From 19985dbb8c0aa66dc4bf7905abc1148de909097d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Anton=20Luka=20=C5=A0ijanec?= Date: Tue, 11 Jan 2022 12:35:47 +0100 Subject: prvi-commit --- frontend/api/api.php | 7 + frontend/api/api_test.php | 156 ++ frontend/api/class.ApiLogin.php | 1914 ++++++++++++++++++++ frontend/api/class.ApiLoginController.php | 62 + frontend/api/fb_login.php | 20 + frontend/api/google-oauth2.php | 11 + frontend/api/login_AAI.php | 14 + frontend/install/ajax.php | 30 + frontend/install/classes/class.Display.php | 231 +++ frontend/install/classes/class.DisplayCheck.php | 392 ++++ frontend/install/classes/class.DisplayDatabase.php | 112 ++ frontend/install/classes/class.DisplaySettings.php | 448 +++++ frontend/install/classes/class.ImportDB.php | 256 +++ frontend/install/css/style.css | 479 +++++ frontend/install/index.php | 63 + frontend/install/script/init.js | 4 + frontend/install/script/script.js | 67 + frontend/payments/api.php | 7 + .../classes/class.ApiNarocilaController.php | 367 ++++ frontend/payments/classes/class.UserAccess.php | 475 +++++ frontend/payments/classes/class.UserMailCron.php | 44 + frontend/payments/classes/class.UserNarocila.php | 1632 +++++++++++++++++ .../classes/class.UserNarocilaCebelica.php | 235 +++ .../payments/classes/class.UserNarocilaCron.php | 198 ++ .../payments/classes/class.UserNarocilaPaypal.php | 308 ++++ .../payments/classes/class.UserNarocilaStripe.php | 266 +++ frontend/payments/classes/class.UserPlacila.php | 547 ++++++ frontend/payments/getPdf.php | 35 + frontend/simple/ajax.php | 19 + frontend/simple/classes/DisplayController.php | 967 ++++++++++ frontend/simple/css/style.css | 912 ++++++++++ frontend/simple/css/style.css.map | 1 + frontend/simple/img/landing_page_image.jpg | Bin 0 -> 212946 bytes frontend/simple/img/landing_page_image_aai.png | Bin 0 -> 74942 bytes frontend/simple/index.php | 76 + frontend/simple/script/init.js | 4 + frontend/simple/script/script.js | 85 + 37 files changed, 10444 insertions(+) create mode 100644 frontend/api/api.php create mode 100644 frontend/api/api_test.php create mode 100644 frontend/api/class.ApiLogin.php create mode 100644 frontend/api/class.ApiLoginController.php create mode 100644 frontend/api/fb_login.php create mode 100644 frontend/api/google-oauth2.php create mode 100644 frontend/api/login_AAI.php create mode 100644 frontend/install/ajax.php create mode 100644 frontend/install/classes/class.Display.php create mode 100644 frontend/install/classes/class.DisplayCheck.php create mode 100644 frontend/install/classes/class.DisplayDatabase.php create mode 100644 frontend/install/classes/class.DisplaySettings.php create mode 100644 frontend/install/classes/class.ImportDB.php create mode 100644 frontend/install/css/style.css create mode 100644 frontend/install/index.php create mode 100644 frontend/install/script/init.js create mode 100644 frontend/install/script/script.js create mode 100644 frontend/payments/api.php create mode 100644 frontend/payments/classes/class.ApiNarocilaController.php create mode 100644 frontend/payments/classes/class.UserAccess.php create mode 100644 frontend/payments/classes/class.UserMailCron.php create mode 100644 frontend/payments/classes/class.UserNarocila.php create mode 100644 frontend/payments/classes/class.UserNarocilaCebelica.php create mode 100644 frontend/payments/classes/class.UserNarocilaCron.php create mode 100644 frontend/payments/classes/class.UserNarocilaPaypal.php create mode 100644 frontend/payments/classes/class.UserNarocilaStripe.php create mode 100644 frontend/payments/classes/class.UserPlacila.php create mode 100644 frontend/payments/getPdf.php create mode 100644 frontend/simple/ajax.php create mode 100644 frontend/simple/classes/DisplayController.php create mode 100644 frontend/simple/css/style.css create mode 100644 frontend/simple/css/style.css.map create mode 100644 frontend/simple/img/landing_page_image.jpg create mode 100644 frontend/simple/img/landing_page_image_aai.png create mode 100644 frontend/simple/index.php create mode 100644 frontend/simple/script/init.js create mode 100644 frontend/simple/script/script.js (limited to 'frontend') diff --git a/frontend/api/api.php b/frontend/api/api.php new file mode 100644 index 0000000..4f62ea3 --- /dev/null +++ b/frontend/api/api.php @@ -0,0 +1,7 @@ +'; + echo $result; + + echo '


'; + + // Nastavimo nazaj popravljen cookie + //$_COOKIE = $result_array['cookie']; + + echo 'REZULTAT (JSON DECODE):'; + var_dump($result_array); +} + + + + +// GET +function executeGET(){ + global $api_url; + global $identifier; + global $private_key; + global $ank_id; + global $action; + + // GET params + $params = 'action='.$action; // Funkcija, ki jo želimo izvesti + $params .= '&ank_id='.$ank_id; // ostali parametri potrebni za klic funkcije (id ankete, vprašanja...) + + // Pripravimo podatke za hashiranje + $request_method = 'GET'; + $request = $api_url.'?'.$params; + + $data = $request_method . $request; + + // Izracunamo hash (token) + $token = hash_hmac('sha256', $data, $private_key); + + // Pripravimo klic – dodamo parametra »identifikator« in »token« + $ch = curl_init($request.'&identifier='.$identifier.'&token='.$token); + curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $request_method); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + + // Izvedemo klic + $result = curl_exec($ch); + + return $result; +} + +// POST +function executePOST(){ + global $api_url; + global $identifier; + global $private_key; + global $ank_id; + global $action; + + // GET params + $params = 'action='.$action; // Funkcija, ki jo želimo izvesti + + // POST data + $post_data = array( + "cookie" => $_COOKIE + ); + + + // Pripravimo podatke za hashiranje + $request_method = 'POST'; + $request = $api_url.'?'.$params; + $raw_post_data = http_build_query($post_data); + + $data = $request_method . $request . $raw_post_data; + + // Izracunamo hash (token) + $token = hash_hmac('sha256', $data, $private_key); + + + // Pripravimo klic – dodamo parametra »identifikator« in »token« + $ch = curl_init($request.'&identifier='.$identifier.'&token='.$token); + curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($post_data)); // JSON string za POST + curl_setopt($ch, CURLOPT_POST, true); + curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $request_method); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + + curl_setopt($ch, CURLOPT_HEADER ,1); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION ,1); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); + curl_setopt($ch, CURLINFO_HEADER_OUT, true); + /*$cookie_file = 'cookie.txt'; + curl_setopt ($ch, CURLOPT_COOKIEFILE, $cookie_file); + curl_setopt ($ch, CURLOPT_COOKIEJAR, $cookie_file);*/ + + + // Pripravimo cookije ki jih posljemo cez + $cookie_string = ''; + foreach($_COOKIE as $key => $value){ + $cookie_string .= $key.'='.$value.';'; + } + $cookie_string = substr($cookie_string, 0, -2); + curl_setopt($ch, CURLOPT_COOKIE, $cookie_string); + + + // Izvedemo klic + $result = curl_exec($ch); + + + // Popravimo piskotke + preg_match_all('/^Set-Cookie:\s*([^;]*)/mi', $result, $matches); // get cookie + $cookies = array(); + foreach($matches[1] as $item) { + $new_cookie = explode("=", $item); + setcookie($new_cookie[0], $new_cookie[1], time()-3600, '/', ''); + } + + // Izluscimo samo json response (ker imamo tudi header zraven) + preg_match_all('{".*"}', $result, $matches); + $result = '{'.$matches[0][0].'}'; + + + return $result; +} + \ No newline at end of file diff --git a/frontend/api/class.ApiLogin.php b/frontend/api/class.ApiLogin.php new file mode 100644 index 0000000..aff7d0f --- /dev/null +++ b/frontend/api/class.ApiLogin.php @@ -0,0 +1,1914 @@ +prijava = '_login'; + } + + // Url-ji za podstrani + $urls_array = [ + // Preusmerimo če reCaptcha ni vključena in je robot izpolnil registracijo + 'page_robot_redirect' => $url, + + 'page_main' => $url, + // Osnovna stran + 'page_main_login' => $url.'prijava/', + // Vrnemo na osnovne spletno stran za prijavo + 'page_login' => $url.'?a=login', + // Stran namenjena logiranju + 'page_login_login' => $url.'prijava/?a=login', + // Stran namenjena logiranju + 'page_login_noEmail' => $url.'?a=login_noEmail', + // Stran na katero preusmerimo ce pri loginu vnese napacen oz. neobstojec email + 'page_login_noEmail_login' => $url.'prijava/index.php?a=login_noEmail', + //Preusmei na stran, kje je obrazec za prijavo + + //Google 2FA + 'page_login_2fa' => $url.'?a=login_2fa', + + // Če je uporabnik bannan + 'page_user_ban' => $url.'?a=user_ban', + 'page_user_ban_login' => $url.'prijava/index.php?a=user_ban', + + // Registracija + 'page_register' => $url.'registracija/?', + // 1. korak registracije - stran s formo za registracijo + 'page_register_confirm' => $url.'registracija/confirm/?', + // 2. korak registracije - stran kamor je preusmerjen uporabnik po vnosu podatkov za registracijo (kjer pregleda vnešene podatke če so vsi ok) + 'page_register_emailSend' => $url.'registracija/send/?', + // 3 .korak registracije - stran kamor je preusmerjen ko potrdi podatke - izpiše se mu obvestilo, da bo prejel potrditveni mail + 'page_register_activate' => $site_url.'admin/survey/', + // 4. korak registracije - stran kamor ga preusmeri, ko klikne na url za potrditev registracije v mailu (opcijsko - lahko se ga preusmeri tudi na osnovno stran) + + 'page_add_second_email' => $url.'?a=add_second_email', + + 'page_reset_password' => $url.'obnovitev-gesla/?a=reset_password', + // Sprememba gesla + 'page_reset_password_activate' => $url.'?a=reset_password_activate' + // Potrditev spremembe gesla + ]; + + } else { + // Simple + $urls_array = [ + 'page_main' => $site_url.'index.php', + // Osnovna stran + 'page_login' => $site_url.'index.php?a=login', + // Stran namenjena logiranju + 'page_login_noEmail' => $site_url.'index.php?a=login_noEmail', + //Google 2FA + 'page_login_2fa' => $site_url.'index.php?a=login_2fa', + // Stran na katero preusmerimo ce pri loginu vnese napacen oz. neobstojec email + 'page_user_ban' => $site_url.'index.php?a=user_ban', + 'page_register' => $site_url.'index.php?a=register', + // 1. korak registracije - stran s formo za registracijo + 'page_register_confirm' => $site_url.'index.php?a=register_confirm', + // 2. korak registracije - stran kamor je preusmerjen uporabnik po vnosu podatkov za registracijo (kjer pregleda vnešene podatke če so vsi ok) + 'page_register_emailSend' => $site_url.'index.php?a=register_email', + // 3 .korak registracije - stran kamor je preusmerjen ko potrdi podatke - izpiše se mu obvestilo, da bo prejel potrditveni mail + 'page_register_activate' => $site_url.'index.php', + // 4. korak registracije - stran kamor ga preusmeri, ko klikne na url za potrditev registracije v mailu (opcijsko - lahko se ga preusmeri tudi na osnovno stran) + + 'page_add_second_email' => $site_url.'index.php?a=add_second_email', + + 'page_unregister' => $site_url.'index.php?a=unregister', + // Stran namenjena "odregistraciji uporabnika + 'page_unregister_confirm' => $site_url.'index.php?a=unregister_confirm', + // Potrditev odregistracije + 'page_reset_password' => $site_url.'index.php?a=reset_password', + // Sprememba gesla + 'page_reset_password_activate' => $site_url.'index.php?a=reset_password_activate' + // Potrditev spremembe gesla + ]; + } + + + // Nastavimo url-je + $this->setUrls($urls_array); + + // Preverimo ce smo logirani (in ustrezno nastavimo piskotke) + $admin_type = $this->checkLogin(); + } + + // Nastavimo vse podstrani potrebne za delovanje (registracija, login, odregistracija, pozabljeno geslo...) - + public function setUrls($urls_array) + { + + $this->page_urls = $urls_array; + } + + + // Izvedemo akcijo + + public function checkLogin() + { + global $admin_type; // tip admina: 0:admin, 1:manager, 2:clan, 3:user + global $global_user_id; + global $mysql_database_name; + global $pass_salt; + global $is_meta; + global $cookie_domain; + + $is_meta = 0; + $global_user_id = 0; + $admin_type = 3; + $cookie_pass = $_COOKIE['secret']; + + + // UID je v resnici base64 od emaila, ker sicer odpove meta!!! + // najprej testiram meto, potem sele userje. + if (isset ($_COOKIE['uid']) && !empty($_COOKIE['g2fa'])) { + $user_email = base64_decode($_COOKIE['uid']); + + $db_meta_exists = mysqli_select_db($GLOBALS['connect_db'], "meta"); + if ($db_meta_exists) { + $result = sisplet_query("SELECT geslo, aid, 0 as type FROM administratorji WHERE email='$user_email'"); + } + + // NI META + if (!$result || mysqli_num_rows($result) == 0) { + mysqli_select_db($GLOBALS['connect_db'], $mysql_database_name); + $meta = 0; + + $result = sisplet_query("SELECT pass, id, type FROM users WHERE email='$user_email'"); + if (!$result || mysqli_num_rows($result) == 0) { + // najprej poradiraij cookije! + setcookie('uid', "", time() - 3600, $cookie_domain); + setcookie('secret', "", time() - 3600, $cookie_domain); + + if (substr_count($cookie_domain, ".") > 1) { + $nd = substr($cookie_domain,strpos($cookie_domain, ".") + 1); + + setcookie('uid', "", time() - 3600, $nd); + setcookie('secret', "", time() - 3600, $nd); + } + + return -1; + } else { + $r = mysqli_fetch_row($result); + + if ($cookie_pass != $r[0]) { + // najprej poradiraij cookije! + setcookie('uid', "", time() - 3600, $cookie_domain); + setcookie('secret', "", time() - 3600, $cookie_domain); + + if (substr_count($cookie_domain, ".") > 1) { + $nd = substr($cookie_domain, + strpos($cookie_domain, ".") + 1); + + setcookie('uid', "", time() - 3600, $nd); + setcookie('secret', "", time() - 3600, $nd); + } + + return -1; + } else { + $admin_type = $r[2]; + $global_user_id = $r[1]; + + return $r[2]; + } + } + + } // JE META + else { + $r = mysqli_fetch_row($result); + + if ($cookie_pass == base64_encode((hash('SHA256', base64_decode($r[0]).$pass_salt)))) { + + $is_meta = 1; + $admin_type = "0"; + + mysqli_select_db($GLOBALS['connect_db'], + $mysql_database_name); + + $result = sisplet_query("SELECT pass, id, type FROM users WHERE email='$user_email'"); + if (mysqli_num_rows($result) > 0) { + $r = mysqli_fetch_row($result); + $global_user_id = $r[1]; + } + + return 0; + } else { + mysqli_select_db($GLOBALS['connect_db'], + $mysql_database_name); + // Obstaja tudi primer ko je IN meta IN navaden- in se je pac prijavil kot navaden user + + + $result = sisplet_query("SELECT pass, id, type FROM users WHERE email='$user_email'"); + if (!$result || mysqli_num_rows($result) == 0) { + return -1; + } else { + $r = mysqli_fetch_row($result); + + if ($cookie_pass != $r[0]) { + // najprej poradiraij cookije! + setcookie('uid', "", time() - 3600, $cookie_domain); + setcookie('secret', "", time() - 3600, + $cookie_domain); + + if (substr_count($cookie_domain, ".") > 1) { + $nd = substr($cookie_domain, + strpos($cookie_domain, ".") + 1); + + setcookie('uid', "", time() - 3600, $nd); + setcookie('secret', "", time() - 3600, $nd); + } + + return -1; + } else { + $admin_type = $r[2]; + $global_user_id = $r[1]; + + return $r[2]; + } + } + } + } + } // Ni prijavljen + else { + $admin_type = -1; + + return -1; + } + } + + + // Preveri ce je user ze logiran v 1ko in nastavi globalne spremenljivke in cookie (kopirano iz function.php) + + public function executeAction($params, $data) + { + global $site_url; + global $global_user_id; + global $lang; + global $cookie_domain; + + + // Nastavimo prejete podatke + if (isset($data['ime'])) { + $this->ime = $data['ime']; + } + if (isset($data['priimek'])) { + $this->priimek = $data['priimek']; + } + if (isset($data['email'])) { + $this->email = trim($data['email']); + } + if (isset($data['pass'])) { + $this->pass = $data['pass']; + } + + if (!isset($params['action'])) { + $response = 'Napaka! Manjkajo parametri!'; + } else { + switch ($params['action']) { + + // Login userja + case 'login': + $response = $this->userLogin(); + break; + + // Login userja + case 'login_2fa': + $response = $this->userLogin2fa(); + break; + + // Login userja z google racunom + case 'login_google': + if(!empty($_POST['remember']) && $_POST['remember'] == 1) { + setcookie('remember-me', '1', time() + 31536000, '/', $cookie_domain); + } + + $response = $this->userLoginGoogle(); + break; + + // Login userja s FB racunom + case 'login_facebook': + if(!empty($_POST['remember']) && $_POST['remember'] == 1) { + setcookie('remember-me', '1', time() + 31536000, '/', $cookie_domain); + } + + $response = $this->userLoginFacebook(); + break; + + // Login userja z AAI racunom + case 'login_AAI': + if(!empty($_POST['remember']) && $_POST['remember'] == 1) { + setcookie('remember-me', '1', time() + 31536000, '/', $cookie_domain); + } + + $response = $this->userLoginAAI(); + break; + + + // Logout userja + case 'logout': + $response = $this->userLogout(); + break; + + + // Registracija userja - prvi vnos podatkov s preverjanjem + case 'register': + $response = $this->userRegister(); + break; + + // Registracija userja - potrditev podatkov in posiljanje potrditvenega maila + case 'register_confirm': + $response = $this->userRegisterConfirm(); + break; + + // Registracija userja - potrditev registracije (aktivacija) po prejetju potrditvenega maila + case 'register_activate': + $response = $this->userRegisterActivate(); + break; + + // Dodajanje alternativnega emaila + case 'activate_second_email': + $response = $this->userActivateAlternativEmail(); + break; + + + // Odregistracija userja - preverjanje ce se res zeli odjaviti + // case 'unregister': + // $response = $this->userUnregister(); + // break; + + // Odregistracija userja - potrditev in dejanska odjava + case 'unregister_confirm': + $response = $this->userUnregisterConfirm(); + break; + + + // Reset passworda userja + case 'reset_password': + $response = $this->userResetPassword(); + break; + + // Potrditev reseta passworda userja + case 'reset_password_activate': + $response = $this->userResetPasswordActivate(); + break; + } + } + + + echo $response; + } + + + // Prijavi userja v 1ko - (kopirano iz ProfileClass.php) + + private function userLogin() + { + global $mysql_database_name; + global $site_url; + global $lang; + global $pass_salt; + global $cookie_domain; + global $originating_domain; + global $keep_domain; + global $app_settings; + + + // Ce imamo vklopljeno blokiranje dostopa do admina glede na ip + if(isset($app_settings['admin_allow_only_ip']) && $app_settings['admin_allow_only_ip'] != '' && !empty($app_settings['admin_allow_only_ip'])){ + + $ip = $_SERVER['REMOTE_ADDR']; + + // Preverimo ip - ce se ne ujema ne pustimo logina + if(!in_array($ip, $app_settings['admin_allow_only_ip'])){ + header('location: '.$this->page_urls['page_login'.$this->prijava]); + die(); + } + } + + $mini = $this->email.$this->pass; + for ($Stevec = 0; $Stevec < strlen($mini); $Stevec++) { + $mini = str_replace("'", "", $mini); + } + + $result = sisplet_query("SELECT value FROM misc WHERE what='CookieLife'"); + $row = mysqli_fetch_row($result); + $LifeTime = $row[0]; + + // Cookie "remember-me" nastavimo pri FB, Google in AAi prijavi in tukaj preverjamo, če je nastavljena ta opcija + if ((isset($_POST['remember']) && $_POST['remember'] == "1") || (isset($_COOKIE['remember-me']) && $_COOKIE['remember-me'] == 1)) { + $LifeTime = 3600 * 24 * 365; + } else { + $LifeTime = $LifeTime; + } + + // Preverimo ce obstaja uporabnik s tem emailom + $user_id = User::findByEmail($this->email); + if (!empty($user_id)) { + $sql = sisplet_query("SELECT type, pass, status, id, name, surname, email FROM users WHERE id='".$user_id."'"); + $r = mysqli_fetch_assoc($sql); + + // BAN + if ($r['status'] == 0) { + header('Location: '.$this->page_urls['page_user_ban'.$this->prijava].'&error=user_ban&email='.$this->email); + die(); + } + + $user_lang = 1; + if (!empty($_POST['jezik']) && $_POST['jezik'] == 'en') { + $user_lang = 2; + } + + // Preverimo ce je password ok + if (base64_encode((hash('SHA256', $this->pass.$pass_salt))) == $r['pass'] || $this->EncPass == $r['pass']) { + + // Zabelezimo datum prijave + sisplet_query("UPDATE users SET last_login=NOW(), lang='".$user_lang."' WHERE id='".$r['id']."'"); + + // določi še, od kje se je prijavil + $hostname = ""; + $headers = apache_request_headers(); + if (array_key_exists('X-Forwarded-For', $headers)) { + $hostname = $headers['X-Forwarded-For']; + } else { + $hostname = $_SERVER["REMOTE_ADDR"]; + } + sisplet_query("INSERT INTO user_login_tracker (uid, IP, kdaj) VALUES ('".$r['id']."', '".$hostname."', NOW())"); + + + // Ustvarimo login cookie + setcookie("uid", base64_encode($r['email']), time() + $LifeTime, '/', $cookie_domain); + + //Preverimo če gre za Google 2FA + $user_2fa_enabled = User::option($r['id'], 'google-2fa-validation'); + if(!empty($user_2fa_enabled) && $user_2fa_enabled != 'NOT'){ + setcookie("g2fa", base64_encode($user_2fa_enabled), time() + $LifeTime, '/', $cookie_domain); + header('location: '.$this->page_urls['page_login_2fa']); + die(); + } + + // Ustvarimo piškotek še z imenom in geslom + setcookie("unam", base64_encode($r['name'].' '.$r['surname']),time() + $LifeTime, '/', $cookie_domain); + setcookie("secret", $r['pass'], time() + $LifeTime, '/', $cookie_domain); + + + if ($r['status'] == "2" || $r['status'] == "6") { + setcookie("P", time(), time() + $LifeTime, '/', $cookie_domain); + header('location: '.$this->page_urls['page_login'.$this->prijava].'&email='.$this->email.'&error=password'); + die(); + } + } + else { + // Password prompt + header('location: '.$this->page_urls['page_login'.$this->prijava].'&email='.$this->email.'&error=password'); + die(); + } + } + else { + // Preverimo, če je sploh vpisal email + if (validEmail($this->email)) { + // Emaila ni v bazi + header('location: '.$this->page_urls['page_login_noEmail'.$this->prijava].'&email='.$this->email); + } else { + // Ni vpisana prava oblika maila + header('location: '.$this->page_urls['page_login_noEmail'.$this->prijava].'&email='.$this->email); + } + die(); + } + + //Vkolikor smo ga prijavili in želi kupip paket, vrnemo nazaj na Drupal + if(isset($_COOKIE['nakup'])){ + if($user_lang == 1){ + header('location: '.$site_url.'d/izvedi-nakup/'.$_COOKIE['paket'].'/podatki'); + } else{ + header('location: '.$site_url.'d/en/purchase/'.$_COOKIE['paket'].'/package'); + } + die(); + } + + // Vse je ok - prijavljenega preusmerimo na moje ankete + header('location: '.$site_url.'admin/survey/index.php?lang='.$user_lang); + die(); + } + + // Prijava z Google 2 FA + private function userLogin2fa() + { + global $site_url, $cookie_domain; + + $email = null; + if(!empty($_COOKIE['uid'])){ + $email = base64_decode($_COOKIE['uid']); + } + + $user_id = User::findByEmail($email); + $user= sisplet_query("SELECT type, pass, status, name, surname, email FROM users WHERE id='".$user_id."'", "obj"); + + $secret = User::option($user_id, 'google-2fa-secret'); + if(!empty($secret) && $_POST['google_2fa_number']){ + $google2fa = new \Sonata\GoogleAuthenticator\GoogleAuthenticator(); + + $user_lang = 1; + if (!empty($_POST['jezik']) && $_POST['jezik'] == 'en') { + $user_lang = 2; + } + + // 2FA je bila uspešna + if ($google2fa->checkCode($secret, $_POST['google_2fa_number'])) { + $result = sisplet_query("SELECT value FROM misc WHERE what='CookieLife'", "obj"); + $LifeTime = $result->value; + + // Ustvarimo piškotek še z imenom in geslom + setcookie("unam", base64_encode($user->name.' '.$user->surname),time() + $LifeTime, '/', $cookie_domain); + setcookie("secret", $user->pass, time() + $LifeTime, '/', $cookie_domain); + + + // Zabelezimo datum prijave + sisplet_query("UPDATE users SET last_login=NOW() WHERE id='".$user_id."'"); + + // določi še, od kje se je prijavil + $hostname = ""; + $headers = apache_request_headers(); + if (array_key_exists('X-Forwarded-For', $headers)) { + $hostname = $headers['X-Forwarded-For']; + } else { + $hostname = $_SERVER["REMOTE_ADDR"]; + } + sisplet_query("INSERT INTO user_login_tracker (uid, IP, kdaj) VALUES ('".$user_id."', '".$hostname."', NOW())"); + + + // Vse je ok - prijavljenega preusmerimo na moje ankete + header('location: '.$site_url.'admin/survey/index.php?lang='.$user_lang); + die(); + } + + // Vse neuspešne poskuse ali napačen email + header('location: '. $this->page_urls['page_login_2fa'].'&error=2fa'); + die(); + } + + // Vse je ok - prijavljenega preusmerimo na moje ankete + header('location: '.$site_url); + die(); + } + + // Prijavi userja v 1ko z Google racunom (kopirano iz ProfileClass.php) - PRETESTIRATI + private function userLoginGoogle() + { + require_once('../../function/JWT.php'); + + global $google_login_client_id; + global $google_login_client_secret; + global $site_url; + global $lang; + global $proxy; + + $oauth2_code = $_GET['code']; + $discovery = json_decode(file_get_contents('https://accounts.google.com/.well-known/openid-configuration')); + + if ($proxy != "") { + $ctx = stream_context_create([ + 'http' => [ + 'header' => "Content-type: application/x-www-form-urlencoded\r\n", + 'method' => 'POST', + 'content' => http_build_query([ + 'client_id' => $google_login_client_id, + 'client_secret' => $google_login_client_secret, + 'code' => $oauth2_code, + 'grant_type' => 'authorization_code', + 'redirect_uri' => $site_url.'frontend/api/google-oauth2.php', + 'openid.realm' => $site_url, + ]), + 'proxy' => 'tcp://'.$proxy, + ], + ]); + + } else { + $ctx = stream_context_create([ + 'http' => [ + 'header' => "Content-type: application/x-www-form-urlencoded\r\n", + 'method' => 'POST', + 'content' => http_build_query([ + 'client_id' => $google_login_client_id, + 'client_secret' => $google_login_client_secret, + 'code' => $oauth2_code, + 'grant_type' => 'authorization_code', + 'redirect_uri' => $site_url.'frontend/api/google-oauth2.php', + 'openid.realm' => $site_url, + ]), + ], + ]); + } + + + $resp = file_get_contents($discovery->token_endpoint, false, $ctx); + + if (!$resp) { + // $http_response_header here got magically populated by file_get_contents(), surprise + echo '

'.$lang['oid_auth_rejected'].'

'; + echo '

'.$lang['google_auth_rejected'].'

'; + + echo ''; + } + + $resp = json_decode($resp); + $access_token = $resp->access_token; + $id_token = $resp->id_token; + + // Skip JWT verification: we got it directly from Google via https, nothing could go wrong. + $id_payload = JWT::decode($resp->id_token, null, false); + + if (!$id_payload->sub) { + echo '

'.$lang['oid_auth_rejected'].'

'; + echo '

'.$lang['google_auth_rejected'].'

'; + + echo ''; + } + + $user_id = 'google+'.$id_payload->sub; + $user_email = $id_payload->email; + + if ($user_email != '' && $user_id != '') { + $this->email = $user_email; + + + $user_id_1ka = User::findByEmail($user_email); + // Je noter, ga samo prijavim... + if (!empty($user_id_1ka)) { + $res = sisplet_query("SELECT pass FROM users WHERE id='".$user_id_1ka."'"); + $r = mysqli_fetch_row($res); + + $this->EncPass = $r[0]; + + $this->userLogin(); + } // Ni se registriran, ga je potrebno dodati na prijavno formo + else { + // geslo med 00000 in zzzzz + $this->pass = base_convert(mt_rand(0x19A100, 0x39AA3FF), 10, 36); + $this->EncPass = base64_encode((hash('SHA256', $this->pass.$pass_salt))); + $this->email = $user_email; + + $fn = explode("@", $user_email); + + sisplet_query("INSERT INTO users (name, surname, email, pass, lang, when_reg) VALUES ('".$fn[0]."', '', '".$user_email."', '".$this->EncPass."', '".(isset ($_GET['regFromEnglish']) && $_GET['regFromEnglish'] == "1" ? '2' : '1')."', NOW())"); + $uid = mysqli_insert_id($GLOBALS['connect_db']); + + sisplet_query("INSERT INTO oid_users (uid) VALUES ('$uid')"); + + // Piškotek za cca. 10 let, da mu naslednjić ponudimo prijavno + global $cookie_domain; + setcookie('external-login', '1', time()+280000000, '/', $cookie_domain); + + // prijavi + $this->userLogin(); + } + } + } + + // Prijavi userja v 1ko z FB racunom (kopirano iz ProfileClass.php) - PRETESTIRATI + private function userLoginFacebook() + { + global $facebook_appid; + global $facebook_appsecret; + global $cookie_path; + + if ($r = file_get_contents("https://graph.facebook.com/v2.9/oauth/access_token?client_id=".$facebook_appid."&redirect_uri=https://www.1ka.si/frontend/api/fb_login.php&client_secret=".$facebook_appsecret."&code=".$_GET['code'])) { + + $at = json_decode($r); + $user = json_decode(file_get_contents('https://graph.facebook.com/me?fields=email,first_name,last_name&access_token='.$at->{'access_token'})); + + if (!isset ($user->email) && isset ($user->name)) { + $user->email = str_replace(" ", ".", + $user->first_name.".".$user->last_name)."@facebook.com"; + } + + $old_email = str_replace(" ", ".", $user->first_name.".".$user->last_name)."@facebook.com"; + $old_email = str_replace([" ", "č", "ć", "Č", "Ć", "ž", "Ž", "š", "Š", "đ", "Đ"], [".", "c", "c", "C", "C", "z", "Z", "s", "S", "d", "D"], $old_email); + + // preveri email, ce ga imas v bazi: + if (isset ($user->email) && $user->email != '') { + + $obstaja_user_id = User::findByEmail(str_replace("'",'', $user->email)); + + $result = sisplet_query("select u.name, u.surname, f.id, u.id, u.pass FROM users u, fb_users f WHERE u.id=f.uid AND u.id='".$obstaja_user_id."'"); + + if (mysqli_num_rows($result) == 0) { + + $obstaja_user_id_old_email = User::findByEmail(str_replace("'",'', $old_email)); + $result2 = sisplet_query("select u.id FROM users u LEFT JOIN fb_users f on (u.id=f.uid) where u.id='".$obstaja_user_id_old_email."'"); + if (mysqli_num_rows($result2) > 0) { + + $r2 = mysqli_fetch_row($result2); + + $real_id = User::findByEmail($user->email); + if (!empty($real_id)) { + + // moramo popravljati IDje in jebat ježa + // iz "pravega" skopiram geslo na "fb", "fb" popravim v pravega in pravega dizejblam. In iz pravega vse srv_dpstop popravim na "fb" + sisplet_query("UPDATE users a, users b SET a.pass=b.pass WHERE a.email='".str_replace("'", + '', + $old_email)."' AND b.email='".str_replace("'", + '', $user->email)."'"); + sisplet_query("UPDATE users SET email=CONCAT('D3LMD-' , email) WHERE email='".str_replace("'", + '', $user->email)."'"); + + if ($real_id[0] > 0 && $r2[0] > 0) { + sisplet_query("UPDATE srv_dostop SET uid=".$r2[0]." WHERE uid=".$real_id[0]); + } + } + sisplet_query("UPDATE users SET email='".str_replace("'", + '', $user->email)."' WHERE id='".$r2[0]."'"); + } + } + + $result = sisplet_query("select u.name, u.surname, IF(ISNULL(f.id),'0',f.id), u.id, u.pass FROM users u LEFT JOIN fb_users f on (u.id=f.uid) where u.id='".$obstaja_user_id."'"); + + // je noter, preveri ce je v FB (podatki, podatki!) + if (mysqli_num_rows($result) > 0) { + + $r = mysqli_fetch_row($result); + + if ($r[2] != '0') { + // samo prijavi + $this->EncPass = $r[4]; + $this->email = str_replace(" ", ".", $user->email); + + $this->userLogin(); + } else { + // dodaj FB podatke in prijavi + if (isset ($user->first_name)) { + $fn = $user->first_name; + } else { + $fn = $r[0]; + } + + if (isset ($user->last_name)) { + $ln = $user->last_name; + } else { + $ln = $r[1]; + } + + if (isset ($user->gender)) { + $gn = $user->gender; + } else { + $gn = ''; + } + + if (isset ($user->profile_link)) { + $pl = $user->profile_link; + } else { + $pl = ''; + } + + if (isset ($user->timezone)) { + $tz = $user->timezone; + } else { + $tz = ''; + } + + sisplet_query("INSERT INTO fb_users (uid, first_name, last_name, gender, timezone, profile_link) VALUES ('".$r[3]."', '".$fn."', '".$ln."', '".$gn."', '".$tz."', '".$pl."')"); + + // Prijaviga :) + $this->EncPass = $r[4]; + $this->email = $user->email; + + $this->userLogin(); + } + } else { + // registriraj, dodaj FB podatke in prijavi + // dodaj FB podatke in prijavi + if (isset ($user->first_name)) { + $fn = $user->first_name; + } else { + $fn = str_replace(" ", ".", $r[0]); + } + + if (isset ($user->last_name)) { + $ln = $user->last_name; + } else { + $ln = $r[1]; + } + + if (isset ($user->gender)) { + $gn = $user->gender; + } else { + $gn = ''; + } + + if (isset ($user->profile_link)) { + $pl = $user->profile_link; + } else { + $pl = ''; + } + + if (isset ($user->timezone)) { + $tz = $user->timezone; + } else { + $tz = ''; + } + + // geslo med 00000 in zzzzz + $this->pass = base_convert(mt_rand(0x19A100, 0x39AA3FF), 10, 36); + $this->EncPass = base64_encode((hash('SHA256', $this->pass.$pass_salt))); + $this->email = str_replace([" ", "č", "ć", "Č", "Ć", "ž", "Ž", "š", "Š", "đ", "Đ"], [".", "c", "c", "C", "C", "z", "Z", "s", "S", "d", "D"], $user->email); + + sisplet_query("INSERT INTO users (name, surname, email, pass, when_reg) VALUES ('".$fn."', '".$ln."', '".iconv('utf-8', 'iso-8859-2//TRANSLIT', $this->email)."', '".$this->EncPass."', NOW())"); + $uid = mysqli_insert_id($GLOBALS['connect_db']); + + sisplet_query("INSERT INTO fb_users (uid, first_name, last_name, gender, timezone, profile_link) VALUES ('".$uid."', '".$fn."', '".$ln."', '".$gn."', '".$tz."', '".$pl."')"); + + // Piškotek za cca. 10 let, da mu naslednjić ponudimo prijavno + global $cookie_domain; + setcookie('external-login', '1', time()+280000000, '/', $cookie_domain); + + // prijavi + $this->userLogin(); + } + } + } + } + + // Prijavi userja v 1ko preko AAI racuna (kopirano iz ProfileClass.php - eduroamAnotherServerLogin()) - PRETESTIRATI + function userLoginAAI() + { + global $pass_salt; + global $cookie_domain; + global $site_url; + + // Popravimo string iz geta, ker ima nekje + namesto space + $repaired_string = str_replace(' ', '+', $_GET['s']); + + // malo manj varno, ampak bo OK. + $klobasa = base64_decode($repaired_string); + + + // Dobimo array parametrov iz get-a + $data = explode("|", $klobasa); + + // Pridobimo maile - mozno da jih je vec, potem vzamemo prvega + $mails = explode(";", $data[0]); + sort($mails); + $mail = $mails[0]; + + $ime = $data[1]; + $priimek = $data[2]; + + $njegova = $data[3]; + $moja = $data[4]; + + + // Preverimo ce ima veljaven token (najprej pobrisemo stare) + sisplet_query("DELETE FROM aai_prenosi WHERE timestamp < (UNIX_TIMESTAMP() - 600);"); + $res = sisplet_query("SELECT * FROM aai_prenosi WHERE moja='".$moja."' AND njegova='".$njegova."'"); + + if (mysqli_num_rows($res) > 0) { + + $pass = base64_encode((hash('SHA256', "e5zhbWRTEGW&u375ejsznrtztjhdtz%WZ&".$pass_salt))); + + // Preverimo ce obstaja user v bazi + $user_id_1ka = User::findByEmail($mail); + if (empty($user_id_1ka)) { + + // Nastavimo pass + $pass = base64_encode(hash('SHA256', "e5zhbWRTEGW&u375ejsznrtztjhdtz%WZ&".$pass_salt)); + + // dodaj ga v bazo + sisplet_query("INSERT INTO users (email, name, surname, type, pass, eduroam, when_reg) VALUES ('$mail', '$ime', '$priimek', '3', '".$pass."', '1', NOW())"); + + // Pridobimo id dodanega userja + $user_id = mysqli_insert_id($GLOBALS['connect_db']); + } + else { + + // potegni geslo in mu daj kuki + $result = sisplet_query("SELECT pass, id FROM users WHERE id='".$user_id_1ka."'"); + $r = mysqli_fetch_row($result); + + $pass = $r[0]; + $user_id = $user_id_1ka; + } + + $result = sisplet_query("SELECT value FROM misc WHERE what='CookieLife'"); + $row = mysqli_fetch_row($result); + $LifeTime = $row[0]; + + // Zlogiramo login + sisplet_query("UPDATE users SET last_login=NOW() WHERE id='".$user_id."'"); + + // določi še, od kje se je prijavil + $hostname = ""; + $headers = apache_request_headers(); + if (array_key_exists('X-Forwarded-For', $headers)) { + $hostname = $headers['X-Forwarded-For']; + } else { + $hostname = $_SERVER["REMOTE_ADDR"]; + } + sisplet_query("INSERT INTO user_login_tracker (uid, IP, kdaj) VALUES ('".$user_id."', '".$hostname."', NOW())"); + + setcookie("uid", base64_encode($mail), time() + $LifeTime, '/', $cookie_domain); + setcookie("secret", $pass, time() + $LifeTime, '/', $cookie_domain); + setcookie("unam", base64_encode($ime.' '.$priimek),time() + $LifeTime, '/', $cookie_domain); + + + // moram vedeti, da je AAI! + setcookie("aai", '1', time() + $LifeTime, '/', $cookie_domain); + + // Piškotek za cca. 10 let, da mu naslednjić ponudimo prijavno + setcookie('external-login', '1', time()+280000000, '/', $cookie_domain); + + // Vse je ok - prijavljenega preusmerimo na moje ankete + header('location: '.$site_url.'admin/survey/index.php?l=1'); + die(); + } + else { + header('location: '.$site_url); + die(); + } + } + + // Odjavi userja iz 1ke (kopirano iz ProfileClass.php) + private function userLogout(){ + global $site_url; + global $cookie_domain; + global $global_user_id; + global $aai_instalacija; + + setcookie('uid', '', time() - 3600, '/', $cookie_domain); + setcookie('unam', '', time() - 3600, '/', $cookie_domain); + setcookie('secret', '', time() - 3600, '/', $cookie_domain); + setcookie('ME', '', time() - 3600, '/', $cookie_domain); + setcookie('P', '', time() - 3600, '/', $cookie_domain); + setcookie("AN", '', time() - 3600, '/', $cookie_domain); + setcookie("AS", '', time() - 3600, '/', $cookie_domain); + setcookie("AT", '', time() - 3600, '/', $cookie_domain); + + setcookie("DP", $p, time() - 3600 * 24 * 365, "/", $cookie_domain); + setcookie("DC", $p, time() - 3600 * 24 * 365, "/", $cookie_domain); + setcookie("DI", $p, time() - 3600 * 24 * 365, "/", $cookie_domain); + setcookie("SO", $p, time() - 3600 * 24 * 365, "/", $cookie_domain); + setcookie("SPO", $p, time() - 3600 * 24 * 365, "/", $cookie_domain); + setcookie("SL", $p, time() - 3600 * 24 * 365, "/", $cookie_domain); + + + // pobrisi se naddomeno! (www.1ka.si naj pobrise se 1ka.si) + if (substr_count($cookie_domain, ".") > 1) { + $nd = substr($cookie_domain, strpos($cookie_domain, ".") + 1); + + setcookie('uid', '', time() - 3600, '/', $nd); + setcookie('unam', '', time() - 3600, '/', $nd); + setcookie('secret', '', time() - 3600, '/', $nd); + setcookie('ME', '', time() - 3600, '/', $nd); + setcookie('P', '', time() - 3600, '/', $nd); + setcookie("AN", '', time() - 3600, '/', $nd); + setcookie("AS", '', time() - 3600, '/', $nd); + setcookie("AT", '', time() - 3600, '/', $nd); + + setcookie("DP", $p, time() - 3600 * 24 * 365, "/", $nd); + setcookie("DC", $p, time() - 3600 * 24 * 365, "/", $nd); + setcookie("DI", $p, time() - 3600 * 24 * 365, "/", $nd); + setcookie("SO", $p, time() - 3600 * 24 * 365, "/", $nd); + setcookie("SPO", $p, time() - 3600 * 24 * 365, "/", $nd); + setcookie("SL", $p, time() - 3600 * 24 * 365, "/", $nd); + } + + // Ce gre za arnes aai odjavo odjavimo posebej + if ($aai_instalacija){ + setcookie("aai", '', time() - 3600, '/', $cookie_domain); + header('location: '.$site_url.'/logout_AAI.php?return='.$site_url); + die(); + } + + header('Location:'.$site_url); + } + + + // Registrira userja v 1ko - vnos podatkov + private function userRegister() + { + global $secret_captcha; + + $error = []; + + $email = (isset($_POST['email'])) ? $_POST['email'] : ''; + $ime = (isset($_POST['ime'])) ? $_POST['ime'] : ''; + $geslo = (isset($_POST['geslo'])) ? $_POST['geslo'] : ''; + $geslo2 = (isset($_POST['geslo2'])) ? $_POST['geslo2'] : ''; + $agree = (isset($_POST['agree'])) ? $_POST['agree'] : '0'; + $gdprAgree = (isset($_POST['gdpr-agree'])) ? $_POST['gdpr-agree'] : '0'; + $ajaxKlic = (isset($_POST['ajax'])) ? $_POST['ajax'] : '0'; // Če izvajamo registracjo preko drupala, ker se pošlje post request preko ajaxa + + $varnostno_polje = (isset($_POST['varnostno-polje'])) ? $_POST['varnostno-polje'] : false; + if (!empty($varnostno_polje)) { + header('Location: '.$this->page_urls['page_robot_redirect']); + die(); + } + + + // Preverimo ReCaptcha + if (!empty($secret_captcha)) { + $recaptchaResponse = $_POST['g-recaptcha-response']; + $requestReCaptcha = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secret_captcha."&response=".$recaptchaResponse); + + if (!strstr($requestReCaptcha, "true")) { + $error['invalid_recaptcha'] = '1'; + } + } + + + // Preverimo ce imamo vse podatke + if ($email == '') { + $error['missing_email'] = '1'; + } + if ($ime == '') { + $error['missing_ime'] = '1'; + } + if ($agree == '0') { + $error['missing_agree'] = '1'; + } + + // Preverimo ce je email ok + if (!validEmail($email)) { + $error['invalid_email'] = '1'; + } + + // Preverimo ce sta gesla enaka + if ($geslo != $geslo2) { + $error['pass_mismatch'] = '1'; + } + + // Preverimo ce je geslo dovolj kompleksno + if (!complexPassword($geslo)) { + $error['pass_complex'] = '1'; + } + + // Preverimo ce ze obstaja ime in vrnemo predlog za novo + $sql = sisplet_query("SELECT * from users WHERE name='".$ime."'"); + if (mysqli_num_rows($sql) > 0) { + + $error['existing_ime'] = '1'; + $najdu = 0; + $add = 0; + + if($ime != ''){ + do { + $add++; + $sqln = sisplet_query("SELECT * from users WHERE name='".str_replace("'", + "", $ime).$add."'"); + if (mysqli_num_rows($sqln) == 0) { + $najdu = 1; + } + + } while ($najdu = 0); + + // Novo ime ki ga predlagamo + $ime = $ime.$add; + + $error['new_username'] = $ime; + } + } + + // Preverimo ce ze obstaja email + if (!unikatenEmail($email)) { + $error['existing_email'] = '1'; + } + + + // Nekaj ni ok - posljemo na isto stran z errorji v GET-u + if (!empty($error)) { + + if($ajaxKlic){ + echo json_encode($this->preveriNapake($error)); + die(); + } + + // Ime in email posljemo nazaj v urlju + $params = 'email='.$email.'&ime='.$ime.'&gdpr='.$gdprAgree.'&'; + + // Errorje tudi posljemo preko GET-a + foreach ($error as $key => $val) { + $params .= $key.'='.$val.'&'; + } + $params = substr($params, 0, -1); + + header('Location: '.$this->page_urls['page_register'].'&'.$params); + die(); + } // Vse je ok - preusmerimo na potrditveno stran + else { + + if($ajaxKlic){ + echo json_encode([ + 'success' => '1' + ]); + die(); + } + + // Hidden form, ki ga z js potem postamo naprej (da prenesemo vnesene podatke na naslednjo stran) + echo '
'; + echo ' '; + echo ' '; + echo ' '; + //echo ' '; + echo ' '; + echo '
'; + + // Z js potem postamo na naslednjo stran + echo ''; + + /*header('Location: '.$this->page_urls['page_register_confirm']); + @smalc.s;*/ + } + } + + + private function preveriNapake($parametri) + { + + // Nastavimo jezik + $language = 1; + if(isset($_POST['language'])){ + $language = $_POST['language']; + } + elseif(isset($_POST['jezik'])){ + $language = ($_POST['jezik'] == 'en' ? 2 : 1); + } + + if(is_numeric($language)){ + include_once('../../lang/'.$language.'.php'); + } + + $napaka = []; + + // Napaka pri emailu in opozorilo + $error_email = FALSE; + if (!empty($parametri['missing_email']) && $parametri['missing_email'] == 1) { + + $error_email = TRUE; + $napaka[] = $lang['cms_error_missing_email']; + + } elseif (!empty($parametri['invalid_email']) && $parametri['invalid_email'] == 1) { + + $error_email = TRUE; + $napaka[] = $lang['cms_error_email']; + + } elseif (!empty($parametri['existing_email']) && $parametri['existing_email'] == 1) { + + $error_email = TRUE; + $napaka[] = str_replace("RESTORE_PASSWORD", + "/frontend/api/api.php?action=reset_password&email=" . $parametri['email'], + $lang['cms_error_email_took']); + + } + + // Napaka pri imenu + $error_ime = FALSE; + if (!empty($parametri['missing_ime']) && $parametri['missing_ime'] == 1) { + + $error_ime = TRUE; + $napaka[] = $lang['cms_error_user_field_empty']; + + } elseif (!empty($parametri['existing_ime']) && $parametri['existing_ime'] == 1) { + + $error_ime = TRUE; + $napaka[] = $lang['cms_error_user_took']; + $new_username = $parametri['new_username']; + + } + + // Recaptcha error + $error_recaptcha = FALSE; + if (!empty($parametri['invalid_recaptcha']) && $parametri['invalid_recaptcha'] == 1) { + + $error_recaptcha = TRUE; + $napaka[] = $lang['cms_error_recaptcha']; + + } + + // Napaka pri napačno vpisanih geslih + $error_geslo = FALSE; + if (!empty($parametri['pass_mismatch']) && $parametri['pass_mismatch'] == 1) { + + $error_geslo = TRUE; + $napaka[] = $lang['cms_error_password_incorrect']; + } + // Geslo ni dovolj kompleksno + if (!$error_geslo && !empty($parametri['pass_complex']) && $parametri['pass_complex'] == 1) { + + $error_geslo = TRUE; + $napaka[] = $lang['password_err_complex']; + } + + return [ + 'napaka' => $napaka, + 'error_geslo' => $error_geslo, + 'error_ime' => $error_ime, + 'error_email' => $error_email, + 'error_recaptcha' => $error_recaptcha, + 'new_username' => $new_username ?? '' + ]; + } + + // Registrira userja v 1ko - potrditev podatkov za registracijo (vnos userja v bazo v tabelo users_to_be) in posiljanje potrditvenega maila + private function userRegisterConfirm() + { + global $site_url; + global $site_path; + global $site_domain; + global $virtual_domain; + global $pass_salt; + global $lang; + global $confirm_registration; + global $app_settings; + + + $email = (isset($_POST['email']) ? $_POST['email'] : ''); + $ime = (isset($_POST['ime']) ? $_POST['ime'] : ''); + //$geslo = (isset($_POST['geslo']) ? base64_decode($_POST['geslo']) : ''); + $geslo = (isset($_POST['geslo']) ? $_POST['geslo'] : ''); + $gdprAgree = (isset($_POST['gdpr-agree']) ? $_POST['gdpr-agree'] : 0); + $ajax = (isset($_POST['ajax']) ? $_POST['ajax'] : 0); // če je Drupal ajax request + + + // Nastavimo jezik + $language = 1; + if(isset($_POST['language'])){ + $language = $_POST['language']; + } + elseif(isset($_POST['jezik'])){ + $language = ($_POST['jezik'] == 'en' ? 2 : 1); + } + + if(is_numeric($language)){ + include_once('../../lang/'.$language.'.php'); + } + + + $kdaj = date('Y-m-d'); + + $g = base64_encode($geslo); + + if (strlen($ime) < 1) { + $afna = strpos($email, "@"); + $ime = substr($email, 0, $afna); + } + + $priimek = ''; + + // Ce imamo vklopljeno potrjevanje urednika aplikacije ga potrdi admin + if (isset($confirm_registration) && $confirm_registration == 1) + $status = 2; + else + $status = 1; + // Zakaj je bilo prej vedno status 2? Ker to pomeni, da ni aktiviran in se ne more prijaviti! + //$status = 2; + + // Email potrjevanje - vedno aktivirano + // naredi link za aktivacijo + $code = base64_encode((hash('SHA256', time().$pass_salt.$email.$ime))); + + // Vstavimo novega userja v users_to_be kjer caka na aktivacijo + $result = sisplet_query("INSERT INTO users_to_be + (type, email, name, surname, pass, status, gdpr_agree, when_reg, came_from, timecode, code, lang) + VALUES + ('3', '".$email."', '".$ime."', '".$priimek."', '".$g."', '".$status."', '".$gdprAgree."','".$kdaj."', '0', '".time()."', '".$code."', '".$language."') + "); + $id = mysqli_insert_id($GLOBALS['connect_db']); + + + // Sestavimo mail z aktivacijsko kodo + $Content = $lang['confirm_user_mail']; + + // Podpis + $signature = Common::getEmailSignature(); + $Content .= $signature; + + // Text ignorirajte sporocilo + $Content .= $lang['confirm_user_mail_ignore']; + + // Ce gre slucajno za virutalko + $Subject = ($virtual_domain) ? $lang['confirm_user_mail_subject_virtual'] : $lang['confirm_user_mail_subject']; + + // Ce mora admin potrditi dobi email admin in ne uporabnik! + if(isset($confirm_registration) && $confirm_registration == 1){ + + // Popravimo besedilo emaila + $Content = $lang['confirm_user_mail_admin']; + } + + $PageName = $app_settings['app_name']; + + $ZaMail = ''.' '.$Subject.''; + + // Besedilo v lang dilu je potrebno popravit, ker nimamo vec cel kup parametrov + $Content = str_replace("SFMAIL", $email, $Content); + $Content = str_replace("SFNAME", $ime.' '.$priimek, $Content); + $Content = str_replace("SFPASS", "( ".strtolower($lang['srv_hidden_text'])." )", $Content); + $Content = str_replace("SFPAGENAME", $PageName, $Content); + + $Content = str_replace("SFACTIVATEIN", '', $Content); + $Content = str_replace("SFACTIVATEOUT", '', $Content); + $Content = str_replace("SFEND", '', $Content); + + $Subject = str_replace("SFPAGENAME", $PageName, $Subject); + + // Ce gre slucajno za virutalko + if($virtual_domain) + $Subject = str_replace("SFVIRTUALNAME", $site_domain, $Subject); + + + + $ZaMail .= $Content; + $ZaMail .= ""; + + // Za testiranje brez posiljanja maila + if(isDebug()) { + echo $ZaMail; + die(); + } + + // Posljemo mail z linkom za aktivacijo racuna + try{ + $MA = new MailAdapter(null, 'account'); + + // Ce mora admin potrditi, posljemo njemu mail + if(isset($confirm_registration) && $confirm_registration == 1){ + global $confirm_registration_admin; + + if(is_array($confirm_registration_admin)){ + // Mail posljemo vsem nastavljenim adminom + foreach($confirm_registration_admin as $admin_email){ + $MA->addRecipients($admin_email); + $result = $MA->sendMail($ZaMail, $Subject); + } + } + else{ + $MA->addRecipients($confirm_registration_admin); + $result = $MA->sendMail($ZaMail, $Subject); + } + } + else{ + $MA->addRecipients($email); + $result = $MA->sendMail($ZaMail, $Subject); + } + } + catch (Exception $e){ + } + + + if($ajax){ + echo json_encode([ + 'success' => 1 + ]); + die(); + } + + + // Preko GET parametra pošljemo email za prikaz sporočilo, kam je bil poslan email za aktivacijo registracije + $email = urlencode(base64_encode($email)); + + // redirect po uspešni registraciji in poslanem emailu + header('location: '.$this->page_urls['page_register_emailSend'].'&e='.$email); + } + + // Po poslanem mailu po registraciji, user klikne na url in ga aktiviramo (kopiramo iz tabele users_to_be v tabelo users) + private function userRegisterActivate() + { + global $lang; + global $site_url; + global $site_path; + global $site_domain; + global $virtual_domain; + global $pass_salt; + global $cookie_domain; + global $confirm_registration; + global $app_settings; + + + if (!isset ($_GET['code'])) { + echo $lang['reg_confirm_error']; + } + else { + + $code = $_GET['code']; + $id = $_GET['id']; + + $result = sisplet_query("SELECT type, email, name, surname, pass, status, gdpr_agree, when_reg, came_from, lang + FROM users_to_be + WHERE code='".$code."' AND id='".$id."'"); + if (mysqli_num_rows($result) > 0) { + + $r = mysqli_fetch_assoc($result); + $geslo2 = base64_decode($r['pass']); + $g = base64_encode((hash('SHA256', base64_decode($r['pass']).$pass_salt))); + + sisplet_query("INSERT INTO users + (type, email, name, surname, pass, status, gdpr_agree, when_reg, came_from, lang) + VALUES + ('".$r['type']."', '".$r['email']."', '".$r['name']."', '".$r['surname']."', '".$g."', '".$r['status']."', '".$r['gdpr_agree']."', '".$r['when_reg']."', '".$r['came_from']."', '".$r['lang']."')"); + sisplet_query("DELETE FROM users_to_be WHERE id='$id'"); + + $email = $r['email']; + $pass = $r['pass']; + $ime = $r['name']; + + $PageName = $app_settings['app_name']; + + include_once('../../lang/'.$r['lang'].'.php'); + $Content = $lang['confirm_user_content']; + $Subject = $lang['confirm_user_subject']; + + // Ce je ga moramo po registraciji odobriti dobi drugacno sporocilo + if (isset($confirm_registration) && $confirm_registration == 1){ + $UserContent = $lang['register_user_banned_content']; + } + else{ + $UserContent = $lang['register_user_content']; + } + + // Podpis + $signature = Common::getEmailSignature(); + $UserContent .= $signature; + + $UserContent .= $lang['register_user_content_edit']; + + $change = ''; + $out = ''; + + // Ce gre slucajno za virtualko + $Subject = ($virtual_domain) ? $lang['register_user_subject_virtual'] : $lang['register_user_subject']; + + $UserContent = str_replace("SFNAME", $ime, $UserContent); + $UserContent = str_replace("SFMAIL", $email, $UserContent); + $UserContent = str_replace("SFWITH", $email, $UserContent); + $UserContent = str_replace("SFPAGENAME", $PageName, $UserContent); + $UserContent = str_replace("SFCHANGE", $change, $UserContent); + $UserContent = str_replace("SFOUT", $out, $UserContent); + $UserContent = str_replace("SFEND", '', $UserContent); + + $Subject = str_replace("SFPAGENAME", $PageName, $Subject); + // Ce gre slucajno za virtualko + if($virtual_domain) + $Subject = str_replace("SFVIRTUALNAME", $site_domain, $Subject); + + if ($geslo2 == "") { + $UserContent = str_replace("SFPASS", "( ".$lang['without']." ) ", $UserContent); + } else { + $UserContent = str_replace("SFPASS", "( ".strtolower($lang['srv_hidden_text'])." )", $UserContent); + } + if ($ime == "") { + $UserContent = str_replace("SFNAME", $lang['mr_or_mrs'], $UserContent); + } else { + $UserContent = str_replace("SFNAME", $ime, $UserContent); + } + + $UserContent = str_replace("SFWITH", $emailZaNaprej, $UserContent); + + $ZaMail = ''.''.$Subject.''; + + $ZaMail .= $UserContent; + + if(isDebug()){ + echo $ZaMail; + die(); + } + + if (strpos($email, "@") && strpos($email, "@") != 0) { + + try{ + $MA = new MailAdapter(null, 'account'); + + $MA->addRecipients($email); + + $result = $MA->sendMail($ZaMail, $Subject); + } + catch (Exception $e){ + } + } + + // Ce imamo vklopljeno potrjevanje urednika aplikacije je to izvedel admin in ne prijavljamo + if (!isset($confirm_registration) || $confirm_registration != 1){ + + // določi še, od kje se je prijavil + $hostname = ""; + $headers = apache_request_headers(); + if (array_key_exists('X-Forwarded-For', $headers)) { + $hostname = $headers['X-Forwarded-For']; + } else { + $hostname = $_SERVER["REMOTE_ADDR"]; + } + + // Dobimo id userja s tem emailom + $user_id = User::findByEmail($email); + + // Zabelezimo datum prijave + sisplet_query("INSERT INTO user_login_tracker (uid, IP, kdaj) VALUES ('".$user_id."', '".$hostname."', NOW())"); + sisplet_query("UPDATE users SET last_login=NOW() WHERE id='".$user_id."'"); + + setcookie('uid', base64_encode($email), time() + 360000000, '/', $cookie_domain); + setcookie("unam", base64_encode($r['name'].' '.$r['surname']),time() + 360000000, '/', $cookie_domain); + setcookie('secret', $g, time() + 360000000, '/', $cookie_domain); + + // redirect po potrditvi maila. + header('location: '.$this->page_urls['page_register_activate']); + } + else{ + echo $lang['user_confirm_p_admin_success']; + } + } + } + } + + private function userActivateAlternativEmail() + { + global $lang; + + if (!isset ($_GET['enc'])) { + echo $lang['alternative_email_confirm_error']; + } else { + parse_str(base64_decode($_GET['enc']), $param); + + $poizvedba = "SELECT email, user_id FROM users_to_be WHERE code='".$param['code']."' AND id='".$param['id']."'"; + + global $global_user_id; + if(!empty($global_user_id)) + $poizvedba .= " AND user_id='".$global_user_id."'"; + + $result = sisplet_query($poizvedba, "obj"); + + + if (!empty($result) && validEmail($result->email)) { + $vpis = User::getInstance($result->user_id)->insertAlternativeEmail($result->email); + + if($vpis) { + sisplet_query("DELETE FROM users_to_be WHERE id='".$param['id']."'"); + + + $uporabnik = sisplet_query("SELECT email, pass FROM users WHERE id='".$result->user_id."'", + "obj"); + + setcookie('uid', base64_encode($uporabnik->email), + time() + 360000000, '/', $cookie_domain); + setcookie('secret', $uporabnik->pass, time() + 360000000, + '/', $cookie_domain); + } + + header('location: '.$this->page_urls['page_register_activate']); + }else { + header('location: '.$this->page_urls['page_main']); + } + } + + } + + + // Po kliku na odjava v mailu uporabnika odregistriramo - PRETESTIRATI + private function userUnregisterConfirm() + { + global $site_url; + global $site_path; + global $lang; + global $global_user_id; + global $cookie_domain; + global $app_settings; + + $email = $global_user_id; + + if (isset($_GET['email'])) { + $email = strtolower($_GET['email']); + + if (is_numeric($email)) { + $result = sisplet_query("SELECT email FROM users WHERE id='$email'"); + $r = mysqli_fetch_row($result); + + $email = $r[0]; + } + } + + $result = sisplet_query("SELECT value FROM misc WHERE what='ByeEmail'"); + list ($ByeEmail) = mysqli_fetch_row($result); + $result = sisplet_query("SELECT value FROM misc WHERE what='ByeEmailSubject'"); + list ($ByeEmailSubject) = mysqli_fetch_row($result); + $result = sisplet_query("SELECT name FROM users WHERE email='$email'"); + list ($ime) = mysqli_fetch_row($result); + + $PageName = $app_settings['app_name']; + + $ByeEmail = str_replace("SFPAGENAME", $PageName, $ByeEmail); + if (strlen($ime) > 2) { + $ByeEmail = str_replace("SFNAME", $ime, $ByeEmail); + } + else { + $ByeEmail = str_replace("SFNAME", $lang[mr_or_mrs], $ByeEmail); + } + + $ByeEmailSubject = str_replace("SFPAGENAME", $PageName, $ByeEmailSubject); + if (strlen($ime) > 2) { + $ByeEmailSubject = str_replace("SFNAME", $ime, $ByeEmailSubject); + } + else { + $ByeEmailSubject = str_replace("SFNAME", $lang['mr_or_mrs'], + $ByeEmailSubject); + } + + + $result = sisplet_query("UPDATE users SET email=CONCAT('UNSU8MD-', UNIX_TIMESTAMP(), email) WHERE email='$email'"); + setcookie('uid', '', time() - 3600, '/', $cookie_domain); + setcookie('secret', '', time() - 3600, '/', $cookie_domain); + + if (substr_count($cookie_domain, ".") > 1) { + $nd = substr($cookie_domain, strpos($cookie_domain, ".") + 1); + + setcookie('uid', '', time() - 3600, '/', $nd); + setcookie('secret', '', time() - 3600, '/', $nd); + } + + + if (strpos($email, "@") && strpos($email, "@") != 0) { + + // Poslemo mail za uspesno odregistracijo + try{ + $MA = new MailAdapter(null, 'account'); + + $MA->addRecipients($email); + + $result = $MA->sendMail($ByeEmail, $ByeEmailSubject); + } + catch (Exception $e){ + } + + // Se obvestilo za admina + try{ + $MA = new MailAdapter(null, 'account'); + + $MA->addRecipients($From); + + $ByeEmail2 = $_lang['ByeNoteToAdmin'].$PageName." ".$email; + + $result = $MA->sendMail($ByeEmail2, $lang['ByeNoteToAdminSubject']); + } + catch (Exception $e){ + } + + + // Preusmerimo na stran potrditve + header('location: '.$this->page_urls['page_unregister_confirm']); + } + } + + + // Resetira geslo userja (kopirano iz ProfileClass.php) - PRETESTIRATI + private function userResetPassword() + { + global $lang; + global $site_url; + global $pass_salt; + global $site_path; + global $site_domain; + global $virtual_domain; + global $cookie_domain; + global $app_settings; + + if (isset ($_GET['email']) || isset ($_POST['email'])) { + + if (isset ($_GET['email'])) { + $email = strtolower($_GET['email']); + } + if (isset ($_POST['email'])) { + $email = strtolower($_POST['email']); + } + + $email = CleanXSS($email); + + // Ali gre za ajax klic + $ajaxKlic = false; + if(!empty($_POST['ajax'])){ + $ajaxKlic = true; + + if($_POST['lang'] == 'en' || $_POST['jezik'] == 'en'){ + include('../../lang/2.php'); + } + else { + include('../../lang/1.php'); + } + } + // Za simple frontend nastavimo jezik + elseif(isset($_GET['lang_id']) && is_numeric($_GET['lang_id'])){ + include('../../lang/'.$_GET['lang_id'].'.php'); + } + + // Ce emaila ni v bazi + $user_id_1ka = User::findByEmail($email); + if (empty($user_id_1ka)) { + + if($ajaxKlic){ + echo json_encode([ + 'type' => 'error', + 'text' => $lang['cms_error_no_email'] + ]); + }else { + header('location: '.$this->page_urls['page_login_noEmail'.$this->prijava].'&email='.$email); + } + die(); + } else { + $result = sisplet_query("SELECT name, pass, surname FROM users WHERE id='".$user_id_1ka."'"); + list ($ime, $geslo, $priimek) = mysqli_fetch_row($result); + } + + // Novo geslo sestavis iz dveh nakljucnih besed + stevilke + include_once($site_path.'lang/words_'.$lang['language_short'].'.php'); + + $geslo = strtolower($words[rand(0, 999)].rand(0, 9).$words[rand(0, 999)]); + + // passhint je parameter v linku ki ga skombiniras skupaj z emailom in mu potem aktiviras novo geslo + $passhint = base64_encode((hash('SHA256', time().$pass_salt))); + + $chk = sisplet_query("SELECT id FROm users WHERE email='$email' AND UNIX_TIMESTAMP(NOW())-LastLP>600"); + if (mysqli_num_rows($chk) > 0) { + $result = sisplet_query("UPDATE users SET LastLP=UNIX_TIMESTAMP(NOW()), lost_password='".base64_encode((hash(SHA256, $geslo.$pass_salt)))."', lost_password_code='$passhint' WHERE email='$email'"); + + // Ce gre slucajno za virtualko + $Subject = ($virtual_domain) ? $lang['lost_pass_subject_virtual'] : $lang['lost_pass_subject']; + + $Content = $lang['lost_pass_mail']; + + $PageName = $app_settings['app_name']; + + $ZaMail = ''.' '.$Subject.''; + + $change = ''; + $out = ''; + + $Content = str_replace("SFMAIL", $email, $Content); + $Content = str_replace("SFNAME", $ime.' '.$priimek, $Content); + $Content = str_replace("SFPASS", $geslo, $Content); + $Content = str_replace("SFPAGENAME", $PageName, $Content); + $Content = str_replace("SFACTIVATEIN", + '', + $Content); + $Content = str_replace("SFACTIVATEOUT", '', $Content); + $Content = str_replace("SFCHANGE", $change, $Content); + $Content = str_replace("SFOUT", $out, $Content); + $Content = str_replace("SFEND", '', $Content); + + $Subject = str_replace("SFPAGENAME", $PageName, $Subject); + + // Ce gre slucajno za virtualko + if($virtual_domain) + $Subject = str_replace("SFVIRTUALNAME", $site_domain, $Subject); + + if ($LoginWith == 1) { + $Content = str_replace("SFWITH", $email, $Content); + } + else { + $Content = str_replace("SFWITH", $ime, $Content); + } + + // Podpis + $signature = Common::getEmailSignature(); + $Content .= $signature; + + $ZaMail .= $Content; + $ZaMail .= ""; + + if(isDebug()){ + echo $ZaMail; + die(); + } + + try{ + $MA = new MailAdapter(null, 'account'); + + $MA->addRecipients($email); + + $result = $MA->sendMail($ZaMail, $Subject); + } + catch (Exception $e){ + } + } + + if($ajaxKlic){ + echo json_encode([ + 'type' => 'success', + 'text' => $lang['lp_sent'].'.' + ]); + }else { + // Preusmerimo na stran potrditve + header('location: '.$this->page_urls['page_reset_password'].'&email='.$email); + } + + } else { + header('location: '.$this->page_urls['page_login_noEmail'.$this->prijava].'&email='.$email); + } + } + + // Aktivira resetirano geslo userja (kopirano iz ProfileClass.php) - PRETESTIRATI + private function userResetPasswordActivate() + { + global $lang; + global $site_url; + global $pass_salt; + global $cookie_domain; + + $ajaxKlic = (!empty($_POST['ajax']) ? true : false); + + if (isset($_POST['code']) && isset($_POST['email']) && isset($_POST['pass'])) { + + $code = $_POST['code']; + $email = strtolower($_POST['email']); + $email = CleanXSS($_POST['email']); + $pass = $_POST['pass']; + $pass = CleanXSS($_POST['pass']); + $pass = base64_encode((hash('SHA256', $pass.$pass_salt))); + + $result = sisplet_query("SELECT id, name, surname FROM users WHERE email='$email' AND lost_password='$pass' AND lost_password_code='$code'"); + if (mysqli_num_rows($result) > 0) { + + $r = mysqli_fetch_row($result); + $result = sisplet_query("UPDATE users SET pass='$pass', lost_password='', lost_password_code='' WHERE id='".$r[0]."'"); + + // kukiji + $result = sisplet_query("SELECT value FROM misc WHERE what='CookieLife'"); + $row = mysqli_fetch_row($result); + $LifeTime = $row[0]; + + setcookie("uid", base64_encode($email), time() + $LifeTime, '/', $cookie_domain); + setcookie("secret", $pass, time() + $LifeTime, '/', $cookie_domain); + setcookie("unam", base64_encode($r[1].' '.$r[2]),time() + $LifeTime, '/', $cookie_domain); + + if($ajaxKlic){ + echo json_encode([ + 'type' => 'success', + 'text' => $lang['you_can_change_pass_anytime'], + 'action' => $site_url.'/admin/survey/' + ]); + + die(); + }else { + // Preusmerimo na stran zahvale za spremembo gesla + header('location: ' . $this->page_urls['page_reset_password_activate'] . '&success=1'); + } + } else { + if($ajaxKlic){ + echo json_encode([ + 'type' => 'error', + 'text' => $lang['cms_activation_link_expired_text'] + ]); + + die(); + }else { + // Preusmerimo nazaj na formo zaradi napake + header('location: ' . $this->page_urls['page_reset_password_activate'] . '&error=2'); + } + } + } else { + // Preusmerimo nazaj na formo zaradi napake + header('location: '.$this->page_urls['page_reset_password_activate'].'&code='.$code.'&error=1'); + } + } +} \ No newline at end of file diff --git a/frontend/api/class.ApiLoginController.php b/frontend/api/class.ApiLoginController.php new file mode 100644 index 0000000..d3a0100 --- /dev/null +++ b/frontend/api/class.ApiLoginController.php @@ -0,0 +1,62 @@ +processCall(); + $this->processCallForm(); + + + /*echo 'Params:'; + var_dump($this->params); + echo '
Data:'; + var_dump($this->data); + echo 'Metoda: '.$this->method;*/ + + + // Izvedemo akcijo + $login = new ApiLogin(); + $login->executeAction($this->params, $this->data); + } + + + // Preberemo poslane podatke (ce posiljamo preko curl) + private function processCall(){ + + // Metoda - POST, GET, DELETE... + $this->method = $_SERVER['REQUEST_METHOD']; + + // Preberemo parametre iz url-ja + $request = parse_url($_SERVER['REQUEST_URI']); + parse_str($request['query'], $this->params); + + // Preberemo podatke iz post-a + $this->data = json_decode(file_get_contents('php://input'), true); + } + + // Preberemo poslane podatke (ce posiljamo direktno iz forme) + private function processCallForm(){ + + $this->params = $_GET; + $this->data = $_POST; + } +} \ No newline at end of file diff --git a/frontend/api/fb_login.php b/frontend/api/fb_login.php new file mode 100644 index 0000000..07e4842 --- /dev/null +++ b/frontend/api/fb_login.php @@ -0,0 +1,20 @@ +FBLogin();*/ + + $login = new ApiLogin(); + $login->executeAction($params=array('action'=>'login_facebook'), $data=array()); + } + else { + header ('location: https://www.facebook.com/v2.10/dialog/oauth?client_id=' .$facebook_appid .'&redirect_uri=https://www.1ka.si/frontend/api/fb_login.php&auth_type=rerequest&scope=email,public_profile'); + } + +?> diff --git a/frontend/api/google-oauth2.php b/frontend/api/google-oauth2.php new file mode 100644 index 0000000..149b179 --- /dev/null +++ b/frontend/api/google-oauth2.php @@ -0,0 +1,11 @@ +executeAction($params=array('action'=>'login_google'), $data=array()); + diff --git a/frontend/api/login_AAI.php b/frontend/api/login_AAI.php new file mode 100644 index 0000000..2cb7da0 --- /dev/null +++ b/frontend/api/login_AAI.php @@ -0,0 +1,14 @@ +eduroamAnotherServerLogin();*/ + + $login = new ApiLogin(); + $login->executeAction($params=array('action'=>'login_AAI'), $data=array()); + +?> \ No newline at end of file diff --git a/frontend/install/ajax.php b/frontend/install/ajax.php new file mode 100644 index 0000000..3437c34 --- /dev/null +++ b/frontend/install/ajax.php @@ -0,0 +1,30 @@ +ajaxSubmitSettings(); + } + + // Izvedemo uvoz celotne baze + if($_GET['a'] == 'import_database'){ + + $db = new ImportDB(); + $db->executeImport(); + } + + // Izvedemo posodobitev baze + if($_GET['a'] == 'update_database'){ + + $db = new ImportDB(); + $db->executeUpdate(); + } diff --git a/frontend/install/classes/class.Display.php b/frontend/install/classes/class.Display.php new file mode 100644 index 0000000..3a04fe3 --- /dev/null +++ b/frontend/install/classes/class.Display.php @@ -0,0 +1,231 @@ +stran = $_GET['step']; + + + // Nastavimo jezik + if(isset($_GET['lang_id'])) + $this->lang_id = $_GET['lang_id']; + elseif(isset($_SESSION['lang_id'])) + $this->lang_id = $_SESSION['lang_id']; + + $_SESSION['lang_id'] = $this->lang_id; + + $file = '../../lang/'.$this->lang_id.'.php'; + include($file); + } + + + public function displayHead(){ + global $lang; + global $site_url; + + echo ' '; + echo ' '; + + echo ' '; + + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + + echo ' '.$lang['install_title'].''; + + echo ' '; + echo ' '; + echo ' '; + + echo ' '; + echo ' '; + echo ' '; + echo ' '; + + echo ' '; + echo ' '; + + echo ' '; + echo ' '; + } + + + // Izris zgornje vrstice z logotipom in menijem + public function displayHeader(){ + global $lang; + + // Logo v glavi + echo ''; + + + // Navigacija + echo ''; + } + + // Izris vsebine + public function displayMain(){ + global $lang; + + echo '
'; + + //echo '

'.$lang['install_title'].'

'; + + switch($this->stran){ + + case 'welcome': + $this->displayWelcomePage(); + break; + + case 'check': + $dc = new DisplayCheck(); + $dc->displayCheckPage(); + break; + + case 'settings': + $ds = new DisplaySettings(); + $ds->displaySettingsPage(); + break; + + case 'database': + $dd = new DisplayDatabase(); + $dd->displayDatabasePage(); + break; + + case 'finish': + $this->displayFinishPage(); + break; + + default: + $this->displayWelcomePage(); + break; + } + + echo '
'; + } + + // Izris footerja + public function displayFooter(){ + global $lang; + global $site_url; + + // Stolpec 1 + echo '
'; + echo '

'.$lang['simple_footer_about'].'

'; + echo ' '.$lang['simple_footer_about_1ka'].''; + echo ' '.$lang['simple_footer_about_general'].''; + echo ' '.$lang['simple_footer_about_privacy'].''; + echo ' '.$lang['simple_footer_about_cookies'].''; + echo ' '.$lang['simple_footer_about_antispam'].''; + echo ' '; + echo '
'; + + // Stolpec 2 - logotipi + echo '
'; + + // Logotipa FDV in CDI + echo '
'; + echo ' '; + echo ' '; + echo '
'; + + echo '
'; + + // Stolpec 3 + echo '
'; + + echo '
'; + } + + + // Izris prve welcome + private function displayWelcomePage(){ + global $lang; + + echo '

'.$lang['install_welcome_title'].'

'; + + echo '

'.$lang['install_welcome_text'].'

'; + + // Next button + echo '
'; + echo ' '; + echo '
'; + } + + // Izris strani za preverjanje konfiguracije streznika, baze + private function displayFinishPage(){ + global $lang; + + echo '

'.$lang['install_finish_title'].'

'; + + echo '

'.$lang['install_finish_text'].'

'; + + // Redirect na naslovnico + echo '
'; + echo ' '; + echo ' '; + echo '
'; + } +} \ No newline at end of file diff --git a/frontend/install/classes/class.DisplayCheck.php b/frontend/install/classes/class.DisplayCheck.php new file mode 100644 index 0000000..81d7fc7 --- /dev/null +++ b/frontend/install/classes/class.DisplayCheck.php @@ -0,0 +1,392 @@ +'.$lang['install_check_title'].''; + + echo '

'.$lang['install_check_text'].'


'; + + + $red_error = false; + + // APACHE + echo '
'; + echo '

'.$lang['install_check_apache'].'

'; + + $apache_check = $this->apacheCheck(); + foreach($apache_check as $apache_item){ + + if($apache_item['error'] == 1){ + $color_class = 'orange'; + } + elseif($apache_item['error'] == 2){ + $color_class = 'red'; + $red_error = true; + } + else{ + $color_class = 'green'; + } + + echo '
'; + echo '
'.$lang['install_check_'.$apache_item['what']].':
'; + echo '
'.$apache_item['value'].'
'; + echo '
'; + } + echo '
'; + + + // PHP + echo '
'; + echo '

'.$lang['install_check_php'].'

'; + + $php_check = $this->phpCheck(); + foreach($php_check as $php_item){ + + if($php_item['error'] == 1){ + $color_class = 'orange'; + } + elseif($php_item['error'] == 2){ + $color_class = 'red'; + $red_error = true; + } + else{ + $color_class = 'green'; + } + + echo '
'; + echo '
'.$lang['install_check_'.$php_item['what']].':
'; + echo '
'.$php_item['value'].'
'; + echo '
'; + } + echo '
'; + + + // SQL + echo '
'; + echo '

'.$lang['install_check_sql'].'

'; + + $sql_check = $this->sqlCheck(); + foreach($sql_check as $sql_item){ + + if($sql_item['error'] == 1){ + $color_class = 'orange'; + } + elseif($sql_item['error'] == 2){ + $color_class = 'red'; + $red_error = true; + } + else{ + $color_class = 'green'; + } + + echo '
'; + echo '
'.$lang['install_check_'.$sql_item['what']].':
'; + echo '
'.$sql_item['value'].'
'; + echo '
'; + } + echo '
'; + + + // OTHER + echo '
'; + echo '

'.$lang['install_check_other'].'

'; + + $other_check = $this->otherCheck(); + foreach($other_check as $other_item){ + + if($other_item['error'] == 1){ + $color_class = 'orange'; + } + elseif($other_item['error'] == 2){ + $color_class = 'red'; + $red_error = true; + } + else{ + $color_class = 'green'; + } + + echo '
'; + echo '
'.$lang['install_check_'.$other_item['what']].':
'; + echo '
'.$other_item['value'].'
'; + echo '
'; + } + echo '
'; + + + // Next button - if no red errors + echo '
'; + echo ' '; + if(!$red_error) + echo ' '; + else + echo ' '; + echo '
'; + } + + + // Preverimo apache + private function apacheCheck(){ + global $lang; + + $result = array(); + + $apache_modules = apache_get_modules(); + + // Mod rewrite + $result['mod_rewrite']['what'] = 'mod_rewrite'; + + if(in_array('mod_rewrite', $apache_modules)){ + $result['mod_rewrite']['value'] = $lang['install_check_ok']; + } + else{ + $result['mod_rewrite']['value'] = $lang['install_check_not_ok']; + $result['mod_rewrite']['error'] = 2; + } + + return $result; + } + + // Preverimo php verzijo + private function phpCheck(){ + global $lang; + + $result = array(); + + + // Php verzija + $php_version = phpversion(); + + $result['version']['what'] = 'php_version'; + $result['version']['value'] = $php_version; + + // Zahtevan je php 7 ali 8.0 + if(substr($php_version, 0, 1) != '7' && substr($php_version, 0, 3) != '8.0'){ + $result['version']['error'] = 2; + } + + + // Php nastavitve + // Open tag + $result['opentag']['what'] = 'short_open_tag'; + if(ini_get('short_open_tag') == '1'){ + $result['opentag']['value'] = $lang['install_check_ok']; + } + else{ + $result['opentag']['value'] = 'Not enabled'; + $result['opentag']['error'] = 2; + } + + // upload_max_filesize - 500M + $result['upload_max_filesize']['what'] = 'upload_max_filesize'; + if((int)str_replace('M', '', ini_get('upload_max_filesize')) >= '500'){ + $result['upload_max_filesize']['value'] = ini_get('upload_max_filesize'); + } + else{ + $result['upload_max_filesize']['value'] = ini_get('upload_max_filesize').' - '.$lang['install_check_upload_max_filesize_error']; + $result['upload_max_filesize']['error'] = 1; + } + + // max_execution_time - 120 + $result['max_execution_time']['what'] = 'max_execution_time'; + if((int)ini_get('max_execution_time') >= 120){ + $result['max_execution_time']['value'] = ini_get('max_execution_time'); + } + else{ + $result['max_execution_time']['value'] = ini_get('max_execution_time').' - '.$lang['install_check_max_execution_time_error']; + $result['max_execution_time']['error'] = 1; + } + + // max_input_time - 120 + $result['max_input_time']['what'] = 'max_input_time'; + if((int)ini_get('max_input_time') >= 120){ + $result['max_input_time']['value'] = ini_get('max_input_time'); + } + else{ + $result['max_input_time']['value'] = ini_get('max_input_time').' - '.$lang['install_check_max_input_time_error']; + $result['max_input_time']['error'] = 1; + } + + // max_input_vars - 8000 + /*$result['max_input_vars']['what'] = 'max_input_vars'; + if((int)ini_get('max_input_vars') >= 8000){ + $result['max_input_vars']['value'] = ini_get('max_input_vars'); + } + else{ + $result['max_input_vars']['value'] = 'Recommended value is 8000'; + $result['max_input_vars']['error'] = true; + }*/ + + // memory_limit - 512M + $result['memory_limit']['what'] = 'memory_limit'; + if((int)str_replace('M', '', ini_get('memory_limit')) >= 512){ + $result['memory_limit']['value'] = ini_get('memory_limit'); + } + else{ + $result['memory_limit']['value'] = ini_get('memory_limit').' - '.$lang['install_check_memory_limit_error']; + $result['memory_limit']['error'] = 1; + } + + // post_max_size - 500M + $result['post_max_size']['what'] = 'post_max_size'; + if((int)str_replace('M', '', ini_get('post_max_size')) >= 500){ + $result['post_max_size']['value'] = ini_get('post_max_size'); + } + else{ + $result['post_max_size']['value'] = ini_get('post_max_size').' - '.$lang['install_check_post_max_size_error']; + $result['post_max_size']['error'] = 1; + } + + + // Php moduli + // Mbstring + $result['mbstring']['what'] = 'mbstring'; + if(extension_loaded('mbstring')){ + $result['mbstring']['value'] = $lang['install_check_ok']; + } + else{ + $result['mbstring']['value'] = $lang['install_check_not_ok']; + $result['mbstring']['error'] = 2; + } + + // Openssl + $result['openssl']['what'] = 'openssl'; + if(extension_loaded('openssl')){ + $result['openssl']['value'] = $lang['install_check_ok']; + } + else{ + $result['openssl']['value'] = $lang['install_check_not_ok']; + $result['openssl']['error'] = 2; + } + + // GD + $result['gd']['what'] = 'gd'; + if(extension_loaded('gd')){ + $result['gd']['value'] = $lang['install_check_ok']; + } + else{ + $result['gd']['value'] = $lang['install_check_not_ok']; + $result['gd']['error'] = 2; + } + + // bcmath + $result['bcmath']['what'] = 'bcmath'; + if(extension_loaded('bcmath')){ + $result['bcmath']['value'] = $lang['install_check_ok']; + } + else{ + $result['bcmath']['value'] = $lang['install_check_not_ok']; + $result['bcmath']['error'] = 2; + } + + // zip + $result['zip']['what'] = 'zip'; + if(extension_loaded('zip')){ + $result['zip']['value'] = $lang['install_check_ok']; + } + else{ + $result['zip']['value'] = $lang['install_check_not_ok']; + $result['zip']['error'] = 2; + } + + + return $result; + } + + // Preverimo sql + private function sqlCheck(){ + global $lang; + + $result = array(); + + // Sql version + $sql_version = mysqli_get_server_info($GLOBALS['connect_db']); + + $result['version']['what'] = 'sql_version'; + $result['version']['value'] = $sql_version; + + if(false){ + $result['version']['error'] = 2; + } + + + // Strict + $sql_mode = sisplet_query("SHOW VARIABLES LIKE 'sql_mode'"); + $row_mode = mysqli_fetch_array($sql_mode); + + $result['strict']['what'] = 'sql_strict'; + + if (strpos($row_mode[0], 'STRICT_TRANS_TABLES') === false) { + $result['strict']['value'] = $lang['install_check_ok']; + } + else{ + $result['strict']['value'] = $lang['install_check_sql_strict_error']; + $result['strict']['error'] = 2; + } + + + return $result; + } + + // Preverimo ostalo + private function otherCheck(){ + global $lang; + + $result = array(); + + + // SED + $output = array(); + exec("sed 2>&1", $output1); + $result['sed']['what'] = 'sed'; + + if(strpos($output1[0], 'not found') === false){ + $result['sed']['value'] = $lang['install_check_ok']; + } + else{ + $result['sed']['value'] = $lang['install_check_sed_error']; + $result['sed']['error'] = 2; + } + + + // AWK + $output = array(); + exec("awk 2>&1", $output); + $result['awk']['what'] = 'awk'; + + if(strpos($output[0], 'not found') === false){ + $result['awk']['value'] = $lang['install_check_ok']; + } + else{ + $result['awk']['value'] = $lang['install_check_awk_error']; + $result['awk']['error'] = 2; + } + + + // Rscript + $output = array(); + exec("Rscript 2>&1", $output); + $result['rscript']['what'] = 'r'; + + if(strpos($output[0], 'not found') === false){ + $result['rscript']['value'] = $lang['install_check_ok']; + } + else{ + $result['rscript']['value'] = $lang['install_check_r_error']; + $result['rscript']['error'] = 1; + } + + + return $result; + } +} \ No newline at end of file diff --git a/frontend/install/classes/class.DisplayDatabase.php b/frontend/install/classes/class.DisplayDatabase.php new file mode 100644 index 0000000..0703ac6 --- /dev/null +++ b/frontend/install/classes/class.DisplayDatabase.php @@ -0,0 +1,112 @@ +'.$lang['install_database_title'].''; + + $import = new ImportDB(); + + // Baza je prazna + if($import->checkDBEmpty()){ + $this->displayInsert(); + } + // Baza ni updatana + elseif($import->checkDBUpdated()){ + $update = $import->getDBUpdateLines(); + $this->displayUpdate($update); + } + // Ok - zadnja verzija baze + else{ + $this->displayOK(); + } + } + + + // Prikazemo ce je vse ok + private function displayOK(){ + global $lang; + + echo '

'.$lang['install_database_ok'].'

'; + + // Next button + echo '
'; + echo ' '; + echo ' '; + echo '
'; + } + + // Prikazemo uvoz celotne baze + private function displayInsert(){ + global $site_url; + global $lang; + + echo '

'.$lang['install_database_import'].'

'; + + echo '

'.$lang['install_database_import_progress'].'

'; + + + // Div kamor izpisemo response po uvazanju + echo '
'; + + + // Next button + echo '
'; + echo ' '; + echo ' '; + echo '
'; + + + // Se popup okna + echo '
'; + echo ''; + } + + // Prikazemo update baze + public function displayUpdate($update){ + global $site_url; + global $lang; + global $debug; + global $admin_type; + + echo '

'.$lang['install_database_update'].'

'; + + echo '

'.$lang['install_database_version'].': '.$update['current_version'].'

'; + + echo '

'.$lang['install_database_version_update'].': '.$update['new_version'].'

'; + + // Ce smo admin ali v debugu izpisemo tudi vrstice za update + if($admin_type == '0' || $debug == '1'){ + + foreach ($update['update_lines'] as $key => $update_line) { + echo $update_line.'

'; + } + } + + + // Div kamor izpisemo response po uvazanju + echo '
'; + + + // Next button + echo '
'; + echo ' '; + echo ' '; + echo '
'; + + + // Se popup okna + echo '
'; + echo ''; + } +} \ No newline at end of file diff --git a/frontend/install/classes/class.DisplaySettings.php b/frontend/install/classes/class.DisplaySettings.php new file mode 100644 index 0000000..f3ea45b --- /dev/null +++ b/frontend/install/classes/class.DisplaySettings.php @@ -0,0 +1,448 @@ +'.$lang['install_settings_title'].''; + + echo '

'.$lang['install_settings_text'].'


'; + + + echo '
'; + + // SEGMENT 1 - app_settings + echo '
'; + $this->displaySettingsApp(); + echo '
'; + + // SEGMENT 2 - email + echo ''; + + // SEGMENT 3 - google + echo '
'; + $this->displaySettingsGoogle(); + echo '
'; + + // SEGMENT 3 - subscribe + echo ''; + + // Submit + echo '
'; + echo ' '; + echo ' '; + echo '
'; + + echo '
'; + + + // Skrijemo nepotrebna text polja + echo ''; + } + + private function displaySettingsApp(){ + global $lang; + global $app_settings; + global $confirm_registration; + + echo '

'.$lang['install_settings_app_title'].'

'; + + // Ime aplikacije + echo '
'; + echo '
'.$lang['install_settings_app_name'].':
'; + echo '
'; + echo '
'; + + // Admin email + echo '
'; + echo '
'.$lang['install_settings_admin_email'].':
'; + echo '
'; + echo '
'; + + // Owner + echo '
'; + echo '
'.$lang['install_settings_owner'].':
'; + echo '
'; + echo '
'; + + // Owner website + echo '
'; + echo '
'.$lang['install_settings_owner_website'].':
'; + echo '
'; + echo '
'; + + + // Custom head title + echo '
'; + echo '
'.$lang['install_settings_head_title_custom'].':
'; + echo '
'; + echo ' '; + echo ' '; + echo '
'; + echo '
'; + + // Custom head title text + echo '
'; + echo '
'.$lang['install_settings_head_title_text'].':
'; + echo '
'; + echo '
'; + + + // Custom foooter + echo '
'; + echo '
'.$lang['install_settings_footer_custom'].':
'; + echo '
'; + echo ' '; + echo ' '; + echo '
'; + echo '
'; + + // Custom footer text + echo '
'; + echo '
'.$lang['install_settings_footer_text'].':
'; + echo '
'; + echo '
'; + + + // Custom survey foooter + echo '
'; + echo '
'.$lang['install_settings_footer_survey_custom'].':
'; + echo '
'; + echo ' '; + echo ' '; + echo '
'; + echo '
'; + + // Custom footer survey text + echo '
'; + echo '
'.$lang['install_settings_footer_survey_text'].':
'; + echo '
'; + echo '
'; + + + // Custom email sig + echo '
'; + echo '
'.$lang['install_settings_email_signature_custom'].':
'; + echo '
'; + echo ' '; + echo ' '; + echo '
'; + echo '
'; + + // Custom email sig text + echo '
'; + echo '
'.$lang['install_settings_email_signature_text'].':
'; + echo '
'; + echo '
'; + + + // Survey finish url + echo '
'; + echo '
'.$lang['install_settings_survey_finish_url'].':
'; + echo '
'; + echo '
'; + + + // Export type + echo '
'; + echo '
'.$lang['install_settings_export_type'].':
'; + echo '
'; + echo ' '; + echo ' '; + echo '
'; + echo '
'; + + + // confirm_registration + echo '
'; + echo '
'.$lang['install_settings_confirm_registration'].':
'; + echo '
'; + echo ' '; + echo ' '; + echo '
'; + echo '
'; + } + + private function displaySettingsEmail(){ + global $lang; + global $email_server_settings; + + echo '

'.$lang['install_settings_email_title'].'

'; + + // Email SMTPFrom + echo '
'; + echo '
'.$lang['install_settings_SMTPFrom'].':
'; + echo '
'; + echo '
'; + + // Email SMTPFromNice + echo '
'; + echo '
'.$lang['install_settings_SMTPFromNice'].':
'; + echo '
'; + echo '
'; + + // Email SMTPReplyTo + echo '
'; + echo '
'.$lang['install_settings_SMTPReplyTo'].':
'; + echo '
'; + echo '
'; + + // Email SMTPHost + echo '
'; + echo '
'.$lang['install_settings_SMTPHost'].':
'; + echo '
'; + echo '
'; + + // Email SMTPPort + echo '
'; + echo '
'.$lang['install_settings_SMTPPort'].':
'; + echo '
'; + echo '
'; + + + // Email SMTPAuth + echo '
'; + echo '
'.$lang['install_settings_SMTPAuth'].':
'; + echo '
'; + echo ' '; + echo ' '; + echo '
'; + echo '
'; + + // Email SMTPSecure + echo '
'; + echo '
'.$lang['install_settings_SMTPSecure'].':
'; + echo '
'; + echo ' '; + echo ' '; + echo ' '; + echo '
'; + echo '
'; + + + // Email SMTPUsername + echo '
'; + echo '
'.$lang['install_settings_SMTPUsername'].':
'; + echo '
'; + echo '
'; + + // Email SMTPPassword + echo '
'; + echo '
'.$lang['install_settings_SMTPPassword'].':
'; + echo '
'; + echo '
'; + } + + private function displaySettingsGoogle(){ + global $lang; + global $recaptcha_sitekey; + global $secret_captcha; + global $google_maps_API_key; + + echo '

'.$lang['install_settings_google_title'].'

'; + + // Google recaptcha_sitekey + echo '
'; + echo '
'.$lang['install_settings_recaptcha_sitekey'].':
'; + echo '
'; + echo '
'; + + // Google secret_captcha + echo '
'; + echo '
'.$lang['install_settings_secret_captcha'].':
'; + echo '
'; + echo '
'; + + // Google google_maps_API_key + echo '
'; + echo '
'.$lang['install_settings_google_maps_API_key'].':
'; + echo '
'; + echo '
'; + } + + private function displaySettingsSubscribe(){ + global $lang; + + echo '

'.$lang['install_settings_subscribe_title'].'

'; + + echo '

'.$lang['install_settings_subscribe_text'].'

'; + + echo '
'; + echo '
'.$lang['install_settings_subscribe_radio'].':
'; + echo '
'; + echo ' '; + echo ' '; + echo '
'; + echo '
'; + } + + + // Shranimo nastavitve v settings_optional.php in redirectamo + public function ajaxSubmitSettings(){ + + $new_content = ' \''.$app_name.'\','.PHP_EOL; + + $admin_email = isset($_POST['admin_email']) ? $_POST['admin_email'] : ''; + $new_content .= ' \'admin_email\' => \''.$admin_email.'\','.PHP_EOL; + + $owner = isset($_POST['owner']) ? $_POST['owner'] : ''; + $new_content .= ' \'owner\' => \''.$owner.'\','.PHP_EOL; + + $owner_website = isset($_POST['owner_website']) ? $_POST['owner_website'] : ''; + $new_content .= ' \'owner_website\' => \''.$owner_website.'\','.PHP_EOL; + + $head_title_custom = isset($_POST['head_title_custom']) ? $_POST['head_title_custom'] : ''; + $new_content .= ' \'head_title_custom\' => \''.$head_title_custom.'\','.PHP_EOL; + + $head_title_text = isset($_POST['head_title_text']) ? $_POST['head_title_text'] : ''; + $new_content .= ' \'head_title_text\' => \''.$head_title_text.'\','.PHP_EOL; + + $footer_custom = isset($_POST['footer_custom']) ? $_POST['footer_custom'] : ''; + $new_content .= ' \'footer_custom\' => \''.$footer_custom.'\','.PHP_EOL; + + $footer_text = isset($_POST['footer_text']) ? $_POST['footer_text'] : ''; + $new_content .= ' \'footer_text\' => \''.$footer_text.'\','.PHP_EOL; + + $footer_survey_custom = isset($_POST['footer_survey_custom']) ? $_POST['footer_survey_custom'] : ''; + $new_content .= ' \'footer_survey_custom\' => \''.$footer_survey_custom.'\','.PHP_EOL; + + $footer_survey_text = isset($_POST['footer_survey_text']) ? $_POST['footer_survey_text'] : ''; + $new_content .= ' \'footer_survey_text\' => \''.$footer_survey_text.'\','.PHP_EOL; + + $email_signature_custom = isset($_POST['email_signature_custom']) ? $_POST['email_signature_custom'] : ''; + $new_content .= ' \'email_signature_custom\' => \''.$email_signature_custom.'\','.PHP_EOL; + + $email_signature_text = isset($_POST['email_signature_text']) ? $_POST['email_signature_text'] : ''; + $new_content .= ' \'email_signature_text\' => \''.$email_signature_text.'\','.PHP_EOL; + + $survey_finish_url = isset($_POST['survey_finish_url']) ? $_POST['survey_finish_url'] : ''; + $new_content .= ' \'survey_finish_url\' => \''.$survey_finish_url.'\','.PHP_EOL; + + $export_type = isset($_POST['export_type']) ? $_POST['export_type'] : ''; + $new_content .= ' \'export_type\' => \''.$export_type.'\','.PHP_EOL; + + $new_content .= ');'.PHP_EOL.PHP_EOL; + + + // $email_server_settings + $new_content .= '$email_server_settings = array('.PHP_EOL; + + $SMTPFrom = isset($_POST['SMTPFrom']) ? $_POST['SMTPFrom'] : ''; + $new_content .= ' \'SMTPFrom\' => \''.$SMTPFrom.'\','.PHP_EOL; + + $SMTPFromNice = isset($_POST['SMTPFromNice']) ? $_POST['SMTPFromNice'] : ''; + $new_content .= ' \'SMTPFromNice\' => \''.$SMTPFromNice.'\','.PHP_EOL; + + $SMTPReplyTo = isset($_POST['SMTPReplyTo']) ? $_POST['SMTPReplyTo'] : ''; + $new_content .= ' \'SMTPReplyTo\' => \''.$SMTPReplyTo.'\','.PHP_EOL; + + $SMTPHost = isset($_POST['SMTPHost']) ? $_POST['SMTPHost'] : ''; + $new_content .= ' \'SMTPHost\' => \''.$SMTPHost.'\','.PHP_EOL; + + $SMTPPort = isset($_POST['SMTPPort']) ? $_POST['SMTPPort'] : ''; + $new_content .= ' \'SMTPPort\' => \''.$SMTPPort.'\','.PHP_EOL; + + $SMTPSecure = isset($_POST['SMTPSecure']) ? $_POST['SMTPSecure'] : ''; + $new_content .= ' \'SMTPSecure\' => \''.$SMTPSecure.'\','.PHP_EOL; + + $SMTPAuth = isset($_POST['SMTPAuth']) ? $_POST['SMTPAuth'] : ''; + $new_content .= ' \'SMTPAuth\' => \''.$SMTPAuth.'\','.PHP_EOL; + + $SMTPUsername = isset($_POST['SMTPUsername']) ? $_POST['SMTPUsername'] : ''; + $new_content .= ' \'SMTPUsername\' => \''.$SMTPUsername.'\','.PHP_EOL; + + $SMTPPassword = isset($_POST['SMTPPassword']) ? $_POST['SMTPPassword'] : ''; + $new_content .= ' \'SMTPPassword\' => \''.$SMTPPassword.'\','.PHP_EOL; + + $new_content .= ');'.PHP_EOL.PHP_EOL; + + + // Confirm registration, gdpr + $confirm_registration = isset($_POST['confirm_registration']) ? $_POST['confirm_registration'] : ''; + $new_content .= '$confirm_registration = \''.$confirm_registration.'\';'.PHP_EOL; + + $confirm_registration_admin = $admin_email; + $new_content .= '$confirm_registration_admin = \''.$confirm_registration_admin.'\';'.PHP_EOL; + + $gdpr_admin_email = $admin_email; + $new_content .= '$gdpr_admin_email = \''.$gdpr_admin_email.'\';'.PHP_EOL.PHP_EOL; + + + // Google + $recaptcha_sitekey = isset($_POST['recaptcha_sitekey']) ? $_POST['recaptcha_sitekey'] : ''; + $new_content .= '$recaptcha_sitekey = \''.$recaptcha_sitekey.'\';'.PHP_EOL; + + $secret_captcha = isset($_POST['secret_captcha']) ? $_POST['secret_captcha'] : ''; + $new_content .= '$secret_captcha = \''.$secret_captcha.'\';'.PHP_EOL; + + $google_maps_API_key = isset($_POST['google_maps_API_key']) ? $_POST['google_maps_API_key'] : ''; + $new_content .= '$google_maps_API_key = \''.$google_maps_API_key.'\';'.PHP_EOL.PHP_EOL; + + + // Zapisemo nov content v settings_optional.php + $this->writeSettings($new_content); + + + // Preverimo prijavo na prejemanje obvestil - potem pošljemo obvestilo na www.1ka.si + $subscribe = isset($_POST['subscribe']) ? $_POST['subscribe'] : '0'; + if($subscribe == '1') + $this->sendNotification($app_name, $admin_email); + } + + // Zapisemo nov content v settings_optional.php + private function writeSettings($new_content){ + + $file_handle = fopen("../../settings_optional.php", "w"); + fwrite($file_handle, $new_content); + fclose($file_handle); + } + + // Pošljemo obvestilo o prijava na obvestila za novo instalacijo + private function sendNotification($app_name, $admin_email){ + global $site_domain; + global $site_url; + + $parameters = 'site_domain='.urlencode($site_domain); + $parameters .= '&site_url='.urlencode($site_url); + $parameters .= '&app_name='.urlencode($app_name); + $parameters .= '&admin_email='.urlencode($admin_email); + + //$url = 'http://localhost/utils/1kaUtils/custom_install_notify.php?'.$parameters; + $url = 'https://www.1ka.si/utils/1kaUtils/custom_install_notify.php?'.$parameters; + + // Pripravimo klic + $ch = curl_init($url); + curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET'); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + + // Izvedemo klic + $result = curl_exec($ch); + } + +} \ No newline at end of file diff --git a/frontend/install/classes/class.ImportDB.php b/frontend/install/classes/class.ImportDB.php new file mode 100644 index 0000000..5ba632f --- /dev/null +++ b/frontend/install/classes/class.ImportDB.php @@ -0,0 +1,256 @@ + 0){ + $row = mysqli_fetch_array($sql); + $this->version = $row['value']; + } + } + + + // Pogledamo ce je baza uvozena + public function checkDBEmpty(){ + + return ($this->version == '') ? true : false; + } + + // Pogledamo ce je baza posodobljena na najnovejso verzijo + public function checkDBUpdated(){ + + $update = $this->prepareUpdateArray(); + + return (count($update['update_lines']) != 0) ? true : false; + } + + // Vrnemo vrstice in verzijo za updatanje + public function getDBUpdateLines(){ + + $update = $this->prepareUpdateArray(); + + $update['current_version'] = $this->version; + + return $update; + } + + + // Izvajamo uvoz celotne baze + public function executeImport(){ + global $site_url; + global $lang; + + // Pripravimo vrstice za uvoz + $import = $this->prepareImportArray(); + + // Uvozimo novo bazo + $this->importCleanDB($import); + + // Ce je bilo vse ok potem izvedemo se posodobitev + $sql = sisplet_query("SELECT * FROM misc WHERE what='version'"); + if($sql !== FALSE && mysqli_num_rows($sql) > 0){ + + $row = mysqli_fetch_array($sql); + $this->version = $row['value']; + + // Pripravimo vrstice za posodobitev + $update = $this->prepareUpdateArray(); + + // Izvedemo posodobitev + $this->updateDB($update['new_version'], $update['update_lines']); + + echo $lang['install_database_import_complete']; + } + // Uvoz error + else{ + echo $lang['install_database_import_error']; + } + } + + // Pripravimo vrstice za uvoz + private function prepareImportArray(){ + global $lang; + + $import_lines = array(); + $query = ''; + + $handle = fopen($this->clean_db_file, "r"); + if ($handle) { + while (($line = fgets($handle)) !== false){ + + // Trimamo odvecne presledke + $line = trim($line); + + // Shranimo vrstico za update + if($line != '' && substr($line, 0, 1) != '#' && substr($line, 0, 2) != '--' && substr($line, 0, 2) != '//' && substr($line, 0, 2) != '/*'){ + + // Ce je vrstica zakljucena s ; dodamo query v array + if(substr($line, -1) == ';' || substr($line, 0, 22) == 'INSERT INTO `srv_help`'){ + + $query .= $line; + + $import_lines[] = $query; + $query = ''; + } + // Ukaz je v vecih vrsticah - samo pripnemo string + else{ + $query .= $line; + } + } + } + + fclose($handle); + + // Se dodatno dodamo recnum funkcijo + $import_lines[] = "CREATE FUNCTION MAX_RECNUM (aid INT(11)) RETURNS INT(11) DETERMINISTIC BEGIN DECLARE max INT(11); SELECT MAX(recnum) INTO max FROM srv_user WHERE ank_id = aid AND preview='0'; IF max IS NULL THEN SET max = '0'; END IF; RETURN max+1; END;"; + } + else { + echo $lang['install_database_sql_import_missing']; + } + + return $import_lines; + } + + // Uvoz nove prazne baze po vrsticah + private function importCleanDB($import_lines){ + global $lang; + + // Izvedemo uvoz po posameznih ukazih + if(count($import_lines) > 0){ + foreach ($import_lines as $key => $import_line) { + + $sql = sisplet_query($import_line); + + if (!$sql){ + echo $lang['install_database_import_line'].':
'.$import_line.'
'; + echo $lang['install_database_import_line_error'].': '.mysqli_error($GLOBALS['connect_db']); + + echo '

'; + } + /*else{ + echo 'Uvoz vrstice:
'.$import_line.'
'; + echo 'OK'; + + echo '

'; + }*/ + + flush(); + } + } + } + + + // Izvajamo update celotne baze + public function executeUpdate(){ + global $lang; + + // Pipravimo vrstice za posodobitev + $update = $this->prepareUpdateArray(); + + // Izvedemo update + $this->updateDB($update['new_version'], $update['update_lines']); + + echo $lang['install_database_update_complete']; + } + + // Pripravimo vrstice za posodabljanje + private function prepareUpdateArray(){ + global $lang; + + $new_version = ''; + $update_lines = array(); + $update = false; + $query = ''; + + $handle = fopen($this->update_db_file, "r"); + if ($handle) { + while (($line = fgets($handle)) !== false){ + + // Trimamo odvecne presledke + $line = trim($line); + + // Shranimo vrstico za update + if($update && $line != '' && substr($line, 0, 1) != '#'){ + + // Ce je vrstica zakljucena s ; dodamo query v array + if(substr($line, -1) == ';'){ + + $query .= $line; + + // Pogledamo ce gre za vrstico verzije in jo shranimo + if(strpos($query, ' WHERE what="version"') !== false){ + if (preg_match("/^update misc set value='(.*)' where what=/i", $query, $matches)) { + $new_version = $matches[1]; + } + } + + $update_lines[] = $query; + $query = ''; + } + // Ukaz je v vecih vrsticah - samo pripnemo string + else{ + $query .= $line; + } + } + + // Ko pridemo do vrstice za trenutno verzijo shranimo vse nadaljne vrstice za update + if(strpos($line, $this->version) !== false) + $update = true; + } + + fclose($handle); + } + else { + echo $lang['install_database_sql_update_missing']; + } + + return array('new_version'=>$new_version, 'update_lines'=>$update_lines); + } + + // Izvedba popravkov od trenutne verzije naprej po vrsticah + private function updateDB($new_version, $update_lines){ + global $lang; + + // Izvedemo posodobitve + if($new_version != '' && count($update_lines) > 0){ + + foreach ($update_lines as $key => $update_line) { + + $sql = sisplet_query($update_line); + + if (!$sql){ + echo $lang['install_database_update_line'].':
'.$update_line.'
'; + echo $lang['install_database_update_error'].': '.mysqli_error($GLOBALS['connect_db']); + + echo '

'; + } + /*else{ + echo 'Posodabljanje vrstice:
'.$update_line.'
'; + echo 'OK'; + + echo '

'; + }*/ + + flush(); + } + } + } +} + +?> \ No newline at end of file diff --git a/frontend/install/css/style.css b/frontend/install/css/style.css new file mode 100644 index 0000000..e7cd886 --- /dev/null +++ b/frontend/install/css/style.css @@ -0,0 +1,479 @@ +/* + Created on : 6.5.2020 + Author : Peter Hrvatin +*/ +/* BARVE */ +/* FONTI */ +@import url("https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,600,700&subset=latin-ext"); +.thin { + font-weight: 300; +} + +.semibold { + font-weight: 600; +} + +.bold { + font-weight: 700; +} + +.italic { + font-style: italic; +} + +.underline { + text-decoration: underline; +} + +/* OSNOVNA STRUKTURA STRANI */ +body { + margin: 0; + padding: 0; + font-family: "Montserrat", sans-serif; + color: #535050; +} +body #content { + display: flex; + flex-direction: column; + justify-content: space-between; +} + +h1 { + margin: 20px 0 30px 0; + font-weight: 600; + font-size: 32px; +} + +h2 { + margin: 20px 0 30px 0; + font-weight: 600; + font-size: 26px; +} + +p { + font-size: 16px; + line-height: 160%; +} + +a { + color: #1e88e5; + text-decoration: none; +} +a:hover { + color: #4ca0ea; +} + +.red { + color: red; +} + +.spaceLeft { + margin-left: 20px; +} + +input[type=submit], +button, +input[type=button], +.button { + cursor: pointer; + width: 180px; + padding: 16px; + margin-right: 20px; + font-size: 16px; + line-height: 17px; + text-align: center; + text-transform: uppercase; + color: white; + background-color: #1e88e5; + border: 0; + outline: 0; + transition: 0.2s; +} +input[type=submit]:hover, +button:hover, +input[type=button]:hover, +.button:hover { + background-color: #4ca0ea; +} + +input[type=text], +input[type=password], +input[type=email] { + box-sizing: border-box; + padding: 7px 10px; + font-size: 17px; + color: #333; + background-color: white; + border: 1px solid #cccccc; +} +input[type=text].red, +input[type=password].red, +input[type=email].red { + border-color: red; +} + +textarea { + box-sizing: border-box; + padding: 8px 12px; + font-size: 15px; + color: #333; + background-color: white; + border: 1px solid #cccccc; +} + +label, +input[type=radio], +input[type=checkbox] { + cursor: pointer; +} + +header { + display: flex; + justify-content: space-between; + align-items: center; + height: 80px; + box-sizing: border-box; + padding: 0 20px; +} +header .logo { + height: 60px; +} +header .logo a img { + max-width: 300px; + max-height: 60px; + height: 60px; +} +header nav { + display: flex; + align-self: flex-end; + font-size: 17px; + text-transform: uppercase; + font-weight: 600; +} +header nav span.menu_item { + margin-left: 40px; + border-bottom: 3px transparent solid; +} +header nav span.menu_item a { + color: #333; + text-decoration: none; + line-height: 30px; + transition: 0.2s; +} +header nav span.menu_item a:hover { + color: #1e88e5; +} +header nav span.menu_item.active { + border-bottom: 3px #1e88e5 solid; +} + +#main { + background-color: #f7f7f7; +} +#main .main_content { + max-width: 1400px; + margin: 0 auto; + padding: 30px 20px 60px 20px; +} +#main .main_content .bottom_buttons { + margin-top: 50px; +} +#main #fade { + display: none; + position: fixed; + z-index: 990; + top: 0; + left: 0; + width: 100%; + height: 100%; + background-color: #333; + opacity: 0.7; +} +#main #popup { + display: none; + position: fixed; + z-index: 999; + top: 40%; + left: calc(50% - 175px); + width: 350px; + padding: 20px; + text-align: center; + font-size: 18px; + font-weight: 500; + line-height: 30px; + background-color: #fff; +} + +footer .footer_content { + display: flex; + justify-content: space-between; + max-width: 1400px; + margin: 0 auto; + padding: 70px 20px; +} +footer .footer_content .col { + display: flex; + flex-direction: column; + box-sizing: border-box; + width: 33%; +} +footer .footer_content .col span, footer .footer_content .col div.follow { + padding: 8px 0; + color: #333; + font-weight: 300; +} +footer .footer_content .col span.follow, footer .footer_content .col div.follow.follow { + display: flex; + align-items: center; +} +footer .footer_content .col span a, footer .footer_content .col div.follow a { + color: #333; +} +footer .footer_content .col span a:hover, footer .footer_content .col div.follow a:hover { + color: #1e88e5; +} +footer .footer_content .col span a:hover .icon.twitter, footer .footer_content .col div.follow a:hover .icon.twitter { + background-image: url("../../../public/img/social/twitter_blue.svg"); +} +footer .footer_content .col span a:hover .icon.fb, footer .footer_content .col div.follow a:hover .icon.fb { + background-image: url("../../../public/img/social/fb_blue.svg"); +} +footer .footer_content .col span a .icon, footer .footer_content .col div.follow a .icon { + display: inline-block; + width: 24px; + height: 24px; + padding: 0; + margin-left: 10px; + background-size: 24px 24px; +} +footer .footer_content .col span a .icon.twitter, footer .footer_content .col div.follow a .icon.twitter { + background-image: url("../../../public/img/social/twitter.svg"); +} +footer .footer_content .col span a .icon.fb, footer .footer_content .col div.follow a .icon.fb { + background-image: url("../../../public/img/social/fb.svg"); +} +footer .footer_content .logo_holder { + display: flex; + flex-direction: column; + margin: 20px 0; +} +footer .footer_content .logo_holder img { + max-width: 200px; + max-height: 80px; + margin-bottom: 40px; +} + +/************WELCOME STRAN***************/ +.main_content.welcome h2::before { + content: "1/5 - "; +} + +/******************************/ +/************FINISH STRAN***************/ +.main_content.finish h2::before { + content: "5/5 - "; +} + +/******************************/ +/************CHECK STRAN***************/ +.main_content.check h2::before { + content: "2/5 - "; +} +.main_content.check .check_segment { + margin: 0 0 20px 0; + padding: 20px; + background-color: #eee; +} +.main_content.check .check_segment h3 { + margin: 0 0 20px 0; +} +.main_content.check .check_segment .check_item { + display: flex; + padding-bottom: 10px; +} +.main_content.check .check_segment .check_item .what { + width: 350px; + padding-right: 10px; + text-align: right; +} +.main_content.check .check_segment .check_item .value { + font-weight: 600; +} +.main_content.check .check_segment .check_item .value.green { + color: green; +} +.main_content.check .check_segment .check_item .value.orange { + color: orange; +} +.main_content.check .check_segment .check_item .value.red { + color: red; +} + +/******************************/ +/************SETTINGS STRAN***************/ +.main_content.settings h2::before { + content: "3/5 - "; +} +.main_content.settings .settings_segment { + margin: 0 0 20px 0; + padding: 20px; + background-color: #eee; +} +.main_content.settings .settings_segment h3 { + margin: 0 0 20px 0; +} +.main_content.settings .settings_segment .settings_item { + display: flex; + vertical-align: middle; + padding-bottom: 10px; +} +.main_content.settings .settings_segment .settings_item.radio .value { + margin-top: 10px; +} +.main_content.settings .settings_segment .settings_item .what { + width: 400px; + padding-right: 10px; + line-height: 36px; + text-align: right; +} +.main_content.settings .settings_segment .settings_item input[type=text] { + width: 450px; +} + +/******************************/ +/************DATABASE STRAN***************/ +.main_content.database h2::before { + content: "4/5 - "; +} + +/******************************/ +/* Mobile prilagoditve */ +@media screen and (max-width: 700px) { + header nav { + flex-direction: column-reverse; + align-self: auto; + justify-content: space-evenly; + height: 100%; + text-align: right; + font-size: 14px; + } + header nav span.menu_item { + line-height: 18px; + } + header nav span.menu_item.active { + border-bottom: 2px #1e88e5 solid; + } + header nav span.menu_item a { + line-height: 18px; + } + + body #main .main_content { + padding: 10px 20px 40px 20px; + } + body #main .main_content h1 { + padding: 10px 10px; + font-size: 22px; + text-align: center; + } + body #main .main_content .form_row { + margin: 0 !important; + padding-left: 0 !important; + padding-right: 0 !important; + } + body #main .main_content .label { + line-height: 30px; + } + body #main .main_content input[type=text], +body #main .main_content input[type=email], +body #main .main_content input[type=password] { + width: 100%; + } + body #main .main_content input[type=submit], +body #main .main_content input[type=button] { + display: block; + width: 100%; + margin: 20px auto !important; + } + body #main .main_content .have_account { + display: block; + margin: 30px 0 0 0; + } + body #main .main_content .red.italic { + padding-left: 0 !important; + } + body #main .main_content .form_row.agreement { + margin-top: 10px !important; + } + body #main .main_content textarea#gdpr-note { + margin: 0; + width: 100%; + } + + body.landing_page #main, +body.login #main, +body.register #main, +body.login_noEmail #main { + min-height: auto; + /*background-image: none;*/ + } + body.landing_page #main .main_content, +body.login #main .main_content, +body.register #main .main_content, +body.login_noEmail #main .main_content { + padding: 30px 20px 30px 20px; + } + body.landing_page #main .main_content .app_title, +body.login #main .main_content .app_title, +body.register #main .main_content .app_title, +body.login_noEmail #main .main_content .app_title { + width: 95%; + margin: 10px auto 40px auto; + font-size: 32px; + /*color: $color_text;*/ + } + body.landing_page #main .main_content .landing_page_window, +body.login #main .main_content .landing_page_window, +body.register #main .main_content .landing_page_window, +body.login_noEmail #main .main_content .landing_page_window { + width: 100%; + } + body.landing_page #main .main_content .landing_page_window .tab, +body.login #main .main_content .landing_page_window .tab, +body.register #main .main_content .landing_page_window .tab, +body.login_noEmail #main .main_content .landing_page_window .tab { + font-size: 16px; + } + body.landing_page #main .main_content .landing_page_window .lostpass, +body.login #main .main_content .landing_page_window .lostpass, +body.register #main .main_content .landing_page_window .lostpass, +body.login_noEmail #main .main_content .landing_page_window .lostpass { + font-size: 14px; + } + body.landing_page #main .main_content .landing_page_window input[type=submit], +body.landing_page #main .main_content .landing_page_window input[type=button], +body.login #main .main_content .landing_page_window input[type=submit], +body.login #main .main_content .landing_page_window input[type=button], +body.register #main .main_content .landing_page_window input[type=submit], +body.register #main .main_content .landing_page_window input[type=button], +body.login_noEmail #main .main_content .landing_page_window input[type=submit], +body.login_noEmail #main .main_content .landing_page_window input[type=button] { + margin: 30px auto !important; + } + + footer { + padding: 0 20px; + } + footer .footer_content { + flex-direction: column; + padding: 20px 0; + text-align: center; + } + footer .footer_content .col { + width: 100%; + } + footer .footer_content .col .follow { + justify-content: center; + } +} + +/*# sourceMappingURL=style.css.map */ diff --git a/frontend/install/index.php b/frontend/install/index.php new file mode 100644 index 0000000..cfb5033 --- /dev/null +++ b/frontend/install/index.php @@ -0,0 +1,63 @@ +'; + echo ''; + + + /********** HEAD **********/ + echo ''; + $display->displayHead(); + echo ''; + /********** HEAD - END **********/ + + + /********** BODY **********/ + echo ''; + + echo '
'; + + + // Glava + echo '
'; + $display->displayHeader(); + echo '
'; + + + // Vsebina strani + echo '
'; + $display->displayMain(); + echo '
'; + + + // Footer + echo '
'; + + echo '
'; + $display->displayFooter(); + echo '
'; + + echo '
'; + + + echo '
'; + + echo ''; + /********** BODY - END **********/ + + + echo ''; +?> \ No newline at end of file diff --git a/frontend/install/script/init.js b/frontend/install/script/init.js new file mode 100644 index 0000000..f810e38 --- /dev/null +++ b/frontend/install/script/init.js @@ -0,0 +1,4 @@ +$(document).ready(function() { + + +}); diff --git a/frontend/install/script/script.js b/frontend/install/script/script.js new file mode 100644 index 0000000..f7bba2b --- /dev/null +++ b/frontend/install/script/script.js @@ -0,0 +1,67 @@ +// Ajax za submit nastavitev za zapis v settings_optional +function settingsSubmit(){ + + var form = $('form#settings_form').serializeArray(); + + $.post('ajax.php?a=submit_settings', form, function () { + + // Redirectamo na naslednji korak + window.location = "index.php?step=database"; + }); +} + +function settingsToggle(){ + + if($('input[name="footer_survey_custom"]:checked').val() == '0'){ + $('.footer_survey_text').hide('medium'); + } + else{ + $('.footer_survey_text').show('medium'); + } + + if($('input[name="footer_custom"]:checked').val() == '0'){ + $('.footer_text').hide('medium'); + } + else{ + $('.footer_text').show('medium'); + } + + if($('input[name="head_title_custom"]:checked').val() == '0'){ + $('.head_title_text').hide('medium'); + } + else{ + $('.head_title_text').show('medium'); + } + + if($('input[name="email_signature_custom"]:checked').val() == '0'){ + $('.email_signature_text').hide('medium'); + } + else{ + $('.email_signature_text').show('medium'); + } +} + + +// Ajax za uvoz celotne baze +function databaseImport(){ + + $('#fade').fadeIn(); + $('#popup').fadeIn(); + + $('#db_response').load('ajax.php?a=import_database', function () { + $('#fade').fadeOut(); + $('#popup').fadeOut(); + }); +} + +// Ajax za posodobitev baze +function databaseUpdate(){ + + $('#fade').fadeIn(); + $('#popup').fadeIn(); + + $('#db_response').load('ajax.php?a=update_database', function () { + $('#fade').fadeOut(); + $('#popup').fadeOut(); + }); +} \ No newline at end of file diff --git a/frontend/payments/api.php b/frontend/payments/api.php new file mode 100644 index 0000000..a7cf212 --- /dev/null +++ b/frontend/payments/api.php @@ -0,0 +1,7 @@ +processCall(); + + + // Preverimo, ce je klic ok (token) + if($this->checkToken()){ + + // Izvedemo akcijo + $this->executeAction(); + } + + + // Logiramo response klica + $SL = new SurveyLog(); + + if($this->response['success'] == true){ + + if(isset($this->data['email'])) + $call_data = ', '.$this->data['email']; + elseif(isset($this->data['narocilo_id'])) + $call_data = ', '.$this->data['narocilo_id']; + else + $call_data = ''; + + $SL->addMessage(SurveyLog::PAYMENT, "USPEŠEN KLIC (".$this->params['action'] . $call_data.")"); + } + else{ + $SL->addMessage(SurveyLog::PAYMENT, "NAPAKA pri klicu za plačevanje ".$this->params['action'].": ".$this->response['error']); + } + + $SL->write(); + + + // Vrnemo json objekt responsa + $this->processReturn(); + } + + + // Preberemo poslane podatke (ce posiljamo preko curl) + private function processCall(){ + + // Metoda - POST, GET, DELETE... + $this->method = $_SERVER['REQUEST_METHOD']; + + // Get parametri + $this->params = $_GET; + + // Preberemo podatke iz post-a + $this->data = json_decode(file_get_contents('php://input'), true); + + if(is_null($this->data)){ + $this->data = $_POST; + } + } + + private function checkToken(){ + $raw_post_data = ''; + + if($this->method == 'POST' && $this->data){ + $raw_post_data = http_build_query($this->data); + } + + // Dobimo request (brez id in token) + $request_url = ($_SERVER["HTTPS"] == 'on') ? 'https://'.$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"] : 'http://'.$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]; + + if(!isset($_SERVER['HTTP_IDENTIFIER'])) + $request_url = preg_replace('/([?&])identifier=[^&]+(&|$)/', '$1', $request_url); + + if(!isset($_SERVER['HTTP_TOKEN'])) + $request_url = preg_replace('/([?&])token=[^&]+(&|$)/', '$1', $request_url); + + if(!isset($_SERVER['HTTP_TOKEN']) || !isset($_SERVER['HTTP_IDENTIFIER'])) + $request_url = substr($request_url, 0, -1); + + // Na nasi strani naredimo hmac podatkov z ustreznim private key-em + $data = $this->method . $request_url . $raw_post_data; + $token = hash_hmac('sha256', $data, $this->private_key); + + if($this->params['token'] == $token) + return true; + else{ + $this->response['error'] = 'Napaka! Napačen token.'; + $this->response['success'] = false; + + return false; + } + } + + + // Preveri ce je user ze logiran v 1ko in nastavi globalne spremenljivke in cookie (kopirano iz function.php) + private function executeAction(){ + global $lang; + + if (!isset($this->params['action'])) { + $this->response['error'] = 'Napaka! Manjkajo parametri!'; + $this->response['success'] = false; + } + else { + + // Vedno nastavimo ustrezni jezik (npr. za emaile) ce imamo parameter + $language = isset($this->data['lang']) ? $this->data['lang'] : 'sl'; + if($language == 'en'){ + include('../../lang/2.php'); + } + + switch ($this->params['action']) { + + // Ustvari novo narocilo + case 'create_narocilo': + $narocilo = new UserNarocila(); + $this->response = $narocilo->createNarocilo($this->data); + + break; + + // Posodobi obstoječe narocilo (npr. nastavi nacin placila) + case 'update_narocilo': + $narocilo = new UserNarocila(); + $this->response = $narocilo->updateNarocilo($this->data); + + break; + + // Dobimo pdf predracun (ce ne obstaja ga ustvarimo) + case 'get_predracun': + + if(isset($this->data['narocilo_id'])){ + $cebelica = new UserNarocilaCebelica($this->data['narocilo_id']); + $this->response = $cebelica->getNarociloPredracun(); + } + else{ + $this->response['error'] = 'Napaka! Manjka ID narocila!'; + $this->response['success'] = false; + } + + break; + + // Dobimo pdf racun + case 'get_racun': + + if(isset($this->data['narocilo_id'])){ + $cebelica = new UserNarocilaCebelica($this->data['narocilo_id']); + $this->response = $cebelica->getNarociloRacun(); + } + else{ + $this->response['error'] = 'Napaka! Manjka ID narocila!'; + $this->response['success'] = false; + } + + break; + + // Placamo narocilo - aktiviramo uporabniku paket za uporabo, zgeneriramo in vrnemo url do pdf racuna in ga tudi posljemo po mailu + case 'placaj_narocilo': + + $narocilo = new UserNarocila(); + $this->response = $narocilo->payNarocilo($this->data['narocilo_id']); + + break; + + + // Dobimo vse pakete, ki so na voljo + case 'get_paketi': + + $narocilo = new UserNarocila(); + + $sqlPackages = sisplet_query("SELECT id, name, description FROM user_access_paket"); + while($row = mysqli_fetch_array($sqlPackages)){ + + $this->response['paketi'][$row['id']] = $row; + + // Dobimo se ceno za paket za 1, 3 in 12 mesecev + if($row['name'] == '2ka' || $row['name'] == '3ka'){ + + // Cene za 1 mesec + $cena1 = $narocilo->getPrice($row['name'], 1); + foreach($cena1 as $key => $value){ + $cena1[$key] = str_replace('.', ',', $value); + } + $this->response['paketi'][$row['id']]['price']['1'] = $cena1; + + // Cene za 3 mesece + $cena3 = $narocilo->getPrice($row['name'], 3); + foreach($cena3 as $key => $value){ + $cena3[$key] = str_replace('.', ',', $value); + } + $this->response['paketi'][$row['id']]['price']['3'] = $cena3; + + // Cene za 12 mesecev + $cena12 = $narocilo->getPrice($row['name'], 12); + foreach($cena12 as $key => $value){ + $cena12[$key] = str_replace('.', ',', $value); + } + $this->response['paketi'][$row['id']]['price']['12'] = $cena12; + } + } + + break; + + // Poslje maila za povprasevanje za poslovne uporabnike + case 'send_poslovni_uporabniki': + $narocilo = new UserNarocila(); + $this->response = $narocilo->sendPoslovniUporabniki($this->data); + + break; + + // Vrne trenutno aktivno narocnino + case 'get_active_subscription': + + $usr_id = 0; + + // Dobimo user id iz emaila + if(isset($this->data['email'])){ + $sqlU = sisplet_query("SELECT id FROM users WHERE email='".$this->data['email']."'"); + $rowU = mysqli_fetch_array($sqlU); + + $usr_id = $rowU['id']; + } + + if($usr_id == '' || $usr_id == 0){ + $this->response['error'] = 'ERROR! Missing user ID.'; + $this->response['success'] = false; + + break; + } + + // Dobimo ime paketa iz id-ja + $sqlPackage = sisplet_query("SELECT name FROM user_access_paket WHERE id='".$this->data['package_id']."'"); + $rowPackage = mysqli_fetch_array($sqlPackage); + + $narocilo = new UserNarocila(); + + $discount = $narocilo->getDiscount($usr_id, $rowPackage['name'], $this->data['trajanje']); + $price = $narocilo->getPrice($rowPackage['name'], $this->data['trajanje'], $discount); + + $this->response = $price; + + break; + + // Dokoncaj narocilo ce je placano preko paypala (ko je stranka potrdila placilo v paypalu) + case 'capture_narocilo_paypal': + + if(isset($this->data['narocilo_id'])){ + $paypal = new UserNarocilaPaypal($this->data['narocilo_id']); + $this->response = $paypal->paypalCaptureOrder(); + } + else{ + $this->response['error'] = 'Napaka! Manjka ID narocila!'; + $this->response['success'] = false; + } + + break; + + // Preklici narocilo za paypal (ko je stranka preklicala placilo v paypalu) + case 'cancel_narocilo_paypal': + + if(isset($this->data['narocilo_id'])){ + $paypal = new UserNarocilaPaypal($this->data['narocilo_id']); + $this->response = $paypal->paypalCancelOrder(); + } + else{ + $this->response['error'] = 'Napaka! Manjka ID narocila!'; + $this->response['success'] = false; + } + + break; + + // Preveri, ce je podjetje zavezanec iz tujine (eu) in ustrezno preracuna znesek (odbije ddv) + case 'check_ddv': + + $podjetje_drzava = isset($this->data['podjetje_drzava']) ? $this->data['podjetje_drzava'] : ''; + $podjetje_davcna = isset($this->data['podjetje_davcna']) ? $this->data['podjetje_davcna'] : ''; + $cena = isset($this->data['cena']) ? str_replace(',', '.', $this->data['cena']) : ''; + + if($podjetje_drzava != '' && $cena != ''){ + + // Mora placati ddv - cena ostane ista + if(UserNarocila::checkPayDDV($podjetje_davcna, $podjetje_drzava)){ + $this->response['cena'] = $cena; + $this->response['ddv'] = true; + } + // Ne placa ddv - placa samo osnovo + else{ + $this->response['cena'] = number_format(floatval($cena) / 1.22, 2, '.', ''); + $this->response['ddv'] = false; + } + + $this->response['success'] = true; + } + else { + $this->response['error'] = 'Napaka! Manjkajo zahtevani parametri!'; + } + + break; + + // Dokoncaj narocilo ce je placano preko stripe (ko je stranka potrdila placilo preko sca) + case 'stripe_checkout_success': + + if(isset($this->data['narocilo_id'])){ + $stripe = new UserNarocilaStripe($this->data['narocilo_id']); + $this->response = $stripe->stripeCheckoutSuccess(); + } + else{ + $this->response['error'] = 'Napaka! Manjka ID narocila!'; + $this->response['success'] = false; + } + + break; + + // Preklici narocilo za stripe (ko je stranka preklicala placilo preko sca) + case 'stripe_checkout_cancel': + + if(isset($this->data['narocilo_id'])){ + $stripe = new UserNarocilaStripe($this->data['narocilo_id']); + $this->response = $stripe->stripeCheckoutCancel(); + } + else{ + $this->response['error'] = 'Napaka! Manjka ID narocila!'; + $this->response['success'] = false; + } + + break; + + case 'get_lokacija': + + global $site_path; + + $reader = new Reader($site_path.'admin/survey/modules/mod_geoIP/db/GeoLite2-City.mmdb'); + $podatki = $reader->city($this->data['ip']); + + // Vrnemo ime države + $this->response['drzava'] = $podatki->country->name; + + break; + } + } + } + + // Sprocesiramo return + private function processReturn(){ + + $json = json_encode($this->response, true); + + echo $json; + } + +} \ No newline at end of file diff --git a/frontend/payments/classes/class.UserAccess.php b/frontend/payments/classes/class.UserAccess.php new file mode 100644 index 0000000..105d4c9 --- /dev/null +++ b/frontend/payments/classes/class.UserAccess.php @@ -0,0 +1,475 @@ + 2, // Tip vprasanja - kombinirana tabela - 24 + 'question_type_ranking' => 2, // Tip vprasanja - razvrscanje - 17 + 'question_type_sum' => 2, // Tip vprasanja - vsota - 18 + 'question_type_location' => 2, // Tip vprasanja - lokacija - 26 + 'question_type_heatmap' => 2, // Tip vprasanja - heatmap - 27 + 'question_type_calculation' => 3, // Tip vprasanja - kalkulacija - 22 + 'question_type_quota' => 3, // Tip vprasanja - kvota - 25 + 'question_type_signature' => 3, // Tip vprasanja - podpis - 21_6 + 'loop' => 3, // Zanke + 'if' => 2, // If-i + 'block' => 2, // Bloki + 'validation' => 2, // Validacija + 'theme-editor' => 2, // Urejanje teme ankete, upload logotipa... + 'theme-editor_css' => 3, // Urejanje lastnega css-ja !!! + 'theme-editor_upload' => 3, // Urejanje lastnega css-ja !!! + + /* Status */ + 'para_graph' => 2, // Statistika naprav + 'geoip_location' => 3, // Statistika ip lokacije + 'nonresponse_graph' => 3, // Neodgovor spremenljivke + 'speeder_index' => 3, // Speeder index + 'usable_resp' => 3, // Uporabni respondenti + 'text_analysis' => 3, // Analiza besedil + 'edits_analysis' => 3, // Analiza urejanj + + /* Podatki */ + 'data_export' => 2, // Izvoz podatkov - spss, xls, csv... + 'data_append' => 3, // Uvoz - dodaj podatke + 'data_merge' => 3, // Uvoz - zdruzi podatke + 'data_calculation' => 3, // Izracunane vrednosti + 'data_coding_auto' => 3, // Avtomatsko kodiranje + 'data_coding' => 3, // Kodiranje + 'data_recoding' => 3, // Rekodiranje + + /* Analiza */ + 'analysis_export' => 2, // Izvoz analiz - pdf, rtf, xls + 'analysis_analysis_links' => 2, // Javne + 'analysis_charts' => 2, // Grafi + 'analysis_crosstabs' => 2, // Tabele + 'analysis_break' => 2, // Razbitje + 'analysis_ttest' => 3, // Ttest + 'analysis_means' => 3, // Povprecje + 'analysis_multicrosstabs' => 3, // Multitabele + 'analysis_analysis_creport' => 3, // Porocilo po meri + + /* Napredni moduli */ + 'uporabnost' => 3, // Evalvacija strani (split screen) + //'vnos' => 2, // Vnos vprasalnikov + 'kviz' => 2, // Kviz + 'voting' => 3, // Volitve + 'social_network' => 3, // Socialna omrezja + 'slideshow' => 3, // Prezentacija + 'telephone' => 3, // Telefonska anketa + 'chat' => 3, // Chat + 'panel' => 3, // Panel + + /* Ostale funkcionalnosti */ + 'prevajanje' => 2, // Vecjezikovna anketa + 'export' => 2, // Izvozi ankete + 'filters' => 2, // Filtriranje podatkov in analiz + 'nice_url' => 2, // Lepi linki + 'password' => 2, // Dostop do ankete z geslom + 'gdpr_export' => 2, // Izvoz porocil evidenc za gdpr + 'skupine' => 2, // Skupine + 'archive' => 2, // Arhiviranje + 'arhivi' => 2, // Arhiviranje - izvoz datoteke ankete, podatkov + //'arhivi_export' => 2, // Arhiviranje - izvoz datoteke vprasalnika in vprasalnika s podatki + 'analysis_anal_arch' => 2, // Arhiviranje analiz + 'public_link' => 3, // Javne povezave + + //'ustvari_anketo_archive' => 2, // Ustvarjanje ankete iz datoteke + 'ustvari_anketo_from_text' => 2, // Ustvarjanje ankete iz besedila + 'ustvari_anketo_template' => 2, // Ustvarjanje ankete iz predloge + + 'komentarji' => 3, // Komentarji na anketo + 'komentarji_anketa' => 3, // Komentarji na anketo + 'urejanje' => 3, // Komentarji na anketo + + 'alert' => 2, // Obvescanje + 'invitations' => 3, // Email vabila + + /* Moje ankete */ + 'my_survey_folders' => 2, // Mape v mojih anketah + ); + + + public static function getInstance($usr_id){ + + if (!self::$instance) + self::$instance = new UserAccess($usr_id); + + return self::$instance; + } + + private function __construct($usr_id){ + global $app_settings; + + // Ce so paketi onemogoceni nič ne preverjamo + if(!isset($app_settings['commercial_packages']) || $app_settings['commercial_packages'] == false){ + return; + } + + // Ce nimamo usr_id-ja ga poskusimo pridobiti iz id-ja ankete + if(!isset($usr_id) || $usr_id < 1 || $usr_id == ''){ + + if(isset($_POST['anketa']) || isset($_GET['anketa'])){ + + $ank_id = (isset($_GET['anketa'])) ? $_GET['anketa'] : $_POST['anketa']; + + $sqlU = sisplet_query("SELECT insert_uid FROM srv_anketa WHERE id='".$ank_id."'"); + $rowU = mysqli_fetch_array($sqlU); + + $usr_id = $rowU['insert_uid']; + } + else{ + $usr_id = 0; + } + } + + if($usr_id > 0){ + $this->usr_id = $usr_id; + + // Preverimo, ce smo znotraj dolocene ankete in ce je usr_id enak id-ju avtorja ankete + $this->checkSurveyAuthor(); + + // Zakesiramo vse dostope userja + $this->cacheUserAccess(); + + // Zakesiramo vse pakete + $this->cachePackages(); + + // Pogledamo ce smo v anketi in ce gre za staro anketo - stare ankete nimajo vklopljenih paketov + $this->checkAnketaOld(); + } + else{ + echo 'Napaka! Manjka ID uporabnika.'; + die(); + } + } + + + + // Dobimo podatke o dostopu za posameznega uporabnika + private function cacheUserAccess(){ + + $sqlUserAccess = sisplet_query("SELECT ua.*, up.name AS package_name, up.description AS package_description, up.price AS package_price + FROM user_access ua, user_access_paket up + WHERE ua.usr_id='".$this->usr_id."' AND up.id=ua.package_id + "); + + // Uporabnik se nima nobenega paketa + if(mysqli_num_rows($sqlUserAccess) == 0) + return; + + $rowUserAccess = mysqli_fetch_array($sqlUserAccess); + + // Dodatno preverimo, ce je paket ze potekel + if(strtotime($rowUserAccess['time_expire']) < time()) + return; + + // Vse ok - uporabniku nastavimo trenuten paket + $this->user_access = $rowUserAccess; + } + + // Dobimo podatke o vseh paketih + private function cachePackages(){ + + $sqlPackages = sisplet_query("SELECT * FROM user_access_paket"); + while($row = mysqli_fetch_array($sqlPackages)){ + $this->packages[$row['id']] = $row; + } + } + + // Pogledamo ce smo v anketi in ce gre za staro anketo - stare ankete nimajo vklopljenih paketov + private function checkAnketaOld(){ + + // Ce nismo znotraj ankete ti ignoriramo + if(!isset($_GET['anketa'])){ + return; + } + + // Nastavimo id ankete + $ank_id = $_GET['anketa']; + + $sqlA = sisplet_query("SELECT insert_time FROM srv_anketa WHERE id='".$ank_id."'"); + $rowA = mysqli_fetch_array($sqlA); + + // Ce je datum kreiranja starejši je stara anketa + if(strtotime($rowA['insert_time']) < strtotime($this->anketa_old_date)){ + $this->anketa_old = true; + } + } + + public function isAnketaOld(){ + return $this->anketa_old; + } + + public function userNotAuthor(){ + return $this->user_not_author; + } + + + // Preverimo ce ima uporabnik dostop do neke funkcionalnosti + public function checkUserAccess($what=''){ + global $app_settings; + global $admin_type; + global $global_user_id; + global $mysql_database_name; + + // Ce so paketi onemogoceni vrnemo vedno true + if(!isset($app_settings['commercial_packages']) || $app_settings['commercial_packages'] == false){ + return true; + } + + // Ce nimamo usr_id-ja zaenkrat pustimo vse + if(!isset($this->usr_id) || $this->usr_id < 1 || $this->usr_id == ''){ + return true; + } + + // Ce je metaadmin ali admin enklikanketa@gmail.com lahko tudi vedno vse uporablja + if(Dostop::isMetaAdmin() || ($mysql_database_name == 'real1kasi' && $admin_type == 0 && $global_user_id == '440')){ + return true; + } + + // Ce je anketa ustvarjena pred nekim datumom, ne preverjamo paketov + if($this->anketa_old == true){ + return true; + } + + + // Ce ne nastavimo funkcionalnosti pogledamo url kje se nahajamo + if($what == ''){ + $what = $this->getFunctionalityFromUrl(); + } + + // Preverimo, ce funkcionalnost ni v paketu, ki ga ima uporabnik + $package_id = $this->getPackage(); + if(isset($this->functionality_package[$what]) && $this->functionality_package[$what] > $package_id){ + return false; + } + + return true; + } + + // Vrnemo vse podatke o dostopu uporabnika + public function getAccess(){ + + return $this->user_access; + } + + // Vrnemo paket uporabnika + public function getPackage(){ + global $app_settings; + global $admin_type; + + // Ce so paketi onemogoceni vrnemo -1 + if(!isset($app_settings['commercial_packages']) || $app_settings['commercial_packages'] == false){ + return -1; + } + + // Ce je admin ali manager lahko tudi vedno vse uporablja + /*if($admin_type == 0 || $admin_type == 1){ + return 3; + }*/ + + // Ce nima nastavljeno nic je brez paketa + if(!isset($this->user_access['package_id'])) + return 1; + + return $this->user_access['package_id']; + } + + // Vrnemo aray vseh paketov + public function getPackages(){ + return $this->packages; + } + + // Preverimo, ce smo znotraj dolocene ankete in ce je usr_id enak id-ju avtorja ankete + private function checkSurveyAuthor(){ + + // Nastavimo id ankete + if(isset($_GET['anketa'])){ + $ank_id = $_GET['anketa']; + } + elseif(isset($_POST['anketa']) && $_POST['anketa'] != 'undefined'){ + $ank_id = $_POST['anketa']; + } + // Ce nismo znotraj ankete je vse ok + else{ + return; + } + + // Ce smo znotraj ankete, preverimo, ce je usr_id enak avtorju ankete + $sqlA = sisplet_query("SELECT insert_uid FROM srv_anketa WHERE id='".$ank_id."'"); + if(mysqli_num_rows($sqlA) > 0){ + $rowA = mysqli_fetch_array($sqlA); + + // Ce user ni avtor, preverjamo za avtorja + if($this->usr_id != $rowA['insert_uid']){ + $this->usr_id = $rowA['insert_uid']; + $this->user_not_author = true; + } + } + + return; + } + + + // Izpisemo obvestilo, da je funkcionalnost onemogocena in naj kupi paket + public function displayNoAccess($what=''){ + global $lang; + global $site_url; + + // Ce ne nastavimo funkcionalnosti pogledamo url kje se nahajamo + if($what == ''){ + $what = $this->getFunctionalityFromUrl(); + } + + // Kateri paket je potreben za to funkcionalnost + $package_required = (isset($this->functionality_package[$what])) ? $this->functionality_package[$what] : 3; + $package_required_name = $this->packages[$package_required]['name']; + + if($lang['id'] == '2') + $drupal_url = $site_url.'d/en/purchase/'.$package_required.'/package'; + else + $drupal_url = $site_url.'d/izvedi-nakup/'.$package_required.'/podatki'; + + echo '
'; + + // Ce user ni avtor ankete + if($this->user_not_author){ + echo '

'.$lang['srv_access_no_access_not_author'].'

'; + } + + echo '

'.$lang['srv_access_no_access'].' "'.$package_required_name.'".

'; + if(!$this->user_not_author) + echo '
'.$lang['srv_narocila_buy'].'
'; + + echo '
'; + } + + // Izpisemo popup obvestilo, da je funkcionalnost onemogocena in naj kupi paket + public function displayNoAccessPopup($what){ + global $lang; + global $site_url; + + // Kateri paket je potreben za to funkcionalnost + $package_required = (isset($this->functionality_package[$what])) ? $this->functionality_package[$what] : 3; + $package_required_name = $this->packages[$package_required]['name']; + + if($lang['id'] == '2') + $drupal_url = $site_url.'d/en/purchase/'.$package_required.'/package'; + else + $drupal_url = $site_url.'d/izvedi-nakup/'.$package_required.'/podatki'; + + // Ce user ni avtor ankete + if($this->user_not_author){ + echo '

'.$lang['srv_access_no_access_not_author'].'

'; + } + + echo '

'.$lang['srv_access_no_access'].' "'.$package_required_name.'".

'; + if(!$this->user_not_author) + echo '
'.$lang['srv_narocila_buy'].'
'; + echo '
'.$lang['srv_zapri'].'
'; + } + + // Izpisemo obvestilo, da je funkcionalnost onemogocena in naj kupi paket + public function displayNoAccessText($what=''){ + global $lang; + + // Ce ne nastavimo funkcionalnosti pogledamo url kje se nahajamo + if($what == ''){ + $what = $this->getFunctionalityFromUrl(); + } + + // Kateri paket je potreben za to funkcionalnost + $package_required = (isset($this->functionality_package[$what])) ? $this->functionality_package[$what] : 3; + $package_required_name = $this->packages[$package_required]['name']; + + echo '

'; + + // Ce user ni avtor ankete + if($this->user_not_author){ + echo $lang['srv_access_no_access_not_author'].'

'; + } + + echo $lang['srv_access_no_access'].' "'.$package_required_name.'"'; + + echo '

'; + } + + + // Vrnemo funkcionalnost glede na urle kjer se nahajamo + private function getFunctionalityFromUrl(){ + + $what = ''; + + // Ce ne nastavimo funkcionalnosti pogledamo url kje se nahajamo + if(isset($_GET['a'])){ + + $what = $_GET['a']; + + if($_GET['a'] == 'analysis' || $_GET['a'] == 'data'){ + + if(isset($_GET['m'])){ + $what .= '_'.$_GET['m']; + } + } + elseif($_GET['a'] == 'ustvari_anketo'){ + + if(isset($_GET['b'])){ + $what .= '_'.$_GET['b']; + } + } + elseif($_GET['a'] == 'theme-editor'){ + + if(isset($_GET['t'])){ + $what .= '_'.$_GET['t']; + } + } + elseif($_GET['a'] == 'langStatistic'){ + $what = 'prevajanje'; + } + elseif($_GET['a'] == 'skupine'){ + $what = ''; + } + elseif($_GET['a'] == 'arhivi' && isset($_GET['m']) && ($_GET['m'] == 'survey_data' || $_GET['m'] == 'survey')){ + $what .= '_export'; + } + } + + return $what; + } + + + // Ajax klici + public function ajax(){ + + if (isset($_POST['what'])) + $what = $_POST['what']; + + + // Prikazemo popup z obvestilom, da je funkcionalnost onemogocena in naj kupi paket + if($_GET['a'] == 'displayNoAccessPopup') { + $this->displayNoAccessPopup($what); + } + } +} \ No newline at end of file diff --git a/frontend/payments/classes/class.UserMailCron.php b/frontend/payments/classes/class.UserMailCron.php new file mode 100644 index 0000000..8f588c7 --- /dev/null +++ b/frontend/payments/classes/class.UserMailCron.php @@ -0,0 +1,44 @@ + 1, 'pacana' => 0, 'stornirana' => 0); + + + function __construct(){ + + // Zakesiramo vse pakete + $this->cachePackages(); + + if(isset($_SESSION['narocila_filter']['neplacana']) && $_SESSION['narocila_filter']['neplacana'] == '0') + $this->narocila_filter['neplacana'] = 0; + + if(isset($_SESSION['narocila_filter']['placana']) && $_SESSION['narocila_filter']['placana'] == '1') + $this->narocila_filter['placana'] = 1; + + if(isset($_SESSION['narocila_filter']['stornirana']) && $_SESSION['narocila_filter']['stornirana'] == '1') + $this->narocila_filter['stornirana'] = 1; + } + + + // Dobimo array narocil (vseh oz. za dolocenega uporabnika) + private function getNarocila($usr_id=0){ + global $admin_type; + + $narocila = array(); + + // Vsa narocila lahko pregledujejo samo admini + if($admin_type == 0 && $usr_id == 0){ + + // Filter po statusu + $status = ' AND un.status IN ('; + $status .= ($this->narocila_filter['neplacana'] == 1) ? '0,' : ''; + $status .= ($this->narocila_filter['placana'] == 1) ? '1,' : ''; + $status .= ($this->narocila_filter['stornirana'] == 1) ? '2,' : ''; + $status = substr($status, 0, -1); + $status .= ') '; + + // Loop po vseh narocilih v sistemu + $sqlNarocilo = sisplet_query("SELECT un.*, u.name, u.surname, u.email, up.name AS package_name, up.description AS package_description, up.price AS package_price + FROM user_access_narocilo un, users u, user_access_paket up + WHERE un.usr_id=u.id AND un.package_id=up.id ".$status." + ORDER BY un.id DESC + "); + while($rowNarocilo = mysqli_fetch_array($sqlNarocilo)){ + + $narocila[] = $rowNarocilo; + } + } + elseif($usr_id > 0){ + + // Loop po vseh narocilih uporabnika + $sqlNarocilo = sisplet_query("SELECT un.*, u.name, u.surname, u.email, up.name AS package_name, up.description AS package_description, up.price AS package_price + FROM user_access_narocilo un, users u, user_access_paket up + WHERE un.usr_id='".$usr_id."' AND un.usr_id=u.id AND un.package_id=up.id + ORDER BY un.id DESC + "); + while($rowNarocilo = mysqli_fetch_array($sqlNarocilo)){ + + $narocila[] = $rowNarocilo; + } + } + + return $narocila; + } + + // Izracunamo koncno ceno glede na paket, trajanje in popust (v eur) + public function getPrice($package_name, $trajanje, $discount=0, $time=''){ + + $cena = array(); + + // Mesecna cena paketa + $package_price = $this->packages[$package_name]['price']; + + // Narocila pred 7.12. morajo imeti stare cene + if($time != '' && strtotime($time) < strtotime('2020-12-06 20:00:00')){ + + // Mesecno ceno zmanjsamo glede na trajanje + if($package_name == '2ka'){ + if((int)$trajanje >= 12){ + $cena['monthly'] = number_format(11.90 - 2, 2, '.', ''); + } + elseif((int)$trajanje >= 3){ + $cena['monthly'] = number_format(11.90 - 1, 2, '.', ''); + } + else{ + $cena['monthly'] = number_format(11.90, 2, '.', ''); + } + } + elseif($package_name == '3ka'){ + if((int)$trajanje >= 12){ + $cena['monthly'] = number_format(21.90 - 2, 2, '.', ''); + } + elseif((int)$trajanje >= 3){ + $cena['monthly'] = number_format(21.90 - 1, 2, '.', ''); + } + else{ + $cena['monthly'] = number_format(21.90, 2, '.', ''); + } + } + } + else{ + + // Mesecno ceno zmanjsamo glede na trajanje + if($package_name == '2ka'){ + if((int)$trajanje >= 12){ + $cena['monthly'] = number_format($package_price - 4, 2, '.', ''); + } + elseif((int)$trajanje >= 3){ + $cena['monthly'] = number_format($package_price - 2, 2, '.', ''); + } + else{ + $cena['monthly'] = number_format($package_price, 2, '.', ''); + } + } + elseif($package_name == '3ka'){ + if((int)$trajanje >= 12){ + $cena['monthly'] = number_format($package_price - 3, 2, '.', ''); + } + elseif((int)$trajanje >= 3){ + $cena['monthly'] = number_format($package_price - 1.5, 2, '.', ''); + } + else{ + $cena['monthly'] = number_format($package_price, 2, '.', ''); + } + } + } + + + // Se brez davka za monthly + $cena['monthly_without_tax'] = number_format(floatval($cena['monthly']) / 1.22, 2, '.', ''); + + + // Cena za celotno obdobje + $cena['full'] = number_format((int)$trajanje * floatval($cena['monthly']), 2, '.', ''); + + // Se brez davka za full + $cena['full_without_tax'] = number_format(floatval($cena['full']) / 1.22, 2, '.', ''); + + + // Cena s popustom + $cena['full_discount'] = $cena['full']; + $cena['discount'] = $discount; + + // Odstejemo se popust ce je posebej nastavljen + if($discount != 0){ + + // Ce je popust vecji od celotnega zneska, je cena 0 (cena ne more biti negativna) + if($discount > $cena['full']){ + $cena['full_discount'] = 0; + $cena['discount'] = $cena['full']; + } + else{ + //$cena['full_discount'] = number_format(floatval($cena['full_discount']) - (floatval($discount) * floatval($cena['full']) / 100), 2, '.', ''); + $cena['full_discount'] = number_format(floatval($cena['full_discount']) - floatval($discount), 2, '.', ''); + } + } + + // Dodatno se izracunamo popust v % + if($cena['full'] > 0) + $cena['discount_percentage'] = round(floatval($cena['discount']) / floatval($cena['full']) * 100); + else + $cena['discount_percentage'] = 0; + + // Se davek + $cena['final_without_tax'] = number_format(floatval($cena['full_discount']) / 1.22, 2, '.', ''); + $cena['tax'] = number_format($cena['full_discount'] - $cena['final_without_tax'], 2, '.', ''); + $cena['final'] = $cena['full_discount']; + + return $cena; + } + + // Izracunamo popust glede na uporabnika (pri upgradu / downgradu paketa) + public function getDiscount($usr_id, $package_name, $trajanje){ + + // Dobimo trenuten dostop userja + $ua = UserAccess::getInstance($usr_id); + $user_access = $ua->getAccess(); + + // Dobimo polno ceno za paket + $price = $this->getPrice($package_name, $trajanje); + + // UPGRADE oz. DOWNGRADE - iz 2ka na 3ka ali iz 3ka na 2ka + if( isset($user_access['package_name']) && (($user_access['package_name'] == '2ka' && $package_name == '3ka') || ($user_access['package_name'] == '3ka' && $package_name == '2ka')) ){ + + // Mesecna cena obstojecega paketa + $package_price = floatval($this->packages[$user_access['package_name']]['price']); + + // Stevilo dni dokler je obstojeci paket se veljaven + $now = time(); + $expire = strtotime($user_access['time_expire']); + $expire_in_days = floor(($expire - $now) / (60 * 60 * 24)); + + // Popravimo ceno, ce ima veljaven paket se za 3 mesece ali vec (pomeni, da je imel popust pri nakupu kar upostevamo) + if($package_name == '2ka'){ + if($expire_in_days > 92){ + $package_price = number_format($package_price - 4, 2, '.', ''); + } + elseif($expire_in_days > 31){ + $package_price = number_format($package_price - 2, 2, '.', ''); + } + } + elseif($package_name == '3ka'){ + if($expire_in_days > 92){ + $package_price = number_format($package_price - 3, 2, '.', ''); + } + elseif($expire_in_days > 31){ + $package_price = number_format($package_price - 1.5, 2, '.', ''); + } + } + + // Popust izracunamo kot delez cene paketa in + $dayly_discount = number_format($package_price / 31, 2, '.', ''); + $discount = number_format($dayly_discount * $expire_in_days, 2, '.', ''); + + return $discount; + } + // Drugace nimamo nobenega popusta + else{ + return 0; + } + } + + // Preverimo, ce narocilo slucajno nima ddv-ja (zavezanec za ddv iz tujine) + public function isWithoutDDV($narocilo_id){ + + $sqlNarocilo = sisplet_query("SELECT podjetje_drzava, podjetje_no_ddv + FROM user_access_narocilo + WHERE id='".$narocilo_id."' + "); + if(mysqli_num_rows($sqlNarocilo) == 1){ + + $rowNarocilo = mysqli_fetch_array($sqlNarocilo); + + // Slovenija ima vedno ddv + if($rowNarocilo['podjetje_drzava'] == 'Slovenija' || $rowNarocilo['podjetje_drzava'] == 'Slovenia'){ + return false; + } + + // Ce ni iz slovenije in ima oznaceno da ne placa ddv-ja + if($rowNarocilo['podjetje_no_ddv'] == '1'){ + return true; + } + } + + return false; + } + + + // Dobimo jezik narocila - v istem jeziku so potem emaili in racun/predracun + public function getNarociloLanguage($narocilo_id){ + + $sqlNarocilo = sisplet_query("SELECT language + FROM user_access_narocilo + WHERE id='".$narocilo_id."' + "); + if(mysqli_num_rows($sqlNarocilo) == 1){ + + $rowNarocilo = mysqli_fetch_array($sqlNarocilo); + + if($rowNarocilo['language'] == 'sl'){ + return 'si'; + } + else{ + return 'en'; + } + } + + return 'en'; + } + + + // Izpisemo podatke o narocilih uporabnika + public function displayNarocila(){ + global $lang, $global_user_id; + + // Podatki o trenutnem paketu uporabnika + echo '
'; + echo ''.$lang['srv_narocila_current'].''; + + $ua = UserAccess::getInstance($global_user_id); + $user_access = $ua->getAccess(); + + // Ce ni polja v bazi oz je nastavljen paket na 1 ima osnovni paket + if(!$user_access || $user_access['package_id'] == '1'){ + echo '

'.$lang['srv_narocila_current_package'].': 1KA

'; + } + // Imamo aktiviran paket - izpisemo podatke + else{ + echo '
'.$lang['srv_narocila_current_package'].': '.$user_access['package_name'],'
'; + echo '
'.$lang['srv_narocila_current_start'].': '.date( 'd.m.Y', strtotime($user_access['time_activate'])).'
'; + echo '
'.$lang['srv_narocila_current_expire'].': '.date( 'd.m.Y', strtotime($user_access['time_expire'])),'
'; + } + + echo '
'; + + + // Tabela vseh narocil uporabnika + echo '
'; + echo ''.$lang['srv_narocila_list'].''; + + $sqlNarocilaCount = sisplet_query("SELECT count(id) FROM user_access_narocilo WHERE usr_id='".$global_user_id."'"); + $rowNarocilaCount = mysqli_fetch_array($sqlNarocilaCount); + if($rowNarocilaCount['count(id)'] > 0){ + $this->displayNarocilaTable(); + } + else{ + echo '

'.$lang['srv_narocila_no_package_text'].'

'; + } + + echo '
'; + } + + // Izpisemo seznam vseh narocil uporabnika + public function displayNarocilaTable(){ + global $lang, $global_user_id; + + // Dobimo vsa narocila uporabnika + $data = $this->getNarocila($global_user_id); + + echo ''; + + // Glava tabele + echo ' '; + echo ' '; + + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + + echo ' '; + echo ' '; + + // Vsebina tabele + echo ' '; + + foreach($data as $usr_id => $data_row){ + + echo ''; + + echo ''; + echo ''; + echo ''; + echo ''; + + // Cena + $cena = $this->getPrice($data_row['package_name'], $data_row['trajanje'], $data_row['discount'], $data_row['time']); + + // Zavezanec iz tujine nima ddv-ja + if($this->isWithoutDDV($data_row['id'])) + echo ''; + else + echo ''; + + if($data_row['status'] == '0') + $status_color = 'red'; + elseif($data_row['status'] == '1') + $status_color = 'green'; + else + $status_color = 'black'; + echo ''; + + // PDF + echo ''; + + echo ''; + } + + echo ' '; + + echo '
'.$lang['srv_narocilo_paket'].''.$lang['srv_narocilo_trajanje'].' ('.$lang['srv_narocilo_trajanje_mesecev'].')'.$lang['srv_narocilo_cas'].''.$lang['srv_narocilo_nacin_placila'].''.$lang['srv_narocilo_cena'].''.$lang['srv_narocilo_status'].''.$lang['srv_narocilo_pdf'].'
'.$data_row['package_name'].''.$data_row['trajanje'].''.date("j.n.Y H:i", strtotime($data_row['time'])).''.$data_row['payment_method'].''.$cena['final_without_tax'].''.$cena['final'].''.$lang['srv_narocilo_status_'.$data_row['status']].''; + echo ''.$lang['srv_narocilo_pdf_predracun'].''; + if($data_row['status'] == '1'){ + echo ' | '.$lang['srv_narocilo_pdf_racun'].''; + } + echo '
'; + } + + // Izpisemo seznam vseh narocil - admin + public function displayNarocilaTableAdmin(){ + global $lang, $global_user_id, $app_settings; + + // Admini vidijo vsa narocila + $data = $this->getNarocila(); + + // Filtri po statusu + echo '
'; + echo ''; + echo ''; + echo ''; + echo '
'; + + echo ''; + + // Glava tabele + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + + + // Vsebina tabele + echo ' '; + + foreach($data as $usr_id => $data_row){ + + if($data_row['status'] == '0') + $status_color = 'red'; + elseif($data_row['status'] == '1') + $status_color = 'green'; + else + $status_color = 'black'; + + echo ''; + + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + + // Ali placa ddv (podjetje - zavezanec iz tujine ga ne) + echo ''; + + // Cena + $cena = $this->getPrice($data_row['package_name'], $data_row['trajanje'], $data_row['discount'], $data_row['time']); + + // Zavezanec iz tujine nima ddv-ja + if($this->isWithoutDDV($data_row['id'])) + echo ''; + else + echo ''; + + echo ''; + + // Eračun + echo ''; + + echo ''; + + echo ''; + + echo ''; + } + + echo ' '; + + echo '
ID'.$lang['srv_narocilo_ime'].''.$lang['email'].''.$lang['srv_narocilo_paket'].''.$lang['srv_narocilo_trajanje'].' ('.$lang['srv_narocilo_trajanje_mesecev'].')'.$lang['srv_narocilo_cas'].''.$lang['srv_narocilo_nacin_placila'].''.$lang['srv_narocilo_ddv'].''.$lang['srv_narocilo_cena'].''.$lang['srv_narocilo_status'].''.$lang['srv_narocilo_podjetje_eracun'].''.$lang['srv_narocilo_pdf'].''.$lang['edit2'].'
'.$data_row['id'].''.$data_row['ime'].' '.($data_row['podjetje_ime'] != '' ? '('.$data_row['podjetje_ime'].')' : '').''.$data_row['email'].''.$data_row['package_name'].''.$data_row['trajanje'].''.date("j.n.Y H:i", strtotime($data_row['time'])).''.$lang['srv_narocilo_nacin_placila_'.$data_row['payment_method']].''.($this->isWithoutDDV($data_row['id']) ? $lang['no'] : $lang['yes']).''.$cena['final_without_tax'].''.$cena['final'].''; + + echo $lang['srv_narocilo_status_'.$data_row['status']]; + + // Na www.1ka.si lahko narocilo placa samo Goran + if($data_row['status'] != '1' && $data_row['status'] != '2' && ($app_settings['app_name'] != 'www.1ka.si' || $global_user_id == '112696')){ + echo '
'; + echo ''.$lang['srv_narocilo_placaj'].''; + + if($data_row['podjetje_eracun'] == '1') + echo ' | '.$lang['srv_narocilo_placaj_eracun'].''; + } + + echo '		'.($data_row['podjetje_eracun'] == '1' ? $lang['yes'] : $lang['no']).''; + // Ce je bila cena 0 je bil avtomatsko "placan" in nima racuna oz. predracuna + if($cena['final'] == 0){ + echo '/'; + } + else{ + echo ''.$lang['srv_narocilo_pdf_predracun'].''; + if($data_row['status'] == '1'){ + echo ' | '.$lang['srv_narocilo_pdf_racun'].''; + } + } + echo ''; + echo ''; + // Narocilo se lahko pobrise samo ce se ni placano + if($data_row['status'] != '1') + echo ' | '; + echo '
'; + + // Se inicializiramo dataTable jquery + echo ''; + } + + // Prikazemo popup za pregled in urejanje narocilo + private function displayNarociloEdit($narocilo_id){ + global $lang; + + // Loop po vseh narocilih uporabnika + $sqlNarocilo = sisplet_query("SELECT un.*, u.name, u.surname, u.email, up.name AS package_name, up.description AS package_description, up.price AS package_price + FROM user_access_narocilo un, users u, user_access_paket up + WHERE un.id='".$narocilo_id."' AND un.usr_id=u.id AND un.package_id=up.id + "); + + if(mysqli_num_rows($sqlNarocilo) == 0){ + echo 'Naročilo ne obstaja!'; + return; + } + + $rowNarocilo = mysqli_fetch_array($sqlNarocilo); + + echo '

'.$lang['srv_narocilo_number'].' '.$narocilo_id.'

'; + + + echo '
'; + + echo '
'; + + echo ''; + + + // Podatki narocnika + echo '
'; + + // Ime in uporabnik + echo '
'; + echo ''.$lang['srv_narocilo_ime'].': '.$rowNarocilo['ime']; + echo '
'; + + echo '
'; + echo ''.$lang['srv_narocilo_uporabnik'].': '.$rowNarocilo['name'].' '.$rowNarocilo['surname'].' ('.$rowNarocilo['email'].')'; + echo '
'; + + // Telefon + echo '
'; + echo ''.$lang['srv_narocilo_telefon'].': '; + //echo ''; + echo ''; + echo '
'; + + echo '
'; + + + // Podatki narocila + $cena = $this->getPrice($rowNarocilo['package_name'], $rowNarocilo['trajanje'], $rowNarocilo['discount'], $rowNarocilo['time']); + + echo '
'; + + // Cas narocila + echo '
'; + echo ''.$lang['srv_narocilo_cas'].': '.date("j.n.Y H:i", strtotime($rowNarocilo['time'])); + echo ''; + echo '
'; + + // Paket + echo '
'; + echo ''.$lang['srv_narocilo_paket'].': '; + if($rowNarocilo['status'] == '1'){ + echo $rowNarocilo['package_id'].'ka'; + echo ''; + } + else{ + echo ''; + } + echo '
'; + + // Trajanje v mesecih + echo '
'; + echo ''.$lang['srv_narocilo_trajanje'].': '; + if($rowNarocilo['status'] == '1'){ + echo $rowNarocilo['trajanje'].' '.$lang['srv_narocilo_trajanje_mesecev']; + echo ''; + } + else{ + echo ' '.$lang['srv_narocilo_trajanje_mesecev']; + } + echo '
'; + + // Cena paketa * trajanje + echo '
'; + echo ''.$lang['srv_narocilo_cena_brez_popusta'].': '.$cena['full'].' € ('.$rowNarocilo['trajanje'].' '.$lang['srv_narocilo_trajanje_mesecev'].')'; + echo '
'; + + // Popust + echo '
'; + echo ''.$lang['srv_narocilo_popust'].': '; + if($rowNarocilo['status'] == '1'){ + echo $rowNarocilo['discount'].' %'; + echo ''; + } + else{ + echo ' %'; + } + echo '
'; + + // Koncna cena - zavezanec iz tujine nima ddv-ja + echo '
'; + echo ''.$lang['srv_narocilo_cena'].': '.($this->isWithoutDDV($data_row['id']) ? $cena['final_without_tax'] : $cena['final']).' €'; + echo '
'; + + // Nacin placila + echo '
'; + echo ''.$lang['srv_narocilo_nacin_placila'].': '; + if($rowNarocilo['status'] == '1'){ + echo $lang['srv_narocilo_nacin_placila_'.$rowNarocilo['payment_method']]; + echo ''; + } + else{ + echo ''; + } + echo '
'; + + // Status narocila + echo '
'; + echo ''.$lang['srv_narocilo_status'].': '; + echo $lang['srv_narocilo_status_'.$rowNarocilo['status']]; + echo ''; + /*echo '';*/ + echo '
'; + + echo '
'; + + + // Podatki podjetja ce je racun na podjetje + if($rowNarocilo['podjetje_ime'] != ''){ + echo '
'; + + echo '
'; + echo ''.$lang['srv_narocilo_podjetje_ime'].': '; + //echo ''; + echo ''; + echo '
'; + + echo '
'; + echo ''.$lang['srv_narocilo_podjetje_naslov'].': '; + //echo ''; + echo ''; + echo '
'; + + echo '
'; + echo ''.$lang['srv_narocilo_podjetje_postna'].': '; + //echo ''; + echo ''; + echo '
'; + + echo '
'; + echo ''.$lang['srv_narocilo_podjetje_posta'].': '; + //echo ''; + echo ''; + echo '
'; + + echo '
'; + echo ''.$lang['srv_narocilo_podjetje_drzava'].': '; + echo ''; + echo '
'; + + echo '
'; + echo ''.$lang['srv_narocilo_podjetje_davcna'].': '; + //echo ''; + echo ''; + echo '
'; + + echo '
'; + echo ''.$lang['srv_narocilo_podjetje_no_ddv'].': '; + echo ''; + echo '
'; + + echo '
'; + echo ''.$lang['srv_narocilo_podjetje_eracun'].': '; + echo ''; + echo '
'; + + echo '
'; + } + + echo '
'; + + // Gumbi na dnu + echo '
'; + echo '
'.$lang['edit1337'].'
'; + echo '
'.$lang['srv_zapri'].'
'; + echo '
'; + + echo '
'; + } + + + + // Ustvari novo narocilo za uporabnika + public function createNarocilo($narocilo_data){ + global $global_user_id; + global $lang; + + $response = array(); + + if(isset($narocilo_data['email'])){ + $uporabnik = sisplet_query("SELECT id, email FROM users WHERE email='".$narocilo_data['email']."'", "obj"); + $usr_id = $uporabnik->id; + } + + $status = isset($narocilo_data['status']) ? $narocilo_data['status'] : 0; + $package_id = isset($narocilo_data['package_id']) ? $narocilo_data['package_id'] : 1; + $payment_method = isset($narocilo_data['payment_method']) ? $narocilo_data['payment_method'] : 0; + //$discount = isset($narocilo_data['discount']) ? $narocilo_data['discount'] : 0; + $trajanje = isset($narocilo_data['trajanje']) ? $narocilo_data['trajanje'] : 0; + + $ime_na_racunu = isset($narocilo_data['ime']) ? $narocilo_data['ime'] : ''; + $phone = isset($narocilo_data['phone']) ? $narocilo_data['phone'] : ''; + + $podjetje_ime = isset($narocilo_data['podjetje_ime']) ? $narocilo_data['podjetje_ime'] : ''; + $podjetje_naslov = isset($narocilo_data['podjetje_naslov']) ? $narocilo_data['podjetje_naslov'] : ''; + $podjetje_postna = isset($narocilo_data['podjetje_postna']) ? $narocilo_data['podjetje_postna'] : ''; + $podjetje_posta = isset($narocilo_data['podjetje_posta']) ? $narocilo_data['podjetje_posta'] : ''; + $podjetje_drzava = isset($narocilo_data['podjetje_drzava']) ? $narocilo_data['podjetje_drzava'] : ''; + $podjetje_davcna = isset($narocilo_data['podjetje_davcna']) ? $narocilo_data['podjetje_davcna'] : ''; + $podjetje_eracun = isset($narocilo_data['podjetje_eracun']) ? '1' : '0'; + + $language = isset($narocilo_data['lang']) ? $narocilo_data['lang'] : 'sl'; + + if($usr_id <= 0){ + $response['error'] = 'ERROR! Missing user ID.'; + $response['success'] = false; + + return $response; + } + + // Nastavimo ce placa DDV (zavezanci iz EU ga ne placajo) + if(self::checkPayDDV($podjetje_davcna, $podjetje_drzava)) + $podjetje_no_ddv = '0'; + else + $podjetje_no_ddv = '1'; + + $brezplacen_preklop = false; + + // Preverimo, ce ima uporabnik ze aktiven paket - po novem lahko to predhodno preklaplja, ker se to preracuna v popust + $sqlAccess = sisplet_query("SELECT * FROM user_access WHERE usr_id='".$usr_id."' AND package_id != '1' AND time_expire > NOW()"); + if(mysqli_num_rows($sqlAccess) > 0){ + + $rowAccess = mysqli_fetch_array($sqlAccess); + + // Ce zeli uporabnik kupiti drug placljiv paket kot ga ima trenutno, preracunamo obstojec paket v popust + if($rowAccess['package_id'] != $package_id){ + $sqlPackage = sisplet_query("SELECT name FROM user_access_paket WHERE id='".$package_id."'"); + $rowPackage = mysqli_fetch_array($sqlPackage); + + $discount = $this->getDiscount($usr_id, $rowPackage['name'], $trajanje); + + // Preverimo, ce je cena slucajno 0 - oznacimo, da gre za brezplacen preklop + $cena = $this->getPrice($rowPackage['name'], $trajanje, $discount); + if($cena['final'] == 0){ + $brezplacen_preklop = true; + + // Dodamo piškotek, če gre za brezplačni nakup + global $cookie_domain; + setcookie('brezplacen_preklop', 1, time()+1800, '/', $cookie_domain); + } + } + } + + $sqlNarocilo = sisplet_query("INSERT INTO user_access_narocilo + (usr_id, status, time, package_id, ime, payment_method, discount, trajanje, phone, podjetje_ime, podjetje_naslov, podjetje_postna, podjetje_posta, podjetje_drzava, podjetje_davcna, podjetje_no_ddv, podjetje_eracun, language) + VALUES + ('".$usr_id."', '".$status."', NOW(), '".$package_id."', '".$ime_na_racunu."', '".$payment_method."', '".$discount."', '".$trajanje."', '".$phone."', '".$podjetje_ime."', '".$podjetje_naslov."', '".$podjetje_postna."', '".$podjetje_posta."', '".$podjetje_drzava."', '".$podjetje_davcna."', '".$podjetje_no_ddv."', '".$podjetje_eracun."', '".$language."') + "); + if (!$sqlNarocilo){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + + $narocilo_id = mysqli_insert_id($GLOBALS['connect_db']); + + + // Ce gre za brezplacen preklop izvedemo placilo (aktivacijo paketa) brez izdaje racuna, maila... + if($brezplacen_preklop){ + $response = $this->payNarocilo($narocilo_id, $brezplacen_preklop); + } + // Drugace izdamo predracun oz. placamo s kartico/paypalom + else{ + + // Glede na tip plačila dobmo ustrezen url (predracun, paypal, kartica) + // Paypal + if($payment_method == '2'){ + $response = $this->finishNarociloPaypal($narocilo_id, $narocilo_data); + } + // Kartica + elseif($payment_method == '3'){ + $response = $this->finishNarociloStripe($narocilo_id, $narocilo_data); + } + // Predracun + else{ + $response = $this->finishNarociloPredracun($narocilo_id, $narocilo_data); + } + } + + + return $response; + } + + // Dokoncaj narocilo s placilom preko predracuna + private function finishNarociloPredracun($narocilo_id, $narocilo_data){ + global $lang; + + $response = array(); + $response['narocilo_id'] = $narocilo_id; + + $cebelica = new UserNarocilaCebelica($narocilo_id); + $response['payment_link'] = $cebelica->getNarociloPredracun(); + + // Posljemo mail s predracunom + $subject = $lang['srv_narocilo_email_predracun_subject'].' '.$narocilo_id; + + $content = $lang['srv_narocilo_email_predracun_content1']; + $content .= '

'.$lang['srv_narocilo_email_predracun_content2']; + $content .= '
'.$lang['srv_narocilo_email_predracun_file'].''; + + // Podpis + $signature = Common::getEmailSignature(); + $content .= $signature; + + try{ + $MA = new MailAdapter($anketa=null, $type='payments'); + + $MA->addRecipients($narocilo_data['email']); + + // Dodamo predracun v attachment + $MA->addAttachment(file_get_contents($response['payment_link']), $file_name='1ka_narocilo_'.$narocilo_id.'_predracun.pdf'); + + // Posljemo mail + $resultX = $MA->sendMail($content, $subject); + + $response['success'] = true; + } + catch (Exception $e){ + $response['error'] = 'ERROR! Sending email with invoice failed.'; + $response['success'] = false; + + return $response; + } + + return $response; + } + + // Dokoncaj narocilo s placilom preko predracuna + private function finishNarociloStripe($narocilo_id, $narocilo_data){ + global $lang; + + $response = array(); + + // Inicializiramo paypal + $stripe = new UserNarocilaStripe($narocilo_id); + + // Ustvarimo stripe session za placilo in vrnemo id sessiona, da uporabnik potrdi placilo + $stripe_response = $stripe->stripeCreateSession(); + + // Ce je bilo placilo preko stripa uspesno zgeneriramo racun in uporabniku aktiviramo paket + if($stripe_response['success'] == true){ + $response['session_id'] = $stripe_response['session_id']; + $response['success'] = true; + } + else{ + $response['error'] = $stripe_response['error']; + $response['success'] = false; + } + + return $response; + } + + // Dokoncaj narocilo s placilom preko predracuna + private function finishNarociloPaypal($narocilo_id, $narocilo_data){ + global $lang; + + $response = array(); + + // Inicializiramo paypal + $paypal = new UserNarocilaPaypal($narocilo_id); + + // Ustvarimo paypal placilo in vrnemo url, da se uporabnik prijavi v paypal in potrdi placilo + $paypal_response = $paypal->paypalCreatePayment(); + + // Ce je bilo placilo preko stripa uspesno zgeneriramo racun in uporabniku aktiviramo paket + if($paypal_response['success'] == true){ + $response['paypal_link'] = $paypal_response['paypal_link']; + $response['success'] = true; + } + else{ + $response['error'] = $paypal_response['error']; + $response['success'] = false; + } + + return $response; + } + + + + // Posodobi obstojece narocilo za uporabnika + public function updateNarocilo($narocilo_data){ + global $global_user_id; + + $response = array(); + + // ce nimamo id-ja narocila vrnemo error + if(!isset($narocilo_data['narocilo_id']) || $narocilo_data['narocilo_id'] == '0'){ + $response['error'] = 'Napaka! Manjka ID narocila!'; + $response['success'] = false; + + return $response; + } + + $update = ''; + + $update .= isset($narocilo_data['status']) ? ', status='.$narocilo_data['status'] : ''; + $update .= isset($narocilo_data['package_id']) ? ', package_id='.$narocilo_data['package_id'] : ''; + $update .= isset($narocilo_data['payment_method']) ? ', payment_method='.$narocilo_data['payment_method'] : ''; + $update .= isset($narocilo_data['discount']) ? ', discount='.$narocilo_data['discount'] : ''; + $update .= isset($narocilo_data['ime']) ? ', ime='.$narocilo_data['ime'] : ''; + $update .= isset($narocilo_data['trajanje']) ? ', trajanje='.$narocilo_data['trajanje'] : ''; + + $update .= isset($narocilo_data['phone']) ? ', phone='.$narocilo_data['phone'] : ''; + + $update .= isset($narocilo_data['podjetje_ime']) ? ', podjetje_ime='.$narocilo_data['podjetje_ime'] : ''; + $update .= isset($narocilo_data['podjetje_naslov']) ? ', podjetje_naslov='.$narocilo_data['podjetje_naslov'] : ''; + $update .= isset($narocilo_data['podjetje_postna']) ? ', podjetje_postna='.$narocilo_data['podjetje_postna'] : ''; + $update .= isset($narocilo_data['podjetje_posta']) ? ', podjetje_posta='.$narocilo_data['podjetje_posta'] : ''; + $update .= isset($narocilo_data['podjetje_drzava']) ? ', podjetje_drzava='.$narocilo_data['podjetje_drzava'] : ''; + $update .= isset($narocilo_data['podjetje_davcna']) ? ', podjetje_davcna='.$narocilo_data['podjetje_davcna'] : ''; + $update .= isset($narocilo_data['podjetje_no_ddv']) ? ', podjetje_no_ddv='.$narocilo_data['podjetje_no_ddv'] : ''; + $update .= isset($narocilo_data['podjetje_eracun']) ? ', podjetje_eracun='.$narocilo_data['podjetje_eracun'] : ''; + + $update = substr($update, 1); + + // Update narocila in pobrisemo id racuna in predracuna, ker ga moramo generirati na novo + $sqlNarocilo = sisplet_query("UPDATE user_access_narocilo SET ".$update.", cebelica_id_racun='0', cebelica_id_predracun='0' WHERE id='".$narocilo_data['narocilo_id']."'"); + if (!$sqlNarocilo){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + + $response['success'] = true; + + return $response; + } + + // Placa obstojece narocilo, uporabniku aktivira paket, zgenerira racun in ga poslje po mailu + public function payNarocilo($narocilo_id, $brezplacen_preklop=false){ + global $global_user_id; + global $lang; + + $response = array(); + + // Ce nimamo id-ja narocila vrnemo error + if($narocilo_id == 0){ + $response['error'] = 'Napaka! Manjka ID narocila!'; + $response['success'] = false; + + return $response; + } + + + // Dobimo podatke narocila + $sqlNarocilo = sisplet_query("SELECT n.*, u.email FROM user_access_narocilo n, users u WHERE n.id='".$narocilo_id."' AND u.id=n.usr_id"); + $rowNarocilo = mysqli_fetch_array($sqlNarocilo); + + // Ce je bil racun ze placan ne naredimo nicesar + if($rowNarocilo['status'] == 1){ + $response['error'] = 'Napaka! Račun je že plačan!'; + $response['success'] = false; + + return $response; + } + + + // Nastavimo ustrezen jezik - mail mora biti v istem jeziku kot je bilo narocilo + if($rowNarocilo['language'] == 'en'){ + include('../../lang/2.php'); + } + + + // Preverimo, ce ima uporabnik ze aktiven paket in ce je ta paket isti kot ta, ki ga je kupil + $sqlAccessCheck = sisplet_query("SELECT * FROM user_access WHERE usr_id='".$rowNarocilo['usr_id']."' AND package_id != '1' AND time_expire > NOW()"); + if(mysqli_num_rows($sqlAccessCheck) > 0){ + + $rowAccessCheck = mysqli_fetch_array($sqlAccessCheck); + + // Ce zeli uporabnik kupiti drug placljiv paket kot ga ima trenutno, ga zavrnemo - po novem normalno izvedemo ker preracunamo v popust + if($rowAccessCheck['package_id'] != $rowNarocilo['package_id']){ + + // Nastavimo dostop uporabniku + $sqlAccess = sisplet_query("INSERT INTO user_access + (usr_id, time_activate, time_expire, package_id) + VALUES + ('".$rowNarocilo['usr_id']."', NOW(), NOW() + INTERVAL '".$rowNarocilo['trajanje']."' MONTH, '".$rowNarocilo['package_id']."') + ON DUPLICATE KEY UPDATE + time_activate=NOW(), time_expire=NOW() + INTERVAL '".$rowNarocilo['trajanje']."' MONTH, package_id='".$rowNarocilo['package_id']."' + "); + if (!$sqlAccess){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + } + // Uporabnik kupuje isti paket kot ga ze ima - mu ga samo podaljsamo + else{ + $sqlAccess = sisplet_query("UPDATE user_access SET time_expire = time_expire + INTERVAL '".$rowNarocilo['trajanje']."' MONTH WHERE usr_id='".$rowNarocilo['usr_id']."'"); + if (!$sqlAccess){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + } + } + else{ + + // Nastavimo dostop uporabniku + $sqlAccess = sisplet_query("INSERT INTO user_access + (usr_id, time_activate, time_expire, package_id) + VALUES + ('".$rowNarocilo['usr_id']."', NOW(), NOW() + INTERVAL '".$rowNarocilo['trajanje']."' MONTH, '".$rowNarocilo['package_id']."') + ON DUPLICATE KEY UPDATE + time_activate=NOW(), time_expire=NOW() + INTERVAL '".$rowNarocilo['trajanje']."' MONTH, package_id='".$rowNarocilo['package_id']."' + "); + if (!$sqlAccess){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + } + + + // Nastavimo status narocila na placan + $sqlNarociloStatus = sisplet_query("UPDATE user_access_narocilo SET status='1' WHERE id='".$narocilo_id."'"); + if (!$sqlNarociloStatus){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + + + // Brezplacen preklop - samo posljemo mail z obvestilom o vklopu paketa + if($brezplacen_preklop){ + + // Posljemo mail z obvestilom + $subject = $lang['srv_narocilo_free_email_subject'].' '.$rowNarocilo['id']; + + $content = $lang['srv_narocilo_free_email_content1']; + $content .= '

'.$lang['srv_narocilo_free_email_content2']; + + // Podpis + $signature = Common::getEmailSignature(); + $content .= $signature; + + try{ + $MA = new MailAdapter($anketa=null, $type='payments'); + $MA->addRecipients($rowNarocilo['email']); + $resultX = $MA->sendMail($content, $subject); + } + catch (Exception $e){ + $response['false'] = true; + } + } + // Ce ne gre za brezplacen preklop zapisemo v placila, izdamo racun in posljemo mail + else{ + + // Ustvarimo placilo v tabeli placil + $up = new UserPlacila(); + $up->createPlacilo($rowNarocilo); + + + // Ustvarimo racun + $cebelica = new UserNarocilaCebelica($narocilo_id); + $response['racun'] = $cebelica->getNarociloRacun(); + + + // Posljemo mail z racunom + $subject = $lang['srv_narocilo_email_subject'].' '.$rowNarocilo['id']; + + $content = $lang['srv_narocilo_email_content1']; + $content .= '

'.$lang['srv_narocilo_email_content2']; + $content .= '
'.$lang['srv_narocilo_email_file'].''; + + + // Podpis + $signature = Common::getEmailSignature(); + $content .= $signature; + + try{ + $MA = new MailAdapter($anketa=null, $type='payments'); + + $MA->addRecipients($rowNarocilo['email']); + + // Dodamo predracun v attachment + $MA->addAttachment(file_get_contents($response['racun']), $file_name='1ka_narocilo_'.$rowNarocilo['id'].'_racun.pdf'); + + $resultX = $MA->sendMail($content, $subject); + } + catch (Exception $e){ + $response['false'] = true; + } + } + + + $response['success'] = true; + + return $response; + } + + // Placa narocilo - za eracune, kjer se jih zabelezi kot placane ampak imajo 30 dnevni rok + public function payNarociloEracun($narocilo_id){ + global $global_user_id; + global $lang; + + $response = array(); + + // Ce nimamo id-ja narocila vrnemo error + if($narocilo_id == 0){ + $response['error'] = 'Napaka! Manjka ID narocila!'; + $response['success'] = false; + + return $response; + } + + + // Dobimo podatke narocila + $sqlNarocilo = sisplet_query("SELECT n.*, u.email FROM user_access_narocilo n, users u WHERE n.id='".$narocilo_id."' AND u.id=n.usr_id"); + $rowNarocilo = mysqli_fetch_array($sqlNarocilo); + + // Ce je bil racun ze placan ne naredimo nicesar + if($rowNarocilo['status'] == 1){ + $response['error'] = 'Napaka! Račun je že plačan!'; + $response['success'] = false; + + return $response; + } + + + // Nastavimo ustrezen jezik - mail mora biti v istem jeziku kot je bilo narocilo + if($rowNarocilo['language'] == 'en'){ + include('../../lang/2.php'); + } + + + // Preverimo, ce ima uporabnik ze aktiven paket in ce je ta paket isti kot ta, ki ga je kupil + $sqlAccessCheck = sisplet_query("SELECT * FROM user_access WHERE usr_id='".$rowNarocilo['usr_id']."' AND package_id != '1' AND time_expire > NOW()"); + if(mysqli_num_rows($sqlAccessCheck) > 0){ + + $rowAccessCheck = mysqli_fetch_array($sqlAccessCheck); + + // Ce zeli uporabnik kupiti drug placljiv paket kot ga ima trenutno, ga zavrnemo - po novem normalno izvedemo ker preracunamo v popust + if($rowAccessCheck['package_id'] != $rowNarocilo['package_id']){ + + // Nastavimo dostop uporabniku + $sqlAccess = sisplet_query("INSERT INTO user_access + (usr_id, time_activate, time_expire, package_id) + VALUES + ('".$rowNarocilo['usr_id']."', NOW(), NOW() + INTERVAL '".$rowNarocilo['trajanje']."' MONTH, '".$rowNarocilo['package_id']."') + ON DUPLICATE KEY UPDATE + time_activate=NOW(), time_expire=NOW() + INTERVAL '".$rowNarocilo['trajanje']."' MONTH, package_id='".$rowNarocilo['package_id']."' + "); + if (!$sqlAccess){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + } + // Uporabnik kupuje isti paket kot ga ze ima - mu ga samo podaljsamo + else{ + $sqlAccess = sisplet_query("UPDATE user_access SET time_expire = time_expire + INTERVAL '".$rowNarocilo['trajanje']."' MONTH WHERE usr_id='".$rowNarocilo['usr_id']."'"); + if (!$sqlAccess){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + } + } + else{ + + // Nastavimo dostop uporabniku + $sqlAccess = sisplet_query("INSERT INTO user_access + (usr_id, time_activate, time_expire, package_id) + VALUES + ('".$rowNarocilo['usr_id']."', NOW(), NOW() + INTERVAL '".$rowNarocilo['trajanje']."' MONTH, '".$rowNarocilo['package_id']."') + ON DUPLICATE KEY UPDATE + time_activate=NOW(), time_expire=NOW() + INTERVAL '".$rowNarocilo['trajanje']."' MONTH, package_id='".$rowNarocilo['package_id']."' + "); + if (!$sqlAccess){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + } + + + // Nastavimo status narocila na placan + $sqlNarociloStatus = sisplet_query("UPDATE user_access_narocilo SET status='1' WHERE id='".$narocilo_id."'"); + if (!$sqlNarociloStatus){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + + + // Ustvarimo placilo v tabeli placil + $up = new UserPlacila(); + $up->createPlacilo($rowNarocilo, $eracun=true); + + + // Ustvarimo racun - nima "markPayed"! + $cebelica = new UserNarocilaCebelica($narocilo_id); + $response['racun'] = $cebelica->getNarociloRacun($eracun=true); + + + // Posljemo mail z racunom + $subject = $lang['srv_narocilo_email_subject'].' '.$rowNarocilo['id']; + + $content = $lang['srv_narocilo_email_content1']; + $content .= '

'.$lang['srv_narocilo_email_content2_eracun']; + $content .= '
'.$lang['srv_narocilo_email_file'].''; + + + // Podpis + $signature = Common::getEmailSignature(); + $content .= $signature; + + try{ + $MA = new MailAdapter($anketa=null, $type='payments'); + + $MA->addRecipients($rowNarocilo['email']); + + // Dodamo racun (brez "markPayed") v attachment + $MA->addAttachment(file_get_contents($response['racun']), $file_name='1ka_narocilo_'.$rowNarocilo['id'].'_racun.pdf'); + + $resultX = $MA->sendMail($content, $subject); + } + catch (Exception $e){ + $response['false'] = true; + } + + + $response['success'] = true; + + return $response; + } + + + // Poslje mail z povprasevanjem za poslovne uporabnike (virtualna domena ali lastna instalacija) + public function sendPoslovniUporabniki($narocilo_data){ + global $lang; + global $global_user_id; + + $response = array(); + + + $ime = isset($narocilo_data['ime']) ? $narocilo_data['ime'] : ''; + $organizacija = isset($narocilo_data['organizacija']) ? $narocilo_data['organizacija'] : ''; + $naslov = isset($narocilo_data['naslov']) ? $narocilo_data['naslov'] : ''; + $telefon = isset($narocilo_data['telefon']) ? $narocilo_data['telefon'] : ''; + $email = isset($narocilo_data['email']) ? $narocilo_data['email'] : ''; + + $paket = isset($narocilo_data['paket']) ? $narocilo_data['paket'] : ''; + + // Virtualna domena ali instalacija na 1ka strezniku + $vrsta_domene = isset($narocilo_data['vrsta_domene']) ? $narocilo_data['vrsta_domene'] : ''; + $domena = isset($narocilo_data['domena']) ? $narocilo_data['domena'] : ''; + + // Lastna instalacija - paket + $strinjanje_s_pogoji = isset($narocilo_data['strinjanje_s_pogoji']) ? $narocilo_data['strinjanje_s_pogoji'] : ''; + + + // Posljemo mail s podatki povprasevanja + $subject = $lang['srv_narocilo_poslovni_email_1ka_subject']; + + $content = $lang['srv_narocilo_poslovni_email_1ka_text']; + $content .= '

'.$lang['srv_narocilo_poslovni_email_1ka_text2']; + $content .= '
'.$lang['srv_narocilo_poslovni_email_1ka_ime'].' '.$ime.''; + $content .= '
'.$lang['srv_narocilo_poslovni_email_1ka_organizacija'].' '.$organizacija.''; + $content .= '
'.$lang['srv_narocilo_poslovni_email_1ka_naslov'].' '.$naslov.''; + $content .= '
'.$lang['srv_narocilo_poslovni_email_1ka_telefon'].' '.$telefon.''; + $content .= '
'.$lang['srv_narocilo_poslovni_email_1ka_email'].' '.$email.''; + + // lastna instalacija na 1ka streziku + if($paket == 2){ + $content .= '

'.$lang['srv_narocilo_poslovni_email_1ka_paket'].' '.$lang['srv_narocilo_poslovni_email_1ka_paket2'].''; + $content .= '
'.$lang['srv_narocilo_poslovni_email_1ka_paket1_1'].' '.($vrsta_domene == '2' ? 'xxx.yyy.zz' : 'xxx.1ka.si').''; + $content .= '
'.$lang['srv_narocilo_poslovni_email_1ka_paket1_2'].' '.$domena.''; + } + // lastna instalacija - paket + elseif($paket == 3){ + $content .= '

'.$lang['srv_narocilo_poslovni_email_1ka_paket'].' '.$lang['srv_narocilo_poslovni_email_1ka_paket3'].''; + } + // Virtualna domena + else{ + $content .= '

'.$lang['srv_narocilo_poslovni_email_1ka_paket'].' '.$lang['srv_narocilo_poslovni_email_1ka_paket1'].''; + $content .= '
'.$lang['srv_narocilo_poslovni_email_1ka_paket1_1'].' '.($vrsta_domene == '2' ? 'xxx.yyy.zz' : 'xxx.1ka.si').''; + $content .= '
'.$lang['srv_narocilo_poslovni_email_1ka_paket1_2'].' '.$domena.''; + } + + // Podpis + $signature = Common::getEmailSignature(); + $content .= $signature; + + try{ + $MA = new MailAdapter(); + $MA->addRecipients('info@1ka.si'); + $resultX = $MA->sendMail($content, $subject); + } + catch (Exception $e){ + $response['false'] = true; + } + + + // Posljemo mail stranki o uspesnem prejemu + // lastna instalacija na 1ka strezniku + if($paket == 2){ + $subject = $lang['srv_narocilo_poslovni_email_stranka_subject_2']; + + $content = $lang['srv_narocilo_poslovni_email_stranka_text_1_2']; + $content .= ' '.$domena.' '; + $content .= $lang['srv_narocilo_poslovni_email_stranka_text_2']; + } + // lastna instalacija - paket + elseif($paket == 3){ + $subject = $lang['srv_narocilo_poslovni_email_stranka_subject_3']; + + $content = $lang['srv_narocilo_poslovni_email_stranka_text_1_3']; + $content .= ' '; + $content .= $lang['srv_narocilo_poslovni_email_stranka_text_2']; + } + // Virtualna domena + else{ + $subject = $lang['srv_narocilo_poslovni_email_stranka_subject_1']; + + $content = $lang['srv_narocilo_poslovni_email_stranka_text_1_1']; + $content .= ' '.$domena.' '; + $content .= $lang['srv_narocilo_poslovni_email_stranka_text_2']; + } + + // Podpis + $signature = Common::getEmailSignature(); + $content .= $signature; + + try{ + $MA = new MailAdapter(); + $MA->addRecipients($email); + $resultX = $MA->sendMail($content, $subject); + } + catch (Exception $e){ + $response['false'] = true; + } + + + $response['success'] = true; + + return $response; + } + + // Izvede api klic kjer preveri davcno stevilko in zavezanost za DDV + public static function checkPayDDV($davcna_stevilka, $drzava){ + global $lang; + global $global_user_id; + + // Drzave EU brez slovenije + $countries_eu = array(); + $countries_eu['Austria'] = 'AT'; + $countries_eu['Belgium'] = 'BE'; + $countries_eu['Bulgaria'] = 'BG'; + $countries_eu['Cyprus'] = 'CY'; + $countries_eu['Czech Republic'] = 'CZ'; + $countries_eu['Germany'] = 'DE'; + $countries_eu['Denmark'] = 'DK'; + $countries_eu['Estonia'] = 'EE'; + $countries_eu['Spain'] = 'ES'; + $countries_eu['Finland'] = 'FI'; + $countries_eu['France'] = 'FR'; + $countries_eu['United Kingdom'] = 'GB'; + $countries_eu['Greece'] = 'GR'; + $countries_eu['Hungary'] = 'HU'; + $countries_eu['Croatia'] = 'HR'; + $countries_eu['Ireland'] = 'IE'; + $countries_eu['Italy'] = 'IT'; + $countries_eu['Lithuania'] = 'LT'; + $countries_eu['Luxembourg'] = 'LU'; + $countries_eu['Latvia'] = 'LV'; + $countries_eu['Malta'] = 'MT'; + $countries_eu['Netherlands'] = 'NL'; + $countries_eu['Poland'] = 'PL'; + $countries_eu['Portugal'] = 'PT'; + $countries_eu['Romania'] = 'RO'; + $countries_eu['Sweden'] = 'SE'; + //$countries_eu['Slovenia'] = 'SI'; + $countries_eu['Slovakia'] = 'SK'; + + + // Ce drzava ni oznacena - placa DDV + if($drzava == '') + return true; + + // Slovenija - vedno placa DDV + if($drzava == 'Slovenija' || $drzava == 'Slovenia') + return true; + + // Ce ni drzava s seznama in ni Slovenija - po novem nikoli ne placa DDV + if(!isset($countries_eu[$drzava])) + return false; + + // Drugace gre za tujca iz EU + // Pocistimo davcno stevilko - ohranimo samo stevilke ce je vnesel v obliki "DE12345678" -> "12345678" + $davcna_stevilka = preg_replace('[\D]', '', $davcna_stevilka); + + // Preverimo, ce je zavezanec + $client = new SoapClient("http://ec.europa.eu/taxation_customs/vies/checkVatService.wsdl"); + try{ + $response = $client->checkVat( array('countryCode' => $countries_eu[$drzava], 'vatNumber' => $davcna_stevilka) ); + } + catch (Exception $e) { + return true; + } + + // Je valid zavezanec iz EU + if(isset($response->valid) && $response->valid == true) + return false; + + return true; + } + + + // Dobimo podatke o vseh paketih + private function cachePackages(){ + + $sqlPackages = sisplet_query("SELECT * FROM user_access_paket"); + while($row = mysqli_fetch_array($sqlPackages)){ + $this->packages[$row['name']] = $row; + } + } + + + // Ajax klici + public function ajax(){ + + $narocilo_id = (isset($_POST['narocilo_id'])) ? $_POST['narocilo_id'] : 0; + + + // Prikazemo popup z urejanjem posameznega narocila + if($_GET['a'] == 'displayNarociloPopup') { + + if($narocilo_id > 0) + $this->displayNarociloEdit($narocilo_id); + } + + // Urejamo narocilo + if($_GET['a'] == 'editNarocilo') { + + if($narocilo_id > 0){ + + $update = ''; + + $update .= (isset($_POST['status'])) ? " status='".$_POST['status']."'," : ""; + $update .= (isset($_POST['package_id'])) ? " package_id='".$_POST['package_id']."'," : ""; + $update .= (isset($_POST['payment_method'])) ? " payment_method='".$_POST['payment_method']."'," : ""; + $update .= (isset($_POST['discount'])) ? " discount='".$_POST['discount']."'," : ""; + $update .= (isset($_POST['trajanje'])) ? " trajanje='".$_POST['trajanje']."'," : ""; + + $update .= (isset($_POST['phone'])) ? " phone='".$_POST['phone']."'," : ""; + + $update .= (isset($_POST['podjetje_ime'])) ? " podjetje_ime='".$_POST['podjetje_ime']."'," : ""; + $update .= (isset($_POST['podjetje_naslov'])) ? " podjetje_naslov='".$_POST['podjetje_naslov']."'," : ""; + $update .= (isset($_POST['podjetje_postna'])) ? " podjetje_postna='".$_POST['podjetje_postna']."'," : ""; + $update .= (isset($_POST['podjetje_posta'])) ? " podjetje_posta='".$_POST['podjetje_posta']."'," : ""; + $update .= (isset($_POST['podjetje_drzava'])) ? " podjetje_drzava='".$_POST['podjetje_drzava']."'," : ""; + $update .= (isset($_POST['podjetje_davcna'])) ? " podjetje_davcna='".$_POST['podjetje_davcna']."'," : ""; + $update .= (isset($_POST['podjetje_no_ddv'])) ? " podjetje_no_ddv='".$_POST['podjetje_no_ddv']."'," : ""; + $update .= (isset($_POST['podjetje_eracun'])) ? " podjetje_eracun='".$_POST['podjetje_eracun']."'," : ""; + + if($update != ''){ + + $update = substr($update, 0, -1); + + $sqlNarocilo = sisplet_query("UPDATE user_access_narocilo SET ".$update.", cebelica_id_racun='0', cebelica_id_predracun='0' WHERE id='".$narocilo_id."'"); + if (!$sqlNarocilo) + echo mysqli_error($GLOBALS['connect_db']); + } + } + + // Na novo izrisemo tabelo z narocili + $this->displayNarocilaTableAdmin(); + } + + // Urejamo narocilo + if($_GET['a'] == 'payNarocilo') { + + if($narocilo_id > 0){ + + // Ce imamo nastavljen payment_method na 1 pomeni da gre za klik na "placano" v tabeli (Goran) in potem popravimo narocilu, da ima vedno nacin placila preko trr + $payment_method = (isset($_POST['payment_method'])) ? $_POST['payment_method'] : 0; + if($payment_method == '1'){ + $sqlNarociloNacin = sisplet_query("UPDATE user_access_narocilo SET payment_method='1' WHERE id='".$narocilo_id."'"); + } + + $this->payNarocilo($narocilo_id); + } + + // Na novo izrisemo tabelo z narocili + $this->displayNarocilaTableAdmin(); + } + + // Placamo narocilo brez racuna + if($_GET['a'] == 'payNarociloEracun') { + + if($narocilo_id > 0){ + + // Ce imamo nastavljen payment_method na 1 pomeni da gre za klik na "placano" v tabeli (Goran) in potem popravimo narocilu, da ima vedno nacin placila preko trr + $payment_method = (isset($_POST['payment_method'])) ? $_POST['payment_method'] : 0; + if($payment_method == '1'){ + $sqlNarociloNacin = sisplet_query("UPDATE user_access_narocilo SET payment_method='1' WHERE id='".$narocilo_id."'"); + } + + $this->payNarociloEracun($narocilo_id); + } + + // Na novo izrisemo tabelo z narocili + $this->displayNarocilaTableAdmin(); + } + + // Brisemo narocilo + if($_GET['a'] == 'deleteNarocilo') { + + if($narocilo_id > 0){ + $sqlNarocilo = sisplet_query("DELETE FROM user_access_narocilo WHERE id='".$narocilo_id."'"); + } + } + + // Filter narocil + if($_GET['a'] == 'filterNarocila') { + + $status = (isset($_POST['status'])) ? $_POST['status'] : ''; + $value = (isset($_POST['value'])) ? $_POST['value'] : ''; + + if($status != '' && $value != ''){ + + if($status == '0'){ + $_SESSION['narocila_filter']['neplacana'] = $value; + $this->narocila_filter['neplacana'] = $value; + } + elseif($status == '1'){ + $_SESSION['narocila_filter']['placana'] = $value; + $this->narocila_filter['placana'] = $value; + } + elseif($status == '2'){ + $_SESSION['narocila_filter']['stornirana'] = $value; + $this->narocila_filter['stornirana'] = $value; + } + } + + // Na novo izrisemo tabelo z narocili + $this->displayNarocilaTableAdmin(); + } + + // Vrnemo predracun + if($_GET['a'] == 'getPredracun') { + + $narocilo_id = (isset($_POST['narocilo_id'])) ? $_POST['narocilo_id'] : ''; + + if($narocilo_id != ''){ + $cebelica = new UserNarocilaCebelica($narocilo_id); + $predracun = $cebelica->getNarociloPredracun(); + + echo $predracun; + } + } + + // Vrnemo racun + if($_GET['a'] == 'getRacun') { + + $narocilo_id = (isset($_POST['narocilo_id'])) ? $_POST['narocilo_id'] : ''; + + if($narocilo_id != ''){ + $cebelica = new UserNarocilaCebelica($narocilo_id); + $predracun = $cebelica->getNarociloRacun(); + + echo $predracun; + } + } + } +} \ No newline at end of file diff --git a/frontend/payments/classes/class.UserNarocilaCebelica.php b/frontend/payments/classes/class.UserNarocilaCebelica.php new file mode 100644 index 0000000..f7c823b --- /dev/null +++ b/frontend/payments/classes/class.UserNarocilaCebelica.php @@ -0,0 +1,235 @@ + 0){ + + // Dobimo podatke narocila + $sqlNarocilo = sisplet_query("SELECT un.*, u.name, u.surname, u.email, up.name AS package_name, up.description AS package_description, up.price AS package_price + FROM user_access_narocilo un, users u, user_access_paket up + WHERE un.id='".$narocilo_id."' AND un.usr_id=u.id AND un.package_id=up.id"); + if(mysqli_num_rows($sqlNarocilo) > 0){ + $this->narocilo = mysqli_fetch_array($sqlNarocilo); + } + else{ + die("Napaka pri komunikaciji s čebelico! Narocilo ne obstaja."); + } + } + else { + die("Napaka pri komunikaciji s čebelico! Manjka ID naročila."); + } + } + + + // Zgeneriramo in vrnemo link do pdf-ja racuna za narocilo + public function getNarociloRacun($eracun=false){ + global $global_user_id; + + // Preverimo, ce racun ze obstaja + if($this->narocilo['cebelica_id_racun'] != '0' && file_exists(SITE_ROOT.MAPA_RACUNI.'1ka_racun_'.$this->narocilo['cebelica_id_racun'].'.pdf')){ + + // Dobimo hashiran url do dokumenta + $pdf_url = $this->getPdfUrl($type='racun', $this->narocilo['cebelica_id_racun']); + + return $pdf_url; + } + + // Ce predracun ne obstaja ga moramo najprej zgenerirati + if($this->narocilo['cebelica_id_predracun'] == '0'){ + $this->getNarociloPredracun(); + } + + // Zgeneriramo pdf racun na podlagi predracuna + $cebelica_id_new = $this->generatePdf($this->narocilo['cebelica_id_predracun'], $eracun); + + // Vstavimo id cebelice predracuna v bazo + $sqlNarocilo = sisplet_query("UPDATE user_access_narocilo SET cebelica_id_racun='".$cebelica_id_new."' WHERE id='".$this->narocilo['id']."'"); + + // Dobimo hashiran url do dokumenta + $pdf_url = $this->getPdfUrl($type='racun', $cebelica_id_new); + + return $pdf_url; + } + + // Zgeneriramo in vrnemo link do pdf-ja predracuna za narocilo + public function getNarociloPredracun(){ + global $global_user_id; + + // Preverimo, ce predracun ze obstaja + if($this->narocilo['cebelica_id_predracun'] != '0' && file_exists(SITE_ROOT.MAPA_PREDRACUNI.'1ka_predracun_'.$this->narocilo['cebelica_id_predracun'].'.pdf')){ + + // Dobimo hashiran url do dokumenta + $pdf_url = $this->getPdfUrl($type='predracun', $this->narocilo['cebelica_id_predracun']); + + return $pdf_url; + } + + // Zgeneriramo pdf predracun na podlagi podatkov narocila (cebelica) + $cebelica_id_new = $this->generatePdf($cebelica_id=0); + + // Vstavimo id cebelice predracuna v bazo + $sqlNarocilo = sisplet_query("UPDATE user_access_narocilo SET cebelica_id_predracun='".$cebelica_id_new."' WHERE id='".$this->narocilo['id']."'"); + + // Popravimo se id v arrayu ce gre za generiranje predracuna pred generiranjem racuna + $this->narocilo['cebelica_id_predracun'] = $cebelica_id_new; + + // Dobimo hashiran url do dokumenta + $pdf_url = $this->getPdfUrl($type='predracun', $cebelica_id_new); + + return $pdf_url; + } + + + // Poklicemo cebelico in zgeneriramo predracun oz. racun + private function generatePdf($cebelica_id=0, $eracun=false){ + global $site_path; + + // Api za povezavo s cebelico + require_once($site_path.'frontend/payments/cebelica/InvoiceFox/cebelcaApi.php'); + + $UA = new UserNarocila(); + + // Dobimo ceno + $cena = $UA->getPrice($this->narocilo['package_name'], $this->narocilo['trajanje'], $this->narocilo['discount'], $this->narocilo['time']); + + // Dobimo jezik za predracun/racun + $lang = $UA->getNarociloLanguage($this->narocilo['id']); + + + // Slovenki racun/predracun + if($lang == 'si'){ + + if($this->narocilo['trajanje'] == 1) + $months_string = 'mesec'; + elseif($this->narocilo['trajanje'] == 2) + $months_string = 'meseca'; + elseif($this->narocilo['trajanje'] == 3 || $this->narocilo['trajanje'] == 4) + $months_string = 'mesece'; + else + $months_string = 'mesecev'; + + $ime_storitve = '1KA naročnina (paket '.strtoupper($this->narocilo['package_name']). ' - '.$this->narocilo['trajanje'].' '.$months_string.')'; + } + // Angleski racun/predracun + else{ + + if($this->narocilo['trajanje'] == 1) + $months_string = 'month'; + else + $months_string = 'months'; + + $ime_storitve = '1KA subscription (package '.strtoupper($this->narocilo['package_name']). ' - '.$this->narocilo['trajanje'].' '.$months_string.')'; + } + + + // Zavezanec iz tujine ima racun/predracun brez ddv + if($UA->isWithoutDDV($this->narocilo['id'])){ + $ddv = 0; + $cena_za_placilo = $cena['final_without_tax']; + } + else{ + $ddv = 1; + $cena_za_placilo = $cena['final']; + } + + // Kartica + if($this->narocilo['payment_method'] == '3') + $tip_placila = 3; + // Paypal + elseif($this->narocilo['payment_method'] == '2') + $tip_placila = 5; + // TRR + else + $tip_placila = 1; + + $podatki = array( + 'narocilo_id' => $this->narocilo['id'], // id narocila + 'stranka' => $this->narocilo['ime'], // ime kupca + 'email' => $this->narocilo['email'], // email kupca + 'datum' => date("j.n.Y"), // datum izdaje računa + + 'telefon' => $this->narocilo['phone'], + + 'drzava' => $this->narocilo['podjetje_drzava'], + + 'podjetjeime' => $this->narocilo['podjetje_ime'], + 'podjetjenaslov'=> $this->narocilo['podjetje_naslov'], + 'podjetjepostna'=> $this->narocilo['podjetje_postna'], + 'podjetjeposta' => $this->narocilo['podjetje_posta'], + 'podjetjedavcna'=> $this->narocilo['podjetje_davcna'], // davčna številka kupca, če je podjetje + + 'ime_storitve' => $ime_storitve, + + 'cena' => $cena['final_without_tax'], // cena brez DDV + 'za_placilo' => $cena_za_placilo, // znesek za plačilo + ///'popust' => $cena['discount_percentage'], // procent s celo številko. 5 pomeni 5% + 'veljavnost' => "3", // veljavnost predračuna v dnevih + + 'ddv' => $ddv, // Obracunan ddv (zavezanec iz tujine ga nima) + + 'tip_placila' => $tip_placila // Tip placila - 1=nakazilo, 3=kartica, 5=paypal + ); + + + + // 0 generira predračun, številka naredi račun iz predračuna + $cebelica_id_new = vnosRacunaCebelca($podatki, $debug=false, $cebelica_id, $lang, $eracun); + + if($cebelica_id_new){ + return $cebelica_id_new; + } + else{ + return "Napaka pri vnosu dokumenta v cebelca.biz."; + } + } + + + // Dobimo hash za url do pdf-ja + private function getPdfUrl($type, $id){ + global $site_url; + + $params = array( + 'type' => $type, // "racun" ali "predracun" + 'id' => $id // ID pdf dokumenta + ); + + // Array s podatki zaheshiramo + $hash = base64_encode(urlencode(serialize($params))); + + $url = $site_url.'/payment/'.$hash; + + return $url; + } +} \ No newline at end of file diff --git a/frontend/payments/classes/class.UserNarocilaCron.php b/frontend/payments/classes/class.UserNarocilaCron.php new file mode 100644 index 0000000..a763dad --- /dev/null +++ b/frontend/payments/classes/class.UserNarocilaCron.php @@ -0,0 +1,198 @@ +$action(); + else + echo 'Method '.$action.' does not exist!'; + } + + + // Mail 6 dni pred potekom narocnine + private function notifyIn6(){ + + $expired_users = $this->getExpiredUsers($expire='in6'); + + foreach($expired_users as $usr_id => $user){ + + $narocilo = $this->getLastNarocilo($usr_id); + + // Nastavimo ustrezen jezik - mail mora biti v istem jeziku kot je bilo zadnje narocilo + if($narocilo['language'] == 'en') + include('../lang/2.php'); + else + include('../lang/1.php'); + + + // Posljemo mail + $subject = $lang['srv_access_expire_in6_subject']; + $content = str_replace('#PACKAGE_NAME#', $narocilo['package_id'].'ka', $lang['srv_access_expire_in6_content1']); + $content .= str_replace('#PACKAGE_ID#', $narocilo['package_id'], $lang['srv_access_expire_in6_content2']); + $content .= $lang['srv_access_expire_in6_content3'] . $user['email']; + + // Podpis + $signature = Common::getEmailSignature(); + $content .= $signature; + + try{ + $MA = new MailAdapter(); + $MA->addRecipients($user['email']); + $resultX = $MA->sendMail($content, $subject); + } + catch (Exception $e){ + } + } + + } + + // Mail 1 dan pred potekom narocnine + private function notifyIn1(){ + + $expired_users = $this->getExpiredUsers($expire='in1'); + + foreach($expired_users as $usr_id => $user){ + + $narocilo = $this->getLastNarocilo($usr_id); + + // Nastavimo ustrezen jezik - mail mora biti v istem jeziku kot je bilo zadnje narocilo + if($narocilo['language'] == 'en') + include('../lang/2.php'); + else + include('../lang/1.php'); + + + // Posljemo mail + $subject = $lang['srv_access_expire_in1_subject']; + $content = str_replace('#PACKAGE_NAME#', $narocilo['package_id'].'ka', $lang['srv_access_expire_in1_content1']); + $content .= str_replace('#PACKAGE_ID#', $narocilo['package_id'], $lang['srv_access_expire_in1_content2']); + $content .= $lang['srv_access_expire_in1_content3'] . $user['email']; + + // Podpis + $signature = Common::getEmailSignature(); + $content .= $signature; + + try{ + $MA = new MailAdapter(); + $MA->addRecipients($user['email']); + $resultX = $MA->sendMail($content, $subject); + } + catch (Exception $e){ + } + } + } + + // Mail 1 dan po poteku narocnine + private function notifyExpired(){ + + $expired_users = $this->getExpiredUsers($expire='expired'); + + foreach($expired_users as $usr_id => $user){ + + $narocilo = $this->getLastNarocilo($usr_id); + + // Nastavimo ustrezen jezik - mail mora biti v istem jeziku kot je bilo zadnje narocilo + if($narocilo['language'] == 'en') + include('../lang/2.php'); + else + include('../lang/1.php'); + + + // Posljemo mail + $subject = $lang['srv_access_expire_expired_subject']; + $content = str_replace('#PACKAGE_NAME#', $narocilo['package_id'].'ka', $lang['srv_access_expire_expired_content1']); + $content .= str_replace('#PACKAGE_ID#', $narocilo['package_id'], $lang['srv_access_expire_expired_content2']); + $content .= $lang['srv_access_expire_expired_content3'] . $user['email']; + + // Podpis + $signature = Common::getEmailSignature(); + $content .= $signature; + + try{ + $MA = new MailAdapter(); + $MA->addRecipients($user['email']); + $resultX = $MA->sendMail($content, $subject); + } + catch (Exception $e){ + } + } + } + + + + // Dobimo seznam uporabnikov, ki jim potece paket na dolocen dan + private function getExpiredUsers($expire){ + + if($expire == 'in6'){ + $interval_query = 'DATE(time_expire) = DATE(NOW() + INTERVAL 6 DAY)'; + } + elseif($expire == 'in1'){ + $interval_query = 'DATE(time_expire) = DATE(NOW() + INTERVAL 1 DAY)'; + } + if($expire == 'expired'){ + $interval_query = 'DATE(time_expire) = DATE(NOW() - INTERVAL 1 DAY)'; + } + + $result = array(); + + // Loop po vseh uporabnikih, ki imajo zakupljen paket in jim potece cez 6 dni + $sqlAccess = sisplet_query("SELECT a.*, u.email + FROM user_access a, users u + WHERE (a.package_id = 2 OR a.package_id = 3) + AND ".$interval_query." + AND u.id=a.usr_id + "); + + while($rowAccess = mysqli_fetch_array($sqlAccess)){ + $result[$rowAccess['usr_id']] = $rowAccess; + } + + return $result; + } + + // Dobimo zadnji placan paket uporabnika + private function getLastNarocilo($usr_id){ + + // Dobimo podatke zadnjega placanega narocila za tega uporabnika + $sqlNarocilo = sisplet_query("SELECT * + FROM user_access_narocilo + WHERE usr_id='".$usr_id."' AND status='1' + ORDER BY time DESC + LIMIT 1 + "); + + // Uporabnik nima nobenega placanega paketa + if(mysqli_num_rows($sqlNarocilo) == 0){ + return false; + } + + $rowNarocilo = mysqli_fetch_array($sqlNarocilo); + + return $rowNarocilo; + } +} \ No newline at end of file diff --git a/frontend/payments/classes/class.UserNarocilaPaypal.php b/frontend/payments/classes/class.UserNarocilaPaypal.php new file mode 100644 index 0000000..de8bb64 --- /dev/null +++ b/frontend/payments/classes/class.UserNarocilaPaypal.php @@ -0,0 +1,308 @@ + 0){ + + // Dobimo podatke narocila + $sqlNarocilo = sisplet_query("SELECT un.*, u.name, u.surname, u.email, up.name AS package_name, up.description AS package_description, up.price AS package_price + FROM user_access_narocilo un, users u, user_access_paket up + WHERE un.id='".$narocilo_id."' AND un.usr_id=u.id AND un.package_id=up.id"); + if(mysqli_num_rows($sqlNarocilo) > 0){ + $this->narocilo = mysqli_fetch_array($sqlNarocilo); + } + else{ + die("Napaka pri komunikaciji s paypal! Narocilo ne obstaja."); + } + + + // Ustvarimo okolje za paypal + if($mysql_database_name == 'real1kasi') + $environment = new ProductionEnvironment($paypal_client_id, $paypal_secret); + else + $environment = new SandboxEnvironment($paypal_client_id, $paypal_secret); + + $this->paypal_client = new PayPalHttpClient($environment); + } + else { + die("Napaka pri komunikaciji s paypal! Manjka ID naročila."); + } + } + + + // Placamo narocilo s paypal + public function paypalCreatePayment(){ + global $site_url; + + $response = array(); + + + $UA = new UserNarocila(); + $cena = $UA->getPrice($this->narocilo['package_name'], $this->narocilo['trajanje'], $this->narocilo['discount'], $this->narocilo['time']); + + if($this->narocilo['trajanje'] == 1) + $months_string = 'mesec'; + elseif($this->narocilo['trajanje'] == 2) + $months_string = 'meseca'; + elseif($this->narocilo['trajanje'] == 3 || $this->narocilo['trajanje'] == 4) + $months_string = 'mesece'; + else + $months_string = 'mesecev'; + + + // Zavezanec iz tujine ima racun/predracun brez ddv + if($UA->isWithoutDDV($this->narocilo['id'])){ + $ddv = 0; + $cena_za_placilo = $cena['final_without_tax']; + } + else{ + $ddv = 1; + $cena_za_placilo = $cena['final']; + } + + + // Podatki narocila + $orderDetails = array( + 'ime' => '1KA naročnina (paket '.strtoupper($this->narocilo['package_name']). ' - '.$this->narocilo['trajanje'].' '.$months_string.')', + 'narocilo_id' => $this->narocilo['id'], + 'cena' => $cena_za_placilo, + ); + + // Ustvarimo order na paypal, da se lahko potem user prijavi in ga placa + $paypal_response = $this->paypalCreateOrder($orderDetails); + + if(!isset($paypal_response['success']) || $paypal_response['success'] == false){ + return $paypal_response; + } + + + // Vstavimo plačilo v bazo + $sqlNarocilo = sisplet_query("INSERT INTO user_access_paypal_transaction + (transaction_id, narocilo_id, price, currency_type, time, status) + VALUES + ('".$paypal_response['transaction_id']."', '".$this->narocilo['id']."', '".$cena_za_placilo."', 'EUR', NOW(), 'CREATED') + "); + if (!$sqlNarocilo){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + + + $response['paypal_link'] = $paypal_response['paypal_link']; + + $response['success'] = true; + + return $response; + } + + // Posljemo podatke za placilo paypalu + private function paypalCreateOrder($orderDetails){ + global $site_url; + global $lang; + + $response = array(); + + $request = new OrdersCreateRequest(); + + $request->prefer('return=representation'); + //$request->headers["prefer"] = "return=representation"; + + if($lang['id'] == '2'){ + $drupal_url_confirm = $site_url.'/d/en/paypal-purchase/success?narocilo_id='.$orderDetails['narocilo_id']; + $drupal_url_cancel = $site_url.'/d/en/paypal-purchase/cancel?narocilo_id='.$orderDetails['narocilo_id']; + } + else{ + $drupal_url_confirm = $site_url.'/d/narocilo/paypal?narocilo_id='.$orderDetails['narocilo_id']; + $drupal_url_cancel = $site_url.'/d/narocilo/paypal-cancel?narocilo_id='.$orderDetails['narocilo_id']; + } + + $request->body = [ + "intent" => "CAPTURE", + "purchase_units" => [[ + "reference_id" => $orderDetails['narocilo_id'], + 'description' => $orderDetails['ime'], + + "amount" => [ + "value" => $orderDetails['cena'], + "currency_code" => "EUR" + ] + ]], + "application_context" => [ + "cancel_url" => $drupal_url_cancel, + "return_url" => $drupal_url_confirm, + + 'brand_name' => '1KA' + ] + ]; + + try { + // Poklicemo paypal api za ustvarjanje narocila + $paypal_response = $this->paypal_client->execute($request); + + if($paypal_response->result->status != 'CREATED'){ + $response['error'] = 'ERROR! Order was not created.'; + $response['success'] = false; + + return $response; + } + + // Dobimo id paypal narocila + $response['transaction_id'] = $paypal_response->result->id; + + // Dobimo link za preusmeritev stranke, da potrdi narocilo in potem lahko izvedemo "capture" + foreach($paypal_response->result->links as $link){ + + if($link->rel == 'approve') + $response['paypal_link'] = $link->href; + } + } + catch (HttpException $e) { + $response['error'] = $e->getMessage(); + $response['success'] = false; + + return $response; + } + + + $response['success'] = true; + + return $response; + } + + + // Zakljucimo placilo, ce je bilo placilo ok odobreno preko paypala s strani stranke + public function paypalCaptureOrder(){ + + $response = array(); + + // Preverimo plačilo v bazo + $sqlNarociloPaypal = sisplet_query("SELECT transaction_id + FROM user_access_paypal_transaction + WHERE narocilo_id='".$this->narocilo['id']."' + "); + if (!$sqlNarociloPaypal){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + + // Narocilo ne obstaja (ni v bazi paypal narocil) + if (mysqli_num_rows($sqlNarociloPaypal) == 0){ + $response['error'] = 'ERROR! Paypal order does not exist.'; + $response['success'] = false; + + return $response; + } + + $rowNarociloPaypal = mysqli_fetch_array($sqlNarociloPaypal); + + // Preverimo, ce je bilo vse ok placano - POST request to /v2/checkout/orders + $request = new OrdersCaptureRequest($rowNarociloPaypal['transaction_id']); + //$request->prefer('return=representation'); + + try { + // Poklicemo paypal api kjer preverimo placilo narocila + $paypal_response = $this->paypal_client->execute($request); + } + catch (HttpException $e) { + $response['error'] = $e->getMessage(); + $response['success'] = false; + + return $response; + } + + + // Posodobimo status narocila + $sqlNarocilo = sisplet_query("UPDATE user_access_paypal_transaction + SET status='".$paypal_response->result->status."' + WHERE transaction_id='".$paypal_response->result->id."' + "); + if (!$sqlNarocilo){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + + + // Nastavimo narocilo na placano, aktiviramo paket in vrnemo racun + $narocilo = new UserNarocila(); + $payment_response = $narocilo->payNarocilo($this->narocilo['id']); + + if($payment_response['success'] == true){ + $response['racun'] = $payment_response['racun']; + $response['success'] = true; + } + else{ + $response['error'] = $payment_response['error']; + $response['success'] = false; + } + + $response['narocilo_id'] = $this->narocilo['id']; + + + $response['success'] = true; + + return $response; + } + + + // Preklicemo placilo, ce je bilo placilo preklicano preko paypala s strani stranke + public function paypalCancelOrder(){ + + $response = array(); + + // Posodobimo status narocila + $sqlNarocilo = sisplet_query("UPDATE user_access_paypal_transaction + SET status='CANCELLED' + WHERE narocilo_id='".$this->narocilo['id']."' + "); + if (!$sqlNarocilo){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + + // Nastavimo status narocila na storniran + $sqlNarociloStatus = sisplet_query("UPDATE user_access_narocilo SET status='2' WHERE id='".$this->narocilo['id']."'"); + if (!$sqlNarociloStatus){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + + $response['success'] = true; + + return $response; + } +} \ No newline at end of file diff --git a/frontend/payments/classes/class.UserNarocilaStripe.php b/frontend/payments/classes/class.UserNarocilaStripe.php new file mode 100644 index 0000000..82efce2 --- /dev/null +++ b/frontend/payments/classes/class.UserNarocilaStripe.php @@ -0,0 +1,266 @@ +stripeService = new \Stripe\StripeClient($stripe_secret); + + if($narocilo_id > 0){ + + // Dobimo podatke narocila + $sqlNarocilo = sisplet_query("SELECT un.*, u.name, u.surname, u.email, up.name AS package_name, up.description AS package_description, up.price AS package_price + FROM user_access_narocilo un, users u, user_access_paket up + WHERE un.id='".$narocilo_id."' AND un.usr_id=u.id AND un.package_id=up.id"); + if(mysqli_num_rows($sqlNarocilo) > 0){ + $this->narocilo = mysqli_fetch_array($sqlNarocilo); + } + else{ + die("Napaka pri komunikaciji s stripe! Narocilo ne obstaja."); + } + } + else { + die("Napaka pri komunikaciji s stripe! Manjka ID naročila."); + } + } + + + // Ustvarimo session za placilo v stripe - V DELU + public function stripeCreateSession(){ + global $site_url; + global $lang; + + $response = array(); + + + $UA = new UserNarocila(); + $cena = $UA->getPrice($this->narocilo['package_name'], $this->narocilo['trajanje'], $this->narocilo['discount'], $this->narocilo['time']); + + if($this->narocilo['trajanje'] == 1) + $months_string = 'mesec'; + elseif($this->narocilo['trajanje'] == 2) + $months_string = 'meseca'; + elseif($this->narocilo['trajanje'] == 3 || $this->narocilo['trajanje'] == 4) + $months_string = 'mesece'; + else + $months_string = 'mesecev'; + + + // Zavezanec iz tujine ima racun/predracun brez ddv + if($UA->isWithoutDDV($this->narocilo['id'])){ + $ddv = 0; + $cena_za_placilo = $cena['final_without_tax']; + } + else{ + $ddv = 1; + $cena_za_placilo = $cena['final']; + } + + + // URL po potrditvi oz preklicu + if($lang['id'] == '2'){ + $drupal_url_confirm = $site_url.'/d/en/stripe-purchase/success?narocilo_id='.$this->narocilo['id']; + $drupal_url_cancel = $site_url.'/d/en/stripe-purchase/cancel?narocilo_id='.$this->narocilo['id']; + } + else{ + $drupal_url_confirm = $site_url.'/d/narocilo/stripe?narocilo_id='.$this->narocilo['id']; + $drupal_url_cancel = $site_url.'/d/narocilo/stripe-cancel?narocilo_id='.$this->narocilo['id']; + } + + // Ustvarimo checkout session + try { + $session = $this->stripeService->checkout->sessions->create([ + 'success_url' => $drupal_url_confirm, + 'cancel_url' => $drupal_url_cancel, + + 'payment_method_types' => ['card'], + 'mode' => 'payment', + + 'customer_email' => $this->narocilo['email'], + + 'line_items' => [ + [ + 'price_data' => array( + 'currency' => 'EUR', + 'product_data' => array( + 'name' => '1KA naročnina (paket '.strtoupper($this->narocilo['package_name']). ' - '.$this->narocilo['trajanje'].' '.$months_string.')', + ), + 'unit_amount' => $cena_za_placilo * 100, + ), + 'quantity' => 1, + ], + ], + ]); + + // Dobimo id paypal narocila + $stripe_response['session_id'] = $session->id; + } + catch (HttpException $e) { + $response['error'] = $e->getMessage(); + $response['success'] = false; + + return $response; + } + + + // Vstavimo stripe charge v bazo + $sqlNarocilo = sisplet_query("INSERT INTO user_access_stripe_charge + (session_id, narocilo_id, price, time, status) + VALUES + ('".$stripe_response['session_id']."', '".$this->narocilo['id']."', '".$cena_za_placilo."', NOW(), 'CREATED') + "); + if (!$sqlNarocilo){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + + + $response['session_id'] = $stripe_response['session_id']; + + $response['success'] = true; + + return $response; + } + + + // Zakljucimo placilo, ce je bilo placilo ok odobreno preko stripe s strani stranke - V DELU + public function stripeCheckoutSuccess(){ + + $response = array(); + + // Preverimo plačilo v bazo + $sqlNarociloStripe = sisplet_query("SELECT session_id + FROM user_access_stripe_charge + WHERE narocilo_id='".$this->narocilo['id']."' + "); + if (!$sqlNarociloStripe){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + + // Narocilo ne obstaja (ni v bazi stripe narocil) + if (mysqli_num_rows($sqlNarociloStripe) == 0){ + $response['error'] = 'ERROR! Stripe order session does not exist.'; + $response['success'] = false; + + return $response; + } + + $rowNarociloStripe = mysqli_fetch_array($sqlNarociloStripe); + + + // Preverimo, ce je bilo vse ok placano + try{ + // Poklicemo paypal api kjer preverimo placilo narocila + $session = $this->stripeService->checkout->sessions->retrieve($rowNarociloStripe['session_id']); + } + catch(HttpException $e) { + $response['error'] = $e->getMessage(); + $response['success'] = false; + + return $response; + } + + // Ce je session placan, posodobimo status narocila + if($session->payment_status == 'paid'){ + + $sqlNarocilo = sisplet_query("UPDATE user_access_stripe_charge + SET status='PAID' + WHERE session_id='".$paypal_response->result->id."' + "); + if (!$sqlNarocilo){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + } + else{ + $response['error'] = 'ERROR! SESSION IS NOT PAID!'; + $response['success'] = false; + + return $response; + } + + + // Nastavimo narocilo na placano, aktiviramo paket in vrnemo id narocila + $narocilo = new UserNarocila(); + $payment_response = $narocilo->payNarocilo($this->narocilo['id']); + + if($payment_response['success'] == true){ + $response['racun'] = $payment_response['racun']; + $response['success'] = true; + } + else{ + $response['error'] = $payment_response['error']; + $response['success'] = false; + } + + + $response['narocilo_id'] = $this->narocilo['id']; + + $response['success'] = true; + + return $response; + } + + // Preklicemo placilo, ce je bilo placilo preklicano preko stripe s strani stranke + public function stripeCheckoutCancel(){ + + $response = array(); + + // Posodobimo status narocila + $sqlNarocilo = sisplet_query("UPDATE user_access_stripe_charge + SET status='CANCELLED' + WHERE narocilo_id='".$this->narocilo['id']."' + "); + if (!$sqlNarocilo){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + + // Nastavimo status narocila na storniran + $sqlNarociloStatus = sisplet_query("UPDATE user_access_narocilo SET status='2' WHERE id='".$this->narocilo['id']."'"); + if (!$sqlNarociloStatus){ + $response['error'] = 'ERROR! '.mysqli_error($GLOBALS['connect_db']); + $response['success'] = false; + + return $response; + } + + $response['success'] = true; + + return $response; + } +} \ No newline at end of file diff --git a/frontend/payments/classes/class.UserPlacila.php b/frontend/payments/classes/class.UserPlacila.php new file mode 100644 index 0000000..a21d6fb --- /dev/null +++ b/frontend/payments/classes/class.UserPlacila.php @@ -0,0 +1,547 @@ + 0){ + + $sqlNarocilo = sisplet_query("SELECT n.*, u.name, u.surname, u.email + FROM user_access_narocilo n, users u + WHERE n.usr_id=u.id AND n.id='".$rowPlacilo['narocilo_id']."' + "); + $rowNarocilo = mysqli_fetch_array($sqlNarocilo); + + $placila[$rowPlacilo['id']]['narocilo'] = $rowNarocilo; + } + } + + return $placila; + } + + // Dobimo podatke placila dolocen id + private function getPlacilo($placilo_id){ + global $admin_type; + + $placilo = array(); + + // Loop po vseh placilih v sistemu + $sqlPlacilo = sisplet_query("SELECT * FROM user_access_placilo WHERE id='".$placilo_id."'"); + $placilo = mysqli_fetch_array($sqlPlacilo); + + // Dobimo se podatke narocila, ce imamo id + if($placilo['narocilo_id'] > 0){ + + $sqlNarocilo = sisplet_query("SELECT n.*, u.name, u.surname, u.email + FROM user_access_narocilo n, users u + WHERE n.usr_id=u.id AND n.id='".$placilo['narocilo_id']."' + "); + $rowNarocilo = mysqli_fetch_array($sqlNarocilo); + + $placilo['narocilo'] = $rowNarocilo; + } + + return $placilo; + } + + // Ustvarimo placilo iz narocila + public function createPlacilo($narocilo, $eracun=false){ + + // Preverimo, ce slucajno se obstaja placilo za to narocilo - vrnemo error + $sqlPlaciloCheck = sisplet_query("SELECT id FROM user_access_placilo WHERE narocilo_id='".$narocilo['id']."'"); + if(mysqli_num_rows($sqlPlaciloCheck) > 0){ + echo 'Napaka! Plačilo za to naročilo že obstaja.'; + return; + } + + $note = 'Plačilo naročila '.$narocilo['id']; + + // Dobimo ceno glede na narocilo in paket + $sqlPackage = sisplet_query("SELECT name FROM user_access_paket WHERE id='".$narocilo['package_id']."'"); + $rowPackage = mysqli_fetch_array($sqlPackage); + + $UA = new UserNarocila(); + $cena = $UA->getPrice($rowPackage['name'], $narocilo['trajanje'], $narocilo['discount'], $narocilo['time']); + + // Zavezanec iz tujine je placal brez ddv + $cena_placano = ($UA->isWithoutDDV($narocilo['id'])) ? $cena['final_without_tax'] : $cena['final']; + + // Ce je placilo eracuna, bo placano sele cez 30 dni + $time = ($eracun) ? 'NOW() + INTERVAL 1 MONTH': 'NOW()'; + + $sqlPlacilo = sisplet_query("INSERT INTO user_access_placilo + (narocilo_id, note, time, price, payment_method) + VALUES + ('".$narocilo['id']."', '".$note."', ".$time.", '".$cena_placano."', '".$narocilo['payment_method']."') + "); + if (!$sqlPlacilo) + echo mysqli_error($GLOBALS['connect_db']); + } + + + // Izpisemo podatke o placilih + public function displayPlacila(){ + global $lang, $global_user_id, $app_settings; + + // Tabela vseh placil + $this->displayPlacilaTable(); + + // Gumb za dodajanje placila + /*echo '
'; + echo '
'.$lang['srv_placila_create'].'
'; + echo '
';*/ + + // Izracun zasluzka in provizij po mesecih - samo Goran + if($app_settings['app_name'] == 'www.1ka.si' && $global_user_id == '112696') + $this->displayPlacilaPovzetek(); + } + + // Izpisemo seznam vseh placil + public function displayPlacilaTable(){ + global $lang, $global_user_id, $app_settings; + + // Admini vidijo vsa placila + $data = $this->getPlacila(); + + echo ''; + + // Glava tabele + echo ' '; + echo ' '; + + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + + + // Vsebina tabele + echo ' '; + + foreach($data as $placilo_id => $data_row){ + + echo ''; + + // Narocilo + if(isset($data_row['narocilo'])){ + echo ''; + } + else{ + echo ''; + } + + // Note + echo ''; + + // Time + echo ''; + + // Price + echo ''; + + // Brez ddv (zavezanec iz tujine) + $UA = new UserNarocila(); + echo ''; + + // Payment method + echo ''; + + // Stornirano method + echo ''; + + // Država + echo ''; + + // Paket + echo ''; + + // Trajanje + echo ''; + + // Edit / delete + echo ''; + + echo ''; + } + + echo ' '; + + echo '
'.$lang['srv_placilo_narocilo'].''.$lang['srv_placilo_note'].''.$lang['srv_placilo_time'].''.$lang['srv_placilo_price'].''.$lang['srv_narocilo_ddv'].''.$lang['srv_placilo_payment_method'].''.$lang['srv_placilo_stornirano'].''.$lang['srv_placilo_drzava'].''.$lang['srv_placilo_paket'].''.$lang['srv_placilo_trajanje'].''.$lang['edit2'].'
'.$data_row['narocilo']['id'].' ('.$data_row['narocilo']['email'].')/'.$data_row['note'].''.date( 'd.m.Y G:i', strtotime($data_row['time'])).''.$data_row['price'].''.($UA->isWithoutDDV($data_row['narocilo']['id']) ? $lang['no'] : $lang['yes']).''.$lang['srv_narocilo_nacin_placila_'.$data_row['payment_method']].''.($data_row['canceled'] == '1' ? $lang['yes'] : $lang['no']).''.$data_row['narocilo']['podjetje_drzava'].''.$data_row['narocilo']['package_id'].'KA'.$data_row['narocilo']['trajanje'].''; + // Na www.1ka.si lahko placilo ureja samo Goran + if($app_settings['app_name'] != 'www.1ka.si' || $global_user_id == '112696'){ + + // Uredi + echo ' | '; + + // Brisi + echo ''; + + // Storniraj + if($data_row['canceled'] != '1') + echo ' | Storniraj'; + } + else{ + echo '/'; + } + echo '
'; + + // Se inicializiramo dataTable jquery + echo ''; + } + + // Prikazemo popup za dodajanje novega placila + private function displayPlaciloCreate(){ + global $lang; + + echo '

'.$lang['srv_placila_create'].'

'; + + + echo '
'; + + echo '
'; + + // Podatki narocnika + echo '
'; + + // Note + echo '
'; + echo ''.$lang['srv_placilo_note'].': '; + //echo ''; + echo ''; + echo '
'; + + // Time + echo '
'; + echo ''.$lang['srv_placilo_time'].': '; + echo ''; + echo '
'; + + // Price + echo '
'; + echo ''.$lang['srv_placilo_price'].': '; + echo ''; + echo '
'; + + // Payment method + echo '
'; + echo ''.$lang['srv_placilo_payment_method'].': '; + echo ''; + echo '
'; + + echo '
'; + + echo '
'; + + // Gumbi na dnu + echo '
'; + echo '
'.$lang['edit1337'].'
'; + echo '
'.$lang['srv_zapri'].'
'; + echo '
'; + + echo '
'; + } + + // Prikazemo popup za pregled in urejanje placila - TODO + private function displayPlaciloEdit($placilo_id){ + global $lang; + + // Dobimo podatke placila + $placilo = $this->getPlacilo($placilo_id); + + + echo '

'.$lang['srv_placila_create'].'

'; + + + echo '
'; + + echo '
'; + + // Podatki narocnika + echo '
'; + + // Input za id porocila + echo ''; + + // Note + echo '
'; + echo ''.$lang['srv_placilo_note'].': '; + //echo ''; + echo ''; + echo '
'; + + // Time + echo '
'; + echo ''.$lang['srv_placilo_time'].': '; + echo ''; + echo '
'; + + // Price + echo '
'; + echo ''.$lang['srv_placilo_price'].': '; + echo ''; + echo '
'; + + // Payment method + echo '
'; + echo ''.$lang['srv_placilo_payment_method'].': '; + echo ''; + echo '
'; + + echo '
'; + + echo '
'; + + // Gumbi na dnu + echo '
'; + echo '
'.$lang['edit1337'].'
'; + echo '
'.$lang['srv_zapri'].'
'; + echo '
'; + + echo '
'; + } + + + // Prikazemo popup za pregled in urejanje placila + private function displayPlacilaPovzetek(){ + global $lang; + + /* + TRR: 0,12 € + EU kartica 1,4% + 0,25 € + Non-EU kartica: 2,9% + 0,25 € + PayPal: 3,4% + 0,35 € + */ + + echo '
'; + echo '
Izračun po mesecih'; + + $sqlPlacilo = sisplet_query("SELECT *, MONTH(time) as month, YEAR(time) as year + FROM user_access_placilo + "); + while($rowPlacilo = mysqli_fetch_array($sqlPlacilo)){ + + // Paypal + if($rowPlacilo['payment_method'] == '2'){ + $placila[$rowPlacilo['year']][$rowPlacilo['month']]['sum_paypal'] += $rowPlacilo['price']; + $placila[$rowPlacilo['year']][$rowPlacilo['month']]['provizija_paypal'] += ($rowPlacilo['price'] * 0.34) + 0.35; + } + // Kartica + elseif($rowPlacilo['payment_method'] == '3'){ + $placila[$rowPlacilo['year']][$rowPlacilo['month']]['sum_kartica'] += $rowPlacilo['price']; + $placila[$rowPlacilo['year']][$rowPlacilo['month']]['provizija_kartica'] += ($rowPlacilo['price'] * 0.014) + 0.25; + } + // TRR + else{ + $placila[$rowPlacilo['year']][$rowPlacilo['month']]['sum_trr'] += $rowPlacilo['price']; + $placila[$rowPlacilo['year']][$rowPlacilo['month']]['provizija_trr'] += 0.12; + } + + // Suma placil za mesec + $placila[$rowPlacilo['year']][$rowPlacilo['month']]['sum'] += $rowPlacilo['price']; + } + + foreach($placila as $year => $placila_leto){ + + foreach($placila_leto as $month => $placila_mesec){ + + echo '
'; + + $month_name = date("F", mktime(0, 0, 0, $month, 10)); + echo ''.$month_name.' '.$year.''; + + echo '
'; + + echo 'Vsota plačil na TRR: '.$placila_mesec['sum_trr']; + echo '
TRR provizija: '.$placila_mesec['provizija_trr']; + + echo '

'; + + echo 'Vsota plačil s kartico: '.$placila_mesec['sum_kartica']; + echo '
Kartica provizija: '.$placila_mesec['provizija_kartica']; + + echo '

'; + + echo 'Vsota plačil s paypal: '.$placila_mesec['sum_paypal']; + echo '
Paypal provizija: '.$placila_mesec['provizija_paypal']; + + echo '

'; + + echo 'Vsota plačil: '.$placila_mesec['sum']; + + echo '

'; + } + } + + echo '
'; + echo '
'; + } + + + // Ajax klici + public function ajax(){ + + $placilo_id = (isset($_POST['placilo_id'])) ? $_POST['placilo_id'] : 0; + + + // Prikazemo popup z urejanjem posameznega narocila + if($_GET['a'] == 'displayPlaciloPopup') { + + if($placilo_id > 0){ + $this->displayPlaciloEdit($placilo_id); + } + else{ + $this->displayPlaciloCreate(); + } + } + + // Urejamo narocilo + if($_GET['a'] == 'editPlacilo') { + + if($placilo_id > 0){ + + $update = ''; + + $update .= (isset($_POST['narocilo_id'])) ? " narocilo_id='".$_POST['narocilo_id']."'," : ""; + $update .= (isset($_POST['note'])) ? " note='".$_POST['note']."'," : ""; + $update .= (isset($_POST['time'])) ? " time='".$_POST['time']."'," : ""; + $update .= (isset($_POST['price'])) ? " price='".$_POST['price']."'," : ""; + $update .= (isset($_POST['payment_method'])) ? " payment_method='".$_POST['payment_method']."'," : ""; + + if($update != ''){ + + $update = substr($update, 0, -1); + + $sqlPlacilo = sisplet_query("UPDATE user_access_placilo SET ".$update." WHERE id='".$placilo_id."'"); + if (!$sqlPlacilo) + echo mysqli_error($GLOBALS['connect_db']); + } + } + + // Na novo izrisemo tabelo z narocili + $this->displayPlacila(); + } + + // Urejamo narocilo + if($_GET['a'] == 'createPlacilo') { + + $narocilo_id = (isset($_POST['narocilo_id'])) ? $_POST['narocilo_id'] : 0; + $note = (isset($_POST['note'])) ? $_POST['note'] : ''; + $time = (isset($_POST['time'])) ? $_POST['time'] : ''; + $price = (isset($_POST['price'])) ? $_POST['price'] : 0; + $payment_method = (isset($_POST['payment_method'])) ? $_POST['payment_method'] : ''; + + if($price != '' && $price != 0){ + + // Preverimo, ce slucajno se obstaja placilo za to narocilo - vrnemo error + if($narocilo_id != 0){ + $sqlPlaciloCheck = sisplet_query("SELECT id FROM user_access_placilo WHERE narocilo_id='".$narocilo_id."'"); + + if(mysqli_num_rows($sqlPlaciloCheck) > 0){ + echo 'Napaka! Plačilo za to naročilo že obstaja.'; + + // Na novo izrisemo tabelo z narocili + $this->displayPlacila(); + + return; + } + } + + $sqlPlacilo = sisplet_query("INSERT INTO user_access_placilo + (narocilo_id, note, time, price, payment_method) + VALUES + ('".$narocilo_id."', '".$note."', '".$time."', '".$price."', '".$payment_method."') + "); + if (!$sqlPlacilo) + echo mysqli_error($GLOBALS['connect_db']); + } + else{ + echo 'Napaka! Cana za plačilo ne sme biti 0.'; + } + + // Na novo izrisemo tabelo z narocili + $this->displayPlacila(); + } + + // Brisemo narocilo + if($_GET['a'] == 'deletePlacilo') { + + if($placilo_id > 0){ + $sqlPlacilo = sisplet_query("DELETE FROM user_access_placilo WHERE id='".$placilo_id."'"); + } + + // Na novo izrisemo tabelo z narocili + $this->displayPlacila(); + } + + // Storniramo narocilo + if($_GET['a'] == 'stornirajPlacilo') { + + if($placilo_id > 0){ + + // Nastavimo se status narocila na storniran + $sqlPlacilo = sisplet_query("SELECT p.*, n.usr_id + FROM user_access_placilo p, user_access_narocilo n + WHERE p.id='".$placilo_id."' AND p.narocilo_id=n.id + "); + if(mysqli_num_rows($sqlPlacilo) > 0){ + $rowPlacilo = mysqli_fetch_array($sqlPlacilo); + + // Nastavimo status originalnega placila na stornirano + $sqlPlaciloStatus = sisplet_query("UPDATE user_access_placilo SET canceled='1' WHERE id='".$placilo_id."'"); + + // Nastavimo status narocila na stornirano + $sqlNarociloStatus = sisplet_query("UPDATE user_access_narocilo SET status='2' WHERE id='".$rowPlacilo['narocilo_id']."'"); + + // Negativni znesek + $znesek = number_format((-1) * $rowPlacilo['price'], 2, '.', ''); + + // Ustvarimo kopijo placila z negativnim zneskom + $sqlStorniranoPlacilo = sisplet_query("INSERT INTO user_access_placilo + (narocilo_id, note, time, price, payment_method, canceled) + VALUES + ('".$rowPlacilo['narocilo_id']."', '".$rowPlacilo['note']."', NOW(), '".$znesek."', '".$rowPlacilo['payment_method']."', '1') + "); + + // Stranki deaktiviramo paket + $sqlNarociloStatus = sisplet_query("UPDATE user_access SET package_id='1' WHERE usr_id='".$rowPlacilo['usr_id']."'"); + } + } + + // Na novo izrisemo tabelo s placili + $this->displayPlacila(); + } + } +} \ No newline at end of file diff --git a/frontend/payments/getPdf.php b/frontend/payments/getPdf.php new file mode 100644 index 0000000..df2aa5d --- /dev/null +++ b/frontend/payments/getPdf.php @@ -0,0 +1,35 @@ + diff --git a/frontend/simple/ajax.php b/frontend/simple/ajax.php new file mode 100644 index 0000000..7873b3a --- /dev/null +++ b/frontend/simple/ajax.php @@ -0,0 +1,19 @@ + \ No newline at end of file diff --git a/frontend/simple/classes/DisplayController.php b/frontend/simple/classes/DisplayController.php new file mode 100644 index 0000000..6b4d1bc --- /dev/null +++ b/frontend/simple/classes/DisplayController.php @@ -0,0 +1,967 @@ + 0){ + header ('location: '.$site_url.'admin/survey/index.php'); + die(); + } + + if(isset($_GET['a'])) + $this->stran = $_GET['a']; + + if(isset($_GET['b'])) + $this->podstran = $_GET['b']; + + + // Nastavimo jezik + if(isset($_GET['lang_id'])) + $this->lang_id = $_GET['lang_id']; + elseif(isset($_SESSION['lang_id'])) + $this->lang_id = $_SESSION['lang_id']; + + $_SESSION['langX'] = $site_url .'lang/'.$this->lang_id.'.php'; + $_SESSION['lang_id'] = $this->lang_id; + + $file = '../../lang/'.$this->lang_id.'.php'; + include($file); + } + + + public function displayHead(){ + global $site_url; + global $app_settings; + global $lang; + + echo ' '; + echo ' '; + + echo ' '; + + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + + // Custom header title + if(isset($app_settings['head_title_custom']) && $app_settings['head_title_custom'] == 1){ + echo ''.$app_settings['head_title_text'].'' . "\n"; + } + // Default header title + else{ + echo ''.$lang['1ka_surveys'].'' . "\n"; + } + + echo ' '; + echo ' '; + echo ' '; + + echo ' '; + echo ' '; + echo ' '; + echo ' '; + + echo ' '; + echo ' '; + + echo ' '; + echo ' '; + } + + + // Izris zgornje vrstice z logotipom in menijem + public function displayHeader(){ + global $site_url; + global $lang; + global $google_login_client_id; + global $aai_instalacija; + + + // Logo v glavi + echo ''; + + + // Navigacija + echo ''; + } + + // Izris vsebine + public function displayMain(){ + global $virtual_domain; + + switch($this->stran){ + + /*case 'login': + $this->displayLoginPage(); + break;*/ + + /*case 'login_noEmail': + $this->displayLoginNoEmailPage(); + break;*/ + + case 'login_2fa': + $this->displayLogin2faPage(); + break; + + /*case 'register': + if(!$virtual_domain) + $this->displayRegisterPage(); + else + $this->displayFrontPage(); + break;*/ + + case 'register_confirm': + if(!$virtual_domain) + $this->displayRegisterPageConfirm(); + else + $this->displayFrontPage(); + break; + + case 'register_email': + if(!$virtual_domain) + $this->displayRegisterPageEmail(); + else + $this->displayFrontPage(); + break; + + case 'unregister': + if(!$virtual_domain) + $this->displayUnregisterPage(); + else + $this->displayFrontPage(); + break; + + case 'unregister_confirm': + if(!$virtual_domain) + $this->displayUnregisterPageConfirm(); + else + $this->displayFrontPage(); + break; + + case 'reset_password': + $this->displayResetPasswordPage(); + break; + + case 'reset_password_activate': + $this->displayResetPasswordPageActivate(); + break; + + case 'gdpr': + $this->displayGDPRPage(); + break; + + default: + $this->displayFrontPage(); + break; + } + } + + + + // Izris footerja + public function displayFooter(){ + global $virtual_domain; + global $lang; + global $app_settings; + global $aai_instalacija; + + + // Stolpec 1 + echo '
'; + echo '

'.$lang['simple_footer_about'].'

'; + echo ' '.$lang['simple_footer_about_1ka'].''; + if($aai_instalacija) + echo ' '.$lang['simple_footer_about_faq'].''; + echo ' '.$lang['simple_footer_about_general'].''; + echo ' '.$lang['simple_footer_about_privacy'].''; + echo ' '.$lang['simple_footer_about_cookies'].''; + echo ' '.$lang['simple_footer_about_antispam'].''; + echo ' '; + echo '
'; + + + // Stolpec 2 + echo '
'; + echo '

'.$lang['simple_footer_company'].'

'; + echo ' '.$app_settings['owner'].''; + echo ' '.$app_settings['admin_email'].''; + echo ' '.$app_settings['owner_website'].''; + echo '
'; + + + // Stolpec 3 - logotipi + echo '
'; + + // Logotipa FDV in CDI - samo pri virtualkah + if($virtual_domain || $aai_instalacija){ + echo '
'; + echo ' '; + echo ' '; + echo '
'; + } + + echo '
'; + } + + + // Izris prve strani + private function displayFrontPage(){ + global $aai_instalacija; + + // AAI + if($aai_instalacija) + $this->displayFrontPageFormAAI(); + else + $this->displayFrontPageForm(); + } + + // Izris okna na prvi strani + private function displayFrontPageForm(){ + global $lang; + global $site_url; + global $app_settings; + global $virtual_domain; + + + echo '
'.$app_settings['app_name'].'
'; + + + // WHITE BOX FOR LOGIN / REGISTRATION + echo '
'; + + // Tabs - samo pri lastni instalaciji, pri virtualkah nimamo registracije + if($virtual_domain){ + echo '
'; + echo '
'.$lang['login_short'].'
'; + echo '
'; + } + else{ + echo '
'; + echo '
'.$lang['login_short'].'
'; + echo '
'.$lang['nu_register'].'
'; + echo '
'; + } + + // SKB ima blokirano prijavo za vse ipje razen svojega + $ip = $_SERVER['REMOTE_ADDR']; + if(isset($app_settings['admin_allow_only_ip']) + && $app_settings['admin_allow_only_ip'] != '' + && !empty($app_settings['admin_allow_only_ip']) + && !in_array($ip, $app_settings['admin_allow_only_ip']) + ){ + echo '
Prijava v aplikacijo iz obstoječega IP naslova ('.$ip.') ni mogoča!
'; + } + else{ + // LOGIN + echo '
'; + $this->displayFrontPageLogin(); + echo '
'; + + // REGISTRATION + echo '
'; + $this->displayFrontPageRegistration(); + echo '
'; + } + + echo '
'; + + + // APP SUBTITLE + echo '
'; + if($virtual_domain) + echo $lang['app_virtual_domain']; + else + echo $lang['app_installation']; + echo '
'; + } + + // Izris okna na prvi strani - AAI + private function displayFrontPageFormAAI(){ + global $lang; + global $site_url; + global $app_settings; + + + // WHITE BOX FOR LOGIN / REGISTRATION + echo '
'; + + // APP TITLE - aai + echo '
'.$app_settings['app_name'].'
'; + + // AAI logo + //echo ''; + + // AAI text + echo '
'; + echo '
'.$lang['app_aai_installation_text'].'
'; + echo '
'; + + // AAI login/register + echo ' '; + + echo '
'; + + + // APP SUBTITLE + /*echo '
'; + echo $lang['app_aai_installation']; + echo '
';*/ + } + + // Izris okna za login na prvi strani + private function displayFrontPageLogin(){ + global $lang; + global $site_url; + + if(isset($_GET['a']) && $_GET['a'] == 'register'){ + $email = ''; + $error = ''; + } + else{ + $email = (isset($_GET['email'])) ? $_GET['email'] : ''; + + $error = ''; + if(isset($_GET['a']) && $_GET['a'] == 'login_noEmail'){ + $error = 'email'; + } + elseif(isset($_GET['error']) && $_GET['error'] == 'password'){ + $error = 'password'; + } + } + + + // Forma za vpis + echo '
'; + + // Email + echo ' '; + echo ' '; + + // Password + echo ' '; + echo ' '; + + // Error text + if($error != ''){ + echo '
'; + + if($error == 'email' && $email == '') + echo $lang['cms_error_missing_email']; + elseif($error == 'email') + echo $lang['cms_error_wrong_email']; + elseif($error == 'password') + echo $lang['cms_error_password']; + + echo '
'; + } + + // Lost pass + echo '
'.$lang['forgot_password'].'
'; + + // Submit + echo ' '; + + echo '
'; + } + + // Izris okna za registracijo na prvi strani + private function displayFrontPageRegistration(){ + global $lang; + global $site_url; + global $secret_captcha; + global $recaptcha_sitekey; + + if(!isset($_GET['a']) || $_GET['a'] != 'register'){ + $email = ''; + $ime = ''; + $error = array(); + } + else{ + $email = (isset($_GET['email'])) ? $_GET['email'] : ''; + $ime = (isset($_GET['ime'])) ? $_GET['ime'] : ''; + + if(isset($_GET['invalid_email']) && $_GET['invalid_email'] == '1'){ + $error['email'] = '1'; + } + if(isset($_GET['existing_email']) && $_GET['existing_email'] == '1'){ + $error['email'] = '1'; + } + if(isset($_GET['missing_ime']) && $_GET['missing_ime'] == '1'){ + $error['ime'] = '1'; + } + if(isset($_GET['pass_complex']) && $_GET['pass_complex'] == '1'){ + $error['password'] = '1'; + } + if(isset($_GET['pass_mismatch']) && $_GET['pass_mismatch'] == '1'){ + $error['password'] = '1'; + } + if(isset($_GET['missing_agree']) && $_GET['missing_agree'] == '1'){ + $error['agree'] = '1'; + } + } + + + echo '
'; + + echo ' '.$lang['cms_register_user_text'].''; + + // Email + echo ' '; + echo ' '; + + // Ime + echo ' '; + echo ' '; + + // RECAPTCHA + if($secret_captcha != '' && $recaptcha_sitekey != '') + echo '
'; + + // Geslo + echo ' '; + echo ' '; + + // Geslo2 + echo ' '; + echo ' '; + + // Strinjam se s pogoji + //echo ' '; + $terms_url = ($lang['id'] == '1') ? 'https://www.1ka.si/d/sl/o-1ka/pogoji-uporabe-storitve-1ka' : 'https://www.1ka.si/d/en/about/terms-of-use'; + echo '
'; + echo '
'; + + // Error text + if(!empty($error)){ + echo '
'; + + foreach($error as $error_key => $error_type){ + + if($error_key == 'email' && $email == '') + echo $lang['cms_error_missing_email'].'
'; + elseif($error_key == 'email' && $_GET['existing_email'] == '1') + echo $lang['srv_added_false'].'
'; + elseif($error_key == 'email') + echo $lang['cms_error_wrong_email'].'
'; + + if($error_key == 'ime') + echo $lang['cms_error_user_field_empty'].'
'; + + if($error_key == 'password' && $_GET['pass_complex'] == '1') + echo $lang['password_err_complex'].'
'; + + if($error_key == 'password' && $_GET['pass_mismatch'] == '1') + echo $lang['ent_pass_doesnt_match'].'
'; + + if($error_key == 'agree') + echo $lang['MustAgree'].'
'; + } + + echo '
'; + } + + // Submit + echo ' '; + + echo '
'; + } + + + // Izris strani za prijavo + private function displayLoginPage(){ + global $lang; + global $site_url; + + echo '
'; + + // Prijava + echo '

'.$lang['login_for_existing2'].'

'; + echo '
'; + + // Ce je email v getu pomeni da se je zmotil pri passwordu + if(isset($_GET['email']) && $_GET['email'] != ''){ + + $email = $_GET['email']; + echo $lang['hello'].' '.$email.''; + + echo '

'; + + // Warning za napacno geslo + echo '

'.$lang['wrong_password2'].'

'; + } + else{ + echo '
'; + echo ' '; + echo '
'; + } + + // Geslo + echo '
'; + echo ' '; + echo '
'; + + // Pozabljeno geslo + echo '
'; + echo ' '.$lang['forgot_password'].''; + echo '
'; + + // Zapomni si me + echo '
'; + echo ' '; + echo '
'; + + echo ' '; + echo ' '.str_replace('#URL#', $site_url.$this->root.'index.php?a=register', $lang['cms_login_registration_link']).''; + + echo '
'; + + echo '
'; + } + + // Izris strani za prijavo + private function displayLogin2faPage(){ + global $lang; + global $site_url; + + + + echo '
'; + + // Prijava + echo ' '; + + echo '
'; + } + + // Izris strani z opozorilom da mail za login ne obstaja + private function displayLoginNoEmailPage(){ + global $lang; + global $site_url; + + $email = (isset($_GET['email'])) ? $_GET['email'] : ''; + + echo '
'; + echo '

'.$lang['error'].'

'; + echo '

'.$lang['e_login_invalid'].'

'; + echo '

'.$email.'

'; + + echo ' '; + echo ' '; + echo '
'; + } + + + // Izris strani za registracijo + private function displayRegisterPage(){ + global $lang; + global $site_url; + global $secret_captcha; + global $recaptcha_sitekey; + + // Pogledamo ce imamo kaksen error v GET-u + $error = false; + if(isset($_GET['missing_email']) || isset($_GET['invalid_email']) || isset($_GET['existing_email']) + || isset($_GET['missing_ime']) || isset($_GET['existing_ime']) + || isset($_GET['pass_mismatch']) + || isset($_GET['pass_complex']) + || isset($_GET['invalid_recaptcha']) + || isset($_GET['missing_agree'])){ + + $error = true; + } + + // Pogledamo ce imamo poslane podatke preko GET-a + $email = (isset($_GET['email'])) ? $_GET['email'] : ''; + $ime = (isset($_GET['ime'])) ? $_GET['ime'] : ''; + + + echo '
'; + + if($error) + echo '

'.$lang['e_nu_could_not'].'

'; + else + echo '

'.$lang['register_new_user'].'

'; + + echo ' '.$lang['cms_register_user_text'].''; + + echo '
'; + + // Email + echo '
'; + echo '
'; + + // Ime + echo '
'; + echo '
'; + + // RECAPTCHA + if($secret_captcha != '' && $recaptcha_sitekey != '') + echo '
'; + + // Geslo + echo '
'; + echo ' '; + echo '
'; + + // Geslo 2 + echo '
'; + echo ' '; + echo '
'; + + if(isset($_GET['pass_complex'])) + echo ' '.$lang['password_err_complex'].'

'; + + // Strinjam se s pogoji + //echo ' '; + $terms_url = ($lang['id'] == '1') ? 'https://www.1ka.si/d/sl/o-1ka/pogoji-uporabe-storitve-1ka' : 'https://www.1ka.si/d/en/about/terms-of-use'; + echo '
'; + echo '
'; + + // Strinjam se s posiljanjem mailov (gdpr) + /*echo '
'; + echo ' '; + echo '

'.$lang['more2'].' >>
'; + echo '
'.$lang['cms_register_gdpr_agree_explain'].'
'; + echo '
';*/ + + echo ' '; + echo ' '; + + echo '
'; + + echo '
'; + } + + // Izris strani za registracijo - po vnosu podatkov + private function displayRegisterPageConfirm(){ + global $lang; + global $site_url; + + $email = (isset($_POST['email'])) ? $_POST['email'] : ''; + $ime = (isset($_POST['ime'])) ? $_POST['ime'] : ''; + $geslo = (isset($_POST['geslo'])) ? $_POST['geslo'] : ''; + $gdpr_agree = (isset($_POST['gdpr-agree'])) ? $_POST['gdpr-agree'] : '0'; + + echo '
'; + + echo '

'.$lang['register_new_user'].'

'; + + echo '
'.$lang['check_login_data'].'
'; + + + echo '
'; + + // Hidden polja potrebna za registracijo + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + echo ' '; + + // Url za nazaj na urejanje vnesenih podatkov + $url_edit = $site_url.$this->root.'index.php?a=register&email='.$email.'&ime='.$ime; + + // Email + echo '

'; + echo ' '.$email.'

'; + // Ime + echo '

'; + echo ' '.$ime.'

'; + // Geslo + echo '

'; + echo ' '.($geslo == '' ? $lang['no1'] : $lang['yes']).'

'; + + echo '

'; + + echo '
'; + + echo '
'; + } + + // Izris strani za registracijo - po poslanem potrditvenem mailu + private function displayRegisterPageEmail(){ + global $lang; + global $site_url; + global $site_url; + global $confirm_registration; + + // Ce nimamo poslanega emaila preusmerimo nazaj na prvo stran registracije + if(empty($_GET['e'])){ + header ('location: '.$site_url.$this->root.'index.php?a=register'); + die(); + } + else{ + $email = base64_decode(urldecode($_GET['e'])); + } + + echo '
'; + + echo '

'.$lang['user_confirm_h'].'

'; + + // Ce iammo vklopljeno potrjevanje s strani admina je text drugacen + if (isset($confirm_registration) && $confirm_registration == 1) + echo '

'.str_replace("SFMAIL", $email, $lang['user_confirm_p_admin']).'

'; + else + echo '

'.str_replace("SFMAIL", $email, $lang['user_confirm_p']).'

'; + + // Gumb nazaj na naslovnico + echo '
'; + echo ' '; + + echo '
'; + } + + + // Izris strani za odregistracijo + private function displayUnregisterPage(){ + global $lang; + global $site_url; + + if (isset($_GET['email'])){ + $email = strtolower($_GET['email']); + } + else{ + header ('location: '.$site_url.$this->root.'index.php'); + die(); + } + + echo '
'; + + echo '

'.$lang['unregister_confirm'].'

'; + echo '

'; + echo ' '.$lang['no1'].'        '; + //echo ' '.$lang['yes'].''; + echo ' '.$lang['yes'].''; + + echo "


"; + $result = sisplet_query ("SELECT trim(value) from misc where what='UnregisterEmbed' AND length(value)>3"); + if (mysqli_num_rows ($result) > 0) { + $r = mysqli_fetch_row($result); + echo stripslashes($r[0]); + } + + echo '
'; + } + + // Izris strani po potrditvi odregistracije + private function displayUnregisterPageConfirm(){ + global $lang; + global $site_url; + + echo '
'; + + echo '

'.$lang['unregister_ok'].'

'; + echo '

'.$lang['unregister_ok_text'].'

'; + echo '

'.$lang['e_back_to_fp'].'

'; + + echo '
'; + } + + + // Izris strani za reset gesla + private function displayResetPasswordPage(){ + global $lang; + global $site_url; + + if (isset($_GET['email'])){ + $email = strtolower($_GET['email']); + } + else{ + header ('location: '.$site_url.$this->root.'index.php'); + die(); + } + + echo '
'; + + echo '

'.$lang['forgotten_password'].'

'; + + echo '

'.$lang['lp_sent'].' '.$email.'.

'; + echo '

'; + + echo '
'; + } + + // Izris strani po aktivaciji resetiranega gesla + private function displayResetPasswordPageActivate(){ + global $lang; + global $site_url; + + + // Izpisemo da smo uspesno aktivirali novo geslo + if(isset($_GET['success']) && $_GET['success'] == '1'){ + + echo '
'; + + echo '

'.$lang['forgotten_password'].'

'; + + echo '

'.$lang['lp_activate_activation'].' '.$lang['has_been_successful'].'

'; + echo '

'.$lang['you_can_change_pass_anytime'].'

'; + echo '

'.$lang['to_front'].'

'; + + echo '
'; + } + // Ce so vneseni napacni podatki za aktivacijo + elseif(isset($_GET['error']) && $_GET['error'] == '1'){ + + echo '
'; + + echo '

'.$lang['forgotten_password'].'

'; + + echo '

' .$lang['lp_activate_error'] .'

'; + + echo '
'; + echo ' '; + + echo '
'; + echo '
'; + echo '
'; + + echo '
'; + echo '
'; + echo '
'; + + echo ' '; + echo '
'; + + echo '
'; + } + // Drugace izpisemo formo za vnos vseh podatkov (novo geslo, email) + else{ + if (isset($_GET['code']) && $_GET['code'] != ""){ + $code = $_GET['code']; + + echo '
'; + + echo '

'.$lang['forgotten_password'].'

'; + + echo '

'.$lang['lp_activate_p'].'

'; + + echo '
'; + echo ' '; + + echo '
'; + echo '
'; + echo '
'; + + echo '
'; + echo '
'; + echo '
'; + + echo '
'; + + echo ' '; + echo '
'; + + echo '
'; + } + else{ + echo '
'; + echo '

'.$lang['forgotten_password'].'

'; + echo '

'.$lang['srv_wrongcode'].'

'; + echo '
'; + } + } + } + + + // Izris strani za prosnjo za izbris (GDPR) + private function displayGDPRPage(){ + global $lang; + global $site_url; + + // Ce imamo kaksen error + $error = array(); + + echo '
'; + + GDPR::displayGDPRRequestForm(); + + echo '
'; + } +} \ No newline at end of file diff --git a/frontend/simple/css/style.css b/frontend/simple/css/style.css new file mode 100644 index 0000000..2c794b7 --- /dev/null +++ b/frontend/simple/css/style.css @@ -0,0 +1,912 @@ +/* + Created on : 28.3.2020 + Author : Peter Hrvatin +*/ +/* BARVE */ +/* FONTI */ +@import url("https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,600,700&subset=latin-ext"); +.thin { + font-weight: 300; +} + +.semibold { + font-weight: 600; +} + +.bold { + font-weight: 700; +} + +.italic { + font-style: italic; +} + +.underline { + text-decoration: underline; +} + +/* OSNOVNA STRUKTURA STRANI */ +body { + margin: 0; + padding: 0; + font-family: "Montserrat", sans-serif; + color: #535050; +} +body #content { + display: flex; + flex-direction: column; + justify-content: space-between; +} + +h1 { + margin: 20px 0 30px 0; + font-weight: 600; + font-size: 26px; +} + +p { + font-size: 16px; + line-height: 160%; +} + +a { + color: #1e88e5; + text-decoration: none; +} +a:hover { + color: #4ca0ea; +} + +.red { + color: red; +} + +.spaceLeft { + margin-left: 20px; +} + +input[type=submit], +button, +input[type=button], +.button { + cursor: pointer; + width: 170px; + padding: 16px; + font-size: 16px; + line-height: 17px; + text-align: center; + text-transform: uppercase; + color: white; + background-color: #1e88e5; + border: 0; + outline: 0; + transition: 0.2s; +} +input[type=submit]:hover, +button:hover, +input[type=button]:hover, +.button:hover { + background-color: #4ca0ea; +} + +input[type=text], +input[type=password], +input[type=email] { + box-sizing: border-box; + height: 55px; + padding: 8px 18px; + font-size: 17px; + color: #333; + background-color: white; + border: 1px solid #cccccc; +} +input[type=text].red, +input[type=password].red, +input[type=email].red { + border-color: red; +} + +textarea { + box-sizing: border-box; + padding: 8px 12px; + font-size: 15px; + color: #333; + background-color: white; + border: 1px solid #cccccc; +} + +header { + display: flex; + justify-content: space-between; + align-items: center; + height: 80px; + box-sizing: border-box; + padding: 0 20px; +} +header .logo { + height: 60px; +} +header .logo a img { + max-width: 300px; + max-height: 60px; + height: 60px; +} +header nav { + display: flex; + align-self: flex-end; + font-size: 17px; + text-transform: uppercase; + font-weight: 600; +} +header nav span.menu_item { + margin-left: 40px; + border-bottom: 3px transparent solid; +} +header nav span.menu_item a { + color: #333; + text-decoration: none; + line-height: 30px; + transition: 0.2s; +} +header nav span.menu_item a:hover { + color: #1e88e5; +} +header nav span.menu_item.active { + border-bottom: 3px #1e88e5 solid; +} + +#main { + background-color: #f7f7f7; +} +#main .main_content { + max-width: 1400px; + margin: 0 auto; + padding: 30px 20px 60px 20px; +} + +footer .footer_content { + display: flex; + justify-content: space-between; + max-width: 1400px; + margin: 0 auto; + padding: 70px 20px; +} +footer .footer_content .col { + display: flex; + flex-direction: column; + box-sizing: border-box; + width: 33%; +} +footer .footer_content .col span, footer .footer_content .col div.follow { + padding: 8px 0; + color: #333; + font-weight: 300; +} +footer .footer_content .col span.follow, footer .footer_content .col div.follow.follow { + display: flex; + align-items: center; +} +footer .footer_content .col span a, footer .footer_content .col div.follow a { + color: #333; +} +footer .footer_content .col span a:hover, footer .footer_content .col div.follow a:hover { + color: #1e88e5; +} +footer .footer_content .col span a:hover .icon.twitter, footer .footer_content .col div.follow a:hover .icon.twitter { + background-image: url("../../../public/img/social/twitter_blue.svg"); +} +footer .footer_content .col span a:hover .icon.fb, footer .footer_content .col div.follow a:hover .icon.fb { + background-image: url("../../../public/img/social/fb_blue.svg"); +} +footer .footer_content .col span a .icon, footer .footer_content .col div.follow a .icon { + display: inline-block; + width: 24px; + height: 24px; + padding: 0; + margin-left: 10px; + background-size: 24px 24px; +} +footer .footer_content .col span a .icon.twitter, footer .footer_content .col div.follow a .icon.twitter { + background-image: url("../../../public/img/social/twitter.svg"); +} +footer .footer_content .col span a .icon.fb, footer .footer_content .col div.follow a .icon.fb { + background-image: url("../../../public/img/social/fb.svg"); +} +footer .footer_content .col .logo_holder { + display: flex; + flex-direction: column; + margin: 20px 0; +} +footer .footer_content .col .logo_holder img { + max-width: 200px; + max-height: 80px; + margin-bottom: 40px; +} + +body.landing_page #main, +body.register #main, +body.login #main, +body.login_noEmail #main { + height: auto; + min-height: 940px; + background-image: url("../img/landing_page_image.jpg"); + background-position: top; +} +body.landing_page #main .app_title, +body.register #main .app_title, +body.login #main .app_title, +body.login_noEmail #main .app_title { + width: 600px; + margin: 50px auto; + text-align: center; + color: white; + font-size: 40px; + font-weight: 700; + text-transform: uppercase; +} +body.landing_page #main .app_subtitle, +body.register #main .app_subtitle, +body.login #main .app_subtitle, +body.login_noEmail #main .app_subtitle { + width: 600px; + margin: 30px auto; + text-align: center; + color: white; + font-size: 22px; + font-weight: 600; + text-shadow: 2px 2px 2px #333; +} +body.landing_page #main .landing_page_window, +body.register #main .landing_page_window, +body.login #main .landing_page_window, +body.login_noEmail #main .landing_page_window { + z-index: 999; + width: 600px; + margin: 20px auto; + background-color: white; +} +body.landing_page #main .landing_page_window .tabs, +body.register #main .landing_page_window .tabs, +body.login #main .landing_page_window .tabs, +body.login_noEmail #main .landing_page_window .tabs { + display: flex; + width: 100%; +} +body.landing_page #main .landing_page_window .tabs .tab, +body.register #main .landing_page_window .tabs .tab, +body.login #main .landing_page_window .tabs .tab, +body.login_noEmail #main .landing_page_window .tabs .tab { + cursor: pointer; + width: 50%; + box-sizing: border-box; + padding: 20px 0; + font-size: 18px; + text-align: center; + text-transform: uppercase; + color: #333; + background-color: #e6e6e6; + transition: 0.2s; +} +body.landing_page #main .landing_page_window .tabs .tab:hover, +body.register #main .landing_page_window .tabs .tab:hover, +body.login #main .landing_page_window .tabs .tab:hover, +body.login_noEmail #main .landing_page_window .tabs .tab:hover { + background-color: #d9d9d9; +} +body.landing_page #main .landing_page_window .tabs .tab.active, +body.register #main .landing_page_window .tabs .tab.active, +body.login #main .landing_page_window .tabs .tab.active, +body.login_noEmail #main .landing_page_window .tabs .tab.active { + background-color: white; +} +body.landing_page #main .landing_page_window .tabs .tab.active:hover, +body.register #main .landing_page_window .tabs .tab.active:hover, +body.login #main .landing_page_window .tabs .tab.active:hover, +body.login_noEmail #main .landing_page_window .tabs .tab.active:hover { + background-color: white; +} +body.landing_page #main .landing_page_window .tabs .tab.full_width, +body.register #main .landing_page_window .tabs .tab.full_width, +body.login #main .landing_page_window .tabs .tab.full_width, +body.login_noEmail #main .landing_page_window .tabs .tab.full_width { + cursor: default; + width: 100%; + background-color: white; +} +body.landing_page #main .landing_page_window .tabs .tab.full_width:hover, +body.register #main .landing_page_window .tabs .tab.full_width:hover, +body.login #main .landing_page_window .tabs .tab.full_width:hover, +body.login_noEmail #main .landing_page_window .tabs .tab.full_width:hover { + background-color: white; +} +body.landing_page #main .landing_page_window #login_holder, +body.register #main .landing_page_window #login_holder, +body.login #main .landing_page_window #login_holder, +body.login_noEmail #main .landing_page_window #login_holder { + display: none; +} +body.landing_page #main .landing_page_window #login_holder.active, +body.register #main .landing_page_window #login_holder.active, +body.login #main .landing_page_window #login_holder.active, +body.login_noEmail #main .landing_page_window #login_holder.active { + display: block; +} +body.landing_page #main .landing_page_window #login_holder .login_form, +body.register #main .landing_page_window #login_holder .login_form, +body.login #main .landing_page_window #login_holder .login_form, +body.login_noEmail #main .landing_page_window #login_holder .login_form { + display: flex; + flex-direction: column; + position: relative; + padding: 20px; +} +body.landing_page #main .landing_page_window #login_holder .login_form .lostpass, +body.register #main .landing_page_window #login_holder .login_form .lostpass, +body.login #main .landing_page_window #login_holder .login_form .lostpass, +body.login_noEmail #main .landing_page_window #login_holder .login_form .lostpass { + position: absolute; + bottom: 20px; + left: 20px; +} +body.landing_page #main .landing_page_window #login_holder .login_form .lostpass a, +body.register #main .landing_page_window #login_holder .login_form .lostpass a, +body.login #main .landing_page_window #login_holder .login_form .lostpass a, +body.login_noEmail #main .landing_page_window #login_holder .login_form .lostpass a { + color: #1e88e5; + font-weight: 600; + text-decoration: none; +} +body.landing_page #main .landing_page_window #login_holder .login_form .lostpass a:hover, +body.register #main .landing_page_window #login_holder .login_form .lostpass a:hover, +body.login #main .landing_page_window #login_holder .login_form .lostpass a:hover, +body.login_noEmail #main .landing_page_window #login_holder .login_form .lostpass a:hover { + color: #4ca0ea; +} +body.landing_page #main .landing_page_window #registration_holder, +body.register #main .landing_page_window #registration_holder, +body.login #main .landing_page_window #registration_holder, +body.login_noEmail #main .landing_page_window #registration_holder { + display: none; +} +body.landing_page #main .landing_page_window #registration_holder.active, +body.register #main .landing_page_window #registration_holder.active, +body.login #main .landing_page_window #registration_holder.active, +body.login_noEmail #main .landing_page_window #registration_holder.active { + display: block; +} +body.landing_page #main .landing_page_window #registration_holder .register_form, +body.register #main .landing_page_window #registration_holder .register_form, +body.login #main .landing_page_window #registration_holder .register_form, +body.login_noEmail #main .landing_page_window #registration_holder .register_form { + display: flex; + flex-direction: column; + padding: 20px; +} +body.landing_page #main .landing_page_window input[type=submit], +body.register #main .landing_page_window input[type=submit], +body.login #main .landing_page_window input[type=submit], +body.login_noEmail #main .landing_page_window input[type=submit] { + align-self: flex-end; + margin-top: 30px; +} +body.landing_page #main .landing_page_window label, +body.register #main .landing_page_window label, +body.login #main .landing_page_window label, +body.login_noEmail #main .landing_page_window label { + margin: 15px 0 5px 0; + font-size: 17px; + font-weight: 600; +} +body.landing_page #main .landing_page_window .subtitle, +body.register #main .landing_page_window .subtitle, +body.login #main .landing_page_window .subtitle, +body.login_noEmail #main .landing_page_window .subtitle { + padding: 15px 0; +} +body.landing_page #main .landing_page_window .agreement, +body.register #main .landing_page_window .agreement, +body.login #main .landing_page_window .agreement, +body.login_noEmail #main .landing_page_window .agreement { + cursor: pointer; + display: flex; + align-items: baseline; + margin: 15px 0 5px 0; +} +body.landing_page #main .landing_page_window .agreement input, +body.register #main .landing_page_window .agreement input, +body.login #main .landing_page_window .agreement input, +body.login_noEmail #main .landing_page_window .agreement input { + margin-right: 10px; +} +body.landing_page #main .landing_page_window .checkbox_text_holder, +body.register #main .landing_page_window .checkbox_text_holder, +body.login #main .landing_page_window .checkbox_text_holder, +body.login_noEmail #main .landing_page_window .checkbox_text_holder { + cursor: pointer; +} +body.landing_page #main .landing_page_window .checkbox_text_holder strong, +body.register #main .landing_page_window .checkbox_text_holder strong, +body.login #main .landing_page_window .checkbox_text_holder strong, +body.login_noEmail #main .landing_page_window .checkbox_text_holder strong { + font-weight: 600; +} +body.landing_page #main .landing_page_window .error_holder, +body.register #main .landing_page_window .error_holder, +body.login #main .landing_page_window .error_holder, +body.login_noEmail #main .landing_page_window .error_holder { + display: block; + box-sizing: border-box; + margin-top: 30px; + padding: 10px; + font-size: 16px; + line-height: 24px; + background-color: #ffdede; +} +body.landing_page #main .landing_page_window .g-recaptcha, +body.register #main .landing_page_window .g-recaptcha, +body.login #main .landing_page_window .g-recaptcha, +body.login_noEmail #main .landing_page_window .g-recaptcha { + width: 304px; + margin-top: 20px; +} + +/*body.register{ + + #registration_holder{ + display: block !important; + } + + #login_holder{ + display: none !important; + } +}*/ +/************GDPR OBRAZEC***************/ +body.gdpr { + line-height: 26px; +} +body.gdpr div.form_row { + clear: both; + display: block; + padding: 8px 0 8px 10px; + vertical-align: center; +} +body.gdpr p.red { + color: red; +} +body.gdpr input[type=text] { + width: 320px; +} +body.gdpr label { + cursor: pointer; +} +body.gdpr textarea { + width: 500px; + height: 100px; + margin-left: 10px; +} +body.gdpr textarea.red { + border: 1px red solid; +} +body.gdpr div.label { + display: inline-block; + width: 150px; +} + +/******************************/ +/************REGISTRACIJSKI OBRAZEC***************/ +body.register .register_holder .subtitle { + padding: 0; + margin: 0; + line-height: 20px; + font-size: 18px; +} +body.register .register_holder p { + font-size: 16px; + color: #333; + margin: 10px 0; +} +body.register .register_holder .right p { + margin-bottom: 20px; + color: #333; +} +body.register .register_holder ul { + list-style-type: disc; + font-size: 16px; + color: #333; +} +body.register .register_holder ul li { + list-style-type: disc; + margin-left: 30px; + padding-left: 5px; + font-size: 16px; + color: #333; +} +body.register .register_holder p span.label.edit { + float: left; + width: 100px; + margin-left: 20px; +} +body.register .register_holder div.form_row { + clear: both; + display: block; + padding: 8px 0 8px 10px; + margin: 15px 0 5px 0; + vertical-align: center; +} +body.register .register_holder div.form_row.red label, +body.register .register_holder div.form_row.red input { + color: red; +} +body.register .register_holder div.form_row.red input { + border-color: red; +} +body.register .register_holder .form_row span.label { + clear: left; + float: left; + margin: 0; + width: 160px; + color: #333; + font-weight: 600; + line-height: 50px; +} +body.register .register_holder input[type=text], +body.register .register_holder input[type=password] { + padding: 6px 15px; + width: 300px; + color: #333; + font-size: 14px; + border: 1px #e6e6e6 solid; +} +body.register .register_holder .form_row.agreement label { + font-weight: 500; + /*font-size: 14px;*/ + color: #333; +} +body.register .register_holder .form_row.agreement span.red { + font-weight: 400; + line-height: 30px; +} +body.register .register_holder input[type=checkbox] { + float: left; + margin-top: 2px; +} +body.register .register_holder .checkbox_text_holder { + margin-left: 30px; +} +body.register .register_holder .checkbox_explain_text_holder { + display: none; + margin: 15px 0 0 20px; +} +body.register .register_holder input[type=submit] { + margin-top: 30px; +} +body.register .register_holder .confirm_text { + margin-bottom: 20px; + font-size: 16px; + color: #333; +} +body.register .register_holder .g-recaptcha { + float: left; + margin: 15px 10px 20px; +} +body.register .register_holder label { + cursor: pointer; +} +body.register .register_holder .red.italic { + padding-left: 10px; +} +body.register .register_holder .agreement .red.italic { + padding-left: 0px; +} + +/******************************/ +/************LOGIN OBRAZEC***************/ +body.login .main_content .login_holder p { + font-size: 16px; + color: #333; +} +body.login .main_content .form_row span.label { + clear: left; + float: left; + margin: 0; + width: 100px; + color: #333; + font-weight: 600; + line-height: 50px; +} +body.login .main_content p span.label.edit { + float: left; + width: 100px; + margin-left: 20px; +} +body.login .main_content div.form_row { + clear: both; + display: block; + padding: 8px 0 8px 10px; + margin: 15px 0 5px 0; + vertical-align: center; +} +body.login .main_content div.form_row.red label, +body.login .main_content div.form_row.red input { + color: red; +} +body.login .main_content div.form_row.red input { + border-color: red; +} +body.login .main_content label { + cursor: pointer; +} +body.login .main_content input[type=submit] { + margin-top: 30px; +} + +/******************************/ +/************RESET GESLA***************/ +body.reset_password_activate { + line-height: 26px; +} +body.reset_password_activate div.form_row { + clear: both; + display: block; + padding: 8px 0 8px 10px; + vertical-align: center; +} +body.reset_password_activate p.red { + color: red; +} +body.reset_password_activate input[type=text] { + width: 320px; +} +body.reset_password_activate label { + cursor: pointer; +} +body.reset_password_activate div.label { + display: inline-block; + width: 250px; +} + +/******************************/ +body.landing_page #content.aai #main, +body.register #content.aai #main, +body.login #content.aai #main, +body.login_noEmail #content.aai #main { + min-height: auto; + background-image: url("../img/landing_page_image_aai.png"); +} +body.landing_page #content.aai #main .landing_page_window, +body.register #content.aai #main .landing_page_window, +body.login #content.aai #main .landing_page_window, +body.login_noEmail #content.aai #main .landing_page_window { + width: 500px; + padding: 50px; + margin-top: 70px; + text-align: center; + box-shadow: 1px 1px 4px 1px #999; +} +body.landing_page #content.aai #main .landing_page_window .app_title, +body.register #content.aai #main .landing_page_window .app_title, +body.login #content.aai #main .landing_page_window .app_title, +body.login_noEmail #content.aai #main .landing_page_window .app_title { + width: 500px; + margin: 0; + color: #333; +} +body.landing_page #content.aai #main .landing_page_window .arnes_logo, +body.register #content.aai #main .landing_page_window .arnes_logo, +body.login #content.aai #main .landing_page_window .arnes_logo, +body.login_noEmail #content.aai #main .landing_page_window .arnes_logo { + margin: 30px 0; +} +body.landing_page #content.aai #main .landing_page_window .arnes_logo img, +body.register #content.aai #main .landing_page_window .arnes_logo img, +body.login #content.aai #main .landing_page_window .arnes_logo img, +body.login_noEmail #content.aai #main .landing_page_window .arnes_logo img { + width: 200px; + height: auto; +} +body.landing_page #content.aai #main .landing_page_window .tab, +body.register #content.aai #main .landing_page_window .tab, +body.login #content.aai #main .landing_page_window .tab, +body.login_noEmail #content.aai #main .landing_page_window .tab { + font-size: 16px; + text-transform: none; + line-height: 24px; +} +body.landing_page #content.aai #main .landing_page_window input[type=button], +body.register #content.aai #main .landing_page_window input[type=button], +body.login #content.aai #main .landing_page_window input[type=button], +body.login_noEmail #content.aai #main .landing_page_window input[type=button] { + width: auto; + padding: 18px 30px; + margin: 30px 0 10px 0; + font-weight: 600; + text-transform: none; + background-color: #e35205; + border-radius: 5px; +} +body.landing_page #content.aai #main .landing_page_window input[type=button]:hover, +body.register #content.aai #main .landing_page_window input[type=button]:hover, +body.login #content.aai #main .landing_page_window input[type=button]:hover, +body.login_noEmail #content.aai #main .landing_page_window input[type=button]:hover { + background-color: #fa6c21; +} +body.landing_page #content.aai #main .app_subtitle, +body.register #content.aai #main .app_subtitle, +body.login #content.aai #main .app_subtitle, +body.login_noEmail #content.aai #main .app_subtitle { + width: 500px; + margin: 10px auto; + color: #333; + font-size: 20px; + font-weight: 600; + text-shadow: none; +} + +/* Mobile prilagoditve */ +@media screen and (max-width: 700px) { + header nav { + flex-direction: column-reverse; + align-self: auto; + justify-content: space-evenly; + height: 100%; + text-align: right; + font-size: 14px; + } + header nav span.menu_item { + line-height: 18px; + } + header nav span.menu_item.active { + border-bottom: 2px #1e88e5 solid; + } + header nav span.menu_item a { + line-height: 18px; + } + + body #main .main_content { + padding: 10px 20px 40px 20px; + } + body #main .main_content h1 { + padding: 10px 10px; + font-size: 22px; + text-align: center; + } + body #main .main_content .form_row { + margin: 0 !important; + padding-left: 0 !important; + padding-right: 0 !important; + } + body #main .main_content .label { + line-height: 30px; + } + body #main .main_content input[type=text], +body #main .main_content input[type=email], +body #main .main_content input[type=password] { + width: 100%; + } + body #main .main_content input[type=submit], +body #main .main_content input[type=button] { + display: block; + width: 100%; + margin: 20px auto !important; + } + body #main .main_content .have_account { + display: block; + margin: 30px 0 0 0; + } + body #main .main_content .red.italic { + padding-left: 0 !important; + } + body #main .main_content .form_row.agreement { + margin-top: 10px !important; + } + body #main .main_content textarea#gdpr-note { + margin: 0; + width: 100%; + } + + body.landing_page, +body.login, +body.register, +body.login_noEmail { + /* AAI */ + } + body.landing_page #main, +body.login #main, +body.register #main, +body.login_noEmail #main { + min-height: auto; + /*background-image: none;*/ + } + body.landing_page #main .main_content, +body.login #main .main_content, +body.register #main .main_content, +body.login_noEmail #main .main_content { + padding: 30px 20px 30px 20px; + } + body.landing_page #main .main_content .app_title, +body.login #main .main_content .app_title, +body.register #main .main_content .app_title, +body.login_noEmail #main .main_content .app_title { + width: 95%; + margin: 10px auto 40px auto; + font-size: 32px; + /*color: $color_text;*/ + } + body.landing_page #main .main_content .landing_page_window, +body.login #main .main_content .landing_page_window, +body.register #main .main_content .landing_page_window, +body.login_noEmail #main .main_content .landing_page_window { + width: 100%; + } + body.landing_page #main .main_content .landing_page_window .tab, +body.login #main .main_content .landing_page_window .tab, +body.register #main .main_content .landing_page_window .tab, +body.login_noEmail #main .main_content .landing_page_window .tab { + font-size: 16px; + } + body.landing_page #main .main_content .landing_page_window .lostpass, +body.login #main .main_content .landing_page_window .lostpass, +body.register #main .main_content .landing_page_window .lostpass, +body.login_noEmail #main .main_content .landing_page_window .lostpass { + font-size: 14px; + } + body.landing_page #main .main_content .landing_page_window input[type=submit], +body.landing_page #main .main_content .landing_page_window input[type=button], +body.login #main .main_content .landing_page_window input[type=submit], +body.login #main .main_content .landing_page_window input[type=button], +body.register #main .main_content .landing_page_window input[type=submit], +body.register #main .main_content .landing_page_window input[type=button], +body.login_noEmail #main .main_content .landing_page_window input[type=submit], +body.login_noEmail #main .main_content .landing_page_window input[type=button] { + margin: 30px auto !important; + } + body.landing_page #main .main_content .app_subtitle, +body.login #main .main_content .app_subtitle, +body.register #main .main_content .app_subtitle, +body.login_noEmail #main .main_content .app_subtitle { + width: 100%; + box-sizing: border-box; + } + body.landing_page #content.aai #main .main_content .landing_page_window, +body.login #content.aai #main .main_content .landing_page_window, +body.register #content.aai #main .main_content .landing_page_window, +body.login_noEmail #content.aai #main .main_content .landing_page_window { + width: 100%; + box-sizing: border-box; + margin-top: 20px; + } + body.landing_page #content.aai #main .main_content .app_title, +body.login #content.aai #main .main_content .app_title, +body.register #content.aai #main .main_content .app_title, +body.login_noEmail #content.aai #main .main_content .app_title { + width: 100%; + box-sizing: border-box; + } + body.landing_page #content.aai #main .main_content .app_subtitle, +body.login #content.aai #main .main_content .app_subtitle, +body.register #content.aai #main .main_content .app_subtitle, +body.login_noEmail #content.aai #main .main_content .app_subtitle { + width: 100%; + box-sizing: border-box; + } + + footer { + padding: 0 20px; + } + footer .footer_content { + flex-direction: column; + padding: 20px 0; + text-align: center; + } + footer .footer_content .col { + width: 100%; + } + footer .footer_content .col .follow { + justify-content: center; + } + footer .footer_content .logo_holder img { + margin: 20px auto 30px auto; + } +} + +/*# sourceMappingURL=style.css.map */ diff --git a/frontend/simple/css/style.css.map b/frontend/simple/css/style.css.map new file mode 100644 index 0000000..700585b --- /dev/null +++ b/frontend/simple/css/style.css.map @@ -0,0 +1 @@ +{"version":3,"sourceRoot":"","sources":["../../../resources/sass/frontend_simple/style.scss","../../../resources/sass/frontend_simple/basic/colors.scss","../../../resources/sass/frontend_simple/basic/fonts.scss","../../../resources/sass/frontend_simple/basic/basic.scss","../../../resources/sass/frontend_simple/modules/header.scss","../../../resources/sass/frontend_simple/modules/main.scss","../../../resources/sass/frontend_simple/modules/footer.scss","../../../resources/sass/frontend_simple/modules/cookie.scss","../../../resources/sass/frontend_simple/modules/landing_page.scss","../../../resources/sass/frontend_simple/modules/pages.scss","../../../resources/sass/frontend_simple/modules/aai.scss","../../../resources/sass/frontend_simple/basic/mobile.scss"],"names":[],"mappings":"AAAA;AAAA;AAAA;AAAA;ACAA;ACAA;AAGQ;AAMR;EACC;;;AAED;EACI;;;AAEJ;EACC;;;AAGD;EACC;;;AAGD;EACC;;;ACxBD;AAEA;EACI;EACA;EAEA;EACA,OFHS;;AEKT;EACI;EACA;EACA;;;AAIR;EACI;EAEA;EACA;;;AAWJ;EACI;EACA;;;AAGJ;EACI,OFnCS;EEoCT;;AAEA;EACI;;;AAGR;EACI;;AAEA;EACI;;;AAIR;EACI;;;AAGJ;EACI;;;AAGJ;AAAA;AAAA;AAAA;EAII;EAEA;EACA;EAEA;EACA;EACA;EACA;EACA;EAEA,kBFzES;EE0ET;EACA;EAEA;;AAEA;AAAA;AAAA;AAAA;EACI;;;AAIR;AAAA;AAAA;EAGI;EACA;EACA;EAEA;EACA,OFxFc;EE0Fd;EACA;;AAEA;AAAA;AAAA;EACI;;;AAIR;EACI;EACA;EAEA;EACA,OFvGc;EEyGd;EACA;;;AChHJ;EACI;EACA;EACA;EAEA;EACA;EACA;;AAGA;EACI;;AAGI;EACI;EACA;EACA;;AAKZ;EACI;EACA;EAEA;EACA;EACA;;AAEA;EACI;EAEA;;AAEA;EACI,OH9BE;EG+BF;EACA;EAEA;;AAEA;EACI,OHzCP;;AG6CD;EACI;;;AChDhB;EACI,kBJUoB;;AIRpB;EACI;EACA;EACA;;;ACJJ;EACI;EACA;EAEA;EACA;EACA;;AAEA;EACI;EACA;EAEA;EACA;;AAEA;EACI;EAEA,OLdE;EKeF;;AAEA;EACI;EACA;;AAGJ;EACI,OLvBF;;AKyBE;EACI,OL9BX;;AKgCW;EACI;;AAEJ;EACI;;AAIR;EACI;EACA;EACA;EAEA;EACA;EAEA;;AAGJ;EACI;;AAEJ;EACI;;AAKZ;EACI;EACA;EAEA;;AAEA;EACI;EACA;EAEA;;;AAOpB;EACI;;;AChFJ;EACI;EACA;EAEA;EACA;EACA;EAEA;EACA;EAEA;EACA;EAEA;EAEA;;AAEA;EACI;EAEA;;AAEA;EACI;EACA;;AAGJ;EACI;EACA;;AAEA;EACI;;AAOR;EACI;EAEA;EACA;EAEA,kBN5CC;EM6CD;;AAEA;EACI;;;AAQZ;EACI;;AAEA;EACI;;;ACzDR;AAAA;AAAA;AAAA;EACI;EACA;EAEA;EACA;;AAEA;AAAA;AAAA;AAAA;EACI;EACA;EAEA;EACA;EACA;EACA;EACA;;AAGJ;AAAA;AAAA;AAAA;EACI;EACA;EAEA;EACA;EACA;EACA;EACA;;AAGJ;AAAA;AAAA;AAAA;EACI;EAEA;EACA;EAEA;;AAEA;AAAA;AAAA;AAAA;EACI;EACA;;AAEA;AAAA;AAAA;AAAA;EACI;EACA;EACA;EAEA;EAEA;EACA;EACA;EACA,OPlDF;EOoDE,kBP9CS;EOgDT;;AAEA;AAAA;AAAA;AAAA;EACI;;AAGJ;AAAA;AAAA;AAAA;EACI;;AAEA;AAAA;AAAA;AAAA;EACI;;AAIR;AAAA;AAAA;AAAA;EACI;EACA;EAEA;;AAEA;AAAA;AAAA;AAAA;EACI;;AAMhB;AAAA;AAAA;AAAA;EACI;;AAEA;AAAA;AAAA;AAAA;EACI;;AAGJ;AAAA;AAAA;AAAA;EACI;EACA;EACA;EAEA;;AAEA;AAAA;AAAA;AAAA;EACI;EAEA;EACA;;AAEA;AAAA;AAAA;AAAA;EACI,OP1Gf;EO2Ge;EACA;;AAEA;AAAA;AAAA;AAAA;EACI;;AAOpB;AAAA;AAAA;AAAA;EACI;;AAEA;AAAA;AAAA;AAAA;EACI;;AAGJ;AAAA;AAAA;AAAA;EACI;EACA;EAEA;;AAIR;AAAA;AAAA;AAAA;EACI;EACA;;AAGJ;AAAA;AAAA;AAAA;EACI;EAEA;EACA;;AAGJ;AAAA;AAAA;AAAA;EACI;;AAGJ;AAAA;AAAA;AAAA;EACI;EAEA;EACA;EAEA;;AAEA;AAAA;AAAA;AAAA;EACI;;AAIR;AAAA;AAAA;AAAA;EACI;;AAEA;AAAA;AAAA;AAAA;EACI;;AAIR;AAAA;AAAA;AAAA;EACI;EACA;EAEA;EACA;EAEA;EACA;EAEA;;AAGJ;AAAA;AAAA;AAAA;EACI;EACA;;;AAMhB;;AAAA;AAAA;AAAA;;AAAA;AAAA;AAAA;AAAA;ACjMA;AACA;EACI;;AAEA;EACI;EACA;EAEA;EACA;;AAGJ;EACI;;AAGJ;EACI;;AAEJ;EACI;;AAEJ;EACI;EACA;EACA;;AAEJ;EACI;;AAGJ;EACI;EACA;;;AAGR;AAGA;AAKQ;EACI;EACA;EAEA;EACA;;AAGJ;EACI;EACA;EAEA;;AAEJ;EACI;EACA;;AAEJ;EACI;EAEA;EACA;;AAEJ;EACI;EAEA;EACA;EAEA;EACA;;AAGJ;EACI;EACA;EACA;;AAEJ;EACI;EACA;EAEA;EACA;EACA;;AAEJ;AAAA;EAEI;;AAEJ;EACI;;AAGJ;EACI;EACA;EAEA;EACA;EAEA;EACA;EACA;;AAEJ;AAAA;EAEI;EACA;EAEA;EACA;EAEA;;AAEJ;EACI;AACA;EACA;;AAEJ;EACI;EACA;;AAGJ;EACI;EACA;;AAEJ;EACK;;AAEL;EACI;EACC;;AAGL;EACI;;AAGJ;EACI;EAEA;EACA;;AAGJ;EACI;EACA;;AAGJ;EACI;;AAGJ;EACI;;AAEJ;EACI;;;AAIZ;AAKA;AAKQ;EACI;EACA;;AAGJ;EACI;EACA;EAEA;EACA;EAEA;EACA;EACA;;AAEJ;EACI;EACA;EACA;;AAEJ;EACI;EACA;EAEA;EACA;EACA;;AAEJ;AAAA;EAEI;;AAEJ;EACI;;AAGJ;EACI;;AAGJ;EACI;;;AAIZ;AAGA;AACA;EACI;;AAEA;EACI;EACA;EAEA;EACA;;AAGJ;EACI;;AAGJ;EACI;;AAEJ;EACI;;AAGJ;EACI;EACA;;;AAGR;AC5PI;AAAA;AAAA;AAAA;EACI;EAEA;;AAEA;AAAA;AAAA;AAAA;EACI;EACA;EACA;EAEA;EAEA;;AAEA;AAAA;AAAA;AAAA;EACI;EACA;EAEA;;AAGJ;AAAA;AAAA;AAAA;EACI;;AAEA;AAAA;AAAA;AAAA;EACI;EACA;;AAIR;AAAA;AAAA;AAAA;EACI;EACA;EACA;;AAGJ;AAAA;AAAA;AAAA;EACI;EACA;EACA;EAEA;EACA;EAEA;EACA;;AAEA;AAAA;AAAA;AAAA;EACI;;AAKZ;AAAA;AAAA;AAAA;EACI;EACA;EAEA;EACA;EACA;EACA;;;ACjEZ;AAEA;EAGQ;IACI;IACA;IACA;IAEA;IAEA;IACA;;EAEA;IACI;;EAEA;IACI;;EAGJ;IACI;;;EAQR;IACI;;EAEA;IACI;IAEA;IACA;;EAGJ;IACI;IACA;IACA;;EAGJ;IACI;;EAGJ;AAAA;AAAA;IAGI;;EAEJ;AAAA;IAEI;IACA;IACA;;EAGJ;IACI;IACA;;EAEJ;IACI;;EAGJ;IACI;;EAGJ;IACI;IACA;;;EAOhB;AAAA;AAAA;AAAA;AA4CI;;EAvCA;AAAA;AAAA;AAAA;IACI;AACA;;EAEA;AAAA;AAAA;AAAA;IACI;;EAEA;AAAA;AAAA;AAAA;IACI;IACA;IAEA;AACA;;EAGJ;AAAA;AAAA;AAAA;IACI;;EAEA;AAAA;AAAA;AAAA;IACI;;EAGJ;AAAA;AAAA;AAAA;IACI;;EAGJ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;IAEI;;EAIR;AAAA;AAAA;AAAA;IACI;IACA;;EAQR;AAAA;AAAA;AAAA;IACI;IACA;IACA;;EAGJ;AAAA;AAAA;AAAA;IACI;IACA;;EAGJ;AAAA;AAAA;AAAA;IACI;IACA;;;EAOZ;IACI;;EAEA;IACI;IACA;IAEA;;EAEA;IACI;;EAEA;IACI;;EAIR;IACI;;;EAOZ;IACI;;EAEA;IACI;IACA","file":"style.css"} \ No newline at end of file diff --git a/frontend/simple/img/landing_page_image.jpg b/frontend/simple/img/landing_page_image.jpg new file mode 100644 index 0000000..41eb526 Binary files /dev/null and b/frontend/simple/img/landing_page_image.jpg differ diff --git a/frontend/simple/img/landing_page_image_aai.png b/frontend/simple/img/landing_page_image_aai.png new file mode 100644 index 0000000..8d1efa0 Binary files /dev/null and b/frontend/simple/img/landing_page_image_aai.png differ diff --git a/frontend/simple/index.php b/frontend/simple/index.php new file mode 100644 index 0000000..e95588b --- /dev/null +++ b/frontend/simple/index.php @@ -0,0 +1,76 @@ +checkDBEmpty()){ + global $site_url; + header('Location: '.$site_url.'frontend/install'); + } + + + // Inicializiramo razred za prikaz + $dc = new DisplayController(); + + + echo ''; + echo ''; + + + /********** HEAD **********/ + echo ''; + $dc->displayHead(); + echo ''; + /********** HEAD - END **********/ + + + /********** BODY **********/ + echo ''; + + echo '
'; + + + // Glava + echo '
'; + $dc->displayHeader(); + echo '
'; + + + // Vsebina strani + global $aai_instalacija; + echo '
'; + + echo '
'; + $dc->displayMain(); + echo '
'; + + echo '
'; + + + // Footer + echo ''; + + + echo '
'; + + echo ''; + /********** BODY - END **********/ + + + echo ''; +?> \ No newline at end of file diff --git a/frontend/simple/script/init.js b/frontend/simple/script/init.js new file mode 100644 index 0000000..f810e38 --- /dev/null +++ b/frontend/simple/script/init.js @@ -0,0 +1,4 @@ +$(document).ready(function() { + + +}); diff --git a/frontend/simple/script/script.js b/frontend/simple/script/script.js new file mode 100644 index 0000000..ff91482 --- /dev/null +++ b/frontend/simple/script/script.js @@ -0,0 +1,85 @@ +function CookieAlertSubmit (form) { + + $("#kuki").dialog({ + modal: true, + buttons: { + "DA, Nadaljuj s prijavo": function() { + $(this).dialog( "close" ); + $('#' + form).submit(); + }, + "Ne": function() { + $(this).dialog( "close" ); + } + } + }); +} + +function CookieAlertFB () { + + $("#kuki").dialog({ + modal: true, + buttons: { + "DA, Nadaljuj s prijavo": function() { + $(this).dialog( "close" ); + document.location.href='../api/fb_login.php'; + }, + "Ne": function() { + $(this).dialog( "close" ); + } + } + }); +} + +function LostPassword(alert_text) { + + var email = document.getElementById('em').value; + + if (email === '') { + alert(alert_text); + } + else { + + var lang_param = ''; + var lang_id = $('input[name="lang_id"]').val(); + if(lang_id == '1' || lang_id == '2'){ + lang_param = '&lang_id=' + lang_id; + } + + document.location.href = '../api/api.php?action=reset_password&email=' + email + lang_param; + } +} + +// function CheckEmailFP() { +// var Email = document.getElementById('em'); +// console.log(Email.value); +// if (Email.search('@') == -1 || Email.indexOf('.') == -1) +// alert ('Prosimo, popravite email'); +// } + + +// Posljemo zahtevo za izbris (iz simple frontenda) +function sendGDPRRequest(){ + + var form_serialize = $("#gdpr").serializeArray(); + + $.ajax({ + url : '../../utils/gdpr_request.php', + type: "POST", + data : form_serialize, + success:function(response){ + $("#gdpr_holder").load('frontend/simple/ajax.php?a=gdpr_request_send', {json: JSON.parse(response)}); + } + }); +} + + +function switchLoginRegistration(clicked_tab){ + + if($(clicked_tab).hasClass('active')) + return; + + $("#registration_holder").toggle('fast'); + $("#login_holder").toggle('fast'); + + $(".tab").toggleClass('active'); +} -- cgit v1.2.3