jamesp/ppr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Email send tidy and webook refactor

Browse Source
This commit is contained in:
James Pattinson
2025-03-13 17:41:08 +00:00
parent 1e63adf9d5
commit c7eddb5465
4 changed files with 274 additions and 179 deletions
Download Patch File Download Diff File Expand all files Collapse all files

145
functions.php
View File

@@ -17,6 +17,9 @@ $mailFromName = 'Swansea Airport';
$baseUrl = "https://ppr.swansea-airport.wales/dev";
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
function getUserIP() {
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
return $_SERVER['HTTP_CLIENT_IP'];
@@ -29,60 +32,60 @@ function getUserIP() {
function connectDb() {
// Create connection
$conn = new mysqli( $GLOBALS['host'], $GLOBALS['username'], $GLOBALS['password'], $GLOBALS['database']);
// Create connection
$conn = new mysqli( $GLOBALS['host'], $GLOBALS['username'], $GLOBALS['password'], $GLOBALS['database']);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
return $conn;
return $conn;
}
function logJournal($conn, $id, $message) {
if (isset($_SERVER['PHP_AUTH_USER'])) {
$user = $_SERVER['PHP_AUTH_USER'];
} else {
$user = "None";
}
if (isset($_SERVER['PHP_AUTH_USER'])) {
$user = $_SERVER['PHP_AUTH_USER'];
} else {
$user = "None";
}
$stmt = $conn->prepare("INSERT INTO journal (ppr_id, entry, user, ip) VALUES (?, ?, ?, ?)");
$ip = getUserIP();
$stmt->bind_param("isss", $id, $message, $user, $ip);
$stmt->execute();
$stmt->close();
$stmt = $conn->prepare("INSERT INTO journal (ppr_id, entry, user, ip) VALUES (?, ?, ?, ?)");
$ip = getUserIP();
$stmt->bind_param("isss", $id, $message, $user, $ip);
$stmt->execute();
$stmt->close();
}
function require_db_auth() {
if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
send_auth_headers();
}
if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
send_auth_headers();
}
$user = $_SERVER['PHP_AUTH_USER'];
$pass = $_SERVER['PHP_AUTH_PW'];
$user = $_SERVER['PHP_AUTH_USER'];
$pass = $_SERVER['PHP_AUTH_PW'];
$conn = connectDb();
$conn = connectDb();
$stmt = $conn->prepare("SELECT password FROM users WHERE username = ?");
$stmt->bind_param("s", $user);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($stored_hash);
$stmt->fetch();
$stmt = $conn->prepare("SELECT password FROM users WHERE username = ?");
$stmt->bind_param("s", $user);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($stored_hash);
$stmt->fetch();
// Verify the password
if ($stmt->num_rows == 0 || !password_verify($pass, $stored_hash)) {
send_auth_headers();
}
// Verify the password
if ($stmt->num_rows == 0 || !password_verify($pass, $stored_hash)) {
send_auth_headers();
}
// Close the connection
$stmt->close();
$conn->close();
// Close the connection
$stmt->close();
$conn->close();
}
@@ -93,21 +96,21 @@ function send_auth_headers() {
}
function require_auth() {
$AUTH_USER = 'admin';
$AUTH_PASS = 'admin';
header('Cache-Control: no-cache, must-revalidate, max-age=0');
$has_supplied_credentials = !(empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['PHP_AUTH_PW']));
$is_not_authenticated = (
!$has_supplied_credentials ||
$_SERVER['PHP_AUTH_USER'] != $AUTH_USER ||
$_SERVER['PHP_AUTH_PW'] != $AUTH_PASS
);
if ($is_not_authenticated) {
header('HTTP/1.1 401 Authorization Required');
header('WWW-Authenticate: Basic realm="PPR"');
$AUTH_USER = 'admin';
$AUTH_PASS = 'admin';
header('Cache-Control: no-cache, must-revalidate, max-age=0');
$has_supplied_credentials = !(empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['PHP_AUTH_PW']));
$is_not_authenticated = (
!$has_supplied_credentials ||
$_SERVER['PHP_AUTH_USER'] != $AUTH_USER ||
$_SERVER['PHP_AUTH_PW'] != $AUTH_PASS
);
if ($is_not_authenticated) {
header('HTTP/1.1 401 Authorization Required');
header('WWW-Authenticate: Basic realm="PPR"');
echo 'Text to send if user hits Cancel button';
exit;
}
exit;
}
}
function generateSecureToken($email, $entryId) {
@@ -118,7 +121,6 @@ function generateSecureToken($email, $entryId) {
return base64_encode("$data|$hash");
}
function validateSecureToken($token) {
$secretKey = "your-very-secret-key";
$decoded = base64_decode($token);
@@ -143,3 +145,44 @@ function validateSecureToken($token) {
return ['email' => $email, 'entryId' => $entryId];
}
function generatePprEmail($entryId, $email, $ac_reg) {
global $conn, $mailHost, $mailSMTPAuth, $mailUsername, $mailPassword, $mailPort, $baseUrl, $mailFromAddress, $mailFromName;
if (!class_exists('PHPMailer\PHPMailer\PHPMailer')) {
require '../vendor/autoload.php';
}
$token = generateSecureToken($email, $entryId);
$secureLink = $baseUrl . "/pilotppr.php?op=view&token=" . urlencode($token);
$mail = new PHPMailer(true);
try {
$mail->isSMTP();
$mail->Host = $mailHost;
$mail->SMTPAuth = $mailSMTPAuth;
$mail->Username = $mailUsername;
$mail->Password = $mailPassword;
$mail->SMTPSecure = PHPMailer::ENCRYPTION_SMTPS;
$mail->Port = $mailPort;
$mail->setFrom($mailFromAddress, $mailFromName);
$mail->addAddress($email);
$mail->isHTML(true);
$mail->Subject = "PPR Confirmation for " . $ac_reg;
$mail->Body = "
<p>This is to confirm we have received your PPR. To view or cancel your PPR please click the button:</p>
<a href='$secureLink' style='display: inline-block; padding: 10px 20px; color: white; background-color: #007bff; text-decoration: none; border-radius: 5px;'>View PPR</a>
";
$mail->send();
echo "Email sent successfully!";
logJournal($conn, $entryId, "Confirm email sent");
} catch (Exception $e) {
echo "Email sending failed: {$mail->ErrorInfo}";
logJournal($conn, $entryId, "Confirm email FAILED");
}
}
?>