function process_second_form() { global $errors; //merge address fields $_POST['address'] = $_POST['addresslineone'] . " " . $_POST['addresslinetwo']; //validate presences $required_fields = array("address", "city", "postcode", "country", "phonenumber"); validate_presences($required_fields); //validate max lengths $fields_with_max_lengths = array("address" => 30, "postcode" => 10, "city" => 20); //validate phone field //trim all whitespaces: $_POST['phonenumber'] = preg_replace('/\\s+/', "", $_POST['phonenumber']); validate_phone("phonenumber"); if (empty($errors)) { $_SESSION['address'] = $_POST['address']; $_SESSION['city'] = $_POST['city']; $_SESSION['postcode'] = $_POST['postcode']; $_SESSION['country'] = $_POST['country']; $_SESSION['phonenumber'] = $_POST['phonenumber']; $_SESSION['address_details'] = 1; //confirm successful outcome in session if (isset($_POST['test'])) { echo "SESSION:"; echo "<pre>"; echo print_r($_SESSION); echo "</pre>"; } } }
<h2>Create New User</h2> <?php if (isset($_SESSION['user']) && $_SESSION['user'] != '') { // Check if user is logged in if (isset($_SESSION['type']) && $_SESSION['type'] == 3) { // Check if user can create other users $errors = array(); // Check if register values are set. If false, user has opened page the first time if (isset($_POST["email"]) && isset($_POST["pass"]) && isset($_POST["cnfrmPass"]) && isset($_POST["fname"]) && isset($_POST["lname"]) && isset($_POST["type"])) { require $relative . 'data/php/user/validate.inc'; validate_email($errors, $_POST['email']); validate_and_confirm_pass($errors, $_POST["pass"], $_POST["cnfrmPass"]); validate_name($errors, $_POST["fname"], 'fname', 'a valid first name'); validate_name($errors, $_POST["mnames"], 'mnames', 'valid middle name(s)'); validate_name($errors, $_POST["lname"], 'lname', 'a valid last name'); validate_phone($errors, $_POST["phone"]); if (!isset($_POST['type']) || $_POST['type'] == '') { $errors['type'] = 'Please select a user type'; } if (!isset($errors['email']) && !isset($errors['pass']) && !isset($errors['cnfrmPass']) && !isset($errors['fname']) && !isset($errors['mnames']) && !isset($errors['lname']) && !isset($errors['phone']) && !isset($errors['type'])) { // No errors, form is valid $password = $_POST["pass"]; $salt = uniqid(); // Check if email exists in user table require $relative . 'data/php/database/pdo.inc'; $email = trim($_POST["email"]); $fname = trim($_POST["fname"]); $mnames = trim($_POST['mnames']); $lname = trim($_POST["lname"]); $phone = trim($_POST['phone']); $type = intval($_POST['type']);
} //function to validate phone function validate_phone($phone, $sid, $token) { try { $client = new Lookups_Services_Twilio($sid, $token); $number = $client->phone_numbers->get($phone); $phone = $number->phone_number; } catch (Exception $e) { $phone = "ERROR"; } return $phone; } //If the $phone is not empty, then send it to get validated if ($phone != "") { $phone = validate_phone($phone, $sid, $token); } // If the phone validation reports an error, then pass it on to the user. if ($phone == "ERROR") { $phoneErr = "Phone Number is not valid"; $has_error = True; } // MySQL database settings $servername = "mysql.groomsmanbox.com"; $username = "******"; $password = "******"; // Check if phone number is in database if ($has_error == False and $_SERVER["REQUEST_METHOD"] == "POST") { try { $conn = new PDO("mysql:host={$servername};dbname=discount_sprezza", $username, $password); // set the PDO error mode to exception
<?php if (isset($_GET['property']) && $_GET['property'] != '') { // Check property id is set if (!isset($_SESSION['user']) || $_SESSION['user'] == '') { // Check if user isn't logged in $errors = array(); // Check if register values are set. If false, user has opened page the first time if (isset($_POST['date']) && isset($_POST['fname']) && isset($_POST['lname']) && isset($_POST['email']) && isset($_POST['phone'])) { require $relative . 'data/php/user/validate.inc'; if (!isset($_POST['date']) || $_POST['date'] == '') { $errors['date'] = 'Please select an inspection day and time'; } validate_name($errors, $_POST['fname'], 'fname', 'a valid first name'); validate_name($errors, $_POST['lname'], 'lname', 'a valid last name'); validate_email($errors, $_POST['email']); validate_phone($errors, $_POST['phone']); if (!isset($errors['date']) && !isset($errors['fname']) && !isset($errors['lname']) && !isset($errors['email']) && !isset($errors['phone'])) { // No errors, form is valid // Create inspection require $relative . 'data/php/database/pdo.inc'; $fname = trim($_POST["fname"]); $lname = trim($_POST["lname"]); $email = trim($_POST["email"]); $phone = trim($_POST['phone']); $date = $_POST['date']; $property = intval($_GET['property']); // Check if inspection already exists $query = 'SELECT * FROM inspection WHERE fName = ? AND lName = ? AND date = ? AND property = ?;'; $result = select($query, array($fname, $lname, $date, $property), false); if ($result == false) { // Statement to insert inspection row into database
/** * 插入订单的验证和转化 * @author yxd * @return boolean */ public function act_transformInsertOrder() { #################order表信息验证及格式化############################## $distributorsData = json_decode('[ { "order": { "recordNumber": "12680437", "account": "hello", "ordersTime": "2014-08-02 09:44:38", "paymentMethod": "PayPal", "paymentTime": "2014-08-02 09:44:38", "onlineTotal": "7.26", "currency": "AUD", "actualShipping": "22.000", "ORtransport": "chinapost" }, "orderExtension": { "companyId": "yks", "payPalPaymentId": "7HE13018KL3271431", "orderId": "380882639665-508802711025", "feedback": "none" }, "orderUserInfo": { "username": "******", "platformUsername": "******", "email": "*****@*****.**", "countryName": "Australia", "countrySn": "AU", "currency": "AUD", "state": "New South Wales", "city": "Peakhurst", "address1": "760a forest road", "address2": "760a forest road", "address3": "760a forest road", "phone": "02 91536215", "zipCode": "2210" }, "orderDeclarationContent" :[{ "spu": "SV003829", "amount": 10, "price": 100, "enTitle": "T-Shirt", "cnTitle": "T恤", "hamcodes": "8531100000", "material":"棉", "unit": "pics" }], "orderDetails": [ { "orderDetail": { "recordNumber": "630634", "itemPrice": "7.26", "itemId": "7733333", "sku": "SV001920_BE_M", "onlinesku": "SV001920_BE_M:N98B", "amount": "1", "shippingFee": "3.00", "createdTime": "2014-08-02 09:44:38" }, "orderDetailExtension": { "itemTitle": "Womens Tummy Control Underbust Slimming Shapewear Shaper Suit Body Control N98B[Beige,Asian M (US S(4-6) UK 6-8 EU ...", "itemURL": "11" } } ] } ]', true); $order = $distributorsData[0]['order']; $recordNumber = $order['recordNumber']; //平台对应的订单号 if (!isset($recordNumber)) { self::$errMsg[123] = '平台对应的订单号不能为空'; return false; } if (!preg_match("/^\\w*\$/", $recordNumber)) { self::$errMsg[123] = 'recordnumber格式不规范'; } $account = $order['account']; //账号 if (!isset($account)) { self::$errMsg[123] = '账号不能为空'; return false; } //验证账号是否存在 if (!M('Account')->checkIsExists(array('account' => $account))) { self::$errMsg[1234] = '非法账号--不存在'; return false; } //根据账号查找账号Id $accountId = M('Account')->getAccountIdByName($account); //账号id if (empty($accountId)) { self::$errMsg[1235] = '非法账号--不存在'; return false; } //根据账号查平台Id $platformId = M('Account')->getPlatformid($accountId); //平台id $platformId = $platformId[0]['platformId']; if (empty($platformId)) { self::$errMsg[1236] = '非法账号'; return false; } //这里还要验证该$account_id下这个$recordNumber是否存在查重 if (M('OrderAdd')->checkIsExists(array('recordNumber' => $recordNumber, 'accountId' => $accountId))) { self::$errMsg[10043] = get_promptmsg(10043, $recordNumber); //"该recordNumber已经存在<br/>"; return false; } //验证时间格式 $ordersTime = $order['ordersTime']; //订单在平台的生成时间 if (!validate_datetime($ordersTime)) { self::$errMsg[124] = '非法时间格式ordersTime标准格式为[2014-08-03 18:58:23]'; return false; } $ordersTime = strtotime($ordersTime); //系统以时间戳格式存放 $paymentTime = $order['paymentTime']; //订单付款时间 if (!validate_datetime($paymentTime)) { self::$errMsg[124] = "非法时间格式paymentTime标准格式为[2014-08-03 18:58:23]"; return false; } $paymentTime = strtotime(paymentTime); //系统以时间戳格式存放 $orderAddTime = time(); //订单进入系统时间时间 $onlineTotal = $order['onlineTotal']; //线上总价 可以为空 if (!validate_float2($onlineTotal)) { self::$errMsg[125] = "非法线上总价标准格式为[12.00]"; return false; } $currency = $order['currency']; //币种3个大写字母,必填 if (!preg_match("/^([A-Z]{3})\$/", $currency)) { self::$errMsg[124] = "非法币种标准格式为[3个大写字母组成]"; return false; } $paymentMethod = $order['paymentMethod']; //付款方式 if (empty($paymentMethod)) { self::$errMsg[111] = "付款方式不能为空"; return false; } $ORtransport = $order['ORtransport']; // 订单进系统时分配给它的原始运输方式,只用作备份 $actualShipping = $order['actualShipping']; //线上时间付款运费 可以为空 if (!validate_float3($actualShipping)) { self::$errMsg[125] = "运费格式非法标准格式为[12.000]"; return false; } $orderArr = array('recordNumber' => $recordNumber, 'platformId' => $platformId, 'accountId' => $accountId, 'ordersTime' => $ordersTime, 'paymentMethod' => $paymentMethod, 'paymentTime' => $paymentTime, 'onlineTotal' => $onlineTotal, 'currency' => $currency, 'ORtransport' => $ORtransport, 'actualShipping' => $actualShipping, 'orderAddTime' => $orderAddTime); ################orderdetail 及exteendtion数据验证####################### $orderDetails = $distributorsData[0]['orderDetails']; $orderDetailArr = array(); foreach ($orderDetails as $value) { $orderDetail = $value['orderDetail']; //订单详情表 $itemPrice = isset($orderDetail['itemPrice']) ? $orderDetail['itemPrice'] : 0.0; //平台对应的销售单价 if (!validate_float2($itemPrice)) { self::$errMsg[123] = "平台对应的销售单价不规范标准格式为[12.00]"; return false; } $itemId = isset($orderDetail['itemId']) ? $orderDetail['itemId'] : null; //商品在平台上的ID if (!preg_match("/^\\d*\$/", $itemId)) { self::$errMsg[123] = "商品在平台上的ID不规范标准格式为[5454143004]"; return false; } $sku = $orderDetail['sku']; $isSkuExsit = M("InterfacePc")->getSkuinfo($sku); if (empty($isSkuExsit)) { self::$errMsg[123] = "sku在系统中不存在"; return false; } $onlinesku = isset($orderDetail['onlinesku']) ? $orderDetail['onlinesku'] : null; //线上sku $amount = isset($orderDetail['amount']) ? $orderDetail['amount'] : 0; if (!preg_match("/^\\d*\$/", $amount)) { self::$errMsg = "订单中的商品数量不规范,必须为有效数字"; return false; } $amount = intval($orderDetail['amount']); $shippingFee = $orderDetail['shippingFee']; //平台对应料号的运费 if (!validate_float2($shippingFee)) { self::$errMsg[123] = "平台对应料号的运费不规范标准格式为[12.00]"; return false; } $orderDetailExtension = $value['orderDetailExtension']; //订单详情扩展表 $itemTitle = isset($orderDetailExtension['itemTitle']) ? $orderDetailExtension['itemTitle'] : null; $itemTitle = htmlentities($itemTitle); $itemURL = isset($orderDetailExtension['itemURL']) ? $orderDetailExtension['itemURL'] : null; $orderDetailArr[] = array("orderDetail" => array("recordNumber" => $recordNumber, 'itemId' => $itemId, "itemPrice" => $itemPrice, "sku" => $sku, "onlinesku" => $onlinesku, "amount" => $amount, "shippingFee" => $shippingFee), "orderDetailExtension" => array("itemTitle" => $itemTitle, "itemURL" => $itemURL)); } ################# orderUserInfo################################### $orderUserInfo = $distributorsData[0]['orderUserInfo']; //获取分销商订单用户数据 $username = $orderUserInfo['username']; //收件人 $platformUsername = isset($orderUserInfo['platformUsername']) ? $orderUserInfo['platformUsername'] : null; //对应平台的用户登陆名称 $platformUsername = htmlspecialchars($platformUsername); $email = $orderUserInfo['email']; //客户邮箱 if (!validate_email($email)) { self::$errMsg['146'] = "非法邮箱格式"; return false; } $countryname = $orderUserInfo['countryName']; //收件人国家名 if (M('CountryList')->checkIsExists($countryname)) { self::$errMsg[145] = "非法国家"; return false; } $countrySn = M('CountryList')->geZhByEn($countryname); //国家简码 if (empty($countrySn)) { self::$errMsg[145] = "非法国家"; return false; } $currency = isset($orderUserInfo['currency']) ? $orderUserInfo['currency'] : null; //币种 $city = $orderUserInfo['city']; //买家所在城市 $city = htmlspecialchars($city); $state = $orderUserInfo['state']; //买家所在州 $state = htmlspecialchars($state); $address1 = isset($orderUserInfo['address1']) ? $orderUserInfo['address1'] : 0; $address1 = htmlspecialchars($address1); $address2 = isset($orderUserInfo['address2']) ? $orderUserInfo['address2'] : 0; $address2 = htmlspecialchars($address2); $address3 = isset($orderUserInfo['address3']) ? $orderUserInfo['address3'] : 0; $address3 = htmlspecialchars($address3); $landline = isset($orderUserInfo['landline']) ? $orderUserInfo['landline'] : 0; //座机 $phone = isset($orderUserInfo['phone']) ? $orderUserInfo['phone'] : 0; //手机 if (!validate_phone($phone)) { self::$errMsg[124] = "phone格式不规范"; return false; } $zipCode = $orderUserInfo['zipCode']; //邮编 if (!validate_zipCode($zipCode)) { self::$errMsg[124] = "zipCode不规范"; return false; } $orderUserInfoArr = array('username' => $username, 'platformUsername' => $platformUsername, 'email' => $email, 'countryName' => $countryname, 'countrySn' => $countrySn, 'currency' => $currency, 'state' => $state, 'city' => $city, 'county' => "sss", 'address1' => $address1, 'address2' => $address2, 'address3' => $address3, 'phone' => $phone, 'zipCode' => $zipCode); ################# orderextension####################################### $orderExtensions = $distributorsData[0]['orderExtension']; $companyId = $orderExtensions['companyId']; $orderId = $orderExtensions['orderId']; //ebay系统线上抓取组合ID,格式为itemid-transid $feedback = $orderExtensions['feedback']; //客户留言 $orderExtensionArr = array('companyId' => $companyId, 'orderId' => $orderId, 'feedback' => $feedback); #####################orderDeclarationContent########################## $orderDeclarationContent = $distributorsData[0]['orderDeclarationContent']; $orderDeclarationContentArr = array(); foreach ($orderDeclarationContent as $value) { $spu = $value['spu']; //申报料号 $amount = $value['amount']; //申报数量 if (!preg_match("/^\\d*\$/", $amount)) { self::$errMsg[124] = "申报数量必须为有效数字"; return false; } $price = $value['price']; //申报价值(美金) if (validate_float2($price)) { self::$errMsg[125] = "申报价值格式不规范标准格式为[12.00]"; return false; } $enTitle = $value['enTitle']; //申报名称(英文) $enTitle = htmlspecialchars($enTitle); $cnTitle = $value['cnTitle']; //申报名称(文) $cnTitle = htmlspecialchars($cnTitle); $hamcodes = $value['hamcodes']; //海关编码 $material = $value['material']; //申报材质 $unit = $value['unit']; //计量单位 /* $description = $value['description'];//申报描述 $description = htmlspecialchars($description); */ $orderDeclarationContentArr[] = array("spu" => $spu, "amount" => $amount, "price" => $price, "enTitle" => $enTitle, "cnTitle" => $cnTitle, "hamcodes" => $hamcodes, "material" => $material, "unit" => $unit, "datetime" => time()); } //格式化数据 $data[] = array('order' => $orderArr, 'orderDetail' => $orderDetailArr, 'orderExtension' => $orderExtensionArr, 'orderUserInfo' => $orderUserInfoArr, 'orderDeclarationContent' => $orderDeclarationContentArr); ################ end 格式化POST信息到统一数组 ################## return array($data); }