change gitignore

2025-09-02 13:57:30 +02:00
parent d8b89fc4fe
commit 1bcb7eb180
9363 changed files with 1088355 additions and 608 deletions
@@ -1,11 +1,10 @@
 <?php
-    
-    ini_set('display_errors', '1');
+ini_set('display_errors', '1');
 ini_set('display_startup_errors', '1');
 error_reporting(E_ALL);
-// Connessione al database (assicurati di avere le tue credenziali)
-include('Connections/bkngstm.php');

+// Connessione al database
+include('Connections/bkngstm.php');

 // Crea una connessione al database
 $conn = new mysqli($servername, $username, $password, $dbname);
@@ -21,15 +20,16 @@ if (
    isset($_POST['surname-input']) &&
    isset($_POST['formrow-email-input']) &&
    isset($_POST['example-date-input']) &&
+    isset($_POST['first-lesson-date']) &&
    isset($_POST['ticket']) &&
    isset($_POST['formrow-inputState'])
 ) {
-
    // Prendi i dati dal modulo
    $first_name = $_POST['formrow-firstname-input'];
    $last_name = $_POST['surname-input'];
    $order_billing_email = $_POST['formrow-email-input'];
    $order_date_created = $_POST['example-date-input'];
+    $first_lesson_date = $_POST['first-lesson-date'];
    $nticket = $_POST['ticket'];
    $quantityclass = $_POST['ticket'];
    $idservice = $_POST['formrow-inputState'];
@@ -38,25 +38,22 @@ if (
    $cod = $_POST['cod'];
    $userid = isset($_POST['userid']) && !empty($_POST['userid']) ? $_POST['userid'] : NULL;

-
    // Prepara la query SQL
-    $sql = "INSERT INTO orderbook (first_name, last_name, order_billing_email, order_date_created, nticket, quantityclass, idservice, quantity, status, cod, iduser) 
-        VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
+    $sql = "INSERT INTO orderbook (first_name, last_name, order_billing_email, order_date_created, first_lesson_date, nticket, quantityclass, idservice, quantity, status, cod, iduser) 
+            VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";

+    $stmt = $conn->prepare($sql);
+    $stmt->bind_param("sssssssisssi", $first_name, $last_name, $order_billing_email, $order_date_created, $first_lesson_date, $nticket, $quantityclass, $idservice, $quantity, $status, $cod, $userid);

-$stmt = $conn->prepare($sql);
-$stmt->bind_param("sssssssissi", $first_name, $last_name, $order_billing_email, $order_date_created, $nticket, $quantityclass, $idservice, $quantity, $status, $cod, $userid);
+    if ($stmt->execute()) {
+        echo "Ordine inserito con successo!";
+        header("Location: orderbooklist.php");
+        exit;
+    } else {
+        echo "Errore: " . $stmt->error;
+    }

-
-  if ($stmt->execute()) {
-    echo "Ordine inserito con successo!";
-    // Reindirizzamento a orderbooklist.php dopo aver inserito con successo l'ordine
-    header("Location: orderbooklist.php");
-    exit;  // Assicurati di chiamare exit() dopo header() per fermare l'esecuzione dello script
-} else {
-    echo "Errore: " . $stmt->error;
+    $stmt->close();
 }

-$stmt->close();
-}  // Questa è la parentesi graffa che mancava
-?>
+$conn->close();
@@ -6,430 +6,381 @@ if (!$conn) {
    die("Connessione al database fallita: " . mysqli_connect_error());
 }
 // Query SQL per ottenere le informazioni desiderate
-$sql = "
-SELECT * from  orderbook WHERE orderbook.status ='pending'";
+$sql = "SELECT * from orderbook WHERE orderbook.status ='pending'";
 $result = mysqli_query($conn, $sql);
 // Verifica se la query ha restituito risultati
 if (!$result) {
    die("Errore nella query: " . mysqli_error($conn));
 }
 ?>
-?>
 <!doctype html>
 <html lang="en">
-    <head>
-        <meta charset="utf-8" />
-<title>YogiBook - Prenotazioni YogaSoul</title>
-        <meta name="viewport" content="width=device-width, initial-scale=1.0">
-        <meta content="YogiBook - Prenotazione facile YogaSOul" name="description" />
-        <meta content="Advanced Creative Solutions" name="author" />
-        <!-- App favicon -->
-        <link rel="shortcut icon" href="assets/images/favicon.ico">
-        <!-- Bootstrap Css -->
-        <link href="assets/css/bootstrap.min.css" id="bootstrap-style" rel="stylesheet" type="text/css" />
-        <!-- Icons Css -->
-        <link href="assets/css/icons.min.css" rel="stylesheet" type="text/css" />
-        <!-- App Css-->
-        <link href="assets/css/app.min.css" id="app-style" rel="stylesheet" type="text/css" />
-<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css">
-<script src="https://cdn.jsdelivr.net/npm/sweetalert2@10"></script>
-<link rel="stylesheet" href="https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css">
+
+<head>
+    <meta charset="utf-8" />
+    <title>YogiBook - Prenotazioni YogaSoul</title>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta content="YogiBook - Prenotazione facile YogaSOul" name="description" />
+    <meta content="Advanced Creative Solutions" name="author" />
+    <!-- App favicon -->
+    <link rel="shortcut icon" href="assets/images/favicon.ico">
+    <!-- Bootstrap Css -->
+    <link href="assets/css/bootstrap.min.css" id="bootstrap-style" rel="stylesheet" type="text/css" />
+    <!-- Icons Css -->
+    <link href="assets/css/icons.min.css" rel="stylesheet" type="text/css" />
+    <!-- App Css-->
+    <link href="assets/css/app.min.css" id="app-style" rel="stylesheet" type="text/css" />
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css">
+    <script src="https://cdn.jsdelivr.net/npm/sweetalert2@10"></script>
+    <link rel="stylesheet" href="https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css">
    <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script>
    <script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"></script>
-<script>
-    $(function() {
-        $("#expiryDate").datepicker({
-            dateFormat: "yy-mm-dd",  // Formato della data
-            minDate: 0,              // Impedisce la selezione di date passate
-            // Altre opzioni del datepicker se necessario
-        });
-    });
-</script>
    <script>
-$(document).ready(function() {
-    console.log("Script loaded and running!");
-
-    $(".surname").on("input", function() {
-        var searchTerm = $(this).val();
-        var currentForm = $(this).closest('form');  // Riferimento alla form corrente
-
-        if (searchTerm.length >= 2) {
-            $.ajax({
-                url: "search_users.php",
-                method: "POST",
-                data: { searchTerm: searchTerm },
-                dataType: "json",
-                success: function(data) {
-                    var results = data.results;
-                    currentForm.next('.search-results').empty();
-                    if (results.length > 0) {
-                        currentForm.next('.search-results').append("<p>Seleziona un utente:</p>");
-                        for (var i = 0; i < results.length; i++) {
-                            var user = results[i];
-                            currentForm.next('.search-results').append(
-                                '<div class="user-result" data-email="' + user.email + '" data-userid="' + user.userid + '" data-firstname="' + user.first_name + '" data-lastname="' + user.last_name + '">' +
-                                'Email: ' + user.email + ' | Nome: ' + user.first_name + ' | Cognome: ' + user.last_name +
-                                '</div>'
-                            );
+        $(function() {
+            $("#example-date-input, #first-lesson-date").datepicker({
+                dateFormat: "yy-mm-dd",
+                minDate: 0
+            });
+        });
+    </script>
+    <script>
+        $(document).ready(function() {
+            console.log("Script loaded and running!");
+            $(".surname").on("input", function() {
+                var searchTerm = $(this).val();
+                var currentForm = $(this).closest('form');
+                if (searchTerm.length >= 2) {
+                    $.ajax({
+                        url: "search_users.php",
+                        method: "POST",
+                        data: {
+                            searchTerm: searchTerm
+                        },
+                        dataType: "json",
+                        success: function(data) {
+                            var results = data.results;
+                            currentForm.next('.search-results').empty();
+                            if (results.length > 0) {
+                                currentForm.next('.search-results').append("<p>Seleziona un utente:</p>");
+                                for (var i = 0; i < results.length; i++) {
+                                    var user = results[i];
+                                    currentForm.next('.search-results').append(
+                                        '<div class="user-result" data-email="' + user.email + '" data-userid="' + user.userid + '" data-firstname="' + user.first_name + '" data-lastname="' + user.last_name + '">' +
+                                        'Email: ' + user.email + ' | Nome: ' + user.first_name + ' | Cognome: ' + user.last_name +
+                                        '</div>'
+                                    );
+                                }
+                                currentForm.next('.search-results').on('click', '.user-result', function() {
+                                    var selectedEmail = $(this).data("email");
+                                    var selectedUserId = $(this).data("userid");
+                                    var selectedFirstName = $(this).data("firstname");
+                                    var selectedLastName = $(this).data("lastname");
+                                    console.log("Email:", selectedEmail);
+                                    console.log("User ID:", selectedUserId);
+                                    console.log("First Name:", selectedFirstName);
+                                    console.log("Last Name:", selectedLastName);
+                                    currentForm.find(".email").val(selectedEmail);
+                                    currentForm.find(".userid").val(selectedUserId);
+                                    currentForm.find(".name").val(selectedFirstName);
+                                    currentForm.find(".surname").val(selectedLastName);
+                                    $("#userid").val(selectedUserId);
+                                });
+                            }
                        }
-                        // Qui attacchiamo il listener
-                        currentForm.next('.search-results').on('click', '.user-result', function() {
-                            var selectedEmail = $(this).data("email");
-                            var selectedUserId = $(this).data("userid");
-                            var selectedFirstName = $(this).data("firstname");
-                            var selectedLastName = $(this).data("lastname");
-                            console.log("Email:", selectedEmail);
-                            console.log("User ID:", selectedUserId);
-                            console.log("First Name:", selectedFirstName);
-                            console.log("Last Name:", selectedLastName);
-                            currentForm.find(".email").val(selectedEmail);
-                            currentForm.find(".userid").val(selectedUserId);
-                            currentForm.find(".name").val(selectedFirstName);
-                            currentForm.find(".surname").val(selectedLastName);
-                            $("#userid").val(selectedUserId);
-                        });
-                    }
+                    });
+                } else {
+                    currentForm.next('.search-results').empty();
                }
            });
-        } else {
-            currentForm.next('.search-results').empty();
+        });
+    </script>
+    <style>
+        .custom-card {
+            margin: 10px auto;
+            display: flex;
+            width: 90%;
+            max-width: 700px;
+            background-color: white;
+            box-shadow: 0px 2px 4px rgba(0, 0, 0, 0.1);
+            border-radius: 8px;
+            overflow: hidden;
+            cursor: pointer;
+            transition: transform 0.2s;
        }
-    });
-});

-</script>
-    
-<style>
-  .custom-card {
-    margin: 10px auto;
-    display: flex;
-    width: 90%;
-    max-width: 700px;
-    background-color: white;
-    box-shadow: 0px 2px 4px rgba(0, 0, 0, 0.1);
-    border-radius: 8px;
-    overflow: hidden;
-    cursor: pointer;
-    transition: transform 0.2s;
-  }
-  .custom-card:hover {
-    transform: translateY(-5px);
-  }
-  .custom-date-box {
-    flex: 1;
-    background-color: red;
-    color: white;
-    display: flex;
-    flex-direction: column;
-    justify-content: center;
-    align-items: center;
-    padding: 0;
-    font-size: 60px;
-    font-weight: bold;
-    border-top-left-radius: 8px;
-    border-bottom-left-radius: 8px;
-  }
-  .custom-day {
-    line-height: 1;
-  }
-  .custom-month {
-    font-size: 28px;
-  }
-  .custom-event-details {
-    flex: 2;
-    display: flex;
-    flex-direction: column;
-    padding: 10px 20px;
-    background-color: lightblue;
-  }
-  .custom-heading {
-    margin-top: 0;
-    font-size: 24px;
-  }
-  .custom-paragraph {
-    margin-bottom: 5px;
-  }
-  .custom-actions {
-    display: none;
-    flex-direction: row;
-    justify-content: space-between;
-    margin-top: 10px;
-  }
-  .custom-card.expanded .custom-actions {
-    display: flex;
-  }
-  .custom-action-button {
-    background-color: #f0f0f0;
-    border: none;
-    padding: 8px 12px;
-    border-radius: 4px;
-    cursor: pointer;
-    transition: background-color 0.2s;
-  }
-  .custom-action-button:hover {
-    background-color: #e0e0e0;
-  }
-  @media (max-width: 768px) {
-    .custom-card {
-      flex-direction: column;
-    }
-    .custom-date-box, .custom-event-details {
-      width: 100%;
-      border-radius: 0;
-    }
-    .custom-event-time {
-      font-size: 24px;
-    }
-  }
-</style>
-
-    
-    <body>
-    <!-- <body data-layout="horizontal"> -->
-        <!-- Begin page -->
-        <div id="layout-wrapper">
-            <!-- Top Bar -->
-            <header id="page-topbar" class="isvertical-topbar">
-                <div class="navbar-header">
-                    <div class="d-flex">
-                        <!-- LOGO -->
-                        <?php include('include/logoarea.php'); ?>
-                        <button type="button" class="btn btn-sm px-3 font-size-24 header-item waves-effect vertical-menu-btn">
-                            <i class="bx bx-menu align-middle"></i>
-                        </button>
-                        <!-- start page title -->
-                        <div class="page-title-box align-self-center d-none d-md-block">
-                            <h4 class="page-title mb-0">Prenotazione Classi</h4>
-                        </div>
-                        <!-- end page title -->
-                    </div>
-                    <div class="d-flex">
-          
-                        <?php include('include/languageselection.php'); ?>
-                        <div class="dropdown d-inline-block">
-                            <button type="button" class="btn header-item noti-icon"
-                                data-bs-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-                                <i class="bx bx-search icon-sm align-middle"></i>
-                            </button>
-                            <div class="dropdown-menu dropdown-menu-lg dropdown-menu-end p-0">
-                                <form class="p-2">
-                                    <div class="search-box">
-                                        <div class="position-relative">
-                                            <input type="text" class="form-control rounded bg-light border-0" placeholder="Search...">
-                                            <i class="bx bx-search search-icon"></i>
-                                        </div>
-                                    </div>
-                                </form>
-                            </div>
-                        </div>
-                        
-            
-                        <?php include('include/profiletopbar.php'); ?>
-                    </div>
-                </div>
-            </header>
-			<?php include('include/sidebar.php'); ?>
-		   
-           <header class="ishorizontal-topbar">
-                <div class="navbar-header">
-                    <div class="d-flex">
-                        
-                        
-                    </div>
-                   
-                </div>
-                <div class="topnav">
-                    <div class="container-fluid">
-                        <nav class="navbar navbar-light navbar-expand-lg topnav-menu">
-    
-                            
-                        </nav>
-                    </div>
-                </div>
-            </header>
-            <!-- ============================================================== -->
-            <!-- Start right Content here -->
-            <!-- ============================================================== -->
-            <div class="main-content">
-                <div class="page-content">
-                    <div class="container-fluid">
-                        
-                        <div class="row">
-                            <div class="col-xl-12">
-                                <div class="card">
-                                    <div class="card-body">
-                                    
-                                    
-                                <h5>Benvenuta/o <?php echo $firstname; ?> </h5>
-                                <p>Ordini Pending</p>
-                                      <div class="table-responsive">
-<table class="table table-striped mb-0">
-    <thead>
-        <tr>
-            <th>ID Ordine</th>
-            <th>Data</th>
-            <th>Utente</th>
-            <th>Iduser</th>
-            <th>Class</th>
-            <th>Quantità</th>
-            <th>Propaga</th>
-            <th>Cancella</th>
-        </tr>
-        </thead>
-        <tbody>
-        <?php
-        // Loop attraverso i risultati della query
-        while ($row = mysqli_fetch_assoc($result)) {
-            echo "<tr>";
-            echo "<td>" . $row['order_id'] . "</td>";
-            echo "<td>" . $row['order_date_created'] . "</td>";
-            echo "<td>" . $row['first_name'] . " " . $row['last_name'] ."</td>";
-            echo "<td>" . $row['iduser'] . "</td>";
-            echo "<td>" . $row['cod'] . "</td>";
-            echo "<td>" . $row['quantityclass'] . "</td>";
-            echo "<td>" . "<a href='propagatesingleorder.php?idorder=" . $row['idorderbook'] . "'><button type='button' class='btn btn-success waves-effect btn-label waves-light'><i class='bx bx-check-double label-icon'></i> Propaga</button></a>" . "</td>";
-            echo "<td>" . "<a href='cancelsingleorder.php?idorder=" . $row['idorderbook'] . "'><button type='button' class='btn btn-danger waves-effect waves-light'><i class='bx bx-block font-size-16 align-middle me-2'></i> Cancella</button></a>" . "</td>";
-            echo "</tr>";
+        .custom-card:hover {
+            transform: translateY(-5px);
        }
-        ?>
-        </tbody>
-    </table>
-                                        </div>  
-                                
-                                    </div>
-                                </div>
-                            </div>
-                           
-                    
-                    </div>
-                    
-                    <!-- sezion inserimento ordini-->
-                    
-                    <div class="row">
-                            <div class="col-xl-12">
-                                <div class="card">
-                                    <div class="card-body">
-                                    
-                                    
-                                <h5>Inserisci nuovo Ordine</h5>
-                               
-                                   <form action="inserisci_ordine.php" method="post">
-                                            
-                                            
-                                          <div class="row">
-    <div class="col-md-6 mb-3"> <!-- Half width on medium screens -->
-        <label for="formrow-firstname-input" class="form-label">Enter First Name</label>
-        <input type="text" class="form-control name" placeholder="First Name" id="formrow-firstname-input" name="formrow-firstname-input">
-    </div>
-    <div class="col-md-6 mb-3"> <!-- Half width on medium screens -->
-       <label for="surname-input" class="form-label">Cognome</label>
-<input list="users-suggestions" type="text" class="form-control surname" placeholder="Last Name" id="surname-input" name="surname-input">
-    </div>
-</div>
-                                            <div class="row">
-                                                
-                                                <div class="col-md-6">
-                                                    <div class="mb-3">
-                                                        <label for="formrow-email-input" class="form-label">Enter Email</label>
-                                                        <input type="email" class="form-control email" placeholder="Email" id="formrow-email-input" name="formrow-email-input">
-                                                        
-                                                    </div>
-                                                </div>
-                                                <div class="col-md-6">
-                                                    <div class="mb-3">
-                                            <label for="example-date-input" class="col-md-2 col-form-label">Data Ordine</label>
-                                           
-                                                <input class="form-control" type="date" value="" id="example-date-input" name="example-date-input">
-                                           
-                                        </div>
-                                                </div>
-                                            </div>
-                                            <div class="row">
-                                                <div class="col-lg-4">
-                                                    <div class="mb-3">
-                                                        <label for="ticket" class="form-label">N. Ticket</label>
-                                                        <input type="text" class="form-control" placeholder="Ticket" id="ticket" name="ticket">
-                                                        <input type="text" name="userid" id="userid" value="" />

-                                                    </div>
-                                                </div>
-                                              
-                                               <div class="col-lg-4">
-    <div class="mb-3">
-    <label for="formrow-inputState" class="form-label">Classe</label>
-    <select id="formrow-inputState" name="formrow-inputState" class="form-select">
-        <?php
-        // Stabilisci la connessione al database
-        $conn = new mysqli($servername, $username, $password, $dbname);
-        // Controlla la connessione
-        if ($conn->connect_error) {
-            die("Connection failed: " . $conn->connect_error);
+        .custom-date-box {
+            flex: 1;
+            background-color: red;
+            color: white;
+            display: flex;
+            flex-direction: column;
+            justify-content: center;
+            align-items: center;
+            padding: 0;
+            font-size: 60px;
+            font-weight: bold;
+            border-top-left-radius: 8px;
+            border-bottom-left-radius: 8px;
        }
-        // Esegui la query
-        $sql = "SELECT idservice, servicename, day, time FROM service ORDER BY servicename";
-        $result = $conn->query($sql);
-        echo '<option selected="">Choose...</option>';
-        if ($result->num_rows > 0) {
-            while($row = $result->fetch_assoc()) {
-                $label = $row['servicename'] . ' - ' . $row['day'] . ' - ' . $row['time'];
-                $value = $row['idservice'];
-                echo "<option value='$value'>$label</option>";
+
+        .custom-day {
+            line-height: 1;
+        }
+
+        .custom-month {
+            font-size: 28px;
+        }
+
+        .custom-event-details {
+            flex: 2;
+            display: flex;
+            flex-direction: column;
+            padding: 10px 20px;
+            background-color: lightblue;
+        }
+
+        .custom-heading {
+            margin-top: 0;
+            font-size: 24px;
+        }
+
+        .custom-paragraph {
+            margin-bottom: 5px;
+        }
+
+        .custom-actions {
+            display: none;
+            flex-direction: row;
+            justify-content: space-between;
+            margin-top: 10px;
+        }
+
+        .custom-card.expanded .custom-actions {
+            display: flex;
+        }
+
+        .custom-action-button {
+            background-color: #f0f0f0;
+            border: none;
+            padding: 8px 12px;
+            border-radius: 4px;
+            cursor: pointer;
+            transition: background-color 0.2s;
+        }
+
+        .custom-action-button:hover {
+            background-color: #e0e0e0;
+        }
+
+        @media (max-width: 768px) {
+            .custom-card {
+                flex-direction: column;
+            }
+
+            .custom-date-box,
+            .custom-event-details {
+                width: 100%;
+                border-radius: 0;
+            }
+
+            .custom-event-time {
+                font-size: 24px;
            }
-        } else {
-            echo '<option>No services available</option>';
        }
-        // Chiudi la connessione
-        $conn->close();
-        ?>
-    </select>
-    <input type="hidden" name="cod" id="hiddenCod">
-</div>
+    </style>
+</head>

-<script>
-    // Seleziona l'elemento 'select' e il campo nascosto
-    const selectElem = document.getElementById('formrow-inputState');
-    const hiddenElem = document.getElementById('hiddenCod');
-
-    // Aggiungi un event listener per l'evento 'change'
-    selectElem.addEventListener('change', function() {
-        // Aggiorna il valore del campo nascosto con il testo dell'opzione selezionata
-        hiddenElem.value = selectElem.options[selectElem.selectedIndex].text;
-    });
-</script>
-</div>
-                                            </div>
-                                            <div>
-                                                <button type="submit" class="btn btn-primary w-md">Submit</button>
-                                            </div>
-                                            
-                                            
-                                        </form>
-                                <div class="search-results"></div>
+<body>
+    <div id="layout-wrapper">
+        <header id="page-topbar" class="isvertical-topbar">
+            <div class="navbar-header">
+                <div class="d-flex">
+                    <?php include('include/logoarea.php'); ?>
+                    <button type="button" class="btn btn-sm px-3 font-size-24 header-item waves-effect vertical-menu-btn">
+                        <i class="bx bx-menu align-middle"></i>
+                    </button>
+                    <div class="page-title-box align-self-center d-none d-md-block">
+                        <h4 class="page-title mb-0">Prenotazione Classi</h4>
+                    </div>
+                </div>
+                <div class="d-flex">
+                    <?php include('include/languageselection.php'); ?>
+                    <div class="dropdown d-inline-block">
+                        <button type="button" class="btn header-item noti-icon" data-bs-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+                            <i class="bx bx-search icon-sm align-middle"></i>
+                        </button>
+                        <div class="dropdown-menu dropdown-menu-lg dropdown-menu-end p-0">
+                            <form class="p-2">
+                                <div class="search-box">
+                                    <div class="position-relative">
+                                        <input type="text" class="form-control rounded bg-light border-0" placeholder="Search...">
+                                        <i class="bx bx-search search-icon"></i>
+                                    </div>
+                                </div>
+                            </form>
+                        </div>
+                    </div>
+                    <?php include('include/profiletopbar.php'); ?>
+                </div>
+            </div>
+        </header>
+        <?php include('include/sidebar.php'); ?>
+        <header class="ishorizontal-topbar">
+            <div class="navbar-header">
+                <div class="d-flex"></div>
+            </div>
+            <div class="topnav">
+                <div class="container-fluid">
+                    <nav class="navbar navbar-light navbar-expand-lg topnav-menu"></nav>
+                </div>
+            </div>
+        </header>
+        <div class="main-content">
+            <div class="page-content">
+                <div class="container-fluid">
+                    <div class="row">
+                        <div class="col-xl-12">
+                            <div class="card">
+                                <div class="card-body">
+                                    <h5>Benvenuta/o <?php echo $firstname; ?> </h5>
+                                    <p>Ordini Pending</p>
+                                    <div class="table-responsive">
+                                        <table class="table table-striped mb-0">
+                                            <thead>
+                                                <tr>
+                                                    <th>ID Ordine</th>
+                                                    <th>Data</th>
+                                                    <th>Utente</th>
+                                                    <th>Iduser</th>
+                                                    <th>Class</th>
+                                                    <th>Quantità</th>
+                                                    <th>Propaga</th>
+                                                    <th>Cancella</th>
+                                                </tr>
+                                            </thead>
+                                            <tbody>
+                                                <?php
+                                                while ($row = mysqli_fetch_assoc($result)) {
+                                                    echo "<tr>";
+                                                    echo "<td>" . $row['order_id'] . "</td>";
+                                                    echo "<td>" . $row['order_date_created'] . "</td>";
+                                                    echo "<td>" . $row['first_name'] . " " . $row['last_name'] . "</td>";
+                                                    echo "<td>" . $row['iduser'] . "</td>";
+                                                    echo "<td>" . $row['cod'] . "</td>";
+                                                    echo "<td>" . $row['quantityclass'] . "</td>";
+                                                    echo "<td>" . "<a href='propagatesingleorder.php?idorder=" . $row['idorderbook'] . "'><button type='button' class='btn btn-success waves-effect btn-label waves-light'><i class='bx bx-check-double label-icon'></i> Propaga</button></a>" . "</td>";
+                                                    echo "<td>" . "<a href='cancelsingleorder.php?idorder=" . $row['idorderbook'] . "'><button type='button' class='btn btn-danger waves-effect waves-light'><i class='bx bx-block font-size-16 align-middle me-2'></i> Cancella</button></a>" . "</td>";
+                                                    echo "</tr>";
+                                                }
+                                                ?>
+                                            </tbody>
+                                        </table>
                                    </div>
                                </div>
                            </div>
-                           
-                    
+                        </div>
+                    </div>
+                    <div class="row">
+                        <div class="col-xl-12">
+                            <div class="card">
+                                <div class="card-body">
+                                    <h5>Inserisci nuovo Ordine</h5>
+                                    <form action="inserisci_ordine.php" method="post">
+                                        <div class="row">
+                                            <div class="col-md-6 mb-3">
+                                                <label for="formrow-firstname-input" class="form-label">Enter First Name</label>
+                                                <input type="text" class="form-control name" placeholder="First Name" id="formrow-firstname-input" name="formrow-firstname-input">
+                                            </div>
+                                            <div class="col-md-6 mb-3">
+                                                <label for="surname-input" class="form-label">Cognome</label>
+                                                <input list="users-suggestions" type="text" class="form-control surname" placeholder="Last Name" id="surname-input" name="surname-input">
+                                            </div>
+                                        </div>
+                                        <div class="row">
+                                            <div class="col-md-6">
+                                                <div class="mb-3">
+                                                    <label for="formrow-email-input" class="form-label">Enter Email</label>
+                                                    <input type="email" class="form-control email" placeholder="Email" id="formrow-email-input" name="formrow-email-input">
+                                                </div>
+                                            </div>
+                                            <div class="col-md-6">
+                                                <div class="mb-3">
+                                                    <label for="example-date-input" class="form-label">Data Ordine</label>
+                                                    <input class="form-control" type="date" value="" id="example-date-input" name="example-date-input">
+                                                </div>
+                                            </div>
+                                        </div>
+                                        <div class="row">
+                                            <div class="col-md-6">
+                                                <div class="mb-3">
+                                                    <label for="first-lesson-date" class="form-label">Data Prima Lezione</label>
+                                                    <input class="form-control" type="date" value="" id="first-lesson-date" name="first-lesson-date">
+                                                </div>
+                                            </div>
+                                            <div class="col-lg-4">
+                                                <div class="mb-3">
+                                                    <label for="ticket" class="form-label">N. Ticket</label>
+                                                    <input type="text" class="form-control" placeholder="Ticket" id="ticket" name="ticket">
+                                                    <input type="text" name="userid" id="userid" value="" />
+                                                </div>
+                                            </div>
+                                            <div class="col-lg-4">
+                                                <div class="mb-3">
+                                                    <label for="formrow-inputState" class="form-label">Classe</label>
+                                                    <select id="formrow-inputState" name="formrow-inputState" class="form-select">
+                                                        <?php
+                                                        $conn = new mysqli($servername, $username, $password, $dbname);
+                                                        if ($conn->connect_error) {
+                                                            die("Connection failed: " . $conn->connect_error);
+                                                        }
+                                                        $sql = "SELECT idservice, servicename, day, time FROM service ORDER BY servicename";
+                                                        $result = $conn->query($sql);
+                                                        echo '<option selected="">Choose...</option>';
+                                                        if ($result->num_rows > 0) {
+                                                            while ($row = $result->fetch_assoc()) {
+                                                                $label = $row['servicename'] . ' - ' . $row['day'] . ' - ' . $row['time'];
+                                                                $value = $row['idservice'];
+                                                                echo "<option value='$value'>$label</option>";
+                                                            }
+                                                        } else {
+                                                            echo '<option>No services available</option>';
+                                                        }
+                                                        $conn->close();
+                                                        ?>
+                                                    </select>
+                                                    <input type="hidden" name="cod" id="hiddenCod">
+                                                </div>
+                                                <script>
+                                                    const selectElem = document.getElementById('formrow-inputState');
+                                                    const hiddenElem = document.getElementById('hiddenCod');
+                                                    selectElem.addEventListener('change', function() {
+                                                        hiddenElem.value = selectElem.options[selectElem.selectedIndex].text;
+                                                    });
+                                                </script>
+                                            </div>
+                                        </div>
+                                        <div>
+                                            <button type="submit" class="btn btn-primary w-md">Submit</button>
+                                        </div>
+                                    </form>
+                                    <div class="search-results"></div>
+                                </div>
+                            </div>
+                        </div>
                    </div>
-                    
-                    <!-- container-fluid -->
                </div>
-               
-   
-                <!-- End Page-content -->
                <?php include('include/footer.php'); ?>
            </div>
-            <!-- end main content-->
        </div>
-        <!-- END layout-wrapper -->
-        
-        
-        
-        <!-- JAVASCRIPT -->
        <script src="assets/libs/bootstrap/js/bootstrap.bundle.min.js"></script>
        <script src="assets/libs/metismenujs/metismenujs.min.js"></script>
        <script src="assets/libs/simplebar/simplebar.min.js"></script>
        <script src="assets/libs/eva-icons/eva.min.js"></script>
        <script src="assets/js/app.js"></script>
-    </body>
+</body>
+
 </html>
@@ -1,20 +1,20 @@
 <?php
+
 use PHPMailer\PHPMailer\PHPMailer;
 use PHPMailer\PHPMailer\Exception;
-?>
-<?php
-    header('Content-Type: text/html; charset=utf-8'); 
+
+header('Content-Type: text/html; charset=utf-8');
 ini_set('display_errors', '1');
 ini_set('display_startup_errors', '1');
 error_reporting(E_ALL);
 include('Connections/bkngstm.php');
-//require_once('include/headscript.php'); ?>
-<?php
+
 // take idorder
 if (isset($_GET['idorder'])) {
-$idorder = $_GET['idorder']; }
-// Crea la connessione al database
+    $idorder = $_GET['idorder'];
+}

+// Crea la connessione al database
 $conn = new mysqli($servername, $username, $password, $dbname);

 // Verifica la connessione
@@ -23,8 +23,11 @@ if ($conn->connect_error) {
 }

 // Seleziona i record con status 'pending' dalla tabella orderbook
-$select_query = "SELECT * FROM orderbook WHERE orderbook.idorderbook='$idorder'";
-$result = $conn->query($select_query);
+$select_query = "SELECT * FROM orderbook WHERE idorderbook = ?";
+$stmt = $conn->prepare($select_query);
+$stmt->bind_param("i", $idorder);
+$stmt->execute();
+$result = $stmt->get_result();

 if ($result->num_rows > 0) {
    while ($row = $result->fetch_assoc()) {
@@ -35,245 +38,225 @@ if ($result->num_rows > 0) {
        $service_id = $row["idservice"];
        $quantity_class = $row["quantityclass"];
        $ordern = $row["order_id"];
-        
+        $first_lesson_date = $row["first_lesson_date"];

-        
        echo "Elaborazione record con ID: $order_id, Service ID: $service_id\n";
-        
-        $user_query = "SELECT id FROM auth_users WHERE email = '$billing_email'";
-        $user_result = $conn->query($user_query);
+
+        $user_query = "SELECT id FROM auth_users WHERE email = ?";
+        $stmt_user = $conn->prepare($user_query);
+        $stmt_user->bind_param("s", $billing_email);
+        $stmt_user->execute();
+        $user_result = $stmt_user->get_result();

        if ($user_result->num_rows > 0) {
            $user_row = $user_result->fetch_assoc();
            $user_id = $user_row["id"];
-
-            $update_query = "UPDATE orderbook SET iduser = '$user_id' WHERE idorderbook = '$order_id'";
-            $conn->query($update_query);
+            $update_query = "UPDATE orderbook SET iduser = ? WHERE idorderbook = ?";
+            $stmt_update = $conn->prepare($update_query);
+            $stmt_update->bind_param("ii", $user_id, $order_id);
+            $stmt_update->execute();
+            $stmt_update->close();
        } else {
-             // Genera una password casuale e crea l'hash
-            $password = "YogiBook159"; // La password casuale
+            $password = "YogiBook159";
            $hashed_password = password_hash($password, PASSWORD_DEFAULT);
-            // Inserisci un nuovo utente in auth_users
            $todaydate = date('Y-m-d H:i:s');
            $insert_query = "INSERT INTO auth_users (email, password, first_name, last_name, role_id, status, created_at, avatar)
-                             VALUES ('$billing_email', '$hashed_password', '$first_name', '$last_name', 2, 'Active', '$todaydate', 'meditationb.png')";
-            $conn->query($insert_query);
-
-            // Ottieni l'ID appena inserito
+                             VALUES (?, ?, ?, ?, 2, 'Active', ?, 'meditationb.png')";
+            $stmt_insert = $conn->prepare($insert_query);
+            $stmt_insert->bind_param("sssss", $billing_email, $hashed_password, $first_name, $last_name, $todaydate);
+            $stmt_insert->execute();
            $new_user_id = $conn->insert_id;
+            $stmt_insert->close();

-            // Aggiorna l'ID utente nell'ordine
-            $update_query = "UPDATE orderbook SET iduser = '$new_user_id' WHERE idorderbook = '$order_id'";
-            $conn->query($update_query);
+            $update_query = "UPDATE orderbook SET iduser = ? WHERE idorderbook = ?";
+            $stmt_update = $conn->prepare($update_query);
+            $stmt_update->bind_param("ii", $new_user_id, $order_id);
+            $stmt_update->execute();
+            $stmt_update->close();
        }
+        $stmt_user->close();
    }
    echo "Aggiornamento completato con successo.";
 } else {
    echo "Nessun record con status 'pending' trovato.";
 }
+$stmt->close();

-
-
-//recupera servischedule
-
-// Seleziona i primi "n" record dalla tabella serviceschedule successivi al momento attuale
-$current_datetime = date("Y-m-d H:i:s");
-$service_schedule_query = "SELECT * FROM serviceschedule WHERE idservice = '$service_id' AND dateschedule >= '$current_datetime' ORDER BY dateschedule";
-$service_schedule_result = $conn->query($service_schedule_query);
+// Recupera servischedule a partire da first_lesson_date
+$service_schedule_query = "SELECT * FROM serviceschedule WHERE idservice = ? AND dateschedule >= ? ORDER BY dateschedule";
+$stmt_schedule = $conn->prepare($service_schedule_query);
+$stmt_schedule->bind_param("is", $service_id, $first_lesson_date);
+$stmt_schedule->execute();
+$service_schedule_result = $stmt_schedule->get_result();

 if ($service_schedule_result->num_rows > 0) {
    echo "Record per l'ordine ID: $order_id\n";
-    
-     $inserted_count = 0;  // Numero di inserimenti effettuati con successo
-    
+    $inserted_count = 0;

    while ($schedule_row = $service_schedule_result->fetch_assoc()) {
-    
-      if ($inserted_count >= $quantity_class) {
-          break;  // Se il numero di inserimenti riusciti è sufficiente, esci dal ciclo
+        if ($inserted_count >= $quantity_class) {
+            break;
        }
-    
        $date_schedule = $schedule_row["dateschedule"];
        $selected_user_id = isset($new_user_id) ? $new_user_id : $user_id;
-        
        $idservice = $schedule_row["idservice"];
+        $idserviceschedule = $schedule_row["idserviceschedule"];

-//recover number of booking
-$idserviceschedule = $schedule_row["idserviceschedule"];
+        $querychk = "SELECT * FROM bookingclass WHERE iduser = ? AND idserviceschedule = ?";
+        $stmt_chk = $conn->prepare($querychk);
+        $stmt_chk->bind_param("ii", $selected_user_id, $idserviceschedule);
+        $stmt_chk->execute();
+        $result = $stmt_chk->get_result();

-//check if already booked
-$querychk = "SELECT * FROM bookingclass WHERE iduser = '$user_id' AND idserviceschedule = '$idserviceschedule'";
-$result = mysqli_query($conn, $querychk);
+        if ($result->num_rows == 0) {
+            $service_maxcapacity_query = "SELECT maxcapacity FROM service WHERE idservice = ?";
+            $stmt_maxcapacity = $conn->prepare($service_maxcapacity_query);
+            $stmt_maxcapacity->bind_param("i", $idservice);
+            $stmt_maxcapacity->execute();
+            $service_maxcapacity_result = $stmt_maxcapacity->get_result();
+            $row = $service_maxcapacity_result->fetch_assoc();
+            $maxcapacity = $row['maxcapacity'];
+            $stmt_maxcapacity->close();

+            $bookingclass_count_query = "SELECT COUNT(*) as total_records FROM bookingclass WHERE idserviceschedule = ?";
+            $stmt_count = $conn->prepare($bookingclass_count_query);
+            $stmt_count->bind_param("i", $idserviceschedule);
+            $stmt_count->execute();
+            $bookingclass_count_result = $stmt_count->get_result();
+            $rowcount = $bookingclass_count_result->fetch_assoc();
+            $total_records = $rowcount['total_records'];
+            $stmt_count->close();

-if ($result) {
-    // Verifica se esiste almeno una riga nella query
-    if (mysqli_num_rows($result) == 0) {
-
-
-//recover maxcapacity
-$service_maxcapacity_query = "SELECT maxcapacity FROM service WHERE idservice = '$idservice'";
-$service_maxcapacity_result = $conn->query($service_maxcapacity_query);
-
-    $row = $service_maxcapacity_result->fetch_assoc();
-    $maxcapacity = $row['maxcapacity'];
-    
-
-
-$bookingclass_count_query = "SELECT COUNT(*) as total_records FROM bookingclass WHERE idserviceschedule = '$idserviceschedule'";
-$bookingclass_count_result = $conn->query($bookingclass_count_query);
-
-if ($bookingclass_count_result) {
-    $rowcount= $bookingclass_count_result->fetch_assoc();
-    $total_records = $rowcount['total_records'];
-
-    // Ora hai il numero totale di record con l'idserviceschedule specificato
-} else {
-    $total_records='0';
-}
-
-// Check if maxcapacity is greater than total_records before inserting
            if ($maxcapacity > $total_records) {
-
-        // Inserisci il nuovo record in bookingclass
-        $insert_booking_query = "INSERT INTO bookingclass (idserviceschedule, idservice, iduser, bookingstart,idorder)
-                                 VALUES ('{$schedule_row['idserviceschedule']}', '$service_id', '$selected_user_id', '$date_schedule', '$order_id')";
-       if ($conn->query($insert_booking_query)) {
-                echo "Inserito record in bookingclass per l'ordine ID: $order_id\n";
-                $inserted_count++;
+                $insert_booking_query = "INSERT INTO bookingclass (idserviceschedule, idservice, iduser, bookingstart, idorder)
+                                         VALUES (?, ?, ?, ?, ?)";
+                $stmt_insert_booking = $conn->prepare($insert_booking_query);
+                $stmt_insert_booking->bind_param("iiisi", $idserviceschedule, $service_id, $selected_user_id, $date_schedule, $order_id);
+                if ($stmt_insert_booking->execute()) {
+                    echo "Inserito record in bookingclass per l'ordine ID: $order_id\n";
+                    $inserted_count++;
+                } else {
+                    echo "Errore durante l'inserimento: " . $stmt_insert_booking->error . "\n";
+                }
+                $stmt_insert_booking->close();
            } else {
-                echo "Errore durante l'inserimento: " . $conn->error . "\n";
+                echo "La capacità massima è stata raggiunta. Impossibile effettuare la prenotazione.\n";
            }
-        } else {
-            echo "La capacità massima è stata raggiunta. Impossibile effettuare la prenotazione.\n";
        }
-            
-    }}
-    //brackets of while 
+        $stmt_chk->close();
    }

-    // Aggiorna lo status a 'booked' nella tabella orderbook
-    $update_order_status_query = "UPDATE orderbook SET status = 'booked' WHERE idorderbook = '$order_id'";
-    $conn->query($update_order_status_query);
-
+    $update_order_status_query = "UPDATE orderbook SET status = 'booked' WHERE idorderbook = ?";
+    $stmt_status = $conn->prepare($update_order_status_query);
+    $stmt_status->bind_param("i", $order_id);
+    $stmt_status->execute();
+    $stmt_status->close();
    echo "Aggiornato lo status a 'booked' per l'ordine ID: $order_id\n";
-    
-    //send email to user
-    
+
    require 'phpmailer/src/Exception.php';
-require 'phpmailer/src/PHPMailer.php';
-require 'phpmailer/src/SMTP.php';
-$name=$first_name;
-
-$messageedit="    <p style='font-size: 14px; line-height: 190%;'><span style='font-size: 18px; line-height: 34.2px;'><strong><span style='line-height: 34.2px; font-size: 18px;'> Ciao $name , </span></strong></span></p>
-<p style='font-size: 14px; line-height: 190%;'><span style='font-size: 16px; line-height: 30.4px;'>Le prenotazioni relative al tuo ultimo ordine n. $ordern sono state inserite con successo!</span></p>
-<p style='font-size: 14px; line-height: 190%;'><span style='font-size: 16px; line-height: 30.4px;'>Puoi vederle e riprogrammarle dall'indirizzo https://yogibook.yogasoul.it </span></p>
-<br>
-<p style='font-size: 14px; line-height: 190%;'><span style='font-size: 16px; line-height: 30.4px;'>Per il primo accesso devi per prima cosa resettare la password cliccando di seguito</span></p>
-<br>
-<a href='https://yogibook.yogasoul.it/public/password/reset' target='_blank' class='v-button v-font-size' style='box-sizing: border-box;display: inline-block;text-decoration: none;-webkit-text-size-adjust: none;text-align: center;color: #FFFFFF; background-color: #3AAEE0; border-radius: 4px;-webkit-border-radius: 4px; -moz-border-radius: 4px; width:auto; max-width:100%; overflow-wrap: break-word; word-break: break-word; word-wrap:break-word; mso-border-alt: none;font-size: 14px;'>
-      <span style='display:block;padding:10px 20px;line-height:120%;'><span style='line-height: 16.8px;'>Reset Password</span></span>
-    </a>
-<br>
-<br>
-<p style='font-size: 14px; line-height: 190%;'><span style='font-size: 16px; line-height: 30.4px;'>Ci vediamo sul tappetino!</span></p>
-<p style='font-size: 14px; line-height: 190%;'><span style='font-size: 16px; line-height: 30.4px;'>Il Team Yogasoul</span></p>";
-
-$buttonedit="<a href='https://yogibook.yogasoul.it/' target='_blank' class='v-button v-font-size' style='box-sizing: border-box;display: inline-block;text-decoration: none;-webkit-text-size-adjust: none;text-align: center;color: #FFFFFF; background-color: #3AAEE0; border-radius: 4px;-webkit-border-radius: 4px; -moz-border-radius: 4px; width:auto; max-width:100%; overflow-wrap: break-word; word-break: break-word; word-wrap:break-word; mso-border-alt: none;font-size: 14px;'>
-      <span style='display:block;padding:10px 20px;line-height:120%;'><span style='line-height: 16.8px;'>YogiBook - YogaSoul</span></span>
-    </a>";
-
-    //mail to client
-
-$mail = new PHPMailer(true);
-
-$mail->isSMTP();                                      // Set mailer to use SMTP
-$mail->Host = 'mail.yogasoul.it';  // Specify main and backup server
-$mail->SMTPAuth = true;                               // Enable SMTP authentication
-$mail->Username = 'info@yogasoul.it';                            // SMTP username
-$mail->Password = '!Testolina88';                           // SMTP password
-$mail->SMTPSecure = 'tls';                            // Enable encryption, 'ssl' also accepted
-$mail->Port       = '587'; 
-    
-
-include('mail/emailtemplate2.php');
-// Email body content 
-
-//$trfnmbmail=$appformn.'r'.$revnumb;
-$htmlContent = $mailmessage1; 
-    
-    
-$mail->From = 'info@yogasoul.it';
-$mail->FromName = 'YogiBook [YogaSoul]';
-$mail->addAddress($billing_email);  // Add a recipient
-    
-
-                          
-
-$mail->Subject = "YogiBook - Prenotazioni effettuate per il tuo ordine $ordern";
-$mail->Body    = $htmlContent;
-$mail->AltBody = 'This is the body in plain text for non-HTML mail clients';
-
+    require 'phpmailer/src/PHPMailer.php';
+    require 'phpmailer/src/SMTP.php';
+    $name = $first_name;
+    $messageedit = "<p style='font-size: 14px; line-height: 190%;'><span style='font-size: 18px; line-height: 34.2px;'><strong><span style='line-height: 34.2px; font-size: 18px;'> Ciao $name , </span></strong></span></p>
+                    <p style='font-size: 14px; line-height: 190%;'><span style='font-size: 16px; line-height: 30.4px;'>Le prenotazioni relative al tuo ultimo ordine n. $ordern sono state inserite con successo!</span></p>
+                    <p style='font-size: 14px; line-height: 190%;'><span style='font-size: 16px; line-height: 30.4px;'>Puoi vederle e riprogrammarle dall'indirizzo https://yogibook.yogasoul.it </span></p>
+                    <br>
+                    <p style='font-size: 14px; line-height: 190%;'><span style='font-size: 16px; line-height: 30.4px;'>Per il primo accesso devi per prima cosa resettare la password cliccando di seguito</span></p>
+                    <br>
+                    <a href='https://yogibook.yogasoul.it/public/password/reset' target='_blank' class='v-button v-font-size' style='box-sizing: border-box;display: inline-block;text-decoration: none;-webkit-text-size-adjust: none;text-align: center;color: #FFFFFF; background-color: #3AAEE0; border-radius: 4px;-webkit-border-radius: 4px; -moz-border-radius: 4px; width:auto; max-width:100%; overflow-wrap: break-word; word-break: break-word; word-wrap:break-word; mso-border-alt: none;font-size: 14px;'>
+                        <span style='display:block;padding:10px 20px;line-height:120%;'><span style='line-height: 16.8px;'>Reset Password</span></span>
+                    </a>
+                    <br>
+                    <br>
+                    <p style='font-size: 14px; line-height: 190%;'><span style='font-size: 16px; line-height: 30.4px;'>Ci vediamo sul tappetino!</span></p>
+                    <p style='font-size: 14px; line-height: 190%;'><span style='font-size: 16px; line-height: 30.4px;'>Il Team Yogasoul</span></p>";
+    $buttonedit = "<a href='https://yogibook.yogasoul.it/' target='_blank' class='v-button v-font-size' style='box-sizing: border-box;display: inline-block;text-decoration: none;-webkit-text-size-adjust: none;text-align: center;color: #FFFFFF; background-color: #3AAEE0; border-radius: 4px;-webkit-border-radius: 4px; -moz-border-radius: 4px; width:auto; max-width:100%; overflow-wrap: break-word; word-break: break-word; word-wrap:break-word; mso-border-alt: none;font-size: 14px;'>
+                    <span style='display:block;padding:10px 20px;line-height:120%;'><span style='line-height: 16.8px;'>YogiBook - YogaSoul</span></span>
+                </a>";
+    $mail = new PHPMailer(true);
+    $mail->isSMTP();
+    $mail->Host = 'mail.yogasoul.it';
+    $mail->SMTPAuth = true;
+    $mail->Username = 'info@yogasoul.it';
+    $mail->Password = '!Testolina88';
+    $mail->SMTPSecure = 'tls';
+    $mail->Port = '587';
+    include('mail/emailtemplate2.php');
+    $htmlContent = $mailmessage1;
+    $mail->From = 'info@yogasoul.it';
+    $mail->FromName = 'YogiBook [YogaSoul]';
+    $mail->addAddress($billing_email);
+    $mail->Subject = "YogiBook - Prenotazioni effettuate per il tuo ordine $ordern";
+    $mail->Body = $htmlContent;
+    $mail->AltBody = 'This is the body in plain text for non-HTML mail clients';
    $mail->send();
-    
-    //mail sent
-
-    
-    
-
-    // ... (il resto del codice come prima)
 } else {
-    echo "Nessun record di schedule futuro trovato per l'ordine ID: $order_id\n";
+    echo "Nessun record di schedule futuro trovato per l'ordine ID: $order_id a partire dalla data della prima lezione: $first_lesson_date\n";
 }
+$stmt_schedule->close();

-
-    // Recupera il numero di settimane da expiryparameter
-$expiry_class_query = "SELECT quantityclass FROM orderbook WHERE idorderbook = '$order_id'";
-$expiry_class_result = $conn->query($expiry_class_query);
+// Recupera il numero di settimane da expiryparameter
+$expiry_class_query = "SELECT quantityclass, first_lesson_date FROM orderbook WHERE idorderbook = ?";
+$stmt_expiry = $conn->prepare($expiry_class_query);
+$stmt_expiry->bind_param("i", $order_id);
+$stmt_expiry->execute();
+$expiry_class_result = $stmt_expiry->get_result();

 if ($expiry_class_result && $expiry_class_result->num_rows > 0) {
    $row = $expiry_class_result->fetch_assoc();
    $quantity_class = $row['quantityclass'];
+    $first_lesson_date = $row['first_lesson_date'];

-    $expiry_weeks_query = "SELECT expiryweeks FROM expiryparameter WHERE quantityclass = '$quantity_class'";
-    $expiry_weeks_result = $conn->query($expiry_weeks_query);
+    $expiry_weeks_query = "SELECT expiryweeks FROM expiryparameter WHERE quantityclass = ?";
+    $stmt_expiry_weeks = $conn->prepare($expiry_weeks_query);
+    $stmt_expiry_weeks->bind_param("i", $quantity_class);
+    $stmt_expiry_weeks->execute();
+    $expiry_weeks_result = $stmt_expiry_weeks->get_result();

    if ($expiry_weeks_result && $expiry_weeks_result->num_rows > 0) {
        $expiry_row = $expiry_weeks_result->fetch_assoc();
        $expiry_weeks = $expiry_row['expiryweeks'];

-        // Aggiorna la colonna expireon in orderbook
-        $update_expiry_query = "UPDATE orderbook SET expireon = DATE_ADD(order_date_created, INTERVAL $expiry_weeks WEEK) WHERE idorderbook = '$order_id'";
-        $conn->query($update_expiry_query);
+        // Aggiorna la colonna expireon in orderbook basandosi su first_lesson_date
+        $update_expiry_query = "UPDATE orderbook SET expireon = DATE_ADD(first_lesson_date, INTERVAL ? WEEK) WHERE idorderbook = ?";
+        $stmt_update_expiry = $conn->prepare($update_expiry_query);
+        $stmt_update_expiry->bind_param("ii", $expiry_weeks, $order_id);
+        $stmt_update_expiry->execute();
+        $stmt_update_expiry->close();

-   echo "Aggiornata la colonna expireon per l'ordine ID: $order_id\n";
+        echo "Aggiornata la colonna expireon per l'ordine ID: $order_id\n";
    } else {
        echo "Nessun record trovato in expiryparameter per quantityclass: $quantity_class\n";
    }
+    $stmt_expiry_weeks->close();
 } else {
    echo "Nessun record trovato in orderbook per l'ordine ID: $order_id\n";
 }
+$stmt_expiry->close();

 // Recupera il numero da expiryparameter per maxreschedule
-$reschedule_number_query = "SELECT reschedulenumber FROM expiryparameter WHERE quantityclass = '$quantity_class'";
-$reschedule_number_result = $conn->query($reschedule_number_query);
+$reschedule_number_query = "SELECT reschedulenumber FROM expiryparameter WHERE quantityclass = ?";
+$stmt_reschedule = $conn->prepare($reschedule_number_query);
+$stmt_reschedule->bind_param("i", $quantity_class);
+$stmt_reschedule->execute();
+$reschedule_number_result = $stmt_reschedule->get_result();

 if ($reschedule_number_result && $reschedule_number_result->num_rows > 0) {
    $reschedule_row = $reschedule_number_result->fetch_assoc();
    $reschedule_number = $reschedule_row['reschedulenumber'];

-    // Aggiorna la colonna maxreschedule in orderbook
-    $update_max_reschedule_query = "UPDATE orderbook SET maxreschedule = '$reschedule_number' WHERE idorderbook = '$order_id'";
-    $conn->query($update_max_reschedule_query);
+    $update_max_reschedule_query = "UPDATE orderbook SET maxreschedule = ? WHERE idorderbook = ?";
+    $stmt_max_reschedule = $conn->prepare($update_max_reschedule_query);
+    $stmt_max_reschedule->bind_param("ii", $reschedule_number, $order_id);
+    $stmt_max_reschedule->execute();
+    $stmt_max_reschedule->close();

    echo "Aggiornata la colonna maxreschedule per l'ordine ID: $order_id\n";
    header("Location: orderbooklist.php");
    exit();
-    
 } else {
    echo "Nessun record trovato in expiryparameter per quantityclass: $quantity_class\n";
 }
+$stmt_reschedule->close();

-// Chiudi la connessione al database
 $conn->close();
-?>