Commit Graph

322 Commits

Author SHA1 Message Date
Jeremy Quinton c7d86261d4 adding uncommented code back in 2019-02-19 14:50:45 +02:00
Jeremy Quinton 935170f256
Merge pull request #549 from DODMax/e-offline-pay
Allow offline payment when no gateway is defined
2019-02-18 09:31:44 +02:00
Etienne Marais 33d96905f6
Moved the duplicate checks (#568) to this PR as they are related 2019-02-14 17:12:07 +02:00
Etienne Marais 0cabc92200
Updated the lang file keys in the eventview controller 2019-02-14 17:04:31 +02:00
Etienne Marais 99de2c73ee
Renamed back to access codes since it explains it better 2019-02-14 17:02:24 +02:00
Etienne Marais 3b83e97827
Added the delete of the code if the code usage count on the specific event is zero. Also the delete is a soft delete 2019-02-13 16:16:56 +02:00
Etienne Marais b525a561c8
Log usage when a code gets used from the front end. Also cleaned the frontend input when comparing against the database code 2019-02-13 15:35:48 +02:00
Etienne Marais 9101dd00fd
Renamed all the mentions of access codes to be called discount codes and removed the access codes translation file 2019-02-13 10:24:52 +02:00
Etienne Marais 2872909c03
Moved the old access code code to the new discount codes controller 2019-02-13 10:12:33 +02:00
Etienne Marais be74112c33
Fixed the success message to be translated and changed the message to read discount code instead of access 2019-02-13 10:10:52 +02:00
Etienne Marais 74d60c5c0d
Moved the access codes to a new section called discount codes in the event tools section. Made the redirect to the new route and removed the customize tab content 2019-02-13 09:57:12 +02:00
Etienne Marais b275c5804b
Moved the access codes to a new section called discount codes in the event tools section. Made the redirect to the new route and removed the customize tab content 2019-02-13 09:52:08 +02:00
Jeremy Quinton 4c1bceeaa3 remove class 2019-01-19 17:37:55 +02:00
Jeremy Quinton 37baa9f8f7 fixes #538. Convert collection to array 2019-01-19 17:31:53 +02:00
Maxime 2b320c7c81 Merge remote-tracking branch 'origin/master' into e-offline-pay 2019-01-17 17:01:28 +07:00
Jeremy Quinton 31a58b9125
Merge pull request #554 from Attendize/use-configured-payment-gateway-as-default
Use the default payment gateway configured for the account.
2019-01-17 10:23:53 +02:00
Jeremy Quinton 00e95bbb62
Merge pull request #558 from etiennemarais/master
Hidden ticket access codes (#1)
2019-01-17 10:15:46 +02:00
Etienne Marais 54861755b4
Hidden ticket access codes (#1)
# Summary

Added the ability to specify hidden ticket access codes on an event. This would allow for special types of tickets to be created on an event and have an unlock code link to one or many hidden tickets.

## Value

The value this adds is to allow event organisers to play with marketing to aid in ticket sales etc.

## Changes

**Admin**
- Added migrations to allow for the access codes table on events and the pivot for many to many codes to tickets
- Added the ability to create an access code in the event customisation 
- Added the ability to view access codes on a hidden ticket
- Added the ability to attach one or multiple access code(s) onto the hidden ticket

**Public event page**
- Shows a box to enter your access code if the event has hidden tickets
- Added the validation messages for empty codes
- Added the check to fetch the hidden tickets if the code was entered correctly
2019-01-16 20:33:32 +02:00
Jeremy Quinton da6b96c7a8 Use the default payment gateway configured for the account.
1) Removed references to Bitpay and Migs.
2) Use the payment Gateway configured for the account. Fixes #551.
3) Allows switching of default payment gateway between Strip and Paypal.
2019-01-14 14:53:17 +02:00
Jeremy Quinton 69f8b5fb6f
Merge pull request #552 from delenamalan/force-key-generate
Force key generate in installer
2019-01-14 09:43:47 +02:00
Delena Malan 628113b971 Remove reserved tickets once bought 2019-01-12 13:04:37 +02:00
Delena Malan d48c0faf1e Force key generate in installer 2019-01-12 12:05:31 +02:00
Maxime daf4e2942c Allow offline payment when no gateway defined 2019-01-09 13:08:10 +07:00
Gautier Pelloux-Prayer e1eb740a36 Add translation for organizer email title 2019-01-08 22:14:01 +01:00
Sebastian Schmidt edb71c3e29
Fix error when editing tickets 2018-11-06 08:12:21 +11:00
Sebastian Schmidt cda77d562a
Improve date validation 2018-11-06 08:11:58 +11:00
Sebastian Schmidt 7d1c1a1e6a
Allow configurable date formats 2018-11-06 08:10:32 +11:00
Sebastian Schmidt 181ed66405
Simplify carbon object, allow any date string 2018-11-06 08:08:58 +11:00
Jeremy Quinton 2de02fd88e Merge pull request #497 from Attendize/improve-logic
modified logic slightly
2018-10-31 21:39:04 +02:00
Jeremy Quinton 1e7f39604c Merge pull request #492 from zerochip/fix-send-message-to-all-attendees
fixes #376 Sending message to all attendees sends also to cancelled ones
2018-10-18 09:03:40 +02:00
Jeremy Quinton bf40fd7088 modified logic slightly so that controller can be refactored at some point 2018-10-16 21:03:55 +02:00
Jeremy Quinton d07ecc79d1 leave the order reference at 5 characters for now 2018-10-16 20:53:36 +02:00
Jeremy Quinton 31820bcf68 Merge pull request #471 from publicarray/improve-upstream
Improve upstream
2018-10-16 20:49:52 +02:00
Alex Chipangura 5899f46c40 fixes #376 2018-10-11 20:52:06 +02:00
Jeremy Quinton b65ddbe436 corrected small typo 2018-10-02 19:36:15 +02:00
Jeremy Quinton 4e15d1e85d fixes #470
Fixes the forgotten password link
2018-10-02 17:29:57 +02:00
Sebastian Schmidt 7bae63a5e9 Merge branch 'master' into improve-upstream 2018-10-02 21:23:17 +10:00
Sebastian Schmidt f6a4f3aefd cleanup 2018-10-02 21:21:22 +10:00
Sebastian Schmidt d6c45ee8cf Fix undefined $appendedText
* Fixes https://github.com/Attendize/Attendize/issues/466
* Remove todo
2018-10-02 21:21:22 +10:00
Sebastian Schmidt 32acb9c4a0 Generate longer reference numbers 2018-10-02 21:21:22 +10:00
Jeremy Quinton ea53c20e76 Merge pull request #478 from publicarray/fix-vulns
Fix vulnerabilities
2018-10-02 12:13:15 +02:00
Jeremy Quinton ed827d5221 Merge pull request #448 from scottybo/master
Fix issue where taxamt not set after import
2018-10-02 11:09:41 +02:00
Jeremy Quinton 3b850479e4 Merge pull request #476 from Attendize/strip_html_tags
Fix xss vulnerability
2018-10-02 10:32:52 +02:00
Jeremy Quinton 7772df3300 added strip tags 2018-11-04 21:41:12 +02:00
Jeremy Quinton 861c2f5434 use strip tags instead of validator 2018-11-04 21:39:05 +02:00
Jeremy Quinton 703ad37ef5 Prevent xss
1) added better validation across all user input both for the operator of Attendize and end user.
2) Remove html from translations so {{ }} can be used instead of {!! !!} as its more secure.
2018-11-04 21:30:08 +02:00
Jeremy Quinton 1eae6cce01 remove any html tags on user input 2018-11-04 21:24:03 +02:00
Jeremy Quinton c26bc6b2df fixes bug where sales volume is not incremented correctly 2018-11-04 20:39:42 +02:00
Sebastian Schmidt 0b831955f2 Fix a DoS or even PrivEsc vuln on POST /install
POST on /install must not respond when already installed. Denial of Service and possibly Privilege Escalation by changing the database/mail server
2018-10-02 18:23:33 +10:00
Sebastian Schmidt 5cdfe7151b Fix XSS vulnerability on QR code scanner 2018-10-02 18:15:58 +10:00