MOON
Server: Apache
System: Linux e2e-78-16.ssdcloudindia.net 3.10.0-1160.45.1.el7.x86_64 #1 SMP Wed Oct 13 17:20:51 UTC 2021 x86_64
User: imensosw (1005)
PHP: 7.4.33
Disabled: exec,passthru,shell_exec,system
$ pwd: /home/imensosw/public_html/imenso.co/demo/individuals/groups/
Upload Files
File: /home/imensosw/public_html/imenso.co/demo/individuals/groups/toserver.php
<?php

require '/var/www/html/individuals/groups/settings.php';

// Get operation
if (!empty($_GET['operation'])) {
	$operation = $_GET['operation'];
}

if (!empty($_POST['operation'])) {
	$operation = $_POST['operation'];
}

if (empty($operation)) {
	throw new Exception('No operation is defined.');	
}
// End operation

$corporate = new Corporate();
$individuals = new Individuals();

// Operations below

if ($operation == "sendemail") {
	if (!empty(trim($_POST['query']," "))) {
		$query = $_POST['query'];
		$rand = rand(10000,99000);
		$fname = $teachers->getSpecificAccInfo($auth,"fname");
		$email = $teachers->getSpecificAccInfo($auth,"email");
		$secemail = $teachers->getSpecificAccInfo($auth,"secemail");
		if (!empty($secemail)) {
			$to = "admin@overcomethebarrier.com,".$email.",".$secemail."";
		} else {
			$to = "admin@overcomethebarrier.com,".$email."";
		}
		$subject = "".$lang9.$rand."";
		$content  = "".$lang10." ".$email." ".$lang11."<p>".$query."</p>";
		$sendemail = $teachers->emailTest("admin@octb.us",$subject,$to,$content);
	}
}

if ($operation == "cancel") {
	$lessonid = $_POST['lessonid'];
	$teachers->removeInvite($lessonid,$auth);
	$removed = $teachers->removeFromGroupLesson($auth,$lessonid);
	if ($removed) {
		echo "success";
	} else {
		echo "error";	
	}
}

if ($operation == "register") {
	$lessonid = $_POST['lessonid'];
	$lessontype = $corporate->getSpecificLessonInfo($lessonid,"lessontype");
	$lessonmins = $corporate->getSpecificLessonInfo($lessonid,"lessonmins");
	if ($lessontype == "Group") {
		$isfixeduser = $teachers->getSpecificAccInfo($auth,"scheduletype");
		 $thisweektime = $corporate->weeklyMinsAvailable($auth);
		if ($isfixeduser !== "Fixed" || ($isfixeduser == "Fixed" && $thisweektime > 0)) {
			$islessontime = $corporate->isTimeAvailable($auth,"group","0",$lessonmins);
			if ($islessontime && $thisweektime > 0) {
				$teachers->addToGroupLesson($auth,$lessonid);
				$teachers->addInvite($lessonid,$auth);
				echo "success";
			} else {
				echo "error_notime";	
			}
		} else {
			$timezone = $teachers->getSpecificAccInfo($auth,"timezone");
			$isparticipant = $individuals->isLessonParticipant($lessonid,$auth);
			if (!$isparticipant) {
				if ($lessontype == "Group") {
					echo "<div id='close_popup'>X</div>";
					$get_all_classes = $individuals->getScheduledLessonsByType($auth,"group");
					$arelessons = $get_all_classes->rowCount();
					if ($arelessons > 0) {
						echo "<h1>$lang53</h1>";
						echo "<div id='clientscheduledlessons'>";
						echo "<h2>$lang54</h2>";
						echo "<div class='bar'></div>";
						$timezone = $teachers->getSpecificAccInfo($auth,"timezone");
						while ($data = $get_all_classes->fetch(PDO::FETCH_LAZY)) {
							$schedule = $data['start_unix'];
							$time = time()+14400;
							$lessontype = $data['lessontype'];
							if ($time < $schedule) {
								$swapfrom_lessonid = $data['lessonid'];
									$schedule = $data['start_unix'];
									$teacher = $data['teacher'];
									$readabledate = $teachers->isoDateConverter($schedule,"ddmmyyyy",$timezone);
									$readabletime = $teachers->isoDateConverter($schedule,"ampm",$timezone);
									echo "<div class='row_ip'>";
										echo "<div class='row_ip_item'>$readabledate</div>";
										echo "<div class='row_ip_item'>$readabletime</div>";
										echo "<div class='row_ip_item'>$teacher</div>";
										echo "<div class='row_ip_item'><button class='btn2' id='".$swapfrom_lessonid."'>$lang26</button></div>";
									echo "</div>";
							}
						}
						echo "<div id='swapfrom' style='display:none'></div>"; /// swapfrom
						echo "<div class='bar'></div>";
						echo "</div>"; // clientscheduledlessons
						echo "<h2>$lang55</h2>";
						echo "<div class='bar'></div>";
						echo "<div class='row_ip'>";
							$schedule = $corporate->getSpecificLessonInfo($lessonid,"schedule");
							$readabledate = $teachers->isoDateConverter($schedule,"ddmmyyyy",$timezone);
							$readabletime = $teachers->isoDateConverter($schedule,"ampm",$timezone);
							$teacher = $corporate->getSpecificLessonInfo($lessonid,"teacher");
							echo "<div class='row_ip_item'>$readabledate</div>";
							echo "<div class='row_ip_item'>$readabletime</div>";
							echo "<div class='row_ip_item'>$teacher</div>";
							echo "<div class='row_ip_item'><button class='btn2'>$lang27</button></div>";
						echo "</div>";
						echo "<div id='swapto' style='display:none'>$lessonid</div>"; //  swapto
						echo "<div class='bar'></div>";
						echo "<button class='btn2'>$lang28</button>";
					} else {
						echo "<div style='margin:10px;text-align:center;'>$lang17</div>";	
					}
				} else {
					echo "error";	
				}
			} else {
				echo "error";		
			}	
		}
	} else {
		echo "error"; // Only group lessons for now	
	}
}

if ($operation == "swap") {
	$lessonid = $_POST['lessonid'];
	$lessontype = $corporate->getSpecificLessonInfo($lessonid,"lessontype");
	$timezone = $teachers->getSpecificAccInfo($auth,"timezone");
	$isparticipant = $individuals->isLessonParticipant($lessonid,$auth);
	if (!$isparticipant) {
		if ($lessontype == "Group") {
			echo "<div id='close_popup'>X</div>";
			$get_all_classes = $individuals->getScheduledLessonsByType($auth,"group");
			$arelessons = $get_all_classes->rowCount();
			if ($arelessons > 0) {
				echo "<h1>$lang53</h1>";
				echo "<div id='clientscheduledlessons'>";
				echo "<h2>$lang54</h2>";
				echo "<div class='bar'></div>";
				$timezone = $teachers->getSpecificAccInfo($auth,"timezone");
				while ($data = $get_all_classes->fetch(PDO::FETCH_LAZY)) {
					$schedule = $data['start_unix'];
					$time = time()+14400;
					$lessontype = $data['lessontype'];
					if ($time < $schedule) {
						$swapfrom_lessonid = $data['lessonid'];
							$schedule = $data['start_unix'];
							$teacher = $data['teacher'];
							$readabledate = $teachers->isoDateConverter($schedule,"ddmmyyyy",$timezone);
							$readabletime = $teachers->isoDateConverter($schedule,"ampm",$timezone);
							echo "<div class='row_ip'>";
								echo "<div class='row_ip_item'>$readabledate</div>";
								echo "<div class='row_ip_item'>$readabletime</div>";
								echo "<div class='row_ip_item'>$teacher</div>";
								echo "<div class='row_ip_item'><button class='btn2' id='".$swapfrom_lessonid."'>$lang26</button></div>";
							echo "</div>";
					}
				}
				echo "<div id='swapfrom' style='display:none'></div>"; /// swapfrom
				echo "<div class='bar'></div>";
				echo "</div>"; // clientscheduledlessons
				echo "<h2>$lang55</h2>";
				echo "<div class='bar'></div>";
				echo "<div class='row_ip'>";
					$schedule = $corporate->getSpecificLessonInfo($lessonid,"schedule");
					$readabledate = $teachers->isoDateConverter($schedule,"ddmmyyyy",$timezone);
					$readabletime = $teachers->isoDateConverter($schedule,"ampm",$timezone);
					$teacher = $corporate->getSpecificLessonInfo($lessonid,"teacher");
					echo "<div class='row_ip_item'>$readabledate</div>";
					echo "<div class='row_ip_item'>$readabletime</div>";
					echo "<div class='row_ip_item'>$teacher</div>";
					echo "<div class='row_ip_item'><button class='btn2'>$lang27</button></div>";
				echo "</div>";
				echo "<div id='swapto' style='display:none'>$lessonid</div>"; //  swapto
				echo "<div class='bar'></div>";
				echo "<button class='btn2'>$lang28</button>";
			} else {
				echo "<div style='margin:10px;text-align:center;'>$lang17</div>";	
			}
		} else {
			echo "error";	
		}
	} else {
		echo "error";		
	}
}

if ($operation == "confirmed") {
	$swapfrom = $_POST['swapfrom']; // a lesson id
	$swapto = $_POST['swapto']; // a lesson id
	$swapid = $teachers->generateHash();
	$auth = $_POST['auth']; // a lesson id
	$pars_swapto = $teachers->countLessonParticipants($swapto);
	if ($pars_swapto < 3) { /// amount of people per lesson allowed
		$teachers->removeInvite($swapfrom,$auth);
		$removed = $teachers->removeFromGroupLesson($auth,$swapfrom);
		if ($removed) {
			$add = $teachers->addToGroupLesson($auth,$swapto);
			if ($add) {
				echo "success";
			} else {
				echo "error";	
			}
		} else {
			echo "error";	
		}
	} else {
		// Check if Swap exists
		$isswap = $individuals->isSwap($auth,$swapto);
		if ($isswap) {
			echo "error_exists";
			exit;	
		}
		//
		$accounts = $corporate->getGroupParticipantsByAccID($swapto);
		$schedule_swapto = $corporate->getSpecificLessonInfo($swapto,"start_unix");
		$schedule_swapfrom = $corporate->getSpecificLessonInfo($swapfrom,"start_unix");
		$expiry_opt1 = $schedule_swapfrom-18000;
		$expiry_opt2 = $schedule_swapto-18000;
		if ($expiry_opt1 < $expiry_opt2) {
			$expiry = $expiry_opt1;
		} else {
			$expiry = $expiry_opt2;
		}
		$time = time();
		if ($time > $expiry) { echo "error"; exit; }
		$teacher_swapto = $corporate->getSpecificLessonInfo($swapto,"teacher");
		$teacher_swapfrom = $corporate->getSpecificLessonInfo($swapfrom,"teacher");
		$addswap = $individuals->insertSwapRequest($swapid,$auth,$swapfrom,$swapto,$expiry); /// move out of language for production!
		if ($addswap) {
			foreach ($accounts as $acc) {
				$email = $teachers->getSpecificAccInfo($acc,"email");
				$secemail = $teachers->getSpecificAccInfo($acc,"secemail");
				$nlanguage = $teachers->getSpecificAccInfo($acc,"nlanguage");
				$timezone = $teachers->getSpecificAccInfo($acc,"timezone");
				$fname = $teachers->getSpecificAccInfo($acc,"fname");
				$readabledate_swapto = $teachers->isoDateConverter($schedule_swapto,"ddmmyyyy",$timezone);
				$readabletime_swapto = $teachers->isoDateConverter($schedule_swapto,"ampm",$timezone);
				$readabledate_swapfrom = $teachers->isoDateConverter($schedule_swapfrom,"ddmmyyyy",$timezone);
				$readabletime_swapfrom = $teachers->isoDateConverter($schedule_swapfrom,"ampm",$timezone);
				
				if (empty($secemail)) {
					$to = $email;	
				} else {
					$to = "".$email.",".$secemail."";	
				}
				$rand = rand(10000,99999);
				if ($nlanguage !== "Spanish") {
					$subject = "A Swap Request (#".$rand.")";
					$msg = "Hello ";
					$msg .= $fname;
					$msg .= ", ";
					$msg .= "<p>You have a class swap request. One of your classmates is wondering if you'd be able to take his/her seat in another class.</p>";
					$msg .= "<p>You are currently registered in this class:</p>";
					$msg .= "<p>Date: ";
					$msg .= $readabledate_swapto;
					$msg .= "<br>";
					$msg .= "Time: ";
					$msg .= $readabletime_swapto;
					$msg .= " ";
					$msg .= $timezone;
					$msg .= "<br>";
					$msg .= "Teacher: ";
					$msg .= $teacher_swapto;
					$msg .= "</p>";
					$msg .= "<p>Your classmate has requested your seat in exchange for his/hers in this class:</p>";
					$msg .= "<p>Date: ";
					$msg .= $readabledate_swapfrom;
					$msg .= "<br>";
					$msg .= "Time: ";
					$msg .= $readabletime_swapfrom;
					$msg .= " ";
					$msg .= $timezone;
					$msg .= "<br>";
					$msg .= "Teacher: ";
					$msg .= $teacher_swapfrom;
					$msg .= "</p>";
					$msg .= "<p><strong>Do you wish to cancel your lesson on ".$readabledate_swapto." at ".$readabletime_swapto." and instead join a lesson on ".$readabledate_swapfrom." at ".$readabletime_swapfrom."?</strong></p>";
					$msg .= "<p>If you are willing to swap classes with your classmate, please just follow this link: https://platform.octb.us/individuals/groups/swap/?c=pending&id=";
					$msg .= "".$swapid."&auth=".$acc."";
					$msg .= "</p>";
					$msg .= "<p>As soon as you confirm your swap, your participation in your current class will be cancelled, and you will be added to the proposed lesson. If you have any questions, just reply to this email, and we'll be glad to help.</p>";
					$msg .= "<p>Kind Regards,<br>";
					$msg .= "OCTB Team</p>";
				}
				
				if ($nlanguage == "Spanish") {
					$subject = "Intercambio de clases (#".$rand.")";
					$msg = "Hola ";
					$msg .= $fname;
					$msg .= ", ";
					$msg .= "<p>Usted tiene una solicitud de intercambio de clases. Uno de sus colegas quiere saber si estará dispuesto a tomar su lugar en otra clase, a cambio de su participación en una clase en la cual usted ya se encuentra inscrito.</p>";
					$msg .= "<p><u><strong>Actualmente está inscrito en esta clase:</strong></u></p>";
					$msg .= "<p>Fecha: ";
					$msg .= $readabledate_swapto;
					$msg .= "<br>";
					$msg .= "Hora: ";
					$msg .= $readabletime_swapto;
					$msg .= " ";
					$msg .= $timezone;
					$msg .= "<br>";
					$msg .= "Profesor: ";
					$msg .= $teacher_swapto;
					$msg .= "</p>";
					$msg .= "<p><strong><u>Su colega ha pedido su lugar en esta clase:</strong></u></p>";
					$msg .= "<p>Fecha: ";
					$msg .= $readabledate_swapfrom;
					$msg .= "<br>";
					$msg .= "Hora: ";
					$msg .= $readabletime_swapfrom;
					$msg .= " ";
					$msg .= $timezone;
					$msg .= "<br>";
					$msg .= "Profesor: ";
					$msg .= $teacher_swapfrom;
					$msg .= "</p>";
					$msg .= "<p><strong>¿Desea cancelar su clase del ".$readabledate_swapto." a las ".$readabletime_swapto." e inscribirse en la clase del ".$readabledate_swapfrom." a las ".$readabletime_swapfrom."?</strong></p>";
					$msg .= "<p>Si está dispuesto a cambiar de clases con su colega, sólo siga este enlace por favor: https://platform.octb.us/individuals/groups/swap/?c=pending&lang=es&id=";
					$msg .= "".$swapid."&auth=".$acc."";
					$msg .= "</p>";
					$msg .= "<p>Apenas confirmemos su participación en la clase propuesta, su participación en la clase actual será cancelada. Si tiene alguna pregunta o duda, sólo responda a este email, y con gusto lo ayudaremos.</p>";
					$msg .= "<p>Saludos,<br>";
					$msg .= "El Equipo de OCTB</p>";
				}
				$teachers->emailTest("",$subject,$to,$msg);
			}
		}
	}	
}


?>
@ Telegram