clemens/praxis-creutzburg-web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fd320ba0c600da3a8a7b855708e7dbe34ea09043
praxis-creutzburg-web/zeiterfassung/approveVacation.php
T

109 lines
4.4 KiB
PHP
Raw Blame History

<?php
session_start();
require_once("inc/config.inc.php");
require_once("inc/functions.inc.php");
require_once("inc/vacation_absence.inc.php");
$user = check_user();
if (!is_admin_user()) {
die('Zugriff verweigert. Nur Chefs dürfen Anträge genehmigen.');
}
vacationAbsenceEnsureSchema($pdo);
// Handle approve/reject actions
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['id']) && isset($_POST['action'])) {
$id = (int)$_POST['id'];
$action = $_POST['action'];
if ($action === 'approve') {
$stmt = $pdo->prepare("UPDATE vacations SET status = 'genehmigt', approved_by = ?, approved_at = NOW() WHERE id = ?");
$stmt->execute([$_SESSION['userid'], $id]);
} elseif ($action === 'reject') {
$stmt = $pdo->prepare("UPDATE vacations SET status = 'abgelehnt', approved_by = ?, approved_at = NOW() WHERE id = ?");
$stmt->execute([$_SESSION['userid'], $id]);
} elseif ($action === 'delete' && is_admin_user()) {
$del = $pdo->prepare("DELETE FROM vacations WHERE id = ?");
$del->execute([$id]);
}
header('Location: approveVacation.php');
exit();
}
include 'header.php';
// List pending and recent requests
$stmt = $pdo->prepare("SELECT v.*, u.vorname, u.nachname, u.email FROM vacations v JOIN users u ON v.user_id = u.id ORDER BY v.created_at DESC");
$stmt->execute();
$requests = $stmt->fetchAll();
?>
<div class="container">
<h2>Abwesenheitsanträge - Genehmigung</h2>
<table class="table table-bordered">
<thead>
<tr>
<th>Mitarbeiter</th>
<th>Grund</th>
<th>Von</th>
<th>Bis</th>
<th>Tage</th>
<th>Kommentar</th>
<th>Status</th>
<th>Aktion</th>
</tr>
</thead>
<tbody>
<?php foreach ($requests as $r): ?>
<tr>
<td><?php echo htmlspecialchars($r['vorname'] . ' ' . $r['nachname']); ?></td>
<td><?php echo htmlspecialchars(vacationAbsenceReasonLabel($r['absence_reason'] ?? 'urlaub')); ?></td>
<td><?php echo htmlspecialchars((string)$r['start_date']); ?></td>
<td><?php echo htmlspecialchars((string)$r['end_date']); ?></td>
<td><?php echo (int)$r['days']; ?></td>
<td><?php echo htmlspecialchars((string)($r['comment_user'] ?? '')); ?></td>
<td>
<?php
if ($r['status'] === 'beantragt' || $r['status'] === null) {
echo '<span class="badge badge-warning">Beantragt</span>';
} elseif ($r['status'] === 'genehmigt') {
echo '<span class="badge badge-success">Genehmigt</span>';
} else {
echo '<span class="badge badge-danger">Abgelehnt</span>';
}
?>
</td>
<td>
<?php if ($r['status'] !== 'genehmigt'): ?>
<form method="post" style="display:inline-block; margin-right:6px;">
<input type="hidden" name="id" value="<?php echo (int)$r['id']; ?>">
<input type="hidden" name="action" value="approve">
<button class="btn btn-sm btn-success" type="submit">Genehmigen</button>
</form>
<?php endif; ?>
<?php if ($r['status'] !== 'abgelehnt'): ?>
<form method="post" style="display:inline-block;">
<input type="hidden" name="id" value="<?php echo (int)$r['id']; ?>">
<input type="hidden" name="action" value="reject">
<button class="btn btn-sm btn-danger" type="submit">Ablehnen</button>
</form>
<?php endif; ?>
<form method="post" style="display:inline-block; margin-left:6px;" onsubmit="return confirm('Wirklich löschen?');">
<input type="hidden" name="id" value="<?php echo (int)$r['id']; ?>">
<input type="hidden" name="action" value="delete">
<button class="btn btn-sm btn-outline-danger" type="submit">Löschen</button>
</form>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<?php include 'footer.php'; ?>
Reference in New Issue View Git Blame Copy Permalink