<?php
$permission_id = $_GET["permission_id"];
$secure        = $_GET["secure"];
$type          = $_GET["type"];

include "../../php/database.php";

$sql_permission    = "SELECT * FROM permissions WHERE id = " . $permission_id . " AND secure = " . $secure . "";
$result_permission = mysqli_query($con, $sql_permission);
$permission        = mysqli_fetch_assoc($result_permission);
if ($secure == $permission["secure"]) {
 if ($permission["status_id"] == 1) {
  if ($type == "approve") {
   $url  = 'https://hr.n-hub.it/php/admin/manage_permission.php';
   $data = ['result' => 'approvato', 'id' => $permission_id];

   $options = [
    'http' => [
     'method'  => 'POST',
     'header'  => 'Content-type: application/x-www-form-urlencoded',
     'content' => http_build_query($data),
    ],
   ];

   $context = stream_context_create($options);

   $response = file_get_contents($url, false, $context);

   if ($response == "ok") {
    echo "Richiesta approvata con successo";
   } else {
    echo "Si è verificato un errore";
   }
  } else if ($type == "reject") {
   $url  = 'https://hr.n-hub.it/php/admin/manage_permission.php';
   $data = ['result' => 'rifiutato', 'id' => $permission_id];

   $options = [
    'http' => [
     'method'  => 'POST',
     'header'  => 'Content-type: application/x-www-form-urlencoded',
     'content' => http_build_query($data),
    ],
   ];

   $context = stream_context_create($options);

   $response = file_get_contents($url, false, $context);

   if ($response == "ok") {
    echo "Richiesta rifiutata con successo";
   } else {
    echo "Si è verificato un errore";
   }
  }
 } else {
  echo "Richiesta gestita";
 }
} else {
 echo "Richiesta non trovata";
}