<?php require_once dirname(dirname(dirname(__DIR__))) . DIRECTORY_SEPARATOR . 'vendor/autoload.php'; use security\Models\MySQLISingleton; use security\Models\Generator\CountryList; $mysqli = new MySQLISingleton(); $countryList = new CountryList(); $countries = $countryList->getCountryList(); $faker = Faker\Factory::create(); $fakeCompanies = 10; $mysqlValues = $sqliteValues = []; $countryCodeKeys = array_keys($countries); $countryCodeKeysLen = count($countryCodeKeys) - 1; for ($i = 0; $i < $fakeCompanies; $i++) { $name = $faker->company; $mysqlName = $mysqli->real_escape_string($name); $sqliteName = SQLite3::escapeString($name); $domain = $faker->domainName; $mysqlDomain = $mysqli->real_escape_string($domain); $sqliteDomain = SQLite3::escapeString($domain); $address = $faker->streetAddress; $mysqlAddress = $mysqli->real_escape_string($address); $sqliteAddress = SQLite3::escapeString($address); $city = $faker->city; $mysqlCity = $mysqli->real_escape_string($city); $sqliteCity = SQLite3::escapeString($city); $state = $faker->state; $mysqlState = $mysqli->real_escape_string($state); $sqliteState = SQLite3::escapeString($state); $countryCode = $countryCodeKeys[mt_rand(0, $countryCodeKeysLen)]; $phone = $faker->unique()->numerify('##########');
<?php require_once dirname(dirname(__DIR__)) . DIRECTORY_SEPARATOR . "partials/header.php"; use security\Exceptions\FolderException; use security\Models\ErrorRunner; use security\Models\FileUploader\FileUploader; use security\Models\MySQLISingleton; use security\Models\RedisSingleton; use security\Models\Router\Router; use security\Models\SiteLogger\FullLog; $router = new Router(__DIR__); $rootPath = $router->rootPath; $redis = new RedisSingleton(); $errorRunner = new ErrorRunner(); $logger = new FullLog('Customer Create Form'); $mysqli = new MySQLISingleton(); $_SESSION['maxfiles'] = ini_get('max_file_uploads'); $_SESSION['postmax'] = FileUploader::convertToBytes(ini_get('post_max_size')); $_SESSION['displaymax'] = FileUploader::convertFromBytes($_SESSION['postmax']); $max = 200 * 1024; $errors = $usersExist = []; if (isset($_POST['submitUsers'])) { $usersExist['users'] = []; $usersSearch = isset($_POST['usersSearch']) ? $_POST['usersSearch'] : null; if ($usersSearch) { $query = "SELECT username FROM customers WHERE username = '******'"; $res = $mysqli->query($query); if (!$res) { $errors[] = "On Query:<br/> [{$query}] <p>An Error Type of [{$mysqli->errno}] was generated.</p>\n <p>With a Message of: {$mysqli->error} on PHP line " . __LINE__ . " in file " . __FILE__ . "</p>"; } if ($res) {
<?php include_once dirname(dirname(dirname(__DIR__))) . DIRECTORY_SEPARATOR . 'vendor/autoload.php'; use security\Models\Generator\RandomGenerator; use security\Models\Generator\CountryList; use security\Models\MySQLISingleton; $rand = new RandomGenerator(); $mysqli = new MySQLISingleton(); $faker = Faker\Factory::create(); $fakeCustomers = 20; $countryList = new CountryList(); $countries = $countryList->getCountryList(); $countryCodeKeys = array_keys($countries); $countryCodeKeysLen = count($countryCodeKeys) - 1; $mysqlValues = $sqliteValues = []; /** * Note: addslashes is a bad idea because it only adds slashes as an escape sequence. * Depending upon the database, most notably SQLite, it follows the SQL standard of a * backslash followed by a single quote as the proper escape sequence, * while MySQL just uses the backslash as an escape sequence. Prepared statements are better than * relying upon these sorts of escape quote functions. * * Even within escaped characters recognized by addslashes, it does not recognize the correct encoding. * There are a certain class of injection attacks that take advantage of this to insert malicious data. */ // Create a default set of admin users so that each company will have at least one admin. // INSERT INTO `customers`(`id`, `username`, `password`, `plainpassword`, `email`, `address`, `instructions`, //`phone`, `numberordered`, `order_id`) //VALUES ([value-1],[value-2],[value-3],[value-4],[value-5],[value-6],[value-7],[value-8],[value-9]) for ($i = 1; $i <= $fakeCustomers; $i++) { $username = $faker->userName;
<?php include_once dirname(dirname(dirname(__DIR__))) . DIRECTORY_SEPARATOR . 'vendor/autoload.php'; use security\Models\Generator\RandomGenerator; use security\Models\MySQLISingleton; $rand = new RandomGenerator(); $mysqli = new MySQLISingleton(); $faker = Faker\Factory::create(); // percent chance a user will be an admin $chance = 10; $fakeUsers = 150; $mysqlValues = $sqliteValues = []; /** * Note: addslashes is a bad idea because it only adds slashes as an escape sequence. * Depending upon the database, most notably SQLite, it follows the SQL standard of a * backslash followed by a single quote as the proper escape sequence, * while MySQL just uses the backslash as an escape sequence. Prepared statements are better than * relying upon these sorts of escape quote functions. * * Even within escaped characters recognized by addslashes, it does not recognize the correct encoding. * There are a certain class of injection attacks that take advantage of this to insert malicious data. */ // Create a default set of admin users so that each company will have at least one admin. for ($i = 1; $i <= $fakeUsers; $i++) { $username = $faker->unique()->userName; $mysqlUsername = $mysqli->real_escape_string($username); $sqliteUsername = SQLite3::escapeString($username); $email = $faker->unique()->safeEmail; $mysqlEmail = $mysqli->real_escape_string($email); $sqliteEmail = SQLite3::escapeString($email); $phone = $faker->unique()->numerify('##########');
<?php include_once dirname(dirname(dirname(__DIR__))) . DIRECTORY_SEPARATOR . 'vendor/autoload.php'; use security\Models\MySQLISingleton; $mysqli = new MySQLISingleton(); $faker = Faker\Factory::create(); $mysqlValues = $sqliteValues = []; $fakeGroups = 40; for ($i = 1; $i <= $fakeGroups; $i++) { $groupName = $faker->catchPhrase; $mysqlGroupname = $mysqli->real_escape_string($groupName); $sqliteGroupname = SQLite3::escapeString($groupName); $mysqlQuery = "INSERT INTO groups (id, `name`)\n VALUES(null, '{$mysqlGroupname}')"; $sqliteQuery = "INSERT INTO groups (id, `name`)\n VALUES(null, '{$sqliteGroupname}')"; $mysqlValues[] = $mysqlQuery; $sqliteValues[] = $sqliteQuery; } // Begin MySQL SQL statements. $valueString = "SET FOREIGN_KEY_CHECKS = 0;" . PHP_EOL; $valueString .= implode(";" . PHP_EOL, $mysqlValues); $valueString .= ";SET FOREIGN_KEY_CHECKS = 1;" . PHP_EOL; $valueString .= PHP_EOL . "--//@UNDO" . PHP_EOL . "SET FOREIGN_KEY_CHECKS = 0;\nTRUNCATE groups;\nSET FOREIGN_KEY_CHECKS = 1;" . PHP_EOL . "--//"; $seedsFile = dirname(__DIR__) . "/deltas/seeds/mysql/14-groupSeeds.sql"; if (!file_exists($seedsFile)) { touch($seedsFile); } file_put_contents($seedsFile, $valueString); /** * Begin SQLite Preparations */ $valueString = "PRAGMA foreign_keys=OFF;" . PHP_EOL;