employee_admin.php

这是一个用于资产管理的源码工具包

		// phone number
		echo "<td class='text13bold' align='right'><font class='text13bold'><b>Phone Number:&nbsp;</b></font></td>";
		echo "<td class='text13bold'><input name='tel' type='text' size='20' class='boxtext13bold' size=30 value=\"" . $tel . "\"></td>";
		echo "</tr><tr>";

		// organization
		echo "<td class='text13bold' align='right'><font class='text13bold'><b>Organization:&nbsp;</b></font></td>";
		echo "<td class='text13bold'><input name='organization' type='text' size='20' class='boxtext13bold' size=30 value=\"" . $organization . "\"></td>";
		echo "</tr><tr>";

		// dept
		echo "<td class='text13bold' align='right'><font class='text13bold'><b>Dept:&nbsp;</b></font></td>";
		echo "<td class='text13bold'><input name='dept' type='text' size='20' class='boxtext13bold' size=30 value=\"" . $dept . "\"></td>";
		echo "</tr><tr>";

		// location
		echo "<td class='text13bold' align='right'><font class='text13bold'><b>Location:&nbsp;</b></font></td>";
		echo "<td class='text13bold'><input name='building' type='text' size='3' class='boxtext13bold' value=\"" . $building . "\"> <input name='floor' type='text' size='3' class='boxtext13bold' value=\"" . $floor . "\">-<input name='workstation' type='text' size='2' class='boxtext13bold' value=\"" . $workstation . "\"></td>";
		echo "</tr><tr>";

		// active checkbox
		if ($my_access_level > 1) {
			echo "<td class='text13bold' align='right' valign='top' rowspan=2><font class='text13bold'><b>Active:&nbsp;</b></font></td>";
			echo "<td class='text13bold'><input type='checkbox' name='active' " . $active_text . " valign='top' rowspan=2>&nbsp;&nbsp;&nbsp;&nbsp;";
			echo "<font class='text13bold'><b>Access: <select name='accesslevel' size='1' class='boxtext13bold'>";
			echo "<option value='1'" . $user_select . ">User</option>";
			echo "<option value='2'" . $admin_select . ">Admin</option>";
			echo "</select> </b></font>";
			echo "</td>";
		} else {
			echo "<td class='text13bold' valign='right' rowspan=2>&nbsp;</td>";
			echo "<td class='text13bold' rowspan=2>&nbsp;</td>";
		}
		echo "</tr>";
		echo "</table>";
		echo "</td>";
		echo "</tr>";
		echo "</table>";
		echo "</td></tr></table>";
		echo "<hr size=0 color='" . $hrcolor . "'>";
		echo "<font color='#ff0033' face='arial' size='4'><b> *</b></font> <font class='text10bold'>denotes a required field</font>";
		echo "<p><center>";
		echo "<a href='javascript:history.back()'><img src='images/back.jpg' width=88 height=27 border=0></a>";
		if ($insert == true) echo "<input type='image' name='submit' src='images/add.jpg' border=0 width=88 height=27></center></form>";
		else echo "<input type='image' name='submit' src='images/update.jpg' border=0 width=88 height=27></center></form>";
		echo "<p><br>";
	} else {
		// complete the transaction (either insert or update)
		if ($insert == true) {
			// insert
			if ($my_access_level < 2) {
				$accesslevel = 1;
				$active = 1;
			}
			$sql = "INSERT INTO " . $emp_db . "Employees (lastname,firstname,tel,organization,dept,building,floor,workstation,loginname,email,accesslevel,active,userpass) VALUES ('" . $lastname . "','" . $firstname . "','" . $tel . "','" . $organization . "','" . $dept . "','" . $building . "','" . $floor . "','" . $workstation . "','" . $loginname . "','" . $email . "',1,1,Password('" . $password . "'))";
			if ($result = doSql($sql)) {
				if ($register == true) {
					employee_menu_header(true,$insertupdatetext,"Registration Succesful", $key);
					employee_tabs($key);
					employee_print_info($key);
					echo "<table width=100% bgcolor='#ffdddd'><tr><td><br>";
					echo "<blockquote><font class='text12'>You have now been registered in the system.  Click Next To Login.</font></blockquote>";
					echo "<p></td></tr></table>";
					echo "<p><center>";
					echo "<a href='" . $PHP_SELF . "?action=login&lastaction=" . $lastaction . "&lastkey=" . $lastkey . "'><img src='images/next.jpg' border=0 width=88 height=27></a>";
					echo "</center>";
				} else {
					employee_menu_header(true,$insertupdatetext,"New Employee Added Succesfully", $key);
					employee_tabs($key);
					employee_print_info($key);
					echo "<table width=100% bgcolor='#ffdddd'><tr><td><br>";
					echo "<blockquote><font class='text12'>The employee has been successfully added to the system</font></blockquote>";
					echo "<p></td></tr></table>";
				}
			} else {
				employee_menu_header(true,$insertupdatetext,"<font class=text18bold color='#ff0033'>ERROR: An error occurred while inserting", $key);
				employee_tabs($key);
				echo "<table width=100% bgcolor='#ffdddd'><tr><td><br>";
				echo "<blockquote><font class='text12'>An error occurred while attempting to update the database. Please contact the webmaster. <p>This is action attempted: " . $sql . "<p>" . mysql_error() . "</font></blockquote>";
				echo "<p></td></tr></table>";
			}
		} else {
			// update
			if ((strcmp($resetpassword,"on") == 0) && ($demo_mode == false)) {
				$password_reset = ",UserPass=Password('" . $password . "') ";
				if ($key == $my_emp_id)	$activepass = $password;
			} else {
				$password_reset = "";
			}
			if ($key == $my_emp_id)	$activelogin = $loginname;
			if ($my_access_level > 1) $extra_sql = ",accesslevel=" . $accesslevel . ",active=" . $active . "" . $password_reset;
			else $extra_sql = "";
			$sql = "UPDATE " . $emp_db . "Employees SET lastname='" . $lastname . "',firstname='" . $firstname . "',tel='" . $tel . "',organization='" . $organization . "',dept='" . $dept . "',building='" . $building . "',floor='" . $floor . "',workstation='" . $workstation . "',loginname='" . $loginname . "',email='" . $email . "'" . $extra_sql . " WHERE id=" . $key . ";";
			if ($result = doSql($sql)) {
				employee_menu_header(true,"Update","Employee Updated Succesfully", $key);
				employee_tabs($key);
				employee_print_info($key);
				echo "<table width=100% bgcolor='#ffdddd'><tr><td><br>";
				echo "<blockquote><font class='text12'>The employee has been successfully updated</font></blockquote>";
				echo "<p></td></tr></table>";
			} else {
				employee_menu_header(true,"Update","<font class=text18bold color='#ff0033'>ERROR: An error occurred while updating", $key);
				employee_tabs($key);
				echo "<table width=100% bgcolor='#ffdddd'><tr><td><br>";
				echo "<blockquote><font class='text12'>An error occurred while attempting to update the database. Please contact the webmaster. <p>This is action attempted: " . $sql . "<p>" . mysql_error() . "</font></blockquote>";
				echo "<p></td></tr></table>";
			}
		}
	}
}

// the user changes their password
function employee_admin_change_password($key) {
	global $oldpassword, $password, $passwordagain, $activelogin, $activepass, $complete;
	global $print_screen;
	global $hrcolor;
	global $emp_db;
	global $cancel_form;
	global $demo_mode;
	// check if the change password is completed, the old password matches, the new password matches, and valid characters are used
	if (($complete == "1") && ($demo_mode == false)) {
		if (strcmp($oldpassword,$activepass) == 0) {
			if (strcmp($password,$passwordagain) == 0) {
				if (is_alphanum_str($password) == false) {			
					$sql = "UPDATE " . $emp_db . "Employees SET UserPass=Password('" . $password . "') WHERE " . $emp_db . "Employees.Id=" . $key . ";";
					if ($result = doSql($sql)) {
						$top_text = "Change Password";
						$header_text = "Password Changed Successfully";
						$msg_text = "<p><blockquote><font class='text12'>Your password has been changed successfully.</blockquote></font>";
						$activepass = $password;
						$cancel_form = true;
					} else {
						$top_text = "Change Password";
						$header_text = "<font color='#ff0033'>ERROR: An error occurred while trying to update the database.</font>";
						$msg_text = "<p><blockquote><font class='text12'>Please contact the webmaster. This is action attempted: " . $sql . "<p>" . $sql_error . "</blockquote></font>";
						$cancel_form = false;
						$sql_error = mysql_error();
					}
				} else {
					$top_text = "Change Password";
					$header_text = "<font color='#ff0033'>ERROR: New password contains invalid characters.</font>";
					$msg_text = "<p><blockquote><font class='text12'>Password must only use letters A to Z and digits 0 to 9. Please re-enter the information again.</blockquote></font>";
				}
			} else {
				$top_text = "Change Password";
				$header_text = "<font color='#ff0033'>ERROR: New Password was retyped incorrectly.</font>";
				$msg_text = "<p><blockquote><font class='text12'>Please re-enter the information again.</blockquote></font>";
			}
		} else {
			$top_text = "Change Password";
			$header_text = "<font color='#ff0033'>ERROR: Incorrect Old Password.</font>";
			$msg_text = "<p><blockquote><font class='text12'>Please re-enter the information again.</blockquote></font>";
		}
	} else {
		$top_text = "";
		$header_text = "Change Password";
		$msg_text = "";
	}

	employee_menu_header(true, $top_text, $header_text, $key);
	
	// if there's a problem or this is the first time running the screen, print out the form
	if ($cancel_form == false) {
		echo "<form action='" . $PHP_SELF . "' method=get><blockquote>";
		echo "<input type='hidden' name='action' value='employeepassword'>";
		echo "<input type='hidden' name='complete' value='1'>";
		echo "<input type='hidden' name='key' value='" . $key . "'>";
		echo "<center><table><tr>";
		echo "<td class='text12bold' align='right'>Old Password:</td>";
		echo "<td class='text12'><input name='oldpassword' type='password' size=30 class='boxtext13'></td>";
		echo "</tr></tr>";
		echo "<td class='text12bold' align='right'>New Password:</td>";
		echo "<td class='text12'><input name='password' type='password' size=30 class='boxtext13'></td>";
		echo "</tr></tr>";
		echo "<td class='text12bold' align='right'>New Password Again:</td>";
		echo "<td class='text12'><input name='passwordagain' type='password' size=30 class='boxtext13'></td>";
		echo "</tr>";
		echo "<tr><td class='text12' colspan=2>";
		echo "<center><input type=image src='images/update.jpg' width=88 height=27 border=0></center>";
		echo "</td></tr></table></center>";
		echo "</blockquote></form>";
	}
}

// completes erases an employee and all their assignments
function employee_admin_erase($key) {
	global $complete;
	global $my_emp_id;
	global $emp_db;

	if ($my_emp_id == $key) {
		employee_menu_header(true,"","<font color='#ff0033'>ERROR: Cannot Erase Yourself</font>",$key);
		employee_tabs($key);
		employee_print_info($key);
		echo "<table width=100% bgcolor='#ffdddd'><tr><td><br>";
		echo "<blockquote><font class='text12'><font color='#ff0033'><b>For security reasons, you cannot erase yourself.</b></font></font></blockquote>";
		echo "<p></td></tr></table>";
		echo "<p><center>";
		echo "<a href='" . $PHP_SELF . "?action=employees'><img src='images/next.jpg' width=88 height=27 border=0></a>";
		echo "</center>";
		echo "<p><br>";
	} else {
		if ($complete == "1") {
			employee_menu_header(true,"","Erase Employee","");
			$result = doSql("DELETE FROM Assignments WHERE EmployeeId=" . $key);
			$result = doSql("DELETE FROM " . $emp_db . "Employees WHERE Id=" . $key);
			echo "<table width=100% bgcolor='#ffdddd'><tr><td><br>";
			echo "<blockquote><font class='text12'>Employee Erased Successfully</font></blockquote>";
			echo "<p></td></tr></table>";
			echo "<p><center>";
			echo "<a href='" . $PHP_SELF . "?action=employees'><img src='images/next.jpg' width=88 height=27 border=0></a>";
			echo "</center>";
			echo "<p><br>";
		} else {
			employee_menu_header(true,"","Erase Employee",$key);
			employee_tabs($key);
			employee_print_info($key);
			echo "<table width=100% bgcolor='#ffdddd'><tr><td><br>";
			echo "<blockquote><font class='text12'><font color='#ff0033'><b>WARNING!</b></font> This will erase all traces of the employee including all transfers and sign outs.  Are you sure you want to do this?</font></blockquote>";
			echo "<p></td></tr></table>";
			echo "<p><center>";
			echo "<a href='" . $PHP_SELF . "?action=employeeerase&key=" . $key . "&complete=1'><img src='images/yes.jpg' width=88 height=27 border=0></a>";
			echo "<a href='" . $PHP_SELF . "?action=employeeview&key=" . $key . "'><img src='images/no.jpg' width=88 height=27 border=0></a>";
			echo "</center>";
			echo "<p><br>";
		}
	}
}
?>