www.dev2.delv-in.com - UnknownSec 403

upload mass deface mass delete console info server
name : schedule.php
 <?php
/*
	Delve Dev staff schedule controller
*/
include('ini.php');
    $Template = new Template;
    $Schedule_Ad_Hoc = new Schedule_Ad_Hoc;
    $Staff_Away = new Staff_Away;

    date_default_timezone_set($_SESSION['timeZone']);




// set cookies
    if (!isset($_SESSION['edit_mode'])){
        $_SESSION['edit_mode'] = 'off';
    } 
    if (isset($_POST['edit_mode'])){
        $_SESSION['edit_mode'] = $_POST['edit_mode'];
    }

	if (isset($_POST['submitBut'])){

		if (strpos($_POST['submitBut'], 'Previous Week') !== FALSE){
			$_SESSION['weekOfTS'] =  $_SESSION['weekOfTS'] - 60*60*24*7;

		} else if (strpos($_POST['submitBut'], 'Next Week') !== FALSE){
		    $_SESSION['weekOfTS'] =   $_SESSION['weekOfTS'] + 60*60*24*7;

		} else if ($_POST['submitBut'] == 'JUMP' && $_POST['jumpDate'] != ''){
			$jumpDateTS = strtotime($_POST['jumpDate'].", 12:00 PM");
            $jumpWeekTS = $jumpDateTS - (date('w',$jumpDateTS) * (60*60*24));
            $_SESSION['weekOfTS'] = $jumpWeekTS;

		} else if (isset($_POST['weekOfTS'])){
            $_SESSION['weekOfTS'] = $_POST['weekOfTS'];

        } else if (!isset($_SESSION['weekOfTS'])){
            $weekOfTS = strtotime(date('F j, Y')) - (date('w') * (60*60*24));
            $_SESSION['weekOfTS'] = $weekOfTS;
        }
	}



// update the datebase

    if ($_POST['submitBut'] == 'Save'){
        // ad hoc change to employee schedule
        $error = FALSE;
        $start1 = '';
        $start2 = '';
        $finish1 = '';
        $finish2 = '';
        if ($_POST['ad_hoc_schedID'] > 0){
            $check_box_id = date('Mj,Y', $_POST['dateTS']).$_POST['userID'];
        } else {
            $check_box_id = date('Mj,Y', $_POST['dateTS']).$_POST['jobAreaID'];
        }
        

        if (isset($_POST['sHour1'])){
            if ($_POST['sHour1'] > 0){
                if ($_POST['sAMPM1'] == 'PM' && $_POST['sHour1'] < 12){
                    $start1 = $_POST['sHour1'] + 12 . $_POST['sMin1'];
                } else {
                    $start1 = str_pad($_POST['sHour1'],2, '0', STR_PAD_LEFT).$_POST['sMin1'];
                }
            }
            if (isset($_POST['fHour1'])){
                if ($_POST['fAMPM1'] == 'PM' && $_POST['fHour1'] < 12){
                    $finish1 = $_POST['fHour1'] + 12 . $_POST['fMin1'];
                } else {
                    $finish1 = str_pad($_POST['fHour1'],2, '0',  STR_PAD_LEFT).$_POST['fMin1'];
                }
            }
        }
//     echo __line__.": ".$finish1."<br>";

        if (!isset($_POST['check'.$check_box_id])){
        // no split shift
            $start2 = '';
            $meal_min2 = '';
            $finish2 = '';
        } else {
            $meal_min2 = htmlentities($_POST['meal_min2']);
            if ($_POST['sHour2'] > 0){
                if ($_POST['sAMPM2'] == 'PM' && $_POST['sHour2'] < 12){
                    $start2 = $_POST['sHour2'] + 12 . $_POST['sMin2'];
                } else {
                    $start2 = str_pad($_POST['sHour2'],2, '0', STR_PAD_LEFT).$_POST['sMin2'];
                }

            }
            if ($_POST['fHour2'] > 0){
                if ($_POST['fAMPM2'] == 'PM' && $_POST['fHour2'] < 12){
                    $finish2 = $_POST['fHour2'] + 12 . $_POST['fMin2'];
                } else {
                    $finish2 = str_pad($_POST['fHour2'],2, '0',  STR_PAD_LEFT).$_POST['fMin2'];
                }
            }

        }
        

// echo __line__.": ".$_POST['userID']." ".eval($start1).", ".$finish1.", meal=".$_POST['meal_min']."<br>";

        if ((strtotime(date('M j, Y').", ".$start1) >= strtotime(date('M j, Y').", ".$finish1) && $finish1 != '') || (strtotime(date('M j, Y').", ".$start2) >= strtotime(date('M j, Y').", ".$finish2) && $finish2 != '')){
            $error = TRUE;
            $Template->set_alert("ERROR: the start time must come before the end time.", 'error');
        }
        if (($start1 == '' && $finish1 == '') && ($start2 == '' && $finish2 == '')){
            $error = TRUE;
            $Template->set_alert("ERROR: you must provide a start and and end time for a work shift.", "error");
        }


        if ($error == FALSE){

            // echo __line__.": " . $start1." - " . $finish1." | " . $start2 . " -  ". $finish2."<br>";
            $Schedule_Ad_Hoc->add_mod($_POST['ad_hoc_schedID'], $_POST['userID'], $start1, $finish1, $start2, $finish2, htmlentities($_POST['meal_min1'], ENT_QUOTES), $meal_min2, $_POST['dateTS'], htmlspecialchars($_POST['comment']));

        }

    } else if ($_POST['submitBut'] == 'Delete Shift'){

        $Schedule_Ad_Hoc->add_mod($_POST['ad_hoc_schedID'], $_POST['userID'], '', '', '', '', '', '', $_POST['dateTS'], $_POST['comment']);


    } else if ($_POST['submitBut'] == 'Revert to Default Schedule'){
        $Schedule_Ad_Hoc->delete($_POST['ad_hoc_schedID']);

    } else if ($_POST['submitBut'] == 'Save Note'){

        $Schedule_Note = new Schedule_Note;
        $Schedule_Note->add_mod($_POST['sched_note_ID'], $_POST['note'], $_POST['dateTS']);

    } else if ($_POST['submitBut'] == 'office_closed'){

        $Schedule_Note = new Schedule_Note;
        $Schedule_Note->set_closed($_POST['sched_note_ID'], $_POST['dateTS']);


    }


include('includes/private_header.php');

    echo $Template->get_alerts();

    if ($_SESSION['LID'] > 0){


        $Template->load('views/v_schedule.php');


    } else {

        include('views/v_sess_exp.php');
    }


include('includes/private_footer.php');
?>
UnknownSec Shell
