<?php
session_start();
if (!isset($_SESSION['loggedin'])) {
    exit("unauthorized");
}

include "../database.php";
include "../globals.php";
require_once '../../plugins/sendgrid/config.php';
require "../../plugins/sendgrid/sendgrid-php.php";

$user_id = $_POST["user_id"];
$permission_justification = $_POST["permission_justification"];
$permission_full_day = $_POST["permission_full_day"];
$permission_start_date = $_POST["permission_start_date"];
$permission_end_date = $_POST["permission_end_date"];
$permission_start_time = $_POST["permission_start_time"];
$permission_end_time = $_POST["permission_end_time"];
$permission_note = $_POST["permission_note"];

if ($permission_full_day == "true") {
    $full_day = 1;
    $start_datetime = $permission_start_date . " 00:00:00";
    $end_datetime = $permission_end_date . " " . "23:59:59";
} else {
    $full_day = 0;
    $start_datetime = $permission_start_date . " " . $permission_start_time;
    $end_datetime = $permission_end_date . " " . $permission_end_time;
}

if ($_SESSION["role"] == "Admin") {
    $status = 2;
} else {
    $status = 1;
}

$sql_justification        = "SELECT * FROM justifications WHERE id = $permission_justification";
$result_justification     = mysqli_query($con, $sql_justification);
$justification = mysqli_fetch_assoc($result_justification);

$datetime    = date("Y-m-d H:i:s");
$secure               = rand(100000, 1000000);

$sql_attendance    = "SELECT * FROM attendance WHERE month = " . date("m", strtotime($permission_start_date)) . " AND year = " . date("Y", strtotime($permission_start_date)) . " AND closed = 1";
$result_attendance = mysqli_query($con, $sql_attendance);
if ($result_attendance->num_rows > 0) {
    echo "attendancePresent";
    exit;
}

$sql_attendance    = "SELECT * FROM attendance WHERE month = " . date("m", strtotime($permission_end_date)) . " AND year = " . date("Y", strtotime($permission_end_date)) . " AND closed = 1";
$result_attendance = mysqli_query($con, $sql_attendance);
if ($result_attendance->num_rows > 0) {
    echo "attendancePresent";
    exit;
}

$sql_attendance    = "SELECT * FROM attendance WHERE month BETWEEN " . date("m", strtotime($permission_start_date)) . " AND " . date("m", strtotime($permission_end_date)) . " AND year = " . date("Y", strtotime($permission_start_date)) . " AND closed = 1";
$result_attendance = mysqli_query($con, $sql_attendance);
if ($result_attendance->num_rows > 0) {
    echo "attendancePresent";
    exit;
}

$sql_insert = "INSERT INTO permissions VALUES (NULL,$user_id,$permission_justification,$full_day,'$permission_start_date','$permission_end_date','$permission_start_time','$permission_end_time','$permission_note',$status,'$datetime','$secure','',0,0)";
if ($con->query($sql_insert) === true) {
    $id = mysqli_insert_id($con);

    $sql_attendance    = "SELECT * FROM attendance WHERE month = " . date("m", strtotime($permission_start_date)) . " AND year = " . date("Y", strtotime($permission_start_date)) . "";
    $result_attendance = mysqli_query($con, $sql_attendance);
    if ($result_attendance->num_rows > 0) {
        $attendance        = mysqli_fetch_assoc($result_attendance);

        $sql_update = "UPDATE attendance SET status = 'Da ricalcolare' WHERE id = " . $attendance["id"] . "";
        $con->query($sql_update);
    }

    $sql_attendance    = "SELECT * FROM attendance WHERE month = " . date("m", strtotime($permission_end_date)) . " AND year = " . date("Y", strtotime($permission_end_date)) . "";
    $result_attendance = mysqli_query($con, $sql_attendance);
    if ($result_attendance->num_rows > 0) {
        $attendance        = mysqli_fetch_assoc($result_attendance);

        $sql_update = "UPDATE attendance SET status = 'Da ricalcolare' WHERE id = " . $attendance["id"] . "";
        $con->query($sql_update);
    }

    $sql_attendance    = "SELECT * FROM attendance WHERE month BETWEEN " . date("m", strtotime($permission_start_date)) . " AND " . date("m", strtotime($permission_end_date)) . " AND year = " . date("Y", strtotime($permission_start_date)) . "";
    $result_attendance = mysqli_query($con, $sql_attendance);
    if ($result_attendance->num_rows > 0) {
        $attendance        = mysqli_fetch_assoc($result_attendance);

        $sql_update = "UPDATE attendance SET status = 'Da ricalcolare' WHERE id = " . $attendance["id"] . "";
        $con->query($sql_update);
    }

    if ($_SESSION["role"] == "Utente") {
        $sql_approve = "SELECT * FROM users WHERE role = 'Admin' AND permissions_approver = 1";
        $result_approve = mysqli_query($con, $sql_approve);
        while ($row_approve = mysqli_fetch_assoc($result_approve)) {
            //Invio mail responsabile
            $email = new \SendGrid\Mail\Mail();
            $email->setFrom("info@n-hub.com", "NH-HR");
            $email->addTo("" . $row_approve["email"] . "", "" . $row_approve["name"] . " " . $row_approve["surname"] . "");
            $email->SetTemplateId("d-90331ff3889b45d5a96d08e0a42e182b");
            //Here is the Place holder values you need to replace.
            $email->addDynamicTemplateData("NHHR_richiedente", "" . $_SESSION["username"] . "");
            $email->addDynamicTemplateData("NHHR_data_richiesta", "" . date('d/m/Y H:i', strtotime($datetime)) . "");
            $email->addDynamicTemplateData("NHHR_giustificativo", "" . $justification["name"] . "");
            if ($full_day == 1) {
                $email->addDynamicTemplateData("NHHR_giornata_intera", "SI");
            } else {
                $email->addDynamicTemplateData("NHHR_giornata_intera", "NO");
            }
            $email->addDynamicTemplateData("NHHR_data_inizio", "" . date('d/m/Y', strtotime($permission_start_date)) . "");
            $email->addDynamicTemplateData("NHHR_data_fine", "" . date('d/m/Y', strtotime($permission_end_date)) . "");
            $email->addDynamicTemplateData("NHHR_ora_inizio", "" . date('H:i', strtotime($permission_start_time)) . "");
            $email->addDynamicTemplateData("NHHR_ora_fine", "" . date('H:i', strtotime($permission_end_time)) . "");
            $email->addDynamicTemplateData("NHHR_note", "" . $permission_note . "");
            $email->addDynamicTemplateData("NHHR_Link_Gestisci", $manage_permission_url . "?permission_id=" . $id . "&&user_id=" . $_SESSION["id"]);
            $sendgrid = new \SendGrid(SENDGRID_API_KEY);
            try {
                $response = $sendgrid->send($email);
            } catch (Exception $e) {
                echo 'Caught exception: ' . $e->getMessage() . "\n";
            }
        }
    }

    echo "ok";
} else {
    echo "error";
}

$con->close();