-
Notifications
You must be signed in to change notification settings - Fork 0
/
booking.php
143 lines (128 loc) · 5.85 KB
/
booking.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
<?php
// SPDX-FileCopyrightText: 2021 Weymeirsch und Langer GbR
//
// SPDX-License-Identifier: AGPL-3.0-only
// read input
$name=$_POST['name'];
$date=$_POST['date'];
$time=$_POST['time'];
$recev=$_POST['recev'];
$rectype=$_POST['rectype'];
$rand=$_POST['rand'];
// Load required configs
list($pwd) = preg_replace('/\/[^\/]+$/', "/", get_included_files());
$conf_path = $pwd . "conf/common.php";
include($conf_path);
// detect language
$lang_path = $pwd . "lib/language.php";
include($lang_path);
$lang=detect_language();
// Load i18n strings
$i18n_path = $pwd . "conf/i18n.php";
include($i18n_path);
// process input
$name = preg_replace('/[^A-Za-z0-9\ \-\_\.]/', "", $name); // clean up name
$date = preg_replace('/[^0-9\.\-]/', "", $date); // clean up date
$time = preg_replace('/[^0-9APM\.\:]/', "", $time); // clean up time
$recev = preg_replace('/[^0-9]/', "", $recev); // clean up recurring
$rectype = preg_replace('/[^a-z0-9]/', "", $rectype); // clean up recurring
$rand = preg_replace('/[^0-9]/', "", $rand); // clean up random number
$tsta = strtotime("" . $date . " " . $time . "");
$ctim = time();
$recurring = $inrec0;
if ($recev > 0) {
if ($rectype == "1daily") {
$recurring = $inrec1 . ", " . $recev . "x";
} elseif ($rectype == "1weekly") {
$recurring = $inrec2 . ", " . $recev . "x";
} elseif ($rectype == "2weekly") {
$recurring = $inrec3 . ", " . $recev . "x";
} elseif ($rectype == "4weekly") {
$recurring = $inrec4 . ", " . $recev . "x";
} elseif ($rectype == "1monthly") {
$recurring = $inrec5 . ", " . $recev . "x";
}
}
// create hashes
$string = $name . $tsta . $rand;
$fhash = md5($string);
$ihash = hexdec( substr($fhash, 0, 15) ); // first 16 are invite hash
$ahash = hexdec( substr($fhash, 15, 15) ); // last 16 are admin hash
$rhash = hexdec( substr(sha1($string), 0, 15) ); // room ID
// prepare output
$inv = "https://" . $idomain . "/inv.php?id=" . $ihash . "";
$adm = "https://" . $idomain . "/admin.php?id=" . $ihash . "&admin=" . $ahash . "";
$cal = "https://" . $idomain . "/cal.php?name=" . rawurlencode($name) . "&time=" . $tsta . "&id=" . $ihash . "";
if ($recev > 0) {
$cal = "" . $cal . "&rec=" . $recev . "&rtype=" . $rectype . "";
}
// connect to database
$sqlcon = new mysqli($sqlhost, $sqluser, $sqlpass, $sqlname);
if ($sqlcon->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// write to database (invite-id, admin-id, room-id, date, time)
$sqlque = "INSERT INTO " . $sqltabl . " (iid, aid, rid, time, recev, rectype)
VALUES (" . $ihash . "," . $ahash . "," . $rhash . "," . $tsta . ","
. $recev . ",'" . $rectype . "')";
// return HTML if creation was successful
if ($sqlcon->query($sqlque) === TRUE) {
// Load HTML functions
$html_path = $pwd . "lib/html.php";
include($html_path);
// Create HTML Content
$html_content="<h1>" . $headl . "</h2>
<div class='justify-content-center'>
<table>
<tr>
<td class='th'><strong>" . $list1 . "</strong></td>
<td>" . $name . "</td>
</tr>
<tr>
<td class='th'><strong>" . $list2 . "</strong></td>
<td>" . $date . " (". $recurring . ")</td>
</tr>
<tr>
<td class='th'><strong>" . $list3 . "</strong></td>
<td>" . $time . "</td>
</tr>
<tr>
<td class='th'><strong>" . $list4 . "</strong></td>
<td><a href='" . $inv . "' target='_blank' class='highlight'>" . $ihash . "</a></td>
</tr>
<tr>
<td class='th'><strong>" . $list5 . "</strong></td>
<td><a href='" . $cal . "' class='highlight'>Download .ics</a></td>
</tr>
<tr>
<td class='th'><strong>" . $list6 . "</strong></td>
<td><a href=" . $adm . " target='_blank' class='highlight'>Admin-URL</a></td>
<tr>
</table>
<textarea style='display:none;' id='copythis'>" . $invtx . "\n"
. $list1 . " " . $name . "\n"
. $list2 . " " . $date . " (" . $recurring . ")\n"
. $list3 . " " . $time . "\n"
. $list4 . " " . $inv . "\n"
. $list5 . " " . $cal . "\n</textarea><br>
<input id='copyconfinfo' class='button' type='submit' value='" . $cpbtnpre . "' onclick='PrintCopied();'>
<a href='mailto:?subject=" . rawurlencode($invtx) . "&body=" . rawurlencode($list1) . "" . rawurlencode($name) . "%0D%0A" . rawurlencode($list2) . "" . rawurlencode($date) . "%20%28" . $recurring . "%29%0D%0A" . rawurlencode($list3) . "" . rawurlencode($time) . "%0D%0A" . rawurlencode($list4) . "" . rawurlencode($inv) . "%0D%0A" . rawurlencode($list5) . "" . rawurlencode($cal) . "'>
<input class='button' type='submit' value='" . $mailbtn . "'>
</a>
<!-- Load copy function -->
<script src='/static/js/copy.js'></script>
<!-- Add Event Listener for copy button -->
<script>document.querySelector('#copyconfinfo').addEventListener('click', CopyToClipboard);</script>
<!-- Change button value on click -->
<script>function PrintCopied() { const btn = document.querySelector('#copyconfinfo');btn.value = '" . $cpbtnpost . "'; }</script>
<!-- Add NoScript warning -->
<noscript>" . $nojs . "</noscript>
</div>";
build_html($html_content, $book_title, $book_desc);
// return error otherwhise
} else {
echo "Error: " . $sqlque . "<br>" . $sqlcon->error;
}
// Close database connection
$sqlcon->close();
?>