# Kiosk DTR / Biometric Payroll — Working Version 2 (Phase 1) ## Complete drop-in package for cPanel / learnalevel.com Browser-based attendance kiosk. Opens in Chrome on any Android tablet/phone (or iPad/laptop). The tablet talks to your server over normal HTTPS — no LAN, no VPN, no device-push protocol. Plain PHP + MySQL, NOT ScriptCase, so it installs directly with no ScriptCase deployment step. Phase 1 = **PIN + snapshot**. Employee enters number + PIN, the camera saves an audit photo, the punch is recorded with auto IN/OUT direction. Face recognition is Phase 2 (schema + endpoints already prepared; no rebuild). This package is pre-configured: API path is already set, folders are in place. The ONLY edit you must make is your database password (step 4). --- ## Folder layout (already correct in this zip — keep it as-is) ``` kiosk_app/ ├── kiosk/ │ └── index.html ← the page you open on the tablet ├── api/ │ ├── db_config.php ← edit DB password here (step 4) │ ├── punch.php │ ├── faces.php │ ├── enroll.php │ └── index.html ← directory guard (harmless) ├── uploads/ │ ├── index.html ← directory guard │ └── snapshots/ ← audit photos land here (make writable, step 5) └── db/ ├── schema.sql ← import FIRST └── seed.sql ← import SECOND ``` `index.html` already calls the API at `../api/` to match this layout — nothing to change there. --- ## Install steps (cPanel) **1. Upload & extract.** File Manager → `public_html` → upload this zip → Extract. You should end up with `public_html/kiosk_app/...` exactly as above. **2. Create the database.** cPanel → MySQL Databases: - Create database (becomes `ogzguwwq_kiosk` with your prefix). - Create a DB user + strong password. - Add the user to the database with **All Privileges**. - Write down the exact DB name, user, and password. **3. Import schema then seed.** cPanel → phpMyAdmin → click the database on the left → Import `db/schema.sql` → then Import `db/seed.sql`. (Order matters: schema first, seed second.) **4. Set your DB password.** *(the one required edit)* Edit `api/db_config.php`, the cPanel branch: ```php define('DB_USER', 'ogzguwwq_youruser'); // exact cPanel DB user define('DB_PASS', 'your_real_password'); // the password you set define('DB_NAME', 'ogzguwwq_kiosk'); // exact DB name ``` The file auto-detects server vs localhost, so this branch is used in production. **5. Make snapshots writable.** File Manager → `uploads/snapshots` → Change Permissions → **755** (use 775 if photos fail to save). **6. (Optional) Name this kiosk.** Edit `kiosk/index.html` near the top of the script if you want a different label or key (the seeded one works out of the box): ```js var KIOSK_KEY = 'MAINGATE-7F3A9C2E'; // must match a row in `kiosks` var KIOSK_LBL = 'Main Gate'; ``` For a second tablet, add another row to the `kiosks` table with its own key. **7. Open it.** On the tablet, Chrome → `https://learnalevel.com/kiosk_app/kiosk/` HTTPS is required (camera only works on a secure origin — you have SSL). Add to home screen for a clean full-screen kiosk. --- ## Test Employee number `EMP001`, PIN `1234` → tap **Time In / Out**. You should get the green success card. Tap again → it toggles to OUT. ## Default logins — CHANGE THESE before going live - Admin (for the future ScriptCase admin): `admin` / `admin123` - Demo employee: `EMP001` / `1234` (delete this employee in production) --- ## Verified working Tested against a live MySQL + PHP server in the exact sibling-folder layout: - Kiosk page loads (HTTP 200) - Punch via `../api/` records correctly; auto-direction toggles IN→OUT→IN - Wrong PIN / unknown employee / bad kiosk key all rejected - Snapshot decodes, saves to `uploads/snapshots/`, path stored on the row - enroll → faces round-trips a clean 128-float array (Phase 2 ready) - Dashboard views (v_punches_today, v_employee_status, v_daily_dtr) return live data ## Good to know - **PHP version:** code is 5.x-safe; PHP 7/8 (cPanel MultiPHP) also runs it fine. - **Camera locally:** works on `http://localhost` but NOT on a plain LAN IP — that's normal; production uses HTTPS so it's fine on the tablet. - **Snapshot cleanup:** photos accumulate over time. Ask me for a cleanup script (e.g. delete older than 90 days) when you're ready. - **Security:** the api/ endpoints require the kiosk_key and verify the PIN, so they're not open. Keep db_config.php as `.php` (never served as text). ## Next phases (just ask) - **ScriptCase admin** — enrollment, employee mgmt, live dashboard, DTR, payroll. Same DB. - **Phase 2 face** — face-api.js in the kiosk, in-browser matching, matched_by=FACE. - **Phase 3 payroll** — DTR rules + PH deductions (SSS/PhilHealth/Pag-IBIG/tax) + payslips.