91 lines
3.0 KiB
PHP
91 lines
3.0 KiB
PHP
<?php
|
|
session_start();
|
|
require_once('inc/config.inc.php');
|
|
require_once('inc/functions.inc.php');
|
|
|
|
$user = check_user();
|
|
if (!is_admin_user()) {
|
|
die('Zugriff verweigert. Nur Chefs dürfen Betriebsurlaub verwalten.');
|
|
}
|
|
|
|
// Create table if not exists (optional helper)
|
|
// Administrators can also run the SQL directly in DB. This is just a convenience.
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['start_date']) && isset($_POST['end_date'])) {
|
|
$start = $_POST['start_date'];
|
|
$end = $_POST['end_date'];
|
|
$desc = trim($_POST['description'] ?? 'Betriebsurlaub');
|
|
|
|
$stmt = $pdo->prepare("INSERT INTO company_holidays (start_date, end_date, description, created_by) VALUES (?, ?, ?, ?)");
|
|
$stmt->execute([$start, $end, $desc, $_SESSION['userid']]);
|
|
|
|
header('Location: company_holidays.php');
|
|
exit();
|
|
}
|
|
|
|
include 'header.php';
|
|
|
|
$stmt = $pdo->prepare("SELECT * FROM company_holidays ORDER BY start_date DESC");
|
|
$stmt->execute();
|
|
$holidays = $stmt->fetchAll();
|
|
|
|
?>
|
|
|
|
<div class="container">
|
|
<h2>Betriebsurlaub verwalten</h2>
|
|
|
|
<form method="post" class="form-inline mb-3">
|
|
<div class="form-group mr-2">
|
|
<label>Von:</label>
|
|
<input type="date" name="start_date" class="form-control" required>
|
|
</div>
|
|
<div class="form-group mr-2">
|
|
<label>Bis:</label>
|
|
<input type="date" name="end_date" class="form-control" required>
|
|
</div>
|
|
<div class="form-group mr-2">
|
|
<label>Beschreibung:</label>
|
|
<input type="text" name="description" class="form-control" placeholder="z. B. Betriebsurlaub Weihnachten">
|
|
</div>
|
|
<button class="btn btn-primary">Hinzufügen</button>
|
|
</form>
|
|
|
|
<table class="table table-bordered">
|
|
<thead>
|
|
<tr>
|
|
<th>Von</th>
|
|
<th>Bis</th>
|
|
<th>Beschreibung</th>
|
|
<th>Erstellt von</th>
|
|
<th>Aktion</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<?php foreach ($holidays as $h): ?>
|
|
<tr>
|
|
<td><?php echo $h['start_date']; ?></td>
|
|
<td><?php echo $h['end_date']; ?></td>
|
|
<td><?php echo htmlspecialchars($h['description']); ?></td>
|
|
<td><?php
|
|
$s = $pdo->prepare("SELECT vorname, nachname FROM users WHERE id = ?");
|
|
$s->execute([$h['created_by']]);
|
|
$u = $s->fetch();
|
|
echo htmlspecialchars($u['vorname'] . ' ' . $u['nachname']);
|
|
?></td>
|
|
<td>
|
|
<form method="post" action="deleteCompanyHoliday.php" onsubmit="return confirm('Betriebsurlaub wirklich löschen?');">
|
|
<input type="hidden" name="id" value="<?php echo intval($h['id']); ?>">
|
|
<button class="btn btn-sm btn-danger">Löschen</button>
|
|
</form>
|
|
</td>
|
|
</tr>
|
|
<?php endforeach; ?>
|
|
</tbody>
|
|
</table>
|
|
|
|
</div>
|
|
|
|
<?php include 'footer.php';
|
|
|
|
?>
|