Changeset 2500839
- Timestamp:
- 03/22/2021 10:16:32 AM (5 years ago)
- Location:
- wp-hr-manager/trunk
- Files:
-
- 8 edited
-
includes/class-install.php (modified) (1 diff)
-
includes/functions-people.php (modified) (2 diffs)
-
includes/updates/update-1.0.php (modified) (2 diffs)
-
modules/hrm/includes/class-employee.php (modified) (2 diffs)
-
modules/hrm/includes/class-hr-log.php (modified) (3 diffs)
-
modules/hrm/includes/functions-leave.php (modified) (7 diffs)
-
readme.txt (modified) (2 diffs)
-
wp-hr-manager.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
wp-hr-manager/trunk/includes/class-install.php
r2475648 r2500839 664 664 if(!$res){ 665 665 $gmt_offset = get_option('gmt_offset'); 666 $wpdb->query( "ALTER TABLE `{$wpdb->prefix}wphr_company_locations` add `office_timezone` varchar(10) DEFAULT '$gmt_offset' after `phone`");666 $wpdb->query( $wpdb->prepare("ALTER TABLE `{$wpdb->prefix}wphr_company_locations` add `office_timezone` varchar(10) DEFAULT %s after `phone`", $gmt_offset) ); 667 667 } 668 668 $res = $wpdb->query("SELECT * FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = '".$wpdb->dbname."' AND TABLE_NAME = '{$wpdb->prefix}wphr_hr_employees' AND COLUMN_NAME = 'send_mail_to_reporter'"); -
wp-hr-manager/trunk/includes/functions-people.php
r2127919 r2500839 68 68 $sql['select'][] = "GROUP_CONCAT( DISTINCT t.name SEPARATOR ',') AS types"; 69 69 $sql['join'][] = "LEFT JOIN $type_rel_tb AS r ON people.id = r.people_id LEFT JOIN $types_tb AS t ON r.people_types_id = t.id"; 70 $sql_from_tb = "FROM $pep_tbAS people";70 $sql_from_tb = "FROM %s AS people"; 71 71 $sql_people_type = "where ( select count(*) from $types_tb 72 72 inner join $type_rel_tb … … 139 139 if ( $count ) { 140 140 // Only filtered total count of people 141 $items = $wpdb->get_var( apply_filters( 'wphr_get_people_total_count_query', $final_query, $args) );141 $items = $wpdb->get_var( $wpdb->prepare( apply_filters( 'wphr_get_people_total_count_query', $final_query, $args ), $pep_tb ) ); 142 142 } else { 143 143 // Fetch results from people table 144 $results = $wpdb->get_results( apply_filters( 'wphr_get_people_total_query', $final_query, $args), ARRAY_A );144 $results = $wpdb->get_results( $wpdb->prepare( apply_filters( 'wphr_get_people_total_query', $final_query, $args ), $pep_tb), ARRAY_A ); 145 145 array_walk( $results, function( &$results ) { 146 146 $results['types'] = explode(',', $results['types'] ); -
wp-hr-manager/trunk/includes/updates/update-1.0.php
r2127919 r2500839 117 117 118 118 /** 119 * Populate the contact relations table with people type data120 *121 * @since 1.0122 *123 * @return void124 */125 function wpwphr_update_1_0_populate_types_table() {126 global $wpdb;127 128 $query = "SELECT * FROM {$wpdb->prefix}wphr_peoples";129 $peoples = $wpdb->get_results( $query );130 131 if ( ! $peoples ) {132 return;133 }134 135 // as we know the id's, don't create extra queries for the first migration136 $type_id_mapping = [137 'contact' => 1,138 'company' => 2,139 'customer' => 3,140 'vendor' => 4141 ];142 143 $table_name = 'INSERT INTO ' . $wpdb->prefix . 'wphr_people_type_relations (people_id, people_types_id, deleted_at ) VALUES';144 $insert_queries = [];145 146 foreach ($peoples as $people) {147 $insert_queries[] = sprintf( "(%d, '%s', '%s')", $people->id, $type_id_mapping[ $people->type ], $people->deleted_at );148 }149 150 $insert_query = $table_name . ' ' . implode( ', ', $insert_queries );151 152 $wpdb->query( $insert_query );153 }154 155 /**156 119 * Drop the type column in people table 157 120 * … … 170 133 wpwphr_update_1_0_create_table(); 171 134 wpwphr_update_1_0_create_people_types_table(); 172 wpwphr_update_1_0_populate_types_table();173 135 wpwphr_update_1_0_drop_types_column(); -
wp-hr-manager/trunk/modules/hrm/includes/class-employee.php
r2279207 r2500839 217 217 218 218 if ( false === $row ) { 219 $query = "SELECT e.*, d.title as designation_title, dpt.title as department_title, dpt.employee_label as department_profile_label, loc.name as location_name219 $query = $wpdb->prepare("SELECT e.*, d.title as designation_title, dpt.title as department_title, dpt.employee_label as department_profile_label, loc.name as location_name 220 220 FROM {$wpdb->prefix}wphr_hr_employees AS e 221 221 LEFT JOIN {$wpdb->prefix}wphr_hr_designations AS d ON d.id = e.designation 222 222 LEFT JOIN {$wpdb->prefix}wphr_hr_depts AS dpt ON dpt.id = e.department 223 223 LEFT JOIN {$wpdb->prefix}wphr_company_locations AS loc ON loc.id = e.location 224 WHERE user_id = %d" ;225 $row = $wpdb->get_row( $ wpdb->prepare( $query, $this->id ));224 WHERE user_id = %d", $this->id); 225 $row = $wpdb->get_row( $query ); 226 226 wp_cache_set( $cache_key, $row, 'wphr' ); 227 227 } … … 786 786 global $wpdb; 787 787 788 $sql = "SELECT *788 $sql = $wpdb->prepare("SELECT * 789 789 FROM {$wpdb->prefix}wphr_hr_employee_history 790 790 WHERE user_id = %d 791 ORDER BY id DESC" ;791 ORDER BY id DESC", $this->id); 792 792 793 793 $history = array( 'job' => array(), 'compensation' => array(), 'employment' => array() ); 794 $results = $wpdb->get_results( $ wpdb->prepare( $sql , $this->id ));794 $results = $wpdb->get_results( $sql ); 795 795 796 796 if ( $results ) { -
wp-hr-manager/trunk/modules/hrm/includes/class-hr-log.php
r2485387 r2500839 377 377 378 378 global $wpdb; 379 $query = "SELECT user_id379 $query = $wpdb->prepare("SELECT user_id 380 380 FROM {$wpdb->prefix}wphr_hr_employee_history 381 WHERE id = %d" ;382 $user_id = $wpdb->get_var( $ wpdb->prepare($query, $history_id));381 WHERE id = %d", $history_id); 382 $user_id = $wpdb->get_var( $query ); 383 383 384 384 $employee = new \WPHR\HR_MANAGER\HRM\Employee( intval( $user_id ) ); … … 428 428 429 429 global $wpdb; 430 $query = "SELECT user_id430 $query = $wpdb->prepare("SELECT user_id 431 431 FROM {$wpdb->prefix}wphr_hr_employee_history 432 WHERE id = %d" ;433 $user_id = $wpdb->get_var( $ wpdb->prepare($query, $history_id));432 WHERE id = %d", $history_id); 433 $user_id = $wpdb->get_var( $query ); 434 434 435 435 $employee = new \WPHR\HR_MANAGER\HRM\Employee( intval( $user_id ) ); … … 479 479 480 480 global $wpdb; 481 $query = "SELECT user_id481 $query = $wpdb->prepare("SELECT user_id 482 482 FROM {$wpdb->prefix}wphr_hr_employee_history 483 WHERE id = %d" ;484 $user_id = $wpdb->get_var( $ wpdb->prepare($query, $history_id));483 WHERE id = %d", $history_id); 484 $user_id = $wpdb->get_var( $query ); 485 485 486 486 $employee = new \WPHR\HR_MANAGER\HRM\Employee( intval( $user_id ) ); -
wp-hr-manager/trunk/modules/hrm/includes/functions-leave.php
r2485387 r2500839 146 146 } ); 147 147 $results = $leave_requests->get()->toArray(); 148 $query = "select * from `{$wpdb->prefix}wphr_hr_leave_requests` where `status` in (1, 2) and `user_id` = {$user_id} and ( `start_date` BETWEEN '{$start_dateTime}' AND '{$end_dateTime}' OR `end_date` BETWEEN '{$start_dateTime}' AND '{$end_dateTime}' )";148 $query = $wpdb->prepare("select * from `{$wpdb->prefix}wphr_hr_leave_requests` where `status` in (1, 2) and `user_id` = %1$d and ( `start_date` BETWEEN %2$s AND %3$s OR `end_date` BETWEEN %4$s AND %5$s )", $user_id, $start_dateTime, $end_dateTime, $start_dateTime, $end_dateTime ); 149 149 $results2 = $wpdb->get_results( $query ); 150 150 $exist = array(); … … 1300 1300 $requests = wp_cache_get( $cache_key, 'wphr' ); 1301 1301 $limit = ( $args['number'] == '-1' ? '' : 'LIMIT %d, %d' ); 1302 $sql = "SELECT req.id, req.user_id, u.display_name, req.policy_id, pol.name as policy_name, req.status, req.reason, req.comments, req.created_on, req.days, req.start_date, req.end_date\r\n FROM {$wpdb->prefix}wphr_hr_leave_requests AS req\r\n LEFT JOIN {$wpdb->prefix}wphr_hr_leave_policies AS pol ON pol.id = req.policy_id\r\n LEFT JOIN {$wpdb->users} AS u ON req.user_id = u.ID\r\n {$where}\r\n ORDER BY {$args['orderby']} {$args['order']}\r\n {$limit}"; 1302 $table_name = $wpdb->prefix.'wphr_hr_leave_requests'; 1303 $sql = "SELECT req.id, req.user_id, u.display_name, req.policy_id, pol.name as policy_name, req.status, req.reason, req.comments, req.created_on, req.days, req.start_date, req.end_date FROM %1$s LEFT JOIN {$wpdb->prefix}wphr_hr_leave_policies AS pol ON pol.id = req.policy_id LEFT JOIN {$wpdb->users} AS u ON req.user_id = u.ID %2$s ORDER BY %3$s %4$s {$limit}"; 1303 1304 1304 1305 if ( $requests === false ) { 1305 1306 1306 1307 if ( $args['number'] == '-1' ) { 1307 $requests = $wpdb->get_results( $ sql);1308 $requests = $wpdb->get_results( $wpdb->prepare( $sql, $table_name, $where, $args['orderby'], $args['order'] ) ); 1308 1309 } else { 1309 $requests = $wpdb->get_results( $wpdb->prepare( $sql, absint( $args['offset'] ), absint( $args['number'] ) ) );1310 $requests = $wpdb->get_results( $wpdb->prepare( $sql, $table_name, $where, $args['orderby'], $args['order'], absint( $args['offset'] ), absint( $args['number'] ) ) ); 1310 1311 } 1311 1312 … … 1346 1347 1347 1348 if ( $status == 4 ) { 1348 $sql2 = "SELECT COUNT(id) as num FROM {$wpdb->prefix}wphr_hr_leave_requests WHERE status = 1 AND is_archived = 1 {$user_id_in}GROUP BY status;";1349 $archived_cnt = $wpdb->get_row( $ sql2);1349 $sql2 = "SELECT COUNT(id) as num FROM {$wpdb->prefix}wphr_hr_leave_requests WHERE status = 1 AND is_archived = 1 %s GROUP BY status;"; 1350 $archived_cnt = $wpdb->get_row( $wpdb->prepare( $sql2, $user_id_in ) ); 1350 1351 if ( $archived_cnt ) { 1351 1352 $counts[$status] = array( … … 1355 1356 } 1356 1357 } elseif ( $status == 1 ) { 1357 $sql3 = "SELECT COUNT(id) as num FROM {$wpdb->prefix}wphr_hr_leave_requests WHERE status = 1 AND is_archived = 0 {$user_id_in}GROUP BY status;";1358 $approved_cnt = $wpdb->get_row( $ sql3);1358 $sql3 = "SELECT COUNT(id) as num FROM {$wpdb->prefix}wphr_hr_leave_requests WHERE status = 1 AND is_archived = 0 %s GROUP BY status;"; 1359 $approved_cnt = $wpdb->get_row( $wpdb->prepare( $sql3, $user_id_in ) ); 1359 1360 if ( $approved_cnt ) { 1360 1361 $counts[$status] = array( … … 1368 1369 1369 1370 if ( false === $results ) { 1370 $sql = "SELECT status, COUNT(id) as num FROM {$wpdb->prefix}wphr_hr_leave_requests WHERE status != 0 {$user_id_in}GROUP BY status;";1371 $results = $wpdb->get_results( $ sql);1371 $sql = "SELECT status, COUNT(id) as num FROM {$wpdb->prefix}wphr_hr_leave_requests WHERE status != 0 %s GROUP BY status;"; 1372 $results = $wpdb->get_results( $wpdb->prepare( $sql, $user_id_in ) ); 1372 1373 wp_cache_set( $cache_key, $results, 'wphr' ); 1373 1374 } … … 1572 1573 $where .= " AND en.policy_id = " . intval( $args['policy_id'] ); 1573 1574 } 1574 $query = "SELECT en.*, u.display_name as employee_name, pol.name as policy_name \r\n FROM `{$wpdb->prefix}wphr_hr_leave_entitlements` AS en\r\n LEFT JOIN {$wpdb->prefix}wphr_hr_leave_policies AS pol ON pol.id = en.policy_id\r\n LEFT JOIN {$wpdb->users} AS u ON en.user_id = u.ID\r\n {$where}\r\n ORDER BY {$args['orderby']} {$args['order']}\r\n LIMIT %d,%d;";1575 $sql = $wpdb->prepare( $query, absint( $args['offset'] ), absint( $args['number'] ) );1575 $query = "SELECT en.*, u.display_name as employee_name, pol.name as policy_name FROM {$wpdb->prefix}wphr_hr_leave_entitlements AS en LEFT JOIN {$wpdb->prefix}wphr_hr_leave_policies AS pol ON pol.id = en.policy_id LEFT JOIN {$wpdb->users} AS u ON en.user_id = u.ID %1$s ORDER BY %2$s %3$s LIMIT %4$d,%5$d"; 1576 $sql = $wpdb->prepare( $query, $where, $args['orderby'], $args['order'], absint( $args['offset'] ), absint( $args['number'] ) ); 1576 1577 $results = $wpdb->get_results( $sql ); 1577 1578 return $results; … … 1758 1759 $query = "SELECT req.id, req.days, req.policy_id, req.start_date, req.end_date, en.days as entitlement"; 1759 1760 $query .= " FROM {$wpdb->prefix}wphr_hr_leave_requests AS req"; 1760 $query .= " LEFT JOIN {$wpdb->prefix}wphr_hr_leave_entitlements as en on (req.user_id = en.user_id and req.policy_id = en.policy_id and en.from_date >= '{$financial_start_date}')";1761 $query .= " WHERE req.status = 1 and req.user_id = % d AND ( req.start_date >= '{$financial_start_date}' AND req.end_date <= '{$financial_end_date}')";1762 $sql = $wpdb->prepare( $query, $ user_id);1761 $query .= " LEFT JOIN {$wpdb->prefix}wphr_hr_leave_entitlements as en on (req.user_id = en.user_id and req.policy_id = en.policy_id and en.from_date >= %1$s )"; 1762 $query .= " WHERE req.status = 1 and req.user_id = %2$d AND ( req.start_date >= %3$s AND req.end_date <= %4$s )"; 1763 $sql = $wpdb->prepare( $query, $financial_start_date, $user_id, $financial_start_date, $financial_end_date ); 1763 1764 $results = $wpdb->get_results( $sql ); 1764 1765 $temp = []; -
wp-hr-manager/trunk/readme.txt
r2485596 r2500839 5 5 Tags: HR, Human Resources, Attendance Management, Recruitment, Leave, Employee Self Service, ESS, People Management 6 6 Requires at least: 5.0 7 Tested up to: 5. 6.28 Stable tag: 2.9. 47 Tested up to: 5.7 8 Stable tag: 2.9.5 9 9 License: GPLv2 10 10 Donate Link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=GLKGN964GRZJW … … 191 191 192 192 == Changelog == 193 = v2.9.5 -> 22 March 2021 194 * Fixed All Security Issues 195 * Update - Freemius SDK updated to Version 2.4.2 196 193 197 = v2.9.4 -> 03 March 2021 194 198 * Fixed All Security Issues -
wp-hr-manager/trunk/wp-hr-manager.php
r2485596 r2500839 7 7 * Author: Black and White Digital Ltd 8 8 * Author URI: http://www.wphrmanager.com 9 * Version: 2.9. 49 * Version: 2.9.5 10 10 * Requires at least: 5 11 11 * License: GPLv2
Note: See TracChangeset
for help on using the changeset viewer.