35296-vm/submit_leave_request.php

<?php
session_start();

if (!isset($_SESSION['user_role']) || $_SESSION['user_role'] !== 'student') {
    header('Location: index.php');
    exit;
}

require_once __DIR__ . '/db/config.php';
require_once __DIR__ . '/mail/MailService.php';

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $student_id = $_SESSION['user_id'];
    $leave_type = $_POST['leave_type'] ?? '';
    $start_date = $_POST['start_date'] ?? '';
    $end_date = $_POST['end_date'] ?? '';
    $reason = $_POST['reason'] ?? '';

    // Basic validation
    if (empty($leave_type) || empty($start_date) || empty($end_date) || empty($reason)) {
        die('Please fill all required fields.');
    }

    $attachment_path = null;
    if (isset($_FILES['attachment']) && $_FILES['attachment']['error'] === UPLOAD_ERR_OK) {
        $upload_dir = __DIR__ . '/uploads/';
        $attachment_name = uniqid() . '-' . basename($_FILES['attachment']['name']);
        $attachment_path = $upload_dir . $attachment_name;

        if (!move_uploaded_file($_FILES['attachment']['tmp_name'], $attachment_path)) {
            die('Failed to upload attachment.');
        }
        $attachment_path = 'uploads/' . $attachment_name; // Store relative path
    }

    try {
        $pdo = db();
        $stmt = $pdo->prepare("INSERT INTO leave_requests (student_id, leave_type, start_date, end_date, reason, attachment_path) VALUES (?, ?, ?, ?, ?, ?)");
        $stmt->execute([$student_id, $leave_type, $start_date, $end_date, $reason, $attachment_path]);

        // Send email to teacher
        $teacher_email = 'teacher@example.com'; // Hardcoded for now
        $subject = 'New Leave Request from ' . $_SESSION['user_full_name'];
        $body = "<p>A new leave request has been submitted by {" . $_SESSION['user_full_name'] . "}.</p>\n                 <p><b>Leave Type:</b> {" . $leave_type . "}</p>\n                 <p><b>Start Date:</b> {" . $start_date . "}</p>\n                 <p><b>End Date:</b> {" . $end_date . "}</p>\n                 <p><b>Reason:</b> {" . $reason . "}</p>\n                 <p>Please login to the dashboard to approve or reject this request.</p>";
        MailService::sendMail($teacher_email, $subject, $body);

        header('Location: student_dashboard.php?success=1');
        exit;
    } catch (PDOException $e) {
        die('Database error: ' . $e->getMessage());
    }
}