<?php
session_start();
include '../config.inc.php';
include 'header.php';
include 'topmain.php';
echo "<title>$title - Create Group</title>\n";
$self = $_SERVER['PHP_SELF'];
$request = $_SERVER['REQUEST_METHOD'];
if (!isset($_SESSION['valid_user'])) {
echo "<table width=100% border=0 cellpadding=7 cellspacing=1>\n";
echo " <tr class=right_main_text><td height=10 align=center valign=top scope=row class=title_underline>PHP Timeclock Administration</td></tr>\n";
echo " <tr class=right_main_text>\n";
echo " <td align=center valign=top scope=row>\n";
echo " <table width=200 border=0 cellpadding=5 cellspacing=0>\n";
echo " <tr class=right_main_text><td align=center>You are not presently logged in, or do not have permission to view this page.</td></tr>\n";
echo " <tr class=right_main_text><td align=center>Click <a class=admin_headings href='../login.php'><u>here</u></a> to login.</td></tr>\n";
echo " </table><br /></td></tr></table>\n"; exit;
}
if ($request == 'GET') {
echo "<table width=100% height=89% border=0 cellpadding=0 cellspacing=1>\n";
echo " <tr valign=top>\n";
echo " <td class=left_main width=180 align=left scope=col>\n";
echo " <table class=hide width=100% border=0 cellpadding=1 cellspacing=0>\n";
// display links in top left of each page //
echo " <tr><td class=left_rows height=11></td></tr>\n";
echo " <tr><td class=left_rows_headings height=18 valign=middle>Users</td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/user.png' alt='User Summary' />
<a class=admin_headings href='useradmin.php'>User Summary</a></td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/user_add.png' alt='Create New User' />
<a class=admin_headings href='usercreate.php'>Create New User</a></td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/magnifier.png' alt='User Search' />
<a class=admin_headings href='usersearch.php'>User Search</a></td></tr>\n";
echo " <tr><td class=left_rows height=33></td></tr>\n";
echo " <tr><td class=left_rows_headings height=18 valign=middle>Offices</td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/brick.png' alt='Office Summary' />
<a class=admin_headings href='officeadmin.php'>Office Summary</a></td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/brick_add.png' alt='Create New Office' />
<a class=admin_headings href='officecreate.php'>Create New Office</a></td></tr>\n";
echo " <tr><td class=left_rows height=33></td></tr>\n";
echo " <tr><td class=left_rows_headings height=18 valign=middle>Groups</td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/group.png' alt='Group Summary' />
<a class=admin_headings href='groupadmin.php'>Group Summary</a></td></tr>\n";
echo " <tr><td class=current_left_rows height=18 align=left valign=middle><img src='../images/icons/group_add.png' alt='Create New Group' />
<a class=admin_headings href='groupcreate.php'>Create New Group</a></td></tr>\n";
echo " <tr><td class=left_rows height=33></td></tr>\n";
echo " <tr><td class=left_rows_headings height=18 valign=middle colspan=2>In/Out Status</td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/application.png' alt='Status Summary' />
<a class=admin_headings href='statusadmin.php'>Status Summary</a></td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/application_add.png' alt='Create Status' />
<a class=admin_headings href='statuscreate.php'>Create Status</a></td></tr>\n";
echo " <tr><td class=left_rows height=33></td></tr>\n";
echo " <tr><td class=left_rows_headings height=18 valign=middle colspan=2>Miscellaneous</td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/clock.png' alt='Add/Edit/Delete Time' />
<a class=admin_headings href='timeadmin.php'>Add/Edit/Delete Time</a></td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/application_edit.png' alt='Edit System Settings' />
<a class=admin_headings href='sysedit.php'>Edit System Settings</a></td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/database_go.png'
alt='Upgrade Database' /> <a class=admin_headings href='dbupgrade.php'>Upgrade Database</a></td></tr>\n";
echo " </table></td>\n";
echo " <td align=left class=right_main scope=col>\n";
echo " <table width=100% height=100% border=0 cellpadding=10 cellspacing=1>\n";
echo " <tr class=right_main_text>\n";
echo " <td valign=top>\n";
echo " <br />\n";
echo " <table align=center class=table_border width=60% border=0 cellpadding=3 cellspacing=0>\n";
echo " <form name='form' action='$self' method='post'>\n";
echo " <tr>\n";
echo " <th class=rightside_heading nowrap halign=left colspan=3><img src='../images/icons/group_add.png' /> Create Group
</th>\n";
echo " </tr>\n";
echo " <tr><td height=15></td></tr>\n";
echo " <tr><td class=table_rows height=25 width=20% style='padding-left:32px;' nowrap>Group Name:</td><td colspan=2 align=left width=80%
style='color:red;font-family:Tahoma;font-size:10px;padding-left:20px;'>
<input type='text' size='25' maxlength='50' name='post_groupname'> *</td></tr>\n";
// query to populate dropdown with parent offices //
$query = "select * from ".$db_prefix."offices order by officename asc";
$result = mysql_query($query);
echo " <tr><td class=table_rows height=25 width=20% style='padding-left:32px;' nowrap>Parent Office:</td><td colspan=2 align=left width=80%
style='color:red;font-family:Tahoma;font-size:10px;padding-left:20px;'>
<select name='select_office_name'>\n";
echo " <option value ='1'>Choose One</option>\n";
while ($row=mysql_fetch_array($result)) {
echo " <option>".$row['officename']."</option>\n";
}
echo " </select> *</td></tr>\n";
mysql_free_result($result);
echo " <tr><td class=table_rows align=right colspan=3 style='color:red;font-family:Tahoma;font-size:10px;'>* required </td></tr>\n";
echo " </table>\n";
echo " <table align=center width=60% border=0 cellpadding=0 cellspacing=3>\n";
echo " <tr><td height=40> </td></tr>\n";
echo " <tr><td width=30><input type='image' name='submit' value='Create Group' align='middle'
src='../images/buttons/next_button.png'></td><td><a href='groupadmin.php'><img src='../images/buttons/cancel_button.png'
border='0'></td></tr></table></form></td></tr>\n";include '../footer.php'; exit;
}
elseif ($request == 'POST') {
$select_office_name = $_POST['select_office_name'];
$post_groupname = $_POST['post_groupname'];
echo "<table width=100% height=89% border=0 cellpadding=0 cellspacing=1>\n";
echo " <tr valign=top>\n";
echo " <td class=left_main width=180 align=left scope=col>\n";
echo " <table class=hide width=100% border=0 cellpadding=1 cellspacing=0>\n";
echo " <tr><td class=left_rows height=11></td></tr>\n";
echo " <tr><td class=left_rows_headings height=18 valign=middle>Users</td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/user.png' alt='User Summary' />
<a class=admin_headings href='useradmin.php'>User Summary</a></td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/user_add.png' alt='Create New User' />
<a class=admin_headings href='usercreate.php'>Create New User</a></td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/magnifier.png' alt='User Search' />
<a class=admin_headings href='usersearch.php'>User Search</a></td></tr>\n";
echo " <tr><td class=left_rows height=33></td></tr>\n";
echo " <tr><td class=left_rows_headings height=18 valign=middle>Offices</td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/brick.png' alt='Office Summary' />
<a class=admin_headings href='officeadmin.php'>Office Summary</a></td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/brick_add.png' alt='Create New Office' />
<a class=admin_headings href='officecreate.php'>Create New Office</a></td></tr>\n";
echo " <tr><td class=left_rows height=33></td></tr>\n";
echo " <tr><td class=left_rows_headings height=18 valign=middle>Groups</td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/group.png' alt='Group Summary' />
<a class=admin_headings href='groupadmin.php'>Group Summary</a></td></tr>\n";
echo " <tr><td class=current_left_rows height=18 align=left valign=middle><img src='../images/icons/group_add.png' alt='Create New Group' />
<a class=admin_headings href='groupcreate.php'>Create New Group</a></td></tr>\n";
echo " <tr><td class=left_rows height=33></td></tr>\n";
echo " <tr><td class=left_rows_headings height=18 valign=middle colspan=2>In/Out Status</td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/application.png' alt='Status Summary' />
<a class=admin_headings href='statusadmin.php'>Status Summary</a></td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/application_add.png' alt='Create Status' />
<a class=admin_headings href='statuscreate.php'>Create Status</a></td></tr>\n";
echo " <tr><td class=left_rows height=33></td></tr>\n";
echo " <tr><td class=left_rows_headings height=18 valign=middle colspan=2>Miscellaneous</td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/clock.png' alt='Add/Edit/Delete Time' />
<a class=admin_headings href='timeadmin.php'>Add/Edit/Delete Time</a></td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/application_edit.png' alt='Edit System Settings' />
<a class=admin_headings href='sysedit.php'>Edit System Settings</a></td></tr>\n";
echo " <tr><td class=left_rows height=18 align=left valign=middle><img src='../images/icons/database_go.png'
alt='Upgrade Database' /> <a class=admin_headings href='dbupgrade.php'>Upgrade Database</a></td></tr>\n";
echo " </table></td>\n";
echo " <td align=left class=right_main scope=col>\n";
echo " <table width=100% height=100% border=0 cellpadding=10 cellspacing=1>\n";
echo " <tr class=right_main_text>\n";
echo " <td valign=top>\n";
echo " <br />\n";
$post_groupname = stripslashes($post_groupname);
$select_office_name = stripslashes($select_office_name);
$post_groupname = addslashes($post_groupname);
$select_office_name = addslashes($select_office_name);
// begin post validation //
if (!empty($select_office_name)) {
$query = "select * from ".$db_prefix."offices where officename = '".$select_office_name."'";
$result = mysql_query($query);
while ($row=mysql_fetch_array($result)) {
$getoffice = "".$row['officename']."";
$officeid = "".$row['officeid']."";
}
mysql_free_result($result);
}
if ((!isset($getoffice)) && ($select_office_name != '1')) {echo "Office is not defined for this user. Go back and associate this user with an office.\n";
exit;}
// check for duplicate groupnames with matching officeids //
$query = "select * from ".$db_prefix."groups where groupname = '".$post_groupname."' and officeid = '".@$officeid."'";
$result = mysql_query($query);
while ($row=mysql_fetch_array($result)) {
$tmp_groupname = "".$row['groupname']."";
}
$string = strstr($post_groupname, "\'");
$string2 = strstr($post_groupname, "\"");
if ((!empty($string)) || (empty($post_groupname)) || (!eregi ("^([[:alnum:]]| |-|_|\.)+$", $post_groupname)) || ($select_office_name == '1') ||
(@$tmp_groupname == $post_groupname) || (!empty($string2))) {
if (!empty($string)) {
echo " <table align=center class=table_border width=60% border=0 cellpadding=0 cellspacing=3>\n";
echo " <tr><td class=table_rows width=20 align=center><img src='../images/icons/cancel.png' /></td><td class=table_rows_red>
Apostrophes are not allowed when creating a Group Name.</td></tr>\n";
echo " </table>\n";
}elseif (!empty($string2)) {
echo " <table align=center class=table_border width=60% border=0 cellpadding=0 cellspacing=3>\n";
echo " <tr><td class=table_rows width=20 align=center><img src='../images/icons/cancel.png' /></td><td class=table_rows_red>
Double Quotes are not allowed when creating a Group Name.</td></tr>\n";
echo " </table>\n";
}elseif (empty($post_groupname)) {
echo " <table align=center class=table_border width=60% border=0 cellpadding=0 cellspacing=3>\n";
echo " <tr><td class=table_rows width=20 align=center><img src='../images/icons/cancel.png' /></td><td class=table_rows_red>
A Group Name is required.</td></tr>\n";
echo " </table>\n";
}elseif (!eregi ("^([[:alnum:]]| |-|_|\.)+$", $post_groupname)) {
echo " <table align=center class=table_border width=60% border=0 cellpadding=0 cellspacing=3>\n";
echo " <tr><td class=table_rows width=20 align=center><img src='../images/icons/cancel.png' /></td><td class=table_rows_red>
Alphanumeric characters, hyphens, underscores, spaces, and periods are allowed when creating a Group Name.</td></tr>\n";
echo " </table>\n";
}elseif ($select_office_name == '1') {
echo " <table align=center class=table_border width=60% border=0 cellpadding=0 cellspacing=3>\n";
echo " <tr><td class=table_rows width=20 align=center><img src='../images/icons/cancel.png' /></td><td class=table_rows_red>
A Parent Office must be chosen.</td></tr>\n";
echo " </table>\n";
}elseif (@$tmp_groupname == $post_groupname) {
echo " <table align=center class=table_border width=60% border=0 cellpadding=0 cellspacing=3>\n";
echo " <tr><td class=table_rows width=20 align=center><img src='../images/icons/cancel.png' /></td><td class=table_rows_red>
Group already exists. Create another group.</td></tr>\n";
echo " </table>\n";
}
echo " <br />\n";
// end post validation //
if (!empty($string)) {$post_groupname = stripslashes($post_groupname);}
if (!empty($string2)) {$post_groupname = stripslashes($post_groupname);}
echo " <table align=center class=table_border width=60% border=0 cellpadding=3 cellspacing=0>\n";
echo " <form name='form' action='$self' method='post'>\n";
echo " <tr>\n";
echo " <th class=rightside_heading nowrap halign=left colspan=3><img src='../images/icons/group_add.png' /> Create Group
</th>\n";
echo " </tr>\n";
echo " <tr><td height=15></td></tr>\n";
echo " <tr><td class=table_rows height=25 width=20% style='padding-left:32px;' nowrap>Group Name:</td><td colspan=2 align=left width=80%
style='color:red;font-family:Tahoma;font-size:10px;padding-left:20px;'>
<input type='text' size='25' maxlength='50' name='post_groupname' value=\"$post_groupname\"> *</td></tr>\n";
if (!empty($string)) {$post_groupname = addslashes($post_groupname);}
if (!empty($string2)) {$post_groupname = addslashes($post_groupname);}
// query to populate dropdown with parent offices //
$query = "select * from ".$db_prefix."offices order by officename asc";
$result = mysql_query($query);
echo " <tr><td class=table_rows height=25 width=20% style='padding-left:32px;' nowrap>Parent Office:</td><td colspan=2 align=left width=80%
style='color:red;font-family:Tahoma;font-size:10px;padding-left:20px;'>
<select name='select_office_name'>\n";
echo " <option value ='1'>Choose One</option>\n";
while ($row=mysql_fetch_array($result)) {
if ("".$row['officename']."" == $select_office_name) {
echo " <option selected>".$row['officename']."</option>\n";
} else {
echo " <option>".$row['officename']."</option>\n";
}
}
echo " </select> *</td></tr>\n";
mysql_free_result($result);
echo " <tr><td class=table_rows align=right colspan=3 style='color:red;font-family:Tahoma;font-size:10px;'>* required </td></tr>\n";
echo " </table>\n";
echo " <table align=center width=60% border=0 cellpadding=0 cellspacing=3>\n";
echo " <tr><td height=40> </td></tr>\n";
echo " <tr><td width=30><input type='image' name='submit' value='Create Group' align='middle'
src='../images/buttons/next_button.png'></td><td><a href='groupadmin.php'><img src='../images/buttons/cancel_button.png'
border='0'></td></tr></table></form></td></tr>\n";include '../footer.php'; exit;
} else {
$query = "insert into ".$db_prefix."groups (groupname, officeid) values ('".$post_groupname."', '".$officeid."')";
$result = mysql_query($query);
echo " <table align=center class=table_border width=60% border=0 cellpadding=0 cellspacing=3>\n";
echo " <tr><td class=table_rows width=20 align=center><img src='../images/icons/accept.png' /></td><td class=table_rows_green>
Group created successfully.</td></tr>\n";
echo " </table>\n";
echo " <br />\n";
echo " <table align=center class=table_border width=60% border=0 cellpadding=3 cellspacing=0>\n";
echo " <tr>\n";
echo " <th class=rightside_heading nowrap halign=left colspan=3><img src='../images/icons/group_add.png' /> Create Group
</th>\n";
echo " </tr>\n";
echo " <tr><td height=15></td></tr>\n";
echo " <tr><td class=table_rows width=20% height=25 style='padding-left:32px;' nowrap>Group Name:</td><td class=table_rows width=80%
style='padding-left:20px;' colspan=2>$post_groupname</td></tr>\n";
echo " <tr><td class=table_rows height=25 width=20% style='padding-left:32px;' nowrap>Parent Office:</td><td class=table_rows width=80%
style='padding-left:20px;' colspan=2>$select_office_name</td></tr>\n";
echo " <tr><td height=15></td></tr>\n";
echo " </table>\n";
echo " <table align=center width=60% border=0 cellpadding=0 cellspacing=3>\n";
echo " <tr><td height=20 align=left> </td></tr>\n";
echo " <tr><td><a href='groupcreate.php'><img src='../images/buttons/done_button.png' border='0'></td></tr></table></td></tr>\n";
include '../footer.php'; exit;
}
}
?>