emmev-code/orario
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: emmev-code:ecbcfe953a66620cb8dc9910f603ad7606a0a1c8
Branches Tags
emmev-code:stable emmev-code:dev
..
compare: emmev-code:e3704358015bffdcf010288594add8d9ab62e1e7
Branches Tags
emmev-code:stable emmev-code:dev

2 Commits
ecbcfe953a ... e370435801

Author SHA1 Message Date
Vichingo455
e370435801 Orario v2.0 2025-11-01 11:01:11 +01:00
Vichingo455
1453a8028e empty repo first 2025-11-01 11:00:07 +01:00
26 changed files with 1622 additions and 699 deletions
Expand all files Collapse all files

98
README.md
View File

@@ -26,7 +26,7 @@ sudo apt install -y composer php-cli curl php-mysql php-curl php-mbstring php-xm
3. **Installa le dipendenze del pannello d'amministrazione**
- Debian:
```bash
cd /var/www/orario/admin
cd /var/www/html/admin
composer install
```
- Windows (con XAMPP):
@@ -37,41 +37,95 @@ composer install
4. **(opzionale) Genera una password hashata**
- Debian
```bash
cd /var/www/orario/utils
cd orario/utils
php generate_hash.php <password>
```
- Windows:
```batch
cd C:\xampp\htdocs\utils
cd orario\utils
C:\xampp\php\php.exe generate_hash.php <password>
```
- Modifica quindi questa linea nel file ``schema.sql``, sostituendo l'hash predefinito con quello generato prima:
```sql
VALUES ('admin', '$2y$10$IS9v8CJNJnRXslV1NWDSquAjJ0GgU1sm6spBmGp6mjTLiNApfGcQi');
VALUES ('admin', '$2y$10$IS9v8CJNJnRXslV1NWDSquAjJ0GgU1sm6spBmGp6mjTLiNApfGcQi');
```
5. **Importa il file ``schema.sql`` nel tuo database MySQL**
6. **Modifica il file ``db.php`` cambiando l'host, il nome utente e la password (necessari per la connessione al database MySQL)**
- Esempio:
```php
$host = "localhost";
$user = "utente";
$pass = "password123";
- Esempio Debian:
```bash
mysql -u root -p < orario/schema.sql
```
7. **Modifica ``admin/login.php`` e ``admin/logout.php`` con i dati di un'istanza keycloak. In caso tu voglia usare l'autenticazione via nome utente e password (e non keycloak), cancella quei due file e rinomina ``admin/login.php.backup`` in ``login.php`` e ``admin/logout.php.backup`` in ``logout.php``**
- Esempio (``login.php`` con keycloak):
6. **Modifica il file ``config/config.php`` inserendo i valori richiesti**
- Esempio file ``config/config.php``:
```php
$oidc = new OpenIDConnectClient(
'https://keycloak.local/realms/master/',
'orario', // Client ID Keycloak
'abcdefghijklmnop' // Client secret Keycloak
);
$oidc->setRedirectURL('https://orario.local/admin/login.php'); // orario.local è il dominio base di questa piattaforma
<?php
// Impostazioni Database
if (!defined('DB_HOST')) {
define('DB_HOST', 'localhost'); // Host del database (ad esempio localhost)
}
if (!defined('DB_USER')) {
define('DB_USER', 'orario'); // Utente del database (ad esempio orario)
}
if (!defined('DB_PASS')) {
define('DB_PASS', 'orario'); // Password dell'utente specificato prima (ad esempio password123)
}
if (!defined('DB_NAME')) {
define('DB_NAME', 'school_timetable'); // Nome del database, non modificare se non sai cosa stai facendo.
}
// Impostazioni sito generali
if (!defined('APP_NAME')) {
define('APP_NAME', 'Orario Scuola'); // Nome del sito
}
if (!defined('YEAR')) {
define('YEAR', '2025/26'); // Anno Scolastico Corrente
}
if (!defined('DEV_MODE')) {
define('DEV_MODE', false); // Modalita' di sviluppo: abilita messaggi di debug aggiuntivi. Imposta su false se sei in produzione
}
// Impostazioni autenticazione dashboard amministrativa
if (!defined('AUTH_TYPE')) {
define('AUTH_TYPE','local'); // Può essere local (integrata), keycloak
}
if (!defined('APP_DOMAIN')) {
define('APP_DOMAIN',''); // Dominio del sito (ad esempio orario.yourdomain.com), richiesto per autenticazioni non local
}
// Impostazioni autenticazione via Keycloak (richiesto solo se AUTH_TYPE sta impostato su keycloak)
if (AUTH_TYPE === 'keycloak') {
if (!defined('KEYCLOAK_DOMAIN')) {
define('KEYCLOAK_DOMAIN',''); // Dominio di Keycloak (ad esempio auth.yourdomain.com)
}
if (!defined('KEYCLOAK_REALM')) {
define('KEYCLOAK_REALM',''); // Realm di Keycloak (ad esempio master)
}
if (!defined('KEYCLOAK_CLIENT_ID')) {
define('KEYCLOAK_CLIENT_ID',''); // Client ID per Keycloak (ad esempio orario)
}
if (!defined('KEYCLOAK_CLIENT_SECRET')) {
define('KEYCLOAK_CLIENT_SECRET',''); // Client Secret per Keycloak (ad esempio abcdefghijklm)
}
}
?>
```
- Esempio (``logout.php`` con keycloak):
```php
header('Location: https://keycloak.local/realms/master/protocol/openid-connect/logout?post_logout_redirect_uri=https://orario.local&client_id=orario');
7. **Apri ``http://localhost`` e goditi il sito**
## Installazione con Docker
1. Installa Curl, Git e Docker
```bash
apt install curl git
curl -fsSL https://get.docker.com | bash
```
8. **Apri ``http://localhost`` e goditi il sito**
2. Compila e crea il container:
```bash
git clone https://git.vichingo455.freeddns.org/emmev-code/orario
cd orario
git checkout dev # richiesto per passare alla versione di sviluppo
docker compose up -d --build
```
3. Il container dovrebbe diventare disponibile su ``http://localhost:8080``
### Per utenti Docker avanzati
Se sei un utente Docker avanzato e vuoi personalizzare puoi modificare la configurazione di docker nei file ``docker/php/config.php``, ``docker-compose.yml`` e ``Dockerfile`` per adattare tutto al tuo ambiente.
Per la maggior parte degli utenti consigliamo di usare la configurazione per Docker predefinita.
## Segnalare un problema
Per segnalare un problema puoi usare [Bugzilla](https://bugs.vichingo455.freeddns.org/describecomponents.cgi?product=Orario%20Scuola). Clicca [qui](https://bugs.vichingo455.freeddns.org/describecomponents.cgi?product=Orario%20Scuola) per andare a Bugzilla.

23
docker-compose.yml Normal file
View File

@@ -0,0 +1,23 @@
services:
web:
build: .
container_name: orario-web
ports:
- "8080:80"
depends_on:
- db
restart: unless-stopped
db:
image: mariadb:11
container_name: orario-db
restart: unless-stopped
environment:
MYSQL_ROOT_PASSWORD: P@ssw0rd
MYSQL_DATABASE: school_timetable
MYSQL_USER: orario
MYSQL_PASSWORD: orario
volumes:
- db_data:/var/lib/mysql
- ./schema.sql:/docker-entrypoint-initdb.d/init.sql:ro
volumes:
db_data:

47
docker/php/config.php Normal file
View File

@@ -0,0 +1,47 @@
<?php
// Impostazioni Database
if (!defined('DB_HOST')) {
define('DB_HOST', 'db');
}
if (!defined('DB_USER')) {
define('DB_USER', 'orario');
}
if (!defined('DB_PASS')) {
define('DB_PASS', 'orario');
}
if (!defined('DB_NAME')) {
define('DB_NAME', 'school_timetable');
}
// Impostazioni sito generali
if (!defined('APP_NAME')) {
define('APP_NAME', 'Orario Scuola');
}
if (!defined('YEAR')) {
define('YEAR', '2025/26');
}
if (!defined('DEV_MODE')) {
define('DEV_MODE', false); // Modalita' di sviluppo
}
// Impostazioni autenticazione dashboard amministrativa
if (!defined('AUTH_TYPE')) {
define('AUTH_TYPE','local'); // Può essere local (integrata), keycloak, google
}
if (!defined('APP_DOMAIN')) {
define('APP_DOMAIN',''); // Dominio del sito (ad esempio orario.yourdomain.com), richiesto per autenticazioni non local
}
// Impostazioni autenticazione via Keycloak (richiesto solo se AUTH_TYPE sta impostato su keycloak)
if (AUTH_TYPE === 'keycloak') {
if (!defined('KEYCLOAK_DOMAIN')) {
define('KEYCLOAK_DOMAIN',''); // Dominio di Keycloak (ad esempio auth.yourdomain.com)
}
if (!defined('KEYCLOAK_REALM')) {
define('KEYCLOAK_REALM',''); // Realm di Keycloak (ad esempio master)
}
if (!defined('KEYCLOAK_CLIENT_ID')) {
define('KEYCLOAK_CLIENT_ID',''); // Client ID per Keycloak (ad esempio orario)
}
if (!defined('KEYCLOAK_CLIENT_SECRET')) {
define('KEYCLOAK_CLIENT_SECRET',''); // Client Secret per Keycloak (ad esempio abcdefghijklm)
}
}
?>

1
docker/readme.txt Normal file
View File

@@ -0,0 +1 @@
These files are used by docker compose builder to create a working image in one command.

4
htdocs/admin/classes.php
View File

@@ -1,7 +1,7 @@
<?php
session_start();
if (!isset($_SESSION['admin'])) { header("Location: login.php"); exit; }
include("../db.php");
include("../lib/db.php");
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['name'])) {
$name = $_POST['name'];
@@ -49,7 +49,7 @@ if (isset($_GET['delete'])) {
echo "<tr>
<td>{$row['id']}</td>
<td>{$row['name']}</td>
<td><a href='classes.php?delete={$row['id']}' class='delete-link'>Elimina</a></td>
<td><a href='classes.php?delete={$row['id']}' class='delete-link' onclick='return confirm(\"Sei sicuro di voler eliminare questa classe?\")'>Elimina</a></td>
</tr>";
}
?>

333
htdocs/admin/importer.php Normal file
View File

@@ -0,0 +1,333 @@
<?php
session_start();
if (!isset($_SESSION['admin'])) { header("Location: login.php"); exit; }
include("../lib/db.php");
$message = "";
$messageType = "";
// Gestione importazione
if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST['import'])) {
$classe_codice = trim($_POST['classe_codice']);
$classe_id = intval($_POST['classe_id']);
$api_url = trim($_POST['api_url']);
if (empty($classe_codice) || $classe_id === 0) {
$message = "Compila tutti i campi obbligatori.";
$messageType = "error";
} else {
try {
// Chiama l'API Node.js
$url = $api_url . "?classe=" . urlencode($classe_codice);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($httpCode !== 200) {
throw new Exception("Errore nella chiamata API (HTTP $httpCode)");
}
$data = json_decode($response, true);
if (!$data || !isset($data['giorni'])) {
throw new Exception("Formato JSON non valido");
}
// Cancella l'orario esistente per questa classe
$stmt = $conn->prepare("DELETE FROM timetable WHERE class_id = ?");
$stmt->bind_param("i", $classe_id);
$stmt->execute();
$stmt->close();
$inserimenti = 0;
$materie_create = [];
// Processa ogni giorno
foreach ($data['giorni'] as $giorno => $ore) {
foreach ($ore as $oraData) {
// Salta ore vuote
if ($oraData['materia'] === null) {
continue;
}
$ora = $oraData['ora'];
$materia = $oraData['materia'];
$docenti = $oraData['docenti'];
$laboratori = $oraData['laboratori']; // Ora è un array
// Se non ci sono docenti, salta (situazione anomala)
if (count($docenti) === 0) {
continue;
}
// Caso 1: Stesso numero di docenti e laboratori → associazione 1:1
if (count($docenti) === count($laboratori) && count($laboratori) > 0) {
foreach ($docenti as $idx => $docente) {
$laboratorio = $laboratori[$idx];
// Cerca/crea materia
$stmt = $conn->prepare("SELECT id FROM subjects WHERE name = ? AND teacher = ? AND room = ?");
$stmt->bind_param("sss", $materia, $docente, $laboratorio);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows > 0) {
$subject_id = $result->fetch_assoc()['id'];
} else {
$stmt2 = $conn->prepare("INSERT INTO subjects (name, teacher, room) VALUES (?, ?, ?)");
$stmt2->bind_param("sss", $materia, $docente, $laboratorio);
$stmt2->execute();
$subject_id = $conn->insert_id;
$stmt2->close();
$materie_create[] = "$materia ($docente - $laboratorio)";
}
$stmt->close();
// Inserisci in timetable
$stmt3 = $conn->prepare("INSERT INTO timetable (class_id, day, hour, subject_id) VALUES (?, ?, ?, ?)");
$stmt3->bind_param("isii", $classe_id, $giorno, $ora, $subject_id);
$stmt3->execute();
$stmt3->close();
$inserimenti++;
}
}
// Caso 2: Più docenti, un laboratorio (o nessuno) → stesso laboratorio per tutti
else if (count($laboratori) <= 1) {
$laboratorio = count($laboratori) > 0 ? $laboratori[0] : null;
foreach ($docenti as $docente) {
// Cerca/crea materia
if ($laboratorio) {
$stmt = $conn->prepare("SELECT id FROM subjects WHERE name = ? AND teacher = ? AND room = ?");
$stmt->bind_param("sss", $materia, $docente, $laboratorio);
} else {
$stmt = $conn->prepare("SELECT id FROM subjects WHERE name = ? AND teacher = ? AND (room IS NULL OR room = '')");
$stmt->bind_param("ss", $materia, $docente);
}
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows > 0) {
$subject_id = $result->fetch_assoc()['id'];
} else {
$stmt2 = $conn->prepare("INSERT INTO subjects (name, teacher, room) VALUES (?, ?, ?)");
$stmt2->bind_param("sss", $materia, $docente, $laboratorio);
$stmt2->execute();
$subject_id = $conn->insert_id;
$stmt2->close();
$materie_create[] = "$materia ($docente" . ($laboratorio ? " - $laboratorio" : "") . ")";
}
$stmt->close();
// Inserisci in timetable
$stmt3 = $conn->prepare("INSERT INTO timetable (class_id, day, hour, subject_id) VALUES (?, ?, ?, ?)");
$stmt3->bind_param("isii", $classe_id, $giorno, $ora, $subject_id);
$stmt3->execute();
$stmt3->close();
$inserimenti++;
}
}
// Caso 3: Più laboratori che docenti → usa il primo laboratorio per tutti
else {
$laboratorio = $laboratori[0];
foreach ($docenti as $docente) {
$stmt = $conn->prepare("SELECT id FROM subjects WHERE name = ? AND teacher = ? AND room = ?");
$stmt->bind_param("sss", $materia, $docente, $laboratorio);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows > 0) {
$subject_id = $result->fetch_assoc()['id'];
} else {
$stmt2 = $conn->prepare("INSERT INTO subjects (name, teacher, room) VALUES (?, ?, ?)");
$stmt2->bind_param("sss", $materia, $docente, $laboratorio);
$stmt2->execute();
$subject_id = $conn->insert_id;
$stmt2->close();
$materie_create[] = "$materia ($docente - $laboratorio)";
}
$stmt->close();
$stmt3 = $conn->prepare("INSERT INTO timetable (class_id, day, hour, subject_id) VALUES (?, ?, ?, ?)");
$stmt3->bind_param("isii", $classe_id, $giorno, $ora, $subject_id);
$stmt3->execute();
$stmt3->close();
$inserimenti++;
}
}
}
}
$message = "Importazione completata con successo!<br>";
$message .= "- Inserite $inserimenti ore di lezione<br>";
if (count($materie_create) > 0) {
$message .= "- Create " . count($materie_create) . " nuove materie";
}
$messageType = "success";
} catch (Exception $e) {
$message = "Errore durante l'importazione: " . htmlspecialchars($e->getMessage());
$messageType = "error";
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Importa Orario</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="style.css">
<style>
.import-form {
max-width: 600px;
margin: 20px auto;
padding: 20px;
background: #f9f9f9;
border-radius: 8px;
}
.form-group {
margin-bottom: 15px;
}
.form-group label {
display: block;
margin-bottom: 5px;
font-weight: bold;
}
.form-group input,
.form-group select {
width: 100%;
padding: 8px;
border: 1px solid #ccc;
border-radius: 4px;
box-sizing: border-box;
}
.form-group small {
display: block;
margin-top: 5px;
color: #666;
font-size: 0.9em;
}
.message {
padding: 15px;
margin: 20px 0;
border-radius: 5px;
}
.message.success {
background: #d4edda;
color: #155724;
border: 1px solid #c3e6cb;
}
.message.error {
background: #f8d7da;
color: #721c24;
border: 1px solid #f5c6cb;
}
.warning-box {
background: #fff3cd;
border: 1px solid #ffc107;
padding: 15px;
margin: 20px 0;
border-radius: 5px;
}
.warning-box strong {
color: #856404;
}
</style>
</head>
<body>
<div class="navbar">
<div class="logo">Admin Dashboard</div>
<div class="links">
<a href="index.php">Dashboard</a>
<a href="logout.php">Logout</a>
</div>
</div>
<div class="admin-container">
<h1>Importa Orario da Sistema Esterno</h1>
<a href="index.php" class="back-link">⬅ Torna al Dashboard</a>
<?php if ($message): ?>
<div class="message <?php echo $messageType; ?>">
<?php echo $message; ?>
</div>
<?php endif; ?>
<div class="warning-box">
<strong>Attenzione:</strong> L'importazione cancellerà l'orario esistente della classe selezionata
e lo sostituirà con i dati importati dal sistema esterno.
Verranno create automaticamente le materie mancanti.
</div>
<div class="import-form">
<h2>Configura Importazione</h2>
<form method="POST">
<div class="form-group">
<label for="classe_id">Classe di destinazione *</label>
<select name="classe_id" id="classe_id" required>
<option value="">-- Seleziona classe --</option>
<?php
$res = $conn->query("SELECT * FROM classes ORDER BY name ASC");
while ($row = $res->fetch_assoc()) {
echo "<option value='{$row['id']}'>{$row['name']}</option>";
}
?>
</select>
<small>Classe nel tuo database dove importare l'orario</small>
</div>
<div class="form-group">
<label for="classe_codice">Codice classe sorgente *</label>
<input type="text" name="classe_codice" id="classe_codice"
placeholder="es: 1A, 2B, 3BIN..." required>
<small>Codice della classe nel sistema esterno</small>
</div>
<div class="form-group">
<label for="api_url">URL API Node.js</label>
<input type="text" name="api_url" id="api_url"
value="http://localhost:3006/classe" required>
<small>Endpoint dell'API Node.js per lo scraping</small>
</div>
<button type="submit" name="import" style="width: 100%; padding: 12px; font-size: 16px;">
🔄 Importa Orario
</button>
</form>
</div>
<div class="admin-container" style="margin-top: 30px;">
<h3>Come funziona l'importazione</h3>
<ol>
<li>Assicurati che il server Node.js sia avviato (<code>node server.js</code>)</li>
<li>Seleziona la classe di destinazione nel tuo database</li>
<li>Inserisci il codice della classe nel sistema esterno (es: 3BIN, 1A, 5AINF)</li>
<li>Clicca su "Importa Orario"</li>
<li>Il sistema cancellerà l'orario esistente e importerà i nuovi dati</li>
</ol>
<h3>Gestione casi speciali</h3>
<ul>
<li><strong>Più docenti, più laboratori</strong>: Associazione 1:1 (docente1→lab1, docente2→lab2)</li>
<li><strong>Più docenti, un laboratorio</strong>: Stesso laboratorio per tutti i docenti</li>
<li><strong>Più docenti, nessun laboratorio</strong>: Nessun laboratorio per tutti</li>
<li><strong>Un docente, più laboratori</strong>: Viene usato il primo laboratorio</li>
</ul>
</div>
<p style="text-align: center; margin-top: 30px;">
Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.
</p>
</div>
</body>
</html>

16
htdocs/admin/index.php
View File

@@ -1,4 +1,5 @@
<?php
include_once __DIR__ . '/../config/config.php';
session_start();
if (!isset($_SESSION['admin'])) {
header("Location: login.php");
@@ -24,12 +25,22 @@ if (!isset($_SESSION['admin'])) {
<!-- Contenuto Dashboard -->
<div class="dashboard">
<h1>Benvenuto, <?php echo $_SESSION['admin']; ?>!</h1>
<h1>Benvenuto, <?php echo htmlspecialchars($_SESSION['admin']); ?>!</h1>
<p>
<a href="classes.php">Gestisci Classi</a>
<a href="subjects.php">Gestisci Materie</a>
<a href="timetable.php">Gestisci Orario</a>
<!--<a href="logout.php">Logout</a>-->
<a href="importer.php" style="background: #28a745;">🔄 Importa Orario</a>
<?php
if ($_SESSION['auth_type'] === 'local') {
echo '<a href="password.php">Cambia Password</a>';
}
?>
<?php
if ($_SESSION['auth_type'] === 'local' && $_SESSION['admin'] === 'admin') {
echo '<a href="users.php">Gestisci Amministratori</a>';
}
?>
</p>
<p>
Nota: Questa pagina si vede meglio da computer desktop. Se sei da computer, puoi ignorare questo messaggio.
@@ -38,4 +49,3 @@ if (!isset($_SESSION['admin'])) {
</div>
</body>
</html>

126
htdocs/admin/login.php
View File

@@ -1,18 +1,116 @@
<?php
require 'vendor/autoload.php';
use Jumbojett\OpenIDConnectClient;
require 'vendor/autoload.php';
session_start();
// Configura il client Keycloak
$oidc = new OpenIDConnectClient(
'https://<KEYCLOAK_URL>/realms/<REALM>/',
'<CLIENT_ID>',
'<CLIENT_SECRET>'
);
// Redirect post-login
$oidc->setRedirectURL('https://<APP_DOMAIN>/admin/login.php');
include("../lib/db.php");
if (isset($_SESSION['admin'])) { header("Location: index.php"); exit; }
if ($_SERVER["REQUEST_METHOD"] == "POST" && AUTH_TYPE == 'local') {
try {
$username = $_POST['username'];
$password = $_POST['password'];
$stmt = $conn->prepare("SELECT * FROM admin WHERE username = ?");
$stmt->bind_param("s", $username);
$stmt->execute();
$res = $stmt->get_result();
if ($row = $res->fetch_assoc()) {
if (password_verify($password, $row['password'])) {
$_SESSION['admin'] = $row['username'];
$_SESSION['auth_type'] = 'local';
header("Location: index.php");
exit;
}
}
$error = "Credenziali non valide";
} catch (Exception $e) {
$error = "Errore durante l'autenticazione. Potrebbe essere un problema con PHP oppure col database. Ulteriori dettagli: " . $e;
}
}
if (AUTH_TYPE == 'local') {
echo <<<HTML
<!DOCTYPE html>
<html>
<head>
<title>Login Admin</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="style.css">
</head>
<body>
$oidc->authenticate();
$userinfo = $oidc->getVerifiedClaims();
$_SESSION['admin'] = $userinfo->preferred_username;
header("Location: index.php");
exit;
<div class="navbar">
<div class="logo">Admin Dashboard</div>
<div class="links">
<a href="/">Torna al sito</a>
</div>
</div>
<!-- Container login -->
<div class="login-container">
<h1>Login Admin</h1>
<form method="post">
<input type="text" name="username" placeholder="Username" required><br>
<input type="password" name="password" placeholder="Password" required><br>
<button type="submit">Login</button>
</form>
HTML;
if(isset($error)) echo "<br><div class='error'>$error</div>";
echo <<<HTML
</div>
<p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
</body>
</html>
HTML;
}
else if (AUTH_TYPE === 'keycloak') {
try {
// Configura il client Keycloak
$oidc = new OpenIDConnectClient(
'https://' + KEYCLOAK_DOMAIN + '/realms/' + KEYCLOAK_REALM + '/',
KEYCLOAK_CLIENT_ID,
KEYCLOAK_CLIENT_SECRET
);
// Redirect post-login
$oidc->setRedirectURL('https://' + APP_DOMAIN + '/admin/login.php');
$oidc->authenticate();
$userinfo = $oidc->getVerifiedClaims();
$_SESSION['admin'] = $userinfo->preferred_username;
$_SESSION['auth_type'] = 'keycloak';
header("Location: index.php");
exit;
} catch (Exception $e) {
http_response_code(500);
echo <<<HTML
<!DOCTYPE html>
<html>
<head>
<title>Login Admin</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="style.css">
</head>
<body>
<div class="navbar">
<div class="logo">Admin Dashboard</div>
<div class="links">
<a href="/">Torna al sito</a>
</div>
</div>
<!-- Container login -->
<div class="login-container">
<h1>Login Admin</h1>
HTML;
if (DEV_MODE) {
echo "<br><div class='error'>Errore durante l'autenticazione con Keycloak. Assicurati di avere impostato i vari parametri correttamente. Ulteriori dettagli: " . $e . "</div>";
} else {
echo "<br><div class='error'>Errore durante l'autenticazione con Keycloak. Contatta l'amministratore del sito.</div>";
}
echo <<<HTML
</div>
<p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
</body>
</html>
HTML;
exit;
}
}
?>

50
htdocs/admin/login.php.backup
View File

@@ -1,50 +0,0 @@
<?php
session_start();
include("../db.php");
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$username = $_POST['username'];
$password = $_POST['password'];
$stmt = $conn->prepare("SELECT * FROM admin WHERE username = ?");
$stmt->bind_param("s", $username);
$stmt->execute();
$res = $stmt->get_result();
if ($row = $res->fetch_assoc()) {
if (password_verify($password, $row['password'])) {
$_SESSION['admin'] = $row['username'];
header("Location: index.php");
exit;
}
}
$error = "Credenziali non valide";
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Login Admin</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="style.css">
</head>
<body>
<div class="navbar">
<div class="logo">Admin Dashboard</div>
<div class="links">
<a href="/">Torna al sito</a>
</div>
</div>
<!-- Container login -->
<div class="login-container">
<h1>Login Admin</h1>
<?php if(isset($error)) echo "<div class='error'>$error</div>"; ?>
<form method="post">
<input type="text" name="username" placeholder="Username" required><br>
<input type="password" name="password" placeholder="Password" required><br>
<button type="submit">Login</button>
</form>
</div>
<p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
</body>
</html>

8
htdocs/admin/logout.php
View File

@@ -1,5 +1,9 @@
<?php
include("../config/config.php");
session_start();
session_destroy();
header('Location: https://<KEYCLOAK_URL>/realms/<REALM>/protocol/openid-connect/logout?post_logout_redirect_uri=https://<APP_DOMAIN>&client_id=<CLIENT_ID>');
exit;
if (AUTH_TYPE === 'local')
header("Location: /index.php");
else if (AUTH_TYPE === 'keycloak')
header('Location: https://' + KEYCLOAK_DOMAIN + '/realms/' + KEYCLOAK_REALM + '/protocol/openid-connect/logout?post_logout_redirect_uri=https://' + APP_DOMAIN + '&client_id=' + KEYCLOAK_CLIENT_ID);
?>

5
htdocs/admin/logout.php.backup
View File

@@ -1,5 +0,0 @@
<?php
session_start();
session_destroy();
header("Location: /index.php");
?>

82
htdocs/admin/password.php Normal file
View File

@@ -0,0 +1,82 @@
<?php
session_start();
include("../lib/db.php");
if (!isset($_SESSION['admin']) || $_SESSION['auth_type'] != 'local') {
header("Location: login.php");
exit;
}
$message = '';
if ($_SERVER["REQUEST_METHOD"] === "POST") {
$old = $_POST['old_password'];
$new = $_POST['new_password'];
$confirm = $_POST['confirm_password'];
$user = $_SESSION['admin'];
if ($new !== $confirm) {
$message = "Le nuove password non coincidono.";
} else {
// Recupera hash password attuale
$stmt = $conn->prepare("SELECT password FROM admin WHERE username = ?");
$stmt->bind_param("s", $user);
$stmt->execute();
$res = $stmt->get_result();
$row = $res->fetch_assoc();
if ($row && password_verify($old, $row['password'])) {
$newHash = password_hash($new, PASSWORD_DEFAULT);
$stmt = $conn->prepare("UPDATE admin SET password = ? WHERE username = ?");
$stmt->bind_param("ss", $newHash, $user);
$stmt->execute();
$message = "Password cambiata con successo.";
} else {
$message = "Password attuale errata.";
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Cambia Password</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="style.css">
</head>
<body>
<div class="navbar">
<div class="logo">Admin Dashboard</div>
<div class="links">
<a href="index.php">Dashboard</a>
<a href="logout.php">Logout</a>
</div>
</div>
<div class="admin-container">
<h1>Cambia Password</h1>
<a href="index.php" class="back-link">⬅ Torna al Dashboard</a>
<form method="POST">
<label>Password attuale:<br>
<input type="password" name="old_password" required>
</label><br><br>
<label>Nuova password:<br>
<input type="password" name="new_password" required>
</label><br><br>
<label>Conferma nuova password:<br>
<input type="password" name="confirm_password" required>
</label><br><br>
<button type="submit">Cambia password</button>
</form>
<?php if ($message): ?>
<p style="color:<?php echo strpos($message,'successo')!==false ? 'green':'red'; ?>;"><?php echo $message; ?></p>
<?php endif; ?>
</div>
</body>
</html>

466
htdocs/admin/style.css
View File

@@ -1,4 +1,4 @@
/* Body e font */
/* ===== BASE ===== */
body {
font-family: Arial, sans-serif;
background-color: #f0f2f5;
@@ -7,7 +7,7 @@ body {
padding: 20px;
}
/* Navbar */
/* ===== NAVBAR ===== */
.navbar {
background-color: #2c3e50;
padding: 10px 20px;
@@ -20,6 +20,15 @@ body {
box-shadow: 0 2px 5px rgba(0,0,0,0.1);
}
.navbar.text-center {
justify-content: center;
}
.navbar .logo {
font-size: 1.3em;
font-weight: bold;
}
.navbar a {
color: #fff;
text-decoration: none;
@@ -32,27 +41,38 @@ body {
color: #f39c12;
}
.navbar .logo {
font-size: 1.3em;
font-weight: bold;
}
/* Dashboard container */
.dashboard {
/* ===== CONTAINERS ===== */
.dashboard,
.admin-container,
.login-container {
max-width: 800px;
margin: 0 auto;
text-align: center;
background: #fff;
padding: 30px;
border-radius: 10px;
box-shadow: 0 2px 10px rgba(0,0,0,0.1);
}
.dashboard h1 {
margin-bottom: 20px;
color: #2c3e50;
.login-container {
max-width: 400px;
margin: 80px auto;
text-align: center;
}
.dashboard {
text-align: center;
}
/* ===== HEADINGS ===== */
.dashboard h1,
.admin-container h1,
.login-container h1 {
margin-bottom: 20px;
color: #2c3e50;
text-align: center;
}
/* ===== LINKS ===== */
.dashboard a {
display: inline-block;
margin: 10px;
@@ -66,26 +86,8 @@ body {
.dashboard a:hover {
background-color: #f39c12;
color: #fff;
}
/* Container principale */
.admin-container {
max-width: 800px;
margin: 0 auto;
background: #fff;
padding: 30px;
border-radius: 10px;
box-shadow: 0 2px 10px rgba(0,0,0,0.1);
}
/* Titolo */
.admin-container h1 {
text-align: center;
color: #2c3e50;
margin-bottom: 20px;
}
/* Link ritorno */
.admin-container a.back-link {
display: inline-block;
margin-bottom: 15px;
@@ -98,54 +100,6 @@ body {
color: #f39c12;
}
/* Form aggiungi classe */
.admin-container form {
margin-bottom: 20px;
text-align: center;
}
.admin-container input[type="text"] {
padding: 8px 12px;
border: 1px solid #ccc;
border-radius: 6px;
width: 200px;
margin-right: 10px;
}
.admin-container button {
padding: 8px 15px;
border: none;
background-color: #1f618d;
color: #fff;
border-radius: 6px;
cursor: pointer;
transition: background-color 0.2s;
}
.admin-container button:hover {
background-color: #f39c12;
}
/* Tabella */
.admin-container table {
width: 100%;
border-collapse: collapse;
}
.admin-container th, .admin-container td {
border: 1px solid #ccc;
padding: 10px;
text-align: center;
}
.admin-container th {
background-color: #eee;
}
.admin-container tr:hover td {
background-color: #f7f7f7;
}
.admin-container a.delete-link {
color: #e74c3c;
font-weight: bold;
@@ -156,125 +110,34 @@ body {
.admin-container a.delete-link:hover {
color: #c0392b;
}
/* Login container */
.login-container {
max-width: 400px;
margin: 80px auto;
background: #fff;
padding: 30px;
border-radius: 10px;
box-shadow: 0 2px 10px rgba(0,0,0,0.1);
text-align: center;
}
/* Titolo */
.login-container h1 {
margin-bottom: 20px;
color: #2c3e50;
}
/* Input */
.login-container input[type="text"],
.login-container input[type="password"] {
width: 90%;
padding: 10px;
margin: 10px 0;
border-radius: 6px;
border: 1px solid #ccc;
font-size: 1em;
}
/* Pulsante */
.login-container button {
padding: 10px 20px;
background-color: #1f618d;
color: #fff;
border: none;
border-radius: 6px;
cursor: pointer;
transition: background-color 0.2s;
font-size: 1em;
}
.login-container button:hover {
background-color: #f39c12;
color: #fff;
}
/* Messaggio errore */
.login-container .error {
color: #e74c3c;
font-weight: bold;
margin-bottom: 10px;
}
/* Navbar minima per login */
.navbar {
background-color: #2c3e50;
padding: 10px 20px;
color: #fff;
text-align: center;
border-radius: 0 0 10px 10px;
margin-bottom: 30px;
}
/* Riutilizziamo .admin-container, h1, navbar già definiti */
/* Form Gestione Materie */
.admin-container form input[type="text"] {
padding: 8px 12px;
border: 1px solid #ccc;
border-radius: 6px;
margin: 5px;
width: 200px;
}
.admin-container form button {
padding: 8px 20px;
background-color: #1f618d;
color: #fff;
border: none;
border-radius: 6px;
cursor: pointer;
transition: background-color 0.2s;
}
.admin-container form button:hover {
background-color: #f39c12;
color: #fff;
}
/* Tabella Materie */
.admin-container table {
width: 100%;
border-collapse: collapse;
margin-top: 15px;
}
.admin-container th, .admin-container td {
border: 1px solid #ccc;
padding: 10px;
text-align: center;
}
.admin-container th {
background-color: #eee;
}
.admin-container tr:hover td {
background-color: #f7f7f7;
}
.admin-container a.delete-link {
color: #e74c3c;
.admin-container a.edit-link {
color: #4d5cdb;
font-weight: bold;
text-decoration: none;
transition: color 0.2s;
}
.admin-container a.delete-link:hover {
color: #c0392b;
.admin-container a.edit-link:hover {
color: #3a2bc0;
}
/* Form gestione orario */
.admin-container form a.cancel-edit {
display: inline-block;
margin: 10px;
padding: 12px 25px;
background-color: #1f618d;
color: #fff;
text-decoration: none;
border-radius: 8px;
transition: background-color 0.2s;
}
.admin-container form a.cancel-edit:hover {
background-color: #f39c12;
}
/* ===== FORMS ===== */
.admin-container form {
display: flex;
flex-wrap: wrap;
@@ -283,6 +146,28 @@ body {
margin-bottom: 20px;
}
.admin-container input[type="text"],
.admin-container input[type="password"],
.login-container input[type="text"],
.login-container input[type="password"] {
padding: 10px 12px;
border: 1px solid #ccc;
border-radius: 6px;
font-size: 1em;
}
.admin-container input[type="text"],
.admin-container input[type="password"] {
width: 200px;
margin: 5px;
}
.login-container input[type="text"],
.login-container input[type="password"] {
width: 90%;
margin: 10px 0;
}
.admin-container form select {
padding: 8px 12px;
border-radius: 6px;
@@ -290,45 +175,74 @@ body {
min-width: 120px;
}
.admin-container form button {
padding: 8px 20px;
.admin-container button,
.login-container button {
padding: 10px 20px;
border: none;
background-color: #1f618d;
color: #fff;
border: none;
border-radius: 6px;
cursor: pointer;
transition: background-color 0.2s;
font-size: 1em;
}
.admin-container form button:hover {
.admin-container button:hover,
.login-container button:hover {
background-color: #f39c12;
color: #fff;
}
/* Titolo */
.admin-container h1 {
/* ===== TABLES ===== */
.table-container {
width: 100%;
overflow-x: auto;
}
.admin-container table,
.responsive-table {
width: 100%;
border-collapse: collapse;
margin-top: 15px;
}
.admin-container th,
.admin-container td,
.responsive-table th,
.responsive-table td {
border: 1px solid #ccc;
padding: 10px;
text-align: center;
color: #2c3e50;
margin-bottom: 20px;
}
/* Link ritorno */
.admin-container a.back-link {
display: inline-block;
margin-bottom: 15px;
text-decoration: none;
color: #1f618d;
.responsive-table th,
.responsive-table td {
text-align: left;
padding: 8px;
}
.admin-container th,
.responsive-table th {
background-color: #eee;
}
.admin-container tr:hover td {
background-color: #f7f7f7;
}
/* ===== MESSAGES ===== */
.login-container .error {
color: #e74c3c;
font-weight: bold;
margin-bottom: 10px;
}
.admin-container a.back-link:hover {
color: #f39c12;
}
/* Mobile responsive */
/* ===== RESPONSIVE DESIGN ===== */
@media (max-width: 768px) {
body {
padding: 10px;
}
/* Form input gestione orario */
/* Form responsive */
.admin-container form {
flex-direction: column;
align-items: stretch;
@@ -336,27 +250,33 @@ body {
.admin-container form select,
.admin-container form input[type="text"],
.admin-container input[type="password"],
.admin-container form button {
width: 100%;
margin: 5px 0;
}
/* Tabella */
/* Tabelle responsive */
.admin-container table,
.responsive-table {
display: block;
}
.admin-container thead,
.responsive-table thead {
display: none;
}
.admin-container tbody,
.admin-container th,
.admin-container td,
.admin-container tr {
.responsive-table tbody,
.admin-container tr,
.responsive-table tr {
display: block;
width: 100%;
}
.admin-container thead {
display: none; /* Nasconde intestazioni */
}
.admin-container tr {
.admin-container tr,
.responsive-table tr {
margin-bottom: 15px;
border: 1px solid #ddd;
border-radius: 8px;
@@ -365,28 +285,39 @@ body {
box-shadow: 0 1px 5px rgba(0,0,0,0.05);
}
.admin-container td {
.admin-container td,
.responsive-table td {
display: block;
text-align: left;
padding: 8px 10px;
padding-left: 50%;
position: relative;
border: none;
border-bottom: 1px solid #eee;
display: flex;
justify-content: space-between;
padding: 8px 10px;
word-wrap: break-word;
white-space: normal;
max-width: 100%;
}
.admin-container td::before {
.admin-container td:last-child,
.responsive-table td:last-child {
border-bottom: none;
}
.admin-container td::before,
.responsive-table td::before {
content: attr(data-label);
position: absolute;
left: 10px;
top: 8px;
width: 45%;
font-weight: bold;
white-space: nowrap;
white-space: normal;
color: #333;
}
.admin-container td:last-child {
border-bottom: 0;
.responsive-table td span {
display: block;
}
.admin-container a.delete-link {
@@ -395,88 +326,23 @@ body {
}
}
/* Extra piccolo schermo */
@media (max-width: 480px) {
.admin-container td::before {
.admin-container td::before,
.responsive-table td::before {
width: 50%;
font-size: 0.9em;
}
.admin-container td {
.admin-container td,
.responsive-table td {
font-size: 0.9em;
padding: 6px 8px;
}
.admin-container form select,
.admin-container form input[type="text"],
.admin-container input[type="password"],
.admin-container form button {
font-size: 0.95em;
}
}
.table-container {
width: 100%;
overflow-x: auto;
}
.responsive-table {
width: 100%;
border-collapse: collapse;
}
.responsive-table th,
.responsive-table td {
border: 1px solid #ccc;
padding: 8px;
text-align: left;
}
.responsive-table th {
background: #f4f4f4;
}
/* Modalità mobile */
@media (max-width: 768px) {
.responsive-table thead {
display: none; /* nasconde lintestazione */
}
.responsive-table tr {
display: block;
margin-bottom: 15px;
border: 1px solid #ddd;
border-radius: 8px;
padding: 10px;
background: #fff;
}
.responsive-table td {
display: block;
justify-content: space-between;
padding: 8px 5px;
padding-top: 30px;
border: none;
border-bottom: 1px solid #eee;
word-wrap: break-word;
white-space: normal;
max-width: 100%;
overflow: hidden;
text-overflow: ellipsis;
}
.responsive-table td:last-child {
border-bottom: none;
}
.responsive-table td::before {
content: attr(data-label);
font-weight: bold;
margin-right: 10px;
color: #333;
position: absolute;
left: 10px;
top: 10px;
width: 45%;
white-space: normal; /* permette a "Materia" di andare a capo */
font-weight: bold;
}
.response-table td span {
display: block; /* forza l'output del contenuto su una riga separata */
}
}
}

91
htdocs/admin/subjects.php
View File

@@ -1,22 +1,49 @@
<?php
session_start();
if (!isset($_SESSION['admin'])) { header("Location: login.php"); exit; }
include("../db.php");
include("../lib/db.php");
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['name'])) {
// FIX: Usa prepared statements per sicurezza
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['name']) && !isset($_POST['update'])) {
$name = $_POST['name'];
$teacher = $_POST['teacher'];
$room = $_POST['room'];
if (!empty($name)) {
$conn->query("INSERT INTO subjects (name,teacher,room) VALUES ('$name','$teacher','$room')");
if (!empty($name)) {
$stmt = $conn->prepare("INSERT INTO subjects (name, teacher, room) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $name, $teacher, $room);
$stmt->execute();
$stmt->close();
}
header("Location: subjects.php"); exit;
header("Location: subjects.php");
exit;
}
// FIX: Aggiunto redirect dopo update
if(isset($_POST['update'])){
$id = intval($_POST['id']);
$name = $_POST['name'];
$teacher = $_POST['teacher'];
$room = $_POST['room'];
$stmt = $conn->prepare("UPDATE subjects SET name=?, teacher=?, room=? WHERE id=?");
$stmt->bind_param("sssi", $name, $teacher, $room, $id);
$stmt->execute();
$stmt->close();
header("Location: subjects.php");
exit;
}
// FIX: Usa prepared statement anche per delete
if (isset($_GET['delete'])) {
$id = intval($_GET['delete']);
$conn->query("DELETE FROM subjects WHERE id=$id");
header("Location: subjects.php"); exit;
$stmt = $conn->prepare("DELETE FROM subjects WHERE id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$stmt->close();
header("Location: subjects.php");
exit;
}
?>
<!DOCTYPE html>
@@ -41,6 +68,42 @@ if (isset($_GET['delete'])) {
<h1>Gestisci Materie</h1>
<a href="index.php" class="back-link">⬅ Torna al Dashboard</a>
<?php
// Mostra form di modifica solo se richiesto
if(isset($_GET['edit'])){
$id = intval($_GET['edit']);
$stmt = $conn->prepare("SELECT * FROM subjects WHERE id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$res = $stmt->get_result();
if($res->num_rows > 0){
$subject = $res->fetch_assoc();
?>
<h3>Modifica materia</h3>
<form method="post" action="subjects.php">
<input type="hidden" name="id" value="<?php echo $subject['id']; ?>">
<label>Materia:</label>
<input type="text" name="name" value="<?php echo htmlspecialchars($subject['name']); ?>" required><br>
<label>Docente:</label>
<input type="text" name="teacher" value="<?php echo htmlspecialchars($subject['teacher']); ?>" required><br>
<label>Laboratorio (opzionale):</label>
<input type="text" name="room" value="<?php echo htmlspecialchars($subject['room']); ?>"><br>
<button type="submit" name="update">Salva modifiche</button>
<a class="cancel-edit" href="subjects.php" style="margin-left: 10px;">Annulla</a>
</form>
<hr>
<?php
}
$stmt->close();
}
?>
<h2>Aggiungi Nuova Materia</h2>
<form method="POST">
<input type="text" name="name" placeholder="Materia" required>
<input type="text" name="teacher" placeholder="Docente" required>
@@ -48,12 +111,13 @@ if (isset($_GET['delete'])) {
<button type="submit">Aggiungi</button>
</form>
<h2>Elenco Materie</h2>
<table>
<tr>
<th>ID</th>
<th>Materia</th>
<th>Docente</th>
<th>Aula</th>
<th>Laboratorio</th>
<th>Azione</th>
</tr>
<?php
@@ -61,10 +125,13 @@ if (isset($_GET['delete'])) {
while($row=$res->fetch_assoc()){
echo "<tr>
<td>{$row['id']}</td>
<td>{$row['name']}</td>
<td>{$row['teacher']}</td>
<td>{$row['room']}</td>
<td><a href='subjects.php?delete={$row['id']}' class='delete-link'>Elimina</a></td>
<td>" . htmlspecialchars($row['name']) . "</td>
<td>" . htmlspecialchars($row['teacher']) . "</td>
<td>" . htmlspecialchars($row['room']) . "</td>
<td>
<a href='subjects.php?edit={$row['id']}' class='edit-link'>Modifica</a> |
<a href='subjects.php?delete={$row['id']}' class='delete-link' onclick='return confirm(\"Sei sicuro di voler eliminare questa materia?\")'>Elimina</a>
</td>
</tr>";
}
?>

4
htdocs/admin/timetable.php
View File

@@ -1,7 +1,7 @@
<?php
session_start();
// if (!isset($_SESSION['admin'])) { header("Location: login.php"); exit; }
include("../db.php");
if (!isset($_SESSION['admin'])) { header("Location: login.php"); exit; }
include("../lib/db.php");
// --- Recupera tutte le materie ---
$subjects = [];

115
htdocs/admin/users.php Normal file
View File

@@ -0,0 +1,115 @@
<?php
session_start();
include("../lib/db.php");
if (!isset($_SESSION['admin']) || $_SESSION['auth_type'] != 'local' || $_SESSION['admin'] != 'admin') {
header("Location: login.php");
exit;
}
$message = "";
// Add admin
if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST['add_user'])) {
$username = trim($_POST['username']);
$password = $_POST['password'];
if (!empty($username) && !empty($password)) {
$hash = password_hash($password, PASSWORD_DEFAULT);
$stmt = $conn->prepare("INSERT INTO admin (username, password) VALUES (?, ?)");
$stmt->bind_param("ss", $username, $hash);
if ($stmt->execute()) {
$message = "Utente admin aggiunto con successo.";
} else {
$message = "Errore durante l'aggiunta: " . $conn->error;
}
} else {
$message = "Compila tutti i campi.";
}
}
// Delete admin
if (isset($_GET['delete'])) {
$id = intval($_GET['delete']);
if ($id != 1) { // proteggi super admin
$stmt = $conn->prepare("DELETE FROM admin WHERE id = ?");
$stmt->bind_param("i", $id);
$stmt->execute();
$message = "Utente admin rimosso.";
} else {
$message = "Non puoi eliminare il super admin.";
}
}
// Fetch admins
$result = $conn->query("SELECT id, username FROM admin ORDER BY id ASC");
?>
<!DOCTYPE html>
<html>
<head>
<title>Gestione Admin</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="style.css">
</head>
<body>
<div class="navbar">
<div class="logo">Admin Dashboard</div>
<div class="links">
<a href="index.php">Dashboard</a>
<a href="logout.php">Logout</a>
</div>
</div>
<div class="admin-container">
<h1>Gestione Amministratori</h1>
<a href="index.php" class="back-link">⬅ Torna al Dashboard</a>
<?php if ($message): ?>
<p style="color:<?php echo strpos($message,'successo')!==false ? 'green':'red'; ?>;">
<?php echo htmlspecialchars($message); ?>
</p>
<?php endif; ?>
<h2>Utenti Attivi</h2>
<table border="1" cellspacing="0" cellpadding="6" width="100%">
<thead>
<tr>
<th>ID</th>
<th>Username</th>
<th>Azione</th>
</tr>
</thead>
<tbody>
<?php while ($row = $result->fetch_assoc()): ?>
<tr>
<td><?php echo $row['id']; ?></td>
<td><?php echo htmlspecialchars($row['username']); ?></td>
<td>
<?php if ($row['id'] != 1): ?>
<a href="?delete=<?php echo $row['id']; ?>"
onclick="return confirm('Vuoi davvero eliminare questo amministratore?')"
style="color:red;">Elimina</a>
<?php else: ?>
<em>Super Admin</em>
<?php endif; ?>
</td>
</tr>
<?php endwhile; ?>
</tbody>
</table>
<h2>Aggiungi Nuovo Admin</h2>
<form method="POST">
<label>Username:<br>
<input type="text" name="username" required>
</label><br><br>
<label>Password:<br>
<input type="password" name="password" required>
</label><br><br>
<button type="submit" name="add_user">Aggiungi</button>
</form>
</div>
</body>
</html>

47
htdocs/config/config.php Normal file
View File

@@ -0,0 +1,47 @@
<?php
// Impostazioni Database
if (!defined('DB_HOST')) {
define('DB_HOST', '<MYSQL_HOST>'); // Host del database (ad esempio localhost)
}
if (!defined('DB_USER')) {
define('DB_USER', '<MYSQL_USER>'); // Utente del database (ad esempio orario)
}
if (!defined('DB_PASS')) {
define('DB_PASS', '<MYSQL_PASSWORD>'); // Password dell'utente specificato prima (ad esempio password123)
}
if (!defined('DB_NAME')) {
define('DB_NAME', 'school_timetable'); // Nome del database, non modificare se non sai cosa stai facendo.
}
// Impostazioni sito generali
if (!defined('APP_NAME')) {
define('APP_NAME', 'Orario Scuola'); // Nome del sito
}
if (!defined('YEAR')) {
define('YEAR', '2025/26'); // Anno Scolastico Corrente
}
if (!defined('DEV_MODE')) {
define('DEV_MODE', false); // Modalita' di sviluppo: abilita messaggi di debug aggiuntivi. Imposta su false se sei in produzione
}
// Impostazioni autenticazione dashboard amministrativa
if (!defined('AUTH_TYPE')) {
define('AUTH_TYPE','local'); // Può essere local (integrata), keycloak
}
if (!defined('APP_DOMAIN')) {
define('APP_DOMAIN',''); // Dominio del sito (ad esempio orario.yourdomain.com), richiesto per autenticazioni non local
}
// Impostazioni autenticazione via Keycloak (richiesto solo se AUTH_TYPE sta impostato su keycloak)
if (AUTH_TYPE === 'keycloak') {
if (!defined('KEYCLOAK_DOMAIN')) {
define('KEYCLOAK_DOMAIN',''); // Dominio di Keycloak (ad esempio auth.yourdomain.com)
}
if (!defined('KEYCLOAK_REALM')) {
define('KEYCLOAK_REALM',''); // Realm di Keycloak (ad esempio master)
}
if (!defined('KEYCLOAK_CLIENT_ID')) {
define('KEYCLOAK_CLIENT_ID',''); // Client ID per Keycloak (ad esempio orario)
}
if (!defined('KEYCLOAK_CLIENT_SECRET')) {
define('KEYCLOAK_CLIENT_SECRET',''); // Client Secret per Keycloak (ad esempio abcdefghijklm)
}
}
?>

177
htdocs/css/home.css
View File

@@ -1,109 +1,126 @@
/* Base styles */
body {
font-family: Arial, sans-serif;
padding: 15px;
background-color: #f0f2f5;
color: #333;
margin: 0;
body {
font-family: Arial, sans-serif;
padding: 15px;
background-color: #f0f2f5;
color: #333;
margin: 0;
}
h1, h2 {
text-align: center;
margin: 10px 0 20px 0;
text-align: center;
margin: 10px 0 20px 0;
}
h1 { color: #2c3e50; font-size: 1.8em; }
h2 { color: #34495e; font-size: 1.4em; }
h1 {
color: #2c3e50;
font-size: 1.8em;
}
h2 {
color: #34495e;
font-size: 1.4em;
}
/* Grid layout */
.grid {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(150px, 1fr));
gap: 15px;
max-width: 1000px;
margin: 0 auto;
.grid {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(150px, 1fr));
gap: 15px;
max-width: 1000px;
margin: 0 auto;
}
/* Card styles */
ul {
list-style: none;
padding: 15px;
background: #fff;
border-radius: 10px;
box-shadow: 0 2px 5px rgba(0,0,0,0.1);
transition: transform 0.2s, box-shadow 0.2s;
ul {
list-style: none;
padding: 15px;
background: #fff;
border-radius: 10px;
box-shadow: 0 2px 5px rgba(0, 0, 0, 0.1);
transition: transform 0.2s, box-shadow 0.2s;
}
ul:hover {
transform: translateY(-3px);
box-shadow: 0 5px 10px rgba(0,0,0,0.15);
transform: translateY(-3px);
box-shadow: 0 5px 10px rgba(0, 0, 0, 0.15);
}
li {
margin: 6px 0;
li {
margin: 6px 0;
}
li b {
display: block;
margin-bottom: 8px;
font-size: 1em;
color: #1f618d;
li b {
display: block;
margin-bottom: 8px;
font-size: 1em;
color: #1f618d;
}
a {
text-decoration: none;
color: #0066cc;
padding: 5px 8px;
border-radius: 5px;
transition: background-color 0.2s, color 0.2s;
a {
text-decoration: none;
color: #0066cc;
padding: 5px 8px;
border-radius: 5px;
transition: background-color 0.2s, color 0.2s;
}
a:hover {
background-color: #0066cc;
color: #fff;
a:hover {
background-color: #0066cc;
color: #fff;
}
/* Responsive adjustments */
@media screen and (max-width: 768px) {
body {
padding: 10px;
font-size: 0.95em;
}
h1 { font-size: 1.5em; }
h2 { font-size: 1.2em; }
.grid {
grid-template-columns: repeat(auto-fit, minmax(120px, 1fr));
gap: 10px;
}
ul {
padding: 10px;
}
a {
padding: 8px 10px;
font-size: 0.95em;
}
body {
padding: 10px;
font-size: 0.95em;
}
h1 {
font-size: 1.5em;
}
h2 {
font-size: 1.2em;
}
.grid {
grid-template-columns: repeat(auto-fit, minmax(120px, 1fr));
gap: 10px;
}
ul {
padding: 10px;
}
a {
padding: 8px 10px;
font-size: 0.95em;
}
}
@media screen and (max-width: 480px) {
h1 { font-size: 1.3em; }
h2 { font-size: 1em; }
.grid {
grid-template-columns: 1fr; /* single column for small screens */
gap: 10px;
}
ul {
padding: 8px;
}
a {
display: block;
text-align: center;
padding: 10px;
}
}
h1 {
font-size: 1.3em;
}
h2 {
font-size: 1em;
}
.grid {
grid-template-columns: 1fr;
gap: 10px;
}
ul {
padding: 8px;
}
a {
display: block;
text-align: center;
padding: 10px;
}
}

68
htdocs/css/navbar.css
View File

@@ -1,29 +1,63 @@
/* Navbar */
.navbar {
background-color: #2c3e50;
padding: 10px 20px;
display: flex;
justify-content: space-between;
align-items: center;
color: #fff;
border-radius: 0 0 10px 10px;
margin-bottom: 20px;
box-shadow: 0 2px 5px rgba(0,0,0,0.1);
background-color: #2c3e50;
padding: 10px 20px;
display: flex;
justify-content: space-between;
align-items: center;
color: #fff;
border-radius: 0 0 10px 10px;
margin-bottom: 20px;
box-shadow: 0 2px 5px rgba(0, 0, 0, 0.1);
}
.navbar a {
color: #fff;
text-decoration: none;
margin-left: 15px;
font-weight: bold;
transition: color 0.2s;
color: #fff;
text-decoration: none;
margin-left: 15px;
font-weight: bold;
transition: color 0.2s;
}
.navbar a:hover {
color: #f39c12;
color: #f39c12;
}
.navbar .logo {
font-size: 1.3em;
font-weight: bold;
font-size: 1.3em;
font-weight: bold;
}
/* Responsive navbar */
@media (max-width: 768px) {
.navbar {
flex-direction: column;
gap: 10px;
padding: 15px;
}
.navbar a {
margin-left: 0;
margin: 0 10px;
}
.navbar .logo {
font-size: 1.2em;
margin-bottom: 5px;
}
}
@media (max-width: 480px) {
.navbar {
padding: 12px;
}
.navbar .logo {
font-size: 1.1em;
}
.navbar a {
font-size: 0.9em;
margin: 0 8px;
}
}

222
htdocs/css/timetable.css
View File

@@ -1,167 +1,145 @@
/* Base styles */
body {
font-family: Arial, sans-serif;
padding: 15px;
background-color: #f0f2f5;
color: #333;
margin: 0;
font-family: Arial, sans-serif;
padding: 15px;
background-color: #f0f2f5;
color: #333;
margin: 0;
}
h1 {
text-align: center;
margin-bottom: 20px;
color: #2c3e50;
font-size: 1.8em;
text-align: center;
margin-bottom: 20px;
color: #2c3e50;
font-size: 1.8em;
}
/* Table styles */
table {
border-collapse: collapse;
width: 100%;
max-width: 1000px;
margin: 0 auto;
background: #fff;
border-radius: 10px;
overflow: hidden;
box-shadow: 0 2px 8px rgba(0,0,0,0.1);
border-collapse: collapse;
width: 100%;
max-width: 1000px;
margin: 0 auto;
background: #fff;
border-radius: 10px;
overflow: hidden;
box-shadow: 0 2px 8px rgba(0, 0, 0, 0.1);
}
th, td {
border: 1px solid #ccc;
text-align: center;
padding: 10px;
vertical-align: top;
border: 1px solid #ccc;
text-align: center;
padding: 10px;
vertical-align: top;
}
th {
background-color: #e0e0e0;
font-weight: bold;
background-color: #e0e0e0;
font-weight: bold;
}
td {
transition: background-color 0.2s;
transition: background-color 0.2s;
}
td:hover {
background-color: #f7f7f7;
background-color: #f7f7f7;
}
.subject {
font-weight: bold;
color: #1f618d;
font-weight: bold;
color: #1f618d;
}
.teacher {
font-size: 0.9em;
color: #2c3e50;
font-size: 0.9em;
color: #2c3e50;
}
.room {
font-size: 0.8em;
color: #666;
font-size: 0.8em;
color: #666;
}
/*
@media (max-width: 768px) {
table, thead, tbody, th, td, tr {
display: block;
/* Desktop/Mobile layout control */
.desktop-schedule {
display: table;
width: 100%;
}
border-collapse: collapse;
}
tr {
margin-bottom: 15px;
border-bottom: 2px solid #ddd;
padding-bottom: 10px;
}
th {
.mobile-schedule {
display: none;
}
td {
text-align: left;
padding: 10px 10px 10px 45%;
position: relative;
border: none;
border-bottom: 1px solid #eee;
}
td::before {
position: absolute;
left: 10px;
top: 10px;
width: 40%;
white-space: nowrap;
font-weight: bold;
content: attr(data-label);
}
td:last-child {
border-bottom: 0;
}
}
@media (max-width: 480px) {
body { padding: 10px; }
h1 { font-size: 1.5em; }
td::before { font-size: 0.9em; }
td { padding-left: 50%; }
}
*/
/* Mobile styles */
@media (max-width: 768px) {
table, thead, tbody, th, td, tr {
display: block;
width: 100%;
}
.desktop-schedule {
display: none;
}
.mobile-schedule {
display: flex;
flex-direction: column;
gap: 1.5rem;
}
tr {
margin-bottom: 15px;
padding: 0;
border-bottom: 2px solid #ddd;
}
.mobile-schedule .day {
background: #f8f8f8;
border-radius: 10px;
box-shadow: 0 2px 6px rgba(0, 0, 0, 0.05);
padding: 1rem;
}
th {
display: none;
}
.mobile-schedule h2 {
margin-top: 0;
margin-bottom: 0.8rem;
font-size: 1.2rem;
color: #111;
border-bottom: 1px solid #ddd;
padding-bottom: 0.3rem;
}
td {
position: relative;
padding-left: 50%;
text-align: left;
border: none;
border-bottom: 1px solid #eee;
min-height: 50px; /* ensures consistent vertical spacing */
box-sizing: border-box;
}
.lesson {
background: #fff;
border: 1px solid #eee;
border-radius: 8px;
padding: 0.6rem 0.8rem;
margin-bottom: 0.6rem;
}
td::before {
position: absolute;
top: 10px;
left: 10px;
width: 40%;
font-weight: bold;
white-space: nowrap;
content: attr(data-label);
}
.lesson.empty {
opacity: 0.6;
}
/* make content stack nicely */
td > .subject,
td > .teacher,
td > .room {
display: block;
margin: 2px 0;
}
.hour {
font-size: 0.9rem;
color: #666;
margin-bottom: 3px;
}
td:last-child {
border-bottom: 0;
}
.subject {
font-weight: 600;
color: #222;
}
.teacher {
font-size: 0.85rem;
color: #555;
}
.room {
font-size: 0.8rem;
color: #777;
}
}
/* Extra small screens */
@media (max-width: 480px) {
td {
padding-left: 55%;
}
td::before {
width: 45%;
}
}
body {
padding: 10px;
}
h1 {
font-size: 1.5em;
}
}

11
htdocs/db.php
View File

@@ -1,11 +0,0 @@
<?php
$host = "<MYSQL_HOST>";
$user = "<MYSQL_USER>";
$pass = "<MYSQL_PASSWORD>";
$dbname = "school_timetable";
$conn = new mysqli($host, $user, $pass, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
?>

81
htdocs/docenti.php
View File

@@ -1,29 +1,30 @@
<?php
include("db.php");
$teacher = $_GET['teacher'];
include("lib/db.php");
$days = ["Lunedì","Martedì","Mercoledì","Giovedì","Venerdì","Sabato"];
$hours = [
1 => "Prima ora<br>7:50 - 8:50",
2 => "Seconda ora<br>8:50 - 9:45",
3 => "Terza ora<br>9:55 - 10:50",
4 => "Quarta ora<br>10:50 - 11:45",
5 => "Quinta ora<br>11:55 - 12:50",
6 => "Sesta ora<br>12:50 - 13:50"
1 => "Prima ora<br> 7:50 - 8:50",
2 => "Seconda ora<br> 8:50 - 9:45",
3 => "Terza ora<br> 9:55 - 10:50",
4 => "Quarta ora<br> 10:50 - 11:45",
5 => "Quinta ora<br> 11:55 - 12:50",
6 => "Sesta ora<br> 12:50 - 13:50"
];
if ($teacher == "No Lezione" || $teacher == "sconosciuto") {
header("Location: index.php");
exit;
}
else if (!isset($_GET['teacher'])) {
if (!isset($_GET['teacher'])) {
header("Location: index.php");
exit;
}
$teacher = $conn->real_escape_string($_GET['teacher']);
if ($teacher == "No Lezione" || $teacher == "sconosciuto") {
header("Location: index.php");
exit;
}
$res = $conn->query("SELECT DISTINCT teacher FROM subjects WHERE teacher = '$teacher' LIMIT 1");
if ($res->num_rows === 0) {
// Insegnante non trovato
header("Location: index.php");
exit;
}
@@ -38,13 +39,16 @@ if ($res->num_rows === 0) {
</head>
<body>
<div class="navbar">
<div class="logo">Orario Scuola 2025/26</div>
<div class="logo"><?php echo APP_NAME; ?> <?php echo YEAR; ?></div>
<div class="links">
<a href="index.php">Home</a>
</div>
</div>
<h1>Orario docente <?php echo htmlspecialchars($teacher); ?></h1>
<table>
<!-- Visualizzazione Desktop -->
<table class="desktop-schedule">
<tr>
<th></th>
<?php foreach($days as $d) echo "<th>$d</th>"; ?>
@@ -60,10 +64,12 @@ if ($res->num_rows === 0) {
WHERE subjects.teacher='$teacher' AND timetable.day='$d' AND timetable.hour=$hnum");
if($row = $q->fetch_assoc()){
echo "<td data-label='$d'>
<div class='subject'>{$row['name']}</div>
<div class='teacher'>{$row['class_name']}</div>
<div class='room'>{$row['room']}</div>
</td>";
<div class='subject'>" . htmlspecialchars($row['name']) . "</div>
<div class='teacher'>" . htmlspecialchars($row['class_name']) . "</div>";
if(!empty($row['room'])) {
echo "<div class='room'>" . htmlspecialchars($row['room']) . "</div>";
}
echo "</td>";
} else {
echo "<td data-label='$d'></td>";
}
@@ -72,6 +78,41 @@ if ($res->num_rows === 0) {
}
?>
</table>
<!-- FIX: Visualizzazione Mobile aggiunta -->
<div class="mobile-schedule">
<?php foreach($days as $d): ?>
<div class="day">
<h2><?= htmlspecialchars($d) ?></h2>
<?php
foreach($hours as $hnum => $hlabel):
$q = $conn->query("SELECT subjects.name, classes.name AS class_name, subjects.room
FROM timetable
LEFT JOIN subjects ON timetable.subject_id = subjects.id
LEFT JOIN classes ON timetable.class_id = classes.id
WHERE subjects.teacher='$teacher' AND timetable.day='$d' AND timetable.hour=$hnum");
if($row = $q->fetch_assoc()):
?>
<div class="lesson">
<div class="hour"><?= strip_tags($hlabel) ?></div>
<div class="subject"><?= htmlspecialchars($row['name']) ?></div>
<div class="teacher"><?= htmlspecialchars($row['class_name']) ?></div>
<?php if(!empty($row['room'])): ?>
<div class="room"><?= htmlspecialchars($row['room']) ?></div>
<?php endif; ?>
</div>
<?php else: ?>
<div class="lesson empty">
<div class="hour"><?= strip_tags($hlabel) ?></div>
<div class="subject">—</div>
</div>
<?php endif; ?>
<?php endforeach; ?>
</div>
<?php endforeach; ?>
</div>
<p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
</body>
</html>

10
htdocs/index.php
View File

@@ -1,24 +1,24 @@
<?php
include("db.php");
include("lib/db.php");
?>
<!DOCTYPE html>
<html>
<head>
<title>Orario - A.S. 2025/26</title>
<title><?php echo APP_NAME; ?> - A.S. <?php echo YEAR; ?></title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="css/home.css">
<link rel="stylesheet" href="css/navbar.css">
</head>
<body>
<div class="navbar">
<div class="logo">Orario Scuola 2025/26</div>
<div class="logo"><?php echo APP_NAME; ?> <?php echo YEAR; ?></div>
<div class="links">
<a href="index.php">Home</a>
<a href="admin/index.php">Admin</a>
<a href="https://git.vichingo455.freeddns.org/emmev-code/orario" target="_blank">Codice sorgente</a>
</div>
</div>
<h1>Orario - a.s. 2025/26</h1>
<h1><?php echo APP_NAME; ?> - A.S. <?php echo YEAR; ?></h1>
<!-- Sezione Classi -->
<h2>Classi</h2>
@@ -66,6 +66,6 @@ while($row = $res->fetch_assoc()){
?>
</div>
<p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under GNU AGPL 3.0 License.</p>
<p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
</body>
</html>

107
htdocs/laboratori.php
View File

@@ -1,15 +1,15 @@
<?php
include("db.php");
$room = $_GET['room']; // aula selezionata
include("lib/db.php");
$days = ["Lunedì","Martedì","Mercoledì","Giovedì","Venerdì","Sabato"];
$hours = [
1 => "Prima ora<br>7:50 - 8:50",
2 => "Seconda ora<br>8:50 - 9:45",
3 => "Terza ora<br>9:55 - 10:50",
4 => "Quarta ora<br>10:50 - 11:45",
5 => "Quinta ora<br>11:55 - 12:50",
6 => "Sesta ora<br>12:50 - 13:50"
1 => "Prima ora<br> 7:50 - 8:50",
2 => "Seconda ora<br> 8:50 - 9:45",
3 => "Terza ora<br> 9:55 - 10:50",
4 => "Quarta ora<br> 10:50 - 11:45",
5 => "Quinta ora<br> 11:55 - 12:50",
6 => "Sesta ora<br> 12:50 - 13:50"
];
if (!isset($_GET['room'])) {
header("Location: index.php");
exit;
@@ -19,7 +19,6 @@ $room = $conn->real_escape_string($_GET['room']);
$res = $conn->query("SELECT DISTINCT room FROM subjects WHERE room = '$room' LIMIT 1");
if ($res->num_rows === 0) {
// Aula non trovata
header("Location: index.php");
exit;
}
@@ -34,7 +33,7 @@ if ($res->num_rows === 0) {
</head>
<body>
<div class="navbar">
<div class="logo">Orario Scuola 2025/26</div>
<div class="logo"><?php echo APP_NAME; ?> <?php echo YEAR; ?></div>
<div class="links">
<a href="index.php">Home</a>
</div>
@@ -42,7 +41,8 @@ if ($res->num_rows === 0) {
<h1>Orario <?php echo htmlspecialchars($room); ?></h1>
<table>
<!-- Visualizzazione Desktop -->
<table class="desktop-schedule">
<tr>
<th></th>
<?php foreach($days as $d) echo "<th>$d</th>"; ?>
@@ -60,11 +60,34 @@ if ($res->num_rows === 0) {
WHERE subjects.room='". $conn->real_escape_string($room) ."'
AND timetable.day='$d' AND timetable.hour=$hnum
");
if($row = $q->fetch_assoc()){
if($q->num_rows > 0){
$subject = null;
// FIX: Uso array associativo per evitare duplicati classe+docente
$class_teacher_pairs = [];
while($row = $q->fetch_assoc()){
if($subject === null) {
$subject = $row['subject_name'];
}
// Creo una coppia unica classe-docente
$pair = $row['class_name'] . " (" . $row['teacher'] . ")";
$class_teacher_pairs[$pair] = true; // Uso chiave per evitare duplicati
}
// Converto in array e unisco
$entries = array_keys($class_teacher_pairs);
if(count($entries) > 1){
$last = array_pop($entries);
$entries_list = implode(", ", $entries) . " e " . $last;
} else {
$entries_list = $entries[0];
}
echo "<td data-label='$d'>
<div class='subject'>{$row['subject_name']}</div>
<div class='teacher'>{$row['teacher']}</div>
<div class='room'>{$row['class_name']}</div>
<div class='subject'>" . htmlspecialchars($subject) . "</div>
<div class='room'>" . htmlspecialchars($entries_list) . "</div>
</td>";
} else {
echo "<td data-label='$d'></td>";
@@ -74,6 +97,60 @@ if ($res->num_rows === 0) {
}
?>
</table>
<!-- Visualizzazione Mobile -->
<div class="mobile-schedule">
<?php foreach($days as $d): ?>
<div class="day">
<h2><?= htmlspecialchars($d) ?></h2>
<?php
foreach($hours as $hnum => $hlabel):
$q = $conn->query("
SELECT subjects.name AS subject_name, subjects.teacher, classes.name AS class_name
FROM timetable
LEFT JOIN subjects ON timetable.subject_id = subjects.id
LEFT JOIN classes ON timetable.class_id = classes.id
WHERE subjects.room='". $conn->real_escape_string($room) ."'
AND timetable.day='$d' AND timetable.hour=$hnum
");
if($q->num_rows > 0):
$subject = null;
$class_teacher_pairs = [];
while($row = $q->fetch_assoc()){
if($subject === null) {
$subject = $row['subject_name'];
}
$pair = $row['class_name'] . " (" . $row['teacher'] . ")";
$class_teacher_pairs[$pair] = true;
}
$entries = array_keys($class_teacher_pairs);
if(count($entries) > 1){
$last = array_pop($entries);
$entries_list = implode(", ", $entries) . " e " . $last;
} else {
$entries_list = $entries[0];
}
?>
<div class="lesson">
<div class="hour"><?= strip_tags($hlabel) ?></div>
<div class="subject"><?= htmlspecialchars($subject) ?></div>
<div class="room"><?= htmlspecialchars($entries_list) ?></div>
</div>
<?php else: ?>
<div class="lesson empty">
<div class="hour"><?= strip_tags($hlabel) ?></div>
<div class="subject">—</div>
</div>
<?php endif; ?>
<?php endforeach; ?>
</div>
<?php endforeach; ?>
</div>
<p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
</body>
</html>

15
htdocs/lib/db.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
include_once __DIR__ . '/../config/config.php';
$host = DB_HOST;
$user = DB_USER;
$pass = DB_PASS;
$dbname = DB_NAME;
$conn = new mysqli($host, $user, $pass, $dbname);
if ($conn->connect_error) {
if (DEV_MODE)
die("[DEBUG] Connessione al database fallita: " . $conn->connect_error);
else
die("Connessione al database fallita!");
}
?>

114
htdocs/studenti.php
View File

@@ -1,26 +1,27 @@
<?php
include("db.php");
include("lib/db.php"); // FIX: Decommentato
$class_id = intval($_GET['class_id']);
$class = $conn->query("SELECT * FROM classes WHERE id=$class_id")->fetch_assoc();
$days = ["Lunedì","Martedì","Mercoledì","Giovedì","Venerdì","Sabato"];
$hours = [
1 => "Prima ora<br>7:50 - 8:50",
2 => "Seconda ora<br>8:50 - 9:45",
3 => "Terza ora<br>9:55 - 10:50",
4 => "Quarta ora<br>10:50 - 11:45",
5 => "Quinta ora<br>11:55 - 12:50",
6 => "Sesta ora<br>12:50 - 13:50"
1 => "Prima ora<br> 7:50 - 8:50",
2 => "Seconda ora<br> 8:50 - 9:45",
3 => "Terza ora<br> 9:55 - 10:50",
4 => "Quarta ora<br> 10:50 - 11:45",
5 => "Quinta ora<br> 11:55 - 12:50",
6 => "Sesta ora<br> 12:50 - 13:50"
];
// FIX: Validazione classe prima di tutto
if (!isset($_GET['class_id'])) {
header("Location: index.php");
exit;
}
$class_id = intval($_GET['class_id']); // sicurezza
$class_id = intval($_GET['class_id']);
$res = $conn->query("SELECT id FROM classes WHERE id = $class_id LIMIT 1");
if ($res->num_rows === 0) {
// Classe non trovata
header("Location: index.php");
exit;
}
@@ -28,20 +29,22 @@ if ($res->num_rows === 0) {
<!DOCTYPE html>
<html>
<head>
<title>Orario <?php echo $class['name']; ?></title>
<title>Orario <?php echo htmlspecialchars($class['name']); ?></title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="css/timetable.css">
<link rel="stylesheet" href="css/navbar.css">
</head>
<body>
<div class="navbar">
<div class="logo">Orario Scuola 2025/26</div>
<div class="logo"><?php echo APP_NAME; ?> <?php echo YEAR; ?></div>
<div class="links">
<a href="index.php">Home</a>
</div>
</div>
<h1>Orario della classe <?php echo $class['name']; ?></h1>
<table>
<h1>Orario della classe <?php echo htmlspecialchars($class['name']); ?></h1>
<!-- Visualizzazione Desktop -->
<table class="desktop-schedule">
<tr>
<th></th>
<?php foreach($days as $d) echo "<th>$d</th>"; ?>
@@ -54,10 +57,36 @@ if ($res->num_rows === 0) {
FROM timetable
LEFT JOIN subjects ON timetable.subject_id = subjects.id
WHERE class_id=$class_id AND day='$d' AND hour=$hnum");
if($row = $q->fetch_assoc()){
echo "<td data-label='$d'><div class='subject'>{$row['name']}</div>
<div class='teacher'>{$row['teacher']}</div>
<div class='room'>{$row['room']}</div></td>";
if($q->num_rows > 0){
// FIX: Gestione corretta di multipli docenti/materie
$entries = [];
$subject = null;
$room = null;
while($row = $q->fetch_assoc()){
if($subject === null) {
$subject = $row['name'];
$room = $row['room'];
}
$entries[] = $row['teacher'];
}
// Unisci i docenti correttamente
if(count($entries) > 1){
$last = array_pop($entries);
$teachers_list = implode(", ", $entries) . " e " . $last;
} else {
$teachers_list = $entries[0];
}
echo "<td data-label='$d'>
<div class='subject'>" . htmlspecialchars($subject) . "</div>
<div class='teacher'>" . htmlspecialchars($teachers_list) . "</div>";
if(!empty($room)) {
echo "<div class='room'>" . htmlspecialchars($room) . "</div>";
}
echo "</td>";
} else {
echo "<td data-label='$d'></td>";
}
@@ -66,6 +95,57 @@ if ($res->num_rows === 0) {
}
?>
</table>
<!-- Visualizzazione Mobile -->
<div class="mobile-schedule">
<?php foreach($days as $d): ?>
<div class="day">
<h2><?= htmlspecialchars($d) ?></h2>
<?php
foreach($hours as $hnum => $hlabel):
$q = $conn->query("SELECT subjects.name, subjects.teacher, subjects.room
FROM timetable
LEFT JOIN subjects ON timetable.subject_id = subjects.id
WHERE class_id=$class_id AND day='$d' AND hour=$hnum");
if($q->num_rows > 0):
// FIX: Stessa logica corretta anche per mobile
$entries = [];
$subject = null;
$room = null;
while($row = $q->fetch_assoc()){
if($subject === null) {
$subject = $row['name'];
$room = $row['room'];
}
$entries[] = $row['teacher'];
}
if(count($entries) > 1){
$last = array_pop($entries);
$teachers_list = implode(", ", $entries) . " e " . $last;
} else {
$teachers_list = $entries[0];
}
?>
<div class="lesson">
<div class="hour"><?= strip_tags($hlabel) ?></div>
<div class="subject"><?= htmlspecialchars($subject) ?></div>
<div class="teacher"><?= htmlspecialchars($teachers_list) ?></div>
<?php if(!empty($room)): ?><div class="room"><?= htmlspecialchars($room) ?></div><?php endif; ?>
</div>
<?php else: ?>
<div class="lesson empty">
<div class="hour"><?= strip_tags($hlabel) ?></div>
<div class="subject">—</div>
</div>
<?php endif; ?>
<?php endforeach; ?>
</div>
<?php endforeach; ?>
</div>
<p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
</body>
</html>