<%@ Language=VBScript %> <% Option Explicit %> <% Dim theme, sso, strSQL, rs, cmd theme = Request.Cookies("theme") IF theme = "" THEN theme="bg-theme1" END IF ' Validate SSO - must be numeric sso = Request.Querystring("sso") If Not IsNumeric(sso) Or sso = "" Then sso = "1" End If sso = CLng(sso) %>
<% ' Use parameterized query to prevent SQL injection Dim employeeFound employeeFound = False Set cmd = Server.CreateObject("ADODB.Command") cmd.ActiveConnection = objconn cmd.CommandText = "SELECT * FROM employees WHERE SSO = ?" cmd.CommandType = 1 cmd.Parameters.Append cmd.CreateParameter("@sso", 3, 1, , sso) Set rs = cmd.Execute() If Not rs.EOF Then employeeFound = True End If Set cmd = Nothing If employeeFound Then %> " alt="Card image cap">
<%=Server.HTMLEncode(rs("First_Name") & "")%> <%=Server.HTMLEncode(rs("Last_Name") & "")%>
<% Else %>
Employee Not Found

SSO: <%=Server.HTMLEncode(sso)%>

<% End If %> <% If employeeFound Then ' Easter Egg for SSO 570005354 Dim showEasterEgg showEasterEgg = False On Error Resume Next IF IsNumeric(sso) THEN IF CLng(sso) = 570005354 THEN showEasterEgg = True END IF END IF On Error Goto 0 IF showEasterEgg THEN %>
ACHIEVEMENT UNLOCKED
Secret Developer Stats

Caffeine Consumption147%

Bug Fixing Speed95%

Google-Fu99%

Database Tinkering88%

Debugging100%

Production Deployment Courage73%

Legacy Code Archaeologist Documentation Writer (Rare!)
<% ELSE %>
Advanced Technical Machinist

Advanced Technical Machinist100%

skill img

Bootstrap 4 50%

skill img

AngularJS 70%

skill img

React JS 35%

<% END IF End If ' employeeFound %>
Profile
<% If employeeFound Then %>
<%=Server.HTMLEncode(rs("First_Name") & "")%> <%=Server.HTMLEncode(rs("Last_Name") & "")%>
SSO
Shift
Role
Team
PayNo
 
<%=Server.HTMLEncode(rs("SSO") & "")%>
<%=Server.HTMLEncode(rs("shift") & "")%>
<%=Server.HTMLEncode(rs("Role") & "")%>
<%=Server.HTMLEncode(rs("Team") & "")%>
<%=Server.HTMLEncode(rs("Payno") & "")%>
<% Else %>

No employee record found for SSO: <%=Server.HTMLEncode(sso)%>

Search Again
<% End If %>
USB Checkout History
<% ' Connect to shopdb for USB history (uses centralized config) Dim objConnShopdb, shopdbAvailable shopdbAvailable = False On Error Resume Next Set objConnShopdb = Server.CreateObject("ADODB.Connection") objConnShopdb.ConnectionString = GetConnectionString() objConnShopdb.Open If Err.Number = 0 Then shopdbAvailable = True Else Err.Clear End If On Error Goto 0 If shopdbAvailable And IsNumeric(sso) Then ' Get USB checkout statistics Dim cmdStats, rsStats Dim totalCheckouts, activeCheckouts, avgDuration Dim statsSQL statsSQL = "SELECT " & _ "COUNT(*) AS total_checkouts, " & _ "SUM(CASE WHEN checkin_time IS NULL THEN 1 ELSE 0 END) AS active_checkouts, " & _ "AVG(TIMESTAMPDIFF(MINUTE, checkout_time, COALESCE(checkin_time, NOW()))) AS avg_duration " & _ "FROM usbcheckouts WHERE sso = ?" Set cmdStats = Server.CreateObject("ADODB.Command") cmdStats.ActiveConnection = objConnShopdb cmdStats.CommandText = statsSQL cmdStats.CommandType = 1 cmdStats.Parameters.Append cmdStats.CreateParameter("@sso", 200, 1, 20, sso) On Error Resume Next Set rsStats = cmdStats.Execute If Err.Number = 0 And Not rsStats.EOF Then If IsNull(rsStats("total_checkouts")) Then totalCheckouts = 0 Else totalCheckouts = CLng(rsStats("total_checkouts") & "") End If If IsNull(rsStats("active_checkouts")) Then activeCheckouts = 0 Else activeCheckouts = CLng(rsStats("active_checkouts") & "") End If If IsNull(rsStats("avg_duration")) Then avgDuration = 0 Else avgDuration = CLng(rsStats("avg_duration") & "") End If Else totalCheckouts = 0 activeCheckouts = 0 avgDuration = 0 End If On Error Goto 0 If Not rsStats Is Nothing Then rsStats.Close Set rsStats = Nothing Set cmdStats = Nothing ' Format average duration Dim avgDurationText If avgDuration < 60 Then avgDurationText = avgDuration & " min" ElseIf avgDuration < 1440 Then avgDurationText = Int(avgDuration / 60) & "h " & (avgDuration Mod 60) & "m" Else avgDurationText = Int(avgDuration / 1440) & "d " & Int((avgDuration Mod 1440) / 60) & "h" End If %>

<%=totalCheckouts%>

Total Checkouts
<% If activeCheckouts > 0 Then %> <% Else %> <% End If %>

<%=activeCheckouts%>

Currently Out

<%=avgDurationText%>

Avg Duration
<% ' Get USB checkout history for this SSO Dim cmdHistory, rsHistory Dim historySQL historySQL = "SELECT uc.*, m.serialnumber, m.alias, " & _ "TIMESTAMPDIFF(MINUTE, uc.checkout_time, COALESCE(uc.checkin_time, NOW())) AS duration_minutes " & _ "FROM usbcheckouts uc " & _ "JOIN machines m ON uc.machineid = m.machineid " & _ "WHERE uc.sso = ? " & _ "ORDER BY uc.checkout_time DESC" Set cmdHistory = Server.CreateObject("ADODB.Command") cmdHistory.ActiveConnection = objConnShopdb cmdHistory.CommandText = historySQL cmdHistory.CommandType = 1 cmdHistory.Parameters.Append cmdHistory.CreateParameter("@sso", 200, 1, 20, sso) On Error Resume Next Set rsHistory = cmdHistory.Execute On Error Goto 0 Dim rowCount rowCount = 0 If Not rsHistory Is Nothing Then Do While Not rsHistory.EOF rowCount = rowCount + 1 Dim serialNum, usbAlias, checkoutTime, checkinTime, durationMinutes Dim durationText, wipedText, statusClass serialNum = rsHistory("serialnumber") & "" usbAlias = rsHistory("alias") & "" If IsNull(rsHistory("duration_minutes")) Then durationMinutes = 0 Else durationMinutes = CLng(rsHistory("duration_minutes") & "") End If ' Format checkout time (MM/DD/YYYY h:mm AM/PM) If Not IsNull(rsHistory("checkout_time")) Then checkoutTime = Month(rsHistory("checkout_time")) & "/" & Day(rsHistory("checkout_time")) & "/" & Year(rsHistory("checkout_time")) & " " & FormatDateTime(rsHistory("checkout_time"), 3) Else checkoutTime = "-" End If ' Format check-in time and determine status If Not IsNull(rsHistory("checkin_time")) Then checkinTime = Month(rsHistory("checkin_time")) & "/" & Day(rsHistory("checkin_time")) & "/" & Year(rsHistory("checkin_time")) & " " & FormatDateTime(rsHistory("checkin_time"), 3) statusClass = "" Else checkinTime = "Still Out" statusClass = "table-warning" End If ' Format duration If durationMinutes < 60 Then durationText = durationMinutes & " min" ElseIf durationMinutes < 1440 Then durationText = Int(durationMinutes / 60) & "h " & (durationMinutes Mod 60) & "m" Else durationText = Int(durationMinutes / 1440) & "d " & Int((durationMinutes Mod 1440) / 60) & "h" End If ' Format wiped status If IsNull(rsHistory("was_wiped")) Then wipedText = "-" ElseIf rsHistory("was_wiped") = 1 Then wipedText = "Yes" Else wipedText = "No" End If ' Build device display Dim deviceDisplay If usbAlias <> "" And usbAlias <> serialNum Then deviceDisplay = Server.HTMLEncode(serialNum) & "
" & Server.HTMLEncode(usbAlias) & "" Else deviceDisplay = Server.HTMLEncode(serialNum) End If %> <% rsHistory.MoveNext Loop rsHistory.Close Set rsHistory = Nothing End If Set cmdHistory = Nothing If rowCount = 0 Then %> <% End If ' Close shopdb connection objConnShopdb.Close Set objConnShopdb = Nothing Else ' ShopDB not available %>
USB checkout history not available.
<% End If %>
USB Device Checkout Check-in Duration Wiped
<%=deviceDisplay%> <%=checkoutTime%> <%=checkinTime%> <%=durationText%> <%=wipedText%>
No USB checkout history
View Full History
Achievements & Recognition
<% ' Query achievements from notifications table (Recognition type) Dim objConnAchieve, achieveAvailable achieveAvailable = False On Error Resume Next Set objConnAchieve = Server.CreateObject("ADODB.Connection") objConnAchieve.ConnectionString = GetConnectionString() objConnAchieve.Open If Err.Number = 0 Then achieveAvailable = True Else Err.Clear End If On Error Goto 0 If achieveAvailable And IsNumeric(sso) Then ' Get achievements for this SSO (all-time) Dim cmdAchieve, rsAchieve Dim achieveSQL, achieveCount achieveCount = 0 ' Recognition type ID is 5, search for SSO in employeesso field achieveSQL = "SELECT n.notification, n.starttime " & _ "FROM notifications n " & _ "WHERE n.notificationtypeid = 5 " & _ "AND n.employeesso LIKE ? " & _ "ORDER BY n.starttime DESC" Set cmdAchieve = Server.CreateObject("ADODB.Command") cmdAchieve.ActiveConnection = objConnAchieve cmdAchieve.CommandText = achieveSQL cmdAchieve.CommandType = 1 cmdAchieve.Parameters.Append cmdAchieve.CreateParameter("@sso", 200, 1, 100, "%" & sso & "%") On Error Resume Next Set rsAchieve = cmdAchieve.Execute If Err.Number = 0 Then %>
<% Do While Not rsAchieve.EOF achieveCount = achieveCount + 1 Dim achieveDate, achieveText achieveDate = "" achieveText = rsAchieve("notification") & "" If Not IsNull(rsAchieve("starttime")) Then achieveDate = FormatDateTime(rsAchieve("starttime"), 2) End If %>
<%=Server.HTMLEncode(achieveText)%>
<%=achieveDate%>
<% rsAchieve.MoveNext Loop rsAchieve.Close Set rsAchieve = Nothing %>
<% If achieveCount = 0 Then %>

No achievements recorded yet.

<% End If End If Set cmdAchieve = Nothing objConnAchieve.Close Set objConnAchieve = Nothing Else %>
Achievements not available.
<% End If %>
<% objconn.close %>