Copybara bot | be50d49 | 2023-11-30 00:16:42 +0100 | [diff] [blame] | 1 | <?php |
| 2 | require_once("core.php"); |
| 3 | security::checkType(security::ADMIN); |
| 4 | |
| 5 | if (!security::checkParams("POST", [ |
| 6 | ["worker", security::PARAM_NEMPTY] |
| 7 | ])) { |
| 8 | security::go("users.php?msg=unexpected"); |
| 9 | } |
| 10 | |
| 11 | $w = workers::get((int)$_POST["worker"]); |
| 12 | |
| 13 | if ($w === false) { |
| 14 | security::go("users.php?msg=unexpected"); |
| 15 | } |
| 16 | |
| 17 | if (!security::checkParams("POST", [ |
| 18 | ["begins", security::PARAM_ISDATE], |
| 19 | ["ends", security::PARAM_ISDATE] |
| 20 | ])) { |
| 21 | security::go("userschedule.php?id=".(int)$w["person"]."&msg=empty"); |
| 22 | } |
| 23 | |
| 24 | $begins = $_POST["begins"]; |
| 25 | $ends = $_POST["ends"]; |
| 26 | |
| 27 | $status = schedules::add($w["id"], $begins, $ends); |
| 28 | |
| 29 | switch ($status) { |
| 30 | case 0: |
| 31 | $id = mysqli_insert_id($con); |
| 32 | security::go("schedule.php?id=".(int)$id."&msg=added"); |
| 33 | break; |
| 34 | |
| 35 | case 1: |
| 36 | security::go("userschedule.php?id=".(int)$w["person"]."&msg=overlaps"); |
| 37 | break; |
| 38 | |
| 39 | case 3: |
| 40 | security::go("userschedule.php?id=".(int)$w["person"]."&msg=order"); |
| 41 | break; |
| 42 | |
| 43 | default: |
| 44 | security::go("userschedule.php?id=".(int)$w["person"]."&msg=unexpected"); |
| 45 | break; |
| 46 | } |