getConnection(); // Recupera la scuola $stmt = $pdo->prepare("SELECT id, name FROM schools WHERE owner_id = ?"); $stmt->execute([$iduserlogin]); $school = $stmt->fetch(); if (!$school) die("Scuola non trovata."); $school_id = (int)$school['id']; // === UTENTI DELLA SCUOLA (dropdown cercabile) === $stmtUsers = $pdo->prepare(" SELECT au.id, au.first_name, au.last_name, au.email FROM user_schools us JOIN auth_users au ON au.id = us.user_id WHERE us.school_id = ? AND us.status = 'active' ORDER BY au.first_name, au.last_name "); $stmtUsers->execute([$school_id]); $schoolUsers = $stmtUsers->fetchAll(PDO::FETCH_ASSOC); // === PRODOTTI ATTIVI === $stmtProd = $pdo->prepare(" SELECT id, name, type FROM products WHERE school_id = ? AND status = 'active' ORDER BY name "); $stmtProd->execute([$school_id]); $products = $stmtProd->fetchAll(PDO::FETCH_ASSOC); // === VARIAZIONI ATTIVE (per filtro lato JS) === $variations = []; if (!empty($products)) { $prodIds = array_column($products, 'id'); $in = implode(',', array_fill(0, count($prodIds), '?')); $stmtVar = $pdo->prepare(" SELECT id, product_id, name, price, duration_days, max_entries, max_recoveries FROM product_variations WHERE product_id IN ($in) AND status = 'active' ORDER BY product_id, name "); $stmtVar->execute($prodIds); $variations = $stmtVar->fetchAll(PDO::FETCH_ASSOC); } // === CLASSI ATTIVE === $stmtClasses = $pdo->prepare(" SELECT id, name FROM classes WHERE school_id = ? AND status = 'active' ORDER BY name "); $stmtClasses->execute([$school_id]); $classes = $stmtClasses->fetchAll(PDO::FETCH_ASSOC); // === CLASS TYPES (filtrati lato JS per class_id) === $stmtCT = $pdo->prepare(" SELECT ct.id, ct.class_id, ct.level, ct.day_of_week FROM class_types ct JOIN classes c ON ct.class_id = c.id WHERE c.school_id = ? ORDER BY c.name, ct.day_of_week, ct.level "); $stmtCT->execute([$school_id]); $classTypes = $stmtCT->fetchAll(PDO::FETCH_ASSOC); $feedback = ''; if ($_SERVER['REQUEST_METHOD'] === 'POST') { $action = $_POST['action'] ?? ''; if ($action === 'add_order_manual') { $user_id = (int)($_POST['user_id'] ?? 0); $product_id = (int)($_POST['product_id'] ?? 0); $variation_id = (int)($_POST['variation_id'] ?? 0); $payment_method = trim($_POST['payment_method'] ?? ''); $status = trim($_POST['status'] ?? 'completed'); $price = isset($_POST['price']) ? (float)str_replace(',', '.', $_POST['price']) : 0.0; $total_entries = ($_POST['total_entries'] ?? '') !== '' ? (int)$_POST['total_entries'] : null; $available_entries = ($_POST['available_entries'] ?? '') !== '' ? (int)$_POST['available_entries'] : null; $activation_date = $_POST['activation_date'] ?? date('Y-m-d'); $expiration_date = $_POST['expiration_date'] ?? null; $expiration_date = ($expiration_date === '') ? null : $expiration_date; $class_id = ($_POST['class_id'] ?? '') !== '' ? (int)$_POST['class_id'] : null; $class_type_id = ($_POST['class_type_id'] ?? '') !== '' ? (int)$_POST['class_type_id'] : null; // Validazioni base if ($user_id <= 0 || $product_id <= 0 || $payment_method === '') { $feedback = '
Compila utente, prodotto e metodo di pagamento.
'; } else { // 1) utente appartiene alla scuola $stmt = $pdo->prepare("SELECT 1 FROM user_schools WHERE school_id = ? AND user_id = ? AND status='active' LIMIT 1"); $stmt->execute([$school_id, $user_id]); if (!$stmt->fetchColumn()) { $feedback = '
Utente non associato alla scuola.
'; } else { // 2) prodotto appartiene alla scuola $stmt = $pdo->prepare("SELECT id FROM products WHERE id=? AND school_id=? AND status='active' LIMIT 1"); $stmt->execute([$product_id, $school_id]); if (!$stmt->fetchColumn()) { $feedback = '
Prodotto non valido.
'; } else { // 3) se variation_id valorizzato, deve appartenere al prodotto $varMeta = null; if ($variation_id > 0) { $stmt = $pdo->prepare("SELECT id, price, duration_days, max_entries, max_recoveries FROM product_variations WHERE id=? AND product_id=? AND status='active' LIMIT 1"); $stmt->execute([$variation_id, $product_id]); $varMeta = $stmt->fetch(PDO::FETCH_ASSOC); if (!$varMeta) { $feedback = '
Variazione non valida.
'; } } if ($feedback === '') { // 4) class / class_type se presenti devono essere coerenti e della scuola if ($class_id) { $stmt = $pdo->prepare("SELECT 1 FROM classes WHERE id=? AND school_id=? LIMIT 1"); $stmt->execute([$class_id, $school_id]); if (!$stmt->fetchColumn()) { $feedback = '
Classe non valida.
'; } } if ($class_type_id) { $stmt = $pdo->prepare(" SELECT 1 FROM class_types ct JOIN classes c ON ct.class_id = c.id WHERE ct.id=? AND c.school_id=? LIMIT 1 "); $stmt->execute([$class_type_id, $school_id]); if (!$stmt->fetchColumn()) { $feedback = '
Class type non valido.
'; } } } if ($feedback === '') { // Autocomplete intelligente da variazione se non inserito if ($varMeta) { if ($price <= 0) $price = (float)$varMeta['price']; if ($total_entries === null && $varMeta['max_entries'] !== null) $total_entries = (int)$varMeta['max_entries']; if ($available_entries === null && $total_entries !== null) $available_entries = $total_entries; if (!$expiration_date && !empty($varMeta['duration_days'])) { $d = new DateTime($activation_date); $d->modify('+' . (int)$varMeta['duration_days'] . ' days'); $expiration_date = $d->format('Y-m-d'); } $available_recoveries = ($varMeta['max_recoveries'] !== null) ? (int)$varMeta['max_recoveries'] : null; } else { $available_recoveries = null; } // order_number progressivo per scuola try { $pdo->beginTransaction(); $stmt = $pdo->prepare("SELECT COALESCE(MAX(order_number),0) + 1 FROM orders WHERE school_id=? FOR UPDATE"); $stmt->execute([$school_id]); $nextOrderNumber = (int)$stmt->fetchColumn(); $stmtIns = $pdo->prepare(" INSERT INTO orders (order_number, school_id, user_id, product_id, variation_id, class_id, class_type_id, created_at, payment_method, price, status, total_entries, available_entries, available_recoveries, expiration_date, activation_date) VALUES (?, ?, ?, ?, ?, ?, ?, NOW(), ?, ?, ?, ?, ?, ?, ?, ?) "); $stmtIns->execute([ $nextOrderNumber, $school_id, $user_id, $product_id, ($variation_id > 0 ? $variation_id : null), $class_id, $class_type_id, $payment_method, $price, $status, $total_entries, $available_entries, $available_recoveries, $expiration_date, $activation_date ]); $pdo->commit(); $feedback = '
Ordine manuale inserito con successo!
'; } catch (Exception $e) { if ($pdo->inTransaction()) $pdo->rollBack(); $feedback = '
Errore inserimento ordine: ' . htmlspecialchars($e->getMessage()) . '
'; } } } } } } } // Recupera tutti gli ordini con tutti i dati necessari $stmt = $pdo->prepare(" SELECT o.id, o.order_number, o.created_at, o.price, o.status, o.payment_method, o.total_entries, o.available_entries, o.expiration_date, u.first_name, u.last_name, u.email, p.name AS product_name, pv.name AS variation_name, c.name AS class_name, ct.level, ct.day_of_week FROM orders o JOIN auth_users u ON o.user_id = u.id JOIN products p ON o.product_id = p.id LEFT JOIN product_variations pv ON o.variation_id = pv.id LEFT JOIN classes c ON o.class_id = c.id LEFT JOIN class_types ct ON o.class_type_id = ct.id WHERE o.school_id = ? ORDER BY o.created_at DESC "); $stmt->execute([$school_id]); $orders = $stmt->fetchAll(PDO::FETCH_ASSOC); ?> Ordini - <?php echo htmlspecialchars($school['name']); ?>

Gestione Ordini

Data Ordine # Cliente Email Prodotto Variazione Prezzo Ingressi Scadenza Stato Pagamento Lezione Azioni

# Nessuna
() Tutte le classi