put all output of the signature script on a template page with placeholders
parent
4cf860d077
commit
03b1a35d9c
|
@ -0,0 +1,19 @@
|
|||
<!DOCTYPE html>
|
||||
<html lang="{{ with .Site.LanguageCode }}{{ . }}{{ else }}en-US{{ end }}">
|
||||
<head>
|
||||
{{ partial "head.html" . }}
|
||||
</head>
|
||||
<body id="page-top">
|
||||
{{ partial "navpage.html" . }}
|
||||
|
||||
{{ partial "page-template.html" . }}
|
||||
|
||||
{{ partial "language.html" . }}
|
||||
|
||||
{{ partial "legal.html" . }}
|
||||
|
||||
{{ partial "sharecolumn.html" . }}
|
||||
|
||||
{{ partial "js.html" . }}
|
||||
</body>
|
||||
</html>
|
|
@ -0,0 +1,14 @@
|
|||
{{ "<!-- SUBPAGE TEMPLATE -->" | safeHTML }}
|
||||
<header>
|
||||
<div class="header-content">
|
||||
<div class="header-content-inner">
|
||||
<div class="col-lg-8 col-lg-offset-2 text-center">
|
||||
<h1>:HEADLINE:</h1>
|
||||
<hr />
|
||||
<p>:BODY1:</p>
|
||||
<p>:BODY2:</p>
|
||||
<a href="/" class="btn btn-primary btn-xl">Back</a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</header>
|
|
@ -1,16 +1,16 @@
|
|||
<?php
|
||||
|
||||
$error = 0; // error status
|
||||
$codemod = 2138367; // modificator with which the confirmation ID will be obfuscated
|
||||
|
||||
// Database path
|
||||
$db = "../userdata/signatures.json";
|
||||
$output = "";
|
||||
$selfurl = "http://pmpc-test.mehl.mx/cgi/sign.php"; // absolute URL of this PHP script
|
||||
$db = "../userdata/signatures.json"; // Signature database path
|
||||
$data = "";
|
||||
|
||||
// Get info from form
|
||||
$action = isset($_GET['action']) ? $_GET['action'] : false;
|
||||
if(empty($action)) {
|
||||
echo "No action defined.";
|
||||
exit(1);
|
||||
$output .= "No action defined.";
|
||||
show_page($output, 1);
|
||||
} else if ($action === "sign") {
|
||||
$name = isset($_GET['name']) ? $_GET['name'] : false;
|
||||
$email = isset($_GET['email']) ? $_GET['email'] : false;
|
||||
|
@ -22,8 +22,8 @@ if(empty($action)) {
|
|||
|
||||
// Check for missing required fields
|
||||
if(empty($name) || empty($email) || empty($permPriv)) {
|
||||
echo "At least one required variable is empty.";
|
||||
exit(1);
|
||||
$output .= "At least one required variable is empty.";
|
||||
show_page($output, 1);
|
||||
}
|
||||
} else if ($action === "confirm") {
|
||||
$confirmcode = isset($_GET['code']) ? $_GET['code'] : false;
|
||||
|
@ -31,24 +31,29 @@ if(empty($action)) {
|
|||
|
||||
// Check for missing required fields
|
||||
if(empty($confirmcode) || empty($confirmid)) {
|
||||
echo "Confirmation code or ID is missing.";
|
||||
exit(1);
|
||||
$output .= "Confirmation code or ID is missing.";
|
||||
show_page($output, 1);
|
||||
}
|
||||
} else {
|
||||
echo "Invalid action.";
|
||||
exit(1);
|
||||
$output .= "Invalid action.";
|
||||
show_page($output, 1);
|
||||
}
|
||||
// Continue only if action = sign/confirmation
|
||||
|
||||
// Validate input
|
||||
//TODO
|
||||
|
||||
|
||||
// Read database
|
||||
// Read database (should only be called if really needed)
|
||||
function read_db($db) {
|
||||
global $data; // declare $data a global variable to access it outside this function
|
||||
if (! file_exists($db)) {
|
||||
touch($db);
|
||||
}
|
||||
$file = file_get_contents($db, true);
|
||||
$data = json_decode($file, true);
|
||||
unset($file);
|
||||
}
|
||||
|
||||
|
||||
/// SIGNING ///
|
||||
if ($action === "sign") {
|
||||
|
@ -56,13 +61,13 @@ if ($action === "sign") {
|
|||
$total = count($data);
|
||||
for ($row = 0; $row < $total; $row++) {
|
||||
if ($email === $data[$row]['email']) {
|
||||
echo "email $email already exists!";
|
||||
$error = 1;
|
||||
break 1;
|
||||
$output .= "We already received a signature with this email address.";
|
||||
show_page($output, 1);
|
||||
}
|
||||
}
|
||||
|
||||
if ($error === 0) { // only make entry if no error happened
|
||||
read_db($db);
|
||||
|
||||
// Take sequential ID
|
||||
$id = $total;
|
||||
// Create a random string for email verification
|
||||
|
@ -91,18 +96,35 @@ if ($action === "sign") {
|
|||
$to = $email;
|
||||
$subject = "One step left to sign the \"Public Money - Public Code\" letter";
|
||||
$message = "Thank you for signing the open \"Public Money - Public Code\" letter! \r\n\r\n" .
|
||||
"In order to confirm your signature, please visit following link:\r\n http://pmpc-test.mehl.mx/cgi/sign.php?action=confirm&id=$codeid&code=$code \r\n\r\n" .
|
||||
"In order to confirm your signature, please visit following link:\r\n" .
|
||||
"$selfurl?action=confirm&id=$codeid&code=$code \r\n\r\n" .
|
||||
"If your confirmation succeeds, your signature will appear on the website within the next few hours.";
|
||||
$headers = "From: noreply@mehl.mx" . "\r\n" .
|
||||
$headers = "From: noreply@fsfe.org" . "\r\n" .
|
||||
"Message-ID: <confirmation-$code@fsfe.org>" . "\r\n" .
|
||||
"X-Mailer: PHP/" . phpversion();
|
||||
|
||||
mail($to, $subject, $message, $headers);
|
||||
}
|
||||
|
||||
$output .= "Thank you for signing our open letter! <br /><br />";
|
||||
$output .= "We just sent an email to your address ($email) for you to confirm your signature.";
|
||||
show_page($output, 0);
|
||||
|
||||
} else if ($action === "confirm") {
|
||||
/// CONFIRMATION ///
|
||||
|
||||
$id = $confirmid - $codemod; // substract the obfuscation number from the given ID
|
||||
if ($id < 0) {
|
||||
$output .= "Invalid signature ID.";
|
||||
show_page($output, 1);
|
||||
}
|
||||
|
||||
read_db($db);
|
||||
|
||||
if (empty($data[$id])) {
|
||||
$output .= "The signature ID does not exist.";
|
||||
show_page($output, 1);
|
||||
}
|
||||
|
||||
$email = $data[$id]['email']; // Get the user's email in case we need it
|
||||
$code = $data[$id]['code']; // The confirmation code according to the DB
|
||||
$confirmed = $data[$id]['confirmed']; // The current confirmation status
|
||||
|
@ -110,9 +132,6 @@ if ($action === "sign") {
|
|||
// Check whether the confirmation code is what we saved in the DB
|
||||
if ($confirmed === "no") {
|
||||
if ($confirmcode === $code) {
|
||||
echo "Your signature with the Email <$email> has been confirmed. <br />";
|
||||
echo "Thank you for signing the open letter!";
|
||||
|
||||
// Set the user's confirmation key to "yes"
|
||||
$data[$id]['confirmed'] = "yes";
|
||||
// Encode to JSON again and write to file
|
||||
|
@ -120,17 +139,47 @@ if ($action === "sign") {
|
|||
file_put_contents($db, $allsig, LOCK_EX);
|
||||
unset($allsig);
|
||||
|
||||
$output .= "Your email address ($email) has been confirmed. <br /><br />";
|
||||
$output .= "Thank you for signing the open letter! Your signature will appear on the website within the next hours.";
|
||||
show_page($output, 0);
|
||||
|
||||
} else {
|
||||
echo "The given signature code is incorrect.";
|
||||
$output .= "The provided signature code is incorrect.";
|
||||
show_page($output, 1);
|
||||
}
|
||||
} else if ($confirmed === "yes") {
|
||||
$output .= "This email address is already confirmed. It can take a few hours until your signature appears online.";
|
||||
show_page($output, 1);
|
||||
} else {
|
||||
echo "You already confirmed your email address.";
|
||||
$output .= "This signature ID does not exist or the confirmation status is broken.";
|
||||
show_page($output, 1);
|
||||
}
|
||||
|
||||
} // END confirm
|
||||
|
||||
// --- PRINT OUTPUT IN TEMPLATE FILE ---
|
||||
|
||||
function replace_page($template, $placeholder, $content){
|
||||
$vars = array($placeholder=>$content);
|
||||
return str_replace(array_keys($vars), $vars, $template);
|
||||
}
|
||||
|
||||
echo "<pre>";
|
||||
print_r($data);
|
||||
echo "</pre>";
|
||||
function show_page($output, $exit) {
|
||||
if ($exit === 0) {
|
||||
$headline = "Success";
|
||||
$notice = "";
|
||||
} else if ($exit === 1) {
|
||||
$headline = "Error";
|
||||
$notice = "This error could have happened because one or more fields contained invalid information. Please try again. If you think that you see this error by mistake, please contact us.";
|
||||
} else {
|
||||
$headline = "Thank you";
|
||||
}
|
||||
$template = file_get_contents('../template/index.html', true);
|
||||
$page = replace_page($template, ':HEADLINE:', $headline);
|
||||
$page = replace_page($page, ':BODY1:', $output);
|
||||
$page = replace_page($page, ':BODY2:', $notice);
|
||||
echo $page;
|
||||
unset($data);
|
||||
exit($exit);
|
||||
}
|
||||
?>
|
||||
|
|
Loading…
Reference in New Issue