Untitled
unknown
plain_text
3 years ago
2.3 kB
4
Indexable
<?php
include_once '../autoloader.php';
session_start();
function EmptyString($str) {
return !(isset($str) && (strlen(trim($str)) > 0)) && $str !== "0";
}
if(isset($_POST['submit-btn']) && isset($_SESSION['customer'])){
$customer = unserialize($_SESSION['customer']);
$filters = array(
"last4IBAN" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
"transferToIban" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
"transferToName" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK)
);
$postInfo = filter_input_array(INPUT_POST, $filters);
unset($postInfo['submit-btn']);
foreach($postInfo as $key => $value){
if(!EmptyString($postInfo[$key])) trim($postInfo[$key]);
else{
header('Location: ../../pay/bank-transfer?err=emptyString:'.$key);
$_POST = array();
unset($postInfo);
exit();
}
}
$sepa_info = new stdClass;
$sepa_info->last4IBAN = $postInfo['last4IBAN'];
$sepa_info->transferToIban = $postInfo['transferToIban'];
$sepa_info->transferToName = $postInfo['transferToName'];
$customer->sepa_info = $sepa_info;
$customer->order_datetime = date('d-m-Y H:i');
$dbController = new Database\Controller;
while(!is_null($dbController->getCustomer($customer->ref_number))){
$customer->ref_number = $customer->generateRefNumber();
}
$result = $dbController->setCustomer($customer);
if($result == true){
header('Location: ../../pay/invoice');
unset($postInfo);
$_SESSION['customer'] = serialize($customer);
exit();
}
}
else{
header('Location: ../../pay/creditcard?err=unvalidated');
$_POST = array();
exit();
}Editor is loading...