Merge branch 'release/v27.0.2.OS'

v27.0.1.OS

.gitignore

@@ -22,4 +22,4 @@ docker/testing/db_data
 test/frontend/cypress/videos/*
 test/frontend/cypress/screenshots/*
 test/frontend/node_modules/*
-
+!deployment/vagrant/ssl/icehrm.key

Vagrantfile

@@ -0,0 +1,25 @@
+Vagrant.configure("2") do |config|
+    config.vm.box = "icehrm/icehrm"
+    config.vm.box_version = "1.0.0"
+    config.vm.network "private_network", ip: "192.168.10.12"
+    config.vm.synced_folder ".", "/vagrant", type: "nfs"
+    config.vm.synced_folder "./deployment/vagrant/sites-available", "/etc/nginx/sites-enabled", type: "nfs"
+    config.vm.synced_folder "./deployment/vagrant/ssl", "/etc/nginx/ssl", type: "nfs"
+
+    config.vm.provider "virtualbox" do |vb|
+      vb.memory = "1024"
+      vb.cpus = "2"
+      vb.name = "icehrm-os.test"
+    end
+
+    config.vm.provision "shell", inline: <<-SHELL
+		sudo service nginx restart
+    SHELL
+
+    config.vm.hostname = "icehrm.test"
+
+    config.hostsupdater.aliases = [
+        "icehrm.test"
+     ]
+end
+

app/cron.php

@@ -4,4 +4,4 @@ if(php_sapi_name() != 'cli'){
 }
 
 include ('config.php');
-include (APP_BASE_PATH.'crons/cron.php');
+include (APP_BASE_PATH.'crons/cron.php');

core/admin/attendance/index.php

@@ -13,20 +13,20 @@ $photoAttendance = \Classes\SettingsManager::getInstance()->getSetting('Attendan
 $mapAttendance = \Classes\SettingsManager::getInstance()->getSetting('Attendance: Request Attendance Location on Mobile');
 ?><div class="span9">
 
-	<ul class="nav nav-tabs" id="modTab" style="margin-bottom:0px;margin-left:5px;border-bottom: none;">
-		<li class="active"><a id="tabAttendance" href="#tabPageAttendance"><?=t('Monitor Attendance')?></a></li>
+    <ul class="nav nav-tabs" id="modTab" style="margin-bottom:0px;margin-left:5px;border-bottom: none;">
+        <li class="active"><a id="tabAttendance" href="#tabPageAttendance"><?=t('Monitor Attendance')?></a></li>
         <li class=""><a id="tabAttendanceStatus" href="#tabPageAttendanceStatus"><?=t('Current Clocked In Status')?></a></li>
-	</ul>
+    </ul>
 
-	<div class="tab-content">
-		<div class="tab-pane active" id="tabPageAttendance">
-			<div id="Attendance" class="reviewBlock" data-content="List" style="padding-left:5px;">
+    <div class="tab-content">
+        <div class="tab-pane active" id="tabPageAttendance">
+            <div id="Attendance" class="reviewBlock" data-content="List" style="padding-left:5px;">
 
-			</div>
-			<div id="AttendanceForm" class="reviewBlock" data-content="Form" style="padding-left:5px;display:none;">
+            </div>
+            <div id="AttendanceForm" class="reviewBlock" data-content="Form" style="padding-left:5px;display:none;">
 
-			</div>
-		</div>
+            </div>
+        </div>
         <div class="tab-pane" id="tabPageAttendanceStatus">
             <div id="AttendanceStatus" class="reviewBlock" data-content="List" style="padding-left:5px;">
 
@@ -36,20 +36,20 @@ $mapAttendance = \Classes\SettingsManager::getInstance()->getSetting('Attendance
             </div>
         </div>
 
-	</div>
+    </div>
 
 </div>
 <div class="modal" id="attendancePhotoModel" tabindex="-1" role="dialog" aria-labelledby="messageModelLabel" aria-hidden="true">
-	<div class="modal-dialog">
-		<div class="modal-content">
-			<div class="modal-header">
-				<button type="button" class="close" data-dismiss="modal" aria-hidden="true"><li class="fa fa-times"/></button>
-				<h3 style="font-size: 17px;">Attendance Details</h3>
-			</div>
-			<div class="modal-body">
-				<div class="row" style="background: #f3f4f5; padding: 10px;text-align: center;">
-					<h4 id="attendnaceCanvasEmp"></h4>
-				</div>
+    <div class="modal-dialog">
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal" aria-hidden="true"><li class="fa fa-times"/></button>
+                <h3 style="font-size: 17px;">Attendance Details</h3>
+            </div>
+            <div class="modal-body">
+                <div class="row" style="background: #f3f4f5; padding: 10px;text-align: center;">
+                    <h4 id="attendnaceCanvasEmp"></h4>
+                </div>
                 <div class="row" style="background: #f3f4f5; padding: 10px;">
                     <div id="attendnaceCanvasPunchInTimeWraper" class="col-sm-6" style="text-align: center;">
                         <b>In: </b><span id="attendnaceCanvasPunchInTime"></span>
@@ -62,14 +62,14 @@ $mapAttendance = \Classes\SettingsManager::getInstance()->getSetting('Attendance
                         IP Address: <span id="punchOutIp"></span>
                     </div>
                 </div>
-				<div id="attendancePhoto" class="row" style="background: #f3f4f5; padding: 10px;display:none;">
-					<div class="col-sm-6" style="text-align: center;">
+                <div id="attendancePhoto" class="row" style="background: #f3f4f5; padding: 10px;display:none;">
+                    <div id="attendnaceCanvasInWrapper" class="col-sm-6" style="text-align: center;">
 
-					</div>
-					<div class="col-sm-6" style="text-align: center;">
+                    </div>
+                    <div id="attendnaceCanvasOutWrapper" class="col-sm-6" style="text-align: center;">
 
-					</div>
-				</div>
+                    </div>
+                </div>
                 <div id="attendanceMap" class="row" style="background: #f3f4f5; padding: 10px;display:none;">
                     <div id="attendnaceMapCanvasInWrapper" class="col-sm-6" style="text-align: center;">
 
@@ -85,21 +85,21 @@ $mapAttendance = \Classes\SettingsManager::getInstance()->getSetting('Attendance
                         <span>Location: <span id="punchOutLocation"></span></span>
                     </div>
                 </div>
-			</div>
-			<div class="modal-footer">
+            </div>
+            <div class="modal-footer">
 
-			</div>
-		</div>
-	</div>
+            </div>
+        </div>
+    </div>
 </div>
 <script>
-var modJsList = new Array();
-modJsList['tabAttendance'] = new AttendanceAdapter('Attendance','Attendance','','in_time desc');
-modJsList['tabAttendance'].setRemoteTable(true);
-modJsList['tabAttendance'].setPhotoAttendance(<?=$photoAttendance == '1' || $mapAttendance == '1'?>);
-modJsList['tabAttendanceStatus'] = new AttendanceStatusAdapter('AttendanceStatus','AttendanceStatus','','');
-modJsList['tabAttendanceStatus'].setShowAddNew(false);
-var modJs = modJsList['tabAttendance'];
+  var modJsList = new Array();
+  modJsList['tabAttendance'] = new AttendanceAdapter('Attendance','Attendance','','in_time desc');
+  modJsList['tabAttendance'].setRemoteTable(true);
+  modJsList['tabAttendance'].setPhotoAttendance(<?=$photoAttendance == '1' || $mapAttendance == '1'?>);
+  modJsList['tabAttendanceStatus'] = new AttendanceStatusAdapter('AttendanceStatus','AttendanceStatus','','');
+  modJsList['tabAttendanceStatus'].setShowAddNew(false);
+  var modJs = modJsList['tabAttendance'];
 
 </script>
 <?php include APP_BASE_PATH.'footer.php';?>

core/admin/dashboard/index.php

@@ -50,10 +50,10 @@ include APP_BASE_PATH.'modulejslibs.inc.php';
     modJsList['tabDashboard'] = new DashboardAdapter('Dashboard','Dashboard');
 
     var modJs = modJsList['tabDashboard'];
-
+    <?php if($user->user_level == "Admin") { ?>
     $(document).ready(function () {
       $('.span9 .row').prepend(window.atob('PGRpdiBjbGFzcz0iY2FsbG91dCBjYWxsb3V0LXdhcm5pbmcgbGVhZCIgc3R5bGU9ImZvbnQtc2l6ZTogMTRweDttYXJnaW4tdG9wOiA5MHB4OyI+CiAgICAgICAgICAgIDxoND5Zb3UgYXJlIGN1cnJlbnRseSB1c2luZyBJY2VIcm0gT3BlbnNvdXJjZSBWZXJzaW9uPC9oND4KICAgICAgICAgICAgPHAgc3R5bGU9ImZvbnQtd2VpZ2h0OiBib2xkOyI+CiAgICAgICAgICAgICAgICBXZSBoYXZlIGEgbG90IG1vcmUgZmVhdHVyZXMgdG8gb2ZmZXIuIEluY2x1ZGluZyBvdXIgaGlnaGx5IGN1c3RvbWl6YWJsZSBsZWF2ZSBtYW5hZ2VtZW50LCByZWNydWl0bWVudCBtb2R1bGVzIGFuZCBtYW55IG1vcmUgYWR2YW5jZWQgZmVhdHVyZXMgaW4gSWNlSHJtUHJvJiMxNzQ7CiAgICAgICAgICAgICAgICA8YnIvPgogICAgICAgICAgICAgICAgPGJyLz4KICAgICAgICAgICAgICAgIDxhIHRhcmdldD0iX2JsYW5rIiBocmVmPSJodHRwczovL2ljZWhybS5jb20vcHVyY2hhc2UtaWNlaHJtcHJvIiBjbGFzcz0iYnRuIGJ0bi1zdWNjZXNzIGJ0bS14cyI+PGkgY2xhc3M9ImZhIGZhLWNoZWNrb3V0Ij48L2k+IE1vcmUgYWJvdXQgSWNlSHJtUHJvJiMxNzQ7PC9hPgogICAgICAgICAgICA8L3A+CiAgICAgICAgPC9kaXY+'));
     });
-
+    <?php } ?>
 </script>
 <?php include APP_BASE_PATH.'footer.php';?>

core/config.base.php

@@ -13,10 +13,10 @@ if(!defined('HOME_LINK_OTHERS')){
 }
 
 //Version
-define('VERSION', '27.0.0.OS');
-define('CACHE_VALUE', '27.0.0.OS');
-define('VERSION_NUMBER', '270000');
-define('VERSION_DATE', '29/05/2020');
+define('VERSION', '27.0.2.OS');
+define('CACHE_VALUE', '27.0.2.OS');
+define('VERSION_NUMBER', '270002');
+define('VERSION_DATE', '10/06/2020');
 
 if(!defined('CONTACT_EMAIL')){define('CONTACT_EMAIL','icehrm@gamonoid.com');}
 if(!defined('KEY_PREFIX')){define('KEY_PREFIX','IceHrm');}

core/login.php

@@ -136,6 +136,8 @@ $logoFileUrl = \Classes\UIManager::getInstance()->getCompanyLogoUrl();
 $csrfToken = sha1(rand(4500, 100000) . time(). CLIENT_BASE_URL);
 \Utils\SessionUtils::saveSessionObject('csrf-login', $csrfToken);
 
+$refLink = base64_encode("http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]");
+
 ?><!DOCTYPE html>
 <html lang="en">
 <head>
@@ -328,7 +330,7 @@ $csrfToken = sha1(rand(4500, 100000) . time(). CLIENT_BASE_URL);
 	<div class="content" style="margin-top:100px;">
 		<div class="row">
 			<div class="login-form">
-				<h2><img src="<?=$logoFileUrl?>"/></h2>
+				<h2><a href="https://icehrm.com?ref=<?=$refLink?>" target="_blank"><img alt="The HR App to Fit All Your Needs, such as Employee, Time, Vacation and Expense Management" src="<?=$logoFileUrl?>"/></a></h2>
 				<?php if (!isset($_REQUEST['cp'])) {?>
 					<form id="loginForm" action="login.php" method="POST">
                         <input type="hidden" id="next" name="next" value="<?=$_REQUEST['next']?>"/>

core/src/Classes/BaseService.php

@@ -285,8 +285,8 @@ class BaseService
 
                         $childCompaniesIds = array();
                         if (\Classes\SettingsManager::getInstance()->getSetting(
-                                'System: Child Company Structure Managers Enabled'
-                            ) == '1'
+                            'System: Child Company Structure Managers Enabled'
+                        ) == '1'
                         ) {
                             $childCompaniesResp = \Company\Common\Model\CompanyStructure::getAllChildCompanyStructures(
                                 $cempObj->department
@@ -479,8 +479,8 @@ class BaseService
 
                         $childCompaniesIds = array();
                         if (SettingsManager::getInstance()->getSetting(
-                                'System: Child Company Structure Managers Enabled'
-                            ) == '1'
+                            'System: Child Company Structure Managers Enabled'
+                        ) == '1'
                         ) {
                             $childCompaniesResp = CompanyStructure::getAllChildCompanyStructures($cempObj->department);
                             $childCompanies = $childCompaniesResp->getObject();
@@ -560,8 +560,8 @@ class BaseService
 
                     $childCompaniesIds = array();
                     if (SettingsManager::getInstance()->getSetting(
-                            'System: Child Company Structure Managers Enabled'
-                        ) == '1'
+                        'System: Child Company Structure Managers Enabled'
+                    ) == '1'
                     ) {
                         $childCompaniesResp = CompanyStructure::getAllChildCompanyStructures($cempObj->department);
                         $childCompanies = $childCompaniesResp->getObject();
@@ -1336,6 +1336,7 @@ class BaseService
         if ($settings->name != "Instance : ID" || empty($settings->value)) {
             $settings->value = md5(time());
             $settings->name = "Instance : ID";
+            $settings->category = "Instance";
             $settings->Save();
         }
 
@@ -1348,6 +1349,7 @@ class BaseService
         $settings->Load("name = ?", array("Instance: Key"));
         if ($settings->name != "Instance: Key") {
             $settings->name = "Instance: Key";
+            $settings->category = "Instance";
         }
         $settings->value = $key;
         $settings->Save();
@@ -1779,8 +1781,8 @@ END;
         ) {
             $departmentHeadFound = true;
         } elseif (SettingsManager::getInstance()->getSetting(
-                'System: Child Company Structure Managers Enabled'
-            ) == '1'
+            'System: Child Company Structure Managers Enabled'
+        ) == '1'
         ) {
             $companyStructure = new CompanyStructure();
             $companyStructure->Load('id = ?', array($subordinate->department));

core/src/Classes/DomainAwareInputCleaner.php

@@ -1,6 +1,4 @@
 <?php
-
-
 namespace Classes;
 
 class DomainAwareInputCleaner
@@ -92,6 +90,6 @@ class DomainAwareInputCleaner
 
     private function isValidFilterValue($input)
     {
-        return !!preg_match('/^[-_: \p{L}]+$/u', $input);
+        return !!preg_match('/^[-_: \d\p{L}]+$/u', $input);
     }
 }

deployment/vagrant/sites-available/default

@@ -0,0 +1,50 @@
+server {
+	listen 80;
+	listen [::]:80;
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+
+    root /vagrant;
+
+    # Add index.php to the list if you are using PHP
+    index index.html index.php;
+
+    server_name icehrm.test;
+
+    ssl_certificate     /etc/nginx/ssl/icehrm.crt;
+    ssl_certificate_key /etc/nginx/ssl/icehrm.key;
+    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+
+    location / {
+        # First attempt to serve request as file, then
+        # as directory, then fall back to displaying a 404.
+        try_files $uri $uri/ =404;
+    }
+
+    location /core/ {
+        deny all;
+    }
+
+    # pass PHP scripts to FastCGI server
+    #
+    location ~ \.php$ {
+        include snippets/fastcgi-php.conf;
+
+        # With php-fpm (or other unix sockets):
+        fastcgi_pass unix:/run/php/php7.3-fpm.sock;
+    #    # With php-cgi (or other tcp sockets):
+    #    fastcgi_pass 127.0.0.1:9000;
+    }
+
+    # deny access to .htaccess files, if Apache's document root
+    # concurs with nginx's one
+    #
+    location ~ /\.ht {
+        deny all;
+    }
+
+    location /app/api/ {
+    	try_files $uri /app/api/index.php?/$uri&$args;
+	}
+}

deployment/vagrant/ssl/icehrm.crt

@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC6zCCAdOgAwIBAgIJAOVbCZJCEmMKMA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV
+BAMMC2ljZWhybS50ZXN0MB4XDTIwMDYwOTE4MDMxM1oXDTMwMDYwNzE4MDMxM1ow
+FjEUMBIGA1UEAwwLaWNlaHJtLnRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDOTSWgFFHOSvoxGGuRfOUZh1Ihu1S1f+q8fJXSmOUhqqe8UDFVcyFW
+INoc/cUYoheK3DwVDBOTtrOBr20mq/tNoDyjNELGRVC7UttGUoEG7KSjHpb7xkJ5
+ycZf09gTZ/xB/joV6AIkw9YMyqvKEq3s9cfHLr+YCOz3ukPQm8NQ3Hthc+iWHgMP
+6Wypapoe+1OV249G5xJjWukQ8GWB7vmCLWpv+u8WgNs7qDV4M3w5v72gBROk5r4h
+M8LBFX78eu+YGYxsQB2i/Z+7dWCYtu7LwsrCmc2Ek4HEo0/RP++Ql/FL0J2JlRjb
+a2I0MwEN4z648NeWusm2SvgF38VGtMD7AgMBAAGjPDA6MBYGA1UdEQQPMA2CC2lj
+ZWhybS50ZXN0MAsGA1UdDwQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkq
+hkiG9w0BAQsFAAOCAQEArG936hQSY/E2H2G5KRg/uOq8yMeUdW2IoIZdagcseRF0
+i2Y69LEiBq4/syZxgqEZCu7w3aulsdpNR6ZAZvxyj6FPc41sbStNrRUeyaBQvKhe
+7QbqbNS+1iO9DadjcXWAnD30x9qxTqEKNvY17ZgnBgP2RDSajpYZxduJRwW4c19V
+Qu4YF/CxuwbirSpOANwyMNHy/SyeCwL9W0FFabj5jrHTNWb2IP0IlFEXU4IY4Dlv
+K/fvzZjGFX5YayYKx4laP33xvIxlI6d1ewzLGAa8KFCKk/n/6HsmYmdTh6e3193E
+FV6nL9dQ/4ggCIPTfIJWS6PcWuJDzNZj6mZNKiHGmQ==
+-----END CERTIFICATE-----

deployment/vagrant/ssl/icehrm.key

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDOTSWgFFHOSvox
+GGuRfOUZh1Ihu1S1f+q8fJXSmOUhqqe8UDFVcyFWINoc/cUYoheK3DwVDBOTtrOB
+r20mq/tNoDyjNELGRVC7UttGUoEG7KSjHpb7xkJ5ycZf09gTZ/xB/joV6AIkw9YM
+yqvKEq3s9cfHLr+YCOz3ukPQm8NQ3Hthc+iWHgMP6Wypapoe+1OV249G5xJjWukQ
+8GWB7vmCLWpv+u8WgNs7qDV4M3w5v72gBROk5r4hM8LBFX78eu+YGYxsQB2i/Z+7
+dWCYtu7LwsrCmc2Ek4HEo0/RP++Ql/FL0J2JlRjba2I0MwEN4z648NeWusm2SvgF
+38VGtMD7AgMBAAECggEATD9bLqUT7yjq+4ZJC4abrinDg1AXaNWUToHFZga4eQ73
+27PP6AMbSRfvRVPNquMNzHbFhgnmmmumQMIzl11tDi2w+6jvHRS1V+axwHXx1jtU
+Ri2iJAAMxbJ7rSNA8zs1kraBhWMwl6IB1Mx7Xb41piTY55cxnOF/o7emJM3NDG8m
+4xPaDA+I9JapLRbX14XMSMUZNCY3/lYMS0ujoHOmujGFTzEZM3ndvFIuRbnSD88U
+pmCXEcxlJd6jQhkX7gxzmunNOCD32iJRwTl1V9Vm73xHF0qOJCs5fduUE1TKchuQ
+SeEfyID7o6SC2ZsOyfTLBI4ofGDq3M2iI5knnzD68QKBgQDwz5uaGTVbTE75UEJs
+tl/cq/UD0+bukzMXpk4gV8rYmtITVk0EGUeyTP4Dm9r2v24C7LI8xrisZ7DvdqAV
+n3RboOPKHtmh1HpMCOf2LCdwSXrLnovUoOjgel/vny06uLLFjebvGoBZOZ2F6485
+20YX5NXMyhb20G0+tlpcGd7BrQKBgQDbUE9XxLJ9UWvCeEAd3lPaBdns/K1c27JD
+lrpg8FDSkZOy6lj1/vH/SfBS4QQpo1CFBCQ3FUVPkjJtJSr2w2Rev1PxQAoMVdtI
+VITDrOVpRvSqUcIdWCnnhQPWElCfFUIWpvafDK0r+lPj3vkLOscJWSJzV1+pk5JF
+6ARJyCZyRwKBgQDKBDAyJ0GmtK5v4o/G6XwkALHMI0FRFXXAOkjCQ0QtUDw58qUr
+chW+k25pEp+vbkpY875W1BLqtxYs3WRQn3Maxy8xSY4jf7+U98e4sbPoNAxqszf1
+CYQzhRXkTLHB2F5I8tEv9xiDQZ1PUpzV2YjE1LkzUrnPFmz/NjU5nI5OBQKBgQC0
+hM5KOCWS8Un5sHFWJIJwmxBd+T3ZiRyadZ7D3Asqx5kDU9IV6dvXfkzKa1y5ySul
+0Vrd3CxI6tWG8WkD5KDhPCskEMo0jRcJ2kfNqKrMlRMefl2BOeiEIQCfXEPwLddQ
+Pe4RzKVd5ZbXodjsXV0nXK72sZyUQFvOHsQo1w6OUQKBgQDNwWNnYYC9oH8/+2mA
+j4D1mO4OF1w6rDb+hvp3lggt3yKcvRK4doFJ9LeJ9C0mGz1JJV/O7l+eAv9n0lFS
+HGW1YSqbsAwvi8l/qJrYB/gOVfPJPm3GIwX6qBYqiAYb+Fp7igfOZ4ivf2/PhqcU
+B4Qq9z9sl149+HlKEHINoQHKdQ==
+-----END PRIVATE KEY-----