{
return $this->orders;
}
}
if (isset($_POST['submit']) || isset($_GET['submit'])) {
extract($_POST);
extract($_GET);
$auth = new Authenticate();
$isAjax = isset($isAjax) && $auth->isAjax() ? true : false;
$pdo = new PDOSingleton(PDOSingleton::ADMINUSER);
$errorRunner = new ErrorRunner();
$logger = new FullLog('Corporate Viewing Orders');
$logger->serverData();
$checkAuth = new CheckAuth($logger);
$errors = [];
$orderID = !empty($orderid) ? $auth->cInt($orderid) : null;
$isCorporate = $checkAuth->isCorporate();
$employeeID = !empty($_SESSION['employeeid']) ? $auth->cInt($_SESSION['employeeid']) : null;
$employeeID || ($errors[] = "No customer id. You have most likely timed out. Log out and log back in.");
$isCorporate || ($errors[] = "You are not authenticated as a corporate user.");
$models = new stdClass();
$models->pdo = $pdo;
$models->errorRunner = $errorRunner;
$models->logger = $logger;
$orderData = new stdClass();
$orderData->orderID = $orderID;
$orderData->employeeID = $employeeID;
$orderData->session = $_SESSION;
if (empty($errors)) {
$controller = new ViewCorporateOrdersController($models, $orderData);
$controller->setOrders();
$this->data = $this->order->removeOrder();
}
}
if (isset($_POST['submit']) || isset($_GET['submit'])) {
extract($_POST);
extract($_GET);
$auth = new Authenticate();
$isAjax = isset($isAjax) && $auth->isAjax() ? true : false;
$pdo = new PDOSingleton(PDOSingleton::ADMINUSER);
$errorRunner = new ErrorRunner();
$logger = new FullLog('Customer Remove Order');
$logger->serverData();
$checkAuth = new CheckAuth($logger);
$errors = [];
$action = !empty($action) ? $action : null;
$orderID = !empty($id) ? $auth->cInt($id) : null;
$isCustomer = $checkAuth->isCustomer();
$customerID = !empty($_SESSION['customerid']) ? $auth->cInt($_SESSION['customerid']) : null;
$orderID || ($errors[] = "No orderid was specified on this request.");
$customerID || ($errors[] = "No customer id. You have most likely timed out. Log out and log back in.");
$isCustomer || ($errors[] = "You are not authenticated as a customer.");
$csrf = !empty($csrf) ? $csrf : null;
if (!isset($_SESSION['csrf_token']) || $_SESSION['csrf_token'] !== $csrf) {
$errors[] = "This form does not appear to have originated from our site.";
}
$orderData = new stdClass();
$orderData->action = $action;
$orderData->orderID = $orderID;
$orderData->customerID = $customerID;
$modelObjects = new stdClass();
$modelObjects->pdo = $pdo;
$blackList = new BlackLister($redis);
$error = error_get_last();
$errors = [];
$files = null;
if ($numFiles) {
for ($i = 0; $i < intval($numFiles); $i += 1) {
$files = $_FILES;
}
}
$username = !empty($username) ? $auth->cleanString($username) : null;
$password = !empty($password) ? $password : null;
$email = !empty($email) ? $auth->vEmail($email) : null;
$address = !empty($address) ? $auth->cleanString($address) : null;
$phone = !empty($phone) ? $auth->vPhone($phone) : null;
$stop = !empty($stop) ? true : false;
$potentialAbuse = isset($potentialAbuse) ? $auth->cInt($potentialAbuse) : null;
if ($stop) {
return false;
}
$instructions = !empty(trim($instructions)) ? $auth->cleanString($instructions) : null;
$action = !empty($action) ? $auth->cleanString($action) : null;
$username || ($errors[] = "No username was sent over.");
$email || ($errors[] = "No email was sent over or an invalid Email was sent.");
$address || ($errors[] = "No address was sent over.");
$phone || ($errors[] = "No phone number was sent over.");
$action || ($errors[] = "No action was sent over, do not have enough information.");
$password || ($errors[] = "No password was sent over.");
$passLen = strlen($password);
if ($passLen > 0 && $passLen < 8) {
$errors[] = "The new password must be at least 8 characters long.";
}
{
$this->data = $this->order->removeOrder();
}
}
if (isset($_POST['submit']) || isset($_GET['submit'])) {
extract($_POST);
extract($_GET);
$auth = new Authenticate();
$isAjax = isset($isAjax) && $auth->isAjax() ? true : false;
$pdo = new PDOSingleton(PDOSingleton::ADMINUSER);
$errorRunner = new ErrorRunner();
$logger = new FullLog('Corporate Remove Order');
$logger->serverData();
$checkAuth = new CheckAuth($logger);
$errors = [];
$orderID = !empty($id) ? $auth->cInt($id) : null;
$isAdmin = $checkAuth->isAdmin();
$groupID = !empty($_SESSION['groupid']) ? $auth->cInt($_SESSION['groupid']) : null;
$orderID || ($errors[] = "No orderid was specified on this request.");
$groupID || ($errors[] = "No group id. You have most likely timed out. Log out and log back in.");
$isAdmin || ($errors[] = "You are not an admin and cannot perform this action.");
$csrf = !empty($csrf) ? $csrf : null;
if (!isset($_SESSION['csrf_token']) || $_SESSION['csrf_token'] !== $csrf) {
$errors[] = "This form does not appear to have originated from our site.";
}
$orderData = new stdClass();
$orderData->action = $action;
$orderData->orderID = $orderID;
$orderData->groupID = $groupID;
$modelObjects = new stdClass();
$modelObjects->pdo = $pdo;
}
}
if (isset($_POST['submit']) || isset($_GET['submit'])) {
extract($_POST);
extract($_GET);
$auth = new Authenticate();
$isAjax = isset($isAjax) && $auth->isAjax() ? true : false;
$pdo = new PDOSingleton(PDOSingleton::ADMINUSER);
$errorRunner = new ErrorRunner();
$logger = new FullLog('Employee Add New Order');
$logger->serverData();
$checkAuth = new CheckAuth($logger);
$errors = [];
$action = !empty($action) ? $action : null;
$isAdmin = $checkAuth->isAdmin();
$customerID = !empty($customerID) ? $auth->cInt($customerID) : null;
$totalOrdered = !empty($totalOrdered) ? $auth->cInt($totalOrdered) : null;
$csrf = !empty($csrf) ? $csrf : null;
$groupID = !empty($_SESSION['groupid']) ? $_SESSION['groupid'] : null;
$customerID || ($errors[] = "No customer id was sent over on the request.");
$isAdmin || ($errors[] = "You are not authenticated as an admin.");
$totalOrdered || ($errors[] = "No orders were sent over.");
$csrf || ($errors[] = "This form does not appear to have originated from our site.");
$groupID || ($errors[] = "Not an authenticated group member.");
if (!isset($_SESSION['csrf_token']) || $csrf !== $_SESSION['csrf_token']) {
$errors[] = "This form does not appear to have originated from our site.";
}
$models = new stdClass();
$models->pdo = $pdo;
$models->errorRunner = $errorRunner;
$models->logger = $logger;
$auth = new Authenticate();
$isAjax = isset($isAjax) && $auth->isAjax() ? true : false;
$errors = [];
$logger = new FullLog('Corporate Viewing Orders');
$logger->serverData();
$checkAuth = new CheckAuth($logger);
$isAdmin = $checkAuth->isAdmin();
$pdo = null;
if ($isAdmin) {
$pdo = new PDOSingleton(PDOSingleton::ADMINUSER);
}
if (!$isAdmin) {
$errors[] = "Only an admin can update orders.";
}
$errorRunner = new ErrorRunner();
$orderID = !empty($_SESSION['orderID']) ? $auth->cInt($_SESSION['orderID']) : null;
$csrf = !empty($csrf) ? $csrf : null;
if (!$csrf || $csrf !== $_SESSION['csrf_token']) {
$errors[] = "This form does not appear to have originated on our site.";
}
// Isset has to be used on these numbers because they can be a Zero.
$fulfilled = isset($fulfilled) ? $auth->cInt($fulfilled) : null;
$unfulfilled = isset($unfulfilled) ? $auth->cInt($unfulfilled) : null;
$isShipped = isset($isShipped) ? $auth->cInt($isShipped) : null;
$isCorporate = $checkAuth->isCorporate();
$employeeID = !empty($_SESSION['employeeid']) ? $auth->cInt($_SESSION['employeeid']) : null;
$employeeID || ($errors[] = "No customer id. You have most likely timed out. Log out and log back in.");
$isCorporate || ($errors[] = "You are not authenticated as a corporate user.");
$models = new stdClass();
$models->pdo = $pdo;
$models->errorRunner = $errorRunner;
$this->data = $this->order->removeOrder();
}
}
if (isset($_POST['submit']) || isset($_GET['submit'])) {
extract($_POST);
extract($_GET);
$auth = new Authenticate();
$isAjax = isset($isAjax) && $auth->isAjax() ? true : false;
$pdo = new PDOSingleton(PDOSingleton::ADMINUSER);
$errorRunner = new ErrorRunner();
$logger = new FullLog('Customer Remove Order');
$logger->serverData();
$checkAuth = new CheckAuth($logger);
$errors = [];
$action = !empty($action) ? $action : null;
$orderID = !empty($id) ? $auth->cInt($id) : null;
$customerID = !empty($customerID) ? $auth->cInt($customerID) : null;
$orderID || ($errors[] = "No orderid was specified on this request.");
$customerID || ($errors[] = "No customer id. You have most likely timed out. Log out and log back in.");
$orderData = new stdClass();
$orderData->action = $action;
$orderData->orderID = $orderID;
$orderData->customerID = $customerID;
$modelObjects = new stdClass();
$modelObjects->pdo = $pdo;
$modelObjects->errorRunner = $errorRunner;
$modelObjects->logger = $logger;
if (empty($errors)) {
$controller = new BadRemoveOrderController($modelObjects, $orderData);
$controller->removeOrder();
if ($isAjax) {
$pdo = new PDOSingleton(PDOSingleton::ADMINUSER);
}
if (!$isAdmin && !$isCustomer) {
$errors[] = "Not a privileged account. Cannot perform action.";
}
if ($isAdmin) {
$groupID = $_SESSION['groupid'];
}
if (!$isAdmin) {
$query = "SELECT COUNT(id) as groupCount from groups";
foreach ($pdo->query($query) as $row) {
$groupID = mt_rand(1, $row['groupCount']);
}
}
$action = !empty($action) ? $action : null;
$customerID = !empty($customerID) ? $auth->cInt($customerID) : $_SESSION['customerid'];
$totalOrdered = !empty($totalOrdered) ? $auth->cInt($totalOrdered) : null;
$csrf = !empty($csrf) ? $csrf : null;
$action || ($errors[] = "No action was specified on this request.");
$customerID || ($errors[] = "No customer id. You have most likely timed out. Log out and log back in.");
$isValidUser || ($errors[] = "You are not authenticated as a customer.");
$totalOrdered || ($errors[] = "No orders were sent over.");
$csrf || ($errors[] = "This form does not appear to have originated from our site.");
if (!isset($_SESSION['csrf_token']) || $csrf !== $_SESSION['csrf_token']) {
$errors[] = "This form does not appear to have originated from our site.";
}
$models = new stdClass();
$models->pdo = $pdo;
$models->errorRunner = $errorRunner;
$models->logger = $logger;
$orderData = new stdClass();