123 lines
7.5 KiB
PHP
123 lines
7.5 KiB
PHP
<?php
|
|
/*
|
|
* Copyright (C) 2018 josh.north
|
|
*
|
|
* This program is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
ini_set('session.gc_maxlifetime', 24*60*60); // MIN SESSION
|
|
ini_set('session.gc_probability', 1); // GC RATES
|
|
ini_set('session.gc_divisor', 100); // TIMES
|
|
ini_set('session.use_cookies', '1');
|
|
ini_set('session.use_only_cookies', '1');
|
|
ini_set('session.cookie_secure', '0');
|
|
ini_set('session.cookie_httponly', '0');
|
|
ini_set('session.cookie_samesite', 'Lax');
|
|
session_save_path('.tmp'); // TEMP
|
|
session_start(); // START
|
|
require_once __DIR__ . '/autoload.php'; // AUTOLOAD
|
|
use App\LobbySIO\Misc\Csrf; // ANTICSRF
|
|
$StaticFunctions = new \App\LobbySIO\Misc\StaticFunctions(); // DEFAULT CLASSES
|
|
$SiteInfo = new \App\LobbySIO\Database\SiteInfo();
|
|
$Users = new \App\LobbySIO\Database\Users();
|
|
if (isset($_SESSION['user_id'])) { // LOGGED IN? GET USER OBJECT
|
|
$session_user = $Users->getUserInfo($_SESSION['user_id'], "1", "0"); }
|
|
if (isset($session_user)) { // GET UID OR SET TO KIOSK
|
|
$uid = $session_user["0"]["users_id"];} else { $uid = "2"; }
|
|
$app_disp_lang = filter_input(INPUT_COOKIE, 'app_disp_lang'); // SETUP LANGUAGE
|
|
if(!isset($app_disp_lang)) {
|
|
$app_disp_lang=$StaticFunctions->getDefaultLanguage(); }
|
|
$siteidcookie = filter_input(INPUT_COOKIE, 'app_site'); // SETUP SITE
|
|
foreach($SiteInfo->getSite("0", $uid, "0", "0") as $arr) {
|
|
$lookup_array[$arr['sites_id']]=1; }
|
|
if(isset($lookup_array[$siteidcookie])) {
|
|
$siteid = $siteidcookie; } else { $siteid = "1"; }
|
|
if(!isset($siteid)) { $siteid="1"; }
|
|
$Translate = new \App\LobbySIO\Language\Translate($app_disp_lang); // SETUP TRANSLATOR
|
|
$transLang = $Translate->userLanguage();
|
|
$VisitTypeInfo = new \App\LobbySIO\Database\VisitTypeInfo();
|
|
$VisitActions = new \App\LobbySIO\Database\VisitActions();
|
|
$app_current_pagename = $transLang['SIGNIN']; // PAGE SETUP
|
|
$app_current_pageicon = '<i class="fas fa-file-signature"></i> ';
|
|
require_once("inc/header.inc.php");
|
|
if ($StaticFunctions->getSessionStatus() == true) { // CHECK STATUS
|
|
header('Location: index.php'); // ELSE HOME
|
|
} else {
|
|
header("X-Frame-Options: SAMEORIGIN");
|
|
header("X-Content-Type-Options: nosniff");
|
|
//header("Content-Security-Policy: script-src 'self' 'unsafe-inline'; script-src-elem 'self'; script-src-attr 'self'; style-src 'self'; style-src-elem 'self'; style-src-attr 'self'; img-src 'self'; connect-src 'self'; frame-src 'self'; font-src 'self'; media-src 'self'; object-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self'; frame-ancestors 'self'; default-src 'self'", false);
|
|
if (!empty($_GET['a'])) {
|
|
echo '<pre>' . print_r($_POST, true) . '</pre>';
|
|
echo 'Verification has been : ' . (Csrf::verifyToken('home') ? 'successful' : 'unsuccessful');
|
|
}
|
|
?>
|
|
|
|
|
|
|
|
<!-- START CONTENT -->
|
|
<?php if (!empty($_POST)) { // PROCESS POST
|
|
if (empty(filter_input(INPUT_POST, 'carnum', FILTER_SANITIZE_STRING))) { $carnum="";} else {$carnum=filter_input(INPUT_POST, 'carnum', FILTER_SANITIZE_STRING);};
|
|
if (empty(filter_input(INPUT_POST, 'ssanum', FILTER_SANITIZE_STRING))) { $ssanum="";} else {$ssanum=filter_input(INPUT_POST, 'ssanum', FILTER_SANITIZE_STRING);};
|
|
echo $VisitActions->newVisit(filter_input(INPUT_POST, 'firstname', FILTER_SANITIZE_STRING), filter_input(INPUT_POST, 'lastname', FILTER_SANITIZE_STRING), filter_input(INPUT_POST, 'company', FILTER_SANITIZE_STRING), filter_input(INPUT_POST, 'visit_type', FILTER_SANITIZE_STRING), $StaticFunctions->getUTC(), filter_input(INPUT_POST, 'v_signature', FILTER_SANITIZE_STRING), filter_input(INPUT_POST, 'siteid', FILTER_SANITIZE_STRING), "1", filter_input(INPUT_POST, 'e_signature', FILTER_SANITIZE_STRING), filter_input(INPUT_POST, 'escort', FILTER_SANITIZE_STRING), $carnum, $ssanum);
|
|
?>
|
|
<div class="container">
|
|
<div class="row row-cols-1">
|
|
<div class="col d-grid gap-2">
|
|
<h2><i class="fas fa-sign-in-alt"></i> <?php echo $transLang['SIGNIN_THANKYOU']; ?></h2>
|
|
</div>
|
|
</div>
|
|
<div class="row row-cols-1">
|
|
<div class="col d-grid gap-2">
|
|
<table class="table table-striped">
|
|
<thead class="thead-dark">
|
|
<tr>
|
|
<th><?php echo $transLang['TIMEREASON']; ?></th><th><?php echo $transLang['COMPANY']; ?></th><th><?php echo $transLang['NAME']; ?></th><th><?php echo $transLang['ESCORT']; ?></th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<tr>
|
|
<td><?php echo $timenow; ?><br><?php echo $transLang[$VisitTypeInfo->getVisitTypeInfo(filter_input(INPUT_POST, 'visit_type', FILTER_SANITIZE_STRING))[0]["visittypes_name"]]; ?></td><td><?php echo filter_input(INPUT_POST, 'company', FILTER_SANITIZE_STRING); ?></td><td><?php echo filter_input(INPUT_POST, 'lastname', FILTER_SANITIZE_STRING); ?>, <?php echo filter_input(INPUT_POST, 'firstname', FILTER_SANITIZE_STRING); ?><br><img src="<?php echo filter_input(INPUT_POST, 'v_signature', FILTER_SANITIZE_STRING); ?>" width="200" height="50" /></td><td><?php if (!empty(filter_input(INPUT_POST, 'escort', FILTER_SANITIZE_STRING))): echo filter_input(INPUT_POST, 'escort', FILTER_SANITIZE_STRING); endif; ?><br /><?php if (!empty(filter_input(INPUT_POST, 'e_signature', FILTER_SANITIZE_STRING))): ?><img src="<?php echo filter_input(INPUT_POST, 'e_signature', FILTER_SANITIZE_STRING); ?>" width="200" height="50" /><?php endif; ?></td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
</div>
|
|
<div class="row row-cols-1">
|
|
<div class="col d-grid gap-2">
|
|
<?php if($SiteInfo->getSite($siteid, $uid, "0", "0")[0]["sites_region"] == "US") { ?>
|
|
<p><?php echo $transLang['ACKNOWLEDGEMENT']; ?></p>
|
|
<?php } ?>
|
|
<p><?php echo $transLang['GDPR_TEXT']; ?><p>
|
|
</div>
|
|
</div>
|
|
<div class="row row-cols-1">
|
|
<div class="col d-grid gap-2">
|
|
<a href="index.php" class="btn btn-success btn-lg btn-block" tabindex="-1" role="button" aria-disabled="true"> <br /><?php echo $transLang['HOME']; ?><br /> </a>
|
|
</div>
|
|
</div>
|
|
<!-- END CONTENT -->
|
|
<?php } else { ?>
|
|
<!-- START ERROR -->
|
|
<div class="container">
|
|
<div class="row row-cols-1">
|
|
<div class="col d-grid gap-2">
|
|
<h2><?php echo $transLang['NOSIGNIN']; ?></h2>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<!-- END ERROR -->
|
|
<?php }; ?>
|
|
|
|
<?php }; require_once("inc/footer.inc.php"); ?>
|