>";
}
echo "
<td align=right valign=middle>
<img src='images/icons/house.png' border='0'>
</td>
<td align=right valign=middle width=10>
<a href='index.php' style='color:#000000;font-family:Tahoma;font-size:10pt;text-decoration:none;'>
Home
</a>
</td>
<td align=right valign=middle width=23>
<img src='images/icons/bricks.png' border='0'>
</td>
<td align=right valign=middle width=10>
<a href='login.php?login_action=admin' style='color:#000000;font-family:Tahoma;font-size:10pt;text-decoration:none;'>
Administration
</a>
</td>
<td align=right valign=middle width=23>
<img src='images/icons/report.png' border='0' >
</td>";
if ($use_reports_password == "yes") {
echo "
<td align=right valign=middle width=10>
<a href='login.php?login_action=reports' style='color:#000000;font-family:Tahoma;font-size:10pt; text-decoration:none;'>
Reports
</a>
</td>";
} elseif ($use_reports_password == "no") {
echo "
<td align=right valign=middle width=10>
<a href='reports/index.php' style='color:#000000;font-family:Tahoma;font-size:10pt; text-decoration:none;'>
Reports
</a>
</td>";
}
if ((isset($_SESSION['valid_user'])) || (isset($_SESSION['valid_reports_user'])) || (isset($_SESSION['valid_report_employee'])) || (isset($_SESSION['time_admin_valid_user']))) {
echo "
<td align=right valign=middle width=20>
<img src='images/icons/arrow_rotate_clockwise.png' border='0'>
</td>
<td align=right valign=middle width=10>
<a href='logout.php' style='color:#000000;font-family:Tahoma;font-size:10pt;text-decoration:none;'>
Logout
</a>
</td>";
}
echo "
</tr>
</table>";
?>
Code: Select all
include 'config.inc.php';
$self = $_SERVER['PHP_SELF'];
$request = $_SERVER['REQUEST_METHOD'];
// set cookie if 'Remember Me?' checkbox is checked, or reset cookie if 'Reset Cookie?' is checked //
if ($request == 'POST') {
@$remember_me = $_POST['remember_me'];
@$reset_cookie = $_POST['reset_cookie'];
@$fullname = stripslashes($_POST['left_fullname']);
@$displayname = stripslashes($_POST['left_displayname']);
if ((isset($remember_me)) && ($remember_me != '1')) {
echo "Something is fishy here.";
exit;
}
if ((isset($reset_cookie)) && ($reset_cookie != '1')) {
echo "Something is fishy here.";
exit;
}
// begin post validation //
if ($show_display_name == "yes") {
if (isset($displayname)) {
$displayname = addslashes($displayname);
$query = "select displayname from ".$db_prefix."employees where displayname = '".$displayname."'";
$emp_name_result = mysql_query($query);
while ($row = mysql_fetch_array($emp_name_result)) {
$tmp_displayname = "".$row['displayname']."";
}
if ((!isset($tmp_displayname)) && (!empty($displayname))) {
echo "Username is not in the database.";
exit;
}
$displayname = stripslashes($displayname);
}
} elseif ($show_display_name == "no") {
if (isset($fullname)) {
$fullname = addslashes($fullname);
$query = "select empfullname from ".$db_prefix."employees where empfullname = '".$fullname."'";
$emp_name_result = mysql_query($query);
while ($row = mysql_fetch_array($emp_name_result)) {
$tmp_empfullname = "".$row['empfullname']."";
}
if ((!isset($tmp_empfullname)) && (!empty($fullname))) {
echo "Username is not in the database.";
exit;
}
$fullname = stripslashes($fullname);
}
}
// end post validation //
if (isset($remember_me)) {
if ($show_display_name == "yes") {
setcookie("remember_me", stripslashes($displayname), time() + (60 * 60 * 24 * 365 * 2));
} elseif ($show_display_name == "no") {
setcookie("remember_me", stripslashes($fullname), time() + (60 * 60 * 24* 365 * 2));
}
} elseif (isset($reset_cookie)) {
setcookie("remember_me", "", time() - 3600);
}
ob_end_flush();
}
if ($display_weather == 'yes') { // Retrieve weather information
include 'phpweather.php';
$metar = get_metar($metar);
$data = process_metar($metar);
$mph = "mph";
// weather info //
if (! isset($data['temp_f'])) {
$temp = '';
} else {
$temp = $data['temp_f'];
}
if (! isset($data['windchill_f'])) {
$windchill = '';
} else {
$windchill = $data['windchill_f'];
}
if (! isset($data['wind_dir_text_short'])) {
$wind_dir = '';
} else {
$wind_dir = $data['wind_dir_text_short'];
}
if (! isset($data['wind_miles_per_hour'])) {
$wind = '';
} else {
$wind = round($data['wind_miles_per_hour']);
}
if ($wind == 0) {
$wind_dir = 'None';
$mph = '';
$wind = '';
} else {
$wind_dir = $wind_dir;
}
if (! isset($data['visibility_miles'])) {
$visibility = '';
} else {
$visibility = $data['visibility_miles'];
}
if (! isset($data['rel_humidity'])) {
$humidity = 'None';
} else {
$humidity = round($data['rel_humidity'], 0);
}
if (! isset($data['time'])) {
$time = '';
} else {
$time = date($timefmt, $data['time']);
}
if (! isset($data['cloud_layer1_condition'])) {
$cloud_cover = '';
} else {
$cloud_cover = $data['cloud_layer1_condition'];
}
if (($temp <> '') && ($temp >= '70') && ($humidity <> '')) {
$heatindex = number_format(-42.379 + (2.04901523 * $temp) + (10.1433312 * $humidity) - (0.22475541 * $temp * $humidity) - (0.00683783 * ($temp * $temp)) - (0.05481717 * ($humidity * $humidity)) + (0.00122874 * ($temp * $temp) * $humidity) + (0.00085282 * $temp * ($humidity * $humidity)) - (0.00000199 * ($temp * $temp) * ($humidity * $humidity)));
}
if ((isset($heatindex)) || ($windchill <> '')) {
if (!isset($heatindex)) {
$feelslike = $windchill;
} else {
$feelslike = $heatindex;
}
} else {
$feelslike = $temp;
}
}
echo "
<!-- Left Side Interface For Employee's To Punch -->
<table width=100% height=89% border=0 cellpadding=0 cellspacing=1>
<tr valign=top>
<td class=left_main width=170 align=left scope=col>
<table class=hide width=100% border=0 cellpadding=1 cellspacing=0>";
// display links in top left of each page //
if ($links == "none") { // Display any links listed
echo "
<tr>
</tr>";
} else {
echo "
<tr>
<td class=left_rows height=7 align=left valign=middle> </td>
</tr>";
for ($x = 0; $x < count($display_links); $x++) {
echo "
<tr>
<td class=left_rows height=18 align=left valign=middle>
<a class=admin_headings href='$links[$x]'>
$display_links[$x]
</a>
</td>
</tr>";
}
}
// display form to submit signin/signout information //
echo "
<form name='timeclock' action='$self' method='post'>";
if ($links == "none") {
echo "
<tr>
<td height=7> </td>
</tr>";
} else {
echo "
<tr>
<td height=20> </td>
</tr>";
}
echo "
<tr>
<td class=title_underline height=4 align=left valign=middle style='padding-left:10px;'>
Please punch in below:
</td>
</tr>
<tr>
<td height=7> </td>
</tr>
<tr>
<td height=4 align=left valign=middle class=misc_items>
Name:
</td>
</tr>
<tr>
<td height=4 align=left valign=middle class=misc_items>";
// query to populate dropdown with employee names //
if ($show_display_name == "yes") {
$query = "select displayname from ".$db_prefix."employees where disabled <> '1' and empfullname <> 'admin' order by displayname";
$emp_name_result = mysql_query($query);
echo "
<select name='left_displayname' tabindex=1>
<option value =''>
...
</option>";
while ($row = mysql_fetch_array($emp_name_result)) {
$abc = stripslashes("".$row['displayname']."");
if ((isset($_COOKIE['remember_me'])) && (stripslashes($_COOKIE['remember_me']) == $abc)) {
echo "
<option selected>
$abc
</option>";
} else {
echo "
<option>
$abc
</option>";
}
}
echo "
</select>
</td>
</tr>
<tr>
<td height=7> </td>
</tr>";
mysql_free_result($emp_name_result);
} else { // Display full employee names
$query = "select empfullname from ".$db_prefix."employees where disabled <> '1' and empfullname <> 'admin' order by empfullname";
$emp_name_result = mysql_query($query);
echo "
<select name='left_fullname' tabindex=1>
<option value =''>
...
</option>";
while ($row = mysql_fetch_array($emp_name_result)) {
$def = stripslashes("".$row['empfullname']."");
if ((isset($_COOKIE['remember_me'])) && (stripslashes($_COOKIE['remember_me']) == $def)) {
echo "
<option selected>
$def
</option>";
} else {
echo "
<option>
$def
</option>";
}
}
echo "
</select>
</td>
</tr>
<tr>
<td height=7> </td>
</tr>";
mysql_free_result($emp_name_result);
}
// determine whether to use encrypted passwords or not //
if ($use_passwd == "yes") {
echo "
<tr>
<td height=4 align=left valign=middle class=misc_items>
Password:
</td>
</tr>
<tr>
<td height=4 align=left valign=middle class=misc_items>
<input type='password' name='employee_passwd' maxlength='25' size='17' tabindex=2>
</td>
</tr>
<tr>
<td height=7> </td>
</tr>";
}
echo "
<tr>
<td height=4 align=left valign=middle class=misc_items>
Status:
</td>
</tr>
<tr>
<td height=4 align=left valign=middle class=misc_items>";
// query to populate dropdown with punchlist items //
$query = "select punchitems from ".$db_prefix."punchlist";
$punchlist_result = mysql_query($query);
echo "
<select name='left_inout' tabindex=3>
<option value =''>
...
</option>";
while ($row = mysql_fetch_array($punchlist_result)) {
echo "
<option>
".$row['punchitems']."
</option>";
}
echo "
</select>
</td>
</tr>";
mysql_free_result( $punchlist_result );
echo "
<tr>
<td height=7> </td>
</tr>
<tr>
<td height=4 align=left valign=middle class=misc_items>
Notes:
</td>
</tr>
<tr>
<td height=4 align=left valign=middle class=misc_items>
<input type='text' name='left_notes' maxlength='250' size='17' tabindex=4>
</td>
</tr>";
if (! isset($_COOKIE['remember_me'])) {
echo "
<tr>
<td width=100%>
<table width=100% border=0 cellpadding=0 cellspacing=0>
<tr>
<td nowrap height=4 align=left valign=middle class=misc_items width=10%>
Remember Me?
</td>
<td width=90% align=left class=misc_items style='padding-left:0px;padding-right:0px;' tabindex=5>
<input type='checkbox' name='remember_me' value='1'>
</td>
</tr>
</table>
</td>
<tr>";
} elseif (isset($_COOKIE['remember_me'])) {
echo "
<tr>
<td width=100%>
<table width=100% border=0 cellpadding=0 cellspacing=0>
<tr>
<td nowrap height=4 align=left valign=middle class=misc_items width=10%>
Reset Cookie?
</td>
<td width=90% align=left class=misc_items style='padding-left:0px;padding-right:0px;' tabindex=5>
<input type='checkbox' name='reset_cookie' value='1'>
</td>
</tr>
</table>
</td>
<tr>";
}
echo "
<tr>
<td height=7> </td>
</tr>
<tr>
<td height=4 align=left valign=middle class=misc_items>
<input type='submit' name='submit_button' value='Punch Status' align='center' tabindex=6>
</td>
</tr>
</form>";
if ($display_weather == "yes") { // Display the weather information.
echo "
<tr>
<td height=25 align=left valign=bottom class=misc_items>
<font color='00589C'>
<b> <u>Weather Conditions:</u> </b>
</font>
</td>
</tr>
<tr>
<td height=7> </td>
</tr>
<tr>
<td align=left valign=middle class=misc_items>
<b>$city</b>
</td>
</tr>
<tr>
<td height=4> </td>
</tr>
<tr>
<td align=left valign=middle class=misc_items>
Currently: $temp°
</td>
</tr>
<tr>
<td height=4> </td>
</tr>
<tr>
<td align=left valign=middle class=misc_items>
Feels Like: $feelslike°
</td>
</tr>
<tr>
<td height=4> </td>
</tr>
<tr>
<td align=left valign=middle class=misc_items>
Skies: $cloud_cover
</td>
</tr>
<tr>
<td height=4> </td>
</tr>
<tr>
<td align=left valign=middle class=misc_items>
Wind: $wind_dir $wind$mph
</td>
</tr>
<tr>
<td height=4> </td>
</tr>";
if ($humidity == 'None') {
echo "
<tr>
<td align=left valign=middle class=misc_items>
Humidity: $humidity
</td>
</tr>";
} else {
echo "
<tr>
<td align=left valign=middle class=misc_items>
Humidity: $humidity%
</td>
</tr>";
}
echo "
<tr>
<td height=4> </td>
</tr>
<tr>
<td align=left valign=middle class=misc_items>
Visibility: $visibility miles
</td>
</tr>
<tr>
<td height=4> </td>
</tr>
<tr>
<td align=left valign=middle class=misc_items>
<font color='FF0000'>
Last Updated: $time
</font>
</td>
</tr>";
}
echo "
<tr>
<td height=90%> </td>
</tr>
</table>
</td>";
if ($request == 'POST') { // Process employee's punch information
// signin/signout data passed over from timeclock.php //
$inout = $_POST['left_inout'];
$notes = preg_replace("/[^[:alnum:] \,\.\?-]/","",strtolower($_POST['left_notes']));
// begin post validation //
if ($use_passwd == "yes") {
$employee_passwd = crypt($_POST['employee_passwd'], 'xy');
}
$query = "select punchitems from ".$db_prefix."punchlist";
$punchlist_result = mysql_query($query);
while ($row = mysql_fetch_array($punchlist_result)) {
$tmp_inout = "".$row['punchitems']."";
}
if (! isset($tmp_inout)) {
echo "Status is not in the database.";
exit;
}
// end post validation //
if ($show_display_name == "yes") {
if (! $displayname && ! $inout) {
echo "
<td align=left class=right_main scope=col>
<table width=100% height=100% border=0 cellpadding=10 cellspacing=1>
<tr class=right_main_text>
<td valign=top>
<br />
You have not chosen a username or a status. Please try again.
</td>
</tr>
</table>
</td>
</tr>";
include 'footer.php';
// Return the employee back to the punch interface after 5 seconds
echo "
<head>
<meta http-equiv='refresh' content=5;url=index.php>
</head>";
exit;
}
if (! $displayname) {
echo "
<td align=left class=right_main scope=col>
<table width=100% height=100% border=0 cellpadding=10 cellspacing=1>
<tr class=right_main_text>
<td valign=top>
<br />
You have not chosen a username. Please try again.
</td>
</tr>
</table>
</td>
</tr>";
include 'footer.php';
// Return the employee back to the punch interface after 5 seconds
echo "
<head>
<meta http-equiv='refresh' content=5;url=index.php>
</head>";
exit;
}
} elseif ($show_display_name == "no") {
if (! $fullname && ! $inout) {
echo "
<td align=left class=right_main scope=col>
<table width=100% height=100% border=0 cellpadding=10 cellspacing=1>
<tr class=right_main_text>
<td valign=top>
<br />
You have not chosen a username or a status. Please try again.
</td>
</tr>
</table>
</td>
</tr>";
include 'footer.php';
// Return the employee back to the punch interface after 5 seconds
echo "
<head>
<meta http-equiv='refresh' content=5;url=index.php>
</head>";
exit;
}
if (! $fullname) {
echo "
<td align=left class=right_main scope=col>
<table width=100% height=100% border=0 cellpadding=10 cellspacing=1>
<tr class=right_main_text>
<td valign=top>
<br />
You have not chosen a username. Please try again.
</td>
</tr>
</table>
</td>
</tr>";
include 'footer.php';
// Return the employee back to the punch interface after 5 seconds
echo "
<head>
<meta http-equiv='refresh' content=5;url=index.php>
</head>";
exit;
}
}
if (! $inout) {
echo "
<td align=left class=right_main scope=col>
<table width=100% height=100% border=0 cellpadding=10 cellspacing=1>
<tr class=right_main_text>
<td valign=top>
<br />
You have not chosen a status. Please try again.
</td>
</tr>
</table>
</td>
</tr>";
include 'footer.php';
// Return the employee back to the punch interface after 5 seconds
echo "
<head>
<meta http-equiv='refresh' content=5;url=index.php>
</head>";
exit;
}
// Get all the possible punch status names
$query = "select punchitems from ".$db_prefix."punchlist";
$punchlist_result = mysql_query($query);
// We need to get the full name if we're only displaying the display name
if ($show_display_name == "yes") {
$query = "select empfullname from ".$db_prefix."employees where displayname = '".$displayname."'";
$sel_result = mysql_query($query);
while ($row = mysql_fetch_array($sel_result)) {
$fullname = stripslashes("".$row["empfullname"]."");
$fullname = addslashes($fullname);
}
}
// Get the current punch name of that employee
$query = "select * from ".$db_prefix."info where fullname = '".$fullname."'";
$query = mysql_query($query);
// Find the last entry for the employee
$largestStamp = 0;
while ($row = mysql_fetch_array($query)) {
if ($row['timestamp'] > $largestStamp) {
$currentPunchName = $row['inout'];
$largestStamp = $row['timestamp'];
}
}
// Get the selected status
$query = "SELECT `in_or_out` FROM ".$db_prefix."punchlist WHERE punchitems = '".$inout."'";
$query = mysql_query($query);
$row = mysql_fetch_array($query);
$selectedStatus = $row['in_or_out']; // The first one should the be the current status code.
if($currentPunchName == "") {
$currentStatus = "NEVER CLOCKED IN YET";
} else { // Iterate through to find the current status of individual logging in
while ($punchName = mysql_fetch_array($punchlist_result)) {
if ($currentPunchName == $punchName['punchitems']) {
$query = "SELECT `in_or_out` FROM ".$db_prefix."punchlist WHERE punchitems = '".$currentPunchName."'";
$query = mysql_query($query);
$row = mysql_fetch_array($query);
$currentStatus = $row['in_or_out']; // The first one should the be the current status code.
break;
}
}
}
// Verify that the employee is not selecting the same status as his current status
if ($selectedStatus == $currentStatus) {
echo "
<td align=left class=right_main scope=col>
<table width=100% height=100% border=0 cellpadding=10 cellspacing=1>
<tr class=right_main_text>
<td valign=top>
<br />
The current punch status for ".$fullname." is ".$currentPunchName.". Please use a different status.
</td>
</tr>
</table>
</td>
</tr>";
include 'footer.php';
// Return the employee back to the punch interface after 5 seconds
echo "
<head>
<meta http-equiv='refresh' content=5;url=index.php>
</head>";
exit;
}
if ($use_passwd == "yes") { // Verify that the employee password is correct, if required
$sel_query = "select empfullname, employee_passwd from ".$db_prefix."employees where empfullname = '".$fullname."'";
$sel_result = mysql_query($sel_query);
while ($row=mysql_fetch_array($sel_result)) {
$tmp_password = "".$row["employee_passwd"]."";
}
if ($employee_passwd != $tmp_password) {
echo "
<td align=left class=right_main scope=col>
<table width=100% height=100% border=0 cellpadding=10 cellspacing=1>
<tr class=right_main_text>
<td valign=top>
<br />
You have entered the wrong password for $fullname. Please try again.
</td>
</tr>
</table>
</td>
</tr>";
include 'footer.php';
// Return the employee back to the punch interface after 5 seconds
echo "
<head>
<meta http-equiv='refresh' content=5;url=index.php>
</head>";
exit;
}
}
@$fullname = addslashes($fullname);
@$displayname = addslashes($displayname);
// configure timestamp to insert/update //
$time = time();
$hour = gmdate('H',$time);
$min = gmdate('i',$time);
$sec = gmdate('s',$time);
$month = gmdate('m',$time);
$day = gmdate('d',$time);
$year = gmdate('Y',$time);
$tz_stamp = mktime ($hour, $min, $sec, $month, $day, $year);
if ($show_display_name == "yes") {
$sel_query = "select empfullname from ".$db_prefix."employees where displayname = '".$displayname."'";
$sel_result = mysql_query($sel_query);
while ($row=mysql_fetch_array($sel_result)) {
$fullname = stripslashes("".$row["empfullname"]."");
$fullname = addslashes($fullname);
}
}
if (strtolower($ip_logging) == "yes") {
$query = "insert into ".$db_prefix."info (fullname, `inout`, timestamp, notes, ipaddress) values ('".$fullname."', '".$inout."', '".$tz_stamp."', '".$notes."', '".$connecting_ip."')";
} else {
$query = "insert into ".$db_prefix."info (fullname, `inout`, timestamp, notes) values ('".$fullname."', '".$inout."', '".$tz_stamp."', '".$notes."')";
}
$result = mysql_query($query);
$update_query = "update ".$db_prefix."employees set tstamp = '".$tz_stamp."' where empfullname = '".$fullname."'";
$other_result = mysql_query($update_query);
echo "
<td align=left class=right_main scope=col>
<table width=100% height=100% border=0 cellpadding=10 cellspacing=1>
<tr class=right_main_text>
<td valign=top>
<br />
Status changed successfully for $fullname to a status of $inout. <br>
</td>
</tr>
</table>
</td>
</tr>";
include 'footer.php';
// Return the employee back to the punch interface after 5 seconds
echo "
<head>
<meta http-equiv='refresh' content=5;url=index.php>
</head>";
}
?>
Header.php
Code: Select all
include 'functions.php';
ob_start();
echo "<html>";
// grab the connecting IP address. //
$connecting_ip = get_ipaddress();
if (empty($connecting_ip)) {
return FALSE;
}
// determine if connecting IP address is allowed to connect to PHP Timeclock //
if ($restrict_ips == "yes") {
for ($x = 0; $x < count($allowed_networks); $x++) {
$is_allowed = ip_range($allowed_networks[$x], $connecting_ip);
if (! empty($is_allowed)) {
$allowed = TRUE;
}
}
if (! isset($allowed)) {
echo "You are not authorized to view this page.";
exit;
}
}
// connect to db anc check for correct db version //
if ($use_persistent_connection == "yes") {
@ $db = mysql_pconnect($db_hostname, $db_username, $db_password);
} else {
@ $db = mysql_connect($db_hostname, $db_username, $db_password);
}
if (! $db) {
echo "Error: Could not connect to the database. Please try again later.";
exit;
}
mysql_select_db($db_name, $db);
$table = "dbversion";
$result = mysql_query("SHOW TABLES LIKE '".$db_prefix.$table."'");
@$rows = mysql_num_rows($result);
if ($rows == "1") {
$dbexists = "1";
} else {
$dbexists = "0";
}
$db_version_result = mysql_query("select * from ".$db_prefix."dbversion");
while (@$row = mysql_fetch_array($db_version_result)) {
@$my_dbversion = "".$row["dbversion"]."";
}
// include css and timezone offset//
if (($use_client_tz == "yes") && ($use_server_tz == "yes")) {
$use_client_tz = '$use_client_tz';
$use_server_tz = '$use_server_tz';
echo "Please reconfigure your config.inc.php file, you cannot have both $use_client_tz AND $use_server_tz set to 'yes'";
exit;
}
echo "
<head>";
if ($use_client_tz == "yes") {
if (! isset($_COOKIE['tzoffset'])) {
include 'tzoffset.php';
echo "
<meta http-equiv='refresh' content='0;URL=timeclock.php'>";
}
}
echo "
<link rel='stylesheet' type='text/css' media='screen' href='css/default.css' />
<link rel='stylesheet' type='text/css' media='print' href='css/print.css' />";
// set refresh rate for each page //
if ($refresh == "none") {
echo "
</head>
<body>";
} else {
echo "
<meta http-equiv='refresh' content=\"$refresh;URL=timeclock.php\">
<script language=\"javascript\" src=\"scripts/pnguin_timeclock.js\">
</script>
</head>
<body>";
}
// Set timezone information
if ($use_client_tz == "yes") {
if (isset($_COOKIE['tzoffset'])) {
$tzo = $_COOKIE['tzoffset'];
settype($tzo, "integer");
$tzo = $tzo * 60;
}
} elseif ($use_server_tz == "yes") {
$tzo = date('Z');
} else {
$tzo = "1";
}
?>