<?php
require_once dirname(dirname(dirname(__DIR__))) . DIRECTORY_SEPARATOR . 'vendor/autoload.php';
use security\Models\MySQLISingleton;
use security\Models\Generator\CountryList;
$mysqli = new MySQLISingleton();
$countryList = new CountryList();
$countries = $countryList->getCountryList();
$faker = Faker\Factory::create();
$fakeCompanies = 10;
$mysqlValues = $sqliteValues = [];
$countryCodeKeys = array_keys($countries);
$countryCodeKeysLen = count($countryCodeKeys) - 1;
for ($i = 0; $i < $fakeCompanies; $i++) {
$name = $faker->company;
$mysqlName = $mysqli->real_escape_string($name);
$sqliteName = SQLite3::escapeString($name);
$domain = $faker->domainName;
$mysqlDomain = $mysqli->real_escape_string($domain);
$sqliteDomain = SQLite3::escapeString($domain);
$address = $faker->streetAddress;
$mysqlAddress = $mysqli->real_escape_string($address);
$sqliteAddress = SQLite3::escapeString($address);
$city = $faker->city;
$mysqlCity = $mysqli->real_escape_string($city);
$sqliteCity = SQLite3::escapeString($city);
$state = $faker->state;
$mysqlState = $mysqli->real_escape_string($state);
$sqliteState = SQLite3::escapeString($state);
$countryCode = $countryCodeKeys[mt_rand(0, $countryCodeKeysLen)];
$phone = $faker->unique()->numerify('##########');
<?php
require_once dirname(dirname(__DIR__)) . DIRECTORY_SEPARATOR . "partials/header.php";
use security\Exceptions\FolderException;
use security\Models\ErrorRunner;
use security\Models\FileUploader\FileUploader;
use security\Models\MySQLISingleton;
use security\Models\RedisSingleton;
use security\Models\Router\Router;
use security\Models\SiteLogger\FullLog;
$router = new Router(__DIR__);
$rootPath = $router->rootPath;
$redis = new RedisSingleton();
$errorRunner = new ErrorRunner();
$logger = new FullLog('Customer Create Form');
$mysqli = new MySQLISingleton();
$_SESSION['maxfiles'] = ini_get('max_file_uploads');
$_SESSION['postmax'] = FileUploader::convertToBytes(ini_get('post_max_size'));
$_SESSION['displaymax'] = FileUploader::convertFromBytes($_SESSION['postmax']);
$max = 200 * 1024;
$errors = $usersExist = [];
if (isset($_POST['submitUsers'])) {
$usersExist['users'] = [];
$usersSearch = isset($_POST['usersSearch']) ? $_POST['usersSearch'] : null;
if ($usersSearch) {
$query = "SELECT username FROM customers WHERE username = '******'";
$res = $mysqli->query($query);
if (!$res) {
$errors[] = "On Query:<br/> [{$query}] <p>An Error Type of [{$mysqli->errno}] was generated.</p>\n <p>With a Message of: {$mysqli->error} on PHP line " . __LINE__ . " in file " . __FILE__ . "</p>";
}
if ($res) {
<?php
include_once dirname(dirname(dirname(__DIR__))) . DIRECTORY_SEPARATOR . 'vendor/autoload.php';
use security\Models\Generator\RandomGenerator;
use security\Models\Generator\CountryList;
use security\Models\MySQLISingleton;
$rand = new RandomGenerator();
$mysqli = new MySQLISingleton();
$faker = Faker\Factory::create();
$fakeCustomers = 20;
$countryList = new CountryList();
$countries = $countryList->getCountryList();
$countryCodeKeys = array_keys($countries);
$countryCodeKeysLen = count($countryCodeKeys) - 1;
$mysqlValues = $sqliteValues = [];
/**
* Note: addslashes is a bad idea because it only adds slashes as an escape sequence.
* Depending upon the database, most notably SQLite, it follows the SQL standard of a
* backslash followed by a single quote as the proper escape sequence,
* while MySQL just uses the backslash as an escape sequence. Prepared statements are better than
* relying upon these sorts of escape quote functions.
*
* Even within escaped characters recognized by addslashes, it does not recognize the correct encoding.
* There are a certain class of injection attacks that take advantage of this to insert malicious data.
*/
// Create a default set of admin users so that each company will have at least one admin.
// INSERT INTO `customers`(`id`, `username`, `password`, `plainpassword`, `email`, `address`, `instructions`,
//`phone`, `numberordered`, `order_id`)
//VALUES ([value-1],[value-2],[value-3],[value-4],[value-5],[value-6],[value-7],[value-8],[value-9])
for ($i = 1; $i <= $fakeCustomers; $i++) {
$username = $faker->userName;
<?php
include_once dirname(dirname(dirname(__DIR__))) . DIRECTORY_SEPARATOR . 'vendor/autoload.php';
use security\Models\Generator\RandomGenerator;
use security\Models\MySQLISingleton;
$rand = new RandomGenerator();
$mysqli = new MySQLISingleton();
$faker = Faker\Factory::create();
// percent chance a user will be an admin
$chance = 10;
$fakeUsers = 150;
$mysqlValues = $sqliteValues = [];
/**
* Note: addslashes is a bad idea because it only adds slashes as an escape sequence.
* Depending upon the database, most notably SQLite, it follows the SQL standard of a
* backslash followed by a single quote as the proper escape sequence,
* while MySQL just uses the backslash as an escape sequence. Prepared statements are better than
* relying upon these sorts of escape quote functions.
*
* Even within escaped characters recognized by addslashes, it does not recognize the correct encoding.
* There are a certain class of injection attacks that take advantage of this to insert malicious data.
*/
// Create a default set of admin users so that each company will have at least one admin.
for ($i = 1; $i <= $fakeUsers; $i++) {
$username = $faker->unique()->userName;
$mysqlUsername = $mysqli->real_escape_string($username);
$sqliteUsername = SQLite3::escapeString($username);
$email = $faker->unique()->safeEmail;
$mysqlEmail = $mysqli->real_escape_string($email);
$sqliteEmail = SQLite3::escapeString($email);
$phone = $faker->unique()->numerify('##########');
<?php
include_once dirname(dirname(dirname(__DIR__))) . DIRECTORY_SEPARATOR . 'vendor/autoload.php';
use security\Models\MySQLISingleton;
$mysqli = new MySQLISingleton();
$faker = Faker\Factory::create();
$mysqlValues = $sqliteValues = [];
$fakeGroups = 40;
for ($i = 1; $i <= $fakeGroups; $i++) {
$groupName = $faker->catchPhrase;
$mysqlGroupname = $mysqli->real_escape_string($groupName);
$sqliteGroupname = SQLite3::escapeString($groupName);
$mysqlQuery = "INSERT INTO groups (id, `name`)\n VALUES(null, '{$mysqlGroupname}')";
$sqliteQuery = "INSERT INTO groups (id, `name`)\n VALUES(null, '{$sqliteGroupname}')";
$mysqlValues[] = $mysqlQuery;
$sqliteValues[] = $sqliteQuery;
}
// Begin MySQL SQL statements.
$valueString = "SET FOREIGN_KEY_CHECKS = 0;" . PHP_EOL;
$valueString .= implode(";" . PHP_EOL, $mysqlValues);
$valueString .= ";SET FOREIGN_KEY_CHECKS = 1;" . PHP_EOL;
$valueString .= PHP_EOL . "--//@UNDO" . PHP_EOL . "SET FOREIGN_KEY_CHECKS = 0;\nTRUNCATE groups;\nSET FOREIGN_KEY_CHECKS = 1;" . PHP_EOL . "--//";
$seedsFile = dirname(__DIR__) . "/deltas/seeds/mysql/14-groupSeeds.sql";
if (!file_exists($seedsFile)) {
touch($seedsFile);
}
file_put_contents($seedsFile, $valueString);
/**
* Begin SQLite Preparations
*/
$valueString = "PRAGMA foreign_keys=OFF;" . PHP_EOL;
