<?php 
session_start();
require_once '../library/sw-config.php';
require_once '../library/sw-function.php';
require_once '../mod/out/sw-cookies.php';

$ip_login  = $_SERVER['REMOTE_ADDR'];
$time_login = date('Y-m-d H:i:s');
$iB = getBrowser();
$browser = $iB['name'] . '-' . $iB['version'];
$salt = '$%DEf0&TTd#%dSuTyr47542"_-^@#&*!=QxR094{a911}+';
$expired_cookie = time() + 60 * 60 * 24 * 7;

switch (@$_GET['action']) {
    case 'login':
        $error = array();

        if (empty($_POST['email'])) {
            $error[] = 'Email tidak boleh kosong';
        } else {
            $email = filter_var(($_POST['email']), FILTER_VALIDATE_EMAIL);
            if (!$email) {
                $error[] = 'Email tidak valid';
            } else {
                $email = mysqli_real_escape_string($connection, $email);
                $created_cookies = md5($email);
            }
        }

        if (empty($_POST['password'])) {
            $error[] = 'Password tidak boleh kosong';
        } else {
            $password = hash('sha256', $salt . $_POST['password']);
        }

        if (empty($error)) {
            $stmt = $connection->prepare("UPDATE employees SET created_login=?, created_cookies=? WHERE employees_password=? AND employees_email=?");
            $stmt->bind_param('ssss', $time_login, $created_cookies, $password, $email);
            $stmt->execute();

            $stmt = $connection->prepare("SELECT id, employees_email, employees_name, created_cookies,xin_employee_id FROM employees WHERE employees_password=?  AND employees_email=?");
            $stmt->bind_param('ss', $password, $email);
            $stmt->execute();
            
            
            $result_login = $stmt->get_result();

            if ($result_login->num_rows > 0) {
                $row = $result_login->fetch_assoc();
                $COOKIES_MEMBER = epm_encode($row['id']);
                $COOKIES_COOKIES = $row['created_cookies'];

                // Set cookies and check if they are set successfully
                $success_member = setcookie('COOKIES_MEMBER', $COOKIES_MEMBER, $expired_cookie, '/');
                $success_cookies = setcookie('COOKIES_COOKIES', $COOKIES_COOKIES, $expired_cookie, '/');

                if (!$success_member) {
                    echo 'Failed to set cookie COOKIES_MEMBER.<br>';
                }

                if (!$success_cookies) {
                    echo 'Failed to set cookie COOKIES_COOKIES.<br>';
                }

                if ($success_member && $success_cookies) {
                $pesan = '<html lang="id-ID" xml:lang="id-ID"><body>';
                $pesan .= 'Saat ini ' . $row['employees_name'] . ' baru saja login<br>';
                $pesan .= 'Detail Akun:<br>';
                $pesan .= 'Nama: ' . $row['employees_name'] . '<br>';
                $pesan .= 'Email: ' . $row['employees_email'] . '<br>';
                $pesan .= 'Ip: ' . $ip_login . '<br>';
                $pesan .= 'Tgl Login: ' . $time_login . '<br>';
                $pesan .= 'Browser: ' . $browser . '<br><br><br>';
                $pesan .= 'Hormat kami,<br>' . $site_name . '<br>Email otomatis, Mohon tidak membalas email ini';
                $pesan .= '</body></html>';
                $to = $row['employees_email'];
                $subject = $row['employees_name'] . ' Sedang Online';
                $headers = "From: " . $site_name . " <" . $site_email_domain . ">\r\n";
                $headers .= "MIME-Version: 1.0\r\n";
                $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";

                echo 'success';
                
                }
            } else {
                echo 'Email dan password yang Anda masukkan salah!';
            }
        } else {
            echo implode('<br>', $error);
        }
        break;
/* ------------- REGISTRASI ---------------*/
case 'profile-detail':
        $error = array();

        if (empty($_POST['nik'])) {
            $error[] = 'nama tidak boleh kosong';
        } else {
            $nik = mysqli_real_escape_string($connection, $_POST['nik']);
        }

        if (empty($_POST['tgl_lahir'])) {
            $error[] = 'nama tidak boleh kosong';
        } else {
            $tgl_lahir = mysqli_real_escape_string($connection, $_POST['tgl_lahir']);
        }

        if (empty($_POST['rek_bank'])) {
            $error[] = 'rek_bank tidak boleh kosong';
        } else {
            $rek_bank = mysqli_real_escape_string($connection, $_POST['rek_bank']);
        }

        if (empty($_POST['agama'])) {
            $error[] = 'Agama tidak boleh kosong';
        } else {
            $agama = mysqli_real_escape_string($connection, $_POST['agama']);
        }

        if (empty($_POST['gender'])) {
            $error[] = 'Jenis kelamin tidak boleh kosong';
        } else {
            $gender = mysqli_real_escape_string($connection, $_POST['gender']);
        }
        //   if (empty($_POST['nikah'])) {
        //       $error[] = 'Status Pernikahan tidak boleh kosong';
        //     } else {
        //       $nikah= mysqli_real_escape_string($connection, $_POST['nikah']);
        //   }

        if (empty($_POST['alamat_ktp'])) {
            $error[] = 'Alamat KTP tidak boleh kosong';
        } else {
            $alamat_ktp = mysqli_real_escape_string($connection, $_POST['alamat_ktp']);
        }

        if (empty($_POST['nikah'])) {
            $error[] = 'Status Nikah tidak boleh kosong';
        } else {
            $nikah = mysqli_real_escape_string($connection, $_POST['nikah']);
        }


        if (empty($_POST['ptkp'])) {
            $error[] = 'PTKP tidak boleh kosong';
        } else {
            $ptkp = mysqli_real_escape_string($connection, $_POST['ptkp']);
        }

        if (empty($_POST['st_kk'])) {
            $st_kk = '';
        } else {
            $st_kk = mysqli_real_escape_string($connection, $_POST['st_kk']);
        }

        // if (empty($_POST['alamat_dom'])) {
        //    $error[] = 'Alamat domisili tidak boleh kosong';
        //    } else {
        $alamat_dom = mysqli_real_escape_string($connection, $_POST['alamat_dom']);
        // }

        if (empty($error)) {
            $update = "UPDATE employees SET nik = '$nik',tgl_lahir = '$tgl_lahir',agama_id = '$agama',rek_bank = '$rek_bank', gender = '$gender',ptkp = '$ptkp',st_kk = '$st_kk',st_nikah = '$nikah',
    alamat_ktp = '$alamat_ktp',alamat_dom = '$alamat_dom' WHERE id='$row_user[id]'";
            if ($connection->query($update) === false) {
                die($connection->error . __LINE__);
                echo 'Data tidak berhasil disimpan!';
            } else {
                echo 'success';
            }
        } else {
            echo implode('<br>', $error);
        }
        break;


        // ----------- UPDATE PASSWORD -------------------//
    case 'update-password':
        $error = array();
        if (empty($_POST['employees_email'])) {
            $error[] = 'tidak boleh kosong';
        } else {
            $employees_email = mysqli_real_escape_string($connection, $_POST['employees_email']);
        }

        if (empty($_POST['employees_password'])) {
            $error[] = 'tidak boleh kosong';
        } else {
            $employees_password = mysqli_real_escape_string($connection, $_POST['employees_password']);
            $password_baru = mysqli_real_escape_string($connection, hash('sha256', $salt . $employees_password));
        }

        if (empty($error)) {
            $pesan = '<html lang="id-ID" xml:lang="id-ID"><body>';
            $pesan .= 'Saat ini [' . $employees_email . '] Sedang mengganti Password baru<br>';
            $pesan .= '<b>Password Baru Anda : ' . $employees_password . '</b><br><br><br>Harap simpan baik-baik akun Anda.<br><br>';
            $pesan .= 'Hormat Kami,<br>' . $site_name . '<br>Email otomatis, Mohon tidak membalas email ini"';
            $pesan .= "</body></html>";
            $to     = $email_siswa;
            $subject = 'Ubah Katasandi Baru';
            $headers = "From: " . $site_name . " <" . $site_email_domain . ">\r\n";
            $headers .= "MIME-Version: 1.0\r\n";
            $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";

            $update = "UPDATE employees SET employees_password='$password_baru' WHERE id='$id'";
            if ($connection->query($update) === false) {
                die($connection->error . __LINE__);
                echo 'Data tidak berhasil disimpan!';
            } else {
                echo 'success';
                mail($to, $subject, $pesan, $headers);
            }
        } else {
            echo 'Bidang inputan tidak boleh ada yang kosong..!';
        }
        break;
case 'registrasi':

$query = mysqli_query($connection, "SELECT max( employees_code) as kodeTerbesar FROM employees");
$data = mysqli_fetch_array($query);
$kode_karyawan = $data['kodeTerbesar'];
$urutan = (int) substr($kode_karyawan, 3, 3);
$urutan++;
$huruf = "OM";
$kode_karyawan = $huruf . sprintf("%03s", $urutan);
$employees_code = ''.$kode_karyawan.'-'.$year.'';

$error = array();

  if (empty($_POST['employees_name'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $employees_name= mysqli_real_escape_string($connection, $_POST['employees_name']);
  }
  if (empty($_POST['employees_nowa'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $employees_nowa= mysqli_real_escape_string($connection, $_POST['employees_nowa']);
  }
  
  if (empty($_POST['nik'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $nik = mysqli_real_escape_string($connection, $_POST['nik']);
  }

  if (empty($_POST['employees_email'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $employees_email= mysqli_real_escape_string($connection, $_POST['employees_email']);
      $created_cookies = md5($employees_email);
  }


  if (empty($_POST['employees_password'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $employees_password= mysqli_real_escape_string($connection,hash('sha256',$salt.$_POST['employees_password']));
      $password_send = mysqli_real_escape_string($connection,$_POST['employees_password']);
  }


  if (empty($_POST['position_id'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $position_id = mysqli_real_escape_string($connection, $_POST['position_id']);
  }

  if (empty($_POST['shift_id'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $shift_id = mysqli_real_escape_string($connection, $_POST['shift_id']);
  }

  if (empty($_POST['building_id'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $building_id = mysqli_real_escape_string($connection, $_POST['building_id']);
  }

  if (empty($error)) {
        if (filter_var($employees_email, FILTER_VALIDATE_EMAIL)) {
          $query="SELECT employees_email from employees where employees_email='$employees_email' OR nik = '$nik'";
          $result= $connection->query($query);
          if($result->num_rows > 0){
              echo'Sepertinya Email "'.$employees_email.'" atau NIK sudah terdaftar!';
          }else {
                $add ="INSERT INTO employees (employees_code,
                          employees_email,
                          nik,
                          employees_password,
                          employees_name,
                          position_id,
                          shift_id,
                          building_id,
                          photo,
                          created_login,
                          employees_nohp,
                          created_cookies) values('$employees_code',
                          '$employees_email',
                          '$nik',
                          '$employees_password',
                          '$employees_name',
                          '$position_id',
                          '$shift_id',
                          '$building_id',
                          '',
                          '$date',
                          '$employees_nowa',
                          '$created_cookies')";
                if($connection->query($add) === false) { 
                    die($connection->error.__LINE__); 
                    echo'Data tidak berhasil disimpan!';
                } else{
                    echo'success';
                }
            }
            
        }else {
             echo'Email yang anda masukkan salah!';
            }
    }else{           
        echo implode('<br>',$error);
    }
break;


/* ------------- FORGOT ---------------*/
case 'forgot':
  $pass="1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ";
  $panjang_pass='8';$len=strlen($pass); 
  $start=$len-$panjang; $xx=rand('0',$start); 
  $yy=str_shuffle($pass);

$error = array();

  if (empty($_POST['employees_email'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $employees_email= mysqli_real_escape_string($connection, $_POST['employees_email']);
  }


  $passwordbaru = substr($yy, $xx, $panjang_pass);
  $employees_password = mysqli_real_escape_string($connection,hash('sha256',$salt.$passwordbaru));

  if (empty($error)) {
    $pesan = '<html lang="id-ID" xml:lang="id-ID"><body>';
    $pesan .= 'Permintaan ganti password akun Anda di '.$site_name.', dengan email '.$employees_email.' telah berhasil.<br>';
    $pesan .= 'Password Anda: <b>'.$passwordbaru.'</b><br><br>Silakan gunakan password diatas untuk login, Anda dapat merubahnya di pengaturan akun.<br><br>';
    $pesan .= 'Hormat kami,<br>'.$site_name.'<br>Email otomatis, Mohon tidak membalas email ini';
    $pesan .= "</body></html>";
    $to     = $employees_email;
    $subject = 'Reset Password Berhasil';
    $headers = "From: " . $site_name." <".$site_email_domain.">\r\n";
    $headers .= "MIME-Version: 1.0\r\n";
    $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";

if (filter_var($employees_email, FILTER_VALIDATE_EMAIL)) {
  $query="SELECT employees_email from employees where employees_email='$employees_email'";
  $result= $connection->query($query) or die($connection->error.__LINE__);
  if($result ->num_rows >0){
    $row = $result->fetch_assoc();

    $update ="UPDATE employees SET employees_password='$employees_password' WHERE employees_email='$row[employees_email]'";
    if($connection->query($update) === false) { 
        die($connection->error.__LINE__); 
        echo'Penyetelan password baru gagal, silahkan nanti coba kembali!';
    } else{
        echo'success';
        mail($to, $subject, $pesan, $headers);
    }}
    else   {
       echo'Untuk Email "'.$email.'" belum terdaftar, silahkan cek kembali!';
    }}

    else {
     echo'Email yang Anda masukkan salah!';
    }}

    else{           
        echo'Bidang inputan masih ada yang kosong..!';
    }
break;

// ------------- Absen -------------*/
case 'present':
//$latitude = $_GET['latitude'];
if (empty($_GET['latitude'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $latitude= mysqli_real_escape_string($connection, $_GET['latitude']);
      
  }

// Memisahkan koordinat menjadi array berdasarkan koma
$koordinat_array = explode(",", $latitude);

// Mengambil nilai lintang (latitude) dan bujur (longitude) dari array
$lintang    = $koordinat_array[0];
$bujur      = $koordinat_array[1];
$lat    = $koordinat_array[0];
$lng    = $koordinat_array[1];

$files = $_FILES["webcam"]["name"];
$lokasi_file = $_FILES['webcam']['tmp_name'];  
$ukuran_file = $_FILES['webcam']['size'];
$extension = getExtension($files);
$extension = strtolower($extension);
if($extension=="jpg" || $extension=="jpeg" ){$src = imagecreatefromjpeg($lokasi_file);}
else if($extension=="png"){$src = imagecreatefrompng($lokasi_file);}
else {$src = imagecreatefromgif($lokasi_file);}
list($width,$height)=getimagesize($lokasi_file);

$width_new  = 400;
$height_new = 300;
$ratio_ori  = $width / $height_new;
$tmp=imagecreatetruecolor($width_new,$height_new);
imagecopyresampled($tmp,$src,0,0,0,0,$width_new,$height_new,$width,$height);
  // Cek User yang sudah login -----------------------------------------------
  // $query_u="SELECT employees.id,employees.xin_employee_id,employees.employees_code,employees.employees_name,employees.shift_id,shift.shift_id,shift.time_in,shift.time_out FROM employees,shift WHERE employees.shift_id=shift.shift_id AND employees.id='$row_user[id]'";
  $query_u="SELECT employees.id,employees.employees_code,employees.employees_name,employees.shift_id,shift.shift_id,shift.time_in,shift.time_out,building.lokasi,employees.spk,position.lokasi as lok,employees.xin_employee_id
            FROM employees,shift,building,position WHERE employees.shift_id=shift.shift_id AND employees.building_id=building.building_id and position.position_id=employees.position_id and employees.id='$row_user[id]'";
  $result_u = $connection->query($query_u);
  
  if($result_u->num_rows > 0){
      $row_u = $result_u->fetch_assoc();
      $lokgedung=$row_u['lokasi'];
      $lok=$row_u['lok'];
      $spk=$row_u['spk'];
      $lgung=explode(",",$lokgedung);
      $latgedung=$lgung[0];
      $lnggedung=$lgung[1];
      $masuk=$row_u['time_in'];
      $keluar=$row_u['time_out'];
      $datang='0';
      
       $jarak="SELECT (6371000 * acos(cos(radians($lat)) * cos(radians($latgedung) ) * cos(radians($lnggedung) -radians($lng)) + sin(radians($lat)) * sin(radians($latgedung)))) AS distance";
       $jarak1=$connection->query($jarak);
       $jarak2=$jarak1->fetch_assoc();
       $radius=$jarak2['distance'];
     
      $datetime = $date.' '.$time;
      // Cek data Absen Berdasarkan tanggal sekarang
      $query  ="SELECT employees_id,time_in FROM presence WHERE employees_id='$row_u[id]' AND presence_date='$date'";
      $result = $connection->query($query);
      $row = $result->fetch_assoc();
      if($result->num_rows > 0){
          
        // Update Absensi Pulang
        $query  ="SELECT time_out,employees_id,clock_in FROM presence JOIN xin_attendance_time WHERE employees_id='$row_u[id]' AND presence_date='$date'";
        $result = $connection->query($query);
        $row = $result->fetch_assoc();
          if($result->num_rows > 0){
            if($time>=$keluar) {
                if($row['time_out']=='00:00:00'){
                    //Update Jam Pulang
            	    $filename =''.seo_title($row_user['employees_name']).'-out-'.$date.'-'.$row_user['id'].'.jpg';
      			    $directory= "../content/present/".$filename;
      			
                    $queryx  ="SELECT clock_in FROM xin_attendance_time WHERE employee_id='$row_u[xin_employee_id]' AND attendance_date='$date'";
                    $resultx = $connection->query($queryx);
                    $rowx = $resultx->fetch_assoc();
            
                    $masuk = $rowx['clock_in'];
                    $pulang = $datetime;
            
                    // Membuat objek DateTime dari clock_in dan clock_out
                    $datetime_in = new DateTime($masuk);
                    $datetime_out = new DateTime($pulang);

                    // Menghitung selisih waktu
                    $interval = $datetime_in->diff($datetime_out);

                    // Mengubah selisih waktu menjadi format H:i (jam dan menit)
                    $total_work_hours = $interval->format('%H:%I');
                
                    $update ="UPDATE presence SET time_out='$time',picture_out='$filename' WHERE employees_id = '$row_u[id]' AND presence_date='$date'";
                  
                    if($connection->query($update) === false) { 
                        die($connection->error.__LINE__); 
                        echo'Sepetinya sitem kami sedang error!';
                    } else{
                        //Jam Pulang
                        echo'success/Selamat "'.$row_user['employees_name'].'" berhasil Absen Pulang pada Tanggal '.tanggal_ind($date).' dan Jam : '.$time.', Hati-hati dijalan saat pulang "'.$row_a['employees_name'].'"!';
                        imagejpeg($tmp,$directory,80);
                    }
                }
            }
          else {
            echo'Sebelumnya "'.$row_user['employees_name'].'" sudah pernah Absen Pulang pada Tanggal '.tanggal_ind($date).' dan Jam '.$row['time_out'].'.!';
          }
        }
      } else {
         
           if($lok =='1') {
                if($radius<=250 && $radius>=0 ) {
                    // Add Absen Masuk ---------------------------------------
                	$filename =''.seo_title($row_user['employees_name']).'-in-'.$date.'-'.$row_user['id'].'.jpg';
      		        $directory= "../content/present/".$filename;
      		        if($time>$masuk) {
      		            $datang='1';
      		        }
                    $add ="INSERT INTO presence (employees_id,presence_date,time_in,time_out,picture_in,picture_out,present_id,presence_address,information,datang) 
                    values('$row_u[id]','$date','$time','00:00:00','$filename','', /*picture out kosong*/'1', /*hadir*/'$latitude','$radius','$datang')";
            
                    $xin_add ="INSERT INTO xin_attendance_time (employee_id,attendance_date,clock_in,time_late,early_leaving,overtime,attendance_status,clock_in_latitude,clock_in_longitude,clock_in_ip_address) 
                    values($row_u[xin_employee_id],'$date','$datetime','$datetime','$datetime','$datetime','Present','$lintang','$bujur','$ip_login')";
        
                    if($connection->query($xin_add) === false) {
                        die($connection->error.__LINE__); 
                        echo'Sepertinya Sistem Kami sedang error!';
                    }
                    if($connection->query($add) === false) {
                        die($connection->error.__LINE__); 
                        echo'Sepertinya Sistem Kami sedang error!';
                    } else{
                        echo'success/Selamat Anda berhasil Absen Masuk pada Tanggal '.tanggal_ind($date).' dan Jam : '.$time.', Semangat bekerja "'.$row_u['employees_name'].'" !';
                        imagejpeg($tmp,$directory,80);
                    }
                } else {
                    
                    if($radius>1500) {
                    // Add Absen Masuk ---------------------------------------
                	$filename =''.seo_title($row_user['employees_name']).'-in-'.$date.'-'.$row_user['id'].'.jpg';
      		        $directory= "../content/present/".$filename;
      		        if($time>$masuk) {
      		            $datang='1';
      		        }
      		        $query  ="SELECT employees_id,time_in FROM presence_temp WHERE employees_id='$row_u[id]' AND presence_date='$date'";
                    $result = $connection->query($query);
                    $row = $result->fetch_assoc();
                    if($result->num_rows > 0){
                        echo'Sebelumnya "'.$row_u['employees_name'].'" sudah pernah Absen Datang Dengan Status Pending pada Tanggal '.tanggal_ind($date).' dan Jam '.$row['time_in'].'.!';
                    } else {
      		        
                    $add ="INSERT INTO presence_temp (employees_id,presence_date,time_in,time_out,picture_in,picture_out,present_id,presence_address,information,datang) 
                    values('$row_u[id]','$date','$time','00:00:00','$filename','', /*picture out kosong*/'1', /*hadir*/'$latitude','$radius','$datang')";
        
                    
                    if($connection->query($add) === false) {
                        die($connection->error.__LINE__); 
                        echo'Sepertinya Sistem Kami sedang error!';
                    } else{
                        echo'success/Selamat Anda berhasil Absen Masuk pada Tanggal '.tanggal_ind($date).' dan Jam : '.$time.', Status Absensi Pending "'.$row_u['employees_name'].'" !';
                        imagejpeg($tmp,$directory,80);
                        }
                    }
                } else {
                    echo 'error/Absen diluar radius yang diperbolehkan. Jarak Anda = '.number_format(($radius/1000),2).' KM';   
                }    
                }
            } else {
              $filename =''.seo_title($row_user['employees_name']).'-in-'.$date.'-'.$row_user['id'].'.jpg';
      		        $directory= "../content/present/".$filename;
      		         if($time>$masuk) {
      		            $datang='1';
      		        }
                    $add ="INSERT INTO presence (employees_id,presence_date,time_in,time_out,picture_in,picture_out,present_id,presence_address,information,datang) 
                    values('$row_u[id]','$date','$time','00:00:00','$filename','', /*picture out kosong*/'1', /*hadir*/'$latitude','$radius','$datang')";
            
                    $xin_add ="INSERT INTO xin_attendance_time (employee_id,attendance_date,clock_in,time_late,early_leaving,overtime,attendance_status,clock_in_latitude,clock_in_longitude,clock_in_ip_address) 
                    values($row_u[xin_employee_id],'$date','$datetime','$datetime','$datetime','$datetime','Present','$lintang','$bujur','$ip_login')";
        
                    if($connection->query($xin_add) === false) {
                        die($connection->error.__LINE__); 
                        echo'Sepertinya Sistem Kami sedang error!';
                    }
                    if($connection->query($add) === false) {
                        die($connection->error.__LINE__); 
                        echo'Sepertinya Sistem Kami sedang error!';
                    } else{
                        echo'success/Selamat Anda berhasil Absen Masuk pada Tanggal '.tanggal_ind($date).' dan Jam : '.$time.', Semangat bekerja "'.$row_u['employees_name'].'" !';
                        imagejpeg($tmp,$directory,80);
                    }
              }    
      } 

  }
  else{
    // Jika user tidak ditemukan
    echo'User tidak ditemukan';die($connection->error.__LINE__); 
  }
 
break;

// ------------- istirhar-------------*/
case 'istirahat':
//$latitude = $_GET['latitude'];
if (empty($_GET['latitude'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $latitude= mysqli_real_escape_string($connection, $_GET['latitude']);
      
  }

// Memisahkan koordinat menjadi array berdasarkan koma
$koordinat_array = explode(",", $latitude);

// Mengambil nilai lintang (latitude) dan bujur (longitude) dari array
$lintang    = $koordinat_array[0];
$bujur      = $koordinat_array[1];
$lat    = $koordinat_array[0];
$lng    = $koordinat_array[1];

$files = $_FILES["webcam"]["name"];
$lokasi_file = $_FILES['webcam']['tmp_name'];  
$ukuran_file = $_FILES['webcam']['size'];
$extension = getExtension($files);
$extension = strtolower($extension);
if($extension=="jpg" || $extension=="jpeg" ){$src = imagecreatefromjpeg($lokasi_file);}
else if($extension=="png"){$src = imagecreatefrompng($lokasi_file);}
else {$src = imagecreatefromgif($lokasi_file);}
list($width,$height)=getimagesize($lokasi_file);

$width_new  = 400;
$height_new = 300;
$ratio_ori  = $width / $height_new;
$tmp=imagecreatetruecolor($width_new,$height_new);
imagecopyresampled($tmp,$src,0,0,0,0,$width_new,$height_new,$width,$height);



  
  // Cek User yang sudah login -----------------------------------------------
  // $query_u="SELECT employees.id,employees.xin_employee_id,employees.employees_code,employees.employees_name,employees.shift_id,shift.shift_id,shift.time_in,shift.time_out FROM employees,shift WHERE employees.shift_id=shift.shift_id AND employees.id='$row_user[id]'";
  $query_u="SELECT employees.id,employees.employees_code,employees.employees_name,employees.shift_id,shift.shift_id,shift.time_in,shift.time_out,building.lokasi,employees.spk,position.lokasi as lok,employees.xin_employee_id
            FROM employees,shift,building,position WHERE employees.shift_id=shift.shift_id AND employees.building_id=building.building_id and position.position_id=employees.position_id and employees.id='$row_user[id]'";
  $result_u = $connection->query($query_u);
  
  if($result_u->num_rows > 0){
      $row_u = $result_u->fetch_assoc();
      $lokgedung=$row_u['lokasi'];
      $lok=$row_u['lok'];
      $spk=$row_u['spk'];
      $lgung=explode(",",$lokgedung);
      $latgedung=$lgung[0];
      $lnggedung=$lgung[1];
      $masuk=$row_u['time_in'];
      $datang='0';
      
       $jarak="SELECT (6371000 * acos(cos(radians($lat)) * cos(radians($latgedung) ) * cos(radians($lnggedung) -radians($lng)) + sin(radians($lat)) * sin(radians($latgedung)))) AS distance";
       $jarak1=$connection->query($jarak);
       $jarak2=$jarak1->fetch_assoc();
       $radius=$jarak2['distance'];
     
      $datetime = $date.' '.$time;
      // Cek data Absen Berdasarkan tanggal sekarang
      $query  ="SELECT employees_id,break_in FROM presence WHERE employees_id='$row_u[id]' AND presence_date='$date' and break_in <>'00:00:00'";
      $result = $connection->query($query);
      $row = $result->fetch_assoc();
      $masuk=$row['break_in'];
      if($result->num_rows > 0){
          
        // Update Absensi Pulang
        $query  ="SELECT break_out,employees_id FROM presence WHERE employees_id='$row_u[id]' AND presence_date='$date'";
        $result = $connection->query($query);
        $row = $result->fetch_assoc();
        if($result->num_rows > 0){
            if($row['break_out']=='00:00:00'){
                
            //Update Jam Pulang
            	$filename =''.seo_title($row_user['employees_name']).'-out-'.$date.'-'.$row_user['id'].'.jpg';
      			$directory= "../content/present/".$filename;
      			
            
            $pulang = $datetime;
            
            // Membuat objek DateTime dari clock_in dan clock_out
            $datetime_in = new DateTime($masuk);
            $datetime_out = new DateTime($pulang);

            // Menghitung selisih waktu
            $interval = $datetime_in->diff($datetime_out);

            // Mengubah selisih waktu menjadi format H:i (jam dan menit)
            $total_work_hours = $interval->format('%H:%i');
            
            if($interval->format('%i')>='05') {
                
              $update ="UPDATE presence SET break_out='$time' WHERE employees_id = '$row_u[id]' AND presence_date='$date'";
              if($connection->query($update) === false) { 
                  die($connection->error.__LINE__); 
                  echo'Sepetinya sitem kami sedang error!';
              } else{
                  //Jam Pulang
                  echo'success/"'.$row_user['employees_name'].'" berhasil Absen selesai Istirahat pada Tanggal '.tanggal_ind($date).' dan Jam : '.$time.', Selamat Bekerja Kembali "'.$row_a['employees_name'].'"!';
                  imagejpeg($tmp,$directory,80);
              }
            }
            }
            
          else{
            echo'Sebelumnya "'.$row_user['employees_name'].'" sudah pernah Absen Selesai Istirahat pada Tanggal '.tanggal_ind($date).' dan Jam '.$row['break_out'].'.!';
          }
        }
      } else {
             
        // Update Absensi Pulang
        $query  ="SELECT break_in,employees_id,clock_in FROM presence JOIN xin_attendance_time WHERE employees_id='$row_u[id]' AND presence_date='$date'";
        $result = $connection->query($query);
        $row = $result->fetch_assoc();
          if($result->num_rows > 0){
            if($row['break_in']=='00:00:00'){
            //Update Jam Pulang
            	$filename =''.seo_title($row_user['employees_name']).'-out-'.$date.'-'.$row_user['id'].'.jpg';
      			$directory= "../content/present/".$filename;
      			
            $queryx  ="SELECT clock_in FROM xin_attendance_time WHERE employee_id='$row_u[xin_employee_id]' AND attendance_date='$date'";
            $resultx = $connection->query($queryx);
            $rowx = $resultx->fetch_assoc();
            
            $masuk = $rowx['clock_in'];
            $pulang = $datetime;
            
            // Membuat objek DateTime dari clock_in dan clock_out
            $datetime_in = new DateTime($masuk);
            $datetime_out = new DateTime($pulang);

            // Menghitung selisih waktu
            $interval = $datetime_in->diff($datetime_out);

            // Mengubah selisih waktu menjadi format H:i (jam dan menit)
            $total_work_hours = $interval->format('%H:%I');
           
                
              $update ="UPDATE presence SET break_in='$time' WHERE employees_id = '$row_u[id]' AND presence_date='$date'";
              if($connection->query($update) === false) { 
                  die($connection->error.__LINE__); 
                  echo'Sepetinya sitem kami sedang error!';
              } else{
                  //Jam Pulang
                  echo'success/"'.$row_user['employees_name'].'" berhasil Absen Mulai Istirahat pada Tanggal '.tanggal_ind($date).' dan Jam : '.$time.', Selamat Beristirahat "'.$row_a['employees_name'].'"!';
                  imagejpeg($tmp,$directory,80);
              }
            }
        }
      } 

  }
  else{
    // Jika user tidak ditemukan
    echo'User tidak ditemukan';die($connection->error.__LINE__); 
  }
 
break;



// ----------- UPDATE PROFILE -------------------//
case 'profile':
  $error = array();

  if (empty($_POST['employees_name'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $employees_name= mysqli_real_escape_string($connection, $_POST['employees_name']);
  }

  if (empty($_POST['position_id'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $position_id = mysqli_real_escape_string($connection, $_POST['position_id']);
  }

  if (empty($_POST['shift_id'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $shift_id = mysqli_real_escape_string($connection, $_POST['shift_id']);
  }

  if (empty($_POST['building_id'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $building_id = mysqli_real_escape_string($connection, $_POST['building_id']);
  }


  if (empty($error)) { 
    $update="UPDATE employees SET employees_name='$employees_name',
            position_id='$position_id',
            shift_id='$shift_id',
            building_id='$building_id' WHERE id='$row_user[id]'"; 
    if($connection->query($update) === false) { 
        die($connection->error.__LINE__); 
        echo'Data tidak berhasil disimpan!';
    } else{
        echo'success';
    }}
    else{           
        echo'Bidang inputan tidak boleh ada yang kosong..!';
  }
break;


// ----------- UPDATE PASSWORD -------------------//
case 'update-password':
 $error = array();
  if (empty($_POST['employees_email'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $employees_email= mysqli_real_escape_string($connection,$_POST['employees_email']);
  }

  if (empty($_POST['employees_password'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $employees_password= mysqli_real_escape_string($connection,$_POST['employees_password']);
      $password_baru =mysqli_real_escape_string($connection,hash('sha256',$salt.$employees_password));
  }

  if (empty($error)) { 
    $pesan = '<html lang="id-ID" xml:lang="id-ID"><body>';
    $pesan .= 'Saat ini ['.$employees_email.'] Sedang mengganti Password baru<br>';
    $pesan .= '<b>Password Baru Anda : '.$employees_password.'</b><br><br><br>Harap simpan baik-baik akun Anda.<br><br>';
    $pesan .= 'Hormat Kami,<br>'.$site_name.'<br>Email otomatis, Mohon tidak membalas email ini"';
    $pesan .= "</body></html>";
    $to     = $email_siswa;
    $subject = 'Ubah Katasandi Baru';
    $headers = "From: " . $site_name." <".$site_email_domain.">\r\n";
    $headers .= "MIME-Version: 1.0\r\n";
    $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";

    $update="UPDATE employees SET employees_password='$password_baru' WHERE id='$id'"; 
    if($connection->query($update) === false) { 
        die($connection->error.__LINE__); 
        echo'Data tidak berhasil disimpan!';
    } else{
        echo'success';
        mail($to, $subject, $pesan, $headers);
    }}
    else{           
        echo'Bidang inputan tidak boleh ada yang kosong..!';
    }
break;

/* -------- UPDATE PHOTO ----------------*/
case 'update-photo':
  $file_name   = $_FILES['file'] ['name'];
  $size        = $_FILES['file'] ['size'];
  $error       = $_FILES['file'] ['error'];
  $tmpName     = $_FILES['file']['tmp_name'];
  $filepath      = '../content/karyawan/';
  $valid       = array('jpg','png','gif','jpeg'); 
  if(strlen($file_name)){   
       // Perintah untuk mengecek format gambar
       list($txt,$ext) = explode(".", $file_name);
       $file_ext = substr($file_name, strripos($file_name, '.'));

       if(in_array($ext,$valid)){   
         if($size<500000){   
           // Perintah pengganti nama files
           //$photo_new   = strip_tags(md5($file_name));
           $photo_new   =''.$row_user['employees_code'].'-'.strip_tags(md5($file_name)).'-'.seo_title($time).'-'.$file_ext.'';
           $pathFile    = $filepath.$photo_new;

            $query = "SELECT photo FROM employees WHERE id='$row_user[id]'"; 
                $result = $connection->query($query);
                $rows= $result->fetch_assoc();
                $photo = $rows['photo'];
                if(file_exists("../content/$photo")){
                  unlink( "../content/karyawan/$photo");
                 }
           $update ="UPDATE employees SET photo='$photo_new' WHERE id=$row_user[id]";
            if($connection->query($update) === false) { 
               echo'Pengaturan tidak dapat disimpan, coba ulangi beberapa saat lagi.!';
               die($connection->error.__LINE__); 
            } else   {
              echo'success';
               move_uploaded_file($tmpName, $pathFile);
            }
          }
         else{ // Jika Gambar melebihi size 
              echo'File terlalu besar maksimal files 5MB.!';  
           }         
       }
       else{
          echo 'File yang di unggah tidak sesuai dengan format, File harus jpg, jpeg, gif, png.!';
        }
     }   
break;


/* -------  LOAD DATA HISTORY ----------*/

case 'history':
if(isset($_POST['from']) OR isset($_POST['to'])){
      $from = date('Y-m-d', strtotime($_POST['from']));
      $to   = date('Y-m-d', strtotime($_POST['to']));

      $filter ="presence_date BETWEEN '$from' AND '$to'";
  } 
  else{
      $filter ="MONTH(presence_date) ='$month'";
}

echo'<table class="table rounded" id="swdatatable">
    <thead>
        <tr>
            <th scope="col" class="align-middle text-center" width="10">No</th>
            <th scope="col" class="align-middle">Tanggal</th>
            <th scope="col" class="align-middle">Jam Masuk</th>
            <th scope="col" class="align-middle">Jam Pulang</th>
            <th scope="col" class="align-middle hidden-sm">Status</th>
            <th scope="col" class="align-middle">Aksi</th>
        </tr>
    </thead>
    <tbody>';
    $no=0;
    $query_shift ="SELECT time_in,time_out FROM shift WHERE shift_id='$row_user[shift_id]'";
    $result_shift = $connection->query($query_shift);
    $row_shift = $result_shift->fetch_assoc();
    $shift_time_in = $row_shift['time_in'];
    $newtimestamp = strtotime(''.$shift_time_in.' + 05 minute');
    $newtimestamp = date('H:i:s', $newtimestamp);

    $query_absen ="SELECT employees_id,presence_id,presence_date,picture_in,time_in,picture_out,time_out,present_id,presence_address,information,TIMEDIFF(TIME(time_in),'$shift_time_in') AS selisih,
    if (time_in>'$shift_time_in','Terlambat',if(time_in='00:00:00','Tidak Masuk','Tepat Waktu')) AS status FROM presence WHERE employees_id='$row_user[id]' AND $filter ORDER BY presence_id DESC";
    $result_absen = $connection->query($query_absen);
    if($result_absen->num_rows > 0){
        while ($row_absen = $result_absen->fetch_assoc()) {
          
          $query_status ="SELECT present_name FROM  present_status WHERE present_id='$row_absen[present_id]'";
          $result_status = $connection->query($query_status);
          $row_aa= $result_status->fetch_assoc();
            $no++;
            if($row_absen['information']==''){
              $information = '';
            }else{
              $information = '<br>'.$row_absen['information'].'';
            }

      if($row_absen['status']=='Terlambat'){
          $status=' <small class="badge badge-danger">Telat</small>';
        }
        elseif ($row_absen['status']='Tepat Waktu') {
          $status=' <small class="badge badge-success">'.$row_absen['status'].'</small>';
        }
        else{
          $status=' <small class="badge badge-danger">Tidak Masuk</small>';
        }
        echo'
        <tr>
            <th class="text-center">'.$no.'</th>
            <th scope="row">'.tgl_ind($row_absen['presence_date']).'</th>
            <td><a class="image-link" href="./content/present/'.$row_absen['picture_in'].'">
            <span class="badge badge-success">'.$row_absen['time_in'].'</span></a></td>
            <td><a class="image-link" href="./content/present/'.$row_absen['picture_out'].'">
            <span class="badge badge-danger">'.$row_absen['time_out'].'</span></a></td>
            <td class="hidden-sm">'.$row_aa['present_name'].''.$status.''.$information.'</td>
            <td class="text-center">
              <button type="button" class="btn btn-success btn-sm modal-update" data-id="'.$row_absen['presence_id'].'" data-masuk="'.$row_absen['time_in'].'" data-pulang="'.$row_absen['time_out'].'" data-date="'.tgl_indo($row_absen['presence_date']).'" data-information="'.$row_absen['information'].'" data-status="'.$row_absen['present_id'].'" data-toggle="modal" data-target="#modal-show"><i class="fas fa-pencil-alt"></i></button>
            </td>
        </tr>';
    }}
    echo'
    </tbody>
</table>
<hr>';
      $query_hadir="SELECT presence_id FROM presence WHERE employees_id='$row_user[id]' AND $filter AND present_id='1' ORDER BY presence_id DESC";
      $hadir= $connection->query($query_hadir);

      $query_sakit="SELECT presence_id FROM presence WHERE employees_id='$row_user[id]' AND $filter AND present_id='2' ORDER BY presence_id";
      $sakit = $connection->query($query_sakit);

      $query_izin="SELECT presence_id FROM presence WHERE employees_id='$row_user[id]' AND $filter AND present_id='3' ORDER BY presence_id";
      $izin = $connection->query($query_izin);

      $query_telat ="SELECT presence_id FROM presence WHERE employees_id='$row_user[id]' AND $filter AND time_in>'$shift_time_in'";
      $telat = $connection->query($query_telat);
echo'
<div class="container">
<div class="row">
  <div class="col-md-3">
    <p>Hadir : <span class="badge badge-success">'.$hadir->num_rows.'</span></p>
  </div>

  <div class="col-md-3">
    <p>Telat : <span class="label badge badge-danger">'.$telat->num_rows.'</span></p>
  </div>
  

  <div class="col-md-3">
    <p>Sakit : <span class="badge badge-warning">'.$sakit->num_rows.'</span></p>
  </div>

  <div class="col-md-3">
    <p>Izin : <span class="badge badge-info">'.$izin->num_rows.'</span></p>
  </div>
</div>
</div>';?>

<script>
  $('#swdatatable').dataTable({
    "iDisplayLength":35,
    "aLengthMenu": [[35, 40, 50, -1], [35, 40, 50, "All"]]
  });
  $('.image-link').magnificPopup({type:'image'});
</script>
<?php
  break;




// ----------- UPDATE HISTORY -------------------//
case 'update-history':
  $error = array();
  if (empty($_POST['presence_id'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $presence_id = mysqli_real_escape_string($connection, $_POST['presence_id']);
  }

  if (empty($_POST['present_id'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $present_id= mysqli_real_escape_string($connection, $_POST['present_id']);
  }

  $information = mysqli_real_escape_string($connection, $_POST['information']);
 
  if (empty($error)) { 
    $update="UPDATE presence SET present_id='$present_id',
                    information='$information' WHERE presence_id='$presence_id' AND employees_id='$row_user[id]'"; 
    if($connection->query($update) === false) { 
        die($connection->error.__LINE__); 
        echo'Data tidak berhasil disimpan!';
    } else{
        echo'success';
    }}
    else{           
        echo'Bidang inputan tidak boleh ada yang kosong..!';
  }
break;



// ----------- UPDATE HISTORY -------------------//
case 'add-izin':
  $error = array();
  if (empty($_POST['date_izin'])) {
      $error[] = 'tanggal tidak boleh kosong';
    } else {
      $date = mysqli_real_escape_string($connection, $_POST['date_izin']);
  }

  if (empty($_POST['present_id'])) {
      $error[] = ' type izin tidak boleh kosong';
    } else {
      $type_leave= mysqli_real_escape_string($connection, $_POST['present_id']);
  }
  
  if (empty($_POST['keterangan'])) {
      $error[] = 'keterangan tidak boleh kosong';
    } else {
      $reason= mysqli_real_escape_string($connection, $_POST['keterangan']);
  }
  
  if (empty($row_user[xin_employee_id])) {
      $error[] = 'Id tidak boleh kosong';
    } else {
      $id= mysqli_real_escape_string($connection, $row_user[xin_employee_id]);
  }
  
// echo $row_user[xin_employee_id];
//   $information = mysqli_real_escape_string($connection, $_POST['information']);
//   $type_leave = $_POST['present_id'];
//   $reason = $_POST['keterangan'];
  
  if (empty($error)) { 
    $insert="INSERT INTO xin_leave_applications(employee_id,leave_type_id,from_date,to_date,applied_on,reason)
    VALUES($id,$type_leave,'$date','$date','$date','$reason')"; 
    if($connection->query($insert) === false) { 
        die($connection->error.__LINE__); 
        echo'Data tidak berhasil disimpan!';
    } else{
        echo'success';
    }}
    else{           
        echo'Bidang inputan tidak boleh ada yang kosong..!';
  }
break;
/* -------  LOAD DATA OTO ----------*/

case 'otorisasi':
if(isset($_POST['from']) OR isset($_POST['to'])){
      $from = date('Y-m-d', strtotime($_POST['from']));
      $to   = date('Y-m-d', strtotime($_POST['to']));

      $filter ="presence_date BETWEEN '$from' AND '$to'";
  } 
  else{
      $filter ="MONTH(presence_date) ='$month'";
}

echo'<table class="table rounded" id="swdatatable">
    <thead>
        <tr>
            <th scope="col" class="align-middle text-center" width="10">No</th>
            <th scope="col" class="align-middle">Nama</th>
            <th scope="col" class="align-middle">Tanggal</th>
            <th scope="col" class="align-middle">Jam Masuk</th>
            <th scope="col" class="align-middle">Jam Pulang</th>
            <th scope="col" class="align-middle hidden-sm">Status</th>
            <th scope="col" class="align-middle">Aksi</th>
        </tr>
    </thead>
    <tbody>';
    $no=0;
    $query_shift ="SELECT time_in,time_out FROM shift WHERE shift_id='$row_user[shift_id]'";
    $result_shift = $connection->query($query_shift);
    $row_shift = $result_shift->fetch_assoc();
    $shift_time_in = $row_shift['time_in'];
    $newtimestamp = strtotime(''.$shift_time_in.' + 05 minute');
    $newtimestamp = date('H:i:s', $newtimestamp);

    $query_absen ="SELECT employees_id,presence_id,presence_date,picture_in,time_in,picture_out,time_out,present_id,presence_address,information,TIMEDIFF(TIME(time_in),'$shift_time_in') AS selisih,if (time_in>'$shift_time_in','Terlambat',if(time_in='00:00:00','Tidak Masuk','Tepat Waktu')) AS status FROM presence_temp WHERE stat='0' AND $filter ORDER BY presence_id DESC";
    $result_absen = $connection->query($query_absen);
    if($result_absen->num_rows > 0){
        while ($row_absen = $result_absen->fetch_assoc()) {

          $query_status ="SELECT present_name FROM  present_status WHERE present_id='$row_absen[present_id]'";
          $result_status = $connection->query($query_status);
          $row_aa= $result_status->fetch_assoc();
          
          $query_nm ="SELECT employees_name FROM  employees WHERE id='$row_absen[employees_id]'";
          $result_nm = $connection->query($query_nm);
          $row_nm= $result_nm->fetch_assoc();
          
            $no++;
            if($row_absen['information']==''){
              $information = '';
            }else{
              $information = '<br>'.$row_absen['information'].'';
            }

      if($row_absen['status']=='Terlambat'){
          $status=' <small class="badge badge-danger">Telat</small>';
        }
        elseif ($row_absen['status']='Tepat Waktu') {
          $status=' <small class="badge badge-success">'.$row_absen['status'].'</small>';
        }
        else{
          $status=' <small class="badge badge-danger">Tidak Masuk</small>';
        }
        echo'
        <tr>
            <th class="text-center">'.$no.'</th>
            <th>'.$row_nm['employees_name'].'</th>
            <th scope="row">'.tgl_ind($row_absen['presence_date']).'</th>
            
            <td><a class="image-link" href="./content/present/'.$row_absen['picture_in'].'">
            <span class="badge badge-success">'.$row_absen['time_in'].'</span></a></td>
            <td><a class="image-link" href="./content/present/'.$row_absen['picture_out'].'">
            <span class="badge badge-danger">'.$row_absen['time_out'].'</span></a></td>
            <td class="hidden-sm">'.$row_aa['present_name'].''.$status.'</td>
            <td class="text-center">
              <button type="button" class="btn btn-success btn-sm modal-update" 
              data-id="'.$row_absen['presence_id'].'" data-masuk="'.$row_absen['time_in'].'" data-pulang="'.$row_absen['time_out'].'
              " data-date="'.tgl_indo($row_absen['presence_date']).'" data-information="'.number_format(($row_absen['information']/1000),2).' KM" data-status="'.$row_absen['present_id'].'
              " data-toggle="modal" data-target="#modal-show"><i class="fas fa-pencil-alt"></i></button>
            </td>
        </tr>';
    }}
    echo'
    </tbody>
</table>
<hr>';

      $query_hadir="SELECT presence_id FROM presence_temp WHERE employees_id='$row_user[id]' AND $filter AND present_id='1' ORDER BY presence_id DESC";
      $hadir= $connection->query($query_hadir);

      $query_sakit="SELECT presence_id FROM presence_temp WHERE employees_id='$row_user[id]' AND $filter AND present_id='2' ORDER BY presence_id";
      $sakit = $connection->query($query_sakit);

      $query_izin="SELECT presence_id FROM presence_temp WHERE employees_id='$row_user[id]' AND $filter AND present_id='3' ORDER BY presence_id";
      $izin = $connection->query($query_izin);

      $query_telat ="SELECT presence_id FROM presence_temp WHERE employees_id='$row_user[id]' AND $filter AND time_in>'$shift_time_in'";
      $telat = $connection->query($query_telat);
echo'
<!--- <div class="container">
<div class="row">
  <div class="col-md-3">
    <p>Hadir : <span class="badge badge-success">'.$hadir->num_rows.'</span></p>
  </div>

  <div class="col-md-3">
    <p>Telat : <span class="label badge badge-danger">'.$telat->num_rows.'</span></p>
  </div>
  

  <div class="col-md-3">
    <p>Sakit : <span class="badge badge-warning">'.$sakit->num_rows.'</span></p>
  </div>

  <div class="col-md-3">
    <p>Izin : <span class="badge badge-info">'.$izin->num_rows.'</span></p>
  </div>
</div>
</div>
--->
'
;?>

<script>
  $('#swdatatable').dataTable({
    "iDisplayLength":35,
    "aLengthMenu": [[35, 40, 50, -1], [35, 40, 50, "All"]]
  });
  $('.image-link').magnificPopup({type:'image'});
</script>
<?php
  break;


// ----------- UPDATE oto -------------------//
case 'update-otorisasi':
  $error = array();
  if (empty($_POST['presence_id'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $presence_id = mysqli_real_escape_string($connection, $_POST['presence_id']);
  }

  if (empty($_POST['present_id'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $present_id= mysqli_real_escape_string($connection, $_POST['present_id']);
  }
  
  if (empty($_POST['building_id'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $building_id= mysqli_real_escape_string($connection, $_POST['building_id']);
  }

  $information = mysqli_real_escape_string($connection, $_POST['information']); 
 
  if (empty($error)) { 
    $update="UPDATE presence_temp SET stat='1',building='$building_id'
                     WHERE presence_id='$presence_id'  AND stat='0'"; 
    if($connection->query($update) === false) { 
        die($connection->error.__LINE__); 
        echo'Data tidak berhasil disimpan!';
    } else{
        echo'success';
    }}
    else{           
        echo'Bidang inputan tidak boleh ada yang kosong..!';
  }
break;

/* -------  LOAD DATA jadwal shift ----------*/

case 'jshift':

echo'<table class="table rounded" id="swdatatable">
    <thead>
        <tr>
            <th style="width: 10px">No</th>
            <th>Nama</th>
            <th>Jabatan</th>
            <th>Shift</th>
            <th style="width:120px" class="text-right">Aksi</th>
  </tr>
    </thead>
    <tbody>';
     $query_hadir="SELECT building_id FROM employees WHERE employees.id='$row_user[id]';";
      $hadir= $connection->query($query_hadir);
      $hadir1 = $hadir->fetch_assoc();
      $gedung=$hadir1['building_id'];
      
     $query="SELECT employees.*,employees.id nip,position.position_name,shift.shift_name,building.name,if(employees.stat='5','Aktif','Resign') statname  
            FROM employees,position,shift,building WHERE employees.position_id=position.position_id AND employees.shift_id=shift.shift_id AND employees.building_id=building.building_id  and employees.building_id='$gedung'  order by employees.id DESC";
  $result = $connection->query($query);
  if($result->num_rows > 0){
  $no=0;
 while ($row= $result->fetch_assoc()) {
    $no++;
    echo'
    <tr>
      <td class="text-center">'.$no.'</td>
      <td>'.$row['employees_name'].'</td>
      <td>'.$row['position_name'].'</td>
      <td>'.$row['shift_name'].'</td>
      <td class="text-center">
              <button type="button" class="btn btn-success btn-sm modal-update" 
              data-id="'.$row_absen['nip'].'" data-nama="'.$row_absen['employees_name'].'" data-shiftlama="'.$row_absen['shift_name'].'"
              data-toggle="modal" data-target="#modal-show"><i class="fas fa-pencil-alt"></i></button>
            </td>
    </tr>';}}
  echo'
    </tbody>
</table>
<hr>';
?>

<script>
  $('#swdatatable').dataTable({
    "iDisplayLength":35,
    "aLengthMenu": [[35, 40, 50, -1], [35, 40, 50, "All"]]
  });
  $('.image-link').magnificPopup({type:'image'});
</script>
<?php
  break;
 

// ----------- UPDATE oto -------------------//
case 'update-shift':
  $error = array();
  if (empty($_POST['presence_id'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $presence_id = mysqli_real_escape_string($connection, $_POST['presence_id']);
  }

  if (empty($_POST['present_id'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $present_id= mysqli_real_escape_string($connection, $_POST['present_id']);
  }
  
  if (empty($_POST['building_id'])) {
      $error[] = 'tidak boleh kosong';
    } else {
      $building_id= mysqli_real_escape_string($connection, $_POST['building_id']);
  }

  $information = mysqli_real_escape_string($connection, $_POST['information']); 
 
  if (empty($error)) { 
    $update="UPDATE presence_temp SET stat='1',building='$building_id'
                     WHERE presence_id='$presence_id'  AND stat='0'"; 
    if($connection->query($update) === false) { 
        die($connection->error.__LINE__); 
        echo'Data tidak berhasil disimpan!';
    } else{
        echo'success';
    }}
    else{           
        echo'Bidang inputan tidak boleh ada yang kosong..!';
  }
break; 
  
}?>