getConnection(); function jsonResponse(array $data): void { echo json_encode($data); exit; } function normalizeNullableInt($value): ?int { return (isset($value) && $value !== '') ? (int)$value : null; } try { $isHrManager = Auth::user()->hasRole('Admin') || Auth::user()->hasRole('Superuser') || Auth::user()->hasRole('employee-hr') || Auth::user()->hasRole('manager'); if (!$isHrManager) { jsonResponse(['success' => false, 'message' => 'Non autorizzato.']); } $employeeId = (int)($_POST['employee_id'] ?? 0); $firstName = trim($_POST['first_name'] ?? ''); $lastName = trim($_POST['last_name'] ?? ''); $employeeCode = trim($_POST['employee_code'] ?? ''); $hireDate = trim($_POST['hire_date'] ?? ''); $address = trim($_POST['address'] ?? ''); $phone = trim($_POST['phone'] ?? ''); $email = trim($_POST['email'] ?? ''); $departmentId = normalizeNullableInt($_POST['department_id'] ?? ''); $status = trim($_POST['status'] ?? 'active'); $authUserId = normalizeNullableInt($_POST['auth_user_id'] ?? ''); $roleId = normalizeNullableInt($_POST['role_id'] ?? ''); $jobSubRoleIds = $_POST['job_sub_role_ids'] ?? []; if (!is_array($jobSubRoleIds)) { $jobSubRoleIds = [$jobSubRoleIds]; } $jobSubRoleIds = array_values(array_unique(array_filter(array_map('intval', $jobSubRoleIds)))); if ($employeeId <= 0) { jsonResponse(['success' => false, 'message' => 'ID dipendente non valido.']); } if ($firstName === '' || $lastName === '') { jsonResponse(['success' => false, 'message' => 'Nome e cognome sono obbligatori.']); } if ($email !== '' && !filter_var($email, FILTER_VALIDATE_EMAIL)) { jsonResponse(['success' => false, 'message' => 'Email non valida.']); } if (!in_array($status, ['active', 'inactive', 'suspended'], true)) { $status = 'active'; } $stmtEmployee = $pdo->prepare('SELECT id FROM employees WHERE id = ? LIMIT 1'); $stmtEmployee->execute([$employeeId]); if (!$stmtEmployee->fetchColumn()) { jsonResponse(['success' => false, 'message' => 'Dipendente non trovato.']); } $primaryJobRoleId = null; $primaryJobSubRoleId = null; if ($jobSubRoleIds) { $placeholders = implode(',', array_fill(0, count($jobSubRoleIds), '?')); $stmtSubRoles = $pdo->prepare("\n SELECT id, job_role_id\n FROM job_sub_roles\n WHERE id IN ($placeholders)\n AND is_active = 1\n "); $stmtSubRoles->execute($jobSubRoleIds); $validRows = $stmtSubRoles->fetchAll(PDO::FETCH_ASSOC); $validMap = []; foreach ($validRows as $row) { $validMap[(int)$row['id']] = (int)$row['job_role_id']; } $jobSubRoleIds = array_values(array_filter($jobSubRoleIds, static function ($id) use ($validMap) { return isset($validMap[(int)$id]); })); if ($jobSubRoleIds) { $primaryJobSubRoleId = (int)$jobSubRoleIds[0]; $primaryJobRoleId = $validMap[$primaryJobSubRoleId] ?? null; } } $pdo->beginTransaction(); $stmt = $pdo->prepare("\n UPDATE employees\n SET first_name = :first_name,\n last_name = :last_name,\n employee_code = :employee_code,\n hire_date = :hire_date,\n address = :address,\n phone = :phone,\n email = :email,\n department_id = :department_id,\n job_role_id = :job_role_id,\n job_sub_role_id = :job_sub_role_id,\n status = :status,\n auth_user_id = :auth_user_id,\n updated_at = NOW()\n WHERE id = :employee_id\n "); $stmt->execute([ 'first_name' => $firstName, 'last_name' => $lastName, 'employee_code' => $employeeCode !== '' ? $employeeCode : null, 'hire_date' => $hireDate !== '' ? $hireDate : null, 'address' => $address !== '' ? $address : null, 'phone' => $phone !== '' ? $phone : null, 'email' => $email !== '' ? $email : null, 'department_id' => $departmentId, 'job_role_id' => $primaryJobRoleId, 'job_sub_role_id' => $primaryJobSubRoleId, 'status' => $status, 'auth_user_id' => $authUserId, 'employee_id' => $employeeId, ]); $stmtDelete = $pdo->prepare('DELETE FROM employee_job_sub_roles WHERE employee_id = ?'); $stmtDelete->execute([$employeeId]); if ($jobSubRoleIds) { $stmtInsert = $pdo->prepare("\n INSERT INTO employee_job_sub_roles\n (employee_id, job_sub_role_id, is_primary, created_at)\n VALUES\n (:employee_id, :job_sub_role_id, :is_primary, NOW())\n "); foreach ($jobSubRoleIds as $index => $jobSubRoleId) { $stmtInsert->execute([ 'employee_id' => $employeeId, 'job_sub_role_id' => (int)$jobSubRoleId, 'is_primary' => $index === 0 ? 1 : 0, ]); } } if ($authUserId !== null && $roleId !== null) { $checkRole = $pdo->prepare('SELECT COUNT(*) FROM auth_roles WHERE id = ?'); $checkRole->execute([$roleId]); if ((int)$checkRole->fetchColumn() > 0) { $stmtRole = $pdo->prepare('UPDATE auth_users SET role_id = :role_id, updated_at = NOW() WHERE id = :auth_user_id'); $stmtRole->execute([ 'role_id' => $roleId, 'auth_user_id' => $authUserId, ]); } } $pdo->commit(); jsonResponse(['success' => true]); } catch (Throwable $e) { if (isset($pdo) && $pdo->inTransaction()) { $pdo->rollBack(); } jsonResponse([ 'success' => false, 'message' => $e->getMessage(), ]); }