The DS.M homepage and stuff. https://dontsell.me/site
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

105 lines
4.0 KiB

  1. <?php
  2. require_once __DIR__ . "/settings.php";
  3. require_once __DIR__ . "/database.php";
  4. session_start();
  5. $plan = $_POST['plan'];
  6. if (!isset(PLANS[$plan])) {
  7. header("Location: /#pricing");
  8. die("Invalid plan chosen.");
  9. }
  10. $nouser = true;
  11. $userexists = false;
  12. if (isset($_POST["username"])) {
  13. $nousername = false;
  14. $userexists = $database->has("oc_users", ["uid" => $_POST["username"]]) === TRUE;
  15. }
  16. if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
  17. header("Location: purchase.php?plan=" . $plan . "&err=bademail");
  18. die("Invalid email address.");
  19. }
  20. $renewing = (isset($_POST["renewing"]) && $_POST["renewing"] == "1");
  21. if ($renewing && !$userexists) {
  22. header("Location: purchase.php?plan=" . $plan . "&err=renewinvaliduser");
  23. die("Username doesn't exist.");
  24. } else if (!$renewing && $userexists) {
  25. header("Location: purchase.php?plan=" . $plan . "&err=usernameinvalid");
  26. die("Invalid username.");
  27. }
  28. if ($renewing) {
  29. $hash = $database->get("oc_users", "password", ["uid" => $_POST['username']]);
  30. $hash = explode("|", $hash, 2)[1];
  31. if (!password_verify($_POST["password"], $hash)) {
  32. header("Location: purchase.php?plan=" . $plan . "&err=renewpasswrong");
  33. die("Password incorrect.");
  34. }
  35. } else {
  36. if (strlen($_POST["password"]) < 8) {
  37. header("Location: purchase.php?plan=" . $plan . "&err=shortpassword");
  38. die("Short password.");
  39. }
  40. $passwordFile = '/var/www/nextcloud/apps/password_policy/lists/list-' . strlen($_POST['password']) . '.php';
  41. if (file_exists($passwordFile)) {
  42. $commonPasswords = require_once $passwordFile;
  43. if (isset($commonPasswords[strtolower($_POST['password'])])) {
  44. header("Location: purchase.php?plan=" . $plan . "&err=commonpassword");
  45. die("Password too common.");
  46. }
  47. }
  48. }
  49. $_SESSION['username'] = $_POST['username'];
  50. $_SESSION['password'] = $_POST['password'];
  51. $_SESSION['renewing'] = $renewing;
  52. ?>
  53. <!DOCTYPE HTML>
  54. <title><?php echo SITE_TITLE; ?></title>
  55. <?php
  56. include __DIR__ . '/inc/meta.php';
  57. include __DIR__ . '/inc/piwik.php';
  58. ?>
  59. <!-- Wrapper -->
  60. <div id="wrapper">
  61. <?php include __DIR__ . "/inc/header.php"; ?>
  62. <!-- Section -->
  63. <section id="one" class="main alt">
  64. <header class="accent1">
  65. <h1>Purchase</h1>
  66. </header>
  67. <div class="inner alt">
  68. <div class="content">
  69. <form action="purchase3.php" method="POST">
  70. <?php if (PLANS[$plan]["monthly"] == 0) { ?>
  71. Usually this is where we would take your money<!-- but somebody forgot about the free plan until after coding this thing and he is also lazy -->...
  72. <br />
  73. <button type="submit" class="button">Continue</button>
  74. <?php } else { ?>
  75. Click the button to pay:<br />
  76. <script
  77. src="https://checkout.stripe.com/checkout.js" class="stripe-button"
  78. data-key="<?php echo STRIPE_PK; ?>"
  79. data-amount="<?php echo PLANS[$plan]["monthly"] * 100; ?>"
  80. data-name="Don't Sell.Me"
  81. data-description="<?php echo PLANS[$plan]["name"]; ?> plan, 1 month"
  82. data-email="<?php echo $_POST['email']; ?>"
  83. data-image="https://stripe.com/img/documentation/checkout/marketplace.png"
  84. data-locale="auto"
  85. data-label="Pay with Card"
  86. data-allow-remember-me="false">
  87. </script>
  88. <?php } ?>
  89. <input type="hidden" name="plan" value="<?php echo $plan; ?>" />
  90. <input type="hidden" name="email" value="<?php echo $_POST['email']; ?>" />
  91. </form>
  92. </div>
  93. </div>
  94. </section>
  95. <?php include __DIR__ . "/inc/footer.php"; ?>
  96. </div>
  97. <?php include __DIR__ . "/inc/scripts.php"; ?>