nonsalant / contract Goto Github PK

View Code? Open in Web Editor NEW

498.0 498.0 99.0 606 KB

A signable contract that lives in a single file

Home Page: https://stefanmatei.com/contract-generator/

License: MIT License

PHP 55.95% HTML 7.92% JavaScript 14.70% CSS 21.37% Dockerfile 0.06%

contract's Introduction

Skills

Socials

Support Me

contract's People

Contributors

Stargazers

Watchers

Forkers

pixelpump w33zy khag7 thatleeguy duaneking pyrohawk89 sibahota059 ojengwa zdevil adevildog bradbaris purduekenny samnabi tylermalin jibolso ampg99 hostinggroup jamesleedose mikcx adam8hospitality 0x38 shaiquddin fountain-city-media elasticrack legaleaselabs ondrocks dizzedrewel garrettcadams whelpton mrofi krisjaw miroslavreiss rufkeya kayota2203 bmorelax jtyler22 z0lo13 anaymalpani frode81 develpudu ninjayoto aboutte sam-suresh ggyimah1031 gerry-forde lolh-linc-zz torresdigital adamford8 robbfountain karamkky ddai00bit balajiramachandran kakans rakeshdavid eighthjouster d-kasahara beefmcr atlasoutdoor rustapo ivn-svn berts cesardraw2 nazlukhanyan niele2 arturmeski jschaftenaar bes-r haojiezzz fortunebenn amitabitbul maksimhn technowhizz ddlidded kios19 burhanberger thebarton digitalsathishsundar devdamo kaustubhn danny159 sarangcr03 depra1 bbernicker madisynliberty carolineortiz40 giuppi pekkocreative entrhopi russpalms lasertec maniues iamtutumo haris-khan-durrani ambroisehdn theponyclub thealainpaul amaluasg rire

contract's Issues

404 after signing

I'm not sure what I'm doing wrong, but after signing I get a 404:

The requested URL /index.php was not found on this server.

Any ideas?

Emails not sending after both parties sign

Not sure how to configure this, but I am not receiving emails after the contract is signed.

contract.php can allow malicious code to be uploaded to the server

If an attacker knew the address of an installation of a contract, they could POST any HTML data via the contractdata field, writing it to the HTML file. An attacker could post a malicious piece of code, like an embedded PDF that exploits an Acrobat Reader bug, or an embedded SWF file that exploits a zero-day vulnerability. An attacker could also just post spam, defamatory content, or a page intended to phish user details (like a fake login form). Since the URL of the HTML file is known, the attacker could redirect users to the seemingly legitimate URL.

If an attacker knew what to search for, they could use Google to find publicly available instances of the software and automatically exploit them with a very small automated script.

It is also the case that some shared hosts are configured to execute files with the .html extension as PHP files. An attacker embedding PHP code in the contractdata field could compromise a whole server.

FTP Generate

Hi,

When i try and generate a new contract using the link provided in the readme, clicking the download contact button causes a 'Oops! That page can’t be found.' error.

Seems to be the download.php file cant be found.

It this something that can be fixed?

Also has the code for the generate contract been shared?

Thanks

Bobby.

Laravel - VUEJS

Please rewrite to laravel plus vuejs (inertiajs)

Contract Generated file isn't working

Discussed in #24

^{Originally posted by thealainpaul July 27, 2024}
@nonsalant @sarangcr03 @gilrosenthal @technowhizz @Maniues

The generated file, I have uploaded it to my server. I have attempted to genrate hosting the generator myself as well as using yours. But the genrated file gives me a 404.

I am very interested in making this work!

attached are three samples I have attempted to create. They are just samples: (Update: It won't allow me to upload .php files.)

Also this is the urls to the files after they are uploaded to the server:

And the generator url:

https://powerfulxmarketing.online/contracts/contract-Alain.php
https://powerfulxmarketing.online/contracts/contracts/contract-1cardone.php
https://powerfulxmarketing.online/contracts/contract-1722035815.php)

https://powerfulxmarketing.online/edit.html

And I am using php 8.3 on the Ionos server, the editor works fine, it is just the downloaded file doesn't work when uploaded.

Also if I test the downloaded .php by altering it to an html file and access it locally, it does appear to somewhat work, so I really don't get the issue.

Oh and lastly I have the permissions set to 777.

I also wanted to know, since this is just for purposes of contract, I thought of embedding it into my actual website to show the header and footer. But if someone uses the QR code, then they would not see my header and footr if I embedded via iFrame into a page on my website.

Could you give me ideas on this or implement an ability to add header and footer, to change color from the UI and even possibly a customizable social icons section? Or rather, since you already have the html coding available, is it not possible to have the css coding also availabel within the UI?

I read documentation about changing the CSS but since what I apparently have is shared hosting, and I have ordered VPS (waiting for security to approve) but via shared hosting I am unable to connect with Ubuntu or what is referred to as SSHing to the Host.

I am tech savvy but not much of a coder, this is a huge learning curve for me...

Initial Bullet Points

An added feature that would be perfect is fields for initialing individual points. A waiver that I would like to digitize requires this.

I'll take a look at the source and maybe make a PR.

No Delete, Save PDF to Server?

Could this be modified easily to not delete the contract, then save or email the resulting PDF to the server/contact?

I have an idea for user training and doing completion sign-offs.