solocla/yogiboook_new
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
yogiboook_new/public/userarea/confirm_teacher_link.php
solocla 7f7dff32d9 teacher
2026-01-21 10:29:37 +01:00

200 lines
6.9 KiB
PHP
Raw Blame History

<?php
// public/userarea/confirm_teacher_link.php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
require_once('class/db-functions.php');
$dbHandler = DBHandlerSelect::getInstance();
$pdo = $dbHandler->getConnection();
$error = null;
$success = null;
$action_taken = false;
// Parametri dalla mail / form
$email = trim($_POST['email'] ?? $_GET['email'] ?? '');
$school_id = (int)($_POST['school_id'] ?? $_GET['school_id'] ?? 0);
$link_id = (int)($_POST['link_id'] ?? $_GET['link_id'] ?? 0);
// Validazione minima: o link_id valido, oppure email+school_id
if ($link_id <= 0) {
if (empty($email) || $school_id <= 0 || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
die("Link non valido. Parametri mancanti o email errata.");
}
}
// Recupera scuola (serve sempre per messaggi UI)
$school = null;
if ($school_id > 0) {
$stmt = $pdo->prepare("SELECT id, name FROM schools WHERE id = ?");
$stmt->execute([$school_id]);
$school = $stmt->fetch(PDO::FETCH_ASSOC);
}
// ✅ Se link_id NON c'è (vecchie mail), ricavalo dal pending usando email+school_id
if ($link_id <= 0 && $school) {
$stmt = $pdo->prepare("
SELECT ts.id
FROM teacher_schools ts
JOIN teachers t ON ts.teacher_id = t.id
JOIN auth_users u ON t.user_id = u.id
WHERE u.email = ?
AND ts.school_id = ?
AND ts.status = 'pending'
LIMIT 1
");
$stmt->execute([$email, $school_id]);
$tmp = $stmt->fetch(PDO::FETCH_ASSOC);
if ($tmp) {
$link_id = (int)$tmp['id'];
}
}
// Carica richiesta (solo pending) tramite link_id
$request = null;
if ($link_id > 0) {
$stmt = $pdo->prepare("
SELECT
ts.id, ts.status,
u.first_name, u.last_name,
s.id AS school_id, s.name AS school_name
FROM teacher_schools ts
JOIN schools s ON ts.school_id = s.id
JOIN teachers t ON ts.teacher_id = t.id
JOIN auth_users u ON t.user_id = u.id
WHERE ts.id = ?
LIMIT 1
");
$stmt->execute([$link_id]);
$request = $stmt->fetch(PDO::FETCH_ASSOC);
}
if (!$request || $request['status'] !== 'pending') {
$error = "Nessuna richiesta di collegamento in attesa (potrebbe essere già stata gestita).";
} else {
// Allinea school dalla request (così non dipendi da school_id passato)
$school = ['id' => (int)$request['school_id'], 'name' => $request['school_name']];
$teacher_name = trim(($request['first_name'] ?? '') . ' ' . ($request['last_name'] ?? ''));
}
// POST: accetta/rifiuta usando SOLO link_id
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) {
$link_id = (int)($_POST['link_id'] ?? 0);
$stmt = $pdo->prepare("
SELECT id
FROM teacher_schools
WHERE id = ? AND status = 'pending'
LIMIT 1
");
$stmt->execute([$link_id]);
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$row) {
$error = "Questa richiesta non è più disponibile (potrebbe essere già stata gestita).";
} else {
if ($_POST['action'] === 'accept') {
$stmt = $pdo->prepare("
UPDATE teacher_schools
SET status = 'active', updated_at = NOW()
WHERE id = ? AND status = 'pending'
");
$stmt->execute([$link_id]);
$success = "Collegamento accettato! Ora sei collegata alla scuola <strong>" . htmlspecialchars($school['name']) . "</strong>.";
$action_taken = true;
} elseif ($_POST['action'] === 'reject') {
$stmt = $pdo->prepare("DELETE FROM teacher_schools WHERE id = ? AND status = 'pending'");
$stmt->execute([$link_id]);
$success = "Hai rifiutato il collegamento con la scuola <strong>" . htmlspecialchars($school['name']) . "</strong>.";
$action_taken = true;
}
}
}
?>
<!doctype html>
<html lang="it">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Conferma Collegamento Scuola - YogiBoook</title>
<?php include(__DIR__ . '/cssinclude.php'); ?>
<style>
body {
background: #f8f9fa;
font-family: system-ui, sans-serif;
}
.confirm-container {
max-width: 600px;
margin: 80px auto;
padding: 40px;
background: white;
border-radius: 16px;
box-shadow: 0 10px 40px rgba(0, 0, 0, .1);
text-align: center;
}
.btn-lg {
padding: 14px 40px;
font-size: 1.15rem;
min-width: 180px;
}
.icon-big {
font-size: 4rem;
margin-bottom: 1.5rem;
}
</style>
</head>
<body>
<div class="confirm-container">
<?php if ($action_taken && $success): ?>
<i class="bx bx-check-circle text-success icon-big"></i>
<h3 class="mb-4">Operazione completata!</h3>
<p class="lead mb-5"><?= $success ?></p>
<p class="mb-4 text-muted">Per gestire le lezioni di questa scuola, accedi o registrati su YogiBoook.</p>
<div class="d-flex justify-content-center gap-3">
<a href="../login.php" class="btn btn-primary btn-lg">Accedi</a>
<a href="../register.php" class="btn btn-outline-primary btn-lg">Registrati</a>
</div>
<?php elseif (!empty($error)): ?>
<i class="bx bx-error-circle text-danger icon-big"></i>
<h3>Errore</h3>
<p class="lead"><?= htmlspecialchars($error) ?></p>
<a href="../login.php" class="btn btn-secondary mt-4">Torna al sito</a>
<?php else: ?>
<h3 class="mb-4">Richiesta di collegamento scuola</h3>
<p class="lead mb-4">Ciao <?= htmlspecialchars($teacher_name ?: 'insegnante') ?>,</p>
<p class="mb-5">
La scuola <strong><?= htmlspecialchars($school['name']) ?></strong> vorrebbe collegarti alla sua struttura su YogiBoook.
</p>
<p class="mb-4">Accettando, verrai visualizzata/o nelle lezioni della scuola.</p>
<form method="POST" class="d-flex justify-content-center gap-4">
<input type="hidden" name="email" value="<?= htmlspecialchars($email) ?>">
<input type="hidden" name="school_id" value="<?= (int)$school['id'] ?>">
<input type="hidden" name="link_id" value="<?= (int)$request['id'] ?>">
<button type="submit" name="action" value="accept" class="btn btn-success btn-lg">
<i class="bx bx-check me-2"></i> Accetta collegamento
</button>
<button type="submit" name="action" value="reject" class="btn btn-outline-danger btn-lg">
<i class="bx bx-x me-2"></i> Rifiuta
</button>
</form>
<?php endif; ?>
</div>
<?php include(__DIR__ . '/include/footer.php'); ?>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink