SolidCharity/TimeTrex
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

TimeTrex Community Edition v16.2.0

Browse Source
This commit is contained in:
Timotheus Pokorra
2022-12-13 07:10:06 +01:00
commit 472f000c1b
6810 changed files with 2636142 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

416
api/json/api.php Normal file
View File

@ -0,0 +1,416 @@
<?php
/*********************************************************************************
*
* TimeTrex is a Workforce Management program developed by
* TimeTrex Software Inc. Copyright (C) 2003 - 2021 TimeTrex Software Inc.
*
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU Affero General Public License version 3 as published by
* the Free Software Foundation with the addition of the following permission
* added to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED
* WORK IN WHICH THE COPYRIGHT IS OWNED BY TIMETREX, TIMETREX DISCLAIMS THE
* WARRANTY OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
* details.
*
*
* You should have received a copy of the GNU Affero General Public License along
* with this program; if not, see http://www.gnu.org/licenses or write to the Free
* Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301 USA.
*
*
* You can contact TimeTrex headquarters at Unit 22 - 2475 Dobbin Rd. Suite
* #292 West Kelowna, BC V4T 2E9, Canada or at email address info@timetrex.com.
*
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
*
* In accordance with Section 7(b) of the GNU Affero General Public License
* version 3, these Appropriate Legal Notices must retain the display of the
* "Powered by TimeTrex" logo. If the display of the logo is not reasonably
* feasible for technical reasons, the Appropriate Legal Notices must display
* the words "Powered by TimeTrex".
*
********************************************************************************/
define( 'TIMETREX_JSON_API', true );
if ( isset( $_GET['disable_db'] ) && $_GET['disable_db'] == 1 ) {
$disable_database_connection = true;
}
//Add timetrex.ini.php setting to enable/disable the API. Make an entire [API] section.
require_once( '../../includes/global.inc.php' );
require_once( '../../includes/API.inc.php' );
Header( 'Content-Type: application/json; charset=UTF-8' ); //Make sure content type is not text/HTML to help avoid XSS.
/**
* General handler for service calls, regardless of if the user is logged in or not. Mostly a wrapper to make idempotent request handling consistent across authenticated and unauthenticated calls.
* @param $obj
* @param $class_name
* @param $method
* @param $arguments
* @param $message_id
* @param $api_auth
* @param $user_id
* @return bool
* @throws DBError
* @throws GeneralError
*/
function invokeService( $obj, $class_name, $method, $arguments, $message_id, $api_auth, $user_id ) {
try {
//Handle idempotent enabled requests here.
if ( TTUUID::isUUID( $message_id ) && ( ( isset( $_GET['idempotent'] ) && (int)$_GET['idempotent'] == 1 && strtolower( substr( $method, 0, 3 ) ) != 'get' && strtolower( substr( $method, 0, 8 ) ) != 'validate' ) ) ) { //Don't allow idempotent requests on get*() and validate*() calls.
$irf = new IdempotentRequestFactory();
$irf->setUser( $user_id );
$irf->setIdempotentKey( $obj->getAPIMessageId() );
$irf->setStatus( 10 ); //10=Processing
$irf->setRequestDate( microtime( true ) );
$irf->setRequestMethod( $_SERVER['REQUEST_METHOD'] );
$irf->setRequestBody( ( ( $irf->getRequestMethod() == 'GET' ) ? $_GET : ( ( isset( $_SERVER['CONTENT_LENGTH'] ) && $_SERVER['CONTENT_LENGTH'] <= 25000 ) ? $_POST : [ 'request_body_hash' => sha1( json_encode( $_POST ) ) ] ) ) ); //To prevent bloating the database, only save request bodies smaller than 25K.
$irf->setRequestURI( $_SERVER['REQUEST_URI'] );
if ( $irf->isValid() ) {
Debug::text( ' IDEMPOTENT: Enabled and saved! Key: '. $irf->getIdempotentKey(), __FILE__, __LINE__, __METHOD__, 10 );
$irf->Save( false, false );
if ( $irf->getIsExists() == true ) { //Check if the key already exists in the database.
/**
* @param $key
* @param $user_id
* @return array|false
*/
function getOrWaitForIdempotentResponse( $key, $user_id ) {
$irlf = new IdempotentRequestListFactory();
$irlf->getByIdempotentKeyAndUserId( $key, $user_id );
if ( $irlf->getRecordCount() == 1 ) {
$ir_obj = $irlf->getCurrent();
if ( $ir_obj->getStatus() == 20 ) {
Debug::text( ' IDEMPOTENT: Found saved idempotent response...', __FILE__, __LINE__, __METHOD__, 10 );
return [ 'response_body' => $ir_obj->getResponseBody() ];
}
}
Debug::text( ' IDEMPOTENT: No saved idempotent response yet...', __FILE__, __LINE__, __METHOD__, 10 );
return false;
}
Debug::text( ' IDEMPOTENT: Idempotent Key already exists with Status: ' . $irf->getStatus(), __FILE__, __LINE__, __METHOD__, 10 );
$retry_sleep = 1; //Start at 0.5 seconds retry interval, then use expontential backoff, similar to retryTransaction()
$tmp_sleep = ( $retry_sleep * 1000000 );
$retry_attempts = 0;
$retry_max_attempts = 7; //max of 128 seconds delay.
while ( $retry_attempts < $retry_max_attempts ) {
$irf_response = getOrWaitForIdempotentResponse( $irf->getIdempotentKey(), $user_id );
if ( is_array( $irf_response ) && isset( $irf_response['response_body'] ) ) {
Debug::text( ' IDEMPOTENT: Sending saved idempotent response... Key: '. $irf->getIdempotentKey(), __FILE__, __LINE__, __METHOD__, 10 );
echo json_encode( $irf_response['response_body'] );
return true;
} else {
Debug::text( ' IDEMPOTENT: Sleeping for idempotent response before retry... Sleep: '. $tmp_sleep .' Attempt: '. $retry_attempts, __FILE__, __LINE__, __METHOD__, 10 );
$random_sleep_interval = ( ceil( ( rand() / getrandmax() ) * ( ( $tmp_sleep * 0.33 ) * 2 ) - ( $tmp_sleep * 0.33 ) ) ); //+/- 33% of the sleep time.
if ( $retry_attempts < ( $retry_max_attempts - 1 ) ) { //Don't sleep on the last iteration as its serving no purpose.
usleep( $tmp_sleep + $random_sleep_interval );
}
$tmp_sleep = ( $tmp_sleep * 2 ); //Exponential back-off with 25% of retry sleep time as a random value.
$retry_attempts++;
}
}
unset( $retry_sleep, $tmp_sleep, $retry_attempts, $retry_max_attempts );
Debug::text( 'IDEMPOTENT: Response not found after maximum retry attempts, original request is likely still being processed!', __FILE__, __LINE__, __METHOD__, 10 );
echo json_encode( $api_auth->returnHandler( false, 'EXCEPTION', TTi18n::getText( 'Idempotent response not available yet, please try again' ) ) );
return true;
}
}
}
//Use array_values() to remove any named parameters and avoid "Uncaught Error: Unknown named parameter" problems on PHP v8+
// This can happen when a malformed API call is made with arguments like: [ 'filter_page' => 1, 'filter_items_per_page' => 9999 ], which is sending two named arguments to the function,
// instead of: [ 0 => [ 'filter_page' => 1, 'filter_items_per_page' => 9999 ] ], which sends one argument that is an assoc. array.
$retval = call_user_func_array( [ $obj, $method ], array_values( (array)$arguments ) );
if ( $retval !== null ) {
if ( !is_object( $retval ) ) { //Make sure we never return a raw object to end-user, as too much information could be included in it.
echo json_encode( $retval );
$json_error = getJSONError();
if ( $json_error !== false ) {
Debug::Arr( $retval, 'ERROR: JSON: ' . $json_error, __FILE__, __LINE__, __METHOD__, 10 );
echo json_encode( $api_auth->returnHandler( false, 'EXCEPTION', 'ERROR: JSON: ' . $json_error ) );
} else {
//Save response for idempotent requests.
if ( isset( $irf ) && is_object( $irf ) ) {
Debug::text( 'IDEMPOTENT: Updating response to: Completed.', __FILE__, __LINE__, __METHOD__, 10 );
$irf->setStatus( 20 ); //20=Completed
$irf->setResponseCode( 200 ); //200=OK
$irf->setResponseBody( $retval );
$irf->setResponseDate( microtime( true ) );
if ( $irf->isValid() ) {
$irf->Save();
}
unset( $irf );
}
}
} else {
Debug::text( 'OBJECT return value, not JSON encoding any additional data.', __FILE__, __LINE__, __METHOD__, 10 );
}
} else {
Debug::text( 'NULL return value, not JSON encoding any additional data.', __FILE__, __LINE__, __METHOD__, 10 );
}
} catch ( ArgumentCountError $e ) {
echo json_encode( $api_auth->returnHandler( false, 'EXCEPTION', $e->getMessage() ) );
}
return null;
}
/**
* Invoke API methods before the user is authenticated.
* @param $class_name
* @param $method
* @param $arguments
* @param $message_id
* @param $api_auth
* @return bool
* @throws ReflectionException
*/
function unauthenticatedInvokeService( $class_name, $method, $arguments, $message_id, $api_auth ) {
global $config_vars;
TTi18n::chooseBestLocale(); //Make sure we set the locale as best we can when not logged in
Debug::text( 'Handling UNAUTHENTICATED JSON Call To API Factory: ' . $class_name . ' Method: ' . $method . ' Message ID: ' . $message_id, __FILE__, __LINE__, __METHOD__, 10 );
if ( !isset( $config_vars['other']['down_for_maintenance'] ) || isset( $config_vars['other']['down_for_maintenance'] ) && $config_vars['other']['down_for_maintenance'] == '' ) {
$valid_unauthenticated_classes = getUnauthenticatedAPIClasses();
if ( $class_name != '' && in_array( $class_name, $valid_unauthenticated_classes ) && class_exists( $class_name ) ) {
$obj = new $class_name;
if ( isWhiteListedAPICall( $obj, $method ) === true ) {
if ( method_exists( $obj, 'setAPIMessageID' ) ) {
$obj->setAPIMessageID( $message_id ); //Sets API message ID so progress bar continues to work.
}
if ( $method != '' && method_exists( $obj, $method ) ) {
invokeService( $obj, $class_name, $method, $arguments, $message_id, $api_auth, TTUUID::getZeroID() );
} else {
$validator = TTnew( 'Validator' ); /** @var Validator $validator */
Debug::text( 'Class: '. get_class( $obj ) .' Method: ' . $method . ' does not exist!', __FILE__, __LINE__, __METHOD__, 10 );
echo json_encode( $api_auth->returnHandler( false, 'SESSION', TTi18n::getText( 'Method: "%1" does not exist.', [ $validator->escapeHTML( $method ) ] ) ) );
}
} else {
$validator = TTnew( 'Validator' ); /** @var Validator $validator */
Debug::text( 'Class: '. get_class( $obj ) .' Method: ' . $method . ' is private!', __FILE__, __LINE__, __METHOD__, 10 );
echo json_encode( $api_auth->returnHandler( false, 'EXCEPTION', TTi18n::getText( 'Method: "%1" is private, unable to call.', [ $validator->escapeHTML( $method ) ] ) ) );
}
} else {
$validator = TTnew( 'Validator' ); /** @var Validator $validator */
if ( class_exists( $class_name ) ) {
Debug::text( 'Class: ' . $class_name . ' requires authentication! (unauth)', __FILE__, __LINE__, __METHOD__, 10 );
echo json_encode( $api_auth->returnHandler( false, 'SESSION', TTi18n::getText( 'Class: "%1" requires authentication, and not currently authenticated.', [ $validator->escapeHTML( $class_name ) ] ) ) );
} else {
Debug::text( 'Class: ' . $class_name . ' does not exist! (unauth)', __FILE__, __LINE__, __METHOD__, 10 );
echo json_encode( $api_auth->returnHandler( false, 'SESSION', TTi18n::getText( 'Class: "%1" does not exist.', [ $validator->escapeHTML( $class_name ) ] ) ) );
}
}
} else {
Debug::text( 'WARNING: Installer/Down For Maintenance is enabled... Service is disabled!', __FILE__, __LINE__, __METHOD__, 10 );
echo json_encode( $api_auth->returnHandler( false, 'DOWN_FOR_MAINTENANCE', TTi18n::gettext( '%1 is currently undergoing maintenance. We apologize for any inconvenience this may cause, please try again later.', [ APPLICATION_NAME ] ) ) );
}
return true;
}
/**
* Invoke API methods after the user is authenticated.
* @param $class_name
* @param $method
* @param $arguments
* @param $message_id
* @param $authentication
* @param $api_auth
* @return bool
*/
function authenticatedInvokeService( $class_name, $method, $arguments, $message_id, $authentication, $api_auth ) {
global $current_user, $current_user_prefs, $current_company, $obj;
$current_user = $authentication->getObject();
if ( is_object( $current_user ) ) {
$current_user_prefs = handleOverridePreferences( $current_user );
$clf = new CompanyListFactory();
$current_company = $clf->getByID( $current_user->getCompany() )->getCurrent();
if ( is_object( $current_company ) ) {
Debug::text( 'Current User: ' . $current_user->getUserName() . ' (User ID: ' . $current_user->getID() . ') Company: ' . $current_company->getName() . ' (Company ID: ' . $current_company->getId() . ')', __FILE__, __LINE__, __METHOD__, 10 );
//Debug::text('Handling JSON Call To API Factory: '. $class_name .' Method: '. $method .' Message ID: '. $message_id .' UserName: '. $current_user->getUserName(), __FILE__, __LINE__, __METHOD__, 10);
if ( $class_name != '' && class_exists( $class_name ) ) {
$obj = new $class_name;
if ( isWhiteListedAPICall( $obj, $method ) === true ) {
if ( method_exists( $obj, 'setAPIMessageID' ) ) {
$obj->setAPIMessageID( $message_id ); //Sets API message ID so progress bar continues to work.
}
if ( $method != '' && method_exists( $obj, $method ) ) {
invokeService( $obj, $class_name, $method, $arguments, $message_id, $api_auth, $current_user->getId() );
} else {
Debug::text( 'Method: ' . $method . ' does not exist!', __FILE__, __LINE__, __METHOD__, 10 );
echo json_encode( $api_auth->returnHandler( false, 'EXCEPTION', TTi18n::getText( 'Method: "%1" does not exist.', [ $current_company->Validator->escapeHTML( $method ) ] ) ) );
}
} else {
Debug::text( 'Method: ' . $method . ' is private!', __FILE__, __LINE__, __METHOD__, 10 );
echo json_encode( $api_auth->returnHandler( false, 'EXCEPTION', TTi18n::getText( 'Method: "%1" is private, unable to call.', [ $current_company->Validator->escapeHTML( $method ) ] ) ) );
}
} else {
Debug::text( 'Class: ' . $class_name . ' does not exist!', __FILE__, __LINE__, __METHOD__, 10 );
echo json_encode( $api_auth->returnHandler( false, 'EXCEPTION', TTi18n::getText( 'Class: "%1" does not exist.', [ $current_company->Validator->escapeHTML( $class_name ) ] ) ) );
}
} else {
Debug::text( 'Failed to get Company Object!', __FILE__, __LINE__, __METHOD__, 10 );
echo json_encode( $api_auth->returnHandler( false, 'SESSION', TTi18n::getText( 'Company does not exist.' ) ) );
}
} else {
Debug::text( 'Failed to get User Object!', __FILE__, __LINE__, __METHOD__, 10 );
echo json_encode( $api_auth->returnHandler( false, 'SESSION', TTi18n::getText( 'User does not exist.' ) ) );
}
return true;
}
/*
Arguments:
GET: SessionID
GET: Class
GET: Method
POST: Arguments for method.
*/
$class_prefix = 'API';
$class_name = false;
$method = false;
if ( isset( $_GET['Class'] ) && $_GET['Class'] != '' ) {
$class_name = $_GET['Class'];
//If API wasn't already put on the class, add it manually.
if ( strtolower( substr( $class_name, 0, 3 ) ) != 'api' ) {
$class_name = $class_prefix . $class_name;
}
$class_name = TTgetPluginClassName( $class_name );
} else {
$class_name = TTgetPluginClassName( $class_prefix . 'Authentication' );
}
if ( isset( $_GET['Method'] ) && $_GET['Method'] != '' ) {
$method = $_GET['Method'];
}
if ( isset( $_GET['MessageID'] ) && $_GET['MessageID'] != '' ) {
$message_id = $_GET['MessageID'];
} else {
$message_id = $_GET['MessageID'] = md5( uniqid() ); //Random message_id
}
Debug::text( 'Handling JSON Call To API Factory: ' . $class_name . ' Method: ' . $method . ' Message ID: ' . $message_id, __FILE__, __LINE__, __METHOD__, 10 );
//URL: api.php?SessionID=fc914bf32711bff031a6c80295bbff86&Class=APIPayStub&Method=getPayStub
/*
RAW POST: data[filter_data][id][0]=101561&paging=TRUE&format=pdf
JSON (URL encoded): %7B%22data%22%3A%7B%22filter_data%22%3A%7B%22id%22%3A%5B101561%5D%7D%7D%2C%22paging%22%3Atrue%2C%22format%22%3A%22pdf%22%7D
FULL URL: SessionID=fc914bf32711bff031a6c80295bbff86&Class=APIPayStub&Method=test&json={"data":{"filter_data":{"id":[101561]}},"paging":true,"format":"pdf"}
*/
/*
$_POST = array( 'data' => array('filter_data' => array('id' => array(101561) ) ),
'paging' => TRUE,
'format' => 'pdf',
);
*/
//Debug::Arr(file_get_contents('php://input'), 'POST: ', __FILE__, __LINE__, __METHOD__, 10);
//Debug::Arr($_POST, 'POST: ', __FILE__, __LINE__, __METHOD__, 10);
$api_auth = TTNew( 'APIAuthentication' ); /** @var APIAuthentication $api_auth */ //Used to handle error cases and display error messages.
$argument_size = strlen( $HTTP_RAW_POST_DATA ); //Just strlen this variable rather than serialize all the data as it should be much faster.
if ( isset($_SERVER['CONTENT_LENGTH']) && $_SERVER['CONTENT_LENGTH'] > 0 ) {
if ( (int)$_SERVER['CONTENT_LENGTH'] != $argument_size ) {
Debug::Text( 'WARNING: Content Length header: '. $_SERVER['CONTENT_LENGTH'] .' does not match actual content length: ' . $argument_size .'. Request from client is possibly corrupt or cutoff.', __FILE__, __LINE__, __METHOD__, 10 );
//TODO: Possibly return an error message to the user to retry?
}
}
$arguments = $_POST;
if ( isset($_POST['json']) || isset($_GET['json']) ) {
if ( isset( $_GET['json'] ) && $_GET['json'] != '' ) {
$arguments = json_decode( $_GET['json'], true );
} else if ( isset( $_POST['json'] ) && $_POST['json'] != '' ) {
$arguments = json_decode( $_POST['json'], true );
}
//Test to see if json_decode() failed for some reason, this should help determine if the argument data is somehow corrupt.
if ( $argument_size > 5 && $arguments === null && getJSONError() != '' ) {
Debug::Text( 'JSON Error: ' . getJSONError(), __FILE__, __LINE__, __METHOD__, 10 );
Debug::Arr( $HTTP_RAW_POST_DATA, 'Raw POST Request: ', __FILE__, __LINE__, __METHOD__, 0 );
Debug::Arr( urldecode( $HTTP_RAW_POST_DATA ), 'URL Decoded Raw POST Request: ', __FILE__, __LINE__, __METHOD__, 0 );
}
} elseif ( $HTTP_RAW_POST_DATA != '' ) {
$arguments = json_decode( $HTTP_RAW_POST_DATA, true );
if ( $arguments !== null && getJSONError() == '' ) {
echo json_encode( $api_auth->returnHandler( false, 'EXCEPTION', TTi18n::getText( 'ERROR: JSON payload must be sent within the \'json\' POST variable. ie: json=<JSON DATA>' ) ) );
} else {
echo json_encode( $api_auth->returnHandler( false, 'EXCEPTION', TTi18n::getText( 'ERROR: No JSON POST variable payload received. Payload must be sent within the \'json\' POST variable. ie: json=<JSON DATA>' ) ) );
}
Debug::Arr( urldecode( $HTTP_RAW_POST_DATA ), 'URL Decoded Raw POST Request: ', __FILE__, __LINE__, __METHOD__, 0 );
//Debug::writeToLog(); //Handled in TTShutdown now.
exit;
}
if ( PRODUCTION == true && $argument_size > ( 1024 * 12 ) ) {
Debug::Text( 'Arguments too large to display... Size: ' . $argument_size, __FILE__, __LINE__, __METHOD__, 10 );
} else {
if ( in_array( strtolower( $method ), [ 'login', 'changepassword', 'registerapikey', 'senderrorreport' ] ) && isset( $arguments[0] ) ) { //Make sure passwords arent displayed if logging is enabled.
Debug::Arr( $arguments[0], '*Censored* Arguments: (Size: ' . $argument_size . ')', __FILE__, __LINE__, __METHOD__, 10 );
} else {
Debug::Arr( $arguments, 'Arguments: (Size: ' . $argument_size . ')', __FILE__, __LINE__, __METHOD__, 10 );
}
}
unset( $argument_size );
$authentication = new Authentication();
if ( isUnauthenticatedMethod( $method ) == true || $authentication->checkValidCSRFToken() == true ) { //Help prevent CSRF attacks with this, run this check during and before the user is logged in. However, when calling isLoggedIn() after being idle, if the CSRF/SessionID cookies are deleted, it will trigger a CSRF error before logging the user out. So we want to ignore CSRF checks for these functions.
$session_id = getSessionID();
if ( ( isset( $config_vars['other']['installer_enabled'] ) && $config_vars['other']['installer_enabled'] == false ) && ( !isset( $config_vars['other']['down_for_maintenance'] ) || isset( $config_vars['other']['down_for_maintenance'] ) && $config_vars['other']['down_for_maintenance'] == '' ) && $session_id != '' && !isset( $_GET['disable_db'] ) && isUnauthenticatedMethod( $method ) == false ) { //When interface calls PING() on a regular basis we need to skip this check and pass it to APIAuthentication immediately to avoid updating the session time.
Debug::text( 'Session ID: ' . $session_id . ' Source IP: ' . Misc::getRemoteIPAddress(), __FILE__, __LINE__, __METHOD__, 10 );
if ( $authentication->isSessionIDAPIKey( $session_id ) == true ) {
$authentication_type_id = 700; //API Key
} else if ( Misc::isMobileAppUserAgent() == true && Misc::getMobileAppClientVersion() != '' && version_compare( Misc::getMobileAppClientVersion(), '5.0.0', '<' ) ) { //As of Mobile App v5.0 it no longer uses Quick Punch ID/Password.
$authentication_type_id = 605; //Phone ID - Mobile App
} else {
$authentication_type_id = [ 800, 810 ]; //USER_NAME, USER_NAME_MULTI_FACTOR
}
if ( $class_name != 'APIProgressBar' && $authentication->Check( $session_id, $authentication_type_id ) === true ) { //Always treat APIProgressBar as unauthenticated as an optimization to avoid causing uncessary SQL queries.
authenticatedInvokeService( $class_name, $method, $arguments, $message_id, $authentication, $api_auth );
} else {
Debug::text( 'SessionID set but user not authenticated!', __FILE__, __LINE__, __METHOD__, 10 );
//echo json_encode( $api_auth->returnHandler( FALSE, 'SESSION', TTi18n::getText('User is not authenticated.' ) ) );
//Rather than fail with session error, switch over to using unauthenticated calls, which if its calling to authenticated method will cause a SESSION error at that time.
unauthenticatedInvokeService( $class_name, $method, $arguments, $message_id, $api_auth );
}
} else {
Debug::text( 'No SessionID or calling non-authenticated function...', __FILE__, __LINE__, __METHOD__, 10 );
unauthenticatedInvokeService( $class_name, $method, $arguments, $message_id, $api_auth );
}
} else {
echo json_encode( $api_auth->returnHandler( false, 'EXCEPTION_CSRF', TTi18n::getText( 'Invalid CSRF token, please refresh your browser and try again!' ) ) ); //Could potentially use a SESSION error so the front-end logs the user out so they can login again with a fresh CSRF token.
}
?>

507
api/json/api_client_example.php Normal file
View File

@ -0,0 +1,507 @@
<?php
require_once( '../../classes/modules/api/client/TimeTrexClientAPI.class.php' );
/*
Global variables
*/
$TIMETREX_URL = 'https://demo.timetrex.com/next-release/api/json/api.php';
$TIMETREX_API_KEY = ''; //API SESSION KEY to use for all API requests, obtained immediately below.
if ( !isset( $TIMETREX_API_KEY ) || $TIMETREX_API_KEY == '' ) {
//Register a API key for use with all subsequent API calls.
$api_session = new TimeTrexClientAPI();
$TIMETREX_API_KEY = $api_session->registerAPIKey( 'demoadmin1', 'demo' );
if ( $TIMETREX_API_KEY == false ) {
echo "Login Failed, please check username/password or URL to ensure it is correct!<br>\nIf multifactor authentication is enabled, login to TimeTrex and go to Profile -> Security / Passwords, More (...) -> Register API Key.<br>\n";
exit;
} else {
echo "Permanent API KEY SESSION registered, you may now define this in your code for all subsequent API calls:<br>\n";
echo "\$TIMETREX_API_KEY = '" . $TIMETREX_API_KEY . "'<br>\n";
exit;
}
}
//
//Get data for two employees by user_name or primary key/ID.
// - Many other filter methods can be used, such as branch, department, province, state, etc...
//
$user_obj = new TimeTrexClientAPI( 'User' );
//$user_obj->setIdempotentKey( $user_obj->generateUUID() ); //Enable idempotent API call with a random UUID. Pass in FALSE to turn idempotency off.
$result = $user_obj->getUser(
[
'filter_data' => [
//'id' => [ '11e817cb-7dcc-7130-b939-5431e6810149','11e817cb-8385-8e50-97f3-5431e6810149' ],
'user_name' => 'john.doe1',
],
]
);
$user_data = $result->getResult();
print $result;
/* //Example returned data:
array(2) {
[0]=>
array(98) {
["id"]=>
string(36) "11e7fa4c-f3fd-2d90-b320-21ea65522ba3"
["company_id"]=>
string(36) "11e7fa4c-e7b5-37d0-87c6-21ea65522ba3"
["company"]=>
string(15) "ABC Company (1)"
["legal_entity_id"]=>
string(36) "11e7fa4c-e825-8050-8e4a-21ea65522ba3"
["legal_name"]=>
string(18) "ACME USA East Inc."
["status_id"]=>
string(2) "10"
["status"]=>
string(6) "Active"
["group_id"]=>
string(36) "11e7fa4c-e980-6090-adff-21ea65522ba3"
["user_group"]=>
string(9) "Corporate"
["ethnic_group_id"]=>
string(36) "11e7fa4c-e9a8-2880-9b0d-21ea65522ba3"
["ethnic_group"]=>
string(5) "White"
["user_name"]=>
string(14) "tristen.braun1"
["phone_id"]=>
string(0) ""
["employee_number"]=>
int(13)
["title_id"]=>
string(36) "11e7fa4c-e98e-4fb0-8cc1-21ea65522ba3"
["title"]=>
string(9) "Carpenter"
["default_branch_id"]=>
string(36) "11e7fa4c-e857-84b0-9ebc-21ea65522ba3"
["default_branch"]=>
string(8) "New York"
["default_branch_manual_id"]=>
string(1) "1"
["default_department_id"]=>
string(36) "11e7fa4c-e870-7660-b2a1-21ea65522ba3"
["default_department"]=>
string(12) "Construction"
["default_department_manual_id"]=>
string(1) "2"
["default_job_id"]=>
string(36) "00000000-0000-0000-0000-000000000000"
["default_job"]=>
bool(false)
["default_job_manual_id"]=>
bool(false)
["default_job_item_id"]=>
string(36) "00000000-0000-0000-0000-000000000000"
["default_job_item"]=>
bool(false)
["default_job_item_manual_id"]=>
bool(false)
["permission_control_id"]=>
string(36) "11e7fa4c-e7bb-a9b0-a40e-21ea65522ba3"
["permission_control"]=>
string(31) "Regular Employee (Punch In/Out)"
["pay_period_schedule_id"]=>
string(36) "11e7fa4d-0208-8360-a212-21ea65522ba3"
["pay_period_schedule"]=>
string(9) "Bi-Weekly"
["policy_group_id"]=>
string(36) "11e7fa4d-025e-93e0-bc8b-21ea65522ba3"
["policy_group"]=>
string(7) "Default"
["first_name"]=>
string(7) "Tristen"
["first_name_metaphone"]=>
string(5) "TRSTN"
["middle_name"]=>
bool(false)
["last_name"]=>
string(6) "BraunD"
["last_name_metaphone"]=>
string(4) "BRNT"
["full_name"]=>
string(15) "BraunD, Tristen"
["second_last_name"]=>
bool(false)
["sex_id"]=>
string(2) "20"
["sex"]=>
string(6) "Female"
["address1"]=>
string(13) "9289 Ethel St"
["address2"]=>
string(9) "Unit #560"
["city"]=>
string(8) "New York"
["country"]=>
string(2) "US"
["province"]=>
string(2) "NY"
["postal_code"]=>
string(5) "00521"
["work_phone"]=>
string(12) "417-268-2473"
["work_phone_ext"]=>
string(3) "204"
["home_phone"]=>
string(12) "567-570-8135"
["mobile_phone"]=>
bool(false)
["fax_phone"]=>
bool(false)
["home_email"]=>
bool(false)
["home_email_is_valid"]=>
bool(true)
["home_email_is_valid_key"]=>
bool(false)
["home_email_is_valid_date"]=>
bool(false)
["feedback_rating"]=>
bool(false)
["work_email"]=>
string(30) "tristen.braun1@abc-company.com"
["work_email_is_valid"]=>
bool(true)
["work_email_is_valid_key"]=>
bool(false)
["work_email_is_valid_date"]=>
bool(false)
["birth_date"]=>
string(9) "01-Jun-88"
["birth_date_age"]=>
int(29)
["hire_date"]=>
string(9) "26-May-13"
["hire_date_age"]=>
string(4) "4.74"
["termination_date"]=>
NULL
["currency_id"]=>
string(36) "11e7fa4c-e80b-8110-97b4-21ea65522ba3"
["currency"]=>
string(9) "US Dollar"
["currency_rate"]=>
string(12) "1.0000000000"
["sin"]=>
string(9) "401240815"
["note"]=>
bool(false)
["longitude"]=>
bool(false)
["latitude"]=>
bool(false)
["tag"]=>
string(0) ""
["last_login_date"]=>
NULL
["max_punch_time_stamp"]=>
NULL
["deleted"]=>
bool(false)
["is_owner"]=>
bool(false)
["is_child"]=>
bool(true)
["created_by_id"]=>
string(36) "11e7fa4c-e9e5-4bb0-90f9-21ea65522ba3"
["created_by"]=>
string(18) "Mr. AdministratorC"
["created_date"]=>
string(17) "15-Jan-18 3:36 PM"
["updated_by_id"]=>
string(36) "11e7fa4c-e9e5-4bb0-90f9-21ea65522ba3"
["updated_by"]=>
string(18) "Mr. AdministratorC"
["updated_date"]=>
string(17) "15-Feb-18 3:04 PM"
}
[1]=>
array(98) {
["id"]=>
string(36) "11e7fa4c-f8c2-f040-8ad8-21ea65522ba3"
["company_id"]=>
string(36) "11e7fa4c-e7b5-37d0-87c6-21ea65522ba3"
["company"]=>
string(15) "ABC Company (1)"
["legal_entity_id"]=>
string(36) "11e7fa4c-e833-0860-9978-21ea65522ba3"
["legal_name"]=>
string(18) "ACME USA West Inc."
["status_id"]=>
string(2) "10"
["status"]=>
string(6) "Active"
["group_id"]=>
string(36) "11e7fa4c-e985-7df0-85ed-21ea65522ba3"
["user_group"]=>
string(15) "Human Resources"
["ethnic_group_id"]=>
string(36) "11e7fa4c-e9b2-5420-8bd5-21ea65522ba3"
["ethnic_group"]=>
string(6) "Indian"
["user_name"]=>
string(9) "jane.doe1"
["phone_id"]=>
string(5) "12341"
["employee_number"]=>
int(20)
["title_id"]=>
string(36) "11e7fa4c-e993-9320-8ba8-21ea65522ba3"
["title"]=>
string(15) "General Laborer"
["default_branch_id"]=>
string(36) "11e7fa4c-e85c-3ba0-b7aa-21ea65522ba3"
["default_branch"]=>
string(7) "Seattle"
["default_branch_manual_id"]=>
string(1) "2"
["default_department_id"]=>
string(36) "11e7fa4c-e870-7660-b2a1-21ea65522ba3"
["default_department"]=>
string(12) "Construction"
["default_department_manual_id"]=>
string(1) "2"
["default_job_id"]=>
string(36) "00000000-0000-0000-0000-000000000000"
["default_job"]=>
bool(false)
["default_job_manual_id"]=>
bool(false)
["default_job_item_id"]=>
string(36) "00000000-0000-0000-0000-000000000000"
["default_job_item"]=>
bool(false)
["default_job_item_manual_id"]=>
bool(false)
["permission_control_id"]=>
string(36) "11e7fa4c-e7bb-a9b0-a40e-21ea65522ba3"
["permission_control"]=>
string(31) "Regular Employee (Punch In/Out)"
["pay_period_schedule_id"]=>
string(36) "11e7fa4d-0208-8360-a212-21ea65522ba3"
["pay_period_schedule"]=>
string(9) "Bi-Weekly"
["policy_group_id"]=>
string(36) "11e7fa4d-025e-93e0-bc8b-21ea65522ba3"
["policy_group"]=>
string(7) "Default"
["first_name"]=>
string(4) "Jane"
["first_name_metaphone"]=>
string(2) "JN"
["middle_name"]=>
bool(false)
["last_name"]=>
string(3) "Doe"
["last_name_metaphone"]=>
string(1) "T"
["full_name"]=>
string(9) "Doe, Jane"
["second_last_name"]=>
bool(false)
["sex_id"]=>
string(2) "20"
["sex"]=>
string(6) "Female"
["address1"]=>
string(15) "4936 Ontario St"
["address2"]=>
string(9) "Unit #993"
["city"]=>
string(7) "Seattle"
["country"]=>
string(2) "US"
["province"]=>
string(2) "WA"
["postal_code"]=>
string(5) "98867"
["work_phone"]=>
string(12) "558-301-1737"
["work_phone_ext"]=>
string(3) "308"
["home_phone"]=>
string(12) "464-312-4450"
["mobile_phone"]=>
bool(false)
["fax_phone"]=>
bool(false)
["home_email"]=>
bool(false)
["home_email_is_valid"]=>
bool(true)
["home_email_is_valid_key"]=>
bool(false)
["home_email_is_valid_date"]=>
bool(false)
["feedback_rating"]=>
bool(false)
["work_email"]=>
string(25) "jane.doe1@abc-company.com"
["work_email_is_valid"]=>
bool(true)
["work_email_is_valid_key"]=>
bool(false)
["work_email_is_valid_date"]=>
bool(false)
["birth_date"]=>
string(9) "24-Dec-70"
["birth_date_age"]=>
int(47)
["hire_date"]=>
string(9) "15-Sep-09"
["hire_date_age"]=>
string(4) "8.44"
["termination_date"]=>
NULL
["currency_id"]=>
string(36) "11e7fa4c-e813-c120-9c2c-21ea65522ba3"
["currency"]=>
string(15) "Canadian Dollar"
["currency_rate"]=>
string(12) "1.2000000000"
["sin"]=>
string(9) "695238280"
["other_id1"]=>
bool(false)
["other_id2"]=>
bool(false)
["other_id3"]=>
bool(false)
["other_id4"]=>
bool(false)
["other_id5"]=>
bool(false)
["note"]=>
bool(false)
["longitude"]=>
bool(false)
["latitude"]=>
bool(false)
["tag"]=>
string(5) "check"
["last_login_date"]=>
NULL
["max_punch_time_stamp"]=>
NULL
["deleted"]=>
bool(false)
["is_owner"]=>
bool(false)
["is_child"]=>
bool(true)
["created_by_id"]=>
string(36) "11e7fa4c-e9e5-4bb0-90f9-21ea65522ba3"
["created_by"]=>
string(18) "Mr. AdministratorC"
["created_date"]=>
string(17) "15-Jan-18 3:36 PM"
["updated_by_id"]=>
string(36) "11e7fa4c-e9e5-4bb0-90f9-21ea65522ba3"
["updated_by"]=>
string(18) "Mr. AdministratorC"
["updated_date"]=>
string(17) "15-Feb-18 3:04 PM"
}
}
*/
//
//Update data for the second employee, mark their status as Terminated and update Termination Date
//
if ( isset( $user_data[1] ) ) {
$user_data[1]['status_id'] = 20; //Terminated
$user_data[1]['termination_date'] = '02-Jan-18';
$result = $user_obj->setUser( $user_data[1] );
if ( $result->isValid() === true ) {
echo "Employee data saved successfully.<br>\n";
} else {
echo "Employee save failed.<br>\n";
print $result; //Show error messages
}
}
//
//Update employee record in a single operation. Several records can be updated in a single operation as well.
//
$user_data = [
'id' => $user_data[1]['id'], //UUID: 11e7fa4c-f8c2-f040-8ad8-21ea65522ba3
'termination_date' => '02-Jan-18',
];
$result = $user_obj->setUser( $user_data );
if ( $result->isValid() === true ) {
echo "Employee data saved successfully.<br>\n";
} else {
echo "Employee save failed.<br>\n";
print $result; //Show error messages
}
//
//Get new hire defaults so we pull data from that rather than have to manually specify it each time.
//
$new_hire_defaults_obj = new TimeTrexClientAPI( 'UserDefault' );
$new_hire_defaults = $new_hire_defaults_obj->getUserDefault()->getResult()[0];
//
//Add new employee, several new employees can be added in a single operation as well.
//
$user_data = [
'status_id' => 10, //Active
'first_name' => 'Michael',
'last_name' => 'Jackson',
'employee_number' => rand( 10000, 99999 ),
'user_name' => 'mjackson_' . rand( 10000, 99999 ),
'password' => 'whiteglove123',
'hire_date' => '01-Oct-09',
'currency_id' => $new_hire_defaults['currency_id'],
];
$result = $user_obj->setUser( $user_data );
if ( $result->isValid() === true ) {
echo "Employee added successfully.<br>\n";
$insert_id = $result->getResult(); //Get employees new ID on success.
} else {
echo "Employee save failed.<br>\n";
print $result; //Show error messages
}
//
//Add punch for employee
//
$punch_obj = new TimeTrexClientAPI( 'Punch' );
$punch_data = [
'user_id' => $insert_id, //ID from above newly added employee
'type_id' => 10, //Normal
'status_id' => 20, //In
'time_stamp' => strtotime( '19-Aug-2013 5:50PM' ),
'branch_id' => $new_hire_defaults['default_branch_id'], //Branch
'department_id' => $new_hire_defaults['default_department_id'], //Department
];
$result = $punch_obj->setPunch( $punch_data );
if ( $result->isValid() === true ) {
echo "Punch added successfully.<br>\n";
$insert_id = $result->getResult(); //Get employees new ID on success.
} else {
echo "Punch save failed.<br>\n";
print $result; //Show error messages
}
//
//Get TimeSheet Summary report data in raw PHP native array format. 'csv' and 'pdf' are also valid formats.
//
$report_obj = new TimeTrexClientAPI( 'TimesheetSummaryReport' );
$config = $report_obj->getTemplate( 'by_employee+all_time' )->getResult();
$result = $report_obj->getTimesheetSummaryReport( $config, 'raw' )->getResult();
echo "Report Data: <br>\n";
var_dump( $result );
?>

594
api/json/api_client_example_stand_alone.php Normal file
View File

@ -0,0 +1,594 @@
<?php
/*
Global variables
*/
$TIMETREX_URL = 'https://demo.timetrex.com/next-release/api/json/api.php';
$TIMETREX_API_KEY = ''; //API SESSION KEY to use for all API requests, obtained immediately below.
//Build URL given a Class and Method to call.
//Format is: http://demo.timetrex.com/api/json/api.php?Class=<CLASS>&Method=<METHOD>&SessionID=<SessionID>
function buildURL( $class, $method ) {
global $TIMETREX_URL;
$url = $TIMETREX_URL . '?Class=' . $class . '&Method=' . $method;
return $url;
}
//Handle complex result.
function handleResult( $result, $raw = false ) {
if ( is_array( $result ) && isset( $result['api_retval'] ) ) {
if ( $raw === true ) {
return $result;
} else {
if ( $result['api_retval'] === false ) {
//Display any error messages that might be returned.
$output[] = ' Returned:';
$output[] = ( $result['api_retval'] === true ) ? ' IsValid: YES' : ' IsValid: NO';
if ( $result['api_retval'] === true ) {
$output[] = ' Return Value: ' . $result['api_retval'];
} else {
$output[] = ' Code: ' . $result['api_details']['code'];
$output[] = ' Description: ' . $result['api_details']['description'];
$output[] = ' Details: ';
$details = $result['api_details']['details'];
if ( is_array( $details ) ) {
foreach ( $details as $row => $detail ) {
$output[] = ' Row: ' . $row;
foreach ( $detail as $field => $msgs ) {
$output[] = ' --Field: ' . $field;
foreach ( $msgs as $key => $msg ) {
$output[] = ' ----Message: ' . $msg;
}
}
}
}
}
$output[] = '==============================================================';
$output[] = '';
echo implode( "\n", $output );
}
return $result['api_retval'];
}
}
return $result;
}
//Post data (array of arguments) to URL
function postToURL( $url, $data = null, $raw_result = false ) {
$curl_connection = curl_init();
curl_setopt( $curl_connection, CURLOPT_URL, $url );
curl_setopt( $curl_connection, CURLOPT_REFERER, $url ); //**IMPORTANT: Referer should always be sent to avoid requests being rejected due to CSRF security checks.
curl_setopt( $curl_connection, CURLOPT_CONNECTTIMEOUT, 600 );
curl_setopt( $curl_connection, CURLOPT_RETURNTRANSFER, true );
curl_setopt( $curl_connection, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt( $curl_connection, CURLOPT_FOLLOWLOCATION, 1 );
global $TIMETREX_API_KEY;
curl_setopt( $curl_connection, CURLOPT_HTTPHEADER, [ 'Cookie: SessionID='. $TIMETREX_API_KEY ] ); //Send API Key as a cookie.
//When sending JSON data to POST, it must be sent as: json=<JSON DATA>
//<JSON DATA> should be an associative array with the first level being the number of arguments, where each argument can be of mixed type. ie:
// array(
// 0 => <ARG1>,
// 1 => <ARG2>,
// 2 => <ARG3>,
// ...
// )
echo "==============================================================\n";
echo "Posting data to URL: " . $url . "\n";
if ( $data !== null ) {
$post_data = 'json=' . urlencode( json_encode( $data ) );
curl_setopt( $curl_connection, CURLOPT_POSTFIELDS, $post_data );
echo " POST Data: " . $post_data . "\n";
}
echo "--------------------------------------------------------------\n";
$result = curl_exec( $curl_connection );
curl_close( $curl_connection );
return handleResult( json_decode( $result, true ), $raw_result );
}
if ( !isset( $TIMETREX_API_KEY ) || $TIMETREX_API_KEY == '' ) {
//IMPORTANT: When passing separate arguments to a function the order must be correctly maintained.
// So when passing named key => value pairs always ensure that the order is preserved when the data is JSON encoded.
$arguments = [ 'user_name' => 'demoadmin1', 'password' => 'demo' ];
// Alternatively you can send integer key => value pairs, similar to the below which may help to ensure order is maintained.
//$arguments = [ $TIMETREX_USERNAME, $TIMETREX_PASSWORD ]; //Or
//$arguments = [ 0 => $TIMETREX_USERNAME, 1 => $TIMETREX_PASSWORD ];
$TIMETREX_API_KEY = postToURL( buildURL( 'APIAuthentication', 'registerAPIKey' ), $arguments );
if ( $TIMETREX_API_KEY == false ) {
echo "Login Failed, please check username/password or URL to ensure it is correct!<br>\nIf multifactor authentication is enabled, login to TimeTrex and go to Profile -> Security / Passwords, More (...) -> Register API Key.<br>\n";
exit;
} else {
echo "Permanent API KEY SESSION registered, you may now define this in your code for all subsequent API calls:<br>\n";
echo "\$TIMETREX_API_KEY = '" . $TIMETREX_API_KEY . "'<br>\n";
exit;
}
}
//
//Get data for two employees by user_name or primary key/ID.
// - Many other filter methods can be used, such as branch, department, province, state, etc...
//
$arguments = [
'filter_data' => [
//'id' => array('11e817cb-7dcc-7130-b939-5431e6810149','11e817cb-8385-8e50-97f3-5431e6810149')
'user_name' => 'john.doe1',
],
];
$user_data = postToURL( buildURL( 'APIUser', 'getUser' ), [ $arguments ] );
//var_dump( $user_data );
/* //Example returned data:
array(2) {
[0]=>
array(98) {
["id"]=>
string(36) "11e7fa4c-f3fd-2d90-b320-21ea65522ba3"
["company_id"]=>
string(36) "11e7fa4c-e7b5-37d0-87c6-21ea65522ba3"
["company"]=>
string(15) "ABC Company (1)"
["legal_entity_id"]=>
string(36) "11e7fa4c-e825-8050-8e4a-21ea65522ba3"
["legal_name"]=>
string(18) "ACME USA East Inc."
["status_id"]=>
string(2) "10"
["status"]=>
string(6) "Active"
["group_id"]=>
string(36) "11e7fa4c-e980-6090-adff-21ea65522ba3"
["user_group"]=>
string(9) "Corporate"
["ethnic_group_id"]=>
string(36) "11e7fa4c-e9a8-2880-9b0d-21ea65522ba3"
["ethnic_group"]=>
string(5) "White"
["user_name"]=>
string(14) "tristen.braun1"
["phone_id"]=>
string(0) ""
["employee_number"]=>
int(13)
["title_id"]=>
string(36) "11e7fa4c-e98e-4fb0-8cc1-21ea65522ba3"
["title"]=>
string(9) "Carpenter"
["default_branch_id"]=>
string(36) "11e7fa4c-e857-84b0-9ebc-21ea65522ba3"
["default_branch"]=>
string(8) "New York"
["default_branch_manual_id"]=>
string(1) "1"
["default_department_id"]=>
string(36) "11e7fa4c-e870-7660-b2a1-21ea65522ba3"
["default_department"]=>
string(12) "Construction"
["default_department_manual_id"]=>
string(1) "2"
["default_job_id"]=>
string(36) "00000000-0000-0000-0000-000000000000"
["default_job"]=>
bool(false)
["default_job_manual_id"]=>
bool(false)
["default_job_item_id"]=>
string(36) "00000000-0000-0000-0000-000000000000"
["default_job_item"]=>
bool(false)
["default_job_item_manual_id"]=>
bool(false)
["permission_control_id"]=>
string(36) "11e7fa4c-e7bb-a9b0-a40e-21ea65522ba3"
["permission_control"]=>
string(31) "Regular Employee (Punch In/Out)"
["pay_period_schedule_id"]=>
string(36) "11e7fa4d-0208-8360-a212-21ea65522ba3"
["pay_period_schedule"]=>
string(9) "Bi-Weekly"
["policy_group_id"]=>
string(36) "11e7fa4d-025e-93e0-bc8b-21ea65522ba3"
["policy_group"]=>
string(7) "Default"
["first_name"]=>
string(7) "Tristen"
["first_name_metaphone"]=>
string(5) "TRSTN"
["middle_name"]=>
bool(false)
["last_name"]=>
string(6) "BraunD"
["last_name_metaphone"]=>
string(4) "BRNT"
["full_name"]=>
string(15) "BraunD, Tristen"
["second_last_name"]=>
bool(false)
["sex_id"]=>
string(2) "20"
["sex"]=>
string(6) "Female"
["address1"]=>
string(13) "9289 Ethel St"
["address2"]=>
string(9) "Unit #560"
["city"]=>
string(8) "New York"
["country"]=>
string(2) "US"
["province"]=>
string(2) "NY"
["postal_code"]=>
string(5) "00521"
["work_phone"]=>
string(12) "417-268-2473"
["work_phone_ext"]=>
string(3) "204"
["home_phone"]=>
string(12) "567-570-8135"
["mobile_phone"]=>
bool(false)
["fax_phone"]=>
bool(false)
["home_email"]=>
bool(false)
["home_email_is_valid"]=>
bool(true)
["home_email_is_valid_key"]=>
bool(false)
["home_email_is_valid_date"]=>
bool(false)
["feedback_rating"]=>
bool(false)
["work_email"]=>
string(30) "tristen.braun1@abc-company.com"
["work_email_is_valid"]=>
bool(true)
["work_email_is_valid_key"]=>
bool(false)
["work_email_is_valid_date"]=>
bool(false)
["birth_date"]=>
string(9) "01-Jun-88"
["birth_date_age"]=>
int(29)
["hire_date"]=>
string(9) "26-May-13"
["hire_date_age"]=>
string(4) "4.74"
["termination_date"]=>
NULL
["currency_id"]=>
string(36) "11e7fa4c-e80b-8110-97b4-21ea65522ba3"
["currency"]=>
string(9) "US Dollar"
["currency_rate"]=>
string(12) "1.0000000000"
["sin"]=>
string(9) "401240815"
["note"]=>
bool(false)
["longitude"]=>
bool(false)
["latitude"]=>
bool(false)
["tag"]=>
string(0) ""
["last_login_date"]=>
NULL
["max_punch_time_stamp"]=>
NULL
["deleted"]=>
bool(false)
["is_owner"]=>
bool(false)
["is_child"]=>
bool(true)
["created_by_id"]=>
string(36) "11e7fa4c-e9e5-4bb0-90f9-21ea65522ba3"
["created_by"]=>
string(18) "Mr. AdministratorC"
["created_date"]=>
string(17) "15-Jan-18 3:36 PM"
["updated_by_id"]=>
string(36) "11e7fa4c-e9e5-4bb0-90f9-21ea65522ba3"
["updated_by"]=>
string(18) "Mr. AdministratorC"
["updated_date"]=>
string(17) "15-Feb-18 3:04 PM"
}
[1]=>
array(98) {
["id"]=>
string(36) "11e7fa4c-f8c2-f040-8ad8-21ea65522ba3"
["company_id"]=>
string(36) "11e7fa4c-e7b5-37d0-87c6-21ea65522ba3"
["company"]=>
string(15) "ABC Company (1)"
["legal_entity_id"]=>
string(36) "11e7fa4c-e833-0860-9978-21ea65522ba3"
["legal_name"]=>
string(18) "ACME USA West Inc."
["status_id"]=>
string(2) "10"
["status"]=>
string(6) "Active"
["group_id"]=>
string(36) "11e7fa4c-e985-7df0-85ed-21ea65522ba3"
["user_group"]=>
string(15) "Human Resources"
["ethnic_group_id"]=>
string(36) "11e7fa4c-e9b2-5420-8bd5-21ea65522ba3"
["ethnic_group"]=>
string(6) "Indian"
["user_name"]=>
string(9) "jane.doe1"
["phone_id"]=>
string(5) "12341"
["employee_number"]=>
int(20)
["title_id"]=>
string(36) "11e7fa4c-e993-9320-8ba8-21ea65522ba3"
["title"]=>
string(15) "General Laborer"
["default_branch_id"]=>
string(36) "11e7fa4c-e85c-3ba0-b7aa-21ea65522ba3"
["default_branch"]=>
string(7) "Seattle"
["default_branch_manual_id"]=>
string(1) "2"
["default_department_id"]=>
string(36) "11e7fa4c-e870-7660-b2a1-21ea65522ba3"
["default_department"]=>
string(12) "Construction"
["default_department_manual_id"]=>
string(1) "2"
["default_job_id"]=>
string(36) "00000000-0000-0000-0000-000000000000"
["default_job"]=>
bool(false)
["default_job_manual_id"]=>
bool(false)
["default_job_item_id"]=>
string(36) "00000000-0000-0000-0000-000000000000"
["default_job_item"]=>
bool(false)
["default_job_item_manual_id"]=>
bool(false)
["permission_control_id"]=>
string(36) "11e7fa4c-e7bb-a9b0-a40e-21ea65522ba3"
["permission_control"]=>
string(31) "Regular Employee (Punch In/Out)"
["pay_period_schedule_id"]=>
string(36) "11e7fa4d-0208-8360-a212-21ea65522ba3"
["pay_period_schedule"]=>
string(9) "Bi-Weekly"
["policy_group_id"]=>
string(36) "11e7fa4d-025e-93e0-bc8b-21ea65522ba3"
["policy_group"]=>
string(7) "Default"
["first_name"]=>
string(4) "Jane"
["first_name_metaphone"]=>
string(2) "JN"
["middle_name"]=>
bool(false)
["last_name"]=>
string(3) "Doe"
["last_name_metaphone"]=>
string(1) "T"
["full_name"]=>
string(9) "Doe, Jane"
["second_last_name"]=>
bool(false)
["sex_id"]=>
string(2) "20"
["sex"]=>
string(6) "Female"
["address1"]=>
string(15) "4936 Ontario St"
["address2"]=>
string(9) "Unit #993"
["city"]=>
string(7) "Seattle"
["country"]=>
string(2) "US"
["province"]=>
string(2) "WA"
["postal_code"]=>
string(5) "98867"
["work_phone"]=>
string(12) "558-301-1737"
["work_phone_ext"]=>
string(3) "308"
["home_phone"]=>
string(12) "464-312-4450"
["mobile_phone"]=>
bool(false)
["fax_phone"]=>
bool(false)
["home_email"]=>
bool(false)
["home_email_is_valid"]=>
bool(true)
["home_email_is_valid_key"]=>
bool(false)
["home_email_is_valid_date"]=>
bool(false)
["feedback_rating"]=>
bool(false)
["work_email"]=>
string(25) "jane.doe1@abc-company.com"
["work_email_is_valid"]=>
bool(true)
["work_email_is_valid_key"]=>
bool(false)
["work_email_is_valid_date"]=>
bool(false)
["birth_date"]=>
string(9) "24-Dec-70"
["birth_date_age"]=>
int(47)
["hire_date"]=>
string(9) "15-Sep-09"
["hire_date_age"]=>
string(4) "8.44"
["termination_date"]=>
NULL
["currency_id"]=>
string(36) "11e7fa4c-e813-c120-9c2c-21ea65522ba3"
["currency"]=>
string(15) "Canadian Dollar"
["currency_rate"]=>
string(12) "1.2000000000"
["sin"]=>
string(9) "695238280"
["note"]=>
bool(false)
["longitude"]=>
bool(false)
["latitude"]=>
bool(false)
["tag"]=>
string(5) "check"
["last_login_date"]=>
NULL
["max_punch_time_stamp"]=>
NULL
["deleted"]=>
bool(false)
["is_owner"]=>
bool(false)
["is_child"]=>
bool(true)
["created_by_id"]=>
string(36) "11e7fa4c-e9e5-4bb0-90f9-21ea65522ba3"
["created_by"]=>
string(18) "Mr. AdministratorC"
["created_date"]=>
string(17) "15-Jan-18 3:36 PM"
["updated_by_id"]=>
string(36) "11e7fa4c-e9e5-4bb0-90f9-21ea65522ba3"
["updated_by"]=>
string(18) "Mr. AdministratorC"
["updated_date"]=>
string(17) "15-Feb-18 3:04 PM"
}
}
*/
//
//Update data for the second employee, mark their status as Terminated and update Termination Date
//
if ( isset( $user_data[1] ) ) {
$user_data[1]['status_id'] = 20; //Terminated
$user_data[1]['termination_date'] = '02-Jan-18';
$result = postToURL( buildURL( 'APIUser', 'setUser' ), [ $user_data[1] ] );
if ( $result === true ) {
echo "Employee data saved successfully.<br>\n";
} else {
echo "Employee save failed.<br>\n";
print $result; //Show error messages
}
}
//
//Update employee record in a single operation. Several records can be updated in a single operation as well.
//
$user_data = [
'id' => $user_data[1]['id'], //UUID: 11e7fa4c-f8c2-f040-8ad8-21ea65522ba3
'termination_date' => '02-Jan-18',
];
$result = postToURL( buildURL( 'APIUser', 'setUser' ), [ $user_data ] );
if ( $result === true ) {
echo "Employee data saved successfully.<br>\n";
} else {
echo "Employee save failed.<br>\n";
print $result; //Show error messages
}
//
//Get new hire defaults so we pull data from that rather than have to manually specify it each time.
//
$new_hire_defaults = postToURL( buildURL( 'APIUserDefault', 'getUserDefault' ), [] )[0];
//
//Add new employee, several new employees can be added in a single operation as well.
//
$user_data = [
'status_id' => 10, //Active
'first_name' => 'Michael',
'last_name' => 'Jackson',
'employee_number' => rand( 10000, 99999 ),
'user_name' => 'mjackson_' . rand( 10000, 99999 ),
'password' => 'whiteglove123',
'hire_date' => '01-Oct-09',
'currency_id' => $new_hire_defaults['currency_id'],
];
$result = postToURL( buildURL( 'APIUser', 'setUser' ), [ $user_data ] );
if ( $result !== false ) {
echo "Employee added successfully.<br>\n";
$insert_id = $result; //Get employees new ID on success.
} else {
echo "Employee save failed.<br>\n";
print $result; //Show error messages
}
//
//Add new punch for a specific employee
//
$punch_data = [
'user_id' => $insert_id, //ID from above newly added employee
'type_id' => 10, //Normal
'status_id' => 20, //In
'time_stamp' => strtotime( '19-Aug-2013 5:50PM' ),
'branch_id' => $new_hire_defaults['default_branch_id'], //Branch
'department_id' => $new_hire_defaults['default_department_id'], //Department
'job_id' => $new_hire_defaults['default_job_id'], //Job
'job_item_id' => $new_hire_defaults['default_job_item_id'], //Task
];
$result = postToURL( buildURL( 'APIPunch', 'setPunch' ), [ $punch_data ] );
if ( $result !== false ) {
echo "Punch added successfully.<br>\n";
$insert_id = $result; //Get employees new ID on success.
} else {
echo "Punch save failed.<br>\n";
print $result; //Show error messages
}
//
//Get TimeSheet Summary report data in raw PHP native array format. 'csv' and 'pdf' are also valid formats.
//
$config = postToURL( buildURL( 'APITimesheetSummaryReport', 'getTemplate' ), [ 'by_employee+all_time' ] );
$result = postToURL( buildURL( 'APITimesheetSummaryReport', 'getTimesheetSummaryReport' ), [ $config, 'raw' ] );
echo "Report Data: <br>\n";
var_dump( $result );
//Get data for the currently logged in user if needed:
//$current_user_data = postToURL( buildURL( 'APIAuthentication', 'getCurrentUser' ) );
//$current_user_preference = postToURL( buildURL( 'APIAuthentication', 'getCurrentUserPreference' ) );
//$current_company_data = postToURL( buildURL( 'APIAuthentication', 'getCurrentCompany' ) );
?>

164
api/soap/api.php Normal file
View File

@ -0,0 +1,164 @@
<?php
/*********************************************************************************
*
* TimeTrex is a Workforce Management program developed by
* TimeTrex Software Inc. Copyright (C) 2003 - 2021 TimeTrex Software Inc.
*
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU Affero General Public License version 3 as published by
* the Free Software Foundation with the addition of the following permission
* added to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED
* WORK IN WHICH THE COPYRIGHT IS OWNED BY TIMETREX, TIMETREX DISCLAIMS THE
* WARRANTY OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
* details.
*
*
* You should have received a copy of the GNU Affero General Public License along
* with this program; if not, see http://www.gnu.org/licenses or write to the Free
* Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301 USA.
*
*
* You can contact TimeTrex headquarters at Unit 22 - 2475 Dobbin Rd. Suite
* #292 West Kelowna, BC V4T 2E9, Canada or at email address info@timetrex.com.
*
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
*
* In accordance with Section 7(b) of the GNU Affero General Public License
* version 3, these Appropriate Legal Notices must retain the display of the
* "Powered by TimeTrex" logo. If the display of the logo is not reasonably
* feasible for technical reasons, the Appropriate Legal Notices must display
* the words "Powered by TimeTrex".
*
********************************************************************************/
define( 'TIMETREX_SOAP_API', true );
//Add timetrex.ini.php setting to enable/disable the API. Make an entire [API] section.
require_once( '../../includes/global.inc.php' );
require_once( '../../includes/API.inc.php' );
Header( 'Content-Type: application/xml; charset=utf-8' );
//Use this class to intercept the SOAP calls and get the class/method that is being called.
class TTSoapServerHandler {
private $obj = null;
public function __construct( $class_name ) {
$this->obj = TTnew( $class_name );
return true;
}
public function __call( $method, $params ) {
Debug::text( 'TTSoapServerHandler Call: Class: ' . get_class( $this->obj ) . ' Method: ' . $method, __FILE__, __LINE__, __METHOD__, 10 );
if ( isWhiteListedAPICall( $this->obj, $method ) == true ) {
if ( method_exists( $this->obj, $method ) ) {
return call_user_func_array( [ $this->obj, $method ], $params );
} else {
$api_auth = new APIAuthentication();
$validator = TTnew( 'Validator' ); /** @var Validator $validator */
Debug::text( 'Class: ' . get_class( $this->obj ) . ' Method: ' . $method . ' does not exist!', __FILE__, __LINE__, __METHOD__, 10 );
return $api_auth->returnHandler( false, 'EXCEPTION', TTi18n::getText( 'Method: "%1" does not exist.', [ $validator->escapeHTML( $method ) ] ) );
}
} else {
$api_auth = new APIAuthentication();
$validator = TTnew( 'Validator' ); /** @var Validator $validator */
Debug::text( 'Class: ' . get_class( $this->obj ) . ' Method: ' . $method . ' is private!', __FILE__, __LINE__, __METHOD__, 10 );
return $api_auth->returnHandler( false, 'EXCEPTION', TTi18n::getText( 'Method: "%1" is private, unable to call.', [ $validator->escapeHTML( $method ) ] ) );
}
}
}
$class_prefix = 'API';
$class_name = false;
//Class name is case sensitive!
//Get proper class name early, as we need to allow
if ( isset( $_GET['Class'] ) && $_GET['Class'] != '' ) {
$class_name = $_GET['Class'];
//If API wasn't already put on the class, add it manually.
if ( strtolower( substr( $class_name, 0, 3 ) ) != 'api' ) {
$class_name = $class_prefix . $class_name;
}
$class_name = TTgetPluginClassName( $class_name );
} else {
$class_name = TTgetPluginClassName( $class_prefix . 'Authentication' );
}
//$class_factory = ( isset($_GET['Class']) AND $_GET['Class'] != '' ) ? $_GET['Class'] : 'Authentication'; //Default to APIAuthentication class if none is specified.
//$class_name = TTgetPluginClassName( $class_prefix.$class_factory );
$soap_server = new SoapServer( null, [ 'uri' => 'urn:api', 'encoding' => 'UTF-8' ] );
if ( ( isset( $config_vars['other']['installer_enabled'] ) && $config_vars['other']['installer_enabled'] == false ) && ( !isset( $config_vars['other']['down_for_maintenance'] ) || isset( $config_vars['other']['down_for_maintenance'] ) && $config_vars['other']['down_for_maintenance'] == '' ) ) {
$authentication = new Authentication();
$session_id = getSessionID();
if ( isset( $session_id ) && $session_id != '' ) {
Debug::text( 'SOAP Session ID: ' . $session_id . ' Source IP: ' . Misc::getRemoteIPAddress(), __FILE__, __LINE__, __METHOD__, 10 );
if ( $authentication->isSessionIDAPIKey( $session_id ) == true ) {
$authentication_type_id = 700; //API Key
} else {
$authentication_type_id = 800; //USER_NAME
}
if ( $authentication->Check( $session_id, $authentication_type_id ) === true ) {
Debug::text( 'SOAP Class Factory: ' . $class_name, __FILE__, __LINE__, __METHOD__, 10 );
if ( $class_name != '' && class_exists( $class_name ) ) {
$current_user = $authentication->getObject();
if ( is_object( $current_user ) ) {
$current_user_prefs = handleOverridePreferences( $current_user );
$clf = new CompanyListFactory();
$current_company = $clf->getByID( $current_user->getCompany() )->getCurrent();
if ( is_object( $current_company ) ) {
Debug::text( 'Handling SOAP Call To API Factory: ' . $class_name . ' UserName: ' . $current_user->getUserName(), __FILE__, __LINE__, __METHOD__, 10 );
$soap_server->setObject( new TTSoapServerHandler( $class_name ) );
$soap_server->handle();
} else {
Debug::text( 'Failed to get Company Object!', __FILE__, __LINE__, __METHOD__, 10 );
}
} else {
Debug::text( 'Failed to get User Object!', __FILE__, __LINE__, __METHOD__, 10 );
}
} else {
Debug::text( 'Class Factory does not exist!', __FILE__, __LINE__, __METHOD__, 10 );
$soap_server->fault( 9800, 'Class Factory (' . $class_name . ') does not exist!' );
}
} else {
TTi18n::chooseBestLocale(); //Make sure we set the locale as best we can when not logged in
Debug::text( 'User not authenticated! Session likely timed out.', __FILE__, __LINE__, __METHOD__, 10 );
$soap_server->setObject( new TTSoapServerHandler( 'APIAuthentication' ) );
$soap_server->handle(); //PHP appears to exit in this function if there is an error.
}
} else {
TTi18n::chooseBestLocale(); //Make sure we set the locale as best we can when not logged in
Debug::text( 'SOAP UnAuthenticated!', __FILE__, __LINE__, __METHOD__, 10 );
$valid_unauthenticated_classes = getUnauthenticatedAPIClasses();
if ( $class_name != '' && in_array( $class_name, $valid_unauthenticated_classes ) && class_exists( $class_name ) ) {
$soap_server->setObject( new TTSoapServerHandler( $class_name ) );
$soap_server->handle(); //PHP appears to exit in this function if there is an error.
} else {
Debug::text( 'Class: ' . $class_name . ' does not exist! (unauth)', __FILE__, __LINE__, __METHOD__, 10 );
}
}
} else {
Debug::text( 'WARNING: Installer/Down For Maintenance is enabled... Service is disabled!', __FILE__, __LINE__, __METHOD__, 10 );
$soap_server->fault( 9500, APPLICATION_NAME . ' is currently undergoing maintenance. We apologize for any inconvenience this may cause, please try again later.' );
}
?>

508
api/soap/api_client_example.php Normal file
View File

@ -0,0 +1,508 @@
<?php
require_once( '../../classes/modules/api/client/TimeTrexClientAPI.class.php' );
/*
Global variables
*/
$TIMETREX_URL = 'https://demo.timetrex.com/next-release/api/soap/api.php';
$TIMETREX_API_KEY = ''; //API SESSION KEY to use for all API requests, obtained immediately below.
if ( !isset( $TIMETREX_API_KEY ) || $TIMETREX_API_KEY == '' ) {
//Register a API key for use with all subsequent API calls.
$api_session = new TimeTrexClientAPI();
$TIMETREX_API_KEY = $api_session->registerAPIKey( 'demoadmin1', 'demo' );
if ( $TIMETREX_API_KEY == false ) {
echo "Login Failed, please check username/password or URL to ensure it is correct!<br>\nIf multifactor authentication is enabled, login to TimeTrex and go to Profile -> Security / Passwords, More (...) -> Register API Key.<br>\n";
exit;
} else {
echo "Permanent API KEY SESSION registered, you may now define this in your code for all subsequent API calls:<br>\n";
echo "\$TIMETREX_API_KEY = '" . $TIMETREX_API_KEY . "'<br>\n";
exit;
}
}
//
//Get data for two employees by user_name or primary key/ID.
// - Many other filter methods can be used, such as branch, department, province, state, etc...
//
$user_obj = new TimeTrexClientAPI( 'User' );
$result = $user_obj->getUser(
[
'filter_data' => [
//'id' => [ '11e817cb-7dcc-7130-b939-5431e6810149','11e817cb-8385-8e50-97f3-5431e6810149' ],
'user_name' => 'john.doe1',
],
]
);
$user_data = $result->getResult();
print $result;
/* //Example returned data:
array(2) {
[0]=>
array(98) {
["id"]=>
string(36) "11e7fa4c-f3fd-2d90-b320-21ea65522ba3"
["company_id"]=>
string(36) "11e7fa4c-e7b5-37d0-87c6-21ea65522ba3"
["company"]=>
string(15) "ABC Company (1)"
["legal_entity_id"]=>
string(36) "11e7fa4c-e825-8050-8e4a-21ea65522ba3"
["legal_name"]=>
string(18) "ACME USA East Inc."
["status_id"]=>
string(2) "10"
["status"]=>
string(6) "Active"
["group_id"]=>
string(36) "11e7fa4c-e980-6090-adff-21ea65522ba3"
["user_group"]=>
string(9) "Corporate"
["ethnic_group_id"]=>
string(36) "11e7fa4c-e9a8-2880-9b0d-21ea65522ba3"
["ethnic_group"]=>
string(5) "White"
["user_name"]=>
string(14) "tristen.braun1"
["phone_id"]=>
string(0) ""
["employee_number"]=>
int(13)
["title_id"]=>
string(36) "11e7fa4c-e98e-4fb0-8cc1-21ea65522ba3"
["title"]=>
string(9) "Carpenter"
["default_branch_id"]=>
string(36) "11e7fa4c-e857-84b0-9ebc-21ea65522ba3"
["default_branch"]=>
string(8) "New York"
["default_branch_manual_id"]=>
string(1) "1"
["default_department_id"]=>
string(36) "11e7fa4c-e870-7660-b2a1-21ea65522ba3"
["default_department"]=>
string(12) "Construction"
["default_department_manual_id"]=>
string(1) "2"
["default_job_id"]=>
string(36) "00000000-0000-0000-0000-000000000000"
["default_job"]=>
bool(false)
["default_job_manual_id"]=>
bool(false)
["default_job_item_id"]=>
string(36) "00000000-0000-0000-0000-000000000000"
["default_job_item"]=>
bool(false)
["default_job_item_manual_id"]=>
bool(false)
["permission_control_id"]=>
string(36) "11e7fa4c-e7bb-a9b0-a40e-21ea65522ba3"
["permission_control"]=>
string(31) "Regular Employee (Punch In/Out)"
["pay_period_schedule_id"]=>
string(36) "11e7fa4d-0208-8360-a212-21ea65522ba3"
["pay_period_schedule"]=>
string(9) "Bi-Weekly"
["policy_group_id"]=>
string(36) "11e7fa4d-025e-93e0-bc8b-21ea65522ba3"
["policy_group"]=>
string(7) "Default"
["first_name"]=>
string(7) "Tristen"
["first_name_metaphone"]=>
string(5) "TRSTN"
["middle_name"]=>
bool(false)
["last_name"]=>
string(6) "BraunD"
["last_name_metaphone"]=>
string(4) "BRNT"
["full_name"]=>
string(15) "BraunD, Tristen"
["second_last_name"]=>
bool(false)
["sex_id"]=>
string(2) "20"
["sex"]=>
string(6) "Female"
["address1"]=>
string(13) "9289 Ethel St"
["address2"]=>
string(9) "Unit #560"
["city"]=>
string(8) "New York"
["country"]=>
string(2) "US"
["province"]=>
string(2) "NY"
["postal_code"]=>
string(5) "00521"
["work_phone"]=>
string(12) "417-268-2473"
["work_phone_ext"]=>
string(3) "204"
["home_phone"]=>
string(12) "567-570-8135"
["mobile_phone"]=>
bool(false)
["fax_phone"]=>
bool(false)
["home_email"]=>
bool(false)
["home_email_is_valid"]=>
bool(true)
["home_email_is_valid_key"]=>
bool(false)
["home_email_is_valid_date"]=>
bool(false)
["feedback_rating"]=>
bool(false)
["work_email"]=>
string(30) "tristen.braun1@abc-company.com"
["work_email_is_valid"]=>
bool(true)
["work_email_is_valid_key"]=>
bool(false)
["work_email_is_valid_date"]=>
bool(false)
["birth_date"]=>
string(9) "01-Jun-88"
["birth_date_age"]=>
int(29)
["hire_date"]=>
string(9) "26-May-13"
["hire_date_age"]=>
string(4) "4.74"
["termination_date"]=>
NULL
["currency_id"]=>
string(36) "11e7fa4c-e80b-8110-97b4-21ea65522ba3"
["currency"]=>
string(9) "US Dollar"
["currency_rate"]=>
string(12) "1.0000000000"
["sin"]=>
string(9) "401240815"
["note"]=>
bool(false)
["longitude"]=>
bool(false)
["latitude"]=>
bool(false)
["tag"]=>
string(0) ""
["last_login_date"]=>
NULL
["max_punch_time_stamp"]=>
NULL
["deleted"]=>
bool(false)
["is_owner"]=>
bool(false)
["is_child"]=>
bool(true)
["created_by_id"]=>
string(36) "11e7fa4c-e9e5-4bb0-90f9-21ea65522ba3"
["created_by"]=>
string(18) "Mr. AdministratorC"
["created_date"]=>
string(17) "15-Jan-18 3:36 PM"
["updated_by_id"]=>
string(36) "11e7fa4c-e9e5-4bb0-90f9-21ea65522ba3"
["updated_by"]=>
string(18) "Mr. AdministratorC"
["updated_date"]=>
string(17) "15-Feb-18 3:04 PM"
}
[1]=>
array(98) {
["id"]=>
string(36) "11e7fa4c-f8c2-f040-8ad8-21ea65522ba3"
["company_id"]=>
string(36) "11e7fa4c-e7b5-37d0-87c6-21ea65522ba3"
["company"]=>
string(15) "ABC Company (1)"
["legal_entity_id"]=>
string(36) "11e7fa4c-e833-0860-9978-21ea65522ba3"
["legal_name"]=>
string(18) "ACME USA West Inc."
["status_id"]=>
string(2) "10"
["status"]=>
string(6) "Active"
["group_id"]=>
string(36) "11e7fa4c-e985-7df0-85ed-21ea65522ba3"
["user_group"]=>
string(15) "Human Resources"
["ethnic_group_id"]=>
string(36) "11e7fa4c-e9b2-5420-8bd5-21ea65522ba3"
["ethnic_group"]=>
string(6) "Indian"
["user_name"]=>
string(9) "jane.doe1"
["phone_id"]=>
string(5) "12341"
["employee_number"]=>
int(20)
["title_id"]=>
string(36) "11e7fa4c-e993-9320-8ba8-21ea65522ba3"
["title"]=>
string(15) "General Laborer"
["default_branch_id"]=>
string(36) "11e7fa4c-e85c-3ba0-b7aa-21ea65522ba3"
["default_branch"]=>
string(7) "Seattle"
["default_branch_manual_id"]=>
string(1) "2"
["default_department_id"]=>
string(36) "11e7fa4c-e870-7660-b2a1-21ea65522ba3"
["default_department"]=>
string(12) "Construction"
["default_department_manual_id"]=>
string(1) "2"
["default_job_id"]=>
string(36) "00000000-0000-0000-0000-000000000000"
["default_job"]=>
bool(false)
["default_job_manual_id"]=>
bool(false)
["default_job_item_id"]=>
string(36) "00000000-0000-0000-0000-000000000000"
["default_job_item"]=>
bool(false)
["default_job_item_manual_id"]=>
bool(false)
["permission_control_id"]=>
string(36) "11e7fa4c-e7bb-a9b0-a40e-21ea65522ba3"
["permission_control"]=>
string(31) "Regular Employee (Punch In/Out)"
["pay_period_schedule_id"]=>
string(36) "11e7fa4d-0208-8360-a212-21ea65522ba3"
["pay_period_schedule"]=>
string(9) "Bi-Weekly"
["policy_group_id"]=>
string(36) "11e7fa4d-025e-93e0-bc8b-21ea65522ba3"
["policy_group"]=>
string(7) "Default"
["first_name"]=>
string(4) "Jane"
["first_name_metaphone"]=>
string(2) "JN"
["middle_name"]=>
bool(false)
["last_name"]=>
string(3) "Doe"
["last_name_metaphone"]=>
string(1) "T"
["full_name"]=>
string(9) "Doe, Jane"
["second_last_name"]=>
bool(false)
["sex_id"]=>
string(2) "20"
["sex"]=>
string(6) "Female"
["address1"]=>
string(15) "4936 Ontario St"
["address2"]=>
string(9) "Unit #993"
["city"]=>
string(7) "Seattle"
["country"]=>
string(2) "US"
["province"]=>
string(2) "WA"
["postal_code"]=>
string(5) "98867"
["work_phone"]=>
string(12) "558-301-1737"
["work_phone_ext"]=>
string(3) "308"
["home_phone"]=>
string(12) "464-312-4450"
["mobile_phone"]=>
bool(false)
["fax_phone"]=>
bool(false)
["home_email"]=>
bool(false)
["home_email_is_valid"]=>
bool(true)
["home_email_is_valid_key"]=>
bool(false)
["home_email_is_valid_date"]=>
bool(false)
["feedback_rating"]=>
bool(false)
["work_email"]=>
string(25) "jane.doe1@abc-company.com"
["work_email_is_valid"]=>
bool(true)
["work_email_is_valid_key"]=>
bool(false)
["work_email_is_valid_date"]=>
bool(false)
["birth_date"]=>
string(9) "24-Dec-70"
["birth_date_age"]=>
int(47)
["hire_date"]=>
string(9) "15-Sep-09"
["hire_date_age"]=>
string(4) "8.44"
["termination_date"]=>
NULL
["currency_id"]=>
string(36) "11e7fa4c-e813-c120-9c2c-21ea65522ba3"
["currency"]=>
string(15) "Canadian Dollar"
["currency_rate"]=>
string(12) "1.2000000000"
["sin"]=>
string(9) "695238280"
["other_id1"]=>
bool(false)
["other_id2"]=>
bool(false)
["other_id3"]=>
bool(false)
["other_id4"]=>
bool(false)
["other_id5"]=>
bool(false)
["note"]=>
bool(false)
["longitude"]=>
bool(false)
["latitude"]=>
bool(false)
["tag"]=>
string(5) "check"
["last_login_date"]=>
NULL
["max_punch_time_stamp"]=>
NULL
["deleted"]=>
bool(false)
["is_owner"]=>
bool(false)
["is_child"]=>
bool(true)
["created_by_id"]=>
string(36) "11e7fa4c-e9e5-4bb0-90f9-21ea65522ba3"
["created_by"]=>
string(18) "Mr. AdministratorC"
["created_date"]=>
string(17) "15-Jan-18 3:36 PM"
["updated_by_id"]=>
string(36) "11e7fa4c-e9e5-4bb0-90f9-21ea65522ba3"
["updated_by"]=>
string(18) "Mr. AdministratorC"
["updated_date"]=>
string(17) "15-Feb-18 3:04 PM"
}
}
*/
//
//Update data for the second employee, mark their status as Terminated and update Termination Date
//
if ( isset( $user_data[1] ) ) {
$user_data[1]['status_id'] = 20; //Terminated
$user_data[1]['termination_date'] = '02-Jan-18';
$result = $user_obj->setUser( $user_data[1] );
if ( $result->isValid() === true ) {
echo "Employee data saved successfully.<br>\n";
} else {
echo "Employee save failed.<br>\n";
print $result; //Show error messages
}
}
//
//Update employee record in a single operation. Several records can be updated in a single operation as well.
//
$user_data = [
'id' => $user_data[1]['id'], //UUID: 11e7fa4c-f8c2-f040-8ad8-21ea65522ba3
'termination_date' => '02-Jan-18',
];
$result = $user_obj->setUser( $user_data );
if ( $result->isValid() === true ) {
echo "Employee data saved successfully.<br>\n";
} else {
echo "Employee save failed.<br>\n";
print $result; //Show error messages
}
//
//Get new hire defaults so we pull data from that rather than have to manually specify it each time.
//
$new_hire_defaults_obj = new TimeTrexClientAPI( 'UserDefault' );
$new_hire_defaults = $new_hire_defaults_obj->getUserDefault()->getResult()[0];
//
//Add new employee, several new employees can be added in a single operation as well.
//
$user_data = [
'status_id' => 10, //Active
'first_name' => 'Michael',
'last_name' => 'Jackson',
'employee_number' => rand( 10000, 99999 ),
'user_name' => 'mjackson_' . rand( 10000, 99999 ),
'password' => 'whiteglove123',
'hire_date' => '01-Oct-09',
'currency_id' => $new_hire_defaults['currency_id'],
];
$result = $user_obj->setUser( $user_data );
if ( $result->isValid() === true ) {
echo "Employee added successfully.<br>\n";
$insert_id = $result->getResult(); //Get employees new ID on success.
} else {
echo "Employee save failed.<br>\n";
print $result; //Show error messages
}
//
//Add punch for employee
//
$punch_obj = new TimeTrexClientAPI( 'Punch' );
$punch_data = [
'user_id' => $insert_id, //ID from above newly added employee
'type_id' => 10, //Normal
'status_id' => 20, //In
'time_stamp' => strtotime( '19-Aug-2013 5:50PM' ),
'branch_id' => $new_hire_defaults['default_branch_id'], //Branch
'department_id' => $new_hire_defaults['default_department_id'], //Department
'job_id' => $new_hire_defaults['default_job_id'], //Job
'job_item_id' => $new_hire_defaults['default_job_item_id'], //Task
];
$result = $punch_obj->setPunch( $punch_data );
if ( $result->isValid() === true ) {
echo "Punch added successfully.<br>\n";
$insert_id = $result->getResult(); //Get employees new ID on success.
} else {
echo "Punch save failed.<br>\n";
print $result; //Show error messages
}
//
//Get TimeSheet Summary report data in raw PHP native array format. 'csv' and 'pdf' are also valid formats.
//
$report_obj = new TimeTrexClientAPI( 'TimesheetSummaryReport' );
$config = $report_obj->getTemplate( 'by_employee+all_time' )->getResult();
$result = $report_obj->getTimesheetSummaryReport( $config, 'raw' )->getResult();
echo "Report Data: <br>\n";
var_dump( $result );
?>