solocla/yogiboook_new
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixed different login

Browse Source
This commit is contained in:
Claudio 2026-01-28 20:14:49 +01:00
parent 73589b3b04
commit b55e9f483f
14 changed files with 587 additions and 138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
public/phototeachers/qrcodes/7-5d516ce9cdb43b39.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 429 B

112
public/userarea/include/headscript.php
View File

@ -9,8 +9,9 @@ error_reporting(E_ALL | E_STRICT);
include('../../extra/auth.php');
if (! Auth::check()) {
if (!Auth::check()) {
redirectTo('../../public/login');
exit;
}
$user = Auth::user();
@ -20,42 +21,65 @@ $nameuser = $user->present()->first_name;
$surnameuser = $user->present()->last_name;
$emailuser = $user->present()->email;
$avatar = $user->present()->avatar;
$kindofrole = $user->present()->role_id; // <-- Questo è il ruolo (es. 1=admin, 2=teacher, 3=student, ecc.)
$kindofrole = $user->present()->role_id;
$kindofrole = (int)$user->present()->role_id;
// --- INIZIO: Reindirizzamento intelligente per studenti senza profilo ---
if (session_status() == PHP_SESSION_NONE) {
// Definisci ruolo studente (conferma che sia 2!)
define('ROLE_STUDENTE', 2);
// Avvia sessione se non attiva
if (session_status() === PHP_SESSION_NONE) {
session_start();
}
// Definisci qui l'ID del ruolo STUDENTE (cambialo se è diverso!)
define('ROLE_STUDENTE', 2); // Cambia 3 con il ruolo corretto del tuo studente
// Escludi alcune pagine dove NON vuoi il redirect (es. login, logout, profile)
$current_page = basename($_SERVER['PHP_SELF']);
$no_redirect_pages = ['login.php', 'logout.php', 'student_profile.php', 'register.php'];
if (
$kindofrole == ROLE_STUDENTE &&
!in_array($current_page, $no_redirect_pages) &&
!isset($_SESSION['student_profile_completed'])
) {
// Controlla se esiste il record in tabella students
$stmt = $db->prepare("SELECT id FROM students WHERE user_id = ? LIMIT 1");
// Pagine escluse da TUTTI i redirect/redirect automatici
$excluded_pages = [
'login.php',
'logout.php',
'register.php',
'forgot-password.php', // se esiste
'student_profile.php',
'select_school.php'
];
// ================================================
// 1. CREAZIONE AUTOMATICA PROFILO STUDENTE (se manca)
// ================================================
if ($kindofrole === ROLE_STUDENTE && !in_array($current_page, $excluded_pages)) {
$stmt = $db->prepare("SELECT 1 FROM students WHERE user_id = ? LIMIT 1");
$stmt->execute([$iduserlogin]);
$student_exists = $stmt->fetch();
$profile_exists = $stmt->fetchColumn();
if (!$student_exists) {
// Non ha completato il profilo → reindirizza
$_SESSION['student_profile_pending'] = true;
header("Location: student_profile.php");
exit;
if (!$profile_exists) {
// Crea record minimo obbligatorio
$stmt_insert = $db->prepare("
INSERT INTO students (
user_id,
billing_country,
shipping_same_as_billing,
privacy_consent,
created_at,
updated_at
) VALUES (
?, 'Italia', 1, 1, NOW(), NOW()
)
");
$stmt_insert->execute([$iduserlogin]);
// Imposta flag per non rifare controlli inutili
$_SESSION['student_profile_completed'] = true;
} else {
// Ha già completato → segna per non controllare più
$_SESSION['student_profile_completed'] = true;
}
}
// --- FINE: Reindirizzamento intelligente ---
// ================================================
// 2. SALVA DATI UTENTE IN SESSIONE
// ================================================
$_SESSION["iduserlogin"] = $iduserlogin;
$_SESSION["nameuser"] = $nameuser;
$_SESSION["surnameuser"] = $surnameuser;
@ -64,12 +88,44 @@ $_SESSION["photouser"] = $avatar;
$photouser = $_SESSION["photouser"];
if (defined('SKIP_SCHOOL_CONTEXT') && SKIP_SCHOOL_CONTEXT === true) {
return; // oppure salta SOLO i redirect scuola
}
// ================================================
// 3. LOGICA SCUOLA (solo se profilo base esiste)
// ================================================
$has_school_association = false;
$stmt_school_check = $db->prepare("SELECT 1 FROM user_schools WHERE user_id = ? LIMIT 1");
$stmt_school_check->execute([$iduserlogin]);
$has_school_association = (bool) $stmt_school_check->fetchColumn();
// include school settings
include('schoolid_select.php');
if ($has_school_association) {
// include('schoolid_select.php');
}
// Carica impostazioni scuola solo se c'è school_id valida
$pages_allow_no_school = ['school_profile.php'];
// include school settings
include('school_settings_loader.php');
if (isset($_SESSION['school_id']) && (int)$_SESSION['school_id'] > 0) {
include('school_settings_loader.php');
} else {
// Per studenti: se non ha scuola selezionata → vai a select_school
if ($kindofrole === ROLE_STUDENTE && !in_array($current_page, $excluded_pages)) {
header("Location: select_school.php");
exit;
}
// Per owner/admin: vai a school_profile se non è una pagina permessa
elseif (!in_array($current_page, $pages_allow_no_school)) {
header("Location: school_profile.php");
exit;
}
// Default impostazioni minime
$schoolSettings = [
'timezone' => 'Europe/Rome',
'locale' => 'it',
];
}

49
public/userarea/include/navbar.php
View File

@ -9,8 +9,7 @@ if (!empty($_SESSION['school_id'])) {
$stmt_school = $pdo->prepare("SELECT name, logo FROM schools WHERE id = ?");
$stmt_school->execute([$school_id]);
$current_school = $stmt_school->fetch(PDO::FETCH_ASSOC);
echo $current_school['name'];
echo "Ciao";
if ($current_school) {
$school_display_name = $current_school['name'];
@ -24,6 +23,14 @@ if (!empty($_SESSION['school_id'])) {
}
}
?>
<?php
// Gate per mostrare logo + menu Utente
// - Admin e User: sempre
// - school_owner: solo se ha record in user_schools
$showUserArea = (Auth::user()->hasRole('Admin') || Auth::user()->hasRole('User'))
|| (Auth::user()->hasRole('school_owner') && !empty($hasUserSchools));
?>
<style>
.school-info {
background: #f8f9fa;
@ -55,26 +62,28 @@ if (!empty($_SESSION['school_id'])) {
<!--navigation-->
<ul class="metismenu" id="menu">
<!-- Logo e nome scuola corrente -->
<!-- Logo e nome scuola corrente (rettangolare, naturale) -->
<div class="school-info text-center py-3 px-2 border-bottom">
<?php if ($logoRaw): ?>
<img src="<?= htmlspecialchars($logoRaw) ?>"
alt="Logo <?= htmlspecialchars($school_display_name) ?>"
class="img-fluid mb-2"
style="max-height: 80px; width: auto; object-fit: contain; border-radius: 8px; border: 1px solid #e9ecef; box-shadow: 0 2px 6px rgba(0,0,0,0.08);">
<?php else: ?>
<div class="bg-light d-inline-block p-3 mb-2 rounded-3" style="width: 60px; height: 60px;">
<i class="bx bx-building-house bx-md text-muted"></i>
</div>
<?php endif; ?>
<?php if ($showUserArea): ?>
<div class="school-info text-center py-3 px-2 border-bottom">
<?php if (!empty($logoRaw)): ?>
<img src="<?= htmlspecialchars($logoRaw) ?>"
alt="Logo <?= htmlspecialchars($school_display_name) ?>"
class="img-fluid mb-2"
style="max-height: 80px; width: auto; object-fit: contain; border-radius: 8px; border: 1px solid #e9ecef; box-shadow: 0 2px 6px rgba(0,0,0,0.08);">
<?php else: ?>
<div class="bg-light d-inline-block p-3 mb-2 rounded-3" style="width: 60px; height: 60px;">
<i class="bx bx-building-house bx-md text-muted"></i>
</div>
<?php endif; ?>
<div class="fw-bold text-truncate" style="font-size: 1rem; max-width: 180px; margin: 0 auto;">
<?= htmlspecialchars($school_display_name) ?>
<div class="fw-bold text-truncate" style="font-size: 1rem; max-width: 180px; margin: 0 auto;">
<?= htmlspecialchars($school_display_name) ?>
</div>
</div>
</div>
<?php endif; ?>
<?php
//menù user
if ((Auth::user()->hasRole('User')) || (Auth::user()->hasRole('Admin'))) : ?>
if ($showUserArea) : ?>
<li class="menu-label">Utente</li>
<li>
<a href="user_dashboard.php">
@ -145,12 +154,12 @@ if (!empty($_SESSION['school_id'])) {
</a>
</li>
<?php endif; ?>
<li class="menu-label">Insegnanti</li>
<?php
//menù teacher
if ((Auth::user()->hasRole('school_owner')) || (Auth::user()->hasRole('Admin'))) : ?>
<li class="menu-label">Insegnanti</li>
<li>
<a href="teacher_list.php">
<div class="parent-icon"><i class="bx bx-chalkboard"></i></div>

95
public/userarea/include/school_settings_loader.php
View File

@ -1,70 +1,65 @@
<?php
// include/school_settings_loader.php
// Evita inclusioni multiple
if (defined('SCHOOL_SETTINGS_LOADED')) return;
define('SCHOOL_SETTINGS_LOADED', true);
global $schoolSettings; // o usa $_SESSION['school_settings'] se preferisci
global $schoolSettings;
$pdo = DBHandlerSelect::getInstance()->getConnection();
// 1) Prova a prendere school_id dalla sessione
$school_id = (int)($_SESSION['school_id'] ?? 0);
// 2) Se non c'è, prova a risolverlo dal DB via owner (utente loggato)
if ($school_id <= 0) {
// Nessuna scuola selezionata → valori di default minimi
$schoolSettings = [
'portal_purchases_enabled' => 0,
'allowed_product_types' => 'subscription,carnet,drop_in',
'payment_methods' => 'manual',
'currency_code' => 'EUR',
'enable_notifications' => 1,
'allow_freeze_global' => 1,
'freeze_max_days_global' => 30,
'auto_propagate_on_purchase' => 1,
'allow_full_access_rebooking' => 1,
// ... aggiungi tutti gli altri campi con default sensati
];
} else {
$pdo = DBHandlerSelect::getInstance()->getConnection();
$owner_id = (int)($iduserlogin ?? $_SESSION['iduserlogin'] ?? 0);
$stmt = $pdo->prepare("
SELECT *
FROM school_settings
WHERE school_id = ?
LIMIT 1
");
if ($owner_id > 0) {
$stmt = $pdo->prepare("SELECT id FROM schools WHERE owner_id = ? ORDER BY id DESC LIMIT 1");
$stmt->execute([$owner_id]);
$school_id = (int)($stmt->fetchColumn() ?: 0);
if ($school_id > 0) {
$_SESSION['school_id'] = $school_id; // sincronizza sessione
}
}
}
// Default settings MINIMI (se non esiste scuola o settings)
$defaults = [
'portal_purchases_enabled' => 0,
'allowed_product_types' => 'subscription,carnet,drop_in',
'payment_methods' => 'manual',
'currency_code' => 'EUR',
'enable_notifications' => 1,
'allow_freeze_global' => 1,
'freeze_max_days_global' => 30,
'auto_propagate_on_purchase' => 1,
'allow_full_access_rebooking' => 1,
];
if ($school_id <= 0) {
// Nessuna scuola → default
$schoolSettings = $defaults;
} else {
// Carica settings se esistono
$stmt = $pdo->prepare("SELECT * FROM school_settings WHERE school_id = ? LIMIT 1");
$stmt->execute([$school_id]);
$settings = $stmt->fetch(PDO::FETCH_ASSOC);
if ($settings) {
$schoolSettings = $settings;
} else {
// Scuola senza impostazioni → crea record con default
$stmt_insert = $pdo->prepare("
INSERT INTO school_settings (school_id) VALUES (?)
");
$stmt_insert->execute([$school_id]);
if (!$settings) {
// Se mancano, crea riga base (solo school_id) e ricarica
$stmtIns = $pdo->prepare("INSERT INTO school_settings (school_id) VALUES (?)");
$stmtIns->execute([$school_id]);
// Ricarica dopo insert
$stmt = $pdo->prepare("SELECT * FROM school_settings WHERE school_id = ? LIMIT 1");
$stmt->execute([$school_id]);
$schoolSettings = $stmt->fetch(PDO::FETCH_ASSOC) ?: [];
$settings = $stmt->fetch(PDO::FETCH_ASSOC) ?: [];
}
// Fallback per campi che potrebbero essere NULL
$schoolSettings = array_merge([
'portal_purchases_enabled' => 1,
'allowed_product_types' => 'subscription,carnet,drop_in',
'payment_methods' => 'manual',
'currency_code' => 'EUR',
'enable_notifications' => 1,
'allow_freeze_global' => 1,
'freeze_max_days_global' => 30,
'auto_propagate_on_purchase' => 1,
'allow_full_access_rebooking' => 1,
// ... tutti gli altri campi che vuoi default
], $schoolSettings);
$schoolSettings = array_merge($defaults, $settings);
}
// Trasforma stringhe separate da virgola in array (molto comodo)
$schoolSettings['payment_methods_array'] = array_filter(explode(',', $schoolSettings['payment_methods'] ?? ''));
$schoolSettings['allowed_product_types_array'] = array_filter(explode(',', $schoolSettings['allowed_product_types'] ?? ''));
// Helpers array
$schoolSettings['payment_methods_array'] = array_filter(array_map('trim', explode(',', $schoolSettings['payment_methods'] ?? '')));
$schoolSettings['allowed_product_types_array'] = array_filter(array_map('trim', explode(',', $schoolSettings['allowed_product_types'] ?? '')));

31
public/userarea/include/schoolid_select.php
View File

@ -1,14 +1,26 @@
<?php
// check school id if user go to select school
// include/require_school_context.php
// include/schoolid_select.php
// ========================================
// SKIP se siamo già su select_school.php
// ========================================
if (defined('SKIP_SCHOOL_CONTEXT')) {
return; // esce senza eseguire nulla
}
if (!defined('APP_BASE')) {
$base = rtrim(str_replace('\\', '/', dirname($_SERVER['SCRIPT_NAME'])), '/');
define('APP_BASE', $base === '' ? '' : $base);
}
// check school id if user go to select school
if (Auth::user()->hasRole('User')) {
$school_id = (int)($_SESSION['school_id'] ?? 0);
if ($school_id <= 0) {
// manda alla pagina che decide: 1 scuola -> set in automatico, >1 -> selezione
header('Location: /select-school.php');
header('Location: ' . APP_BASE . '/select_school.php');
exit;
}
}
@ -40,8 +52,17 @@ if (
if ($owner_school_id > 0) {
$_SESSION['school_id'] = $owner_school_id;
} else {
// caso limite: admin/owner senza scuola
die('Nessuna scuola associata a questo account.');
// owner/admin senza scuola: mandalo alla pagina profilo che permette di crearla
$current_page = basename($_SERVER['PHP_SELF']);
// evita loop: se sei già su school_profile.php non redirectare di nuovo
if ($current_page !== 'school_profile.php') {
header("Location: school_profile.php");
exit;
}
// se sei già nella pagina profilo, lascia proseguire senza school_id
unset($_SESSION['school_id']);
}
}
}

BIN
public/userarea/photoschool/7-1769598678-logo.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 49 KiB

BIN
public/userarea/photoschool/7-1769599394-logo.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 49 KiB

21
public/userarea/school_dashboard.php
View File

@ -17,18 +17,29 @@ if (!isset($iduserlogin)) {
// Recupera i dati della scuola in base all'utente loggato
$stmt = $pdo->prepare("
SELECT id, name, website, email, phone, description, address_street, address_city, address_postal_code, address_province, address_country, logo, status
FROM schools
SELECT id, name, website, email, phone, description, address_street, address_city, address_postal_code, address_province, address_country, logo, status
FROM schools
WHERE owner_id = ?
ORDER BY id DESC
LIMIT 1
");
$stmt->execute([$iduserlogin]);
$school = $stmt->fetch();
$school = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$school) {
die("Errore: Nessuna scuola trovata per l'utente loggato.");
// Owner/admin senza scuola: manda al profilo scuola (creazione)
$_SESSION['school_id'] = 0;
header("Location: school_profile.php");
exit;
}
$school_id = $school['id'];
// ok: scuola trovata → sincronizza sessione
$school_id = (int)$school['id'];
$_SESSION['school_id'] = $school_id;
$school_name = $school['name'];
// Recupera tutte le categorie disponibili
$stmt = $pdo->prepare("SELECT id, name FROM class_categories WHERE status = 'active' ORDER BY name");
$stmt->execute();

235
public/userarea/school_onboarding.php Normal file
View File

@ -0,0 +1,235 @@
<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
include('include/headscript.php');
$dbHandler = DBHandlerSelect::getInstance();
$pdo = $dbHandler->getConnection();
$user_id = (int)($iduserlogin ?? $_SESSION['iduserlogin'] ?? 0);
if ($user_id <= 0) {
header('Location: login.php');
exit;
}
// solo school_owner (admin ok)
if (!(Auth::user()->hasRole('school_owner') || Auth::user()->hasRole('Admin'))) {
die("Access denied");
}
// Se ha già una scuola, setta session e vai in dashboard
$stmt = $pdo->prepare("SELECT id FROM schools WHERE owner_id = ? ORDER BY id DESC LIMIT 1");
$stmt->execute([$user_id]);
$existing = $stmt->fetch(PDO::FETCH_ASSOC);
if ($existing && !empty($existing['id'])) {
$_SESSION['school_id'] = (int)$existing['id'];
header('Location: school_dashboard.php');
exit;
}
function makeSlug($str)
{
$str = trim(mb_strtolower($str));
$str = preg_replace('/[^a-z0-9]+/i', '-', $str);
$str = trim($str, '-');
return $str ?: 'school';
}
$success_message = null;
$error = null;
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$name = trim($_POST['name'] ?? '');
$email = trim($_POST['email'] ?? '');
$phone = trim($_POST['phone'] ?? '');
$website = trim($_POST['website'] ?? '');
$description = trim($_POST['description'] ?? '');
$address_street = trim($_POST['address_street'] ?? '');
$address_city = trim($_POST['address_city'] ?? '');
$address_postal_code = trim($_POST['address_postal_code'] ?? '');
$address_province = trim($_POST['address_province'] ?? '');
$address_country = trim($_POST['address_country'] ?? 'Italy');
$owner_name = trim($_POST['owner_name'] ?? '');
$vat_number = trim($_POST['vat_number'] ?? '');
if ($name === '' || $email === '' || $address_street === '' || $address_city === '' || $address_postal_code === '' || $address_country === '' || $owner_name === '' || $vat_number === '') {
$error = "Compila tutti i campi obbligatori.";
} else {
$slugBase = makeSlug($name);
$slug = $slugBase;
// slug unico
$check = $pdo->prepare("SELECT COUNT(*) FROM schools WHERE slug = ?");
$i = 1;
while (true) {
$check->execute([$slug]);
if ((int)$check->fetchColumn() === 0) break;
$i++;
$slug = $slugBase . '-' . $i;
}
try {
$pdo->beginTransaction();
$stmtIns = $pdo->prepare("
INSERT INTO schools
(owner_id, name, website, email, phone, description,
address_street, address_city, address_postal_code, address_province, address_country,
owner_name, vat_number, status, slug)
VALUES
(?, ?, ?, ?, ?, ?,
?, ?, ?, ?, ?,
?, ?, 'active', ?)
");
$stmtIns->execute([
$user_id,
$name,
($website ?: null),
$email,
($phone ?: null),
($description ?: null),
$address_street,
$address_city,
$address_postal_code,
($address_province ?: null),
$address_country,
$owner_name,
$vat_number,
$slug
]);
$newSchoolId = (int)$pdo->lastInsertId();
// school_settings default
$stmtSet = $pdo->prepare("INSERT INTO school_settings (school_id) VALUES (?)");
$stmtSet->execute([$newSchoolId]);
$pdo->commit();
$_SESSION['school_id'] = $newSchoolId;
header('Location: school_dashboard.php');
exit;
} catch (Throwable $e) {
if ($pdo->inTransaction()) $pdo->rollBack();
$error = "Errore creazione scuola: " . $e->getMessage();
}
}
}
?>
<!doctype html>
<html lang="it">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="icon" href="assets/images/favicon-32x32.png" type="image/png" />
<?php include('cssinclude.php'); ?>
<?php include('siteinfo.php'); ?>
</head>
<body>
<div class="wrapper">
<?php include('include/navbar.php'); ?>
<?php include('include/topbar.php'); ?>
<div class="page-wrapper">
<div class="page-content">
<div class="card radius-10">
<div class="card-header">
<h5 class="mb-0">Configurazione iniziale scuola</h5>
<small class="text-muted">Crea la tua scuola per iniziare a usare il pannello proprietario.</small>
</div>
<div class="card-body">
<?php if ($error): ?>
<div class="alert alert-danger"><?= htmlspecialchars($error) ?></div>
<?php endif; ?>
<form method="POST" class="row g-3">
<div class="col-md-8">
<label class="form-label">Nome scuola *</label>
<input type="text" name="name" class="form-control" required>
</div>
<div class="col-md-4">
<label class="form-label">Email scuola *</label>
<input type="email" name="email" class="form-control" required>
</div>
<div class="col-md-4">
<label class="form-label">Telefono</label>
<input type="text" name="phone" class="form-control">
</div>
<div class="col-md-8">
<label class="form-label">Sito web</label>
<input type="text" name="website" class="form-control" placeholder="https://...">
</div>
<div class="col-12">
<label class="form-label">Descrizione</label>
<textarea name="description" class="form-control" rows="3"></textarea>
</div>
<hr class="my-2">
<div class="col-md-6">
<label class="form-label">Indirizzo *</label>
<input type="text" name="address_street" class="form-control" required>
</div>
<div class="col-md-3">
<label class="form-label">Città *</label>
<input type="text" name="address_city" class="form-control" required>
</div>
<div class="col-md-3">
<label class="form-label">CAP *</label>
<input type="text" name="address_postal_code" class="form-control" required>
</div>
<div class="col-md-4">
<label class="form-label">Provincia</label>
<input type="text" name="address_province" class="form-control">
</div>
<div class="col-md-8">
<label class="form-label">Nazione *</label>
<input type="text" name="address_country" class="form-control" value="Italy" required>
</div>
<hr class="my-2">
<div class="col-md-8">
<label class="form-label">Nome intestatario/Proprietario *</label>
<input type="text" name="owner_name" class="form-control" required>
</div>
<div class="col-md-4">
<label class="form-label">P.IVA / VAT *</label>
<input type="text" name="vat_number" class="form-control" required>
</div>
<div class="col-12 d-flex justify-content-end gap-2">
<button type="submit" class="btn btn-primary">
Crea scuola
</button>
</div>
</form>
</div>
</div>
</div>
</div>
<div class="overlay toggle-icon"></div>
<a href="javaScript:;" class="back-to-top"><i class='bx bxs-up-arrow-alt'></i></a>
<?php include('include/footer.php'); ?>
</div>
<?php include('jsinclude.php'); ?>
</body>
</html>

135
public/userarea/school_profile.php
View File

@ -14,17 +14,21 @@ if (!isset($iduserlogin)) {
die("Errore: ID utente non definito.");
}
// Recupera scuola dell'utente loggato
$stmt = $pdo->prepare("
SELECT s.*, u.first_name, u.last_name, u.email
FROM schools s
RIGHT JOIN auth_users u ON s.owner_id = u.id
WHERE u.id = ?
");
// Recupera utente
$stmt = $pdo->prepare("SELECT id, first_name, last_name, email FROM auth_users WHERE id = ? LIMIT 1");
$stmt->execute([$iduserlogin]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$user) {
die("Errore: Utente non trovato.");
}
// Recupera eventuale scuola del proprietario
$stmt = $pdo->prepare("SELECT * FROM schools WHERE owner_id = ? ORDER BY id DESC LIMIT 1");
$stmt->execute([$iduserlogin]);
$school = $stmt->fetch(PDO::FETCH_ASSOC);
$is_new = empty($school['id']);
$is_new = !$school;
if ($is_new) {
$school = [
@ -33,7 +37,7 @@ if ($is_new) {
'name' => '',
'slug' => '',
'website' => '',
'email' => '',
'email' => $user['email'] ?? '', // default utile
'phone' => '',
'description' => '',
'address_street' => '',
@ -43,16 +47,17 @@ if ($is_new) {
'address_country' => 'Italia',
'latitude' => null,
'longitude' => null,
'owner_name' => '',
'owner_name' => trim(($user['first_name'] ?? '') . ' ' . ($user['last_name'] ?? '')),
'vat_number' => '',
'logo' => '',
'status' => 'active',
'first_name' => '',
'last_name' => '',
'email' => ''
];
} else {
// se esiste, sincronizza school_id in sessione
$_SESSION['school_id'] = (int)$school['id'];
}
// Generatore slug
function generateSlug($string)
{
@ -146,10 +151,27 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$success = $stmt->execute($params);
if ($success) {
$success_message = "Scuola creata con successo!";
$stmt = $pdo->prepare("SELECT * FROM schools WHERE owner_id = ? ORDER BY id DESC LIMIT 1");
$stmt->execute([$iduserlogin]);
// 1) Prendi ID appena creato
$newSchoolId = (int)$pdo->lastInsertId();
// 2) Salvalo in sessione (FONDAMENTALE per evitare redirect onboarding)
$_SESSION['school_id'] = $newSchoolId;
// 3) Crea record settings base (se non esiste già)
try {
$stmtSet = $pdo->prepare("INSERT INTO school_settings (school_id) VALUES (?)");
$stmtSet->execute([$newSchoolId]);
} catch (Exception $e) {
// se esiste già, ignoriamo
}
// 4) Ricarica la scuola appena creata
$stmt = $pdo->prepare("SELECT * FROM schools WHERE id = ? LIMIT 1");
$stmt->execute([$newSchoolId]);
$school = $stmt->fetch(PDO::FETCH_ASSOC);
$success_message = "Scuola creata con successo!";
$is_new = false;
} else {
$error = "Errore creazione scuola.";
@ -205,10 +227,13 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
font-size: 15px;
border: 1px solid #ced4da;
border-radius: 0.375rem;
height: auto;
margin-bottom: 14px;
}
.ql-editor {
min-height: 260px;
margin-bottom: 10px;
}
.form-label {
@ -234,6 +259,24 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
display: block;
margin: 0 auto 1rem;
}
/* Placeholder logo quando non presente */
.logo-placeholder {
width: 100%;
max-height: 220px;
height: 220px;
display: flex;
align-items: center;
justify-content: center;
border: 1px dashed #cfd4da;
border-radius: 8px;
background: #f8f9fa;
color: #6c757d;
font-weight: 700;
font-size: 28px;
letter-spacing: 1px;
margin: 0 auto 1rem;
}
</style>
</head>
@ -268,12 +311,20 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
<div class="row g-4">
<!-- Colonna sinistra: solo logo -->
<div class="col-lg-4 text-center">
<img src="<?php echo $school['logo'] ? htmlspecialchars($school['logo']) : 'photoschool/default-school.png'; ?>"
alt="Logo Scuola" class="school-logo mb-3">
<?php if (!empty($school['logo'])): ?>
<img id="logoPreview"
src="<?php echo htmlspecialchars($school['logo']); ?>"
alt="Logo Scuola"
class="school-logo mb-3">
<?php else: ?>
<div id="logoPreviewPlaceholder" class="logo-placeholder">NA</div>
<img id="logoPreview" src="" alt="Logo Scuola" class="school-logo mb-3" style="display:none;">
<?php endif; ?>
<div class="mb-3">
<label class="form-label">Cambia Logo (opzionale)</label>
<input type="file" class="form-control" name="logo" accept="image/jpeg,image/png,image/gif">
<input type="file" class="form-control" name="logo" id="logoInput" accept="image/jpeg,image/png,image/gif">
<small class="text-muted d-block mt-1">Max 2MB JPG, PNG, GIF</small>
</div>
</div>
@ -473,7 +524,9 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// Salva HTML prima del submit
document.getElementById('schoolForm').addEventListener('submit', function(e) {
document.getElementById('description-hidden').value = quill.root.innerHTML;
const html = quill.root.innerHTML.trim();
document.getElementById('description-hidden').value = (html === '<p><br></p>' ? '' : html);
});
// ====================== MAPPA (invariata, funziona già) ======================
@ -543,16 +596,54 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
}
});
// Slug automatico
// Slug automatico (JS)
function slugify(str) {
return (str || '')
.toString()
.normalize('NFD').replace(/[\u0300-\u036f]/g, '') // rimuove accenti
.toLowerCase()
.trim()
.replace(/[^a-z0-9\s-]/g, '')
.replace(/\s+/g, '-')
.replace(/-+/g, '-');
}
const nameField = document.querySelector('[name="name"]');
const slugField = document.querySelector('[name="slug"]');
let slugTouched = false;
nameField?.addEventListener('input', function() {
if (!slugTouched) slugField.value = generateSlug(this.value);
if (!slugTouched) slugField.value = slugify(this.value);
});
slugField?.addEventListener('input', () => slugTouched = true);
// ====================== LOGO PREVIEW (before save) ======================
const logoInput = document.getElementById('logoInput');
const logoPreview = document.getElementById('logoPreview');
const logoPlaceholder = document.getElementById('logoPreviewPlaceholder');
logoInput?.addEventListener('change', function() {
const file = this.files && this.files[0];
if (!file) return;
// Basic type check (client-side)
if (!['image/jpeg', 'image/png', 'image/gif'].includes(file.type)) {
alert('Formato non valido. Usa JPG, PNG o GIF.');
this.value = '';
return;
}
const reader = new FileReader();
reader.onload = function(e) {
if (logoPlaceholder) logoPlaceholder.style.display = 'none';
if (logoPreview) {
logoPreview.src = e.target.result;
logoPreview.style.display = 'block';
}
};
reader.readAsDataURL(file);
});
</script>
</body>

8
public/userarea/select_school.php
View File

@ -1,5 +1,10 @@
<?php
session_start();
// IMPORTANT: avoid redirect loop caused by require_school_context
define('SKIP_SCHOOL_CONTEXT', true);
include('include/headscript.php');
error_log("SELECT_SCHOOL HIT - user=" . ($_SESSION['iduserlogin'] ?? 'NOUSER') . " school=" . var_export($_SESSION['school_id'] ?? null, true));
@ -160,7 +165,6 @@ if (count($userSchools) === 1) {
$_SESSION['school_id'] = (int)$userSchools[0]['id'];
$_SESSION['school_name'] = $userSchools[0]['name'];
$_SESSION['school_selected'] = 1;
if (function_exists('session')) {
session([
'school_id' => (int)$userSchools[0]['id'],
@ -179,7 +183,7 @@ if (count($userSchools) > 1 && !empty($_SESSION['school_id']) && !empty($_SESSIO
exit;
}
/*
/*

3
public/userarea/student_profile.php
View File

@ -2,6 +2,9 @@
ini_set('display_errors', 1);
error_reporting(E_ALL);
session_start();
define('SKIP_SCHOOL_CONTEXT', true);
include('include/headscript.php');
$dbHandler = DBHandlerSelect::getInstance();
$pdo = $dbHandler->getConnection();

34
public/userarea/user-settings.php
View File

@ -13,15 +13,26 @@ $pdo = $dbHandler->getConnection();
| 1) Recupera la scuola (come nel tuo esempio)
|--------------------------------------------------------------------------
*/
$stmt = $pdo->prepare("SELECT id, name FROM schools WHERE owner_id = ? LIMIT 1");
$stmt->execute([$iduserlogin]);
$school = $stmt->fetch(PDO::FETCH_ASSOC);
// 1) Recupera school_id dalla sessione (studente) oppure fallback owner (admin/owner)
$school_id = (int)($_SESSION['school_id'] ?? 0);
if (!$school) {
die("Scuola non trovata.");
if ($school_id <= 0) {
// fallback per owner/admin
$stmt = $pdo->prepare("SELECT id, name FROM schools WHERE owner_id = ? LIMIT 1");
$stmt->execute([(int)$iduserlogin]);
$school = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$school) die("Scuola non trovata.");
$school_id = (int)$school['id'];
} else {
// carica dati scuola
$stmt = $pdo->prepare("SELECT id, name FROM schools WHERE id = ? LIMIT 1");
$stmt->execute([$school_id]);
$school = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$school) die("Scuola non trovata.");
}
$school_id = (int)$school['id'];
/*
|--------------------------------------------------------------------------
@ -50,6 +61,17 @@ $is_new = !$settings;
$success_message = "";
$error = "";
if (!$settings) {
$pdo->prepare("
INSERT INTO user_settings (school_id, user_id, locale, timezone, created_at, updated_at)
VALUES (?, ?, 'it', 'Europe/Rome', NOW(), NOW())
")->execute([$school_id, (int)$iduserlogin]);
header("Location: user-settings.php");
exit;
}
/*
|--------------------------------------------------------------------------
| 4) Salvataggio POST

2
public/userarea/user_dashboard.php
View File

@ -90,6 +90,8 @@ if (count($userSchools) === 1 && empty($_SESSION['school_id'])) {
$_SESSION['school_id'] = (int)$userSchools[0]['id'];
$_SESSION['school_name'] = $userSchools[0]['name'];
$_SESSION['school_selected'] = 1;
echo $_SESSION['school_name'];
exit;
}
// Caso: più scuole -> OBBLIGO selezione esplicita