function callPrefilter($arrData) { $debug = false; // CHECK MANDATORY VALUES in IF if (checkMandatory($arrData)) { //CREATION OF ARRAY BASE WITH BLANK VALUES $arrBase = array('customerId' => '', 'environment' => '', 'requestSource' => '', 'passengerNationality' => '', 'hotelIds' => '', 'cityId' => '', 'channelTypes' => '', 'channels' => '', 'channelWithAutomapping' => '', 'roomOccupancies' => '', 'hotelFilter' => '', 'roomFilter' => ''); //FILL ARRAY BASE WITH DATA $arr = array_replace_recursive($arrBase, $arrData); if ($debug) { echo "VALOR A ENVIAR sin convertir\n"; } if ($debug) { print_r($arr); } //CONVERT ALL THE BOOL FROM INT TO STRING Y or N ///$arrayIndexAfterBool = convertBolleans($arr); if (convertBollean($arr)) { if ($debug) { echo "previous REQUEST TO BOOLEAN 1\n"; } $arrayIndexAfterBool = $arr; } else { return "ERROR in BOOLEAN CONVERTION"; } if ($debug) { echo "VALOR A ENVIAR convertido booleanos\n"; } if ($debug) { print_r($arrayIndexAfterBool); } //CONVERT ARRAY MULTIDIMENSIONAL TO STRING with FORMAT $arrConverted2String = convertRequestArrayToString(array('|', ',', '~', '#'), $arrayIndexAfterBool); if ($debug) { echo "VALOR A ENVIAR convertido a string\n"; } if ($debug) { echo $arrConverted2String; } if ($debug) { echo "\n"; } //SEND REQUEST TO SERVER $answer = request($arrConverted2String); if ($debug) { echo "ANSWER AFTER ANYTHING {$answer} \n"; } //IF CHECKANSWER SAY TRUE THE ANSWER IS CORRECT FORMATED if (checkAnswer($answer)) { //CHECK IF ALL THE VALUE ARE INCLUDED $answerChecked = $answer; } else { if ($debug) { echo "ERROR in ANSWER \n"; } if ($debug) { echo "INCOMPLET REQUEST \n"; } return $answer; } //echo "RESPUESTA DESDE SERVIDOR: $arrString"; if ($debug) { echo "VALOR RECIBIDO en STRING: \n" . $answerChecked . "\n"; } //AFTER TO ANSWER CONVERT STRING TO ARRAY MULTIDIMENSIONAL $answerArray = convertAnswerStringToArray($answerChecked); if ($debug) { echo "VALOR RECIBIDO en ARRAY: \n"; } if ($debug) { print_r($answerArray); } if ($debug) { echo "\n"; } unset($arr); unset($arrBase); unset($arrData); unset($answer); unset($debug); unset($answerChecked); return $answerArray; unset($answerArray); } else { echo "INCOMPLET REQUEST \n"; return "ERROR\n"; } }
$connection = DB::connect($dsn, true); if (DB::isError($connection)) { trigger_error($connection->getMessage(), E_USER_ERROR); } // Check if the user is already logged in if (isset($_SESSION["loginUsername"])) { $_SESSION["message"] = "You are already logged in!"; header("Location: " . S_HOME); exit; } // Register and clear an error array - just in case! if (isset($_SESSION["loginErrors"])) { unset($_SESSION["loginErrors"]); } $_SESSION["loginErrors"] = array(); // Set up a formVars array for the POST variables $_SESSION["loginFormVars"] = array(); foreach ($_POST as $varname => $value) { $_SESSION["loginFormVars"]["{$varname}"] = pearclean($_POST, $varname, 50, $connection); } // Validate password -- has it been provided and is the length between 6 and // 8 characters? if (checkMandatory("loginPassword", "password", "loginErrors", "loginFormVars")) { checkMinAndMaxLength("loginPassword", 6, 8, "password", "loginErrors", "loginFormVars"); } // Validate email -- has it been provided and is it valid? if (checkMandatory("loginUsername", "email/username", "loginErrors", "loginFormVars")) { emailCheck("loginUsername", "email/username", "loginErrors", "loginFormVars"); } // Check if this is a valid user and, if so, log them in checkLogin($_SESSION["loginFormVars"]["loginUsername"], $_SESSION["loginFormVars"]["loginPassword"], $connection);
// Only validate email if this is an INSERT if (!isset($_SESSION["loginUsername"])) { if (checkMandatory("loginUsername", "email/username", "custErrors", "custFormVars") && emailCheck("loginUsername", "email/username", "custErrors", "custFormVars")) { // Check if the email address is already in use in // the winestore $query = "SELECT * FROM users WHERE user_name = \n '{$_SESSION["custFormVars"]["loginUsername"]}'"; $result = $connection->query($query); if (DB::isError($result)) { trigger_error($result->getMessage(), E_USER_ERROR); } if ($result->numRows() == 1) { $_SESSION["custErrors"]["loginUsername"] = "******" . "email address."; } } // Validate password - between 6 and 8 characters if (checkMandatory("loginPassword", "password", "custErrors", "custFormVars")) { checkMinAndMaxLength("loginPassword", 6, 8, "password", "custErrors", "custFormVars"); } } // Now the script has finished the validation, // check if there were any errors if (count($_SESSION["custErrors"]) > 0) { // There are errors. Relocate back to the client form header("Location: " . S_DETAILS); exit; } // Is this an update? if (isset($_SESSION["loginUsername"])) { // Check the user is properly logged in sessionAuthenticate(S_DETAILS); $cust_id = getCust_id($_SESSION["loginUsername"], $connection);
trigger_error($connection->getMessage(), E_USER_ERROR); } // Register an error array - just in case! $_SESSION["ccErrors"] = array(); // Set up a formVars array for the POST variables $_SESSION["ccFormVars"] = array(); foreach ($_POST as $varname => $value) { $_SESSION["ccFormVars"]["{$varname}"] = pearclean($_POST, $varname, 128, $connection); } // Check if mandatory credit card entered if (checkMandatory("creditcard", "SurchargeCard", "ccErrors", "ccFormVars")) { // Validate credit card using Luhn algorithm checkCard("creditcard", "ccErrors", "ccFormVars"); } // Check if mandatory credit card expiry entered if (checkMandatory("expirydate", "expiry date", "ccErrors", "ccFormVars")) { // Validate credit card expiry date checkExpiry("expirydate", "ccErrors", "ccFormVars"); } // Now the script has finished the validation, // check if there were any errors if (count($_SESSION["ccErrors"]) > 0) { // There are errors. Relocate back to step #1 header("Location: " . S_ORDER_1); exit; } // OK to update the order $query = "UPDATE orders SET \n creditcard = '{$_SESSION["ccFormVars"]["creditcard"]}',\n expirydate = '{$_SESSION["ccFormVars"]["expirydate"]}',\n instructions = '{$_SESSION["ccFormVars"]["instructions"]}'\n WHERE cust_id = -1 AND\n order_id = {$_SESSION["order_no"]}"; $result = $connection->query($query); if (DB::isError($result)) { trigger_error($result->getMessage(), E_USER_ERROR);
unset($_SESSION["pwdErrors"]); } $_SESSION["pwdErrors"] = array(); // Set up a formVars array for the POST variables $_SESSION["pwdFormVars"] = array(); foreach ($_POST as $varname => $value) { $_SESSION["pwdFormVars"]["{$varname}"] = pearclean($_POST, $varname, 8, $connection); } // Validate passwords - between 6 and 8 characters if (checkMandatory("currentPassword", "current password", "pwdErrors", "pwdFormVars")) { checkMinAndMaxLength("loginPassword", 6, 8, "current password", "pwdErrors", "pwdFormVars"); } if (checkMandatory("newPassword1", "first new password", "pwdErrors", "pwdFormVars")) { checkMinAndMaxLength("newPassword1", 6, 8, "first new password", "pwdErrors", "pwdFormVars"); } if (checkMandatory("newPassword2", "second new password", "pwdErrors", "pwdFormVars")) { checkMinAndMaxLength("newPassword2", 6, 8, "second new password", "pwdErrors", "pwdFormVars"); } // Did we find no errors? Ok, check the new passwords are the // same, and that the current password is different. // Then, check the current password. if (count($_SESSION["pwdErrors"]) == 0) { if ($_SESSION["pwdFormVars"]["newPassword1"] != $_SESSION["pwdFormVars"]["newPassword2"]) { $_SESSION["pwdErrors"]["newPassword1"] = "The new passwords must match."; } elseif ($_SESSION["pwdFormVars"]["newPassword1"] == $_SESSION["pwdFormVars"]["currentPassword"]) { $_SESSION["pwdErrors"]["newPassword1"] = "The password must change."; } elseif (!authenticateUser($_SESSION["loginUsername"], $_SESSION["pwdFormVars"]["currentPassword"], $connection)) { $_SESSION["pwdErrors"]["currentPassword"] = "******"; } } // Now the script has finished the validation,