Staff Holiday Manager

[d0nny]

I downloaded a Holiday Manager app from Sourceforge which looks exactly what I want to manage a small team.
Firstly, I think the app is now longer supported but I think it could be, and secondly, it doesn't work for me.

I have loaded the code onto my server and everything seemed to work fine (

http://www.pigl.co.uk/holidays/).

Upoon first login, the login screen asks for Email and Password. If a new user is created (thro the Admin interface), a password is emailed to that user. Once the user logins in using the email address and the emailed password, the code knows this is a first time user and asks the user to change their password. On the change password screen, you are prompted for a new password plus a confirmation. Once this is entered, the login screen is then shown again. And now a user cannot login.

I'm not sure where to start with what I seem to think is a simply script problem.
Here's the login script:

<?php
//USERS inc file! Not admin!
//
// You WILL need to edit the next line to reflect your setup! DO NOT REALLY RUN AS ROOT!
$dbh=mysql_connect("localhost","dbuser","dbpasswd") or die("Oops can't connect to db!"); //open db. change user and pass for your server
mysql_select_db("dbname") or die("Oops can't select db!"); // change this if the db name is different
session_start(); //set cookie session up
if (!$_SESSION["Loginuser"]) { // if no cookie print login form
	if ($_POST["email"] AND $_POST["pass"]) { //if both email and pass are posted to the form (ie we're ready to log in)
		$Email=$_POST["email"]; //THESE NEED TO BE MADE MORE SECURE!
		$Pass=$_POST["pass"]; //We need to escape quotes etc.
		$mydb=mysql_query("SELECT ID,active from users WHERE Email='$Email' and Pass=MD5('$Pass') LIMIT 1");//find if these credentials are real.
		if ($data=mysql_fetch_array($mydb)) {
			if ($data["active"] == "y") { // check this user has activated their account 
				$_SESSION["Loginuser"]=$data["ID"];	//set cookie if correct
			} else {
				$_SESSION["Inactive"]=$data["ID"]; // set a session so we can remember them!
				header("Location: ./activate.php"); // send them over to the activation page.
				exit;
			}
		}
		$me=$_SERVER['REQUEST_URI']; 
		header("Location: $me"); //redirect us back to ourself once we've logged in
		exit; //quit else we'd run this all twice! Obviously if the pass is wrong execution will continue.
	}
	print <<<EOL
		<head>
		<link rel="stylesheet" href="./stylesheet.css"> 
			<title>Holiday Booking</title>
		</head>
		
		<body>
			<table style="text-align: left; width: 100%; height: 100%;" border="1" cellpadding="2" cellspacing="2">
			<tbody>
			<tr>
			<td
 style="background-color: rgb(102, 153, 255); text-align: left; width: 12%; vertical-align: top;">&nbsp;</td>
			<td style="background-color: rgb(153, 204, 255); vertical-align: top;">
				<span style="font-family: helvetica,arial,sans-serif;">
				<h1>Welcome to the holiday booking system!</h1>
			<form action=
EOL;
	echo $_SERVER["REQUEST_URI"];
	print <<<EOL
	 method=post>
	<table border="1">
		<tr>
		<td>Email</td>
		<td><input type="text" name="email" value="$Email"></td>
		</tr>
		
		<tr>
		<td>Pass</td>
		<td><input type="password" name="pass"></td>
		</tr>
		
		<tr>
		<td><input type="submit"></td>
		</tr>
		
	</table>
		
		</td>
		
		</form>
		</table>
		
		</body>
		</html>
EOL;
	die(); // quit while we're ahead!
	
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<link rel="stylesheet" href="./stylesheet.css" /> 
<?php
function dayoftheyeartodate($day,$year) { // turn a day of the year into a real date
		$daysinmonth=array(0,31,28,31,30,31,30,31,31,30,31,30,31); // these are the number of days in each month in the year. First value is 0 so we can use real month numbers offset from one.
		if ($year % 4 == 0 AND $year % 100 <> 0 OR $year % 400 == 0) {
			$daysinmonth[2]=29;	// make feb have 29 days in leap years. We've got til 2400 before all the code is needed, but hey!
		}
		$mymonth=0; $myday=0; $myyear=$year;
		$daysleft=$day;//daysleft will drop down til 0, subtracting the number of days in each month. month counts up, daysleft counts down
		for ($month=1; $month<13;$month++) {
			if ($daysleft <= $daysinmonth[$month]) {
				$mymonth=$month;
				$myday=$daysleft;
				return array($myday,$mymonth,$myyear);	//returns an array of the real date
			} else {
				$daysleft-=$daysinmonth[$month];	// or move to the next month if we have "extraneous" days
			}
			
		}
}
function datetodayoftheyear($day,$month,$year) { //does what the other one does, backwards... works by adding days from the daysinmonth array til the relevant month, then the modulus number of days
	$daysinmonth=array(0,31,28,31,30,31,30,31,31,30,31,30,31);
	if ($year % 4 == 0 AND $year % 100 <> 0 OR $year % 400 == 0) {
		$daysinmonth[2]=29;	
	}	
	$dayoftheyear=0;
	for ($mon=1;$mon<$month;$mon++) {
		$dayoftheyear+=$daysinmonth[$mon];
	}
	$dayoftheyear+=$day;
	return $dayoftheyear;
}

?>
  <meta content="text/html; charset=ISO-8859-1"
 http-equiv="content-type" />
  <title>Holiday Bookings</title>
</head>
<body>
<table class="mainTable">
  <tbody>
    <tr>
      <td class="leftwin">
      <h4>Menu</h4>
      
        <p><a href="index.php">Summary</a></p>
        <p><a href="calendar.php">Calendar</a></p>
        <p><a href="changepass.php">Change Password</a></p>
        <p><a href="logout.php">Log out</a></p>
    
      
      <div id="gotobottom">
      <b>Staff Holiday Manager</b><br />
      <a href="[URL unfurl="true"]http://sourceforge.net/projects/staffhols/"[/URL] target="New_window">Visit me!</a>
      
     
   	</div>
      </td>
      <td class="rightwin">

I somehow think that you'll need more than this.

If you want to try to login under a fresh login, let me know and I can create a user and allow you to see the issue.

Many thanks in anticipation ...

 

[johnwm]

I would seriously suggest you either write your own, or find another pre-written script. This one shows up as version 0.2.0 and is known to be in alpha phase (that's really no more than first concept software), and the developer seems to have abandoned development 3 years ago.

___________________________________________________________
If you want the best response to a question, please check out FAQ222-2244 first.
'If we're supposed to work in Hex, why have we only got A fingers?'
Drive a Steam Roller
Steam Engine Prints

 

[jpadie]

i wrote one for another tek tips user using javascript drag and drop and a mysql back end (in fact it could also use a sqlite db). if you let us know your actual requirements i can see more precisely whether my code might work for you.

 

[d0nny]

Thanks for your feedback guys.

johnwm - I know this script has been abandoned but I thought the bare bones of it would be enough to use it. In fact, the Admin interface works fine and I've no doubt the user front end would work well too with a little tweak. The problem is that I'm not competent enough to write my own script from scratch.

jpadie - I would be very interested in your previous script, if it works for me. I simply want to manage my staff's holiday time. I want to allow them to request holiday (from 0.5 day to their max. allowance), I can access the system to authorise the holiday and then users can view a monthly/yearly calendar which specifies who has holiday.
I'm not sure I need an Admin interface, but I would like the holiday's to have different statuses - requested, authorised, etc. I also need to set the amount of days each employee has. So, for example, John has 25 days holiday allowance and when he logs in he can see how many days he has allocated, how many he has requested/authorised and how many he has left.
One other requirement might be that I have different groups/departments setup in the system and can allocated which staff members are in which department. This is pretty much how the PHP script I initially posted works, but I can't get the user login script to work.

Your help would be appreciated.

 

[jpadie]

interesting. it sounds simple but what you are, in fact, requesting is user management with authorisation tree management. when you delve into the nitty gritty of an authorisation tree, and the business rules around it, the complexity spirals.

i'll see what i have in the tool box.

 

[ingresman]

Does it have to be a web app. We use an excel spreadsheet.

 

[d0nny]

Many thanks.

Actually, I loathe to tell you guys what to do, but taking a look at the full app as I have listed above might not be a bad idea as this does contain almost all of the features I require.
Surely it would be better to adopt something that is already there and tweak it?

But I would obviously bow to your superior knowledge.
Thanks again ...

 

[d0nny]

ingresman - although an Excel spreadsheet would be suffice in terms of recording days and showing the amount left, I actually want something that has some sort of authorisation process, and Excel wouldn't really do this (OK, maybe it would but it would all be very manual).

I'm thinking of a web-app as this would be much easier to manage for a large(ish) number of people, rather than everyone trying to access the same spreadsheet.

But yes, this would do the trick - just not very glamorous!

 

[ingresman]

But yes, this would do the trick - just not very glamorous!

That's it !! - they key to should I use an IT system or not. I'm an architect so I sometimes see that IT solutions are not always the simplest or best.
We have 250 in my team and only the line managers have the password to the sheet. This has the bonus that you have to ask your line manager if you can have the time off and he has to put it in. It at least stops them saying in 2 weeks "who said you could have time off ?

 

[d0nny]

I agree with you, but I want to automate the process of authorisation whilst giving the users the ability to plan and request holiday from the comfort of their own desk.

The spreadsheet system would certainly work, but is very manual, and being in the IT field, it would just make sense to utilise the tools and technology to make this process easy.

[Anyway, anyone with a little know-how (and Google) could crack an Excel password! You could argue the same for web apps, but it's ultimately more difficult.]

 

[d0nny]

jpadie - just wondered if you had managed to find anything in your toolbox for this?

Many thanks ...

 

[jpadie]

d0nny

thanks for the reminder. the answer is yes and no. i have found the guts of an application that i wrote for a fellow tek-tipper that was essentially a demo of drag and drop and ajax interaction. it was based on a calendar metaphor so that all could see everyone's holidays. it has no user management within it though.

the missing pieces are user management, role management and authorisation trees. I am writing these modules for a corporate intranet I am designing for and would be happy to make the full code available to you once it's done. if I get some decent time over the next couple of days i might have something fit for purpose by the end of the weekend.

 

[d0nny]

Magic.
I'll wait to see what magic you can conjure up ...

 

[jpadie]

bump.

i haven't given up on this at all. in fact, i've been working on it more or less constantly in my spare time as the authorisation tree element is central to other modules of a general corporate intranet that i am building.

in terms of progress, i've built most of the back end of the holiday request management system; and have built the calendar output side of the UI. I have yet to build the other aspects of the UI.

because i've now jumped this from an ad-hoc sunday afternoon project to a full part of a larger application, i haven't wanted just to knock something up so there is unlikely to be a quick solution posted. but when it's finished it should all look neat and tidy!

 

[d0nny]

Many thanks.
I was just thinking about this (and you) today! I didn't want to pester you so I thought I would just leave you.

And I'm sure this will be a quality piece that a lot of users will like ...

Many, many thanks !

 

[d0nny]

Hi jpadie

Seems like you're working for me?!!
Just wondered if this holiday system was progressed?

Many thanks ...

 

[jpadie]

it's coming along, thanks. the user management script is part of the overall architecture; so that's what i'm currently working on. then it's the auth queue management and we're done.

 

[jpadie]

in fact, d0nny, if you have any suggestions or mock-ups of what you would like to see in the UI, then by all means post them to me. use my tek-tips handle at rathercurious.net!

 

[d0nny]

OK, I'll try to get some mock ups sorted out.
Do you mean for the user management or for the holiday system, or both?

 

[jpadie]

for whatever you'd like to influence! the user management is an overlay for permissions and 'user management' throughout the whole intranet app i'm writing. the holiday (in fact, absence) management system is just a module within the intranet. it can live separately from the other modules but not from the user management piece.

ideally the look and feel will be similar. the calendaring aspect of the holiday app is written and the css for this (and calendar plotting code) is up on rathercurious.net. feel free to adapt the css as you like to fit in with your whims. yours can then become the default 'theme' so to speak. feel free to get in touch directly on this, since the UI is hardly central to your original question and the dialogue will most likely not help future readers too much!