EuskadiTech/Axia4
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0c362fd40bcc49204ddd2504397973bd984d8ee6
Axia4/public_html/_incl/switch_tenant.php
copilot-swe-agent[bot] 0c362fd40b feat: SQLite DB with migrations replaces all JSON file storage 
- Add db.php with PDO singleton, migration runner, and all helper functions
- Add migrations/001_initial_schema.sql (full schema)
- Add migrations/002_import_json.php (one-time JSON → DB importer)
- Add _incl/switch_tenant.php POST endpoint for tenant/centro switching
- Update tools.auth.php: DB-backed login, cookie auth, session reload, init_active_centro()
- Update all sysadmin pages (users, centros, aularios, invitations, reset_password) to use DB
- Update aulatek/index.php, aulario.php, supercafe.php, supercafe_edit.php to use DB
- Update aulatek/comedor.php and api/comedor.php to use DB
- Update aulatek/paneldiario.php: aulario config + comedor data from DB
- Update aulatek/proyectos.php: aulario config + sharing metadata from DB
- Update club/cal.php, index.php, edit_data.php, upload/upload.php to use DB
- Update account/index.php: rich profile, tenant list, aula list, session info, permissions
- Update pre-body.php account dropdown: shows active org + inline tenant switcher
- Update DATA_STRUCTURE.md to document DB approach and migration system

Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
2026-03-06 22:00:48 +00:00

29 lines
864 B
PHP
Raw Blame History

<?php
/**
* switch_tenant.php
* POST endpoint to switch the active tenant/centro for the current user session.
* Validates the requested centro against the user's allowed centros before applying.
*/
require_once "tools.session.php";
require_once "tools.security.php";
require_once "db.php";
if (!isset($_SESSION["auth_ok"]) || $_SESSION["auth_ok"] !== true) {
header("HTTP/1.1 401 Unauthorized");
die("No autenticado.");
}
$requested = Sf($_POST['centro'] ?? '');
$redir = safe_redir($_POST['redir'] ?? '/');
$centros = get_user_centros($_SESSION['auth_data'] ?? []);
if ($requested !== '' && in_array($requested, $centros, true)) {
$_SESSION['active_centro'] = $requested;
// Also update session auth_data so it reflects immediately
$_SESSION['auth_data']['entreaulas']['centro'] = $requested;
}
header("Location: $redir");
exit;
Reference in New Issue View Git Blame Copy Permalink