feat: updates to voting schedule

[C-Ivan-Bandilla]

Added view state and edit state

Known bugs

Icons on date and time on firefox This was discovered a long time ago

But I want to disclose this

I wasn't able to style the built in input styles in firefox known as pseudo element of shadow dom

Shadow dom are elements that are hidden on normal settings this are the built in elements inserted by the browser here is an example

https://www.reddit.com/r/FirefoxCSS/comments/rebn3s/cant_change_some_shadowdom_properties/

Will still add the mass mail functionality

[gitguardian[bot]]

⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secret in your pull request

| GitGuardian id | GitGuardian status | Secret | Commit | Filename | | | -------------- | ------------------ | ------------------------------ | ---------------- | --------------- | -------------------- | | [13043212](https://dashboard.gitguardian.com/workspace/558516/incidents/13043212?occurrence=160573288) | Triggered | SMTP credentials | 10e75207029a35dc7d874976b342371f3d3694c0 | src/includes/mailer-test.php | [View secret](https://github.com/BSIT-3-1-APPDEV/PUPSRC-AutomatedElectionSystem/commit/10e75207029a35dc7d874976b342371f3d3694c0#diff-7c014e330afeb8f6740ef0b23948f90e2f4ac56301328b1991f074c8c3118f83R36) |

🛠 Guidelines to remediate hardcoded secrets

1. Understand the implications of revoking this secret by investigating where it is used in your code. 2. Replace and store your secret safely. [Learn here](https://blog.gitguardian.com/secrets-api-management?utm_source=product&utm_medium=GitHub_checks&utm_campaign=check_run_comment) the best practices. 3. Revoke and [rotate this secret](https://docs.gitguardian.com/secrets-detection/secrets-detection-engine/detectors/specifics/smtp_assignment#revoke-the-secret?utm_source=product&utm_medium=GitHub_checks&utm_campaign=check_run_comment). 4. If possible, [rewrite git history](https://blog.gitguardian.com/rewriting-git-history-cheatsheet?utm_source=product&utm_medium=GitHub_checks&utm_campaign=check_run_comment). Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data. To avoid such incidents in the future consider - following these [best practices](https://blog.gitguardian.com/secrets-api-management/?utm_source=product&utm_medium=GitHub_checks&utm_campaign=check_run_comment) for managing and storing secrets including API keys and other credentials - install [secret detection on pre-commit](https://docs.gitguardian.com/ggshield-docs/integrations/git-hooks/pre-commit?utm_source=product&utm_medium=GitHub_checks&utm_campaign=check_run_comment) to catch secret before it leaves your machine and ease remediation.

---

^{🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.}

[C-Ivan-Bandilla]

What git guadrdian notified is my smtp password

Added sending mass email when the datetime now is within the close schedule to those verified student Using the test mail in order to not affect the reputation of the official email

Sometimes the email is delayed or blocked Maybe due to sending mass mail consecutively in previous days the reputation of my mail is low prio

will still try to fork this and test on hosting to test if the chron job will work

[C-Ivan-Bandilla]

nevermind I wasn't able to test by creating a new website for there is unknown error or issue https://drive.google.com/file/d/1szQmX0Iy5zaTo5fBx1JZIvEju_TH1LdQ/view?usp=sharing

will just address the issue that the script can be run only if has logged in session when SQL should be runnable because the chronjob will automatically run the script without logging in

or find a method still there is authentication while using chron job

[C-Ivan-Bandilla]

Table added

CREATE TABLE `email_queue` (
  `email_id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT,
  `schedule` datetime NOT NULL,
  `content` blob NOT NULL,
  `status` enum('pending','sent','failed') NOT NULL,
  `push_id` char(64) NOT NULL,
  PRIMARY KEY (`email_id`)
)

Modified votingschedule able

ALTER TABLE election_schedule
ADD push_id char(64) NOT NULL AFTER close;

[C-Ivan-Bandilla]

Email sample draft

[C-Ivan-Bandilla]

This sending the email manually https://drive.google.com/file/d/1t1pR1ugc58mq0lMPI_bF1sJAF0053_3R/view?usp=sharing

NOTE After running the chron job manually may set the org session to piie

[Carl-Tabuso]

Is mass mailing running async in the background upon the closing of voting period, regardless if admin is logged in or not?

[C-Ivan-Bandilla]

My implementation is saving the mass mail data in database for later sending

my initial plan is to have PHP script in cron job folder this PHP file checks if there is an email scheduled for now the scripts check emails on all orgs databases

this PHP will be run every one minute in cron job

if there is scheduled email then the sending will happen automatically if it will work in hostinger

[Carl-Tabuso]

My implementation is saving the mass mail data in database for later sending

my initial plan is to have PHP script in cron job folder this PHP file checks if there is an email scheduled for now the scripts check emails on all orgs databases

this PHP will be run every one minute in cron job

if there is scheduled email then the sending will happen automatically if it will work in hostinger

This mass mailing is an additional functionality/improvement added on top of the closed voting period notif UI to be implemented on login or landing page. And as such, it doesn't concern us much if a user hasn't received an email.

Have you tried this yet again on Hostinger if it's working? I remember in your previous comment that you encountered a problem about its implementation for there is an unknown error or issue.

[C-Ivan-Bandilla]

Have you tried this yet again on Hostinger if it's working? I remember in your previous comment that you encountered a problem about its implementation for there is an unknown error or issue.

Okay Ill try to make it work again

the problem that I mention there is I was trying to test it on hostinger on a separate website but I was unable to login here https://olive-deer-977022.hostingersite.com/

UPDATE: I was able to login now Maybe you fix db configuration ?

[Carl-Tabuso]

the problem that I mention there is I was trying to test it on hostinger on a separate website but I was unable to login here https://olive-deer-977022.hostingersite.com/

I'll check up on this.

[Carl-Tabuso]

I found the issue. Since upon clicking on an org card starts and sets your session, you forgot to change the domain in session-handler.php specifically the domain parameters of session_set_cookie_params().

From

To

It works on my end now.

[C-Ivan-Bandilla]

I was able to make it work however my script in this version is not applicable to hostinger src/cron-jobs/send-email-queue.php

from this github script

This from hostinger

• This now doesn't rely on session superglobal

https://drive.google.com/file/d/1t3TiUF7DkcUMxf0d2oAp3e_wmr2ILI5c/view?usp=sharing chron job is running every minute to check for pending email on all organization

[C-Ivan-Bandilla]

Should the update on sending be addressed on next pr? This pr only queue email for later sending

[Carl-Tabuso]

You choose. I think I can approve of this already. You may push all the changes here on mass mailing or address it on your next pr.

[C-Ivan-Bandilla]

I'd like to address them on next new pr and have an issue ticket for this if needed

[Carl-Tabuso]

Also, I think you're gonna have to do some workarounds on mass mailing because you're using a different credentials for smtp server, right?

[C-Ivan-Bandilla]

Also, I think you're gonna have to do some workarounds on mass mailing because you're using a different credentials for smtp server, right?

Yes, will delete the mailer-test for that and instead use mailer.php

[Carl-Tabuso]

I should remind myself that there's a newly added table here.

[github-actions[bot]]

:tada: This PR is included in version 2.35.0 :tada:

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot :package::rocket:

[C-Ivan-Bandilla]

Here is the alter-voting-schedule.php

create-email-queue.php