solocla/yogiboook_new
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

certificati aggiunti

Browse Source
This commit is contained in:
Claudio 2026-01-15 17:35:16 +01:00
parent f31a496b8c
commit 39fb15c649
6 changed files with 402 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
public/userarea/certificate/2-1768494750-CONTRATTO_CONTO_DEPOSITO_5_Novembre_2024.pdf Normal file
View File

Binary file not shown.

BIN
public/userarea/certificate/2-1768494842-CONTRATTO_CONTO_DEPOSITO_5_Novembre_2024.pdf Normal file
View File

Binary file not shown.

BIN
public/userarea/certificate/2-1768494853-2026-01-14_14-05__1_.pdf Normal file
View File

Binary file not shown.

6
public/userarea/include/navbar.php
View File

@ -18,6 +18,12 @@
<div class="menu-title">Dashboard Utente</div> <div class="menu-title">Dashboard Utente</div>
</a> </a>
</li> </li>
<li>
<a href="my_certificates.php">
<div class="parent-icon"><i class="bx bx-store"></i></div>
<div class="menu-title">Certificati</div>
</a>
</li>
<li> <li>
<a href="shop-school.php"> <a href="shop-school.php">
<div class="parent-icon"><i class="bx bx-store"></i></div> <div class="parent-icon"><i class="bx bx-store"></i></div>

319
public/userarea/my_certificates.php Normal file
View File

@ -0,0 +1,319 @@
<?php
session_start();
include('include/headscript.php');
if (!isset($_SESSION['iduserlogin'])) {
header('Location: login.php');
exit;
}
$iduserlogin = (int)$_SESSION['iduserlogin'];
$dbHandler = DBHandlerSelect::getInstance();
$pdo = $dbHandler->getConnection();
// =============================================
// CARICAMENTO CERTIFICATO (POST)
// =============================================
$success = $error = "";
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['certificate']) && $_FILES['certificate']['error'] === UPLOAD_ERR_OK) {
$file = $_FILES['certificate'];
$allowed_ext = ['jpg', 'jpeg', 'png', 'pdf', 'heic', 'heif'];
$ext = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
if (!in_array($ext, $allowed_ext)) {
$error = "Formato non supportato. Ammessi: jpg, jpeg, png, pdf, heic, heif";
} elseif ($file['size'] > 10 * 1024 * 1024) {
$error = "File troppo grande (max 10MB)";
} elseif (empty($_POST['expiry_date'])) {
$error = "La data di scadenza è obbligatoria";
} else {
$upload_dir = __DIR__ . '/certificate/';
if (!is_dir($upload_dir)) {
mkdir($upload_dir, 0755, true);
}
$safe_name = preg_replace('/[^a-zA-Z0-9\._-]/', '_', basename($file['name']));
$new_filename = $iduserlogin . '-' . time() . '-' . $safe_name;
$destination = $upload_dir . $new_filename;
if (move_uploaded_file($file['tmp_name'], $destination)) {
$document_name = trim($_POST['document_name'] ?? 'certificato');
if (empty($document_name)) $document_name = 'certificato';
$expiry_date = $_POST['expiry_date'];
$notes = trim($_POST['notes'] ?? '');
$stmt = $pdo->prepare("
INSERT INTO user_medical_certificates
(user_id, filename, stored_path, document_name, expiry_date, notes, uploaded_at)
VALUES (?, ?, ?, ?, ?, ?, NOW())
");
$stmt->execute([
$iduserlogin,
$file['name'],
'certificate/' . $new_filename,
$document_name,
$expiry_date,
$notes
]);
$success = "Certificato caricato correttamente!";
} else {
$error = "Errore durante il salvataggio del file.";
}
}
}
// =============================================
// ELIMINAZIONE CERTIFICATO
// =============================================
if (isset($_GET['delete']) && is_numeric($_GET['delete'])) {
$cert_id = (int)$_GET['delete'];
$stmt = $pdo->prepare("SELECT stored_path FROM user_medical_certificates WHERE id = ? AND user_id = ?");
$stmt->execute([$cert_id, $iduserlogin]);
$cert = $stmt->fetch();
if ($cert) {
$full_path = __DIR__ . '/' . $cert['stored_path'];
if (file_exists($full_path)) {
@unlink($full_path);
}
$stmt = $pdo->prepare("DELETE FROM user_medical_certificates WHERE id = ? AND user_id = ?");
$stmt->execute([$cert_id, $iduserlogin]);
$success = "Certificato eliminato.";
}
}
// =============================================
// LISTA CERTIFICATI
// =============================================
$stmt = $pdo->prepare("
SELECT id, filename, stored_path, document_name, expiry_date, uploaded_at, notes
FROM user_medical_certificates
WHERE user_id = ?
ORDER BY uploaded_at DESC
");
$stmt->execute([$iduserlogin]);
$certificates = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Dati utente base (solo per titolo o saluto)
$stmt = $pdo->prepare("SELECT first_name FROM auth_users WHERE id = ?");
$stmt->execute([$iduserlogin]);
$user = $stmt->fetch();
?>
<!doctype html>
<html lang="it">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>I miei Certificati Medici - Yogiboook</title>
<?php include('cssinclude.php'); ?>
<?php include('siteinfo.php'); ?>
<style>
.dropzone {
border: 2px dashed #0d6efd;
border-radius: 10px;
padding: 50px 20px;
text-align: center;
background: #f8f9fa;
transition: all 0.3s;
cursor: pointer;
}
.dropzone.dragover {
background: #e7f1ff;
border-color: #0dcaf0;
}
.table th,
.table td {
vertical-align: middle;
}
.expired {
color: #dc3545;
font-weight: bold;
}
.file-link {
color: #0d6efd;
text-decoration: underline;
cursor: pointer;
}
.file-link:hover {
color: #0056b3;
}
</style>
</head>
<body>
<div class="wrapper">
<?php include('include/navbar.php'); ?>
<?php include('include/topbar.php'); ?>
<div class="page-wrapper">
<div class="page-content">
<div class="container-xl">
<div class="card shadow">
<div class="card-header bg-primary text-white">
<h4 class="mb-0">I miei Certificati Medici</h4>
</div>
<div class="card-body">
<?php if ($success): ?>
<div class="alert alert-success alert-dismissible fade show">
<?= htmlspecialchars($success) ?>
<button type="button" class="btn-close" data-bs-dismiss="alert"></button>
</div>
<?php endif; ?>
<?php if ($error): ?>
<div class="alert alert-danger alert-dismissible fade show">
<?= htmlspecialchars($error) ?>
<button type="button" class="btn-close" data-bs-dismiss="alert"></button>
</div>
<?php endif; ?>
<!-- FORM UPLOAD -->
<form method="POST" enctype="multipart/form-data" id="uploadForm">
<div class="row g-4 mb-5">
<div class="col-lg-7">
<div class="dropzone" id="dropzone">
<i class="bx bx-cloud-upload bx-lg mb-3 text-primary"></i>
<h5>Trascina qui il file oppure clicca per selezionare</h5>
<p class="text-muted mb-1">Formati: jpg, jpeg, png, pdf, heic, heif (max 10 MB)</p>
<input type="file" name="certificate" id="fileInput" accept=".jpg,.jpeg,.png,.pdf,.heic,.heif" hidden>
</div>
<div id="selectedFileName" class="mt-2 text-primary fw-bold small" style="min-height: 1.5em;"></div>
</div>
<div class="col-lg-5">
<div class="mb-3">
<label class="form-label fw-bold">Nome documento <span class="text-danger">*</span></label>
<input type="text" name="document_name" class="form-control" value="certificato" required>
</div>
<div class="mb-3">
<label class="form-label fw-bold">Data scadenza <span class="text-danger">*</span></label>
<input type="date" name="expiry_date" class="form-control" required>
</div>
<div class="mb-3">
<label class="form-label">Note (opzionale)</label>
<textarea name="notes" class="form-control" rows="2"></textarea>
</div>
<button type="submit" class="btn btn-primary w-100">
<i class="bx bx-upload me-2"></i> Carica Certificato
</button>
</div>
</div>
</form>
<!-- TABELLA CERTIFICATI -->
<?php if (empty($certificates)): ?>
<div class="text-center py-5 text-muted">
<i class="bx bx-file-blank bx-lg"></i>
<h5 class="mt-3">Nessun certificato caricato</h5>
</div>
<?php else: ?>
<h5 class="mt-5 mb-3">Certificati caricati (<?= count($certificates) ?>)</h5>
<div class="table-responsive">
<table class="table table-hover table-bordered align-middle">
<thead class="table-light">
<tr>
<th>Data caricamento</th>
<th>Nome documento / File</th>
<th>Scadenza</th>
<th>Note</th>
<th>Azioni</th>
</tr>
</thead>
<tbody>
<?php foreach ($certificates as $cert):
$file_url = '../' . $cert['stored_path'];
$expired = $cert['expiry_date'] && strtotime($cert['expiry_date']) < time();
?>
<tr>
<td><?= date('d/m/Y H:i', strtotime($cert['uploaded_at'])) ?></td>
<td>
<a href="<?= htmlspecialchars($file_url) ?>" target="_blank" class="file-link">
<?= htmlspecialchars($cert['document_name']) ?>
<br>
<small class="text-muted">(<?= htmlspecialchars($cert['filename']) ?>)</small>
</a>
</td>
<td class="<?= $expired ? 'expired' : '' ?>">
<?= $cert['expiry_date'] ? date('d/m/Y', strtotime($cert['expiry_date'])) : '—' ?>
<?= $expired ? '<br><small>SCADUTO</small>' : '' ?>
</td>
<td><?= $cert['notes'] ? nl2br(htmlspecialchars(substr($cert['notes'], 0, 100))) . (strlen($cert['notes']) > 100 ? '...' : '') : '—' ?></td>
<td class="text-center">
<a href="?delete=<?= $cert['id'] ?>" class="btn btn-sm btn-outline-danger delete-cert"
onclick="return confirm('Vuoi davvero eliminare questo certificato?');">
<i class="bx bx-trash"></i> Elimina
</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<?php endif; ?>
</div>
</div>
</div>
</div>
</div>
<?php include('include/footer.php'); ?>
</div>
<?php include('jsinclude.php'); ?>
<script>
const dropzone = document.getElementById('dropzone');
const fileInput = document.getElementById('fileInput');
dropzone.addEventListener('click', () => fileInput.click());
dropzone.addEventListener('dragover', (e) => {
e.preventDefault();
dropzone.classList.add('dragover');
});
dropzone.addEventListener('dragleave', () => {
dropzone.classList.remove('dragover');
});
dropzone.addEventListener('drop', (e) => {
e.preventDefault();
dropzone.classList.remove('dragover');
if (e.dataTransfer.files.length > 0) {
fileInput.files = e.dataTransfer.files;
document.getElementById('uploadForm').submit();
}
});
fileInput.addEventListener('change', function() {
const fileNameDiv = document.getElementById('selectedFileName');
if (this.files.length > 0) {
fileNameDiv.textContent = 'File selezionato: ' + this.files[0].name;
fileNameDiv.classList.add('text-success');
} else {
fileNameDiv.textContent = '';
fileNameDiv.classList.remove('text-success');
}
});
</script>
</body>
</html>

85
public/userarea/school_settings.php
View File

@ -18,6 +18,11 @@ $stmt = $pdo->prepare("SELECT * FROM school_settings WHERE school_id = ?");
$stmt->execute([$school_id]); $stmt->execute([$school_id]);
$settings = $stmt->fetch(); $settings = $stmt->fetch();
// Ricarica con default se manca la colonna (per scuole vecchie)
if ($settings && !array_key_exists('portal_purchases_enabled', $settings)) {
$settings['portal_purchases_enabled'] = 1;
}
$is_new = !$settings; $is_new = !$settings;
$success_message = $error = ""; $success_message = $error = "";
@ -48,15 +53,23 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (!empty($_POST['allow_drop_in'])) $product_types[] = 'drop_in'; if (!empty($_POST['allow_drop_in'])) $product_types[] = 'drop_in';
$allowed_product_types = !empty($product_types) ? implode(',', $product_types) : 'none'; $allowed_product_types = !empty($product_types) ? implode(',', $product_types) : 'none';
$portal_purchases_enabled = !empty($_POST['portal_purchases_enabled']) ? 1 : 0;
// Se acquisti portale disabilitati → forza anche propagate a 0
$auto_propagate_on_purchase = $portal_purchases_enabled
? (!empty($_POST['auto_propagate_on_purchase']) ? 1 : 0)
: 0;
// === SALVATAGGIO === // === SALVATAGGIO ===
try { try {
if ($is_new) { if ($is_new) {
$stmt = $pdo->prepare(" $stmt = $pdo->prepare("
INSERT INTO school_settings ( INSERT INTO school_settings (
school_id, header_color, sidebar_color, payment_methods, currency_code, enable_notifications, school_id, header_color, sidebar_color, payment_methods, currency_code, enable_notifications,
allow_freeze_global, freeze_max_days_global, auto_propagate_on_purchase, allow_freeze_global, freeze_max_days_global, auto_propagate_on_purchase,
allow_full_access_rebooking, allowed_product_types allow_full_access_rebooking, allowed_product_types,
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) portal_purchases_enabled
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
"); ");
$stmt->execute([ $stmt->execute([
$school_id, $school_id,
@ -69,15 +82,17 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$freeze_max_days_global, $freeze_max_days_global,
$auto_propagate_on_purchase, $auto_propagate_on_purchase,
$allow_full_access_rebooking, $allow_full_access_rebooking,
$allowed_product_types $allowed_product_types,
$portal_purchases_enabled
]); ]);
$success_message = "Impostazioni create con successo!"; $success_message = "Impostazioni create con successo!";
} else { } else {
$stmt = $pdo->prepare(" $stmt = $pdo->prepare("
UPDATE school_settings SET UPDATE school_settings SET
header_color = ?, sidebar_color = ?, payment_methods = ?, currency_code = ?, enable_notifications = ?, header_color = ?, sidebar_color = ?, payment_methods = ?, currency_code = ?, enable_notifications = ?,
allow_freeze_global = ?, freeze_max_days_global = ?, auto_propagate_on_purchase = ?, allow_freeze_global = ?, freeze_max_days_global = ?, auto_propagate_on_purchase = ?,
allow_full_access_rebooking = ?, allowed_product_types = ? allow_full_access_rebooking = ?, allowed_product_types = ?,
portal_purchases_enabled = ?
WHERE school_id = ? WHERE school_id = ?
"); ");
$stmt->execute([ $stmt->execute([
@ -91,7 +106,9 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$auto_propagate_on_purchase, $auto_propagate_on_purchase,
$allow_full_access_rebooking, $allow_full_access_rebooking,
$allowed_product_types, $allowed_product_types,
$portal_purchases_enabled,
$school_id $school_id
]); ]);
$success_message = "Impostazioni aggiornate con successo!"; $success_message = "Impostazioni aggiornate con successo!";
} }
@ -178,6 +195,17 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
</div> </div>
</div> </div>
<div class="mt-4">
<div class="form-check form-switch">
<input class="form-check-input" type="checkbox" name="portal_purchases_enabled" id="portal_enabled"
<?php echo ($settings['portal_purchases_enabled'] ?? 1) ? 'checked' : ''; ?>>
<label class="form-check-label" for="portal_enabled">
Acquisti pacchetti attivi nel portale YoGiBook
</label>
</div>
<small class="form-text text-muted">Se disattivato, anche la propagazione automatica e i pagamenti vengono forzati a NO.</small>
</div>
<br>
<div class="col-12 mb-4"> <div class="col-12 mb-4">
<label class="form-label">Metodi di pagamento accettati</label> <label class="form-label">Metodi di pagamento accettati</label>
<div class="row g-3"> <div class="row g-3">
@ -231,6 +259,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
</div> </div>
</div> </div>
<div class="mt-4"> <div class="mt-4">
<div class="form-check form-switch"> <div class="form-check form-switch">
<input class="form-check-input" type="checkbox" name="allow_full_access_rebooking" id="full_access" <?php echo ($settings['allow_full_access_rebooking'] ?? 1) ? 'checked' : ''; ?>> <input class="form-check-input" type="checkbox" name="allow_full_access_rebooking" id="full_access" <?php echo ($settings['allow_full_access_rebooking'] ?? 1) ? 'checked' : ''; ?>>
@ -286,6 +316,45 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
document.querySelector('input[name="freeze_max_days_global"]').disabled = !this.checked; document.querySelector('input[name="freeze_max_days_global"]').disabled = !this.checked;
}); });
</script> </script>
<script>
const portal = document.getElementById('portal_enabled');
const propagate = document.getElementById('auto_propagate');
const stripe = document.getElementById('pay_stripe');
const paypal = document.getElementById('pay_paypal');
const manual = document.getElementById('pay_manual');
function syncPortalState() {
if (!portal) return;
const isEnabled = portal.checked;
// Propaga
if (propagate) {
propagate.disabled = !isEnabled;
if (!isEnabled) propagate.checked = false;
}
// Stripe + PayPal
if (stripe) {
stripe.disabled = !isEnabled;
if (!isEnabled) stripe.checked = false;
}
if (paypal) {
paypal.disabled = !isEnabled;
if (!isEnabled) paypal.checked = false;
}
if (manual) {
manual.disabled = !isEnabled;
if (!isEnabled) manual.checked = false;
}
}
if (portal) {
portal.addEventListener('change', syncPortalState);
// Esegui subito (importante per il caricamento iniziale)
syncPortalState();
}
</script>
</body> </body>
</html> </html>