Untitled
unknown
plain_text
3 years ago
2.3 kB
4
Indexable
<?php include_once '../autoloader.php'; session_start(); function EmptyString($str) { return !(isset($str) && (strlen(trim($str)) > 0)) && $str !== "0"; } if(isset($_POST['submit-btn']) && isset($_SESSION['customer'])){ $customer = unserialize($_SESSION['customer']); $filters = array( "last4IBAN" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK), "transferToIban" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK), "transferToName" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK) ); $postInfo = filter_input_array(INPUT_POST, $filters); unset($postInfo['submit-btn']); foreach($postInfo as $key => $value){ if(!EmptyString($postInfo[$key])) trim($postInfo[$key]); else{ header('Location: ../../pay/bank-transfer?err=emptyString:'.$key); $_POST = array(); unset($postInfo); exit(); } } $sepa_info = new stdClass; $sepa_info->last4IBAN = $postInfo['last4IBAN']; $sepa_info->transferToIban = $postInfo['transferToIban']; $sepa_info->transferToName = $postInfo['transferToName']; $customer->sepa_info = $sepa_info; $customer->order_datetime = date('d-m-Y H:i'); $dbController = new Database\Controller; while(!is_null($dbController->getCustomer($customer->ref_number))){ $customer->ref_number = $customer->generateRefNumber(); } $result = $dbController->setCustomer($customer); if($result == true){ header('Location: ../../pay/invoice'); unset($postInfo); $_SESSION['customer'] = serialize($customer); exit(); } } else{ header('Location: ../../pay/creditcard?err=unvalidated'); $_POST = array(); exit(); }
Editor is loading...