solocla/yogiboook_new
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
yogiboook_new/public/userarea/add_teacher.php
solocla 7f7dff32d9 teacher
2026-01-21 10:29:37 +01:00

157 lines
5.8 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
// add_teacher.php
include('include/headscript.php');
require_once 'class/mailer.php';
$dbHandler = DBHandlerSelect::getInstance();
$pdo = $dbHandler->getConnection();
if (!isset($iduserlogin)) die("Accesso negato.");
$school_id = (int)($_POST['school_id'] ?? 0);
// Recupera scuola per email mittente
$stmt = $pdo->prepare("SELECT name, email FROM schools WHERE id = ?");
$stmt->execute([$school_id]);
$school = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$school) die("Scuola non trovata.");
$first_name = trim($_POST['first_name'] ?? '');
$last_name = trim($_POST['last_name'] ?? '');
$email = trim($_POST['email'] ?? '');
$phone = trim($_POST['phone'] ?? '');
$description = trim($_POST['description'] ?? '');
$specializations = trim($_POST['specializations'] ?? '');
// Validazione base
if (empty($first_name) || empty($last_name) || empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: teacher_list.php?error=Campi obbligatori mancanti o email non valida");
exit;
}
// Controlla se email esiste già
$stmt = $pdo->prepare("SELECT id, first_name, last_name FROM auth_users WHERE email = ? LIMIT 1");
$stmt->execute([$email]);
$existing = $stmt->fetch(PDO::FETCH_ASSOC);
if ($existing) {
// 1) Trova (o crea) la riga in teachers per questo auth_user
$stmtT = $pdo->prepare("SELECT id FROM teachers WHERE user_id = ? LIMIT 1");
$stmtT->execute([(int)$existing['id']]);
$teacherRow = $stmtT->fetch(PDO::FETCH_ASSOC);
if (!$teacherRow) {
$unique_code = bin2hex(random_bytes(8));
$insT = $pdo->prepare("
INSERT INTO teachers (user_id, unique_code, status, created_by)
VALUES (?, ?, 'active', ?)
");
$insT->execute([(int)$existing['id'], $unique_code, (int)$iduserlogin]);
$teacher_id = (int)$pdo->lastInsertId();
} else {
$teacher_id = (int)$teacherRow['id'];
}
// 2) Crea (o riusa) il link in teacher_schools come pending
$checkLink = $pdo->prepare("
SELECT id, status
FROM teacher_schools
WHERE teacher_id = ? AND school_id = ?
LIMIT 1
");
$checkLink->execute([$teacher_id, $school_id]);
$link = $checkLink->fetch(PDO::FETCH_ASSOC);
if ($link && $link['status'] === 'active') {
header("Location: teacher_list.php?error=Insegnante già collegata alla scuola.");
exit;
}
if ($link && $link['status'] === 'pending') {
$link_id = (int)$link['id'];
} else {
$insLink = $pdo->prepare("
INSERT INTO teacher_schools (teacher_id, school_id, status, created_at, updated_at)
VALUES (?, ?, 'pending', NOW(), NOW())
");
$insLink->execute([$teacher_id, $school_id]);
$link_id = (int)$pdo->lastInsertId();
}
// Email richiesta collegamento
$subject = "Richiesta di collegamento alla scuola {$school['name']}";
// ✅ NON cambio percorso base, aggiungo solo link_id
$confirmUrl = "http://localhost/yogiboook/public/userarea/confirm_teacher_link.php"
. "?email=" . urlencode($email)
. "&school_id={$school_id}"
. "&link_id={$link_id}";
$body = "
<h2>Ciao {$existing['first_name']},</h2>
<p>Il proprietario della scuola <strong>{$school['name']}</strong> vorrebbe collegarti alla sua struttura su YogiBoook.</p>
<p>Se accetti, comparirai nelle lezioni a te associate nella scuola.</p>
<p style='margin:30px 0;'>
<a href='{$confirmUrl}'
style='background:#0d6efd; color:white; padding:12px 24px; text-decoration:none; border-radius:6px;'>
Accetta collegamento
</a>
</p>
<p>Se non riconosci questa richiesta, ignora questa email.</p>
<p style='color:#666; font-size:0.9em;'>YogiBoook piattaforma per scuole yoga</p>
";
$result = sendEmail($email, $subject, $body);
if ($result['success']) {
header("Location: teacher_list.php?success=Insegnante esistente trovato! Email di richiesta collegamento inviata.");
} else {
header("Location: teacher_list.php?error=Insegnante esistente trovato, ma errore invio email: " . urlencode($result['message']));
}
exit;
}
// === Nuovo utente ===
$password = password_hash(bin2hex(random_bytes(12)), PASSWORD_DEFAULT);
$stmt = $pdo->prepare("
INSERT INTO auth_users (email, first_name, last_name, password, role_id, status, created_at)
VALUES (?, ?, ?, ?, 2, 'active', NOW())
");
$stmt->execute([$email, $first_name, $last_name, $password]);
$user_id = (int)$pdo->lastInsertId();
// Foto profilo (opzionale)
$profile_picture = null;
if (!empty($_FILES['profile_picture']['name']) && $_FILES['profile_picture']['error'] === UPLOAD_ERR_OK) {
$ext = strtolower(pathinfo($_FILES['profile_picture']['name'], PATHINFO_EXTENSION));
if (in_array($ext, ['jpg', 'jpeg', 'png', 'gif'])) {
$new_name = "phototeachers/{$user_id}-" . time() . "-profile.$ext";
if (move_uploaded_file($_FILES['profile_picture']['tmp_name'], $new_name)) {
$profile_picture = $new_name;
}
}
}
// Crea record teachers
$unique_code = bin2hex(random_bytes(8));
$stmt = $pdo->prepare("
INSERT INTO teachers
(user_id, unique_code, phone, description, specializations, profile_picture, status, created_by)
VALUES (?, ?, ?, ?, ?, ?, 'active', ?)
");
$stmt->execute([$user_id, $unique_code, $phone ?: null, $description, $specializations, $profile_picture, (int)$iduserlogin]);
$teacher_id = (int)$pdo->lastInsertId();
// Collega alla scuola (nuovo -> active diretto)
$stmt = $pdo->prepare("
INSERT INTO teacher_schools
(teacher_id, school_id, status, created_at, updated_at)
VALUES (?, ?, 'active', NOW(), NOW())
");
$stmt->execute([$teacher_id, $school_id]);
header("Location: teacher_list.php?success=Insegnante aggiunta con successo!");
exit;
Reference in New Issue View Git Blame Copy Permalink