From 6907d88fcb2f8f19c290cabe5a0b3832a3d9b497 Mon Sep 17 00:00:00 2001
From: Josh North <josh.north@point808.com>
Date: Fri, 18 Jun 2021 17:03:32 -0400
Subject: [PATCH] lang, signout

---
 inc/header.inc.php               |   1 -
 signout.php                      | 166 +++++++++++++++++++------------
 src/Language/de.lang.ini.example |   2 +
 src/Language/en.lang.ini.example |   2 +
 src/Language/es.lang.ini.example |   2 +
 src/Language/fr.lang.ini.example |   2 +
 users.php                        |  20 ++--
 7 files changed, 118 insertions(+), 77 deletions(-)

diff --git a/inc/header.inc.php b/inc/header.inc.php
index 568bdbf..98a702d 100644
--- a/inc/header.inc.php
+++ b/inc/header.inc.php
@@ -100,7 +100,6 @@
   <link rel="apple-touch-icon" href="assets/touch-logo.png?v3">
   <meta http-equiv="content-type" content="text/html; charset=UTF-8"/>
 <?php if (basename($_SERVER['PHP_SELF']) == 'signin_display.php'): ?>  <meta http-equiv="refresh" content="5; url=index.php" /><?php endif; ?>
-<?php if (basename($_SERVER['PHP_SELF']) == 'signout.php'): ?><?php if (!empty($_POST['endvisit'])): ?>  <meta http-equiv="refresh" content="5; url=index.php" /><?php endif; ?><?php endif; ?>
   <link rel="stylesheet" href="css/bootstrap.min.css?v3"/>
   <link rel="stylesheet" href="css/sticky-footer-navbar.css?v3">
   <link rel="stylesheet" href="css/all.min.css?v3"/>
diff --git a/signout.php b/signout.php
index 1e091eb..b5a99e7 100644
--- a/signout.php
+++ b/signout.php
@@ -27,7 +27,7 @@
     session_save_path('.tmp');                                                  // TEMP
     session_start();                                                            // START
     require_once __DIR__ . '/autoload.php';                                     // AUTOLOAD
-    use App\LobbySIO\Misc\Csrf;                                        // ANTICSRF
+    use App\LobbySIO\Misc\Csrf;                                                 // ANTICSRF
     $StaticFunctions = new \App\LobbySIO\Misc\StaticFunctions();                // DEFAULT CLASSES
     $SiteInfo = new \App\LobbySIO\Database\SiteInfo();
     $Users = new \App\LobbySIO\Database\Users();
@@ -65,84 +65,118 @@
 
 
 
-<!-- START CONTENT -->
-<?php 
-  if (!empty($_POST['endvisit'])) {                    // PROCESS POST
-  echo $VisitActions->endVisit($_POST['endvisit'], $StaticFunctions->getUTC());
+<?php                                                                           // FILTER POSTED DATA
+$form_data = filter_input_array(INPUT_POST, [
+    'fd_formAction' => (string)FILTER_SANITIZE_STRING,
+    'fd_pageNumber' => (int)FILTER_VALIDATE_INT,
+    'fd_endVisitForId' => (int)FILTER_VALIDATE_INT
+]);
+if(empty($form_data['fd_formAction'])){
+  $form_data['fd_formAction'] = 'fa_initial';                                   // SET INITIAL STAGE
+}
 ?>
-<!-- START SIGNOUT ACK -->
-  <div class="container">
-    <div class="row row-cols-1">
+
+<?php                                                                           // PAGE CONSTANTS
+  $selfName = (string)'signout.php';                                            // PAGE URL
+  $isApproved = (int)2;                                                         // VISIT APPROVED (0=DECLINE,1=WAIT,2=APPROVED)
+?>
+
+<?php if ($form_data['fd_formAction'] == 'fa_initial') {                        // SHOW SIGNOUT LISTING
+  $pgNum=(int)1;                                                                // PAGINATION LOGIC
+  if(!empty($form_data['fd_pageNumber'])){$pgNum = $form_data['fd_pageNumber'];}
+  $pgOffset=(int)($pgNum-1)*$StaticFunctions->getPageRows();
+  $pgRowCount=(int)count($VisitInfo->getVisitInfo($siteid, $isApproved, "empty", "%", "%", "%", "%", "%", "%"));
+  $pgCount=(int)0;
+  if(0===$pgRowCount){}else{$pgCount=(int)ceil($pgRowCount/$StaticFunctions->getPageRows());if($pgNum>$pgCount){$pgNum=(int)1;}}
+?>
+<!-- SIGNOUT LIST -->
+  <div class="container-fluid">
+    <div class="row row-cols-3 mb-2">
       <div class="col d-grid gap-2">
-        <h2><i class="fas fa-sign-out-alt"></i> <?php echo $transLang['SIGNOUT_THANKYOU']; ?></h2>
+        <h2><i class="fas fa-sign-out-alt"></i> <?=$transLang['SIGNOUT']?></h2>
+      </div>
+      <div class="col d-grid gap-2 text-center">
+        <form method="post">
+        <input type="hidden" name="fd_formAction" id="fd_formAction" value="fa_initial" />
+        <ul class="pagination pagination-sm">
+          <li class="page-item disabled"><a class="page-link" href="#" tabindex="-1"><?=$transLang['STR_COMMON_PAGE']?></a></li>
+          <?php for($i=1; $i<=$pgCount; $i++){ ?>
+          <li class="page-item<?php if($i===$pgNum){echo ' active';} ?>"><button type="submit" class="page-link<?php if($i===$pgNum){echo ' active';} ?>" id="fd_pageNumber" name="fd_pageNumber" value="<?php echo $i; ?>"><?php echo $i; ?></button></li>
+          <?php } ?>
+        </ul>
+        </form>
+      </div>
+      <div class="col text-end">
+        <a href="<?=$selfName?>" type="button" class="btn btn-primary btn-lg"><i class="fa fa-redo"></i> <?=$transLang['REFRESH']?></a>
       </div>
     </div>
   </div>
-<!-- END SIGNOUT ACK -->
-<?php } else {                                           // OR SHOW LIST
-  $approval = "2";                                     // ONLY SHOW APPROVED
-  $page_num = 1;                                       // PAGINATION
-  if(!empty($_GET['pnum'])):
-    $page_num = filter_input(INPUT_GET, 'pnum', FILTER_VALIDATE_INT);
-    if(false === $page_num):
-      $page_num = 1;
-    endif;
-  endif;
-  $offset = ($page_num - 1) * $StaticFunctions->getPageRows();
-  $row_count = count($VisitInfo->getVisitInfo($siteid, $approval, "empty", "%", "%", "%", "%", "%", "%"));
-  $page_count = 0;
-  if (0 === $row_count): else: $page_count = (int)ceil($row_count / $StaticFunctions->getPageRows()); if($page_num > $page_count): $page_num = 1; endif; endif;
-?>
-<!-- START SIGNOUT LIST -->
-  <div class="container">
-    <div class="row row-cols-2">
-      <div class="col d-grid gap-2">
-        <h2><i class="fas fa-sign-out-alt"></i> <?php echo $transLang['SIGNOUT']; ?></h2>
-      </div>
-      <div class="col d-grid gap-2">
-        <a href="index.php" class="btn btn-info" tabindex="-1" role="button" aria-disabled="true"><?php echo $transLang['STR_COMMON_BACK']; ?></a>
-      </div>
-    </div>
-    <form class="form-signout" method="post" onsubmit="return confirm('<?php echo $transLang['END_VISIT_WARNING']; ?>')">
-      <?php echo Csrf::getInputToken('home') ?>
-      <ul class="pagination pagination-sm"><li class="page-item disabled"><a class="page-link" href="#" tabindex="-1"><?php echo $transLang['STR_COMMON_PAGE']; ?></a></li>
-<?php for ($i = 1; $i <= $page_count; $i++): ?>
-        <li class="page-item<?php if ($i === $page_num): echo ' active'; else: echo ' '; endif; ?>"><a class="page-link" href="<?php echo $_SERVER['PHP_SELF'] . '?pnum=' . $i; ?>"><?php echo $i; ?></a></li>
-<?php endfor; ?>
-      </ul>
-      <table class="table table-striped">
-        <thead class="thead-dark">
-          <tr><th><?php echo $transLang['BADGE']; ?></th><th><?php echo $transLang['IN']; ?></th><th><?php echo $transLang['NAME']; ?></th><th><?php echo $transLang['ESCORT']; ?></th><th><?php echo $transLang['ACTIONS']; ?></th></tr>
-        </thead>
-        <tbody>
-<?php $approval="2"; foreach ($VisitInfo->getVisitInfo($siteid, $approval, "empty", "%", "%", "%", "%", $StaticFunctions->getPageRows(), $offset) as $row):
-  $timein = new DateTime($row['visits_intime'], new DateTimeZone('UTC'));
-  $timein->setTimezone(new DateTimeZone("$timezone"));
-  $timein_disp = $timein->format('Y-m-d H:i:s');
-  $isvendor = $row['visits_isvendor'];
-?>
-          <tr><td><?php echo $row['visits_badge']; ?></td><td><?php echo $timein_disp; ?></td><td><?php echo $row['visits_lastname'] . ", " . $row['visits_firstname']; ?><br /><img src="<?php echo $row['visits_signature']; ?>" width="200" height="50"></img></td><td><?php if (!empty($row['visits_escort'])) {echo $row['visits_escort'] . '<br /><img src="' . $row['visits_escort_signature'] . '" width="200" height="50"></img>'; } ?></td>
-            <td><nobr><?php if($isvendor===0){ ?><button type="submit" name="endvisit" value="<?php echo $row['visits_id']; ?>" class="btn btn-warning btn-lg"><i class="fas fa-sign-out-alt"></i><?php echo $transLang['SIGNOUT']; ?></button>
+  <div class="container-fluid">
+    <form class="form-signout" method="post" onsubmit="return confirm('<?=$transLang['END_VISIT_WARNING']?>')">
+    <input type="hidden" name="fd_formAction" id="fd_formAction" value="fa_signout" />
+    <?php echo Csrf::getInputToken('home') ?>
+    <table class="table table-striped">
+      <thead class="thead-dark">
+        <tr><th><?=$transLang['BADGE']?></th><th><?=$transLang['IN']?></th><th><?=$transLang['NAME']?></th><th><?=$transLang['ESCORT']?></th><th><?=$transLang['ACTIONS']?></th></tr>
+      </thead>
+      <tbody>
+        <?php foreach ($VisitInfo->getVisitInfo($siteid, $isApproved, "empty", "%", "%", "%", "%", $StaticFunctions->getPageRows(), $pgOffset) as $row) {
+          $timein = new DateTime($row['visits_intime'], new DateTimeZone('UTC'));
+          $timein->setTimezone(new DateTimeZone("$timezone"));
+          $timein_disp = $timein->format('Y-m-d H:i:s');
+          $isvendor = $row['visits_isvendor'];
+        ?>
+        <tr>
+          <td><?=$row['visits_badge']?></td>
+          <td><?=$timein_disp?></td>
+          <td><?php echo $row['visits_lastname'] . ", " . $row['visits_firstname']; ?><br /><img src="<?php echo $row['visits_signature']; ?>" width="200" height="50" /></td>
+          <td><?php if (!empty($row['visits_escort'])) {echo $row['visits_escort'] . '<br /><img src="' . $row['visits_escort_signature'] . '" width="200" height="50" />'; } ?></td>
+          <td><nobr><?php if($isvendor===0){ ?><button type="submit" name="fd_endVisitForId" value="<?php echo $row['visits_id']; ?>" class="btn btn-warning btn-lg"><i class="fas fa-sign-out-alt"></i><?=$transLang['SIGNOUT']?></button>
               <?php } elseif($isvendor===1){
                 foreach ($VisitInfo->getInfoVendorVisitFinal($row['visits_id']) as $rowvm) {
                   $db_vendorinfo_workcompleted = $rowvm['db_vendorinfo_workcompleted'];
                   $db_vendorinfo_sitecleanup = $rowvm['db_vendorinfo_sitecleanup'];
                   if ($db_vendorinfo_workcompleted === 1 && $db_vendorinfo_sitecleanup === 1) { $finalvendorformcomplete=1; } else { $finalvendorformcomplete=0; }
                   if($finalvendorformcomplete===1){ ?>
-              <button type="submit" name="endvisit" value="<?php echo $row['visits_id']; ?>" class="btn btn-warning btn-lg"><i class="fas fa-sign-out-alt"></i><?php echo $transLang['SIGNOUT']; ?></button>
+              <button type="submit" name="fd_endVisitForId" value="<?php echo $row['visits_id']; ?>" class="btn btn-warning btn-lg"><i class="fas fa-sign-out-alt"></i><?=$transLang['SIGNOUT']?></button>
                   <?php } elseif ($finalvendorformcomplete===0) { ?>
-              <span class="d-inline-block" tabindex="0" data-bs-toggle="popover" data-bs-trigger="hover focus" data-bs-content="<?php echo $transLang['STR_VENDORINFO_UNABLETOSIGNOUT_DESC']; ?>">
-              <button class="btn btn-warning btn-lg" disabled><i class="fas fa-sign-out-alt"></i><?php echo $transLang['SIGNOUT']; ?></button>
+              <span class="d-inline-block" tabindex="0" data-bs-toggle="popover" data-bs-trigger="hover focus" data-bs-content="<?=$transLang['STR_VENDORINFO_UNABLETOSIGNOUT_DESC']?>">
+              <button class="btn btn-warning btn-lg" disabled><i class="fas fa-sign-out-alt"></i><?=$transLang['SIGNOUT']?></button>
               </span>
-              <?php } } } ?>
-        </nobr></td></tr>
-<?php endforeach; ?>
-        </tbody>
-      </table>
+              <?php } } } ?></nobr>
+          </td>
+        </tr>
+        <?php } ?>
+      </tbody>
+    </table>
     </form>
   </div>
-<?php } ?>
-<!-- END SIGNOUT LIST -->
+<!-- SIGNOUT LIST END -->
 
-<!-- CONTENT END -->
-<?php } require_once("inc/footer.inc.php");
+<?php } elseif($form_data['fd_formAction']=='fa_signout') {                     // END VISIT AND DISPLAY THANKS IF POSTED
+  $VisitActions->endVisit($form_data['fd_endVisitForId'], $StaticFunctions->getUTC()); ?>
+<!-- SIGNOUT ACKNOWLEGEMENT -->
+  <div class="container-fluid">
+    <div class="row row-cols-3 mb-2">
+      <div class="col d-grid gap-2">
+        <h2><i class="fas fa-sign-out-alt"></i> <?=$transLang['STR_SIGNOUT_THANKYOU_TITLE']?></h2>
+      </div>
+      <div class="col d-grid gap-2 text-center">
+      </div>
+      <div class="col text-end">
+        <a href="index.php" type="button" class="btn btn-primary btn-lg"><i class="fa fa-redo"></i> <?=$transLang['REFRESH']?></a>
+      </div>
+    </div>
+    <div class="row row-cols-1 mb-2">
+      <div class="col d-grid gap-2">
+        <p><?=$transLang['STR_SIGNOUT_THANKYOU_DESC']?></p>
+      </div>
+    </div>
+  </div>
+  <script>
+    setTimeout(function(){ window.location.href = 'index.php'; }, 5000);
+  </script>
+<!-- SIGNOUT ACKNOWLEGEMENT END-->
+
+<?php } else { echo "<!-- INVALID STAGE -->"; }                                 // INVALID STAGE - GO HOME
+} require_once("inc/footer.inc.php");                                           // PRINT FOOTER
diff --git a/src/Language/de.lang.ini.example b/src/Language/de.lang.ini.example
index 583c48e..a666a5a 100644
--- a/src/Language/de.lang.ini.example
+++ b/src/Language/de.lang.ini.example
@@ -120,6 +120,8 @@ SIGNINBY = 'Geprüft von'
 SIGNIN_THANKYOU = 'Danke, dass Sie sich angemeldet haben. Wir werden Ihnen in Kürze ein Badge zuweisen.'
 SIGNOUT = 'Abmelden'
 SIGNOUT_THANKYOU = 'Danke - Sie wurden erfolgreich abgemeldet.'
+STR_SIGNOUT_THANKYOU_TITLE = 'Danke!'
+STR_SIGNOUT_THANKYOU_DESC = 'Sie wurden erfolgreich abgemeldet. Danke für Ihren Besuch.'
 SOFTWARE_VERSION = 'Version'
 SSANUM = 'SSA-Ticketnummer'
 STATEID = 'Staat ID'
diff --git a/src/Language/en.lang.ini.example b/src/Language/en.lang.ini.example
index fd709d9..937c6dc 100644
--- a/src/Language/en.lang.ini.example
+++ b/src/Language/en.lang.ini.example
@@ -120,6 +120,8 @@ SIGNINBY = 'Sign-In By'
 SIGNIN_THANKYOU = 'Thank you for signing in.  We will assign a badge shortly.'
 SIGNOUT = 'Sign Out'
 SIGNOUT_THANKYOU = 'Thank you - you have been successfully signed out.'
+STR_SIGNOUT_THANKYOU_TITLE = 'Thank You!'
+STR_SIGNOUT_THANKYOU_DESC = 'You have been successfully signed out. Thank you for visiting.'
 SOFTWARE_VERSION = 'Version'
 SSANUM = 'SSA Ticket #'
 STATEID = 'State ID'
diff --git a/src/Language/es.lang.ini.example b/src/Language/es.lang.ini.example
index 51cd2a9..bc276fa 100644
--- a/src/Language/es.lang.ini.example
+++ b/src/Language/es.lang.ini.example
@@ -120,6 +120,8 @@ SIGNINBY = 'Verificada por'
 SIGNIN_THANKYOU = 'Gracias por iniciar sesión. Le asignaremos una credencial en breve.'
 SIGNOUT = 'Salida del cliente'
 SIGNOUT_THANKYOU = 'Gracias, te has desconectado.'
+STR_SIGNOUT_THANKYOU_TITLE = '¡Gracias!'
+STR_SIGNOUT_THANKYOU_DESC = 'Se ha cerrado correctamente. Gracias por su visita.'
 SOFTWARE_VERSION = 'Versión del software'
 SSANUM = 'Número de boleto de la SSA'
 STATEID = 'Identificación del estado'
diff --git a/src/Language/fr.lang.ini.example b/src/Language/fr.lang.ini.example
index b060a75..f78188b 100644
--- a/src/Language/fr.lang.ini.example
+++ b/src/Language/fr.lang.ini.example
@@ -120,6 +120,8 @@ SIGNINBY = 'Vérifié par'
 SIGNIN_THANKYOU = 'Merci pour votre connexion. Nous attribuerons un badge dans quelques instants.'
 SIGNOUT = 'Se déconnecter'
 SIGNOUT_THANKYOU = 'Merci - vous avez été déconnecté avec succès.'
+STR_SIGNOUT_THANKYOU_TITLE = 'Merci!'
+STR_SIGNOUT_THANKYOU_DESC = 'Vous avez été déconnecté avec succès. Merci pour votre visite.'
 SOFTWARE_VERSION = 'Version'
 SSANUM = 'Numéro de billet SSA'
 STATEID = 'Identifiant d&#39;état'
diff --git a/users.php b/users.php
index a4fd307..ec36410 100644
--- a/users.php
+++ b/users.php
@@ -203,7 +203,7 @@ if (!empty($form_data['edituser'])) { $edituser = $Users->getUserInfo($form_data
         $newsiteid = $SiteInfo->getSiteByID($_POST['sitename']);
         $SiteInfo->grantSitePermissionBySiteAndUser($newsiteid["0"]["id"], "1");
         $SiteInfo->grantSitePermissionBySiteAndUser($newsiteid["0"]["id"], "2");
-        header('Location: ' . $_SERVER['PHP_SELF']);
+        header('Location: users.php');
     endif;
 
 
@@ -228,7 +228,7 @@ if (Registry::AUTHMETHOD == 'INTERNAL') {
         $hasher = new PasswordHash(8, FALSE);
         $password = $hasher->HashPassword($_POST['password']);
         $Users->addUser($_POST['firstname'], $_POST['lastname'], $_POST['username'], $timezone, $password, $_POST['email'], $_POST['usertype']);
-        header('Location: ' . $_SERVER['PHP_SELF']);
+        header('Location: users.php');
     endif;
 } elseif (Registry::AUTHMETHOD == 'SAML') {
 
@@ -243,9 +243,9 @@ if (Registry::AUTHMETHOD == 'INTERNAL') {
     endif;
     if (!empty($_POST['newuser']) && empty($errors)):
         $Users->addSAMLUser($timezone, $_POST['email'], $_POST['usertype']);
-        header('Location: ' . $_SERVER['PHP_SELF']);
+        header('Location: users.php');
     endif;    
-};
+}
 
     if (!empty($_POST['editusercomplete'])):                              // EDIT USER
       if (Registry::AUTHMETHOD == 'INTERNAL') {
@@ -279,7 +279,7 @@ if (Registry::AUTHMETHOD == 'INTERNAL') {
         foreach($_POST['sitepermissions'] as $editsitepermission) {
             $SiteInfo->grantSitePermissionBySiteAndUser($editsitepermission, $_POST['edituserid']);
         }
-        header('Location: ' . $_SERVER['PHP_SELF']);
+        header('Location: users.php');
     endif;
 
     
@@ -290,7 +290,7 @@ if (Registry::AUTHMETHOD == 'INTERNAL') {
             $deleteid = (int) $_POST['deleteid'];
             echo $Users->deleteUser($deleteid);
             echo "user deleted!";
-            header('Location: ' . $_SERVER['PHP_SELF']);
+            header('Location: users.php');
         }
     }
 
@@ -484,7 +484,7 @@ if (!empty($_POST['delsite'])) {
         $SiteInfo->deleteSitePermissionByUserAndSite ('2', $deleteid);
         echo $SiteInfo->deleteSite($deleteid);
         echo "site deleted!";
-        header('Location: ' . $_SERVER['PHP_SELF']);
+        header('Location: users.php');
     }
 }
 
@@ -555,7 +555,7 @@ if (0 === $row_count1): else: $page_count1 = (int)ceil($row_count1 / $StaticFunc
           <button type="button" class="btn-close" data-bs-dismiss="modal"></button>
         </div>
         <div class="modal-body">
-          <form class="form form-approve" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
+          <form class="form form-approve" method="post">
             <div class="row row-cols-1">
               <div class="col d-grid gap-2">
                 <div class="input-group input-group-sm mb-0">
@@ -572,7 +572,7 @@ if (0 === $row_count1): else: $page_count1 = (int)ceil($row_count1 / $StaticFunc
                     <option value=""><?php echo $transLang['STR_COMMON_TIMEZONE']; ?></option>
 <?php foreach(DateTimeZone::listIdentifiers(DateTimeZone::ALL) as $row2) { ?>
                     <option><?php echo $row2; ?></option>
-<?php }; ?>
+<?php } ?>
                   </select>
                 </div>
               </div>
@@ -606,4 +606,4 @@ if (0 === $row_count1): else: $page_count1 = (int)ceil($row_count1 / $StaticFunc
 <hr />
 <!-- END PAGE -->
 
-<?php }; require_once("inc/footer.inc.php"); ?>
+<?php } require_once("inc/footer.inc.php");