protected static function validateInputData($data) { $errors = array(); if (empty($data)) { Error::throwError('ip'); } if (!isset($data['token']) && !isset($data['paymentMethod'])) { $errors[] = Error::$errors['orderInput']['token']; } if (!isset($data['orderDescription'])) { $errors[] = Error::$errors['orderInput']['orderDescription']; } if (!isset($data['amount']) || $data['amount'] > 0 && Utils::isFloat($data['amount'])) { $errors[] = Error::$errors['orderInput']['amount']; } if (!isset($data['currencyCode'])) { $errors[] = Error::$errors['orderInput']['currencyCode']; } if (!isset($data['name'])) { $errors[] = Error::$errors['orderInput']['name']; } if (isset($data['billingAddress']) && !is_array($data['billingAddress'])) { $errors[] = Error::$errors['orderInput']['billingAddress']; } if (isset($data['deliveryAddress']) && !is_array($data['deliveryAddress'])) { $errors[] = Error::$errors['orderInput']['deliveryAddress']; } if (count($errors) > 0) { Error::throwError('ip', implode(', ', $errors)); } }
/** * * @param string $query * @param boolean $callback * @return mixed|PDOStatement */ protected function query($query, $callback = true) { // Préparation & Execution de la requête try { $sth = $this->_database->prepare($query); $sth->execute(); } catch (\PDOException $e) { Error::throwError('Erreur SQL!', "Erreur SQL ! :<br />{$e->getMessage()}"); } // Si il y'a des retours a faire if ($callback) { if ($sth) { $index = 0; // Compteur de résultats $results = array(); // Tableau associatif qui contiendra les résultats de la requète while ($data = $sth->fetch(\PDO::FETCH_ASSOC)) { $results[$index] = $data; $index++; } return $results; } } else { return $sth; } }
/** * * @param string $authLogin * @param string $authPassword * @return boolean */ public static function userLogin($authLogin, $authPassword) { // On assigne les paramètres dans des variables include 'Config.php'; $dbHost = $settings['Database']['Host']; $dbName = $settings['Database']['Name']; $dbUser = $settings['Database']['User']; $dbPassword = $settings['Database']['Password']; $usersTable = $settings['Auth']['UsersTable']; $usersIdField = $settings['Auth']['IdField']; $usersLoginField = $settings['Auth']['LoginField']; $usersPasswordField = $settings['Auth']['PasswordField']; $usersLevelField = $settings['Auth']['LevelField']; // Connexion avec PDO try { $db = new \PDO("mysql:host={$dbHost};dbname={$dbName}", $dbUser, $dbPassword); $db->setAttribute(\PDO::ATTR_ERRMODE, \PDO::ERRMODE_EXCEPTION); } catch (\PDOException $e) { Error::throwError('Erreur SQL!', $e->getMessage()); } // Requête avec PDO try { // Requête SQL $query = "SELECT " . "`{$usersIdField}`, `{$usersLoginField}`, " . "`{$usersPasswordField}`, `{$usersLevelField}` " . "FROM `{$usersTable}` " . "WHERE `{$usersLoginField}` = :auth_login " . "AND `{$usersPasswordField}` = :auth_password"; // Paramètres à protéger $options = array(':auth_login' => $authLogin, ':auth_password' => $authPassword); // Préparation & Execution de la requête $sth = $db->prepare($query); $sth->execute($options); } catch (\PDOException $e) { Error::throwError('Erreur SQL!', $e->getMessage()); } // Si la requète est réussie, l'utilisateur existe bel et bien... // On déclare son id, login, password (hashé en SHA1), son level, et on lui // crée un token de sécurité, puis on stock dans la variable de session sous // forme de tableau associatif. // Dans le cas ou le statement $sth est à faux (false) la requète est échouée // ou l'utilisateur n'existe pas, et on renvoi un message d'erreur. if ($sth) { if (!empty($d = $sth->fetch(\PDO::FETCH_ASSOC))) { // On crée l'index 'Auth' dans la variable de session. $_SESSION['Auth'] = array('UserId' => $d[$usersIdField], 'UserLogin' => $d[$usersLoginField], 'UserPassword' => sha1($d[$usersPasswordField]), 'UserLevel' => $d[$usersLevelField], 'UserToken' => md5(time() * rand(0, 100) . $d[$usersLoginField] . $d[$usersIdField])); // Tout s'est bien passé, on retourne true. return true; } else { // Le couple utilisateur/mot de passe est faux, on retourne false. return false; } } else { // Il y'a eu une erreur dans la requête, on retourne l'exception PDO. Error::throwError('Erreur 404!', $e->getMessage()); } }
/** * Sends request to Worldpay API * @param string $action * @param string $json * @param bool $expectResponse * @param string $method * @return string JSON string from Worldpay * */ public function sendRequest($action, $json = false, $expectResponse = false, $method = 'POST') { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $this->endpoint . $action); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method); curl_setopt($ch, CURLOPT_POSTFIELDS, $json); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 0); curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); curl_setopt($ch, CURLOPT_TIMEOUT, $this->timeout); curl_setopt($ch, CURLOPT_HTTPHEADER, array("Authorization: {$this->service_key}", "Content-Type: application/json", "X-wp-client-user-agent: {$this->client_user_agent}", "Content-Length: " . strlen($json))); // Disabling SSL used for localhost testing if ($this->ssl_check === false) { if (substr($this->service_key, 0, 1) != 'T') { Error::throwError('ssl'); } curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); } $result = curl_exec($ch); $info = curl_getinfo($ch); $err = curl_error($ch); $errno = curl_errno($ch); curl_close($ch); // Curl error if ($result === false) { if ($errno === 60) { Error::throwError('sslerror', false, $errno, null, $err); } elseif ($errno === 28) { Error::throwError('timeouterror', false, $errno, null, $err); } else { Error::throwError('uanv', false, $errno, null, $err); } } if (substr($result, -1) != '}') { $result = substr($result, 0, -1); } // Decode JSON $response = self::handleResponse($result); // Check JSON has decoded correctly if ($expectResponse && ($response === null || $response === false)) { Error::throwError('uanv', Error::$errors['json'], 503); } // Check the status code exists if (isset($response["httpStatusCode"])) { if ($response["httpStatusCode"] != 200) { Error::throwError(false, $response["message"], $info['http_code'], $response['httpStatusCode'], $response['description'], $response['customCode']); } } elseif ($expectResponse && $info['http_code'] != 200) { // If we expect a result and we have an error Error::throwError('uanv', Error::$errors['json'], 503); } elseif (!$expectResponse) { if ($info['http_code'] != 200) { Error::throwError('apierror', $result, $info['http_code']); } else { $response = true; } } return $response; }
function error() { $controller = new Error(); $controller->throwError("Böyle bir sayfa bulunmamaktadır", URL); return false; }
function restricted() { $index = URL . "admin"; Error::throwError("Bu sayfaya giriş yetkiniz bulunmamaktadır.", $index); }
/** * * @param string $message * @param string $type */ protected function setFlash($message, $type) { $viewFilePath = FLASHS_DIR . $type . '.flash'; ob_start(); // On charge la vue "flash" if (file_exists($viewFilePath)) { include_once $viewFilePath; } else { Error::throwError("Fichier manquant !", "Fichier manquant !, Le fichier : {$viewFilePath} est inexistant !"); } $_SESSION['Flash'] = ob_get_clean(); }
/** * Get card details from Worldpay token * @param string $token * @return array card details * */ public function getStoredCardDetails($token = false) { if (empty($token) || !is_string($token)) { Error::throwError('ip', Error::$errors['orderInput']['token']); } $response = TokenService::getStoredCardDetails($token); if (!isset($response['paymentMethod'])) { Error::throwError("apierror"); } return $response['paymentMethod']; }