73 lines
2.5 KiB
PHP
73 lines
2.5 KiB
PHP
<?php
|
|
require_once(__DIR__ . '/auth_check.php');
|
|
header('Content-Type: application/json');
|
|
require_once(__DIR__ . '/../../class/db-functions.php');
|
|
|
|
try {
|
|
if (!isset($_POST['deadline_id']) || !is_numeric($_POST['deadline_id'])) {
|
|
echo json_encode(['success' => false, 'message' => 'ID scadenza non valido.']);
|
|
exit;
|
|
}
|
|
if (empty($_FILES['files']['name'][0])) {
|
|
echo json_encode(['success' => false, 'message' => 'Nessun file selezionato.']);
|
|
exit;
|
|
}
|
|
|
|
$deadlineId = (int)$_POST['deadline_id'];
|
|
|
|
$db = DBHandlerSelect::getInstance();
|
|
$pdo = $db->getConnection();
|
|
|
|
// Verify deadline exists
|
|
$check = $pdo->prepare("SELECT id FROM scad_deadlines WHERE id = ?");
|
|
$check->execute([$deadlineId]);
|
|
if (!$check->fetch()) {
|
|
echo json_encode(['success' => false, 'message' => 'Scadenza non trovata.']);
|
|
exit;
|
|
}
|
|
|
|
$uploadDir = __DIR__ . '/../attachments/';
|
|
if (!is_dir($uploadDir)) {
|
|
mkdir($uploadDir, 0755, true);
|
|
}
|
|
|
|
$inserted = [];
|
|
$pdo->beginTransaction();
|
|
|
|
$stmt = $pdo->prepare("
|
|
INSERT INTO scad_deadline_attachments (deadline_id, original_name, stored_name, mime_type, size, uploaded_by)
|
|
VALUES (?, ?, ?, ?, ?, ?)
|
|
");
|
|
$histStmt = $pdo->prepare("INSERT INTO scad_deadline_histories (deadline_id, user_id, action, notes) VALUES (?, ?, 'attachment_added', ?)");
|
|
|
|
$fileCount = count($_FILES['files']['name']);
|
|
for ($i = 0; $i < $fileCount; $i++) {
|
|
if ($_FILES['files']['error'][$i] !== UPLOAD_ERR_OK) continue;
|
|
|
|
$originalName = $_FILES['files']['name'][$i];
|
|
$mimeType = $_FILES['files']['type'][$i];
|
|
$size = $_FILES['files']['size'][$i];
|
|
$storedName = uniqid('att_') . '_' . preg_replace('/[^a-zA-Z0-9._-]/', '_', $originalName);
|
|
|
|
if (!move_uploaded_file($_FILES['files']['tmp_name'][$i], $uploadDir . $storedName)) {
|
|
continue;
|
|
}
|
|
|
|
$stmt->execute([$deadlineId, $originalName, $storedName, $mimeType, $size, $currentUserId]);
|
|
$histStmt->execute([$deadlineId, $currentUserId, $originalName]);
|
|
$inserted[] = ['id' => $pdo->lastInsertId(), 'original_name' => $originalName, 'stored_name' => $storedName];
|
|
}
|
|
|
|
$pdo->commit();
|
|
|
|
echo json_encode([
|
|
'success' => true,
|
|
'message' => count($inserted) . ' file caricato/i con successo.',
|
|
'files' => $inserted
|
|
]);
|
|
|
|
} catch (Exception $e) {
|
|
if (isset($pdo) && $pdo->inTransaction()) $pdo->rollBack();
|
|
echo json_encode(['success' => false, 'message' => 'Errore: ' . $e->getMessage()]);
|
|
}
|