Commit Graph

233 Commits

Author SHA1 Message Date
Jeremy Quinton 4c1bceeaa3 remove class 2019-01-19 17:37:55 +02:00
Jeremy Quinton 37baa9f8f7 fixes #538. Convert collection to array 2019-01-19 17:31:53 +02:00
Jeremy Quinton 31a58b9125
Merge pull request #554 from Attendize/use-configured-payment-gateway-as-default
Use the default payment gateway configured for the account.
2019-01-17 10:23:53 +02:00
Jeremy Quinton 00e95bbb62
Merge pull request #558 from etiennemarais/master
Hidden ticket access codes (#1)
2019-01-17 10:15:46 +02:00
Etienne Marais 54861755b4
Hidden ticket access codes (#1)
# Summary

Added the ability to specify hidden ticket access codes on an event. This would allow for special types of tickets to be created on an event and have an unlock code link to one or many hidden tickets.

## Value

The value this adds is to allow event organisers to play with marketing to aid in ticket sales etc.

## Changes

**Admin**
- Added migrations to allow for the access codes table on events and the pivot for many to many codes to tickets
- Added the ability to create an access code in the event customisation 
- Added the ability to view access codes on a hidden ticket
- Added the ability to attach one or multiple access code(s) onto the hidden ticket

**Public event page**
- Shows a box to enter your access code if the event has hidden tickets
- Added the validation messages for empty codes
- Added the check to fetch the hidden tickets if the code was entered correctly
2019-01-16 20:33:32 +02:00
Jeremy Quinton da6b96c7a8 Use the default payment gateway configured for the account.
1) Removed references to Bitpay and Migs.
2) Use the payment Gateway configured for the account. Fixes #551.
3) Allows switching of default payment gateway between Strip and Paypal.
2019-01-14 14:53:17 +02:00
Jeremy Quinton 69f8b5fb6f
Merge pull request #552 from delenamalan/force-key-generate
Force key generate in installer
2019-01-14 09:43:47 +02:00
Delena Malan 628113b971 Remove reserved tickets once bought 2019-01-12 13:04:37 +02:00
Delena Malan d48c0faf1e Force key generate in installer 2019-01-12 12:05:31 +02:00
Sebastian Schmidt edb71c3e29
Fix error when editing tickets 2018-11-06 08:12:21 +11:00
Sebastian Schmidt cda77d562a
Improve date validation 2018-11-06 08:11:58 +11:00
Sebastian Schmidt 7d1c1a1e6a
Allow configurable date formats 2018-11-06 08:10:32 +11:00
Sebastian Schmidt 181ed66405
Simplify carbon object, allow any date string 2018-11-06 08:08:58 +11:00
Jeremy Quinton bf40fd7088 modified logic slightly so that controller can be refactored at some point 2018-10-16 21:03:55 +02:00
Jeremy Quinton 31820bcf68 Merge pull request #471 from publicarray/improve-upstream
Improve upstream
2018-10-16 20:49:52 +02:00
Jeremy Quinton 4e15d1e85d fixes #470
Fixes the forgotten password link
2018-10-02 17:29:57 +02:00
Sebastian Schmidt 7bae63a5e9 Merge branch 'master' into improve-upstream 2018-10-02 21:23:17 +10:00
Sebastian Schmidt f6a4f3aefd cleanup 2018-10-02 21:21:22 +10:00
Sebastian Schmidt d6c45ee8cf Fix undefined $appendedText
* Fixes https://github.com/Attendize/Attendize/issues/466
* Remove todo
2018-10-02 21:21:22 +10:00
Jeremy Quinton ea53c20e76 Merge pull request #478 from publicarray/fix-vulns
Fix vulnerabilities
2018-10-02 12:13:15 +02:00
Jeremy Quinton ed827d5221 Merge pull request #448 from scottybo/master
Fix issue where taxamt not set after import
2018-10-02 11:09:41 +02:00
Jeremy Quinton 3b850479e4 Merge pull request #476 from Attendize/strip_html_tags
Fix xss vulnerability
2018-10-02 10:32:52 +02:00
Jeremy Quinton 7772df3300 added strip tags 2018-11-04 21:41:12 +02:00
Jeremy Quinton 703ad37ef5 Prevent xss
1) added better validation across all user input both for the operator of Attendize and end user.
2) Remove html from translations so {{ }} can be used instead of {!! !!} as its more secure.
2018-11-04 21:30:08 +02:00
Jeremy Quinton 1eae6cce01 remove any html tags on user input 2018-11-04 21:24:03 +02:00
Jeremy Quinton c26bc6b2df fixes bug where sales volume is not incremented correctly 2018-11-04 20:39:42 +02:00
Sebastian Schmidt 0b831955f2 Fix a DoS or even PrivEsc vuln on POST /install
POST on /install must not respond when already installed. Denial of Service and possibly Privilege Escalation by changing the database/mail server
2018-10-02 18:23:33 +10:00
Sebastian Schmidt 5cdfe7151b Fix XSS vulnerability on QR code scanner 2018-10-02 18:15:58 +10:00
dsnap1993 d6bada6382 fix bug where postMessageOrder gets datas of orders table 2018-09-29 01:15:57 +09:00
Sebastian Schmidt 6ad529d578 Fix php 7.2 support when ordering tickets 2018-09-22 13:03:19 +10:00
Sebastian Schmidt 2458765463 Increase min password lenght to 8 chars
> Verifiers SHALL require subscriber-chosen memorized secrets to be at least 8 characters in length. Verifiers SHOULD permit subscriber-chosen memorized secrets at least 64 characters in length. All printing ASCII [RFC 20] characters as well as the space character SHOULD be acceptable in memorized secrets. Unicode [ISO/ISC 10646] characters SHOULD be accepted as well. To make allowances for likely mistyping, verifiers MAY replace multiple consecutive space characters with a single space character prior to verification, provided that the result is at least 8 characters in length. Truncation of the secret SHALL NOT be performed. For purposes of the above length requirements, each Unicode code point SHALL be counted as a single character.

https://pages.nist.gov/800-63-3/sp800-63b.html#-5112-memorized-secret-verifiers
2018-09-22 13:03:19 +10:00
Scott Bowler 118efbe8ae Fix issue where taxamt not set after import 2018-09-03 10:49:29 +01:00
Jeremy Quinton a4fb2519aa fixed issue with installed when app key is regenerated to make key length 32 characters and not 16 2018-09-02 23:16:40 +02:00
Jeremy Quinton 9d29ce0d2b Merge pull request #429 from Attendize/better-error-handling
Handle errors independently of one another
2018-08-22 16:50:41 +02:00
Jeremy Quinton 5f2c4c8ac9 Merge pull request #424 from Attendize/upgrade-laravel-5.6
Upgrading to Laravel 5.6
2018-08-21 12:55:31 +02:00
Jeremy Quinton 5087218306 Removed setFetchMode function
Laravel 5.4 removed support for setFetchMode so convert array of object to array of arrays manually.
2018-08-21 12:38:00 +02:00
Jeremy Quinton afc50a04b8 Mark order as paid if ticket price is zero
When inviting an attendee if the ticket price is free mark the order as paid to prevent orders being marked as unpaid
2018-08-17 16:54:03 +02:00
Jeremy Quinton 68c82e0b34 Moved forgetting session and where events are fired
1. After we have save the order to the database forget the session.
2. Firing events to create and send tickets should only be done after the we have saved the order to the database
2018-08-17 16:15:31 +02:00
Jeremy Quinton ac5ff98f61 Removed migs and coinbase as default payment gateways
Going forward Attendize will only support Stripe and Paypal as defaults. In future we will add instructions on customising Attendize with your own payment gateway.
2018-08-16 15:50:12 +02:00
Jeremy Quinton 8d51cd348f Upgrading to Laravel 5.6
1) Changed method call from lists to pluck.
2) Use set put instead of session set.
3) Removed references to artisan optimize command.
4) Added additionl check to base controller if auth user not set redirect to login.
5) Flush the session on logout.
6) Updated Event and Route service providers to work with Laravel 5.6.
7) Added new default logging config file.
8) Bump PHP versions from 7.0.30 to 7.1.20.
9) Added missing translations.
10) Fixed some issues with the templates.
2018-08-15 13:26:10 +02:00
Scott Bowler 98810ea785 Make sure taxamt gets set 2018-08-13 09:52:40 +01:00
Jeremy Quinton cd213b56b3 Merge branch 'master' into charge-vat-at-organiser-level 2018-07-18 19:37:56 +02:00
Jeremy Quinton 1c7c8be8f7 Finalised Charging V.A.T
1) Added Javascript partial so display and hide of the Charge Tax functionality can be shared.
2) Moved @yield head for the the master without menus layout to the correct place. Using jQuery functionality @head anywhere wouldn't work as the library was included afterwards.
3) Moved the question for organisers about Tax and the labels for tax fields to the language file.
2018-07-11 19:51:11 +02:00
Jeremy Quinton 9b5d61ffdd Added Tax to emails and various views
1) When Taxed is charged display it on the various views where tax should be displayed. Orders Listing Page, Orders Summary page.
2) Use the Order service to display correct values in emails and views.
2018-07-11 13:47:41 +02:00
Jeremy Quinton a588b634b6 added better formatting
1) Omnipay doesn't accept decimals with more than a precision of 2.
2) Once order is created organiser_booking_fee is the correct value to use else use total_booking_fee
3) Controller makes use of OrderService instead of Order Model
2018-07-10 16:50:46 +02:00
Jeremy Quinton c5676bbe45 Improvements to charging Tax
1) Surfaced more logic from from views into service.
2) If charge_tax is set in database tax is charged.
3) Made the name of the Order service OrderService so its not confused with the Order Eloquent Model.
4) Move order totalling logic in to Service and call service where necessary.
2018-07-10 12:19:20 +02:00
Jeremy Quinton b3dae02cef Tax improvements
1) remove logic for calculating Tax out of the blade view and into a service.
2) implemented service in the correct controller.
2018-07-10 10:36:42 +02:00
Jeremy Quinton 2fa609de26 removed var_dump added by mistake 2018-07-09 18:15:48 +02:00
Jeremy Quinton 6771a56197 Added charging tax at the organiser level
1) Added new field to the organiser model called charge_tax. Added the migration for this.
2)  Renamed tax fields columns in the database to be the same as the other organiser fields for consistency.
3) Added charge_tax option to the various organiser create and edit pages.
4) Have re-enabled some tests and used the @group passing label so we can start running tests for the various parts of the applicaiton.
2018-07-09 18:13:23 +02:00
Jeremy Quinton 651ff36f28 Merge branch 'master' into dummy-payment-gateway 2018-07-09 12:37:44 +02:00