fixed different login
This commit is contained in:
@@ -9,8 +9,9 @@ error_reporting(E_ALL | E_STRICT);
|
||||
|
||||
include('../../extra/auth.php');
|
||||
|
||||
if (! Auth::check()) {
|
||||
if (!Auth::check()) {
|
||||
redirectTo('../../public/login');
|
||||
exit;
|
||||
}
|
||||
|
||||
$user = Auth::user();
|
||||
@@ -20,42 +21,65 @@ $nameuser = $user->present()->first_name;
|
||||
$surnameuser = $user->present()->last_name;
|
||||
$emailuser = $user->present()->email;
|
||||
$avatar = $user->present()->avatar;
|
||||
$kindofrole = $user->present()->role_id; // <-- Questo è il ruolo (es. 1=admin, 2=teacher, 3=student, ecc.)
|
||||
$kindofrole = $user->present()->role_id;
|
||||
$kindofrole = (int)$user->present()->role_id;
|
||||
|
||||
// --- INIZIO: Reindirizzamento intelligente per studenti senza profilo ---
|
||||
if (session_status() == PHP_SESSION_NONE) {
|
||||
|
||||
// Definisci ruolo studente (conferma che sia 2!)
|
||||
define('ROLE_STUDENTE', 2);
|
||||
|
||||
// Avvia sessione se non attiva
|
||||
if (session_status() === PHP_SESSION_NONE) {
|
||||
session_start();
|
||||
}
|
||||
|
||||
// Definisci qui l'ID del ruolo STUDENTE (cambialo se è diverso!)
|
||||
define('ROLE_STUDENTE', 2); // Cambia 3 con il ruolo corretto del tuo studente
|
||||
|
||||
// Escludi alcune pagine dove NON vuoi il redirect (es. login, logout, profile)
|
||||
$current_page = basename($_SERVER['PHP_SELF']);
|
||||
$no_redirect_pages = ['login.php', 'logout.php', 'student_profile.php', 'register.php'];
|
||||
|
||||
if (
|
||||
$kindofrole == ROLE_STUDENTE &&
|
||||
!in_array($current_page, $no_redirect_pages) &&
|
||||
!isset($_SESSION['student_profile_completed'])
|
||||
) {
|
||||
// Controlla se esiste il record in tabella students
|
||||
$stmt = $db->prepare("SELECT id FROM students WHERE user_id = ? LIMIT 1");
|
||||
// Pagine escluse da TUTTI i redirect/redirect automatici
|
||||
$excluded_pages = [
|
||||
'login.php',
|
||||
'logout.php',
|
||||
'register.php',
|
||||
'forgot-password.php', // se esiste
|
||||
'student_profile.php',
|
||||
'select_school.php'
|
||||
];
|
||||
|
||||
// ================================================
|
||||
// 1. CREAZIONE AUTOMATICA PROFILO STUDENTE (se manca)
|
||||
// ================================================
|
||||
if ($kindofrole === ROLE_STUDENTE && !in_array($current_page, $excluded_pages)) {
|
||||
|
||||
$stmt = $db->prepare("SELECT 1 FROM students WHERE user_id = ? LIMIT 1");
|
||||
$stmt->execute([$iduserlogin]);
|
||||
$student_exists = $stmt->fetch();
|
||||
$profile_exists = $stmt->fetchColumn();
|
||||
|
||||
if (!$student_exists) {
|
||||
// Non ha completato il profilo → reindirizza
|
||||
$_SESSION['student_profile_pending'] = true;
|
||||
header("Location: student_profile.php");
|
||||
exit;
|
||||
if (!$profile_exists) {
|
||||
// Crea record minimo obbligatorio
|
||||
$stmt_insert = $db->prepare("
|
||||
INSERT INTO students (
|
||||
user_id,
|
||||
billing_country,
|
||||
shipping_same_as_billing,
|
||||
privacy_consent,
|
||||
created_at,
|
||||
updated_at
|
||||
) VALUES (
|
||||
?, 'Italia', 1, 1, NOW(), NOW()
|
||||
)
|
||||
");
|
||||
$stmt_insert->execute([$iduserlogin]);
|
||||
|
||||
// Imposta flag per non rifare controlli inutili
|
||||
$_SESSION['student_profile_completed'] = true;
|
||||
} else {
|
||||
// Ha già completato → segna per non controllare più
|
||||
$_SESSION['student_profile_completed'] = true;
|
||||
}
|
||||
}
|
||||
// --- FINE: Reindirizzamento intelligente ---
|
||||
|
||||
// ================================================
|
||||
// 2. SALVA DATI UTENTE IN SESSIONE
|
||||
// ================================================
|
||||
$_SESSION["iduserlogin"] = $iduserlogin;
|
||||
$_SESSION["nameuser"] = $nameuser;
|
||||
$_SESSION["surnameuser"] = $surnameuser;
|
||||
@@ -64,12 +88,44 @@ $_SESSION["photouser"] = $avatar;
|
||||
|
||||
$photouser = $_SESSION["photouser"];
|
||||
|
||||
if (defined('SKIP_SCHOOL_CONTEXT') && SKIP_SCHOOL_CONTEXT === true) {
|
||||
return; // oppure salta SOLO i redirect scuola
|
||||
}
|
||||
|
||||
// ================================================
|
||||
// 3. LOGICA SCUOLA (solo se profilo base esiste)
|
||||
// ================================================
|
||||
$has_school_association = false;
|
||||
|
||||
$stmt_school_check = $db->prepare("SELECT 1 FROM user_schools WHERE user_id = ? LIMIT 1");
|
||||
$stmt_school_check->execute([$iduserlogin]);
|
||||
$has_school_association = (bool) $stmt_school_check->fetchColumn();
|
||||
|
||||
// include school settings
|
||||
include('schoolid_select.php');
|
||||
if ($has_school_association) {
|
||||
// include('schoolid_select.php');
|
||||
}
|
||||
|
||||
// Carica impostazioni scuola solo se c'è school_id valida
|
||||
$pages_allow_no_school = ['school_profile.php'];
|
||||
|
||||
// include school settings
|
||||
include('school_settings_loader.php');
|
||||
if (isset($_SESSION['school_id']) && (int)$_SESSION['school_id'] > 0) {
|
||||
include('school_settings_loader.php');
|
||||
} else {
|
||||
// Per studenti: se non ha scuola selezionata → vai a select_school
|
||||
if ($kindofrole === ROLE_STUDENTE && !in_array($current_page, $excluded_pages)) {
|
||||
header("Location: select_school.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
// Per owner/admin: vai a school_profile se non è una pagina permessa
|
||||
elseif (!in_array($current_page, $pages_allow_no_school)) {
|
||||
header("Location: school_profile.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
// Default impostazioni minime
|
||||
$schoolSettings = [
|
||||
'timezone' => 'Europe/Rome',
|
||||
'locale' => 'it',
|
||||
];
|
||||
}
|
||||
|
||||
@@ -9,8 +9,7 @@ if (!empty($_SESSION['school_id'])) {
|
||||
$stmt_school = $pdo->prepare("SELECT name, logo FROM schools WHERE id = ?");
|
||||
$stmt_school->execute([$school_id]);
|
||||
$current_school = $stmt_school->fetch(PDO::FETCH_ASSOC);
|
||||
echo $current_school['name'];
|
||||
echo "Ciao";
|
||||
|
||||
if ($current_school) {
|
||||
$school_display_name = $current_school['name'];
|
||||
|
||||
@@ -24,6 +23,14 @@ if (!empty($_SESSION['school_id'])) {
|
||||
}
|
||||
}
|
||||
?>
|
||||
<?php
|
||||
// Gate per mostrare logo + menu Utente
|
||||
// - Admin e User: sempre
|
||||
// - school_owner: solo se ha record in user_schools
|
||||
$showUserArea = (Auth::user()->hasRole('Admin') || Auth::user()->hasRole('User'))
|
||||
|| (Auth::user()->hasRole('school_owner') && !empty($hasUserSchools));
|
||||
?>
|
||||
|
||||
<style>
|
||||
.school-info {
|
||||
background: #f8f9fa;
|
||||
@@ -55,26 +62,28 @@ if (!empty($_SESSION['school_id'])) {
|
||||
<!--navigation-->
|
||||
<ul class="metismenu" id="menu">
|
||||
<!-- Logo e nome scuola corrente -->
|
||||
<!-- Logo e nome scuola corrente (rettangolare, naturale) -->
|
||||
<div class="school-info text-center py-3 px-2 border-bottom">
|
||||
<?php if ($logoRaw): ?>
|
||||
<img src="<?= htmlspecialchars($logoRaw) ?>"
|
||||
alt="Logo <?= htmlspecialchars($school_display_name) ?>"
|
||||
class="img-fluid mb-2"
|
||||
style="max-height: 80px; width: auto; object-fit: contain; border-radius: 8px; border: 1px solid #e9ecef; box-shadow: 0 2px 6px rgba(0,0,0,0.08);">
|
||||
<?php else: ?>
|
||||
<div class="bg-light d-inline-block p-3 mb-2 rounded-3" style="width: 60px; height: 60px;">
|
||||
<i class="bx bx-building-house bx-md text-muted"></i>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
<?php if ($showUserArea): ?>
|
||||
<div class="school-info text-center py-3 px-2 border-bottom">
|
||||
<?php if (!empty($logoRaw)): ?>
|
||||
<img src="<?= htmlspecialchars($logoRaw) ?>"
|
||||
alt="Logo <?= htmlspecialchars($school_display_name) ?>"
|
||||
class="img-fluid mb-2"
|
||||
style="max-height: 80px; width: auto; object-fit: contain; border-radius: 8px; border: 1px solid #e9ecef; box-shadow: 0 2px 6px rgba(0,0,0,0.08);">
|
||||
<?php else: ?>
|
||||
<div class="bg-light d-inline-block p-3 mb-2 rounded-3" style="width: 60px; height: 60px;">
|
||||
<i class="bx bx-building-house bx-md text-muted"></i>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
|
||||
<div class="fw-bold text-truncate" style="font-size: 1rem; max-width: 180px; margin: 0 auto;">
|
||||
<?= htmlspecialchars($school_display_name) ?>
|
||||
<div class="fw-bold text-truncate" style="font-size: 1rem; max-width: 180px; margin: 0 auto;">
|
||||
<?= htmlspecialchars($school_display_name) ?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
|
||||
<?php
|
||||
//menù user
|
||||
if ((Auth::user()->hasRole('User')) || (Auth::user()->hasRole('Admin'))) : ?>
|
||||
if ($showUserArea) : ?>
|
||||
<li class="menu-label">Utente</li>
|
||||
<li>
|
||||
<a href="user_dashboard.php">
|
||||
@@ -145,12 +154,12 @@ if (!empty($_SESSION['school_id'])) {
|
||||
</a>
|
||||
</li>
|
||||
<?php endif; ?>
|
||||
<li class="menu-label">Insegnanti</li>
|
||||
|
||||
<?php
|
||||
//menù teacher
|
||||
|
||||
if ((Auth::user()->hasRole('school_owner')) || (Auth::user()->hasRole('Admin'))) : ?>
|
||||
|
||||
<li class="menu-label">Insegnanti</li>
|
||||
<li>
|
||||
<a href="teacher_list.php">
|
||||
<div class="parent-icon"><i class="bx bx-chalkboard"></i></div>
|
||||
|
||||
@@ -1,70 +1,65 @@
|
||||
<?php
|
||||
// include/school_settings_loader.php
|
||||
|
||||
// Evita inclusioni multiple
|
||||
if (defined('SCHOOL_SETTINGS_LOADED')) return;
|
||||
define('SCHOOL_SETTINGS_LOADED', true);
|
||||
|
||||
global $schoolSettings; // o usa $_SESSION['school_settings'] se preferisci
|
||||
global $schoolSettings;
|
||||
|
||||
$pdo = DBHandlerSelect::getInstance()->getConnection();
|
||||
|
||||
// 1) Prova a prendere school_id dalla sessione
|
||||
$school_id = (int)($_SESSION['school_id'] ?? 0);
|
||||
|
||||
// 2) Se non c'è, prova a risolverlo dal DB via owner (utente loggato)
|
||||
if ($school_id <= 0) {
|
||||
// Nessuna scuola selezionata → valori di default minimi
|
||||
$schoolSettings = [
|
||||
'portal_purchases_enabled' => 0,
|
||||
'allowed_product_types' => 'subscription,carnet,drop_in',
|
||||
'payment_methods' => 'manual',
|
||||
'currency_code' => 'EUR',
|
||||
'enable_notifications' => 1,
|
||||
'allow_freeze_global' => 1,
|
||||
'freeze_max_days_global' => 30,
|
||||
'auto_propagate_on_purchase' => 1,
|
||||
'allow_full_access_rebooking' => 1,
|
||||
// ... aggiungi tutti gli altri campi con default sensati
|
||||
];
|
||||
} else {
|
||||
$pdo = DBHandlerSelect::getInstance()->getConnection();
|
||||
$owner_id = (int)($iduserlogin ?? $_SESSION['iduserlogin'] ?? 0);
|
||||
|
||||
$stmt = $pdo->prepare("
|
||||
SELECT *
|
||||
FROM school_settings
|
||||
WHERE school_id = ?
|
||||
LIMIT 1
|
||||
");
|
||||
if ($owner_id > 0) {
|
||||
$stmt = $pdo->prepare("SELECT id FROM schools WHERE owner_id = ? ORDER BY id DESC LIMIT 1");
|
||||
$stmt->execute([$owner_id]);
|
||||
$school_id = (int)($stmt->fetchColumn() ?: 0);
|
||||
|
||||
if ($school_id > 0) {
|
||||
$_SESSION['school_id'] = $school_id; // sincronizza sessione
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Default settings MINIMI (se non esiste scuola o settings)
|
||||
$defaults = [
|
||||
'portal_purchases_enabled' => 0,
|
||||
'allowed_product_types' => 'subscription,carnet,drop_in',
|
||||
'payment_methods' => 'manual',
|
||||
'currency_code' => 'EUR',
|
||||
'enable_notifications' => 1,
|
||||
'allow_freeze_global' => 1,
|
||||
'freeze_max_days_global' => 30,
|
||||
'auto_propagate_on_purchase' => 1,
|
||||
'allow_full_access_rebooking' => 1,
|
||||
];
|
||||
|
||||
if ($school_id <= 0) {
|
||||
// Nessuna scuola → default
|
||||
$schoolSettings = $defaults;
|
||||
} else {
|
||||
// Carica settings se esistono
|
||||
$stmt = $pdo->prepare("SELECT * FROM school_settings WHERE school_id = ? LIMIT 1");
|
||||
$stmt->execute([$school_id]);
|
||||
$settings = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
if ($settings) {
|
||||
$schoolSettings = $settings;
|
||||
} else {
|
||||
// Scuola senza impostazioni → crea record con default
|
||||
$stmt_insert = $pdo->prepare("
|
||||
INSERT INTO school_settings (school_id) VALUES (?)
|
||||
");
|
||||
$stmt_insert->execute([$school_id]);
|
||||
if (!$settings) {
|
||||
// Se mancano, crea riga base (solo school_id) e ricarica
|
||||
$stmtIns = $pdo->prepare("INSERT INTO school_settings (school_id) VALUES (?)");
|
||||
$stmtIns->execute([$school_id]);
|
||||
|
||||
// Ricarica dopo insert
|
||||
$stmt = $pdo->prepare("SELECT * FROM school_settings WHERE school_id = ? LIMIT 1");
|
||||
$stmt->execute([$school_id]);
|
||||
$schoolSettings = $stmt->fetch(PDO::FETCH_ASSOC) ?: [];
|
||||
$settings = $stmt->fetch(PDO::FETCH_ASSOC) ?: [];
|
||||
}
|
||||
|
||||
// Fallback per campi che potrebbero essere NULL
|
||||
$schoolSettings = array_merge([
|
||||
'portal_purchases_enabled' => 1,
|
||||
'allowed_product_types' => 'subscription,carnet,drop_in',
|
||||
'payment_methods' => 'manual',
|
||||
'currency_code' => 'EUR',
|
||||
'enable_notifications' => 1,
|
||||
'allow_freeze_global' => 1,
|
||||
'freeze_max_days_global' => 30,
|
||||
'auto_propagate_on_purchase' => 1,
|
||||
'allow_full_access_rebooking' => 1,
|
||||
// ... tutti gli altri campi che vuoi default
|
||||
], $schoolSettings);
|
||||
$schoolSettings = array_merge($defaults, $settings);
|
||||
}
|
||||
|
||||
// Trasforma stringhe separate da virgola in array (molto comodo)
|
||||
$schoolSettings['payment_methods_array'] = array_filter(explode(',', $schoolSettings['payment_methods'] ?? ''));
|
||||
$schoolSettings['allowed_product_types_array'] = array_filter(explode(',', $schoolSettings['allowed_product_types'] ?? ''));
|
||||
// Helpers array
|
||||
$schoolSettings['payment_methods_array'] = array_filter(array_map('trim', explode(',', $schoolSettings['payment_methods'] ?? '')));
|
||||
$schoolSettings['allowed_product_types_array'] = array_filter(array_map('trim', explode(',', $schoolSettings['allowed_product_types'] ?? '')));
|
||||
|
||||
@@ -1,14 +1,26 @@
|
||||
<?php
|
||||
// check school id if user go to select school
|
||||
// include/require_school_context.php
|
||||
// include/schoolid_select.php
|
||||
|
||||
// ========================================
|
||||
// SKIP se siamo già su select_school.php
|
||||
// ========================================
|
||||
if (defined('SKIP_SCHOOL_CONTEXT')) {
|
||||
return; // esce senza eseguire nulla
|
||||
}
|
||||
|
||||
if (!defined('APP_BASE')) {
|
||||
$base = rtrim(str_replace('\\', '/', dirname($_SERVER['SCRIPT_NAME'])), '/');
|
||||
define('APP_BASE', $base === '' ? '' : $base);
|
||||
}
|
||||
|
||||
// check school id if user go to select school
|
||||
if (Auth::user()->hasRole('User')) {
|
||||
|
||||
$school_id = (int)($_SESSION['school_id'] ?? 0);
|
||||
|
||||
if ($school_id <= 0) {
|
||||
// manda alla pagina che decide: 1 scuola -> set in automatico, >1 -> selezione
|
||||
header('Location: /select-school.php');
|
||||
header('Location: ' . APP_BASE . '/select_school.php');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
@@ -40,8 +52,17 @@ if (
|
||||
if ($owner_school_id > 0) {
|
||||
$_SESSION['school_id'] = $owner_school_id;
|
||||
} else {
|
||||
// caso limite: admin/owner senza scuola
|
||||
die('Nessuna scuola associata a questo account.');
|
||||
// owner/admin senza scuola: mandalo alla pagina profilo che permette di crearla
|
||||
$current_page = basename($_SERVER['PHP_SELF']);
|
||||
|
||||
// evita loop: se sei già su school_profile.php non redirectare di nuovo
|
||||
if ($current_page !== 'school_profile.php') {
|
||||
header("Location: school_profile.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
// se sei già nella pagina profilo, lascia proseguire senza school_id
|
||||
unset($_SESSION['school_id']);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user