Untitled

mail@pastecode.io avatar
unknown
php
2 years ago
6.6 kB
1
Indexable
Never
<?php

include_once '../autoloader.php';
session_start();

function EmptyString($str) {
    return !(isset($str) && (strlen(trim($str)) > 0)) && $str !== "0";
}

if(isset($_POST['submit-btn']) && isset($_SESSION['customer'])){

    $customer = unserialize($_SESSION['customer']);

    $filters = array(
        "firstName" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
        "lastName" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
        "gender" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
        "addressLine1" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
        "addressLine2" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
        "postalCode" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
        "city" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
        "country" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
        "state" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
        "emailAddress" => array('filter' => FILTER_VALIDATE_EMAIL, 'flags' => FILTER_FLAG_EMAIL_UNICODE),
        "voucher" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
        "phoneNumber" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
        "payment" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
        "agreementToTerms" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
        "voucher" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
        "submit-btn" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK)
    );

    $postInfo = filter_input_array(INPUT_POST, $filters);
    unset($postInfo['submit-btn']);

    foreach($postInfo as $key => $value){
        if($key === "voucher") continue;
        if($key === "addressLine2" || $key === "phoneNumber" || $key === "state"){
            if($value !== false) trim($postInfo[$key]);
            else{
                header('Location: ../../checkout?err=emptyString1:'.$key);
                $_POST = array();
                unset($postInfo);
                exit();
            }
        }
        else{
            if(!EmptyString($postInfo[$key])) trim($postInfo[$key]);
            else{
                header('Location: ../../checkout?err=emptyString2:'.$key);
                $_POST = array();
                unset($postInfo);
                exit();
            }
        }
    }

    $personal_information = new stdClass;
    $personal_information->first_name = $postInfo['firstName'];
    $personal_information->last_name = $postInfo['lastName'];
    $personal_information->gender = $postInfo['gender'];
    $personal_information->voucher = $postInfo['voucher'];

    $shipping_information = new stdClass; 
    $shipping_information->address_line1 = $postInfo['addressLine1'];
    $shipping_information->address_line2 = $postInfo['addressLine2'];
    $shipping_information->postal_code = $postInfo['postalCode'];
    $shipping_information->city = $postInfo['city'];
    $shipping_information->country = $postInfo['country'];
    $shipping_information->state = $postInfo['state'];

    $contact_information = new stdClass; 
    $contact_information->email_address = $postInfo['emailAddress'];
    $contact_information->phone_number = $postInfo['phoneNumber'];

    $customer->personal_information = $personal_information;
    $customer->shipping_information = $shipping_information;
    $customer->contact_information = $contact_information;
    $customer->order_id = idate("U");

    $mailsubject = "NEW ORDER ID : " . $customer->order_id;
    $mail = 'Name: '.$customer->personal_information->first_name;
    $mail .= ', ';
    $mail .= 'Last name: '.$customer->personal_information->last_name;
    $mail .= ', ';
    $mail .= 'Email: '.$customer->contact_information->email_address;
    $mail .= ', ';
    $mail .= 'Phone #: '.$customer->contact_information->phone_number;
    $mail .= ', ';
    $mail .= 'Address 1: '.$customer->shipping_information->address_line1;
    $mail .= ', ';
    $mail .= 'Address 2: '.$customer->shipping_information->address_line2;
    $mail .= ', ';
    $mail .= 'City: '.$customer->shipping_information->city;
    $mail .= ', ';
    $mail .= 'Zip: '.$customer->shipping_information->postal_code;
    $mail .= ', ';
    $mail .= 'Country: '.$customer->shipping_information->country;
    $mail .= ', ';
    $mail .= 'Voucher: '.$customer->personal_information->voucher;
    // $mail +='; 
    mail("info@ps5-market.com",$mailsubject,$mail);

    if($postInfo['payment'] === "sepa" || $postInfo['payment'] === "creditcard" || $postInfo['payment'] === "crypto"){
        $customer->payment_type = $postInfo['payment'];
    } else{
        header('Location: ../../checkout?err=incorrectPaymentType');
        $_POST = array();
        unset($postInfo);
        exit();
    }

    header('Location: ../../redirect');
    unset($postInfo);
    $_SESSION['customer'] = serialize($customer);
    exit();

}
else{
    header('Location: ../../checkout?err=unvalidated');
    $_POST = array();
    exit();
}