solocla/yogiboook_new
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

teacher

Browse Source
This commit is contained in:
Claudio
2026-01-21 10:29:37 +01:00
parent dda63d9711
commit 7f7dff32d9
17 changed files with 1885 additions and 521 deletions
Download Patch File Download Diff File Expand all files Collapse all files
public/userarea/add_teacher.php
+156
View File
@@ -0,0 +1,156 @@
<?php
// add_teacher.php
include('include/headscript.php');
require_once 'class/mailer.php';
$dbHandler = DBHandlerSelect::getInstance();
$pdo = $dbHandler->getConnection();
if (!isset($iduserlogin)) die("Accesso negato.");
$school_id = (int)($_POST['school_id'] ?? 0);
// Recupera scuola per email mittente
$stmt = $pdo->prepare("SELECT name, email FROM schools WHERE id = ?");
$stmt->execute([$school_id]);
$school = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$school) die("Scuola non trovata.");
$first_name = trim($_POST['first_name'] ?? '');
$last_name = trim($_POST['last_name'] ?? '');
$email = trim($_POST['email'] ?? '');
$phone = trim($_POST['phone'] ?? '');
$description = trim($_POST['description'] ?? '');
$specializations = trim($_POST['specializations'] ?? '');
// Validazione base
if (empty($first_name) || empty($last_name) || empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: teacher_list.php?error=Campi obbligatori mancanti o email non valida");
exit;
}
// Controlla se email esiste già
$stmt = $pdo->prepare("SELECT id, first_name, last_name FROM auth_users WHERE email = ? LIMIT 1");
$stmt->execute([$email]);
$existing = $stmt->fetch(PDO::FETCH_ASSOC);
if ($existing) {
// 1) Trova (o crea) la riga in teachers per questo auth_user
$stmtT = $pdo->prepare("SELECT id FROM teachers WHERE user_id = ? LIMIT 1");
$stmtT->execute([(int)$existing['id']]);
$teacherRow = $stmtT->fetch(PDO::FETCH_ASSOC);
if (!$teacherRow) {
$unique_code = bin2hex(random_bytes(8));
$insT = $pdo->prepare("
INSERT INTO teachers (user_id, unique_code, status, created_by)
VALUES (?, ?, 'active', ?)
");
$insT->execute([(int)$existing['id'], $unique_code, (int)$iduserlogin]);
$teacher_id = (int)$pdo->lastInsertId();
} else {
$teacher_id = (int)$teacherRow['id'];
}
// 2) Crea (o riusa) il link in teacher_schools come pending
$checkLink = $pdo->prepare("
SELECT id, status
FROM teacher_schools
WHERE teacher_id = ? AND school_id = ?
LIMIT 1
");
$checkLink->execute([$teacher_id, $school_id]);
$link = $checkLink->fetch(PDO::FETCH_ASSOC);
if ($link && $link['status'] === 'active') {
header("Location: teacher_list.php?error=Insegnante già collegata alla scuola.");
exit;
}
if ($link && $link['status'] === 'pending') {
$link_id = (int)$link['id'];
} else {
$insLink = $pdo->prepare("
INSERT INTO teacher_schools (teacher_id, school_id, status, created_at, updated_at)
VALUES (?, ?, 'pending', NOW(), NOW())
");
$insLink->execute([$teacher_id, $school_id]);
$link_id = (int)$pdo->lastInsertId();
}
// Email richiesta collegamento
$subject = "Richiesta di collegamento alla scuola {$school['name']}";
// ✅ NON cambio percorso base, aggiungo solo link_id
$confirmUrl = "http://localhost/yogiboook/public/userarea/confirm_teacher_link.php"
. "?email=" . urlencode($email)
. "&school_id={$school_id}"
. "&link_id={$link_id}";
$body = "
<h2>Ciao {$existing['first_name']},</h2>
<p>Il proprietario della scuola <strong>{$school['name']}</strong> vorrebbe collegarti alla sua struttura su YogiBoook.</p>
<p>Se accetti, comparirai nelle lezioni a te associate nella scuola.</p>
<p style='margin:30px 0;'>
<a href='{$confirmUrl}'
style='background:#0d6efd; color:white; padding:12px 24px; text-decoration:none; border-radius:6px;'>
Accetta collegamento
</a>
</p>
<p>Se non riconosci questa richiesta, ignora questa email.</p>
<p style='color:#666; font-size:0.9em;'>YogiBoook piattaforma per scuole yoga</p>
";
$result = sendEmail($email, $subject, $body);
if ($result['success']) {
header("Location: teacher_list.php?success=Insegnante esistente trovato! Email di richiesta collegamento inviata.");
} else {
header("Location: teacher_list.php?error=Insegnante esistente trovato, ma errore invio email: " . urlencode($result['message']));
}
exit;
}
// === Nuovo utente ===
$password = password_hash(bin2hex(random_bytes(12)), PASSWORD_DEFAULT);
$stmt = $pdo->prepare("
INSERT INTO auth_users (email, first_name, last_name, password, role_id, status, created_at)
VALUES (?, ?, ?, ?, 2, 'active', NOW())
");
$stmt->execute([$email, $first_name, $last_name, $password]);
$user_id = (int)$pdo->lastInsertId();
// Foto profilo (opzionale)
$profile_picture = null;
if (!empty($_FILES['profile_picture']['name']) && $_FILES['profile_picture']['error'] === UPLOAD_ERR_OK) {
$ext = strtolower(pathinfo($_FILES['profile_picture']['name'], PATHINFO_EXTENSION));
if (in_array($ext, ['jpg', 'jpeg', 'png', 'gif'])) {
$new_name = "phototeachers/{$user_id}-" . time() . "-profile.$ext";
if (move_uploaded_file($_FILES['profile_picture']['tmp_name'], $new_name)) {
$profile_picture = $new_name;
}
}
}
// Crea record teachers
$unique_code = bin2hex(random_bytes(8));
$stmt = $pdo->prepare("
INSERT INTO teachers
(user_id, unique_code, phone, description, specializations, profile_picture, status, created_by)
VALUES (?, ?, ?, ?, ?, ?, 'active', ?)
");
$stmt->execute([$user_id, $unique_code, $phone ?: null, $description, $specializations, $profile_picture, (int)$iduserlogin]);
$teacher_id = (int)$pdo->lastInsertId();
// Collega alla scuola (nuovo -> active diretto)
$stmt = $pdo->prepare("
INSERT INTO teacher_schools
(teacher_id, school_id, status, created_at, updated_at)
VALUES (?, ?, 'active', NOW(), NOW())
");
$stmt->execute([$teacher_id, $school_id]);
header("Location: teacher_list.php?success=Insegnante aggiunta con successo!");
exit;