Added inactive timesheet printing. Fixed some date/time calcuations and adjusted the view for the default dashboard.

application/controllers/accountsController.php

@@ -73,7 +73,85 @@ class accountsController extends Staple_Controller
         {
             $this->view->form = $form;
         }
+    }
+
+    public function edit($id = null)
+    {
+        if($id != null)
+        {
+            $this->view->id = $id;
+            $user = new accountModel();
+
+            $form = new editAccountForm();
+            $form->setAction($this->_link(array('accounts','edit',$id)));
+            $form->addData($user->load($id));
+
+            if($form->wasSubmitted())
+            {
+                $form->addData($_POST);
+                if($form->validate())
+                {
+                    $data = $form->exportFormData();
+
+                    $user = new accountModel();
+                    $user->setId($id);
+                    $user->setFirstName($data['firstName']);
+                    $user->setLastName($data['lastName']);
+                    $user->setUsername($data['username']);
+                    $user->setSupervisorId($data['supervisor']);
+                    $user->setType($data['type']);
+                    $user->setAuthLevel($data['level']);
+                    $user->setStatus($data['status']);
 
+                    if($user->save())
+                    {
+                        $this->view->successMessage = array("Changes saved");
+                        $form = new editAccountForm();
+                        $form->addData($user->load($id));
+                        $this->view->form = $form;
+                    }
+                    else
+                    {
+                        $this->view->errorMessage = array("User Name already being used. Please try a different User Name");
+                        $form->view->form = $form;
+                    }
+
+                }
+                else
+                {
+                    $this->view->form = $form;
+                }
+            }
+            else
+            {
+                $this->view->form = $form;
+            }
+
+        }
+        else
+        {
+            header("location: ".$this->_link(array('accounts'))."");
+        }
+    }
+
+    public function resetpin($id = null)
+    {
+        if($id != null)
+        {
+            $user = new accountModel();
+            if($user->resetpin($id))
+            {
+                $this->view->tempPin = $user->getTempPin();
+            }
+            else
+            {
+                echo "Unable to reset PIN.";
+            }
+        }
+        else
+        {
+            header("location: ".$this->_link("accounts")."");
+        }
     }
 
     public function inactive()

application/controllers/indexController.php

@@ -15,12 +15,25 @@ class indexController extends Staple_Controller
 	{
 		$this->view->authLevel = $this->authLevel;
 
-		$messages = array("The library will be closed on Monday for whatever reason. Just remember to not come in!");
-		//$this->view->messages = $messages;
+		$messages = array();
+		$this->view->messages = $messages;
 
-		$timesheet = new timesheetModel(date('Y'),date('m'));
+		$date = new DateTime();
+		$date->setTime(0,0,0);
+
+		if($date->format('d') >= 26)
+		{
+			$date->modify('+1 month');
+		}
+
+		$date->setDate($date->format('Y'),$date->format('m'),1);
+
+		$timesheet = new timesheetModel($date->format('Y'),$date->format('m'));
 		$this->view->timesheet = $timesheet;
 
+		$this->view->year = $date->format('Y');
+		$this->view->month = $date->format('F');
+
 		$date = new DateTime();
 		$week = $date->format('W');
 		$year = $date->format('Y');

application/controllers/reportsController.php

@@ -60,28 +60,28 @@ class reportsController extends Staple_Controller
         $date->setDate($year, $month, 1);
         $this->view->monthName = $date->format('F');
 
-        $printTimeSheetForm = new printTimeSheetForm();
-        $printTimeSheetForm->setAction($this->_link(array("reports",$year,$month)));
-        if($printTimeSheetForm->wasSubmitted())
+        $printActiveTimeSheetForm = new printActiveTimeSheetForm();
+        $printActiveTimeSheetForm->setAction($this->_link(array("reports",$year,$month)));
+        if($printActiveTimeSheetForm->wasSubmitted())
         {
-            $printTimeSheetForm->addData($_POST);
-            if($printTimeSheetForm->validate())
+            $printActiveTimeSheetForm->addData($_POST);
+            if($printActiveTimeSheetForm->validate())
             {
-                $data = $printTimeSheetForm->exportFormData();
+                $data = $printActiveTimeSheetForm->exportFormData();
 
                 $this->layout->addScriptBlock("
                     window.open('".$this->_link(array("reports","printpreview",$year,$month,$data['account']))."');
                     ");
-                $this->view->printTimeSheetForm = $printTimeSheetForm;
+                $this->view->printTimeSheetForm = $printActiveTimeSheetForm;
             }
             else
             {
-                $this->view->printTimeSheetForm = $printTimeSheetForm;
+                $this->view->printTimeSheetForm = $printActiveTimeSheetForm;
             }
         }
         else
         {
-            $this->view->printTimeSheetForm = $printTimeSheetForm;
+            $this->view->printTimeSheetForm = $printActiveTimeSheetForm;
         }
     }
 
@@ -390,4 +390,72 @@ class reportsController extends Staple_Controller
             header("location:".$this->_link(array('reports','payroll'))."");
         }
     }
+
+    public function inactive($year = null, $month = null)
+    {
+        if ($year == null) {
+            $year = date('Y');
+        }
+
+        if ($month == null) {
+            $month = date('m');
+        }
+
+        $date = new DateTime();
+        $date->setDate($year,$month,26);
+        $date->setTime(0,0,0);
+
+        $this->view->year = $date->format('Y');
+
+        $this->view->date = $date->format("F Y");
+
+        $date->modify('+1 year');
+        $this->view->nextYear = $date->format('Y');
+
+        $date->modify('-2 year');
+        $this->view->previousYear = $date->format('Y');
+
+        $date->modify('+1 year');
+
+        $month = $date->format('m');
+        $this->view->month = $month;
+
+        $date->modify('-1 month');
+        $this->view->previousMonth = $date->format('m');
+        $date->modify('+2 month');
+        $this->view->nextMonth = $date->format('m');
+
+        $report = new reportModel($year, $month,1);
+        $this->view->report = $report->getTimesheets();
+
+        $this->view->accountLevel = $this->authLevel;
+
+        $date = new DateTime();
+        $date->setDate($year, $month, 1);
+        $this->view->monthName = $date->format('F');
+
+        $printInactiveTimeSheetForm = new printInactiveTimeSheetForm();
+        $printInactiveTimeSheetForm->setAction($this->_link(array("reports","inactive",$year,$month)));
+        if($printInactiveTimeSheetForm->wasSubmitted())
+        {
+            $printInactiveTimeSheetForm->addData($_POST);
+            if($printInactiveTimeSheetForm->validate())
+            {
+                $data = $printInactiveTimeSheetForm->exportFormData();
+
+                $this->layout->addScriptBlock("
+                    window.open('".$this->_link(array("reports","printpreview",$year,$month,$data['account']))."');
+                    ");
+                $this->view->printTimeSheetForm = $printInactiveTimeSheetForm;
+            }
+            else
+            {
+                $this->view->printTimeSheetForm = $printInactiveTimeSheetForm;
+            }
+        }
+        else
+        {
+            $this->view->printTimeSheetForm = $printInactiveTimeSheetForm;
+        }
+    }
 }

application/controllers/timesheetController.php

@@ -294,8 +294,9 @@ class timesheetController extends Staple_Controller
                         $startYear = date('Y');
                     }
 
-                    $endMonth = date('m');
-                    $endYear = date('Y');
+                    $date = new DateTime();
+                    $endMonth = $date->modify('+1 month')->format('m');
+                    $endYear = $date->format('Y');
 
                     $startDate= strtotime($startMonth.'/26/'.$startYear);
                     $endDate = strtotime($endMonth.'/25/'.$endYear);

application/forms/editAccountForm.php

@@ -0,0 +1,77 @@
+<?php
+
+class editAccountForm extends Staple_Form
+{
+    public function _start()
+    {
+        $this->setLayout('editAccountFormLayout');
+        $this->setName('editAccount');
+
+        $firstName = new Staple_Form_FoundationTextElement('firstName','First Name');
+        $firstName->setRequired()
+            ->addValidator(new Staple_Form_Validate_Length(1,40));
+
+        $lastName = new Staple_Form_FoundationTextElement('lastName','Last Name');
+        $lastName->setRequired()
+            ->addValidator(new Staple_Form_Validate_Length(1,40));
+
+        $userName = new Staple_Form_FoundationTextElement('username','User Name');
+        $userName->setRequired()
+            ->addValidator(new Staple_Form_Validate_Length(1,40));
+
+        $supervisor = new Staple_Form_FoundationSelectElement('supervisor','Supervisor');
+        $supervisor->setRequired()
+            ->addOption("0","Select an account")
+            ->addOptionsArray($this->accounts())
+            ->addValidator(new Staple_Form_Validate_InArray($this->accounts(1)));
+
+        $type = new Staple_Form_FoundationSelectElement('type','Account Type');
+        $type->setRequired()
+            ->addOption("","Select an account")
+            ->addOptionsArray(array("part"=>"Part Time","full"=>"Full Time"))
+            ->addValidator(new Staple_Form_Validate_InArray(array("part","full")));
+
+        $level = new Staple_Form_FoundationSelectElement('level','Account Level');
+        $level->setRequired()
+            ->addOption("","Select a level")
+            ->addOptionsArray(array("100"=>"Standard User","500"=>"Supervisor","900"=>"Administrator"))
+            ->addValidator(new Staple_Form_Validate_InArray(array("100","500","900")));
+
+        $status = new Staple_Form_FoundationSelectElement('status','Account Status');
+        $status->setRequired()
+            ->addOption("","Select a status")
+            ->addOptionsArray(array("1"=>"Enabled","0"=>"Disabled"))
+            ->addValidator(new Staple_Form_Validate_InArray(array("1","0")));
+
+        $submit = new Staple_Form_FoundationSubmitElement('submit','Save');
+        $submit->addClass('button radius expand');
+
+        $this->addField($firstName, $lastName, $userName, $supervisor, $type, $level, $status, $submit);
+    }
+
+    public function accounts($ids = null)
+    {
+        $accounts = new userModel();
+        $users = $accounts->listAll();
+        $data = array();
+
+        foreach($users as $user)
+        {
+            if($user['authLevel'] >= 500)
+            {
+                if($ids == 1)
+                {
+                    $data[] = $user['id'];
+                }
+                else
+                {
+                    $data[$user['id']] = $user['lastName'].", ".$user['firstName']."";
+                }
+            }
+        }
+
+        return $data;
+    }
+}
+
+?>

application/forms/layouts/editAccountFormLayout.phtml

@@ -0,0 +1,60 @@
+<div class="row">
+    <?php
+    if(count($this->errorMessage) > 0)
+    {
+
+        echo "<div data-alert class=\"alert-box warning\">";
+        foreach($this->errorMessage as $message)
+        {
+            echo $message;
+        }
+        echo "<a href=\"#\" class=\"close\">&times;</a></div>";
+
+    }
+
+    if(count($this->successMessage) > 0)
+    {
+
+        echo "<div data-alert class=\"alert-box success\">";
+        foreach($this->successMessage as $message)
+        {
+            echo $message;
+        }
+        echo "<a href=\"#\" class=\"close\">&times;</a></div>";
+
+    }
+    ?>
+</div>
+<?php echo $this->formstart(); ?>
+<div class="row">
+    <div class="small-12 medium-4 columns">
+        <?php echo $this->fields['firstName'] ?>
+    </div>
+    <div class="small-12 medium-4 columns">
+        <?php echo $this->fields['lastName'] ?>
+    </div>
+    <div class="small-12 medium-4 columns">
+        <?php echo $this->fields['username'] ?>
+    </div>
+</div>
+<div class="row">
+    <div class="small-12 medium-4 columns">
+        <?php echo $this->fields['supervisor'] ?>
+    </div>
+    <div class="small-12 medium-4 columns">
+        <?php echo $this->fields['type'] ?>
+    </div>
+    <div class="small-12 medium-4 columns">
+        <?php echo $this->fields['level'] ?>
+    </div>
+</div>
+<div class="row">
+    <div class="small-12 medium-4 columns">
+        <?php echo $this->fields['status'] ?>
+    </div>
+    <div class="small-12 medium-4 columns end text-center">
+        <br>
+        <?php echo $this->fields['submit'] ?>
+    </div>
+</div>
+<?php echo $this->formend(); ?>

application/forms/printActiveTimeSheetForm.php

@@ -0,0 +1,76 @@
+<?php
+
+class printActiveTimeSheetForm extends Staple_Form
+{
+    public function _start()
+    {
+        //$this->setLayout('');
+
+        $this->setName('printActiveTimeSheet')
+            ->setAction($this->link(array('reports','inactive')));
+
+        $account = new Staple_Form_FoundationSelectElement('account','Select an account');
+        $account->setRequired()
+            ->addOption('','Select an account')
+            ->addOptionsArray($this->accounts())
+            ->addValidator(new Staple_Form_Validate_InArray($this->accounts(1)));
+
+        $submit = new Staple_Form_FoundationSubmitElement('submit','Submit');
+        $submit->addClass('button expand radius');
+
+        $this->addField($account,$submit);
+    }
+
+    function accounts($ids = null)
+    {
+        $user = new userModel();
+        $id = $user->getId();
+        $authLevel = $user->getAuthLevel();
+
+        $accounts = new userModel();
+        $users = $accounts->listActive();
+        $data = array();
+        if($ids == null)
+        {
+            if(count($users) > 0)
+            {
+                foreach($users as $user)
+                {
+
+                    if($user['type'] == 'part')
+                    {
+                        $type = 'Part Time';
+                    }
+
+                    if($user['type'] == 'full')
+                    {
+                        $type = 'Full Time';
+                    }
+
+                    if($user['supervisorId'] == $id)
+                    {
+                        $data[$user['id']] = $user['lastName'].", ".$user['firstName']." ($type)";
+                    }
+                    elseif($authLevel >= 900)
+                    {
+                        $data[$user['id']] = $user['lastName'].", ".$user['firstName']." ($type)";
+                    }
+                }
+            }
+        }
+        else
+        {
+            if(count($users) > 0)
+            {
+                foreach ($users as $user)
+                {
+                    $data[] = $user['id'];
+                }
+            }
+        }
+
+        return $data;
+    }
+}
+
+?>

application/forms/printInactiveTimeSheetForm.php

@@ -0,0 +1,76 @@
+<?php
+
+class printInactiveTimeSheetForm extends Staple_Form
+{
+    public function _start()
+    {
+        //$this->setLayout('');
+
+        $this->setName('printInactiveTimeSheet')
+            ->setAction($this->link(array('reports','inactive')));
+
+        $account = new Staple_Form_FoundationSelectElement('account','Select an account');
+        $account->setRequired()
+            ->addOption('','Select an account')
+            ->addOptionsArray($this->accounts())
+            ->addValidator(new Staple_Form_Validate_InArray($this->accounts(1)));
+
+        $submit = new Staple_Form_FoundationSubmitElement('submit','Submit');
+        $submit->addClass('button expand radius');
+
+        $this->addField($account,$submit);
+    }
+
+    function accounts($ids = null)
+    {
+        $user = new userModel();
+        $id = $user->getId();
+        $authLevel = $user->getAuthLevel();
+
+        $accounts = new userModel();
+        $users = $accounts->listInactive();
+        $data = array();
+        if($ids == null)
+        {
+            if(count($users) > 0)
+            {
+                foreach($users as $user)
+                {
+
+                    if($user['type'] == 'part')
+                    {
+                        $type = 'Part Time';
+                    }
+
+                    if($user['type'] == 'full')
+                    {
+                        $type = 'Full Time';
+                    }
+
+                    if($user['supervisorId'] == $id)
+                    {
+                        $data[$user['id']] = $user['lastName'].", ".$user['firstName']." ($type)";
+                    }
+                    elseif($authLevel >= 900)
+                    {
+                        $data[$user['id']] = $user['lastName'].", ".$user['firstName']." ($type)";
+                    }
+                }
+            }
+        }
+        else
+        {
+            if(count($users) > 0)
+            {
+                foreach ($users as $user)
+                {
+                    $data[] = $user['id'];
+                }
+            }
+        }
+
+        return $data;
+    }
+}
+
+?>

application/forms/printTimeSheetForm.php

@@ -1,70 +0,0 @@
-<?php
-
-class printTimeSheetForm extends Staple_Form
-{
-    public function _start()
-    {
-        //$this->setLayout('');
-
-        $this->setName('printTimeSheet')
-            ->setAction($this->link(array('reports')));
-
-        $account = new Staple_Form_FoundationSelectElement('account','Select an account');
-        $account->setRequired()
-            ->addOption('','Select an account')
-            ->addOptionsArray($this->accounts())
-            ->addValidator(new Staple_Form_Validate_InArray($this->accounts(1)));
-
-        $submit = new Staple_Form_FoundationSubmitElement('submit','Submit');
-        $submit->addClass('button expand radius');
-
-        $this->addField($account,$submit);
-    }
-
-    function accounts($ids = null)
-    {
-        $user = new userModel();
-        $id = $user->getId();
-        $authLevel = $user->getAuthLevel();
-
-        $accounts = new userModel();
-        $users = $accounts->listAll();
-        $data = array();
-        if($ids == null)
-        {
-            foreach($users as $user)
-            {
-
-                if($user['type'] == 'part')
-                {
-                    $type = 'Part Time';
-                }
-
-                if($user['type'] == 'full')
-                {
-                    $type = 'Full Time';
-                }
-
-                if($user['supervisorId'] == $id)
-                {
-                    $data[$user['id']] = $user['lastName'].", ".$user['firstName']." ($type)";
-                }
-                elseif($authLevel >= 900)
-                {
-                    $data[$user['id']] = $user['lastName'].", ".$user['firstName']." ($type)";
-                }
-            }
-        }
-        else
-        {
-            foreach($users as $user)
-            {
-                $data[] = $user['id'];
-            }
-        }
-
-        return $data;
-    }
-}
-
-?>

application/models/accountModel.php

@@ -17,6 +17,14 @@ class accountModel extends Staple_Model
     private $type;
     private $status;
 
+    /**
+     * @return mixed
+     */
+    public function getId()
+    {
+        return $this->id;
+    }
+
     /**
      * @param mixed $id
      */
@@ -25,6 +33,14 @@ class accountModel extends Staple_Model
         $this->id = $id;
     }
 
+    /**
+     * @return mixed
+     */
+    public function getUsername()
+    {
+        return $this->username;
+    }
+
     /**
      * @param mixed $username
      */
@@ -33,6 +49,14 @@ class accountModel extends Staple_Model
         $this->username = $username;
     }
 
+    /**
+     * @return mixed
+     */
+    public function getPassword()
+    {
+        return $this->password;
+    }
+
     /**
      * @param mixed $password
      */
@@ -41,6 +65,14 @@ class accountModel extends Staple_Model
         $this->password = $password;
     }
 
+    /**
+     * @return mixed
+     */
+    public function getPin()
+    {
+        return $this->pin;
+    }
+
     /**
      * @param mixed $pin
      */
@@ -49,6 +81,30 @@ class accountModel extends Staple_Model
         $this->pin = $pin;
     }
 
+    /**
+     * @return mixed
+     */
+    public function getTempPin()
+    {
+        return $this->tempPin;
+    }
+
+    /**
+     * @param mixed $tempPin
+     */
+    public function setTempPin($tempPin)
+    {
+        $this->tempPin = $tempPin;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getFirstName()
+    {
+        return $this->firstName;
+    }
+
     /**
      * @param mixed $firstName
      */
@@ -57,6 +113,14 @@ class accountModel extends Staple_Model
         $this->firstName = $firstName;
     }
 
+    /**
+     * @return mixed
+     */
+    public function getLastName()
+    {
+        return $this->lastName;
+    }
+
     /**
      * @param mixed $lastName
      */
@@ -65,6 +129,14 @@ class accountModel extends Staple_Model
         $this->lastName = $lastName;
     }
 
+    /**
+     * @return mixed
+     */
+    public function getAuthLevel()
+    {
+        return $this->authLevel;
+    }
+
     /**
      * @param mixed $authLevel
      */
@@ -73,6 +145,14 @@ class accountModel extends Staple_Model
         $this->authLevel = $authLevel;
     }
 
+    /**
+     * @return mixed
+     */
+    public function getBatchId()
+    {
+        return $this->batchId;
+    }
+
     /**
      * @param mixed $batchId
      */
@@ -82,51 +162,51 @@ class accountModel extends Staple_Model
     }
 
     /**
-     * @param mixed $supervisorId
+     * @return mixed
      */
-    public function setSupervisorId($supervisorId)
+    public function getSupervisorId()
     {
-        $this->supervisorId = $supervisorId;
+        return $this->supervisorId;
     }
 
     /**
-     * @param mixed $type
+     * @param mixed $supervisorId
      */
-    public function setType($type)
+    public function setSupervisorId($supervisorId)
     {
-        $this->type = $type;
+        $this->supervisorId = $supervisorId;
     }
 
     /**
-     * @param mixed $status
+     * @return mixed
      */
-    public function setStatus($status)
+    public function getType()
     {
-        $this->status = $status;
+        return $this->type;
     }
 
     /**
-     * @return mixed
+     * @param mixed $type
      */
-    public function getTempPin()
+    public function setType($type)
     {
-        return $this->tempPin;
+        $this->type = $type;
     }
 
     /**
      * @return mixed
      */
-    public function getFirstName()
+    public function getStatus()
     {
-        return $this->firstName;
+        return $this->status;
     }
 
     /**
-     * @return mixed
+     * @param mixed $status
      */
-    public function getLastName()
+    public function setStatus($status)
     {
-        return $this->lastName;
+        $this->status = $status;
     }
 
     function __construct()
@@ -135,12 +215,52 @@ class accountModel extends Staple_Model
 
     }
 
+    function load($id)
+    {
+        $sql = "SELECT id, username, firstName, lastName, authLevel, batchId, supervisorId, type, status FROM accounts WHERE id = '".$this->db->real_escape_string($id)."'";
+        $query = $this->db->query($sql);
+        $result = $query->fetch_assoc();
+
+        $data = array();
+
+        $data['id'] = $result['id'];
+        $data['username'] = $result['username'];
+        $data['firstName'] = $result['firstName'];
+        $data['lastName'] = $result['lastName'];
+        $data['level'] = $result['authLevel'];
+        $data['supervisor'] = $result['supervisorId'];
+        $data['type'] = $result['type'];
+        $data['status'] = $result['status'];
+
+        return $data;
+    }
+
     function save()
     {
         if(isset($this->id))
         {
-            //Edit user
+            //Check if username already exists
+            $sql = "SELECT username FROM accounts WHERE username = '".$this->db->real_escape_string($this->username)."' AND id <> '".$this->db->real_escape_string($this->id)."'";
+            $query = $this->db->query($sql);
+            if($query->num_rows == 0)
+            {
+                $sql = "
+                    UPDATE accounts SET
+                    username = '".$this->db->real_escape_string($this->username)."',
+                    firstName = '".$this->db->real_escape_string($this->firstName)."',
+                    lastName = '".$this->db->real_escape_string($this->lastName)."',
+                    authLevel = '".$this->db->real_escape_string($this->authLevel)."',
+                    supervisorId = '".$this->db->real_escape_string($this->supervisorId)."',
+                    type = '".$this->db->real_escape_string($this->type)."',
+                    status = '".$this->db->real_escape_string($this->status)."'
+                    WHERE id = '".$this->db->real_escape_string($this->id)."'
+                ";
 
+                if($this->db->query($sql))
+                {
+                    return true;
+                }
+            }
         }
         else
         {
@@ -184,7 +304,19 @@ class accountModel extends Staple_Model
 
                 if($this->db->query($sql))
                 {
+                    $id = $this->db->insert_id;
+
                     $this->tempPin = $pin;
+
+                    $account = new userModel();
+                    $userInfo = $account->userInfo($id);
+
+                    $audit = new auditModel();
+                    $audit->setUserId($userInfo['id']);
+                    $audit->setAction('New Account Created');
+                    $audit->setItem($account->getUsername()." created account.");
+                    $audit->save();
+
                     return true;
                 }
             }
@@ -214,5 +346,27 @@ class accountModel extends Staple_Model
             $this->generatePin();
         }
     }
+
+    function resetPin($id)
+    {
+        $pin = $this->generatePin();
+        $this->tempPin = $pin;
+
+        $sql = "UPDATE accounts SET pin='".$this->db->real_escape_string(sha1($pin))."' WHERE id = '".$this->db->real_escape_string($id)."'";
+
+        if($this->db->query($sql))
+        {
+            $account = new userModel();
+            $userInfo = $account->userInfo($id);
+
+            $audit = new auditModel();
+            $audit->setUserId($userInfo['id']);
+            $audit->setAction('PIN Reset');
+            $audit->setItem($account->getUsername()." reset users PIN.");
+            $audit->save();
+
+            return true;
+        }
+    }
 }
 ?>

application/models/reportModel.php

@@ -20,39 +20,70 @@ class reportModel extends Staple_Model
         $this->timesheets = $timesheets;
     }
 
-    function __construct($year, $month)
+    function __construct($year, $month, $inactive = null)
     {
         $this->db = Staple_DB::get();
-        $staffIds = $this->getStaffIds();
+
+        if($inactive != null)
+        {
+            $staffIds = $this->getStaffIds(1);
+        }
+        else
+        {
+            $staffIds = $this->getStaffIds();
+        }
 
         $data = array();
 
-        foreach($staffIds as $key => $value)
+        if(count($staffIds) > 0)
         {
-            $data[$value] = $this->getTimesheet($key, $year, $month);
+            foreach($staffIds as $key => $value)
+            {
+                $data[$value] = $this->getTimesheet($key, $year, $month);
+            }
         }
 
         $this->timesheets = $data;
     }
 
-    function getStaffIds()
+    function getStaffIds($inactive = null)
     {
         $auth = Staple_Auth::get();
         $user = new userModel($auth->getAuthId());
         $userId = $user->getId();
         $authLevel = $user->getAuthLevel();
 
+        $data = array();
+
         if($authLevel >= 900)
         {
-            $sql = "
-            SELECT id, firstName, lastName FROM accounts WHERE status = 1 ORDER BY lastName ASC
-            ";
+            if($inactive == 1)
+            {
+                $sql = "
+                SELECT id, firstName, lastName FROM accounts WHERE status = 0 ORDER BY lastName ASC
+                ";
+            }
+            else
+            {
+                $sql = "
+                SELECT id, firstName, lastName FROM accounts WHERE status = 1 ORDER BY lastName ASC
+                ";
+            }
         }
         else
         {
-            $sql = "
-            SELECT id, firstName, lastName FROM accounts WHERE status = 1 AND supervisorId = '".$this->db->real_escape_string($userId)."' ORDER BY lastName ASC
-            ";
+            if($inactive == 1)
+            {
+                $sql = "
+                SELECT id, firstName, lastName FROM accounts WHERE status = 0 AND supervisorId = '" . $this->db->real_escape_string($userId) . "' ORDER BY lastName ASC
+                ";
+            }
+            else
+            {
+                $sql = "
+                SELECT id, firstName, lastName FROM accounts WHERE status = 1 AND supervisorId = '" . $this->db->real_escape_string($userId) . "' ORDER BY lastName ASC
+                ";
+            }
         }
 
         $query = $this->db->query($sql);

application/models/timeEntryModel.php

@@ -328,9 +328,6 @@
             $this->note = $note;
         }
 
-
-
-
 		function __construct($id = null)
 		{
             $this->db = Staple_DB::get();
@@ -438,7 +435,8 @@
                 //Check for admin account delete
                 if($accountLevel >= 900)
                 {
-                    $sql = "DELETE FROM timeEntries WHERE id = '".$this->db->real_escape_string($id)."' AND userId <> '".$this->db->real_escape_string($userId)."'";
+                    $sql = "DELETE FROM timeEntries WHERE id = '".$this->db->real_escape_string($id)."'";
+                    //AND userId <> '".$this->db->real_escape_string($userId)."'
                     if($this->db->query($sql))
                     {
                         $audit = new auditModel();

application/models/timesheetModel.php

@@ -322,22 +322,19 @@
 			$currentDate->setTime(0,0,0);
 			$currentDate->setDate($year, $month, 1);
 
-			//Just added for test. Might need to keep. Fixed the wrong
-			//$currentDate->setTime(0,0,0);
-
-
 			$this->currentYear = $currentDate->format('Y');
 			$this->currentMonth = $currentDate->format('m');
 			$this->currentMonthText = $currentDate->format('F');
 
-
 			$this->startDate = $currentDate->modify('-1 month +25 day')->format('Y-m-d');
-			$this->startDateTimeString = strtotime($this->startDate);
+			$this->startDateTimeString = $currentDate->format('U');
 
 			$currentDate->setDate($year, $month, 1);
+			$currentDate->modify('+24 day');
+			$currentDate->setTime(23,59,59);
 
-			$this->endDate = $currentDate->setTime(23,59.59)->modify('+25 day')->format('Y-m-d');
-			$this->endDateTimeString = strtotime($this->endDate);
+			$this->endDate = $currentDate->format('Y-m-d');
+			$this->endDateTimeString = $currentDate->format('U');
 
 			//Previous Dates
 			$previousDate = new DateTime();
@@ -457,8 +454,7 @@
 				$userId = $account['id'];
 			}
 
-			//$sql = "SELECT ROUND((TIME_TO_SEC(SEC_TO_TIME(SUM(outTime - inTime)-SUM(lessTime*60)))/3600)*4)/4 AS 'totalTime' FROM timeEntries WHERE inTime > UNIX_TIMESTAMP('$startDate 00:00:00') AND outTime < UNIX_TIMESTAMP('$endDate 23:59:59') AND userId = $userId AND codeId = $code;";
-			$sql = "SELECT inTime, outTime, lessTime FROM timeEntries WHERE inTime > UNIX_TIMESTAMP('$startDate 00:00:00') AND outTime < UNIX_TIMESTAMP('$endDate 0:0:0') AND userId = $userId AND codeId = $code;";
+			$sql = "SELECT inTime, outTime, lessTime FROM timeEntries WHERE inTime > UNIX_TIMESTAMP('$startDate 00:00:00') AND outTime < UNIX_TIMESTAMP('$endDate 23:59:59') AND userId = $userId AND codeId = $code;";
 
 			if($this->db->query($sql)->fetch_row() > 0)
 			{
@@ -507,7 +503,6 @@
 
 		function nearestQuarterHour($time)
 		{
-			//$time = strtotime($time);
 			$round = 15*60;
 			$rounded = round($time/$round)*$round;
 

application/models/userModel.php

@@ -195,7 +195,7 @@
 
 		function listAll()
 		{
-			$sql = "SELECT id, username, firstName, lastName, authLevel, batchId, supervisorId, type, status FROM accounts ORDER BY type DESC, lastName ASC, firstName ASC";
+			$sql = "SELECT id, username, firstName, lastName, authLevel, batchId, supervisorId, type, status FROM accounts WHERE status = 1 ORDER BY lastName ASC, firstName ASC";
 			if($this->db->query($sql)->num_rows > 0)
 			{
 				$query = $this->db->query($sql);
@@ -211,7 +211,7 @@
 
 		function listActive()
 		{
-			$sql = "SELECT id, username, firstName, lastName, authLevel, batchId, supervisorId, type, status FROM accounts WHERE status = 1 ORDER BY type DESC, lastName ASC, firstName ASC";
+			$sql = "SELECT id, username, firstName, lastName, authLevel, batchId, supervisorId, type, status FROM accounts WHERE status = 1 ORDER BY lastName ASC, firstName ASC";
 			if($this->db->query($sql)->num_rows > 0)
 			{
 				$query = $this->db->query($sql);

application/views/accounts/edit.phtml

@@ -0,0 +1,61 @@
+<div class="section">
+    <div class="row">
+        <div class="small-6 columns">
+            <h1><i class="fa fa-users"></i> Edit Account <small></small></h1>
+        </div>
+        <div class="small-6 columns text-right">
+            <ul class="button-group round">
+                <li><a class="button secondary" href="<?php echo $this->link(array('accounts')) ?>">Back</a></li>
+                <li><a class="button" data-reveal-id="resetPin" href="#"><i class="fa fa-refresh"></i> Reset PIN</a></li>
+                <li><a class="button" data-reveal-id="resetPassword" href="#"><i class="fa fa-refresh"></i> Reset Password</a></li>
+            </ul>
+        </div>
+    </div>
+    <?php
+
+    if(count($this->successMessage) > 0)
+    {
+        echo "
+            <div class='row'>
+                <div class='small-12 columns text-center'>
+                    <div data-alert class='alert-box success radius'><i class='fa fa-check'></i> ";
+                    foreach($this->successMessage as $message)
+                    {
+                        echo "$message<br>";
+                    }
+        echo "
+                        <a href=\"#\" class=\"close\">&times;</a>
+                    </div>
+                </div>
+            </div>
+        ";
+    }
+
+    ?>
+    <div class="row">
+        <div class="small-12 columns">
+            <?php echo $this->form ?>
+        </div>
+    </div>
+</div>
+
+<div id="resetPin" class="reveal-modal small text-center" data-reveal aria-labelledby="Reset PIN" aria-hidden="true" role="dialog">
+    <h2 id="modalTitle">PIN Reset</h2>
+    <p class="lead">Confirm to reset users PIN</p>
+    <ul class="button-group round">
+        <a class="button warning" href="<?php echo $this->link(array('accounts','resetpin',$this->id)) ?>"><i class="fa fa-check"></i> Confirm PIN Reset</a>
+    </ul>
+    <a class="close-reveal-modal" aria-label="Close">&#215;</a>
+</div>
+
+<div id="resetPassword" class="reveal-modal small text-center" data-reveal aria-labelledby="Reset Password" aria-hidden="true" role="dialog">
+    <h2 id="modalTitle">Password Reset</h2>
+    <p class="lead">Confirm to reset users password</p>
+    <p class="lead">**Incomplete Feature**</p>
+    <div class="hide">
+    <ul class="button-group round">
+        <a class="button warning hide" href=""><i class="fa fa-check"></i> Confirm Password Reset</a>
+    </ul>
+    </div>
+    <a class="close-reveal-modal" aria-label="Close">&#215;</a>
+</div>

application/views/accounts/resetpin.phtml

@@ -0,0 +1,17 @@
+<div class="section">
+    <div class="row">
+        <div class="small-6 columns">
+            <h1><i class="fa fa-users"></i> PIN Rest <small></small></h1>
+        </div>
+        <div class="small-6 columns text-right">
+            <ul class="button-group round">
+                <li><a class="button secondary" href="<?php echo $this->link(array('accounts','inactive')) ?>">Back</a></li>
+            </ul>
+        </div>
+    </div>
+    <div class="row">
+        <div class="small-12 columns text-center">
+            <h2 class="subheader">New PIN: <?php echo $this->tempPin ?></h2>
+        </div>
+    </div>
+</div>

application/views/audit/index.phtml

@@ -5,7 +5,7 @@
         </div>
     </div>
     <div class="row">
-        <div class="small-3 columns">
+        <div class="small-3 columns" style="height:500px; overflow-y:scroll;">
             <h3><i class="fa fa-users"></i> Account</h3>
             <ul class="side-nav">
                 <?php
@@ -75,6 +75,7 @@
             }
 
             ?>
+
         </div>
         <div class="small-12 columns">
             <?php

application/views/index/index.phtml

@@ -16,48 +16,39 @@
         ";
     }
 ?>
-<div class="section info">
-        <?php
-        echo "
-            <div class=\"row\">
-                <div class='small-12 columns text-center'>
-                    <h2>Time submitted this week</h2>
-                    <p>".$this->week['start']['month']." ".$this->week['start']['day']." ".$this->week['year']." to ".$this->week['end']['month']." ".$this->week['end']['day']." ".$this->week['year']."</p>
-                </div>
-                <div class='small-12 columns text-center'>
-                    <h2>".$this->week['total']."</h2>
-                </div>
-                ";
 
-                if($this->unlockedTimes > 0)
-                {
-                    echo "
-                        <div class='row'>
-                            <div class='small-12 column text-center'>
-                                <a class='button radius success' href=\"".$this->link(array('timesheet','unlocked'))."\"><i class='fa fa-calendar'></i> Submit time for previous pay period</a>
-                            </div>
-                        </div>
+<div class="section">
+    <div class="row">
+        <div class="small-6 columns">
+            <div class="panel info">
+            <?php
+            echo "
+                <div class=\"row\">
+                    <div class='small-12 columns'>
+                        <h2>Time submitted this week</h2>
+                    </div>
+                    <div class='small-12 columns text-center'>
+                        <p>".$this->week['start']['month']." ".$this->week['start']['day']." ".$this->week['year']." to ".$this->week['end']['month']." ".$this->week['end']['day']." ".$this->week['year']."</p>
+                    </div>
+                    <div class='small-12 columns text-center'>
+                        <h2>".$this->week['total']."</h2>
+                    </div>
                     ";
-                }
-        echo "</div></div>";
+            echo "</div>";
+            ?>
+            </div>
+        </div>
+        <div class="small-6 columns">
+            <div class="panel">
+            <h2><?php echo $this->month." ".$this->year ?> <small> Hours Breakout</small></h2>
 
-        echo "<div class='section'>";
+            <?php
 
-        if($this->timesheet->totals['Total Time'] > 0)
-        {
-            echo "
-            <div class=\"row\">
-                <div class=\"small-12 columns\">
-                    <h2>".date('F')." ".date('Y')." <small> Hours</small></h2>
-                </div>
-            </div>";
-        }
-
-        foreach($this->timesheet->totals as $key=>$value)
-        {
-            if($value > 0)
-            {
-                echo "
+             foreach($this->timesheet->totals as $key=>$value)
+             {
+                 if($value > 0)
+                 {
+                     echo "
                     <div class='row'>
                         <div class='small-6 columns'>
                             <h4>$key</h4>
@@ -67,8 +58,24 @@
                         </div>
                     </div>
                 ";
-            }
-        }
-        ?>
+                 }
+             }
+
+             if($this->timesheet->totals['Total Time'] == 0)
+             {
+                 echo "
+                    <div class=\"row\">
+                        <div class=\"small-12 columns text-center\">
+                            <h4 class='subheader'>No time submitted</h4>
+                        </div>
+                    </div>
+                ";
+             }
+             ?>
+            </div>
+        </div>
+        <div class='small-12 columns text-center'>
+            <a class='button round' href="<?php echo $this->link(array('timesheet')) ?>"><i class='fa fa-clock-o'></i> Your Time Sheet</a>
+        </div>
     </div>
 </div>

application/views/reports/inactive.phtml

@@ -0,0 +1,252 @@
+<div class="section">
+    <div class="row">
+        <div class="small-7 columns">
+            <h1><i class="fa fa-file"></i>Time Sheets <small>Inactive</small></h1>
+        </div>
+        <div class="small-5 columns text-right">
+            <h1 class="subheader"><?php echo $this->monthName ?> <?php echo $this->year?></h1>
+        </div>
+    </div>
+    <div class="row">
+        <div class="small-12 columns">
+            <ul class="button-group radius even-5">
+                <?php
+
+                $year = $this->year;
+
+                if($this->month == 12)
+                {
+                    $year = $this->nextYear;
+                }
+
+                if($this->momth == 1)
+                {
+                    $year = $this->previousYear;
+                }
+
+
+                ?>
+
+                <li><a class="button small secondary" href="
+                    <?php
+                    switch ($this->month)
+                    {
+                        case 01:
+                            echo $this->link(array('reports','inactive',$this->previousYear, $this->previousMonth));
+                            break;
+                        default:
+                            echo $this->link(array('reports','inactive',$this->year, $this->previousMonth));
+                    }
+                    ?>
+                    "><i class="fa fa-caret-left"></i> Previous</a></li>
+                <li><a class="button small secondary" href="
+                    <?php
+                    switch ($this->month)
+                    {
+                        case 12:
+                            echo $this->link(array('reports','inactive',$this->nextYear, $this->nextMonth));
+                            break;
+                        default:
+                            echo $this->link(array('reports','inactive',$this->year, $this->nextMonth));
+                    }
+                    ?>
+                    ">Next <i class="fa fa-caret-right"></i></a></li>
+
+
+                <li><a id="showAll" class="button small secondary" href="#"><i class="fa fa-eye"></i> Show All</a></li>
+                <li><a id="hideAll" class="button small secondary" href="#"><i class="fa fa-eye-slash"></i> Hide All</a></li>
+                <li><a class="button small" data-reveal-id="print"  href="#"><i class="fa fa-print"></i> Print</a></li>
+            </ul>
+        </div>
+    </div>
+    <div class="row">
+        <div class="small-12 columns">
+            <?php
+
+            $i = 0;
+            foreach($this->report as $user=>$timesheet)
+            {
+                echo "<h3 id='user'.$i.'' class='timeTitle'>$user <i class='fa fa-chevron-down right'></i></h3>";
+                echo "
+        <div class=\"wrapper hide\">";
+
+                if(count($timesheet) > 0)
+                {
+                    echo"
+                    <table width='100%'>
+                        <thead>
+                        <tr>
+                            <th>Date</th>
+                            <th>In</th>
+                            <th>Out</th>
+                            <th>Less Time</th>
+                            <th>Hours</th>
+                            <th>Code</th>
+                            <th>Date Stamp</th>
+                            <th>Validated</th>";
+                            if($this->accountLevel >= 900)
+                            {
+                                echo "<th>Action</th>";
+                            }
+                        echo"</tr>
+                        </thead>
+                    ";
+                }
+
+                $totalValidated = 0;
+                $totalInvalid = 0;
+                $totalVacation = 0;
+                $totalSick = 0;
+
+                foreach($timesheet as $key=>$entry)
+                {
+                    echo "
+                        <tr>
+                               <td>".date("l, F jS Y",strtotime($entry['date']))."</td>
+                               <td>".date("g:i A",$entry['inTime'])."</td>
+                               <td>".date("g:i A",$entry['outTime'])."</td>
+                               <td>".$entry['lessTime']." <small>Hours</small></td>
+                               <td>".$entry['timeWorked']."</td>
+                               <td>".$entry['code']."</td>
+                               <td>".date("M. jS Y @ G:i A",strtotime($entry['timestamp']))."</td>
+                               <td><div class='text-center'>";
+
+                    if($entry['validated'] == 1)
+                    {
+                        echo "<i class=\"fa fa-check green\"></i>";
+                    }
+                    else
+                    {
+                        echo "<i class=\"fa fa-close red\"></i>";
+                    }
+
+                    echo "</td>";
+
+                    if($this->accountLevel >= 900)
+                    {
+                        echo "<td><a href=\"".$this->link(array('timesheet','remove',$key))."\"><i class=\"fa fa-trash\"></i> Remove</a></td>";
+                    }
+
+                    echo "</tr>";
+
+                    if(strlen($entry['note']) > 0)
+                    {
+                        echo "
+                            <tr>
+                                <td colspan='9'>
+                                    <b>Note:</b> ".$entry['note']."
+                                </td>
+                            </tr>
+                        ";
+                    }
+
+                    if($entry['validated'] == 1)
+                    {
+                        $totalValidated += $entry['timeWorked'];
+                    }
+
+                    if($entry['validated'] == 0)
+                    {
+                        $totalInvalid += $entry['timeWorked'];
+                    }
+
+                    if($entry['code'] == "Vacation")
+                    {
+                        $totalVacation += $entry['timeWorked'];
+                    }
+
+                    if($entry['code'] == "Sick")
+                    {
+                        $totalSick += $entry['timeWorked'];
+                    }
+
+                }
+
+                if(count($timesheet) > 0)
+                {
+                echo "</table>";
+
+                echo "<div class=\"row\">";
+                        echo "<div class='small-12'>
+
+                        FORM GOES HERE
+
+                        </div>";
+                echo "</div>";
+                echo "<div class=\"row\">";
+                echo "<div class=\"small-6 medium-4 large-3 columns\">";
+                                        echo "<div class=\"card successBg\">
+                                            <div class=\"title\">Validated</div>
+                                            <div class=\"value\">".$totalValidated." <small>Hours</small></div>
+                                        </div>";
+                echo "</div>";
+                echo "<div class=\"small-6 medium-4 large-3 columns\">";
+                                        echo "<div class=\"card warning\">
+                                            <div class=\"title\">Not Validated</div>
+                                            <div class=\"value\">".$totalInvalid." <small>Hours</small></div>
+                                        </div>";
+                echo "</div>";
+                echo "<div class=\"small-6 medium-4 large-3 columns end\">";
+                                     echo "<div class=\"card\">
+                                            <div class=\"title\">Sick</div>
+                                            <div class=\"value\">".$totalSick." <small>Hours</small></div>
+                                        </div>";
+                echo "</div>";
+                echo "<div class=\"small-6 medium-4 large-3 columns end\">";
+                                        echo "<div class=\"card\">
+                                            <div class=\"title\">Vacation</div>
+                                            <div class=\"value\">".$totalVacation." <small>Hours</small></div>
+                                        </div>";
+                echo "</div>";
+                echo "</div>";
+
+                }
+                else
+                {
+                    echo "<div class=\"text-center\">No time submitted</div>";
+                }
+
+                $i++;
+                echo "</div><hr>";
+            }
+            ?>
+        </div>
+    </div>
+</div>
+<div id="yearForm" class="reveal-modal small" data-reveal aria-labelledby="Change Year" aria-hidden="true" role="dialog">
+    <h2 id="modalTitle">Select a Year</h2>
+    <?php echo $this->yearForm ?>
+    <a class="close-reveal-modal" aria-label="Close">&#215;</a>
+</div>
+
+<div id="print" class="reveal-modal small" data-reveal aria-labelledby="Print Report" aria-hidden="true" role="dialog">
+    <h2>Print Individual Time Sheet</h2>
+    <?php echo $this->printTimeSheetForm ?>
+    <a class="close-reveal-modal" aria-label="Close">&#215;</a>
+</div>
+
+<script>
+    $(function() {
+
+        $(".timeTitle").click(function() {
+            $(this).next(".wrapper").slideToggle("slow");
+            $(this).find("i").toggleClass("fa-chevron-up fa-chevron-down")
+            return false;
+        });
+
+        $("#hideAll").click(function() {
+            $(".wrapper").slideUp();
+            $(".timeTitle").find("i").removeClass("fa-chevron-up")
+            $(".timeTitle").find("i").addClass("fa-chevron-down")
+            return false;
+        });
+
+        $("#showAll").click(function() {
+            $(".wrapper").slideDown();
+            $(".timeTitle").find("i").removeClass("fa-chevron-down")
+            $(".timeTitle").find("i").addClass("fa-chevron-up")
+            return false;
+        });
+
+    });
+</script>

application/views/reports/index.phtml

@@ -8,14 +8,8 @@
         </div>
     </div>
     <div class="row">
-        <div class="small-4 columns">
-            <ul class="button-group radius left">
-                <li><a class="button small" href="<?php echo $this->link(array('reports','weekly')) ?>"><i class="fa fa-file"></i> Week Report</a></li>
-                <li><a class="button small" data-reveal-id="print"  href="#"><i class="fa fa-print"></i> Print</a></li>
-            </ul>
-        </div>
-        <div class="small-8 columns">
-            <ul class="button-group round right">
+        <div class="small-12 columns">
+            <ul class="button-group radius even-6">
                 <?php
 
                 $year = $this->year;
@@ -32,7 +26,6 @@
 
 
                 ?>
-
                 <li><a class="button small secondary" href="
                     <?php
                     switch ($this->month)
@@ -61,6 +54,8 @@
 
                 <li><a id="showAll" class="button small secondary" href="#"><i class="fa fa-eye"></i> Show All</a></li>
                 <li><a id="hideAll" class="button small secondary" href="#"><i class="fa fa-eye-slash"></i> Hide All</a></li>
+                <li><a class="button small" href="<?php echo $this->link(array('reports','weekly')) ?>"><i class="fa fa-file"></i> Week Report</a></li>
+                <li><a class="button small" data-reveal-id="print"  href="#"><i class="fa fa-print"></i> Print</a></li>
             </ul>
         </div>
     </div>

application/views/timesheet/remove.phtml

@@ -1,7 +1,7 @@
 <div class="section">
     <div class="row">
         <div class="small-4 columns">
-            <a class="button secondary radius" href="<?php echo $this->link(array('timesheet')) ?>"><i class="fa fa-chevron-left"></i> Back</a>
+            <a class="button secondary radius" href="<?php echo $_SERVER['HTTP_REFERER'] ?>"><i class="fa fa-chevron-left"></i> Back</a>
         </div>
         <div class="small-4 columns text-center">
             <h2><i class="fa fa-trash"></i> Remove Entry</h2>

library/Staple/ExtendedDBAuthAdapter.class.php

@@ -147,10 +147,18 @@ class Staple_ExtendedDBAuthAdapter implements Staple_AuthAdapter
 							$pass = $cred['pin'];
 					}
 
-					$sql = 'SELECT ' . $db->real_escape_string($this->_settings['pinfield']) . ',' . $db->real_escape_string($this->_settings['uidfield']) . '
-FROM ' . $db->real_escape_string($this->_settings['authtable']) . '
-WHERE ' . $db->real_escape_string($this->_settings['pinfield']) . ' = ' .
-							'\'' . $db->real_escape_string($pass) . '\';';
+					$sql = "
+						SELECT
+						".$db->real_escape_string($this->_settings['pinfield']).",
+						".$db->real_escape_string($this->_settings['uidfield'])."
+						FROM
+						".$db->real_escape_string($this->_settings['authtable'])."
+						WHERE
+						".$db->real_escape_string($this->_settings['pinfield'])." =
+						'".$db->real_escape_string($pass)."'
+						AND
+						status = '1';
+					";
 
 					if(($result = $db->query($sql)) !== false)
 					{
@@ -181,12 +189,21 @@ WHERE ' . $db->real_escape_string($this->_settings['pinfield']) . ' = ' .
 						$pass = $cred['password'];
 				}
 
-				$sql = 'SELECT ' . $db->real_escape_string($this->_settings['uidfield']) . ',' . $db->real_escape_string($this->_settings['pwfield']) . '
-FROM ' . $db->real_escape_string($this->_settings['authtable']) . '
-WHERE ' . $db->real_escape_string($this->_settings['uidfield']) . ' = ' .
-					'\'' . $db->real_escape_string($cred['username']) . '\'
-AND ' . $db->real_escape_string($this->_settings['pwfield']) . ' = ' .
-					'\'' . $db->real_escape_string($pass) . '\';';
+				$sql = "
+						SELECT
+						".$db->real_escape_string($this->_settings['uidfield']).",
+						".$db->real_escape_string($this->_settings['pwfield'])."
+						FROM
+						".$db->real_escape_string($this->_settings['authtable'])."
+						WHERE
+						".$db->real_escape_string($this->_settings['uidfield'])." =
+						'".$db->real_escape_string($cred['username'])."'
+						AND
+						".$db->real_escape_string($this->_settings['pwfield'])." =
+						'".$db->real_escape_string($pass)."'
+						AND
+						status = '1';
+					";
 
 				if (($result = $db->query($sql)) !== false)
 				{