Beispiel #1
0
 public function create()
 {
     $user = $this->session->get_user();
     if (!$user->is_admin()) {
         throw new Lib\Exceptions\UnauthorizedException();
     }
     $args = $this->request->args;
     $name = Validate::plaintext($args['name']);
     $price = Validate::udouble($args['price']);
     $quantity = Validate::uint($args['quantity']);
     $image_url = Validate::image_url($args['image_url']);
     $product = Product::create($name, $price, $quantity, $image_url);
     $this->response->set_header(Lib\Response::HTTP_CREATED);
     $this->response->set('product', $product);
 }
Beispiel #2
0
 public function hackable_create()
 {
     $args = $this->request->args;
     $token = $_COOKIE['user_token'];
     $user = User::retrieve_by_token(Validate::token($token));
     $username = $user->username;
     $total = Validate::udouble($args['total']);
     $products = $args['products'];
     foreach ($products as $id => $quantity) {
         Product::decrease_quantity(Validate::uint($id), Validate::uint($quantity));
     }
     $order = Order::create($username, $total);
     $this->response->set_header(Lib\Response::HTTP_CREATED);
     $this->response->set('order', $order);
 }