Mini Kabibi Habibi

Current Path : C:/xampp/htdocs/cid/fts/New folder/
Upload File :
Current File : C:/xampp/htdocs/cid/fts/New folder/attendance.php

<?php
	if(isset($_POST['employee'])){
		$output = array('error'=>false);
 
		include 'conn.php';
		include 'timezone.php';

		$employee = $_POST['employee'];
		$status = $_POST['status'];

		$sql = "SELECT * FROM employee WHERE username = '$employee'";
		$query = $conn->query($sql);

		if($query->num_rows > 0){
			$row = $query->fetch_assoc();
			$id = $row['id'];

			$date_now = date('Y-m-d');

			if($status == 'in'){
				$sql = "SELECT * FROM time_record WHERE employee_id = '$id' AND date = '$date_now' AND timeIn IS NOT NULL";
				$query = $conn->query($sql);
				if($query->num_rows > 0){
					$output['error'] = true;
					$output['message'] = 'You have timed in for today';
				}
				else{
					//updates
					$sched = $row['schedule_id'];
					$lognow = date('H:i:s');
					$sql = "SELECT * FROM schedules WHERE id = '$sched'";
					$squery = $conn->query($sql);
					$srow = $squery->fetch_assoc();
					$logstatus = ($lognow > $srow['timeIn']) ? 0 : 1;
					//
					$sql = "INSERT INTO time_record (username, employee_id, date, timeIn, status) SELECT username ,'$id', '$date_now', NOW(), '$logstatus' FROM employee WHERE username = '$employee'";
					if($conn->query($sql)){
						$output['message'] = 'Time in: '.$row['username'];
					}
					else{
						$output['error'] = true;
						$output['message'] = $conn->error;
					}
				}
			}
			else{
				$sql = "SELECT *, time_record.id AS uid FROM time_record LEFT JOIN employee ON employee.id=time_record.employee_id WHERE time_record.employee_id = '$id' AND date = '$date_now'";
				$query = $conn->query($sql);
				if($query->num_rows < 1){
					$output['error'] = true;
					$output['message'] = 'Cannot Timeout. No time in.';
				}
				else{
					$row = $query->fetch_assoc();
					if($row['timeOut'] != '00:00:00'){
						$output['error'] = true;
						$output['message'] = 'You have timed out for today';
					}
					else{
						
						$sql = "UPDATE time_record SET timeOut = NOW() WHERE id = '".$row['uid']."'";
						if($conn->query($sql)){
							$output['message'] = 'Time out:'.$row['username'];

							$sql = "SELECT * FROM time_record WHERE id = '".$row['uid']."'";
							$query = $conn->query($sql);
							$urow = $query->fetch_assoc();

							$timeIn = $urow['timeIn'];
							$timeOut = $urow['timeOut'];

							$sql = "SELECT * FROM employee LEFT JOIN schedules ON schedules.id=employee.schedule_id WHERE employee.id = '$id'";
							$query = $conn->query($sql);
							$srow = $query->fetch_assoc();

							if($srow['timeIn'] > $urow['timeIn']){
								$timeIn = $srow['timeIn'];
							}

							if($srow['timeOut'] < $urow['timeIn']){
								$timeOut = $srow['timeOut'];
							}

							$timeIn = new DateTime($timeIn);
							$timeOut = new DateTime($timeOut);
							$interval = $timeIn->diff($timeOut);
							$hrs = $interval->format('%h');
							$mins = $interval->format('%i');
							$mins = $mins/60;
							$int = $hrs + $mins;
							if($int > 4){
								$int = $int - 1;
							}

							$sql = "UPDATE time_record SET num__hr = '$int' WHERE id = '".$row['uid']."'";
							$conn->query($sql);
						}
						else{
							$output['error'] = true;
							$output['message'] = $conn->error;
						}
					}
					
				}
			}
		}
		else{
			$output['error'] = true;
			$output['message'] = 'Employee ID not found';
		}
		
	}
	
	echo json_encode($output);

?>