2021-12-30 12:05:56 +01:00
package Mod::Indexsharee ;
#
# SPDX-License-Identifier: AGPL-3.0-or-later
# Copyright (c) Rainer Gümpelein, TeilRad GmbH
#
#
use strict ;
use warnings ;
use POSIX ;
use CGI::Cookie ( ) ;
use CGI ':standard' ;
use DateTime ;
use DateTime::Format::Pg ;
use DBI ;
use Apache2::RequestUtil ( ) ;
use Apache2::RequestIO ( ) ;
use Apache2::Const - compile = > qw( OK ) ;
2022-03-17 20:28:28 +01:00
use Scalar::Util qw( looks_like_number ) ;
2021-12-30 12:05:56 +01:00
use Lib::Config ;
use Mod::Buttons ;
use Mod::Prelogic ;
use Lib::Mlogic ;
use Mod::Basework ;
use Mod::DBtank ;
use Mod::Libenzdb ;
use Mod::APIfunc ;
use Mod::Shareework ;
use Mod::Prelib ;
use Mod::Payment ;
use Mod::Modalbox ;
use Mod::Modalbox3 ;
use Data::Dumper ;
sub handler {
my $ re = shift ;
my $ q = new CGI ( ) ;
$ q - > import_names ( 'R' ) ;
my $ cf = new Config ;
my $ ml = new Mlogic ;
my $ bw = new Basework ;
my $ pre = new Prelogic ;
my $ tk = new Shareework ;
my $ dbt = new DBtank ;
my $ db = new Libenzdb ;
my $ apif = new APIfunc ;
my $ but = new Buttons ;
my $ pl = new Prelib ;
my $ payone = new Payment ;
my % varenv = $ cf - > envonline ( ) ;
my $ netloc = $ q - > url ( - base = > 1 ) ;
my $ dbh = "" ;
my $ script = $ q - > script_name ( ) ;
2023-07-20 07:14:28 +02:00
my $ referer = $ q - > referer ( ) ;
2021-12-30 12:05:56 +01:00
my $ path = $ q - > path_info ( ) ;
$ path = "$script" . "$path" ;
2023-06-21 20:21:58 +02:00
$ path =~ s/\.html// ;
2021-12-30 12:05:56 +01:00
my $ refer = $ ENV { HTTP_REFERER } ;
my $ now_dt = strftime "%Y-%m-%d %H:%M:%S" , localtime ;
my $ return = "" ;
my $ returnwww = "" ;
my $ html_charset = "utf-8" ;
my $ user_agent = $ q - > user_agent ( ) ;
2023-06-21 20:21:58 +02:00
2023-10-09 07:40:13 +02:00
my $ debug = 1 ;
2023-06-21 20:21:58 +02:00
my $ lang = "en" ;
$ lang = $ 1 if ( $ q - > http ( 'Accept-Language' ) =~ /^(\w+)/ ) ;
2023-08-09 20:45:44 +02:00
$ lang = lc ( $ lang ) if ( $ lang ) ;
2021-12-30 12:05:56 +01:00
2023-01-17 20:43:36 +01:00
my $ feedb = {
c_id = > "" ,
message = > "" ,
i_rows = > 0 ,
u_rows = > 0 ,
d_rows = > 0 ,
} ;
2023-03-30 17:45:12 +02:00
2021-12-30 12:05:56 +01:00
#$mode is used to set GUI features like "maintainer" contextmenue
my $ modes = $ dbt - > { shareedms_conf } - > { modes } ;
my $ mode = "" ;
if ( $ R:: mode && length ( $ R:: mode ) >= 5 && $ R:: mode =~ /($modes)/ ) {
$ mode = "$R::mode" ;
} elsif ( $ path && $ path =~ /\/($modes)$/ ) {
$ mode = $ 1 ;
} elsif ( $ path && $ path =~ /\/($modes)\?\w/ ) {
$ mode = $ 1 ;
}
2022-01-02 14:57:19 +01:00
#main datadir is main config directive like "shareeapp-kn" and catched by syshost name
if ( $ netloc =~ /:\/\/(sharee\w+-\w+)\.copri/ ) {
#$bw->log("Indexsharee merchant select by netloc:",$netloc,"");
2022-01-12 09:27:23 +01:00
$ varenv { syshost } = $ 1 if ( - d "/var/www/copri-bike/$1" ) ;
2022-01-02 14:57:19 +01:00
$ mode = "manager" if ( $ varenv { syshost } =~ /shareedms-/ && ! $ mode ) ;
2022-05-06 11:06:06 +02:00
} elsif ( $ netloc =~ /lastenradbayern\.net/ ) {
$ varenv { syshost } = "shareeweb-bayern" ;
2021-12-30 12:05:56 +01:00
}
2022-05-09 12:45:01 +02:00
exit 0 if ( ! $ varenv { syshost } ) ;
2022-01-02 14:57:19 +01:00
2021-12-30 12:05:56 +01:00
if ( $ varenv { orga } ne "dms" && $ path =~ /DMS|Waren|Kunden\/|Einstellung|journal|Faktur/i ) {
print redirect ( "$varenv{wwwhost}" ) ;
exit 0 ;
}
my $ dyn_js = "" ;
my $ users_dms = { } ;
my $ users_sharee = { } ;
my $ api_return = { } ;
print $ q - > header ( - charset = > "$html_charset" ) ;
my $ coo = $ q - > cookie ( 'domcookie' ) || $ R:: sessionid || "" ;
#Prio sessionid if also domcookie is set ... and s.u.
if ( $ R:: sessionid && $ R:: sessionid ne $ q - > cookie ( 'domcookie' ) ) {
$ coo = $ q - > param ( 'sessionid' ) ;
my $ cookie = CGI::Cookie - > new ( - name = > 'domcookie' , - value = > $ coo ) ;
print $ q - > header ( - charset = > "$html_charset" , - cookie = > $ cookie ) ;
}
2023-04-27 15:09:16 +02:00
my $ aowner = "" ;
my $ return_merchant = {
merchant_id = > "" ,
project_id = > "" ,
} ;
( $ aowner , $ return_merchant ) = $ apif - > fetch_merchant ( $ q , \ % varenv , $ coo , $ R:: merchant_id ) ;
2022-01-05 11:08:12 +01:00
$ varenv { merchant_id } = $ return_merchant - > { merchant_id } ;
2023-04-27 15:09:16 +02:00
$ varenv { project_id } = $ return_merchant - > { project_id } ;
$ bw - > log ( "Indexsharee merchant select used with merchant_id $varenv{merchant_id}, project_id $varenv{project_id}, access_owner $aowner" , $ varenv { merchant_id } , "" ) ;
2021-12-30 12:05:56 +01:00
2022-01-04 11:49:13 +01:00
( $ api_return , $ users_sharee ) = $ apif - > auth_verify ( $ q , $ coo , "" ) ;
2021-12-30 12:05:56 +01:00
#login-screen should only be available if auth_verify fails
if ( $ R:: login_sharee || $ R:: login_dms ) {
#1. logout
$ apif - > authout ( $ q , $ coo ) ;
my $ hw_id = unpack ( 'H*' , pack ( 'Nc' , time , $$ % 0xff ) ) ; #old $co
#3. authorize
2023-10-09 07:40:13 +02:00
my $ author = { authcookie = > "" } ;
$ author = $ apif - > authorization ( $ q , $ varenv { merchant_id } , $ hw_id , $ lang , $ aowner ) ; #$co like browser hw_id
2021-12-30 12:05:56 +01:00
#4. verify and get user values
2022-11-22 18:10:06 +01:00
( $ api_return , $ users_sharee ) = $ apif - > auth_verify ( $ q , $ author - > { authcookie } , "" ) ;
2023-10-09 07:40:13 +02:00
#print "$author->{authcookie},$users_sharee->{c_id}"; exit;
2021-12-30 12:05:56 +01:00
#5. domcookie by authcookie substr (cut first 15 chars), AND also sessionid
if ( $ author - > { authcookie } && length ( $ author - > { authcookie } ) > 30 ) {
# take last 21 chars
$ coo = substr $ author - > { authcookie } , 15 ;
my $ cookie = CGI::Cookie - > new ( - name = > 'domcookie' , - value = > $ coo ) ;
print $ q - > header ( - charset = > "$html_charset" , - cookie = > $ cookie ) ;
#DMS login
if ( $ users_sharee - > { c_id } && $ varenv { orga } eq "dms" && $ R:: login_dms eq "Login" && $ coo && length ( $ coo ) > 20 ) {
$ users_dms = $ dbt - > select_users ( $ dbh , $ users_sharee - > { c_id } ) ;
my $ update_users = {
table = > "users" ,
owner = > $ aowner ,
u_id = > $ users_dms - > { u_id }
} ;
$ dbt - > update_one ( $ dbh , $ update_users , "cookie='$coo'" ) if ( $ users_dms - > { u_id } ) ;
2022-05-13 10:38:03 +02:00
print redirect ( "$varenv{wwwhost}" ) ;
2021-12-30 12:05:56 +01:00
exit 0 ;
}
}
}
my $ session = "" ;
my $ session_and = "" ;
if ( length ( $ coo ) > 20 && ! $ q - > cookie ( - name = > 'domcookie' ) ) {
2023-10-09 07:40:13 +02:00
#if(length($coo) > 20){#breaks login
2021-12-30 12:05:56 +01:00
$ session = "?sessionid=$coo" ;
$ session_and = "&sessionid=$coo" ;
2023-10-09 07:40:13 +02:00
$ bw - > log ( "Indexsharee authcookie userid=$users_sharee->{c_id} by using sessionid=$coo with merchant_id $varenv{merchant_id}, project_id $varenv{project_id}, referer=$referer, path=$path, access_owner $aowner" , $ varenv { merchant_id } , "" ) ;
} else {
$ bw - > log ( "Indexsharee authcookie userid=$users_sharee->{c_id} by using cookie=$coo with merchant_id $varenv{merchant_id}, project_id $varenv{project_id}, referer=$referer, path=$path, access_owner $aowner" , $ varenv { merchant_id } , "" ) ;
2021-12-30 12:05:56 +01:00
}
#DMS
if ( $ users_sharee - > { c_id } && $ varenv { orga } eq "dms" && $ coo && length ( $ coo ) > 20 ) {
$ users_dms = $ dbt - > select_users ( $ dbh , $ users_sharee - > { c_id } , "and cookie='$coo'" ) ;
}
2023-03-30 17:45:12 +02:00
if ( $ varenv { dbname } eq $ dbt - > { primary } - > { sharee_primary } - > { database } - > { dbname } ) {
2023-05-15 11:39:26 +02:00
$ varenv { cms } = $ dbt - > fetch_cms ( $ dbh , { lang = > $ q - > escapeHTML ( $ lang ) } ) ;
2023-03-30 17:45:12 +02:00
} else {
my $ dbh_primary = $ dbt - > dbconnect_extern ( $ dbt - > { primary } - > { sharee_primary } - > { database } - > { dbname } ) ;
2023-05-15 11:39:26 +02:00
$ varenv { cms } = $ dbt - > fetch_cms ( $ dbh_primary , { lang = > $ q - > escapeHTML ( $ lang ) } ) ;
2023-03-30 17:45:12 +02:00
}
2021-12-30 12:05:56 +01:00
#Save anyway on create ... and hopefully delete it later
if ( $ R:: sharee_edit && $ R:: sharee_edit =~ /create_account/ && $ R:: txt04 && $ R:: txt04 =~ /\w+/ && $ R:: txt08 && $ R:: txt08 =~ /\w+\@\w+/ ) {
#1. logout
$ apif - > authout ( $ q , $ coo ) ;
#create_account. 2. inserts contentadr
my $ tinkc_id = $ tk - > create_account ( $ aowner ) ;
2023-03-05 20:01:47 +01:00
( $ returnwww , $ feedb ) = $ tk - > save_account ( $ q , $ tinkc_id , \ % varenv , $ aowner ) ;
2021-12-30 12:05:56 +01:00
#Like login_sharee, redundant
my $ hw_id = unpack ( 'H*' , pack ( 'Nc' , time , $$ % 0xff ) ) ; #old $co
#3. authorize
2023-08-09 20:45:44 +02:00
my $ author = $ apif - > authorization ( $ q , $ varenv { merchant_id } , $ hw_id , $ lang , $ aowner ) ; #$co like browser hw_id
2021-12-30 12:05:56 +01:00
#print "3. authorize: " . $author->{authcookie} . " -- " . $q->param('authcookie') . " ++ " . $coo . "<br>";
#4. verify and get user values
( $ api_return , $ users_sharee ) = $ apif - > auth_verify ( $ q , $ author - > { authcookie } , "" , $ author - > { new_authcoo } ) ;
#print "4. verifyize: " . $author->{authcookie} . " -- c_id: " . $users_sharee->{c_id} . " ++ " . $coo . "<br>";
#5. domcookie by authcookie substr (cut first 15 chars), AND also sessionid
if ( $ author - > { authcookie } && length ( $ author - > { authcookie } ) > 30 ) {
# take last 21 chars
$ coo = substr $ author - > { authcookie } , 15 ;
my $ cookie = CGI::Cookie - > new ( - name = > 'domcookie' , - value = > $ coo ) ;
print $ q - > header ( - charset = > "$html_charset" , - cookie = > $ cookie ) ;
#print "5. set cookie: " . $author->{authcookie} . " -- " . $q->param('authcookie') . " ++ " . $coo . "<br>";
2023-07-13 12:10:45 +02:00
#if user-pw authorized, then ignore conflict_ because it matches exist user-data
#should be result to Uhps page
2021-12-30 12:05:56 +01:00
if ( $ tinkc_id && $ returnwww && $ returnwww =~ /conflict_txt07|conflict_txt08/ ) {
2022-01-23 19:16:23 +01:00
$ return = $ tk - > delete_account ( $ tinkc_id , $ users_dms - > { u_id } ) ;
2021-12-30 12:05:56 +01:00
$ apif - > authout ( $ q , $ coo ) if ( $ coo ) ;
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Anmelden?conflict_failure=1" ) ;
exit 0 ;
}
elsif ( length ( $ coo ) > 20 ) {
#we need this to get $R::sessionid to FormEdit
( $ api_return , $ users_sharee ) = $ apif - > auth_verify ( $ q , $ author - > { authcookie } , "" ) ;
2022-01-23 19:16:23 +01:00
if ( ( $ returnwww && $ returnwww =~ /failure::(.*)/ ) || ( $ users_sharee - > { txt31 } && $ users_sharee - > { txt31 } =~ /\w/ ) ) {
$ returnwww =~ s/::/=/g ;
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_1}?sessionid=$coo\&$returnwww" ) ;
2021-12-30 12:05:56 +01:00
exit 0 ;
} else {
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_1_5}?sessionid=$coo" ) ;
exit 0 ;
}
}
}
}
2023-09-22 07:15:38 +02:00
#$payable_check==1 if payment data OK
#$payable_check==2 if payment data AND sms-,email-Ack,:!Vde,AGB OK
my $ payable_check = 0 ;
$ payable_check = $ bw - > isuser_rentable ( $ users_sharee , \ % varenv ) ;
2021-12-30 12:05:56 +01:00
# Logout
if ( $ mode =~ /logout/ ) {
if ( $ mode =~ /logout_sharee/ ) {
$ apif - > authout ( $ q , $ coo ) ;
} else {
$ db - > cook_out ( $ coo ) ;
}
print redirect ( "$varenv{wwwhost}" ) ;
exit 0 ;
}
my $ tpl = $ dbt - > get_tpl ( $ dbh , "302001" ) ; #Kundendaten template
2023-10-09 07:40:13 +02:00
$ tpl - > { tpl_order } . = ",txt04,txt08,int14" ;
2021-12-30 12:05:56 +01:00
if ( $ R:: login_sharee ) {
2023-09-22 07:15:38 +02:00
if ( $ users_sharee - > { c_id } && ( ! $ payable_check || ( $ users_sharee - > { txt31 } && $ tpl - > { tpl_order } =~ /$users_sharee->{txt31}/ ) ) ) {
2023-10-09 07:40:13 +02:00
my $ row = $ db - > updater ( "contentadr" , "c_id" , "$users_sharee->{c_id}" , "int12" , "1" ) if ( ! $ payable_check ) ; #Vde
2021-12-30 12:05:56 +01:00
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_1}$session" ) ;
exit 0 ;
} elsif ( $ users_sharee - > { c_id } && ! $ payable_check ) {
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_2}$session" ) ;
exit 0 ;
} elsif ( ! $ users_sharee - > { c_id } || ( $ users_sharee - > { c_id } && $ users_sharee - > { c_id } !~ /^\d+$/ ) ) {
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Anmelden?failure=1$session_and" ) ;
exit 0 ;
} else {
2023-08-09 20:45:44 +02:00
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_3}$session" ) ;
2021-12-30 12:05:56 +01:00
exit 0 ;
}
}
my $ oncontextmenu = "" ;
$ oncontextmenu = "return false;" ; # if($mode =~ /maintainer/);
$ oncontextmenu = "" if ( ! $ users_dms - > { u_id } ) ;
#Menu & node_path handling
2022-06-07 06:53:15 +02:00
my $ view = "" ;
my @ viewsel = ( "app" , "shareestart" ) ;
if ( $ path && $ path =~ /^\/\w/ && $ path =~ /^\/(.*)/ ) {
2021-12-30 12:05:56 +01:00
@ viewsel = split /\// , $ 1 ;
2022-06-07 06:53:15 +02:00
if ( "$path" =~ /\/$modes$/ ) {
2021-12-30 12:05:56 +01:00
pop @ viewsel ;
}
$ view = $ viewsel [ 0 ] ;
}
my $ node_meta = $ dbt - > get_node_meta ( $ dbh , \ @ viewsel ) ;
#DMS & Tools
if ( $ varenv { orga } eq "dms" && $ users_dms - > { u_id } ) {
if ( $ R:: cal_delta_start ) {
use Date::Calc qw( Add_Delta_YMD ) ;
my $ day = strftime "%d" , localtime ;
my $ mon = strftime "%m" , localtime ;
my $ year = strftime "%Y" , localtime ;
$ users_dms - > { cal_start } =~ s/\s.*// ;
( $ year , $ mon , $ day ) = split ( /-/ , $ users_dms - > { cal_start } ) if ( $ users_dms - > { cal_start } ) ;
my ( $ year1 , $ mon1 , $ day1 ) = split ( /:/ , $ R:: cal_delta_start ) ;
my ( $ Dy , $ Dm , $ Dd ) = Add_Delta_YMD ( $ year , $ mon , $ day , $ year1 , $ mon1 , $ day1 ) ;
$ db - > users_up ( "cal_start" , "$Dy-$Dm-$Dd" , $ users_dms - > { u_id } ) ;
}
if ( $ R:: cal_today ) {
my $ today4db = strftime ( "%Y-%m-%d %H:%M" , localtime ( time ) ) ;
$ db - > users_up ( "cal_start" , "$today4db" , $ users_dms - > { u_id } ) ;
}
if ( $ R:: cal_sort_updown ) {
$ db - > users_up ( "cal_sort_updown" , $ R:: cal_sort_updown , $ users_dms - > { u_id } ) ;
}
2023-08-01 07:47:54 +02:00
if ( $ R:: col_sort && $ node_meta - > { ct_table } ) {
$ db - > users_up ( "col_sort_$node_meta->{ct_table}" , $ R:: col_sort , $ users_dms - > { u_id } ) ;
}
if ( $ R:: sort_updown ) {
$ db - > users_up ( "sort_updown_$node_meta->{ct_table}" , $ R:: sort_updown , $ users_dms - > { u_id } ) ;
}
2021-12-30 12:05:56 +01:00
#base_edit implements new DMS methodes without Pre* things
#permissions
#DMS Kunden rw
if ( $ R:: base_edit && $ node_meta - > { ct_table } eq "contentadr" ) {
2023-03-05 20:01:47 +01:00
$ bw - > log ( "DMS action from $users_dms->{u_id} on $node_meta->{ct_table}" , $ q , "" ) ;
2022-11-16 21:22:00 +01:00
my $ dbh_primary = $ dbt - > dbconnect_extern ( $ dbt - > { primary } - > { sharee_primary } - > { database } - > { dbname } ) ;
2022-07-20 06:54:17 +02:00
my $ users_dms_primary = { u_id = > 0 } ;
$ users_dms_primary = $ dbt - > select_users ( $ dbh_primary , $ users_dms - > { u_id } , "and int02 >= 1" ) ;
2023-03-05 20:01:47 +01:00
if ( $ users_dms_primary - > { u_id } && $ users_dms_primary - > { int02 } == 2 && $ users_dms - > { u_id } && $ users_dms - > { int02 } == 2 ) {
if ( $ R:: c_id && $ R:: base_edit eq "remove_chk4rel" ) {
my $ delete_key = "delete_adr" ;
2021-12-30 12:05:56 +01:00
$ return = "failure::Datensatz wirklich löschen. ::?base_edit=$delete_key\&exit_box2=1\&c_id=$R::c_id ::löschen" ;
2023-03-05 20:01:47 +01:00
} elsif ( $ R:: c_id && $ R:: base_edit eq "delete_adr" ) {
2021-12-30 12:05:56 +01:00
$ return = $ tk - > delete_account ( $ R:: c_id , $ users_dms - > { u_id } ) ;
2023-03-05 20:01:47 +01:00
} elsif ( $ R:: c_id && $ R:: base_edit eq "save_adr" ) {
( $ returnwww , $ feedb ) = $ tk - > save_account ( $ q , $ R:: c_id , \ % varenv , $ users_dms - > { u_id } ) ;
}
2021-12-30 12:05:56 +01:00
} else {
2023-03-05 20:01:47 +01:00
$ feedb - > { message } = "failure::Abbruch. Schreibender Zugriff \"Kunden Stammdaten\" verweigert." ;
2021-12-30 12:05:56 +01:00
}
}
#DMS users accounts
if ( $ R:: base_edit && $ node_meta - > { ct_table } eq "users" ) { #DMS-Account rw
2023-03-05 20:01:47 +01:00
$ bw - > log ( "DMS action from $users_dms->{u_id} on $node_meta->{ct_table}" , $ q , "" ) ;
if ( $ users_dms - > { u_id } && $ users_dms - > { int07 } == 2 ) {
if ( $ R:: u_id && $ R:: base_edit eq "remove_chk4rel" ) { #users
2021-12-30 12:05:56 +01:00
my $ delete_key = "delete_dmsusers" ;
2023-04-13 15:35:29 +02:00
$ feedb - > { message } = "failure::Datensatz wirklich löschen. ::?base_edit=$delete_key\&exit_box2=1\&u_id=$R::u_id ::löschen" ;
2023-03-05 20:01:47 +01:00
} elsif ( ( $ R:: u_id || $ R:: c_idadr ) && $ R:: base_edit =~ /_dmsusers/ ) {
2021-12-30 12:05:56 +01:00
my $ u_id = $ 1 if ( $ R:: u_id && $ R:: u_id =~ /(\d+)/ ) ;
$ u_id = $ 1 if ( $ R:: c_idadr && $ R:: c_idadr =~ /(\d+)/ && $ R:: base_edit eq "new_dmsusers" ) ;
2023-04-24 14:49:30 +02:00
$ feedb = $ pl - > manage_dmsusers ( $ q , \ % varenv , $ R:: base_edit , $ u_id , $ users_dms ) ;
2023-03-05 20:01:47 +01:00
}
2021-12-30 12:05:56 +01:00
} else {
2023-03-05 20:01:47 +01:00
$ feedb - > { message } = "failure::Abbruch. Schreibender Zugriff \"DMS-Account\" verweigert." ;
2021-12-30 12:05:56 +01:00
}
}
2023-03-05 20:01:47 +01:00
#DMS Waren
2023-03-24 08:06:35 +01:00
if ( ( $ R:: rel_edit || $ R:: base_edit ) && $ node_meta - > { ct_table } eq "content" ) {
2023-03-05 20:01:47 +01:00
$ bw - > log ( "DMS action from $users_dms->{u_id} on $node_meta->{ct_table}" , $ q , "" ) ;
if ( $ users_dms - > { u_id } && $ users_dms - > { int01 } == 2 ) {
if ( $ R:: rel_edit eq "save_relation" && $ R:: main_id && $ R:: main_id >= 200000 ) {
2022-07-20 06:54:17 +02:00
$ return = $ pl - > save_relation ( $ q , $ R:: main_id , $ users_dms - > { u_id } ) ;
2023-03-05 20:01:47 +01:00
} elsif ( $ R:: rel_edit eq "delete_relation" && $ R:: main_id && $ R:: main_id >= 200000 ) {
2022-12-19 14:21:53 +01:00
$ return = $ pl - > delete_relation ( $ q , $ R:: main_id , $ users_dms - > { u_id } ) ;
2023-03-05 20:01:47 +01:00
} elsif ( $ R:: rel_edit eq "new_relation" && $ R:: main_id && $ R:: main_id >= 200000 ) {
2022-12-19 14:21:53 +01:00
$ return = $ pl - > new_relation ( $ q , $ R:: main_id , $ users_dms - > { u_id } ) ;
2023-06-21 20:21:58 +02:00
} elsif ( $ R:: base_edit eq "new_content" && $ node_meta - > { main_id } && $ node_meta - > { main_id } >= 200000 ) {
$ feedb = $ pl - > new_content ( $ q , $ users_dms , $ node_meta ) ;
2023-03-05 20:01:47 +01:00
} elsif ( $ R:: base_edit eq "save_content" ) {
$ feedb = $ pl - > save_content ( $ q , $ users_dms , $ node_meta , $ R:: c_id ) if ( looks_like_number ( $ R:: c_id ) ) ;
2023-03-24 08:06:35 +01:00
$ apif - > stations_caching ( $ q , \ % varenv , $ users_sharee ) if ( $ node_meta - > { template_id } =~ /210|205|225/ ) ;
2023-06-14 21:48:20 +02:00
} elsif ( $ R:: base_edit eq "move_content" ) {
$ feedb = $ pl - > move_content ( $ q , $ users_dms , $ node_meta , $ R:: c_id ) if ( looks_like_number ( $ R:: c_id ) ) ;
$ apif - > stations_caching ( $ q , \ % varenv , $ users_sharee ) if ( $ node_meta - > { template_id } == 205 ) ;
2023-03-05 20:01:47 +01:00
} elsif ( $ R:: c_id && $ R:: base_edit eq "remove_chk4rel" ) {
my $ delete_key = "delete_content" ;
$ feedb - > { message } = "failure::Datensatz wirklich löschen. ::?base_edit=$delete_key\&exit_box2=1\&c_id=$R::c_id ::löschen" ;
} elsif ( $ R:: c_id && $ R:: base_edit eq "delete_content" ) {
$ feedb = $ pl - > delete_content ( $ node_meta , $ R:: c_id ) ;
2023-03-24 08:06:35 +01:00
$ apif - > stations_caching ( $ q , \ % varenv , $ users_sharee ) if ( $ node_meta - > { template_id } =~ /210|205|225/ ) ;
2023-03-05 20:01:47 +01:00
}
} else {
$ feedb - > { message } = "failure::Abbruch. Schreibender Zugriff \"Waren Stammdaten\" verweigert." ;
}
}
#Einstellung
2023-03-24 08:06:35 +01:00
if ( ( $ R:: rel_edit || $ R:: base_edit ) && $ node_meta - > { ct_table } eq "contentuser" ) {
2023-03-05 20:01:47 +01:00
$ bw - > log ( "DMS action from $users_dms->{u_id} on $node_meta->{ct_table}" , $ q , "" ) ;
if ( $ users_dms - > { u_id } && $ users_dms - > { int08 } == 2 ) {
2023-06-21 20:21:58 +02:00
if ( $ R:: rel_edit eq "save_ctuser" && $ node_meta - > { main_id } && $ node_meta - > { main_id } >= 200000 ) {
$ return = $ pl - > save_service_desc ( $ q , $ users_dms , $ R:: c_id ) ;
2023-04-05 07:41:11 +02:00
} elsif ( $ R:: rel_edit eq "save_user" ) {
$ feedb = $ pl - > save_content ( $ q , $ users_dms , $ node_meta , $ R:: c_id ) if ( looks_like_number ( $ R:: c_id ) ) ;
2023-06-21 20:21:58 +02:00
} elsif ( $ R:: base_edit eq "new_contentcms" && $ node_meta - > { main_id } && $ node_meta - > { main_id } >= 200000 ) {
$ feedb = $ pl - > new_content ( $ q , $ users_dms , $ node_meta ) ;
} elsif ( $ R:: base_edit eq "save_contentcms" && $ node_meta - > { main_id } && $ node_meta - > { main_id } >= 200000 ) {
2023-01-17 20:43:36 +01:00
$ feedb = $ pl - > save_content ( $ q , $ users_dms , $ node_meta , $ R:: c_id ) if ( looks_like_number ( $ R:: c_id ) ) ;
2023-03-05 20:01:47 +01:00
} elsif ( $ R:: c_id && $ R:: base_edit eq "remove_chk4rel" ) {
my $ delete_key = "delete_contentuser" ;
$ feedb - > { message } = "failure::Datensatz wirklich löschen. ::?base_edit=$delete_key\&exit_box2=1\&c_id=$R::c_id ::löschen" ;
} elsif ( $ R:: c_id && $ R:: base_edit eq "delete_contentuser" ) {
$ feedb = $ pl - > delete_content ( $ node_meta , $ R:: c_id ) ;
2021-12-30 12:05:56 +01:00
}
2023-03-05 20:01:47 +01:00
} else {
$ feedb - > { message } = "failure::Abbruch. Schreibender Zugriff \"Einstellung\" verweigert." ;
2021-12-30 12:05:56 +01:00
}
}
#DMS Faktura
2023-04-05 07:41:11 +02:00
if ( $ node_meta - > { ct_table } eq "contenttrans" ) {
2023-03-05 20:01:47 +01:00
$ bw - > log ( "DMS action from $users_dms->{u_id} on $node_meta->{ct_table}" , $ q , "" ) ;
2022-11-16 21:22:00 +01:00
my $ dbh_primary = $ dbt - > dbconnect_extern ( $ dbt - > { primary } - > { sharee_primary } - > { database } - > { dbname } ) ;
2022-07-20 06:54:17 +02:00
my $ users_dms_primary = { u_id = > 0 } ;
2022-11-24 12:50:23 +01:00
$ users_dms_primary = $ dbt - > select_users ( $ dbh_primary , $ users_dms - > { u_id } , "and int03 >= 1" ) ;
2022-07-20 06:54:17 +02:00
2022-11-24 12:50:23 +01:00
if ( $ users_dms_primary - > { u_id } && $ users_dms_primary - > { int03 } >= 1 && $ users_dms - > { u_id } && $ users_dms - > { int03 } >= 1 && $ R:: ct_trans eq "open" ) { #DMS Faktura read
2022-03-17 20:28:28 +01:00
$ db - > update_users4trans ( $ R:: c_id4trans , $ R:: tpl_id4trans , "" , $ users_dms - > { u_id } ) if ( looks_like_number ( $ R:: c_id4trans ) && looks_like_number ( $ R:: tpl_id4trans ) ) ;
2022-11-24 12:50:23 +01:00
}
if ( $ users_dms_primary - > { u_id } && $ users_dms_primary - > { int03 } == 2 && $ users_dms - > { u_id } && $ users_dms - > { int03 } == 2 ) { #DMS Faktura rw
2022-03-17 20:28:28 +01:00
$ db - > update_users4trans ( $ R:: c_id4trans , $ R:: tpl_id4trans , "" , $ users_dms - > { u_id } ) if ( looks_like_number ( $ R:: c_id4trans ) && looks_like_number ( $ R:: tpl_id4trans ) ) ;
if ( $ R:: ct_trans =~ /set_workflow2invoice|set_workflow2storno/ ) {
2022-12-19 14:21:53 +01:00
$ return = $ pl - > set_workflow ( $ q , $ users_dms , $ R:: c_id4trans , $ R:: set_main_id4workflow ) if ( looks_like_number ( $ R:: c_id4trans ) && looks_like_number ( $ R:: tpl_id4trans ) && looks_like_number ( $ R:: set_main_id4workflow ) ) ;
2022-10-31 08:11:53 +01:00
} elsif ( $ R:: ct_trans =~ /set_accounting2invoice/ ) {
2022-12-19 14:21:53 +01:00
$ return = $ pl - > set_accounting2invoice ( $ q , $ users_dms , $ R:: c_id4trans , $ R:: set_main_id4workflow ) if ( looks_like_number ( $ R:: c_id4trans ) && looks_like_number ( $ R:: tpl_id4trans ) && looks_like_number ( $ R:: set_main_id4workflow ) ) ;
2022-12-16 08:37:05 +01:00
} elsif ( $ R:: ct_trans =~ /save_text|save_adr/ ) {
2023-01-17 20:43:36 +01:00
$ feedb = $ pl - > save_text2contenttrans ( $ q , $ users_dms , $ R:: c_id4trans ) if ( looks_like_number ( $ R:: c_id4trans ) ) ;
2023-08-01 07:47:54 +02:00
}
#not used because of attachement
elsif ( $ R:: ct_trans =~ /email_generate/ && $ R:: c_id4trans && $ R:: email_select ) {
#my $sendref = $pl->prepare_email(\%varenv,$R::c_id4trans,$R::email_select);
#print redirect("mailto:$sendref->{mail_to}?subject=$sendref->{subject}\&body=$sendref->{message}");
#exit 0;
2023-10-06 06:48:36 +02:00
}
elsif ( $ R:: detail_search && $ R:: detail_search eq "operator_accounting" ) {
2022-10-14 08:28:51 +02:00
my $ ck4ex = "@R::ck4ex" || "" ;
2022-12-19 14:21:53 +01:00
$ return = $ pl - > operator_accounting ( $ q , $ users_dms , $ users_sharee , $ R:: accounting_type , $ ck4ex ) ;
2023-10-06 06:48:36 +02:00
}
#on prepaid account
elsif ( $ R:: ct_trans eq "save_pos" && $ R:: tpl_id4trans == 219 && $ R:: c_idpos ) {
$ feedb = $ pl - > save_contenttranspos ( $ q , $ R:: c_idpos , $ users_dms - > { u_id } ) ;
}
#should do all else invoice text save , without positions and booking payment
elsif ( $ R:: ct_trans || $ R:: set_state || $ R:: v_abschluss || $ R:: trans2edit ) {
2023-03-05 20:01:47 +01:00
if ( $ R:: ct_trans !~ /_pos|open/ && looks_like_number ( $ R:: c_id4trans ) && ! $ R:: v_abschluss && ! $ R:: trans2edit ) {
2023-02-10 12:04:30 +01:00
$ feedb = $ pl - > save_text2contenttrans ( $ q , $ users_dms , $ R:: c_id4trans ) ;
}
2023-10-06 06:48:36 +02:00
#in future the prelogic modul should be disabled at all
2022-03-17 20:28:28 +01:00
$ return . = "|" ;
2023-08-01 07:47:54 +02:00
$ return . = $ pre - > preinit ( $ q , $ node_meta , $ users_dms ) ;
2022-03-17 20:28:28 +01:00
}
2021-12-30 12:05:56 +01:00
} elsif ( $ R:: ct_trans ) {
2023-03-05 20:01:47 +01:00
$ feedb - > { message } = "failure::Abbruch. Schreibender Zugriff \"Faktura\" verweigert." ;
2021-12-30 12:05:56 +01:00
}
}
2022-09-20 16:13:45 +02:00
#DMS Mietjournal
2022-06-02 10:34:03 +02:00
if ( $ node_meta - > { ct_table } eq "contenttranspos" && $ R:: base_edit eq "save_pos" ) {
2023-01-17 20:43:36 +01:00
$ feedb = $ pl - > save_contenttranspos ( $ q , $ R:: c_id , $ users_dms - > { u_id } ) ;
2023-03-24 08:06:35 +01:00
$ apif - > stations_caching ( $ q , \ % varenv , $ users_sharee ) ;
2022-06-02 10:34:03 +02:00
}
2022-09-20 16:13:45 +02:00
#DMS insert part or fee
if ( $ node_meta - > { ct_table } eq "contenttranspos" && $ R:: insert_contenttranspos ) {
2023-01-17 20:43:36 +01:00
$ feedb = $ pl - > insert_contenttranspos ( $ q , $ R:: cc_id , $ R:: ca_id , $ R:: ct_id , $ users_dms - > { u_id } ) ;
2022-09-20 16:13:45 +02:00
}
2022-01-11 15:15:26 +01:00
$ users_dms = $ dbt - > select_users ( $ dbh , $ users_dms - > { u_id } , "" ) ; #just to get update after save
2021-12-30 12:05:56 +01:00
#none DMS hosts ----------------------------------------------------
} elsif ( $ varenv { orga } ne "dms" ) {
#save_account. 3. updates contentadr
if ( $ users_sharee - > { c_id } && $ R:: sharee_edit && $ R:: sharee_edit =~ /save_account/ ) {
2023-03-05 20:01:47 +01:00
( $ returnwww , $ feedb ) = $ tk - > save_account ( $ q , $ users_sharee - > { c_id } , \ % varenv , $ aowner ) ;
2021-12-30 12:05:56 +01:00
}
if ( $ users_sharee - > { c_id } && $ R:: sharee_edit && $ R:: sharee_edit =~ /save_transact/ ) {
2023-03-05 20:01:47 +01:00
$ returnwww = $ tk - > save_transact ( $ q , $ users_sharee - > { c_id } , $ coo , $ aowner ) ;
2021-12-30 12:05:56 +01:00
}
if ( $ returnwww && $ returnwww =~ /failure::(.*)/ ) {
$ returnwww =~ s/::/=/g ;
( $ api_return , $ users_sharee ) = $ apif - > auth_verify ( $ q , $ coo , "" ) ;
if ( $ returnwww =~ /txt22|txt23/ ) {
2023-07-13 12:10:45 +02:00
#should be result to Uhps page
if ( $ returnwww =~ /conflict_txt22/ ) {
$ return = $ tk - > delete_account ( $ users_sharee - > { c_id } , $ users_dms - > { u_id } ) ;
$ apif - > authout ( $ q , $ coo ) if ( $ coo ) ;
2023-10-09 07:40:13 +02:00
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Anmelden?conflict_failure=1$session_and" ) ;
2023-07-13 12:10:45 +02:00
exit 0 ;
}
2021-12-30 12:05:56 +01:00
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_2}?cum=1$session_and\&$returnwww" ) ;
} elsif ( $ returnwww =~ /int03/ ) {
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_1_5}?cum=1$session_and\&$returnwww" ) ;
} elsif ( $ returnwww =~ /txt09|txt16/ ) {
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_3}?cum=1$session_and\&$returnwww" ) ;
} elsif ( $ returnwww =~ /int01/ && $ R:: radID ) {
print redirect ( "$varenv{wwwhost}/?ask_radID=$R::radID\&failure=not-synced$session_and" ) ;
} else {
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_1}?cum=1$session_and\&$returnwww" ) ;
}
exit 0 ;
} else {
( $ api_return , $ users_sharee ) = $ apif - > auth_verify ( $ q , $ coo , "" ) ;
#Payone Response POST (TransactionStatus)
#payone response ($R::pseudocardpan || $R::status)
if ( $ users_sharee - > { c_id } && ( $ R:: pseudocardpan || $ R:: status ) ) {
2022-12-16 08:37:05 +01:00
my $ payone_return = "" ;
2021-12-30 12:05:56 +01:00
open ( FILE , ">>$varenv{logdir}/payone-return-post.log" ) ;
2022-01-16 12:17:11 +01:00
print FILE "<--- $now_dt from Indexsharee.pm \nPayone return-way by ajaxCall: $R::status\n" ;
2021-12-30 12:05:56 +01:00
my @ keywords = $ q - > param ;
foreach ( @ keywords ) {
my $ val = $ q - > param ( $ _ ) ;
print FILE "$_=$val\n" ;
$ payone_return . = "$_=$val\n" ; # if($_ =~ /error|message/i);
}
close ( FILE ) ;
my $ update_adr = {
table = > "contentadr" ,
mtime = > "now()" ,
owner = > $ aowner ,
c_id = > $ users_sharee - > { c_id }
} ;
my $ vde_on_fail = $ users_sharee - > { int12 } || 3 ; #keep last or set 3
#SEPA, done in payone Payment
#CC
if ( $ R:: pseudocardpan && length ( $ R:: pseudocardpan ) >= 19 ) { #done by payone AJAX return
#if($R::status eq "APPROVED")
2022-12-16 08:37:05 +01:00
$ now_dt = strftime "%Y-%m-%d %H:%M:%S" , localtime ;
2021-12-30 12:05:56 +01:00
$ update_adr - > { txt22 } = "" ;
$ update_adr - > { txt23 } = "" ;
$ update_adr - > { ct_name } = $ q - > escapeHTML ( $ R:: pseudocardpan ) ;
$ update_adr - > { txt27 } = $ q - > escapeHTML ( $ R:: status ) ;
2023-03-05 20:01:47 +01:00
$ update_adr - > { txt28 } = $ now_dt . "\n" . $ q - > escapeHTML ( $ payone_return ) ;
2023-02-23 12:35:53 +01:00
$ update_adr - > { int12 } = 0 if ( $ users_sharee - > { int12 } != 2 ) ; #Vde hard set by fibu
2021-12-30 12:05:56 +01:00
$ update_adr - > { int03 } = 2 ;
2023-03-05 20:01:47 +01:00
$ update_adr - > { int24 } = "null" ; #cpdate reset
2021-12-30 12:05:56 +01:00
$ dbt - > update_record ( $ dbh , $ update_adr , $ users_sharee ) if ( $ users_sharee - > { c_id } > 0 ) ;
( $ api_return , $ users_sharee ) = $ apif - > auth_verify ( $ q , $ coo , "" ) ;
#define fictiv invoice to get 1 € test
my $ epoche = time ( ) ;
my $ ctt = {
c_id = > 1 ,
int01 = > 0 , #capture amount
int15 = > 1 , #preauth amount
txt16 = > "" ,
reference = > "$users_sharee->{c_id}_$epoche" ,
2022-02-22 08:31:35 +01:00
payone_reset = > ''
2021-12-30 12:05:56 +01:00
} ;
2022-01-16 12:17:11 +01:00
2021-12-30 12:05:56 +01:00
my $ payone_txid = "" ;
2022-01-16 12:17:11 +01:00
##preauthorization and/or capture needs to much time, must be done async!
#$payone_txid = $payone->preauthorizationCC_main(\%varenv,$users_sharee,$ctt,$aowner);
#if($payone_txid)
if ( 1 == 1 ) {
2023-10-09 07:40:13 +02:00
open ( FILE , ">>$varenv{logdir}/confirm.log" ) if ( $ debug ) ;
print FILE "\n\n*--> $now_dt done by $0\n" if ( $ debug ) ;
print FILE "trigger confirm-code request by pseudocardpan\n" if ( $ debug ) ;
2022-01-16 12:17:11 +01:00
#$ctt->{txt16} = "$payone_txid";
#$payone_txid = $payone->captureCC_main(\%varenv,$users_sharee,$ctt,$aowner);
#int12=0 should be set after capture success in payment module
if ( ( $ users_sharee - > { int04 } != 1 ) && ( $ users_sharee - > { txt08 } =~ /\w\@\w/ ) ) {
2023-05-05 07:30:00 +02:00
$ tk - > emailack ( \ % varenv , $ users_sharee - > { c_id } ) ;
2022-01-16 12:17:11 +01:00
}
if ( ( $ users_sharee - > { int13 } != 1 ) && ( $ users_sharee - > { txt07 } =~ /\d{9}/ && length ( $ users_sharee - > { txt07 } ) <= 16 ) ) {
$ tk - > smsack ( $ users_sharee ) ;
}
2023-10-09 07:40:13 +02:00
close ( FILE ) if ( $ debug ) ;
2021-12-30 12:05:56 +01:00
} else {
2022-01-16 12:17:11 +01:00
$ dbt - > update_one ( $ dbh , $ update_adr , "int12=$vde_on_fail" ) ; #Vde
2021-12-30 12:05:56 +01:00
}
$ dbt - > update_operatorsloop ( $ varenv { dbname } , $ users_sharee - > { c_id } , "update" ) ;
2023-08-09 20:45:44 +02:00
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_3}?$returnwww$session_and" ) ;
2021-12-30 12:05:56 +01:00
exit 0 ;
} else {
2022-12-16 08:37:05 +01:00
$ update_adr - > { txt28 } = $ now_dt . " else pseudocardpan\n" . $ q - > escapeHTML ( $ payone_return ) ;
2021-12-30 12:05:56 +01:00
$ update_adr - > { int12 } = $ vde_on_fail ;
$ dbt - > update_record ( $ dbh , $ update_adr , $ users_sharee ) if ( $ users_sharee - > { c_id } > 0 ) ;
$ dbt - > update_operatorsloop ( $ varenv { dbname } , $ users_sharee - > { c_id } , "update" ) ;
}
2022-01-16 12:17:11 +01:00
} #end payone response with pseudocardpan
2021-12-30 12:05:56 +01:00
}
#send confirm codes
2023-01-11 06:55:55 +01:00
if ( $ users_sharee - > { c_id } && $ users_sharee - > { txt34 } && length ( $ users_sharee - > { txt34 } ) > 10 && $ payable_check && $ R:: sharee_edit && $ R:: sharee_edit =~ /save_account|send_email|send_sms/ ) {
2023-10-09 07:40:13 +02:00
open ( FILE , ">>$varenv{logdir}/confirm.log" ) if ( $ debug ) ;
print FILE "\n\n*--> $now_dt done by $0\n" if ( $ debug ) ;
print FILE "trigger confirm-code request by $R::sharee_edit\n" if ( $ debug ) ;
2021-12-30 12:05:56 +01:00
2023-10-09 07:40:13 +02:00
if ( ( $ users_sharee - > { int04 } != 1 && $ R:: sharee_edit =~ /send_email/ ) && ( $ users_sharee - > { txt08 } =~ /\w\@\w/ ) ) {
2023-05-05 07:30:00 +02:00
$ tk - > emailack ( \ % varenv , $ users_sharee - > { c_id } ) ;
2021-12-30 12:05:56 +01:00
}
2023-10-09 07:40:13 +02:00
if ( ( $ users_sharee - > { int13 } != 1 && $ R:: sharee_edit =~ /send_sms/ ) && ( $ users_sharee - > { txt07 } =~ /\d{9}/ && length ( $ users_sharee - > { txt07 } ) <= 16 ) ) {
2021-12-30 12:05:56 +01:00
$ tk - > smsack ( $ users_sharee ) ;
}
2023-10-09 07:40:13 +02:00
close ( FILE ) if ( $ debug ) ;
2021-12-30 12:05:56 +01:00
} #send confirm code
#email and sms acknowledgments, check and save confirm states
if ( $ R:: confirm_userid && $ R:: confirm_userid =~ /^\d+$/ && ( $ R:: confirm_code && length ( $ R:: confirm_code ) >= 5 || $ R:: confirm_smscode && length ( $ R:: confirm_smscode ) >= 5 ) ) {
#keep in mind, for now and just for testing confirm codes are just c_id
open ( FILE , ">>$varenv{logdir}/confirm.log" ) if ( $ debug ) ;
print FILE "\n\n*--> $now_dt done by $0\n" if ( $ debug ) ;
print FILE "confirm_userid:$R::confirm_userid\nconfirm_code:$R::confirm_code\nconfirm_smscode:$R::confirm_smscode\n" if ( $ debug ) ;
$ R:: confirm_code =~ s/\s//g ;
$ R:: confirm_smscode =~ s/\s//g ;
my $ confirm_code = $ q - > escapeHTML ( $ R:: confirm_code ) ;
my $ confirm_smscode = $ q - > escapeHTML ( $ R:: confirm_smscode ) ;
#confirm email
if ( $ confirm_code ) {
my $ authref = {
table = > "contentadr" ,
fetch = > "one" ,
template_id = > "202" ,
c_id = > $ R:: confirm_userid ,
txt34 = > "ilike::$confirm_code%" ,
} ;
2022-09-28 13:28:45 +02:00
my $ confirmed_email = { c_id = > 0 } ;
$ confirmed_email = $ dbt - > fetch_record ( $ dbh , $ authref ) ;
2021-12-30 12:05:56 +01:00
#($api_return,$users_sharee) = $apif->auth_verify($q,"",$R::confirm_code);
if ( $ confirmed_email - > { c_id } ) {
$ db - > updater ( "contentadr" , "c_id" , "$confirmed_email->{c_id}" , "int04" , "1" ) ;
#save verified email
$ db - > updater ( "contentadr" , "c_id" , "$confirmed_email->{c_id}" , "txt32" , "$confirmed_email->{txt08}" ) ;
print FILE "confirmed_email: $confirmed_email->{c_id} update because confirm_code:$confirm_code\n" if ( $ debug ) ;
2023-01-17 20:43:36 +01:00
#after mailAck, delete all douple adr with no mailAck
2021-12-30 12:05:56 +01:00
my $ ctadr = $ db - > collect_ct4rel3 ( "contentadr" , "" , "" , "ilike" , "txt08" , "$confirmed_email->{txt08}" , "" , "" , "" ) ;
foreach my $ aid ( keys ( %$ ctadr ) ) {
if ( ! $ ctadr - > { $ aid } - > { int04 } ) {
2023-01-17 20:43:36 +01:00
$ db - > delete_content ( "contentadr" , $ ctadr - > { $ aid } - > { c_id } ) ;
2021-12-30 12:05:56 +01:00
print FILE "c_id $ctadr->{$aid}->{c_id} $confirmed_email->{txt08} delete because of dopplel\n" if ( $ debug ) ;
}
}
}
}
#confirm sms
if ( $ confirm_smscode ) {
my $ authref = {
table = > "contentadr" ,
fetch = > "one" ,
template_id = > "202" ,
c_id = > $ R:: confirm_userid ,
txt34 = > "ilike::%$confirm_smscode" ,
} ;
2022-09-28 13:28:45 +02:00
my $ confirmed_sms = { c_id = > 0 } ;
$ confirmed_sms = $ dbt - > fetch_record ( $ dbh , $ authref ) ;
2021-12-30 12:05:56 +01:00
#($api_return,$users_sharee) = $apif->auth_verify($q,"",$R::confirm_smscode);
if ( $ confirmed_sms - > { c_id } ) {
$ db - > updater ( "contentadr" , "c_id" , "$confirmed_sms->{c_id}" , "int13" , "1" ) ;
#save verified telnr
$ db - > updater ( "contentadr" , "c_id" , "$confirmed_sms->{c_id}" , "txt33" , "$confirmed_sms->{txt07}" ) ;
print FILE "confirmed_sms: $confirmed_sms->{c_id} update because confirm_smscode:$confirm_smscode\n" if ( $ debug ) ;
}
}
( $ api_return , $ users_sharee ) = $ apif - > auth_verify ( $ q , "" , $ users_sharee - > { c_id } ) if ( $ users_sharee - > { c_id } ) ;
2023-02-23 12:35:53 +01:00
if ( $ users_sharee - > { int04 } && $ users_sharee - > { int13 } ) {
#2023-01-17 disabled because of should only be set by pseudocardpan ajax
2023-01-17 20:43:36 +01:00
#my $row = $db->updater("contentadr","c_id","$users_sharee->{c_id}","int12","0");#Vde
2021-12-30 12:05:56 +01:00
$ dbt - > update_operatorsloop ( $ varenv { dbname } , $ users_sharee - > { c_id } , "update" ) ;
} else {
my $ field = "int13" ;
$ field = "int04" if ( ! $ users_sharee - > { int04 } ) ;
2023-09-22 07:15:38 +02:00
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_3}?cum=5$session_and\&failure=$field#top" ) ;
2021-12-30 12:05:56 +01:00
exit 0 ;
}
if ( ! $ coo ) {
print FILE "c_id: $users_sharee->{c_id} empty auth because of no cookie\n" if ( $ debug ) ;
$ users_sharee = { c_id = > 0 } ;
}
close ( FILE ) if ( $ debug ) ;
if ( $ users_sharee - > { c_id } && $ users_sharee - > { int04 } && $ users_sharee - > { int13 } ) {
2023-10-09 07:40:13 +02:00
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_3}?confirm_success=1$session_and" ) ;
2021-12-30 12:05:56 +01:00
exit 0 ;
}
} #end confirm
if ( $ R:: email && $ R:: sharee_edit =~ /password_forgotten/ ) {
my $ hw_id = unpack ( 'H*' , pack ( 'Nc' , time , $$ % 0xff ) ) ; #old $co
2023-05-05 07:30:00 +02:00
$ tk - > send_password ( \ % varenv , $ R:: email , $ hw_id , $ aowner ) ;
2021-12-30 12:05:56 +01:00
}
#redirections
if ( $ users_sharee - > { c_id } && ( $ path =~ /$varenv{mandant}\/$varenv{profile}/ || $ path =~ /$varenv{mandant}\/Account/ ) ) {
if ( $ R:: sharee_edit =~ /save_account/ ) {
$ returnwww =~ s/::/=/g if ( $ returnwww && $ returnwww =~ /success::\w+/ ) ;
2023-09-22 07:15:38 +02:00
( $ api_return , $ users_sharee ) = $ apif - > auth_verify ( $ q , $ coo , "" ) ;
$ payable_check = $ bw - > isuser_rentable ( $ users_sharee , \ % varenv ) ;
2021-12-30 12:05:56 +01:00
if ( ( ! $ users_sharee - > { int14 } ) || ( $ users_sharee - > { txt31 } && $ tpl - > { tpl_order } =~ /$users_sharee->{txt31}/ ) ) {
#failure redirect should do the delete job
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_1}?failure=$users_sharee->{txt31}$session_and#top" ) ;
exit 0 ;
}
elsif ( ! $ users_sharee - > { int03 } ) {
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_1_5}$session" ) ;
exit 0 ;
}
2023-09-22 07:15:38 +02:00
elsif ( ! $ payable_check && $ users_sharee - > { int03 } ) {
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_2}$session" ) ;
2021-12-30 12:05:56 +01:00
exit 0 ;
}
2023-09-22 07:15:38 +02:00
elsif ( $ payable_check && ( ! $ users_sharee - > { int04 } || ! $ users_sharee - > { int13 } ) ) {
2023-10-09 07:40:13 +02:00
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_3}?cum=2\&sharee_edit=send_email_send_sms$session_and\&$returnwww" ) ; #send both
2021-12-30 12:05:56 +01:00
exit 0 ;
}
elsif ( $ payable_check ) {
2023-09-22 07:15:38 +02:00
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_3}?cum=2-$payable_check$session_and\&$returnwww" ) ;
2021-12-30 12:05:56 +01:00
exit 0 ;
}
2023-07-20 07:14:28 +02:00
} elsif ( $ path =~ /$varenv{mandant}\/$varenv{profile}/ && $ referer !~ /failure=\w/ ) {
2021-12-30 12:05:56 +01:00
if ( ( ! $ users_sharee - > { int14 } ) || ( $ users_sharee - > { txt31 } && $ tpl - > { tpl_order } =~ /$users_sharee->{txt31}/ ) ) {
2023-10-09 07:40:13 +02:00
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_1}?cum=3\&failure=$users_sharee->{txt31}$session_and#top" ) ;
2021-12-30 12:05:56 +01:00
exit 0 ;
} elsif ( ! $ payable_check ) {
2023-10-06 06:48:36 +02:00
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_1_5}?cum=3$session_and\&$returnwww" ) ;
2021-12-30 12:05:56 +01:00
exit 0 ;
} else {
2023-09-22 07:15:38 +02:00
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_3}?cum=3$session_and\&$returnwww" ) ;
2021-12-30 12:05:56 +01:00
exit 0 ;
}
}
2023-10-06 06:48:36 +02:00
}
2023-10-09 07:40:13 +02:00
#redirect used by App user profile button
2023-10-17 07:32:27 +02:00
#elsif($session && $users_sharee->{c_id} && ($path =~ /$varenv{mandant}\/Anmelden|$varenv{mandant}\/$varenv{profile}/)){
elsif ( 1 == 1 && $ users_sharee - > { c_id } && ( $ path =~ /$varenv{mandant}\/Anmelden|$varenv{mandant}\/$varenv{profile}/ ) ) {
2022-01-04 11:49:13 +01:00
if ( ! $ users_sharee - > { int14 } ) {
2023-09-22 07:15:38 +02:00
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_1}?cum=4$session_and\&$returnwww" ) ;
2022-01-04 11:49:13 +01:00
exit 0 ;
2022-04-30 08:12:55 +02:00
} elsif ( ! $ payable_check ) {
2023-10-06 06:48:36 +02:00
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_1_5}?cum=4$session_and\&$returnwww" ) ;
2022-04-30 08:12:55 +02:00
exit 0 ;
2022-01-04 11:49:13 +01:00
} else {
2023-09-22 07:15:38 +02:00
print redirect ( "$varenv{wwwhost}/$varenv{mandant}/Account/$varenv{accounting_3}?cum=4$session_and\&$returnwww" ) ;
2021-12-30 12:05:56 +01:00
exit 0 ;
2022-01-04 11:49:13 +01:00
}
2021-12-30 12:05:56 +01:00
}
###
}
#Printpreview
if ( $ view =~ /Printpreview/ ) {
2022-01-06 18:14:14 +01:00
require "Mod/Printpreview.pm" ;
2021-12-30 12:05:56 +01:00
& Printpreview:: printpre ( ) ;
exit 0 ;
}
elsif ( $ view =~ /PDFGenerator/ ) {
2022-01-06 18:14:14 +01:00
require "Mod/PDFGenerator.pm" ;
2021-12-30 12:05:56 +01:00
& PDFGenerator:: printpre ( ) ;
exit 0 ;
}
#CSVout
if ( $ R:: rel_edit && $ R:: rel_edit =~ /XLSout/ ) {
$ users_dms = $ dbt - > select_users ( $ dbh , $ users_dms - > { u_id } ) ;
if ( - f "$dbt->{copri_conf}->{basedir}/pdf/$users_dms->{owner}-$users_dms->{time4csv}.xls" ) {
print $ q - > redirect ( - uri = > "$varenv{metahost}/pdf/$users_dms->{owner}-$users_dms->{time4csv}.xls" , - type = > "application/octet-stream" , - target = > '_blank' ) ;
exit 0 ;
}
}
my $ dyn_css = "" ;
my $ url = "$varenv{wwwhost}/$path" ;
my $ onload = "" ;
my $ local_style = "$varenv{metahost}/$dbt->{shareeapp_conf}->{local_style}" ;
2022-03-23 07:20:56 +01:00
my $ jquery = "" ;
my $ jquery_ui = "" ;
my $ style_jquery_ui = "" ;
2021-12-30 12:05:56 +01:00
my $ js_bootstrap = "$varenv{metahost}/$dbt->{shareeapp_conf}->{js_bootstrap}" ;
my $ style_bootstrap = "$varenv{metahost}/$dbt->{shareeapp_conf}->{style_bootstrap}" ;
2022-03-23 07:20:56 +01:00
my $ style_bootstrap_icons = "$varenv{metahost}/$dbt->{copri_conf}->{style_bootstrap_icons}" ;
2021-12-30 12:05:56 +01:00
if ( $ varenv { wwwhost } =~ /shareedms/ ) {
$ local_style = "$varenv{metahost}/$dbt->{shareedms_conf}->{local_style}" ;
$ jquery = "$varenv{metahost}/$dbt->{shareedms_conf}->{jquery}" ;
2022-03-23 07:20:56 +01:00
$ jquery_ui = "$varenv{metahost}/$dbt->{shareedms_conf}->{jquery_ui}" ;
$ style_jquery_ui = "$varenv{metahost}/$dbt->{shareedms_conf}->{style_jquery_ui}" ;
2021-12-30 12:05:56 +01:00
$ js_bootstrap = "$varenv{metahost}/$dbt->{shareedms_conf}->{js_bootstrap}" ;
$ style_bootstrap = "$varenv{metahost}/$dbt->{shareedms_conf}->{style_bootstrap}" ;
2022-03-23 07:20:56 +01:00
$ dyn_js = " \ $ ( function ( ) {
\ $( '#datepicker1' ) . datepicker ( { dateFormat: 'dd.mm.yy' , dayNamesMin: [ 'So' , 'Mo' , 'Di' , 'Mi' , 'Do' , 'Fr' , 'Sa' ] , monthNames: [ 'Januar' , 'Februar' , 'März' , 'April' , 'Mai' , 'Juni' , 'Juli' , 'August' , 'September' , 'Oktober' , 'November' , 'Dezember' ] } ) ;
\ $( '#datepicker2' ) . datepicker ( { dateFormat: 'dd.mm.yy' , dayNamesMin: [ 'So' , 'Mo' , 'Di' , 'Mi' , 'Do' , 'Fr' , 'Sa' ] , monthNames: [ 'Januar' , 'Februar' , 'März' , 'April' , 'Mai' , 'Juni' , 'Juli' , 'August' , 'September' , 'Oktober' , 'November' , 'Dezember' ] } ) ;
\ $( '#datepicker3' ) . datepicker ( { dateFormat: 'dd.mm.yy' , dayNamesMin: [ 'So' , 'Mo' , 'Di' , 'Mi' , 'Do' , 'Fr' , 'Sa' ] , monthNames: [ 'Januar' , 'Februar' , 'März' , 'April' , 'Mai' , 'Juni' , 'Juli' , 'August' , 'September' , 'Oktober' , 'November' , 'Dezember' ] } ) ;
2022-06-02 10:34:03 +02:00
\ $( '#datepicker4' ) . datepicker ( { dateFormat: 'dd.mm.yy' , dayNamesMin: [ 'So' , 'Mo' , 'Di' , 'Mi' , 'Do' , 'Fr' , 'Sa' ] , monthNames: [ 'Januar' , 'Februar' , 'März' , 'April' , 'Mai' , 'Juni' , 'Juli' , 'August' , 'September' , 'Oktober' , 'November' , 'Dezember' ] } ) ;
2022-03-23 07:20:56 +01:00
} ) ; " ;
2021-12-30 12:05:56 +01:00
}
2022-05-09 12:45:01 +02:00
my $ favicon = "css/favicon.ico" ;
2021-12-30 12:05:56 +01:00
my $ base_uri = "true" ;
2022-04-02 20:28:45 +02:00
my $ title = "" ;
2022-04-14 14:45:36 +02:00
$ title = $ dbt - > { primary } - > { $ varenv { dbname } } - > { title } if ( $ dbt - > { primary } - > { $ varenv { dbname } } - > { title } ) ;
$ title = $ dbt - > { operator } - > { $ varenv { dbname } } - > { title } if ( $ dbt - > { operator } - > { $ varenv { dbname } } - > { title } ) ;
2022-05-09 12:45:01 +02:00
if ( $ dbt - > { website } - > { $ varenv { syshost } } - > { title } ) {
$ title = $ dbt - > { website } - > { $ varenv { syshost } } - > { title } ;
$ favicon = "data/favicon.ico" ;
}
2022-04-14 14:45:36 +02:00
$ title . = " devel" if ( $ dbt - > { copri_conf } - > { stage } eq "test" ) ;
2022-05-09 12:45:01 +02:00
2021-12-30 12:05:56 +01:00
my $ html5 = $ q - > start_html ( - title = > "$title" ,
2023-05-15 11:39:26 +02:00
- lang = > "$lang" ,
2021-12-30 12:05:56 +01:00
- onload = > "$onload" ,
- oncontextmenu = > "$oncontextmenu" ,
- encoding = > "$html_charset" ,
- base = > "$base_uri" ,
- target = > "" ,
- head = > [
Link ( {
- rel = > 'shortcut icon' ,
- type = > 'image/x-icon' ,
2022-05-09 12:45:01 +02:00
- href = > "$varenv{metahost}/$favicon"
2021-12-30 12:05:56 +01:00
} )
] ,
- meta = > {
'viewport' = > "width=device-width,initial-scale=1,user-scalable=yes" ,
'author' = > "Rainer Gümpelein" ,
'publisher' = > "TeilRad GmbH" ,
'copyright' = > "TeilRad GmbH" ,
'keywords' = > "" ,
'description' = > "sharee.bike Mietradmanagementsystem"
} ,
- script = > [
{ - language = > 'JAVASCRIPT' ,
- src = > "$jquery" } ,
{ - language = > 'JAVASCRIPT' ,
2022-03-23 07:20:56 +01:00
- src = > "$jquery_ui" } ,
2021-12-30 12:05:56 +01:00
{ - language = > 'JAVASCRIPT' ,
- src = > "$varenv{metahost}/$dbt->{copri_conf}->{jsscript}" } ,
{ - language = > 'JAVASCRIPT' ,
- code = > "$dyn_js" }
] ,
- STYLE = > {
- code = > "$dyn_css" ,
- src = > [
"$local_style" ,
"$style_bootstrap" ,
2022-03-23 07:20:56 +01:00
"$style_bootstrap_icons" ,
"$style_jquery_ui"
2021-12-30 12:05:56 +01:00
] ,
- verbatim = > "\@import url(\"$local_style\");" ,
- media = > 'screen'
}
) ;
# CGI.pm doesn't support HTML5 DTD; replace the one it puts in.
$ html5 =~ s{<!DOCTYPE.*?>} {<!DOCTYPE html>}s ;
2023-05-15 11:39:26 +02:00
$ html5 =~ s{<html.*?>} {<html lang='$lang'>}s ;
2021-12-30 12:05:56 +01:00
print $ html5 ;
2023-01-17 20:43:36 +01:00
print $ q - > div ( { - style = > 'background-color:black;color:white;' } , "<noscript>JavaScript is off. Please enable to view full site.</noscript>" ) , "\n" ;
2021-12-30 12:05:56 +01:00
2023-01-17 20:43:36 +01:00
#feedb will be the new hashed return. todo refactoring
if ( ref ( $ return ) eq "HASH" ) {
$ feedb = $ return ;
2023-01-27 06:55:30 +01:00
} elsif ( $ return =~ /failure::/ ) {
2023-01-17 20:43:36 +01:00
$ feedb - > { message } = $ return ;
}
2023-03-05 20:01:47 +01:00
$ ml - > tpl ( $ q , $ node_meta , $ users_dms , $ mode , \ % varenv , $ users_sharee , $ feedb ) ;
2021-12-30 12:05:56 +01:00
if ( ref ( $ api_return ) eq "HASH" && $ api_return - > { response_text } ) {
print << EOF
<style> div #retm_konrad {position:fixed;right:40%;top:0;padding:5px;text-align:center;color:black;background-color:white;z-index:110;}</style>
<script>
\ $ ( document ) . ready ( function ( ) {
\ $( "#retm_konrad" ) . fadeOut ( 7000 ) ;
} )
</script>
EOF
;
print $ q - > div ( { - id = > 'retm_konrad' } , "$api_return->{response_text}" ) , "\n" ;
}
print "<script src='$js_bootstrap'></script>\n" ;
print $ q - > end_html ;
return Apache2::Const:: OK ;
}
1 ;