zibo-dashboard/public/userarea/scadenzario/ajax/save_deadline.php

<?php
require_once(__DIR__ . '/auth_check.php');
header('Content-Type: application/json');
require_once(__DIR__ . '/../../class/db-functions.php');

try {
    $db = DBHandlerSelect::getInstance();
    $pdo = $db->getConnection();

    $id               = isset($_POST['id']) && is_numeric($_POST['id']) ? (int)$_POST['id'] : null;
    $subject_id       = isset($_POST['subject_id']) && is_numeric($_POST['subject_id']) && (int)$_POST['subject_id'] > 0 ? (int)$_POST['subject_id'] : null;
    $topic            = trim($_POST['topic'] ?? '');
    $law_regulation   = trim($_POST['law_regulation'] ?? '') ?: null;
    $recurrence_type  = $_POST['recurrence_type'] ?? 'once';
    $due_date         = $_POST['due_date'] ?? '';
    $check_date       = trim($_POST['check_date'] ?? '') ?: null;
    $document_date    = trim($_POST['document_date'] ?? '') ?: null;
    $notification_days = isset($_POST['notification_days']) && is_numeric($_POST['notification_days']) ? (int)$_POST['notification_days'] : 7;
    $storage_location = trim($_POST['storage_location'] ?? '') ?: null;
    $notes            = trim($_POST['notes'] ?? '') ?: null;
    $employee_ids     = $_POST['employee_ids'] ?? [];
    $department_names  = $_POST['department_names'] ?? [];

    // Validation
    if ($topic === '') {
        echo json_encode(['success' => false, 'message' => 'Il campo Tema è obbligatorio.']);
        exit;
    }
    if ($due_date === '' || !preg_match('/^\d{4}-\d{2}-\d{2}$/', $due_date)) {
        echo json_encode(['success' => false, 'message' => 'La data di scadenza è obbligatoria.']);
        exit;
    }

    $validRecurrences = ['once', 'monthly', 'quarterly', 'semiannual', 'annual', 'biennial', 'triennial', 'quadriennial', 'quinquennial', 'decennial', 'quindecennial'];
    if (!in_array($recurrence_type, $validRecurrences)) {
        $recurrence_type = 'once';
    }

    if (!is_array($employee_ids)) {
        $employee_ids = [];
    }
    $employee_ids = array_filter(array_map('intval', $employee_ids));

    if (!is_array($department_names)) {
        $department_names = [];
    }
    $department_names = array_filter(array_map('trim', $department_names));
    $departmentsStr = !empty($department_names) ? implode(', ', $department_names) : null;

    $pdo->beginTransaction();

    if ($id) {
        $stmt = $pdo->prepare("
            UPDATE scad_deadlines SET
                subject_id = ?, topic = ?, law_regulation = ?, recurrence_type = ?,
                due_date = ?, check_date = ?, document_date = ?, notification_days = ?,
                storage_location = ?, notes = ?, departments = ?
            WHERE id = ?
        ");
        $stmt->execute([
            $subject_id, $topic, $law_regulation, $recurrence_type,
            $due_date, $check_date, $document_date, $notification_days,
            $storage_location, $notes, $departmentsStr, $id
        ]);

        // Re-link employees
        $pdo->prepare("DELETE FROM scad_deadline_employee WHERE deadline_id = ?")->execute([$id]);

        // History
        $pdo->prepare("INSERT INTO scad_deadline_histories (deadline_id, user_id, action) VALUES (?, ?, 'updated')")
            ->execute([$id, $currentUserId ?: null]);

        $deadlineId = $id;
    } else {
        // INSERT
        $stmt = $pdo->prepare("
            INSERT INTO scad_deadlines
                (subject_id, topic, law_regulation, recurrence_type, due_date, check_date,
                 document_date, notification_days, storage_location, notes, created_by, departments)
            VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
        ");
        $stmt->execute([
            $subject_id, $topic, $law_regulation, $recurrence_type,
            $due_date, $check_date, $document_date, $notification_days,
            $storage_location, $notes, $currentUserId, $departmentsStr
        ]);

        $deadlineId = $pdo->lastInsertId();

        // History
        $pdo->prepare("INSERT INTO scad_deadline_histories (deadline_id, user_id, action) VALUES (?, ?, 'created')")
            ->execute([$deadlineId, $currentUserId ?: null]);
    }

    // Link employees
    if (!empty($employee_ids)) {
        $insertEmployee = $pdo->prepare("INSERT INTO scad_deadline_employee (deadline_id, employee_id) VALUES (?, ?)");
        foreach ($employee_ids as $empId) {
            $insertEmployee->execute([$deadlineId, $empId]);
        }
    }

    $pdo->commit();

    echo json_encode([
        'success' => true,
        'message' => $id ? 'Scadenza aggiornata con successo.' : 'Scadenza creata con successo.',
        'id' => $deadlineId
    ]);

} catch (Exception $e) {
    if (isset($pdo) && $pdo->inTransaction()) {
        $pdo->rollBack();
    }
    echo json_encode(['success' => false, 'message' => 'Errore: ' . $e->getMessage()]);
}