Email PPR

2025-03-07 18:38:47 +00:00
parent 5077445d5d
commit 2b7d3e5d2a
3 changed files with 255 additions and 3 deletions
--- a/cancelppr.php
+++ b/cancelppr.php
@@ -0,0 +1,170 @@
 <?php
 include("functions.php");
 ?>
 <!DOCTYPE html>
 <html lang="en">
 <head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Row Details</title>
    <style>
        body {
            font-family: Arial, sans-serif;
            margin: 0;
            padding: 0;
            background-color: #f4f4f4;
        }
        .container {
            width: 80%;
            margin: 20px auto;
            background-color: #fff;
            padding: 20px;
            box-shadow: 0 4px 8px rgba(0, 0, 0, 0.1);
        }
        h2 {
            color: #333;
            text-align: center;
            margin-bottom: 20px;
        }
        .details {
            padding: 15px;
            border: 1px solid #ddd;
            border-radius: 5px;
            background-color: #f9f9f9;
        }
        .details p {
            margin: 10px 0;
            font-size: 16px;
        }
        .details p strong {
            color: #333;
        }
        .back-link {
            display: inline-block;
            margin-top: 20px;
            text-decoration: none;
            color: #fff;
            background-color: #007BFF;
            padding: 10px 15px;
            border-radius: 5px;
        }
        .back-link:hover {
            background-color: #0056b3;
        }
        button {
            padding: 10px 20px;
            font-size: 1rem;
            background-color: #007bff;
            color: white;
            border: none;
            border-radius: 5px;
            cursor: pointer;
            transition: 0.3s;
        }
        button:hover {
            background-color: #0056b3;
        }
    </style>
 </head>
 <body>
 <?php
 if (isset($_GET['token'])) {
    $result = validateSecureToken($_GET['token']);
    if ($result) {
        // Token is valid, allow changes to database entry
        $email = $result['email'];
        $entryId = $result['entryId'];
        echo "Token valid, email is " . $email . " entryId is " . $entryId;
    } else {
        die("Invalid or expired token.");
    }
 }
 switch($_GET['op']) {
    case "cancel":
        opCancel();
        break;
    case "view":
        opView($entryId);
        break;
    default:
 }
 function opView($entryId) {
    $conn = connectDb();
    $sql = "SELECT * FROM submitted WHERE id = " . $entryId;
    $result = $conn->query($sql);
    if ($result->num_rows > 0) {
        // Output data of the row
        $row = $result->fetch_assoc();
        echo '<div class="container">';
        echo '<div class="details"><p><strong>Aircraft Reg: </strong>' . $row['ac_reg'] . "</p>";
        echo "<p><strong>Aircraft Type:</strong> " . $row['ac_type'] . "</p>";
        echo "<p><strong>Callsign:</strong> " . $row['ac_call'] . "</p>";
        echo "<p><strong>Captain's Name:</strong> " . $row['captain'] . "</p>";
        echo "<p><strong>Arriving From:</strong> " . $row['in_from'] . "</p>";
        echo "<p><strong>POB IN:</strong> " . $row['pob_in'] . "</p>";
        echo "<p><strong>ETA:</strong> " . $row['eta'] . "</p>";
        echo "<p><strong>Fuel Required:</strong> " . $row['fuel'] . "</p>";
        echo "<p><strong>POB OUT:</strong> " . $row['pob_out'] . "</p>";
        echo "<p><strong>Outbound To:</strong> " . $row['out_to'] . "</p>";
        echo "<p><strong>ETD:</strong> " . $row['etd'] . "</p>";
        echo "<p><strong>Email Address:</strong> " . $row['email'] . "</p>";
        echo "<p><strong>Phone:</strong> " . $row['phone'] . "</p>";
        echo "<p><strong>Notes:</strong> " . $row['notes'] . "</p></div>";
    } else {
        echo "No details found for the given ID.";
    }
    $conn->close();
    echo '<button onclick="confirmWithSweetAlert(\'cancelppr.php?op=cancel&token=' . urlencode($_GET['token']) . '\')">Cancel PPR</button>';
 }
 ?>
 <!-- Include SweetAlert -->
 <script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
 <script>
 function confirmWithSweetAlert(url) {
    Swal.fire({
        title: "Cancel PPR?",
        text: "We hope to see you soon!",
        icon: "warning",
        showCancelButton: true,
        confirmButtonColor: "#3085d6",
        cancelButtonColor: "#d33",
        confirmButtonText: "Cancel PPR"
    }).then((result) => {
        if (result.isConfirmed) {
            window.location.href = url;
        }
    });
 }
 </script>
--- a/functions.php
+++ b/functions.php
@@ -91,3 +91,37 @@ function require_auth() {
 		exit;
 	}
 }
 function generateSecureToken($email, $entryId) {
    $secretKey = "your-very-secret-key"; // Use an environment variable for this
    $timestamp = time();
    $data = "$email|$entryId|$timestamp";
    $hash = hash_hmac('sha256', $data, $secretKey);
    return base64_encode("$data|$hash");
 }
 function validateSecureToken($token) {
    $secretKey = "your-very-secret-key";
    $decoded = base64_decode($token);
    if (!$decoded) return false;
    list($email, $entryId, $timestamp, $hash) = explode('|', $decoded);
    // Check expiration (e.g., valid for 1 hour)
    if (time() - $timestamp > 3600) {
        return false;
    }
    // Verify hash
    $data = "$email|$entryId|$timestamp";
    $validHash = hash_hmac('sha256', $data, $secretKey);
    if (!hash_equals($validHash, $hash)) {
        return false;
    }
    return ['email' => $email, 'entryId' => $entryId];
 }
--- a/newppr.php
+++ b/newppr.php
@@ -1,4 +1,10 @@
 <?php
 use PHPMailer\PHPMailer\PHPMailer;
 use PHPMailer\PHPMailer\Exception;
 require '../vendor/autoload.php';
 include("functions.php");
 require_db_auth();
@@ -21,8 +27,16 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
        echo $sql;
        if ($conn->query($sql) === TRUE) {
-            echo "<p>Data successfully inserted into database.</p>";
+            $lastId = $conn->insert_id;
-            echo '<script>window.close();</script>';
+            echo "<p>Data successfully inserted into database with id = " . $lastId . "</p>";
            if (!empty($_POST['email'])) {
                echo "Email is set to " . $_POST['email'];
                generatePprEmail($lastId);
            } else {
                echo "Username is not set.";
            }
            //echo '<script>window.close();</script>';
        } else {
            echo "<p>Error inserting data: " . $conn->error . "</p>";
        }
@@ -32,5 +46,39 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
    echo "<h2>No POST data received.</h2>";
 }
 function generatePprEmail($entryId) {
 	$token = generateSecureToken($_POST['email'], $entryId);
    $secureLink = "https://ppr.swansea-airport.wales/dev/cancelppr.php?op=view&token=" . urlencode($token);
    echo $secureLink;
    $mail = new PHPMailer(true);
    try {
        $mail->isSMTP();
        $mail->Host = 'send.one.com'; // Your SMTP server
        $mail->SMTPAuth = true;
        $mail->Username = 'noreply@swansea-airport.wales';
        $mail->Password = 'SASAGoForward2155';
        $mail->SMTPSecure = PHPMailer::ENCRYPTION_SMTPS;
        $mail->Port = 465;
        $mail->setFrom('noreply@swansea-airport.wales', 'Swansea Airport');
        $mail->addAddress($_POST['email']);
        $mail->isHTML(true);
        $mail->Subject = "Edit Your Entry";
        $mail->Body = "
            <p>Click the button below to edit your entry securely:</p>
            <a href='$secureLink' style='display: inline-block; padding: 10px 20px; color: white; background-color: #007bff; text-decoration: none; border-radius: 5px;'>Edit Entry</a>
        ";
        $mail->send();
        echo "Email sent successfully!";
    } catch (Exception $e) {
        echo "Email sending failed: {$mail->ErrorInfo}";
    }
 }
 ?>