TwoTalesDev/4WDCSA.co.za
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
204462877c537095d63712bde26de9d1ccf00bb8
4WDCSA.co.za/header.php

410 lines
17 KiB
PHP
Raw Blame History

<?php
ob_start();
require_once("env.php");
require_once("session.php");
require_once("connection.php");
require_once("functions.php");
require_once("header_config.php");
// Import services based on config (must be at top level for namespaces)
// Namespace imports only work at file level, handled via autoloader
// Determine which config to use based on HEADER_VARIANT constant
$config = $header_config[defined('HEADER_VARIANT') ? HEADER_VARIANT : '01'] ?? $header_config['01'];
// Security Headers (only for variant 01)
if ($config['include_security_headers']) {
// Respect proxy headers and env flag to avoid redirect loops
$forwardedProto = isset($_SERVER['HTTP_X_FORWARDED_PROTO']) ? strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) : null;
$httpsOn = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off';
$isLocal = (strpos($_SERVER['HTTP_HOST'] ?? '', 'localhost') !== false) || (strpos($_SERVER['HTTP_HOST'] ?? '', '127.0.0.1') !== false);
$enforceHttps = isset($_ENV['ENFORCE_HTTPS']) ? filter_var($_ENV['ENFORCE_HTTPS'], FILTER_VALIDATE_BOOLEAN) : true; // default true
$alreadySecure = $httpsOn || ($forwardedProto === 'https');
// Enforce HTTPS only when configured and not already secure
if ($enforceHttps && !$alreadySecure && !$isLocal) {
$host = $_SERVER['HTTP_HOST'] ?? '';
$uri = $_SERVER['REQUEST_URI'] ?? '/';
header('Location: https://' . $host . $uri, true, 301);
exit;
}
// HTTP Security Headers (send HSTS only when actually on HTTPS)
if ($alreadySecure) {
header('Strict-Transport-Security: max-age=31536000; includeSubDomains; preload');
}
header('X-Content-Type-Options: nosniff');
header('X-Frame-Options: SAMEORIGIN');
header('X-XSS-Protection: 1; mode=block');
header('Referrer-Policy: strict-origin-when-cross-origin');
header('Permissions-Policy: geolocation=(), microphone=(), camera=()');
// Generate CSRF token if not exists
if (class_exists('Services\AuthenticationService')) {
Services\AuthenticationService::generateCsrfToken();
}
}
// User session management
$is_logged_in = isset($_SESSION['user_id']);
$role = getUserRole();
if ($is_logged_in) {
if ($config['include_csrf_service']) {
if (class_exists('Services\AuthenticationService')) {
$authService = new Services\AuthenticationService();
$userService = new Services\UserService();
}
}
$user_id = $_SESSION['user_id'];
$is_member = getUserMemberStatus($user_id);
$pending_member = getUserMemberStatusPending($user_id);
} else {
$is_member = false;
$pending_member = false;
$user_id = null;
}
logVisitor();
?>
<!DOCTYPE html>
<html lang="zxx">
<head>
<!-- Required meta tags -->
<meta charset="utf-8">
<meta name="description" content="">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<!-- Title -->
<title>4WDCSA - The Four Wheel Drive Club of Southern Africa</title>
<!-- Favicon Icon -->
<link rel="shortcut icon" href="assets/images/logos/favicon.ico" type="image/x-icon">
<!-- Google Fonts -->
<link href="https://fonts.googleapis.com/css2?family=Outfit:wght@300;400;500;600;700&display=swap" rel="stylesheet">
<script src="https://code.jquery.com/jquery-3.6.0.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script>
<!-- Extra meta/resources based on config -->
<?php foreach ($config['extra_meta'] as $meta): ?>
<meta <?php foreach($meta as $key => $val) echo "$key=\"$val\" "; ?>>
<?php endforeach; ?>
<!-- Extra CSS files based on config -->
<?php foreach ($config['extra_css_files'] as $css_file): ?>
<?php if (strpos($css_file, 'http') === 0): ?>
<link rel="stylesheet" href="<?php echo $css_file; ?>" <?php echo isset($meta['onload']) ? 'onload="AOS.init();"' : ''; ?>>
<?php else: ?>
<link rel="stylesheet" href="<?php echo $css_file; ?>">
<?php endif; ?>
<?php endforeach; ?>
<!-- Core CSS files (common to all variants) -->
<!-- Flaticon -->
<link rel="stylesheet" href="assets/css/flaticon.min.css">
<!-- Font Awesome -->
<link rel="stylesheet" href="assets/css/fontawesome-5.14.0.min.css">
<!-- Bootstrap -->
<link rel="stylesheet" href="assets/css/bootstrap.min.css">
<!-- Magnific Popup -->
<link rel="stylesheet" href="assets/css/magnific-popup.min.css">
<!-- Nice Select -->
<link rel="stylesheet" href="assets/css/nice-select.min.css">
<!-- Animate -->
<link rel="stylesheet" href="assets/css/aos.css">
<!-- Slick -->
<link rel="stylesheet" href="assets/css/slick.min.css">
<!-- Main Style -->
<link rel="stylesheet" href="assets/css/style_new.css<?php echo $config['style_css_version']; ?>">
<!-- Mailchimp Script -->
<script id="mcjs">
! function(c, h, i, m, p) {
m = c.createElement(h), p = c.getElementsByTagName(h)[0], m.async = 1, m.src = i, p.parentNode.insertBefore(m, p)
}(document, "script", "https://chimpstatic.com/mcjs-connected/js/users/3c26590bcc200ef52edc0bec2/b960bfcd9c876f911833ca3f0.js");
</script>
</head>
<style>
.mobile-only {
display: none;
}
@media (max-width: 1199px) {
.mobile-only {
display: block;
}
}
.profile-menu {
position: relative;
display: inline-block;
}
.profile-info {
display: flex;
align-items: center;
cursor: pointer;
}
.profile-info span {
margin-right: 10px;
}
.profile-pic {
width: 50px;
height: 50px;
border-radius: 50%;
margin-right: 10px;
object-fit: cover;
/* Ensures the image fits without distortion */
}
.dropdown-arrow {
font-size: 16px;
}
.dropdown-menu2 {
display: none;
position: absolute;
top: 100%;
right: 0;
background-color: #fff;
box-shadow: <?php echo $config['shadow_style']; ?>;
min-width: 250px;
z-index: 1000;
font-size: 18px;
}
.dropdown-menu2 ul {
list-style-type: none;
padding: 0;
margin: 0;
}
.dropdown-menu2 ul li {
padding: 8px;
border-bottom: 1px solid #f0f0f0;
}
.dropdown-menu22 ul li a {
text-decoration: none;
color: #333;
}
.dropdown-menu22 ul li:hover {
background-color: #f8f8f8;
}
<?php if (isset($config['extra_styles']) && $config['extra_styles']): ?>
.page-banner-area {
position: relative;
background-size: cover;
background-position: center;
overflow: hidden;
}
.banner-overlay {
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
background-image: url('assets/images/banner/tracks7.png');
background-repeat: no-repeat;
background-size: cover;
background-position: center;
z-index: 1;
pointer-events: none;
}
.banner-inner {
position: relative;
z-index: 3;
}
<?php endif; ?>
</style>
<body>
<div class="page-wrapper">
<!-- Preloader -->
<div class="preloader">
<div class="custom-loader"></div>
</div>
<!-- main header -->
<header class="main-header <?php echo $config['header_class']; ?>">
<!--Header-Upper-->
<div class="header-upper <?php echo $config['header_bg_class']; ?> py-30 rpy-0">
<div class="container-fluid clearfix">
<div class="header-inner rel d-flex align-items-center">
<div class="logo-outer">
<div style="<?php echo $config['logo_width']; ?>" class="logo">
<a href="index.php">
<img src="<?php echo $config['logo_image']; ?>" alt="Logo" title="Logo">
</a>
</div>
</div>
<div class="nav-outer mx-lg-auto ps-xxl-5 clearfix">
<!-- Main Menu -->
<nav class="main-menu navbar-expand-lg">
<div class="navbar-header">
<div class="mobile-logo">
<a href="index.php">
<img src="<?php echo $config['logo_mobile_image']; ?>" alt="Logo" title="Logo">
</a>
</div>
<!-- Toggle Button -->
<button type="button" class="navbar-toggle" data-bs-toggle="collapse"
data-bs-target=".navbar-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
</div>
<div class="navbar-collapse collapse clearfix">
<ul class="navigation clearfix">
<li><a href="index.php">Home</a></li>
<li><a href="about.php">About</a></li>
<!-- Conditional Trips Menu -->
<?php if ($config['trip_submenu']): ?>
<li><a href="trips.php">Trips</a>
<ul>
<li><a href="tour-list.html">Tour List</a></li>
<li><a href="tour-grid.html">Tour Grid</a></li>
<li><a href="tour-sidebar.html">Tour Sidebar</a></li>
<li><a href="trip-details.php">Tour Details</a></li>
<li><a href="tour-guide.html">Tour Guide</a></li>
</ul>
</li>
<?php else: ?>
<li><a href="trips.php">Trips</a></li>
<?php endif; ?>
<!-- Training Menu (common) -->
<li class="dropdown"><a href="#">Training</a>
<ul>
<li><a href="driver_training.php">Basic 4X4 Driver Training</a></li>
<li><a href="bush_mechanics.php">Bush Mechanics</a></li>
<li><a href="rescue_recovery.php">Rescue & Recovery</a></li>
</ul>
</li>
<li><a href="events.php">Events</a></li>
<li><a href="blog.php">Blog</a></li>
<!-- Admin Menu (common) -->
<?php if ($role === 'admin' || $role === 'superadmin'): ?>
<li class="dropdown"><a href="#">admin</a>
<ul>
<li><a href="admin_web_users.php">Website Users</a></li>
<li><a href="admin_members.php">4WDCSA Members</a></li>
<li><a href="admin_trip_bookings.php">Trip Bookings</a></li>
<li><a href="admin_course_bookings.php">Course Bookings</a></li>
<li><a href="admin_efts.php">EFT Payments</a></li>
<li><a href="process_payments.php">Process Payments</a></li>
<?php if ($role === 'superadmin'): ?>
<li><a href="admin_visitors.php">Visitor Log</a></li>
<?php endif; ?>
</ul>
</li>
<?php endif; ?>
<li><a href="contact.php">Contact</a></li>
<!-- Conditional Members Area Menu -->
<?php if ($config['member_area_menu'] && $is_member): ?>
<li class="dropdown"><a href="#">Members Area</a>
<ul>
<li><a href="#">Coming Soon!</a></li>
</ul>
</li>
<?php endif; ?>
<!-- My Account Menu -->
<?php if ($is_logged_in): ?>
<li class="dropdown"><a href="#">My Account</a>
<ul>
<li><a href="account_settings.php">Account Settings</a></li>
<li><a href="membership_details.php">Membership</a></li>
<li><a href="bookings.php">My Bookings</a></li>
<li><a href="submit_pop.php">Submit P.O.P</a></li>
<li><a href="logout.php">Log Out</a></li>
</ul>
</li>
<?php else: ?>
<li class="nav-item d-xl-none"><a href="login.php">Log In</a></li>
<?php endif; ?>
</ul>
</div>
</nav>
<!-- Main Menu End-->
</div>
<!-- Menu Button -->
<div class="menu-btns py-10">
<?php if ($is_logged_in): ?>
<div class="profile-menu">
<div class="profile-info">
<span style="color: <?php echo $config['welcome_text_color']; ?>;">
Welcome, <?php echo $_SESSION['first_name']; ?>
</span>
<a href="account_settings.php">
<img src="<?php echo $_SESSION['profile_pic']; ?>?v=<?php echo time(); ?>"
alt="Profile Picture" class="profile-pic">
</a>
</div>
</div>
<?php else: ?>
<a href="login.php" class="theme-btn style-two bgc-secondary">
<span data-hover="Log In">Log In</span>
<i class="fal fa-arrow-right"></i>
</a>
<?php endif; ?>
</div>
</div>
</div>
</div>
<!--End Header Upper-->
</header>
<script>
document.addEventListener('DOMContentLoaded', function() {
const profileInfoElement = document.querySelector('.profile-info');
if (profileInfoElement) {
profileInfoElement.addEventListener('click', function(event) {
const dropdownMenu = document.querySelector('.dropdown-menu2');
if (dropdownMenu) {
dropdownMenu.style.display = dropdownMenu.style.display === 'block' ? 'none' : 'block';
event.stopPropagation();
}
});
}
// Close dropdown when clicking outside
document.addEventListener('click', function(event) {
const dropdownMenu = document.querySelector('.dropdown-menu2');
const profileMenu = document.querySelector('.profile-menu');
if (dropdownMenu && profileMenu && !profileMenu.contains(event.target)) {
dropdownMenu.style.display = 'none';
}
});
});
</script>
Reference in New Issue View Git Blame Copy Permalink