diff --git a/.env b/.env index eaf6c4d..3e84209 100644 --- a/.env +++ b/.env @@ -23,12 +23,12 @@ REDIS_PASSWORD=null REDIS_PORT=6379 MAIL_MAILER=mail -MAIL_FROM_NAME=YogaSoul -MAIL_FROM_ADDRESS=info@yogasoul.it -MAIL_HOST=mail.yogasoul.it +MAIL_FROM_NAME=YogiBoook +MAIL_FROM_ADDRESS=info@yogiboook.com +MAIL_HOST=mail.yogiboook.com MAIL_PORT=465 -MAIL_USERNAME=info@yogasoul.it -MAIL_PASSWORD=!Testolina88 +MAIL_USERNAME=info@yogiboook.com +MAIL_PASSWORD=!NuovaZelanda2020 MAIL_ENCRYPTION=ssl PUSHER_APP_ID= diff --git a/public/phototeachers/qrcodes/2-5d518ce9cdb43b39.png b/public/phototeachers/qrcodes/2-5d518ce9cdb43b39.png new file mode 100644 index 0000000..9e34886 Binary files /dev/null and b/public/phototeachers/qrcodes/2-5d518ce9cdb43b39.png differ diff --git a/public/userarea/add_teacher.php b/public/userarea/add_teacher.php new file mode 100644 index 0000000..2f4c7bb --- /dev/null +++ b/public/userarea/add_teacher.php @@ -0,0 +1,156 @@ +getConnection(); + +if (!isset($iduserlogin)) die("Accesso negato."); + +$school_id = (int)($_POST['school_id'] ?? 0); + +// Recupera scuola per email mittente +$stmt = $pdo->prepare("SELECT name, email FROM schools WHERE id = ?"); +$stmt->execute([$school_id]); +$school = $stmt->fetch(PDO::FETCH_ASSOC); +if (!$school) die("Scuola non trovata."); + +$first_name = trim($_POST['first_name'] ?? ''); +$last_name = trim($_POST['last_name'] ?? ''); +$email = trim($_POST['email'] ?? ''); +$phone = trim($_POST['phone'] ?? ''); +$description = trim($_POST['description'] ?? ''); +$specializations = trim($_POST['specializations'] ?? ''); + +// Validazione base +if (empty($first_name) || empty($last_name) || empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) { + header("Location: teacher_list.php?error=Campi obbligatori mancanti o email non valida"); + exit; +} + +// Controlla se email esiste già +$stmt = $pdo->prepare("SELECT id, first_name, last_name FROM auth_users WHERE email = ? LIMIT 1"); +$stmt->execute([$email]); +$existing = $stmt->fetch(PDO::FETCH_ASSOC); + +if ($existing) { + + // 1) Trova (o crea) la riga in teachers per questo auth_user + $stmtT = $pdo->prepare("SELECT id FROM teachers WHERE user_id = ? LIMIT 1"); + $stmtT->execute([(int)$existing['id']]); + $teacherRow = $stmtT->fetch(PDO::FETCH_ASSOC); + + if (!$teacherRow) { + $unique_code = bin2hex(random_bytes(8)); + $insT = $pdo->prepare(" + INSERT INTO teachers (user_id, unique_code, status, created_by) + VALUES (?, ?, 'active', ?) + "); + $insT->execute([(int)$existing['id'], $unique_code, (int)$iduserlogin]); + $teacher_id = (int)$pdo->lastInsertId(); + } else { + $teacher_id = (int)$teacherRow['id']; + } + + // 2) Crea (o riusa) il link in teacher_schools come pending + $checkLink = $pdo->prepare(" + SELECT id, status + FROM teacher_schools + WHERE teacher_id = ? AND school_id = ? + LIMIT 1 + "); + $checkLink->execute([$teacher_id, $school_id]); + $link = $checkLink->fetch(PDO::FETCH_ASSOC); + + if ($link && $link['status'] === 'active') { + header("Location: teacher_list.php?error=Insegnante già collegata alla scuola."); + exit; + } + + if ($link && $link['status'] === 'pending') { + $link_id = (int)$link['id']; + } else { + $insLink = $pdo->prepare(" + INSERT INTO teacher_schools (teacher_id, school_id, status, created_at, updated_at) + VALUES (?, ?, 'pending', NOW(), NOW()) + "); + $insLink->execute([$teacher_id, $school_id]); + $link_id = (int)$pdo->lastInsertId(); + } + + // Email richiesta collegamento + $subject = "Richiesta di collegamento alla scuola {$school['name']}"; + + // ✅ NON cambio percorso base, aggiungo solo link_id + $confirmUrl = "http://localhost/yogiboook/public/userarea/confirm_teacher_link.php" + . "?email=" . urlencode($email) + . "&school_id={$school_id}" + . "&link_id={$link_id}"; + + $body = " +

Ciao {$existing['first_name']},

+

Il proprietario della scuola {$school['name']} vorrebbe collegarti alla sua struttura su YogiBoook.

+

Se accetti, comparirai nelle lezioni a te associate nella scuola.

+

+ + Accetta collegamento + +

+

Se non riconosci questa richiesta, ignora questa email.

+

YogiBoook – piattaforma per scuole yoga

+ "; + + $result = sendEmail($email, $subject, $body); + + if ($result['success']) { + header("Location: teacher_list.php?success=Insegnante esistente trovato! Email di richiesta collegamento inviata."); + } else { + header("Location: teacher_list.php?error=Insegnante esistente trovato, ma errore invio email: " . urlencode($result['message'])); + } + exit; +} + +// === Nuovo utente === +$password = password_hash(bin2hex(random_bytes(12)), PASSWORD_DEFAULT); +$stmt = $pdo->prepare(" + INSERT INTO auth_users (email, first_name, last_name, password, role_id, status, created_at) + VALUES (?, ?, ?, ?, 2, 'active', NOW()) +"); +$stmt->execute([$email, $first_name, $last_name, $password]); +$user_id = (int)$pdo->lastInsertId(); + +// Foto profilo (opzionale) +$profile_picture = null; +if (!empty($_FILES['profile_picture']['name']) && $_FILES['profile_picture']['error'] === UPLOAD_ERR_OK) { + $ext = strtolower(pathinfo($_FILES['profile_picture']['name'], PATHINFO_EXTENSION)); + if (in_array($ext, ['jpg', 'jpeg', 'png', 'gif'])) { + $new_name = "phototeachers/{$user_id}-" . time() . "-profile.$ext"; + if (move_uploaded_file($_FILES['profile_picture']['tmp_name'], $new_name)) { + $profile_picture = $new_name; + } + } +} + +// Crea record teachers +$unique_code = bin2hex(random_bytes(8)); +$stmt = $pdo->prepare(" + INSERT INTO teachers + (user_id, unique_code, phone, description, specializations, profile_picture, status, created_by) + VALUES (?, ?, ?, ?, ?, ?, 'active', ?) +"); +$stmt->execute([$user_id, $unique_code, $phone ?: null, $description, $specializations, $profile_picture, (int)$iduserlogin]); +$teacher_id = (int)$pdo->lastInsertId(); + +// Collega alla scuola (nuovo -> active diretto) +$stmt = $pdo->prepare(" + INSERT INTO teacher_schools + (teacher_id, school_id, status, created_at, updated_at) + VALUES (?, ?, 'active', NOW(), NOW()) +"); +$stmt->execute([$teacher_id, $school_id]); + +header("Location: teacher_list.php?success=Insegnante aggiunta con successo!"); +exit; diff --git a/public/userarea/ajax_client_bookings.php b/public/userarea/ajax_client_bookings.php new file mode 100644 index 0000000..289a717 --- /dev/null +++ b/public/userarea/ajax_client_bookings.php @@ -0,0 +1,118 @@ +getConnection(); + +// Poi il resto del codice... +$user_id = (int)($_POST['user_id'] ?? 0); +$school_id = (int)($_POST['school_id'] ?? 0); + +if ($user_id <= 0 || $school_id <= 0) { + echo '
Dati non validi.
'; + exit; +} + +$stmt = $pdo->prepare(" + SELECT + cs.id AS session_id, + cs.session_date, + cs.start_time, + cs.end_time, + c.name AS class_name, + ct.level, + sb.status, + sb.booked_at, + o.id AS order_id, + o.order_number, + o.total_entries, + o.available_entries + FROM session_bookings sb + INNER JOIN class_sessions cs + ON sb.session_id = cs.id + AND cs.school_id = ? + INNER JOIN classes c + ON cs.class_id = c.id + AND c.school_id = ? + INNER JOIN class_types ct + ON cs.class_type_id = ct.id + AND ct.school_id = ? + LEFT JOIN orders o + ON sb.order_id = o.id + AND o.school_id = ? + WHERE sb.user_id = ? + ORDER BY cs.session_date DESC, cs.start_time DESC + LIMIT 100 +"); + +$stmt->execute([ + $school_id, + $school_id, + $school_id, + $school_id, + $user_id +]); +$bookings = $stmt->fetchAll(PDO::FETCH_ASSOC); + +if (empty($bookings)) { + echo '
Nessuna prenotazione registrata per questo utente.
'; + exit; +} +?> + +
+ + + + + + + + + + + + + + 'bg-success', + 'missed' => 'bg-danger', + 'booked' => (strtotime($b['session_date']) >= time()) ? 'bg-primary' : 'bg-secondary', + 'cancelled' => 'bg-dark', + 'rescheduled' => 'bg-info', + default => 'bg-secondary' + }; + $statoText = match ($b['status']) { + 'attended' => 'Frequentata', + 'missed' => 'Persa', + 'booked' => (strtotime($b['session_date']) >= time()) ? 'Prenotata' : 'Scaduta', + 'cancelled' => 'Cancellata', + 'rescheduled' => 'Riprog.', + default => $b['status'] + }; + ?> + + + + + + + + + + + +
DataOrarioClasseLivelloStatoOrdineData prenotazione
+ + #
+ / + + — + +
+
\ No newline at end of file diff --git a/public/userarea/class/mailer.php b/public/userarea/class/mailer.php index da37be5..b3b3701 100644 --- a/public/userarea/class/mailer.php +++ b/public/userarea/class/mailer.php @@ -12,16 +12,24 @@ $dotenv->load(); function sendEmail($to, $subject, $body, $attachments = [], $cc = [], $bcc = []) { + // Configurazione SMTP $mail = new PHPMailer(true); try { + // Configurazione server SMTP con dati da .env $mail->isSMTP(); $mail->Host = $_ENV['MAIL_HOST'] ?? 'smtp.example.com'; $mail->SMTPAuth = true; $mail->Username = $_ENV['MAIL_USERNAME'] ?? 'email@example.com'; $mail->Password = $_ENV['MAIL_PASSWORD'] ?? 'password'; - $mail->SMTPSecure = $_ENV['MAIL_ENCRYPTION'] ?? PHPMailer::ENCRYPTION_STARTTLS; + $enc = strtolower(trim($_ENV['MAIL_ENCRYPTION'] ?? 'tls')); + if ($enc === 'ssl') { + $mail->SMTPSecure = PHPMailer::ENCRYPTION_SMTPS; + } else { + $mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS; + } + $mail->Port = $_ENV['MAIL_PORT'] ?? 587; // Mittente diff --git a/public/userarea/clients_situation.php b/public/userarea/clients_situation.php new file mode 100644 index 0000000..b048f80 --- /dev/null +++ b/public/userarea/clients_situation.php @@ -0,0 +1,361 @@ +getConnection(); + +if (!isset($iduserlogin)) { + die("Errore: ID utente non definito."); +} + +// Scuola corrente +$stmt = $pdo->prepare(" + SELECT id, name, email AS school_email + FROM schools + WHERE owner_id = ? +"); +$stmt->execute([$iduserlogin]); +$school = $stmt->fetch(PDO::FETCH_ASSOC); + +if (!$school) { + die("Nessuna scuola trovata per questo proprietario."); +} + +$school_id = $school['id']; +$school_name = $school['name']; +$school_email = $school['school_email']; + +// ============================================= +// INVIO EMAIL da modale +if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'send_email_to_user') { + + $user_id = (int)($_POST['user_id'] ?? 0); + $subject = trim($_POST['subject'] ?? ''); + $message = trim($_POST['message'] ?? ''); + + if ($user_id <= 0 || empty($subject) || empty($message)) { + $error = "Dati mancanti per l'invio email."; + } else { + // Recupera email utente + $stmt = $pdo->prepare("SELECT email, first_name, last_name FROM auth_users WHERE id = ?"); + $stmt->execute([$user_id]); + $user = $stmt->fetch(PDO::FETCH_ASSOC); + + if (!$user) { + $error = "Utente non trovato."; + } else { + $to = $user['email']; + $body = " +

Comunicazione da {$school_name}

+

Gentile {$user['first_name']} {$user['last_name']},

+
+ " . nl2br(htmlspecialchars($message)) . " +
+

+ Questa è una comunicazione ufficiale da parte della scuola.
+ Per qualsiasi dubbio rispondi direttamente a questa email o contatta: {$school_email} +

+
+ YogiBoook – piattaforma per scuole yoga + "; + + $result = sendEmail($to, $subject, $body); + + if ($result['success']) { + $success = "Email inviata con successo a {$user['first_name']} {$user['last_name']}"; + } else { + $error = "Errore nell'invio: " . $result['message']; + } + } + } +} + +// ============================================= +// Lista clienti + statistiche aggregate +$clients = $pdo->prepare(" + SELECT + au.id, + au.first_name, + au.last_name, + au.email, + COUNT(DISTINCT o.id) AS num_orders, + COALESCE(SUM(o.total_entries), 0) AS total_entries, + + -- Praticate = prenotate nel passato (booked + data < oggi) + (SELECT COUNT(*) + FROM session_bookings sb + JOIN class_sessions cs ON sb.session_id = cs.id + WHERE sb.user_id = au.id + AND cs.school_id = ? + AND sb.status = 'booked' + AND cs.session_date < CURDATE() + ) AS lezioni_praticate, + + -- Perse (missed + data passata) + (SELECT COUNT(*) + FROM session_bookings sb + JOIN class_sessions cs ON sb.session_id = cs.id + WHERE sb.user_id = au.id + AND cs.school_id = ? + AND sb.status = 'missed' + AND cs.session_date < CURDATE() + ) AS lezioni_perse, + + -- Prenotate future (booked + data >= oggi) + (SELECT COUNT(*) + FROM session_bookings sb + JOIN class_sessions cs ON sb.session_id = cs.id + WHERE sb.user_id = au.id + AND cs.school_id = ? + AND sb.status = 'booked' + AND cs.session_date >= CURDATE() + ) AS prenotazioni_future + + FROM auth_users au + INNER JOIN user_schools us ON au.id = us.user_id + LEFT JOIN orders o ON au.id = o.user_id AND o.school_id = ? + WHERE us.school_id = ? + AND us.status = 'active' + GROUP BY au.id + ORDER BY au.last_name, au.first_name +"); +$clients->execute([$school_id, $school_id, $school_id, $school_id, $school_id]); +$client_list = $clients->fetchAll(PDO::FETCH_ASSOC); +?> + + + + + + + + Situazione Clienti - <?= htmlspecialchars($school_name) ?> + + + + +
+ + + +
+
+ +
+
Clienti
+
+ +
+
+ +

Situazione Clienti –

+ + +
+ + +
+ + + +
+ + +
+ + +
+
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ClienteOrdiniEntrate totaliPraticatePersePrenotate (future)RimanentiAzioni
+ + + +
+ + 		+ 0 ? $rimanenti : '0' ?> + + + + +
+ Nessun cliente associato trovato. +
+
+
+
+ +
+
+ + + + + + + + +
+ + + + + + + \ No newline at end of file diff --git a/public/userarea/confirm_teacher_link.php b/public/userarea/confirm_teacher_link.php new file mode 100644 index 0000000..49cfa33 --- /dev/null +++ b/public/userarea/confirm_teacher_link.php @@ -0,0 +1,200 @@ +getConnection(); + +$error = null; +$success = null; +$action_taken = false; + +// Parametri dalla mail / form +$email = trim($_POST['email'] ?? $_GET['email'] ?? ''); +$school_id = (int)($_POST['school_id'] ?? $_GET['school_id'] ?? 0); +$link_id = (int)($_POST['link_id'] ?? $_GET['link_id'] ?? 0); + +// Validazione minima: o link_id valido, oppure email+school_id +if ($link_id <= 0) { + if (empty($email) || $school_id <= 0 || !filter_var($email, FILTER_VALIDATE_EMAIL)) { + die("Link non valido. Parametri mancanti o email errata."); + } +} + +// Recupera scuola (serve sempre per messaggi UI) +$school = null; +if ($school_id > 0) { + $stmt = $pdo->prepare("SELECT id, name FROM schools WHERE id = ?"); + $stmt->execute([$school_id]); + $school = $stmt->fetch(PDO::FETCH_ASSOC); +} + +// ✅ Se link_id NON c'è (vecchie mail), ricavalo dal pending usando email+school_id +if ($link_id <= 0 && $school) { + $stmt = $pdo->prepare(" + SELECT ts.id + FROM teacher_schools ts + JOIN teachers t ON ts.teacher_id = t.id + JOIN auth_users u ON t.user_id = u.id + WHERE u.email = ? + AND ts.school_id = ? + AND ts.status = 'pending' + LIMIT 1 + "); + $stmt->execute([$email, $school_id]); + $tmp = $stmt->fetch(PDO::FETCH_ASSOC); + if ($tmp) { + $link_id = (int)$tmp['id']; + } +} + +// Carica richiesta (solo pending) tramite link_id +$request = null; +if ($link_id > 0) { + $stmt = $pdo->prepare(" + SELECT + ts.id, ts.status, + u.first_name, u.last_name, + s.id AS school_id, s.name AS school_name + FROM teacher_schools ts + JOIN schools s ON ts.school_id = s.id + JOIN teachers t ON ts.teacher_id = t.id + JOIN auth_users u ON t.user_id = u.id + WHERE ts.id = ? + LIMIT 1 + "); + $stmt->execute([$link_id]); + $request = $stmt->fetch(PDO::FETCH_ASSOC); +} + +if (!$request || $request['status'] !== 'pending') { + $error = "Nessuna richiesta di collegamento in attesa (potrebbe essere già stata gestita)."; +} else { + // Allinea school dalla request (così non dipendi da school_id passato) + $school = ['id' => (int)$request['school_id'], 'name' => $request['school_name']]; + $teacher_name = trim(($request['first_name'] ?? '') . ' ' . ($request['last_name'] ?? '')); +} + +// POST: accetta/rifiuta usando SOLO link_id +if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) { + $link_id = (int)($_POST['link_id'] ?? 0); + + $stmt = $pdo->prepare(" + SELECT id + FROM teacher_schools + WHERE id = ? AND status = 'pending' + LIMIT 1 + "); + $stmt->execute([$link_id]); + $row = $stmt->fetch(PDO::FETCH_ASSOC); + + if (!$row) { + $error = "Questa richiesta non è più disponibile (potrebbe essere già stata gestita)."; + } else { + if ($_POST['action'] === 'accept') { + $stmt = $pdo->prepare(" + UPDATE teacher_schools + SET status = 'active', updated_at = NOW() + WHERE id = ? AND status = 'pending' + "); + $stmt->execute([$link_id]); + + $success = "Collegamento accettato! Ora sei collegata alla scuola " . htmlspecialchars($school['name']) . "."; + $action_taken = true; + } elseif ($_POST['action'] === 'reject') { + $stmt = $pdo->prepare("DELETE FROM teacher_schools WHERE id = ? AND status = 'pending'"); + $stmt->execute([$link_id]); + + $success = "Hai rifiutato il collegamento con la scuola " . htmlspecialchars($school['name']) . "."; + $action_taken = true; + } + } +} +?> + + + + + + + + Conferma Collegamento Scuola - YogiBoook + + + + + +
+ + +

Operazione completata!

+

+

Per gestire le lezioni di questa scuola, accedi o registrati su YogiBoook.

+
+ Accedi + Registrati +
+ + + +

Errore

+

+ Torna al sito + + +

Richiesta di collegamento scuola

+

Ciao ,

+

+ La scuola vorrebbe collegarti alla sua struttura su YogiBoook. +

+

Accettando, verrai visualizzata/o nelle lezioni della scuola.

+ +
+ + + + + + +
+ +
+ + + + + \ No newline at end of file diff --git a/public/userarea/include/navbar.php b/public/userarea/include/navbar.php index 50a6dfb..3d389c4 100644 --- a/public/userarea/include/navbar.php +++ b/public/userarea/include/navbar.php @@ -126,6 +126,12 @@ if (!empty($_SESSION['school_id'])) {
Dashboard Scuola
+
  • + +
    +
    Calendario Lezioni
    +     +
  • @@ -140,6 +146,19 @@ if (!empty($_SESSION['school_id'])) {
    • + hasRole('school_owner')) || (Auth::user()->hasRole('Admin')) || (Auth::user()->hasRole('teacher'))) : ?> +
  • Insegnanti
    • +
  • + +
    +
    Profilo insegnanti
    +     +
    • + + + hasRole('Admin'))) : ?> diff --git a/public/userarea/phototeachers/2-1768987465-profile.png b/public/userarea/phototeachers/2-1768987465-profile.png new file mode 100644 index 0000000..4fb819a Binary files /dev/null and b/public/userarea/phototeachers/2-1768987465-profile.png differ diff --git a/public/userarea/phototeachers/2-1768987486-profile.jpg b/public/userarea/phototeachers/2-1768987486-profile.jpg new file mode 100644 index 0000000..c3a33c4 Binary files /dev/null and b/public/userarea/phototeachers/2-1768987486-profile.jpg differ diff --git a/public/userarea/phototeachers/2-1768987735-profile.jpg b/public/userarea/phototeachers/2-1768987735-profile.jpg new file mode 100644 index 0000000..c3a33c4 Binary files /dev/null and b/public/userarea/phototeachers/2-1768987735-profile.jpg differ diff --git a/public/userarea/phototeachers/3-1768987715-profile.png b/public/userarea/phototeachers/3-1768987715-profile.png new file mode 100644 index 0000000..4fb819a Binary files /dev/null and b/public/userarea/phototeachers/3-1768987715-profile.png differ diff --git a/public/userarea/school_dashboard.php b/public/userarea/school_dashboard.php index 4051e73..8a82024 100644 --- a/public/userarea/school_dashboard.php +++ b/public/userarea/school_dashboard.php @@ -840,7 +840,7 @@ $daily_sessions = $stmt->fetchAll();
    - + Situazione Clienti diff --git a/public/userarea/school_profile.php b/public/userarea/school_profile.php index df1e16b..71e9ba1 100644 --- a/public/userarea/school_profile.php +++ b/public/userarea/school_profile.php @@ -1,41 +1,37 @@ getConnection(); -// ID dell'utente loggato (assumiamo sia definito) if (!isset($iduserlogin)) { die("Errore: ID utente non definito."); } -// Recupera i dati della scuola associata all'utente +// Recupera scuola dell'utente loggato $stmt = $pdo->prepare(" SELECT s.*, u.first_name, u.last_name, u.email - FROM auth_users u - LEFT JOIN schools s ON s.owner_id = u.id + FROM schools s + RIGHT JOIN auth_users u ON s.owner_id = u.id WHERE u.id = ? "); $stmt->execute([$iduserlogin]); -$school = $stmt->fetch(); +$school = $stmt->fetch(PDO::FETCH_ASSOC); -if (!$school) { - die("Errore: Utente non trovato."); -} +$is_new = empty($school['id']); -// Determina se è una nuova scuola -$is_new = !isset($school['id']); if ($is_new) { $school = [ 'id' => null, 'owner_id' => $iduserlogin, 'name' => '', + 'slug' => '', 'website' => '', 'email' => '', 'phone' => '', @@ -44,176 +40,139 @@ if ($is_new) { 'address_city' => '', 'address_postal_code' => '', 'address_province' => '', - 'address_country' => '', - 'latitude' => '', - 'longitude' => '', + 'address_country' => 'Italia', + 'latitude' => null, + 'longitude' => null, 'owner_name' => '', 'vat_number' => '', 'logo' => '', 'status' => 'active', - 'created_at' => '', - 'updated_at' => '', - 'slug' => '', - 'first_name' => $school['first_name'], - 'last_name' => $school['last_name'], - 'email' => $school['email'] + 'first_name' => '', + 'last_name' => '', + 'email' => '' ]; } -// Funzione per generare uno slug valido +// Generatore slug function generateSlug($string) { - $slug = strtolower($string); // Converti in minuscolo - $slug = preg_replace('/[^a-z0-9-]+/', '-', $slug); // Sostituisci caratteri non validi con trattini - $slug = preg_replace('/-+/', '-', $slug); // Rimuovi trattini multipli - $slug = trim($slug, '-'); // Rimuovi trattini all'inizio e alla fine + $slug = iconv('UTF-8', 'ASCII//TRANSLIT', $string); + $slug = preg_replace('/[^a-z0-9 -]/i', '', $slug); + $slug = trim($slug); + $slug = preg_replace('/ +/', '-', $slug); + $slug = strtolower($slug); return $slug; } -// Gestione del form -if ($_SERVER['REQUEST_METHOD'] === 'POST') { - $name = $_POST['name'] ?? ''; - $website = $_POST['website'] ?? null; - $email = $_POST['email'] ?? ''; - $phone = $_POST['phone'] ?? null; - $description = $_POST['description'] ?? null; - $address_street = $_POST['address_street'] ?? ''; - $address_city = $_POST['address_city'] ?? ''; - $address_postal_code = $_POST['address_postal_code'] ?? ''; - $address_province = $_POST['address_province'] ?? null; - $address_country = $_POST['address_country'] ?? ''; - $latitude = $_POST['latitude'] ? floatval($_POST['latitude']) : null; - $longitude = $_POST['longitude'] ? floatval($_POST['longitude']) : null; - $owner_name = $_POST['owner_name'] ?? ''; - $vat_number = $_POST['vat_number'] ?? ''; - $status = in_array($_POST['status'], ['active', 'inactive', 'suspended']) ? $_POST['status'] : 'active'; - $slug = isset($_POST['slug']) ? generateSlug($_POST['slug']) : ''; +// POST - Salvataggio +$success_message = $error = null; - // Validazione dello slug - if (empty($slug)) { - $error = "Errore: Lo slug non può essere vuoto."; - } else { - // Controlla se lo slug è univoco +if ($_SERVER['REQUEST_METHOD'] === 'POST') { + $name = trim($_POST['name'] ?? ''); + $slug = generateSlug(trim($_POST['slug'] ?? $name)); + $website = trim($_POST['website'] ?? ''); + $email = trim($_POST['email'] ?? ''); + $phone = trim($_POST['phone'] ?? ''); + $description = trim($_POST['description'] ?? ''); + $address_street = trim($_POST['address_street'] ?? ''); + $address_city = trim($_POST['address_city'] ?? ''); + $address_postal_code = trim($_POST['address_postal_code'] ?? ''); + $address_province = trim($_POST['address_province'] ?? ''); + $address_country = trim($_POST['address_country'] ?? 'Italia'); + $latitude = !empty($_POST['latitude']) ? floatval($_POST['latitude']) : null; + $longitude = !empty($_POST['longitude']) ? floatval($_POST['longitude']) : null; + $owner_name = trim($_POST['owner_name'] ?? ''); + $vat_number = trim($_POST['vat_number'] ?? ''); + $status = in_array($_POST['status'] ?? 'active', ['active', 'inactive', 'suspended']) ? $_POST['status'] : 'active'; + + // Validazioni + if (empty($name)) $error = "Il nome della scuola è obbligatorio."; + elseif (empty($slug)) $error = "Lo slug non può essere vuoto."; + else { $stmt = $pdo->prepare("SELECT COUNT(*) FROM schools WHERE slug = ? AND id != ?"); $stmt->execute([$slug, $school['id'] ?? 0]); - $slug_exists = $stmt->fetchColumn(); - - if ($slug_exists) { - $error = "Errore: Lo slug '$slug' è già in uso. Scegli un altro slug."; + if ($stmt->fetchColumn() > 0) { + $error = "Lo slug '$slug' è già in uso."; } } - // Gestione del caricamento del logo - $logo = $school['logo']; - if (isset($_FILES['logo']) && $_FILES['logo']['error'] === UPLOAD_ERR_OK) { - $file = $_FILES['logo']; - $timestamp = time(); - $original_name = basename($file['name']); - $extension = strtolower(pathinfo($original_name, PATHINFO_EXTENSION)); - $allowed_extensions = ['jpg', 'jpeg', 'png', 'gif']; - - if (in_array($extension, $allowed_extensions)) { - $new_filename = "photoschool/{$iduserlogin}-{$timestamp}-{$original_name}"; - if (move_uploaded_file($file['tmp_name'], $new_filename)) { - $logo = $new_filename; - if ($school['logo'] && file_exists($school['logo']) && !$is_new) { - unlink($school['logo']); - } + // Logo + $logo = $school['logo'] ?? ''; + if (!empty($_FILES['logo']['name']) && $_FILES['logo']['error'] === UPLOAD_ERR_OK) { + $ext = strtolower(pathinfo($_FILES['logo']['name'], PATHINFO_EXTENSION)); + if (in_array($ext, ['jpg', 'jpeg', 'png', 'gif'])) { + $new_name = "photoschool/{$iduserlogin}-" . time() . "-logo.$ext"; + if (move_uploaded_file($_FILES['logo']['tmp_name'], $new_name)) { + if ($logo && file_exists($logo) && !$is_new) @unlink($logo); + $logo = $new_name; } else { - $error = "Errore durante il caricamento del logo."; + $error = "Errore caricamento logo."; } } else { - $error = "Estensione del file non consentita. Usa JPG, JPEG, PNG o GIF."; + $error = "Solo JPG, PNG, GIF ammessi."; } } - // Se non ci sono errori, procedi con il salvataggio if (!isset($error)) { - // Aggiorna auth_users (opzionale, se vuoi aggiornare first_name e last_name) - $stmt = $pdo->prepare("UPDATE auth_users SET first_name = ?, last_name = ? WHERE id = ?"); - $stmt->execute([$school['first_name'], $school['last_name'], $iduserlogin]); + $params = [ + $name, + $slug, + $website ?: null, + $email, + $phone ?: null, + $description, + $address_street, + $address_city, + $address_postal_code, + $address_province, + $address_country, + $latitude, + $longitude, + $owner_name, + $vat_number, + $logo, + $status + ]; if ($is_new) { $stmt = $pdo->prepare(" - INSERT INTO schools (owner_id, name, website, email, phone, description, address_street, address_city, address_postal_code, address_province, address_country, latitude, longitude, owner_name, vat_number, logo, status, slug) - VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) + INSERT INTO schools ( + owner_id, name, slug, website, email, phone, description, + address_street, address_city, address_postal_code, address_province, address_country, + latitude, longitude, owner_name, vat_number, logo, status + ) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?) "); - $success = $stmt->execute([ - $iduserlogin, - $name, - $website, - $email, - $phone, - $description, - $address_street, - $address_city, - $address_postal_code, - $address_province, - $address_country, - $latitude, - $longitude, - $owner_name, - $vat_number, - $logo, - $status, - $slug - ]); + array_unshift($params, $iduserlogin); + $success = $stmt->execute($params); if ($success) { $success_message = "Scuola creata con successo!"; - $stmt = $pdo->prepare(" - SELECT s.*, u.first_name, u.last_name, u.email - FROM auth_users u - LEFT JOIN schools s ON s.owner_id = u.id - WHERE u.id = ? - "); + $stmt = $pdo->prepare("SELECT * FROM schools WHERE owner_id = ? ORDER BY id DESC LIMIT 1"); $stmt->execute([$iduserlogin]); - $school = $stmt->fetch(); + $school = $stmt->fetch(PDO::FETCH_ASSOC); $is_new = false; } else { - $error = "Errore durante la creazione della scuola."; + $error = "Errore creazione scuola."; } } else { + $params[] = $school['id']; $stmt = $pdo->prepare(" - UPDATE schools - SET name = ?, website = ?, email = ?, phone = ?, description = ?, address_street = ?, address_city = ?, - address_postal_code = ?, address_province = ?, address_country = ?, latitude = ?, longitude = ?, - owner_name = ?, vat_number = ?, logo = ?, status = ?, slug = ? - WHERE owner_id = ? + UPDATE schools SET + name=?, slug=?, website=?, email=?, phone=?, description=?, + address_street=?, address_city=?, address_postal_code=?, address_province=?, + address_country=?, latitude=?, longitude=?, owner_name=?, vat_number=?, + logo=?, status=? + WHERE id=? "); - $success = $stmt->execute([ - $name, - $website, - $email, - $phone, - $description, - $address_street, - $address_city, - $address_postal_code, - $address_province, - $address_country, - $latitude, - $longitude, - $owner_name, - $vat_number, - $logo, - $status, - $slug, - $iduserlogin - ]); + $success = $stmt->execute($params); if ($success) { - $success_message = "Dati aggiornati con successo!"; - $stmt = $pdo->prepare(" - SELECT s.*, u.first_name, u.last_name, u.email - FROM auth_users u - LEFT JOIN schools s ON s.owner_id = u.id - WHERE u.id = ? - "); - $stmt->execute([$iduserlogin]); - $school = $stmt->fetch(); + $success_message = "Profilo aggiornato con successo!"; + $stmt = $pdo->prepare("SELECT * FROM schools WHERE id = ?"); + $stmt->execute([$school['id']]); + $school = $stmt->fetch(PDO::FETCH_ASSOC); } else { - $error = "Errore durante l'aggiornamento dei dati."; + $error = "Errore aggiornamento."; } } } @@ -226,23 +185,54 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { - + <?php echo $is_new ? 'Crea' : 'Modifica'; ?> Profilo Scuola - - - + + + @@ -255,169 +245,172 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    -
    -
    +
    +
    +
    - - -
    - - -
    + +
    + + +
    -
    -
    - -
    + +
    + + +
    + + + +
    + +
    + +
    - Logo -
    -
    - - + + + Max 2MB – JPG, PNG, GIF
    - -
    + +
    +
    +
    + + +
    - -
    - - -
    +
    + +
    + yogiboook.com/ + +
    +
    -
    - - - es. yoga-milano -
    +
    + + +
    -
    - - -
    +
    + + +
    -
    - - -
    +
    + + +
    -
    - - -
    + +
    + +
    + +
    -
    - - -
    +
    +
    +
    Indirizzo sede
    +
    - -
    - - -
    +
    + + +
    -
    -
    - - + +
    -
    - - + +
    -
    -
    -
    - - + +
    -
    - - + +
    -
    - -
    - - Compila via + città + CAP → clicca qui -
    +
    + +
    - -
    +
    +
    +
    - -
    - - Latitudine +
    +
    - - Longitudine +
    -
    - -
    - -
    - - -
    - -
    - - -
    - -
    - - -
    - - -
    - - +
    +
    +
    Dati amministrativi
    -
    - - -
    - - +
    + + +
    + +
    + + +
    + +
    + + +
    + +
    + +
    +
    @@ -426,54 +419,97 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    -
    -
    - - + + + + + + diff --git a/public/userarea/teacher_list.php b/public/userarea/teacher_list.php new file mode 100644 index 0000000..956f914 --- /dev/null +++ b/public/userarea/teacher_list.php @@ -0,0 +1,317 @@ +getConnection(); + +if (!isset($iduserlogin)) { + die("Errore: utente non loggato."); +} + +// Recupera scuola corrente +$stmt = $pdo->prepare(" + SELECT id, name, owner_id, email AS school_email + FROM schools + WHERE owner_id = ? +"); +$stmt->execute([$iduserlogin]); +$school = $stmt->fetch(PDO::FETCH_ASSOC); + +if (!$school) { + die("Errore: nessuna scuola trovata per questo proprietario."); +} + +$school_id = $school['id']; +$school_name = $school['name']; +$school_email = $school['school_email']; + +// Messaggi +$success = $_GET['success'] ?? null; +$error = $_GET['error'] ?? null; + +// COLLEGAMENTO TRAMITE CODICE +if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'link_by_code') { + $unique_code = trim($_POST['unique_code'] ?? ''); + $link_id = (int)$pdo->lastInsertId(); + + + if (empty($unique_code)) { + $error = "Inserisci un codice univoco valido."; + } else { + $stmt = $pdo->prepare(" + SELECT t.id AS teacher_id, u.first_name, u.last_name, u.email + FROM teachers t + JOIN auth_users u ON t.user_id = u.id + WHERE t.unique_code = ? + "); + $stmt->execute([$unique_code]); + $teacher = $stmt->fetch(PDO::FETCH_ASSOC); + + if (!$teacher) { + $error = "Nessun insegnante trovato con questo codice."; + } else { + $check = $pdo->prepare("SELECT id FROM teacher_schools WHERE teacher_id = ? AND school_id = ?"); + $check->execute([$teacher['teacher_id'], $school_id]); + + if ($check->fetch()) { + $error = "Insegnante già collegata."; + } else { + $stmt = $pdo->prepare(" + INSERT INTO teacher_schools + (teacher_id, school_id, status, created_at, updated_at) + VALUES (?, ?, 'pending', NOW(), NOW()) + "); + $stmt->execute([$teacher['teacher_id'], $school_id]); + + // Email richiesta + $subject = "Richiesta collegamento a {$school_name}"; + $body = " +

    Ciao {$teacher['first_name']},

    +

    {$school_name} vorrebbe collegarti alla sua scuola su YogiBoook.

    +

    + + Accetta + +

    +

    Se non riconosci questa richiesta, ignora l'email.

    + "; + + $result = sendEmail($teacher['email'], $subject, $body); + + $success = $result['success'] + ? "Richiesta inviata!" + : "Collegamento creato, ma errore email: " . $result['message']; + } + } + } +} + +// LISTA INSEGNANTI +$stmt = $pdo->prepare(" + SELECT + t.id, t.user_id, t.phone, t.description, t.specializations, t.profile_picture, + u.first_name, u.last_name, u.email, + ts.status AS link_status, ts.created_at AS linked_at, + (t.created_by = ?) AS can_edit + FROM teacher_schools ts + JOIN teachers t ON ts.teacher_id = t.id + JOIN auth_users u ON t.user_id = u.id + WHERE ts.school_id = ? AND ts.status IN ('active','pending') + ORDER BY u.last_name, u.first_name +"); +$stmt->execute([$iduserlogin, $school_id]); +$teachers = $stmt->fetchAll(PDO::FETCH_ASSOC); +?> + + + + + + + + Insegnanti - <?= htmlspecialchars($school_name) ?> + + + + + + +
    + + + +
    +
    +

    Insegnanti di

    + + +
    + + + +
    + + +
    +
    +
    + + +
    + + +
    + +

    Nessuna insegnante collegata.

    +
    + +
    + + + + + + + + + + + + + + + + + + + + + + + +
    FotoNomeEmailTelefonoStatoAzioni
    + + + + + + + + + + + + + +
    +
    + +
    +
    +
    +
    + + + + + + + + +
    + + + + + + + \ No newline at end of file diff --git a/public/userarea/teacher_profile.php b/public/userarea/teacher_profile.php index f376593..67158b5 100644 --- a/public/userarea/teacher_profile.php +++ b/public/userarea/teacher_profile.php @@ -1,42 +1,72 @@ getConnection(); -// ID dell'utente loggato (assumiamo sia definito) if (!isset($iduserlogin)) { die("Errore: ID utente non definito."); } -// Recupera i dati dell'insegnante -$stmt = $pdo->prepare(" - SELECT t.*, u.first_name, u.last_name, u.email - FROM auth_users u - LEFT JOIN teachers t ON t.user_id = u.id - WHERE u.id = ? -"); -$stmt->execute([$iduserlogin]); -$teacher = $stmt->fetch(); +$teacher_id = (int)($_GET['id'] ?? 0); +$is_owner_view = ($teacher_id > 0); // se arrivi da teacher_list.php con ?id=... -if (!$teacher) { - die("Errore: Utente non trovato."); + +if ($teacher_id > 0) { + // === OWNER VIEW: carica teacher per teachers.id SOLO se l'owner ha diritto === + $stmt = $pdo->prepare(" + SELECT + t.*, + u.first_name, u.last_name, u.email + FROM teachers t + JOIN auth_users u ON t.user_id = u.id + JOIN teacher_schools ts ON ts.teacher_id = t.id + JOIN schools s ON s.id = ts.school_id + WHERE t.id = ? + AND s.owner_id = ? + LIMIT 1 + "); + $stmt->execute([$teacher_id, $iduserlogin]); + $teacher = $stmt->fetch(PDO::FETCH_ASSOC); + + if (!$teacher) { + die("Errore: insegnante non trovata o non hai permessi."); + } +} else { + // === TEACHER SELF VIEW: carica il profilo dell'utente loggato === + $stmt = $pdo->prepare(" + SELECT + t.*, + u.first_name, u.last_name, u.email + FROM auth_users u + LEFT JOIN teachers t ON t.user_id = u.id + WHERE u.id = ? + LIMIT 1 + "); + $stmt->execute([$iduserlogin]); + $teacher = $stmt->fetch(PDO::FETCH_ASSOC); } -// Determina se è un nuovo insegnante -$is_new = !isset($teacher['id']); + +$is_new = empty($teacher['id']); // ok così +if ($teacher_id > 0) { + $is_new = false; // owner sta editando una teacher esistente +} + + if ($is_new) { $teacher = [ 'id' => null, @@ -49,267 +79,351 @@ if ($is_new) { 'status' => 'active', 'created_at' => '', 'updated_at' => '', - 'first_name' => $teacher['first_name'], - 'last_name' => $teacher['last_name'], - 'email' => $teacher['email'] + 'first_name' => '', + 'last_name' => '', + 'email' => '' ]; } -// Funzione per generare un codice univoco function generateUniqueCode($pdo, $length = 16) { do { $code = bin2hex(random_bytes($length / 2)); $stmt = $pdo->prepare("SELECT COUNT(*) FROM teachers WHERE unique_code = ?"); $stmt->execute([$code]); - $count = $stmt->fetchColumn(); - } while ($count > 0); + } while ($stmt->fetchColumn() > 0); return $code; } -// Generazione del QR Code -$qr_code_path = null; -if (!$is_new) { - try { - $unique_code = $teacher['unique_code']; - if (empty($unique_code)) { - throw new Exception("Errore: unique_code è vuoto."); +function writeQrPng($text, $filename, $size = 150, $margin = 10) +{ + // ✅ nella tua versione il costruttore vuole il testo + $qrCode = new \Endroid\QrCode\QrCode($text); + + // size: alcune versioni hanno setSize(), altre setModuleSize() + if (method_exists($qrCode, 'setSize')) { + $qrCode->setSize($size); + } elseif (method_exists($qrCode, 'setModuleSize')) { + $module = max(3, (int)round($size / 25)); // mapping semplice + $qrCode->setModuleSize($module); + } + + // margin: alcune versioni setMargin(), altre setPadding() + if (method_exists($qrCode, 'setMargin')) { + $qrCode->setMargin($margin); + } elseif (method_exists($qrCode, 'setPadding')) { + $qrCode->setPadding($margin); + } + + $writer = new \Endroid\QrCode\Writer\PngWriter(); + + if (method_exists($writer, 'writeFile')) { + $writer->writeFile($qrCode, $filename); + } else { + $result = $writer->write($qrCode); + if (is_object($result) && method_exists($result, 'saveToFile')) { + $result->saveToFile($filename); + } else { + file_put_contents($filename, (string)$result); } - - $base_dir = __DIR__ . '/../../public/userarea/phototeachers/qrcodes/'; - $qr_code_filename = "{$base_dir}{$iduserlogin}-{$unique_code}.png"; - $qr_code_path = "phototeachers/qrcodes/{$iduserlogin}-{$unique_code}.png"; - - if (!file_exists($qr_code_filename)) { - if (!is_dir($base_dir)) { - mkdir($base_dir, 0755, true) or die("Errore: Impossibile creare la directory."); - } - if (!is_writable($base_dir)) { - die("Errore: La directory non è scrivibile."); - } - - $builder = new Builder(); - $result = $builder->build( - writer: new PngWriter(), - data: $unique_code, - size: 150, - margin: 10 - ); - $result->saveToFile($qr_code_filename); - } - } catch (Exception $e) { - $error = "Errore generazione QR Code: " . $e->getMessage(); - error_log($error); } } -// Gestione del form -if ($_SERVER['REQUEST_METHOD'] === 'POST') { - $first_name = $_POST['first_name']; - $last_name = $_POST['last_name']; - $phone = $_POST['phone'] ?? null; - $description = $_POST['description'] ?? null; - $specializations = $_POST['specializations'] ?? null; - $status = $_POST['status'] === 'active' ? 'active' : 'inactive'; - // Gestione del caricamento della foto - $profile_picture = $teacher['profile_picture']; - if (isset($_FILES['profile_picture']) && $_FILES['profile_picture']['error'] === UPLOAD_ERR_OK) { - $file = $_FILES['profile_picture']; - $timestamp = time(); - $original_name = basename($file['name']); - $extension = strtolower(pathinfo($original_name, PATHINFO_EXTENSION)); - $allowed_extensions = ['jpg', 'jpeg', 'png', 'gif']; - if (in_array($extension, $allowed_extensions)) { - $new_filename = "phototeachers/{$iduserlogin}-{$timestamp}-{$original_name}"; - if (move_uploaded_file($file['tmp_name'], $new_filename)) { - $profile_picture = $new_filename; - if ($teacher['profile_picture'] && file_exists($teacher['profile_picture']) && !$is_new) { - unlink($teacher['profile_picture']); - } - } else { - $error = "Errore durante il caricamento della foto."; - } - } else { - $error = "Estensione del file non consentita. Usa JPG, JPEG, PNG o GIF."; +$qr_code_path = null; +if (!$is_new && !empty($teacher['unique_code'])) { + try { + $unique_code = $teacher['unique_code']; + $base_dir = __DIR__ . '/../../public/phototeachers/qrcodes/'; + $qr_filename = "{$base_dir}{$iduserlogin}-{$unique_code}.png"; + $qr_code_path = "phototeachers/qrcodes/{$iduserlogin}-{$unique_code}.png"; + + if (!file_exists($qr_filename)) { + if (!is_dir($base_dir)) mkdir($base_dir, 0755, true); + writeQrPng($unique_code, $qr_filename, 150, 10); } + } catch (Exception $e) { + error_log("Errore QR: " . $e->getMessage()); } +} + +$success_message = $error = null; + +if ($_SERVER['REQUEST_METHOD'] === 'POST') { + // ✅ target: se owner sta editando una teacher (?id=..), salva su QUELLA teacher + $target_user_id = ($teacher_id > 0) ? (int)$teacher['user_id'] : (int)$iduserlogin; + $target_teacher_id = ($teacher_id > 0) ? (int)$teacher['id'] : (int)($teacher['id'] ?? 0); + $first_name = trim($_POST['first_name'] ?? ''); + $last_name = trim($_POST['last_name'] ?? ''); + $phone = trim($_POST['phone'] ?? ''); + $description = trim($_POST['description'] ?? ''); + $specializations = trim($_POST['specializations'] ?? ''); + $status = ($_POST['status'] ?? 'active') === 'active' ? 'active' : 'inactive'; + + $target_user_id = ($teacher_id > 0) ? (int)$teacher['user_id'] : (int)$iduserlogin; - // Aggiorna auth_users $stmt = $pdo->prepare("UPDATE auth_users SET first_name = ?, last_name = ? WHERE id = ?"); - $stmt->execute([$first_name, $last_name, $iduserlogin]); + $stmt->execute([$first_name, $last_name, $target_user_id]); + + + $profile_picture = $teacher['profile_picture'] ?? ''; + if (!empty($_FILES['profile_picture']['name']) && $_FILES['profile_picture']['error'] === UPLOAD_ERR_OK) { + $ext = strtolower(pathinfo($_FILES['profile_picture']['name'], PATHINFO_EXTENSION)); + if (in_array($ext, ['jpg', 'jpeg', 'png', 'gif'])) { + $new_name = "phototeachers/{$target_user_id}-" . time() . "-profile.$ext"; + + if (move_uploaded_file($_FILES['profile_picture']['tmp_name'], $new_name)) { + if ($profile_picture && file_exists($profile_picture) && !$is_new) @unlink($profile_picture); + $profile_picture = $new_name; + } else $error = "Errore caricamento foto."; + } else $error = "Solo JPG, PNG, GIF ammessi."; + } if ($is_new) { $unique_code = generateUniqueCode($pdo); $stmt = $pdo->prepare(" - INSERT INTO teachers (user_id, unique_code, phone, description, specializations, profile_picture, status) + INSERT INTO teachers + (user_id, unique_code, phone, description, specializations, profile_picture, status) VALUES (?, ?, ?, ?, ?, ?, ?) "); - $success = $stmt->execute([$iduserlogin, $unique_code, $phone, $description, $specializations, $profile_picture, $status]); + $success = $stmt->execute([$target_user_id, $unique_code, $phone ?: null, $description, $specializations, $profile_picture, $status]); if ($success) { - $success_message = "Insegnante creato con successo!"; - $stmt = $pdo->prepare(" - SELECT t.*, u.first_name, u.last_name, u.email - FROM auth_users u - LEFT JOIN teachers t ON t.user_id = u.id - WHERE u.id = ? - "); + $success_message = "Profilo creato!"; + $stmt = $pdo->prepare("SELECT t.*, u.first_name, u.last_name, u.email + FROM teachers t JOIN auth_users u ON t.user_id = u.id + WHERE t.user_id = ?"); $stmt->execute([$iduserlogin]); - $teacher = $stmt->fetch(); + $teacher = $stmt->fetch(PDO::FETCH_ASSOC); $is_new = false; - // Genera QR Code per il nuovo insegnante try { $base_dir = __DIR__ . '/../../public/phototeachers/qrcodes/'; - $qr_code_filename = "{$base_dir}{$iduserlogin}-{$unique_code}.png"; + $qr_filename = "{$base_dir}{$iduserlogin}-{$unique_code}.png"; $qr_code_path = "phototeachers/qrcodes/{$iduserlogin}-{$unique_code}.png"; - - if (!file_exists($qr_code_filename)) { - if (!is_dir($base_dir)) { - mkdir($base_dir, 0755, true) or die("Errore: Impossibile creare la directory."); + if (!file_exists($qr_filename)) { + if (!is_dir($base_dir)) mkdir($base_dir, 0755, true); + $writer = new PngWriter(); + if (!file_exists($qr_filename)) { + if (!is_dir($base_dir)) mkdir($base_dir, 0755, true); + writeQrPng($unique_code, $qr_filename, 150, 10); } - $builder = new Builder(); - $result = $builder->build( - writer: new PngWriter(), - data: $unique_code, - size: 150, - margin: 10 - ); - $result->saveToFile($qr_code_filename); + + + $result = $writer->write($qrCode); + $result->saveToFile($qr_filename); } } catch (Exception $e) { - $error = "Errore generazione QR Code: " . $e->getMessage(); - error_log($error); + error_log("Errore QR: " . $e->getMessage()); } - } else { - $error = "Errore durante la creazione dell'insegnante."; - } + } else $error = "Errore creazione."; } else { $stmt = $pdo->prepare(" UPDATE teachers SET phone = ?, description = ?, specializations = ?, profile_picture = ?, status = ? WHERE user_id = ? "); - $success = $stmt->execute([$phone, $description, $specializations, $profile_picture, $status, $iduserlogin]); + $success = $stmt->execute([$phone ?: null, $description, $specializations, $profile_picture, $status, $target_user_id]); if ($success) { - $success_message = "Dati aggiornati con successo!"; - $stmt = $pdo->prepare(" - SELECT t.*, u.first_name, u.last_name, u.email - FROM auth_users u - LEFT JOIN teachers t ON t.user_id = u.id - WHERE u.id = ? - "); + $success_message = "Dati aggiornati!"; + $stmt = $pdo->prepare("SELECT t.*, u.first_name, u.last_name, u.email + FROM teachers t JOIN auth_users u ON t.user_id = u.id + WHERE t.user_id = ?"); $stmt->execute([$iduserlogin]); - $teacher = $stmt->fetch(); - } else { - $error = "Errore durante l'aggiornamento dei dati."; - } + $teacher = $stmt->fetch(PDO::FETCH_ASSOC); + } else $error = "Errore aggiornamento."; } } ?> - + - + <?php echo $is_new ? 'Crea' : 'Modifica'; ?> Profilo Insegnante + + + +
    +
    +
    -