0 ? tenantScopedRequestById($id) : null; if (!$request) { flash('warning', 'That request could not be found inside the active tenant.'); redirectWithCompany('/leave_requests.php'); } if ($_SERVER['REQUEST_METHOD'] === 'POST') { $action = (string)($_POST['action'] ?? ''); $reason = trim((string)($_POST['rejection_reason'] ?? '')); if (in_array($action, ['approve', 'reject'], true) && reviewLeaveRequest((int)$request['id'], $action, $reason)) { flash('success', $action === 'approve' ? 'Leave request approved.' : 'Leave request rejected with reason recorded.'); redirectWithCompany('/leave_request.php', ['id' => (int)$request['id']]); } flash('danger', 'Unable to update request. Rejections require a reason and only pending items can be reviewed.'); redirectWithCompany('/leave_request.php', ['id' => (int)$request['id']]); } $request = tenantScopedRequestById($id); renderPageStart( 'Leave Request Detail', 'Inspect a tenant-scoped leave request, review the audit trail, and approve or reject safely.', 'requests' ); ?>

Request detail

·

Request # for .

Employee

Department submitted

Dates → day(s)

Created UTC

Reason

Rejection reason

Review actions

Approve or reject

Already reviewed

This request is locked after status resolution for a cleaner audit trail.

Isolation check

Tenant safety

Detail query is filtered by request id + active company_id.
List, dashboard, and create flow reuse the same tenant context.
Switching companies changes visible records without cross-tenant leakage.