From 6a7a346a76be64b2b22c5ee12a7f0da1e1d5b6db Mon Sep 17 00:00:00 2001
From: Claudio <info@claudiosironi.com>
Date: Tue, 25 Feb 2025 16:29:20 +0100
Subject: [PATCH] added nuovo proprietario

---
 public/userportal/add-new-owner.php | 114 +++++++++++++++++++---------
 1 file changed, 77 insertions(+), 37 deletions(-)

diff --git a/public/userportal/add-new-owner.php b/public/userportal/add-new-owner.php
index edf42d4..7a6851d 100644
--- a/public/userportal/add-new-owner.php
+++ b/public/userportal/add-new-owner.php
@@ -1,48 +1,88 @@
 <?php
-include('include/db_connect.php'); // Connessione al DB
-header('Content-Type: application/json');
+ini_set('display_errors', 1);
+ini_set('display_startup_errors', 1);
+error_reporting(E_ALL);
 
-$user_id = $_POST['user_id'];
-$owner_type = $_POST['owner_type'];
-$first_name = $_POST['first_name'] ?? null;
-$last_name = $_POST['last_name'] ?? null;
-$company_name = $_POST['company_name'] ?? null;
-$tax_code = $_POST['tax_code'];
-$email = $_POST['email'];
-$phone = $_POST['phone'] ?? null;
-$address = $_POST['address'] ?? null;
-$postal_code = $_POST['postal_code'] ?? null;
-$city = $_POST['city'] ?? null;
-$province = $_POST['province'] ?? null;
-$country = $_POST['country'] ?? null;
-$role = $_POST['role'] ?? null;
-$notes = $_POST['notes'] ?? null;
+include('include/headscript.php'); // Assicuriamoci che carichi la connessione DB
 
-// Verifica se il codice fiscale esiste già
-$checkQuery = $conn->prepare("SELECT owner_id FROM property_owners WHERE tax_code = ?");
-$checkQuery->bind_param("s", $tax_code);
-$checkQuery->execute();
-$checkQuery->store_result();
+// Connessione al database
+$conn = new mysqli($servername, $username, $password, $database);
 
-if ($checkQuery->num_rows > 0) {
-    echo json_encode(["success" => false, "message" => "Questo codice fiscale esiste già!"]);
-    exit;
+if ($conn->connect_error) {
+    die(json_encode(["success" => false, "message" => "Errore di connessione: " . $conn->connect_error]));
 }
 
-// Inserisci il nuovo proprietario
-$query = $conn->prepare("INSERT INTO property_owners (user_id, first_name, last_name, company_name, tax_code, email, phone, address, postal_code, city, province, country, owner_type, role, notes) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
-$query->bind_param("issssssssssssss", $user_id, $first_name, $last_name, $company_name, $tax_code, $email, $phone, $address, $postal_code, $city, $province, $country, $owner_type, $role, $notes);
+// Ricezione dati dal form
+$user_id = isset($_POST['user_id']) ? intval($_POST['user_id']) : 0;
+$first_name = isset($_POST['first_name']) ? $conn->real_escape_string($_POST['first_name']) : null;
+$last_name = isset($_POST['last_name']) ? $conn->real_escape_string($_POST['last_name']) : null;
+$company_name = isset($_POST['company_name']) ? $conn->real_escape_string($_POST['company_name']) : null;
+$tax_code = isset($_POST['tax_code']) ? $conn->real_escape_string($_POST['tax_code']) : null;
+$email = isset($_POST['email']) ? $conn->real_escape_string($_POST['email']) : null;
+$phone = isset($_POST['phone']) ? $conn->real_escape_string($_POST['phone']) : null;
+$address = isset($_POST['address']) ? $conn->real_escape_string($_POST['address']) : null;
+$postal_code = isset($_POST['postal_code']) ? $conn->real_escape_string($_POST['postal_code']) : null;
+$city = isset($_POST['city']) ? $conn->real_escape_string($_POST['city']) : null;
+$province = isset($_POST['province']) ? $conn->real_escape_string($_POST['province']) : null;
+$country = isset($_POST['country']) ? intval($_POST['country']) : null;
+$owner_type = isset($_POST['owner_type']) ? $conn->real_escape_string($_POST['owner_type']) : null;
+$role = isset($_POST['role']) ? $conn->real_escape_string($_POST['role']) : null;
+$notes = isset($_POST['notes']) ? $conn->real_escape_string($_POST['notes']) : null;
 
-if ($query->execute()) {
-    echo json_encode([
-        "success" => true,
-        "message" => "Proprietario salvato con successo!",
-        "owner_id" => $conn->insert_id,
-        "owner_name" => $owner_type == "company" ? $company_name : "$first_name $last_name",
-        "tax_code" => $tax_code
-    ]);
+// Validazione dei campi obbligatori
+if (!$user_id || !$tax_code || !$email || !$owner_type) {
+    die(json_encode(["success" => false, "message" => "Campi obbligatori mancanti."]));
+}
+
+// Se è una persona fisica, company_name deve essere NULL
+if ($owner_type === "individual") {
+    $company_name = null;
+}
+
+// Controlla se il proprietario esiste già (evita duplicati)
+$queryCheck = $conn->prepare("SELECT owner_id FROM property_owners WHERE tax_code = ?");
+$queryCheck->bind_param("s", $tax_code);
+$queryCheck->execute();
+$resultCheck = $queryCheck->get_result();
+
+if ($resultCheck->num_rows > 0) {
+    die(json_encode(["success" => false, "message" => "Esiste già un proprietario con questo Codice Fiscale/Partita IVA."]));
+}
+
+// Inserisci nuovo proprietario
+$queryInsert = $conn->prepare("
+    INSERT INTO property_owners (user_id, first_name, last_name, company_name, tax_code, email, phone, address, postal_code, city, province, country, owner_type, role, notes) 
+    VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+");
+
+if ($queryInsert === false) {
+    die(json_encode(["success" => false, "message" => "Errore nella query: " . $conn->error]));
+}
+
+$queryInsert->bind_param(
+    "issssssssssssss",
+    $user_id,
+    $first_name,
+    $last_name,
+    $company_name,
+    $tax_code,
+    $email,
+    $phone,
+    $address,
+    $postal_code,
+    $city,
+    $province,
+    $country,
+    $owner_type,
+    $role,
+    $notes
+);
+
+if ($queryInsert->execute()) {
+    echo json_encode(["success" => true, "message" => "Proprietario aggiunto con successo!", "owner_id" => $queryInsert->insert_id, "owner_name" => $first_name . " " . $last_name, "tax_code" => $tax_code]);
 } else {
-    echo json_encode(["success" => false, "message" => "Errore nell'inserimento."]);
+    die(json_encode(["success" => false, "message" => "Errore nell'inserimento: " . $queryInsert->error]));
 }
 
+// Chiude la connessione
 $conn->close();