dolibarr 19.0.3
viewandvote.php
1<?php
2/* Copyright (C) 2021 Dorian Vabre <dorian.vabre@gmail.com>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 3 of the License, or
7 * (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <https://www.gnu.org/licenses/>.
16 */
17
24if (!defined('NOLOGIN')) {
25 define("NOLOGIN", 1); // This means this output page does not require to be logged.
26}
27if (!defined('NOCSRFCHECK')) {
28 define("NOCSRFCHECK", 1); // We accept to go on this page from external web site.
29}
30if (!defined('NOIPCHECK')) {
31 define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip
32}
33if (!defined('NOBROWSERNOTIF')) {
34 define('NOBROWSERNOTIF', '1');
35}
36
37// For MultiCompany module.
38// Do not use GETPOST here, function is not defined and get of entity must be done before including main.inc.php
39$entity = (!empty($_GET['entity']) ? (int) $_GET['entity'] : (!empty($_POST['entity']) ? (int) $_POST['entity'] : (!empty($_GET['e']) ? (int) $_GET['e'] : (!empty($_POST['e']) ? (int) $_POST['e'] : 1))));
40if (is_numeric($entity)) {
41 define("DOLENTITY", $entity);
42}
43
44// Load Dolibarr environment
45require '../../main.inc.php';
46require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php';
47require_once DOL_DOCUMENT_ROOT.'/core/lib/payments.lib.php';
48require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
49require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
50require_once DOL_DOCUMENT_ROOT.'/societe/class/societeaccount.class.php';
51require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
52require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php';
53require_once DOL_DOCUMENT_ROOT . '/comm/action/class/actioncomm.class.php';
54
55// Hook to be used by external payment modules (ie Payzen, ...)
56$hookmanager = new HookManager($db);
57
58$hookmanager->initHooks(array('newpayment'));
59
60// For encryption
61global $dolibarr_main_url_root;
62
63// Load translation files
64$langs->loadLangs(array("main", "other", "dict", "bills", "companies", "errors", "paybox", "paypal", "stripe")); // File with generic data
65
66// Security check
67// No check on module enabled. Done later according to $validpaymentmethod
68
69$action = GETPOST('action', 'aZ09');
70$id = GETPOST('id');
71$securekeyreceived = GETPOST("securekey");
72$securekeytocompare = dol_hash(getDolGlobalString('EVENTORGANIZATION_SECUREKEY') . 'conferenceorbooth'.$id, 'md5');
73
74if ($securekeytocompare != $securekeyreceived) {
75 print $langs->trans('MissingOrBadSecureKey');
76 exit;
77}
78
79$listofvotes = explode(',', $_SESSION["savevotes"]);
80
81
82// Define $urlwithroot
83//$urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',trim($dolibarr_main_url_root));
84//$urlwithroot=$urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file
85$urlwithroot = DOL_MAIN_URL_ROOT; // This is to use same domain name than current. For Paypal payment, we can use internal URL like localhost.
86
87$project = new Project($db);
88$resultproject = $project->fetch($id);
89if ($resultproject < 0) {
90 $error++;
91 $errmsg .= $project->error;
92}
93
94// Security check
95if (empty($conf->eventorganization->enabled)) {
96 httponly_accessforbidden('Module Event organization not enabled');
97}
98
99
100/*
101 * Actions
102 */
103
104$tmpthirdparty = new Societe($db);
105
106$listOfConferences = '<tr><td>'.$langs->trans('Label').'</td>';
107$listOfConferences .= '<td>'.$langs->trans('Type').'</td>';
108$listOfConferences .= '<td>'.$langs->trans('ThirdParty').'</td>';
109$listOfConferences .= '<td>'.$langs->trans('Note').'</td></tr>';
110
111$sql = "SELECT a.id, a.fk_action, a.datep, a.datep2, a.label, a.fk_soc, a.note, ca.libelle as label
112 FROM ".MAIN_DB_PREFIX."actioncomm as a
113 INNER JOIN ".MAIN_DB_PREFIX."c_actioncomm as ca ON (a.fk_action=ca.id)
114 WHERE a.status<2";
115
116$sqlforconf = $sql." AND ca.module='conference@eventorganization'";
117//$sqlforbooth = $sql." AND ca.module='booth@eventorganization'";
118
119// For conferences
120$result = $db->query($sqlforconf);
121$i = 0;
122while ($i < $db->num_rows($result)) {
123 $obj = $db->fetch_object($result);
124 if (!empty($obj->fk_soc)) {
125 $resultthirdparty = $tmpthirdparty->fetch($obj->fk_soc);
126 if ($resultthirdparty) {
127 $thirdpartyname = $tmpthirdparty->name;
128 } else {
129 $thirdpartyname = '';
130 }
131 } else {
132 $thirdpartyname = '';
133 }
134
135 $listOfConferences .= '<tr><td>'.$obj->label.'</td><td>'.$obj->label.'</td><td>'.$thirdpartyname.'</td><td>'.$obj->note.'</td>';
136 $listOfConferences .= '<td><button type="submit" name="vote" value="'.$obj->id.'" class="button">'.$langs->trans("Vote").'</button></td></tr>';
137 $i++;
138}
139
140// For booths
141/*
142$result = $db->query($sqlforbooth);
143$i = 0;
144while ($i < $db->num_rows($result)) {
145 $obj = $db->fetch_object($result);
146 if (!empty($obj->fk_soc)) {
147 $resultthirdparty = $tmpthirdparty->fetch($obj->fk_soc);
148 if ($resultthirdparty) {
149 $thirdpartyname = $tmpthirdparty->name;
150 } else {
151 $thirdpartyname = '';
152 }
153 } else {
154 $thirdpartyname = '';
155 }
156
157 $listOfBooths .= '<tr><td>'.$obj->label.'</td><td>'.$obj->libelle.'</td><td>'.$obj->datep.'</td><td>'.$obj->datep2.'</td><td>'.$thirdpartyname.'</td><td>'.$obj->note.'</td>';
158 $listOfBooths .= '<td><button type="submit" name="vote" value="'.$obj->id.'" class="button">'.$langs->trans("Vote").'</button></td></tr>';
159 $i++;
160}
161*/
162
163// Get vote result
164$idvote = GETPOST("vote");
165$hashedvote = dol_hash(getDolGlobalString('EVENTORGANIZATION_SECUREKEY') . 'vote'.$idvote);
166
167if (strlen($idvote)) {
168 if (in_array($hashedvote, $listofvotes)) {
169 // Has already voted
170 $votestatus = 'ko';
171 } else {
172 // Has not already voted
173 $conforbooth = new ActionComm($db);
174 $resultconforbooth = $conforbooth->fetch($idvote);
175 if ($resultconforbooth<=0) {
176 $error++;
177 $errmsg .= $conforbooth->error;
178 } else {
179 // Process to vote
180 $conforbooth->num_vote++;
181 $resupdate = $conforbooth->update($user);
182 if ($resupdate) {
183 $votestatus = 'ok';
184 $_SESSION["savevotes"] = $hashedvote.','.(empty($_SESSION["savevotes"]) ? '' : $_SESSION["savevotes"]); // Save voter
185 } else {
186 //Error during update
187 $votestatus = 'err';
188 }
189 }
190 }
191 if ($votestatus=="ok") {
192 setEventMessage($langs->trans("VoteOk"), 'mesgs');
193 } elseif ($votestatus=="ko") {
194 setEventMessage($langs->trans("AlreadyVoted"), 'warnings');
195 } elseif ($votestatus=="err") {
196 setEventMessage($langs->trans("VoteError"), 'warnings');
197 }
198 header("Refresh:0;url=".dol_buildpath('/public/project/viewandvote.php?id='.$id.'&securekey=', 1).$securekeyreceived);
199 exit;
200}
201
202
203/*
204 * View
205 */
206
207$head = '';
208if (getDolGlobalString('ONLINE_PAYMENT_CSS_URL')) {
209 $head = '<link rel="stylesheet" type="text/css" href="' . getDolGlobalString('ONLINE_PAYMENT_CSS_URL').'?lang='.$langs->defaultlang.'">'."\n";
210}
211
212$conf->dol_hide_topmenu = 1;
213$conf->dol_hide_leftmenu = 1;
214
215$replacemainarea = (empty($conf->dol_hide_leftmenu) ? '<div>' : '').'<div>';
216llxHeader($head, $langs->trans("SuggestForm"), '', '', 0, 0, '', '', '', 'onlinepaymentbody', $replacemainarea);
217
218print '<span id="dolpaymentspan"></span>'."\n";
219print '<div class="center">'."\n";
220print '<form id="dolpaymentform" class="center" name="paymentform" action="'.$_SERVER["PHP_SELF"].'" method="POST">'."\n";
221print '<input type="hidden" name="token" value="'.newToken().'">'."\n";
222print '<input type="hidden" name="action" value="dopayment">'."\n";
223print '<input type="hidden" name="tag" value="'.GETPOST("tag", 'alpha').'">'."\n";
224//print '<input type="hidden" name="suffix" value="'.dol_escape_htmltag($suffix).'">'."\n";
225print '<input type="hidden" name="id" value="'.dol_escape_htmltag($id).'">'."\n";
226print '<input type="hidden" name="securekey" value="'.dol_escape_htmltag($securekeyreceived).'">'."\n";
227print '<input type="hidden" name="e" value="'.$entity.'" />';
228print '<input type="hidden" name="forcesandbox" value="'.GETPOST('forcesandbox', 'int').'" />';
229print "\n";
230
231
232// Show logo (search order: logo defined by PAYMENT_LOGO_suffix, then PAYMENT_LOGO, then small company logo, large company logo, theme logo, common logo)
233// Define logo and logosmall
234$logosmall = $mysoc->logo_small;
235$logo = $mysoc->logo;
236$paramlogo = 'ONLINE_PAYMENT_LOGO_'.$suffix;
237if (!empty($conf->global->$paramlogo)) {
238 $logosmall = $conf->global->$paramlogo;
239} elseif (getDolGlobalString('ONLINE_PAYMENT_LOGO')) {
240 $logosmall = $conf->global->ONLINE_PAYMENT_LOGO;
241}
242//print '<!-- Show logo (logosmall='.$logosmall.' logo='.$logo.') -->'."\n";
243// Define urllogo
244$urllogo = '';
245$urllogofull = '';
246if (!empty($logosmall) && is_readable($conf->mycompany->dir_output.'/logos/thumbs/'.$logosmall)) {
247 $urllogo = DOL_URL_ROOT.'/viewimage.php?modulepart=mycompany&amp;entity='.$conf->entity.'&amp;file='.urlencode('logos/thumbs/'.$logosmall);
248 $urllogofull = $dolibarr_main_url_root.'/viewimage.php?modulepart=mycompany&entity='.$conf->entity.'&file='.urlencode('logos/thumbs/'.$logosmall);
249} elseif (!empty($logo) && is_readable($conf->mycompany->dir_output.'/logos/'.$logo)) {
250 $urllogo = DOL_URL_ROOT.'/viewimage.php?modulepart=mycompany&amp;entity='.$conf->entity.'&amp;file='.urlencode('logos/'.$logo);
251 $urllogofull = $dolibarr_main_url_root.'/viewimage.php?modulepart=mycompany&entity='.$conf->entity.'&file='.urlencode('logos/'.$logo);
252}
253
254// Output html code for logo
255if ($urllogo) {
256 print '<div class="backgreypublicpayment">';
257 print '<div class="logopublicpayment">';
258 print '<img id="dolpaymentlogo" src="'.$urllogo.'"';
259 print '>';
260 print '</div>';
261 if (!getDolGlobalString('MAIN_HIDE_POWERED_BY')) {
262 print '<div class="poweredbypublicpayment opacitymedium right"><a class="poweredbyhref" href="https://www.dolibarr.org?utm_medium=website&utm_source=poweredby" target="dolibarr" rel="noopener">'.$langs->trans("PoweredBy").'<br><img class="poweredbyimg" src="'.DOL_URL_ROOT.'/theme/dolibarr_logo.svg" width="80px"></a></div>';
263 }
264 print '</div>';
265}
266
267if (getDolGlobalString('PROJECT_IMAGE_PUBLIC_SUGGEST_BOOTH')) {
268 print '<div class="backimagepublicsuggestbooth">';
269 print '<img id="idPROJECT_IMAGE_PUBLIC_SUGGEST_BOOTH" src="' . getDolGlobalString('PROJECT_IMAGE_PUBLIC_SUGGEST_BOOTH').'">';
270 print '</div>';
271}
272
273print '<table id="welcome" class="center">'."\n";
274$text = '<tr><td class="textpublicpayment"><br><strong>'.$langs->trans("EvntOrgRegistrationWelcomeMessage").'</strong></td></tr>'."\n";
275$text .= '<tr><td class="textpublicpayment">'.$langs->trans("EvntOrgVoteHelpMessage").' : "'.$project->title.'".<br><br></td></tr>'."\n";
276$text .= '<tr><td class="textpublicpayment">'.$project->note_public.'</td></tr>'."\n";
277print $text;
278print '</table>'."\n";
279
280
281print '<table cellpadding="10" id="conferences" border="1" class="center">'."\n";
282print '<th colspan="7">'.$langs->trans("ListOfSuggestedConferences").'</th>';
283print $listOfConferences.'<br>';
284print '</table>'."\n";
285
286/*
287print '<br>';
288
289print '<table border=1 cellpadding="10" id="conferences" class="center">'."\n";
290print '<th colspan="7">'.$langs->trans("ListOfSuggestedBooths").'</th>';
291print $listOfBooths.'<br>';
292print '</table>'."\n";
293*/
294
295$object = null;
296
297htmlPrintOnlineFooter($mysoc, $langs, 1, $suffix, $object);
298
299llxFooter('', 'public');
300
301$db->close();
if(!defined('NOREQUIRESOC')) if(!defined( 'NOREQUIRETRAN')) if(!defined('NOTOKENRENEWAL')) if(!defined( 'NOREQUIREMENU')) if(!defined('NOREQUIREHTML')) if(!defined( 'NOREQUIREAJAX')) llxHeader()
Empty header.
Definition wrapper.php:55
llxFooter()
Empty footer.
Definition wrapper.php:69
Class to manage agenda events (actions)
Class to manage hooks.
Class to manage projects.
Class to manage third parties objects (customers, suppliers, prospects...)
htmlPrintOnlineFooter($fromcompany, $langs, $addformmessage=0, $suffix='', $object=null)
Show footer of company in HTML pages.
setEventMessage($mesgs, $style='mesgs', $noduplicate=0)
Set event message in dol_events session object.
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
dol_buildpath($path, $type=0, $returnemptyifnotfound=0)
Return path of url or filesystem.
getDolGlobalString($key, $default='')
Return dolibarr global constant string value.
httponly_accessforbidden($message=1, $http_response_code=403, $stringalreadysanitized=0)
Show a message to say access is forbidden and stop program.
dol_hash($chain, $type='0', $nosalt=0)
Returns a hash (non reversible encryption) of a string.