solocla/yogiboook_new
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
yogiboook_new/public/userarea/my_certificates.php

338 lines
14 KiB
PHP
Raw Permalink Blame History

<?php
session_start();
include('include/headscript.php');
if (!isset($_SESSION['iduserlogin'])) {
header('Location: login.php');
exit;
}
$iduserlogin = (int)$_SESSION['iduserlogin'];
$dbHandler = DBHandlerSelect::getInstance();
$pdo = $dbHandler->getConnection();
// =============================================
// CARICAMENTO CERTIFICATO (POST)
// =============================================
$success = $error = "";
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['certificate']) && $_FILES['certificate']['error'] === UPLOAD_ERR_OK) {
$file = $_FILES['certificate'];
$allowed_ext = ['jpg', 'jpeg', 'png', 'pdf', 'heic', 'heif'];
$ext = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
if (!in_array($ext, $allowed_ext)) {
$error = "Formato non supportato. Ammessi: jpg, jpeg, png, pdf, heic, heif";
} elseif ($file['size'] > 10 * 1024 * 1024) {
$error = "File troppo grande (max 10MB)";
} elseif (empty($_POST['expiry_date'])) {
$error = "La data di scadenza è obbligatoria";
} else {
$upload_dir = __DIR__ . '/certificate/';
if (!is_dir($upload_dir)) {
mkdir($upload_dir, 0755, true);
}
$safe_name = preg_replace('/[^a-zA-Z0-9\._-]/', '_', basename($file['name']));
$new_filename = $iduserlogin . '-' . time() . '-' . $safe_name;
$destination = $upload_dir . $new_filename;
if (move_uploaded_file($file['tmp_name'], $destination)) {
$document_name = trim($_POST['document_name'] ?? 'certificato');
if (empty($document_name)) $document_name = 'certificato';
$expiry_date = $_POST['expiry_date'];
$notes = trim($_POST['notes'] ?? '');
$stmt = $pdo->prepare("
INSERT INTO user_medical_certificates
(user_id, filename, stored_path, document_name, expiry_date, notes, uploaded_at)
VALUES (?, ?, ?, ?, ?, ?, NOW())
");
$stmt->execute([
$iduserlogin,
$file['name'],
'userarea/certificate/' . $new_filename, // ← solo questo
$document_name,
$expiry_date,
$notes
]);
$success = "Certificato caricato correttamente!";
} else {
$error = "Errore durante il salvataggio del file.";
}
}
}
// =============================================
// ELIMINAZIONE CERTIFICATO
// =============================================
if (isset($_GET['delete']) && is_numeric($_GET['delete'])) {
$cert_id = (int)$_GET['delete'];
$stmt = $pdo->prepare("SELECT stored_path FROM user_medical_certificates WHERE id = ? AND user_id = ?");
$stmt->execute([$cert_id, $iduserlogin]);
$cert = $stmt->fetch();
if ($cert) {
$full_path = __DIR__ . '/' . $cert['stored_path'];
if (file_exists($full_path)) {
@unlink($full_path);
}
$stmt = $pdo->prepare("DELETE FROM user_medical_certificates WHERE id = ? AND user_id = ?");
$stmt->execute([$cert_id, $iduserlogin]);
$success = "Certificato eliminato.";
}
}
// =============================================
// LISTA CERTIFICATI
// =============================================
$stmt = $pdo->prepare("
SELECT id, filename, stored_path, document_name, expiry_date, uploaded_at, notes
FROM user_medical_certificates
WHERE user_id = ?
ORDER BY uploaded_at DESC
");
$stmt->execute([$iduserlogin]);
$certificates = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Dati utente base (solo per titolo o saluto)
$stmt = $pdo->prepare("SELECT first_name FROM auth_users WHERE id = ?");
$stmt->execute([$iduserlogin]);
$user = $stmt->fetch();
?>
<!doctype html>
<html lang="it">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>I miei Certificati Medici - Yogiboook</title>
<?php include('cssinclude.php'); ?>
<?php include('siteinfo.php'); ?>
<style>
.dropzone {
border: 2px dashed #0d6efd;
border-radius: 10px;
padding: 50px 20px;
text-align: center;
background: #f8f9fa;
transition: all 0.3s;
cursor: pointer;
}
.dropzone.dragover {
background: #e7f1ff;
border-color: #0dcaf0;
}
.table th,
.table td {
vertical-align: middle;
}
.expired {
color: #dc3545;
font-weight: bold;
}
.file-link {
color: #0d6efd;
text-decoration: underline;
cursor: pointer;
}
.file-link:hover {
color: #0056b3;
}
/* Riga rosa tenue per scaduti */
tr.expired-row {
background-color: #ffebee !important;
/* rosa molto chiaro / rosso tenue */
}
/* Badge scaduto */
.badge-expired {
background-color: #dc3545;
color: white;
font-size: 0.8rem;
padding: 0.4em 0.8em;
border-radius: 50px;
}
</style>
</head>
<body>
<div class="wrapper">
<?php include('include/navbar.php'); ?>
<?php include('include/topbar.php'); ?>
<div class="page-wrapper">
<div class="page-content">
<div class="container-xl">
<div class="card shadow">
<div class="card-header bg-primary text-white">
<h4 class="mb-0">I miei Certificati Medici</h4>
</div>
<div class="card-body">
<?php if ($success): ?>
<div class="alert alert-success alert-dismissible fade show">
<?= htmlspecialchars($success) ?>
<button type="button" class="btn-close" data-bs-dismiss="alert"></button>
</div>
<?php endif; ?>
<?php if ($error): ?>
<div class="alert alert-danger alert-dismissible fade show">
<?= htmlspecialchars($error) ?>
<button type="button" class="btn-close" data-bs-dismiss="alert"></button>
</div>
<?php endif; ?>
<!-- FORM UPLOAD -->
<form method="POST" enctype="multipart/form-data" id="uploadForm">
<div class="row g-4 mb-5">
<div class="col-lg-7">
<div class="dropzone" id="dropzone">
<i class="bx bx-cloud-upload bx-lg mb-3 text-primary"></i>
<h5>Trascina qui il file oppure clicca per selezionare</h5>
<p class="text-muted mb-1">Formati: jpg, jpeg, png, pdf, heic, heif (max 10 MB)</p>
<input type="file" name="certificate" id="fileInput" accept=".jpg,.jpeg,.png,.pdf,.heic,.heif" hidden>
</div>
<div id="selectedFileName" class="mt-2 text-primary fw-bold small" style="min-height: 1.5em;"></div>
</div>
<div class="col-lg-5">
<div class="mb-3">
<label class="form-label fw-bold">Nome documento <span class="text-danger">*</span></label>
<input type="text" name="document_name" class="form-control" value="certificato" required>
</div>
<div class="mb-3">
<label class="form-label fw-bold">Data scadenza <span class="text-danger">*</span></label>
<input type="date" name="expiry_date" class="form-control" required>
</div>
<div class="mb-3">
<label class="form-label">Note (opzionale)</label>
<textarea name="notes" class="form-control" rows="2"></textarea>
</div>
<button type="submit" class="btn btn-primary w-100">
<i class="bx bx-upload me-2"></i> Carica Certificato
</button>
</div>
</div>
</form>
<!-- TABELLA CERTIFICATI -->
<?php if (empty($certificates)): ?>
<div class="text-center py-5 text-muted">
<i class="bx bx-file-blank bx-lg"></i>
<h5 class="mt-3">Nessun certificato caricato</h5>
</div>
<?php else: ?>
<h5 class="mt-5 mb-3">Certificati caricati (<?= count($certificates) ?>)</h5>
<div class="table-responsive">
<table class="table table-hover table-bordered align-middle">
<thead class="table-light">
<tr>
<th>Data caricamento</th>
<th>Nome documento / File</th>
<th>Scadenza</th>
<th>Note</th>
<th>Azioni</th>
</tr>
</thead>
<tbody>
<?php foreach ($certificates as $cert):
$file_url = '/' . $cert['stored_path']; // usa percorso root-relative come consigliato prima
$expired = $cert['expiry_date'] && strtotime($cert['expiry_date']) < time();
$row_class = $expired ? 'expired-row' : '';
?>
<tr class="<?= $row_class ?>">
<td><?= date('d/m/Y H:i', strtotime($cert['uploaded_at'])) ?></td>
<td>
<a href="<?= htmlspecialchars($file_url) ?>" target="_blank" class="file-link">
<?= htmlspecialchars($cert['document_name']) ?>
<br>
<small class="text-muted">(<?= htmlspecialchars($cert['filename']) ?>)</small>
</a>
</td>
<td class="<?= $expired ? 'expired' : '' ?>">
<?= $cert['expiry_date'] ? date('d/m/Y', strtotime($cert['expiry_date'])) : '—' ?>
<?php if ($expired): ?>
<span class="badge-expired ms-2">SCADUTO</span>
<?php endif; ?>
</td>
<td><?= $cert['notes'] ? nl2br(htmlspecialchars(substr($cert['notes'], 0, 100))) . (strlen($cert['notes']) > 100 ? '...' : '') : '—' ?></td>
<td class="text-center">
<a href="?delete=<?= $cert['id'] ?>" class="btn btn-sm btn-outline-danger delete-cert"
onclick="return confirm('Vuoi davvero eliminare questo certificato?');">
<i class="bx bx-trash"></i> Elimina
</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<?php endif; ?>
</div>
</div>
</div>
</div>
</div>
<?php include('include/footer.php'); ?>
</div>
<?php include('jsinclude.php'); ?>
<script>
const dropzone = document.getElementById('dropzone');
const fileInput = document.getElementById('fileInput');
dropzone.addEventListener('click', () => fileInput.click());
dropzone.addEventListener('dragover', (e) => {
e.preventDefault();
dropzone.classList.add('dragover');
});
dropzone.addEventListener('dragleave', () => {
dropzone.classList.remove('dragover');
});
dropzone.addEventListener('drop', (e) => {
e.preventDefault();
dropzone.classList.remove('dragover');
if (e.dataTransfer.files.length > 0) {
fileInput.files = e.dataTransfer.files;
document.getElementById('uploadForm').submit();
}
});
fileInput.addEventListener('change', function() {
const fileNameDiv = document.getElementById('selectedFileName');
if (this.files.length > 0) {
fileNameDiv.textContent = 'File selezionato: ' + this.files[0].name;
fileNameDiv.classList.add('text-success');
} else {
fileNameDiv.textContent = '';
fileNameDiv.classList.remove('text-success');
}
});
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink