solocla/zibo-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added subroles and dpi association fixed all pages and migration

Browse Source
This commit is contained in:
Claudio
2026-06-04 12:17:17 +02:00
parent f7e97f55e9
commit b1f2bb60e3
20 changed files with 6125 additions and 638 deletions
Download Patch File Download Diff File Expand all files Collapse all files
public/userarea/ajax/employee_profile/delete_ppe.php
+33 -21
View File
@@ -1,26 +1,38 @@
<?php
require_once(__DIR__ . '/../hr_auth_check.php');
include('../../include/headscript.php');
header('Content-Type: application/json');
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
http_response_code(405);
echo json_encode(['success' => false, 'message' => 'Metodo non consentito.']);
exit;
}
$pdo = DBHandlerSelect::getInstance()->getConnection();
$id = (int)($_POST['id'] ?? 0);
if ($id <= 0) {
echo json_encode(['success' => false, 'message' => 'ID DPI non valido.']);
exit;
}
header('Content-Type: application/json; charset=utf-8');
try {
$stmt = $pdo->prepare("DELETE FROM employee_ppe WHERE id = :id");
$stmt->execute(['id' => $id]);
echo json_encode(['success' => true]);
} catch (Exception $e) {
echo json_encode(['success' => false, 'message' => $e->getMessage()]);
$pdo = DBHandlerSelect::getInstance()->getConnection();
$id = (int)($_POST['id'] ?? 0);
if ($id <= 0) {
echo json_encode([
'success' => false,
'message' => 'ID DPI non valido.'
]);
exit;
}
$stmt = $pdo->prepare("
UPDATE employee_ppe_items
SET status = 'returned',
updated_at = NOW()
WHERE id = ?
");
$stmt->execute([$id]);
echo json_encode([
'success' => true,
'message' => 'DPI rimosso correttamente.'
]);
exit;
} catch (Throwable $e) {
echo json_encode([
'success' => false,
'message' => $e->getMessage()
]);
exit;
}
public/userarea/ajax/employee_profile/save_ppe.php
+135 -64
View File
@@ -1,82 +1,153 @@
<?php
require_once(__DIR__ . '/../hr_auth_check.php');
include('../../include/headscript.php');
header('Content-Type: application/json');
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
http_response_code(405);
echo json_encode(['success' => false, 'message' => 'Metodo non consentito.']);
exit;
}
$pdo = DBHandlerSelect::getInstance()->getConnection();
$id = (int)($_POST['id'] ?? 0);
$employeeId = (int)($_POST['employee_id'] ?? 0);
$itemName = trim($_POST['item_name'] ?? '');
$deliveryDate = trim($_POST['delivery_date'] ?? '');
$deliveredBy = trim($_POST['delivered_by'] ?? '');
$notes = trim($_POST['notes'] ?? '');
if ($employeeId <= 0) {
echo json_encode(['success' => false, 'message' => 'ID dipendente non valido.']);
exit;
}
if ($itemName === '') {
echo json_encode(['success' => false, 'message' => 'Il nome del DPI è obbligatorio.']);
exit;
}
$deliveryDate = $deliveryDate === '' ? null : $deliveryDate;
$deliveredBy = $deliveredBy !== '' ? $deliveredBy : null;
$notes = $notes !== '' ? $notes : null;
header('Content-Type: application/json; charset=utf-8');
try {
if ($id > 0) {
$stmt = $pdo->prepare("
UPDATE employee_ppe
SET item_name = :item_name,
delivery_date = :delivery_date,
delivered_by = :delivered_by,
notes = :notes,
updated_at = NOW()
WHERE id = :id AND employee_id = :eid
");
$stmt->execute([
'item_name' => $itemName,
'delivery_date' => $deliveryDate,
'delivered_by' => $deliveredBy,
'notes' => $notes,
'id' => $id,
'eid' => $employeeId,
$pdo = DBHandlerSelect::getInstance()->getConnection();
$id = isset($_POST['id']) && $_POST['id'] !== '' ? (int)$_POST['id'] : null;
$employeeId = (int)($_POST['employee_id'] ?? 0);
$ppeItemId = (int)($_POST['ppe_item_id'] ?? 0);
$assignedDate = trim($_POST['assigned_date'] ?? '');
$expiryDate = trim($_POST['expiry_date'] ?? '');
$deliveredBy = trim($_POST['delivered_by'] ?? '');
$status = trim($_POST['status'] ?? 'assigned');
$notes = trim($_POST['notes'] ?? '');
$allowedStatuses = [
'assigned',
'returned',
'expired',
'lost',
'damaged',
];
if ($employeeId <= 0) {
echo json_encode([
'success' => false,
'message' => 'Dipendente non valido.'
]);
echo json_encode(['success' => true, 'id' => $id]);
exit;
}
$check = $pdo->prepare("SELECT COUNT(*) FROM employees WHERE id = :id");
$check->execute(['id' => $employeeId]);
if ((int)$check->fetchColumn() === 0) {
echo json_encode(['success' => false, 'message' => 'Dipendente non trovato.']);
if ($ppeItemId <= 0) {
echo json_encode([
'success' => false,
'message' => 'Selezionare un DPI.'
]);
exit;
}
if (!in_array($status, $allowedStatuses, true)) {
$status = 'assigned';
}
$checkEmployee = $pdo->prepare("SELECT id FROM employees WHERE id = ? LIMIT 1");
$checkEmployee->execute([$employeeId]);
if (!$checkEmployee->fetchColumn()) {
echo json_encode([
'success' => false,
'message' => 'Dipendente non trovato.'
]);
exit;
}
$checkPpe = $pdo->prepare("SELECT id FROM ppe_items WHERE id = ? LIMIT 1");
$checkPpe->execute([$ppeItemId]);
if (!$checkPpe->fetchColumn()) {
echo json_encode([
'success' => false,
'message' => 'DPI non trovato.'
]);
exit;
}
if ($id) {
$stmt = $pdo->prepare("
UPDATE employee_ppe_items
SET ppe_item_id = :ppe_item_id,
assigned_date = :assigned_date,
expiry_date = :expiry_date,
delivered_by = :delivered_by,
status = :status,
notes = :notes,
updated_at = NOW()
WHERE id = :id
AND employee_id = :employee_id
");
$stmt->execute([
'ppe_item_id' => $ppeItemId,
'assigned_date' => $assignedDate !== '' ? $assignedDate : null,
'expiry_date' => $expiryDate !== '' ? $expiryDate : null,
'delivered_by' => $deliveredBy !== '' ? $deliveredBy : null,
'status' => $status,
'notes' => $notes !== '' ? $notes : null,
'id' => $id,
'employee_id' => $employeeId,
]);
echo json_encode([
'success' => true,
'message' => 'DPI aggiornato.'
]);
exit;
}
$stmt = $pdo->prepare("
INSERT INTO employee_ppe
(employee_id, item_name, delivery_date, delivered_by, notes, created_by, created_at, updated_at)
INSERT INTO employee_ppe_items
(
employee_id,
ppe_item_id,
assigned_date,
expiry_date,
delivered_by,
quantity,
status,
notes,
created_by,
created_at,
updated_at
)
VALUES
(:employee_id, :item_name, :delivery_date, :delivered_by, :notes, :created_by, NOW(), NOW())
(
:employee_id,
:ppe_item_id,
:assigned_date,
:expiry_date,
:delivered_by,
1,
:status,
:notes,
:created_by,
NOW(),
NOW()
)
");
$stmt->execute([
'employee_id' => $employeeId,
'item_name' => $itemName,
'delivery_date' => $deliveryDate,
'delivered_by' => $deliveredBy,
'notes' => $notes,
'created_by' => $currentUserId,
'employee_id' => $employeeId,
'ppe_item_id' => $ppeItemId,
'assigned_date' => $assignedDate !== '' ? $assignedDate : null,
'expiry_date' => $expiryDate !== '' ? $expiryDate : null,
'delivered_by' => $deliveredBy !== '' ? $deliveredBy : null,
'status' => $status,
'notes' => $notes !== '' ? $notes : null,
'created_by' => isset($iduserlogin) ? (int)$iduserlogin : null,
]);
echo json_encode(['success' => true, 'id' => (int)$pdo->lastInsertId()]);
} catch (Exception $e) {
echo json_encode(['success' => false, 'message' => $e->getMessage()]);
echo json_encode([
'success' => true,
'message' => 'DPI assegnato.'
]);
exit;
} catch (Throwable $e) {
echo json_encode([
'success' => false,
'message' => $e->getMessage()
]);
exit;
}