user profile
This commit is contained in:
@@ -0,0 +1,89 @@
|
||||
<?php
|
||||
require_once(__DIR__ . '/../hr_auth_check.php');
|
||||
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
||||
http_response_code(405);
|
||||
echo json_encode(['success' => false, 'message' => 'Metodo non consentito.']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$pdo = DBHandlerSelect::getInstance()->getConnection();
|
||||
|
||||
$employeeId = (int)($_POST['employee_id'] ?? 0);
|
||||
$category = trim($_POST['category'] ?? 'other');
|
||||
$notes = trim($_POST['notes'] ?? '');
|
||||
|
||||
$allowedCategories = ['job_description', 'contract', 'rules', 'other'];
|
||||
if (!in_array($category, $allowedCategories, true)) {
|
||||
$category = 'other';
|
||||
}
|
||||
|
||||
if ($employeeId <= 0) {
|
||||
echo json_encode(['success' => false, 'message' => 'ID dipendente non valido.']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$check = $pdo->prepare("SELECT COUNT(*) FROM employees WHERE id = :id");
|
||||
$check->execute(['id' => $employeeId]);
|
||||
if ((int)$check->fetchColumn() === 0) {
|
||||
echo json_encode(['success' => false, 'message' => 'Dipendente non trovato.']);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (empty($_FILES['file']) || $_FILES['file']['error'] !== UPLOAD_ERR_OK) {
|
||||
$errCode = $_FILES['file']['error'] ?? -1;
|
||||
$msg = 'Errore nel caricamento del file.';
|
||||
if ($errCode === UPLOAD_ERR_INI_SIZE || $errCode === UPLOAD_ERR_FORM_SIZE) {
|
||||
$msg = 'Il file supera la dimensione massima consentita.';
|
||||
}
|
||||
echo json_encode(['success' => false, 'message' => $msg]);
|
||||
exit;
|
||||
}
|
||||
|
||||
$originalName = $_FILES['file']['name'];
|
||||
$tmpPath = $_FILES['file']['tmp_name'];
|
||||
$size = (int)$_FILES['file']['size'];
|
||||
$mimeType = mime_content_type($tmpPath) ?: ($_FILES['file']['type'] ?? null);
|
||||
|
||||
$dir = __DIR__ . '/../../files/employees/' . $employeeId . '/documents';
|
||||
if (!is_dir($dir)) {
|
||||
if (!mkdir($dir, 0775, true) && !is_dir($dir)) {
|
||||
echo json_encode(['success' => false, 'message' => 'Impossibile creare la cartella di destinazione.']);
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
$safeOriginal = preg_replace('/[^a-zA-Z0-9._-]/', '_', $originalName);
|
||||
$storedName = uniqid('doc_') . '_' . $safeOriginal;
|
||||
$destPath = $dir . '/' . $storedName;
|
||||
|
||||
if (!move_uploaded_file($tmpPath, $destPath)) {
|
||||
echo json_encode(['success' => false, 'message' => 'Impossibile salvare il file su disco.']);
|
||||
exit;
|
||||
}
|
||||
|
||||
try {
|
||||
$stmt = $pdo->prepare("
|
||||
INSERT INTO employee_documents
|
||||
(employee_id, category, original_name, stored_name, mime_type, size, notes, uploaded_by, created_at)
|
||||
VALUES
|
||||
(:employee_id, :category, :original_name, :stored_name, :mime_type, :size, :notes, :uploaded_by, NOW())
|
||||
");
|
||||
$stmt->execute([
|
||||
'employee_id' => $employeeId,
|
||||
'category' => $category,
|
||||
'original_name' => $originalName,
|
||||
'stored_name' => $storedName,
|
||||
'mime_type' => $mimeType,
|
||||
'size' => $size,
|
||||
'notes' => $notes !== '' ? $notes : null,
|
||||
'uploaded_by' => $currentUserId,
|
||||
]);
|
||||
|
||||
echo json_encode(['success' => true, 'id' => (int)$pdo->lastInsertId()]);
|
||||
} catch (Exception $e) {
|
||||
@unlink($destPath);
|
||||
echo json_encode(['success' => false, 'message' => $e->getMessage()]);
|
||||
}
|
||||
Reference in New Issue
Block a user