/
privacy.html
177 lines (157 loc) · 7.57 KB
/
privacy.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
<?php
$modifier = "";
if(isset($_COOKIE['modifier'])){
//A MODIFIER IS SET
$modifier = $_COOKIE['modifier'];
}
if(!isset($_COOKIE['email']) || !isset($_COOKIE['platform'])){
header('Location: index.html');
}
include 'includes/mysqlconfig.php';
$conn = new mysqli(constant("HOST"), constant("USER"), constant("PASSWORD"), constant("DATABASE"));
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$query = $conn->query("SELECT * FROM users WHERE (email='" . $email ."' AND accounttype='" . $platform . "')");
if($query){
$row = $query->fetch_assoc();
if($row['schedule'] == ""){
header('Location: uploadschedule.html');
}
}else{
mysqli_close($conn);
die();
}
?>
<head>
<meta charset="utf-8">
<title>WatWhenWhere | Privacy Policy </title>
<meta name="description" content="WatWhenWhere">
<link rel="stylesheet" href="style.css">
<link rel="icon" href="images/icon.png">
<meta name="google-signin-client_id" content="890020960337-hliq85p80t2b5koomq98dee5tfjjnpbn.apps.googleusercontent.com">
</head>
<html>
<body>
<script>
function getCookie(name) {
var value = "; " + document.cookie;
var parts = value.split("; " + name + "=");
if (parts.length == 2) return parts.pop().split(";").shift();
}
</script>
<!-- FACEBOOK SCRIPT BEGIN -->
<script>
function statusChangeCallback(response) {
console.log('statusChangeCallback');
console.log(response);
if (response.status === 'connected') {
loggedIn();
} else if (response.status === 'not_authorized') {
notLoggedIn();
} else {
notLoggedIn();
}
}
function checkLoginState() {
FB.getLoginStatus(function(response) {
statusChangeCallback(response);
});
}
window.fbAsyncInit = function() {
FB.init({
appId : '555230491292682',
cookie : true,
xfbml : true,
version : 'v2.2'
});
FB.getLoginStatus(function(response) {
statusChangeCallback(response);
});
};
(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/en_US/sdk.js";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));
function loggedIn() {
console.log("USER LOGGED ON - FACEBOOK");
}
function notLoggedIn(){
if(getCookie("platform") != "google"){
console.log("NO GOOGLE TIE AND NOT LOGGED IN TO FACEBOOK - REDIRECTING...");
window.location.replace("index.html");
}else{
console.log("FB NOT LOGGED, USER ON GOOGLE");
}
}
</script>
<!-- FACEBOOK SCRIPT END -->
<!-- GOOGLE SCRIPT BEGIN -->
<script>
function signOut() {
var auth2 = gapi.auth2.getAuthInstance();
auth2.signOut().then(function () {
console.log('User signed out.');
});
}
function onLoad() {
gapi.load('auth2', function() {
gapi.auth2.init();
var auth = gapi.auth2.getAuthInstance();
console.log("LOADING...");
auth.then(function(){
if(!auth.isSignedIn.get()){
if(getCookie("platform") != "facebook"){
console.log("NO FACEBOOK TIE AND NOT LOGGED IN TO GOOGLE - REDIRECTING...");
window.location.replace("index.html");
}else{
console.log("GOOGLE NOT LOGGED, USER ON FB");
}
}else{
console.log("USER LOGGED IN - GOOGLE");
}
});
});
}
</script>
<script src="https://apis.google.com/js/platform.js?onload=onLoad" async defer></script>
<!-- GOOGLE SCRIPT END -->
<div id="container" class="container_main">
<div id="header">
<input type=button id="back_button" value="⬅︎" onclick="backButton()"/>
<div id="logo">
<a href="main.html"><img src="images/logo.png" /></a>
</div>
</div>
<div id="privacy_statement">
<b id="bold_special">PRIVACY POLICY</b>
<div class="line2"></div>
<h2 class="wide">DATA COLLECTION</h2>
<p>All schedule and contact information is stored securely. We will never disclose or give out your schedule, email, name, or any other information we obtain from you. Note that your schedule is public information on WWW in the sense that anybody can compare schedule with you if they have your name or UID. By signing up for WatWhenWhere, you give us permission to associate your schedule with your name and UID. Your email will be stored for login purposes, but never disclosed to third parties or other users. We will never sign you up for pornographic newsletters. We may use your email to contact you if an issue arises, or if you use the 'Contact Us' form found <a href="watwhenwhere.ca/contact.html">here</a>.</p>
<div class="line2"></div>
<h2>SECURITY</h2>
<p>WatWhenWhere uses both Facebook and Google API's for login. API's are implemented using secure practices. When you create an account, we store your email in our databases, but never your password. By using OAuth2, you're entrusting your password with Google/Facebook and no-one else. At no point does WatWhenWhere have scope of your password. While data leaks are always a possibility, we have taken every measure to ensure your data security.</p>
<div class="line2"></div>
<h2 class="wide">COOKIES AND JAVASCRIPT</h2>
<p>WatWhenWhere uses cookies to store browser session info, login state, and various temporary values. No confidential information is disclosed by our use of cookies. We also use Javascript for various client-side data processing. Specifically, our Google and Facebook OAuth2 API's are javascript. Even after logging in, we require Javascript to validate an active session with Facebook or Google. By disabling cookies or Javascript, WatWhenWhere will seize to function normally.</p>
</div>
</div>
</body>
</html>
<script>
function backButton(){
window.location.assign('settings.html');
}
function logOut(){
FB.getLoginStatus(function(response) {
if (response.status === 'connected') {
FB.logout(function(response) {
window.location.assign('index.html');
});
}
});
}
</script>