-
-
Save Flobin/304fcb8d0feab1ea990870b6a7fa58b8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// Instellingen voor het script "iDEAL betalingen" | |
define('HOSTNAME', 'www.airportpendel.nl'); | |
define('APP_DIR', 'ideal-betalingen'); | |
define('UW_IP_ADRES', '82.169.90.69'); // Beperk de toegang tot het formulier en het overzicht op basis van uw IP adres | |
define('DB_USER', 'db_user'); | |
define('DB_PASSWORD', 'db_password'); | |
define('DB_SERVER', 'localhost'); // in de meeste gevallen is dit localhost | |
define('DB_NAME', 'db_name'); | |
define('SITENAME', 'Airport Pendel'); | |
define('EMAILFROM', 'info@airportpendel.nl'); | |
// Geen SMTP server? Wij adviseren een gratis account bij mailgun.com | |
define('SMTP_HOST', 'host'); | |
define('SMTP_PORT', 587); // of 25, afhankelijk van de server | |
define('SMTP_LOGIN', 'login'); | |
define('SMTP_PASSWORD', 'password'); | |
define('HTML_EMAIL', true);// zet dit op "true" wanneer uw een HTML email template heeft | |
define('HP_SECRET', '123'); | |
define('SISOW_MERCHANT_ID', '456'); | |
define('SISOW_MERCHANT_KEY', '789'); | |
define('SISOW_TEST', 'true'); | |
$proto = ($_SERVER['HTTP_HTTPS'] == 'on') ? 'https' : 'http'; // niet wijzigen | |
define('PROTO', $proto); // niet wijzigen | |
define('SISOW_BEDANKT_PAGINA', PROTO.'://'.HOSTNAME.'/sip/bedankt/'); | |
define('SISOW_GEANNULEERD_PAGINA', PROTO.'://'.HOSTNAME.'/sip/geannuleerd/'); | |
// Geen wijzigingen hieronder uitvoeren! | |
define('DOCROOT', dirname(__FILE__)); | |
define('LIBS', DOCROOT.'/libs'); | |
if (session_status() == PHP_SESSION_NONE) { | |
session_start(); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
require_once 'config.php'; | |
if (UW_IP_ADRES != $_SERVER['REMOTE_ADDR']) { | |
die('Toegang geweigerd!'); | |
} | |
if (!empty($_GET['opnieuw'])) { | |
if (!$db = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_NAME)) { | |
die($db->connect_errno.' - '.$db->connect_error); | |
} else { | |
$session = $db->real_escape_string(session_id()); | |
$db->query(sprintf("DELETE FROM tbl_ideal_payments WHERE ID = '%s' AND status = 'open'", $session)); | |
session_regenerate_id(); | |
} | |
} | |
$msg = file_get_contents(DOCROOT.'/incl/emailtemplate.tpl'); | |
?> | |
<!DOCTYPE html> | |
<html lang="nl"> | |
<head> | |
<meta charset="utf-8"> | |
<meta http-equiv="X-UA-Compatible" content="IE=edge"> | |
<meta name="viewport" content="width=device-width, initial-scale=1"> | |
<title>iDEAL betaling via e-mail</title> | |
<!-- Bootstrap core CSS --> | |
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css" rel="stylesheet"> | |
<!-- Custom styles for this template --> | |
<link href="style.css" rel="stylesheet"> | |
<!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --> | |
<!--[if lt IE 9]> | |
<script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script> | |
<script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script> | |
<![endif]--> | |
</head> | |
<body> | |
<div class="container"> | |
<div class="header clearfix"> | |
<nav> | |
<ul class="nav nav-pills pull-right"> | |
<li role="presentation"><a href="/<?php echo APP_DIR; ?>/">Start</a></li> | |
<li role="presentation"><a href="/<?php echo APP_DIR; ?>/report.php">Overzicht</a></li> | |
</ul> | |
</nav> | |
<div class="logo"><img src="img/logo.jpg" alt="Logo"></div> | |
</div> | |
<form id="postform"> | |
<div class="jumbotron"> | |
<h1>iDEAL Betaling via E-mail</h1> | |
<p>Gebruik het onderstaande formulier voor het aanmaken en versturen van een iDEAL betaling.</p> | |
</div> | |
<div class="row marketing"> | |
<div class="col-lg-6"> | |
<h2>Betaalgegevens</h2> | |
<div class="form-group"> | |
<label for="InputBedrag">Te betalen bedrag</label> | |
<div class="input-group"> | |
<span class="input-group-addon">€</span> | |
<input type="number" name="euros" class="form-control" id="InputBedrag" min="0" step="1" data-bind="value:replyNumber" placeholder="0"> | |
<span class="input-group-addon">,</span> | |
<input type="number" name="centen" class="form-control" id="InputBedrag2" min="0" step="1" data-bind="value:replyNumber" placeholder="00"> | |
</div> | |
</div> | |
<div class="form-group"> | |
<label for="InputDescr">Omschrijving voor de iDEAL betaling</label> | |
<input type="text" name="paydecr" class="form-control" id="InputDescr" placeholder="max. 32 karakters!"> | |
</div> | |
<h2>Bijlage toevoegen</h2> | |
<p>Upload hier een bijlage voor uw e-mailbericht. De volgende bestandstypen zijn toegestaan: PDF, Word document of ZIP archief.</p> | |
<div class="form-group"> | |
<p id="uplmsg"></p> | |
<span class="btn btn-default btn-file"> | |
<i class="glyphicon glyphicon-plus"></i> | |
<span>Kies bestand...</span> | |
<input id="fileupload" type="file" name="files"> | |
</span> | |
</div> | |
<div id="uploadscontainer"></div> | |
</div> | |
<div class="col-lg-6"> | |
<h2>Contactgegevens</h2> | |
<div class="form-group"> | |
<label for="InputEmail1">E-mailadres verzender</label> | |
<input type="email" name="emailfrom" class="form-control" id="InputEmail1" value="<?php echo EMAILFROM; ?>" readonly> | |
</div> | |
<div class="form-group"> | |
<label for="InputName1">Naam verzender</label> | |
<input type="text" name="namefrom" class="form-control" id="InputName1" value="<?php echo SITENAME; ?>" readonly> | |
</div> | |
<div class="form-group"> | |
<label for="InputEmail2">E-mailadres ontvanger</label> | |
<input type="email" name="emailto" class="form-control" id="InputEmail2" placeholder=""> | |
</div> | |
<div class="form-group"> | |
<label for="InputName2">Naam ontvanger</label> | |
<input type="text" name="nameto" class="form-control" id="InputName2" placeholder=""> | |
</div> | |
</div> | |
</div> | |
<div class="row marketing extra-gegevens"> | |
<h2 class="col-lg-12">Extra gegevens</h2> | |
<div class="col-lg-6"> | |
<div class="form-group"> | |
<label for="heenreis">Bedrag heenreis</label> | |
<div class="input-group"> | |
<span class="input-group-addon">€</span> | |
<input type="number" name="heenreis" class="form-control" id="heenreis" min="0" step="0.01" placeholder="0"> | |
</div> | |
</div> | |
<div class="form-group"> | |
<label for="terugreis">Bedrag terugreis</label> | |
<div class="input-group"> | |
<span class="input-group-addon">€</span> | |
<input type="number" name="terugreis" class="form-control" id="terugreis" min="0" step="0.01" placeholder="0"> | |
</div> | |
</div> | |
</div> | |
<div class="col-lg-6"> | |
<div class="form-group"> | |
<label for="postcode">Postcode</label> | |
<input type="text" name="postcode" class="form-control" id="postcode" placeholder="1234AB"> | |
</div> | |
<div class="form-group"> | |
<label for="factuurnummer">Factuurnummer</label> | |
<input type="text" name="factuurnummer" class="form-control" id="factuurnummer" placeholder="2016-11-13_001"> | |
</div> | |
</div> | |
</div> | |
<div class="row marketing"> | |
<div class="col-lg-12"> | |
<div class="form-group"> | |
<label for="InputSubject">Onderwerp voor e-mailbericht</label> | |
<input type="text" name="subject" class="form-control" id="InputSubject" placeholder="Kies een duidelijk onderwerp..."> | |
</div> | |
<div class="form-group"> | |
<label for="InputMailtext">Tekst voor e-mailbericht</label> | |
<textarea class="form-control" id="InputMailtext" name="mailtext" rows="5" aria-describedby="helpBlock"><?php echo $msg; ?></textarea> | |
<span id="helpBlock" class="help-block">Wijzig hier uw e-mailbericht. Let op, verwijder niet de teksten zoals {IDEALLINK}.</span> | |
</div> | |
<a class="btn btn-link pull-right" href="?opnieuw=1">Opnieuw beginnen</a> | |
<input type="hidden" name="attachment" id="InputAttachment" value=""> | |
<input type="hidden" name="Submit" value="1"> | |
<button type="button" class="btn btn-primary" id="submit-btn">Verzenden</button> | |
</div> | |
</div> | |
<div id="message"></div> | |
</form> | |
<footer class="footer"> | |
<p>© <?php echo date('Y').' '.SITENAME; ?></a></p> | |
</footer> | |
</div> <!-- /container --> | |
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script> | |
<script src="incl/ie10-viewport-bug-workaround.js"></script> | |
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js"></script> | |
<script src="incl/vendor/jquery.ui.widget.js"></script> | |
<script src="incl/jquery.iframe-transport.js"></script> | |
<script src="incl/jquery.fileupload.js"></script> | |
<script> | |
function isValidEmailAddress(emailAddress) { | |
var pattern = new RegExp(/^((([a-z]|\d|[!#\$%&'\*\+\-\/=\?\^_`{\|}~]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])+(\.([a-z]|\d|[!#\$%&'\*\+\-\/=\?\^_`{\|}~]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])+)*)|((\x22)((((\x20|\x09)*(\x0d\x0a))?(\x20|\x09)+)?(([\x01-\x08\x0b\x0c\x0e-\x1f\x7f]|\x21|[\x23-\x5b]|[\x5d-\x7e]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(\\([\x01-\x09\x0b\x0c\x0d-\x7f]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]))))*(((\x20|\x09)*(\x0d\x0a))?(\x20|\x09)+)?(\x22)))@((([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.)+(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.?$/i); | |
return pattern.test(emailAddress); | |
} | |
function keepLB(str) { | |
var reg = new RegExp("(%0A)", "g"); | |
return str.replace(reg,"%0D$1"); | |
} | |
$(document).ready(function() { | |
$("#InputDescr").attr('maxlength','32'); | |
$('#fileupload').fileupload({ | |
dataType: 'json', | |
url: 'incl/upload/', | |
add: function (e, data) { | |
$('#uplmsg').html(''); | |
data.context = $('#uplmsg').html('Uploading...'); | |
data.submit(); | |
}, | |
done: function (e, data) { | |
$.each(data.result.files, function (index, file) { | |
if (file.error) { | |
$('#uplmsg').addClass('text-warning').html(file.error); | |
} else { | |
$('#uplmsg').addClass('text-success').html('Upload voltooid!'); | |
$('#uploadscontainer').html(file.name + ' <a href="javascript:void(0);" class="glyphicon glyphicon-trash" aria-hidden="true" data-type="' + file.deleteType + '" data-url="' + file.deleteUrl + '"></a>'); | |
$('#InputAttachment').val(file.name); | |
} | |
}); | |
} | |
}); | |
$('#uploadscontainer').on('click', 'a', function (e) { | |
e.preventDefault(); | |
$('#uplmsg').html(''); | |
var delfile = $(this); | |
$.ajax({ | |
url: delfile.attr('data-url'), | |
type: delfile.attr('data-type'), | |
success: function(result) { | |
$('#uplmsg').addClass('text-info').html('Bestand verwijderd!'); | |
$('#InputAttachment').val(''); | |
$('#uploadscontainer').html(''); | |
} | |
}); | |
}); | |
$('#submit-btn').click(function() { | |
$('#message').removeClass('alert alert-success alert-warning'); | |
$('#submit-btn').prop('disabled', true); | |
$('#message').html('<img src="img/loading.gif" alt="">'); | |
var formdata | |
$.ajax({ | |
type: 'POST', | |
url: 'incl/sendemail.php', | |
data: decodeURIComponent($('#postform').serialize()), | |
dataType: 'json', | |
beforeSend: function() { | |
var subject = $('#InputSubject').val(); | |
var bericht = $('#InputMailtext').val(); | |
var bedrag = $('#InputBedrag').val(); | |
var decbedrag = $('#InputBedrag2').val(); | |
var descr = $('#InputDescr').val(); | |
var naam = $('#InputName2').val(); | |
var email = $('#InputEmail2').val(); | |
var heenreis = $('#heenreis').val(); | |
var terugreis = $('#terugreis').val(); | |
var postcode = $('#postcode').val(); | |
var factuurnummer = $('#factuurnummer').val(); | |
if (!bericht || !naam || !email || !descr || !bedrag || !subject || !heenreis || !terugreis || !postcode || !factuurnummer ) { | |
$('#message').addClass('alert alert-warning').html('Alle velden moeten worden ingevuld.'); | |
$('#submit-btn').prop('disabled', false); | |
return false; | |
} | |
if (parseInt(bedrag) <= 0 || parseInt(decbedrag) < 0) { | |
$('#message').addClass('alert alert-warning').html('Het ingevoerde bedrag is niet geldig!'); | |
$('#submit-btn').prop('disabled', false); | |
return false; | |
} | |
if (!isValidEmailAddress(email)) { | |
$('#message').addClass('alert alert-warning').html('Het ingevoerde e-mailadres heeft niet het juiste formaat.'); | |
$('#submit-btn').prop('disabled', false); | |
return false; | |
} | |
}, | |
success: function(response) { | |
if (response.status == 'success') { | |
$('#postform')[0].reset(); | |
$('#uploadscontainer').html(''); | |
$('#uplmsg').html(''); | |
$('#message').addClass('alert alert-success'); | |
} else { | |
$('#message').addClass('alert alert-warning'); | |
} | |
$('#submit-btn').prop('disabled', false); | |
$('#message').html(response.error); | |
} | |
}); | |
}); | |
}); | |
</script> | |
</body> | |
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
require_once '../config.php'; | |
include_once LIBS.'/phpmailer/PHPMailerAutoload.php'; | |
$error = ''; | |
$status = 'error'; | |
if (isset($_POST['Submit'])) { | |
if (empty($_POST['euros']) || empty($_POST['emailto']) || empty($_POST['nameto']) || empty($_POST['mailtext']) || empty($_POST['subject']) || empty($_POST['paydecr']) || empty($_POST['heenreis']) || empty($_POST['terugreis']) || empty($_POST['postcode']) || empty($_POST['factuurnummer'])) { | |
$error = 'Tenminste een van de verplichte velden is leeg.'; | |
} else { | |
if ((int)$_POST['euros'] < 0 || (isset($_POST['centen']) && (int)$_POST['centen'] < 0)) { | |
$error = 'De ingevoerde bedragen mogen niet negatief zijn.'; | |
} else { | |
if (!$db = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_NAME)) { | |
die($db->connect_errno.' - '.$db->connect_error); | |
} else { | |
$session = $db->real_escape_string(session_id()); | |
$sql = sprintf("SELECT status FROM tbl_ideal_payments WHERE ID = '%s'", $session); | |
$result = $db->query($sql) or die($mysqli->error); | |
if ($result->num_rows == 1) { | |
$error = 'Het bericht met dit betaalverzoek heeft u al eerder verzonden. <a href="?opnieuw=1">Klik hier</a> om een nieuwe e-mail te verzenden.'; | |
} else { | |
$contact = filter_var($_POST['nameto'], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW); | |
$emailto = filter_var($_POST['emailto'], FILTER_SANITIZE_EMAIL); | |
$mailmsg = filter_var($_POST['mailtext'], FILTER_UNSAFE_RAW); | |
$subject = filter_var($_POST['subject'], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW); | |
$paydecr = filter_var($_POST['paydecr'], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW); | |
$link = PROTO.'://'.HOSTNAME.'/sip/'.urlencode(session_id()); | |
$bedrag = (int)$_POST['euros']; | |
if ((int)$_POST['centen'] > 0) { | |
$bedrag = $bedrag + ((int)$_POST['centen']/100); | |
} | |
$heenreis = filter_var($_POST['heenreis'], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW); | |
$terugreis = filter_var($_POST['terugreis'], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW); | |
$postcode = filter_var($_POST['postcode'], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW); | |
$factuurnummer = filter_var($_POST['factuurnummer'], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW); | |
$mailmsg = str_replace('{CONTACT}', $contact, $mailmsg); | |
$mailmsg = str_replace('{BEDRAG}', number_format($bedrag, 2, ',', ''), $mailmsg); | |
$mailmsg = str_replace('{IDEALLINK}', $link, $mailmsg); | |
$mailmsg = str_replace('{BEDRIJFSNAAM}', SITENAME, $mailmsg); | |
$mailmsg = str_replace('{DATUMTIJD}', date('d-m-Y H:i'), $mailmsg); | |
$mailmsg = str_ireplace('{HEENREIS}', $heenreis, $mailmsg); | |
$mailmsg = str_ireplace('{TERUGREIS}', $terugreis, $mailmsg); | |
$mailmsg = str_ireplace('{POSTCODE}', $postcode, $mailmsg); | |
$mailmsg = str_ireplace('{FACTUURNUMMER}', $factuurnummer, $mailmsg); | |
$stmt = $db->prepare( | |
"INSERT INTO tbl_ideal_payments SET ID = ?, | |
datumtijd = NOW(), | |
naamfrom = ?, | |
emailfrom = ?, | |
naamto = ?, | |
emailto = ?, | |
bedrag = ?, | |
descr = ?, | |
mailsubject = ?, | |
mailtekst = ?, | |
ipadres = ?, | |
heenreis = ?, | |
terugreis = ?, | |
postcode = ?, | |
factuurnummer = ?, | |
status = 'open' | |
"); | |
//var_dump($stmt); | |
$stmt->bind_param( | |
'sssssdssss', | |
$session, | |
$naamfrom, | |
$emailfrom, | |
$contact, | |
$emailto, | |
$bedrag, | |
$paydecr, | |
$subject, | |
$mailmsg, | |
$_SERVER['REMOTE_ADDR'], | |
$heenreis, | |
$terugreis, | |
$postcode, | |
$factuurnummer | |
); | |
$naamfrom = SITENAME; | |
$emailfrom = EMAILFROM; | |
$stmt->execute(); | |
$stmt->close(); | |
$mail = new PHPMailer(); | |
$mail->CharSet = 'utf-8'; | |
$mail->IsSMTP(); | |
$mail->SMTPDebug = 0; // debugging: 1 = errors and messages, 2 = messages only | |
$mail->SMTPAuth = true; | |
$mail->Host = SMTP_HOST; | |
$mail->Port = SMTP_PORT; | |
$mail->Username = SMTP_LOGIN; | |
$mail->Password = SMTP_PASSWORD; | |
$mail->SetFrom(EMAILFROM, SITENAME, 0); | |
# if (!HTML_EMAIL) $mail->isHTML(false); | |
$mail->isHTML(true); | |
$mail->Body = $mailmsg; | |
if (!empty($_POST['attachment'])) { | |
$file = filter_var($_POST['attachment'], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW); | |
$filepath = DOCROOT.'/tmp/'.$file; | |
if (file_exists($filepath)) { | |
$finfo = finfo_open(FILEINFO_MIME_TYPE); | |
if (!$mimetype = finfo_file($finfo, $filepath)) { | |
$mimetype = 'application/octet-stream'; | |
} | |
finfo_close($finfo); | |
$mail->AddAttachment($filepath, $file, 'base64', $mimetype); | |
} | |
} | |
$mail->Subject = $subject; | |
$mail->AddAddress($emailto); | |
if (!$mail->Send()) { | |
$error = 'Fout bij het versturen van de e-mail.'; | |
} else { | |
$db->query(sprintf("UPDATE tbl_ideal_payments SET status = 'send' WHERE ID = '%s'", $session)); | |
$error = 'Het bericht (inclusief betaallink) is verzonden.'; | |
$status = 'success'; | |
session_unset(); | |
if (is_file($filepath)) unlink($filepath); | |
} | |
} | |
$db->close(); | |
} | |
} | |
} | |
} | |
$resp = array('status'=>$status, 'error'=>$error); | |
echo json_encode($resp); | |
exit; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment