Jeremy Quinton
935170f256
Merge pull request #549 from DODMax/e-offline-pay
...
Allow offline payment when no gateway is defined
2019-02-18 09:31:44 +02:00
Etienne Marais
33d96905f6
Moved the duplicate checks ( #568 ) to this PR as they are related
2019-02-14 17:12:07 +02:00
Etienne Marais
0cabc92200
Updated the lang file keys in the eventview controller
2019-02-14 17:04:31 +02:00
Etienne Marais
99de2c73ee
Renamed back to access codes since it explains it better
2019-02-14 17:02:24 +02:00
Etienne Marais
3b83e97827
Added the delete of the code if the code usage count on the specific event is zero. Also the delete is a soft delete
2019-02-13 16:16:56 +02:00
Etienne Marais
b525a561c8
Log usage when a code gets used from the front end. Also cleaned the frontend input when comparing against the database code
2019-02-13 15:35:48 +02:00
Etienne Marais
9101dd00fd
Renamed all the mentions of access codes to be called discount codes and removed the access codes translation file
2019-02-13 10:24:52 +02:00
Etienne Marais
2872909c03
Moved the old access code code to the new discount codes controller
2019-02-13 10:12:33 +02:00
Etienne Marais
be74112c33
Fixed the success message to be translated and changed the message to read discount code instead of access
2019-02-13 10:10:52 +02:00
Etienne Marais
74d60c5c0d
Moved the access codes to a new section called discount codes in the event tools section. Made the redirect to the new route and removed the customize tab content
2019-02-13 09:57:12 +02:00
Etienne Marais
b275c5804b
Moved the access codes to a new section called discount codes in the event tools section. Made the redirect to the new route and removed the customize tab content
2019-02-13 09:52:08 +02:00
Jeremy Quinton
4c1bceeaa3
remove class
2019-01-19 17:37:55 +02:00
Jeremy Quinton
37baa9f8f7
fixes #538 . Convert collection to array
2019-01-19 17:31:53 +02:00
Maxime
2b320c7c81
Merge remote-tracking branch 'origin/master' into e-offline-pay
2019-01-17 17:01:28 +07:00
Jeremy Quinton
31a58b9125
Merge pull request #554 from Attendize/use-configured-payment-gateway-as-default
...
Use the default payment gateway configured for the account.
2019-01-17 10:23:53 +02:00
Jeremy Quinton
00e95bbb62
Merge pull request #558 from etiennemarais/master
...
Hidden ticket access codes (#1 )
2019-01-17 10:15:46 +02:00
Etienne Marais
54861755b4
Hidden ticket access codes ( #1 )
...
# Summary
Added the ability to specify hidden ticket access codes on an event. This would allow for special types of tickets to be created on an event and have an unlock code link to one or many hidden tickets.
## Value
The value this adds is to allow event organisers to play with marketing to aid in ticket sales etc.
## Changes
**Admin**
- Added migrations to allow for the access codes table on events and the pivot for many to many codes to tickets
- Added the ability to create an access code in the event customisation
- Added the ability to view access codes on a hidden ticket
- Added the ability to attach one or multiple access code(s) onto the hidden ticket
**Public event page**
- Shows a box to enter your access code if the event has hidden tickets
- Added the validation messages for empty codes
- Added the check to fetch the hidden tickets if the code was entered correctly
2019-01-16 20:33:32 +02:00
Jeremy Quinton
da6b96c7a8
Use the default payment gateway configured for the account.
...
1) Removed references to Bitpay and Migs.
2) Use the payment Gateway configured for the account. Fixes #551 .
3) Allows switching of default payment gateway between Strip and Paypal.
2019-01-14 14:53:17 +02:00
Jeremy Quinton
69f8b5fb6f
Merge pull request #552 from delenamalan/force-key-generate
...
Force key generate in installer
2019-01-14 09:43:47 +02:00
Delena Malan
628113b971
Remove reserved tickets once bought
2019-01-12 13:04:37 +02:00
Delena Malan
d48c0faf1e
Force key generate in installer
2019-01-12 12:05:31 +02:00
Maxime
daf4e2942c
Allow offline payment when no gateway defined
2019-01-09 13:08:10 +07:00
Sebastian Schmidt
edb71c3e29
Fix error when editing tickets
2018-11-06 08:12:21 +11:00
Sebastian Schmidt
cda77d562a
Improve date validation
2018-11-06 08:11:58 +11:00
Sebastian Schmidt
7d1c1a1e6a
Allow configurable date formats
2018-11-06 08:10:32 +11:00
Sebastian Schmidt
181ed66405
Simplify carbon object, allow any date string
2018-11-06 08:08:58 +11:00
Jeremy Quinton
bf40fd7088
modified logic slightly so that controller can be refactored at some point
2018-10-16 21:03:55 +02:00
Jeremy Quinton
31820bcf68
Merge pull request #471 from publicarray/improve-upstream
...
Improve upstream
2018-10-16 20:49:52 +02:00
Jeremy Quinton
4e15d1e85d
fixes #470
...
Fixes the forgotten password link
2018-10-02 17:29:57 +02:00
Sebastian Schmidt
7bae63a5e9
Merge branch 'master' into improve-upstream
2018-10-02 21:23:17 +10:00
Sebastian Schmidt
f6a4f3aefd
cleanup
2018-10-02 21:21:22 +10:00
Sebastian Schmidt
d6c45ee8cf
Fix undefined $appendedText
...
* Fixes https://github.com/Attendize/Attendize/issues/466
* Remove todo
2018-10-02 21:21:22 +10:00
Jeremy Quinton
ea53c20e76
Merge pull request #478 from publicarray/fix-vulns
...
Fix vulnerabilities
2018-10-02 12:13:15 +02:00
Jeremy Quinton
ed827d5221
Merge pull request #448 from scottybo/master
...
Fix issue where taxamt not set after import
2018-10-02 11:09:41 +02:00
Jeremy Quinton
3b850479e4
Merge pull request #476 from Attendize/strip_html_tags
...
Fix xss vulnerability
2018-10-02 10:32:52 +02:00
Jeremy Quinton
7772df3300
added strip tags
2018-11-04 21:41:12 +02:00
Jeremy Quinton
703ad37ef5
Prevent xss
...
1) added better validation across all user input both for the operator of Attendize and end user.
2) Remove html from translations so {{ }} can be used instead of {!! !!} as its more secure.
2018-11-04 21:30:08 +02:00
Jeremy Quinton
1eae6cce01
remove any html tags on user input
2018-11-04 21:24:03 +02:00
Jeremy Quinton
c26bc6b2df
fixes bug where sales volume is not incremented correctly
2018-11-04 20:39:42 +02:00
Sebastian Schmidt
0b831955f2
Fix a DoS or even PrivEsc vuln on POST /install
...
POST on /install must not respond when already installed. Denial of Service and possibly Privilege Escalation by changing the database/mail server
2018-10-02 18:23:33 +10:00
Sebastian Schmidt
5cdfe7151b
Fix XSS vulnerability on QR code scanner
2018-10-02 18:15:58 +10:00
dsnap1993
d6bada6382
fix bug where postMessageOrder gets datas of orders table
2018-09-29 01:15:57 +09:00
Sebastian Schmidt
6ad529d578
Fix php 7.2 support when ordering tickets
2018-09-22 13:03:19 +10:00
Sebastian Schmidt
2458765463
Increase min password lenght to 8 chars
...
> Verifiers SHALL require subscriber-chosen memorized secrets to be at least 8 characters in length. Verifiers SHOULD permit subscriber-chosen memorized secrets at least 64 characters in length. All printing ASCII [RFC 20] characters as well as the space character SHOULD be acceptable in memorized secrets. Unicode [ISO/ISC 10646] characters SHOULD be accepted as well. To make allowances for likely mistyping, verifiers MAY replace multiple consecutive space characters with a single space character prior to verification, provided that the result is at least 8 characters in length. Truncation of the secret SHALL NOT be performed. For purposes of the above length requirements, each Unicode code point SHALL be counted as a single character.
https://pages.nist.gov/800-63-3/sp800-63b.html#-5112-memorized-secret-verifiers
2018-09-22 13:03:19 +10:00
Scott Bowler
118efbe8ae
Fix issue where taxamt not set after import
2018-09-03 10:49:29 +01:00
Jeremy Quinton
a4fb2519aa
fixed issue with installed when app key is regenerated to make key length 32 characters and not 16
2018-09-02 23:16:40 +02:00
Jeremy Quinton
9d29ce0d2b
Merge pull request #429 from Attendize/better-error-handling
...
Handle errors independently of one another
2018-08-22 16:50:41 +02:00
Jeremy Quinton
5f2c4c8ac9
Merge pull request #424 from Attendize/upgrade-laravel-5.6
...
Upgrading to Laravel 5.6
2018-08-21 12:55:31 +02:00
Jeremy Quinton
5087218306
Removed setFetchMode function
...
Laravel 5.4 removed support for setFetchMode so convert array of object to array of arrays manually.
2018-08-21 12:38:00 +02:00
Jeremy Quinton
afc50a04b8
Mark order as paid if ticket price is zero
...
When inviting an attendee if the ticket price is free mark the order as paid to prevent orders being marked as unpaid
2018-08-17 16:54:03 +02:00