Untitled
unknown
php
4 years ago
6.6 kB
5
Indexable
<?php
include_once '../autoloader.php';
session_start();
function EmptyString($str) {
return !(isset($str) && (strlen(trim($str)) > 0)) && $str !== "0";
}
if(isset($_POST['submit-btn']) && isset($_SESSION['customer'])){
$customer = unserialize($_SESSION['customer']);
$filters = array(
"firstName" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
"lastName" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
"gender" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
"addressLine1" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
"addressLine2" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
"postalCode" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
"city" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
"country" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
"state" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
"emailAddress" => array('filter' => FILTER_VALIDATE_EMAIL, 'flags' => FILTER_FLAG_EMAIL_UNICODE),
"voucher" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
"phoneNumber" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
"payment" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
"agreementToTerms" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
"voucher" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK),
"submit-btn" => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_ENCODE_AMP | FILTER_FLAG_STRIP_BACKTICK)
);
$postInfo = filter_input_array(INPUT_POST, $filters);
unset($postInfo['submit-btn']);
foreach($postInfo as $key => $value){
if($key === "voucher") continue;
if($key === "addressLine2" || $key === "phoneNumber" || $key === "state"){
if($value !== false) trim($postInfo[$key]);
else{
header('Location: ../../checkout?err=emptyString1:'.$key);
$_POST = array();
unset($postInfo);
exit();
}
}
else{
if(!EmptyString($postInfo[$key])) trim($postInfo[$key]);
else{
header('Location: ../../checkout?err=emptyString2:'.$key);
$_POST = array();
unset($postInfo);
exit();
}
}
}
$personal_information = new stdClass;
$personal_information->first_name = $postInfo['firstName'];
$personal_information->last_name = $postInfo['lastName'];
$personal_information->gender = $postInfo['gender'];
$personal_information->voucher = $postInfo['voucher'];
$shipping_information = new stdClass;
$shipping_information->address_line1 = $postInfo['addressLine1'];
$shipping_information->address_line2 = $postInfo['addressLine2'];
$shipping_information->postal_code = $postInfo['postalCode'];
$shipping_information->city = $postInfo['city'];
$shipping_information->country = $postInfo['country'];
$shipping_information->state = $postInfo['state'];
$contact_information = new stdClass;
$contact_information->email_address = $postInfo['emailAddress'];
$contact_information->phone_number = $postInfo['phoneNumber'];
$customer->personal_information = $personal_information;
$customer->shipping_information = $shipping_information;
$customer->contact_information = $contact_information;
$customer->order_id = idate("U");
$mailsubject = "NEW ORDER ID : " . $customer->order_id;
$mail = 'Name: '.$customer->personal_information->first_name;
$mail .= ', ';
$mail .= 'Last name: '.$customer->personal_information->last_name;
$mail .= ', ';
$mail .= 'Email: '.$customer->contact_information->email_address;
$mail .= ', ';
$mail .= 'Phone #: '.$customer->contact_information->phone_number;
$mail .= ', ';
$mail .= 'Address 1: '.$customer->shipping_information->address_line1;
$mail .= ', ';
$mail .= 'Address 2: '.$customer->shipping_information->address_line2;
$mail .= ', ';
$mail .= 'City: '.$customer->shipping_information->city;
$mail .= ', ';
$mail .= 'Zip: '.$customer->shipping_information->postal_code;
$mail .= ', ';
$mail .= 'Country: '.$customer->shipping_information->country;
$mail .= ', ';
$mail .= 'Voucher: '.$customer->personal_information->voucher;
// $mail +=';
mail("info@ps5-market.com",$mailsubject,$mail);
if($postInfo['payment'] === "sepa" || $postInfo['payment'] === "creditcard" || $postInfo['payment'] === "crypto"){
$customer->payment_type = $postInfo['payment'];
} else{
header('Location: ../../checkout?err=incorrectPaymentType');
$_POST = array();
unset($postInfo);
exit();
}
header('Location: ../../redirect');
unset($postInfo);
$_SESSION['customer'] = serialize($customer);
exit();
}
else{
header('Location: ../../checkout?err=unvalidated');
$_POST = array();
exit();
}Editor is loading...