/** * Return the value from a parameter from $_SERVER * * @param string $name * @return mixed * REQUEST_URI, HTTP_USER_AGENT, REMOTE_ADDR, REQUEST_METHOD */ public function server($name) { if (filter_has_var(INPUT_SERVER, $name)) { return filter_input(INPUT_SERVER, $name, FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES); } return null; }
function rollDies() { global $sides; $sides = filter_input(INPUT_POST, "sides"); if (!filter_has_var(INPUT_POST, "sides")) { // first time through (ask for # of sides) print "<h1>How many sides would you like on the die?</h1>"; } else { // roll die with stated # of sides if ($sides == 0 || $sides == 1) { print "<h1>That is an Escherian die! Please try again.</h1>"; } elseif ($sides > 0 && $sides < 7) { $roll = rand(1, $sides); print "<h1>You rolled a <span style='color:green'>{$roll}</span> on a die with {$sides} sides.</h1>"; print <<<HERE \t\t\t \t\t\t<p> \t\t\t\t<IMG class = "displayed" src = "die{$roll}.jpg" alt = "die: {$roll}" /> \t\t\t</p> HERE; } else { $roll = rand(1, $sides); print "<h1>You rolled a <span style='color:red'>{$roll}</span> on a die with {$sides} sides.</h1>"; } } }
private function updateUser($userId) { $this->_template->title = 'Update Customer'; $user = $this->_template->user = $this->_model->getUserInfo($userId); $this->_template->countries = $this->_registry->getModel('register')->selectCountries(); $this->_template->states = $this->_registry->getModel('register')->selectStates(); if (filter_has_var(INPUT_POST, 'updateUser')) { $this->checkToken(); $response = $this->_model->updateUser($userId); if ($response == 'success') { $email = $this->_model->getSanitizedValue('email'); if (isset($email)) { $fullName = $user['first_name'] . ' ' . $user['last_name']; $activationCode = $this->_model->getActivationCode(); $this->_registry->getObject('security')->deleteTokenFromSession(); $this->_registry->getObject('mailout')->sendMailOnEmailUpdate($userId, $fullName, $email, $activationCode); } else { $this->_registry->getObject('session')->flash('message', '<p class="success">User account info was successfully updated.</p>'); $this->_registry->redirectTo('admin/customers/view/' . $userId); } } else { $this->_template->token = $this->_registry->getObject('security')->generateToken(); $this->displayFormErrors(); $this->_template->buildFromAdminTemplates('admin.header.php', 'admin.updateuser.php', 'admin.footer.php'); } } else { $this->_template->token = $this->_registry->getObject('security')->generateToken(); $this->_template->buildFromAdminTemplates('admin.header.php', 'admin.updateuser.php', 'admin.footer.php'); } }
/** * Update status of the specified payment * * @param Pronamic_Pay_Payment $payment */ public function update_status(Pronamic_Pay_Payment $payment) { if (filter_has_var(INPUT_GET, 'status')) { $status = filter_input(INPUT_GET, 'status', FILTER_SANITIZE_STRING); $payment->set_status($status); } }
/** * Фильтрует переменную, переданную методами post или get * @param string $name имя переменной (ключ в массиве post или get) * @param string $method константа метода, которым передана переменная (например 'INPUT_POST') * @param string $type тип переменной * @return mixed отфильтрованная переменная */ static function validateInputVar($name, $method, $type = '') { switch ($type) { case 'int': $filter = FILTER_SANITIZE_NUMBER_INT; break; case 'str': $filter = FILTER_SANITIZE_STRING; break; case 'url': $filter = FILTER_SANITIZE_URL; break; case 'email': $filter = FILTER_SANITIZE_EMAIL; break; case 'html': $filter = 'html'; break; default: $filter = FILTER_DEFAULT; } if (!defined($method)) { if (!preg_match('/^input/i', $method)) { $method = 'INPUT_' . strtoupper($method); } } $method = constant($method); if (filter_has_var($method, $name)) { if ($filter === 'html') { return strip_tags(filter_input($method, $name), '<a><p><b><strong><table><th><tr><td><area><article><big><br><center><dd><div><dl><dt><dir><em><embed><figure><font><hr><h1><h2><h3><h4><h5><h6><img><ol><ul><li><small><sup><sub><tt><time><tfoot><thead><tbody><u>'); } else { return filter_input($method, $name, $filter); } } }
/** * Maybe pay */ public function maybe_pay() { if (filter_has_var(INPUT_POST, 'pronamic_pay_membership')) { // Data $subscription_id = filter_input(INPUT_POST, 'subscription_id', FILTER_SANITIZE_STRING); $user_id = filter_input(INPUT_POST, 'user_id', FILTER_SANITIZE_STRING); $subscription = Pronamic_WP_Pay_Extensions_WPMUDEV_Membership_Membership::get_subscription($subscription_id); $membership = Pronamic_WP_Pay_Extensions_WPMUDEV_Membership_Membership::get_membership($user_id); if (isset($subscription, $membership)) { $config_id = get_option(Pronamic_WP_Pay_Extensions_WPMUDEV_Membership_Extension::OPTION_CONFIG_ID); $gateway = Pronamic_WP_Pay_Plugin::get_gateway($config_id); $data = new Pronamic_WP_Pay_Extensions_WPMUDEV_Membership_PaymentData($subscription, $membership); // Start $payment = Pronamic_WP_Pay_Plugin::start($config_id, $gateway, $data); // Meta update_post_meta($payment->get_id(), '_pronamic_payment_membership_user_id', $user_id); update_post_meta($payment->get_id(), '_pronamic_payment_membership_subscription_id', $data->get_subscription_id()); // Membership record transaction // @see http://plugins.trac.wordpress.org/browser/membership/tags/3.4.4.1/membershipincludes/classes/class.gateway.php#L176 $this->pronamic_record_transaction($user_id, $data->get_subscription_id(), $data->get_amount(), $data->get_currency(), time(), $payment->get_id(), '', ''); // Error $error = $gateway->get_error(); if (is_wp_error($error)) { $this->error = $error; } else { // Redirect $gateway->redirect($payment); } } } }
public function execute() { $config = $this->getConfig(); $index = $config->getUrl() . 'index.php'; if (isset($_SESSION['user']) === TRUE) { header("Location: {$index}"); exit; } elseif (filter_has_var(INPUT_POST, 'registro') !== TRUE) { $registro = filter_input_array(INPUT_POST)['registro']; // $this->validateInsert($registro); $usuario = new usuarioTable($config); $usuario->setUsuario($registro['nick']); $usuario->setPassword($registro['pass']); $usuario->save(); $datoUsuario = new datoUsuarioTable($config); $datoUsuario->setUsuarioId($Usuario->getId()); $datoUsuario->setNombre($registro['nombre']); $datoUsuario->setApellidos($registro['apellidos']); $datoUsuario->setCorreo($registro['email']); $datoUsuario->setFechaNacimiento($registro['fecha']); $datoUsuario->setGenero($registro['genero']); $datoUsuario->save(); $_SESSION['registroSuccess'] = 'Usuario registrado exitosamente'; } header("Location: {$index}"); exit; }
/** * Suggest * * Echo a JSON-ified array of posts of the given post-type and * the requested search-term and then die silently */ public static function suggest() { $json = new MslsJson(); if (filter_has_var(INPUT_POST, 'blog_id')) { switch_to_blog(filter_input(INPUT_POST, 'blog_id', FILTER_SANITIZE_NUMBER_INT)); $args = array('orderby' => 'name', 'order' => 'ASC', 'number' => 10, 'hide_empty' => 0); if (filter_has_var(INPUT_POST, 's')) { $args['s'] = sanitize_text_field(filter_input(INPUT_POST, 's')); } /** * Overrides the query-args for the suggest fields * @since 0.9.9 * @param array $args */ $args = (array) apply_filters('msls_post_tag_suggest_args', $args); foreach (get_terms(sanitize_text_field(filter_input(INPUT_POST, 'post_type')), $args) as $term) { /** * Manipulates the term object before using it * @since 0.9.9 * @param StdClass $term */ $term = apply_filters('msls_post_tag_suggest_term', $term); if (is_object($term)) { $json->add($term->term_id, $term->name); } } restore_current_blog(); } wp_die($json->encode()); }
/** * @return void */ public function indexAction() { if ($this->isAJAX() && $this->isRequestMethod('POST')) { $status = 400; $data = array('error' => 'bad_request'); if (filter_has_var(INPUT_POST, "_csrf_token_login") && filter_has_var(INPUT_POST, "_username") && filter_has_var(INPUT_POST, "_password")) { $status = 403; $data = array('error' => 'bad_request'); $csrf_token_login = htmlspecialchars($_POST['_csrf_token_login'], ENT_QUOTES); if ($csrf_token_login == hash('sha256', Security::getCSRFToken('csrf_token_login'))) { $status = 204; $data = array('error' => 'no_content'); $username = htmlspecialchars($_POST['_username'], ENT_QUOTES); $password = htmlspecialchars($_POST['_password'], ENT_QUOTES); $user = $this->loadModel('User'); $user->Username = $username; $user->Password = $password; $id = $user->isAuthorized(); if ($id > 0) { Security::loggedIn($id, $user->Role); Security::destroyCSRFToken('csrf_token_login'); $status = 200; $data = array('id' => $id, 'role' => $user->Role); } } } http_response_code($status); echo json_encode($data); } else { Helper::redirectTo(WEB . 'register'); } }
private function register() { if ($this->_registry->getModel('authenticate')->isLoggedIn() === false) { $this->_template->title = 'Register'; $this->_template->countries = $this->showCountries(); $this->_template->states = $this->showStates(); if (filter_has_var(INPUT_POST, 'register')) { $this->_model->checkRegistration(); $token = $this->_model->getSanitizedValue('token'); $this->_security->checkCsrfToken($token); $this->_model->processRegistration(); if ($this->_model->isRegistered() == true) { $name = $this->_model->getFullName(); $activationCode = $this->_model->getActivationCode(); $email = $this->getSanitizedValue('email'); $this->_security->deleteTokenFromSession(); $this->_mail->sendActivationCode($name, $email, $activationCode); } else { $this->_template->token = $this->_security->generateToken(); $this->_template->captcha = $this->_security->createCaptcha(); $this->displayFormErrors('_model'); $this->_template->buildFromTemplates('header.php', 'sidebar.php', 'main.register.php', 'footer.php'); } } else { $this->_template->captcha = $this->_security->createCaptcha(); $this->_template->token = $this->_security->generateToken(); $this->_template->buildFromTemplates('header.php', 'sidebar.php', 'main.register.php', 'footer.php'); } } else { $this->_registry->redirectTo('account'); } }
private function orderDetails() { $this->_template->title = 'Order Details'; $this->_template->countries = $this->_registry->getModel('register')->selectCountries(); $this->_template->states = $this->_registry->getModel('register')->selectStates(); $this->_template->paymentMethods = $this->_model->getPaymentMethods(); $orderDetails = $this->_model->getBasketContentForOrder(); $this->_template->orderDetails = $orderDetails; if (filter_has_var(INPUT_POST, 'submitAddress')) { $this->checkDeliveryAddressForm(); $this->checkVoucher(); $token = $this->_sanitizedValues['token']; $this->_security->checkCsrfToken($token); if (empty($this->_errors) && empty($this->_missingValues)) { $this->storeDeliveryAddress(); $this->storeTotalAndDiscount(); $this->_session->put('orderDetails', serialize($orderDetails)); $this->_session->flash('message', $this->voucherNotice); $this->_security->deleteTokenFromSession(); $this->_registry->redirectTo('checkout/confirm-order'); } else { $this->_template->token = $this->_security->generateToken(); $this->displayFormErrors(); $this->_template->buildFromTemplates('header.checkout.php', 'main.order.php', 'footer.checkout.php'); } } else { $this->_template->token = $this->_security->generateToken(); $this->_template->buildFromTemplates('header.checkout.php', 'main.order.php', 'footer.checkout.php'); } }
public function execute() { $config = $this->getConfig(); $index = $config->getUrl() . 'index.php'; if (isset($_SESSION['user']) === TRUE) { header("Location: {$index}"); exit; } elseif (filter_has_var(INPUT_POST, 'registro') === TRUE) { $registro = filter_input_array(INPUT_POST)['registro']; $this->validateInsert($registro); $usuario = new usuarioTable($config); $usuario->setId($usuario->nextId()); $usuario->setUsuario($registro['nick']); $usuario->setPassword($registro['password']); $usuario->setActivado(1); $usuario->setRolId(2); $id = $usuario->save(); $datoUsuario = new datoUsuarioTable($config); $datoUsuario->setId($datoUsuario->nextId()); $datoUsuario->setUsuarioId($id); $datoUsuario->setNombre($registro['nombre']); $datoUsuario->setApellidos($registro['apellidos']); $datoUsuario->setCorreo($registro['email']); $datoUsuario->setFechaNacimiento($registro['fecha']); $datoUsuario->setGenero($registro['genero']); $datoUsuario->save(); $_SESSION['registroSuccess'] = 'Usuario registrado exitosamente'; header("Location:" . $config->getUrl() . "index.php/home/loginUsuario"); exit; } else { $this->formulario = $this->getConfig()->getUrl() . 'index.php/seguridad/registroUsuario'; $this->defineView('home/seguridad', 'registroUsuario', 'html'); } }
public function execute() { $config = $this->getConfig(); if (filter_has_var(INPUT_POST, 'seguridad') === true) { $usuario = filter_input_array(INPUT_POST)['seguridad']['usuario']; $password = filter_input_array(INPUT_POST)['seguridad']['password']; $usuario2 = new usuarioTable($config); $usuario2->setUsuario($usuario); $usuario2->setPassword($password); if ($usuario2->verificarUsuario() !== FALSE) { $datosUsuario = $usuario2->getById(); //etDataByUserPassword(); if ($datosUsuario !== false) { $_SESSION['user']['id'] = $datosUsuario->id; $_SESSION['user']['usuario'] = $datosUsuario->usuario; } else { throw new Exception('Extrañamente ocurrio un error'); } } else { $_SESSION['usuarioInvalido'] = 'Datos de usuario invalidos'; header("Location:" . $config->getUrl() . "index.php/inicio/iniciar"); exit; } } $index = $config->getUrl() . 'index.php/inicio/index'; header("Location: {$index}"); exit; }
public function execute() { $config = $this->getConfig(); if (filter_has_var(INPUT_POST, 'seguridad') === TRUE) { $user = filter_input_array(INPUT_POST)['seguridad']['user']; $password = filter_input_array(INPUT_POST)['seguridad']['pass']; $usuario = new usuarioTable($config); $usuario->setUsuario($user); $usuario->setPassword($password); if ($usuario->verificarUsuario() === TRUE) { $datoUsuario = $usuario->getDataByUserPassword(); if ($datoUsuario !== FALSE) { $_SESSION['user']['id'] = $datoUsuario->id; $_SESSION['user']['nombre'] = $datoUsuario->nombre; header("Location:" . $config->getUrl() . "index.php"); exit; } else { throw new Exception('Ocurrio un error usuario no existente'); } } else { $_SESSION['usuarioInvalido'] = 'Datos de usuario son inválidos'; header("Location:" . $config->getUrl() . "index.php/home/loginUsuario"); exit; } } header("Location:" . $config->getUrl() . "index.php"); exit; }
public function checkForAuthentication() { if (isset($_SESSION['authSessionUid']) && intval($_SESSION['authSessionUid'] > 0)) { $this->sessionAuthenticate(intval($_SESSION['authSessionUid'])); if ($this->_loggedIn == true) { $this->_registry->getObject('template')->loginError = ''; } else { $this->_registry->getObject('template')->loginError = '<p class="error">Your email/password was not correct, please try again</p>'; } } elseif (filter_has_var(INPUT_POST, 'login')) { $this->checkLogin(); $token = $this->_sanitizedValues['token']; $this->_registry->getObject('security')->checkCsrfToken($token); if (empty($this->_errors)) { $email = $this->_sanitizedValues['email']; $password = $this->_sanitizedValues['password']; $this->postAuthenticate($email, $password); if ($this->_loggedIn == true) { $this->_registry->getObject('template')->loginError = ''; } else { $this->_registry->getObject('template')->loginError = '<p class="error">Your email/password was not correct, please try again.</p>'; } } } }
/** * Processes a payment using this Gateway */ public function process($order, $options) { if (isset($options['config_id'])) { $config_id = $options['config_id']; $gateway = Pronamic_WP_Pay_Plugin::get_gateway($config_id); if ($gateway) { $data = new Pronamic_WP_Pay_Extensions_AppThemes_PaymentData($order); if (filter_has_var(INPUT_POST, 'appthemes_pronamic_ideal')) { $payment = Pronamic_WP_Pay_Plugin::start($config_id, $gateway, $data); $error = $gateway->get_error(); if (is_wp_error($error)) { foreach ($error->get_error_messages() as $message) { echo $message; } } else { $gateway->redirect($payment); } } else { ?> <form method="post" action=""> <?php echo $gateway->get_input_html(); ?> <p> <?php printf('<input class="ideal-button" type="submit" name="appthemes_pronamic_ideal" value="%s" />', __('Pay with iDEAL', 'pronamic_ideal')); ?> </p> </form> <?php } } } }
public function save() { $name = filter_input(INPUT_POST, "name"); $password = filter_input(INPUT_POST, "password"); $session = filter_input(INPUT_POST, "session"); $desc = filter_has_var(INPUT_POST, "desc"); $this->tbluserfactory->saveUser($name, $password, $session, $desc); }
public function testENV() { if (version_compare(PHP_VERSION, '5.2.0', '<')) { $this->assertFalse(filter_has_var(INPUT_ENV, 'testvar'), "filter_has_var returned TRUE for non-existant variable in ENV."); $_ENV['testvar'] = null; $this->assertTrue(filter_has_var(INPUT_ENV, 'testvar'), "filter_has_var returned FALSE for an existing variable in ENV."); } }
public static function listen() { if (filter_has_var(INPUT_POST, 'ems_notify_payment_id')) { $payment_id = filter_input(INPUT_POST, 'ems_notify_payment_id'); $payment = get_pronamic_payment($payment_id); Pronamic_WP_Pay_Plugin::update_payment($payment); } }
public static function listen() { if (filter_has_var(INPUT_GET, 'Status') && filter_has_var(INPUT_GET, 'StatusCode') && filter_has_var(INPUT_GET, 'Merchant') && filter_has_var(INPUT_GET, 'OrderID') && filter_has_var(INPUT_GET, 'PaymentID') && filter_has_var(INPUT_GET, 'Reference') && filter_has_var(INPUT_GET, 'TransactionID') && filter_has_var(INPUT_GET, 'Checksum')) { $reference = filter_input(INPUT_GET, 'OrderID', FILTER_SANITIZE_STRING); $payment = get_pronamic_payment($reference); Pronamic_WP_Pay_Plugin::update_payment($payment); } }
function setData($formType = '', $method = '') { $this->mainImage = $_FILES['mainimage']['name']; $this->images = $_FILES['images']['name']; if (filter_has_var(INPUT_POST, 'product_id')) { $this->productId = filter_input(INPUT_POST, 'product_id', FILTER_SANITIZE_NUMBER_INT); } }
public function errorUser() { $answer = false; if (filter_has_var(INPUT_GET, 'user') === true and filter_input(INPUT_GET, 'user') === false) { $answer = true; } return $answer; }
public static function listen() { if (filter_has_var(INPUT_GET, 'mollie_webhook') && filter_has_var(INPUT_POST, 'id')) { $transaction_id = filter_input(INPUT_POST, 'id', FILTER_SANITIZE_STRING); $payment = get_pronamic_payment_by_transaction_id($transaction_id); Pronamic_WP_Pay_Plugin::update_payment($payment, false); } }
private function checkString($input) { // убедитьс в том, что значение $_POST[ $input ] существует... if (!(filter_has_var(INPUT_POST, $input) && strlen(filter_input(INPUT_POST, $input)) > 0)) { //в случае ошибки записываем имя инпут в массив ошибок $this->errors[] = $input; } return true; }
public function getServer($key = null, $default = null) { var_dump($this->filters); die; if (null === $key) { return filter_list(INPUT_SERVER) ? filter_input_array(INPUT_SERVER) : $this->params; } return filter_has_var(INPUT_SERVER, $key) ? filter_input(INPUT_SERVER, $key) : $default; }
/** * @param string $name * @return bool */ public function has($name) { if ($this->data !== null) { $exists = array_key_exists($name, $this->data); } else { $exists = filter_has_var($this->type, $name); } return $exists; }
/** * Return the value from a parameter from $_COOKIE * * @param string $name * @return mixed */ public static function getCookie($name) { if (isset($_COOKIE[$name])) { if (filter_has_var(INPUT_COOKIE, $name)) { return filter_input(INPUT_COOKIE, $name, FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES); } } return null; }
/** * Admin config submit */ public static function admin_config_submit() { $name = Pronamic_WP_Pay_Extensions_WPeCommerce_Extension::OPTION_IDEAL_CONFIG_ID; if (filter_has_var(INPUT_POST, $name)) { $config_id = filter_input(INPUT_POST, $name, FILTER_SANITIZE_STRING); update_option($name, $config_id); } return true; }
function setLogin($getData) { $returnVal = array("status" => false, "msg" => array()); try { if ($this->getLib->checkVal($getData['send'])) { // set get values $msg_array = array(); $return_status = false; $cpsub_username = $this->getLib->setFilter($getData['cpsub_username']); $cpsub_password = $this->getLib->setFilter($getData['cpsub_password']); // check values if (!filter_has_var(INPUT_POST, "cpsub_username") || !$this->getLib->checkVal($cpsub_username)) { $error_msg = "請輸入帳號"; array_push($msg_array, $error_msg); } // check values if (!filter_has_var(INPUT_POST, "cpsub_password") || !$this->getLib->checkVal($cpsub_password)) { $error_msg = "請輸入密碼"; array_push($msg_array, $error_msg); } // check if (count($msg_array) == 0) { try { // start check foreach ($this->accountData as $aData) { if ($aData['username'] == $cpsub_username) { if ($aData['password'] == $cpsub_password) { $_SESSION['login'] = "******"; $_SESSION['cpsub_username'] = $aData['username']; $_SESSION['cpsub_password'] = $aData['password']; $_SESSION['cpsub_nickname'] = $aData['nickname']; $success_msg = "登入成功!"; array_push($msg_array, $success_msg); // set status $return_status = true; } else { $error_msg = "密碼錯誤"; array_push($msg_array, $error_msg); } } else { $error_msg = "查無帳號"; array_push($msg_array, $error_msg); } } } catch (Exception $e) { $error_msg = "登入失敗 <br />{$e}"; array_push($msg_array, $error_msg); } } } } catch (Exception $e) { $error_msg = "登入失敗 <br />{$e}"; array_push($msg_array, $error_msg); } $returnVal = array("status" => $return_status, "msg" => $msg_array); return $returnVal; }
public static function listen() { if (filter_has_var(INPUT_POST, 'Data') && filter_has_var(INPUT_POST, 'Seal')) { $input_data = filter_input(INPUT_POST, 'Data', FILTER_SANITIZE_STRING); $data = Pronamic_WP_Pay_Gateways_OmniKassa_Client::parse_piped_string($input_data); $transaction_reference = $data['transactionReference']; $payment = get_pronamic_payment_by_meta('_pronamic_payment_omnikassa_transaction_reference', $transaction_reference); Pronamic_WP_Pay_Plugin::update_payment($payment); } }