<?php
session_start();
if (!isset($_SESSION['loggedin'])) {
    exit("unauthorized");
}

include "../database.php";
include "../globals.php";

require_once '../../plugins/sendgrid/config.php';
require "../../plugins/sendgrid/sendgrid-php.php";

$permission_id = $_POST["permission_id"];

$sql_permission    = "SELECT * FROM permissions WHERE id = " . $permission_id . "";
$result_permission = mysqli_query($con, $sql_permission);
$permission        = mysqli_fetch_assoc($result_permission);

$sql_user    = "SELECT * FROM users WHERE id = " . $permission['user_id'] . "";
$result_user = mysqli_query($con, $sql_user);
$user        = mysqli_fetch_assoc($result_user);

$sql_justification    = "SELECT * FROM justifications WHERE id = " . $permission['justification_id'] . "";
$result_justification = mysqli_query($con, $sql_justification);
$justification        = mysqli_fetch_assoc($result_justification);

$sql_attendance    = "SELECT * FROM attendance WHERE month = " . date("m", strtotime($permission['start_date'])) . " AND year = " . date("Y", strtotime($permission['start_date'])) . " AND closed = 1";
$result_attendance = mysqli_query($con, $sql_attendance);
if ($result_attendance->num_rows > 0) {
    echo "attendancePresent";
    exit;
}

$sql_attendance    = "SELECT * FROM attendance WHERE month = " . date("m", strtotime($permission['end_date'])) . " AND year = " . date("Y", strtotime($permission['end_date'])) . " AND closed = 1";
$result_attendance = mysqli_query($con, $sql_attendance);
if ($result_attendance->num_rows > 0) {
    echo "attendancePresent";
    exit;
}

$sql_attendance    = "SELECT * FROM attendance WHERE month BETWEEN " . date("m", strtotime($permission['start_date'])) . " AND " . date("m", strtotime($permission['end_date'])) . " AND year = " . date("Y", strtotime($permission['start_date'])) . " AND closed = 1";
$result_attendance = mysqli_query($con, $sql_attendance);
if ($result_attendance->num_rows > 0) {
    echo "attendancePresent";
    exit;
}

if (($_SESSION["role"] == "Admin") || (($permission['status_id'] == 1) || ($permission['status_id'] == 3))) {
    $sql_delete = "DELETE FROM permissions WHERE id = " . $permission_id . "";
    if ($con->query($sql_delete) === true) {
        $sql_attendance    = "SELECT * FROM attendance WHERE month = " . date("m", strtotime($permission['start_date'])) . " AND year = " . date("Y", strtotime($permission['start_date'])) . "";
        $result_attendance = mysqli_query($con, $sql_attendance);
        if ($result_attendance->num_rows > 0) {
            $attendance        = mysqli_fetch_assoc($result_attendance);

            $sql_update = "UPDATE attendance SET status = 'Da ricalcolare' WHERE id = " . $attendance["id"] . "";
            $con->query($sql_update);
        }

        $sql_attendance    = "SELECT * FROM attendance WHERE month = " . date("m", strtotime($permission['end_date'])) . " AND year = " . date("Y", strtotime($permission['end_date'])) . "";
        $result_attendance = mysqli_query($con, $sql_attendance);
        if ($result_attendance->num_rows > 0) {
            $attendance        = mysqli_fetch_assoc($result_attendance);

            $sql_update = "UPDATE attendance SET status = 'Da ricalcolare' WHERE id = " . $attendance["id"] . "";
            $con->query($sql_update);
        }

        $sql_attendance    = "SELECT * FROM attendance WHERE month BETWEEN " . date("m", strtotime($permission['start_date'])) . " AND " . date("m", strtotime($permission['end_date'])) . " AND year = " . date("Y", strtotime($permission['start_date'])) . "";
        $result_attendance = mysqli_query($con, $sql_attendance);
        if ($result_attendance->num_rows > 0) {
            $attendance        = mysqli_fetch_assoc($result_attendance);

            $sql_update = "UPDATE attendance SET status = 'Da ricalcolare' WHERE id = " . $attendance["id"] . "";
            $con->query($sql_update);
        }

        echo "deleted";
    } else {
        echo "error";
    }
} else if ($_SESSION["role"] == "Utente") {
    $sql = "UPDATE permissions SET request_delete = 1 WHERE id = $permission_id";
    if ($con->query($sql) == true) {
        $sql_approve = "SELECT * FROM users WHERE role = 'Admin' AND permissions_approver = 1";
        $result_approve = mysqli_query($con, $sql_approve);
        while ($row_approve = mysqli_fetch_assoc($result_approve)) {
            //Invio admin
            $email = new \SendGrid\Mail\Mail();
            $email->setFrom("info@n-hub.com", "NH-HR");
            $email->addTo("" . $row_approve["email"] . "", "" . $row_approve["name"] . " " . $row_approve["surname"] . "");
            $email->SetTemplateId("d-d45754cf1b5447839392d45cade50754");
            //Here is the Place holder values you need to replace.
            $email->addDynamicTemplateData("NHHR_richiedente", "" . $_SESSION["username"] . "");
            $email->addDynamicTemplateData("NHHR_data_richiesta", "" . date("d/m/Y H:i") . "");
            $email->addDynamicTemplateData("NHHR_giustificativo", "" . $justification["name"] . "");
            if ($permission["full_day"] == 1) {
                $email->addDynamicTemplateData("NHHR_giornata_intera", "SI");
            } else {
                $email->addDynamicTemplateData("NHHR_giornata_intera", "NO");
            }
            $email->addDynamicTemplateData("NHHR_data_inizio", "" . date('d/m/Y', strtotime($permission['start_date'])) . "");
            $email->addDynamicTemplateData("NHHR_data_fine", "" . date('d/m/Y', strtotime($permission['end_date'])) . "");
            $email->addDynamicTemplateData("NHHR_ora_inizio", "" . date('H:i', strtotime($permission['start_time'])) . "");
            $email->addDynamicTemplateData("NHHR_ora_fine", "" . date('H:i', strtotime($permission['end_time'])) . "");
            $email->addDynamicTemplateData("NHHR_note", "" . $permission['note'] . "");
            $email->addDynamicTemplateData("NHHR_Link_Gestisci", $manage_permission_url . "?permission_id=" . $permission_id . "&&user_id=" . $_SESSION["id"]);
            $sendgrid = new \SendGrid(SENDGRID_API_KEY);
            try {
                $response = $sendgrid->send($email);
            } catch (Exception $e) {
                echo 'Caught exception: ' . $e->getMessage() . "\n";
            }
        }

        echo "requested";
    } else {
        echo "error";
    }
}

$con->close();