1ef4d06627
Major security improvements: - Added CSRF token generation, validation, and cleanup functions - Implemented comprehensive input validators (email, phone, name, date, amount, ID, file uploads) - Added rate limiting with login attempt tracking and account lockout (5 failures = 15 min lockout) - Implemented session fixation protection with session_regenerate_id() and 30-min timeout - Fixed SQL injection in getResultFromTable() with whitelisted columns/tables - Added audit logging for security events - Applied CSRF validation to all 7 process_*.php files - Applied input validation to critical endpoints (login, registration, bookings, application) - Created database migration for login_attempts, audit_log tables and locked_until column Modified files: - functions.php: +500 lines of security functions - validate_login.php: Added CSRF, rate limiting, session hardening - register_user.php: Added CSRF, input validation, registration rate limiting - process_*.php (7 files): Added CSRF token validation - Created migration: 001_phase1_security_schema.sql Next steps: Add CSRF tokens to form templates, harden file uploads, create testing checklist
145 lines
5.8 KiB
PHP
145 lines
5.8 KiB
PHP
<?php
|
|
require_once("env.php");
|
|
require_once("connection.php");
|
|
require_once("functions.php");
|
|
|
|
// Start session to retrieve the logged-in user's ID
|
|
session_start();
|
|
|
|
// Get user ID from session (assuming user is logged in)
|
|
$user_id = isset($_SESSION['user_id']) ? $_SESSION['user_id'] : null;
|
|
|
|
// Validate user session
|
|
if (!$user_id) {
|
|
echo "<script>alert('User is not logged in. Please log in to make a booking.'); window.location.href = 'login.php';</script>";
|
|
exit();
|
|
}
|
|
$is_member = getUserMemberStatus($user_id);
|
|
|
|
// Check if the form has been submitted
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
// CSRF Token Validation
|
|
if (!isset($_POST['csrf_token']) || !validateCSRFToken($_POST['csrf_token'])) {
|
|
auditLog($user_id, 'CSRF_VALIDATION_FAILED', 'bookings', null, ['endpoint' => 'process_camp_booking.php']);
|
|
echo json_encode(['status' => 'error', 'message' => 'Security token validation failed. Please try again.']);
|
|
exit();
|
|
}
|
|
|
|
// Validate dates and integers
|
|
$from_date = validateDate($_POST['from_date'] ?? '');
|
|
if ($from_date === false) {
|
|
echo json_encode(['status' => 'error', 'message' => 'Invalid from date format.']);
|
|
exit();
|
|
}
|
|
|
|
$to_date = validateDate($_POST['to_date'] ?? '');
|
|
if ($to_date === false) {
|
|
echo json_encode(['status' => 'error', 'message' => 'Invalid to date format.']);
|
|
exit();
|
|
}
|
|
|
|
$num_vehicles = validateInteger($_POST['vehicles'] ?? 1, 1, 10);
|
|
if ($num_vehicles === false) {
|
|
echo json_encode(['status' => 'error', 'message' => 'Invalid number of vehicles.']);
|
|
exit();
|
|
}
|
|
|
|
$num_adults = validateInteger($_POST['adults'] ?? 0, 0, 20);
|
|
if ($num_adults === false) {
|
|
echo json_encode(['status' => 'error', 'message' => 'Invalid number of adults.']);
|
|
exit();
|
|
}
|
|
|
|
$num_children = validateInteger($_POST['children'] ?? 0, 0, 20);
|
|
if ($num_children === false) {
|
|
echo json_encode(['status' => 'error', 'message' => 'Invalid number of children.']);
|
|
exit();
|
|
}
|
|
|
|
// Get values from the form
|
|
$add_firewood = isset($_POST['AddExtra']) ? 1 : 0; // Checkbox for extras
|
|
// $is_member = isset($_POST['is_member']) ? (int)$_POST['is_member'] : 0; // Hidden member status
|
|
$type = "camping";
|
|
|
|
// Calculate the total number of nights
|
|
$date1 = new DateTime($from_date);
|
|
$date2 = new DateTime($to_date);
|
|
$nights = $date2->diff($date1)->days;
|
|
|
|
// Validate date range
|
|
if ($nights <= 0) {
|
|
echo "<script>alert('Invalid date range. Please select valid dates.'); window.history.back();</script>";
|
|
exit();
|
|
}
|
|
|
|
// Determine rate per night
|
|
$rate_per_night = 200; // Free for members, R200 for non-members
|
|
|
|
// Calculate the total cost
|
|
$vehicle_cost = $rate_per_night * $num_vehicles * $nights;
|
|
$total_discount = $is_member ? $vehicle_cost : 0;
|
|
$firewood_cost = $add_firewood ? 50 : 0;
|
|
$total_amount = $vehicle_cost + $firewood_cost;
|
|
$payment_amount = $total_amount - $total_discount;
|
|
$status = "AWAITING PAYMENT";
|
|
$description = "BASE4 Camping";
|
|
|
|
$payment_id = uniqid();
|
|
$eft_id = strtoupper($trip_code." ".getLastName($user_id));
|
|
|
|
// Insert booking into the database
|
|
$sql = "INSERT INTO bookings (booking_type, user_id, from_date, to_date, num_vehicles, num_adults, num_children, add_firewood, total_amount, discount_amount, status, payment_id)
|
|
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
|
|
|
|
$stmt = $conn->prepare($sql);
|
|
$stmt->bind_param('sissiiiiddss', $type, $user_id, $from_date, $to_date, $num_vehicles, $num_adults, $num_children, $add_firewood, $total_amount, $total_discount, $status, $payment_id);
|
|
|
|
if ($stmt->execute()) {
|
|
$booking_id = $conn->insert_id;
|
|
|
|
if ($payment_amount < 1) {
|
|
if (processZeroPayment($payment_id, $payment_amount, $description)) {
|
|
echo "<script>alert('Booking successfully created!'); window.location.href = 'bookings.php';</script>";
|
|
} else {
|
|
$error_message = $stmt->error;
|
|
echo "Error processing booking: $error_message";
|
|
}
|
|
} else {
|
|
addEFT($eft_id, $booking_id, $user_id, $status, $payment_amount, $description);
|
|
header("Location: payment_confirmation.php?booking_id=".$booking_id);
|
|
exit(); // Ensure no further code is executed after the redirect
|
|
}
|
|
} else {
|
|
// Handle error if insert fails and echo the MySQL error
|
|
$error_message = $stmt->error;
|
|
echo "Error processing booking: $error_message";
|
|
}
|
|
|
|
// if ($stmt->execute()) {
|
|
// if ($payment_amount < 1) {
|
|
// if (processZeroPayment($payment_id, $payment_amount, $description)) {
|
|
// echo "<script>alert('Booking successfully created!'); window.location.href = 'bookings.php';</script>";
|
|
// } else {
|
|
// $error_message = $stmt->error;
|
|
// echo "Error processing booking: $error_message";
|
|
// }
|
|
// } else {
|
|
// if (processPayment($payment_id, $payment_amount, $description)) {
|
|
// echo "<script>alert('Booking successfully created!'); window.location.href = 'bookings.php';</script>";
|
|
// } else {
|
|
// $error_message = $stmt->error;
|
|
// echo "Error processing booking: $error_message";
|
|
// }
|
|
// }
|
|
// } else {
|
|
// // Handle error if insert fails and echo the MySQL error
|
|
// $error_message = $stmt->error;
|
|
// echo "Error processing booking: $error_message";
|
|
// }
|
|
|
|
$stmt->close();
|
|
$conn->close();
|
|
} else {
|
|
echo "Invalid request.";
|
|
}
|