import backup

2026-03-11 13:42:32 +01:00 · 2026-03-11 13:42:32 +01:00 · 119c98edab
commit 119c98edab
parent f49c9d7712
73 changed files with 5687 additions and 2 deletions
--- a/backup/260311/api/.env
+++ b/backup/260311/api/.env
@ -0,0 +1,12 @@
+# Configuration Brevo API
+# ATTENTION : Ce fichier contient des informations sensibles
+# Ne JAMAIS commiter ce fichier dans Git
+
+# Clé API Brevo
+BREVO_API_KEY=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
+
+# ID de la liste de contacts Brevo
+BREVO_LIST_ID=2
+
+# Origines autorisées pour CORS
+ALLOWED_ORIGINS=*
--- a/backup/260311/api/.htaccess
+++ b/backup/260311/api/.htaccess
@ -0,0 +1,9 @@
+# Protection du dossier cache
+<Files "cache/*">
+    Deny from all
+</Files>
+
+# Autoriser uniquement l'accès au proxy PHP
+<FilesMatch "donorbox-proxy\.php$">
+    Allow from all
+</FilesMatch>
--- a/backup/260311/api/brevo-config.php
+++ b/backup/260311/api/brevo-config.php
@ -0,0 +1,31 @@
+<?php
+// Load environment variables from .env file
+$env_file = __DIR__ . '/.env';
+
+if (file_exists($env_file)) {
+    $lines = file($env_file, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
+    foreach ($lines as $line) {
+        if (strpos(trim($line), '#') === 0) continue;
+
+        if (strpos($line, '=') !== false) {
+            list($key, $value) = explode('=', $line, 2);
+            $key = trim($key);
+            $value = trim($value, '"\'');
+
+            putenv("$key=$value");
+            $_ENV[$key] = $value;
+            $_SERVER[$key] = $value;
+        }
+    }
+}
+
+define('BREVO_API_KEY', getenv('BREVO_API_KEY') ?: '');
+define('BREVO_LIST_ID', (int)(getenv('BREVO_LIST_ID') ?: 2)); // Must be int, not string
+define('BREVO_API_URL', 'https://api.brevo.com/v3/contacts');
+
+if (empty(BREVO_API_KEY)) {
+    error_log('[BREVO] API key not configured');
+}
+
+$allowed_origins = getenv('ALLOWED_ORIGINS') ? explode(',', getenv('ALLOWED_ORIGINS')) : ['*'];
+define('ALLOWED_ORIGINS', $allowed_origins);
--- a/backup/260311/api/brevo-newsletter-proxy.php
+++ b/backup/260311/api/brevo-newsletter-proxy.php
@ -0,0 +1,154 @@
+<?php
+require_once __DIR__ . '/brevo-config.php';
+
+header('Content-Type: application/json');
+
+$origin = $_SERVER['HTTP_ORIGIN'] ?? '';
+if (in_array('*', ALLOWED_ORIGINS) || in_array($origin, ALLOWED_ORIGINS)) {
+    header('Access-Control-Allow-Origin: ' . (in_array('*', ALLOWED_ORIGINS) ? '*' : $origin));
+} else {
+    header('Access-Control-Allow-Origin: ' . (ALLOWED_ORIGINS[0] ?? '*'));
+}
+
+header('Access-Control-Allow-Methods: POST, OPTIONS');
+header('Access-Control-Allow-Headers: Content-Type');
+
+if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
+    http_response_code(200);
+    exit();
+}
+
+if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
+    http_response_code(405);
+    echo json_encode(['error' => 'Method not allowed']);
+    exit();
+}
+
+if (empty(BREVO_API_KEY)) {
+    http_response_code(500);
+    echo json_encode([
+        'error' => 'Server configuration error',
+        'message' => 'Brevo API key not configured'
+    ]);
+    exit();
+}
+
+$input = file_get_contents('php://input');
+$data = json_decode($input, true);
+
+if (!isset($data['email']) || empty($data['email'])) {
+    http_response_code(400);
+    echo json_encode(['error' => 'Email required']);
+    exit();
+}
+
+$email = filter_var($data['email'], FILTER_VALIDATE_EMAIL);
+if ($email === false) {
+    http_response_code(400);
+    echo json_encode(['error' => 'Invalid email']);
+    exit();
+}
+
+$brevoData = [
+    'email' => $email,
+    'listIds' => [BREVO_LIST_ID],
+    'updateEnabled' => true
+];
+
+// Only include attributes if provided and not empty
+if (isset($data['attributes']) && is_array($data['attributes']) && !empty($data['attributes'])) {
+    $brevoData['attributes'] = $data['attributes'];
+}
+
+$ch = curl_init();
+
+curl_setopt_array($ch, [
+    CURLOPT_URL => BREVO_API_URL,
+    CURLOPT_RETURNTRANSFER => true,
+    CURLOPT_POST => true,
+    CURLOPT_POSTFIELDS => json_encode($brevoData),
+    CURLOPT_HTTPHEADER => [
+        'Content-Type: application/json',
+        'api-key: ' . BREVO_API_KEY,
+        'User-Agent: Index-NGO-Newsletter'
+    ],
+    CURLOPT_TIMEOUT => 10,
+    CURLOPT_SSL_VERIFYPEER => true
+]);
+
+$response = curl_exec($ch);
+$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+$curlError = curl_error($ch);
+curl_close($ch);
+
+if ($response === false) {
+    http_response_code(500);
+    echo json_encode([
+        'error' => 'Connection error',
+        'details' => $curlError
+    ]);
+    exit();
+}
+
+$responseData = json_decode($response, true);
+
+switch ($httpCode) {
+    case 201:
+    case 204:
+        http_response_code(200);
+        echo json_encode([
+            'success' => true,
+            'message' => 'Successfully subscribed',
+            'email' => $email
+        ]);
+        break;
+
+    case 400:
+        http_response_code(400);
+        $isDuplicate = isset($responseData['code']) && $responseData['code'] === 'duplicate_parameter';
+
+        echo json_encode([
+            'error' => $isDuplicate ? 'email_already_exists' : 'invalid_data',
+            'message' => $isDuplicate
+                ? 'This email is already subscribed to our newsletter.'
+                : 'Invalid email address.',
+            'user_message' => $isDuplicate
+                ? 'You are already subscribed!'
+                : 'Please check your email address.'
+        ]);
+        break;
+
+    case 401:
+        http_response_code(500);
+        $isIpIssue = isset($responseData['code']) && $responseData['code'] === 'unauthorized'
+                     && strpos($responseData['message'] ?? '', 'IP address') !== false;
+
+        echo json_encode([
+            'error' => $isIpIssue ? 'ip_not_authorized' : 'invalid_api_key',
+            'message' => $isIpIssue
+                ? 'Server IP not authorized on Brevo'
+                : 'Invalid API key',
+            'user_message' => 'A technical error occurred. Please try again later.',
+            'admin_info' => $responseData['message'] ?? null
+        ]);
+        break;
+
+    case 404:
+        http_response_code(500);
+        echo json_encode([
+            'error' => 'list_not_found',
+            'message' => 'Contact list not found',
+            'user_message' => 'A technical error occurred. Please try again later.'
+        ]);
+        break;
+
+    default:
+        http_response_code($httpCode);
+        echo json_encode([
+            'error' => 'api_error',
+            'message' => 'Error communicating with subscription service',
+            'user_message' => 'An error occurred. Please try again.',
+            'http_code' => $httpCode
+        ]);
+        break;
+}
--- a/backup/260311/api/cache/donorbox_data.json
+++ b/backup/260311/api/cache/donorbox_data.json
@ -0,0 +1,8 @@
+{
+    "total_raised": "35871.03",
+    "goal_amt": "50000.0",
+    "currency": "eur",
+    "donations_count": 537,
+    "campaign_name": "Soutenez Index avant le 31 d\u00e9cembre 2025 !",
+    "updated_at": "2026-03-11T06:58:07+01:00"
+}
--- a/backup/260311/api/donorbox-proxy.php
+++ b/backup/260311/api/donorbox-proxy.php
@ -0,0 +1,150 @@
+<?php
+/**
+ * Proxy pour l'API Donorbox
+ * Évite les problèmes CORS en faisant l'appel API côté serveur
+ */
+
+// Configuration CORS pour permettre les appels depuis votre domaine
+header('Content-Type: application/json');
+// IMPORTANT SÉCURITÉ : Remplacer '*' par votre domaine exact en production
+// Exemple : header('Access-Control-Allow-Origin: https://www.index.ngo');
+// Actuellement '*' permet à N'IMPORTE QUEL site d'utiliser votre clé API Donorbox
+header('Access-Control-Allow-Origin: *');
+header('Access-Control-Allow-Methods: GET');
+header('Access-Control-Allow-Headers: Content-Type');
+
+// Gestion des requêtes OPTIONS (preflight)
+if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
+    http_response_code(200);
+    exit();
+}
+
+// Vérification que c'est bien une requête GET
+if ($_SERVER['REQUEST_METHOD'] !== 'GET') {
+    http_response_code(405);
+    echo json_encode(['error' => 'Méthode non autorisée']);
+    exit();
+}
+
+// Configuration de l'API Donorbox
+define('DONORBOX_EMAIL', 'contact@index.ngo');
+define('DONORBOX_API_KEY', 'Q5oiaoxPwA5C2s1iafh_pihynM_5HOZbMZz6QwjVx2aLhWijOPI9rw');
+define('CAMPAIGN_SLUG', 'soutenir-index-2025-don'); // Slug de la campagne à filtrer
+define('DONORBOX_API_URL', 'https://donorbox.org/api/v1/campaigns');
+
+// Gestion du cache (5 minutes)
+$cacheFile = __DIR__ . '/cache/donorbox_data.json';
+$cacheTime = 300; // 5 minutes en secondes
+
+// Vérifier si le cache existe et est valide
+if (file_exists($cacheFile) && (time() - filemtime($cacheFile) < $cacheTime)) {
+    // Utiliser le cache
+    $cachedData = file_get_contents($cacheFile);
+    echo $cachedData;
+    exit();
+}
+
+// Appel à l'API Donorbox avec Basic Auth (--user format)
+$ch = curl_init();
+
+curl_setopt_array($ch, [
+    CURLOPT_URL => DONORBOX_API_URL,
+    CURLOPT_RETURNTRANSFER => true,
+    CURLOPT_USERPWD => DONORBOX_EMAIL . ':' . DONORBOX_API_KEY, // Format --user de cURL
+    CURLOPT_HTTPAUTH => CURLAUTH_BASIC,
+    CURLOPT_HTTPHEADER => [
+        'Content-Type: application/json',
+        'User-Agent: Index-NGO-Website'
+    ],
+    CURLOPT_TIMEOUT => 10,
+    CURLOPT_SSL_VERIFYPEER => true
+]);
+
+$response = curl_exec($ch);
+$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+$curlError = curl_error($ch);
+
+curl_close($ch);
+
+// Gestion des erreurs
+if ($response === false) {
+    http_response_code(500);
+    echo json_encode([
+        'error' => 'Erreur de connexion à Donorbox',
+        'details' => $curlError
+    ]);
+    exit();
+}
+
+if ($httpCode !== 200) {
+    http_response_code($httpCode);
+    echo json_encode([
+        'error' => 'Erreur API Donorbox',
+        'http_code' => $httpCode,
+        'response' => json_decode($response)
+    ]);
+    exit();
+}
+
+// Décoder et valider la réponse
+$campaigns = json_decode($response, true);
+
+if (json_last_error() !== JSON_ERROR_NONE) {
+    http_response_code(500);
+    echo json_encode([
+        'error' => 'Réponse JSON invalide',
+        'details' => json_last_error_msg()
+    ]);
+    exit();
+}
+
+// Trouver la campagne correspondante par son slug/name
+$campaign = null;
+if (is_array($campaigns)) {
+    foreach ($campaigns as $camp) {
+        // Recherche par slug ou par name
+        if (isset($camp['slug']) && $camp['slug'] === CAMPAIGN_SLUG) {
+            $campaign = $camp;
+            break;
+        }
+        if (isset($camp['name']) && strpos(strtolower($camp['name']), strtolower(CAMPAIGN_SLUG)) !== false) {
+            $campaign = $camp;
+            break;
+        }
+    }
+}
+
+// Si aucune campagne trouvée, utiliser la première ou renvoyer une erreur
+if ($campaign === null) {
+    if (is_array($campaigns) && count($campaigns) > 0) {
+        $campaign = $campaigns[0]; // Prendre la première campagne par défaut
+    } else {
+        http_response_code(404);
+        echo json_encode([
+            'error' => 'Aucune campagne trouvée',
+            'campaigns_count' => is_array($campaigns) ? count($campaigns) : 0
+        ]);
+        exit();
+    }
+}
+
+// Extraire uniquement les données nécessaires
+$filteredData = [
+    'total_raised' => $campaign['total_raised'] ?? 0,
+    'goal_amt' => $campaign['goal_amt'] ?? 50000,
+    'currency' => $campaign['currency'] ?? 'EUR',
+    'donations_count' => $campaign['donations_count'] ?? 0,
+    'campaign_name' => $campaign['name'] ?? 'Unknown',
+    'updated_at' => date('c')
+];
+
+$jsonResponse = json_encode($filteredData, JSON_PRETTY_PRINT);
+
+// Sauvegarder dans le cache
+if (!file_exists(dirname($cacheFile))) {
+    mkdir(dirname($cacheFile), 0755, true);
+}
+file_put_contents($cacheFile, $jsonResponse);
+
+// Retourner la réponse
+echo $jsonResponse;