52 lines
1.9 KiB
PHP
52 lines
1.9 KiB
PHP
<?php
|
|
require_once 'db/config.php';
|
|
session_start();
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$personId = $_POST['id'];
|
|
$firstName = $_POST['firstName'];
|
|
$lastName = $_POST['lastName'];
|
|
$email = $_POST['email'];
|
|
$companyName = $_POST['companyName'];
|
|
$phone = $_POST['phone'];
|
|
$role = $_POST['role'] ?? 'członek'; // Default to 'członek'
|
|
$functions = isset($_POST['functions']) ? $_POST['functions'] : [];
|
|
$password = $_POST['password'];
|
|
|
|
try {
|
|
$pdo = db();
|
|
|
|
// Update person details
|
|
if (!empty($password)) {
|
|
$passwordHash = password_hash($password, PASSWORD_DEFAULT);
|
|
$sql = "UPDATE people SET firstName = ?, lastName = ?, email = ?, companyName = ?, phone = ?, password = ?, role = ? WHERE id = ?";
|
|
$stmt = $pdo->prepare($sql);
|
|
$stmt->execute([$firstName, $lastName, $email, $companyName, $phone, $passwordHash, $role, $personId]);
|
|
} else {
|
|
$sql = "UPDATE people SET firstName = ?, lastName = ?, email = ?, companyName = ?, phone = ?, role = ? WHERE id = ?";
|
|
$stmt = $pdo->prepare($sql);
|
|
$stmt->execute([$firstName, $lastName, $email, $companyName, $phone, $role, $personId]);
|
|
}
|
|
|
|
// Update functions
|
|
$stmt = $pdo->prepare("DELETE FROM user_functions WHERE user_id = ?");
|
|
$stmt->execute([$personId]);
|
|
|
|
if (!empty($functions)) {
|
|
$sql = "INSERT INTO user_functions (user_id, function_id) VALUES (?, ?)";
|
|
$stmt = $pdo->prepare($sql);
|
|
foreach ($functions as $functionId) {
|
|
$stmt->execute([$personId, $functionId]);
|
|
}
|
|
}
|
|
|
|
$_SESSION['success_message'] = 'Osoba zaktualizowana pomyślnie.';
|
|
|
|
} catch (PDOException $e) {
|
|
error_log('Update failed: ' . $e->getMessage());
|
|
$_SESSION['error_message'] = "Błąd podczas aktualizacji osoby.";
|
|
}
|
|
|
|
header('Location: index.php');
|
|
exit();
|
|
} |