TwoTalesDev/4WDCSA.co.za
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: TwoTalesDev:f4934e9c134a8fccbc505b2769c1917d638e033e
Branches Tags
TwoTalesDev:main TwoTalesDev:feature/ikhokha2 TwoTalesDev:feature/blog-2026 TwoTalesDev:feature/photo-gallery TwoTalesDev:feature/events TwoTalesDev:feature/campsite-updates TwoTalesDev:feature/trip-publisher TwoTalesDev:feature/site-cleanup TwoTalesDev:feature/site-restructure TwoTalesDev:feature/blog-posts TwoTalesDev:feature/pop_submit TwoTalesDev:feature/homepage_sponsor
...
compare: TwoTalesDev:main
Branches Tags
TwoTalesDev:main TwoTalesDev:feature/ikhokha2 TwoTalesDev:feature/blog-2026 TwoTalesDev:feature/photo-gallery TwoTalesDev:feature/events TwoTalesDev:feature/campsite-updates TwoTalesDev:feature/trip-publisher TwoTalesDev:feature/site-cleanup TwoTalesDev:feature/site-restructure TwoTalesDev:feature/blog-posts TwoTalesDev:feature/pop_submit TwoTalesDev:feature/homepage_sponsor

15 Commits
f4934e9c13 ... main

Author SHA1 Message Date
twotalesanimation
9653443c09 updated to add country membership, singles and honorary recognition 2025-12-20 00:32:29 +02:00
twotalesanimation
782d343243 updated to add country membership 2025-12-19 19:50:22 +02:00
twotalesanimation
c618fd4506 updated BASE4 page 2025-12-18 21:11:43 +02:00
twotalesanimation
d5feaacddf consolodated admin pages 2025-12-17 12:42:09 +02:00
twotalesanimation
927f9f3fe1 whatsapp button added 2025-12-16 23:00:30 +02:00
twotalesanimation
1b47cb0a69 Implementation of Notification System #2 2025-12-16 22:48:19 +02:00
twotalesanimation
7ebc2f64cf Implementation of Notification System 2025-12-16 22:40:24 +02:00
twotalesanimation
ebd7efe21c added auto course codes 2025-12-15 18:07:11 +02:00
twotalesanimation
6ff20c1ffc added admin course creation 2025-12-15 16:57:11 +02:00
twotalesanimation
35c177b11d htacces update 2025-12-15 15:52:25 +02:00
twotalesanimation
acd7f563b1 added transaction table, fixed signature auth. Monitor for bugs before rmoving bypass 2025-12-15 15:51:11 +02:00
twotalesanimation
5768d8a7af Merge branch 'ikhokha2' into main 2025-12-15 10:54:31 +02:00
twotalesanimation
0e6ecd127f post auditlog implementation for bookings and payments 2025-12-15 10:52:09 +02:00
twotalesanimation
702e04e9bf pre auditlog implementations 2025-12-15 10:44:56 +02:00
twotalesanimation
d2c99e86b4 mostly complete payment system 2025-12-15 10:18:25 +02:00
51 changed files with 4027 additions and 2766 deletions
Expand all files Collapse all files

13
.htaccess
View File

@@ -30,6 +30,7 @@ RewriteRule ^membership$ src/pages/memberships/membership.php [L]
RewriteRule ^membership_details$ src/pages/memberships/membership_details.php [L]
RewriteRule ^membership_application$ src/pages/memberships/membership_application.php [L]
RewriteRule ^membership_payment$ src/pages/memberships/membership_payment.php [L]
RewriteRule ^renewal_payment$ src/pages/memberships/renewal_payment.php [L]
RewriteRule ^renew_membership$ src/pages/memberships/renew_membership.php [L]
RewriteRule ^member_info$ src/pages/memberships/member_info.php [L]
@@ -68,6 +69,7 @@ RewriteRule ^instapage$ src/pages/events/instapage.php [L]
# === OTHER PAGES ===
RewriteRule ^about$ src/pages/other/about.php [L]
RewriteRule ^base4$ src/pages/other/base4.php [L]
RewriteRule ^contact$ src/pages/other/contact.php [L]
RewriteRule ^privacy_policy$ src/pages/other/privacy_policy.php [L]
RewriteRule ^track-map$ src/pages/track-map.php [L]
@@ -86,6 +88,8 @@ RewriteRule ^failure$ src/pages/payment/failure.php [L]
RewriteRule ^cancel$ src/pages/payment/cancel.php [L]
# === ADMIN PAGES ===
RewriteRule ^admin_trips_events_courses$ src/admin/admin_trips_events_courses.php [L]
RewriteRule ^admin_bookings$ src/admin/admin_bookings.php [L]
RewriteRule ^admin_members$ src/admin/admin_members.php [L]
RewriteRule ^admin_payments$ src/admin/admin_payments.php [L]
RewriteRule ^admin_web_users$ src/admin/admin_web_users.php [L]
@@ -94,10 +98,13 @@ RewriteRule ^admin_course_bookings$ src/admin/admin_course_bookings.php [L]
RewriteRule ^admin_camp_bookings$ src/admin/admin_camp_bookings.php [L]
RewriteRule ^admin_trip_bookings$ src/admin/admin_trip_bookings.php [L]
RewriteRule ^admin_visitors$ src/admin/admin_visitors.php [L]
RewriteRule ^admin_efts$ src/admin/admin_efts.php [L]
RewriteRule ^admin_transactions$ src/admin/admin_transactions.php [L]
RewriteRule ^admin_trips$ src/admin/admin_trips.php [L]
RewriteRule ^manage_events$ src/admin/manage_events.php [L]
RewriteRule ^manage_trips$ src/admin/manage_trips.php [L]
RewriteRule ^admin_courses$ /src/admin/admin_courses.php [L,QSA]
RewriteRule ^manage_courses$ /src/admin/manage_courses.php [L,QSA]
# === API/AJAX ENDPOINTS ===
RewriteRule ^fetch_users$ src/api/fetch_users.php [L]
@@ -108,6 +115,8 @@ RewriteRule ^get_tab_total$ src/api/get_tab_total.php [L]
RewriteRule ^google_validate_login$ src/api/google_validate_login.php [L]
# === PROCESSORS ===
RewriteRule ^process_course$ /src/processors/process_course.php [L,QSA]
RewriteRule ^delete_course$ /src/processors/delete_course.php [L,QSA]
RewriteRule ^validate_login$ src/processors/validate_login.php [L]
RewriteRule ^register_user$ src/processors/register_user.php [L]
RewriteRule ^process_application$ src/processors/process_application.php [L]
@@ -142,7 +151,7 @@ RewriteRule ^link_membership_user$ src/processors/link_membership_user.php [L]
RewriteRule ^unlink_membership_user$ src/processors/unlink_membership_user.php [L]
# Blog routes
RewriteRule ^admin_blogs$ src/pages/blog/admin_blogs.php [L]
RewriteRule ^admin_blogs$ src/admin/admin_blogs.php [L]
RewriteRule ^user_blogs$ src/pages/blog/user_blogs.php [L]
RewriteRule ^blog_read$ src/pages/blog/blog_read.php [L]
RewriteRule ^blog_edit$ src/pages/blog/blog_edit.php [L]

215
.htaccess copy
View File

@@ -1,215 +0,0 @@
# URL Rewrite Rules - Maps old URLs to new directory structure during migration
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
# Don't rewrite existing files or directories
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# === STRIP .PHP EXTENSION ===
# Redirect /page.php to /page (301 permanent redirect)
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)\.php$ /$1 [R=301,L]
# Internally rewrite /page to /page.php if page.php exists
RewriteCond %{REQUEST_FILENAME}\.php -f
RewriteRule ^(.+)$ $1.php [L]
# === AUTH PAGES ===
RewriteRule ^login$ src/pages/auth/login.php [L]
RewriteRule ^register$ src/pages/auth/register.php [L]
RewriteRule ^forgot_password$ src/pages/auth/forgot_password.php [L]
RewriteRule ^reset_password$ src/pages/auth/reset_password.php [L]
RewriteRule ^verify$ src/pages/auth/verify.php [L]
RewriteRule ^resend_verification$ src/pages/auth/resend_verification.php [L]
RewriteRule ^change_password$ src/pages/auth/change_password.php [L]
RewriteRule ^update_password$ src/pages/auth/update_password.php [L]
# === MEMBERSHIP PAGES ===
RewriteRule ^membership$ src/pages/memberships/membership.php [L]
RewriteRule ^membership_details$ src/pages/memberships/membership_details.php [L]
RewriteRule ^membership_application$ src/pages/memberships/membership_application.php [L]
RewriteRule ^membership_payment$ src/pages/memberships/membership_payment.php [L]
RewriteRule ^renew_membership$ src/pages/memberships/renew_membership.php [L]
RewriteRule ^member_info$ src/pages/memberships/member_info.php [L]
# === BOOKING PAGES ===
RewriteRule ^bookings$ src/pages/bookings/bookings.php [L]
RewriteRule ^campsites$ src/pages/bookings/campsites.php [L]
RewriteRule ^campsite_booking$ src/pages/bookings/campsite_booking.php [L]
RewriteRule ^add_campsite$ src/pages/add_campsite.php [L]
RewriteRule ^trips$ src/pages/bookings/trips.php [L]
RewriteRule ^trip-details$ src/pages/bookings/trip-details.php [L]
RewriteRule ^course_details$ src/pages/bookings/course_details.php [L]
RewriteRule ^driver_training$ src/pages/bookings/driver_training.php [L]
# === SHOP PAGES ===
RewriteRule ^view_cart$ src/pages/shop/view_cart.php [L]
RewriteRule ^add_to_cart$ src/pages/shop/add_to_cart.php [L]
RewriteRule ^bar_tabs$ src/pages/shop/bar_tabs.php [L]
RewriteRule ^payment_confirmation$ src/pages/shop/payment_confirmation.php [L]
RewriteRule ^confirm$ src/pages/shop/confirm.php [L]
RewriteRule ^confirm2$ src/pages/shop/confirm2.php [L]
# === GALLERY PAGES ===
RewriteRule ^gallery$ src/pages/gallery/gallery.php [L]
RewriteRule ^create_album$ src/pages/gallery/create_album.php [L]
RewriteRule ^edit_album$ src/pages/gallery/create_album.php [L]
RewriteRule ^view_album$ src/pages/gallery/view_album.php [L]
# === EVENTS & BLOG PAGES ===
RewriteRule ^events$ src/pages/events/events.php [L]
RewriteRule ^blog$ src/pages/blog/blog.php [L]
RewriteRule ^blog_details$ src/pages/blog/blog_details.php [L]
RewriteRule ^best_of_the_eastern_cape_2024$ src/pages/events/best_of_the_eastern_cape_2024.php [L]
RewriteRule ^2025_agm_minutes$ src/pages/events/2025_agm_minutes.php [L]
RewriteRule ^agm_content$ src/pages/events/agm_content.php [L]
RewriteRule ^instapage$ src/pages/events/instapage.php [L]
# === OTHER PAGES ===
RewriteRule ^about$ src/pages/other/about.php [L]
RewriteRule ^contact$ src/pages/other/contact.php [L]
RewriteRule ^privacy_policy$ src/pages/other/privacy_policy.php [L]
RewriteRule ^track-map$ src/pages/track-map.php [L]
RewriteRule ^404$ src/pages/other/404.php [L]
RewriteRule ^account_settings$ src/pages/other/account_settings.php [L]
RewriteRule ^rescue_recovery$ src/pages/other/rescue_recovery.php [L]
RewriteRule ^bush_mechanics$ src/pages/other/bush_mechanics.php [L]
RewriteRule ^indemnity$ src/pages/other/indemnity.php [L]
RewriteRule ^indemnity_waiver$ src/pages/other/indemnity_waiver.php [L]
RewriteRule ^basic_indemnity$ src/pages/other/basic_indemnity.php [L]
RewriteRule ^view_indemnity$ src/pages/other/view_indemnity.php [L]
# === ADMIN PAGES ===
RewriteRule ^admin_members$ src/admin/admin_members.php [L]
RewriteRule ^admin_payments$ src/admin/admin_payments.php [L]
RewriteRule ^admin_web_users$ src/admin/admin_web_users.php [L]
RewriteRule ^admin_events$ src/admin/admin_events.php [L]
RewriteRule ^admin_course_bookings$ src/admin/admin_course_bookings.php [L]
RewriteRule ^admin_camp_bookings$ src/admin/admin_camp_bookings.php [L]
RewriteRule ^admin_trip_bookings$ src/admin/admin_trip_bookings.php [L]
RewriteRule ^admin_visitors$ src/admin/admin_visitors.php [L]
RewriteRule ^admin_efts$ src/admin/admin_efts.php [L]
RewriteRule ^admin_trips$ src/admin/admin_trips.php [L]
RewriteRule ^manage_events$ src/admin/manage_events.php [L]
RewriteRule ^manage_trips$ src/admin/manage_trips.php [L]
# === API/AJAX ENDPOINTS ===
RewriteRule ^fetch_users$ src/api/fetch_users.php [L]
RewriteRule ^fetch_drinks$ src/api/fetch_drinks.php [L]
RewriteRule ^fetch_bar_tabs$ src/api/fetch_bar_tabs.php [L]
RewriteRule ^get_campsites$ src/api/get_campsites.php [L]
RewriteRule ^get_tab_total$ src/api/get_tab_total.php [L]
RewriteRule ^google_validate_login$ src/api/google_validate_login.php [L]
# === PROCESSORS ===
RewriteRule ^validate_login$ src/processors/validate_login.php [L]
RewriteRule ^register_user$ src/processors/register_user.php [L]
RewriteRule ^process_application$ src/processors/process_application.php [L]
RewriteRule ^process_booking$ src/processors/process_booking.php [L]
RewriteRule ^process_camp_booking$ src/processors/process_camp_booking.php [L]
RewriteRule ^process_course_booking$ src/processors/process_course_booking.php [L]
RewriteRule ^process_trip_booking$ src/processors/process_trip_booking.php [L]
RewriteRule ^process_membership_payment$ src/processors/process_membership_payment.php [L]
RewriteRule ^process_payments$ src/processors/process_payments.php [L]
RewriteRule ^process_eft$ src/processors/process_eft.php [L]
RewriteRule ^submit_order$ src/processors/submit_order.php [L]
RewriteRule ^submit_pop$ src/processors/submit_pop.php [L]
RewriteRule ^process_signature$ src/processors/process_signature.php [L]
RewriteRule ^create_bar_tab$ src/processors/create_bar_tab.php [L]
RewriteRule ^update_application$ src/processors/update_application.php [L]
RewriteRule ^update_user$ src/processors/update_user.php [L]
RewriteRule ^upload_profile_picture$ src/processors/upload_profile_picture.php [L]
RewriteRule ^send_reset_link$ src/processors/send_reset_link.php [L]
RewriteRule ^logout$ src/processors/logout.php [L]
RewriteRule ^process_trip$ src/processors/process_trip.php [L]
RewriteRule ^process_event$ src/processors/process_event.php [L]
RewriteRule ^toggle_trip_published$ src/processors/toggle_trip_published.php [L]
RewriteRule ^toggle_event_published$ src/processors/toggle_event_published.php [L]
RewriteRule ^delete_trip$ src/processors/delete_trip.php [L]
RewriteRule ^delete_event$ src/processors/delete_event.php [L]
RewriteRule ^save_album$ src/processors/save_album.php [L]
RewriteRule ^update_album$ src/processors/update_album.php [L]
RewriteRule ^delete_album$ src/processors/delete_album.php [L]
RewriteRule ^delete_photo$ src/processors/delete_photo.php [L]
RewriteRule ^get_album_photos$ src/processors/get_album_photos.php [L]
RewriteRule ^link_membership_user$ src/processors/link_membership_user.php [L]
RewriteRule ^unlink_membership_user$ src/processors/unlink_membership_user.php [L]
# Blog routes
RewriteRule ^admin_blogs$ src/pages/blog/admin_blogs.php [L]
RewriteRule ^user_blogs$ src/pages/blog/user_blogs.php [L]
RewriteRule ^blog_read$ src/pages/blog/blog_read.php [L]
RewriteRule ^blog_edit$ src/pages/blog/blog_edit.php [L]
RewriteRule ^blog_create$ src/processors/blog/blog_create.php [L]
RewriteRule ^blog_delete$ src/processors/blog/blog_delete.php [L]
RewriteRule ^publish_blog$ src/processors/blog/publish_blog.php [L]
RewriteRule ^blog_unpublish$ src/processors/blog/blog_unpublish.php [L]
RewriteRule ^submit_blog$ src/processors/blog/submit_blog.php [L]
RewriteRule ^upload_blog_image$ src/processors/blog/upload_blog_image.php [L]
RewriteRule ^autosave$ src/processors/blog/autosave.php [L]
</IfModule>
php_flag display_errors On
# php_value error_reporting -1
RedirectMatch 403 ^/\.well-known
Options -Indexes
<FilesMatch "\.(env|sql|bak|zip|tar|gz|ini)$">
Require all denied
</FilesMatch>
ErrorDocument 404 /404.php
<RequireAll>
Require all granted
Require not ip 4.222.252.98
Require not ip 4.222.252.97
</RequireAll>
<Files .env>
Order allow,deny
Deny from all
</Files>
# ALL CUSTOM ENTRIES SHOULD GO ABOVE THIS LINE
# BEGIN IWORX header
# This file was created by InterWorx-CP
# You may modify this file, but any changes made between
# BEGIN IWORX and END IWORX tags may be lost on future
# updates. Additionally, changes NOT made between these
# tags will not be recognized in the SiteWorx interface.
# END IWORX header
# BEGIN IWORX accesscontrol
# END IWORX accesscontrol
# BEGIN IWORX errordocs
# END IWORX errordocs
# BEGIN IWORX mimetypes
# END IWORX mimetypes
# BEGIN IWORX handlers
# END IWORX handlers
# BEGIN IWORX charset
# END IWORX charset
# BEGIN IWORX redirects
# END IWORX redirects
# BEGIN IWORX phpvars
# END IWORX phpvars
# BEGIN IWORX dirindex
# END IWORX dirindex
# BEGIN IWORX hotlink
# END IWORX hotlink
# BEGIN IWORX passwordprotection
# END IWORX passwordprotection

73
assets/css/notifications.css Normal file
View File

@@ -0,0 +1,73 @@
.notif-avatar-container {
position: relative;
display: inline-block;
}
.notif-badge {
position: absolute;
top: -6px;
right: -6px;
background: #e74c3c;
color: #fff;
border-radius: 50%;
min-width: 20px;
height: 20px;
padding: 0 6px;
font-size: 12px;
display: none;
line-height: 20px;
text-align: center;
box-sizing: border-box;
font-weight: 600;
}
.notif-panel {
position: absolute;
right: 10px;
top: 44px;
width: 320px;
background: #fff;
border: 1px solid #ddd;
box-shadow: 0 6px 20px rgba(0, 0, 0, 0.12);
z-index: 9999;
padding: 8px;
border-radius: 6px;
}
.notif-panel .notif-empty {
padding: 12px;
text-align: center;
color: #666;
}
.notif-item {
display: flex;
align-items: center;
padding: 8px;
border-bottom: 1px solid #f1f1f1;
}
.notif-item:last-child {
border-bottom: none;
}
.notif-item-avatar {
width: 36px;
height: 36px;
border-radius: 50%;
object-fit: cover;
margin-right: 8px;
}
.notif-item-body {
flex: 1;
}
.notif-item-title {
font-weight: 600;
font-size: 13px;
}
.notif-item-meta {
font-size: 11px;
color: #888;
}
.notif-close {
background: transparent;
border: 0;
color: #999;
font-weight: 700;
padding: 6px;
cursor: pointer;
}

BIN
assets/images/base4/01.jpeg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 199 KiB

BIN
assets/images/logos/ikhokha.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.3 KiB

103
assets/js/notifications_panel.js Normal file
View File

@@ -0,0 +1,103 @@
/* notifications.js - small admin notification panel
Requires jQuery. */
(function($){
function timeAgo(ts){
var seconds = Math.floor((Date.now() - (new Date(ts)).getTime())/1000);
if (seconds < 60) return seconds + 's ago';
var minutes = Math.floor(seconds/60);
if (minutes < 60) return minutes + 'm ago';
var hours = Math.floor(minutes/60);
if (hours < 24) return hours + 'h ago';
var days = Math.floor(hours/24);
return days + 'd ago';
}
function renderNotifications(list){
var $panel = $('#notif-panel');
$panel.empty();
if (!list || list.length === 0) {
$panel.append('<div class="notif-empty">No notifications</div>');
return;
}
list.forEach(function(n){
var actorAvatar = (n.data && n.data.actor_avatar) ? n.data.actor_avatar : 'assets/images/icons/user.png';
// Prefer the notification payload title (n.data.title). Do NOT fall back to the event string.
var title = (n.data && n.data.title) ? n.data.title : 'Notification';
var time = n.time_created || new Date().toISOString();
var read = (n.read_by && Array.isArray(n.read_by) && n.read_by.length>0);
var $item = $('<div class="notif-item" data-id="'+n.id+'">');
$item.append('<img class="notif-item-avatar" src="'+actorAvatar+'" alt="avatar">');
var $body = $('<div class="notif-item-body">');
$body.append('<div class="notif-item-title">'+escapeHtml(title)+'</div>');
$body.append('<div class="notif-item-meta">'+timeAgo(time)+'</div>');
$item.append($body);
$item.append('<button class="notif-close" title="Mark read">×</button>');
$panel.append($item);
});
}
function escapeHtml(str) {
if (!str) return '';
return String(str).replace(/[&<>"'`]/g, function(s){ return {'&':'&amp;','<':'&lt;','>':'&gt;','"':'&quot;',"'":"&#39;",'`':'&#96;'}[s]; });
}
function fetchAndRender(adminId){
$.getJSON('/src/api/notifications.php', { action: 'fetch' }, function(resp){
if (resp && resp.success) {
renderNotifications(resp.notifications);
if (resp.unread_count && resp.unread_count > 0) {
$('#notif-badge').text(resp.unread_count).show();
} else {
$('#notif-badge').hide();
}
}
});
}
// Fetch only unread count (used on page load so badge shows without opening panel)
function fetchUnreadCount(){
$.getJSON('/src/api/notifications.php', { action: 'fetch' }, function(resp){
if (resp && resp.success) {
if (resp.unread_count && resp.unread_count > 0) {
$('#notif-badge').text(resp.unread_count).show();
} else {
$('#notif-badge').hide();
}
}
});
}
$(function(){
var $container = $('.notif-avatar-container');
if (!$container.length) return;
var adminId = $container.data('admin-id');
// ensure badge is populated on page load
fetchUnreadCount();
$container.on('click', function(e){
e.preventDefault();
$('#notif-panel').toggle();
if ($('#notif-panel').is(':visible')) fetchAndRender(adminId);
});
$(document).on('click', '.notif-close', function(e){
e.stopPropagation();
var $it = $(this).closest('.notif-item');
var id = $it.data('id');
if (!id) return;
$.post('/src/api/notifications.php', { action: 'mark_read', id: id }, function(resp){
if (resp && resp.success) {
$it.remove();
// refresh count
fetchAndRender(adminId);
}
}, 'json');
});
// click outside to close
$(document).on('click', function(e){
if (!$(e.target).closest('#notif-panel, .notif-avatar-container').length) {
$('#notif-panel').hide();
}
});
});
})(jQuery);

13
docs/migrations/006b_create_notifications_table.sql Normal file
View File

@@ -0,0 +1,13 @@
-- Migration: create notifications table (corrected: `read_by` nullable)
CREATE TABLE IF NOT EXISTS `notifications` (
`id` BIGINT PRIMARY KEY AUTO_INCREMENT,
`user_id` INT DEFAULT NULL,
`event` VARCHAR(100) NOT NULL,
`sub_feed` VARCHAR(100) DEFAULT NULL,
`data` TEXT DEFAULT NULL,
`target_url` VARCHAR(1024) DEFAULT NULL,
`read_by` TEXT DEFAULT NULL,
`time_created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
INDEX (`user_id`),
INDEX (`sub_feed`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;

60
header.php
View File

@@ -1,4 +1,5 @@
<?php
/**
* UNIFIED HEADER TEMPLATE
*
@@ -25,6 +26,7 @@ require_once($rootDir . "/src/config/env.php");
require_once($rootDir . "/src/config/session.php");
require_once($rootDir . "/src/config/connection.php");
require_once($rootDir . "/src/config/functions.php");
require_once($rootDir . "/src/helpers/notification_helper.php");
$is_logged_in = isset($_SESSION['user_id']);
if (isset($_SESSION['user_id'])) {
@@ -186,8 +188,7 @@ if ($headerStyle === 'light') {
background-color: #f8f8f8;
}
<?php if ($headerStyle === 'light'): ?>
.page-banner-area {
<?php if ($headerStyle === 'light'): ?>.page-banner-area {
position: relative;
background-size: cover;
background-position: center;
@@ -214,6 +215,7 @@ if ($headerStyle === 'light') {
position: relative;
z-index: 3;
}
<?php endif; ?>
</style>
@@ -258,7 +260,7 @@ if ($headerStyle === 'light') {
<ul class="navigation clearfix">
<li><a href="index">Home</a></li>
<li><a href="about">About</a></li>
<li><a href="track-map">Track Map</a></li>
<li><a href="base4">BASE 4</a></li>
<li><a href="trips">Trips</a>
<?php if ($headerStyle === 'dark'): ?>
<ul>
@@ -283,13 +285,10 @@ if ($headerStyle === 'light') {
<ul>
<li><a href="admin_web_users">Website Users</a></li>
<li><a href="admin_members">4WDCSA Members</a></li>
<li><a href="admin_blogs">Manage Blogs</a></li>
<li><a href="admin_events">Manage Events</a></li>
<li><a href="admin_trips">Manage Trips</a></li>
<li><a href="admin_trip_bookings">Trip Bookings</a></li>
<li><a href="admin_course_bookings">Course Bookings</a></li>
<li><a href="admin_efts">EFT Payments</a></li>
<li><a href="process_payments">Process Payments</a></li>
<li><a href="admin_trips_events_courses">Trips, Events & Courses</a></li>
<li><a href="admin_bookings">Bookings</a></li>
<li><a href="admin_transactions">iKhokha Payment History</a></li>
<!-- <li><a href="process_payments">Process Payments</a></li> -->
<?php if ($role === 'superadmin') { ?>
<li><a href="admin_visitors">Visitor Log</a></li>
<?php } ?>
@@ -347,11 +346,19 @@ if ($headerStyle === 'light') {
<div class="profile-menu">
<div class="profile-info">
<span style="color: <?php echo $textColor; ?>;">Welcome, <?php echo $_SESSION['first_name']; ?></span>
<div class="notif-avatar-container" data-admin-id="<?php echo intval($_SESSION['user_id'] ?? 0); ?>">
<a href="account_settings">
<img src="<?php echo $_SESSION['profile_pic']; ?>?v=<?php echo time(); ?>" alt="Profile Picture" class="profile-pic">
</a>
<span id="notif-badge" class="notif-badge"></span>
</div>
<div id="notif-panel" class="notif-panel" style="display:none;"></div>
</div>
</div>
<?php if ($role === 'admin' || $role === 'superadmin') { ?>
<link rel="stylesheet" href="assets/css/notifications.css">
<script src="assets/js/notifications_panel.js" defer></script>
<?php } ?>
<?php else : ?>
<a href="login" class="theme-btn style-two bgc-secondary">
<span data-hover="Log In">Log In</span>
@@ -366,11 +373,44 @@ if ($headerStyle === 'light') {
<!--End Header Upper-->
</header>
<a href="https://wa.me/27790652795?text=Hi,%20I%20would%20like%20to%20know%20more%20about%20your%20club!"
class="whatsapp-float"
target="_blank"
aria-label="Chat on WhatsApp">
<i class="fab fa-whatsapp"></i>
</a>
<style>
.whatsapp-float {
position: fixed;
bottom: 20px;
right: 20px;
width: 60px;
height: 60px;
background-color: #25D366;
color: white;
border-radius: 50%;
text-align: center;
font-size: 30px;
line-height: 60px;
box-shadow: 2px 2px 10px rgba(0, 0, 0, 0.3);
z-index: 1000;
}
.whatsapp-float:hover {
background-color: #1ebe5d;
}
</style>
<script>
document.addEventListener('DOMContentLoaded', function() {
const profileInfo = document.querySelector('.profile-info');
if (profileInfo) {
profileInfo.addEventListener('click', function(event) {
// Ignore clicks on the notifications avatar so the notif panel
// can handle its own toggle without also toggling the profile dropdown.
if (event.target.closest && event.target.closest('.notif-avatar-container')) return;
const dropdownMenu = document.querySelector('.dropdown-menu2');
if (dropdownMenu) {
dropdownMenu.style.display = dropdownMenu.style.display === 'block' ? 'none' : 'block';

113
index.php
View File

@@ -19,6 +19,48 @@ if (!isset($_SESSION['updates_modal_shown'])) {
$showUpdatesModal = false;
}
// Show renew membership modal for logged-in users and where membership_fees payment_status is not PENDING RENEWAL. only show once per session
$showRenewModal = isset($_SESSION['user_id']) ? true : false;
if ($showRenewModal) {
if (!isset($_SESSION['renew_modal_shown'])) {
$_SESSION['renew_modal_shown'] = true;
} else {
$showRenewModal = false;
}
$user_id = $_SESSION['user_id'];
// Ensure we have a DB connection
if (!isset($conn) || $conn === null) {
$showRenewModal = false;
} else {
$stmt = $conn->prepare("SELECT payment_status FROM membership_fees WHERE user_id = ? LIMIT 1");
$stmt->bind_param("i", $user_id);
$stmt->execute();
// store_result so we can check num_rows
$stmt->store_result();
// If there's no membership_fees record for this user, don't show the renew modal
if ($stmt->num_rows === 0) {
$showRenewModal = false;
} else {
$stmt->bind_result($payment_status);
$stmt->fetch();
if ($payment_status === 'PENDING RENEWAL') {
$showRenewModal = false;
}
if (isMembershipExpiringSoon($user_id)) {
$showRenewModal = true;
} else {
$showRenewModal = false;
}
}
$stmt->close();
}
}
if (isset($_SESSION['user_id']) && isset($conn) && $conn !== null) {
$userId = $_SESSION['user_id'];
$stmt = $conn->prepare("SELECT user_id FROM membership_application WHERE user_id = ? AND accept_indemnity = 0 LIMIT 1");
@@ -69,7 +111,7 @@ if (!empty($bannerImages)) {
<div style="padding-top: 50px; padding-bottom: 50px;">
<img style="width: 250px; margin-bottom: 20px;" src="assets/images/logos/weblogo2.png" alt="Logo">
<h1 class="hero-title" data-aos="flip-up" data-aos-delay="50" data-aos-duration="1500" data-aos-offset="50">
Welcome to<br>the 4 Wheel Drive Club<br>of Southern Africa
Welcome to<br>the Four Wheel Drive Club<br>of Southern Africa
</h1>
<a href="membership.php" class="theme-btn style-two bgc-secondary" style="margin-top: 20px; background-color: #e90000; padding: 10px 20px; color: white; text-decoration: none; border-radius: 25px;">
<span data-hover="Become a Member">Become a Member</span>
@@ -159,8 +201,6 @@ if (countUpcomingTrips() > 0) { ?>
}
?>
<!-- About Us Area start -->
<section class="about-us-area py-100 rpb-90 rel z-1">
<div class="container">
@@ -284,7 +324,6 @@ if (countUpcomingTrips() > 0) { ?>
</section>
<!-- Features Area end -->
<!-- Hotel Area start -->
<section class="hotel-area bgc-black py-100 rel z-1">
<div class="container-fluid">
@@ -657,34 +696,72 @@ if (countUpcomingTrips() > 0) { ?>
const modal = document.getElementById('updatesModal');
const closeBtn = document.querySelector('.updates-modal-close');
const showModal = <?php echo $showUpdatesModal ? 'true' : 'false'; ?>;
const showRenewModal = <?php echo $showRenewModal ? 'true' : 'false'; ?>;
if (showModal) {
// Show modal after a short delay for better UX
if (showModal && modal) {
// Show updates modal after a short delay for better UX
setTimeout(function() {
modal.style.display = 'flex';
}, 500);
}
// Close modal when X is clicked
// Close updates modal when X is clicked
if (closeBtn) {
closeBtn.addEventListener('click', function() {
modal.style.display = 'none';
if (modal) modal.style.display = 'none';
});
}
// Close modal when clicking outside the modal content
// Close updates modal when clicking outside the modal content
if (modal) {
modal.addEventListener('click', function(event) {
if (event.target === modal) {
modal.style.display = 'none';
}
});
}
// Show renew membership Bootstrap modal for logged-in users
try {
const renewModalEl = document.getElementById('renewModal');
if (showRenewModal && renewModalEl && typeof bootstrap !== 'undefined') {
setTimeout(function() {
const renewModal = new bootstrap.Modal(renewModalEl);
renewModal.show();
}, 700);
}
} catch (e) {
console.warn('Renew modal show failed', e);
}
});
</script>
<!-- Updates Modal -->
<!-- Renew Membership Modal (shown to logged-in users) -->
<div class="modal fade" id="renewModal" tabindex="-1" aria-labelledby="renewModalLabel" aria-hidden="true">
<div class="modal-dialog modal-dialog-centered">
<div class="modal-content">
<!-- <div class="modal-header bg-secondary text-white">
<h5 class="modal-title" id="renewModalLabel">Membership Renewal Reminder</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div> -->
<div class="modal-body">
Your membership will be expiring soon. Click below to renew now.
<a style="width:100%; display:block;" href="renewal_payment" class="theme-btn style-two style-three mt-3">Renew Now</a>
</div>
<div class="modal-footer">
<button type="button" style="width:100%; display:block;" class="theme-btn" data-bs-dismiss="modal">Remind Me Later</button>
</div>
</div>
</div>
</div>
<!-- Updates Modal -->
<div id="updatesModal" class="updates-modal">
<div class="updates-modal-content">
<span class="updates-modal-close">&times;</span>
<div class="updates-modal-header">
<h2>What's New</h2>
<h2>What's New on 4WDCSA.co.za</h2>
</div>
<div class="updates-modal-body">
<div class="update-item">
@@ -728,6 +805,7 @@ if (countUpcomingTrips() > 0) { ?>
background-color: rgba(0, 0, 0, 0.6);
align-items: center;
justify-content: center;
padding: 20px;
animation: fadeIn 0.3s ease-in-out;
}
@@ -749,6 +827,10 @@ if (countUpcomingTrips() > 0) { ?>
box-shadow: 0 10px 40px rgba(0, 0, 0, 0.2);
animation: slideDown 0.3s ease-out;
position: relative;
box-sizing: border-box;
/* Limit height so the modal never exceeds the viewport and allow internal scrolling */
max-height: calc(100vh - 80px);
overflow-y: auto;
}
@keyframes slideDown {
@@ -834,8 +916,17 @@ if (countUpcomingTrips() > 0) { ?>
}
@media (max-width: 600px) {
.updates-modal {
/* Align to top on small screens so content's top (and close button) is visible */
align-items: flex-start;
padding-top: 18px;
}
.updates-modal-content {
padding: 30px 20px;
padding: 20px;
max-width: 92%;
width: 92%;
max-height: calc(100vh - 36px);
}
.updates-modal-header h2 {

176
progress.log
View File

@@ -1,48 +1,128 @@
[2025-12-14 16:27:25] Testing Log Entry at 2025-12-14 16:27:25
[2025-12-14 16:28:03] Testing Log Entry at 2025-12-14 16:28:03
[2025-12-14 16:28:18] Testing Log Entry at 2025-12-14 16:28:18
[2025-12-14 18:30:36] --- iKhokha WEBHOOK DEBUG ---
[2025-12-14 18:30:36] PATH: /src/api/ikhokha_webhook.php
[2025-12-14 18:30:36] RAW BODY: {"paylinkID":"cwm225jy497j0qc","status":"SUCCESS","externalTransactionID":"693ee604c8e38","responseCode":"00","text":null}
[2025-12-14 18:30:36] IK-SIGN: 3a2b8c9da4f1aff63c011adec10552450c5b6605f587e82ab1272914715fd4cf
[2025-12-14 18:30:36] iKhokha webhook: signature mismatch
[2025-12-14 18:30:36] EXPECTED SIGN: f8356ee6b609e9bd44221fa71851b06171bbb7523c52dca4bde605e3bd93f654
[2025-12-14 18:30:37] --- iKhokha WEBHOOK DEBUG ---
[2025-12-14 18:30:37] PATH: /src/api/ikhokha_webhook.php
[2025-12-14 18:30:37] RAW BODY: {"paylinkID":"cwm225jy497j0qc","status":"SUCCESS","externalTransactionID":"693ee604c8e38","responseCode":"00","text":null}
[2025-12-14 18:30:37] IK-SIGN: 3a2b8c9da4f1aff63c011adec10552450c5b6605f587e82ab1272914715fd4cf
[2025-12-14 18:30:37] iKhokha webhook: signature mismatch
[2025-12-14 18:30:37] EXPECTED SIGN: f8356ee6b609e9bd44221fa71851b06171bbb7523c52dca4bde605e3bd93f654
[2025-12-14 18:36:19] --- iKhokha WEBHOOK DEBUG ---
[2025-12-14 18:36:19] PATH: /api/ikhokha_webhook.php
[2025-12-14 18:36:19] RAW BODY: {"paylinkID":"xx6225jyhx6x5n1","status":"SUCCESS","externalTransactionID":"693ee75cec963","responseCode":"00","text":null}
[2025-12-14 18:36:19] IK-SIGN: 8fb11ceb8ea6b2cd6fec1773719927889f02764b0f04ad3c8543edbc9f74cf43
[2025-12-14 18:36:19] iKhokha webhook: signature mismatch
[2025-12-14 18:36:19] EXPECTED SIGN: 7a594957e7dc8775a6f9e1f8e3a1292f4dcd10268facaec57735f937b1cd9949
[2025-12-14 18:36:19] --- iKhokha WEBHOOK DEBUG ---
[2025-12-14 18:36:19] PATH: /api/ikhokha_webhook.php
[2025-12-14 18:36:19] RAW BODY: {"paylinkID":"xx6225jyhx6x5n1","status":"SUCCESS","externalTransactionID":"693ee75cec963","responseCode":"00","text":null}
[2025-12-14 18:36:19] IK-SIGN: 8fb11ceb8ea6b2cd6fec1773719927889f02764b0f04ad3c8543edbc9f74cf43
[2025-12-14 18:36:19] iKhokha webhook: signature mismatch
[2025-12-14 18:36:19] EXPECTED SIGN: 7a594957e7dc8775a6f9e1f8e3a1292f4dcd10268facaec57735f937b1cd9949
[2025-12-14 18:55:49] --- iKhokha WEBHOOK DEBUG ---
[2025-12-14 18:55:49] RAW BODY: {"paylinkID":"433225jzs9rvk5n","status":"SUCCESS","externalTransactionID":"693eebf1a9f75","responseCode":"00","text":null}
[2025-12-14 18:55:49] IK-SIGN: 5cb01840f3516c964bdffc34cb1da41130bd668deffc2e4ea5a9f4cbb89b9807
[2025-12-14 18:55:49] SIGN BASE STRING: | CONTEXT: https://beta.4wdcsa.co.za/src/api/ikhokha_webhook.php{"paylinkID":"433225jzs9rvk5n","status":"SUCCESS","externalTransactionID":"693eebf1a9f75","responseCode":"00","text":null}
[2025-12-14 18:55:49] iKhokha webhook: signature mismatch
[2025-12-14 18:55:49] EXPECTED SIGN: 75c491d05ac5006b3ad4fcec20c870e860a66ea03ed5a3e8900d6e29cd601445
[2025-12-14 18:55:49] RECEIVED SIGN: 5cb01840f3516c964bdffc34cb1da41130bd668deffc2e4ea5a9f4cbb89b9807
[2025-12-14 18:55:49] --- iKhokha WEBHOOK DEBUG ---
[2025-12-14 18:55:49] RAW BODY: {"paylinkID":"433225jzs9rvk5n","status":"SUCCESS","externalTransactionID":"693eebf1a9f75","responseCode":"00","text":null}
[2025-12-14 18:55:49] IK-SIGN: 5cb01840f3516c964bdffc34cb1da41130bd668deffc2e4ea5a9f4cbb89b9807
[2025-12-14 18:55:49] SIGN BASE STRING: | CONTEXT: https://beta.4wdcsa.co.za/src/api/ikhokha_webhook.php{"paylinkID":"433225jzs9rvk5n","status":"SUCCESS","externalTransactionID":"693eebf1a9f75","responseCode":"00","text":null}
[2025-12-14 18:55:49] iKhokha webhook: signature mismatch
[2025-12-14 18:55:49] EXPECTED SIGN: 75c491d05ac5006b3ad4fcec20c870e860a66ea03ed5a3e8900d6e29cd601445
[2025-12-14 18:55:49] RECEIVED SIGN: 5cb01840f3516c964bdffc34cb1da41130bd668deffc2e4ea5a9f4cbb89b9807
[2025-12-14 20:15:55] --- iKhokha WEBHOOK DEBUG ---
[2025-12-14 20:15:55] RAW BODY: {"paylinkID":"ys5225k4z56x0mm","status":"SUCCESS","externalTransactionID":"693efeaca71a9","responseCode":"00","text":null}
[2025-12-14 20:15:55] IK-SIGN: bb1702d488a40091ebd5414bc6f524e203e2c5e36b24a1b86e243dad440bb557
[2025-12-14 20:15:55] ⚠️ IKHOKHA SIGNATURE CHECK BYPASSED
[2025-12-14 20:15:55] Parsed externalTransactionID: 693efeaca71a9
[2025-12-14 20:15:55] Parsed providerPaymentId: ys5225k4z56x0mm
[2025-12-14 20:15:55] Parsed providerStatus: SUCCESS
[2025-12-15 12:32:19] AJAX BLOCK ENTERED
[2025-12-15 12:32:19] startDate=2025-10-16
[2025-12-15 12:32:19] endDate=2025-12-15
[2025-12-15 12:32:19] APP ID present: YES
[2025-12-15 12:32:19] APP SECRET present: YES
[2025-12-15 12:32:19] PAYLOAD: https://api.ikhokha.com/public-api/v1/api/payments/history?startDate=2025-10-16&endDate=2025-12-15
[2025-12-15 12:32:19] IK-SIGN: ced35ab201ad54e8f8b5935d2778c4ec7e75af0102d40d9c4515f8118ca8b5dd
[2025-12-15 12:32:19] CURL HTTP CODE: 422
[2025-12-15 12:32:19] CURL ERROR: none
[2025-12-15 12:32:19] RAW RESPONSE: {"error":"Invalid Signature"}
[2025-12-15 12:33:31] AJAX BLOCK ENTERED
[2025-12-15 12:33:31] startDate=2025-10-16
[2025-12-15 12:33:31] endDate=2025-12-15
[2025-12-15 12:33:31] APP ID present: YES
[2025-12-15 12:33:31] APP SECRET present: YES
[2025-12-15 12:33:31] IKHOKHA PAYLOAD (FULL URL): https://api.ikhokha.com/public-api/v1/api/payments/history?startDate=2025-10-16&endDate=2025-12-15
[2025-12-15 12:33:31] IKHOKHA IK-SIGN: ced35ab201ad54e8f8b5935d2778c4ec7e75af0102d40d9c4515f8118ca8b5dd
[2025-12-15 12:33:31] CURL HTTP CODE: 422
[2025-12-15 12:33:31] CURL ERROR: none
[2025-12-15 12:33:31] RAW RESPONSE: {"error":"Invalid Signature"}
[2025-12-15 12:33:59] AJAX BLOCK ENTERED
[2025-12-15 12:33:59] startDate=2025-10-16
[2025-12-15 12:33:59] endDate=2025-12-15
[2025-12-15 12:33:59] APP ID present: YES
[2025-12-15 12:33:59] APP SECRET present: YES
[2025-12-15 12:33:59] IKHOKHA PAYLOAD (FULL URL): https://api.ikhokha.com/public-api/v1/api/payments/history?startDate=2025-10-16&endDate=2025-12-15
[2025-12-15 12:33:59] IKHOKHA IK-SIGN: ced35ab201ad54e8f8b5935d2778c4ec7e75af0102d40d9c4515f8118ca8b5dd
[2025-12-15 12:34:00] CURL HTTP CODE: 422
[2025-12-15 12:34:00] CURL ERROR: none
[2025-12-15 12:34:00] RAW RESPONSE: {"error":"Invalid Signature"}
[2025-12-15 12:37:06] AJAX BLOCK ENTERED
[2025-12-15 12:37:06] startDate=2025-10-16
[2025-12-15 12:37:06] endDate=2025-12-15
[2025-12-15 12:37:06] APP ID present: YES
[2025-12-15 12:37:06] APP SECRET present: YES
[2025-12-15 12:37:06] IKHOKHA ENDPOINT (REQUEST): https://api.ikhokha.com/public-api/v1/api/payments/history?startDate=2025-10-16&endDate=2025-12-15
[2025-12-15 12:37:06] IKHOKHA PAYLOAD (SIGNED): https://api.ikhokha.com/public-api/v1/payments/history?startDate=2025-10-16&endDate=2025-12-15
[2025-12-15 12:37:06] IKHOKHA IK-SIGN: 418e48921e566e5804b58f65e1ca4a28dba4d69de3611d1cf7f90f865490f42d
[2025-12-15 12:37:06] CURL HTTP CODE: 422
[2025-12-15 12:37:06] CURL ERROR: none
[2025-12-15 12:37:06] RAW RESPONSE: {"error":"Invalid Signature"}
[2025-12-15 12:56:21] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 12:56:21] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 12:56:37] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 12:56:37] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 12:57:04] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 12:57:04] 13e6e02a7ccad937bc27b31038373d48d8ba2700a7ba8d9a7a2e4f9b07378692 | CONTEXT: IKHOKHA Signature
[2025-12-15 12:57:30] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 12:57:30] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 12:57:32] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 12:57:32] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 12:57:34] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 12:57:34] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 12:58:00] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA Endpoint
[2025-12-15 12:58:00] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 12:58:00] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 12:58:04] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA Endpoint
[2025-12-15 12:58:04] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 12:58:04] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 12:58:17] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-15 12:58:17] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 12:58:17] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 12:58:48] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-15 12:58:48] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 12:58:48] 13e6e02a7ccad937bc27b31038373d48d8ba2700a7ba8d9a7a2e4f9b07378692 | CONTEXT: IKHOKHA Signature
[2025-12-15 13:00:13] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-15 13:00:13] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 13:00:13] 13e6e02a7ccad937bc27b31038373d48d8ba2700a7ba8d9a7a2e4f9b07378692 | CONTEXT: IKHOKHA Signature
[2025-12-15 13:00:29] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-15 13:00:29] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 13:00:29] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 13:03:10] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-15 13:03:10] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 13:03:10] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 13:03:19] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-15 13:03:19] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 13:03:19] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 13:05:51] bb1702d488a40091ebd5414bc6f524e203e2c5e36b24a1b86e243dad440bb557 | CONTEXT: IKHOKHA Signature from Webhook
[2025-12-15 13:05:51] "{\"paylinkID\":\"ys5225k4z56x0mm\",\"status\":\"SUCCESS\",\"externalTransactionID\":\"693efeaca71a9\",\"responseCode\":\"00\",\"text\":null}" | CONTEXT: IKHOKHA Stringified Body
[2025-12-15 13:06:29] bb1702d488a40091ebd5414bc6f524e203e2c5e36b24a1b86e243dad440bb557 | CONTEXT: IKHOKHA Signature from Webhook
[2025-12-15 13:06:29] "{\"paylinkID\":\"ys5225k4z56x0mm\",\"status\":\"SUCCESS\",\"externalTransactionID\":\"693efeaca71a9\",\"responseCode\":\"00\",\"text\":null}" | CONTEXT: IKHOKHA Stringified Body
[2025-12-15 13:06:29] /src/api/ikhokha_webhook.php\"{\\"paylinkID\\":\\"ys5225k4z56x0mm\\",\\"status\\":\\"SUCCESS\\",\\"externalTransactionID\\":\\"693efeaca71a9\\",\\"responseCode\\":\\"00\\",\\"text\\":null}\" | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 13:06:29] 43a6a56af31c276174953e115eb41402f12969fedab5b673dd34327cd7135a75 | CONTEXT: IKHOKHA Generated Signature
[2025-12-15 13:06:42] bb1702d488a40091ebd5414bc6f524e203e2c5e36b24a1b86e243dad440bb557 | CONTEXT: IKHOKHA Signature from Webhook
[2025-12-15 13:06:42] {"paylinkID":"ys5225k4z56x0mm","status":"SUCCESS","externalTransactionID":"693efeaca71a9","responseCode":"00","text":null} | CONTEXT: IKHOKHA Stringified Body
[2025-12-15 13:06:42] /src/api/ikhokha_webhook.php\"{\\"paylinkID\\":\\"ys5225k4z56x0mm\\",\\"status\\":\\"SUCCESS\\",\\"externalTransactionID\\":\\"693efeaca71a9\\",\\"responseCode\\":\\"00\\",\\"text\\":null}\" | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 13:06:42] 43a6a56af31c276174953e115eb41402f12969fedab5b673dd34327cd7135a75 | CONTEXT: IKHOKHA Generated Signature
[2025-12-15 13:07:09] bb1702d488a40091ebd5414bc6f524e203e2c5e36b24a1b86e243dad440bb557 | CONTEXT: IKHOKHA Signature from Webhook
[2025-12-15 13:07:09] {"paylinkID":"ys5225k4z56x0mm","status":"SUCCESS","externalTransactionID":"693efeaca71a9","responseCode":"00","text":null} | CONTEXT: IKHOKHA Stringified Body
[2025-12-15 13:07:09] /src/api/ikhokha_webhook.php\"{\\"paylinkID\\":\\"ys5225k4z56x0mm\\",\\"status\\":\\"SUCCESS\\",\\"externalTransactionID\\":\\"693efeaca71a9\\",\\"responseCode\\":\\"00\\",\\"text\\":null}\" | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 13:07:09] 43a6a56af31c276174953e115eb41402f12969fedab5b673dd34327cd7135a75 | CONTEXT: IKHOKHA Generated Signature
[2025-12-15 13:09:39] bb1702d488a40091ebd5414bc6f524e203e2c5e36b24a1b86e243dad440bb557 | CONTEXT: IKHOKHA Signature from Webhook
[2025-12-15 13:19:12] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-15 13:19:12] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 13:19:12] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 13:36:28] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-15 13:36:28] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 13:36:28] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 13:36:54] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-15 13:36:54] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 13:36:54] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 15:41:25] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-15 15:41:25] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 15:41:25] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 15:43:53] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-15 15:43:53] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 15:43:53] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 15:44:29] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-15 15:44:29] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 15:44:29] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 15:46:02] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-15 15:46:02] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 15:46:02] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 15:47:46] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-15 15:47:46] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 15:47:46] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 15:47:51] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-15 15:47:51] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 15:47:51] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-15 15:48:43] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-15 15:48:43] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-15 15:48:43] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-16 22:38:31] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-16 22:38:31] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-16 22:38:31] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature
[2025-12-17 12:35:13] IKFLESZTKFM4HWWS76131L8HK9BYF96P | CONTEXT: IKHOKHA App ID
[2025-12-17 12:35:13] /public-api/v1/api/payments/history | CONTEXT: IKHOKHA Payload to Sign
[2025-12-17 12:35:13] b3b592829090d2cfd0912ccbdec73db18742088d01a2d2bee9f0eacdf37a6b26 | CONTEXT: IKHOKHA Signature

56
src/admin/_admin_tx_debug.log Normal file
View File

@@ -0,0 +1,56 @@
[2025-12-15 12:28:42] FILE HIT
[2025-12-15 12:28:42] AJAX BLOCK ENTERED
[2025-12-15 12:28:42] startDate=2025-10-16
[2025-12-15 12:28:42] endDate=2025-12-15
[2025-12-15 12:28:42] APP ID present: YES
[2025-12-15 12:28:42] APP SECRET present: YES
[2025-12-15 12:28:42] PAYLOAD: /public-api/v1/api/payments/history?startDate=2025-10-16&endDate=2025-12-15
[2025-12-15 12:28:42] IK-SIGN: 3d610c60c8306cd1d5c99b2639f0e810594f8ffb9306a98d703f691173dab47d
[2025-12-15 12:28:44] CURL HTTP CODE: 422
[2025-12-15 12:28:44] CURL ERROR: none
[2025-12-15 12:28:44] RAW RESPONSE: {"error":"Invalid Signature"}
[2025-12-15 12:28:51] FILE HIT
[2025-12-15 12:28:51] AJAX BLOCK ENTERED
[2025-12-15 12:28:51] startDate=2025-10-16
[2025-12-15 12:28:51] endDate=2025-12-15
[2025-12-15 12:28:51] APP ID present: YES
[2025-12-15 12:28:51] APP SECRET present: YES
[2025-12-15 12:28:51] PAYLOAD: /public-api/v1/api/payments/history?startDate=2025-10-16&endDate=2025-12-15
[2025-12-15 12:28:51] IK-SIGN: 3d610c60c8306cd1d5c99b2639f0e810594f8ffb9306a98d703f691173dab47d
[2025-12-15 12:28:51] CURL HTTP CODE: 422
[2025-12-15 12:28:51] CURL ERROR: none
[2025-12-15 12:28:51] RAW RESPONSE: {"error":"Invalid Signature"}
[2025-12-15 12:30:54] FILE HIT
[2025-12-15 12:30:54] AJAX BLOCK ENTERED
[2025-12-15 12:30:54] startDate=2025-10-16
[2025-12-15 12:30:54] endDate=2025-12-15
[2025-12-15 12:30:54] APP ID present: YES
[2025-12-15 12:30:54] APP SECRET present: YES
[2025-12-15 12:30:54] PAYLOAD: https://api.ikhokha.com/public-api/v1/api/payments/history?startDate=2025-10-16&endDate=2025-12-15
[2025-12-15 12:30:54] IK-SIGN: ced35ab201ad54e8f8b5935d2778c4ec7e75af0102d40d9c4515f8118ca8b5dd
[2025-12-15 12:30:55] CURL HTTP CODE: 422
[2025-12-15 12:30:55] CURL ERROR: none
[2025-12-15 12:30:55] RAW RESPONSE: {"error":"Invalid Signature"}
[2025-12-15 12:31:13] FILE HIT
[2025-12-15 12:31:13] AJAX BLOCK ENTERED
[2025-12-15 12:31:13] startDate=2025-10-16
[2025-12-15 12:31:13] endDate=2025-12-15
[2025-12-15 12:31:13] APP ID present: YES
[2025-12-15 12:31:13] APP SECRET present: YES
[2025-12-15 12:31:13] PAYLOAD: https://api.ikhokha.com/public-api/v1/api/payments/history?startDate=2025-10-16&endDate=2025-12-15
[2025-12-15 12:31:13] IK-SIGN: ced35ab201ad54e8f8b5935d2778c4ec7e75af0102d40d9c4515f8118ca8b5dd
[2025-12-15 12:31:13] CURL HTTP CODE: 422
[2025-12-15 12:31:13] CURL ERROR: none
[2025-12-15 12:31:13] RAW RESPONSE: {"error":"Invalid Signature"}
[2025-12-15 12:31:21] FILE HIT
[2025-12-15 12:31:47] FILE HIT
[2025-12-15 12:31:47] FILE HIT
[2025-12-15 12:31:58] FILE HIT
[2025-12-15 12:32:18] FILE HIT
[2025-12-15 12:32:19] FILE HIT
[2025-12-15 12:33:30] FILE HIT
[2025-12-15 12:33:31] FILE HIT
[2025-12-15 12:33:59] FILE HIT
[2025-12-15 12:33:59] FILE HIT
[2025-12-15 12:37:05] FILE HIT
[2025-12-15 12:37:06] FILE HIT

230
src/admin/admin_bookings.php Normal file
View File

@@ -0,0 +1,230 @@
<?php
$headerStyle = 'light';
$rootPath = dirname(dirname(__DIR__));
include_once($rootPath . '/header.php');
checkAdmin();
// Ensure $conn is available; show a friendly message if DB is down
$conn = $conn ?? null;
if (!$conn) {
// Render a simple error notice inside the page layout and stop further DB queries
echo '<section class="tour-list-page py-10 rel z-1">\n <div class="container">\n <div class="alert alert-danger">Database connection unavailable. Please check your configuration and logs.</div>\n </div>\n</section>';
include_once($rootPath . '/components/insta_footer.php');
// Stop execution to prevent subsequent fatal errors from using $conn
exit;
}
?>
<style>
/* Shared table and tab styles */
.admin-tabs { text-align: center; display: flex; margin-bottom: 20px; margin-top: 20px; }
.admin-tab { padding: 10px 30px; margin-right: 20px; cursor: pointer; border: 2px solid; border-radius: 50px; background: none; font-size: 18px; color: #484848; }
.admin-tab.active { color: white; background: #63ab45; font-weight: bold; }
.tab-content { display: none; }
.tab-content.active { display: block; }
table { width: 100%; border-collapse: separate; border-spacing: 0; margin: 10px 0; }
thead th { cursor: pointer; text-align: left; padding: 10px; font-weight: bold; position: relative; }
thead th::after { content: '\25B2'; font-size: 0.8em; position: absolute; right: 10px; opacity: 0; transition: opacity 0.2s; }
thead th.asc::after { content: '\25B2'; opacity: 1; }
thead th.desc::after { content: '\25BC'; opacity: 1; }
tbody tr:nth-child(odd) { background-color: transparent; }
tbody tr:nth-child(even) { background-color: rgb(255, 255, 255); border-radius: 10px; }
tbody td { padding: 5px; }
tbody tr:nth-child(even) td:first-child { border-top-left-radius: 10px; border-bottom-left-radius: 10px; }
tbody tr:nth-child(even) td:last-child { border-top-right-radius: 10px; border-bottom-right-radius: 10px; }
.filter-input { width: 100%; padding: 5px; font-size: 16px; background-color: rgb(255, 255, 255); border-radius: 25px; }
.trip-booking { color: #484848; background: #f9f9f7; border: 1px solid #d8d8d8; border-radius: 10px; margin-top: 15px; margin-bottom: 15px; }
</style>
<script>
document.addEventListener("DOMContentLoaded", function() {
// Tab switching
const tabs = document.querySelectorAll('.admin-tab');
const contents = document.querySelectorAll('.tab-content');
tabs.forEach((tab, idx) => {
tab.addEventListener('click', function() {
tabs.forEach(t => t.classList.remove('active'));
contents.forEach(c => c.classList.remove('active'));
tab.classList.add('active');
contents[idx].classList.add('active');
});
});
// Table sorting/filtering (same as before)
document.querySelectorAll("table").forEach((table) => {
const headers = table.querySelectorAll("thead th");
const rows = Array.from(table.querySelectorAll("tbody tr"));
const filterInput = table.previousElementSibling;
headers.forEach((header, index) => {
header.addEventListener("click", () => {
const sortedRows = rows.sort((a, b) => {
const aText = a.cells[index].textContent.trim().toLowerCase();
const bText = b.cells[index].textContent.trim().toLowerCase();
if (aText < bText) return -1;
if (aText > bText) return 1;
return 0;
});
if (header.classList.contains("asc")) {
header.classList.remove("asc");
header.classList.add("desc");
sortedRows.reverse();
} else {
headers.forEach(h => h.classList.remove("asc", "desc"));
header.classList.add("asc");
}
const tbody = table.querySelector("tbody");
tbody.innerHTML = "";
sortedRows.forEach(row => tbody.appendChild(row));
});
});
if (rows.length === 0) {
filterInput.style.display = "none";
} else {
filterInput.addEventListener("input", function() {
const filterValue = filterInput.value.trim().toLowerCase();
rows.forEach(row => {
const rowText = row.textContent.trim().toLowerCase();
row.style.display = rowText.includes(filterValue) ? "" : "none";
});
});
}
});
});
</script>
<?php
$pageTitle = 'Manage Bookings';
$breadcrumbs = [['Home' => 'index']];
require_once($rootPath . '/components/banner.php');
?>
<section class="tour-list-page py-10 rel z-1">
<div class="container">
<div class="admin-tabs">
<button class="admin-tab active">Trip Bookings</button>
<button class="admin-tab">Course Bookings</button>
<button class="admin-tab">Camp Bookings</button>
</div>
<div class="tab-content active">
<?php // Trip Bookings Tab
$tripsSql = "SELECT trip_id, trip_name FROM trips";
$tripsResult = $conn->query($tripsSql);
if ($tripsResult && $tripsResult->num_rows > 0) {
while ($trip = $tripsResult->fetch_assoc()) {
$tripId = $trip['trip_id'];
$tripName = htmlspecialchars($trip['trip_name']);
echo "<div class='trip-booking' data-aos='fade-up' data-aos-duration='1500' data-aos-offset='50'>";
echo "<div style='padding:10px;'>";
echo "<h4>{$tripName}</h4>";
$bookingsSql = "SELECT b.user_id, b.num_vehicles, b.num_adults, b.num_children, b.num_pensioners, b.radio, b.status, u.first_name, u.last_name, u.profile_pic, (b.total_amount - b.discount_amount) AS paid FROM bookings b INNER JOIN users u ON b.user_id = u.user_id WHERE b.trip_id = ?";
$stmt = $conn->prepare($bookingsSql);
$stmt->bind_param('i', $tripId);
$stmt->execute();
$bookingsResult = $stmt->get_result();
if ($bookingsResult->num_rows > 0) {
echo '<input type="text" class="filter-input" placeholder="Filter results...">';
echo '<table><thead><tr><th></th><th>Name</th><th>Vehicles</th><th>Adults</th><th>Children</th><th>Pensioners</th><th>Radio</th><th>Status</th><th>Amount</th></tr></thead><tbody>';
while ($booking = $bookingsResult->fetch_assoc()) {
$userName = htmlspecialchars($booking['first_name'] . ' ' . $booking['last_name']);
$numVehicles = htmlspecialchars($booking['num_vehicles']);
$numAdults = htmlspecialchars($booking['num_adults']);
$numPensioners = htmlspecialchars($booking['num_pensioners']);
$numChildren = htmlspecialchars($booking['num_children']);
$radio = $booking['radio'] == 1 ? "YES" : "NO";
$status = htmlspecialchars($booking['status']);
$paid = "R " . number_format($booking['paid'], 2);
echo "<tr><td><img src='".$booking['profile_pic']."' alt='Profile Picture' class='profile-pic'></td><td>{$userName}</td><td>{$numVehicles}</td><td>{$numAdults}</td><td>{$numChildren}</td><td>{$numPensioners}</td><td>{$radio}</td><td>{$status}</td><td>{$paid}</td></tr>";
}
echo '</tbody></table>';
} else {
echo '<p>No bookings found for this trip.</p>';
}
echo "</div></div>";
}
} else {
echo '<p>No trips found.</p>';
}
?>
</div>
<div class="tab-content">
<?php // Course Bookings Tab
$courseSql = "SELECT date, course_id, course_type FROM courses";
$courseResult = $conn->query($courseSql);
if ($courseResult && $courseResult->num_rows > 0) {
while ($course = $courseResult->fetch_assoc()) {
$course_id = $course['course_id'];
$date = $course['date'];
$type = htmlspecialchars($course['course_type']);
if ($type === "driver_training") {
$course_name = "Basic 4X4 Driver Training Course ".$date;
} elseif ($type === "bush_mechanics") {
$course_name = "Bush Mechanics Course ".$date;
} elseif ($type === "rescue_recovery") {
$course_name = "Rescue & Recovery Training Course ".$date;
} else {
$course_name = "General Course ".$date;
}
echo "<div class='trip-booking' data-aos='fade-up' data-aos-duration='1500' data-aos-offset='50'>";
echo "<div style='padding:10px;'>";
echo "<h4>{$course_name}</h4>";
$bookingsSql = "SELECT b.user_id, b.num_adults, b.total_amount, b.status, b.course_non_members, u.first_name, u.last_name, u.profile_pic FROM bookings b INNER JOIN users u ON b.user_id = u.user_id WHERE b.course_id = ?";
if ($stmt = $conn->prepare($bookingsSql)) {
$stmt->bind_param('i', $course_id);
$stmt->execute();
$bookingsResult = $stmt->get_result();
} else {
echo "Error in prepared statement: " . $conn->error;
}
if ($bookingsResult && $bookingsResult->num_rows > 0) {
echo '<input type="text" class="filter-input" placeholder="Filter results...">';
echo '<table><thead><tr><th></th><th>Name</th><th>Members</th><th>Non-Members</th><th>Status</th><th>Amount</th></tr></thead><tbody>';
while ($booking = $bookingsResult->fetch_assoc()) {
$userName = htmlspecialchars($booking['first_name'] . ' ' . $booking['last_name']);
$members = htmlspecialchars($booking['num_adults']);
$non_members = htmlspecialchars($booking['course_non_members']);
$status = htmlspecialchars($booking['status']);
$paid = "R " . number_format($booking['total_amount'], 2);
echo "<tr><td><img src='".$booking['profile_pic']."' alt='Profile Picture' class='profile-pic'></td><td>{$userName}</td><td>{$members}</td><td>{$non_members}</td><td>{$status}</td><td>{$paid}</td></tr>";
}
echo '</tbody></table>';
} else {
echo '<p>No bookings found for this course.</p>';
}
echo "</div></div>";
}
} else {
echo '<p>No courses found.</p>';
}
?>
</div>
<div class="tab-content">
<?php // Camp Bookings Tab
echo "<div class='trip-booking' data-aos='fade-up' data-aos-duration='1500' data-aos-offset='50'>";
echo "<div style='padding:10px;'>";
echo "<h4>BASE4 Camping</h4>";
$bookingsSql = "SELECT b.user_id, b.from_date, b.to_date, b.num_vehicles, b.num_adults, b.num_children, b.add_firewood, b.status, u.first_name, u.last_name, (b.total_amount - b.discount_amount) AS paid FROM bookings b INNER JOIN users u ON b.user_id = u.user_id WHERE b.booking_type = 'camping'";
$stmt = $conn->prepare($bookingsSql);
$stmt->execute();
$bookingsResult = $stmt->get_result();
if ($bookingsResult && $bookingsResult->num_rows > 0) {
echo '<input type="text" class="filter-input" placeholder="Filter results...">';
echo '<table><thead><tr><th>Name</th><th>From</th><th>To</th><th>Vehicles</th><th>Adults</th><th>Children</th><th>Add Firewood</th><th>Status</th><th>Amount</th></tr></thead><tbody>';
while ($booking = $bookingsResult->fetch_assoc()) {
$userName = htmlspecialchars($booking['first_name'] . ' ' . $booking['last_name']);
$numVehicles = htmlspecialchars($booking['num_vehicles']);
$from = htmlspecialchars($booking['from_date']);
$to = htmlspecialchars($booking['to_date']);
$numAdults = htmlspecialchars($booking['num_adults']);
$numChildren = htmlspecialchars($booking['num_children']);
$radio = $booking['add_firewood'] == 1 ? "YES" : "NO";
$status = htmlspecialchars($booking['status']);
$paid = "R " . number_format($booking['paid'], 2);
echo "<tr><td>{$userName}</td><td>{$from}</td><td>{$to}</td><td>{$numVehicles}</td><td>{$numAdults}</td><td>{$numChildren}</td><td>{$radio}</td><td>{$status}</td><td>{$paid}</td></tr>";
}
echo '</tbody></table>';
} else {
echo '<p>No bookings found for this trip.</p>';
}
echo "</div></div>";
?>
</div>
</div>
</section>
<?php include_once($rootPath . '/components/insta_footer.php'); ?>

227
src/admin/admin_camp_bookings.php
View File

@@ -1,227 +0,0 @@
<?php
$headerStyle = 'light';
$rootPath = dirname(dirname(__DIR__));
include_once($rootPath . '/header.php');
checkAdmin();
?>
<style>
table {
width: 100%;
border-collapse: separate;
border-spacing: 0;
margin: 10px 0;
}
thead th {
cursor: pointer;
text-align: left;
padding: 10px;
font-weight: bold;
position: relative;
}
thead th::after {
content: '\25B2';
/* Up arrow */
font-size: 0.8em;
position: absolute;
right: 10px;
opacity: 0;
transition: opacity 0.2s;
}
thead th.asc::after {
content: '\25B2';
/* Up arrow */
opacity: 1;
}
thead th.desc::after {
content: '\25BC';
/* Down arrow */
opacity: 1;
}
tbody tr:nth-child(odd) {
background-color: transparent;
}
tbody tr:nth-child(even) {
background-color: rgb(255, 255, 255);
border-radius: 10px;
}
tbody td {
padding: 5px;
}
tbody tr:nth-child(even) td:first-child {
border-top-left-radius: 10px;
border-bottom-left-radius: 10px;
}
tbody tr:nth-child(even) td:last-child {
border-top-right-radius: 10px;
border-bottom-right-radius: 10px;
}
.filter-input {
width: 100%;
padding: 5px;
/* margin-bottom: 20px; */
font-size: 16px;
background-color: rgb(255, 255, 255);
border-radius: 25px;
}
.trip-booking {
color: #484848;
background: #f9f9f7;
border: 1px solid #d8d8d8;
border-radius: 10px;
margin-top: 15px;
margin-bottom: 15px;
}
</style>
<script>
document.addEventListener("DOMContentLoaded", function() {
const tables = document.querySelectorAll("table");
tables.forEach((table) => {
const headers = table.querySelectorAll("thead th");
const rows = Array.from(table.querySelectorAll("tbody tr"));
const filterInput = table.previousElementSibling;
headers.forEach((header, index) => {
header.addEventListener("click", () => {
const sortedRows = rows.sort((a, b) => {
const aText = a.cells[index].textContent.trim().toLowerCase();
const bText = b.cells[index].textContent.trim().toLowerCase();
if (aText < bText) return -1;
if (aText > bText) return 1;
return 0;
});
if (header.classList.contains("asc")) {
header.classList.remove("asc");
header.classList.add("desc");
sortedRows.reverse();
} else {
headers.forEach(h => h.classList.remove("asc", "desc"));
header.classList.add("asc");
}
const tbody = table.querySelector("tbody");
tbody.innerHTML = "";
sortedRows.forEach(row => tbody.appendChild(row));
});
});
if (rows.length === 0) {
filterInput.style.display = "none";
} else {
filterInput.addEventListener("input", function() {
const filterValue = filterInput.value.trim().toLowerCase();
rows.forEach(row => {
const rowText = row.textContent.trim().toLowerCase();
row.style.display = rowText.includes(filterValue) ? "" : "none";
});
});
}
});
});
</script>
<?php
$bannerFolder = 'assets/images/banners/';
$bannerImages = glob($bannerFolder . '*.{jpg,jpeg,png,webp}', GLOB_BRACE);
$randomBanner = 'assets/images/base4/camping.jpg'; // default fallback
if (!empty($bannerImages)) {
$randomBanner = $bannerImages[array_rand($bannerImages)];
}
?>
<section class="page-banner-area pt-50 pb-35 rel z-1 bgs-cover" style="background-image: url('<?php echo $randomBanner; ?>');">
<div class="banner-overlay"></div>
<div class="container">
<div class="banner-inner text-white mb-50">
<h2 class="page-title mb-10" data-aos="fade-left" data-aos-duration="1500" data-aos-offset="50">4WDCSA Camping Bookings</h2>
<nav aria-label="breadcrumb">
<ol class="breadcrumb justify-content-center mb-20" data-aos="fade-right" data-aos-delay="200" data-aos-duration="1500" data-aos-offset="50">
<li class="breadcrumb-item"><a href="index.php">Home</a></li>
<li class="breadcrumb-item active">Camping Bookings</li>
</ol>
</nav>
</div>
</div>
</section>
<section class="tour-list-page py-10 rel z-1">
<div class="container">
<?php
echo "<div class='trip-booking' data-aos='fade-up' data-aos-duration='1500' data-aos-offset='50'>";
echo "<div style='padding:10px;'>";
echo "<h4>BASE4 Camping</h4>";
// Fetch bookings for the current trip
$bookingsSql = "SELECT b.user_id, b.from_date, b.to_date, b.num_vehicles, b.num_adults, b.num_children, b.add_firewood, b.status,
u.first_name, u.last_name,
(b.total_amount - b.discount_amount) AS paid
FROM bookings b
INNER JOIN users u ON b.user_id = u.user_id
WHERE b.booking_type = 'camping'";
$stmt = $conn->prepare($bookingsSql);
$stmt->execute();
$bookingsResult = $stmt->get_result();
if ($bookingsResult->num_rows > 0) {
echo '<input type="text" class="filter-input" placeholder="Filter results...">';
echo '<table>
<thead>
<tr>
<th>Name</th>
<th>From</th>
<th>To</th>
<th>Vehicles</th>
<th>Adults</th>
<th>Children</th>
<th>Add Firewood</th>
<th>Status</th>
<th>Amount</th>
</tr>
</thead>
<tbody>';
while ($booking = $bookingsResult->fetch_assoc()) {
$userName = htmlspecialchars($booking['first_name'] . ' ' . $booking['last_name']);
$numVehicles = htmlspecialchars($booking['num_vehicles']);
$from = htmlspecialchars($booking['from_date']);
$to = htmlspecialchars($booking['to_date']);
$numAdults = htmlspecialchars($booking['num_adults']);
$numChildren = htmlspecialchars($booking['num_children']);
$radio = $booking['add_firewood'] == 1 ? "YES" : "NO";
$status = htmlspecialchars($booking['status']);
$paid = "R " . number_format($booking['paid'], 2);
echo "<tr>
<td>{$userName}</td>
<td>{$from}</td>
<td>{$to}</td>
<td>{$numVehicles}</td>
<td>{$numAdults}</td>
<td>{$numChildren}</td>
<td>{$radio}</td>
<td>{$status}</td>
<td>{$paid}</td>
</tr>";
}
echo '</tbody></table>';
} else {
echo '<p>No bookings found for this trip.</p>';
}
echo "</div>";
echo "</div>";
?>
</div>
</section>
<?php include_once($rootPath . '/components/insta_footer.php'); ?>

247
src/admin/admin_course_bookings.php
View File

@@ -1,247 +0,0 @@
<?php
$headerStyle = 'light';
$rootPath = dirname(dirname(__DIR__));
include_once($rootPath . '/header.php');
checkAdmin();
// Fetch all trips
$courseSql = "SELECT date, course_id, course_type FROM courses";
$courseResult = $conn->query($courseSql);
if (!$courseResult) {
echo "Error in SQL query: " . $conn->error;
}
?>
<style>
table {
width: 100%;
border-collapse: separate;
border-spacing: 0;
margin: 10px 0;
}
thead th {
cursor: pointer;
text-align: left;
padding: 10px;
font-weight: bold;
position: relative;
}
thead th::after {
content: '\25B2';
/* Up arrow */
font-size: 0.8em;
position: absolute;
right: 10px;
opacity: 0;
transition: opacity 0.2s;
}
thead th.asc::after {
content: '\25B2';
/* Up arrow */
opacity: 1;
}
thead th.desc::after {
content: '\25BC';
/* Down arrow */
opacity: 1;
}
tbody tr:nth-child(odd) {
background-color: transparent;
}
tbody tr:nth-child(even) {
background-color: rgb(255, 255, 255);
border-radius: 10px;
}
tbody td {
padding: 5px;
}
tbody tr:nth-child(even) td:first-child {
border-top-left-radius: 10px;
border-bottom-left-radius: 10px;
}
tbody tr:nth-child(even) td:last-child {
border-top-right-radius: 10px;
border-bottom-right-radius: 10px;
}
.filter-input {
width: 100%;
padding: 5px;
/* margin-bottom: 20px; */
font-size: 16px;
background-color: rgb(255, 255, 255);
border-radius: 25px;
}
.trip-booking {
color: #484848;
background: #f9f9f7;
border: 1px solid #d8d8d8;
border-radius: 10px;
margin-top: 15px;
margin-bottom: 15px;
}
</style>
<script>
document.addEventListener("DOMContentLoaded", function() {
const tables = document.querySelectorAll("table");
tables.forEach((table) => {
const headers = table.querySelectorAll("thead th");
const rows = Array.from(table.querySelectorAll("tbody tr"));
const filterInput = table.previousElementSibling;
headers.forEach((header, index) => {
header.addEventListener("click", () => {
const sortedRows = rows.sort((a, b) => {
const aText = a.cells[index].textContent.trim().toLowerCase();
const bText = b.cells[index].textContent.trim().toLowerCase();
if (aText < bText) return -1;
if (aText > bText) return 1;
return 0;
});
if (header.classList.contains("asc")) {
header.classList.remove("asc");
header.classList.add("desc");
sortedRows.reverse();
} else {
headers.forEach(h => h.classList.remove("asc", "desc"));
header.classList.add("asc");
}
const tbody = table.querySelector("tbody");
tbody.innerHTML = "";
sortedRows.forEach(row => tbody.appendChild(row));
});
});
if (rows.length === 0) {
filterInput.style.display = "none";
} else {
filterInput.addEventListener("input", function() {
const filterValue = filterInput.value.trim().toLowerCase();
rows.forEach(row => {
const rowText = row.textContent.trim().toLowerCase();
row.style.display = rowText.includes(filterValue) ? "" : "none";
});
});
}
});
});
</script>
<?php
$bannerFolder = 'assets/images/banners/';
$bannerImages = glob($bannerFolder . '*.{jpg,jpeg,png,webp}', GLOB_BRACE);
$randomBanner = 'assets/images/base4/camping.jpg'; // default fallback
if (!empty($bannerImages)) {
$randomBanner = $bannerImages[array_rand($bannerImages)];
}
?>
<section class="page-banner-area pt-50 pb-35 rel z-1 bgs-cover" style="background-image: url('<?php echo $randomBanner; ?>');">
<div class="banner-overlay"></div>
<div class="container">
<div class="banner-inner text-white mb-50">
<h2 class="page-title mb-10" data-aos="fade-left" data-aos-duration="1500" data-aos-offset="50">4WDCSA Course Bookings</h2>
<nav aria-label="breadcrumb">
<ol class="breadcrumb justify-content-center mb-20" data-aos="fade-right" data-aos-delay="200" data-aos-duration="1500" data-aos-offset="50">
<li class="breadcrumb-item"><a href="index.php">Home</a></li>
<li class="breadcrumb-item active">Course Bookings</li>
</ol>
</nav>
</div>
</div>
</section>
<section class="tour-list-page py-10 rel z-1">
<div class="container">
<?php
if ($courseResult->num_rows > 0) {
while ($course = $courseResult->fetch_assoc()) {
$course_id = $course['course_id'];
$date = $course['date'];
$type = htmlspecialchars($course['course_type']);
if ($type === "driver_training") {
$course_name = "Basic 4X4 Driver Training Course ".$date;
} elseif ($type === "bush_mechanics") {
$course_name = "Bush Mechanics Course ".$date;
} elseif ($type === "rescue_recovery") {
$course_name = "Rescue & Recovery Training Course ".$date;
} else {
$course_name = "General Course ".$date; // Default fallback description
}
echo "<div class='trip-booking' data-aos='fade-up' data-aos-duration='1500' data-aos-offset='50'>";
echo "<div style='padding:10px;'>";
echo "<h4>{$course_name}</h4>";
// Fetch bookings for the current trip
$bookingsSql = "SELECT b.user_id, b.num_adults, b.total_amount, b.status, b.course_non_members,
u.first_name, u.last_name, u.profile_pic
FROM bookings b
INNER JOIN users u ON b.user_id = u.user_id
WHERE b.course_id = ?";
if ($stmt = $conn->prepare($bookingsSql)) {
$stmt->bind_param('i', $course_id);
$stmt->execute();
$bookingsResult = $stmt->get_result();
} else {
echo "Error in prepared statement: " . $conn->error;
}
if ($bookingsResult->num_rows > 0) {
echo '<input type="text" class="filter-input" placeholder="Filter results...">';
echo '<table>
<thead>
<tr>
<th></th>
<th>Name</th>
<th>Members</th>
<th>Non-Members</th>
<th>Status</th>
<th>Amount</th>
</tr>
</thead>
<tbody>';
while ($booking = $bookingsResult->fetch_assoc()) {
$userName = htmlspecialchars($booking['first_name'] . ' ' . $booking['last_name']);
$members = htmlspecialchars($booking['num_adults']);
$non_members = htmlspecialchars($booking['course_non_members']);
$status = htmlspecialchars($booking['status']);
$paid = "R " . number_format($booking['total_amount'], 2);
echo "<tr>
<td><img src=".$booking['profile_pic']." alt='Profile Picture' class='profile-pic'></td>
<td>{$userName}</td>
<td>{$members}</td>
<td>{$non_members}</td>
<td>{$status}</td>
<td>{$paid}</td>
</tr>";
}
echo '</tbody></table>';
} else {
echo '<p>No bookings found for this trip.</p>';
}
echo "</div>";
echo "</div>";
}
} else {
echo '<p>No courses found.</p>';
}
?>
</div>
</section>
<?php include_once($rootPath . '/components/insta_footer.php'); ?>

230
src/admin/admin_events.php
View File

@@ -1,230 +0,0 @@
<?php
$rootPath = dirname(dirname(__DIR__));
require_once($rootPath . "/src/config/env.php");
require_once($rootPath . "/src/config/connection.php");
require_once($rootPath . "/src/config/functions.php");
require_once($rootPath . "/header.php");
checkAdmin();
checkUserSession();
$pageTitle = 'Manage Events';
$breadcrumbs = [['Home' => 'index']];
require_once($rootPath . '/components/banner.php');
// Fetch all events
$events_query = "
SELECT
event_id, name, type, location, date, image, published
FROM events
ORDER BY date DESC
";
$result = $conn->query($events_query);
$events = [];
if ($result && $result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
$events[] = $row;
}
}
?>
<style>
.image {
width: 300px;
/* Set your desired width */
height: 250px;
/* Set your desired height */
overflow: hidden;
/* Hide any overflow */
display: block;
/* Ensure proper block behavior */
border-radius: 8px;
}
.image img {
width: 100%;
/* Image scales to fill the container */
height: 100%;
/* Image scales to fill the container */
object-fit: cover;
/* Fills the container while maintaining aspect ratio */
object-position: center;
/* Aligns the center of the image with the center of the container */
display: block;
/* Prevents inline whitespace issues */
}
</style>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script>
<script>
document.addEventListener("DOMContentLoaded", function() {
const filterInput = document.querySelector('.filter-input');
const cards = document.querySelectorAll('.destination-item');
if (cards.length === 0 && filterInput) {
filterInput.style.display = "none";
} else if (filterInput) {
filterInput.addEventListener("input", function() {
const filterValue = filterInput.value.trim().toLowerCase();
cards.forEach(card => {
const cardText = card.textContent.trim().toLowerCase();
card.style.display = cardText.includes(filterValue) ? "" : "none";
});
});
}
});
</script>
<?php
$pageTitle = 'Manage Events';
$breadcrumbs = [['Home' => 'index']];
require_once($rootPath . '/components/banner.php');
?>
<!-- Events Management Area start -->
<section class="blog-list-page py-100 rel z-1">
<div class="container">
<div class="row">
<div class="col-lg-12">
<div style="display: flex; justify-content: space-between; align-items: center; margin-bottom: 30px;">
<h2 style="margin: 0;">Manage Events</h2>
<a href="manage_events" class="theme-btn create-album-btn">
<i class="far fa-plus"></i> New Event
</a>
</div>
<?php if (isset($_SESSION['message'])): ?>
<div class="alert alert-warning message-box">
<?php echo $_SESSION['message']; ?>
<span class="close-btn" onclick="this.parentElement.style.display='none'">&times;</span>
</div>
<?php unset($_SESSION['message']);
endif;
if (count($events) > 0) {
echo '<input type="text" class="filter-input" placeholder="Filter events...">';
echo '<div class="events-container" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">';
foreach ($events as $event) {
$eventImagePath = $event['image'] ? htmlspecialchars($event['image']) : 'assets/images/placeholder.jpg';
$publishStatusBadge = $event['published'] == 1 ? 'PUBLISHED' : 'DRAFT';
echo '
<div class="destination-item style-three bgc-lighter booking" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">
<div class="image" style="width:300px;height:250px;">
<img src="' . $eventImagePath . '" alt="' . htmlspecialchars($event['name']) . '">
</div>
<div class="content" style="width:100%;">
<div class="destination-header d-flex align-items-start gap-3">
<div>
<span class="badge bg-dark mb-1">' . strtoupper($publishStatusBadge) . '</span>
<h5 class="mb-0">' . htmlspecialchars($event['name']) . '</h5>
<small class="text-muted">📍 ' . htmlspecialchars($event['location']) . '</small>
</div>
</div>
<p style="margin: 10px 0;">
<strong>Type:</strong> ' . htmlspecialchars($event['type']) . '<br>
<strong>Date:</strong> ' . convertDate($event['date']) . '
</p>
<div class="destination-footer">
<div class="btn-group" style="display:flex; justify-content:flex-end; gap:10px;">
<a href="manage_events?event_id=' . $event['event_id'] . '" data-bs-toggle="tooltip" data-bs-placement="top" title="Edit"><span class="material-icons">edit</span></a>
<button type="button" class="toggle-publish" data-event-id="' . $event['event_id'] . '" data-bs-toggle="tooltip" data-bs-placement="top" title="' . ($event['published'] == 1 ? 'Unpublish' : 'Publish') . '" style="background:none; border:none; cursor:pointer; color:inherit;"><span class="material-icons">' . ($event['published'] == 1 ? 'cloud_off' : 'cloud_upload') . '</span></button>
<button type="button" class="delete-event" data-event-id="' . $event['event_id'] . '" data-bs-toggle="tooltip" data-bs-placement="top" title="Delete" style="background:none; border:none; cursor:pointer; color:inherit;"><span class="material-icons">delete</span></button>
</div>
</div>
</div>
</div>
';
}
echo '</div>';
} else {
echo '<div class="no-events">
<p>No events found. <a href="manage_events">Create one</a></p>
</div>';
}
?>
</div>
</div>
</div>
</section>
<!-- Events Management Area end -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script>
<script>
const tooltipTriggerList = document.querySelectorAll('[data-bs-toggle="tooltip"]');
tooltipTriggerList.forEach(el => new bootstrap.Tooltip(el));
// Handle publish/unpublish button clicks
document.querySelectorAll('.toggle-publish').forEach(btn => {
btn.addEventListener('click', function() {
const eventId = this.dataset.eventId;
const currentIcon = this.querySelector('.material-icons').textContent;
const isPublished = currentIcon === 'cloud_off';
const action = isPublished ? 'Unpublish' : 'Publish';
const formData = new FormData();
formData.append('event_id', eventId);
fetch('toggle_event_published', {
method: 'POST',
body: formData
})
.then(response => response.json())
.then(data => {
if (data.status === 'success') {
alert(action + ' successful!');
location.reload();
} else {
alert(action + ' failed: ' + data.message);
}
})
.catch(err => {
console.error('Error:', err);
alert(action + ' failed due to network error.');
});
});
});
// Handle delete button clicks
document.querySelectorAll('.delete-event').forEach(btn => {
btn.addEventListener('click', function() {
if (!confirm('Are you sure you want to delete this event? This action cannot be undone.')) {
return false;
}
const eventId = this.dataset.eventId;
const card = this.closest('.destination-item');
const formData = new FormData();
formData.append('event_id', eventId);
fetch('delete_event', {
method: 'POST',
body: formData
})
.then(response => response.json())
.then(data => {
if (data.status === 'success') {
card.style.animation = 'fadeOut 0.3s ease-out';
setTimeout(() => {
card.remove();
if (document.querySelectorAll('.destination-item').length === 0) {
location.reload();
}
}, 300);
} else {
alert('Error: ' + data.message);
}
})
.catch(err => {
console.error('Error:', err);
alert('Delete failed due to network error.');
});
});
});
</script>
<?php include_once($rootPath . '/components/insta_footer.php'); ?>

248
src/admin/admin_transactions.php Normal file
View File

@@ -0,0 +1,248 @@
<?php
$headerStyle = 'light';
$rootPath = dirname(dirname(__DIR__));
include_once($rootPath . '/header.php');
checkAdmin();
?>
<style>
table {
width: 100%;
border-collapse: separate;
border-spacing: 0;
margin: 10px 0;
}
thead th {
cursor: pointer;
text-align: left;
padding: 10px;
font-weight: bold;
position: relative;
}
thead th::after {
content: '\25B2';
/* Up arrow */
font-size: 0.8em;
position: absolute;
right: 10px;
opacity: 0;
transition: opacity 0.2s;
}
thead th.asc::after {
content: '\25B2';
/* Up arrow */
opacity: 1;
}
thead th.desc::after {
content: '\25BC';
/* Down arrow */
opacity: 1;
}
tbody tr:nth-child(odd) {
background-color: transparent;
}
tbody tr:nth-child(even) {
background-color: rgb(255, 255, 255);
border-radius: 10px;
}
tbody td {
padding: 5px;
}
tbody tr:nth-child(even) td:first-child {
border-top-left-radius: 10px;
border-bottom-left-radius: 10px;
}
tbody tr:nth-child(even) td:last-child {
border-top-right-radius: 10px;
border-bottom-right-radius: 10px;
}
.filter-input {
width: 100%;
padding: 5px;
/* margin-bottom: 20px; */
font-size: 16px;
background-color: rgb(255, 255, 255);
border-radius: 25px;
}
.infobox {
color: #484848;
background: #f9f9f7;
border: 1px solid #d8d8d8;
border-radius: 10px;
margin-top: 15px;
margin-bottom: 15px;
}
</style>
<script>
document.addEventListener("DOMContentLoaded", function() {
const table = document.querySelector("table");
const headers = table.querySelectorAll("thead th");
const rows = Array.from(table.querySelectorAll("tbody tr"));
const filterInput = document.getElementById("filterInput");
headers.forEach((header, index) => {
header.addEventListener("click", () => {
const sortedRows = rows.sort((a, b) => {
const aText = a.cells[index].textContent.trim().toLowerCase();
const bText = b.cells[index].textContent.trim().toLowerCase();
if (aText < bText) return -1;
if (aText > bText) return 1;
return 0;
});
if (header.classList.contains("asc")) {
header.classList.remove("asc");
header.classList.add("desc");
sortedRows.reverse();
} else {
headers.forEach(h => h.classList.remove("asc", "desc"));
header.classList.add("asc");
}
const tbody = table.querySelector("tbody");
tbody.innerHTML = "";
sortedRows.forEach(row => tbody.appendChild(row));
});
});
filterInput.addEventListener("input", function() {
const filterValue = filterInput.value.trim().toLowerCase();
rows.forEach(row => {
const rowText = row.textContent.trim().toLowerCase();
row.style.display = rowText.includes(filterValue) ? "" : "none";
});
});
});
</script>
<!-- Page Banner Start -->
<?php
$bannerFolder = 'assets/images/banners/';
$bannerImages = glob($bannerFolder . '*.{jpg,jpeg,png,webp}', GLOB_BRACE);
$randomBanner = 'assets/images/base4/camping.jpg'; // default fallback
if (!empty($bannerImages)) {
$randomBanner = $bannerImages[array_rand($bannerImages)];
}
?>
<section class="page-banner-area pt-50 pb-35 rel z-1 bgs-cover" style="background-image: url('<?php echo $randomBanner; ?>');">
<div class="banner-overlay"></div>
<div class="container">
<div class="banner-inner text-white mb-50">
<h2 class="page-title mb-10" data-aos="fade-left" data-aos-duration="1500" data-aos-offset="50">iKhokha Payments</h2>
<nav aria-label="breadcrumb">
<ol class="breadcrumb justify-content-center mb-20" data-aos="fade-right" data-aos-delay="200" data-aos-duration="1500" data-aos-offset="50">
<li class="breadcrumb-item"><a href="index.php">Home</a></li>
<li class="breadcrumb-item active">iKhokha Payments</li>
</ol>
</nav>
</div>
</div>
</section>
<!-- Tour List Area start -->
<section class="tour-list-page py-10 rel z-1">
<div class="container">
<div class="row">
<div class="col-lg-12">
<div class='infobox' data-aos='fade-up' data-aos-duration='1500' data-aos-offset='50'>
<div style='padding:10px;'>
<?php
// Fetch transactions from iKhokha API instead of DB
$startDate = isset($_GET['start']) ? $_GET['start'] : date('Y-m-d', strtotime('-30 days'));
$endDate = isset($_GET['end']) ? $_GET['end'] : date('Y-m-d');
// getIkhokhaTransactionHistory should return JSON (string) or an array
$raw = getIkhokhaTransactionHistory($startDate, $endDate);
$transactions = [];
if (is_string($raw)) {
$transactions = json_decode($raw, true);
} elseif (is_array($raw)) {
$transactions = $raw;
}
if (!empty($transactions)) {
echo '<input id="filterInput" type="text" class="filter-input" placeholder="Filter results...">';
echo '<table>
<thead>
<tr>
<th>Date</th>
<th>ID</th>
<th>PaylinkID</th>
<th>Description</th>
<th>Amount</th>
<th>Status</th>
</tr>
</thead>
<tbody>';
$printed = false;
foreach ($transactions as $row) {
$createdAt = isset($row['createdAt']) ? htmlspecialchars($row['createdAt']) : '';
// prefer externalTransactionID when available, fallback to paylinkID
$txId = isset($row['externalTransactionID']) ? $row['externalTransactionID'] : (isset($row['paylinkID']) ? $row['paylinkID'] : '');
$ikhokhaTxId = isset($row['paylinkID']) ? $row['paylinkID'] : '';
$description = isset($row['description']) ? $row['description'] : '';
$amount = isset($row['amount']) ? $row['amount'] : '';
$status = isset($row['status']) ? $row['status'] : '';
// Skip unpaid transactions
if (strcasecmp($status, 'UNPAID') === 0) {
continue;
}
echo "<tr>
<td>" . htmlspecialchars($createdAt) . "</td>
<td>" . htmlspecialchars($txId) . "</td>
<td>" . htmlspecialchars($ikhokhaTxId) . "</td>
<td>" . htmlspecialchars($description) . "</td>
<td>R " . htmlspecialchars($amount/100) . ".00</td>
<td>" . htmlspecialchars($status) . "</td>
</tr>";
$printed = true;
}
if (!$printed) {
echo '<tr><td colspan="6">No records found</td></tr>';
}
} else {
echo '<input id="filterInput" type="text" class="filter-input" placeholder="Filter results...">';
echo '<table>
<thead>
<tr>
<th>Date</th>
<th>ID</th>
<th>Description</th>
<th>Amount</th>
<th>Status</th>
</tr>
</thead>
<tbody>';
echo '<tr><td colspan="5">No records found</td></tr>';
} ?>
</tbody>
</table>
</div>
</div>
</div>
</div>
</div>
</section>
<!-- Tour List Area end -->
<?php include_once($rootPath . '/components/insta_footer.php'); ?>

240
src/admin/admin_trip_bookings.php
View File

@@ -1,240 +0,0 @@
<?php
$headerStyle = 'light';
$rootPath = dirname(dirname(__DIR__));
include_once($rootPath . '/header.php');
checkAdmin();
// Fetch all trips
$tripsSql = "SELECT trip_id, trip_name FROM trips";
$tripsResult = $conn->query($tripsSql);
?>
<style>
table {
width: 100%;
border-collapse: separate;
border-spacing: 0;
margin: 10px 0;
}
thead th {
cursor: pointer;
text-align: left;
padding: 10px;
font-weight: bold;
position: relative;
}
thead th::after {
content: '\25B2';
/* Up arrow */
font-size: 0.8em;
position: absolute;
right: 10px;
opacity: 0;
transition: opacity 0.2s;
}
thead th.asc::after {
content: '\25B2';
/* Up arrow */
opacity: 1;
}
thead th.desc::after {
content: '\25BC';
/* Down arrow */
opacity: 1;
}
tbody tr:nth-child(odd) {
background-color: transparent;
}
tbody tr:nth-child(even) {
background-color: rgb(255, 255, 255);
border-radius: 10px;
}
tbody td {
padding: 5px;
}
tbody tr:nth-child(even) td:first-child {
border-top-left-radius: 10px;
border-bottom-left-radius: 10px;
}
tbody tr:nth-child(even) td:last-child {
border-top-right-radius: 10px;
border-bottom-right-radius: 10px;
}
.filter-input {
width: 100%;
padding: 5px;
/* margin-bottom: 20px; */
font-size: 16px;
background-color: rgb(255, 255, 255);
border-radius: 25px;
}
.trip-booking {
color: #484848;
background: #f9f9f7;
border: 1px solid #d8d8d8;
border-radius: 10px;
margin-top: 15px;
margin-bottom: 15px;
}
</style>
<script>
document.addEventListener("DOMContentLoaded", function() {
const tables = document.querySelectorAll("table");
tables.forEach((table) => {
const headers = table.querySelectorAll("thead th");
const rows = Array.from(table.querySelectorAll("tbody tr"));
const filterInput = table.previousElementSibling;
headers.forEach((header, index) => {
header.addEventListener("click", () => {
const sortedRows = rows.sort((a, b) => {
const aText = a.cells[index].textContent.trim().toLowerCase();
const bText = b.cells[index].textContent.trim().toLowerCase();
if (aText < bText) return -1;
if (aText > bText) return 1;
return 0;
});
if (header.classList.contains("asc")) {
header.classList.remove("asc");
header.classList.add("desc");
sortedRows.reverse();
} else {
headers.forEach(h => h.classList.remove("asc", "desc"));
header.classList.add("asc");
}
const tbody = table.querySelector("tbody");
tbody.innerHTML = "";
sortedRows.forEach(row => tbody.appendChild(row));
});
});
if (rows.length === 0) {
filterInput.style.display = "none";
} else {
filterInput.addEventListener("input", function() {
const filterValue = filterInput.value.trim().toLowerCase();
rows.forEach(row => {
const rowText = row.textContent.trim().toLowerCase();
row.style.display = rowText.includes(filterValue) ? "" : "none";
});
});
}
});
});
</script>
<?php
$bannerFolder = 'assets/images/banners/';
$bannerImages = glob($bannerFolder . '*.{jpg,jpeg,png,webp}', GLOB_BRACE);
$randomBanner = 'assets/images/base4/camping.jpg'; // default fallback
if (!empty($bannerImages)) {
$randomBanner = $bannerImages[array_rand($bannerImages)];
}
?>
<section class="page-banner-area pt-50 pb-35 rel z-1 bgs-cover" style="background-image: url('<?php echo $randomBanner; ?>');">
<div class="banner-overlay"></div>
<div class="container">
<div class="banner-inner text-white mb-50">
<h2 class="page-title mb-10" data-aos="fade-left" data-aos-duration="1500" data-aos-offset="50">4WDCSA Trip Bookings</h2>
<nav aria-label="breadcrumb">
<ol class="breadcrumb justify-content-center mb-20" data-aos="fade-right" data-aos-delay="200" data-aos-duration="1500" data-aos-offset="50">
<li class="breadcrumb-item"><a href="index.php">Home</a></li>
<li class="breadcrumb-item active">Trip Bookings</li>
</ol>
</nav>
</div>
</div>
</section>
<section class="tour-list-page py-10 rel z-1">
<div class="container">
<?php
if ($tripsResult->num_rows > 0) {
while ($trip = $tripsResult->fetch_assoc()) {
$tripId = $trip['trip_id'];
$tripName = htmlspecialchars($trip['trip_name']);
echo "<div class='trip-booking' data-aos='fade-up' data-aos-duration='1500' data-aos-offset='50'>";
echo "<div style='padding:10px;'>";
echo "<h4>{$tripName}</h4>";
// Fetch bookings for the current trip
$bookingsSql = "SELECT b.user_id, b.num_vehicles, b.num_adults, b.num_children, b.num_pensioners, b.radio, b.status,
u.first_name, u.last_name, u.profile_pic,
(b.total_amount - b.discount_amount) AS paid
FROM bookings b
INNER JOIN users u ON b.user_id = u.user_id
WHERE b.trip_id = ?";
$stmt = $conn->prepare($bookingsSql);
$stmt->bind_param('i', $tripId);
$stmt->execute();
$bookingsResult = $stmt->get_result();
if ($bookingsResult->num_rows > 0) {
echo '<input type="text" class="filter-input" placeholder="Filter results...">';
echo '<table>
<thead>
<tr>
<th></th>
<th>Name</th>
<th>Vehicles</th>
<th>Adults</th>
<th>Children</th>
<th>Pensioners</th>
<th>Radio</th>
<th>Status</th>
<th>Amount</th>
</tr>
</thead>
<tbody>';
while ($booking = $bookingsResult->fetch_assoc()) {
$userName = htmlspecialchars($booking['first_name'] . ' ' . $booking['last_name']);
$numVehicles = htmlspecialchars($booking['num_vehicles']);
$numAdults = htmlspecialchars($booking['num_adults']);
$numPensioners = htmlspecialchars($booking['num_pensioners']);
$numChildren = htmlspecialchars($booking['num_children']);
$radio = $booking['radio'] == 1 ? "YES" : "NO";
$status = htmlspecialchars($booking['status']);
$paid = "R " . number_format($booking['paid'], 2);
echo "<tr>
<td><img src=".$booking['profile_pic']." alt='Profile Picture' class='profile-pic'></td>
<td>{$userName}</td>
<td>{$numVehicles}</td>
<td>{$numAdults}</td>
<td>{$numChildren}</td>
<td>{$numPensioners}</td>
<td>{$radio}</td>
<td>{$status}</td>
<td>{$paid}</td>
</tr>";
}
echo '</tbody></table>';
} else {
echo '<p>No bookings found for this trip.</p>';
}
echo "</div>";
echo "</div>";
}
} else {
echo '<p>No trips found.</p>';
}
?>
</div>
</section>
<?php include_once($rootPath . '/components/insta_footer.php'); ?>

244
src/admin/admin_trips.php
View File

@@ -1,244 +0,0 @@
<?php
$rootPath = dirname(dirname(__DIR__));
require_once($rootPath . "/src/config/env.php");
require_once($rootPath . "/src/config/connection.php");
require_once($rootPath . "/src/config/functions.php");
require_once($rootPath . "/header.php");
checkAdmin();
checkUserSession();
$pageTitle = 'Manage Trips';
$breadcrumbs = [['Home' => 'index']];
require_once($rootPath . '/components/banner.php');
// Fetch all trips with booking status
$trips_query = "
SELECT
trip_id, trip_name, location, start_date, end_date,
vehicle_capacity, places_booked, cost_members, cost_nonmembers,
cost_pensioner_member, cost_pensioner, published
FROM trips
ORDER BY start_date DESC
";
$result = $conn->query($trips_query);
$trips = [];
if ($result && $result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
$trips[] = $row;
}
}
?>
<style>
.image {
width: 200px;
/* Set your desired width */
height: 200px;
/* Set your desired height */
overflow: hidden;
/* Hide any overflow */
display: block;
/* Ensure proper block behavior */
border-radius: 8px;
}
.image img {
width: 100%;
/* Image scales to fill the container */
height: 100%;
/* Image scales to fill the container */
object-fit: cover;
/* Fills the container while maintaining aspect ratio */
object-position: center;
/* Aligns the center of the image with the center of the container */
display: block;
/* Prevents inline whitespace issues */
}
</style>
<script>
document.addEventListener("DOMContentLoaded", function() {
const filterInput = document.querySelector('.filter-input');
const cards = document.querySelectorAll('.destination-item');
if (cards.length === 0 && filterInput) {
filterInput.style.display = "none";
} else if (filterInput) {
filterInput.addEventListener("input", function() {
const filterValue = filterInput.value.trim().toLowerCase();
cards.forEach(card => {
const cardText = card.textContent.trim().toLowerCase();
card.style.display = cardText.includes(filterValue) ? "" : "none";
});
});
}
});
</script>
<?php
$bannerFolder = 'assets/images/banners/';
$bannerImages = glob($bannerFolder . '*.{jpg,jpeg,png,webp}', GLOB_BRACE);
?>
<!-- Trips Management Area start -->
<section class="blog-list-page py-100 rel z-1">
<div class="container">
<div class="row">
<div class="col-lg-12">
<div style="display: flex; justify-content: space-between; align-items: center; margin-bottom: 30px;">
<h2 style="margin: 0;">Manage Trips</h2>
<a href="manage_trips" class="theme-btn create-album-btn">
<i class="far fa-plus"></i> New Event
</a>
</div>
<?php if (isset($_SESSION['message'])): ?>
<div class="alert alert-warning message-box">
<?php echo $_SESSION['message']; ?>
<span class="close-btn" onclick="this.parentElement.style.display='none'">&times;</span>
</div>
<?php unset($_SESSION['message']);
endif;
if (count($trips) > 0) {
echo '<input type="text" class="filter-input" placeholder="Filter trips...">';
echo '<div class="trips-container" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">';
foreach ($trips as $trip) {
$available = $trip['vehicle_capacity'] - $trip['places_booked'];
$publishStatus = $trip['published'] == 1 ? 'published' : 'draft';
$publishStatusBadge = $trip['published'] == 1 ? 'PUBLISHED' : 'DRAFT';
// Get trip image - look for assets/images/trips/$trip_id_{number}.jpg
$tripImagePath = '';
$tripImagesGlob = glob($rootPath . '/assets/images/trips/' . $trip['trip_id'] . '_*.jpg');
if (!empty($tripImagesGlob)) {
$tripImagePath = str_replace($rootPath, '', $tripImagesGlob[0]);
} else {
// Fallback to placeholder icon if no image found
$tripImagePath = 'assets/images/placeholder.jpg';
}
echo '
<div class="destination-item style-three bgc-lighter booking" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">
<div class="image" style="width:300px;height:250px;">
<img src="' . htmlspecialchars($tripImagePath) . '" alt="' . htmlspecialchars($trip['trip_name']) . '">
</div>
<div class="content" style="width:100%;">
<div class="destination-header d-flex align-items-start gap-3">
<div>
<span class="badge bg-dark mb-1">' . strtoupper($publishStatusBadge) . '</span>
<h5 class="mb-0">' . htmlspecialchars($trip['trip_name']) . '</h5>
<small class="text-muted">📍 ' . htmlspecialchars($trip['location']) . '</small>
</div>
</div>
<p style="margin: 10px 0;">
<strong>Dates:</strong> ' . date('M d', strtotime($trip['start_date'])) . ' - ' . date('M d, Y', strtotime($trip['end_date'])) . '<br>
<strong>Capacity:</strong> ' . $trip['places_booked'] . ' / ' . $trip['vehicle_capacity'] . '<br>
<strong>Costs:</strong> Members: R ' . number_format($trip['cost_members'], 2) . ' | Non-Members: R ' . number_format($trip['cost_nonmembers'], 2) . ' | Pensioner Members: R ' . number_format($trip['cost_pensioner_member'], 2) . ' | Pensioners: R ' . number_format($trip['cost_pensioner'], 2) . '
</p>
<div class="destination-footer">
<div class="btn-group" style="display:flex; justify-content:flex-end; gap:10px;">
<a href="manage_trips?trip_id=' . $trip['trip_id'] . '" data-bs-toggle="tooltip" data-bs-placement="top" title="Edit"><span class="material-icons">edit</span></a>
<button type="button" class="toggle-publish" data-trip-id="' . $trip['trip_id'] . '" data-bs-toggle="tooltip" data-bs-placement="top" title="' . ($trip['published'] == 1 ? 'Unpublish' : 'Publish') . '" style="background:none; border:none; cursor:pointer; color:inherit;"><span class="material-icons">' . ($trip['published'] == 1 ? 'cloud_off' : 'cloud_upload') . '</span></button>
<button type="button" class="delete-trip" data-trip-id="' . $trip['trip_id'] . '" data-bs-toggle="tooltip" data-bs-placement="top" title="Delete" style="background:none; border:none; cursor:pointer; color:inherit;"><span class="material-icons">delete</span></button>
</div>
</div>
</div>
</div>
';
}
echo '</div>';
} else {
echo '<div class="no-trips">
<p>No trips found. <a href="manage_trips">Create one</a></p>
</div>';
}
?>
</div>
</div>
</div>
</section>
<!-- Trips Management Area end -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script>
<script>
const tooltipTriggerList = document.querySelectorAll('[data-bs-toggle="tooltip"]');
tooltipTriggerList.forEach(el => new bootstrap.Tooltip(el));
// Handle publish/unpublish button clicks
document.querySelectorAll('.toggle-publish').forEach(btn => {
btn.addEventListener('click', function() {
const tripId = this.dataset.tripId;
const currentIcon = this.querySelector('.material-icons').textContent;
const isPublished = currentIcon === 'cloud_off';
const action = isPublished ? 'Unpublish' : 'Publish';
const formData = new FormData();
formData.append('trip_id', tripId);
fetch('toggle_trip_published', {
method: 'POST',
body: formData
})
.then(response => response.json())
.then(data => {
if (data.status === 'success') {
alert(action + ' successful!');
location.reload();
} else {
alert(action + ' failed: ' + data.message);
}
})
.catch(err => {
console.error('Error:', err);
alert(action + ' failed due to network error.');
});
});
});
// Handle delete button clicks
document.querySelectorAll('.delete-trip').forEach(btn => {
btn.addEventListener('click', function() {
if (!confirm('Are you sure you want to delete this trip? This action cannot be undone.')) {
return false;
}
const tripId = this.dataset.tripId;
const card = this.closest('.destination-item');
const formData = new FormData();
formData.append('trip_id', tripId);
fetch('delete_trip', {
method: 'POST',
body: formData
})
.then(response => response.json())
.then(data => {
if (data.status === 'success') {
alert('Trip deleted successfully!');
card.style.animation = 'fadeOut 0.3s ease-out';
setTimeout(() => {
card.remove();
if (document.querySelectorAll('.destination-item').length === 0) {
location.reload();
}
}, 300);
} else {
alert('Error: ' + data.message);
}
})
.catch(err => {
console.error('Error:', err);
alert('Delete failed due to network error.');
});
});
});
</script>
<?php include_once($rootPath . '/components/insta_footer.php'); ?>

441
src/admin/admin_trips_events_courses.php Normal file
View File

@@ -0,0 +1,441 @@
<?php
$headerStyle = 'light';
$rootPath = dirname(dirname(__DIR__));
include_once($rootPath . '/header.php');
checkAdmin();
// Ensure $conn is available; show a friendly message if DB is down
$conn = $conn ?? null;
if (!$conn) {
// Render a simple error notice inside the page layout and stop further DB queries
echo '<section class="tour-list-page py-10 rel z-1">\n <div class="container">\n <div class="alert alert-danger">Database connection unavailable. Please check your configuration and logs.</div>\n </div>\n</section>';
include_once($rootPath . '/components/insta_footer.php');
// Stop execution to prevent subsequent fatal errors from using $conn
exit;
}
?>
<style>
/* Shared table and tab styles */
.admin-tabs { text-align: center; display: flex; margin-bottom: 20px; margin-top: 20px; }
.admin-tab { padding: 10px 30px; margin-right: 20px; cursor: pointer; border: 2px solid; border-radius: 50px; background: none; font-size: 18px; color: #484848; }
.admin-tab.active { color: white; background: #63ab45; font-weight: bold; }
.tab-content { display: none; }
.tab-content.active { display: block; }
table { width: 100%; border-collapse: separate; border-spacing: 0; margin: 10px 0; }
thead th { cursor: pointer; text-align: left; padding: 10px; font-weight: bold; position: relative; }
thead th::after { content: '\25B2'; font-size: 0.8em; position: absolute; right: 10px; opacity: 0; transition: opacity 0.2s; }
thead th.asc::after { content: '\25B2'; opacity: 1; }
thead th.desc::after { content: '\25BC'; opacity: 1; }
tbody tr:nth-child(odd) { background-color: transparent; }
tbody tr:nth-child(even) { background-color: rgb(255, 255, 255); border-radius: 10px; }
tbody td { padding: 5px; }
tbody tr:nth-child(even) td:first-child { border-top-left-radius: 10px; border-bottom-left-radius: 10px; }
tbody tr:nth-child(even) td:last-child { border-top-right-radius: 10px; border-bottom-right-radius: 10px; }
.filter-input { width: 100%; padding: 5px; font-size: 16px; background-color: rgb(255, 255, 255); border-radius: 25px; }
.trip-booking { color: #484848; background: #f9f9f7; border: 1px solid #d8d8d8; border-radius: 10px; margin-top: 15px; margin-bottom: 15px; }
</style>
<script>
document.addEventListener("DOMContentLoaded", function() {
// Tab switching
const tabs = document.querySelectorAll('.admin-tab');
const contents = document.querySelectorAll('.tab-content');
tabs.forEach((tab, idx) => {
tab.addEventListener('click', function() {
tabs.forEach(t => t.classList.remove('active'));
contents.forEach(c => c.classList.remove('active'));
tab.classList.add('active');
contents[idx].classList.add('active');
});
});
// Table sorting/filtering (same as before)
document.querySelectorAll("table").forEach((table) => {
const headers = table.querySelectorAll("thead th");
const rows = Array.from(table.querySelectorAll("tbody tr"));
const filterInput = table.previousElementSibling;
headers.forEach((header, index) => {
header.addEventListener("click", () => {
const sortedRows = rows.sort((a, b) => {
const aText = a.cells[index].textContent.trim().toLowerCase();
const bText = b.cells[index].textContent.trim().toLowerCase();
if (aText < bText) return -1;
if (aText > bText) return 1;
return 0;
});
if (header.classList.contains("asc")) {
header.classList.remove("asc");
header.classList.add("desc");
sortedRows.reverse();
} else {
headers.forEach(h => h.classList.remove("asc", "desc"));
header.classList.add("asc");
}
const tbody = table.querySelector("tbody");
tbody.innerHTML = "";
sortedRows.forEach(row => tbody.appendChild(row));
});
});
if (rows.length === 0) {
filterInput.style.display = "none";
} else {
filterInput.addEventListener("input", function() {
const filterValue = filterInput.value.trim().toLowerCase();
rows.forEach(row => {
const rowText = row.textContent.trim().toLowerCase();
row.style.display = rowText.includes(filterValue) ? "" : "none";
});
});
}
});
});
</script>
<?php
$pageTitle = 'Manage Trips, Courses & Events';
$breadcrumbs = [['Home' => 'index']];
require_once($rootPath . '/components/banner.php');
?>
<section class="tour-list-page py-10 rel z-1">
<div class="container">
<div class="admin-tabs">
<button class="admin-tab active">Manage Trips</button>
<button class="admin-tab">Manage Events</button>
<button class="admin-tab">Manage Courses</button>
<button class="admin-tab">Manage Blogs</button>
</div>
<div class="tab-content active">
<?php
// Trips management content (adapted from admin_trips.php)
// Fetch trips (already available if connection present)
$trips_query = "
SELECT
trip_id, trip_name, location, start_date, end_date,
vehicle_capacity, places_booked, cost_members, cost_nonmembers,
cost_pensioner_member, cost_pensioner, published
FROM trips
ORDER BY start_date DESC
";
$result = $conn->query($trips_query);
$trips = [];
if ($result && $result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
$trips[] = $row;
}
}
?>
<div class="row">
<div class="col-lg-12">
<div style="display: flex; justify-content: space-between; align-items: center; margin-bottom: 30px;">
<h2 style="margin: 0;">Manage Trips</h2>
<a href="manage_trips" class="theme-btn create-album-btn">
<i class="far fa-plus"></i> New Trip
</a>
</div>
<?php if (isset($_SESSION['message'])): ?>
<div class="alert alert-warning message-box">
<?php echo $_SESSION['message']; ?>
<span class="close-btn" onclick="this.parentElement.style.display='none'">&times;</span>
</div>
<?php unset($_SESSION['message']);
endif;
if (count($trips) > 0) {
echo '<input type="text" class="filter-input" placeholder="Filter trips...">';
echo '<div class="trips-container" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">';
foreach ($trips as $trip) {
$available = $trip['vehicle_capacity'] - $trip['places_booked'];
$publishStatusBadge = $trip['published'] == 1 ? 'PUBLISHED' : 'DRAFT';
$tripImagePath = '';
$tripImagesGlob = glob($rootPath . '/assets/images/trips/' . $trip['trip_id'] . '_*.jpg');
if (!empty($tripImagesGlob)) {
$tripImagePath = str_replace($rootPath, '', $tripImagesGlob[0]);
} else {
$tripImagePath = 'assets/images/placeholder.jpg';
}
echo '
<div class="destination-item style-three bgc-lighter booking" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">
<div class="image" style="width:300px;height:250px;">
<img src="' . htmlspecialchars($tripImagePath) . '" alt="' . htmlspecialchars($trip['trip_name']) . '">
</div>
<div class="content" style="width:100%;">
<div class="destination-header d-flex align-items-start gap-3">
<div>
<span class="badge bg-dark mb-1">' . strtoupper($publishStatusBadge) . '</span>
<h5 class="mb-0">' . htmlspecialchars($trip['trip_name']) . '</h5>
<small class="text-muted">📍 ' . htmlspecialchars($trip['location']) . '</small>
</div>
</div>
<p style="margin: 10px 0;">
<strong>Dates:</strong> ' . date('M d', strtotime($trip['start_date'])) . ' - ' . date('M d, Y', strtotime($trip['end_date'])) . '<br>
<strong>Capacity:</strong> ' . $trip['places_booked'] . ' / ' . $trip['vehicle_capacity'] . '<br>
<strong>Costs:</strong> Members: R ' . number_format($trip['cost_members'], 2) . ' | Non-Members: R ' . number_format($trip['cost_nonmembers'], 2) . ' | Pensioner Members: R ' . number_format($trip['cost_pensioner_member'], 2) . ' | Pensioners: R ' . number_format($trip['cost_pensioner'], 2) . '
</p>
<div class="destination-footer">
<div class="btn-group" style="display:flex; justify-content:flex-end; gap:10px;">
<a href="manage_trips?trip_id=' . $trip['trip_id'] . '" data-bs-toggle="tooltip" data-bs-placement="top" title="Edit"><span class="material-icons">edit</span></a>
<button type="button" class="toggle-publish" data-trip-id="' . $trip['trip_id'] . '" data-bs-toggle="tooltip" data-bs-placement="top" title="' . ($trip['published'] == 1 ? 'Unpublish' : 'Publish') . '" style="background:none; border:none; cursor:pointer; color:inherit;"><span class="material-icons">' . ($trip['published'] == 1 ? 'cloud_off' : 'cloud_upload') . '</span></button>
<button type="button" class="delete-trip" data-trip-id="' . $trip['trip_id'] . '" data-bs-toggle="tooltip" data-bs-placement="top" title="Delete" style="background:none; border:none; cursor:pointer; color:inherit;"><span class="material-icons">delete</span></button>
</div>
</div>
</div>
</div>
';
}
echo '</div>';
} else {
echo "<div class=\"no-trips\"><p>No trips found. <a href=\"manage_trips\">Create one</a></p></div>";
}
?>
</div>
</div>
</div>
<div class="tab-content">
<?php
// Events management content (adapted from admin_events.php)
$events_query = "
SELECT
event_id, name, type, location, date, image, published
FROM events
ORDER BY date DESC
";
$result = $conn->query($events_query);
$events = [];
if ($result && $result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
$events[] = $row;
}
}
?>
<div class="row">
<div class="col-lg-12">
<div style="display: flex; justify-content: space-between; align-items: center; margin-bottom: 30px;">
<h2 style="margin: 0;">Manage Events</h2>
<a href="manage_events" class="theme-btn create-album-btn">
<i class="far fa-plus"></i> New Event
</a>
</div>
<?php if (count($events) > 0) {
echo '<input type="text" class="filter-input" placeholder="Filter events...">';
echo '<div class="events-container" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">';
foreach ($events as $event) {
$eventImagePath = $event['image'] ? htmlspecialchars($event['image']) : 'assets/images/placeholder.jpg';
$publishStatusBadge = $event['published'] == 1 ? 'PUBLISHED' : 'DRAFT';
echo '
<div class="destination-item style-three bgc-lighter booking" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">
<div class="image" style="width:300px;height:250px;">
<img src="' . $eventImagePath . '" alt="' . htmlspecialchars($event['name']) . '">
</div>
<div class="content" style="width:100%;">
<div class="destination-header d-flex align-items-start gap-3">
<div>
<span class="badge bg-dark mb-1">' . strtoupper($publishStatusBadge) . '</span>
<h5 class="mb-0">' . htmlspecialchars($event['name']) . '</h5>
<small class="text-muted">📍 ' . htmlspecialchars($event['location']) . '</small>
</div>
</div>
<p style="margin: 10px 0;">
<strong>Type:</strong> ' . htmlspecialchars($event['type']) . '<br>
<strong>Date:</strong> ' . convertDate($event['date']) . '
</p>
<div class="destination-footer">
<div class="btn-group" style="display:flex; justify-content:flex-end; gap:10px;">
<a href="manage_events?event_id=' . $event['event_id'] . '" data-bs-toggle="tooltip" data-bs-placement="top" title="Edit"><span class="material-icons">edit</span></a>
<button type="button" class="toggle-publish" data-event-id="' . $event['event_id'] . '" data-bs-toggle="tooltip" data-bs-placement="top" title="' . ($event['published'] == 1 ? 'Unpublish' : 'Publish') . '" style="background:none; border:none; cursor:pointer; color:inherit;"><span class="material-icons">' . ($event['published'] == 1 ? 'cloud_off' : 'cloud_upload') . '</span></button>
<button type="button" class="delete-event" data-event-id="' . $event['event_id'] . '" data-bs-toggle="tooltip" data-bs-placement="top" title="Delete" style="background:none; border:none; cursor:pointer; color:inherit;"><span class="material-icons">delete</span></button>
</div>
</div>
</div>
</div>
';
}
echo '</div>';
} else {
echo '<div class="no-events"><p>No events found. <a href="manage_events">Create one</a></p></div>';
}
?>
</div>
</div>
</div>
<div class="tab-content">
<?php
// Courses management content (adapted from admin_courses.php)
$courses_query = "
SELECT
course_id, course_type, date, capacity, booked, cost_members, cost_nonmembers, instructor, instructor_email, code
FROM courses
ORDER BY date DESC
";
$result = $conn->query($courses_query);
$courses = [];
if ($result && $result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
$courses[] = $row;
}
}
?>
<div class="row">
<div class="col-lg-12">
<div style="display: flex; justify-content: space-between; align-items: center; margin-bottom: 30px;">
<h2 style="margin: 0;">Manage Courses</h2>
<a href="manage_courses" class="theme-btn create-album-btn">
<i class="far fa-plus"></i> New Course
</a>
</div>
<?php if (isset($_SESSION['message'])): ?>
<div class="alert alert-warning message-box">
<?php echo $_SESSION['message']; ?>
<span class="close-btn" onclick="this.parentElement.style.display='none'">&times;</span>
</div>
<?php unset($_SESSION['message']);
endif; ?>
<?php if (count($courses) > 0): ?>
<input type="text" class="filter-input" placeholder="Filter courses...">
<div class="courses-container" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">
<?php foreach ($courses as $course):
$available = intval($course['capacity']) - intval($course['booked']);
$type_label = strtoupper($course['course_type']);
if ($course['course_type'] == 'driver_training') {
$type_label = 'Driver Training';
} elseif ($course['course_type'] == 'bush_mechanics') {
$type_label = 'Bush Mechanics';
} elseif ($course['course_type'] == 'rescue_recovery') {
$type_label = 'Rescue & Recovery';
} elseif ($course['course_type'] == 'ladies_driver_training') {
$type_label = 'Ladies Driver Training';
}
?>
<div class="destination-item style-three bgc-lighter booking" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">
<div class="content" style="width:100%;">
<div class="destination-header d-flex align-items-start gap-3">
<div>
<h5 class="mb-0"><?php echo $type_label; ?></h5>
<small class="text-muted"><?php echo htmlspecialchars($course['course_type']); ?> — <?php echo date('M d, Y', strtotime($course['date'])); ?></small><br>
<small class="text-muted"><?php echo $course['code'] ? 'Code: ' . htmlspecialchars($course['code']) : ''; ?></small>
</div>
</div>
<p style="margin: 10px 0;">
<strong>Instructor:</strong> <?php echo htmlspecialchars($course['instructor']); ?> (<?php echo htmlspecialchars($course['instructor_email']); ?>)<br>
<strong>Capacity:</strong> <?php echo intval($course['booked']); ?> / <?php echo intval($course['capacity']); ?> &nbsp; <strong>Available:</strong> <?php echo $available; ?><br>
<strong>Costs:</strong> Members: R <?php echo number_format($course['cost_members'],2); ?> | Non-Members: R <?php echo number_format($course['cost_nonmembers'],2); ?>
</p>
<div class="destination-footer">
<div class="btn-group" style="display:flex; justify-content:flex-end; gap:10px;">
<a href="manage_courses?course_id=<?php echo $course['course_id']; ?>" data-bs-toggle="tooltip" data-bs-placement="top" title="Edit"><span class="material-icons">edit</span></a>
<button type="button" class="delete-course" data-course-id="<?php echo $course['course_id']; ?>" data-bs-toggle="tooltip" data-bs-placement="top" title="Delete" style="background:none; border:none; cursor:pointer; color:inherit;"><span class="material-icons">delete</span></button>
</div>
</div>
</div>
</div>
<?php endforeach; ?>
</div>
<?php else: ?>
<div class="no-courses">
<p>No courses found. <a href="manage_courses">Create one</a></p>
</div>
<?php endif; ?>
</div>
</div>
</div>
<div class="tab-content">
<?php
// Blogs management content (adapted from src/admin/admin_blogs.php)
$posts = [];
if ($conn) {
$stmt = $conn->prepare("SELECT b.blog_id, b.title, b.description, b.status, b.date, b.image, CONCAT(u.first_name, ' ', u.last_name) AS author_name, u.email AS author_email, u.profile_pic FROM blogs b JOIN users u ON b.author = u.user_id WHERE b.status = 'published' ORDER BY b.date DESC");
if ($stmt) {
$stmt->execute();
$res = $stmt->get_result();
if ($res && $res->num_rows > 0) {
while ($r = $res->fetch_assoc()) $posts[] = $r;
}
}
}
?>
<div class="row">
<div class="col-lg-12">
<div style="display:flex; justify-content:space-between; align-items:center; margin-bottom:30px;">
<h2 style="margin:0;">Manage Blogs</h2>
<a href="blog_create" class="theme-btn create-album-btn"><i class="far fa-plus"></i> New Blog</a>
</div>
<?php if (count($posts) > 0): ?>
<input type="text" class="filter-input" placeholder="Filter blogs...">
<div class="blogs-container" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">
<?php foreach ($posts as $post):
$coverImage = $post['image'] ? $post['image'] : 'assets/images/placeholder.jpg';
?>
<div class="destination-item style-three bgc-lighter booking" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">
<div class="image" style="width:200px;height:200px;">
<img src="<?php echo htmlspecialchars($coverImage); ?>" alt="<?php echo htmlspecialchars($post['title']); ?>">
</div>
<div class="content" style="width:100%;">
<div class="destination-header d-flex align-items-start gap-3">
<img src="<?php echo htmlspecialchars($post['profile_pic'] ?? 'assets/images/placeholder.jpg'); ?>" alt="Author" class="rounded-circle border" width="80" height="80">
<div>
<span class="badge bg-dark mb-1"><?php echo $post['status'] == 1 || $post['status'] === 'published' ? 'PUBLISHED' : 'DRAFT'; ?></span>
<h5 class="mb-0"><?php echo htmlspecialchars($post['title']); ?></h5>
<small class="text-muted"><?php echo htmlspecialchars($post['author_name']); ?></small>
</div>
</div>
<p><?php echo htmlspecialchars($post['description']); ?></p>
<div class="destination-footer">
<div class="btn-group" style="display:flex; justify-content:flex-end; gap:10px;">
<a href="blog_edit.php?token=<?php echo encryptData($post['blog_id'], $salt); ?>" data-bs-toggle="tooltip" data-bs-placement="top" title="Edit"><span class="material-icons">edit</span></a>
<a href="blog_read.php?token=<?php echo encryptData($post['blog_id'], $salt); ?>" data-bs-toggle="tooltip" data-bs-placement="top" title="Preview"><span class="material-icons">visibility</span></a>
<button type="button" class="publish-btn" data-blog-id="<?php echo $post['blog_id']; ?>" data-status="<?php echo htmlspecialchars($post['status']); ?>" data-bs-toggle="tooltip" data-bs-placement="top" title="Publish/Unpublish" style="background:none; border:none; cursor:pointer; color:inherit;"><span class="material-icons"><?php echo ($post['status'] == 1 || $post['status'] === 'published') ? 'cloud_off' : 'cloud_upload'; ?></span></button>
<a href="blog_delete.php?token=<?php echo encryptData($post['blog_id'], $salt); ?>" data-bs-toggle="tooltip" data-bs-placement="top" title="Delete"><span class="material-icons">delete</span></a>
</div>
</div>
</div>
</div>
<?php endforeach; ?>
</div>
<?php else: ?>
<div class="no-blogs"><p>No blogs found. <a href="manage_blogs">Create one</a></p></div>
<?php endif; ?>
</div>
</div>
<script>
document.addEventListener("DOMContentLoaded", function() {
const filterInput = document.querySelector('.filter-input');
const cards = document.querySelectorAll('.destination-item');
if (cards.length === 0 && filterInput) filterInput.style.display = "none";
else if (filterInput) {
filterInput.addEventListener('input', function() {
const filterValue = filterInput.value.trim().toLowerCase();
cards.forEach(card => {
const cardText = card.textContent.trim().toLowerCase();
card.style.display = cardText.includes(filterValue) ? "" : "none";
});
});
}
// Tooltips
const tooltipTriggerList = document.querySelectorAll('[data-bs-toggle="tooltip"]');
tooltipTriggerList.forEach(el => new bootstrap.Tooltip(el));
// Publish/unpublish
document.querySelectorAll('.publish-btn').forEach(btn => {
btn.addEventListener('click', function() {
const blogId = this.dataset.blogId;
const status = this.dataset.status;
const endpoint = (status == 1 || status === 'published') ? 'blog_unpublish' : 'publish_blog';
const formData = new FormData(); formData.append('id', blogId);
fetch(endpoint, { method: 'POST', body: formData })
.then(r => r.json())
.then(data => { if (data.status === 'success') location.reload(); else alert('Action failed'); })
.catch(()=> alert('Network error'));
});
});
});
</script>
</div>
</div>
</div>
</section>
<?php include_once($rootPath . '/components/insta_footer.php'); ?>

221
src/admin/manage_courses.php Normal file
View File

@@ -0,0 +1,221 @@
<?php
$headerStyle = 'light';
$rootPath = dirname(dirname(__DIR__));
include_once($rootPath . '/header.php');
checkAdmin();
$course_id = $_GET['course_id'] ?? null;
$course = null;
// If editing an existing course, fetch its data
if ($course_id) {
$stmt = $conn->prepare("SELECT * FROM courses WHERE course_id = ?");
$stmt->bind_param("i", $course_id);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows > 0) {
$course = $result->fetch_assoc();
}
$stmt->close();
}
?>
<?php
$pageTitle = $course ? 'Edit Course' : 'Create New Course';
$breadcrumbs = [['Home' => 'index'], ['Admin' => 'admin_courses'], [$pageTitle => '']];
require_once($rootPath . '/components/banner.php');
?>
<!-- Course Manager Area start -->
<section class="trip-manager-area py-100 rel z-1">
<div class="container">
<div class="row">
<div class="col-lg-12">
<div class="comment-form bgc-lighter z-1 rel mb-30 rmb-55">
<form id="courseForm" method="POST" action="process_course">
<input type="hidden" name="csrf_token" value="<?php echo generateCSRFToken(); ?>">
<?php if ($course): ?>
<input type="hidden" name="course_id" value="<?php echo $course['course_id']; ?>">
<?php endif; ?>
<div class="section-title py-20">
<h2><?php echo $course ? 'Edit Course: ' . htmlspecialchars($course['code'] ?: $course['course_type']) : 'Create New Course'; ?></h2>
<div id="responseMessage"></div>
</div>
<div class="row mt-35">
<div class="col-md-6">
<div class="form-group">
<label for="course_type">Course Type *</label>
<select id="course_type" name="course_type" class="form-control" required>
<?php
$types = ['driver_training' => 'Driver Training', 'bush_mechanics' => 'Bush Mechanics', 'rescue_recovery' => 'Rescue & Recovery', 'ladies_driver_training' => 'Ladies Driver Training'];
foreach ($types as $key => $label) {
$sel = ($course && $course['course_type'] === $key) ? 'selected' : '';
echo "<option value=\"$key\" $sel>$label</option>";
}
?>
</select>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="code">Course Code</label>
<input type="text" id="code" name="code" class="form-control" maxlength="12" value="<?php echo $course ? htmlspecialchars($course['code']) : ''; ?>" placeholder="Optional code e.g., CRSE001" data-manual="0">
<small class="form-text text-muted">Auto-generated from type + date (you can edit manually)</small>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="date">Date *</label>
<input type="date" id="date" name="date" class="form-control" value="<?php echo $course ? $course['date'] : ''; ?>" required>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="capacity">Capacity *</label>
<input type="number" id="capacity" name="capacity" class="form-control" min="1" value="<?php echo $course ? intval($course['capacity']) : ''; ?>" required>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="cost_members">Member Cost (R) *</label>
<input type="number" id="cost_members" name="cost_members" class="form-control" step="0.01" min="0" value="<?php echo $course ? $course['cost_members'] : ''; ?>" required>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="cost_nonmembers">Non-Member Cost (R) *</label>
<input type="number" id="cost_nonmembers" name="cost_nonmembers" class="form-control" step="0.01" min="0" value="<?php echo $course ? $course['cost_nonmembers'] : ''; ?>" required>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="instructor">Instructor *</label>
<input type="text" id="instructor" name="instructor" class="form-control" value="<?php echo $course ? htmlspecialchars($course['instructor']) : ''; ?>" required>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="instructor_email">Instructor Email</label>
<input type="email" id="instructor_email" name="instructor_email" class="form-control" value="<?php echo $course ? htmlspecialchars($course['instructor_email']) : ''; ?>">
</div>
</div>
<div class="col-md-12 mt-20">
<div class="form-group mb-0">
<button type="submit" class="theme-btn style-two" style="width:100%;">
<?php echo $course ? 'Update Course' : 'Create Course'; ?>
</button>
</div>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</section>
<!-- Course Manager Area end -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script>
<script>
$(document).ready(function() {
$('#courseForm').on('submit', function(event) {
event.preventDefault();
var formData = $(this).serialize();
$.ajax({
url: 'process_course',
type: 'POST',
data: formData,
dataType: 'json',
success: function(response) {
if (response.status === 'success') {
$('#responseMessage').html('<div class="alert alert-success">' + response.message + '</div>');
setTimeout(function() {
window.location.href = 'admin_courses';
}, 1200);
} else {
$('#responseMessage').html('<div class="alert alert-danger">' + response.message + '</div>');
}
},
error: function(xhr, status, error) {
console.error('AJAX Error:', error);
$('#responseMessage').html('<div class="alert alert-danger">Error creating/updating course: ' + error + '</div>');
}
});
});
});
</script>
<script>
// Auto-generate course code from type and date: ABBREVIATION_MMDD
(function(){
var typeMap = {
'driver_training': 'DRVTRN',
'bush_mechanics': 'BUSHMEC',
'rescue_recovery': 'RESREC',
'ladies_driver_training': 'LADYTRN'
};
var $type = document.getElementById('course_type');
var $date = document.getElementById('date');
var $code = document.getElementById('code');
function getMMDDFromISO(isoDate) {
if (!isoDate) return '';
// expecting YYYY-MM-DD
var parts = isoDate.split('-');
if (parts.length !== 3) return '';
return parts[1] + parts[2];
}
function generateCode() {
try {
var manual = $code.getAttribute('data-manual') === '1';
if (manual) return; // user has manually edited
var t = $type.value;
var d = $date.value;
if (!t || !d) return;
var abbr = typeMap[t] || t.toUpperCase().replace(/[^A-Z0-9]/g,'').substring(0,7);
var mmdd = getMMDDFromISO(d);
if (!mmdd) return;
var newCode = abbr + '_' + mmdd;
$code.value = newCode;
} catch (e) {
console.error('generateCode error', e);
}
}
// mark manual when user types
$code.addEventListener('input', function(){
var val = $code.value.trim();
if (val.length === 0) {
$code.setAttribute('data-manual','0');
} else {
// if value matches auto pattern for currently selected type+date, keep as auto; otherwise mark manual
var expected = '';
try { expected = (typeMap[$type.value] || $type.value.toUpperCase().replace(/[^A-Z0-9]/g,'').substring(0,7)) + '_' + ( ($date.value) ? $date.value.split('-')[1] + $date.value.split('-')[2] : '' ); } catch(e){ expected=''; }
if (val === expected) {
$code.setAttribute('data-manual','0');
} else {
$code.setAttribute('data-manual','1');
}
}
});
$type.addEventListener('change', generateCode);
$date.addEventListener('change', generateCode);
// generate on load if empty
if ($code.value.trim().length === 0) {
generateCode();
}
})();
</script>
<?php include_once($rootPath . '/components/insta_footer.php'); ?>

192
src/api/ikhokha_webhook.php
View File

@@ -4,80 +4,107 @@ $rootPath = dirname(dirname(__DIR__));
require_once($rootPath . "/src/config/env.php");
require_once($rootPath . "/src/config/connection.php");
require_once($rootPath . "/src/config/functions.php");
require_once($rootPath . "/src/helpers/notification_helper.php");
/**
* ==========================================================
* Read raw request and headers (DO NOT MODIFY RAW BODY)
* JS-equivalent escaping (matches iKhokha docs exactly)
* ==========================================================
*/
function jsStringEscape(string $str): string
{
$str = preg_replace('/([\\\\\"\'])/', '\\\\$1', $str);
$str = str_replace("\0", "\\0", $str);
return $str;
}
function createPayloadToSign(string $path, string $body): string
{
return jsStringEscape($path . $body);
}
/**
* ==========================================================
* Read raw request body (DO NOT MODIFY)
* ==========================================================
*/
$raw = file_get_contents('php://input');
if ($raw === false) {
if ($raw === false || $raw === '') {
http_response_code(400);
progress_log('iKhokha webhook: unable to read raw input');
progress_log('iKhokha webhook: empty body');
exit('No body');
}
/**
* ==========================================================
* Read headers
* ==========================================================
*/
$headers = function_exists('getallheaders') ? getallheaders() : [];
$headers = array_change_key_case($headers, CASE_LOWER);
$ikSign = $headers['ik-sign'] ?? null;
$ikAppId = $headers['ik-appid'] ?? null;
/**
* ==========================================================
* Basic header presence check
* ==========================================================
*/
if (empty($ikSign) || empty($ikAppId)) {
if (!$ikSign || !$ikAppId) {
http_response_code(400);
progress_log('iKhokha webhook: missing IK-SIGN or IK-APPID');
progress_log('iKhokha webhook: missing headers');
exit('Missing headers');
}
/**
* ==========================================================
* Signature verification
* HMAC_SHA256( path + raw_body, app_secret )
* Signature verification (JS-equivalent)
* ==========================================================
*/
$secret = $_ENV['IKHOKHA_APP_SECRET'] ?? null;
$callbackUrl = $_ENV['IKHOKHA_CALLBACK_URL'] ?? null;
$bypass = ($_ENV['IKHOKHA_BYPASS_SIGNATURE'] ?? 'false') === 'true';
if (empty($secret)) {
if (!$secret || !$callbackUrl) {
http_response_code(500);
progress_log('iKhokha webhook: app secret not configured');
exit('Server misconfigured');
}
// Debug logging (disable once stable)
progress_log('--- iKhokha WEBHOOK DEBUG ---');
progress_log('RAW BODY: ' . $raw);
progress_log('IK-SIGN: ' . $ikSign);
$callbackUrl = $_ENV['IKHOKHA_CALLBACK_URL'] ?? null;
$bypass = ($_ENV['IKHOKHA_BYPASS_SIGNATURE'] ?? 'false') === 'true';
if (!$bypass) {
if (empty($callbackUrl)) {
http_response_code(500);
progress_log('iKhokha webhook: callback URL not configured');
exit('Server misconfigured');
// Decode body so we can remove `text`
$bodyArray = json_decode($raw, true);
if (!is_array($bodyArray)) {
http_response_code(400);
exit('Invalid JSON');
}
$expected = hash_hmac(
'sha256',
$callbackUrl . $raw,
$_ENV['IKHOKHA_APP_SECRET']
);
// iKhokha JS deletes `text`
unset($bodyArray['text']);
// JS-style JSON (no escaped slashes)
$jsonBody = json_encode($bodyArray, JSON_UNESCAPED_SLASHES);
// Now sign the SAME payload JS signs
$payloadToSign = createPayloadToSign($callbackUrl, $jsonBody);
$expected = generateSignature($payloadToSign, $secret);
progress_log('JS PAYLOAD: ' . $payloadToSign);
progress_log('EXPECTED SIGN: ' . $expected);
progress_log('RECEIVED SIGN: ' . $ikSign);
if (!$bypass) {
if (!hash_equals($expected, $ikSign)) {
http_response_code(403);
progress_log('iKhokha webhook: signature mismatch');
progress_log('EXPECTED SIGN: ' . $expected);
progress_log('RECEIVED SIGN: ' . $ikSign);
if (function_exists('auditLog')) {
auditLog(null, 'IKHOKHA_SIGNATURE_MISMATCH', 'webhook', null, [
'expected' => $expected,
'received' => $ikSign
]);
}
exit('Invalid signature');
}
@@ -91,20 +118,13 @@ if (!$bypass) {
* ==========================================================
*/
$payload = json_decode($raw, true);
if (!is_array($payload)) {
http_response_code(400);
progress_log('iKhokha webhook: invalid JSON');
exit('Invalid JSON');
}
$data = $payload['data'] ?? $payload;
/**
* ==========================================================
* Extract data safely (iKhokha is inconsistent)
* Extract fields safely
* ==========================================================
*/
$data = $payload['data'] ?? $payload;
$externalTransactionID =
$data['externalTransactionID']
?? $data['externalTransactionId']
@@ -123,11 +143,11 @@ $providerStatus =
progress_log('Parsed externalTransactionID: ' . $externalTransactionID);
progress_log('Parsed providerPaymentId: ' . $providerPaymentId);
progress_log('Parsed providerStatus: ' . print_r($providerStatus, true));
progress_log('Parsed providerStatus: ' . $providerStatus);
/**
* ==========================================================
* Locate local payment
* Locate payment
* ==========================================================
*/
$localPaymentId = null;
@@ -142,16 +162,13 @@ if ($externalTransactionID) {
WHERE payment_id = ?
LIMIT 1"
);
if ($stmt) {
$stmt->bind_param('s', $externalTransactionID);
$stmt->execute();
$res = $stmt->get_result();
if ($row = $res->fetch_assoc()) {
extract($row);
$localPaymentId = $row['payment_id'];
$booking_id = $row['booking_id'];
$user_id = $row['user_id'];
$description = $row['description'];
}
$stmt->close();
}
@@ -164,16 +181,13 @@ if (!$localPaymentId && $providerPaymentId) {
WHERE provider_payment_id = ?
LIMIT 1"
);
if ($stmt) {
$stmt->bind_param('s', $providerPaymentId);
$stmt->execute();
$res = $stmt->get_result();
if ($row = $res->fetch_assoc()) {
extract($row);
$localPaymentId = $row['payment_id'];
$booking_id = $row['booking_id'];
$user_id = $row['user_id'];
$description = $row['description'];
}
$stmt->close();
}
@@ -181,8 +195,6 @@ if (!$localPaymentId && $providerPaymentId) {
if (!$localPaymentId) {
http_response_code(404);
progress_log('iKhokha webhook: payment not found');
progress_log(json_encode([$externalTransactionID, $providerPaymentId]));
exit('Payment not found');
}
@@ -213,56 +225,62 @@ if ($update) {
/**
* ==========================================================
* Normalize status and apply business logic
* Business logic
* ==========================================================
*/
$normalized = strtoupper(trim((string)$providerStatus));
if (in_array($normalized, ['PAID', 'SUCCESS', 'COMPLETED', 'SETTLED'], true)) {
// Mark payment as PAID
$setPaid = $conn->prepare(
$conn->prepare(
"UPDATE payments SET status = 'PAID' WHERE payment_id = ?"
);
if ($setPaid) {
$setPaid->bind_param('s', $localPaymentId);
$setPaid->execute();
$setPaid->close();
}
)->bind_param('s', $localPaymentId)->execute();
// Booking or membership update
if (!empty($booking_id)) {
$upd = $conn->prepare(
if ($booking_id) {
$conn->prepare(
"UPDATE bookings SET status = 'PAID' WHERE booking_id = ?"
);
if ($upd) {
$upd->bind_param('i', $booking_id);
$upd->execute();
$upd->close();
sendAdminNotification('4WDCSA.co.za - New Booking - '.getFullName($user_id) , 'We have received a payment for a new booking for '.$description.' from '.getFullName($user_id));
}
)->bind_param('i', $booking_id)->execute();
} else {
$upd = $conn->prepare(
"UPDATE membership_fees
SET payment_status = 'PAID'
WHERE payment_id = ?"
);
if ($upd) {
$upd->bind_param('s', $localPaymentId);
$upd->execute();
$upd->close();
sendAdminNotification('4WDCSA.co.za - New Membership Application - '.getFullName($user_id) , 'A new member has signed up, '.getFullName($user_id));
}
$conn->prepare(
"UPDATE membership_fees SET payment_status = 'PAID' WHERE payment_id = ?"
)->bind_param('s', $localPaymentId)->execute();
}
// Send confirmation email
if (!empty($user_id)) {
sendPaymentConfirmation(
getEmail($user_id),
getFullName($user_id),
$description
);
}
//generate $message for admin payment confirmation with payment details
$message = "Payment Confirmation\n\n";
$message .= "Payment ID: " . $localPaymentId . "\n";
$message .= "Amount: " . getPaymentAmount($localPaymentId) . "\n";
$message .= "Status: PAID\n";
$message .= "Description: " . $description . "\n";
$message .= "Thank you.\n";
$subject = "4WDCSA.co.za Payment Confirmation for Payment ID: " . $localPaymentId;
progress_log('Payment confirmation sent for payment ID: ' . $localPaymentId);
sendEmail(
$_ENV['FINANCE_EMAIL'],
$subject,
nl2br($message)
);
sendEmail(
'chrispintoza@gmail.com',
$subject,
nl2br($message)
);
sendAdminNotification($subject, nl2br($message));
$event = 'new_payment_received';
$sub_feed = 'payments';
$data = [
'actor_id' => $_SESSION['user_id'] ?? null,
'actor_avatar' => $_SESSION['profile_pic'] ?? null, // used by UI to show avatar
'title' => "New Payment Received for Payment ID: {$localPaymentId}"
];
addNotification(null, $event, $sub_feed, $data, null);
}
/**

41
src/api/notifications.php Normal file
View File

@@ -0,0 +1,41 @@
<?php
header('Content-Type: application/json');
// Ensure environment is loaded before attempting DB connection
require_once __DIR__ . '/../config/env.php';
require_once __DIR__ . '/../config/connection.php';
// helper filename uses singular in this repo: notification_helper.php
require_once __DIR__ . '/../helpers/notification_helper.php';
session_start();
$admin_id = $_SESSION['user_id'] ?? null;
$action = $_REQUEST['action'] ?? '';
if ($action === 'fetch') {
$subs = getAdminSubscriptions($admin_id);
$notes = fetchNotifications($admin_id, $subs, 50);
echo json_encode(['success' => true, 'notifications' => $notes, 'unread_count' => getUnreadCount($admin_id, $subs)]);
exit;
}
if ($action === 'mark_read') {
if (!$admin_id) { echo json_encode(['success' => false, 'error' => 'unauthenticated']); exit; }
$id = isset($_POST['id']) ? intval($_POST['id']) : 0;
if (!$id) { echo json_encode(['success' => false, 'error' => 'missing_id']); exit; }
$ok = markNotificationRead($id, $admin_id);
echo json_encode(['success' => (bool)$ok]);
exit;
}
if ($action === 'add') {
// internal use: create a notification
$target = isset($_POST['user_id']) ? intval($_POST['user_id']) : null;
$event = $_POST['event'] ?? '';
$sub_feed = $_POST['sub_feed'] ?? null;
$data = isset($_POST['data']) ? json_decode($_POST['data'], true) : [];
$target_url = $_POST['target_url'] ?? null;
$id = addNotification($target, $event, $sub_feed, $data, $target_url);
echo json_encode(['success' => (bool)$id, 'id' => $id]);
exit;
}
echo json_encode(['success' => false, 'error' => 'invalid_action']);

11
src/config/connection.php
View File

@@ -3,11 +3,12 @@
// Disable mysqli exceptions so we can handle connection errors gracefully
mysqli_report(MYSQLI_REPORT_OFF);
$dbhost = $_ENV['DB_HOST'];
$dbuser = $_ENV['DB_USER'];
$dbpass = $_ENV['DB_PASS'];
$dbname = $_ENV['DB_NAME'];
$salt = $_ENV['SALT'];
// Read from environment or fallback to getenv; keep empty string if not set to avoid PHP warnings
$dbhost = $_ENV['DB_HOST'] ?? getenv('DB_HOST') ?? '';
$dbuser = $_ENV['DB_USER'] ?? getenv('DB_USER') ?? '';
$dbpass = $_ENV['DB_PASS'] ?? getenv('DB_PASS') ?? '';
$dbname = $_ENV['DB_NAME'] ?? getenv('DB_NAME') ?? '';
$salt = $_ENV['SALT'] ?? getenv('SALT') ?? '';
// echo "hello. ". $dbhost;

236
src/config/functions.php
View File

@@ -29,6 +29,106 @@ function openDatabaseConnection()
return $conn;
}
//function to determine whether membership_end_date is within 3 months from current date where user_id = ?, if so return true, else false
function isMembershipExpiringSoon($user_id)
{
$conn = openDatabaseConnection();
if ($conn === null) {
return false;
}
$stmt = $conn->prepare("SELECT membership_end_date FROM membership_fees WHERE user_id = ? LIMIT 1");
if (!$stmt) {
$conn->close();
return false;
}
$stmt->bind_param('i', $user_id);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows === 0) {
$stmt->close();
$conn->close();
return false;
}
$row = $result->fetch_assoc();
$membership_end_date = new DateTime($row['membership_end_date']);
$current_date = new DateTime();
$interval = $current_date->diff($membership_end_date);
$stmt->close();
$conn->close();
return ($interval->days <= 90 && $membership_end_date > $current_date);
}
function normalizeName($name) {
$name = strtolower($name);
$name = preg_replace("/[^a-z\s]/", "", $name); // remove punctuation
$name = preg_replace("/\s+/", " ", $name); // normalize spaces
return trim($name);
}
// function to checkif first name + last name matches names in an array. names may have slight variations or spelling mistakes.
function validateHonoraryMemberName($first_name, $last_name)
{
$honorary_names = [
"robin hood",
"marc rademaker",
"clive robinson",
"joern kuebler",
"maurice compton",
"jenny cole",
"geoff joubert",
"alan exton",
"dave bell",
"karl hoffman",
"gerald obrian"
// Add more honorary member names as needed
];
$full_name = normalizeName($first_name . ' ' . $last_name);
$full_name = strtolower($full_name);
foreach ($honorary_names as $name) {
similar_text($full_name, strtolower(normalizeName($name)), $percent);
if ($percent >= 80) { // 80% similarity threshold
return true;
}
}
return false;
}
//get membership_type from membership_applications table for user_id = ?
function getMembershipType($user_id)
{
$conn = openDatabaseConnection();
if ($conn === null) {
return null;
}
$stmt = $conn->prepare("SELECT membership_type FROM membership_applications WHERE user_id = ? ORDER BY id DESC LIMIT 1");
if (!$stmt) {
$conn->close();
return null;
}
$stmt->bind_param('i', $user_id);
$stmt->execute();
$stmt->bind_result($membership_type);
if ($stmt->fetch()) {
$stmt->close();
$conn->close();
return $membership_type;
} else {
$stmt->close();
$conn->close();
return null;
}
}
function progress_log($message, $context = null)
{
try {
@@ -858,6 +958,45 @@ function createIkhokhaPayment($payment_id, $amount, $description, $publicRef)
return $resp;
}
function getIkhokhaTransactionHistory($startDate, $endDate,)
{
// Base requester URL: prefer explicit env var, otherwise build from request
$endpoint = "https://api.ikhokha.com/public-api/v1/api/payments/history?startDate=".$startDate."&endDate=".$endDate;
// $endpoint = "https://api.ikhokha.com/public-api/v1/api/payments/history?startDate=2024-02-01&endDate=2026-03-07";
$appID = $_ENV['IKHOKHA_APP_ID'];
progress_log($appID, "IKHOKHA App ID");
$appSecret = $_ENV['IKHOKHA_APP_SECRET'];
// $stringifiedBody = json_encode($requestBody);
$payloadToSign = createPayloadToSign($endpoint, null);
progress_log($payloadToSign, "IKHOKHA Payload to Sign");
$ikSign = generateSignature($payloadToSign, $appSecret);
progress_log($ikSign, "IKHOKHA Signature");
// Initialize cURL session
$ch = curl_init($endpoint);
// Set cURL options
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
// curl_setopt($ch, CURLOPT_POSTFIELDS, $stringifiedBody);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
"Content-Type: application/json",
"IK-APPID: $appID",
"IK-SIGN: $ikSign"
]);
// Execute cURL session
$response = curl_exec($ch);
curl_close($ch);
// Decode and output the response
$resp = json_decode($response, true);
return $response;
}
function escapeString($str) {
$escaped = preg_replace(['/[\\"\'\"]/u', '/\x00/'], ['\\\\$0', '\\0'], (string)$str);
$cleaned = str_replace('\/', '/', $escaped);
@@ -879,6 +1018,20 @@ function generateSignature($payloadToSign, $secret) {
return hash_hmac('sha256', $payloadToSign, $secret);
}
function getPaymentAmount($localPaymentId) {
$conn = openDatabaseConnection();
$stmt = $conn->prepare("SELECT amount FROM payments WHERE payment_id = ? LIMIT 1");
$stmt->bind_param("s", $localPaymentId);
$stmt->execute();
$result = $stmt->get_result();
if ($row = $result->fetch_assoc()) {
return $row['amount'];
} else {
return false; // Payment not found
}
}
function processMembershipPayment($payment_id, $amount, $description)
{
$conn = openDatabaseConnection();
@@ -1467,6 +1620,89 @@ function getInitialSurname($user_id)
}
}
function generatePaymentRef(string $type, ?int $course_trip_id, int $user_id): string
{
$conn = openDatabaseConnection();
// 1. Normalize type
$type = strtoupper($type);
// 2. Build prefix
switch ($type) {
case 'SUBS':
$year = (int)date('Y');
$month = (int)date('n');
// If December, subscriptions are for next year
if ($month === 12) {
$year++;
}
$prefix = "SUBS_" . $year;
break;
case 'COURSE':
if (!$course_trip_id) {
throw new Exception("course_trip_id is required for COURSE payments");
}
$stmt = $conn->prepare(
"SELECT code FROM courses WHERE course_id = ?"
);
$stmt->bind_param("i", $course_trip_id);
$stmt->execute();
$stmt->bind_result($code);
if (!$stmt->fetch()) {
throw new Exception("Invalid course_id: {$course_trip_id}");
}
$stmt->close();
$prefix = "COURSE_" . strtoupper($code);
break;
case 'TRIP':
if (!$course_trip_id) {
throw new Exception("course_trip_id is required for TRIP payments");
}
$stmt = $conn->prepare(
"SELECT trip_code FROM trips WHERE trip_id = ?"
);
$stmt->bind_param("i", $course_trip_id);
$stmt->execute();
$stmt->bind_result($trip_code);
if (!$stmt->fetch()) {
throw new Exception("Invalid trip_id: {$course_trip_id}");
}
$stmt->close();
$prefix = "TRIP_" . strtoupper($trip_code);
break;
default:
throw new Exception("Unknown payment type: {$type}");
}
// 3. Get user initials + surname
$namePart = strtoupper(getInitialSurname($user_id));
if (!$namePart) {
throw new Exception("User not found for user_id: {$user_id}");
}
// 4. Add short entropy (trimmed for aesthetics)
$entropy = substr(shortEntropy(), -3);
return "{$prefix}_{$namePart}_{$entropy}";
}
function shortEntropy(): string {
return strtoupper(base_convert((string)(microtime(true) * 1000), 10, 36));
}
function getLastName($user_id)
{
$conn = openDatabaseConnection();

151
src/helpers/notification_helper.php Normal file
View File

@@ -0,0 +1,151 @@
<?php
// Notifications helper
require_once __DIR__ . '/../config/env.php';
require_once __DIR__ . '/../config/connection.php';
require_once __DIR__ . '/../../classes/DatabaseService.php';
function addNotification($target_user_id, $event, $sub_feed = null, $data = [], $target_url = null) {
global $db, $conn;
if (!isset($db) && isset($conn)) {
$db = new DatabaseService($conn);
}
$ds = $db;
if (!$ds) {
// Try to initialize DatabaseService if connection exists
if (isset($conn) && $conn) {
$ds = new DatabaseService($conn);
} else {
// No DB available
return false;
}
}
$data_json = $data ? json_encode($data) : null;
$read_by_json = json_encode([]);
$query = "INSERT INTO notifications (user_id, event, sub_feed, data, target_url, read_by) VALUES (?,?,?,?,?,?)";
return $ds->insert($query, [$target_user_id, $event, $sub_feed, $data_json, $target_url, $read_by_json], "isssss");
}
function fetchNotifications($admin_user_id = null, $subscriptions = [], $limit = 50) {
global $db, $conn;
if (!isset($db) && isset($conn)) {
$db = new DatabaseService($conn);
}
$ds = $db;
if (!$ds) {
if (isset($conn) && $conn) {
$ds = new DatabaseService($conn);
} else {
// No DB available — return empty list to avoid fatal error
return [];
}
}
$params = [];
$types = "";
$sql = "SELECT * FROM notifications";
$where = [];
// Admin-only: fetch notifications targeted to admins (user_id IS NULL) or global, or specifically to an admin
if ($admin_user_id) {
$where[] = "(user_id IS NULL OR user_id = ?)";
$params[] = $admin_user_id;
$types .= "i";
}
if (!empty($subscriptions)) {
// build IN (...) list safely by placeholders
$placeholders = implode(',', array_fill(0, count($subscriptions), '?'));
$where[] = "(sub_feed IN ($placeholders))";
foreach ($subscriptions as $s) { $params[] = $s; $types .= "s"; }
}
if (!empty($where)) {
$sql .= " WHERE " . implode(' AND ', $where);
}
$sql .= " ORDER BY time_created DESC LIMIT ?";
$params[] = $limit; $types .= "i";
$results = $ds->select($sql, $params, $types);
if ($results === false) {
// Query error - return empty list so UI doesn't break
return [];
}
// decode data JSON and include read_by as array
$filtered = [];
foreach ($results as $r) {
$r['data'] = $r['data'] ? json_decode($r['data'], true) : null;
$r['read_by'] = $r['read_by'] ? json_decode($r['read_by'], true) : [];
if (!is_array($r['read_by'])) $r['read_by'] = [];
// If admin_user_id is provided, skip notifications this admin already read
if ($admin_user_id && in_array((int)$admin_user_id, $r['read_by'])) {
continue;
}
$filtered[] = $r;
}
return $filtered;
}
function markNotificationRead($id, $admin_user_id) {
global $conn;
if (!$id || !$admin_user_id) return false;
if (!isset($conn) || !$conn) return false;
$stmt = $conn->prepare("SELECT read_by FROM notifications WHERE id = ? LIMIT 1");
$stmt->bind_param("i", $id);
$stmt->execute();
$stmt->bind_result($read_by_json);
$found = $stmt->fetch();
$stmt->close();
if (!$found) return false;
$read_by = $read_by_json ? json_decode($read_by_json, true) : [];
if (!is_array($read_by)) $read_by = [];
if (!in_array($admin_user_id, $read_by)) {
$read_by[] = (int)$admin_user_id;
$new_json = json_encode(array_values($read_by));
$u = $conn->prepare("UPDATE notifications SET read_by = ? WHERE id = ?");
$u->bind_param("si", $new_json, $id);
$res = $u->execute();
$u->close();
return $res;
}
return true;
}
function getUnreadCount($admin_user_id, $subscriptions = []) {
global $conn;
if (!isset($conn) || !$conn) return 0;
$sql = "SELECT id, read_by, sub_feed FROM notifications";
$where = [];
$params = [];
$types = "";
if ($admin_user_id) {
$where[] = "(user_id IS NULL OR user_id = ?)"; $params[] = $admin_user_id; $types .= "i";
}
if (!empty($subscriptions)) {
$placeholders = implode(',', array_fill(0, count($subscriptions), '?'));
$where[] = "(sub_feed IN ($placeholders))";
foreach ($subscriptions as $s) { $params[] = $s; $types .= "s"; }
}
if (!empty($where)) $sql .= " WHERE " . implode(' AND ', $where);
$sql .= " ORDER BY time_created DESC";
$stmt = $conn->prepare($sql);
if ($types) {
// bind params dynamically
$refs = [];
$refs[] = &$types;
foreach ($params as $k => $v) { $refs[] = &$params[$k]; }
call_user_func_array([$stmt, 'bind_param'], $refs);
}
$stmt->execute();
$res = $stmt->get_result();
$count = 0;
while ($row = $res->fetch_assoc()) {
$read_by = $row['read_by'] ? json_decode($row['read_by'], true) : [];
if (!is_array($read_by)) $read_by = [];
if (!in_array((int)$admin_user_id, $read_by)) $count++;
}
$stmt->close();
return $count;
}
function getAdminSubscriptions($admin_user_id) {
// Placeholder: by default return empty array (all sub_feeds). Implement subscription table later.
return [];
}

2
src/logs/db_errors.log
View File

File diff suppressed because one or more lines are too long

165
src/pages/blog/admin_blogs.php
View File

@@ -1,165 +0,0 @@
<?php
$rootPath = dirname(dirname(dirname(__DIR__)));
require_once($rootPath . "/src/config/env.php");
require_once($rootPath . "/src/config/connection.php");
require_once($rootPath . "/src/config/functions.php");
require_once($rootPath . "/header.php");
checkAdmin();
checkUserSession();
$pageTitle = 'Manage Blog Posts';
$breadcrumbs = [['Home' => 'index']];
require_once($rootPath . '/components/banner.php');
$result = $conn->prepare("
SELECT
b.blog_id,
b.title,
b.description,
b.status,
b.date,
b.image,
CONCAT(u.first_name, ' ', u.last_name) AS author_name,
u.email AS author_email,
u.profile_pic
FROM blogs b
JOIN users u ON b.author = u.user_id
WHERE b.status = 'published'
ORDER BY b.date DESC
");
$result->execute();
$posts = $result->get_result();
?>
<style>
.image {
width: 400px;
/* Set your desired width */
height: 350px;
/* Set your desired height */
overflow: hidden;
/* Hide any overflow */
display: block;
/* Ensure proper block behavior */
}
.image img {
width: 100%;
/* Image scales to fill the container */
height: 100%;
/* Image scales to fill the container */
object-fit: cover;
/* Fills the container while maintaining aspect ratio */
object-position: top;
/* Aligns the top of the image with the top of the container */
display: block;
/* Prevents inline whitespace issues */
}
</style>
<?php
$bannerFolder = 'assets/images/banners/';
$bannerImages = glob($bannerFolder . '*.{jpg,jpeg,png,webp}', GLOB_BRACE);
?>
<!-- Blog List Area start -->
<section class="blog-list-page py-100 rel z-1">
<div class="container">
<div class="row">
<div class="col-lg-12">
<h2>Manage Blog Posts</h2>
<?php if (isset($_SESSION['message'])): ?>
<div class="alert alert-warning message-box">
<?php echo $_SESSION['message']; ?>
<span class="close-btn" onclick="this.parentElement.style.display='none'">&times;</span>
</div>
<?php unset($_SESSION['message']); ?>
<?php endif; ?>
<a href="blog_create.php">+ New Post</a>
<?php while ($post = $posts->fetch_assoc()):
// Determine cover image - use provided image or fallback placeholder
$coverImage = $post["image"] ? $post["image"] : 'assets/images/placeholder.jpg';
// Output the HTML structure with dynamic data
echo '
<div class="destination-item style-three bgc-lighter booking" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">
<div class="image" style="width:200px;height:200px;">
<img src="' . htmlspecialchars($coverImage) . '" alt="' . htmlspecialchars($post["title"]) . '">
</div>
<div class="content" style="width:100%;">
<div class="destination-header d-flex align-items-start gap-3">
<img src="' . $post["profile_pic"] . '" alt="Author" class="rounded-circle border" width="80" height="80">
<div>
<span class="badge bg-dark mb-1">' . strtoupper($post["status"]) . '</span>
<h5 class="mb-0">' . $post["title"] . '</h5>
<small class="text-muted">' . $post["author_name"] . '</small>
</div>
</div>
<p>' . $post["description"] . '</p>
<div class="destination-footer">
<div class="btn-group" style="display:flex; justify-content:flex-end; gap:10px;">
<a href="blog_edit.php?token=' . encryptData($post["blog_id"], $salt) . '" data-bs-toggle="tooltip" data-bs-placement="top" title="Edit"><span class="material-icons">edit</span></a>
<a href="blog_read.php?token=' . encryptData($post["blog_id"], $salt) . '" data-bs-toggle="tooltip" data-bs-placement="top" title="Preview"><span class="material-icons">visibility</span></a>
<button type="button" class="publish-btn" data-blog-id="' . $post["blog_id"] . '" data-status="' . $post["status"] . '" data-bs-toggle="tooltip" data-bs-placement="top" title="' . ($post["status"] == "published" ? "Unpublish" : "Publish") . '" style="background:none; border:none; cursor:pointer; color:inherit;"><span class="material-icons">' . ($post["status"] == "published" ? "cloud_off" : "cloud_upload") . '</span></button>
<a href="blog_delete.php?token=' . encryptData($post["blog_id"], $salt) . '" data-bs-toggle="tooltip" data-bs-placement="top" title="Delete"><span class="material-icons">delete</span></a>
</div>
</div>
</div>
</div>
';
endwhile; ?>
</div>
</div>
</div>
</section>
<!-- Blog List Area end -->
<script>
const tooltipTriggerList = document.querySelectorAll('[data-bs-toggle="tooltip"]');
tooltipTriggerList.forEach(el => new bootstrap.Tooltip(el));
// Handle publish/unpublish button clicks
document.querySelectorAll('.publish-btn').forEach(btn => {
btn.addEventListener('click', function() {
const blogId = this.dataset.blogId;
const status = this.dataset.status;
const action = status === 'published' ? 'unpublish' : 'publish';
const endpoint = status === 'published' ? 'blog_unpublish' : 'publish_blog';
const formData = new FormData();
formData.append('id', blogId);
fetch(endpoint, {
method: 'POST',
body: formData
})
.then(response => {
if (response.ok) {
alert(action.charAt(0).toUpperCase() + action.slice(1) + ' successful!');
location.reload();
} else {
alert(action + ' failed.');
console.error('Error:', response.statusText);
}
})
.catch(err => {
console.error('Error:', err);
alert(action + ' failed due to network error.');
});
});
});
</script>
<?php include_once($rootPath . '/components/insta_footer.php'); ?>

5
src/pages/bookings/bookings.php
View File

@@ -114,6 +114,7 @@ $user_id = $_SESSION['user_id'];
// Loop through each row
while ($row = $result->fetch_assoc()) {
$booking_id = $row['booking_id'];
$payment_id = $row['payment_id'];
$booking_type = $row['booking_type'];
$from_date = $row['from_date'];
$to_date = $row['to_date'];
@@ -267,8 +268,8 @@ $user_id = $_SESSION['user_id'];
<div class="destination-footer">
<span class="price"><span>Booking Total: R ' . number_format($amount, 2) . '</span></span>';
if ($status == "AWAITING PAYMENT") {
echo '<a href="' . url('payment_confirmation') . '?token=' . encryptData($booking_id, $salt) . '" class="theme-btn style-two style-three">
<span data-hover="PAYMENT INFO">' . $status . '</span>
echo '<a href="' . getPaymentLinkByPaymentId($payment_id) . '" class="theme-btn style-two style-three">
<span data-hover="PAY NOW">' . $status . '</span>
</a>';
} else {
echo '<a href="" class="theme-btn style-two style-three">

5
src/pages/bookings/driver_training.php
View File

@@ -177,7 +177,7 @@ $page_id = 'driver_training';
</div>
<input type="hidden" name="csrf_token" value="<?php echo generateCSRFToken(); ?>">
<?php
$button_text = "Book Now";
$button_text = "PROCEED TO PAYMENT";
$button_disabled = "";
if (!$result || $result->num_rows == 0) {
$button_text = "No booking dates available";
@@ -189,8 +189,9 @@ $page_id = 'driver_training';
<i class="fal fa-arrow-right"></i>
</button>
<div class="text-center">
<a href="contact">Need some help?</a>
<a href="contact">You will be redirected to iKhokha's Secure payment gateway.</a>
</div>
<img src="assets/images/logos/ikhokha.png"alt="Secure Payment Badges" style="max-width: 200px; display: block; margin: 10px auto 0;">
</form>
</div>

5
src/pages/bookings/trip-details.php
View File

@@ -594,13 +594,14 @@ include_once(dirname(dirname(dirname(__DIR__))) . '/header.php');
</button>
<?php else: ?>
<button type="submit" class="theme-btn style-two w-100 mt-15 mb-5">
<span data-hover="Book Now">Book Now</span>
<span data-hover="PROCEED TO PAYMENT">PROCEED TO PAYMENT</span>
<i class="fal fa-arrow-right"></i>
</button>
<?php endif; ?>
<div class="text-center">
<a href="contact">Need some help?</a>
<a href="contact">You will be redirected to iKhokha's Secure payment gateway.</a>
</div>
<img src="assets/images/logos/ikhokha.png" alt="Secure Payment Badges" style="max-width: 200px; display: block; margin: 10px auto 0;">
</form>
</div>

71
src/pages/memberships/membership_application.php
View File

@@ -39,6 +39,31 @@ $user = $result->fetch_assoc();
<div class="section-title">
<div id="responseMessage"></div> <!-- Message display area -->
</div>
<!-- Membership Type -->
<h3>Membership Type</h3>
<div class="row mt-35">
<div class="col-md-12">
<div class="form-group mb-3">
<div class="form-check">
<input type="checkbox" id="country_membership" name="country_membership" value="1">
<label style="margin-left:20px;" for="country_membership">Country Membership - if you reside more than 150km from BASE4 and qualify for country membership.</label>
</div>
<div class="mt-2">
<div class="form-check form-check-inline">
<input type="radio" name="membership_type" id="membership_full" value="full" checked>
<label style="margin-left:20px;" for="membership_full">Full Membership</label>
</div>
<div class="form-check form-check-inline">
<input type="radio" name="membership_type" id="membership_single" value="single">
<label style="margin-left:20px;" for="membership_single">Single Membership</label>
</div>
</div>
</div>
</div>
</div>
<!-- Personal Details Section -->
<h3>Main Member</h3>
<div class="row mt-35">
@@ -88,6 +113,7 @@ $user = $result->fetch_assoc();
</div>
<!-- Spouse / Partner Details Section -->
<div id="spouseSection">
<h3>Spouse / Life Partner / Other Details</h3>
<div class="row mt-35">
<div class="col-md-6">
@@ -135,7 +161,11 @@ $user = $result->fetch_assoc();
</div>
</div>
</div> <!-- end spouse row -->
<!-- </div> end spouseSection -->
<!-- Children Section -->
<div id="childrenSection">
<h3>Children's Names</h3>
<div class="row mt-35">
<div class="col-md-6">
@@ -176,6 +206,7 @@ $user = $result->fetch_assoc();
</div>
<!-- Repeat for other children if needed -->
</div>
</div> <!-- end childrenSection -->
<!-- Address Section -->
<h3>Address</h3>
@@ -282,3 +313,43 @@ $user = $result->fetch_assoc();
<?php include_once(dirname(dirname(dirname(__DIR__))) . '/components/insta_footer.php'); ?>
<script>
// Toggle spouse and children sections when 'Single Membership' is selected
(function() {
function setSectionState(isSingle) {
var spouse = document.getElementById('spouseSection');
var children = document.getElementById('childrenSection');
[spouse, children].forEach(function(sec) {
if (!sec) return;
var inputs = sec.querySelectorAll('input, select, textarea, button');
if (isSingle) {
sec.style.display = 'none';
inputs.forEach(function(i) {
i.disabled = true;
});
} else {
sec.style.display = '';
inputs.forEach(function(i) {
i.disabled = false;
});
}
});
}
document.addEventListener('DOMContentLoaded', function() {
var full = document.getElementById('membership_full');
var single = document.getElementById('membership_single');
// initialize state
setSectionState(single && single.checked);
if (full) full.addEventListener('change', function() {
if (this.checked) setSectionState(false);
});
if (single) single.addEventListener('change', function() {
if (this.checked) setSectionState(true);
});
});
})();
</script>

4
src/pages/memberships/membership_details.php
View File

@@ -189,7 +189,7 @@ if (empty($application['id_number'])) {
<td><?php echo htmlspecialchars($membership['payment_amount']); ?></td>
<td><?php echo htmlspecialchars($membership['payment_id']); ?></td>
<?php if ($membership['payment_status'] == "AWAITING PAYMENT" || $membership['payment_status'] == "PENDING RENEWAL") { ?>
<td><a href='<?= $payment_link; ?>' class='theme-btn style-two style-three' style='padding: 0px 14px;'><span data-hover='PAY NOW'>PENDING RENEWAL</span></a></td>
<td><a href='<?= $payment_link; ?>' class='theme-btn style-two style-three' style='padding: 0px 14px;'><span data-hover='<?= $membership['payment_status'] ?>'><?= $membership['payment_status'] ?></span></a></td>
<?php } else { ?>
<td><?php echo htmlspecialchars($membership['payment_status']); ?></td>
<?php } ?>
@@ -221,7 +221,7 @@ if (empty($application['id_number'])) {
if (strtotime($today) >= strtotime($threeMonthsBefore)) {
echo '
<a href="renew_membership" class="theme-btn style-two bgc-secondary" style="width:100%; margin-top: 20px; background-color: #63ab45; padding: 10px 20px; color: white; text-decoration: none; border-radius: 25px;">
<a href="renewal_payment" class="theme-btn style-two bgc-secondary" style="width:100%; margin-top: 20px; background-color: #63ab45; padding: 10px 20px; color: white; text-decoration: none; border-radius: 25px;">
<span data-hover="Renew Membership">Renew Membership</span>
<i class="fal fa-arrow-right"></i>
</a>';

15
src/pages/memberships/membership_payment.php
View File

@@ -68,7 +68,15 @@ $stmt->fetch();
$stmt->close();
// If request includes payment_id, fetch provider paylink from payments table
$payment_id = $_GET['payment_id'] ?? null;
if (!isset($_GET['token']) || empty($_GET['token'])) {
header("Location: membership_details");
exit();
}
$token = $_GET['token'];
// echo $token;
// Sanitize the trip_id to prevent SQL injection
$payment_id = decryptData($token, $_ENV['SALT']);
$payment_link = null;
if ($payment_id) {
$pstmt = $conn->prepare("SELECT payment_link, amount, status, provider FROM payments WHERE payment_id = ? LIMIT 1");
@@ -110,7 +118,10 @@ if ($payment_id) {
<span data-hover="Pay Now with iKhokha">Pay Now with iKhokha</span>
<i class="fal fa-arrow-right"></i>
</a>
<p style="margin-top:10px;">You will be redirected to iKhokha's Secure Payment Gateway.</p>
<div class="text-center">
<p>You will be redirected to iKhokha's Secure payment gateway.</p>
</div>
<img src="assets/images/logos/ikhokha.png" alt="Secure Payment Badges" style="max-width: 200px; display: block; margin: 10px auto 0;">
<?php } else { ?>
<p>Please upload your proof of payment below.</p>
<h5>Payment Details:</h5>

83
src/pages/memberships/renew_membership.php
View File

@@ -6,14 +6,77 @@ include_once($rootPath . '/header.php');
$is_logged_in = isset($_SESSION['user_id']);
if (isset($_SESSION['user_id'])) {
$user_id = isset($_SESSION['user_id']) ? $_SESSION['user_id'] : null;
} else {
header('Location: login.php');
exit(); // Stop further script execution
}
$full_name = getFullName($user_id);
$payment_id = uniqid();
if (isset($_POST['membership_type'])) {
$membership_type = $_POST['membership_type'];
echo $membership_type;
//update membership_type in membership_application
$stmt = $conn->prepare("UPDATE membership_application SET membership_type = ? WHERE user_id = ? ");
$stmt->bind_param("si", $membership_type, $user_id);
$stmt->execute();
$stmt->close();
} else {
//get user membership type from membership_applications
$stmt = $conn->prepare("SELECT membership_type FROM membership_application WHERE user_id = ? ");
$stmt->bind_param("i", $user_id);
$stmt->execute();
$stmt->bind_result($membership_type);
$stmt->fetch();
$stmt->close();
}
//check memberhsip_applications for user_id, if 0 rows, redirect to membership_application.php
$stmt = $conn->prepare("SELECT COUNT(*) AS cnt FROM membership_application WHERE user_id = ? LIMIT 1");
$stmt->bind_param("i", $user_id);
$stmt->execute();
$stmt->bind_result($application_count);
$stmt->fetch();
$stmt->close();
if ($application_count == 0) {
header("Location: membership_application.php");
exit();
}
//if membership_fees payment_status is PENDING RENEWAL, redirect to membership_details.php
$stmt = $conn->prepare("SELECT payment_status FROM membership_fees WHERE user_id = ? LIMIT 1");
$stmt->bind_param("i", $user_id);
$stmt->execute();
$stmt->bind_result($payment_status);
$stmt->fetch();
$stmt->close();
if ($payment_status === 'PENDING RENEWAL') {
header("Location: membership_details.php");
exit();
}
if ($membership_type === 'country') {
$payment_amount = getPriceByDescription('country_membership');
} elseif ($membership_type === 'single') {
$payment_amount = getPriceByDescription('single');
} else {
$payment_amount = getPriceByDescription('membership_fees');
}
if ($membership_type === 'honorary') {
// Honorary members do not pay fees, redirect to membership details
header("Location: membership_details.php");
exit();
}
$payment_id = generatePaymentRef('SUBS', null, $user_id);
$payment_date = date('Y-m-d');
$renewal_period_end = getMembershipEndDate($user_id);
// Hardcode membership start date to 2026-03-01 per request
@@ -29,6 +92,21 @@ if ($stmt->execute()) {
// Commit the transaction
$conn->commit();
// Audit: user initiated membership renewal
if (function_exists('auditLog')) {
auditLog($user_id, 'MEMBERSHIP_RENEWAL_INITIATED', 'membership_fees', null, ['payment_id' => $payment_id, 'amount' => $payment_amount]);
}
// Send Notification
$event = 'membership_renewal_initiated';
$sub_feed = 'membership_renewal';
$data = [
'actor_id' => $_SESSION['user_id'],
'actor_avatar' => $_SESSION['profile_pic'], // used by UI to show avatar
'title' => "Membership Renewal Initiated by {$full_name}"
];
addNotification(null, $event, $sub_feed, $data, null);
$checkP = $conn->prepare("SELECT COUNT(*) AS cnt FROM payments WHERE payment_id = ? LIMIT 1");
if ($checkP) {
$checkP->bind_param('s', $payment_id);
@@ -65,8 +143,9 @@ if ($stmt->execute()) {
$publicRef = $publicRef ?? bin2hex(random_bytes(16));
$resp = createIkhokhaPayment($payment_id, $payment_amount, $description, $publicRef);
$paylink = $resp['paylinkUrl'] ?? $resp['paylinkURL'] ?? $resp['paylink_url'] ?? null;
$token = encryptData($payment_id, $_ENV['SALT']);
if ($paylink) {
header('Location: membership_payment?payment_id=' . $payment_id);
header('Location: membership_payment?token=' . $token);
exit();
} else {
header("Location: membership_details");

182
src/pages/memberships/renewal_payment.php Normal file
View File

@@ -0,0 +1,182 @@
<?php
$headerStyle = 'light';
$rootPath = dirname(dirname(dirname(__DIR__)));
include_once($rootPath . '/header.php');
// Assuming you have the user ID stored in the session
if (isset($_SESSION['user_id'])) {
$user_id = $_SESSION['user_id'];
} else {
header('Location: login.php');
exit(); // Stop further script execution
}
// Initialize variables
$payment_amount = null;
$membership_start_date = null;
$membership_end_date = null;
$continue_processing = isMembershipExpiringSoon($user_id);
if (!$continue_processing) {
header("Location: membership_details.php");
exit();
}
// Determine current membership type (default) and available renewal prices
$membership_type = getMembershipType($user_id);
if ($membership_type === 'honorary') {
// Honorary members do not renew
header("Location: membership_details.php");
exit();
}
// Fetch prices for all types so we can show dynamic updates client-side
$price_full = getPriceByDescription('membership_fees');
$price_single = getPriceByDescription('single');
$price_country = getPriceByDescription('country_membership');
// Set the initially displayed renewal amount based on current membership type
switch ($membership_type) {
case 'country':
$current_renewal_amount = $price_country;
break;
case 'single':
$current_renewal_amount = $price_single;
break;
default:
$current_renewal_amount = $price_full;
break;
}
// Get the user_id from the session
$user_id = isset($_SESSION['user_id']) ? $_SESSION['user_id'] : null;
if ($user_id) {
// Prepare the SQL query to fetch data
$query = "SELECT payment_amount, membership_start_date, membership_end_date, payment_id
FROM membership_fees
WHERE user_id = ?";
if ($stmt = $conn->prepare($query)) {
// Bind the user_id parameter to the query
$stmt->bind_param("i", $user_id);
// Execute the query
$stmt->execute();
// Bind the results to variables
$stmt->bind_result($payment_amount, $membership_start_date, $membership_end_date, $eft_id);
// Fetch the data
if ($stmt->fetch()) {
// Values are now assigned to $payment_amount, $membership_start_date, and $membership_end_date
} else {
// Handle case where no records are found
$error_message = "No records found for the given user ID.";
}
// Close the statement
$stmt->close();
} else {
// Handle query preparation failure
$error_message = "Query preparation failed: " . $conn->error;
}
} else {
// Handle case where user_id is not found in session
$error_message = "User ID not found in session.";
}
?>
<?php
$pageTitle = 'Membership Renewal';
$breadcrumbs = [['Home' => 'index.php']];
require_once($rootPath . '/components/banner.php');
?>
<!-- Contact Form Area start -->
<section class="about-us-area py-100 rpb-90 rel z-1">
<div class="container">
<div class="row">
<div class="col-lg-6">
<div class="section-title mb-25">
<span class="h2 mb-15">Membership Renewal:</span>
<?php echo
'<h5>Membership Expiration Date: ' . $membership_end_date . '</h5>'; ?>
</div>
<h5>Renewal Amount:</h5>
<form method="post" action="renew_membership" id="renewForm">
<input type="hidden" name="csrf_token" value="<?php echo generateCSRFToken(); ?>">
<div class="mb-3">
<div class="form-check">
<input type="radio" name="membership_type" id="radio_full" value="full" <?php echo ($membership_type === 'full' || $membership_type === 'member' || $membership_type === null) ? 'checked' : ''; ?>>
<label class="form-check-label" for="radio_full">Family Membership</label>
</div>
<div class="form-check">
<input type="radio" name="membership_type" id="radio_single" value="single" <?php echo ($membership_type === 'single') ? 'checked' : ''; ?>>
<label class="form-check-label" for="radio_single">Single Membership</label>
</div>
<div class="form-check">
<input type="radio" name="membership_type" id="radio_country" value="country" <?php echo ($membership_type === 'country') ? 'checked' : ''; ?>>
<label class="form-check-label" for="radio_country">Country Membership</label>
<small>You need to reside more than 150km from BASE4 to qualify.</small>
</div>
</div>
<h5>Amount:</h5>
<h2>R <span id="renewAmount"><?php echo number_format($current_renewal_amount, 2); ?></span></h2>
<button type="submit" class="theme-btn style-two style-three" style="width:100%;">
<span data-hover="Renew Membership">Renew Membership</span>
<i class="fal fa-arrow-right"></i>
</button>
<div class="text-center mt-2">
<p>You will be redirected to iKhokha's Secure payment gateway.</p>
</div>
<img src="assets/images/logos/ikhokha.png" alt="Secure Payment Badges" style="max-width: 200px; display: block; margin: 10px auto 0;">
</form>
<script>
(function(){
// Prices from server
var prices = {
full: <?php echo json_encode((float)$price_full); ?>,
single: <?php echo json_encode((float)$price_single); ?>,
country: <?php echo json_encode((float)$price_country); ?>
};
function updateAmount(type){
var amt = prices[type] !== undefined ? prices[type] : prices.full;
document.getElementById('renewAmount').textContent = amt.toFixed(2);
}
document.addEventListener('DOMContentLoaded', function(){
var radios = document.querySelectorAll('input[name="membership_type"]');
radios.forEach(function(r){
r.addEventListener('change', function(){
updateAmount(this.value);
});
});
// initialize
var checked = document.querySelector('input[name="membership_type"]:checked');
if(checked) updateAmount(checked.value);
});
})();
</script>
</div>
<div class="col-lg-6" data-aos="fade-right" data-aos-duration="1500" data-aos-offset="50">
<div class="about-us-image">
<img src="assets/images/logos/weblogo.png" alt="About">
</div>
</div>
</div>
</div>
</section>
<?php include_once(dirname(dirname(dirname(__DIR__))) . '/components/insta_footer.php'); ?>

19
src/pages/other/about.php
View File

@@ -159,13 +159,18 @@ require_once($rootPath . '/components/banner.php');
<h2>4WDCSA Committee and Other Office Bearers</h2>
<div>
<h3>Committee</h3>
<li>Chairman - John Runciman</li>
<li>Chairman - Peter Hutchison</li>
<li>Vice Chairman - Davin Webster</li>
<li>National Liaison - Peter Hutchison</li>
<li>Treasurer - Doug Timm</li>
<li>Outings - John Runciman</li>
<li>Events - Noelene Runciman</li>
<li>Driver Training - John Runciman</li>
<li>Events - Noelene Koertzen</li>
<li>Driver Training - VACANT</li>
<li>Digital Media - Christopher Pinto</li>
<li>Marketing - Janet Erasmus</li>
<li>Outdoor - Carla Holtzhausen</li>
<li>Clubhouse - Tree Stiebel</li>
<li>Maintenance - Kit Muirhead</li>
</div>
<div class="pt-30 pb-20">
@@ -238,7 +243,7 @@ require_once($rootPath . '/components/banner.php');
<div class="cta-item" style="background-image: url(assets/images/trips/1_01.jpg);">
<span class="category">Extended Trips</span>
<h2>Come and Explore Africa and beyond</h2>
<a href="<?= url('trips') ?>" class="theme-btn style-two bgc-secondary">
<a href="trips" class="theme-btn style-two bgc-secondary">
<span data-hover="Explore Tours">Explore Trips</span>
<i class="fal fa-arrow-right"></i>
</a>
@@ -248,7 +253,7 @@ require_once($rootPath . '/components/banner.php');
<div class="cta-item" style="background-image: url(assets/images/courses/driver_training.png);">
<span class="category">Driver Training</span>
<h2>Level up your 4x4 Driving Skills</h2>
<a href="<?= url('driver_training') ?>" class="theme-btn style-two">
<a href="driver_training" class="theme-btn style-two">
<span data-hover="Explore Tours">Explore Training</span>
<i class="fal fa-arrow-right"></i>
</a>
@@ -258,7 +263,7 @@ require_once($rootPath . '/components/banner.php');
<div class="cta-item" style="background-image: url(assets/images/base4/camping.jpg);">
<span class="category">Events</span>
<h2>See whats cooking at BASE4!</h2>
<a href="<?= url('events') ?>" class="theme-btn style-two bgc-secondary">
<a href="events" class="theme-btn style-two bgc-secondary">
<span data-hover="Explore Tours">Explore Events</span>
<i class="fal fa-arrow-right"></i>
</a>

827
src/pages/other/base4.php Normal file
View File

@@ -0,0 +1,827 @@
<?php
$headerStyle = 'light';
$rootPath = dirname(dirname(dirname(__DIR__)));
include_once($rootPath . '/header.php');
?>
<!-- Leaflet CSS -->
<link rel="stylesheet" href="https://unpkg.com/leaflet@1.9.4/dist/leaflet.css"
integrity="sha256-p4NxAoJBhIIN+hmNHrzRCf9tD/miZyoHS5obTRR9BMY="
crossorigin="" />
<style>
.gallery-slider-active {
display: flex;
flex-wrap: wrap;
gap: 16px;
/* spacing between images */
justify-content: center;
}
.gallery-three-item {
width: 520px;
height: 300px;
overflow: hidden;
border-radius: 8px;
box-shadow: 0 4px 8px rgba(0, 0, 0, 0.1);
background: #f9f9f9;
display: flex;
flex-direction: column;
justify-content: space-between;
}
.gallery-three-item .image {
flex-grow: 1;
width: 100%;
height: 100%;
}
.gallery-three-item img {
width: 100%;
height: 100%;
object-fit: cover;
/* ensures aspect ratio while filling container */
display: block;
}
</style>
<style>
.track-map-section {
padding: 0;
margin: 0;
}
.track-info-box {
background: #f9f9f9;
padding: 30px;
margin: 20px auto;
max-width: 1200px;
border-radius: 8px;
}
.track-info-box h3 {
font-size: 1.5rem;
margin-bottom: 15px;
color: #333;
}
.track-info-box p {
color: #666;
line-height: 1.6;
margin-bottom: 10px;
}
.legend {
display: flex;
flex-wrap: wrap;
gap: 30px;
margin-top: 20px;
padding-top: 20px;
border-top: 1px solid #ddd;
justify-content: center;
}
.legend-item {
display: flex;
align-items: center;
gap: 10px;
}
/* Shared marker styling for both legend and map obstacles */
.legend-marker,
.obstacle-marker {
width: 30px;
height: 30px;
border-radius: 4px;
display: flex;
align-items: center;
justify-content: center;
font-size: 18px;
font-weight: bold;
color: white;
transform: rotate(45deg);
}
.legend-marker span,
.obstacle-marker span {
transform: rotate(-45deg);
}
.legend-marker.red,
.obstacle-marker.red {
background: #e61e25;
}
.legend-marker.green,
.obstacle-marker.green {
background: #28a745;
}
.legend-marker.black,
.obstacle-marker.black {
background: #343a40;
}
.legend-marker.split,
.obstacle-marker.split {
background: linear-gradient(45deg, #e61e25 50%, #28a745 50%);
}
.obstacle-marker {
cursor: pointer;
}
/* Leaflet marker container */
.custom-marker-container {
background: transparent;
border: none;
}
#map {
/* width: 100%; */
height: 700px;
margin: 50px;
padding: 20px;
border-radius: 20px;
box-sizing: border-box;
}
@media (max-width: 768px) {
#map {
margin: 0 !important;
padding: 0 !important;
width: 100% !important;
height: 500px !important;
border-radius: 0 !important;
}
}
.obstacle-popup h4 {
margin: 0 0 10px 0;
color: #333;
}
.obstacle-popup .difficulty-badge {
display: inline-block;
padding: 4px 10px;
border-radius: 12px;
font-size: 0.8rem;
font-weight: bold;
margin-bottom: 10px;
text-transform: uppercase;
}
.obstacle-popup .difficulty-badge.easy {
background: #d4edda;
color: #155724;
}
.obstacle-popup .difficulty-badge.medium {
background: #fff3cd;
color: #856404;
}
.obstacle-popup .difficulty-badge.hard {
background: #f8d7da;
color: #721c24;
}
.obstacle-popup .difficulty-badge.extreme {
background: #d1ecf1;
color: #0c5460;
}
.obstacle-popup img {
width: 100%;
max-width: 300px;
margin: 10px 0;
border-radius: 4px;
}
.obstacle-popup .description {
color: #666;
line-height: 1.5;
margin-top: 10px;
}
.obstacle-marker:hover {
transform: rotate(45deg) scale(1.1);
}
.obstacle-marker span {
transform: rotate(-45deg);
color: white;
font-weight: bold;
font-size: 20px;
text-shadow: 1px 1px 2px rgba(0, 0, 0, 0.5);
}
/* Obstacle Form Modal */
.obstacle-modal {
display: none;
position: fixed;
top: 0;
left: 0;
width: 100%;
height: 100%;
background: rgba(0, 0, 0, 0.5);
z-index: 10000;
align-items: center;
justify-content: center;
}
.obstacle-modal.show {
display: flex;
}
.obstacle-modal-content {
background: white;
padding: 30px;
border-radius: 8px;
max-width: 500px;
width: 90%;
box-shadow: 0 4px 20px rgba(0, 0, 0, 0.3);
}
.obstacle-modal-content h3 {
margin: 0 0 20px 0;
color: #333;
}
.obstacle-modal-content .form-group {
margin-bottom: 15px;
}
.obstacle-modal-content label {
display: block;
margin-bottom: 5px;
font-weight: 600;
color: #555;
}
.obstacle-modal-content input,
.obstacle-modal-content select {
width: 100%;
padding: 8px 12px;
border: 1px solid #ddd;
border-radius: 4px;
font-size: 14px;
}
.obstacle-modal-content .btn-group {
display: flex;
gap: 10px;
margin-top: 20px;
}
.obstacle-modal-content .btn-group button {
flex: 1;
}
.alert-message {
position: fixed;
top: 20px;
right: 20px;
padding: 15px 20px;
border-radius: 8px;
box-shadow: 0 4px 12px rgba(0, 0, 0, 0.15);
z-index: 10001;
display: none;
animation: slideIn 0.3s ease;
}
.alert-message.show {
display: block;
}
.alert-message.success {
background: #d4edda;
color: #155724;
border: 1px solid #c3e6cb;
}
.alert-message.error {
background: #f8d7da;
color: #721c24;
border: 1px solid #f5c6cb;
}
@keyframes slideIn {
from {
transform: translateX(100%);
opacity: 0;
}
to {
transform: translateX(0);
opacity: 1;
}
}
</style>
<?php
$pageTitle = 'BASE4 & 4X4 Track';
$breadcrumbs = [['Home' => 'index.php']];
require_once($rootPath . '/components/banner.php');
?>
<!-- Features Area start -->
<section class="features-area pt-100 pb-45 rel z-1">
<div class="container">
<div class="row align-items-center">
<div class="col-xl-7">
<div class=" mb-55" data-aos="fade-left" data-aos-duration="1500"
data-aos-offset="50">
<div class="section-title mb-20">
<h2><b>BASE 4:</b> The home of 4WDCSA.</h2>
<p>Nestled near the Hennops river, in Doornradje, Centurion, BASE4 is the ultimate weekend getaway for 4x4 enthusiasts and outdoor lovers. This vibrant hub offers an array of exciting activities, including a challenging 4x4 test track, relaxing camping spots, and a clubhouse with food and refreshments. Take a dip in the swimming pool, fire up the braai, or unwind our brand new clubhouse. Whether you're here for adventure or relaxation, BASE4 provides the perfect setting for all your off-road and outdoor adventures. Join the Four Wheel Drive Club of Southern Africa and be part of the thrill!</p>
<div class="image">
<img style="border-radius:10px;" src="assets/images/base4/01.jpeg" alt="Hotel">
</div>
</div>
<div class="menu-btns py-10">
<a href="membership" class="theme-btn style-two bgc-secondary">
<span data-hover="Become a Member">Become a Member</span>
<i class="fal fa-arrow-right"></i>
</a>
</div>
</div>
</div>
<div class="col-xl-5" data-aos="fade-right" data-aos-duration="1500" data-aos-offset="50">
<div class="row pb-25">
<div class="section-title text-center counter-text-wrap mb-70" data-aos="fade-up"
data-aos-duration="1500" data-aos-offset="50">
<h2><b>BASE4</b><br>Non Member Fees:</h2>
<div class="pt-20 pb-20">
<h3>Day visitors*:</h3>
<h4>R 50.00 per vehicle</h4>
</div>
<div class="pt-20 pb-20">
<h3>Day visit & Track Pass*:</h3>
<h4>R 150.00 per vehicle</h4>
</div>
<div class="pt-20 pb-20">
<h3>Camping:</h3>
<h4>R 250.00 per vehicle</h4>
<p>Single night camping. Includes access to the track.</p>
</div>
<div class="pt-20 pb-20">
<h3>BASE4 Weekend Pass:</h3>
<h4>R 400.00 per vehicle</h4>
<p>Camping from Friday till Sunday. Includes access to the track</p>
</div>
<p style="font-size:0.8rem;">
*Day visitor charge not applicable on Open Days. Non-members require a 4WDCSA member to accompany them on the track at all times. Indemnity waiver must be signed at the clubhouse upon entry.</p>
</div>
</div>
</div>
</div>
</div>
</section>
<!-- Features Area end -->
<!-- Hotel Area start -->
<section class="hotel-area bgc-black py-100 rel z-1">
<div class="container-fluid">
<div class="row justify-content-center">
<div class="col-lg-12">
<div class="section-title text-white text-center counter-text-wrap mb-70" data-aos="fade-up"
data-aos-duration="1500" data-aos-offset="50">
<h2>BASE4 Open Days</h2>
<p style="max-width: 60%; margin: auto;">Whether you're a member or just curious, everyone's welcome at our monthly open events. Come camp with us, enjoy guest speakers, take your rig for a spin on the 4x4 track, or just relax by the swimming pool. Food and refreshments are available all weekend, plus braai fires ready to go—just bring your tongs! Its the perfect way to experience the spirit of the club and connect with fellow adventurers. </p>
</div>
</div>
</div>
<div class="gallery-slider-active">
<?php
$folder = $rootPath . '/assets/images/opendays/';
$images = glob($folder . '*.{jpg,jpeg,png,gif}', GLOB_BRACE);
// Convert absolute paths to web-relative paths
$images = array_map(function ($path) use ($rootPath) {
return str_replace($rootPath, '', $path);
}, $images);
// Shuffle and pick first 5
shuffle($images);
$selected = array_slice($images, 0, 10);
foreach ($selected as $image) {
echo '<div class="gallery-three-item" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">
<div class="image">
<img src="' . $image . '" alt="Gallery">
</div>
</div>';
}
?>
</div>
</div>
<!-- <div class="hotel-more-btn text-center mt-40">
<a href="destination2.html" class="theme-btn style-four">
<span data-hover="Explore More Hotel">Explore More Hotel</span>
<i class="fal fa-arrow-right"></i>
</a>
</div> -->
</div>
</section>
<!-- Hotel Area end -->
<!-- Track Map Section -->
<section class="track-map-section">
<div class="container">
<div class="track-info-box">
<div class="section-title text-center counter-text-wrap mb-70" data-aos="fade-up"
data-aos-duration="1500" data-aos-offset="50">
<h2>BASE4 4x4 Training Track</h2>
<p>The training track at BASE4 was first created when the property was acquired in 2000. It has since been developed to provide a variety of obstacles and terrain challenges suitable for all skill levels. Open to all members. Join us on our next Driver Training Course to enhance your off-road skills and confidence and put your vehicle to the test.</p>
</div>
<?php if ($role === 'superadmin'): ?>
<div style="margin: 20px 0; padding: 15px; background: #fff3cd; border-radius: 8px; border-left: 4px solid #ffc107;">
<button id="toggleEditMode" class="btn btn-warning" style="margin-bottom: 10px;">
🔧 Enable Edit Mode
</button>
<p id="editModeStatus" style="margin: 0; color: #856404; font-weight: bold; display: none;">
✏️ Edit Mode Active - Click on map to place new markers, drag to reposition
</p>
</div>
<?php endif; ?>
<div class="legend">
<div class="legend-item">
<div class="legend-marker green"><span></span></div>
<span>Beginner</span>
</div>
<div class="legend-item">
<div class="legend-marker red"><span></span></div>
<span>Intermediate</span>
</div>
<div class="legend-item">
<div class="legend-marker black"><span></span></div>
<span>Advanced</span>
</div>
</div>
</div>
</div>
<div id="map"></div>
</section>
<!-- Obstacle Form Modal -->
<div id="obstacleModal" class="obstacle-modal">
<div class="obstacle-modal-content">
<h3>Add New Obstacle</h3>
<form id="obstacleForm">
<input type="hidden" id="clickedLat" name="clickedLat">
<input type="hidden" id="clickedLng" name="clickedLng">
<div class="form-group">
<label for="obstacleNumber">Obstacle Number *</label>
<input type="number" id="obstacleNumber" name="obstacleNumber" required>
</div>
<div class="form-group">
<label for="markerColor">Marker Color *</label>
<select id="markerColor" name="markerColor" required>
<option value="green">Green (Beginner)</option>
<option value="red">Red (Intermediate)</option>
<option value="black">Black (Advanced)</option>
<option value="split">Split (Mixed)</option>
</select>
</div>
<div class="form-group">
<label for="obstacleName">Name</label>
<input type="text" id="obstacleName" name="obstacleName" value="New Obstacle">
</div>
<div class="form-group">
<label for="obstacleDifficulty">Difficulty</label>
<select id="obstacleDifficulty" name="obstacleDifficulty">
<option value="Easy">Easy</option>
<option value="Medium" selected>Medium</option>
<option value="Hard">Hard</option>
<option value="Extreme">Extreme</option>
</select>
</div>
<div class="btn-group">
<button type="button" class="btn btn-secondary" onclick="closeObstacleModal()">Cancel</button>
<button type="submit" class="btn btn-primary">Save Obstacle</button>
</div>
</form>
</div>
</div>
<!-- Alert Message -->
<div id="alertMessage" class="alert-message"></div>
<?php
require_once($rootPath . '/components/insta_footer.php');
?>
<!-- Leaflet JS -->
<script src="https://unpkg.com/leaflet@1.9.4/dist/leaflet.js"
integrity="sha256-20nQCchB9co0qIjJZRGuk2/Z9VM+kNiyxNV1lvTlZBo="
crossorigin=""></script>
<!-- Track Map JavaScript -->
<script>
console.log('Track map script loaded');
// Check if Leaflet is available
if (typeof L === 'undefined') {
console.error('Leaflet library not loaded!');
} else {
console.log('Leaflet library is available, version:', L.version);
}
document.addEventListener('DOMContentLoaded', () => {
console.log('DOM loaded, initializing map...');
const mapElement = document.getElementById('map');
console.log('Map element:', mapElement);
if (!mapElement) {
console.error('Map element not found!');
return;
}
console.log('Map element dimensions:', mapElement.offsetWidth, 'x', mapElement.offsetHeight);
try {
// Image dimensions: 2876 x 2035 pixels
const imageWidth = 7942;
const imageHeight = 3913;
// Create map with simple CRS (pixel coordinates)
// Note: Leaflet uses [y, x] format, so bounds are [[0, 0], [height, width]]
const bounds = [
[0, 0],
[imageHeight, imageWidth]
];
const map = L.map('map', {
crs: L.CRS.Simple,
minZoom: -1.5,
maxZoom: 2,
center: [imageHeight / 2, imageWidth / 2],
zoom: -1,
maxBounds: bounds,
maxBoundsViscosity: 1.0
});
console.log('Map object created with CRS.Simple:', map);
// Add aerial image overlay
const imageUrl = '/assets/images/track-aerial.jpg';
L.imageOverlay(imageUrl, bounds).addTo(map);
console.log('Aerial image overlay added');
// Add SVG overlay
const svgUrl = '/assets/images/track-route.svg';
L.imageOverlay(svgUrl, bounds, {
opacity: 1,
interactive: false
}).addTo(map);
console.log('SVG route overlay added');
// Fit map to image bounds
map.fitBounds(bounds);
console.log('Map initialized successfully');
// Edit mode state
let editMode = false;
let markers = [];
// Edit mode toggle (only for admins)
const toggleBtn = document.getElementById('toggleEditMode');
const statusText = document.getElementById('editModeStatus');
if (toggleBtn) {
toggleBtn.addEventListener('click', () => {
editMode = !editMode;
if (editMode) {
toggleBtn.textContent = '🔒 Disable Edit Mode';
toggleBtn.classList.remove('btn-warning');
toggleBtn.classList.add('btn-success');
statusText.style.display = 'block';
// Make existing markers draggable
markers.forEach(m => m.marker.dragging.enable());
} else {
toggleBtn.textContent = '🔧 Enable Edit Mode';
toggleBtn.classList.remove('btn-success');
toggleBtn.classList.add('btn-warning');
statusText.style.display = 'none';
// Disable dragging
markers.forEach(m => m.marker.dragging.disable());
}
});
}
// Click on map to add new marker (only in edit mode)
map.on('click', (e) => {
if (!editMode) return;
const coords = e.latlng;
// Store clicked coordinates and show modal
document.getElementById('clickedLat').value = coords.lat;
document.getElementById('clickedLng').value = coords.lng;
document.getElementById('obstacleModal').classList.add('show');
});
// Modal functions
window.closeObstacleModal = function() {
document.getElementById('obstacleModal').classList.remove('show');
document.getElementById('obstacleForm').reset();
};
window.showAlert = function(message, type = 'success') {
const alertDiv = document.getElementById('alertMessage');
alertDiv.textContent = message;
alertDiv.className = 'alert-message ' + type + ' show';
setTimeout(() => {
alertDiv.classList.remove('show');
}, 4000);
};
// Handle form submission
document.getElementById('obstacleForm').addEventListener('submit', function(e) {
e.preventDefault();
const lat = parseFloat(document.getElementById('clickedLat').value);
const lng = parseFloat(document.getElementById('clickedLng').value);
const obstacleNumber = document.getElementById('obstacleNumber').value;
const markerColor = document.getElementById('markerColor').value;
const name = document.getElementById('obstacleName').value;
const difficulty = document.getElementById('obstacleDifficulty').value;
// Create temporary marker
const markerHtml = `
<div class="obstacle-marker ${markerColor}">
<span>${obstacleNumber}</span>
</div>
`;
const customIcon = L.divIcon({
html: markerHtml,
className: 'custom-marker-container',
iconSize: [40, 40],
iconAnchor: [20, 20]
});
const marker = L.marker([lat, lng], {
icon: customIcon,
draggable: true
}).addTo(map);
// Save to database
const obstacleData = {
obstacle_number: obstacleNumber,
x_position: Math.round(lng),
y_position: Math.round(lat),
marker_color: markerColor,
name: name,
difficulty: difficulty,
description: 'New obstacle - edit details in admin panel'
};
saveObstacle(obstacleData, marker);
closeObstacleModal();
});
function saveObstacle(data, marker) {
fetch('/src/processors/track-obstacles.php?action=create', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify(data)
})
.then(response => response.json())
.then(result => {
if (result.status === 'success') {
showAlert('Obstacle #' + data.obstacle_number + ' created successfully!', 'success');
marker.obstacleId = result.obstacle_id;
markers.push({
marker,
data: {
...data,
obstacle_id: result.obstacle_id
}
});
// Add dragend event to update position
marker.on('dragend', function() {
const pos = marker.getLatLng();
updateObstaclePosition(marker.obstacleId, Math.round(pos.lng), Math.round(pos.lat));
});
} else {
showAlert('Error: ' + result.message, 'error');
map.removeLayer(marker);
}
})
.catch(error => {
showAlert('Error creating obstacle: ' + error, 'error');
map.removeLayer(marker);
});
}
function updateObstaclePosition(obstacleId, x, y) {
fetch('/src/processors/track-obstacles.php?action=updatePosition', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({
obstacle_id: obstacleId,
x_position: x,
y_position: y
})
})
.then(response => response.json())
.then(result => {
if (result.status === 'success') {
showAlert('Position updated', 'success');
} else {
showAlert('Error updating position: ' + result.message, 'error');
}
});
}
// Fetch and add obstacle markers
fetch('/src/processors/track-obstacles.php?action=getAll')
.then(response => response.json())
.then(result => {
console.log('Obstacles data:', result);
if (result.status === 'success' && result.data) {
result.data.forEach((obstacle, index) => {
// Leaflet uses [y, x] format for coordinates
const position = [obstacle.y_position, obstacle.x_position];
// Create custom marker HTML
const markerHtml = `
<div class="obstacle-marker ${obstacle.marker_color}">
<span>${obstacle.obstacle_number}</span>
</div>
`;
// Create custom icon
const customIcon = L.divIcon({
html: markerHtml,
className: 'custom-marker-container',
iconSize: [40, 40],
iconAnchor: [20, 20]
});
// Create popup content
const popupContent = `
<div class="obstacle-popup">
<h4>${obstacle.name}</h4>
<span class="difficulty-badge ${obstacle.difficulty.toLowerCase()}">${obstacle.difficulty}</span>
${obstacle.image_path ? `<img src="${obstacle.image_path}" alt="${obstacle.name}" style="width: 100%; max-width: 300px; margin: 10px 0; border-radius: 8px;">` : ''}
<p>${obstacle.description}</p>
</div>
`;
// Add marker to map
const marker = L.marker(position, {
icon: customIcon,
draggable: false
})
.addTo(map)
.bindPopup(popupContent, {
maxWidth: 350,
className: 'obstacle-popup-container'
});
marker.obstacleId = obstacle.obstacle_id;
markers.push({
marker,
data: obstacle
});
// Add dragend event for position updates
marker.on('dragend', function() {
const pos = marker.getLatLng();
updateObstaclePosition(obstacle.obstacle_id, Math.round(pos.lng), Math.round(pos.lat));
});
});
console.log('Added ' + result.data.length + ' obstacle markers');
}
})
.catch(error => {
console.error('Error loading obstacles:', error);
});
} catch (error) {
console.error('Error initializing map:', error);
}
});
</script>
<?php ob_end_flush(); ?>

5
src/pages/other/bush_mechanics.php
View File

@@ -156,7 +156,7 @@ $page_id = 'bush_mechanics';
</div>
<input type="hidden" name="csrf_token" value="<?php echo generateCSRFToken(); ?>">
<?php
$button_text = "Book Now";
$button_text = "PROCEED TO PAYMENT";
$button_disabled = "";
if (!$result || $result->num_rows == 0) {
$button_text = "No booking dates available";
@@ -168,8 +168,9 @@ $page_id = 'bush_mechanics';
<i class="fal fa-arrow-right"></i>
</button>
<div class="text-center">
<a href="contact">Need some help?</a>
<a href="contact">You will be redirected to iKhokha's Secure payment gateway.</a>
</div>
<img src="assets/images/logos/ikhokha.png"alt="Secure Payment Badges" style="max-width: 200px; display: block; margin: 10px auto 0;">
</form>
</div>

4
src/pages/other/indemnity.php
View File

@@ -107,14 +107,14 @@ if (isset($_SESSION['user_id'])) {
if (response.status === 'success') {
// If provider returned a direct paylink, go there immediately
if (response.paylinkUrl) {
window.location.href = 'membership_payment.php?payment_id=' + encodeURIComponent(response.payment_id);
window.location.href = 'membership_payment?token=' + encodeURIComponent(response.token);
return;
}
// If we have a payment_id, redirect to membership_payment with it
// if (response.payment_id) {
// setTimeout(function() {
// window.location.href = 'membership_payment.php?payment_id=' + encodeURIComponent(response.payment_id);
// window.location.href = 'membership_payment.php?payment_id=' + encodeURIComponent(response.token);
// }, 800);
// return;
// }

6
src/pages/other/rescue_recovery.php
View File

@@ -154,7 +154,7 @@ $page_id = 'rescue_recovery';
</div>
</div>
<?php
$button_text = "Book Now";
$button_text = "PROCEED TO PAYMENT";
$button_disabled = "";
if (!$result || $result->num_rows == 0) {
$button_text = "No booking dates available";
@@ -165,9 +165,11 @@ $page_id = 'rescue_recovery';
<span data-hover="<?php echo $button_text; ?>"><?php echo $button_text; ?></span>
<i class="fal fa-arrow-right"></i>
</button>
<div class="text-center">
<a href="mailto:info@4wdcsa.co.za">Need some help?</a>
<a href="contact">You will be redirected to iKhokha's Secure payment gateway.</a>
</div>
<img src="assets/images/logos/ikhokha.png"alt="Secure Payment Badges" style="max-width: 200px; display: block; margin: 10px auto 0;">
</form>
</div>

660
src/pages/track-map.php
View File

@@ -1,660 +0,0 @@
<?php
$headerStyle = 'light';
$rootPath = dirname(dirname(__DIR__));
include_once($rootPath . '/header.php');
?>
<!-- Leaflet CSS -->
<link rel="stylesheet" href="https://unpkg.com/leaflet@1.9.4/dist/leaflet.css"
integrity="sha256-p4NxAoJBhIIN+hmNHrzRCf9tD/miZyoHS5obTRR9BMY="
crossorigin=""/>
<style>
.track-map-section {
padding: 0;
margin: 0;
}
.track-info-box {
background: #f9f9f9;
padding: 30px;
margin: 20px auto;
max-width: 1200px;
border-radius: 8px;
}
.track-info-box h3 {
font-size: 1.5rem;
margin-bottom: 15px;
color: #333;
}
.track-info-box p {
color: #666;
line-height: 1.6;
margin-bottom: 10px;
}
.legend {
display: flex;
flex-wrap: wrap;
gap: 30px;
margin-top: 20px;
padding-top: 20px;
border-top: 1px solid #ddd;
justify-content: center;
}
.legend-item {
display: flex;
align-items: center;
gap: 10px;
}
/* Shared marker styling for both legend and map obstacles */
.legend-marker,
.obstacle-marker {
width: 30px;
height: 30px;
border-radius: 4px;
display: flex;
align-items: center;
justify-content: center;
font-size: 18px;
font-weight: bold;
color: white;
transform: rotate(45deg);
}
.legend-marker span,
.obstacle-marker span {
transform: rotate(-45deg);
}
.legend-marker.red,
.obstacle-marker.red {
background: #e61e25;
}
.legend-marker.green,
.obstacle-marker.green {
background: #28a745;
}
.legend-marker.black,
.obstacle-marker.black {
background: #343a40;
}
.legend-marker.split,
.obstacle-marker.split {
background: linear-gradient(45deg, #e61e25 50%, #28a745 50%);
}
.obstacle-marker {
cursor: pointer;
}
/* Leaflet marker container */
.custom-marker-container {
background: transparent;
border: none;
}
#map {
width: 100%;
height: 700px;
margin: 0;
padding: 0;
}
.obstacle-popup h4 {
margin: 0 0 10px 0;
color: #333;
}
.obstacle-popup .difficulty-badge {
display: inline-block;
padding: 4px 10px;
border-radius: 12px;
font-size: 0.8rem;
font-weight: bold;
margin-bottom: 10px;
text-transform: uppercase;
}
.obstacle-popup .difficulty-badge.easy {
background: #d4edda;
color: #155724;
}
.obstacle-popup .difficulty-badge.medium {
background: #fff3cd;
color: #856404;
}
.obstacle-popup .difficulty-badge.hard {
background: #f8d7da;
color: #721c24;
}
.obstacle-popup .difficulty-badge.extreme {
background: #d1ecf1;
color: #0c5460;
}
.obstacle-popup img {
width: 100%;
max-width: 300px;
margin: 10px 0;
border-radius: 4px;
}
.obstacle-popup .description {
color: #666;
line-height: 1.5;
margin-top: 10px;
}
.obstacle-marker:hover {
transform: rotate(45deg) scale(1.1);
}
.obstacle-marker span {
transform: rotate(-45deg);
color: white;
font-weight: bold;
font-size: 20px;
text-shadow: 1px 1px 2px rgba(0,0,0,0.5);
}
/* Obstacle Form Modal */
.obstacle-modal {
display: none;
position: fixed;
top: 0;
left: 0;
width: 100%;
height: 100%;
background: rgba(0,0,0,0.5);
z-index: 10000;
align-items: center;
justify-content: center;
}
.obstacle-modal.show {
display: flex;
}
.obstacle-modal-content {
background: white;
padding: 30px;
border-radius: 8px;
max-width: 500px;
width: 90%;
box-shadow: 0 4px 20px rgba(0,0,0,0.3);
}
.obstacle-modal-content h3 {
margin: 0 0 20px 0;
color: #333;
}
.obstacle-modal-content .form-group {
margin-bottom: 15px;
}
.obstacle-modal-content label {
display: block;
margin-bottom: 5px;
font-weight: 600;
color: #555;
}
.obstacle-modal-content input,
.obstacle-modal-content select {
width: 100%;
padding: 8px 12px;
border: 1px solid #ddd;
border-radius: 4px;
font-size: 14px;
}
.obstacle-modal-content .btn-group {
display: flex;
gap: 10px;
margin-top: 20px;
}
.obstacle-modal-content .btn-group button {
flex: 1;
}
.alert-message {
position: fixed;
top: 20px;
right: 20px;
padding: 15px 20px;
border-radius: 8px;
box-shadow: 0 4px 12px rgba(0,0,0,0.15);
z-index: 10001;
display: none;
animation: slideIn 0.3s ease;
}
.alert-message.show {
display: block;
}
.alert-message.success {
background: #d4edda;
color: #155724;
border: 1px solid #c3e6cb;
}
.alert-message.error {
background: #f8d7da;
color: #721c24;
border: 1px solid #f5c6cb;
}
@keyframes slideIn {
from {
transform: translateX(100%);
opacity: 0;
}
to {
transform: translateX(0);
opacity: 1;
}
}
</style>
<?php
$pageTitle = 'BASE4 4x4 Training Track';
$breadcrumbs = [['Home' => 'index.php']];
require_once($rootPath . '/components/banner.php');
?>
<!-- Track Map Section -->
<section class="track-map-section">
<div class="container">
<div class="track-info-box">
<h3>BASE4 4x4 Training Track</h3>
<p>The training track at BASE4 was first created when the property was acquired in 2000. It has since been developed to provide a variety of obstacles and terrain challenges suitable for all skill levels. Open to all members. Join us on our next Driver Training Course to enhance your off-road skills and confidence and put your vehicle to the test.</p>
<?php if ($role === 'superadmin'): ?>
<div style="margin: 20px 0; padding: 15px; background: #fff3cd; border-radius: 8px; border-left: 4px solid #ffc107;">
<button id="toggleEditMode" class="btn btn-warning" style="margin-bottom: 10px;">
🔧 Enable Edit Mode
</button>
<p id="editModeStatus" style="margin: 0; color: #856404; font-weight: bold; display: none;">
✏️ Edit Mode Active - Click on map to place new markers, drag to reposition
</p>
</div>
<?php endif; ?>
<div class="legend">
<div class="legend-item">
<div class="legend-marker green"><span></span></div>
<span>Beginner</span>
</div>
<div class="legend-item">
<div class="legend-marker red"><span></span></div>
<span>Intermediate</span>
</div>
<div class="legend-item">
<div class="legend-marker black"><span></span></div>
<span>Advanced</span>
</div>
</div>
</div>
</div>
<div id="map"></div>
</section>
<!-- Obstacle Form Modal -->
<div id="obstacleModal" class="obstacle-modal">
<div class="obstacle-modal-content">
<h3>Add New Obstacle</h3>
<form id="obstacleForm">
<input type="hidden" id="clickedLat" name="clickedLat">
<input type="hidden" id="clickedLng" name="clickedLng">
<div class="form-group">
<label for="obstacleNumber">Obstacle Number *</label>
<input type="number" id="obstacleNumber" name="obstacleNumber" required>
</div>
<div class="form-group">
<label for="markerColor">Marker Color *</label>
<select id="markerColor" name="markerColor" required>
<option value="green">Green (Beginner)</option>
<option value="red">Red (Intermediate)</option>
<option value="black">Black (Advanced)</option>
<option value="split">Split (Mixed)</option>
</select>
</div>
<div class="form-group">
<label for="obstacleName">Name</label>
<input type="text" id="obstacleName" name="obstacleName" value="New Obstacle">
</div>
<div class="form-group">
<label for="obstacleDifficulty">Difficulty</label>
<select id="obstacleDifficulty" name="obstacleDifficulty">
<option value="Easy">Easy</option>
<option value="Medium" selected>Medium</option>
<option value="Hard">Hard</option>
<option value="Extreme">Extreme</option>
</select>
</div>
<div class="btn-group">
<button type="button" class="btn btn-secondary" onclick="closeObstacleModal()">Cancel</button>
<button type="submit" class="btn btn-primary">Save Obstacle</button>
</div>
</form>
</div>
</div>
<!-- Alert Message -->
<div id="alertMessage" class="alert-message"></div>
<?php
require_once($rootPath . '/components/insta_footer.php');
?>
<!-- Leaflet JS -->
<script src="https://unpkg.com/leaflet@1.9.4/dist/leaflet.js"
integrity="sha256-20nQCchB9co0qIjJZRGuk2/Z9VM+kNiyxNV1lvTlZBo="
crossorigin=""></script>
<!-- Track Map JavaScript -->
<script>
console.log('Track map script loaded');
// Check if Leaflet is available
if (typeof L === 'undefined') {
console.error('Leaflet library not loaded!');
} else {
console.log('Leaflet library is available, version:', L.version);
}
document.addEventListener('DOMContentLoaded', () => {
console.log('DOM loaded, initializing map...');
const mapElement = document.getElementById('map');
console.log('Map element:', mapElement);
if (!mapElement) {
console.error('Map element not found!');
return;
}
console.log('Map element dimensions:', mapElement.offsetWidth, 'x', mapElement.offsetHeight);
try {
// Image dimensions: 2876 x 2035 pixels
const imageWidth = 7942;
const imageHeight = 3913;
// Create map with simple CRS (pixel coordinates)
// Note: Leaflet uses [y, x] format, so bounds are [[0, 0], [height, width]]
const bounds = [[0, 0], [imageHeight, imageWidth]];
const map = L.map('map', {
crs: L.CRS.Simple,
minZoom: -1.5,
maxZoom: 2,
center: [imageHeight / 2, imageWidth / 2],
zoom: -1,
maxBounds: bounds,
maxBoundsViscosity: 1.0
});
console.log('Map object created with CRS.Simple:', map);
// Add aerial image overlay
const imageUrl = '/assets/images/track-aerial.jpg';
L.imageOverlay(imageUrl, bounds).addTo(map);
console.log('Aerial image overlay added');
// Add SVG overlay
const svgUrl = '/assets/images/track-route.svg';
L.imageOverlay(svgUrl, bounds, {
opacity: 1,
interactive: false
}).addTo(map);
console.log('SVG route overlay added');
// Fit map to image bounds
map.fitBounds(bounds);
console.log('Map initialized successfully');
// Edit mode state
let editMode = false;
let markers = [];
// Edit mode toggle (only for admins)
const toggleBtn = document.getElementById('toggleEditMode');
const statusText = document.getElementById('editModeStatus');
if (toggleBtn) {
toggleBtn.addEventListener('click', () => {
editMode = !editMode;
if (editMode) {
toggleBtn.textContent = '🔒 Disable Edit Mode';
toggleBtn.classList.remove('btn-warning');
toggleBtn.classList.add('btn-success');
statusText.style.display = 'block';
// Make existing markers draggable
markers.forEach(m => m.marker.dragging.enable());
} else {
toggleBtn.textContent = '🔧 Enable Edit Mode';
toggleBtn.classList.remove('btn-success');
toggleBtn.classList.add('btn-warning');
statusText.style.display = 'none';
// Disable dragging
markers.forEach(m => m.marker.dragging.disable());
}
});
}
// Click on map to add new marker (only in edit mode)
map.on('click', (e) => {
if (!editMode) return;
const coords = e.latlng;
// Store clicked coordinates and show modal
document.getElementById('clickedLat').value = coords.lat;
document.getElementById('clickedLng').value = coords.lng;
document.getElementById('obstacleModal').classList.add('show');
});
// Modal functions
window.closeObstacleModal = function() {
document.getElementById('obstacleModal').classList.remove('show');
document.getElementById('obstacleForm').reset();
};
window.showAlert = function(message, type = 'success') {
const alertDiv = document.getElementById('alertMessage');
alertDiv.textContent = message;
alertDiv.className = 'alert-message ' + type + ' show';
setTimeout(() => {
alertDiv.classList.remove('show');
}, 4000);
};
// Handle form submission
document.getElementById('obstacleForm').addEventListener('submit', function(e) {
e.preventDefault();
const lat = parseFloat(document.getElementById('clickedLat').value);
const lng = parseFloat(document.getElementById('clickedLng').value);
const obstacleNumber = document.getElementById('obstacleNumber').value;
const markerColor = document.getElementById('markerColor').value;
const name = document.getElementById('obstacleName').value;
const difficulty = document.getElementById('obstacleDifficulty').value;
// Create temporary marker
const markerHtml = `
<div class="obstacle-marker ${markerColor}">
<span>${obstacleNumber}</span>
</div>
`;
const customIcon = L.divIcon({
html: markerHtml,
className: 'custom-marker-container',
iconSize: [40, 40],
iconAnchor: [20, 20]
});
const marker = L.marker([lat, lng], {
icon: customIcon,
draggable: true
}).addTo(map);
// Save to database
const obstacleData = {
obstacle_number: obstacleNumber,
x_position: Math.round(lng),
y_position: Math.round(lat),
marker_color: markerColor,
name: name,
difficulty: difficulty,
description: 'New obstacle - edit details in admin panel'
};
saveObstacle(obstacleData, marker);
closeObstacleModal();
});
function saveObstacle(data, marker) {
fetch('/src/processors/track-obstacles.php?action=create', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(data)
})
.then(response => response.json())
.then(result => {
if (result.status === 'success') {
showAlert('Obstacle #' + data.obstacle_number + ' created successfully!', 'success');
marker.obstacleId = result.obstacle_id;
markers.push({ marker, data: {...data, obstacle_id: result.obstacle_id} });
// Add dragend event to update position
marker.on('dragend', function() {
const pos = marker.getLatLng();
updateObstaclePosition(marker.obstacleId, Math.round(pos.lng), Math.round(pos.lat));
});
} else {
showAlert('Error: ' + result.message, 'error');
map.removeLayer(marker);
}
})
.catch(error => {
showAlert('Error creating obstacle: ' + error, 'error');
map.removeLayer(marker);
});
}
function updateObstaclePosition(obstacleId, x, y) {
fetch('/src/processors/track-obstacles.php?action=updatePosition', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
obstacle_id: obstacleId,
x_position: x,
y_position: y
})
})
.then(response => response.json())
.then(result => {
if (result.status === 'success') {
showAlert('Position updated', 'success');
} else {
showAlert('Error updating position: ' + result.message, 'error');
}
});
}
// Fetch and add obstacle markers
fetch('/src/processors/track-obstacles.php?action=getAll')
.then(response => response.json())
.then(result => {
console.log('Obstacles data:', result);
if (result.status === 'success' && result.data) {
result.data.forEach((obstacle, index) => {
// Leaflet uses [y, x] format for coordinates
const position = [obstacle.y_position, obstacle.x_position];
// Create custom marker HTML
const markerHtml = `
<div class="obstacle-marker ${obstacle.marker_color}">
<span>${obstacle.obstacle_number}</span>
</div>
`;
// Create custom icon
const customIcon = L.divIcon({
html: markerHtml,
className: 'custom-marker-container',
iconSize: [40, 40],
iconAnchor: [20, 20]
});
// Create popup content
const popupContent = `
<div class="obstacle-popup">
<h4>${obstacle.name}</h4>
<span class="difficulty-badge ${obstacle.difficulty.toLowerCase()}">${obstacle.difficulty}</span>
${obstacle.image_path ? `<img src="${obstacle.image_path}" alt="${obstacle.name}" style="width: 100%; max-width: 300px; margin: 10px 0; border-radius: 8px;">` : ''}
<p>${obstacle.description}</p>
</div>
`;
// Add marker to map
const marker = L.marker(position, {
icon: customIcon,
draggable: false
})
.addTo(map)
.bindPopup(popupContent, {
maxWidth: 350,
className: 'obstacle-popup-container'
});
marker.obstacleId = obstacle.obstacle_id;
markers.push({ marker, data: obstacle });
// Add dragend event for position updates
marker.on('dragend', function() {
const pos = marker.getLatLng();
updateObstaclePosition(obstacle.obstacle_id, Math.round(pos.lng), Math.round(pos.lat));
});
});
console.log('Added ' + result.data.length + ' obstacle markers');
}
})
.catch(error => {
console.error('Error loading obstacles:', error);
});
} catch (error) {
console.error('Error initializing map:', error);
}
});
</script>
<?php ob_end_flush(); ?>

49
src/processors/delete_course.php Normal file
View File

@@ -0,0 +1,49 @@
<?php
ob_start();
header('Content-Type: application/json');
$rootPath = dirname(dirname(__DIR__));
require_once($rootPath . "/src/config/env.php");
require_once($rootPath . '/src/config/functions.php');
require_once($rootPath . '/src/config/connection.php');
// Check admin status
session_start();
if (empty($_SESSION['user_id'])) {
ob_end_clean();
echo json_encode(['status' => 'error', 'message' => 'Unauthorized access']);
exit;
}
$user_role = getUserRole();
if (!in_array($user_role, ['admin', 'superadmin'])) {
ob_end_clean();
echo json_encode(['status' => 'error', 'message' => 'Unauthorized access']);
exit;
}
try {
$course_id = intval($_POST['course_id'] ?? 0);
if ($course_id <= 0) {
throw new Exception('Invalid course ID');
}
$stmt = $conn->prepare("DELETE FROM courses WHERE course_id = ?");
$stmt->bind_param("i", $course_id);
if (!$stmt->execute()) {
throw new Exception('Failed to delete course: ' . $stmt->error);
}
$stmt->close();
ob_end_clean();
echo json_encode(['status' => 'success', 'message' => 'Course deleted successfully']);
} catch (Exception $e) {
ob_end_clean();
echo json_encode(['status' => 'error', 'message' => $e->getMessage()]);
}
?>

71
src/processors/process_application.php
View File

@@ -4,10 +4,11 @@ require_once($rootPath . "/src/config/env.php");
require_once($rootPath . "/src/config/session.php");
require_once($rootPath . "/src/config/connection.php");
require_once($rootPath . "/src/config/functions.php");
require_once($rootPath . "/src/helpers/notification_helper.php");
$user_id = isset($_SESSION['user_id']) ? $_SESSION['user_id'] : null;
$payment_id = uniqid();
$status = 'AWAITING PAYMENT';
$payment_id = generatePaymentRef('SUBS', null, $user_id);
// If current month is December, attribute the membership year to the next year
$currentYear = intval(date('Y'));
$month = intval(date('n'));
@@ -92,6 +93,20 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
die('Invalid email format.');
}
//MEMBERSHIP TYPE
$country_membership = isset($_POST['country_membership']) ? 1 : 0;
$membership_type = in_array($_POST['membership_type'] ?? '', ['full', 'single']) ? $_POST['membership_type'] : 'full';
$honorary_member = validateHonoraryMemberName($first_name, $last_name);
if ($honorary_member) {
$membership_type = 'honorary';
} elseif ($country_membership) {
$membership_type = 'country';
} else {
$membership_type = $membership_type;
}
// Spouse or Partner details (optional)
$spouse_first_name = !empty($_POST['spouse_first_name']) ? validateName($_POST['spouse_first_name']) : null;
$spouse_last_name = !empty($_POST['spouse_last_name']) ? validateName($_POST['spouse_last_name']) : null;
@@ -136,8 +151,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
spouse_first_name, spouse_last_name, spouse_id_number, spouse_dob, spouse_occupation, spouse_tel_cell, spouse_email,
child_name1, child_dob1, child_name2, child_dob2, child_name3, child_dob3,
physical_address, postal_address, interests_hobbies, vehicle_make, vehicle_model, vehicle_year, vehicle_registration,
secondary_vehicle_make, secondary_vehicle_model, secondary_vehicle_year, secondary_vehicle_registration
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
secondary_vehicle_make, secondary_vehicle_model, secondary_vehicle_year, secondary_vehicle_registration, membership_type
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
// Check if preparation was successful
if (!$stmt) {
@@ -145,7 +160,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
}
$stmt->bind_param(
"isssssssssssssssssssssssssssssss",
"issssssssssssssssssssssssssssssss",
$user_id,
$first_name,
$last_name,
@@ -177,7 +192,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$secondary_vehicle_make,
$secondary_vehicle_model,
$secondary_vehicle_year,
$secondary_vehicle_registration
$secondary_vehicle_registration,
$membership_type
);
if ($stmt->execute()) {
@@ -187,10 +203,27 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$year = (int)$today->format('Y');
$payment_date = $today->format('Y-m-d');
$membership_start_date = $payment_date;
$status = 'AWAITING PAYMENT';
if ($membership_type === 'honorary') {
// Honorary members do not pay fees, set amount to 0 and end date far in future
$payment_amount = 0.00;
$status = 'PAID';
} elseif ($membership_type === 'country') {
$payment_amount = getPriceByDescription('country_membership');
$prorata_amount = calculateProrata(getPriceByDescription('country_prorata'));
} elseif ($membership_type === 'single') {
$payment_amount = getPriceByDescription('single');
$prorata_amount = calculateProrata(getPriceByDescription('single_prorata'));
} else {
$payment_amount = getPriceByDescription('membership_fees');
$prorata_amount = calculateProrata(getPriceByDescription('pro_rata'));
}
if ($month == 12 || $month == 1 || $month == 2) {
// December, January, February: charge full fee, valid till end of next Feb
$payment_amount = getPriceByDescription('membership_fees');
$payment_amount = $payment_amount;
// If Dec, Jan, Feb, set end to next year's Feb
$end_year = ($month == 12) ? $year + 2 : $year + 1;
$membership_end_date = (new DateTime("$end_year-02-01"))
@@ -198,7 +231,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
->format('Y-m-d');
} else {
// Prorata for Mar-Nov
$payment_amount = calculateProrata(getPriceByDescription('pro_rata'));
$payment_amount = $prorata_amount;
// End of next Feb if after Feb, else this Feb
if ($month > 2) {
$end_year = $year + 1;
@@ -209,10 +242,14 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
->modify('last day of this month')
->format('Y-m-d');
}
if ($membership_type === 'honorary') {
// Honorary members do not pay fees, set amount to 0 and end date far in future
$membership_end_date = '2099-12-31';
}
$stmt = $conn->prepare("INSERT INTO membership_fees (user_id, payment_amount, payment_date, membership_start_date, membership_end_date, payment_status, payment_id)
VALUES (?, ?, ?, ?, ?, 'AWAITING PAYMENT', ?)");
$stmt->bind_param("idssss", $user_id, $payment_amount, $payment_date, $membership_start_date, $membership_end_date, $payment_id);
$stmt = $conn->prepare("INSERT INTO membership_fees (user_id, payment_amount, payment_date, membership_start_date, membership_end_date, renewal_period_end, payment_status, payment_id)
VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
$stmt->bind_param("idssssss", $user_id, $payment_amount, $payment_date, $membership_start_date, $membership_end_date, $membership_end_date, $status, $payment_id);
if ($stmt->execute()) {
// Commit the transaction
@@ -221,6 +258,18 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// Optionally send an invoice referencing the internal payment id
// sendInvoice(getEmail($user_id), getFullName($user_id), $payment_id, formatCurrency($payment_amount), $description);
// sendAdminNotification('4WDCSA.co.za - New Membership Application - '.$last_name , 'A new member has signed up, '.$first_name.' '.$last_name);
// Audit: membership application submitted
if (function_exists('auditLog')) {
auditLog($user_id, 'MEMBERSHIP_APPLICATION_SUBMITTED', 'membership_application', null, ['payment_id' => $payment_id, 'amount' => $payment_amount ?? null]);
$event = 'new_application_submitted';
$sub_feed = 'membership_applications';
$data = [
'actor_id' => $_SESSION['user_id'],
'actor_avatar' => $_SESSION['profile_pic'], // used by UI to show avatar
'title' => "New Membership Application from {$first_name} {$last_name}"
];
addNotification(null, $event, $sub_feed, $data, null);
}
header("Location: indemnity");
// Success message
$response = [

14
src/processors/process_booking.php
View File

@@ -3,6 +3,7 @@ $rootPath = dirname(dirname(__DIR__));
require_once($rootPath . "/src/config/env.php");
require_once($rootPath . "/src/config/connection.php");
require_once($rootPath . "/src/config/functions.php");
require_once($rootPath . "/src/helpers/notification_helper.php");
// Start session to retrieve the logged-in user's ID
session_start();
@@ -79,6 +80,19 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$stmt->bind_param('sissiiiidd', $type, $user_id, $from_date, $to_date, $num_vehicles, $num_adults, $num_children, $add_firewood, $total_amount, $discount_amount);
if ($stmt->execute()) {
// Get booking id and audit
$booking_id = $conn->insert_id;
if (function_exists('auditLog')) {
auditLog($user_id, 'BOOKING_CREATED', 'bookings', $booking_id, ['total_amount' => $total_amount, 'from' => $from_date, 'to' => $to_date]);
}
$event = 'new_booking_created';
$sub_feed = 'bookings';
$data = [
'actor_id' => $_SESSION['user_id'] ?? null,
'actor_avatar' => $_SESSION['profile_pic'] ?? null, // used by UI to show avatar
'title' => "New Booking Created with Booking ID: {$booking_id}"
];
addNotification(null, $event, $sub_feed, $data, null);
// Redirect to success page or display success message
echo "<script>alert('Booking successfully created!'); window.location.href = 'booking.php';</script>";
} else {

100
src/processors/process_course.php Normal file
View File

@@ -0,0 +1,100 @@
<?php
ob_start();
header('Content-Type: application/json');
$rootPath = dirname(dirname(__DIR__));
require_once($rootPath . "/src/config/env.php");
require_once($rootPath . '/src/config/functions.php');
require_once($rootPath . '/src/config/connection.php');
// Check admin status
session_start();
if (empty($_SESSION['user_id'])) {
ob_end_clean();
echo json_encode(['status' => 'error', 'message' => 'Unauthorized access']);
exit;
}
$user_role = getUserRole();
if (!in_array($user_role, ['admin', 'superadmin'])) {
ob_end_clean();
echo json_encode(['status' => 'error', 'message' => 'Unauthorized access']);
exit;
}
try {
$course_id = $_POST['course_id'] ?? null;
$course_type = trim($_POST['course_type'] ?? '');
$code = trim($_POST['code'] ?? '');
$date = trim($_POST['date'] ?? '');
$capacity = intval($_POST['capacity'] ?? 0);
$cost_members = floatval($_POST['cost_members'] ?? 0);
$cost_nonmembers = floatval($_POST['cost_nonmembers'] ?? 0);
$instructor = trim($_POST['instructor'] ?? '');
$instructor_email = trim($_POST['instructor_email'] ?? '');
$allowed_types = ['driver_training','bush_mechanics','rescue_recovery','ladies_driver_training'];
if (!in_array($course_type, $allowed_types)) {
throw new Exception('Invalid course type');
}
if (empty($date) || !preg_match('/^\d{4}-\d{2}-\d{2}$/', $date)) {
throw new Exception('Invalid date format');
}
// If code not provided, generate from type + date using ABBR_MMDD format
if (empty($code)) {
$abbrMap = [
'driver_training' => 'DRVTRN',
'bush_mechanics' => 'BUSHMEC',
'rescue_recovery' => 'RESREC',
'ladies_driver_training' => 'LADYTRN'
];
$abbr = $abbrMap[$course_type] ?? strtoupper(preg_replace('/[^A-Z0-9]/', '', $course_type));
// ensure abbr fits (reserve 1 char for underscore and 4 for MMDD)
$abbr = substr($abbr, 0, 7);
$mmdd = date('md', strtotime($date));
$code = strtoupper(substr($abbr . '_' . $mmdd, 0, 12));
}
if ($capacity <= 0) {
throw new Exception('Capacity must be greater than 0');
}
if (empty($instructor)) {
throw new Exception('Instructor name is required');
}
if ($course_id) {
// Update
$stmt = $conn->prepare("UPDATE courses SET course_type = ?, code = ?, date = ?, capacity = ?, cost_members = ?, cost_nonmembers = ?, instructor = ?, instructor_email = ? WHERE course_id = ?");
$stmt->bind_param("sssiddssi", $course_type, $code, $date, $capacity, $cost_members, $cost_nonmembers, $instructor, $instructor_email, $course_id);
if (!$stmt->execute()) {
throw new Exception('Failed to update course: ' . $stmt->error);
}
$stmt->close();
} else {
// Insert - booked defaults to 0
$stmt = $conn->prepare("INSERT INTO courses (course_type, code, date, capacity, booked, cost_members, cost_nonmembers, instructor, instructor_email) VALUES (?, ?, ?, ?, 0, ?, ?, ?, ?)");
$stmt->bind_param("sssiddss", $course_type, $code, $date, $capacity, $cost_members, $cost_nonmembers, $instructor, $instructor_email);
if (!$stmt->execute()) {
throw new Exception('Failed to create course: ' . $stmt->error);
}
$course_id = $conn->insert_id;
$stmt->close();
}
ob_end_clean();
echo json_encode(['status' => 'success', 'message' => $course_id ? 'Course saved successfully' : 'Course created successfully', 'course_id' => $course_id]);
} catch (Exception $e) {
ob_end_clean();
echo json_encode(['status' => 'error', 'message' => $e->getMessage()]);
}
?>

19
src/processors/process_course_booking.php
View File

@@ -3,6 +3,7 @@ $rootPath = dirname(dirname(__DIR__));
require_once($rootPath . "/src/config/env.php");
require_once($rootPath . "/src/config/connection.php");
require_once($rootPath . "/src/config/functions.php");
require_once($rootPath . "/src/helpers/notification_helper.php");
session_start();
@@ -93,11 +94,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$status = "AWAITING PAYMENT";
$type = 'course';
$payment_id = uniqid();
$payment_id = generatePaymentRef('COURSE', $course_id, $user_id);
$publicRef = bin2hex(random_bytes(16));
$num_vehicles = 1;
$discountAmount = 0;
$eft_id = strtoupper("COURSE ".date("m-d", strtotime($date))." ".getInitialSurname($user_id));
$eft_id = $payment_id;
$notes = "";
if ($pending_member){
$notes = "Membership Payment pending at time of booking. Please confirm payment has been received.";
@@ -118,6 +119,19 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if ($stmt->execute()) {
$booking_id = $conn->insert_id;
// Audit booking creation
if (function_exists('auditLog')) {
auditLog($user_id, 'COURSE_BOOKING_CREATED', 'bookings', $booking_id, ['course_id' => $course_id, 'payment_id' => $payment_id, 'amount' => $payment_amount]);
}
$event = 'new_course_booking_created';
$sub_feed = 'bookings';
$data = [
'actor_id' => $_SESSION['user_id'] ?? null,
'actor_avatar' => $_SESSION['profile_pic'] ?? null, // used by UI to show avatar
'title' => "New Course Booking Created : {$payment_id}"
];
addNotification(null, $event, $sub_feed, $data, null);
if ($payment_amount < 1) {
if (processZeroPayment($payment_id, $payment_amount, $description)) {
echo "<script>alert('Booking successfully created!'); window.location.href = 'bookings.php';</script>";
@@ -138,7 +152,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$resp = createIkhokhaPayment($payment_id, $payment_amount, $description, $publicRef);
// Send invoice and admin notification (keep for records)
// sendInvoice(getEmail($user_id), getFullName($user_id), $eft_id, formatCurrency($payment_amount), $description);
sendAdminNotification('New Course Booking - '.getFullName($user_id), getFullName($user_id).' has booked for '.$description);
// Redirect user to payment link if available

32
src/processors/process_signature.php
View File

@@ -56,6 +56,10 @@ if (isset($_POST['signature'])) {
$stmt->bind_param('si', $display_path, $user_id);
if ($stmt->execute()) {
// Audit: signature saved
if (function_exists('auditLog')) {
auditLog($user_id, 'SIGNATURE_SAVED', 'membership_application', null, ['path' => $display_path]);
}
// Check the payment status
$paymentStatus = checkMembershipPaymentStatus($user_id) ? 'PAID' : 'NOT_PAID';
@@ -77,7 +81,7 @@ if (isset($_POST['signature'])) {
if ($mf && isset($mf['payment_amount'])) {
$amount = floatval($mf['payment_amount']);
// Use existing payment_id or generate one
$payment_id = $mf['payment_id'] ?? uniqid('mem_', true);
$payment_id = $mf['payment_id'] ?? generatePaymentRef('SUBS', null, $user_id);;
if (empty($mf['payment_id'])) {
// Persist generated payment_id back to membership_fees
@@ -116,7 +120,12 @@ if (isset($_POST['signature'])) {
$ins = $conn->prepare("INSERT INTO payments (payment_id, user_id, amount, status, description, public_ref) VALUES (?, ?, ?, ?, ?, ?)");
if ($ins) {
$ins->bind_param('sidsss', $payment_id, $user_id, $amount, $status, $description, $publicRef);
$ins->execute();
if ($ins->execute()) {
// Audit: payment row created for membership
if (function_exists('auditLog')) {
auditLog($user_id, 'MEMBERSHIP_PAYMENT_CREATED', 'payments', null, ['payment_id' => $payment_id, 'amount' => $amount]);
}
}
$ins->close();
}
}
@@ -128,9 +137,17 @@ if (isset($_POST['signature'])) {
$paylink = $resp['paylinkUrl'] ?? $resp['paylinkURL'] ?? $resp['paylink_url'] ?? null;
// After creating paylink, update paymentStatus to AWAITING PAYMENT
$paymentStatus = $paylink ? 'AWAITING PAYMENT' : $paymentStatus;
$token = encryptData($payment_id, $_ENV['SALT']);
// Audit: paylink created (or attempted)
if (function_exists('auditLog')) {
auditLog($user_id, 'IKHOKHA_PAYLINK_CREATED', 'payments', null, ['payment_id' => $payment_id, 'paylink' => $paylink]);
}
} catch (Exception $e) {
// Log but do not fail signature save
error_log('iKhokha create error: ' . $e->getMessage());
if (function_exists('auditLog')) {
auditLog($user_id, 'IKHOKHA_PAYLINK_FAILED', 'payments', null, ['payment_id' => $payment_id, 'error' => $e->getMessage()]);
}
}
}
}
@@ -140,7 +157,8 @@ if (isset($_POST['signature'])) {
$response = [
'status' => 'success',
'message' => 'Signature saved successfully!',
'paymentStatus' => $paymentStatus
'paymentStatus' => $paymentStatus,
'token' => $token ?? null
];
if (!empty($paylink)) {
$response['paylinkUrl'] = $paylink;
@@ -150,6 +168,10 @@ if (isset($_POST['signature'])) {
}
echo json_encode($response);
} else {
// Audit: signature save failed
if (function_exists('auditLog')) {
auditLog($user_id, 'SIGNATURE_SAVE_FAILED', 'membership_application', null, ['user_id' => $user_id]);
}
ob_end_clean();
echo json_encode(['status' => 'error', 'message' => 'Database update failed']);
}
@@ -161,6 +183,10 @@ if (isset($_POST['signature'])) {
echo json_encode(['status' => 'error', 'message' => 'Failed to save signature']);
}
} else {
// Audit: no signature provided in request
if (function_exists('auditLog') && isset($_SESSION['user_id'])) {
auditLog($_SESSION['user_id'], 'SIGNATURE_NOT_PROVIDED', 'membership_application', null, ['endpoint' => 'process_signature.php']);
}
ob_end_clean();
echo json_encode(['status' => 'error', 'message' => 'Signature not provided']);
}

21
src/processors/process_trip_booking.php
View File

@@ -3,6 +3,7 @@ $rootPath = dirname(dirname(__DIR__));
require_once($rootPath . "/src/config/env.php");
require_once($rootPath . "/src/config/connection.php");
require_once($rootPath . "/src/config/functions.php");
require_once($rootPath . "/src/helpers/notification_helper.php");
session_start();
// Get the trip_id from the request (ensure it's sanitized)
@@ -105,10 +106,10 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$status = "AWAITING PAYMENT";
$description = $trip_name;
$type = 'trip';
$payment_id = uniqid();
$payment_id = generatePaymentRef('TRIP', $trip_id, $user_id);
$publicRef = bin2hex(random_bytes(16));
// $eft_id = strtoupper(base_convert(time(), 10, 36)); // Convert timestamp to base36
$eft_id = strtoupper($trip_code." ".getInitialSurname($user_id));
// $eft_id = strtoupper($trip_code." ".getInitialSurname($user_id));
// Insert booking into the database
@@ -126,6 +127,21 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// Get the generated booking_id
$booking_id = $conn->insert_id;
// Audit booking creation
if (function_exists('auditLog')) {
auditLog($user_id, 'TRIP_BOOKING_CREATED', 'bookings', $booking_id, ['trip_id' => $trip_id, 'payment_id' => $payment_id, 'amount' => $payment_amount]);
}
// Create notification for new booking
$event = 'new_trip_booking_created';
$sub_feed = 'bookings';
$data = [
'actor_id' => $_SESSION['user_id'] ?? null,
'actor_avatar' => $_SESSION['profile_pic'] ?? null, // used by UI to show avatar
'title' => "New Trip Booking Created: {$payment_id}"
];
addNotification(null, $event, $sub_feed, $data, null);
if ($payment_amount < 1) {
if (processZeroPayment($payment_id, $payment_amount, $description)) {
echo "<script>alert('Booking successfully created!'); window.location.href = 'bookings.php';</script>";
@@ -146,7 +162,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$resp = createIkhokhaPayment($payment_id, $payment_amount, $description, $publicRef);
// Send invoice and admin notification
// sendInvoice(getEmail($user_id), getFullName($user_id), $eft_id, formatCurrency($payment_amount), $description);
sendAdminNotification('New Trip Booking - '.getFullName($user_id), getFullName($user_id).' has booked for '.$description);
// Redirect to payment link if available

41
test.php
View File

@@ -1,41 +0,0 @@
<?php
require_once("./src/config/env.php");
/**
* EXACT escape function from iKhokha docs
*/
function escapeString($str) {
$escaped = preg_replace(
['/[\\"\'\"]/u', '/\x00/'],
['\\\\$0', '\\0'],
(string)$str
);
$cleaned = str_replace('\/', '/', $escaped);
return $cleaned;
}
$callbackUrl = $_ENV['IKHOKHA_CALLBACK_URL'] ?? null;
$path = '/src/api/ikhokha_webhook.php';
$secret = $_ENV['IKHOKHA_APP_SECRET'] ?? null;
// Simulated raw webhook body (EXACT, no whitespace changes)
$raw = '{"paylinkID":"ys5225k4z56x0mm","status":"SUCCESS","externalTransactionID":"693efeaca71a9","responseCode":"00","text":null}';
echo "<strong>IK-SIGN FROM WEBHOOK:</strong><br>";
echo "bb1702d488a40091ebd5414bc6f524e203e2c5e36b24a1b86e243dad440bb557<br><br>";
$payloadToSign = $path . $raw;
// Generate signature using hash_hmac directly on the constructed string
$expected = hash_hmac('sha256', $payloadToSign, $secret);
// --- Output debug info (UPDATED) ---
echo "<strong>DEBUG INFO</strong><br>";
echo "Callback URL: $callbackUrl<br><br>";
echo "<strong>Payload to Sign (Un-escaped):</strong><br>";
echo htmlspecialchars($payloadToSign) . "<br><br>";
echo "<strong>EXPECTED SIGNATURE:</strong><br>";
echo $expected . "<br>";

BIN
uploads/signatures/signature_163.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 9.7 KiB

After

Width:  |  Height:  |  Size: 4.9 KiB

41
validate_login.php
View File

@@ -5,6 +5,8 @@ require_once($rootPath . "/src/config/session.php");
require_once($rootPath . "/src/config/connection.php");
require_once($rootPath . "/src/config/functions.php");
require_once($rootPath . '/google-client/vendor/autoload.php'); // Add this line for Google Client
require_once($rootPath . "/src/helpers/notification_helper.php");
// Check if connection is established
if (!$conn) {
@@ -37,6 +39,8 @@ if (isset($_GET['code'])) {
$last_name = $google_account_info->family_name;
$picture = $google_account_info->picture;
// Check if the user exists in the database
$query = "SELECT * FROM users WHERE email = ?";
$stmt = $conn->prepare($query);
@@ -53,12 +57,20 @@ if (isset($_GET['code'])) {
$stmt->bind_param("sssssi", $email, $first_name, $last_name, $picture, $password, $is_verified);
if ($stmt->execute()) {
// User successfully registered, set session and redirect
sendEmail('chrispintoza@gmail.com', '4WDCSA: New User Login', $name.' has just created an account using Google Login.');
$_SESSION['user_id'] = $conn->insert_id;
$_SESSION['first_name'] = $first_name;
$_SESSION['profile_pic'] = $picture;
processLegacyMembership($_SESSION['user_id']);
// echo json_encode(['status' => 'success', 'message' => 'Google login successful']);
// Send Notification
$event = 'user_login';
$sub_feed = 'logins';
$data = [
'actor_id' => $conn->insert_id,
'actor_avatar' => $picture, // used by UI to show avatar
'title' => "User Login by {$first_name} {$last_name}"
];
addNotification(null, $event, $sub_feed, $data, null);
header("Location: index.php");
exit();
} else {
@@ -72,8 +84,17 @@ if (isset($_GET['code'])) {
$_SESSION['user_id'] = $row['user_id'];
$_SESSION['first_name'] = $row['first_name'];
$_SESSION['profile_pic'] = $row['profile_pic'];
sendEmail('chrispintoza@gmail.com', '4WDCSA: New User Login', $name.' has just logged in using Google Login.');
// echo json_encode(['status' => 'success', 'message' => 'Google login successful']);
// Send Notification
$event = 'user_login';
$sub_feed = 'logins';
$data = [
'actor_id' => $_SESSION['user_id'],
'actor_avatar' => $_SESSION['profile_pic'], // used by UI to show avatar
'title' => "User Login by {$first_name} {$last_name}"
];
addNotification(null, $event, $sub_feed, $data, null);
header("Location: index.php");
exit();
}
@@ -182,6 +203,16 @@ if (isset($_POST['email']) && isset($_POST['password'])) {
$_SESSION['login_time'] = time();
$_SESSION['session_timeout'] = 1800; // 30 minutes in seconds
// Send Notification
$event = 'user_login';
$sub_feed = 'logins';
$data = [
'actor_id' => $_SESSION['user_id'],
'actor_avatar' => $_SESSION['profile_pic'], // used by UI to show avatar
'title' => "User Login by {$first_name} {$last_name}"
];
addNotification(null, $event, $sub_feed, $data, null);
auditLog($row['user_id'], 'LOGIN_SUCCESS', 'users', $row['user_id']);
echo json_encode(['status' => 'success', 'message' => 'Successful Login']);
} else {