319 lines
14 KiB
PHP
319 lines
14 KiB
PHP
<?php
|
|
session_start();
|
|
include('include/headscript.php');
|
|
|
|
if (!isset($_SESSION['iduserlogin'])) {
|
|
header('Location: login.php');
|
|
exit;
|
|
}
|
|
|
|
$iduserlogin = (int)$_SESSION['iduserlogin'];
|
|
|
|
$dbHandler = DBHandlerSelect::getInstance();
|
|
$pdo = $dbHandler->getConnection();
|
|
|
|
// =============================================
|
|
// CARICAMENTO CERTIFICATO (POST)
|
|
// =============================================
|
|
$success = $error = "";
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['certificate']) && $_FILES['certificate']['error'] === UPLOAD_ERR_OK) {
|
|
$file = $_FILES['certificate'];
|
|
$allowed_ext = ['jpg', 'jpeg', 'png', 'pdf', 'heic', 'heif'];
|
|
$ext = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
|
|
|
|
if (!in_array($ext, $allowed_ext)) {
|
|
$error = "Formato non supportato. Ammessi: jpg, jpeg, png, pdf, heic, heif";
|
|
} elseif ($file['size'] > 10 * 1024 * 1024) {
|
|
$error = "File troppo grande (max 10MB)";
|
|
} elseif (empty($_POST['expiry_date'])) {
|
|
$error = "La data di scadenza è obbligatoria";
|
|
} else {
|
|
$upload_dir = __DIR__ . '/certificate/';
|
|
if (!is_dir($upload_dir)) {
|
|
mkdir($upload_dir, 0755, true);
|
|
}
|
|
|
|
$safe_name = preg_replace('/[^a-zA-Z0-9\._-]/', '_', basename($file['name']));
|
|
$new_filename = $iduserlogin . '-' . time() . '-' . $safe_name;
|
|
$destination = $upload_dir . $new_filename;
|
|
|
|
if (move_uploaded_file($file['tmp_name'], $destination)) {
|
|
$document_name = trim($_POST['document_name'] ?? 'certificato');
|
|
if (empty($document_name)) $document_name = 'certificato';
|
|
|
|
$expiry_date = $_POST['expiry_date'];
|
|
$notes = trim($_POST['notes'] ?? '');
|
|
|
|
$stmt = $pdo->prepare("
|
|
INSERT INTO user_medical_certificates
|
|
(user_id, filename, stored_path, document_name, expiry_date, notes, uploaded_at)
|
|
VALUES (?, ?, ?, ?, ?, ?, NOW())
|
|
");
|
|
$stmt->execute([
|
|
$iduserlogin,
|
|
$file['name'],
|
|
'certificate/' . $new_filename,
|
|
$document_name,
|
|
$expiry_date,
|
|
$notes
|
|
]);
|
|
|
|
$success = "Certificato caricato correttamente!";
|
|
} else {
|
|
$error = "Errore durante il salvataggio del file.";
|
|
}
|
|
}
|
|
}
|
|
|
|
// =============================================
|
|
// ELIMINAZIONE CERTIFICATO
|
|
// =============================================
|
|
if (isset($_GET['delete']) && is_numeric($_GET['delete'])) {
|
|
$cert_id = (int)$_GET['delete'];
|
|
|
|
$stmt = $pdo->prepare("SELECT stored_path FROM user_medical_certificates WHERE id = ? AND user_id = ?");
|
|
$stmt->execute([$cert_id, $iduserlogin]);
|
|
$cert = $stmt->fetch();
|
|
|
|
if ($cert) {
|
|
$full_path = __DIR__ . '/' . $cert['stored_path'];
|
|
if (file_exists($full_path)) {
|
|
@unlink($full_path);
|
|
}
|
|
|
|
$stmt = $pdo->prepare("DELETE FROM user_medical_certificates WHERE id = ? AND user_id = ?");
|
|
$stmt->execute([$cert_id, $iduserlogin]);
|
|
|
|
$success = "Certificato eliminato.";
|
|
}
|
|
}
|
|
|
|
// =============================================
|
|
// LISTA CERTIFICATI
|
|
// =============================================
|
|
$stmt = $pdo->prepare("
|
|
SELECT id, filename, stored_path, document_name, expiry_date, uploaded_at, notes
|
|
FROM user_medical_certificates
|
|
WHERE user_id = ?
|
|
ORDER BY uploaded_at DESC
|
|
");
|
|
$stmt->execute([$iduserlogin]);
|
|
$certificates = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
// Dati utente base (solo per titolo o saluto)
|
|
$stmt = $pdo->prepare("SELECT first_name FROM auth_users WHERE id = ?");
|
|
$stmt->execute([$iduserlogin]);
|
|
$user = $stmt->fetch();
|
|
?>
|
|
|
|
<!doctype html>
|
|
<html lang="it">
|
|
|
|
<head>
|
|
<meta charset="utf-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
|
<title>I miei Certificati Medici - Yogiboook</title>
|
|
<?php include('cssinclude.php'); ?>
|
|
<?php include('siteinfo.php'); ?>
|
|
<style>
|
|
.dropzone {
|
|
border: 2px dashed #0d6efd;
|
|
border-radius: 10px;
|
|
padding: 50px 20px;
|
|
text-align: center;
|
|
background: #f8f9fa;
|
|
transition: all 0.3s;
|
|
cursor: pointer;
|
|
}
|
|
|
|
.dropzone.dragover {
|
|
background: #e7f1ff;
|
|
border-color: #0dcaf0;
|
|
}
|
|
|
|
.table th,
|
|
.table td {
|
|
vertical-align: middle;
|
|
}
|
|
|
|
.expired {
|
|
color: #dc3545;
|
|
font-weight: bold;
|
|
}
|
|
|
|
.file-link {
|
|
color: #0d6efd;
|
|
text-decoration: underline;
|
|
cursor: pointer;
|
|
}
|
|
|
|
.file-link:hover {
|
|
color: #0056b3;
|
|
}
|
|
</style>
|
|
</head>
|
|
|
|
<body>
|
|
<div class="wrapper">
|
|
<?php include('include/navbar.php'); ?>
|
|
<?php include('include/topbar.php'); ?>
|
|
|
|
<div class="page-wrapper">
|
|
<div class="page-content">
|
|
<div class="container-xl">
|
|
|
|
<div class="card shadow">
|
|
<div class="card-header bg-primary text-white">
|
|
<h4 class="mb-0">I miei Certificati Medici</h4>
|
|
</div>
|
|
|
|
<div class="card-body">
|
|
|
|
<?php if ($success): ?>
|
|
<div class="alert alert-success alert-dismissible fade show">
|
|
<?= htmlspecialchars($success) ?>
|
|
<button type="button" class="btn-close" data-bs-dismiss="alert"></button>
|
|
</div>
|
|
<?php endif; ?>
|
|
|
|
<?php if ($error): ?>
|
|
<div class="alert alert-danger alert-dismissible fade show">
|
|
<?= htmlspecialchars($error) ?>
|
|
<button type="button" class="btn-close" data-bs-dismiss="alert"></button>
|
|
</div>
|
|
<?php endif; ?>
|
|
|
|
<!-- FORM UPLOAD -->
|
|
<form method="POST" enctype="multipart/form-data" id="uploadForm">
|
|
<div class="row g-4 mb-5">
|
|
<div class="col-lg-7">
|
|
<div class="dropzone" id="dropzone">
|
|
<i class="bx bx-cloud-upload bx-lg mb-3 text-primary"></i>
|
|
<h5>Trascina qui il file oppure clicca per selezionare</h5>
|
|
<p class="text-muted mb-1">Formati: jpg, jpeg, png, pdf, heic, heif (max 10 MB)</p>
|
|
<input type="file" name="certificate" id="fileInput" accept=".jpg,.jpeg,.png,.pdf,.heic,.heif" hidden>
|
|
</div>
|
|
<div id="selectedFileName" class="mt-2 text-primary fw-bold small" style="min-height: 1.5em;"></div>
|
|
</div>
|
|
|
|
<div class="col-lg-5">
|
|
<div class="mb-3">
|
|
<label class="form-label fw-bold">Nome documento <span class="text-danger">*</span></label>
|
|
<input type="text" name="document_name" class="form-control" value="certificato" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label fw-bold">Data scadenza <span class="text-danger">*</span></label>
|
|
<input type="date" name="expiry_date" class="form-control" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label">Note (opzionale)</label>
|
|
<textarea name="notes" class="form-control" rows="2"></textarea>
|
|
</div>
|
|
<button type="submit" class="btn btn-primary w-100">
|
|
<i class="bx bx-upload me-2"></i> Carica Certificato
|
|
</button>
|
|
</div>
|
|
</div>
|
|
</form>
|
|
|
|
<!-- TABELLA CERTIFICATI -->
|
|
<?php if (empty($certificates)): ?>
|
|
<div class="text-center py-5 text-muted">
|
|
<i class="bx bx-file-blank bx-lg"></i>
|
|
<h5 class="mt-3">Nessun certificato caricato</h5>
|
|
</div>
|
|
<?php else: ?>
|
|
<h5 class="mt-5 mb-3">Certificati caricati (<?= count($certificates) ?>)</h5>
|
|
<div class="table-responsive">
|
|
<table class="table table-hover table-bordered align-middle">
|
|
<thead class="table-light">
|
|
<tr>
|
|
<th>Data caricamento</th>
|
|
<th>Nome documento / File</th>
|
|
<th>Scadenza</th>
|
|
<th>Note</th>
|
|
<th>Azioni</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<?php foreach ($certificates as $cert):
|
|
$file_url = '../' . $cert['stored_path'];
|
|
$expired = $cert['expiry_date'] && strtotime($cert['expiry_date']) < time();
|
|
?>
|
|
<tr>
|
|
<td><?= date('d/m/Y H:i', strtotime($cert['uploaded_at'])) ?></td>
|
|
<td>
|
|
<a href="<?= htmlspecialchars($file_url) ?>" target="_blank" class="file-link">
|
|
<?= htmlspecialchars($cert['document_name']) ?>
|
|
<br>
|
|
<small class="text-muted">(<?= htmlspecialchars($cert['filename']) ?>)</small>
|
|
</a>
|
|
</td>
|
|
<td class="<?= $expired ? 'expired' : '' ?>">
|
|
<?= $cert['expiry_date'] ? date('d/m/Y', strtotime($cert['expiry_date'])) : '—' ?>
|
|
<?= $expired ? '<br><small>SCADUTO</small>' : '' ?>
|
|
</td>
|
|
<td><?= $cert['notes'] ? nl2br(htmlspecialchars(substr($cert['notes'], 0, 100))) . (strlen($cert['notes']) > 100 ? '...' : '') : '—' ?></td>
|
|
<td class="text-center">
|
|
<a href="?delete=<?= $cert['id'] ?>" class="btn btn-sm btn-outline-danger delete-cert"
|
|
onclick="return confirm('Vuoi davvero eliminare questo certificato?');">
|
|
<i class="bx bx-trash"></i> Elimina
|
|
</a>
|
|
</td>
|
|
</tr>
|
|
<?php endforeach; ?>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
<?php endif; ?>
|
|
|
|
</div>
|
|
</div>
|
|
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<?php include('include/footer.php'); ?>
|
|
</div>
|
|
|
|
<?php include('jsinclude.php'); ?>
|
|
|
|
<script>
|
|
const dropzone = document.getElementById('dropzone');
|
|
const fileInput = document.getElementById('fileInput');
|
|
|
|
dropzone.addEventListener('click', () => fileInput.click());
|
|
|
|
dropzone.addEventListener('dragover', (e) => {
|
|
e.preventDefault();
|
|
dropzone.classList.add('dragover');
|
|
});
|
|
|
|
dropzone.addEventListener('dragleave', () => {
|
|
dropzone.classList.remove('dragover');
|
|
});
|
|
|
|
dropzone.addEventListener('drop', (e) => {
|
|
e.preventDefault();
|
|
dropzone.classList.remove('dragover');
|
|
if (e.dataTransfer.files.length > 0) {
|
|
fileInput.files = e.dataTransfer.files;
|
|
document.getElementById('uploadForm').submit();
|
|
}
|
|
});
|
|
fileInput.addEventListener('change', function() {
|
|
const fileNameDiv = document.getElementById('selectedFileName');
|
|
if (this.files.length > 0) {
|
|
fileNameDiv.textContent = 'File selezionato: ' + this.files[0].name;
|
|
fileNameDiv.classList.add('text-success');
|
|
} else {
|
|
fileNameDiv.textContent = '';
|
|
fileNameDiv.classList.remove('text-success');
|
|
}
|
|
});
|
|
</script>
|
|
</body>
|
|
|
|
</html>
|