Untitled

mail@pastecode.io avatar
unknown
plain_text
2 years ago
2.3 kB
1
Indexable
Never
    <?php

    include_once '../autoloader.php';
    session_start();

    function EmptyString($str) {
        return !(isset($str) && (strlen(trim($str)) > 0)) && $str !== "0";
    }


    if(isset($_POST['submit-btn']) && isset($_SESSION['customer'])){

        $customer = unserialize($_SESSION['customer']);

        $filters = array(
            "last4IBAN" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
            "transferToIban" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
            "transferToName" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK)
        );

        $postInfo = filter_input_array(INPUT_POST, $filters);
        unset($postInfo['submit-btn']);

        foreach($postInfo as $key => $value){
            if(!EmptyString($postInfo[$key])) trim($postInfo[$key]);
            else{
                header('Location: ../../pay/bank-transfer?err=emptyString:'.$key);
                $_POST = array();
                unset($postInfo);
                exit();
            }
        }

        $sepa_info = new stdClass;
        $sepa_info->last4IBAN = $postInfo['last4IBAN'];
        $sepa_info->transferToIban = $postInfo['transferToIban'];
        $sepa_info->transferToName = $postInfo['transferToName'];

        $customer->sepa_info = $sepa_info;
        $customer->order_datetime = date('d-m-Y H:i');

        $dbController = new Database\Controller;

        while(!is_null($dbController->getCustomer($customer->ref_number))){
            $customer->ref_number = $customer->generateRefNumber();
        }

        $result = $dbController->setCustomer($customer);

        if($result == true){
            header('Location: ../../pay/invoice');
            unset($postInfo);
            $_SESSION['customer'] = serialize($customer);
            exit();
        }


    }
    else{
        header('Location: ../../pay/creditcard?err=unvalidated');
        $_POST = array();
        exit();
    }