60 lines
1.8 KiB
PHP
60 lines
1.8 KiB
PHP
<?php
|
|
require_once(__DIR__ . '/../hr_auth_check.php');
|
|
|
|
header('Content-Type: application/json');
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
|
http_response_code(405);
|
|
echo json_encode(['success' => false, 'message' => 'Metodo non consentito.']);
|
|
exit;
|
|
}
|
|
|
|
$pdo = DBHandlerSelect::getInstance()->getConnection();
|
|
|
|
$id = (int)($_POST['id'] ?? 0);
|
|
if ($id <= 0) {
|
|
echo json_encode(['success' => false, 'message' => 'ID allegato non valido.']);
|
|
exit;
|
|
}
|
|
|
|
$row = $pdo->prepare("
|
|
SELECT a.stored_name, a.original_name, a.training_id, t.employee_id
|
|
FROM employee_training_attachments a
|
|
JOIN employee_trainings t ON t.id = a.training_id
|
|
WHERE a.id = :id
|
|
LIMIT 1
|
|
");
|
|
$row->execute(['id' => $id]);
|
|
$att = $row->fetch(PDO::FETCH_ASSOC);
|
|
if (!$att) {
|
|
echo json_encode(['success' => false, 'message' => 'Allegato non trovato.']);
|
|
exit;
|
|
}
|
|
|
|
try {
|
|
$pdo->beginTransaction();
|
|
$pdo->prepare("DELETE FROM employee_training_attachments WHERE id = :id")->execute(['id' => $id]);
|
|
$pdo->prepare("
|
|
INSERT INTO employee_training_log
|
|
(employee_id, training_id, action, field, old_value, new_value, changed_by, changed_at)
|
|
VALUES
|
|
(:eid, :tid, 'attachment_deleted', 'attachment', :name, NULL, :cb, NOW())
|
|
")->execute([
|
|
'eid' => $att['employee_id'],
|
|
'tid' => $att['training_id'],
|
|
'name' => $att['original_name'],
|
|
'cb' => $currentUserId,
|
|
]);
|
|
$pdo->commit();
|
|
|
|
$path = __DIR__ . '/../../files/employees/' . (int)$att['employee_id'] . '/trainings/' . $att['stored_name'];
|
|
if (is_file($path)) {
|
|
@unlink($path);
|
|
}
|
|
|
|
echo json_encode(['success' => true]);
|
|
} catch (Exception $e) {
|
|
if ($pdo->inTransaction()) $pdo->rollBack();
|
|
echo json_encode(['success' => false, 'message' => $e->getMessage()]);
|
|
}
|