コード例 #1
0
ファイル: image.php プロジェクト: rmcdermott/bitsybay
 public function qr()
 {
     // Only for registered users
     if (!$this->auth->isLogged()) {
         $this->security_log->write('Somebody tried to get QR Code');
         exit;
     }
     // Request validation
     if (!isset($this->request->get['code']) || empty($this->request->get['code'])) {
         $this->security_log->write('Query is required');
         exit;
     }
     // Request validation
     if (!ValidatorBitcoin::addressValid($this->request->get['code'])) {
         $this->security_log->write('Invalid bitcoin address');
         exit;
     }
     $qr = new Qr($this->request->get['code']);
     header('Content-type: image/png');
     echo $qr->image();
     exit;
 }
コード例 #2
0
ファイル: product.php プロジェクト: babilavena/bitsybay
 private function _validateProductForm()
 {
     // Category
     if (!isset($this->request->post['category_id']) || $this->request->post['category_id'] != 0 && !$this->model_catalog_category->getCategory($this->request->post['category_id'], $this->language->getId())) {
         $this->_error['general']['category_id'] = tt('Wrong category field');
         // Filter critical request
         $this->security_log->write('Wrong category_id field');
         $this->request->post['category_id'] = 0;
     } else {
         if ($this->request->post['category_id'] == 0) {
             $this->_error['general']['category_id'] = tt('Category is required');
         }
     }
     // Product description
     if (isset($this->request->post['product_description'])) {
         foreach ($this->request->post['product_description'] as $language_id => $product_description) {
             // Language
             if (!$this->language->hasId($language_id)) {
                 $this->_error['general']['common'] = tt('Wrong language field');
                 // Filter critical request
                 $this->security_log->write('Wrong language_id field');
                 unset($this->request->post['product_description'][$language_id]);
                 break;
             }
             // Title
             if (!isset($product_description['title'])) {
                 $this->_error['general']['product_description'][$language_id]['title'] = tt('Wrong title input');
                 // Filter critical request
                 $this->security_log->write('Wrong product_description[title] field');
                 unset($this->request->post['product_description'][$language_id]);
                 break;
             } else {
                 if (empty($product_description['title'])) {
                     $this->_error['general']['product_description'][$language_id]['title'] = tt('Title is required');
                 } else {
                     if (!ValidatorProduct::titleValid(html_entity_decode($product_description['title']))) {
                         $this->_error['general']['product_description'][$language_id]['title'] = tt('Invalid title format');
                     }
                 }
             }
             // Description
             if (!isset($product_description['description'])) {
                 $this->_error['general']['product_description'][$language_id]['description'] = tt('Wrong description input');
                 // Filter critical request
                 $this->security_log->write('Wrong product_description[description] field');
                 unset($this->request->post['product_description'][$language_id]);
                 break;
             } else {
                 if (empty($product_description['description'])) {
                     $this->_error['general']['product_description'][$language_id]['description'] = tt('Description is required');
                 } else {
                     if (!ValidatorProduct::descriptionValid(html_entity_decode($product_description['description']))) {
                         $this->_error['general']['product_description'][$language_id]['description'] = tt('Invalid description format');
                     }
                 }
             }
             // Tags
             if (!isset($product_description['tags'])) {
                 $this->_error['general']['product_description'][$language_id]['tags'] = tt('Wrong tags input');
                 // Filter critical request
                 $this->security_log->write('Wrong product_description[tags] field');
                 unset($this->request->post['product_description'][$language_id]);
                 break;
             } else {
                 if (!ValidatorProduct::tagsValid(html_entity_decode($product_description['tags']))) {
                     $this->_error['general']['product_description'][$language_id]['tags'] = tt('Invalid tags format');
                 }
             }
         }
     }
     // Package file
     if (isset($this->request->files['package']['tmp_name']) && !empty($this->request->files['package']['tmp_name'])) {
         $this->_error['file']['common'] = tt('Package file is not allowed for this action');
         $this->security_log->write('Try to load package file without ajax interface');
         unset($this->request->files['package']);
     } else {
         if (!isset($this->request->get['product_id']) && empty($this->request->post['product_file_id'])) {
             $this->_error['file']['common'] = tt('Package file is required');
         } else {
             if (!isset($this->request->post['product_file_id'])) {
                 $this->_error['file']['common'] = tt('Package file input is wrong');
                 $this->security_log->write('Wrong product package field');
             } else {
                 if (!file_exists(DIR_STORAGE . $this->auth->getId() . DIR_SEPARATOR . $this->request->post['product_file_id'] . '.' . STORAGE_FILE_EXTENSION)) {
                     $this->_error['file']['common'] = tt('Temporary package file is wrong');
                     $this->security_log->write('Try to access not own\'s temporary package file');
                 }
             }
         }
     }
     // Demos
     if (isset($this->request->post['demo'])) {
         // Main Demo
         if (!isset($this->request->post['main_demo'])) {
             $this->_error['demo']['common'] = tt('Main demo is required');
             // Filter critical request
             $this->security_log->write('Wrong product main_demo field');
             unset($this->request->post['demo']);
         }
         $demo_count = 0;
         foreach ($this->request->post['demo'] as $row => $demo) {
             $demo_count++;
             // Title
             if (isset($demo['title'])) {
                 foreach ($demo['title'] as $language_id => $title) {
                     // Language
                     if (!$this->language->hasId($language_id)) {
                         $this->_error['demo']['common'] = tt('Wrong language field');
                         // Filter critical request
                         $this->security_log->write('Wrong product demo language_id field');
                         unset($this->request->post['demo'][$row]);
                         break;
                     }
                     // Title validation
                     if (empty($title)) {
                         $this->_error['demo'][$row]['title'][$language_id] = tt('Title is required');
                     } else {
                         if (!ValidatorProduct::titleValid(html_entity_decode($title))) {
                             $this->_error['demo'][$row]['title'][$language_id] = tt('Invalid title format');
                         }
                     }
                 }
             } else {
                 $this->_error['demo']['common'] = tt('Wrong title input');
                 // Filter critical request
                 $this->security_log->write('Wrong product demo title field');
                 unset($this->request->post['demo'][$row]);
                 break;
             }
             // Url
             if (isset($demo['url'])) {
                 if (empty($demo['url'])) {
                     $this->_error['demo'][$row]['url'] = tt('Demo URL is required');
                 } else {
                     if (!ValidatorProduct::urlValid(html_entity_decode($demo['url']))) {
                         $this->_error['demo'][$row]['url'] = tt('Invalid URL format');
                     }
                 }
             } else {
                 $this->_error['demo']['common'] = tt('Wrong demo URL input');
                 // Filter critical request
                 $this->security_log->write('Wrong product demo URL field');
                 unset($this->request->post['demo'][$row]);
                 break;
             }
             // Sort order
             if (!isset($demo['sort_order']) || !$demo['sort_order']) {
                 $this->_error['demo']['common'] = tt('Wrong sort order input');
                 // Filter critical request
                 $this->security_log->write('Wrong product demo sort_order field');
                 unset($this->request->post['demo'][$row]);
                 break;
             }
         }
         // Maximum demo pages per product
         if (QUOTA_DEMO_PER_PRODUCT < $demo_count) {
             $this->_error['demo']['common'] = sprintf(tt('Allowed maximum %s demo pages per one product'), QUOTA_DEMO_PER_PRODUCT);
             // Filter critical request
             $this->security_log->write('Exceeded limit of product demo');
             unset($this->request->post['demo']);
         }
     }
     // Images
     if (isset($this->request->post['image'])) {
         // Filter downloads (moved to AJAX)
         unset($this->request->files['image']);
         // Required main image
         if (!isset($this->request->post['main_image'])) {
             $this->_error['image']['common'] = tt('Main image is required');
             // Filter critical request
             $this->security_log->write('Wrong product main_image field');
             unset($this->request->post['image']);
         }
         $image_count = 0;
         foreach ($this->request->post['image'] as $row => $image) {
             $image_count++;
             // Title
             if (isset($image['title'])) {
                 foreach ($image['title'] as $language_id => $title) {
                     // Language
                     if (!$this->language->hasId($language_id)) {
                         $this->_error['image']['common'] = tt('Wrong language field');
                         // Filter critical request
                         $this->security_log->write('Wrong product image language_id field');
                         unset($this->request->post['image']);
                         break;
                     }
                     // Title validation
                     if (empty($title)) {
                         $this->_error['image'][$row]['title'][$language_id] = tt('Title is required');
                     } else {
                         if (!ValidatorProduct::titleValid(html_entity_decode($title))) {
                             $this->_error['image'][$row]['title'][$language_id] = tt('Invalid title format');
                         }
                     }
                 }
             } else {
                 $this->_error['image']['common'] = tt('Wrong title input');
                 // Filter critical request
                 $this->security_log->write('Wrong product image title field');
                 unset($this->request->post['image']);
                 break;
             }
             // Require sort order field
             if (!isset($image['sort_order']) || !$image['sort_order']) {
                 $this->_error['image']['common'] = tt('Wrong sort order input');
                 // Filter critical request
                 $this->security_log->write('Wrong product image sort_order field');
                 unset($this->request->post['image']);
                 break;
             }
             // Require product product_image_id
             if (!isset($image['product_image_id'])) {
                 $this->_error['image']['common'] = tt('Wrong temporary ID image input');
                 // Filter critical request
                 $this->security_log->write('Wrong product image product_image_id field');
                 unset($this->request->post['image']);
                 break;
             }
             // Require product product_image_id
             if (!isset($image['product_image_id'])) {
                 $this->_error['image']['common'] = tt('Wrong image ID input');
                 // Filter critical request
                 $this->security_log->write('Wrong product image product_image_id field');
                 unset($this->request->post['image']);
                 break;
             }
             // Check temporary image file if exists
             if (!file_exists(DIR_STORAGE . $this->auth->getId() . DIR_SEPARATOR . $image['product_image_id'] . '.' . STORAGE_IMAGE_EXTENSION)) {
                 $this->_error['image']['common'] = tt('Temporary image ID is wrong');
                 $this->security_log->write('Try to access not own\'s temporary image file');
                 unset($this->request->post['image']);
                 break;
             }
             // Check if new temporary and stored image fields is not empty
             if (isset($this->request->get['product_id']) && empty($image['product_image_id']) && empty($image['product_image_id'])) {
                 $this->_error['image']['common'] = tt('Image file is required');
             }
         }
         // Maximum images per one product
         if (QUOTA_IMAGES_PER_PRODUCT < $image_count) {
             $this->_error['image']['common'] = sprintf(tt('Maximum %s images pages per one product'), QUOTA_DEMO_PER_PRODUCT);
             // Filter critical request
             $this->security_log->write('Exceeded limit of product images');
             unset($this->request->post['image']);
         }
     }
     // Videos
     if (isset($this->request->post['video'])) {
         $video_count = 0;
         foreach ($this->request->post['video'] as $row => $video) {
             $video_count++;
             // Title
             if (isset($video['title'])) {
                 foreach ($video['title'] as $language_id => $title) {
                     // Language
                     if (!$this->language->hasId($language_id)) {
                         $this->_error['video']['common'] = tt('Wrong language field');
                         // Filter critical request
                         $this->security_log->write('Wrong product video language_id field');
                         unset($this->request->post['video'][$row]);
                         break;
                     }
                     // Title string validation
                     if (empty($title)) {
                         $this->_error['video'][$row]['title'][$language_id] = tt('Title is required');
                     } else {
                         if (!ValidatorProduct::titleValid(html_entity_decode($title))) {
                             $this->_error['video'][$row]['title'][$language_id] = tt('Invalid title format');
                         }
                     }
                 }
             } else {
                 $this->_error['video']['common'] = tt('Wrong title URL input');
                 // Filter critical request
                 $this->security_log->write('Wrong product video URL field');
                 unset($this->request->post['video'][$row]);
                 break;
             }
             // Source
             if (!isset($video['source'])) {
                 $this->_error['video']['common'] = tt('Wrong video source input');
                 // Filter critical request
                 $this->security_log->write('Wrong product video source field');
                 unset($this->request->post['video'][$row]);
                 break;
             } else {
                 // Video server validate
                 $video_server_info = $this->model_common_video_server->getVideoServer($video['source']);
                 if (!$video_server_info) {
                     $this->_error['video'][$row]['source'] = tt('Wrong video_server_id source');
                     // Filter critical request
                     $this->security_log->write('Wrong product video video_server_id field');
                     unset($this->request->post['video'][$row]);
                     break;
                 } else {
                     // ID relations validate
                     if (isset($video['id'])) {
                         switch (mb_strtolower($video_server_info->name)) {
                             case 'youtube':
                                 if (empty($video['id'])) {
                                     $this->_error['video'][$row]['id'] = tt('YouTube ID is required');
                                 } else {
                                     if (!ValidatorYoutube::idValid(html_entity_decode($video['id']))) {
                                         $this->_error['video'][$row]['id'] = tt('Invalid YouTube ID format');
                                     }
                                 }
                                 break;
                             case 'vimeo':
                                 if (empty($video['id'])) {
                                     $this->_error['video'][$row]['id'] = tt('YouTube Vimeo is required');
                                 } else {
                                     if (!ValidatorVimeo::idValid(html_entity_decode($video['id']))) {
                                         $this->_error['video'][$row]['id'] = tt('Invalid Vimeo ID format');
                                     }
                                 }
                                 break;
                             default:
                                 $this->_error['video'][$row]['source'] = tt('Undefined video source');
                         }
                     } else {
                         $this->_error['video']['common'] = tt('Wrong video ID input');
                         // Filter critical request
                         $this->security_log->write('Wrong product video ID field');
                         unset($this->request->post['video'][$row]);
                         break;
                     }
                 }
             }
             // Sort order
             if (!isset($video['sort_order']) || !$video['sort_order']) {
                 $this->_error['video']['common'] = tt('Wrong sort order input');
                 // Filter critical request
                 $this->security_log->write('Wrong product video sort_order field');
                 unset($this->request->post['video'][$row]);
                 break;
             }
         }
         // Maximum video pages per product
         if (QUOTA_VIDEO_PER_PRODUCT < $video_count) {
             $this->_error['video']['common'] = sprintf(tt('Maximum %s video links per one product'), QUOTA_DEMO_PER_PRODUCT);
             // Filter critical request
             $this->security_log->write('Exceeded limit of product videos');
             unset($this->request->post['video']);
         }
     }
     // Audios
     if (isset($this->request->post['audio'])) {
         $audio_count = 0;
         foreach ($this->request->post['audio'] as $row => $audio) {
             $audio_count++;
             // Title
             if (isset($audio['title'])) {
                 foreach ($audio['title'] as $language_id => $title) {
                     // Language
                     if (!$this->language->hasId($language_id)) {
                         $this->_error['audio']['common'] = tt('Wrong language field');
                         // Filter critical request
                         $this->security_log->write('Wrong product audio language_id field');
                         unset($this->request->post['audio'][$row]);
                         break;
                     }
                     // Title string validation
                     if (empty($title)) {
                         $this->_error['audio'][$row]['title'][$language_id] = tt('Title is required');
                     } else {
                         if (!ValidatorProduct::titleValid(html_entity_decode($title))) {
                             $this->_error['audio'][$row]['title'][$language_id] = tt('Invalid title format');
                         }
                     }
                 }
             } else {
                 $this->_error['audio']['common'] = tt('Wrong title URL input');
                 // Filter critical request
                 $this->security_log->write('Wrong product audio URL field');
                 unset($this->request->post['audio'][$row]);
                 break;
             }
             // Source
             if (!isset($audio['source'])) {
                 $this->_error['audio']['common'] = tt('Wrong audio source input');
                 // Filter critical request
                 $this->security_log->write('Wrong product audio source field');
                 unset($this->request->post['audio'][$row]);
                 break;
             } else {
                 // Audio server validate
                 $audio_server_info = $this->model_common_audio_server->getAudioServer($audio['source']);
                 if (!$audio_server_info) {
                     $this->_error['audio'][$row]['source'] = tt('Wrong audio_server_id source');
                     // Filter critical request
                     $this->security_log->write('Wrong product audio audio_server_id field');
                     unset($this->request->post['audio'][$row]);
                     break;
                 } else {
                     // ID relations validate
                     if (isset($audio['id'])) {
                         switch (mb_strtolower($audio_server_info->name)) {
                             case 'soundcloud':
                                 if (empty($audio['id'])) {
                                     $this->_error['audio'][$row]['id'] = tt('SoundCloud ID is required');
                                 } else {
                                     if (!ValidatorSoundcloud::idValid(html_entity_decode($audio['id']))) {
                                         $this->_error['audio'][$row]['id'] = tt('Invalid SoundCloud ID format');
                                     }
                                 }
                                 break;
                             default:
                                 $this->_error['audio'][$row]['source'] = tt('Undefined audio source');
                         }
                     } else {
                         $this->_error['audio']['common'] = tt('Wrong audio ID input');
                         // Filter critical request
                         $this->security_log->write('Wrong product audio ID field');
                         unset($this->request->post['audio'][$row]);
                         break;
                     }
                 }
             }
             // Sort order
             if (!isset($audio['sort_order']) || !$audio['sort_order']) {
                 $this->_error['audio']['common'] = tt('Wrong sort order input');
                 // Filter critical request
                 $this->security_log->write('Wrong product audio sort_order field');
                 unset($this->request->post['audio'][$row]);
                 break;
             }
         }
         // Maximum audio pages per product
         if (QUOTA_AUDIO_PER_PRODUCT < $audio_count) {
             $this->_error['audio']['common'] = sprintf(tt('Maximum %s audio links per one product'), QUOTA_DEMO_PER_PRODUCT);
             // Filter critical request
             $this->security_log->write('Exceeded limit of product audios');
             unset($this->request->post['audio']);
         }
     }
     // Currency
     if (!isset($this->request->post['currency_id'])) {
         // Filter critical request
         $this->security_log->write('Wrong product currency field');
         $this->request->post['currency_id'] = $this->currency->getId();
     } else {
         if (!$this->currency->hasId($this->request->post['currency_id'])) {
             $this->_error['price']['common'] = tt('Wrong currency field');
             // Filter critical request
             $this->security_log->write('Wrong product currency_id field');
             $this->request->post['currency_id'] = $this->currency->getId();
         } else {
             if (empty($this->request->post['currency_id']) || $this->request->post['currency_id'] == 0) {
                 $this->_error['price']['currency_id'] = tt('Currency is required');
             }
         }
     }
     // Withdraw address
     if (!isset($this->request->post['withdraw_address'])) {
         $this->_error['price']['withdraw_address'] = tt('Wrong withdraw address field');
         // Filter critical request
         $this->security_log->write('Wrong product withdraw_address field');
         $this->request->post['withdraw_address'] = false;
     } else {
         if (empty($this->request->post['withdraw_address'])) {
             $this->_error['price']['withdraw_address'] = tt('Withdraw address is required');
         } else {
             if (!ValidatorBitcoin::addressValid(html_entity_decode($this->request->post['withdraw_address']))) {
                 $this->_error['price']['withdraw_address'] = tt('Invalid withdraw address');
             }
         }
     }
     // Pricing
     // Requirements
     if (!isset($this->request->post['regular_price'])) {
         $this->_error['price']['regular_price'] = tt('Wrong regular price field');
         // Filter critical request
         $this->security_log->write('Wrong regular price field');
         $this->request->post['regular_price'] = 0;
     }
     if (!isset($this->request->post['exclusive_price'])) {
         $this->_error['price']['exclusive_price'] = tt('Wrong exclusive price field');
         // Filter critical request
         $this->security_log->write('Wrong exclusive price field');
         $this->request->post['exclusive_price'] = 0;
     }
     // Regular price
     if (!empty($this->request->post['regular_price'])) {
         if ($this->request->post['regular_price'] < ALLOWED_PRODUCT_MIN_PRICE) {
             $this->_error['price']['regular_price'] = sprintf(tt('Price must be %s or more'), $this->currency->format(ALLOWED_PRODUCT_MIN_PRICE));
         } else {
             if ($this->request->post['regular_price'] > ALLOWED_PRODUCT_MAX_PRICE) {
                 $this->_error['price']['regular_price'] = sprintf(tt('Maximum price is %s'), $this->currency->format(ALLOWED_PRODUCT_MAX_PRICE));
             } else {
                 if (!ValidatorBitcoin::amountValid(html_entity_decode($this->request->post['regular_price']))) {
                     $this->_error['price']['regular_price'] = tt('Invalid price format');
                 }
             }
         }
     }
     // Exclusive price
     if (!empty($this->request->post['exclusive_price'])) {
         if ($this->request->post['exclusive_price'] < ALLOWED_PRODUCT_MIN_PRICE) {
             $this->_error['price']['exclusive_price'] = sprintf(tt('Price must be %s or more'), $this->currency->format(ALLOWED_PRODUCT_MIN_PRICE));
         } else {
             if ($this->request->post['exclusive_price'] > ALLOWED_PRODUCT_MAX_PRICE) {
                 $this->_error['price']['exclusive_price'] = sprintf(tt('Maximum price is %s'), $this->currency->format(ALLOWED_PRODUCT_MAX_PRICE));
             } else {
                 if (!ValidatorBitcoin::amountValid(html_entity_decode($this->request->post['exclusive_price']))) {
                     $this->_error['price']['exclusive_price'] = tt('Invalid price format');
                 }
             }
         }
     }
     // Logic validation
     if (empty($this->request->post['regular_price']) && empty($this->request->post['exclusive_price'])) {
         $this->_error['price']['regular_exclusive_price'] = tt('Regular or exclusive price is required');
     } else {
         if ($this->request->post['regular_price'] == $this->request->post['exclusive_price']) {
             $this->_error['price']['regular_exclusive_price'] = tt('The regular and exclusive prices should not be the same');
         } else {
             if ($this->request->post['exclusive_price'] && $this->request->post['regular_price'] > $this->request->post['exclusive_price']) {
                 $this->_error['price']['regular_exclusive_price'] = tt('The regular price should not be greater than exclusive price');
             }
         }
     }
     // Special
     if (isset($this->request->post['special'])) {
         $special_count = 0;
         foreach ($this->request->post['special'] as $row => $special) {
             $special_count++;
             // Requirements
             if (!isset($special['regular_price'])) {
                 $this->_error['special'][$row]['regular_price'] = tt('Wrong regular price field');
                 // Filter critical request
                 $this->security_log->write('Wrong special regular price field');
                 $special['regular_price'] = 0;
             }
             if (!isset($special['exclusive_price'])) {
                 $this->_error['special'][$row]['price']['exclusive_price'] = tt('Wrong exclusive price field');
                 // Filter critical request
                 $this->security_log->write('Wrong special exclusive price field');
                 $special['exclusive_price'] = 0;
             }
             // Regular price
             if (!empty($special['regular_price'])) {
                 if ($special['regular_price'] < ALLOWED_PRODUCT_MIN_PRICE) {
                     $this->_error['special'][$row]['regular_price'] = sprintf(tt('Price must be %s or more'), $this->currency->format(ALLOWED_PRODUCT_MIN_PRICE));
                 } else {
                     if ($special['regular_price'] > ALLOWED_PRODUCT_MAX_PRICE) {
                         $this->_error['special'][$row]['regular_price'] = sprintf(tt('Maximum price is %s'), $this->currency->format(ALLOWED_PRODUCT_MAX_PRICE));
                     } else {
                         if (!ValidatorBitcoin::amountValid(html_entity_decode($special['regular_price']))) {
                             $this->_error['special'][$row]['regular_price'] = tt('Invalid price format');
                         }
                     }
                 }
             }
             // Exclusive price
             if (!empty($special['exclusive_price'])) {
                 if ($special['exclusive_price'] < ALLOWED_PRODUCT_MIN_PRICE) {
                     $this->_error['special'][$row]['exclusive_price'] = sprintf(tt('Price must be %s or more'), $this->currency->format(ALLOWED_PRODUCT_MIN_PRICE));
                 } else {
                     if ($special['exclusive_price'] > ALLOWED_PRODUCT_MAX_PRICE) {
                         $this->_error['special'][$row]['exclusive_price'] = sprintf(tt('Maximum price is %s'), $this->currency->format(ALLOWED_PRODUCT_MAX_PRICE));
                     } else {
                         if (!ValidatorBitcoin::amountValid(html_entity_decode($special['exclusive_price']))) {
                             $this->_error['special'][$row]['exclusive_price'] = tt('Invalid price format');
                         }
                     }
                 }
             }
             // Logic validation
             if (empty($special['regular_price']) && empty($special['exclusive_price'])) {
                 $this->_error['special'][$row]['regular_exclusive_price'] = tt('Regular or exclusive price is required');
             } else {
                 if ($special['regular_price'] == $special['exclusive_price']) {
                     $this->_error['special'][$row]['regular_exclusive_price'] = tt('The regular and exclusive prices should not be the same');
                 } else {
                     if ($special['exclusive_price'] && $special['regular_price'] > $special['exclusive_price']) {
                         $this->_error['special'][$row]['regular_exclusive_price'] = tt('The regular price should not be greater than exclusive price');
                     }
                 }
             }
             // Date start
             if (!isset($special['date_start'])) {
                 $this->_error['special'][$row]['date_start'] = tt('Wrong date start input');
                 // Filter critical request
                 $this->security_log->write('Wrong product special date_start field');
                 unset($this->request->post['special'][$row]);
                 break;
             } else {
                 if (empty($special['date_start'])) {
                     $this->_error['special'][$row]['date_start'] = tt('Date start is required');
                 } else {
                     if (!ValidatorProduct::dateValid(html_entity_decode($special['date_start']))) {
                         $this->_error['special'][$row]['date_start'] = tt('Invalid date format');
                     }
                 }
             }
             // Date end
             if (!isset($special['date_end'])) {
                 $this->_error['special'][$row]['date_end'] = tt('Wrong date end input');
                 // Filter critical request
                 $this->security_log->write('Wrong product special date_end field');
                 unset($this->request->post['special'][$row]);
                 break;
             } else {
                 if (empty($special['date_end'])) {
                     $this->_error['special'][$row]['date_end'] = tt('Date end is required');
                 } else {
                     if (!ValidatorProduct::dateValid(html_entity_decode($special['date_end']))) {
                         $this->_error['special'][$row]['date_end'] = tt('Invalid date format');
                     }
                 }
             }
             // Logic validation
             if (strtotime($special['date_start']) >= strtotime($special['date_end'])) {
                 $this->_error['special'][$row]['date_end'] = tt('Date end should not begin prior to Date start');
             }
             // Sort order
             if (!isset($special['sort_order']) || !$special['sort_order']) {
                 $this->_error['special']['common'] = tt('Wrong sort order input');
                 // Filter critical request
                 $this->security_log->write('Wrong product special sort_order field');
                 unset($this->request->post['special'][$row]);
             }
         }
         // Maximum special pages per product
         if (QUOTA_SPECIALS_PER_PRODUCT < $special_count) {
             $this->_error['special']['common'] = sprintf(tt('Maximum %s specials per one product'), QUOTA_DEMO_PER_PRODUCT);
             // Filter critical request
             $this->security_log->write('Exceeded limit of product specials');
             unset($this->request->post['special']);
         }
     }
     return !$this->_error;
 }
コード例 #3
0
ファイル: account.php プロジェクト: babilavena/bitsybay
 private function _validateAffiliate()
 {
     // Validate invite email address
     if (isset($this->request->get['invite_email'])) {
         if (!isset($this->request->post['invite_email']) || empty($this->request->post['invite_email'])) {
             $this->_error['invite_email'] = tt('Email address to required');
         } else {
             if (!ValidatorUser::emailValid($this->request->post['invite_email'])) {
                 $this->_error['invite_email'] = tt('Invalid email address');
             } else {
                 if ($this->model_account_user->checkEmail($this->request->post['invite_email'])) {
                     $this->_error['invite_email'] = tt('User with this e-mail address already registered');
                 }
             }
         }
         return !$this->_error;
     } else {
         if (isset($this->request->get['settings'])) {
             if (!isset($this->request->post['withdraw_address']) || empty($this->request->post['withdraw_address'])) {
                 $this->_error['withdraw_address'] = tt('Withdraw address required!');
             } else {
                 if (!ValidatorBitcoin::addressValid($this->request->post['withdraw_address'])) {
                     $this->_error['withdraw_address'] = tt('Invalid withdraw address');
                 }
             }
             if (!isset($this->request->post['currency_id']) || empty($this->request->post['currency_id']) || !$this->currency->hasId($this->request->post['currency_id'])) {
                 $this->security_log->write('Wrong affiliate currency_id field');
                 $this->_error['currency_id'] = tt('Invalid currency_id');
             }
             return !$this->_error;
             // Validate request
         } else {
             return false;
         }
     }
 }