Source files of fsfe.org, pdfreaders.org, freeyourandroid.org, ilovefs.org, drm.info, and test.fsfe.org. Contribute: https://fsfe.org/contribute/web/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

promotion.php 8.5KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237
  1. <?php
  2. function eval_xml_template($template, $data) {
  3. $dir = dirname(__FILE__) . '/../templates';
  4. $result = file_get_contents("$dir/$template");
  5. foreach ($data as $key => $value)
  6. $result = preg_replace("/<tpl name=\"$key\"><\/tpl>/", $value, $result);
  7. $result = preg_replace("/<tpl name=\"[^\"]*\"><\/tpl>/", '', $result);
  8. return $result;
  9. }
  10. function gen_alnum($digits){
  11. $alphabet = '0123456789abcdefghijklmnopqrstuvwxyz';
  12. $ret = '';
  13. for ($digits; $digits > 0; $digits--) {
  14. $ret .= substr($alphabet, rand(0,35), 1);
  15. }
  16. return $ret;
  17. }
  18. function relay_donation($orderID) {
  19. $name = $_POST['name'];
  20. $email = $_POST['mail'];
  21. $amount100 = $_POST['donate'] * 100;
  22. $language = $_POST['language'];
  23. $lang = substr($language, 0, 2);
  24. $PSPID = "40F00871";
  25. $TP = "https://fsfe.org/donate/tmpl-concardis.$lang.html";
  26. $acceptURL = "https://fsfe.org/donate/thankyou.$lang.html";
  27. $cancelURL = "https://fsfe.org/donate/cancel.$lang.html";
  28. $salt = "Only4TestingPurposes";
  29. $shasum = strtoupper(sha1(
  30. "ACCEPTURL=$acceptURL$salt".
  31. "AMOUNT=$amount100$salt".
  32. "CANCELURL=$cancelURL$salt".
  33. //"CN=$name$salt".
  34. //"COM=Donation$salt".
  35. "CURRENCY=EUR$salt".
  36. "EMAIL=$email$salt".
  37. "LANGUAGE=$language$salt".
  38. "ORDERID=$orderID$salt".
  39. "PMLISTTYPE=2$salt".
  40. "PSPID=$PSPID$salt".
  41. "TP=$TP$salt"
  42. ));
  43. echo eval_xml_template('concardis_relay.en.html', array(
  44. 'PSPID' => '<input type="hidden" name="PSPID" value="'.$PSPID.'">',
  45. 'orderID' => '<input type="hidden" name="orderID" value="'.$orderID.'">',
  46. 'amount' => '<input type="hidden" name="amount" value="'.$amount100.'">',
  47. //'currency' => '<input type="hidden" name="currency" value="EUR">',
  48. 'language' => '<input type="hidden" name="language" value="'.$language.'">',
  49. //'CN' => '<input type="hidden" name="CN" value="'.$name.'">',
  50. 'EMAIL' => '<input type="hidden" name="EMAIL" value="'.$email.'">',
  51. 'TP' => '<input type="hidden" name="TP" value="'.$TP.'">',
  52. //'PMListType' => '<input type="hidden" name="PMListType" value="2">',
  53. 'accepturl' => '<input type="hidden" name="accepturl" value="'.$acceptURL.'">',
  54. 'cancelurl' => '<input type="hidden" name="cancelurl" value="'.$cancelURL.'">',
  55. 'SHASign' => '<input type="hidden" name="SHASign" value="'.$shasum.'">'
  56. ));
  57. }
  58. function send_mail ( $to, $from, $subject, $msg, $bcc = NULL, $att = NULL, $att_type = NULL, $att_name = NULL ) {
  59. global $countrycode; // take variable from below where we split the POST string
  60. $headers = "From: $from\n";
  61. if ( isset( $bcc )) { $headers .= "Bcc: $bcc" . "\n"; }
  62. $headers .= "X-OTRS-Queue: Shipping::Promo Material Orders\n";
  63. if ( isset( $_POST["donationID"])) {
  64. $headers .= "X-OTRS-DynamicField-OrderID: " . $_POST["donationID"] . "\n";
  65. $headers .= "X-OTRS-DynamicField-OrderAmount: " . $_POST["donate"] . "\n";
  66. }
  67. $headers .= "X-OTRS-DynamicField-OrderLanguage: " . $_POST["language"] . "\n";
  68. $headers .= "X-OTRS-DynamicField-OrderState: order\n";
  69. $headers .= "X-OTRS-DynamicField-PromoMaterialCountry: " . $countrycode . "\n";
  70. $headers .= "X-OTRS-DynamicField-PromoMaterialLanguages: " . implode(',', $_POST['languages']) . "\n";
  71. if ( $att ) {
  72. $separator = md5( time());
  73. $att_f = chunk_split( base64_encode( $att ));
  74. $headers .= "MIME-Version: 1.0\n";
  75. $headers .= "Content-Type: multipart/mixed; boundary=\"".$separator."\"\n";
  76. $headers .= "Content-Transfer-Encoding: 7bit";
  77. // message
  78. $message = "This is a MIME encoded message.\n\n";
  79. // text
  80. $message .= "--".$separator."\n";
  81. $message .= "Content-Type: text/plain; charset=\"UTF-8\"\n";
  82. $message .= "Content-Transfer-Encoding: 8bit\n\n";
  83. $message .= $msg."\n";
  84. // attachment
  85. $message .= "--".$separator."\n";
  86. $message .= "Content-Type: $att_type; name=\"$att_name\"\n";
  87. $message .= "Content-Transfer-Encoding: base64\n";
  88. $message .= "Content-Disposition: attachment\n\n";
  89. $message .= $att_f."\n";
  90. // end of message
  91. $message .= "--".$separator."--";
  92. } else {
  93. $headers .= "Content-Type: text/plain; charset=UTF-8\n";
  94. $headers .= "Content-Transfer-Encoding: 8bit";
  95. $message = $msg;
  96. }
  97. return mail( $to, $subject, $message, $headers );
  98. }
  99. # send information to mail-signup.php if user wished to sign up to community mails or newsletter
  100. function mail_signup($data) {
  101. $url = $_SERVER['REQUEST_SCHEME']. '://' . $_SERVER['HTTP_HOST'] . '/cgi-bin/mail-signup.php';
  102. $context = stream_context_create(
  103. array(
  104. 'http' => array(
  105. 'method' => 'POST',
  106. 'header' => 'Content-type: application/x-www-form-urlencoded',
  107. 'content' => http_build_query($data),
  108. 'timeout' => 10
  109. )
  110. )
  111. );
  112. file_get_contents($url, FALSE, $context);
  113. }
  114. $lang = $_POST['language'];
  115. # Sanity checks (*very* sloppy input validation)
  116. if (empty($_POST['lastname']) ||
  117. empty($_POST['mail']) ||
  118. empty($_POST['street']) ||
  119. empty($_POST['zip']) ||
  120. empty($_POST['city']) ||
  121. empty($_POST['country']) ||
  122. empty($_POST['packagetype']) ||
  123. !empty($_POST['address']) ) {
  124. header("Location: http://fsfe.org/contribute/spreadtheword-ordererror.$lang.html");
  125. exit();
  126. }
  127. # Without this, escapeshellarg() will eat non-ASCII characters.
  128. setlocale(LC_CTYPE, "en_US.UTF-8");
  129. # $_POST["country"] has values like "DE|Germany", so split this string
  130. $countrycode = explode('|', $_POST["country"])[0];
  131. $countryname = explode('|', $_POST["country"])[1];
  132. if ($_POST['packagetype'] == 'default') {
  133. $subject = "Standard promotion material order";
  134. } else {
  135. $subject = "Custom promotion material order";
  136. }
  137. $msg = "Please send me promotional material:\n".
  138. "First Name: {$_POST['firstname']}\n".
  139. "Last Name: {$_POST['lastname']}\n".
  140. "EMail: {$_POST['mail']}\n".
  141. "\n".
  142. "Address:\n".
  143. "{$_POST['firstname']} " . "{$_POST['lastname']}\n";
  144. if (!empty($_POST['org'])) {
  145. $msg .= "{$_POST['org']}\n";
  146. }
  147. $msg .= "{$_POST['street']}\n".
  148. "{$_POST['zip']} "."{$_POST['city']}\n".
  149. "{$countryname}\n".
  150. "\n".
  151. "Specifics of the Order:\n";
  152. # Default or custom package?
  153. if ($_POST['packagetype'] == 'default') {
  154. $msg .= "Default package: Something from everything listed here, depending on size, language selection and availability.\n";
  155. } else {
  156. $msg .= "Custom package:\n".
  157. "{$_POST['specifics']}\n";
  158. }
  159. $languages = implode(',',$_POST['languages']);
  160. $msg .= "\n".
  161. "Preferred language(s) (if available):\n".
  162. "{$languages}\n".
  163. "\n".
  164. "The material is going to be used for:\n".
  165. "{$_POST['usage']}\n".
  166. "\n".
  167. "Comments:\n".
  168. "{$_POST['comment']}\n";
  169. if (isset($_POST['donate']) && ($_POST['donate'] > 0)) {
  170. $_POST['donationID'] = "DAFSPCK".gen_alnum(5);
  171. $msg .= "\n\nThe orderer choose to make a Donation of {$_POST['donate']} Euro.\n".
  172. "Please do not assume that this donation has been made until you receive\n".
  173. "confirmation from Concardis for the order: {$_POST['donationID']}";
  174. }
  175. # Generate letter to be sent along with the material
  176. $odtfill = $_SERVER["DOCUMENT_ROOT"] . "/cgi-bin/odtfill";
  177. $template = $_SERVER["DOCUMENT_ROOT"] . "/templates/promotionorder.odt";
  178. $outfile = "/tmp/promotionorder.odt";
  179. $name = $_POST['firstname'] . " " . $_POST['lastname'];
  180. $address = "";
  181. if (!empty($_POST['org'])) {
  182. $address .= $_POST['org'] . "\\n";
  183. }
  184. $address .= $_POST['street'] . "\\n" .
  185. $_POST['zip'] . " " . $_POST['city'] . "\\n" .
  186. $countryname;
  187. $name = escapeshellarg($name);
  188. $address = escapeshellarg($address);
  189. shell_exec("$odtfill $template $outfile Name=$name Address=$address Name=$name");
  190. # Make subscriptions to newsletter/community mails
  191. if ($_POST['subcd'] == "y") {
  192. $signupdata = array(
  193. 'list' => 'community',
  194. 'name' => $_POST['firstname'] . " " . $_POST['lastname'],
  195. 'mail' => $_POST['mail'],
  196. 'address' => $_POST['street'],
  197. 'zip' => $_POST['zip'],
  198. 'city' => $_POST['city'],
  199. 'country' => $countrycode
  200. );
  201. mail_signup($signupdata);
  202. }
  203. $test = send_mail ("contact@fsfe.org", $_POST['firstname'] . " " . $_POST['lastname'] . " <" . $_POST['mail'] . ">", $subject, $msg, NULL, file_get_contents($outfile), "application/vnd.oasis.opendocument.text", "letter.odt");
  204. if (isset($_POST['donate']) && ($_POST['donate'] > 0)) {
  205. relay_donation($_POST['donationID']);
  206. } else {
  207. header("Location: http://fsfe.org/contribute/spreadtheword-orderthanks.$lang.html");
  208. }
  209. ?>