LobbySIO/signin_4.php

145 lines
8.8 KiB
PHP

<?php
/*
* Copyright (C) 2018 josh.north
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
ini_set('session.gc_maxlifetime', 24*60*60); // MIN SESSION
ini_set('session.gc_probability', 1); // GC RATES
ini_set('session.gc_divisor', 100); // TIMES
ini_set('session.use_cookies', '1');
ini_set('session.use_only_cookies', '1');
ini_set('session.cookie_secure', '1');
ini_set('session.cookie_httponly', '1');
ini_set('session.cookie_samesite', 'Strict');
session_save_path('.tmp'); // TEMP
session_start(); // START
require_once __DIR__ . '/autoload.php'; // AUTOLOAD
use App\LobbySIO\Misc\Csrf; // ANTICSRF
$StaticFunctions = new \App\LobbySIO\Misc\StaticFunctions(); // DEFAULT CLASSES
$SiteInfo = new \App\LobbySIO\Database\SiteInfo();
$Users = new \App\LobbySIO\Database\Users();
if (isset($_SESSION['user_id'])) { // LOGGED IN? GET USER OBJECT
$session_user = $Users->getUserInfo($_SESSION['user_id'], "1", "0"); }
if (isset($session_user)) { // GET UID OR SET TO KIOSK
$uid = $session_user["0"]["users_id"];} else { $uid = "2"; }
$app_disp_lang = filter_input(INPUT_COOKIE, 'app_disp_lang'); // SETUP LANGUAGE
if(!isset($app_disp_lang)) {
$app_disp_lang=$StaticFunctions->getDefaultLanguage(); }
$siteidcookie = filter_input(INPUT_COOKIE, 'app_site'); // SETUP SITE
foreach($SiteInfo->getSite("0", $uid, "0", "0") as $arr) {
$lookup_array[$arr['sites_id']]=1; }
if(isset($lookup_array[$siteidcookie])) {
$siteid = $siteidcookie; } else { $siteid = "1"; }
if(!isset($siteid)) { $siteid="1"; }
$Translate = new \App\LobbySIO\Language\Translate($app_disp_lang); // SETUP TRANSLATOR
$transLang = $Translate->userLanguage();
$VisitTypeInfo = new \App\LobbySIO\Database\VisitTypeInfo();
$app_current_pagename = $transLang['SIGNIN']; // PAGE SETUP
$app_current_pageicon = '<i class="fas fa-sign-in-alt"></i> ';
require_once("inc/header.inc.php");
if ($StaticFunctions->getSessionStatus() == true) { // CHECK STATUS
header('Location: index.php'); // ELSE HOME
} else {
header("X-Frame-Options: SAMEORIGIN");
header("X-Content-Type-Options: nosniff");
header("Content-Security-Policy: script-src 'self'; script-src-elem 'self'; script-src-attr 'self'; style-src 'self'; style-src-elem 'self'; style-src-attr 'self'; img-src 'self'; connect-src 'self'; frame-src 'self'; font-src 'self'; media-src 'self'; object-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self'; frame-ancestors 'self'; default-src 'self'", false);
if (!empty($_GET['a'])) {
echo '<pre>' . print_r($_POST, true) . '</pre>';
echo 'Verification has been : ' . (Csrf::verifyToken('home') ? 'successful' : 'unsuccessful');
}
?>
<!-- START CONTENT -->
<?php if (!empty($_POST)) { // PROCESS POST
if (empty(filter_input(INPUT_POST, 'carnum', FILTER_SANITIZE_STRING))) { $carnum="";} else {$carnum=filter_input(INPUT_POST, 'carnum', FILTER_SANITIZE_STRING);};
if (empty(filter_input(INPUT_POST, 'ssanum', FILTER_SANITIZE_STRING))) { $ssanum="";} else {$ssanum=filter_input(INPUT_POST, 'ssanum', FILTER_SANITIZE_STRING);};
if (empty(filter_input(INPUT_POST, 'firstname', FILTER_SANITIZE_STRING))) { $firstname="";} else {$firstname=filter_input(INPUT_POST, 'firstname', FILTER_SANITIZE_STRING);};
if (empty(filter_input(INPUT_POST, 'lastname', FILTER_SANITIZE_STRING))) { $lastname="";} else {$lastname=filter_input(INPUT_POST, 'lastname', FILTER_SANITIZE_STRING);};
if (empty(filter_input(INPUT_POST, 'company', FILTER_SANITIZE_STRING))) { $company="";} else {$company=filter_input(INPUT_POST, 'company', FILTER_SANITIZE_STRING);};
if (empty(filter_input(INPUT_POST, 'visit_type', FILTER_SANITIZE_STRING))) { $visit_type="";} else {$visit_type=filter_input(INPUT_POST, 'visit_type', FILTER_SANITIZE_STRING);};
if (empty(filter_input(INPUT_POST, 'v_signature', FILTER_SANITIZE_STRING))) { $v_signature="";} else {$v_signature=filter_input(INPUT_POST, 'v_signature', FILTER_SANITIZE_STRING);};
if (empty(filter_input(INPUT_POST, 'e_signature', FILTER_SANITIZE_STRING))) { $e_signature="";} else {$e_signature=filter_input(INPUT_POST, 'e_signature', FILTER_SANITIZE_STRING);};
if (empty(filter_input(INPUT_POST, 'escort', FILTER_SANITIZE_STRING))) { $escort="";} else {$escort=filter_input(INPUT_POST, 'escort', FILTER_SANITIZE_STRING);};
?>
<div class="container">
<div class="row row-cols-1">
<div class="col d-grid gap-2">
<h2><i class="fas fa-sign-in-alt"></i> <?php echo $transLang['SIGNIN']; ?></h2>
</div>
</div>
<form name="form-signin" class="form-signin" action="signin_display.php" method="post">
<?php echo Csrf::getInputToken('home') ?>
<div class="row row-cols-1">
<div class="col">
<input type="hidden" name="siteid" id="siteid" value="<?php echo $siteid; ?>" />
<?php if($SiteInfo->getSite($siteid, $uid, "0", "0")[0]["sites_region"] == "US") { ?>
<p><?php echo $transLang['ACKNOWLEDGEMENT']; ?></p>
<?php } ?>
<p><?php echo $transLang['COVID_ACKNOWLEDGEMENT']; ?><p>
<p><?php echo $transLang['GDPR_TEXT']; ?><p>
</div>
</div>
<div class="row row-cols-1">
<div class="col d-grid gap-2">
<a class="btn btn-outline-secondary btn-block" data-bs-toggle="modal" data-bs-target="#termsModalLong" href="<?php echo $StaticFunctions->getRules(); ?>"><?php echo $transLang['REFERENCE']; ?>:&nbsp;(<?php echo $transLang['ACKNOWLEDGEMENT_DOC_NAME']; ?>)</a>
<input type="hidden" name="siteid" id="siteid" value="<?php echo $siteid; ?>" />
<input type="hidden" name="carnum" id="carnum" value="<?php echo $carnum; ?>" />
<input type="hidden" name="ssanum" id="ssanum" value="<?php echo $ssanum; ?>" />
<input type="hidden" name="firstname" id="firstname" value="<?php echo $firstname; ?>" />
<input type="hidden" name="lastname" id="lastname" value="<?php echo $lastname; ?>" />
<input type="hidden" name="company" id="company" value="<?php echo $company; ?>" />
<input type="hidden" name="visit_type" id="visit_type" value="<?php echo $visit_type; ?>" />
<input type="hidden" name="v_signature" id="v_signature" value="<?php echo $v_signature; ?>" />
<input type="hidden" name="e_signature" id="e_signature" value="<?php echo $e_signature; ?>" />
<input type="hidden" name="escort" id="escort" value="<?php echo $escort; ?>" />
<a class="btn btn-lg btn-danger" href="index.php"><?php echo $transLang['CANCEL']; ?></a>
<button type="submit" id="saveBtn" class="btn btn-lg btn-success" name="signin"><?php echo $transLang['SIGNIN']; ?></button>
</div>
</div>
</form>
</div>
<!-- END CONTENT -->
<!-- START TERMS MODAL -->
<div class="modal fade" id="termsModalLong" tabindex="-1" role="dialog">
<div class="modal-dialog modal-lg" role="document">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="termsModalLongTitle"><?php echo $transLang['TERMSTITLE']; ?></h5>
<button type="button" class="btn-close" data-bs-dismiss="modal"></button>
</div>
<div class="modal-body">
<object type="application/pdf" data="<?php echo $StaticFunctions->getRules(); ?>" width="700" height="600">_</object>
</div>
</div>
</div>
</div>
<!-- END TERMS MODAL -->
<?php } else { ?>
<!-- START ERROR -->
<div class="container">
<div class="row row-cols-1">
<div class="col d-grid gap-2">
<h2><?php echo $transLang['NOSIGNIN']; ?></h2>
</div>
</div>
</div>
<!-- END ERROR -->
<?php }; ?>
<?php }; require_once("inc/footer.inc.php"); ?>