diff --git a/content/template.html b/content/template.html new file mode 100644 index 0000000..67973d2 --- /dev/null +++ b/content/template.html @@ -0,0 +1,19 @@ + + + + {{ partial "head.html" . }} + + + {{ partial "navpage.html" . }} + + {{ partial "page-template.html" . }} + + {{ partial "language.html" . }} + + {{ partial "legal.html" . }} + + {{ partial "sharecolumn.html" . }} + + {{ partial "js.html" . }} + + diff --git a/layouts/partials/page-template.html b/layouts/partials/page-template.html new file mode 100644 index 0000000..cb188f6 --- /dev/null +++ b/layouts/partials/page-template.html @@ -0,0 +1,14 @@ +{{ "" | safeHTML }} +
+
+
+
+

:HEADLINE:

+
+

:BODY1:

+

:BODY2:

+ Back +
+
+
+
diff --git a/static/cgi/sign.php b/static/cgi/sign.php index 0bf513c..f862e78 100644 --- a/static/cgi/sign.php +++ b/static/cgi/sign.php @@ -1,16 +1,16 @@ $id, + "name" => $name, + "email" => $email, + "country" => $country, + "zip" => $zip, + "permPriv" => $permPriv, + "permNews" => $permNews, + "permPub" => $permPub, + "code" => $code, + "confirmed" => "no"); + $data[] = $newsig; // newsig is a separated variable for debugging purposes - // Append new signature to array - $newsig = array("id" => $id, - "name" => $name, - "email" => $email, - "country" => $country, - "zip" => $zip, - "permPriv" => $permPriv, - "permNews" => $permNews, - "permPub" => $permPub, - "code" => $code, - "confirmed" => "no"); - $data[] = $newsig; // newsig is a separated variable for debugging purposes + // Encode to JSON again and write to file + $allsig = json_encode($data, JSON_PRETTY_PRINT); + file_put_contents($db, $allsig, LOCK_EX); + unset($allsig); + + // Send email asking for confirmation + $to = $email; + $subject = "One step left to sign the \"Public Money - Public Code\" letter"; + $message = "Thank you for signing the open \"Public Money - Public Code\" letter! \r\n\r\n" . + "In order to confirm your signature, please visit following link:\r\n" . + "$selfurl?action=confirm&id=$codeid&code=$code \r\n\r\n" . + "If your confirmation succeeds, your signature will appear on the website within the next few hours."; + $headers = "From: noreply@fsfe.org" . "\r\n" . + "Message-ID: " . "\r\n" . + "X-Mailer: PHP/" . phpversion(); - // Encode to JSON again and write to file - $allsig = json_encode($data, JSON_PRETTY_PRINT); - file_put_contents($db, $allsig, LOCK_EX); - unset($allsig); - - // Send email asking for confirmation - $to = $email; - $subject = "One step left to sign the \"Public Money - Public Code\" letter"; - $message = "Thank you for signing the open \"Public Money - Public Code\" letter! \r\n\r\n" . - "In order to confirm your signature, please visit following link:\r\n http://pmpc-test.mehl.mx/cgi/sign.php?action=confirm&id=$codeid&code=$code \r\n\r\n" . - "If your confirmation succeeds, your signature will appear on the website within the next few hours."; - $headers = "From: noreply@mehl.mx" . "\r\n" . - "Message-ID: " . "\r\n" . - "X-Mailer: PHP/" . phpversion(); + mail($to, $subject, $message, $headers); + + $output .= "Thank you for signing our open letter!

"; + $output .= "We just sent an email to your address ($email) for you to confirm your signature."; + show_page($output, 0); - mail($to, $subject, $message, $headers); - } } else if ($action === "confirm") { /// CONFIRMATION /// $id = $confirmid - $codemod; // substract the obfuscation number from the given ID + if ($id < 0) { + $output .= "Invalid signature ID."; + show_page($output, 1); + } + + read_db($db); + + if (empty($data[$id])) { + $output .= "The signature ID does not exist."; + show_page($output, 1); + } + $email = $data[$id]['email']; // Get the user's email in case we need it $code = $data[$id]['code']; // The confirmation code according to the DB $confirmed = $data[$id]['confirmed']; // The current confirmation status @@ -110,9 +132,6 @@ if ($action === "sign") { // Check whether the confirmation code is what we saved in the DB if ($confirmed === "no") { if ($confirmcode === $code) { - echo "Your signature with the Email <$email> has been confirmed.
"; - echo "Thank you for signing the open letter!"; - // Set the user's confirmation key to "yes" $data[$id]['confirmed'] = "yes"; // Encode to JSON again and write to file @@ -120,17 +139,47 @@ if ($action === "sign") { file_put_contents($db, $allsig, LOCK_EX); unset($allsig); + $output .= "Your email address ($email) has been confirmed.

"; + $output .= "Thank you for signing the open letter! Your signature will appear on the website within the next hours."; + show_page($output, 0); + } else { - echo "The given signature code is incorrect."; + $output .= "The provided signature code is incorrect."; + show_page($output, 1); } + } else if ($confirmed === "yes") { + $output .= "This email address is already confirmed. It can take a few hours until your signature appears online."; + show_page($output, 1); } else { - echo "You already confirmed your email address."; + $output .= "This signature ID does not exist or the confirmation status is broken."; + show_page($output, 1); } +} // END confirm + +// --- PRINT OUTPUT IN TEMPLATE FILE --- + +function replace_page($template, $placeholder, $content){ + $vars = array($placeholder=>$content); + return str_replace(array_keys($vars), $vars, $template); } -echo "
";
-print_r($data);
-echo "
"; -unset($data); +function show_page($output, $exit) { + if ($exit === 0) { + $headline = "Success"; + $notice = ""; + } else if ($exit === 1) { + $headline = "Error"; + $notice = "This error could have happened because one or more fields contained invalid information. Please try again. If you think that you see this error by mistake, please contact us."; + } else { + $headline = "Thank you"; + } + $template = file_get_contents('../template/index.html', true); + $page = replace_page($template, ':HEADLINE:', $headline); + $page = replace_page($page, ':BODY1:', $output); + $page = replace_page($page, ':BODY2:', $notice); + echo $page; + unset($data); + exit($exit); +} ?>