42 lines
1.7 KiB
PHP
42 lines
1.7 KiB
PHP
<?php
|
|
session_start();
|
|
require_once 'db/config.php';
|
|
|
|
if (!isset($_SESSION['loggedin']) || $_SESSION['loggedin'] !== true || ($_SESSION['role'] !== 'Admin' && $_SESSION['role'] !== 'HR')) {
|
|
header('location: login.php');
|
|
exit;
|
|
}
|
|
|
|
if (isset($_GET['id']) && isset($_GET['status'])) {
|
|
$id = $_GET['id'];
|
|
$status = $_GET['status'];
|
|
|
|
if ($status === 'approved' || $status === 'rejected') {
|
|
$sql = "UPDATE leave_requests SET status = :status WHERE id = :id";
|
|
if ($stmt = db()->prepare($sql)) {
|
|
$stmt->bindParam(':status', $status, PDO::PARAM_STR);
|
|
$stmt->bindParam(':id', $id, PDO::PARAM_INT);
|
|
if ($stmt->execute()) {
|
|
// Send email notification to the employee
|
|
require_once 'mail/MailService.php';
|
|
$sql_request = "SELECT lr.start_date, lr.end_date, u.username FROM leave_requests lr JOIN users u ON lr.employee_id = u.id WHERE lr.id = :id";
|
|
$stmt_request = db()->prepare($sql_request);
|
|
$stmt_request->bindParam(':id', $id, PDO::PARAM_INT);
|
|
$stmt_request->execute();
|
|
$request_data = $stmt_request->fetch(PDO::FETCH_ASSOC);
|
|
|
|
if ($request_data) {
|
|
$to = $request_data['username'];
|
|
$subject = "Your Leave Request has been " . ucfirst($status);
|
|
$body = "Your leave request from {$request_data['start_date']} to {$request_data['end_date']} has been <b>{$status}</b>.<br><br>"
|
|
. "Log in to the system for more details.";
|
|
MailService::sendMail($to, $subject, $body, strip_tags($body));
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
header('location: leave_requests.php');
|
|
exit;
|
|
?>
|