public static function execute(ApplicationAbstract $application) { $data = HTML::sanitize(basename($_GET['code'])); if (!Services::exists($data) || Services::get($data, 'uninstallable') !== true) { OSCOM::redirect(OSCOM::getLink()); } }
public static function execute(ApplicationAbstract $application) { $OSCOM_Shipping = Registry::get('Shipping'); $OSCOM_ShoppingCart = Registry::get('ShoppingCart'); if (!empty($_POST['comments'])) { $_SESSION['comments'] = HTML::sanitize($_POST['comments']); } if ($OSCOM_Shipping->hasQuotes()) { if (isset($_POST['shipping_mod_sel']) && strpos($_POST['shipping_mod_sel'], '_')) { list($module, $method) = explode('_', $_POST['shipping_mod_sel']); if (Registry::exists('Shipping_' . $module) && Registry::get('Shipping_' . $module)->isEnabled()) { $quote = $OSCOM_Shipping->getQuote($_POST['shipping_mod_sel']); if (isset($quote['error'])) { $OSCOM_ShoppingCart->resetShippingMethod(); } else { $OSCOM_ShoppingCart->setShippingMethod($quote); OSCOM::redirect(OSCOM::getLink(null, null, null, 'SSL')); } } else { $OSCOM_ShoppingCart->resetShippingMethod(); } } } else { $OSCOM_ShoppingCart->resetShippingMethod(); OSCOM::redirect(OSCOM::getLink(null, null, null, 'SSL')); } }
public function __construct() { $this->initialize(); if (isset($_GET['action']) && !empty($_GET['action'])) { $action = HTML::sanitize(basename($_GET['action'])); if (class_exists('osCommerce\\OM\\Core\\Site\\' . OSCOM::getSite() . '\\Application\\' . OSCOM::getSiteApplication() . '\\Action\\' . $action)) { call_user_func(array('osCommerce\\OM\\Core\\Site\\' . OSCOM::getSite() . '\\Application\\' . OSCOM::getSiteApplication() . '\\Action\\' . $action, 'execute'), $this); } } }
public static function execute(ApplicationAbstract $application) { $data = HTML::sanitize(basename($_GET['code'])); if (PaymentModules::install($data)) { OSCOM::redirect(OSCOM::getLink(null, null, 'Save&code=' . $_GET['code'])); } else { Registry::get('MessageStack')->add(null, OSCOM::getDef('ms_error_action_not_performed'), 'error'); OSCOM::redirect(OSCOM::getLink()); } }
public static function execute(ApplicationAbstract $application) { $data = HTML::sanitize(basename($_GET['code'])); if (Services::uninstall($data)) { Registry::get('MessageStack')->add(null, OSCOM::getDef('ms_success_action_performed'), 'success'); } else { Registry::get('MessageStack')->add(null, OSCOM::getDef('ms_error_action_not_performed'), 'error'); } OSCOM::redirect(OSCOM::getLink()); }
protected function initialize() { $OSCOM_ShoppingCart = Registry::get('ShoppingCart'); $OSCOM_Customer = Registry::get('Customer'); $OSCOM_Language = Registry::get('Language'); $OSCOM_Service = Registry::get('Service'); $OSCOM_Breadcrumb = Registry::get('Breadcrumb'); $OSCOM_MessageStack = Registry::get('MessageStack'); // redirect to shopping cart if shopping cart is empty if (!$OSCOM_ShoppingCart->hasContents()) { OSCOM::redirect(OSCOM::getLink(null, 'Cart')); } // check for e-mail address if (!$OSCOM_Customer->hasEmailAddress()) { if (isset($_POST['email']) && strlen(trim($_POST['email'])) >= ACCOUNT_EMAIL_ADDRESS) { if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) { $OSCOM_Customer->setEmailAddress(trim($_POST['email'])); } else { $OSCOM_MessageStack->add('Cart', OSCOM::getDef('field_customer_email_address_check_error')); OSCOM::redirect(OSCOM::getLink(null, 'Cart')); } } else { $OSCOM_MessageStack->add('Cart', sprintf(OSCOM::getDef('field_customer_email_address_error'), ACCOUNT_EMAIL_ADDRESS)); OSCOM::redirect(OSCOM::getLink(null, 'Cart')); } } // check product type perform_order conditions foreach ($OSCOM_ShoppingCart->getProducts() as $product) { $OSCOM_Product = new Product($product['id']); $OSCOM_Product->isTypeActionAllowed('PerformOrder'); } $OSCOM_Language->load('checkout'); $OSCOM_Language->load('order'); $this->_page_title = OSCOM::getDef('confirmation_heading'); if ($OSCOM_Service->isStarted('Breadcrumb')) { $OSCOM_Breadcrumb->add(OSCOM::getDef('breadcrumb_checkout_confirmation'), OSCOM::getLink(null, 'Checkout', null, 'SSL')); } if (isset($_POST['comments']) && isset($_SESSION['comments']) && empty($_POST['comments'])) { unset($_SESSION['comments']); } elseif (!empty($_POST['comments'])) { $_SESSION['comments'] = HTML::sanitize($_POST['comments']); } if (DISPLAY_CONDITIONS_ON_CHECKOUT == '1') { if (!isset($_POST['conditions']) || $_POST['conditions'] != '1') { $OSCOM_MessageStack->add('Checkout', OSCOM::getDef('error_conditions_not_accepted'), 'error'); } } if (Registry::exists('Payment') === false) { Registry::set('Payment', new Payment()); } if ($OSCOM_ShoppingCart->hasBillingMethod()) { $OSCOM_Payment = Registry::get('Payment'); $OSCOM_Payment->load($OSCOM_ShoppingCart->getBillingMethod('id')); } }
public static function execute(ApplicationAbstract $application) { if (isset($_GET['module']) && !empty($_GET['module'])) { $module = HTML::sanitize($_GET['module']); if (class_exists('osCommerce\\OM\\Core\\Site\\Shop\\Module\\Payment\\' . $module)) { $module = 'osCommerce\\OM\\Core\\Site\\Shop\\Module\\Payment\\' . $module; $module = new $module(); $module->callback(); } } exit; }
public static function execute(ApplicationAbstract $application) { if (!empty($_GET['shortcut'])) { $application = HTML::sanitize($_GET['shortcut']); if (OSCOM::siteApplicationExists($application)) { if (Dashboard::deleteShortcut($_SESSION[OSCOM::getSite()]['id'], $application)) { $_SESSION[OSCOM::getSite()]['access'] = Access::getUserLevels($_SESSION[OSCOM::getSite()]['id']); Registry::get('MessageStack')->add('header', OSCOM::getDef('ms_success_shortcut_removed'), 'success'); OSCOM::redirect(OSCOM::getLink(null, $application)); } } } OSCOM::redirect(OSCOM::getLink()); }
public static function execute(ApplicationAbstract $application) { $OSCOM_MessageStack = Registry::get('MessageStack'); $name = HTML::sanitize($_POST['name']); $email_address = HTML::sanitize($_POST['email']); $enquiry = HTML::sanitize($_POST['enquiry']); if (filter_var($email_address, FILTER_VALIDATE_EMAIL)) { $email = new Mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $name, $email_address, OSCOM::getDef('contact_email_subject')); $email->setBodyPlain($enquiry); $email->send(); OSCOM::redirect(OSCOM::getLink(null, null, 'Contact&Success')); } else { $OSCOM_MessageStack->add('Contact', OSCOM::getDef('field_customer_email_address_check_error')); } }
public static function initialize() { header('Cache-Control: no-cache, must-revalidate'); header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); header('Content-Type: application/json; charset=utf-8'); if (empty($_GET)) { echo json_encode(array('rpcStatus' => self::STATUS_NO_MODULE)); exit; } $site = HTML::sanitize(basename(key(array_slice($_GET, 1, 1, true)))); $application = HTML::sanitize(basename(key(array_slice($_GET, 2, 1, true)))); if (!OSCOM::siteExists($site)) { echo json_encode(array('rpcStatus' => self::STATUS_CLASS_NONEXISTENT)); exit; } OSCOM::setSite($site); if (!OSCOM::siteApplicationExists($application)) { echo json_encode(array('rpcStatus' => self::STATUS_CLASS_NONEXISTENT)); exit; } OSCOM::setSiteApplication($application); call_user_func(array('osCommerce\\OM\\Core\\Site\\' . $site . '\\Controller', 'initialize')); if (!call_user_func(array('osCommerce\\OM\\Core\\Site\\' . $site . '\\Controller', 'hasAccess'), $application)) { echo json_encode(array('rpcStatus' => self::STATUS_NO_ACCESS)); exit; } if (count($_GET) < 3) { echo json_encode(array('rpcStatus' => self::STATUS_NO_ACTION)); exit; } $rpc_called = false; $rpc = array('RPC'); for ($i = 3, $n = count($_GET); $i < $n; $i++) { $subrpc = HTML::sanitize(basename(key(array_slice($_GET, $i, 1, true)))); if (self::siteApplicationRPCExists(implode('\\', $rpc) . '\\' . $subrpc)) { call_user_func(array('osCommerce\\OM\\Core\\Site\\' . OSCOM::getSite() . '\\Application\\' . OSCOM::getSiteApplication() . '\\' . implode('\\', $rpc) . '\\' . $subrpc, 'execute')); $rpc[] = $subrpc; $rpc_called = true; } else { break; } } if ($rpc_called === false) { echo json_encode(array('rpcStatus' => self::STATUS_NO_ACTION)); exit; } exit; }
public static function execute(ApplicationAbstract $application) { $data = HTML::sanitize(basename($_GET['code'])); if (Services::install($data)) { $class = 'osCommerce\\OM\\Core\\Site\\Admin\\Module\\Service\\' . $data; $OSCOM_SM = new $class(); if ($OSCOM_SM->hasKeys()) { OSCOM::redirect(OSCOM::getLink(null, null, 'Save&code=' . $data)); } else { Registry::get('MessageStack')->add(null, OSCOM::getDef('ms_success_action_performed'), 'success'); OSCOM::redirect(OSCOM::getLink()); } } else { Registry::get('MessageStack')->add(null, OSCOM::getDef('ms_error_action_not_performed'), 'error'); OSCOM::redirect(OSCOM::getLink()); } }
public static function execute(ApplicationAbstract $application) { $OSCOM_Customer = Registry::get('Customer'); $OSCOM_NavigationHistory = Registry::get('NavigationHistory'); $OSCOM_MessageStack = Registry::get('MessageStack'); $OSCOM_Service = Registry::get('Service'); $OSCOM_Breadcrumb = Registry::get('Breadcrumb'); if (ALLOW_GUEST_TO_TELL_A_FRIEND == '-1' && $OSCOM_Customer->isLoggedOn() === false) { $OSCOM_NavigationHistory->setSnapshot(); OSCOM::redirect(OSCOM::getLink(null, 'Account', 'LogIn', 'SSL')); } $requested_product = null; $product_check = false; if (count($_GET) > 3) { $requested_product = basename(key(array_slice($_GET, 3, 1, true))); if ($requested_product == 'Write') { unset($requested_product); if (count($_GET) > 4) { $requested_product = basename(key(array_slice($_GET, 4, 1, true))); } } } if (isset($requested_product)) { if (Product::checkEntry($requested_product)) { $product_check = true; } } if ($product_check === false) { $application->setPageContent('not_found.php'); return false; } Registry::set('Product', new Product($requested_product)); $OSCOM_Product = Registry::get('Product'); if (empty($_POST['from_name'])) { $OSCOM_MessageStack->add('TellAFriend', OSCOM::getDef('error_tell_a_friend_customers_name_empty')); } if (!filter_var($_POST['from_email_address'] . FILTER_VALIDATE_EMAIL)) { $OSCOM_MessageStack->add('TellAFriend', OSCOM::getDef('error_tell_a_friend_invalid_customers_email_address')); } if (empty($_POST['to_name'])) { $OSCOM_MessageStack->add('TellAFriend', OSCOM::getDef('error_tell_a_friend_friends_name_empty')); } if (!filter_var($_POST['to_email_address'], FILTER_VALIDATE_EMAIL)) { $OSCOM_MessageStack->add('TellAFriend', OSCOM::getDef('error_tell_a_friend_invalid_friends_email_address')); } if ($OSCOM_MessageStack->size('TellAFriend') < 1) { $email_subject = sprintf(OSCOM::getDef('email_tell_a_friend_subject'), HTML::sanitize($_POST['from_name']), STORE_NAME); $email_body = sprintf(OSCOM::getDef('email_tell_a_friend_intro'), HTML::sanitize($_POST['to_name']), HTML::sanitize($_POST['from_name']), $OSCOM_Product->getTitle(), STORE_NAME) . "\n\n"; if (!empty($_POST['message'])) { $email_body .= HTML::sanitize($_POST['message']) . "\n\n"; } $email_body .= sprintf(OSCOM::getDef('email_tell_a_friend_link'), OSCOM::getLink(null, null, $OSCOM_Product->getKeyword(), 'NONSSL', false)) . "\n\n" . sprintf(OSCOM::getDef('email_tell_a_friend_signature'), STORE_NAME . "\n" . HTTP_SERVER . DIR_WS_CATALOG . "\n"); $pEmail = new Mail(HTML::sanitize($_POST['to_name']), HTML::sanitize($_POST['to_email_address']), HTML::sanitize($_POST['from_name']), HTML::sanitize($_POST['from_email_address']), $email_subject); $pEmail->setBodyPlain($email_body); $pEmail->send(); $OSCOM_MessageStack->add('header', sprintf(OSCOM::getDef('success_tell_a_friend_email_sent'), $OSCOM_Product->getTitle(), HTML::outputProtected($_POST['to_name'])), 'success'); OSCOM::redirect(OSCOM::getLink(null, null, $OSCOM_Product->getKeyword())); } $application->setPageTitle($OSCOM_Product->getTitle()); $application->setPageContent('tell_a_friend.php'); }
public static function setSiteApplication($application = null) { if (isset($application)) { if (!static::siteApplicationExists($application)) { trigger_error('Application \'' . $application . '\' does not exist for Site \'' . static::getSite() . '\', using default \'' . static::getDefaultSiteApplication() . '\'', E_USER_ERROR); $application = null; } } else { if (!empty($_GET)) { $requested_application = HTML::sanitize(basename(key(array_slice($_GET, 0, 1, true)))); if ($requested_application == static::getSite()) { $requested_application = HTML::sanitize(basename(key(array_slice($_GET, 1, 1, true)))); } if (!empty($requested_application) && static::siteApplicationExists($requested_application)) { $application = $requested_application; } } } if (empty($application)) { $application = static::getDefaultSiteApplication(); } static::$_application = $application; }
public static function initialize() { header('Content-Type: application/json; charset=utf-8'); header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-store, no-cache, must-revalidate'); header('Cache-Control: post-check=0, pre-check=0', false); header('Pragma: no-cache'); try { if ( empty($_GET) ) { throw new \Exception(self::STATUS_NO_MODULE); } elseif ( count($_GET) < 3 ) { throw new \Exception(self::STATUS_NO_ACTION); } $site = HTML::sanitize(basename(key(array_slice($_GET, 1, 1, true)))); $application = HTML::sanitize(basename(key(array_slice($_GET, 2, 1, true)))); if ( !OSCOM::siteExists($site) ) { throw new \Exception(self::STATUS_CLASS_NONEXISTENT); } OSCOM::setSite($site); if ( !OSCOM::siteApplicationExists($application) ) { throw new \Exception(self::STATUS_CLASS_NONEXISTENT); } OSCOM::setSiteApplication($application); ob_start( function($buffer) { foreach ( headers_list() as $h ) { if ( stripos($h, 'Location:') !== false ) { header_remove('Location'); \osCommerce\OM\Core\HttpRequest::setResponseCode(403); $buffer = json_encode(array('rpcStatus' => constant('osCommerce\\OM\\Core\\Site\\RPC\\Controller::STATUS_REDIRECT_DETECTED'))); break; } } return $buffer; }); call_user_func(array('osCommerce\\OM\\Core\\Site\\' . $site . '\\Controller', 'initialize')); ob_end_flush(); if ( !call_user_func(array('osCommerce\\OM\\Core\\Site\\' . $site . '\\Controller', 'hasAccess'), $application)) { throw new \Exception(self::STATUS_NO_ACCESS); } $rpc_called = false; $rpc = array('RPC'); for ( $i = 3, $n = count($_GET); $i < $n; $i++ ) { $subrpc = HTML::sanitize(basename(key(array_slice($_GET, $i, 1, true)))); if ( self::siteApplicationRPCExists(implode('\\', $rpc) . '\\' . $subrpc) ) { call_user_func(array('osCommerce\\OM\\Core\\Site\\' . OSCOM::getSite() . '\\Application\\' . OSCOM::getSiteApplication() . '\\' . implode('\\', $rpc) . '\\' . $subrpc, 'execute')); $rpc[] = $subrpc; $rpc_called = true; } else { break; } } if ( $rpc_called === false ) { throw new \Exception(self::STATUS_NO_ACTION); } } catch ( \Exception $e ) { HttpRequest::setResponseCode(403); echo json_encode(array('rpcStatus' => $e->getMessage())); } exit; }
public function testSanitize() { $this->assertEquals('test _test_', HTML::sanitize(' test <test> ')); }