Subversion Repositories PEEPS

#!/usr/bin/perl

# Redirect error messages to a log of my choosing. (it's annoying to filter for errors in the shared env)

#my $error_log_path = $ENV{SERVER_NAME} eq "volunteers.rollercon.com" ? "/home3/rollerco/logs/" : "/tmp/";

#close STDERR;

#open STDERR, '>>', $error_log_path.'vorc_error.log' or warn "Failed to open redirected logfile ($0): $!";

#warn "Redirecting errors to ${error_log_path}vorc_error.log";

use strict;

use PEEPS;

use CGI qw/param header start_html url redirect/;

use CGI::Cookie;

our $h = HTML::Tiny->new( mode => 'html' );

my $dbh = getRCDBH ();

$ENV{HTTPS} = 'ON' if $ENV{SERVER_NAME} =~ /^peeps/;

my $cookie_string = authenticate (1) || die;

my ($EML, $PWD, $LVL) = split /&/, $cookie_string;

my $user = $ORCUSER;

#my $activated = $ORCUSER->{access};

use DateTime;

my $dt = DateTime->today;

$dt =~ s/T00\:00\:00$//;

my ($eligible, $daysremaining);

$user->{policy} = isPersonCovered ($user->{id});

if ($user->{policy}) {

  $daysremaining = remainingPolicyDays ($user->{id}, $user->{policy});

  if ($daysremaining <= 90) {

    $eligible = "renew";

  }

} else {

  $eligible = "new";

}

if (!$eligible) {

  print header (-cookie=>CGI::Cookie->new(-name=>'PEEPSAUTH',-value=>"$cookie_string"));

  printRCHeader("Atttestation");

  print $h->close ("table");

  print $h->h2 ("Not Eligible for Renewal");

  print $h->div ({ style=>"max-width:450px;" }, "You're currently covered by policy $user->{policy}, which has $daysremaining days remaining. You can only renew within the last 90 days of your current policy.", " ");

  print $h->button ({onclick => "window.location.href='/';"}, "Home");

  print $h->close ("BODY", "HTML");

  logit ($user->{id}, "Viewed Attestation page but wasn't eligible to renew.");

  exit;

}

my ($abandoned_checkout) = $dbh->selectrow_array ("select url from square_order where person_id = ? and status = ? order by created desc limit 1", undef, $user->{id}, "DRAFT");

if ($abandoned_checkout) {

  my $cgi = CGI->new();

  logit ($user->{id}, "Returned to abandoned checkout.");

  print $cgi->redirect ($abandoned_checkout);

  exit;

}

my $terms;

foreach (1..8) {

  $terms++ if param ("Term".$_);

}

my $esig = param ("esignature") // "";

if ($terms == 8 and $esig =~ /^\w+$/) {

  # All of the checkboxes were accepted and an eSignature was entered.

  # Create the Square Checkout link and redirect the user there.

  logit ($user->{id}, "Submitted purchase attestation form with all terms accepted and esignature entered.");

  sendToSquare ($esig, $terms);

  exit;

}

print header (-cookie=>CGI::Cookie->new(-name=>'PEEPSAUTH',-value=>"$cookie_string"));

printRCHeader("Atttestation");

print $h->close ("table");

print $h->open ("form", { name => "Attestation", method => "post", action => url });

print $h->input ( { type => "hidden", name => "timezone", id => "TZFIELD", value => "" } );

print $h->div ({ class=>"error" }, "&nbsp;", "ERROR: You must agree to each term to continue.") if $terms and $terms < 8;

print $h->h2 ("Release and Waiver of Liability");

print $h->div ({ style=>"max-width:850px;" }, "RELEASE AND WAIVER OF LIABILITY, ASSUMPTION OF RISK, AND INDEMNITY AGREEMENT (\"Agreement\") IN CONSIDERATION of being permitted to participate this date, in any way, at any time, in Women’s Flat Track Roller Derby (\"Activity\"), I, for myself, my personal representatives, assigns, heirs, and next of kin:");

print $h->ol ({ style=>"max-width:850px;" }, [

  $h->li ("ACKNOWLEDGE, agree, and represent that I understand the nature of this Activity, and that I am qualified, in good health, and in proper physical condition to participate in such Activity. I further agree and warrant that if, at any time, I believe the conditions to be unsafe, I will immediately discontinue further participation in this Activity."),

  $h->li ("FULLY UNDERSTAND that: (a) THIS ACTIVITY INVOLVES RISKS AND DANGERS OF SERIOUS BODILY INJURY, INCLUDING PERMANENT DISABILITY, PARALYSIS, AND DEATH (\"Risks\"); (b) these Risks and dangers may be caused by my own actions or inactions, the actions or inactions of others participating in the Activity, the conditions in which the Activity takes place, or THE NEGLIGENCE OF THE \"RELEASEES\" NAMED BELOW; (c) there may be OTHER RISKS or SOCIAL AND ECONOMIC LOSSES either not known to me or not readily foreseeable at this time; and I FULLY ACCEPT AND ASSUME ALL SUCH RISKS AND ALL RESPONSIBILITY FOR LOSSES, COSTS, AND DAMAGES I incur as a result of my participation, in the Activity."),

  $h->li ("HEREBY RELEASE, DISCHARGE, AND COVENANT NOT TO SUE the sanctioning organization(s), their administrators, directors, agents, officers, members, volunteers, and employees, other participants, officials, rescue personnel, sponsors, advertisers, owners and lessees of Premises on which the Activity is conducted, (each of the forgoing shall be considered one of the RELEASEES herein) FROM ALL LIABILITY, CLAIMS, DEMANDS, LOSSES, OR DAMAGES ON MY ACCOUNT CAUSED, OR ALLEGED TO BE CAUSED, IN WHOLE OR IN PART BY THE NEGLIGENCE OF THE RELEASEES OR OTHERWISE, INCLUDING NEGLIGENT RESCUE OPERATIONS; AND I FURTHER AGREE that if, despite this RELEASE AND WAIVER OF LIABILITY, ASSUMPTION OF RISK, AND INDEMNITY AGREEMENT I, or anyone on my behalf, makes a claim against any of the RELEASEES, I WILL INDEMNIFY, SAVE, AND HOLD HARMLESS EACH OF THE RELEASEES from any litigation expenses, attorney fees, loss, liability, damage, or cost which may be incurred as the result of such claim."),

  ]);

print $h->div ({ style=>"max-width:850px;" }, "I ACKNOWLEDGE THAT I AM OVER THE AGE OF 18 YEARS, HAVE READ THIS AGREEMENT AND FULLY UNDERSTAND ITS TERMS, UNDERSTAND THAT I HAVE GIVEN UP SUBSTANTIAL RIGHTS BY SIGNING IT, HAVE SIGNED IT FREELY AND WITHOUT ANY INDUCEMENT OR ASSURANCE OF ANY NATURE, AND I INTEND IT TO BE A COMPLETE AND UNCONDITIONAL RELEASE OF ALL LIABILITY TO THE GREATEST EXTENT ALLOWED BY LAW AND AGREE THAT IF ANY PORTION OF THIS AGREEMENT IS HELD TO BE INVALID, THE BALANCE, NOTWITHSTANDING, SHALL CONTINUE IN FULL FORCE AND EFFECT.");

print $h->br;

print $h->div ({ style=>"max-width:850px;" }, [

  $h->div ({ class => "lisp0"}, [

    $h->div ({ class=>"liLeft" }, "I have read and agree with the WFTDA Release and Waiver of Liability, Assumption of Risk, and Indemnity Agreement *Click here to download the Release and Waiver of Liability form."),

    $h->div ({ class=>"liRight" }, ["I Agree. ", $h->input ({ type => "checkbox", class => "attest", name => "Term1" })])]),

  $h->h3 ("Accidental Medical"),

  $h->div ({ class => "lisp0", style=>"margin-bottom:1em"}, [

    $h->div ({ class=>"liLeft" }, "I am 18 or older."),

    $h->div ({ class=>"liRight" }, ["I Agree. ", $h->input ({ type => "checkbox", class => "attest", name => "Term2" })])]),

  $h->div ({ class => "lisp0", style=>"margin-bottom:1em"}, [

    $h->div ({ class=>"liLeft" }, "I am obtaining coverage for myself (I may not acquire coverage on behalf of someone else)."),

    $h->div ({ class=>"liRight" }, ["I Agree. ", $h->input ({ type => "checkbox", class => "attest", name => "Term3" })])]),

  $h->div ({ class => "lisp0", style=>"margin-bottom:1em"}, [

    $h->div ({ class=>"liLeft" }, "My league has WFTDA Insurance. I understand I must obtain the same coverage as my league. If I am not affiliated with a league, I understand coverage is only valid when I skate with a WFTDA insured league."),

    $h->div ({ class=>"liRight" }, ["I Agree. ", $h->input ({ type => "checkbox", class => "attest", name => "Term4" })])]),

  $h->div ({ class => "lisp0", style=>"margin-bottom:1em"}, [

    $h->div ({ class=>"liLeft" }, "I understand in order for insurance coverage to be in effect, I must adhere to the applicable Risk Management Guidelines and/or rules for the activity in which I am participating. Failure to do so will result in denial of claims and may result in revocation of coverage."),

    $h->div ({ class=>"liRight" }, ["I Agree. ", $h->input ({ type => "checkbox", class => "attest", name => "Term5" })])]),

  $h->div ({ class => "lisp0", style=>"margin-bottom:1em"}, [

    $h->div ({ class=>"liLeft" }, "I understand if I am injured, I am responsible to submit an injury report, and must do so within 14 days of the date of my injury. I can request injury reports from insurance\@wftda.com. My league may assist me with this, but ultimately, it is my responsibility. Failure to submit an injury report within the allowable grace period will result in the denial of my claim."),

    $h->div ({ class=>"liRight" }, ["I Agree. ", $h->input ({ type => "checkbox", class => "attest", name => "Term6" })])]),

  $h->div ({ class => "lisp0", style=>"margin-bottom:1em"}, [

    $h->div ({ class=>"liLeft" }, "I understand coverage is non-refundable and non-transferable. Coverage only transfers to other WFTDA Insured leagues."),

    $h->div ({ class=>"liRight" }, ["I Agree. ", $h->input ({ type => "checkbox", class => "attest", name => "Term7" })])]),

  $h->div ({ class => "lisp0", style=>"margin-bottom:1em"}, [

    $h->div ({ class=>"liLeft" }, "I understand reckless or negligent behavior that is outside of the confines of game-related contact, including fighting, punching, kicking, or intentional injury, that puts you or any participant at risk is not tolerated, and is grounds for immediate termination of coverage."),

    $h->div ({ class=>"liRight" }, ["I Agree. ", $h->input ({ type => "checkbox", class => "attest", name => "Term8" })])]),

  $h->div ({ class => "lisp0", style=>"margin-bottom:1em"}, [

    $h->div ({ class=>"liLeft" }, "Electronic Signature:&nbsp;&nbsp;".$h->input ({ type => "text", name => "esignature", value => "<enter civil name>", onFocus => "this.value = '';"})),

    $h->div ({ class=>"liRight" }, $h->input ({ type => "submit", id=>"submitButton", disabled=>[], onClick => "if (esignature.value == '' || esignature.value == '<enter civil name>') { return false; }" }))]),

]);

print<<javascript;

<script>

  document.addEventListener('DOMContentLoaded', function() {

    const checkboxes = document.querySelectorAll('.attest');

    const submitButton = document.getElementById('submitButton');

    function checkAllCheckboxes() {

        let allChecked = true;

        checkboxes.forEach(checkbox => {

            if (!checkbox.checked) {

                allChecked = false;

            }

        });

        submitButton.disabled = !allChecked;

    }

    checkboxes.forEach(checkbox => {

        checkbox.addEventListener('change', checkAllCheckboxes);

    });

    // Initial check when the page loads

    checkAllCheckboxes();

  });

  const hiddenField = document.getElementById('TZFIELD');

  hiddenField.value = Intl.DateTimeFormat().resolvedOptions().timeZone;

</script>

javascript

print $h->close ("form"), $h->close ("body"), $h->close ("html");

sub sendToSquare {

  my $esig = shift || return "ERROR: No Signature";

  my $terms = shift // 8;

  my $user_tz = param ("timezone") // 'America/Chicago';

  use REST::Client;

  use JSON;

  use Data::Dumper;

  use UUID::Tiny qw(create_UUID_as_string UUID_V4);

  my $uuid_v4_string = create_UUID_as_string(UUID_V4);

  my $policy = getPolicyByID (1);

  my $client = REST::Client->new();

  $client->setHost (getSetting ("SQUARE_API_HOST"));

  my $headers = {

    "Authorization" => 'Bearer '.getSetting ("SQUARE_AUTH_TOKEN"),

    "Square-Version" => "2025-10-16",

    "Content-Type" => "application/json",

    };

  my $body = {

    "idempotency_key" => "$uuid_v4_string",

    "checkout_options" => {

      "redirect_url"  => url ( -base => 1)."/confirmation",

      "enable_coupon" => JSON::false

    },

#    "quick_pay" => {

#      "name" => $policy->{name},

#      "price_money" => {

#        "amount" => $policy->{fee} * 100,

#        "currency" => "USD"

#      },

#      "location_id" => getSetting ("SQUARE_LOCATION_ID")

#    },

    "order" => {

    	"customer_id" => "$user->{id}",

      "location_id" => getSetting ("SQUARE_LOCATION_ID"),

      "discounts"   => isWFTDAMember ($user->{id}) ? [{

        "name"  => "WFTDA Member Discount",

        "scope" => "ORDER",

#        "type" => "FIXED_AMOUNT",

        "amount_money" => {

          "amount"   => getSetting ("WFTDA_MEMBER_DISCOUNT") * 100,

          "currency" => "USD"

        }

      }] : [],

      "line_items" => [{

        "name" => $policy->{name},

        "quantity" => "1",

        "base_price_money" => {

          "amount" => $policy->{fee} * 100,

          "currency" => "USD"

        },

      }]

    },

    "payment_note" => $user_tz

  };

  my $json_body = encode_json $body;

  $client->POST(

    '/v2/online-checkout/payment-links',

    $json_body,

    $headers

  );

  my $response = from_json($client->responseContent());

#  warn Dumper($response);

#  warn $response->{payment_link}->{url};

  $response->{payment_link}->{created_at} =~ s/T/ /;

  $response->{payment_link}->{created_at} =~ s/Z$//;

  $dbh->do ("insert into square_order

             (square_id, order_id, person_id, url, idempotency_key, created, user_ip, amount, status, attestation)

             values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", undef,

             $response->{payment_link}->{id},

             $response->{payment_link}->{order_id},

             $user->{id},

             $response->{payment_link}->{url},

             $uuid_v4_string,

             $response->{payment_link}->{created_at},

             $ENV{REMOTE_ADDR},

             $policy->{fee},

             $response->{related_resources}->{orders}->[0]->{state},

             $terms." + ".$esig

           ) unless !$response->{payment_link}->{id};

  my $cgi = CGI->new();

  logit ($user->{id}, "Redirected to Square for payment");

  print $cgi->redirect ($response->{payment_link}->{url});

  exit;

}