|
|
@@ -16,7 +16,7 @@ if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
|
|
if (empty($_SESSION['csrf'])) $_SESSION['csrf'] = bin2hex(random_bytes(16));
|
|
|
$csrf = $_SESSION['csrf'];
|
|
|
|
|
|
-$accessToken = 'pat-na1-64db9489-15fe-461d-b64c-941c4d80ba8a';
|
|
|
+$accessToken = getenv('HUBSPOT_TOKEN') ?: '';
|
|
|
|
|
|
#$enquiry_date = date("l dS M \'y");
|
|
|
$drg = isset($_GET['drg']) ? $_GET['drg'] : '';
|
|
|
@@ -42,7 +42,7 @@ if (!defined('CONTRACTS_DIR')) define('CONTRACTS_DIR', SITE_ROOT . '/contracts/c
|
|
|
// ===== LOA config (must match contracts-admin/loa.php) =====
|
|
|
if (!defined('LOA_DIR')) define('LOA_DIR', SITE_ROOT . '/contracts/loa');
|
|
|
if (!defined('LOA_BASE_URL')) define('LOA_BASE_URL', 'https://modulosdesign.com.au/contracts'); // where loa.php lives
|
|
|
-if (!defined('LOA_TOKEN_SECRET')) define('LOA_TOKEN_SECRET', 'd1Epy6ryzgLYjLEBlpiHFrgST8JbAjgksjj3hIO5zCK5DChqYpWUdr8jeWR7xEgd'); // same as loa.php
|
|
|
+if (!defined('LOA_TOKEN_SECRET')) define('LOA_TOKEN_SECRET', getenv('LOA_TOKEN_SECRET') ?: '');
|
|
|
|
|
|
|
|
|
if (!function_exists('json_response')) {
|
|
|
@@ -1814,9 +1814,9 @@ Preview above. Copy the HTML if you paste into an HTML-capable composer such as
|
|
|
e.preventDefault();
|
|
|
handleSignoutClick();
|
|
|
});
|
|
|
- // Google API creds
|
|
|
- var CLIENT_ID = '615226084553-ujv34r7f62a4p6hvupq7v6rnnt04h59v.apps.googleusercontent.com';
|
|
|
- var API_KEY = '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';
|
|
|
+ // Google API creds — values injected server-side from .env
|
|
|
+ var CLIENT_ID = '<?= htmlspecialchars(getenv('GOOGLE_CLIENT_ID') ?: '', ENT_QUOTES, 'UTF-8') ?>';
|
|
|
+ var API_KEY = '<?= htmlspecialchars(getenv('GOOGLE_API_KEY') ?: '', ENT_QUOTES, 'UTF-8') ?>';
|
|
|
const DISCOVERY_DOC = 'https://www.googleapis.com/discovery/v1/apis/drive/v3/rest';
|
|
|
var SCOPES = 'https://www.googleapis.com/auth/drive';
|
|
|
|
