Commit f686517f authored by Mindiell's avatar Mindiell
Browse files

Premier commit pour la reprise du site

parents
/nbproject/private/
*~
messages.pot
locales/es_ES/LC_MESSAGES/messages.mo
locales/de_DE/LC_MESSAGES/messages.mo
locales/en_US/LC_MESSAGES/messages.mo
locales/fr_FR/LC_MESSAGES/messages.mo
locales/it_IT/LC_MESSAGES/messages.mo
/.tx/
#images/logo-lqdn-2.png
static/images/logo-lqdn.png
images/ids/
images/logo-[0-9]*.png
images/banner1.png
images/banner_fr_FR.png
images/banner_en_US.png
videos/
admin/.htaccess
admin/.htpasswd
pplome.*
*.log
tmp/*
admin/tmp/*
piplomes/
CACHE/
vendor/
pdf/
/phinx.yml
/app/env
tests/_output/*
/var/log/*
!/var/log/.gitkeep
/.php_cs.cache
before_script:
- '[[ -d /srv/soutien/ ]] || mkdir -p /srv/soutien/'
- 'which git || (apt-get update -yq && apt-get install git -yqq)'
stages:
- test
- cleanup_test
- deploy
job test:
stage: test
variables:
SQL_HOST: "localhost"
SQL_PORT: "3306"
SQL_DATABASE: "test_$CI_BUILD_REF"
SQL_USER: "soutien"
SQL_PASSWORD: "soutien"
PHINX_PASSWORD: "$SQL_PASSWORD"
PHINX_USER: "$SQL_USER"
PHINX_DATABASE: "test_$CI_BUILD_REF"
PHINX_HOST: "$SQL_HOST"
PHINX_PORT: "$SQL_PORT"
SYSADMIN: "gitlab@email.com"
FDNNURL1: "https://secure.fd2n.org/fd2n/cb"
FDNNURL2: "https://secure.fdn2.org/fdn2/don"
BASE_DOMAIN: "dev.laquadrature.net"
SITE_ID: "XXXXXXXX"
CERTIFICATE: "XXXXXXXXXXXXXXXXXXXXXXXXx"
CTX_MODE: "TEST"
PIPLOME_PATH: "/var/www/site/pdf/"
PIPLOME_URL: "https://www.laquadrature.net/pdf/"
CAMPAIGN_START_DATE: "2016-11-10"
CAMPAIGN_BUDGET: "321000"
LOGS: "./"
SMTP_HOST: "smtp.example.com"
SMTP_PORT: "25"
SMTP_SECURITY: "none"
SMTP_USER: "user"
SMTP_PW: "password"
DEBUG: "0"
ENV: "test"
script:
- echo "SQL_PASSWORD=${SQL_PASSWORD}" > app/env
- echo "SQL_USER=${SQL_USER}" >> app/env
- echo "SQL_DATABASE=${SQL_DATABASE}" >> app/env
- make install
- make server-start
- make test
- make server-stop
- mysql -u $SQL_USER -p$SQL_PASSWORD -e "DROP DATABASE $SQL_DATABASE"
tags:
- preprod
cleanup test:
stage: cleanup_test
variables:
SQL_DATABASE: "test_$CI_BUILD_REF"
SQL_USER: "soutien"
SQL_PASSWORD: "soutien"
script:
- make server-stop
- mysql -u $SQL_USER -p$SQL_PASSWORD -e "DROP DATABASE $SQL_DATABASE"
when: on_failure
tags:
- preprod
job install:
stage: deploy
environment: preprod
variables:
PHINX_ENVIRONMENT: "development"
script:
- chmod a+x ci/install.sh
- ./ci/install.sh
stage: deploy
tags:
- preprod
only:
- preprod
job deploy:
stage: deploy
environment: production
variables:
PHINX_ENVIRONMENT: "production"
script:
- chmod a+x ci/install.sh
- ./ci/install.sh
stage: deploy
tags:
- prod
only:
- master
# Enable rewrite engine and route requests to framework
RewriteEngine On
# Some servers require you to specify the `RewriteBase` directive
# In such cases, it should be the path (relative to the document root)
# containing this .htaccess file
#
# RewriteBase /
# HTTPS for the people
#RewriteCond %{HTTPS} off
#RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
RewriteCond %{REQUEST_URI} \.ini$
RewriteRule \.ini$ - [R=404]
RewriteCond %{REQUEST_FILENAME} !-l
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php [L,QSA]
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
<?php
$finder = PhpCsFixer\Finder::create()
->files()
->name('*.php')
->ignoreDotFiles(true)
->ignoreVCS(true)
->in(__DIR__)
->exclude('campaigns')
->exclude('ci')
->exclude('db')
->exclude('locales')
->exclude('static')
->exclude('templates')
->exclude('tests')
->exclude('tex')
->exclude('tmp')
->exclude('vendor')
->exclude('_support')
;
return PhpCsFixer\Config::create()
->setRules([
'@PSR2' => true
])
->setUsingCache(true)
->setFinder($finder)
;
.PHONY: help doctor install reset-db translations
.DEFAULT_GOAL := help
ifeq ($(shell test -e app/env && echo -n yes),yes)
include app/env
export $(shell sed 's/=.*//' app/env)
endif
MYSQL_CONNECTION_STRING = -h$(SQL_HOST) -u$(SQL_USER)
ifdef SQL_PASSWORD
MYSQL_CONNECTION_STRING += -p$(SQL_PASSWORD)
endif
help:
@echo "\033[33mUsage:\033[0m"
@echo " make [command]"
@echo ""
@echo "\033[33mAvailable commands:\033[0m"
@grep -E '^[a-zA-Z_-]+:.*?## .*$$' Makefile | sort \
| awk 'BEGIN {FS = ":.*?## "}; {printf " \033[32m%s\033[0m___%s\n", $$1, $$2}' | column -ts___
doctor: ## Check that everything is installed to use this application
@echo "\033[1m\033[36m==> Check required dependencies\033[0m\033[21m"
@which composer >/dev/null 2>&1 && echo "\033[32mcomposer installed\033[0m" || echo "\033[31mcomposer not installed\033[0m"
@which mysql >/dev/null 2>&1 && echo "\033[32mmysql installed\033[0m" || echo "\033[31mmysql not installed\033[0m"
@echo "\033[1m\033[36m==> Check configuration\033[0m\033[21m"
@test -s ./app/env && echo "\033[32mEnvironment config OK\033[0m" || echo "\033[31mYou need to copy app/env.sample to app/env in order to configure your application.\033[0m"
@test -s ./app/config.php && echo "\033[32mConfiguration OK\033[0m" || echo "\033[31mYou need to copy app/config.php.sample to app/config.php in order to configure your application.\033[0m"
@echo "\033[1m\033[36m==> Check optional dependencies\033[0m\033[21m"
@which msgmerge >/dev/null 2>&1 && echo "\033[32mmsgmerge installed\033[0m" || echo "\033[31mmsgmerge not installed\033[0m"
@which msgfmt >/dev/null 2>&1 && echo "\033[32mmsgfmt installed\033[0m" || echo "\033[31mmsgfmt not installed\033[0m"
@which xgettext >/dev/null 2>&1 && echo "\033[32mxgettext installed\033[0m" || echo "\033[31mxgettext not installed\033[0m"
@which pdftk >/dev/null 2>&1 && echo "\033[32mpdftk installed\033[0m" || echo "\033[31mpdftk not installed\033[0m"
install: ## Install the application
@echo "\033[1m\033[36m==> Install Composer dependencies\033[0m\033[21m"
@composer -n install
reset-db: ## Install or re-install the DB
@echo "\033[1m\033[36m==> Drop database "$(SQL_DATABASE)" if it already exists\033[0m\033[21m"
mysql $(MYSQL_CONNECTION_STRING) -e "DROP DATABASE IF EXISTS $(SQL_DATABASE)"
@echo "\033[1m\033[36m==> Create database "$(SQL_DATABASE)"\033[0m\033[21m"
@mysql $(MYSQL_CONNECTION_STRING) -e "CREATE DATABASE $(SQL_DATABASE)"
@echo "\033[1m\033[36m==> Create schema\033[0m\033[21m"
@php vendor/bin/phinx migrate -c app/Resources/phinx.yml
@echo "\033[1m\033[36m==> Loading fixtures\033[0m\033[21m"
@php vendor/bin/phinx seed:run -c app/Resources/phinx.yml -s AdminSeeder -s UserSeeder -s AddressSeeder -s CounterpartSeeder -s DonationSeeder
test: test-functional test-acceptance cs-lint ## Launch tests
test-acceptance: ## Launch functional tests.
@$(MAKE) reset-db
@./vendor/bin/codecept run acceptance
test-functional: ## Launch functional tests.
@$(MAKE) reset-db
@./vendor/bin/codecept run functional
server-start: server-stop ## Launch a local server
@php -S 127.0.0.1:8000 >> ./var/log/server.log &
@echo "\033[32mServer running. (http://127.0.0.1:8000)\033[0m"
server-stop: ## Stop local server if running
@ps -aux | grep "[p]hp -S 127.0.0.1:8000" | grep -v grep | awk '{print $$2}' | xargs -r -n 1 kill
@echo "\033[32mServer stopped. (http://127.0.0.1:8000)\033[0m"
cs-fix: ## Fix CS
@vendor/bin/php-cs-fixer fix
cs-lint: ## Lint
@vendor/bin/php-cs-fixer fix --dry-run
translations: locales/fr_FR/LC_MESSAGES/messages.mo locales/en_US/LC_MESSAGES/messages.mo ## Generate translations
messages.pot: app/*.php templates/*/*.html
[ -r $@ ] || touch $@
xgettext --package-name=LQDNCampaign --package-version=2016.1 --force-po -o $@ --keyword=__ --keyword=_ --from-code=UTF-8 $^
locales/%/LC_MESSAGES/messages.po: messages.pot
msgmerge -v -U $@ $^
locales/fr_FR/LC_MESSAGES/messages.mo: locales/fr_FR/LC_MESSAGES/messages.po
msgfmt $^ -o $@
locales/en_US/LC_MESSAGES/messages.mo: locales/en_US/LC_MESSAGES/messages.po
msgfmt $^ -o $@
# LQDN soutien
## Installation
In order to install this project, run `make doctor` to check that everything is fine.
Then you can run `make install` to install the project. Follow instructions if needed.
To install the DB, you need to run `make reset-db` (it will remove your local DB if it exists).
Once everything if fine, you can run a simple PHP server with `make server-start`
You have those accounts to test:
* alice@example.org / password
* bob@example.org / password
To access to the admin (`/admin`) use `admin`/`password`
## Contributing
Before submitting a PR, makes sure tests are OK: `make test`
This diff is collapsed.
<?php
class Bank extends Controller
{
/* We want to ignore the sanitizing on this page */
public function sanitizeForms($f3)
{
return;
}
/*
Page de retour de la banque
*/
public function cb($f3, $args)
{
@include_once("config.php");
$cb_log = new Log('/cb.log');
$error="";
$result = $f3->get('POST.vads_result');
$status = $f3->get('POST.vads_trans_status');
$status_recurrence = $f3->get('POST.vads_recurrence_status');
$status_identifier = $f3->get('POST.vads_identifier_status');
$auth_result = $f3->get('POST.vads_auth_result');
$extra_result = $f3->get('POST.vads_extra_result');
$transaction_id = $f3->get('POST.vads_trans_id');
$order_id = $f3->get('POST.vads_order_id');
$version = $f3->get('POST.vads_version');
$language = $f3->get('POST.vads_language');
$currency = $f3->get('POST.vads_currency');
$amount = $f3->get('POST.vads_amount');
$sub_amount = $f3->get('POST.vads_sub_amount');
$identifier = $f3->get('POST.vads_identifier');
$certificate = $f3->get('POST.vads_payment_certificate');
$warranty_result = $f3->get('POST.vads_warranty_result');
$site_id = $f3->get('POST.vads_site_id');
$contract_used = $f3->get('POST.vads_contract_used');
$signature = $f3->get('POST.signature');
$cb_log->write('result: '.$result);
$cb_log->write('status: '.$status);
$cb_log->write('status_recurrence: '.$status_recurrence);
$cb_log->write('status_identifier: '.$status_identifier);
$cb_log->write('extra_result: '.$extra_result);
$cb_log->write('auth_result: '.$auth_result);
$cb_log->write('signature: '.$signature);
$cb_log->write('transaction_id: '.$transaction_id);
$cb_log->write('order_id: '.$order_id);
$cb_log->write('version: '.$version);
$cb_log->write('language: '.$language);
$cb_log->write('currency: '.$currency);
$cb_log->write('amount: '.$amount);
$cb_log->write('sub_amount: '.$sub_amount);
$cb_log->write('identifier: '.$identifier);
$cb_log->write('certificate: '.$certificate);
$cb_log->write('warranty_result: '.$warranty_result);
$cb_log->write('site_id: '.$site_id);
$cb_log->write('contract_used: '.$contract_used);
// Vérifications bancaires
if ($site_id!=SITE_ID) {
$error = "Bad site id: " . $site_id;
}
if ($version!="V2") {
$error = "Bad return version: " . $version;
}
if ($status!='' && $contract_used!="5201306") {
$error = "Bad contract used: " . $contract_used;
}
$vads_params = array();
foreach ($_POST as $key => $value) {
if (substr($key, 0, 4)=="vads") {
$vads_params[$key] = $value;
}
}
if (count($vads_params)>0) {
ksort($vads_params);
}
$sig = "";
foreach ($vads_params as $key => $value) {
$sig .= $value . "+";
}
$sig .= CERTIFICATE;
$cb_log->write("sig: " . $signature . " == " . sha1($sig));
if (sha1($sig)!=$signature) {
$error = "Error in signature: " . $signature . " != " . sha1($sig);
}
// Résultats des vérifications globales
if ($error!="") {
$cb_log->write($error);
echo $error;
exit(0);
}
/*
Result: obligatoire pour savoir si tout est ok
Status: optionnel
Signature: obligatoire pour vérifier qu'il s'agit bien d'un POST de la part de la banque
Transaction_id: obligatoire, correspond à l'id dans la base de données en interne
Order_id: idem que Transaction_id sans les '0' devant
Version: 'V2' obligatoirement
Language: obligatoire pour faire le bon retour, sinon en EN
Certificate: Très important en cas de souci, c'est l'identifiant côté banque
*/
$db = $f3->get('DB');
$id = intval($order_id);
$cb_log->write("Id: ".$order_id);
$res = $db->query("SELECT * FROM dons WHERE id='".$id."';");
$don = $res->fetch(PDO::FETCH_ASSOC);
if (!$don) {
$cb_log->write("Transaction id not found: ".$order_id);
exit(0);
}
if ($don['status']!='0' && $don['status']!=100) {
$cb_log->write("Maybe second call, actual status: ".$don['status']);
exit(0);
}
if ($result!="00") {
$cb_log->write("Payment failed for id: ".$order_id." with result: ".$result);
$cb_log->write("Extra result: ".$extra_result);
$cb_log->write("Auth result: ".$auth_result);
exit(0);
}
// Set the lang environnement :
$cb_log->write("System language : ".$f3->get('lang'));
$lang = $don["lang"];
$cb_log->write("User language : ".$lang);
/* Language ok, set the locale environment */
putenv("LC_MESSAGES=".$lang);
putenv("LANG=".$lang);
putenv("LANGUAGE=".$lang);
// this locale MUST be selected in "dpkg-reconfigure locales"
setlocale(LC_ALL, $lang);
textdomain("messages");
$charset="UTF-8";
bind_textdomain_codeset("messages", "$charset");
// ok, somme OK, status = completed, transaction found.
$db->query("UPDATE dons SET status=status+1 WHERE id='".$id."';");
$res = $db->query("SELECT status FROM dons WHERE id='".$id."';");
$status = $res->fetch(PDO::FETCH_ASSOC);
$status = $status['status'];
$res = $db->query("SELECT * FROM users WHERE id='".$don['user_id']."';");
$user = $res->fetch(PDO::FETCH_ASSOC);
$cb_log->write("Utilisation d'un utilisateur existant");
// Ajout du nouveau don au cumul actuel
if ($status!=101) {
$cb_log->write("Ajout de ".$don['somme']);
$db->query("UPDATE users set cumul = cumul + " . $don['somme'] . ", total = total + " . $don['somme'] . " WHERE id='".$don['user_id']."'");
}
$result = $db->query("SELECT cumul FROM users WHERE id='".$don['user_id']."'");
$cumul = $result->fetch(PDO::FETCH_ASSOC);
$cumul = $cumul['cumul'];
$cb_log->write("Nouveau cumul: ".$cumul);
$user_id = $user['id'];
// Ajout de son identifier dans la table prévue à cet effet si nécessaire
if ($identifier!='') {
$db->query("INSERT INTO identifiers (user_id, identifier) VALUES ('".$user_id."','".$identifier."');");
}
// Puis envoi du mail
if ($user["email"]) {
$mailer = new SMTP(SMTP_HOST, SMTP_PORT, SMTP_SECURITY, SMTP_USER, SMTP_PW);
$cb_log->write("Sending email for id: ".$id." at ".$user['email']);
$mailer->set('From', "contact@laquadrature.net");
$mailer->set('FromName', "La Quadrature du Net");
$mailer->set('To', $user["email"]);
$mailer->set('Subject', _("Merci de soutenir La Quadrature du Net !"));
$mailer->set('CharSet', "UTF-8");
// Préparation du texte du mail par morceaux
$text = _("
Cher·e %%NAME%%,
Toute l'équipe de La Quadrature vous remercie du fond du cœur pour votre soutien à ses actions !
Connectez-vous à votre page d'administration pour choisir vos contreparties, et nous indiquer vos coordonnées :
%%URL_ADMIN%%
Identifiant : votre adresse email
Grâce à vous et aux nombreux bénévoles qui agissent aux côtés de l'association au quotidien, La Quadrature continuera à analyser, prendre position, débattre, alerter, mobiliser, pour qu'Internet reste un espace de liberté et de partage accessible à tous. Quelle que soit sa forme, la participation de tous est indispensable si nous voulons confirmer et multiplier nos victoires citoyennes. Chacun d'entre nous peut agir au quotidien en s'informant et en diffusant les informations auprès de sa famille, de ses collègues de ses amis, sur les réseaux dits « sociaux » … Il n'y a que de cette manière que nous arriverons à agir ensemble et à nous organiser pour protéger nos droits fondamentaux, partager la culture, nous réapproprier nos données…
En vous connectant à votre page d'administration, vous pourrez télécharger les mille décimales de π que nous vous adressons symboliquement pour votre soutien, et sélectionner les autres contreparties que vous souhaitez recevoir (en fonction de vos différents dons cumulés). Si besoin, vous y trouverez également un reçu pour votre don.
Pour rester informé des actions de La Quadrature du Net et des questions des libertés individuelles sur internet, n'hésitez pas à vous abonner à sa newsletter : https://laquadrature.net/cgi-bin/mailman/listinfo/actu
Encore merci pour votre soutien,
Toute l'équipe de La Quadrature du Net
")."\n\n";
// Création de l'url d'administration
$admin_url = "https://support.laquadrature.net/perso";
foreach ($f3->get('languages') as $key => $language) {
if ($lang==$language[1]) {
$admin_url = "https://".$language[0].$f3->get('dev').".laquadrature.net/perso";
}
}
// Remplacement des variables par leurs valeurs
$fields = array(
"NAME"=>$user["pseudo"],
"SOMME"=>$don['somme'],
"CUMUL"=>$cumul,
"URL_ADMIN" => $admin_url
);
foreach ($fields as $k=>$v) {
$text = str_replace("%%".$k."%%", $v, $text);
}
$sent = $mailer->send($text);
if ($sent) {
$cb_log->write("Send Mail OK");
} else {
$cb_log->write("Send Mail ERROR:" . $sent->log());
}
} else {
$cb_log->write("Pas d'adresse mail");
}
echo "TOUT OK";
}
};
<?php
class Campaign extends Controller
{
/*
Page principale du site
*/
public function beforeRoute($f3, $args)
{
parent::beforeRoute($f3, $args);
// Valeur par défaut du bloc de contenu
$f3->set('block_content', 'campaign/empty.html');
// Get the database
$f3->set('SESSION.errors', []);
}
public function afterRoute($f3, $args)
{
parent::afterRoute($f3, $args);
// Rendu HTML de la page
echo Template::instance()->render('campaign/base.html');
}
public static function show($f3, $args)
{
// Let's do some math first
// So, get the $db
$db = $f3->get('DB');
// Number of month left for a one-year provisionning since CAMPAIGN_START_DATE
$now = new DateTime('now');
$start = new DateTime(CAMPAIGN_START_DATE);
if ($start > $now) {
$months = 0;
} else {
$months = $now->diff($start)->m;
}
$total_confirmed = 0;
$total_provisional = 0;
// So now, let's get the amount of confirmed dons, which are all the 1, 4, 101 and 102
// statuses since CAMPAIGN_START_DATE
$result = $db->query("SELECT SUM(somme)
AS total_confirmed
FROM dons
WHERE status IN (1, 4, 102)
AND datec > '".CAMPAIGN_START_DATE."'"
);
$total_confirmed = intval($result->fetchColumn());
$f3->set('total_confirmed', $total_confirmed);
// Now, provisional. All reccuring pledge who have a datec in the last month (still active)
// multiplied by the number of remaining month
$result = $db->query("SELECT
SUM(a.somme) AS total_provisional
FROM (SELECT sum(somme) as somme
FROM dons
WHERE datec >= (CURRENT_DATE() - INTERVAL 1 MONTH)
AND status IN (101, 102)
GROUP BY identifier
) a");
// How many month till the end of the year. Also, only 80% of them
$total_provisional = intval($result->fetchColumn()) * (12 - $months);
$f3->set('total_provisional', $total_provisional);
// Now, let's calculate the percentage of each of them
$campaign_goal = CAMPAIGN_BUDGET;
$percent_confirmed = number_format($total_confirmed * 100 / $campaign_goal);
$f3->set('percent_confirmed', $percent_confirmed);
$percent_provisional = number_format($total_provisional * 100 / $campaign_goal);
$f3->set('percent_provisional', $percent_provisional);
$f3->set('block_content', 'campaign/home.html');
}
// Page d'attente
public function wait($f3)
{
echo Template::instance()->render('campaign/wait.html');
exit;
}
// Que fait la Quadrature ?
public function what($f3)
{
$f3->set('block_content', 'campaign/what.html');
}
// Comment fonctionne la Quadrature ?
public function who($f3)
{
$f3->set('block_content', 'campaign/who.html');
}
// À quoi servent les dons ?
public function why($f3)
{
$f3->set('block_content', 'campaign/why.html');
}
// FAQ donateurs
public function faq($f3)
{
$f3->set('block_content', 'campaign/faq.html');
}
// Matériel de campagne
public function material($f3)
{