zibo-dashboard/public/userarea/ajax/trainings/save_bulk_training.php

<?php
/**
 * Bulk-create training records: one employee_trainings row per selected employee,
 * all sharing the same course + parameters (a single training "session").
 * Mirrors the next_due_date logic of ajax/employee_profile/save_training.php.
 * HR-only.
 */
require_once(__DIR__ . '/../hr_auth_check.php');
header('Content-Type: application/json');

if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    http_response_code(405);
    echo json_encode(['success' => false, 'message' => 'Metodo non consentito.']);
    exit;
}

// $pdo and $currentUserId from hr_auth_check.php

$topicId       = (int)($_POST['training_topic_id'] ?? 0);
$completedDate = trim($_POST['completed_date'] ?? '');
$deliveredBy   = trim($_POST['delivered_by'] ?? '');
$description   = trim($_POST['description'] ?? '');
$trainingType  = trim($_POST['training_type'] ?? 'initial');
$freqRaw       = $_POST['update_frequency_months'] ?? '';
$remRaw        = $_POST['reminder_days'] ?? '';
$employeeIds   = $_POST['employee_ids'] ?? [];

if (!is_array($employeeIds)) {
    $employeeIds = [];
}
$employeeIds = array_values(array_unique(array_filter(array_map('intval', $employeeIds), fn($v) => $v > 0)));

if ($topicId <= 0) {
    echo json_encode(['success' => false, 'message' => 'Selezionare un corso.']);
    exit;
}
if ($completedDate === '' || !DateTime::createFromFormat('Y-m-d', $completedDate)) {
    echo json_encode(['success' => false, 'message' => 'La data di completamento è obbligatoria.']);
    exit;
}
if (empty($employeeIds)) {
    echo json_encode(['success' => false, 'message' => 'Selezionare almeno un dipendente.']);
    exit;
}
if (!in_array($trainingType, ['initial', 'refresher'], true)) {
    $trainingType = 'initial';
}

$topicStmt = $pdo->prepare("SELECT default_frequency_months, default_reminder_days FROM training_topics WHERE id = :id");
$topicStmt->execute(['id' => $topicId]);
$topic = $topicStmt->fetch(PDO::FETCH_ASSOC);
if (!$topic) {
    echo json_encode(['success' => false, 'message' => 'Corso non trovato.']);
    exit;
}

$freq = ($freqRaw === '' || $freqRaw === null) ? null : max(0, (int)$freqRaw);
$rem  = ($remRaw  === '' || $remRaw  === null) ? null : max(0, (int)$remRaw);

/* Effective frequency → next_due_date (same for every employee: same date + same frequency) */
$effFreq = $freq !== null ? $freq : ($topic['default_frequency_months'] !== null ? (int)$topic['default_frequency_months'] : null);
$nextDue = null;
if ($effFreq !== null && $effFreq > 0) {
    $d = DateTime::createFromFormat('Y-m-d', $completedDate);
    if ($d) {
        $d->modify('+' . (int)$effFreq . ' months');
        $nextDue = $d->format('Y-m-d');
    }
}

$deliveredBy = $deliveredBy !== '' ? $deliveredBy : null;
$description = $description !== '' ? $description : null;

try {
    $pdo->beginTransaction();

    // Only insert for employees that actually exist
    $checkEmp = $pdo->prepare("SELECT id FROM employees WHERE id = :id");

    $ins = $pdo->prepare("
        INSERT INTO employee_trainings
            (employee_id, training_topic_id, completed_date,
             delivered_by, description,
             training_type, update_frequency_months, reminder_days, next_due_date,
             created_by, created_at, updated_at)
        VALUES
            (:eid, :tid, :completed_date,
             :delivered_by, :description,
             :training_type, :freq, :rem, :next_due,
             :cb, NOW(), NOW())
    ");
    $logStmt = $pdo->prepare("
        INSERT INTO employee_training_log
            (employee_id, training_id, action, field, old_value, new_value, changed_by, changed_at)
        VALUES
            (:eid, :tid, 'created', NULL, NULL, NULL, :cb, NOW())
    ");

    $created = 0;
    foreach ($employeeIds as $eid) {
        $checkEmp->execute(['id' => $eid]);
        if (!$checkEmp->fetchColumn()) {
            continue;
        }
        $ins->execute([
            'eid'            => $eid,
            'tid'            => $topicId,
            'completed_date' => $completedDate,
            'delivered_by'   => $deliveredBy,
            'description'    => $description,
            'training_type'  => $trainingType,
            'freq'           => $freq,
            'rem'            => $rem,
            'next_due'       => $nextDue,
            'cb'             => $currentUserId,
        ]);
        $newId = (int)$pdo->lastInsertId();
        $logStmt->execute(['eid' => $eid, 'tid' => $newId, 'cb' => $currentUserId]);
        $created++;
    }

    $pdo->commit();
    echo json_encode([
        'success' => true,
        'created' => $created,
        'message' => $created . ' formazion' . ($created === 1 ? 'e registrata' : 'i registrate') . '.',
    ]);
} catch (Exception $e) {
    if ($pdo->inTransaction()) $pdo->rollBack();
    echo json_encode(['success' => false, 'message' => $e->getMessage()]);
}