57 lines
2.0 KiB
PHP
57 lines
2.0 KiB
PHP
<?php
|
|
session_start();
|
|
require_once '../config/database.php';
|
|
require_once '../includes/auth.php';
|
|
|
|
requireRole(['superadmin', 'admin', 'supervisor']);
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$type = $_POST['type'];
|
|
$reference_number = trim($_POST['reference_number']);
|
|
$title = trim($_POST['title']);
|
|
$description = trim($_POST['description']);
|
|
$uploaded_by = $_SESSION['user_id'];
|
|
|
|
if (isset($_FILES['document_file']) && $_FILES['document_file']['error'] === UPLOAD_ERR_OK) {
|
|
$file = $_FILES['document_file'];
|
|
|
|
// Crear nombre único para el archivo
|
|
$ext = pathinfo($file['name'], PATHINFO_EXTENSION);
|
|
$filename = uniqid('doc_') . '_' . time() . '.' . $ext;
|
|
$upload_dir = '../uploads/';
|
|
|
|
// Asegurarse de que el directorio exista
|
|
if (!is_dir($upload_dir)) {
|
|
mkdir($upload_dir, 0777, true);
|
|
}
|
|
|
|
$dest_path = $upload_dir . $filename;
|
|
|
|
if (move_uploaded_file($file['tmp_name'], $dest_path)) {
|
|
try {
|
|
$stmt = $db->prepare("INSERT INTO documents (reference_number, title, description, type, file_path, uploaded_by) VALUES (:ref, :title, :desc, :type, :path, :user_id)");
|
|
$stmt->execute([
|
|
'ref' => $reference_number,
|
|
'title' => $title,
|
|
'desc' => $description,
|
|
'type' => $type,
|
|
'path' => $filename,
|
|
'user_id' => $uploaded_by
|
|
]);
|
|
$_SESSION['success'] = 'Documento registrado y subido correctamente.';
|
|
} catch (PDOException $e) {
|
|
$_SESSION['error'] = 'Error al registrar en la base de datos.';
|
|
if (file_exists($dest_path)) unlink($dest_path);
|
|
}
|
|
} else {
|
|
$_SESSION['error'] = 'Error al mover el archivo subido al servidor.';
|
|
}
|
|
} else {
|
|
$_SESSION['error'] = 'Debe seleccionar un archivo válido.';
|
|
}
|
|
|
|
header('Location: ../documents.php');
|
|
exit;
|
|
}
|
|
?>
|