Finish compose and add license comments

Variabili dentro il file compose e alcuni fix
Fix configs.
2025-12-02 12:22:34 +01:00 · 2025-12-02 10:50:35 +01:00 · 2025-11-24 18:47:37 +01:00 · 2025-11-24 18:34:35 +01:00 · 2025-11-17 11:13:29 +01:00 · 2025-11-14 11:44:52 +01:00
28 changed files with 2148 additions and 705 deletions
--- a/16
+++ b/16
@@ -0,0 +1,16 @@
 FROM php:8.2-apache
 RUN docker-php-ext-install mysqli pdo pdo_mysql
 COPY htdocs/ /var/www/html/
 COPY docker/php/config.php /var/www/html/config/config.php
 RUN apt-get update && apt-get install -y \
    unzip \
    curl \
    git \
    && rm -rf /var/lib/apt/lists/*
 RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
 RUN composer --version
 WORKDIR /var/www/html/admin
 RUN composer install --no-interaction
 RUN chown -R www-data:www-data /var/www/html
 RUN a2enmod rewrite
 EXPOSE 80
--- a/README.md
+++ b/README.md
@@ -1,3 +1,6 @@
 ## AVVISO IMPORTANTE
 Questo è il ramo di SVILUPPO. È inteso per testare le ultime funzionalità e aiutarmi nello sviluppo. La stabilità e il funzionamento del codice non sono garantiti. Usare a proprio rischio e pericolo.
 # Orario Scuola
 Una piattaforma web per visualizzare gli orari scolastici delle classi, degli insegnanti e dei vari laboratori (se presenti)
@@ -26,7 +29,7 @@ sudo apt install -y composer php-cli curl php-mysql php-curl php-mbstring php-xm
 3. **Installa le dipendenze del pannello d'amministrazione**
 - Debian:
 ```bash
-cd /var/www/orario/admin
+cd /var/www/html/admin
 composer install
 ```
 - Windows (con XAMPP):
@@ -37,12 +40,12 @@ composer install
 4. **(opzionale) Genera una password hashata**
 - Debian
 ```bash
-cd /var/www/orario/utils
+cd orario/utils
 php generate_hash.php <password>
 ```
 - Windows:
 ```batch
-cd C:\xampp\htdocs\utils
+cd orario\utils
 C:\xampp\php\php.exe generate_hash.php <password>
 ```
 - Modifica quindi questa linea nel file ``schema.sql``, sostituendo l'hash predefinito con quello generato prima:
@@ -50,28 +53,112 @@ C:\xampp\php\php.exe generate_hash.php <password>
 VALUES ('admin', '$2y$10$IS9v8CJNJnRXslV1NWDSquAjJ0GgU1sm6spBmGp6mjTLiNApfGcQi');
 ```
 5. **Importa il file ``schema.sql`` nel tuo database MySQL**
-6. **Modifica il file ``db.php`` cambiando l'host, il nome utente e la password (necessari per la connessione al database MySQL)**
+- Esempio Debian:
- Esempio:
+```bash
-```php
+mysql -u root -p < orario/schema.sql
 $host = "localhost";
 $user = "utente";
 $pass = "password123";
 ```
-7. **Modifica ``admin/login.php`` e ``admin/logout.php`` con i dati di un'istanza keycloak. In caso tu voglia usare l'autenticazione via nome utente e password (e non keycloak), cancella quei due file e rinomina ``admin/login.php.backup`` in ``login.php`` e ``admin/logout.php.backup`` in ``logout.php``**
+
- Esempio (``login.php`` con keycloak):
+6. **Modifica il file ``config/config.php`` inserendo i valori richiesti**
 - Esempio file ``config/config.php``:
 ```php
-$oidc = new OpenIDConnectClient(
+<?php
-    'https://keycloak.local/realms/master/',
+// Impostazioni Database
-    'orario', // Client ID Keycloak
+if (!defined('DB_HOST')) {
-    'abcdefghijklmnop' // Client secret Keycloak
+    define('DB_HOST', 'localhost'); // Host del database (ad esempio localhost)
-);
+}
-$oidc->setRedirectURL('https://orario.local/admin/login.php'); // orario.local è il dominio base di questa piattaforma
+if (!defined('DB_USER')) {
    define('DB_USER', 'orario'); // Utente del database (ad esempio orario)
 }
 if (!defined('DB_PASS')) {
    define('DB_PASS', 'orario'); // Password dell'utente specificato prima (ad esempio password123)
 }
 if (!defined('DB_NAME')) {
    define('DB_NAME', 'school_timetable'); // Nome del database, non modificare se non sai cosa stai facendo.
 }
 // Impostazioni sito generali
 if (!defined('APP_NAME')) {
    define('APP_NAME', 'Orario Scuola'); // Nome del sito
 }
 if (!defined('YEAR')) {
    define('YEAR', '2025/26'); // Anno Scolastico Corrente
 }
 if (!defined('API_URL')) {
    define('API_URL', ''); // URL API di importazione, lascia vuoto per disabilitare. Esempio: http://localhost:3006/classe
 }
 if (!defined('DEV_MODE')) {
    define('DEV_MODE', false); // Modalita' di sviluppo: abilita messaggi di debug aggiuntivi. Imposta su false se sei in produzione
 }
 // Impostazioni autenticazione dashboard amministrativa
 if (!defined('AUTH_TYPE')) {
    define('AUTH_TYPE','local'); // Può essere local (integrata), keycloak
 }
 if (!defined('APP_DOMAIN')) {
    define('APP_DOMAIN',''); // Dominio del sito (ad esempio orario.yourdomain.com), richiesto per autenticazioni non local
 }
 // Impostazioni autenticazione via Keycloak (richiesto solo se AUTH_TYPE sta impostato su keycloak)
 if (AUTH_TYPE === 'keycloak') {
    if (!defined('KEYCLOAK_DOMAIN')) {
        define('KEYCLOAK_DOMAIN',''); // Dominio di Keycloak (ad esempio auth.yourdomain.com)
    }
    if (!defined('KEYCLOAK_REALM')) {
        define('KEYCLOAK_REALM',''); // Realm di Keycloak (ad esempio master)
    }
    if (!defined('KEYCLOAK_CLIENT_ID')) {
        define('KEYCLOAK_CLIENT_ID',''); // Client ID per Keycloak (ad esempio orario)
    }
    if (!defined('KEYCLOAK_CLIENT_SECRET')) {
        define('KEYCLOAK_CLIENT_SECRET',''); // Client Secret per Keycloak (ad esempio abcdefghijklm)
    }
    if (!defined('KEYCLOAK_ALLOWED_USERS')) {
        define('KEYCLOAK_ALLOWED_USERS',[]); // Contiene i nomi utente degli utenti autorizzati ad accedere all'amministrazione
    }
 }
 ?>
 ```
- Esempio (``logout.php`` con keycloak):
+7. **Apri ``http://localhost`` e goditi il sito**
-```php
+
-header('Location: https://keycloak.local/realms/master/protocol/openid-connect/logout?post_logout_redirect_uri=https://orario.local&client_id=orario');
+## Installazione con Docker
 1. Installa Curl, Git e Docker
 ```bash
 apt install curl git
 curl -fsSL https://get.docker.com | bash
 ```
 2. Compila e crea il container:
 ```bash
 git clone https://git.vichingo455.freeddns.org/emmev-code/orario
 cd orario
 git checkout dev # richiesto per passare alla versione di sviluppo
 docker compose up -d --build
 ```
 3. Il container dovrebbe diventare disponibile su ``http://localhost:8080``
 ### Personalizzare l'istanza
 Per cambiare le impostazioni dell'istanza basta aprire ``docker-compose.yml`` con un editor di testo e modificare le variabili d'ambiente:
 ```yaml
    environment:
      # --- Configuratione Database ---
      DB_HOST: db # Host database
      DB_USER: orario # Utente database
      DB_PASS: orario # Password dell'utente del database
      DB_NAME: school_timetable # Nome del database
      # --- Impostazioni sito ---
      APP_NAME: "Orario Scuola" # Nome del sito
      YEAR: "2025/26" # Anno scolastico corrente
      API_URL: "" # URL della API per l'importazione, lascia vuoto per disabilitare
      DEV_MODE: "false" # Abilita modalita' di sviluppo per output dettagliato.
      # --- Impostazioni Autenticazione ---
      AUTH_TYPE: "local" # Tipo di autenticazione: può essere local o keycloak
      APP_DOMAIN: "" # Dominio dell'app, ad esempio orario.tuosito.com
      # --- Impostazioni di Keycloak (solo se il tipo di autenticazione è Keycloak) ---
      KEYCLOAK_DOMAIN: "" # Dominio di Keycloak, ad esempio sso.tuosito.com
      KEYCLOAK_REALM: "" # Realm di Keycloak, ad esempio master
      KEYCLOAK_CLIENT_ID: "" # Client ID per Keycloak, ad esempio orario
      KEYCLOAK_CLIENT_SECRET: "" # Client Secret per Keycloak, ad esempio abcde12345
      KEYCLOAK_ALLOWED_USERS: '[]' # Nomi utente che possono accedere al pannello di controllo, lascia vuoto per consentire tutti gli utenti. Esempio: '["admin","prof","segreteria"]'
 ```
 8. **Apri ``http://localhost`` e goditi il sito**
 ## Segnalare un problema
 Per segnalare un problema puoi usare [Bugzilla](https://bugs.vichingo455.freeddns.org/describecomponents.cgi?product=Orario%20Scuola). Clicca [qui](https://bugs.vichingo455.freeddns.org/describecomponents.cgi?product=Orario%20Scuola) per andare a Bugzilla.
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -0,0 +1,46 @@
 services:
  web:
    build: .
    container_name: orario-web
    ports:
      - "8080:80"
    depends_on:
      - db
    restart: unless-stopped
    environment:
      # --- Configuratione Database ---
      DB_HOST: db # Host database
      DB_USER: orario # Utente database
      DB_PASS: orario # Password dell'utente del database
      DB_NAME: school_timetable # Nome del database
      # --- Impostazioni sito ---
      APP_NAME: "Orario Scuola" # Nome del sito
      YEAR: "2025/26" # Anno scolastico corrente
      API_URL: "" # URL della API per l'importazione, lascia vuoto per disabilitare
      DEV_MODE: "false" # Abilita modalita' di sviluppo per output dettagliato.
      # --- Impostazioni Autenticazione ---
      AUTH_TYPE: "local" # Tipo di autenticazione: può essere local o keycloak
      APP_DOMAIN: "" # Dominio dell'app, ad esempio orario.tuosito.com
      # --- Impostazioni di Keycloak (solo se il tipo di autenticazione è Keycloak) ---
      KEYCLOAK_DOMAIN: "" # Dominio di Keycloak, ad esempio sso.tuosito.com
      KEYCLOAK_REALM: "" # Realm di Keycloak, ad esempio master
      KEYCLOAK_CLIENT_ID: "" # Client ID per Keycloak, ad esempio orario
      KEYCLOAK_CLIENT_SECRET: "" # Client Secret per Keycloak, ad esempio abcde12345
      KEYCLOAK_ALLOWED_USERS: '[]' # Nomi utente che possono accedere al pannello di controllo, lascia vuoto per consentire tutti gli utenti. Esempio: '["admin","prof","segreteria"]'
  db:
    image: mariadb:11
    container_name: orario-db
    restart: unless-stopped
    environment:
      MYSQL_ROOT_PASSWORD: P@ssw0rd # Password dell'utente root del database
      MYSQL_DATABASE: school_timetable # Nome del database, da impostare in DB_NAME
      MYSQL_USER: orario # Utente del database, da impostare in DB_USER
      MYSQL_PASSWORD: orario # Password del database, da impostare in DB_PASS
    volumes:
      - db_data:/var/lib/mysql
      - ./schema.sql:/docker-entrypoint-initdb.d/init.sql:ro
 volumes:
  db_data:
--- a/docker/php/config.php
+++ b/docker/php/config.php
@@ -0,0 +1,147 @@
 <?php
 /*
 Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 // Impostazioni Database
 if (!defined('DB_HOST')) {
    $val = getenv('DB_HOST');
    if ($val !== false && $val !== '') {
        define('DB_HOST', $val);
    } else {
        define('DB_HOST', 'db');
    }
 }
 if (!defined('DB_USER')) {
    $val = getenv('DB_USER');
    if ($val !== false && $val !== '') {
        define('DB_USER', $val);
    } else {
        define('DB_USER', 'orario');
    }
 }
 if (!defined('DB_PASS')) {
    $val = getenv('DB_PASS');
    if ($val !== false && $val !== '') {
        define('DB_PASS', $val);
    } else {
        define('DB_PASS', 'orario');
    }
 }
 if (!defined('DB_NAME')) {
    $val = getenv('DB_NAME');
    if ($val !== false && $val !== '') {
        define('DB_NAME', $val);
    } else {
        define('DB_NAME', 'school_timetable');
    }
 }
 // Impostazioni sito generali
 if (!defined('APP_NAME')) {
    $val = getenv('APP_NAME');
    if ($val !== false && $val !== '') {
        define('APP_NAME', $val);
    } else {
        define('APP_NAME', 'Orario Scuola');
    }
 }
 if (!defined('YEAR')) {
    $val = getenv('YEAR');
    if ($val !== false && $val !== '') {
        define('YEAR', $val);
    } else {
        define('YEAR', '2025/26');
    }
 }
 if (!defined('API_URL')) {
    $val = getenv('API_URL');
    if ($val !== false && $val !== '') {
        define('API_URL', $val);
    } else {
        define('API_URL', '');
    }
 }
 if (!defined('DEV_MODE')) {
    $val = getenv('DEV_MODE');
    if ($val !== false && $val !== '') {
        define('DEV_MODE', $val);
    } else {
        define('DEV_MODE', false);
    }
 }
 // Impostazioni autenticazione dashboard amministrativa
 if (!defined('AUTH_TYPE')) {
    $val = getenv('AUTH_TYPE');
    if ($val !== false && $val !== '') {
        define('AUTH_TYPE', $val);
    } else {
        define('AUTH_TYPE','local');
    }
 }
 if (!defined('APP_DOMAIN')) {
    $val = getenv('APP_DOMAIN');
    if ($val !== false && $val !== '') {
        define('APP_DOMAIN', $val);
    } else {
        define('APP_DOMAIN','');
    }
 }
 // Impostazioni autenticazione via Keycloak (richiesto solo se AUTH_TYPE sta impostato su keycloak)
 if (AUTH_TYPE === 'keycloak') {
    if (!defined('KEYCLOAK_DOMAIN')) {
        $val = getenv('KEYCLOAK_DOMAIN');
        if ($val !== false && $val !== '') {
            define('KEYCLOAK_DOMAIN', $val);
        } else {
            define('KEYCLOAK_DOMAIN','');
        }
    }
    if (!defined('KEYCLOAK_REALM')) {
        $val = getenv('KEYCLOAK_REALM');
        if ($val !== false && $val !== '') {
            define('KEYCLOAK_REALM', $val);
        } else {
            define('KEYCLOAK_REALM','');
        }
    }
    if (!defined('KEYCLOAK_CLIENT_ID')) {
        $val = getenv('KEYCLOAK_CLIENT_ID');
        if ($val !== false && $val !== '') {
            define('DB_USER', $val);
        } else {
            define('KEYCLOAK_CLIENT_ID','');
        }
    }
    if (!defined('KEYCLOAK_CLIENT_SECRET')) {
        $val = getenv('KEYCLOAK_CLIENT_SECRET');
        if ($val !== false && $val !== '') {
            define('KEYCLOAK_CLIENT_SECRET', $val);
        } else {
            define('KEYCLOAK_CLIENT_SECRET','');
        }
    }
    if (!defined('KEYCLOAK_ALLOWED_USERS')) {
        $json = getenv('USERS');
        if ($json === false || trim($json) === '') {
            define('KEYCLOAK_ALLOWED_USERS',[]);
        }
        $users = json_decode($json, true);
        if (json_last_error() !== JSON_ERROR_NONE) {
            define('KEYCLOAK_ALLOWED_USERS',[]);
        }
        define('KEYCLOAK_ALLOWED_USERS',$users);
    }
 }
 ?>
--- a/docker/readme.txt
+++ b/docker/readme.txt
@@ -0,0 +1 @@
 These files are used by docker compose builder to create a working image in one command.
--- a/htdocs/admin/classes.php
+++ b/htdocs/admin/classes.php
@@ -1,7 +1,23 @@
 <?php
 /*
 Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 session_start();
 if (!isset($_SESSION['admin'])) { header("Location: login.php"); exit; }
-include("../db.php");
+include("../lib/db.php");
 if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['name'])) {
    $name = $_POST['name'];
@@ -49,7 +65,7 @@ if (isset($_GET['delete'])) {
        echo "<tr>
                <td>{$row['id']}</td>
                <td>{$row['name']}</td>
-                <td><a href='classes.php?delete={$row['id']}' class='delete-link'>Elimina</a></td>
+                <td><a href='classes.php?delete={$row['id']}' class='delete-link' onclick='return confirm(\"Sei sicuro di voler eliminare questa classe?\")'>Elimina</a></td>
              </tr>";
      }
      ?>
--- a/htdocs/admin/importer.php
+++ b/htdocs/admin/importer.php
@@ -0,0 +1,341 @@
 <?php
 /*
 Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 session_start();
 if (!isset($_SESSION['admin'])) { header("Location: login.php"); exit; }
 else if (!defined(API_URL) || API_URL == "") { header("Location: index.php"); exit; }
 include("../lib/db.php");
 $message = "";
 $messageType = "";
 // Gestione importazione
 if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST['import'])) {
    $classe_codice = trim($_POST['classe_codice']);
    $classe_id = intval($_POST['classe_id']);
    if (empty($classe_codice) || $classe_id === 0) {
        $message = "Compila tutti i campi obbligatori.";
        $messageType = "error";
    } else {
        try {
            // Chiama l'API Node.js
            $url = API_URL . "?classe=" . urlencode($classe_codice);
            $ch = curl_init();
            curl_setopt($ch, CURLOPT_URL, $url);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
            curl_setopt($ch, CURLOPT_TIMEOUT, 30);
            $response = curl_exec($ch);
            $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
            curl_close($ch);
            if ($httpCode !== 200) {
                throw new Exception("Errore nella chiamata API (HTTP $httpCode)");
            }
            $data = json_decode($response, true);
            if (!$data || !isset($data['giorni'])) {
                throw new Exception("Formato JSON non valido");
            }
            // Cancella l'orario esistente per questa classe
            $stmt = $conn->prepare("DELETE FROM timetable WHERE class_id = ?");
            $stmt->bind_param("i", $classe_id);
            $stmt->execute();
            $stmt->close();
            $inserimenti = 0;
            $materie_create = [];
            // Processa ogni giorno
            foreach ($data['giorni'] as $giorno => $ore) {
                foreach ($ore as $oraData) {
                    // Salta ore vuote
                    if ($oraData['materia'] === null) {
                        continue;
                    }
                    $ora = $oraData['ora'];
                    $materia = $oraData['materia'];
                    $docenti = $oraData['docenti'];
                    $laboratori = $oraData['laboratori']; // Ora è un array
                    // Se non ci sono docenti, salta (situazione anomala)
                    if (count($docenti) === 0) {
                        continue;
                    }
                    // Caso 1: Stesso numero di docenti e laboratori → associazione 1:1
                    if (count($docenti) === count($laboratori) && count($laboratori) > 0) {
                        foreach ($docenti as $idx => $docente) {
                            $laboratorio = $laboratori[$idx];
                            // Cerca/crea materia
                            $stmt = $conn->prepare("SELECT id FROM subjects WHERE name = ? AND teacher = ? AND room = ?");
                            $stmt->bind_param("sss", $materia, $docente, $laboratorio);
                            $stmt->execute();
                            $result = $stmt->get_result();
                            if ($result->num_rows > 0) {
                                $subject_id = $result->fetch_assoc()['id'];
                            } else {
                                $stmt2 = $conn->prepare("INSERT INTO subjects (name, teacher, room) VALUES (?, ?, ?)");
                                $stmt2->bind_param("sss", $materia, $docente, $laboratorio);
                                $stmt2->execute();
                                $subject_id = $conn->insert_id;
                                $stmt2->close();
                                $materie_create[] = "$materia ($docente - $laboratorio)";
                            }
                            $stmt->close();
                            // Inserisci in timetable
                            $stmt3 = $conn->prepare("INSERT INTO timetable (class_id, day, hour, subject_id) VALUES (?, ?, ?, ?)");
                            $stmt3->bind_param("isii", $classe_id, $giorno, $ora, $subject_id);
                            $stmt3->execute();
                            $stmt3->close();
                            $inserimenti++;
                        }
                    }
                    // Caso 2: Più docenti, un laboratorio (o nessuno) → stesso laboratorio per tutti
                    else if (count($laboratori) <= 1) {
                        $laboratorio = count($laboratori) > 0 ? $laboratori[0] : null;
                        foreach ($docenti as $docente) {
                            // Cerca/crea materia
                            if ($laboratorio) {
                                $stmt = $conn->prepare("SELECT id FROM subjects WHERE name = ? AND teacher = ? AND room = ?");
                                $stmt->bind_param("sss", $materia, $docente, $laboratorio);
                            } else {
                                $stmt = $conn->prepare("SELECT id FROM subjects WHERE name = ? AND teacher = ? AND (room IS NULL OR room = '')");
                                $stmt->bind_param("ss", $materia, $docente);
                            }
                            $stmt->execute();
                            $result = $stmt->get_result();
                            if ($result->num_rows > 0) {
                                $subject_id = $result->fetch_assoc()['id'];
                            } else {
                                $stmt2 = $conn->prepare("INSERT INTO subjects (name, teacher, room) VALUES (?, ?, ?)");
                                $stmt2->bind_param("sss", $materia, $docente, $laboratorio);
                                $stmt2->execute();
                                $subject_id = $conn->insert_id;
                                $stmt2->close();
                                $materie_create[] = "$materia ($docente" . ($laboratorio ? " - $laboratorio" : "") . ")";
                            }
                            $stmt->close();
                            // Inserisci in timetable
                            $stmt3 = $conn->prepare("INSERT INTO timetable (class_id, day, hour, subject_id) VALUES (?, ?, ?, ?)");
                            $stmt3->bind_param("isii", $classe_id, $giorno, $ora, $subject_id);
                            $stmt3->execute();
                            $stmt3->close();
                            $inserimenti++;
                        }
                    }
                    // Caso 3: Più laboratori che docenti → usa il primo laboratorio per tutti
                    else {
                        $laboratorio = $laboratori[0];
                        foreach ($docenti as $docente) {
                            $stmt = $conn->prepare("SELECT id FROM subjects WHERE name = ? AND teacher = ? AND room = ?");
                            $stmt->bind_param("sss", $materia, $docente, $laboratorio);
                            $stmt->execute();
                            $result = $stmt->get_result();
                            if ($result->num_rows > 0) {
                                $subject_id = $result->fetch_assoc()['id'];
                            } else {
                                $stmt2 = $conn->prepare("INSERT INTO subjects (name, teacher, room) VALUES (?, ?, ?)");
                                $stmt2->bind_param("sss", $materia, $docente, $laboratorio);
                                $stmt2->execute();
                                $subject_id = $conn->insert_id;
                                $stmt2->close();
                                $materie_create[] = "$materia ($docente - $laboratorio)";
                            }
                            $stmt->close();
                            $stmt3 = $conn->prepare("INSERT INTO timetable (class_id, day, hour, subject_id) VALUES (?, ?, ?, ?)");
                            $stmt3->bind_param("isii", $classe_id, $giorno, $ora, $subject_id);
                            $stmt3->execute();
                            $stmt3->close();
                            $inserimenti++;
                        }
                    }
                }
            }
            $message = "Importazione completata con successo!<br>";
            $message .= "- Inserite $inserimenti ore di lezione<br>";
            if (count($materie_create) > 0) {
                $message .= "- Create " . count($materie_create) . " nuove materie";
            }
            $messageType = "success";
        } catch (Exception $e) {
            $message = "Errore durante l'importazione: " . htmlspecialchars($e->getMessage());
            $messageType = "error";
        }
    }
 }
 ?>
 <!DOCTYPE html>
 <html>
 <head>
    <title>Importa Orario</title>
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <link rel="stylesheet" href="style.css">
    <style>
        .import-form {
            max-width: 600px;
            margin: 20px auto;
            padding: 20px;
            background: #f9f9f9;
            border-radius: 8px;
        }
        .form-group {
            margin-bottom: 15px;
        }
        .form-group label {
            display: block;
            margin-bottom: 5px;
            font-weight: bold;
        }
        .form-group input,
        .form-group select {
            width: 100%;
            padding: 8px;
            border: 1px solid #ccc;
            border-radius: 4px;
            box-sizing: border-box;
        }
        .form-group small {
            display: block;
            margin-top: 5px;
            color: #666;
            font-size: 0.9em;
        }
        .message {
            padding: 15px;
            margin: 20px 0;
            border-radius: 5px;
        }
        .message.success {
            background: #d4edda;
            color: #155724;
            border: 1px solid #c3e6cb;
        }
        .message.error {
            background: #f8d7da;
            color: #721c24;
            border: 1px solid #f5c6cb;
        }
        .warning-box {
            background: #fff3cd;
            border: 1px solid #ffc107;
            padding: 15px;
            margin: 20px 0;
            border-radius: 5px;
        }
        .warning-box strong {
            color: #856404;
        }
    </style>
 </head>
 <body>
 <div class="navbar">
    <div class="logo">Admin Dashboard</div>
    <div class="links">
        <a href="index.php">Dashboard</a>
        <a href="logout.php">Logout</a>
    </div>
 </div>
 <div class="admin-container">
    <h1>Importa Orario da Sistema Esterno</h1>
    <a href="index.php" class="back-link">⬅ Torna al Dashboard</a>
    <?php if ($message): ?>
        <div class="message <?php echo $messageType; ?>">
            <?php echo $message; ?>
        </div>
    <?php endif; ?>
    <div class="warning-box">
        <strong>Attenzione:</strong> L'importazione cancellerà l'orario esistente della classe selezionata 
        e lo sostituirà con i dati importati dal sistema esterno. 
        Verranno create automaticamente le materie mancanti.
    </div>
    <div class="import-form">
        <h2>Configura Importazione</h2>
        <form method="POST">
            <div class="form-group">
                <label for="classe_id">Classe di destinazione *</label>
                <select name="classe_id" id="classe_id" required>
                    <option value="">-- Seleziona classe --</option>
                    <?php
                    $res = $conn->query("SELECT * FROM classes ORDER BY name ASC");
                    while ($row = $res->fetch_assoc()) {
                        echo "<option value='{$row['id']}'>{$row['name']}</option>";
                    }
                    ?>
                </select>
                <small>Classe nel tuo database dove importare l'orario</small>
            </div>
            <div class="form-group">
                <label for="classe_codice">Codice classe sorgente *</label>
                <input type="text" name="classe_codice" id="classe_codice" 
                       placeholder="es: 1A, 2B, 3BIN..." required>
                <small>Codice della classe nel sistema esterno</small>
            </div>
            <button type="submit" name="import" style="width: 100%; padding: 12px; font-size: 16px;">
                🔄 Importa Orario
            </button>
        </form>
    </div>
    <div class="admin-container" style="margin-top: 30px;">
        <h3>Come funziona l'importazione</h3>
        <ol>
            <li>Assicurati che il server Node.js sia avviato (<code>node server.js</code>)</li>
            <li>Seleziona la classe di destinazione nel tuo database</li>
            <li>Inserisci il codice della classe nel sistema esterno (es: 3BIN, 1A, 5AINF)</li>
            <li>Clicca su "Importa Orario"</li>
            <li>Il sistema cancellerà l'orario esistente e importerà i nuovi dati</li>
        </ol>
        <h3>Gestione casi speciali</h3>
        <ul>
            <li><strong>Più docenti, più laboratori</strong>: Associazione 1:1 (docente1→lab1, docente2→lab2)</li>
            <li><strong>Più docenti, un laboratorio</strong>: Stesso laboratorio per tutti i docenti</li>
            <li><strong>Più docenti, nessun laboratorio</strong>: Nessun laboratorio per tutti</li>
            <li><strong>Un docente, più laboratori</strong>: Viene usato il primo laboratorio</li>
        </ul>
    </div>
    <p style="text-align: center; margin-top: 30px;">
        Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.
    </p>
 </div>
 </body>
 </html>
--- a/htdocs/admin/index.php
+++ b/htdocs/admin/index.php
@@ -1,4 +1,21 @@
 <?php
 /*
 Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 include_once __DIR__ . '/../config/config.php';
 session_start();
 if (!isset($_SESSION['admin'])) {
    header("Location: login.php");
@@ -24,12 +41,26 @@ if (!isset($_SESSION['admin'])) {
  <!-- Contenuto Dashboard -->
  <div class="dashboard">
-    <h1>Benvenuto, <?php echo $_SESSION['admin']; ?>!</h1>
+    <h1>Benvenuto, <?php echo htmlspecialchars($_SESSION['admin']); ?>!</h1>
    <p>
      <a href="classes.php">Gestisci Classi</a>
      <a href="subjects.php">Gestisci Materie</a>
      <a href="timetable.php">Gestisci Orario</a>
-      <!--<a href="logout.php">Logout</a>-->
+      <?php
          if (defined(API_URL) || API_URL != "") {
            echo '<a href="importer.php" style="background: #28a745;">🔄 Importa Orario</a>';
          }
      ?>
      <?php
      if ($_SESSION['auth_type'] === 'local') {
        echo '<a href="password.php">Cambia Password</a>';
      }
      ?>
      <?php
      if ($_SESSION['auth_type'] === 'local' && $_SESSION['admin'] === 'admin') {
        echo '<a href="users.php">Gestisci Amministratori</a>';
      }
      ?>
    </p>
    <p>
      Nota: Questa pagina si vede meglio da computer desktop. Se sei da computer, puoi ignorare questo messaggio.
@@ -38,4 +69,3 @@ if (!isset($_SESSION['admin'])) {
  </div>
 </body>
 </html>
--- a/htdocs/admin/login.php
+++ b/htdocs/admin/login.php
@@ -1,18 +1,163 @@
 <?php
-require 'vendor/autoload.php';
+/*
-use Jumbojett\OpenIDConnectClient;
+Orario Scuola, Copyright (C) 2025 EmmeV.
 session_start();
 // Configura il client Keycloak
 $oidc = new OpenIDConnectClient(
    'https://<KEYCLOAK_URL>/realms/<REALM>/',
    '<CLIENT_ID>',
    '<CLIENT_SECRET>'
 );
 // Redirect post-login
 $oidc->setRedirectURL('https://<APP_DOMAIN>/admin/login.php');
-$oidc->authenticate();
+This program is free software: you can redistribute it and/or modify
-$userinfo = $oidc->getVerifiedClaims();
+it under the terms of the GNU Affero General Public License as published by
-$_SESSION['admin'] = $userinfo->preferred_username;
+the Free Software Foundation, either version 3 of the License, or
-header("Location: index.php");
+(at your option) any later version.
-exit;
+
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 use Jumbojett\OpenIDConnectClient;
 require 'vendor/autoload.php';
 session_start();
 include("../lib/db.php");
 if (isset($_SESSION['admin'])) { header("Location: index.php"); exit; }
 if ($_SERVER["REQUEST_METHOD"] == "POST" && AUTH_TYPE == 'local') {
    try {
      $username = $_POST['username'];
      $password = $_POST['password'];
      $stmt = $conn->prepare("SELECT * FROM admin WHERE username = ?");
      $stmt->bind_param("s", $username);
      $stmt->execute();
      $res = $stmt->get_result();
      if ($row = $res->fetch_assoc()) {
          if (password_verify($password, $row['password'])) {
            $_SESSION['admin'] = $row['username'];
            $_SESSION['auth_type'] = 'local';
            header("Location: index.php");
            exit;
          }
      }
      $error = "Credenziali non valide";
    } catch (Exception $e) {
      $error = "Errore durante l'autenticazione. Potrebbe essere un problema con PHP oppure col database. Ulteriori dettagli: " . $e;
    }
 }
 if (AUTH_TYPE == 'local') {
 echo <<<HTML
 <!DOCTYPE html>
 <html>
 <head>
  <title>Login Admin</title>
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <link rel="stylesheet" href="style.css">
 </head>
 <body>
  <div class="navbar">
    <div class="logo">Admin Dashboard</div>
    <div class="links">
      <a href="/">Torna al sito</a>
    </div>
  </div>
  <!-- Container login -->
  <div class="login-container">
    <h1>Login Admin</h1>
    <form method="post">
      <input type="text" name="username" placeholder="Username" required><br>
      <input type="password" name="password" placeholder="Password" required><br>
      <button type="submit">Login</button>
    </form>
 HTML;
 if(isset($error)) echo "<br><div class='error'>$error</div>";
 echo <<<HTML
 </div>
 <p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
 </body>
 </html>
 HTML;
 }
 else if (AUTH_TYPE === 'keycloak') {
  try {
    // Configura il client Keycloak
  $oidc = new OpenIDConnectClient(
    'https://' . KEYCLOAK_DOMAIN . '/realms/' . KEYCLOAK_REALM . '/',
    KEYCLOAK_CLIENT_ID,
    KEYCLOAK_CLIENT_SECRET
  );
  // Redirect post-login
  $oidc->setRedirectURL('https://' . APP_DOMAIN . '/admin/login.php');
  $oidc->authenticate();
  $userinfo = $oidc->getVerifiedClaims();
  if (in_array($userinfo->preferred_username, KEYCLOAK_ALLOWED_USERS, true) || empty(KEYCLOAK_ALLOWED_USERS)) {
    $_SESSION['admin'] = $userinfo->preferred_username;
    $_SESSION['auth_type'] = 'keycloak';
    header("Location: index.php");
    exit;
  } else {
    http_response_code(403);
    echo <<<HTML
 <!DOCTYPE html>
 <html>
 <head>
  <title>Login Admin</title>
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <link rel="stylesheet" href="style.css">
 </head>
 <body>
  <div class="navbar">
    <div class="logo">Admin Dashboard</div>
    <div class="links">
      <a href="/">Torna al sito</a>
    </div>
  </div>
  <!-- Container login -->
  <div class="login-container">
    <h1>Login Admin</h1>
 <br><div class='error'>Non sei autorizzato ad accedere a questa parte del sito.</div>
 </div>
 <p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
 </body>
 </html>
 HTML;
    exit;
  }
  } catch (Exception $e) {
    http_response_code(500);
      echo <<<HTML
 <!DOCTYPE html>
 <html>
 <head>
  <title>Login Admin</title>
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <link rel="stylesheet" href="style.css">
 </head>
 <body>
  <div class="navbar">
    <div class="logo">Admin Dashboard</div>
    <div class="links">
      <a href="/">Torna al sito</a>
    </div>
  </div>
  <!-- Container login -->
  <div class="login-container">
    <h1>Login Admin</h1>
 HTML;
 if (DEV_MODE) {
  echo "<br><div class='error'>Errore durante l'autenticazione con Keycloak. Assicurati di avere impostato i vari parametri correttamente. Ulteriori dettagli: " . $e . "</div>";
 } else {
  echo "<br><div class='error'>Errore durante l'autenticazione con Keycloak. Contatta l'amministratore del sito.</div>";
 }
 echo <<<HTML
 </div>
 <p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
 </body>
 </html>
 HTML;
    exit;
  }
 }
 ?>
--- a/htdocs/admin/login.php.backup
+++ b/htdocs/admin/login.php.backup
@@ -1,50 +0,0 @@
 <?php
 session_start();
 include("../db.php");
 if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $username = $_POST['username'];
    $password = $_POST['password'];
    $stmt = $conn->prepare("SELECT * FROM admin WHERE username = ?");
    $stmt->bind_param("s", $username);
    $stmt->execute();
    $res = $stmt->get_result();
    if ($row = $res->fetch_assoc()) {
        if (password_verify($password, $row['password'])) {
            $_SESSION['admin'] = $row['username'];
            header("Location: index.php");
            exit;
        }
    }
    $error = "Credenziali non valide";
 }
 ?>
 <!DOCTYPE html>
 <html>
 <head>
  <title>Login Admin</title>
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <link rel="stylesheet" href="style.css">
 </head>
 <body>
  <div class="navbar">
    <div class="logo">Admin Dashboard</div>
    <div class="links">
      <a href="/">Torna al sito</a>
    </div>
  </div>
  <!-- Container login -->
  <div class="login-container">
    <h1>Login Admin</h1>
    <?php if(isset($error)) echo "<div class='error'>$error</div>"; ?>
    <form method="post">
      <input type="text" name="username" placeholder="Username" required><br>
      <input type="password" name="password" placeholder="Password" required><br>
      <button type="submit">Login</button>
    </form>
  </div>
 <p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
 </body>
 </html>
--- a/htdocs/admin/logout.php
+++ b/htdocs/admin/logout.php
@@ -1,5 +1,25 @@
 <?php
 /*
 Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 include("../config/config.php");
 session_start();
 session_destroy();
-header('Location: https://<KEYCLOAK_URL>/realms/<REALM>/protocol/openid-connect/logout?post_logout_redirect_uri=https://<APP_DOMAIN>&client_id=<CLIENT_ID>');
+if (AUTH_TYPE === 'local')
-exit;
+    header("Location: /index.php");
 else if (AUTH_TYPE === 'keycloak')
    header('Location: https://' . KEYCLOAK_DOMAIN . '/realms/' . KEYCLOAK_REALM . '/protocol/openid-connect/logout?post_logout_redirect_uri=https://' . APP_DOMAIN + '&client_id=' . KEYCLOAK_CLIENT_ID);
 ?>
--- a/htdocs/admin/logout.php.backup
+++ b/htdocs/admin/logout.php.backup
@@ -1,5 +0,0 @@
 <?php
 session_start();
 session_destroy();
 header("Location: /index.php");
 ?>
--- a/htdocs/admin/password.php
+++ b/htdocs/admin/password.php
@@ -0,0 +1,98 @@
 <?php
 /*
 Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 session_start();
 include("../lib/db.php");
 if (!isset($_SESSION['admin']) || $_SESSION['auth_type'] != 'local') {
    header("Location: login.php");
    exit;
 }
 $message = '';
 if ($_SERVER["REQUEST_METHOD"] === "POST") {
    $old = $_POST['old_password'];
    $new = $_POST['new_password'];
    $confirm = $_POST['confirm_password'];
    $user = $_SESSION['admin'];
    if ($new !== $confirm) {
        $message = "Le nuove password non coincidono.";
    } else {
        // Recupera hash password attuale
        $stmt = $conn->prepare("SELECT password FROM admin WHERE username = ?");
        $stmt->bind_param("s", $user);
        $stmt->execute();
        $res = $stmt->get_result();
        $row = $res->fetch_assoc();
        if ($row && password_verify($old, $row['password'])) {
            $newHash = password_hash($new, PASSWORD_DEFAULT);
            $stmt = $conn->prepare("UPDATE admin SET password = ? WHERE username = ?");
            $stmt->bind_param("ss", $newHash, $user);
            $stmt->execute();
            $message = "Password cambiata con successo.";
        } else {
            $message = "Password attuale errata.";
        }
    }
 }
 ?>
 <!DOCTYPE html>
 <html>
 <head>
    <title>Cambia Password</title>
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <link rel="stylesheet" href="style.css">
 </head>
 <body>
 <div class="navbar">
    <div class="logo">Admin Dashboard</div>
    <div class="links">
        <a href="index.php">Dashboard</a>
        <a href="logout.php">Logout</a>
    </div>
 </div>
 <div class="admin-container">
    <h1>Cambia Password</h1>
    <a href="index.php" class="back-link">⬅ Torna al Dashboard</a>
    <form method="POST">
        <label>Password attuale:<br>
            <input type="password" name="old_password" required>
        </label><br><br>
        <label>Nuova password:<br>
            <input type="password" name="new_password" required>
        </label><br><br>
        <label>Conferma nuova password:<br>
            <input type="password" name="confirm_password" required>
        </label><br><br>
        <button type="submit">Cambia password</button>
    </form>
        <?php if ($message): ?>
        <p style="color:<?php echo strpos($message,'successo')!==false ? 'green':'red'; ?>;"><?php echo $message; ?></p>
    <?php endif; ?>
 </div>
 </body>
 </html>
--- a/htdocs/admin/style.css
+++ b/htdocs/admin/style.css
@@ -1,4 +1,20 @@
-/* Body e font */
+/*
 Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 /* ===== BASE ===== */
 body {
  font-family: Arial, sans-serif;
  background-color: #f0f2f5;
@@ -7,7 +23,7 @@ body {
  padding: 20px;
 }
-/* Navbar */
+/* ===== NAVBAR ===== */
 .navbar {
  background-color: #2c3e50;
  padding: 10px 20px;
@@ -20,6 +36,15 @@ body {
  box-shadow: 0 2px 5px rgba(0,0,0,0.1);
 }
 .navbar.text-center {
  justify-content: center;
 }
 .navbar .logo {
  font-size: 1.3em;
  font-weight: bold;
 }
 .navbar a {
  color: #fff;
  text-decoration: none;
@@ -32,27 +57,38 @@ body {
  color: #f39c12;
 }
-.navbar .logo {
+/* ===== CONTAINERS ===== */
-  font-size: 1.3em;
+.dashboard,
-  font-weight: bold;
+.admin-container,
-}
+.login-container {
 /* Dashboard container */
 .dashboard {
  max-width: 800px;
  margin: 0 auto;
  text-align: center;
  background: #fff;
  padding: 30px;
  border-radius: 10px;
  box-shadow: 0 2px 10px rgba(0,0,0,0.1);
 }
-.dashboard h1 {
+.login-container {
-  margin-bottom: 20px;
+  max-width: 400px;
-  color: #2c3e50;
+  margin: 80px auto;
  text-align: center;
 }
 .dashboard {
  text-align: center;
 }
 /* ===== HEADINGS ===== */
 .dashboard h1,
 .admin-container h1,
 .login-container h1 {
  margin-bottom: 20px;
  color: #2c3e50;
  text-align: center;
 }
 /* ===== LINKS ===== */
 .dashboard a {
  display: inline-block;
  margin: 10px;
@@ -66,26 +102,8 @@ body {
 .dashboard a:hover {
  background-color: #f39c12;
  color: #fff;
 }
 /* Container principale */
 .admin-container {
  max-width: 800px;
  margin: 0 auto;
  background: #fff;
  padding: 30px;
  border-radius: 10px;
  box-shadow: 0 2px 10px rgba(0,0,0,0.1);
 }
 /* Titolo */
 .admin-container h1 {
  text-align: center;
  color: #2c3e50;
  margin-bottom: 20px;
 }
 /* Link ritorno */
 .admin-container a.back-link {
  display: inline-block;
  margin-bottom: 15px;
@@ -98,54 +116,6 @@ body {
  color: #f39c12;
 }
 /* Form aggiungi classe */
 .admin-container form {
  margin-bottom: 20px;
  text-align: center;
 }
 .admin-container input[type="text"] {
  padding: 8px 12px;
  border: 1px solid #ccc;
  border-radius: 6px;
  width: 200px;
  margin-right: 10px;
 }
 .admin-container button {
  padding: 8px 15px;
  border: none;
  background-color: #1f618d;
  color: #fff;
  border-radius: 6px;
  cursor: pointer;
  transition: background-color 0.2s;
 }
 .admin-container button:hover {
  background-color: #f39c12;
 }
 /* Tabella */
 .admin-container table {
  width: 100%;
  border-collapse: collapse;
 }
 .admin-container th, .admin-container td {
  border: 1px solid #ccc;
  padding: 10px;
  text-align: center;
 }
 .admin-container th {
  background-color: #eee;
 }
 .admin-container tr:hover td {
  background-color: #f7f7f7;
 }
 .admin-container a.delete-link {
  color: #e74c3c;
  font-weight: bold;
@@ -156,125 +126,34 @@ body {
 .admin-container a.delete-link:hover {
  color: #c0392b;
 }
 /* Login container */
 .login-container {
  max-width: 400px;
  margin: 80px auto;
  background: #fff;
  padding: 30px;
  border-radius: 10px;
  box-shadow: 0 2px 10px rgba(0,0,0,0.1);
  text-align: center;
 }
-/* Titolo */
+.admin-container a.edit-link {
-.login-container h1 {
+  color: #4d5cdb;
  margin-bottom: 20px;
  color: #2c3e50;
 }
 /* Input */
 .login-container input[type="text"],
 .login-container input[type="password"] {
  width: 90%;
  padding: 10px;
  margin: 10px 0;
  border-radius: 6px;
  border: 1px solid #ccc;
  font-size: 1em;
 }
 /* Pulsante */
 .login-container button {
  padding: 10px 20px;
  background-color: #1f618d;
  color: #fff;
  border: none;
  border-radius: 6px;
  cursor: pointer;
  transition: background-color 0.2s;
  font-size: 1em;
 }
 .login-container button:hover {
  background-color: #f39c12;
  color: #fff;
 }
 /* Messaggio errore */
 .login-container .error {
  color: #e74c3c;
  font-weight: bold;
  margin-bottom: 10px;
 }
 /* Navbar minima per login */
 .navbar {
  background-color: #2c3e50;
  padding: 10px 20px;
  color: #fff;
  text-align: center;
  border-radius: 0 0 10px 10px;
  margin-bottom: 30px;
 }
 /* Riutilizziamo .admin-container, h1, navbar già definiti */
 /* Form Gestione Materie */
 .admin-container form input[type="text"] {
  padding: 8px 12px;
  border: 1px solid #ccc;
  border-radius: 6px;
  margin: 5px;
  width: 200px;
 }
 .admin-container form button {
  padding: 8px 20px;
  background-color: #1f618d;
  color: #fff;
  border: none;
  border-radius: 6px;
  cursor: pointer;
  transition: background-color 0.2s;
 }
 .admin-container form button:hover {
  background-color: #f39c12;
  color: #fff;
 }
 /* Tabella Materie */
 .admin-container table {
  width: 100%;
  border-collapse: collapse;
  margin-top: 15px;
 }
 .admin-container th, .admin-container td {
  border: 1px solid #ccc;
  padding: 10px;
  text-align: center;
 }
 .admin-container th {
  background-color: #eee;
 }
 .admin-container tr:hover td {
  background-color: #f7f7f7;
 }
 .admin-container a.delete-link {
  color: #e74c3c;
  font-weight: bold;
  text-decoration: none;
  transition: color 0.2s;
 }
-.admin-container a.delete-link:hover {
+.admin-container a.edit-link:hover {
-  color: #c0392b;
+  color: #3a2bc0;
 }
-/* Form gestione orario */
+
 .admin-container form a.cancel-edit {
  display: inline-block;
  margin: 10px;
  padding: 12px 25px;
  background-color: #1f618d;
  color: #fff;
  text-decoration: none;
  border-radius: 8px;
  transition: background-color 0.2s;
 }
 .admin-container form a.cancel-edit:hover {
  background-color: #f39c12;
 }
 /* ===== FORMS ===== */
 .admin-container form {
  display: flex;
  flex-wrap: wrap;
@@ -283,6 +162,28 @@ body {
  margin-bottom: 20px;
 }
 .admin-container input[type="text"],
 .admin-container input[type="password"],
 .login-container input[type="text"],
 .login-container input[type="password"] {
  padding: 10px 12px;
  border: 1px solid #ccc;
  border-radius: 6px;
  font-size: 1em;
 }
 .admin-container input[type="text"],
 .admin-container input[type="password"] {
  width: 200px;
  margin: 5px;
 }
 .login-container input[type="text"],
 .login-container input[type="password"] {
  width: 90%;
  margin: 10px 0;
 }
 .admin-container form select {
  padding: 8px 12px;
  border-radius: 6px;
@@ -290,45 +191,74 @@ body {
  min-width: 120px;
 }
-.admin-container form button {
+.admin-container button,
-  padding: 8px 20px;
+.login-container button {
  padding: 10px 20px;
  border: none;
  background-color: #1f618d;
  color: #fff;
  border: none;
  border-radius: 6px;
  cursor: pointer;
  transition: background-color 0.2s;
  font-size: 1em;
 }
-.admin-container form button:hover {
+.admin-container button:hover,
 .login-container button:hover {
  background-color: #f39c12;
  color: #fff;
 }
-/* Titolo */
+/* ===== TABLES ===== */
-.admin-container h1 {
+.table-container {
  width: 100%;
  overflow-x: auto;
 }
 .admin-container table,
 .responsive-table {
  width: 100%;
  border-collapse: collapse;
  margin-top: 15px;
 }
 .admin-container th,
 .admin-container td,
 .responsive-table th,
 .responsive-table td {
  border: 1px solid #ccc;
  padding: 10px;
  text-align: center;
  color: #2c3e50;
  margin-bottom: 20px;
 }
-/* Link ritorno */
+.responsive-table th,
-.admin-container a.back-link {
+.responsive-table td {
-  display: inline-block;
+  text-align: left;
-  margin-bottom: 15px;
+  padding: 8px;
-  text-decoration: none;
+}
-  color: #1f618d;
+
 .admin-container th,
 .responsive-table th {
  background-color: #eee;
 }
 .admin-container tr:hover td {
  background-color: #f7f7f7;
 }
 /* ===== MESSAGES ===== */
 .login-container .error {
  color: #e74c3c;
  font-weight: bold;
  margin-bottom: 10px;
 }
-.admin-container a.back-link:hover {
+/* ===== RESPONSIVE DESIGN ===== */
  color: #f39c12;
 }
 /* Mobile responsive */
@media (max-width: 768px) {
  body {
    padding: 10px;
  }
-  /* Form input gestione orario */
+  /* Form responsive */
  .admin-container form {
    flex-direction: column;
    align-items: stretch;
@@ -336,27 +266,33 @@ body {
  .admin-container form select,
  .admin-container form input[type="text"],
  .admin-container input[type="password"],
  .admin-container form button {
    width: 100%;
    margin: 5px 0;
  }
-  /* Tabella */
+  /* Tabelle responsive */
  .admin-container table,
  .responsive-table {
    display: block;
  }
  .admin-container thead,
  .responsive-table thead {
    display: none;
  }
  .admin-container tbody,
-  .admin-container th,
+  .responsive-table tbody,
-  .admin-container td,
+  .admin-container tr,
-  .admin-container tr {
+  .responsive-table tr {
    display: block;
    width: 100%;
  }
-  .admin-container thead {
+  .admin-container tr,
-    display: none; /* Nasconde intestazioni */
+  .responsive-table tr {
  }
  .admin-container tr {
    margin-bottom: 15px;
    border: 1px solid #ddd;
    border-radius: 8px;
@@ -365,28 +301,39 @@ body {
    box-shadow: 0 1px 5px rgba(0,0,0,0.05);
  }
-  .admin-container td {
+  .admin-container td,
  .responsive-table td {
    display: block;
    text-align: left;
    padding: 8px 10px;
    padding-left: 50%;
    position: relative;
    border: none;
    border-bottom: 1px solid #eee;
-    display: flex;
+    word-wrap: break-word;
-    justify-content: space-between;
+    white-space: normal;
-    padding: 8px 10px;
+    max-width: 100%;
  }
-  .admin-container td::before {
+  .admin-container td:last-child,
  .responsive-table td:last-child {
    border-bottom: none;
  }
  .admin-container td::before,
  .responsive-table td::before {
    content: attr(data-label);
    position: absolute;
    left: 10px;
    top: 8px;
    width: 45%;
    font-weight: bold;
-    white-space: nowrap;
+    white-space: normal;
    color: #333;
  }
-  .admin-container td:last-child {
+  .responsive-table td span {
-    border-bottom: 0;
+    display: block;
  }
  .admin-container a.delete-link {
@@ -395,88 +342,23 @@ body {
  }
 }
 /* Extra piccolo schermo */
@media (max-width: 480px) {
-  .admin-container td::before {
+  .admin-container td::before,
  .responsive-table td::before {
    width: 50%;
    font-size: 0.9em;
  }
-  .admin-container td {
+  .admin-container td,
  .responsive-table td {
    font-size: 0.9em;
    padding: 6px 8px;
  }
  .admin-container form select,
  .admin-container form input[type="text"],
  .admin-container input[type="password"],
  .admin-container form button {
    font-size: 0.95em;
  }
 }
 .table-container {
  width: 100%;
  overflow-x: auto;
 }
 .responsive-table {
  width: 100%;
  border-collapse: collapse;
 }
 .responsive-table th,
 .responsive-table td {
  border: 1px solid #ccc;
  padding: 8px;
  text-align: left;
 }
 .responsive-table th {
  background: #f4f4f4;
 }
 /* Modalità mobile */
@media (max-width: 768px) {
  .responsive-table thead {
    display: none; /* nasconde l’intestazione */
  }
  .responsive-table tr {
    display: block;
    margin-bottom: 15px;
    border: 1px solid #ddd;
    border-radius: 8px;
    padding: 10px;
    background: #fff;
  }
  .responsive-table td {
    display: block;
    justify-content: space-between;
    padding: 8px 5px;
    padding-top: 30px;        
    border: none;
    border-bottom: 1px solid #eee;
    word-wrap: break-word;
    white-space: normal;
    max-width: 100%;
    overflow: hidden;
    text-overflow: ellipsis;
  }
  .responsive-table td:last-child {
    border-bottom: none;
  }
  .responsive-table td::before {
    content: attr(data-label);
    font-weight: bold;
    margin-right: 10px;
    color: #333;
    position: absolute;
    left: 10px;
    top: 10px;
    width: 45%;
    white-space: normal; /* permette a "Materia" di andare a capo */
    font-weight: bold;
  }
  .response-table td span {
    display: block; /* forza l'output del contenuto su una riga separata */
  }
 }
--- a/htdocs/admin/subjects.php
+++ b/htdocs/admin/subjects.php
@@ -1,22 +1,65 @@
 <?php
 /*
 Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 session_start();
 if (!isset($_SESSION['admin'])) { header("Location: login.php"); exit; }
-include("../db.php");
+include("../lib/db.php");
-if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['name'])) {
+// FIX: Usa prepared statements per sicurezza
 if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['name']) && !isset($_POST['update'])) {
    $name = $_POST['name']; 
    $teacher = $_POST['teacher']; 
    $room = $_POST['room'];
    if (!empty($name)) {
-        $conn->query("INSERT INTO subjects (name,teacher,room) VALUES ('$name','$teacher','$room')"); 
+        $stmt = $conn->prepare("INSERT INTO subjects (name, teacher, room) VALUES (?, ?, ?)");
        $stmt->bind_param("sss", $name, $teacher, $room);
        $stmt->execute();
        $stmt->close();
    }
-    header("Location: subjects.php"); exit;
+    header("Location: subjects.php"); 
    exit;
 }
 // FIX: Aggiunto redirect dopo update
 if(isset($_POST['update'])){
    $id = intval($_POST['id']);
    $name = $_POST['name'];
    $teacher = $_POST['teacher'];
    $room = $_POST['room'];
    $stmt = $conn->prepare("UPDATE subjects SET name=?, teacher=?, room=? WHERE id=?");
    $stmt->bind_param("sssi", $name, $teacher, $room, $id);
    $stmt->execute();
    $stmt->close();
    header("Location: subjects.php");
    exit;
 }
 // FIX: Usa prepared statement anche per delete
 if (isset($_GET['delete'])) {
    $id = intval($_GET['delete']);
-    $conn->query("DELETE FROM subjects WHERE id=$id");
+    $stmt = $conn->prepare("DELETE FROM subjects WHERE id=?");
-    header("Location: subjects.php"); exit;
+    $stmt->bind_param("i", $id);
    $stmt->execute();
    $stmt->close();
    header("Location: subjects.php"); 
    exit;
 }
 ?>
 <!DOCTYPE html>
@@ -41,6 +84,42 @@ if (isset($_GET['delete'])) {
  <h1>Gestisci Materie</h1>
  <a href="index.php" class="back-link">⬅ Torna al Dashboard</a>
  <?php
  // Mostra form di modifica solo se richiesto
  if(isset($_GET['edit'])){
      $id = intval($_GET['edit']);
      $stmt = $conn->prepare("SELECT * FROM subjects WHERE id=?");
      $stmt->bind_param("i", $id);
      $stmt->execute();
      $res = $stmt->get_result();
      if($res->num_rows > 0){
          $subject = $res->fetch_assoc();
          ?>
          <h3>Modifica materia</h3>
          <form method="post" action="subjects.php">
              <input type="hidden" name="id" value="<?php echo $subject['id']; ?>">
              <label>Materia:</label>
              <input type="text" name="name" value="<?php echo htmlspecialchars($subject['name']); ?>" required><br>
              <label>Docente:</label>
              <input type="text" name="teacher" value="<?php echo htmlspecialchars($subject['teacher']); ?>" required><br>
              <label>Laboratorio (opzionale):</label>
              <input type="text" name="room" value="<?php echo htmlspecialchars($subject['room']); ?>"><br>
              <button type="submit" name="update">Salva modifiche</button>
              <a class="cancel-edit" href="subjects.php" style="margin-left: 10px;">Annulla</a>
          </form>
          <hr>
          <?php
      }
      $stmt->close();
  }
  ?>
  <h2>Aggiungi Nuova Materia</h2>
  <form method="POST">
    <input type="text" name="name" placeholder="Materia" required>
    <input type="text" name="teacher" placeholder="Docente" required>
@@ -48,12 +127,13 @@ if (isset($_GET['delete'])) {
    <button type="submit">Aggiungi</button>
  </form>
  <h2>Elenco Materie</h2>
  <table>
    <tr>
      <th>ID</th>
      <th>Materia</th>
      <th>Docente</th>
-      <th>Aula</th>
+      <th>Laboratorio</th>
      <th>Azione</th>
    </tr>
    <?php
@@ -61,10 +141,13 @@ if (isset($_GET['delete'])) {
    while($row=$res->fetch_assoc()){
      echo "<tr>
              <td>{$row['id']}</td>
-              <td>{$row['name']}</td>
+              <td>" . htmlspecialchars($row['name']) . "</td>
-              <td>{$row['teacher']}</td>
+              <td>" . htmlspecialchars($row['teacher']) . "</td>
-              <td>{$row['room']}</td>
+              <td>" . htmlspecialchars($row['room']) . "</td>
-              <td><a href='subjects.php?delete={$row['id']}' class='delete-link'>Elimina</a></td>
+              <td>
                <a href='subjects.php?edit={$row['id']}' class='edit-link'>Modifica</a> | 
                <a href='subjects.php?delete={$row['id']}' class='delete-link' onclick='return confirm(\"Sei sicuro di voler eliminare questa materia?\")'>Elimina</a>
              </td>
            </tr>";
    }
    ?>
--- a/htdocs/admin/timetable.php
+++ b/htdocs/admin/timetable.php
@@ -1,7 +1,23 @@
 <?php
 /*
 Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 session_start();
-// if (!isset($_SESSION['admin'])) { header("Location: login.php"); exit; }
+if (!isset($_SESSION['admin'])) { header("Location: login.php"); exit; }
-include("../db.php");
+include("../lib/db.php");
 // --- Recupera tutte le materie ---
 $subjects = [];
--- a/htdocs/admin/users.php
+++ b/htdocs/admin/users.php
@@ -0,0 +1,131 @@
 <?php
 /*
 Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 session_start();
 include("../lib/db.php");
 if (!isset($_SESSION['admin']) || $_SESSION['auth_type'] != 'local' || $_SESSION['admin'] != 'admin') {
    header("Location: login.php");
    exit;
 }
 $message = "";
 // Add admin
 if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST['add_user'])) {
    $username = trim($_POST['username']);
    $password = $_POST['password'];
    if (!empty($username) && !empty($password)) {
        $hash = password_hash($password, PASSWORD_DEFAULT);
        $stmt = $conn->prepare("INSERT INTO admin (username, password) VALUES (?, ?)");
        $stmt->bind_param("ss", $username, $hash);
        if ($stmt->execute()) {
            $message = "Utente admin aggiunto con successo.";
        } else {
            $message = "Errore durante l'aggiunta: " . $conn->error;
        }
    } else {
        $message = "Compila tutti i campi.";
    }
 }
 // Delete admin
 if (isset($_GET['delete'])) {
    $id = intval($_GET['delete']);
    if ($id != 1) { // proteggi super admin
        $stmt = $conn->prepare("DELETE FROM admin WHERE id = ?");
        $stmt->bind_param("i", $id);
        $stmt->execute();
        $message = "Utente admin rimosso.";
    } else {
        $message = "Non puoi eliminare il super admin.";
    }
 }
 // Fetch admins
 $result = $conn->query("SELECT id, username FROM admin ORDER BY id ASC");
 ?>
 <!DOCTYPE html>
 <html>
 <head>
    <title>Gestione Admin</title>
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <link rel="stylesheet" href="style.css">
 </head>
 <body>
 <div class="navbar">
    <div class="logo">Admin Dashboard</div>
    <div class="links">
        <a href="index.php">Dashboard</a>
        <a href="logout.php">Logout</a>
    </div>
 </div>
 <div class="admin-container">
    <h1>Gestione Amministratori</h1>
    <a href="index.php" class="back-link">⬅ Torna al Dashboard</a>
    <?php if ($message): ?>
        <p style="color:<?php echo strpos($message,'successo')!==false ? 'green':'red'; ?>;">
            <?php echo htmlspecialchars($message); ?>
        </p>
    <?php endif; ?>
    <h2>Utenti Attivi</h2>
    <table border="1" cellspacing="0" cellpadding="6" width="100%">
        <thead>
            <tr>
                <th>ID</th>
                <th>Username</th>
                <th>Azione</th>
            </tr>
        </thead>
        <tbody>
            <?php while ($row = $result->fetch_assoc()): ?>
                <tr>
                    <td><?php echo $row['id']; ?></td>
                    <td><?php echo htmlspecialchars($row['username']); ?></td>
                    <td>
                        <?php if ($row['id'] != 1): ?>
                            <a href="?delete=<?php echo $row['id']; ?>" 
                               onclick="return confirm('Vuoi davvero eliminare questo amministratore?')"
                               style="color:red;">Elimina</a>
                        <?php else: ?>
                            <em>Super Admin</em>
                        <?php endif; ?>
                    </td>
                </tr>
            <?php endwhile; ?>
        </tbody>
    </table>
    <h2>Aggiungi Nuovo Admin</h2>
    <form method="POST">
        <label>Username:<br>
            <input type="text" name="username" required>
        </label><br><br>
        <label>Password:<br>
            <input type="password" name="password" required>
        </label><br><br>
        <button type="submit" name="add_user">Aggiungi</button>
    </form>
 </div>
 </body>
 </html>
--- a/htdocs/config/config.php
+++ b/htdocs/config/config.php
@@ -0,0 +1,69 @@
 <?php
 /*
 Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 // Impostazioni Database
 if (!defined('DB_HOST')) {
    define('DB_HOST', '<MYSQL_HOST>'); // Host del database (ad esempio localhost)
 }
 if (!defined('DB_USER')) {
    define('DB_USER', '<MYSQL_USER>'); // Utente del database (ad esempio orario)
 }
 if (!defined('DB_PASS')) {
    define('DB_PASS', '<MYSQL_PASSWORD>'); // Password dell'utente specificato prima (ad esempio password123)
 }
 if (!defined('DB_NAME')) {
    define('DB_NAME', 'school_timetable'); // Nome del database, non modificare se non sai cosa stai facendo.
 }
 // Impostazioni sito generali
 if (!defined('APP_NAME')) {
    define('APP_NAME', 'Orario Scuola'); // Nome del sito
 }
 if (!defined('YEAR')) {
    define('YEAR', '2025/26'); // Anno Scolastico Corrente
 }
 if (!defined('API_URL')) {
    define('API_URL', ''); // URL API di importazione, lascia vuoto per disabilitare. Esempio: http://localhost:3006/classe
 }
 if (!defined('DEV_MODE')) {
    define('DEV_MODE', false); // Modalita' di sviluppo: abilita messaggi di debug aggiuntivi. Imposta su false se sei in produzione
 }
 // Impostazioni autenticazione dashboard amministrativa
 if (!defined('AUTH_TYPE')) {
    define('AUTH_TYPE','local'); // Può essere local (integrata), keycloak
 }
 if (!defined('APP_DOMAIN')) {
    define('APP_DOMAIN',''); // Dominio del sito (ad esempio orario.yourdomain.com), richiesto per autenticazioni non local
 }
 // Impostazioni autenticazione via Keycloak (richiesto solo se AUTH_TYPE sta impostato su keycloak)
 if (AUTH_TYPE === 'keycloak') {
    if (!defined('KEYCLOAK_DOMAIN')) {
        define('KEYCLOAK_DOMAIN',''); // Dominio di Keycloak (ad esempio auth.yourdomain.com)
    }
    if (!defined('KEYCLOAK_REALM')) {
        define('KEYCLOAK_REALM',''); // Realm di Keycloak (ad esempio master)
    }
    if (!defined('KEYCLOAK_CLIENT_ID')) {
        define('KEYCLOAK_CLIENT_ID',''); // Client ID per Keycloak (ad esempio orario)
    }
    if (!defined('KEYCLOAK_CLIENT_SECRET')) {
        define('KEYCLOAK_CLIENT_SECRET',''); // Client Secret per Keycloak (ad esempio abcdefghijklm)
    }
    if (!defined('KEYCLOAK_ALLOWED_USERS')) {
        define('KEYCLOAK_ALLOWED_USERS',[]); // Contiene i nomi utente degli utenti autorizzati ad accedere all'amministrazione
    }
 }
 ?>
--- a/htdocs/css/home.css
+++ b/htdocs/css/home.css
@@ -1,3 +1,19 @@
 /*
 Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 /* Base styles */
 body {
    font-family: Arial, sans-serif;
@@ -12,8 +28,15 @@ h1, h2 {
    margin: 10px 0 20px 0;
 }
-h1 { color: #2c3e50; font-size: 1.8em; }
+h1 {
-h2 { color: #34495e; font-size: 1.4em; }
+    color: #2c3e50;
    font-size: 1.8em;
 }
 h2 {
    color: #34495e;
    font-size: 1.4em;
 }
 /* Grid layout */
 .grid {
@@ -30,13 +53,13 @@ ul {
    padding: 15px;
    background: #fff;
    border-radius: 10px;
-  box-shadow: 0 2px 5px rgba(0,0,0,0.1);
+    box-shadow: 0 2px 5px rgba(0, 0, 0, 0.1);
    transition: transform 0.2s, box-shadow 0.2s;
 }
 ul:hover {
    transform: translateY(-3px);
-  box-shadow: 0 5px 10px rgba(0,0,0,0.15);
+    box-shadow: 0 5px 10px rgba(0, 0, 0, 0.15);
 }
 li {
@@ -70,8 +93,13 @@ a:hover {
        font-size: 0.95em;
    }
-  h1 { font-size: 1.5em; }
+    h1 {
-  h2 { font-size: 1.2em; }
+        font-size: 1.5em;
    }
    h2 {
        font-size: 1.2em;
    }
    .grid {
        grid-template-columns: repeat(auto-fit, minmax(120px, 1fr));
@@ -89,11 +117,16 @@ a:hover {
 }
@media screen and (max-width: 480px) {
-  h1 { font-size: 1.3em; }
+    h1 {
-  h2 { font-size: 1em; }
+        font-size: 1.3em;
    }
    h2 {
        font-size: 1em;
    }
    .grid {
-    grid-template-columns: 1fr; /* single column for small screens */
+        grid-template-columns: 1fr;
        gap: 10px;
    }
--- a/htdocs/css/navbar.css
+++ b/htdocs/css/navbar.css
@@ -1,3 +1,19 @@
 /*
 Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 /* Navbar */
 .navbar {
    background-color: #2c3e50;
@@ -8,7 +24,7 @@
    color: #fff;
    border-radius: 0 0 10px 10px;
    margin-bottom: 20px;
-  box-shadow: 0 2px 5px rgba(0,0,0,0.1);
+    box-shadow: 0 2px 5px rgba(0, 0, 0, 0.1);
 }
 .navbar a {
@@ -27,3 +43,37 @@
    font-size: 1.3em;
    font-weight: bold;
 }
 /* Responsive navbar */
@media (max-width: 768px) {
    .navbar {
        flex-direction: column;
        gap: 10px;
        padding: 15px;
    }
    .navbar a {
        margin-left: 0;
        margin: 0 10px;
    }
    .navbar .logo {
        font-size: 1.2em;
        margin-bottom: 5px;
    }
 }
@media (max-width: 480px) {
    .navbar {
        padding: 12px;
    }
    .navbar .logo {
        font-size: 1.1em;
    }
    .navbar a {
        font-size: 0.9em;
        margin: 0 8px;
    }
 }
--- a/htdocs/css/timetable.css
+++ b/htdocs/css/timetable.css
@@ -1,3 +1,20 @@
 /*
 Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 /* Base styles */
 body {
    font-family: Arial, sans-serif;
    padding: 15px;
@@ -22,7 +39,7 @@ table {
    background: #fff;
    border-radius: 10px;
    overflow: hidden;
-  box-shadow: 0 2px 8px rgba(0,0,0,0.1);
+    box-shadow: 0 2px 8px rgba(0, 0, 0, 0.1);
 }
 th, td {
@@ -60,108 +77,85 @@ td:hover {
    color: #666;
 }
-/*
+/* Desktop/Mobile layout control */
-@media (max-width: 768px) {
+.desktop-schedule {
-  table, thead, tbody, th, td, tr {
+    display: table;
    display: block;
    width: 100%;
-  }
+    border-collapse: collapse;
 }
-  tr {
+.mobile-schedule {
-    margin-bottom: 15px;
+    display: none;
-    border-bottom: 2px solid #ddd;
+}
    padding-bottom: 10px;
  }
-  th {
+/* Mobile styles */
@media (max-width: 768px) {
    .desktop-schedule {
        display: none;
    }
-  td {
+    .mobile-schedule {
-    text-align: left;
+        display: flex;
-    padding: 10px 10px 10px 45%;
+        flex-direction: column;
-    position: relative;
+        gap: 1.5rem;
    border: none;
    border-bottom: 1px solid #eee;
    }
-  td::before {
+    .mobile-schedule .day {
-    position: absolute;
+        background: #f8f8f8;
-    left: 10px;
+        border-radius: 10px;
-    top: 10px;
+        box-shadow: 0 2px 6px rgba(0, 0, 0, 0.05);
-    width: 40%;
+        padding: 1rem;
    white-space: nowrap;
    font-weight: bold;
    content: attr(data-label);
    }
-  td:last-child {
+    .mobile-schedule h2 {
-    border-bottom: 0;
+        margin-top: 0;
        margin-bottom: 0.8rem;
        font-size: 1.2rem;
        color: #111;
        border-bottom: 1px solid #ddd;
        padding-bottom: 0.3rem;
    }
    .lesson {
        background: #fff;
        border: 1px solid #eee;
        border-radius: 8px;
        padding: 0.6rem 0.8rem;
        margin-bottom: 0.6rem;
    }
    .lesson.empty {
        opacity: 0.6;
    }
    .hour {
        font-size: 0.9rem;
        color: #666;
        margin-bottom: 3px;
    }
    .subject {
        font-weight: 600;
        color: #222;
    }
    .teacher {
        font-size: 0.85rem;
        color: #555;
    }
    .room {
        font-size: 0.8rem;
        color: #777;
    }
 }
@media (max-width: 480px) {
-  body { padding: 10px; }
+    body {
-  h1 { font-size: 1.5em; }
+        padding: 10px;
  td::before { font-size: 0.9em; }
  td { padding-left: 50%; }
 }
 */
@media (max-width: 768px) {
  table, thead, tbody, th, td, tr {
    display: block;
    width: 100%;
    }
-  tr {
+    h1 {
-    margin-bottom: 15px;
+        font-size: 1.5em;
    padding: 0;
    border-bottom: 2px solid #ddd;
  }
  th {
    display: none;
  }
  td {
    position: relative;
    padding-left: 50%;
    text-align: left;
    border: none;
    border-bottom: 1px solid #eee;
    min-height: 50px; /* ensures consistent vertical spacing */
    box-sizing: border-box;
  }
  td::before {
    position: absolute;
    top: 10px;
    left: 10px;
    width: 40%;
    font-weight: bold;
    white-space: nowrap;
    content: attr(data-label);
  }
  /* make content stack nicely */
  td > .subject,
  td > .teacher,
  td > .room {
    display: block;
    margin: 2px 0;
  }
  td:last-child {
    border-bottom: 0;
    }
 }
 /* Extra small screens */
@media (max-width: 480px) {
  td {
    padding-left: 55%;
  }
  td::before {
    width: 45%;
  }
 }
--- a/htdocs/db.php
+++ b/htdocs/db.php
@@ -1,11 +0,0 @@
 <?php
 $host = "<MYSQL_HOST>";
 $user = "<MYSQL_USER>";
 $pass = "<MYSQL_PASSWORD>";
 $dbname = "school_timetable";
 $conn = new mysqli($host, $user, $pass, $dbname);
 if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
 }
 ?>
--- a/htdocs/docenti.php
+++ b/htdocs/docenti.php
@@ -1,29 +1,46 @@
 <?php
-include("db.php");
+/*
-$teacher = $_GET['teacher'];
+Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 include("lib/db.php");
 $days = ["Lunedì","Martedì","Mercoledì","Giovedì","Venerdì","Sabato"];
 $hours = [
-  1 => "Prima ora<br>7:50 - 8:50",
+  1 => "Prima ora<br> 7:50 - 8:50",
-  2 => "Seconda ora<br>8:50 - 9:45",
+  2 => "Seconda ora<br> 8:50 - 9:45",
-  3 => "Terza ora<br>9:55 - 10:50",
+  3 => "Terza ora<br> 9:55 - 10:50",
-  4 => "Quarta ora<br>10:50 - 11:45",
+  4 => "Quarta ora<br> 10:50 - 11:45",
-  5 => "Quinta ora<br>11:55 - 12:50",
+  5 => "Quinta ora<br> 11:55 - 12:50",
-  6 => "Sesta ora<br>12:50 - 13:50"
+  6 => "Sesta ora<br> 12:50 - 13:50"
 ];
-if ($teacher == "No Lezione" || $teacher == "sconosciuto") {
+
-	header("Location: index.php");
+if (!isset($_GET['teacher'])) {
    	exit;
 }
 else if (!isset($_GET['teacher'])) {
    header("Location: index.php");
    exit;
 }
 $teacher = $conn->real_escape_string($_GET['teacher']);
 if ($teacher == "No Lezione" || $teacher == "sconosciuto") {
    header("Location: index.php");
    exit;
 }
 $res = $conn->query("SELECT DISTINCT teacher FROM subjects WHERE teacher = '$teacher' LIMIT 1");
 if ($res->num_rows === 0) {
    // Insegnante non trovato
    header("Location: index.php");
    exit;
 }
@@ -38,13 +55,16 @@ if ($res->num_rows === 0) {
 </head>
 <body>
  <div class="navbar">
-    <div class="logo">Orario Scuola 2025/26</div>
+    <div class="logo"><?php echo APP_NAME; ?> <?php echo YEAR; ?></div>
    <div class="links">
      <a href="index.php">Home</a>
    </div>
  </div>
  <h1>Orario docente <?php echo htmlspecialchars($teacher); ?></h1>
-  <table>
+  
  <!-- Visualizzazione Desktop -->
  <table class="desktop-schedule">
    <tr>
      <th></th>
      <?php foreach($days as $d) echo "<th>$d</th>"; ?>
@@ -60,10 +80,12 @@ if ($res->num_rows === 0) {
                           WHERE subjects.teacher='$teacher' AND timetable.day='$d' AND timetable.hour=$hnum");
        if($row = $q->fetch_assoc()){
          echo "<td data-label='$d'>
-                  <div class='subject'>{$row['name']}</div>
+                  <div class='subject'>" . htmlspecialchars($row['name']) . "</div>
-                  <div class='teacher'>{$row['class_name']}</div>
+                  <div class='teacher'>" . htmlspecialchars($row['class_name']) . "</div>";
-                  <div class='room'>{$row['room']}</div>
+          if(!empty($row['room'])) {
-                </td>";
+            echo "<div class='room'>" . htmlspecialchars($row['room']) . "</div>";
          }
          echo "</td>";
        } else {
          echo "<td data-label='$d'></td>";
        }
@@ -72,6 +94,41 @@ if ($res->num_rows === 0) {
    }
    ?>
  </table>
  <!-- FIX: Visualizzazione Mobile aggiunta -->
  <div class="mobile-schedule">
  <?php foreach($days as $d): ?>
    <div class="day">
      <h2><?= htmlspecialchars($d) ?></h2>
      <?php
      foreach($hours as $hnum => $hlabel):
        $q = $conn->query("SELECT subjects.name, classes.name AS class_name, subjects.room
                           FROM timetable 
                           LEFT JOIN subjects ON timetable.subject_id = subjects.id
                           LEFT JOIN classes ON timetable.class_id = classes.id
                           WHERE subjects.teacher='$teacher' AND timetable.day='$d' AND timetable.hour=$hnum");
        if($row = $q->fetch_assoc()):
      ?>
          <div class="lesson">
            <div class="hour"><?= strip_tags($hlabel) ?></div>
            <div class="subject"><?= htmlspecialchars($row['name']) ?></div>
            <div class="teacher"><?= htmlspecialchars($row['class_name']) ?></div>
            <?php if(!empty($row['room'])): ?>
              <div class="room"><?= htmlspecialchars($row['room']) ?></div>
            <?php endif; ?>
          </div>
      <?php else: ?>
          <div class="lesson empty">
            <div class="hour"><?= strip_tags($hlabel) ?></div>
            <div class="subject">—</div>
          </div>
      <?php endif; ?>
      <?php endforeach; ?>
    </div>
  <?php endforeach; ?>
  </div>
 <p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
 </body>
 </html>
--- a/htdocs/index.php
+++ b/htdocs/index.php
@@ -1,24 +1,40 @@
 <?php
-include("db.php");
+/*
 Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 include("lib/db.php");
 ?>
 <!DOCTYPE html>
 <html>
 <head>
-  <title>Orario - A.S. 2025/26</title>
+  <title><?php echo APP_NAME; ?> - A.S. <?php echo YEAR; ?></title>
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <link rel="stylesheet" href="css/home.css">
  <link rel="stylesheet" href="css/navbar.css">
 </head>
 <body>
 <div class="navbar">
-    <div class="logo">Orario Scuola 2025/26</div>
+    <div class="logo"><?php echo APP_NAME; ?> <?php echo YEAR; ?></div>
    <div class="links">
      <a href="index.php">Home</a>
      <a href="admin/index.php">Admin</a>
      <a href="https://git.vichingo455.freeddns.org/emmev-code/orario" target="_blank">Codice sorgente</a>
    </div>
  </div>
-  <h1>Orario - a.s. 2025/26</h1>
+  <h1><?php echo APP_NAME; ?> - A.S. <?php echo YEAR; ?></h1>
  <!-- Sezione Classi -->
  <h2>Classi</h2>
@@ -66,6 +82,6 @@ while($row = $res->fetch_assoc()){
 ?>
 </div>
-<p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under GNU AGPL 3.0 License.</p>
+<p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
 </body>
 </html>
--- a/htdocs/laboratori.php
+++ b/htdocs/laboratori.php
@@ -1,15 +1,31 @@
 <?php
-include("db.php");
+/*
-$room = $_GET['room']; // aula selezionata
+Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 include("lib/db.php");
 $days = ["Lunedì","Martedì","Mercoledì","Giovedì","Venerdì","Sabato"];
 $hours = [
-  1 => "Prima ora<br>7:50 - 8:50",
+  1 => "Prima ora<br> 7:50 - 8:50",
-  2 => "Seconda ora<br>8:50 - 9:45",
+  2 => "Seconda ora<br> 8:50 - 9:45",
-  3 => "Terza ora<br>9:55 - 10:50",
+  3 => "Terza ora<br> 9:55 - 10:50",
-  4 => "Quarta ora<br>10:50 - 11:45",
+  4 => "Quarta ora<br> 10:50 - 11:45",
-  5 => "Quinta ora<br>11:55 - 12:50",
+  5 => "Quinta ora<br> 11:55 - 12:50",
-  6 => "Sesta ora<br>12:50 - 13:50"
+  6 => "Sesta ora<br> 12:50 - 13:50"
 ];
 if (!isset($_GET['room'])) {
    header("Location: index.php");
    exit;
@@ -19,7 +35,6 @@ $room = $conn->real_escape_string($_GET['room']);
 $res = $conn->query("SELECT DISTINCT room FROM subjects WHERE room = '$room' LIMIT 1");
 if ($res->num_rows === 0) {
    // Aula non trovata
    header("Location: index.php");
    exit;
 }
@@ -34,7 +49,7 @@ if ($res->num_rows === 0) {
 </head>
 <body>
  <div class="navbar">
-    <div class="logo">Orario Scuola 2025/26</div>
+    <div class="logo"><?php echo APP_NAME; ?> <?php echo YEAR; ?></div>
    <div class="links">
      <a href="index.php">Home</a>
    </div>
@@ -42,7 +57,8 @@ if ($res->num_rows === 0) {
  <h1>Orario <?php echo htmlspecialchars($room); ?></h1>
-  <table>
+  <!-- Visualizzazione Desktop -->
  <table class="desktop-schedule">
    <tr>
      <th></th>
      <?php foreach($days as $d) echo "<th>$d</th>"; ?>
@@ -60,11 +76,34 @@ if ($res->num_rows === 0) {
          WHERE subjects.room='". $conn->real_escape_string($room) ."' 
            AND timetable.day='$d' AND timetable.hour=$hnum
        ");
-        if($row = $q->fetch_assoc()){
+
        if($q->num_rows > 0){
          $subject = null;
          // FIX: Uso array associativo per evitare duplicati classe+docente
          $class_teacher_pairs = [];
          while($row = $q->fetch_assoc()){
            if($subject === null) {
              $subject = $row['subject_name'];
            }
            // Creo una coppia unica classe-docente
            $pair = $row['class_name'] . " (" . $row['teacher'] . ")";
            $class_teacher_pairs[$pair] = true; // Uso chiave per evitare duplicati
          }
          // Converto in array e unisco
          $entries = array_keys($class_teacher_pairs);
          if(count($entries) > 1){
            $last = array_pop($entries);
            $entries_list = implode(", ", $entries) . " e " . $last;
          } else {
            $entries_list = $entries[0];
          }
          echo "<td data-label='$d'>
-                  <div class='subject'>{$row['subject_name']}</div>
+                  <div class='subject'>" . htmlspecialchars($subject) . "</div>
-                  <div class='teacher'>{$row['teacher']}</div>
+                  <div class='room'>" . htmlspecialchars($entries_list) . "</div>
                  <div class='room'>{$row['class_name']}</div>
                </td>";
        } else {
          echo "<td data-label='$d'></td>";
@@ -74,6 +113,60 @@ if ($res->num_rows === 0) {
    }
    ?>
  </table>
  <!-- Visualizzazione Mobile -->
  <div class="mobile-schedule">
  <?php foreach($days as $d): ?>
    <div class="day">
      <h2><?= htmlspecialchars($d) ?></h2>
      <?php
      foreach($hours as $hnum => $hlabel):
        $q = $conn->query("
          SELECT subjects.name AS subject_name, subjects.teacher, classes.name AS class_name
          FROM timetable
          LEFT JOIN subjects ON timetable.subject_id = subjects.id
          LEFT JOIN classes ON timetable.class_id = classes.id
          WHERE subjects.room='". $conn->real_escape_string($room) ."' 
            AND timetable.day='$d' AND timetable.hour=$hnum
        ");
        if($q->num_rows > 0):
          $subject = null;
          $class_teacher_pairs = [];
          while($row = $q->fetch_assoc()){
            if($subject === null) {
              $subject = $row['subject_name'];
            }
            $pair = $row['class_name'] . " (" . $row['teacher'] . ")";
            $class_teacher_pairs[$pair] = true;
          }
          $entries = array_keys($class_teacher_pairs);
          if(count($entries) > 1){
            $last = array_pop($entries);
            $entries_list = implode(", ", $entries) . " e " . $last;
          } else {
            $entries_list = $entries[0];
          }
      ?>
          <div class="lesson">
            <div class="hour"><?= strip_tags($hlabel) ?></div>
            <div class="subject"><?= htmlspecialchars($subject) ?></div>
            <div class="room"><?= htmlspecialchars($entries_list) ?></div>
          </div>
      <?php else: ?>
          <div class="lesson empty">
            <div class="hour"><?= strip_tags($hlabel) ?></div>
            <div class="subject">—</div>
          </div>
      <?php endif; ?>
      <?php endforeach; ?>
    </div>
  <?php endforeach; ?>
  </div>
  <p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
 </body>
 </html>
--- a/htdocs/lib/db.php
+++ b/htdocs/lib/db.php
@@ -0,0 +1,31 @@
 <?php
 /*
 Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 include_once __DIR__ . '/../config/config.php';
 $host = DB_HOST;
 $user = DB_USER;
 $pass = DB_PASS;
 $dbname = DB_NAME;
 $conn = new mysqli($host, $user, $pass, $dbname);
 if ($conn->connect_error) {
    if (DEV_MODE)
        die("[DEBUG] Connessione al database fallita: " . $conn->connect_error);
    else
        die("Connessione al database fallita!");
 }
 ?>
--- a/htdocs/studenti.php
+++ b/htdocs/studenti.php
@@ -1,26 +1,43 @@
 <?php
-include("db.php");
+/*
 Orario Scuola, Copyright (C) 2025 EmmeV.
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 include("lib/db.php");  // FIX: Decommentato
 $class_id = intval($_GET['class_id']);
 $class = $conn->query("SELECT * FROM classes WHERE id=$class_id")->fetch_assoc();
 $days = ["Lunedì","Martedì","Mercoledì","Giovedì","Venerdì","Sabato"];
 $hours = [
-  1 => "Prima ora<br>7:50 - 8:50",
+  1 => "Prima ora<br> 7:50 - 8:50",
-  2 => "Seconda ora<br>8:50 - 9:45",
+  2 => "Seconda ora<br> 8:50 - 9:45",
-  3 => "Terza ora<br>9:55 - 10:50",
+  3 => "Terza ora<br> 9:55 - 10:50",
-  4 => "Quarta ora<br>10:50 - 11:45",
+  4 => "Quarta ora<br> 10:50 - 11:45",
-  5 => "Quinta ora<br>11:55 - 12:50",
+  5 => "Quinta ora<br> 11:55 - 12:50",
-  6 => "Sesta ora<br>12:50 - 13:50"
+  6 => "Sesta ora<br> 12:50 - 13:50"
 ];
 // FIX: Validazione classe prima di tutto
 if (!isset($_GET['class_id'])) {
    header("Location: index.php");
    exit;
 }
-$class_id = intval($_GET['class_id']); // sicurezza
+$class_id = intval($_GET['class_id']);
 $res = $conn->query("SELECT id FROM classes WHERE id = $class_id LIMIT 1");
 if ($res->num_rows === 0) {
    // Classe non trovata
    header("Location: index.php");
    exit;
 }
@@ -28,20 +45,22 @@ if ($res->num_rows === 0) {
 <!DOCTYPE html>
 <html>
 <head>
-  <title>Orario <?php echo $class['name']; ?></title>
+  <title>Orario <?php echo htmlspecialchars($class['name']); ?></title>
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <link rel="stylesheet" href="css/timetable.css">
  <link rel="stylesheet" href="css/navbar.css">
 </head>
 <body>
  <div class="navbar">
-    <div class="logo">Orario Scuola 2025/26</div>
+    <div class="logo"><?php echo APP_NAME; ?> <?php echo YEAR; ?></div>
    <div class="links">
      <a href="index.php">Home</a>
    </div>
  </div>
-  <h1>Orario della classe <?php echo $class['name']; ?></h1>
+  <h1>Orario della classe <?php echo htmlspecialchars($class['name']); ?></h1>
-  <table>
+  
  <!-- Visualizzazione Desktop -->
  <table class="desktop-schedule">
    <tr>
      <th></th>
      <?php foreach($days as $d) echo "<th>$d</th>"; ?>
@@ -54,10 +73,36 @@ if ($res->num_rows === 0) {
                           FROM timetable 
                           LEFT JOIN subjects ON timetable.subject_id = subjects.id 
                           WHERE class_id=$class_id AND day='$d' AND hour=$hnum");
-        if($row = $q->fetch_assoc()){
+
-          echo "<td data-label='$d'><div class='subject'>{$row['name']}</div>
+        if($q->num_rows > 0){
-                     <div class='teacher'>{$row['teacher']}</div>
+          // FIX: Gestione corretta di multipli docenti/materie
-                     <div class='room'>{$row['room']}</div></td>";
+          $entries = [];
          $subject = null;
          $room = null;
          while($row = $q->fetch_assoc()){
            if($subject === null) {
              $subject = $row['name'];
              $room = $row['room'];
            }
            $entries[] = $row['teacher'];
          }
          // Unisci i docenti correttamente
          if(count($entries) > 1){
            $last = array_pop($entries);
            $teachers_list = implode(", ", $entries) . " e " . $last;
          } else {
            $teachers_list = $entries[0];
          }
          echo "<td data-label='$d'>
                  <div class='subject'>" . htmlspecialchars($subject) . "</div>
                  <div class='teacher'>" . htmlspecialchars($teachers_list) . "</div>";
          if(!empty($room)) {
            echo "<div class='room'>" . htmlspecialchars($room) . "</div>";
          }
          echo "</td>";
        } else {
          echo "<td data-label='$d'></td>";
        }
@@ -66,6 +111,57 @@ if ($res->num_rows === 0) {
    }
    ?>
  </table>
  <!-- Visualizzazione Mobile -->
  <div class="mobile-schedule">
  <?php foreach($days as $d): ?>
    <div class="day">
      <h2><?= htmlspecialchars($d) ?></h2>
      <?php
      foreach($hours as $hnum => $hlabel):
        $q = $conn->query("SELECT subjects.name, subjects.teacher, subjects.room 
                           FROM timetable 
                           LEFT JOIN subjects ON timetable.subject_id = subjects.id 
                           WHERE class_id=$class_id AND day='$d' AND hour=$hnum");
        if($q->num_rows > 0):
          // FIX: Stessa logica corretta anche per mobile
          $entries = [];
          $subject = null;
          $room = null;
          while($row = $q->fetch_assoc()){
            if($subject === null) {
              $subject = $row['name'];
              $room = $row['room'];
            }
            $entries[] = $row['teacher'];
          }
          if(count($entries) > 1){
            $last = array_pop($entries);
            $teachers_list = implode(", ", $entries) . " e " . $last;
          } else {
            $teachers_list = $entries[0];
          }
      ?>
          <div class="lesson">
            <div class="hour"><?= strip_tags($hlabel) ?></div>
            <div class="subject"><?= htmlspecialchars($subject) ?></div>
            <div class="teacher"><?= htmlspecialchars($teachers_list) ?></div>
            <?php if(!empty($room)): ?><div class="room"><?= htmlspecialchars($room) ?></div><?php endif; ?>
          </div>
      <?php else: ?>
          <div class="lesson empty">
            <div class="hour"><?= strip_tags($hlabel) ?></div>
            <div class="subject">—</div>
          </div>
      <?php endif; ?>
      <?php endforeach; ?>
    </div>
  <?php endforeach; ?>
  </div>
 <p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
 </body>
 </html>
--- a/utils/generate_hash.php
+++ b/utils/generate_hash.php
@@ -1,9 +1,20 @@
 <?php
-// Hashed Password Generator
+/*
-// Copyright (C) 2025 EmmeV. All rights reserved.
+Orario Scuola, Copyright (C) 2025 EmmeV.
 // Usage: php generate_hash.php password_to_hash
 // Example: php generate_hash.php admin
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see https://www.gnu.org/licenses/.
 */
 if ($argc > 1) {
    $primoArgomento = $argv[1];
    $password = password_hash($primoArgomento, PASSWORD_DEFAULT);
Author	SHA1	Message	Date
theitaliandeveloper	a7a77ebe85	Finish compose and add license comments	2025-12-02 12:22:34 +01:00
Vichingo455	65d8c208bf	Variabili dentro il file compose e alcuni fix	2025-12-02 10:50:35 +01:00
Curry141	738811c0f3	Fix configs.	2025-11-24 18:47:37 +01:00
Curry141	94955a0a42	Get api endpoint from config, not from user input.	2025-11-24 18:34:35 +01:00
theitaliandeveloper	3595e0049e	Aggiornare il readme, cosa che dimentico sempre	2025-11-17 11:13:29 +01:00
theitaliandeveloper	9c2ea5b8ff	Login Keycloak solo per utenti autorizzati	2025-11-14 11:44:52 +01:00
Vichingo455	cf4cb2679b	Fix anche qui	2025-11-01 11:41:11 +01:00
Vichingo455	4881b824eb	Rimosso materia completa	2025-11-01 10:30:52 +01:00
Vichingo455	5053db033f	Nome della materia corto	2025-11-01 10:24:01 +01:00
Curry141	59359d33d3	Piccolo fix + importatore da ITIS	2025-10-31 16:51:30 +01:00
Curry141	54e3818ce6	Fix ore da mobile	2025-10-30 18:24:50 +01:00
Vichingo455	56503f618d	Readme change	2025-10-30 17:42:43 +01:00
Vichingo455	f4122ca342	Fixiamo del codice con del codice non testato	2025-10-30 17:00:17 +01:00
Vichingo455	bd3d23a8f8	Riproviamoci dai	2025-10-30 08:55:52 +01:00
Vichingo455	04497f56d1	Prova	2025-10-30 08:54:05 +01:00
Vichingo455	d998c39778	CSS Testing	2025-10-30 08:48:25 +01:00
Vichingo455	081348ef8d	CSS Testing	2025-10-30 08:46:01 +01:00
Vichingo455	dc159ea173	CSS Testing	2025-10-30 08:43:59 +01:00
Vichingo455	1adb7b3a26	CSS Testing	2025-10-30 08:41:44 +01:00
Vichingo455	79b4ec78f3	CSS Testing	2025-10-30 08:40:24 +01:00
Vichingo455	4f0caf1f52	CSS Testing	2025-10-30 08:38:20 +01:00
Vichingo455	e1be9c2b4e	Aula -> Laboratorio	2025-10-30 08:31:56 +01:00
Vichingo455	48092b7f75	Readme	2025-10-30 08:28:55 +01:00
Vichingo455	721cfc386d	I don't care about Google SSO	2025-10-30 08:26:16 +01:00
Curry141	70c7c0d6b9	Fixing untested code with more untested code Interamente fatto con Claude AI Pro, se ne vedranno delle belle...	2025-10-29 18:42:15 +01:00
Vichingo455	f561aa8de5	Update README.md	2025-10-10 11:04:56 +00:00
Vichingo455	f800f0ab7f	Merge pull request 'Se ce la mandano buona abbiamo un orario decente su telefono.' (#4 ) from daniele/orario:dev into dev Reviewed-on: #4	2025-10-04 17:46:39 +00:00
Curry141	9c9c26a470	Se ce la mandano buona abbiamo un orario decente su telefono.	2025-10-04 19:38:39 +02:00
Vichingo455	40da7d0d58	Rimosse schifezze varie	2025-10-03 17:23:01 +02:00
Vichingo455	0561902092	revert `f91019b884` revert Aggiornamento README.md	2025-10-03 15:19:13 +00:00
Vichingo455	8c8d32e0c8	sono impedito e mi dimentico del readme	2025-10-03 10:17:27 +02:00
Vichingo455	35ff83d1d0	Introduzione modalita' sviluppatore e vari change	2025-10-03 10:15:25 +02:00
Vichingo455	f91019b884	Aggiornamento README.md	2025-10-03 09:03:18 +02:00
Vichingo455	6b5b05199c	prova di integrazione SSO Google + riscrizionamento di alcune parti	2025-10-03 09:01:59 +02:00
Vichingo455	dc1d07c015	fix CSS	2025-10-02 12:01:42 +02:00
Vichingo455	d405a0e21c	troppe modifiche, non so cosa scrivere	2025-10-02 11:54:59 +02:00
Manuel Vichi	f68162b80b	some changes	2025-10-02 08:51:47 +00:00
Vichingo455	f98f5a3c07	changes, finishing later	2025-10-02 09:45:24 +02:00
Vichingo455	7249325faf	fixes	2025-10-02 09:23:38 +02:00
Vichingo455	b599691c2e	Manage users	2025-10-02 09:17:32 +02:00
Vichingo455	8a37f24b40	design fix	2025-10-01 17:10:20 +02:00
Vichingo455	725518ca8a	move error message	2025-10-01 17:09:19 +02:00
Vichingo455	cbf6ef27a2	design fix and add back to link	2025-10-01 17:07:54 +02:00
Vichingo455	9c936ed3be	how fucking much can I be dumb??	2025-10-01 16:59:18 +02:00
Vichingo455	c3f8b52990	fucking readme	2025-10-01 16:57:57 +02:00
Vichingo455	4de8528da2	fix	2025-10-01 16:57:39 +02:00
Vichingo455	0265af9dd2	Change password feature (maybe)	2025-10-01 16:55:28 +02:00
Vichingo455	e8079c2ce7	fix	2025-10-01 16:33:26 +02:00
Vichingo455	fb72f23544	Readme	2025-10-01 15:50:13 +02:00
Vichingo455	ddfa3d6dd8	Docker	2025-10-01 15:49:06 +02:00
Vichingo455	c619b748fa	Docker image integration (beta)	2025-10-01 15:42:34 +02:00
Vichingo455	906beaaa4b	Integrated auth by default	2025-10-01 15:15:28 +02:00
Vichingo455	86826c86bb	Merge pull request 'Fixing mobile view and improving some menus.' (#3 ) from daniele/orario:dev into dev Reviewed-on: #3	2025-09-27 16:10:38 +00:00
Curry141	79a4823726	Fixing mobile view and improving some menus.	2025-09-27 18:06:46 +02:00
Vichingo455	459663e069	Update README.md	2025-09-22 08:50:14 +00:00
Vichingo455	ccbb9806f5	Testo del copyright	2025-09-11 10:30:21 +02:00
Vichingo455	07b197c89a	Link al codice sorgente	2025-09-11 10:21:10 +02:00
Vichingo455	fff1e6cddf	altra piccola modifica	2025-09-11 09:58:22 +02:00
Vichingo455	9c044b051c	Piccola modifica	2025-09-11 09:29:59 +02:00
		`@@ -0,0 +1 @@`
							`These files are used by docker compose builder to create a working image in one command.`