public function store()
 {
     if (!checked_token($_POST['_token'])) {
         $this->redirect(url('cart'));
     }
     //if(empty($_SESSION)) session_start();
     if (!empty($_SESSION['old'])) {
         $_SESSION['old'] = [];
     }
     if (!empty($_SESSION['error'])) {
         $_SESSION['error'] = [];
     }
     $rules = ['email' => FILTER_VALIDATE_EMAIL, 'number' => ['filter' => FILTER_CALLBACK, 'options' => function ($nb) {
         if (preg_match('/[0-9]{16}/', $nb)) {
             return $nb;
         }
         return false;
     }], 'adresse' => FILTER_SANITIZE_STRING];
     $sanitize = filter_input_array(INPUT_POST, $rules);
     //var_dump($sanitize);
     $error = false;
     if (!$sanitize['email']) {
         $error = true;
         $_SESSION['error']['email'] = 'your email is invalid';
     }
     if (!$sanitize['number']) {
         $error = true;
         $_SESSION['error']['number'] = 'your blue card number is invalid';
     }
     if (!empty($sanitize['adresse'])) {
         $error = true;
         $_SESSION['error']['adresse'] = 'you must give your address';
     }
     if ($error) {
         $_SESSION['old']['email'] = $sanitize['email'];
         $_SESSION['old']['adresse'] = $sanitize['adresse'];
         $this->redirect(url('cart'));
     }
     //transactionnelle PDO
     try {
         \Connect::$pdo->beginTransaction();
         $history = new History();
         $customer = new Customer();
         $customer->create(['email' => $sanitize['email'], 'number' => $sanitize['number'], 'adresse' => $sanitize['adresse']]);
         $customer_id = \Connect::$pdo->lastInsertId();
         $storage = $this->cart->all();
         foreach ($storage as $id => $total) {
             $p = new Product();
             // product du Model pas du Cart
             $stmt = $p->find($id);
             $history->create(['product_id' => $id, 'customer_id' => $customer_id, 'price' => (double) $stmt->price, 'total' => $total, 'quantity' => $total / $stmt->price, 'commanded_at' => date('Y-m-d h:i:s')]);
         }
         \Connect::$pdo->commit();
         $this->cart->reset();
         $this->redirect(url());
     } catch (\PDOException $e) {
         \Connect::$pdo->rollBack();
     }
 }
Пример #2
0
 private function validToken($path, $tokenName = '_token')
 {
     if (!checked_token($_POST[$tokenName])) {
         $this->redirect($path);
     }
 }
Пример #3
0
 public function login()
 {
     view('front.login', []);
     if (!empty($_POST)) {
         var_dump($_POST);
         $token = $_POST['_token'];
         if (checked_token($token) == true) {
             $rules = ['login' => FILTER_SANITIZE_STRING, 'password' => FILTER_SANITIZE_STRING];
             $sanitize = filter_input_array(INPUT_POST, $rules);
             var_dump($_POST);
             $users = new User();
             $user = $users->getUser($sanitize['login']);
             if ($user == false) {
                 $_SESSION['error']['login'] = '******'est pas valide';
                 $_SESSION['error']['password'] = '******'est pas valide';
                 header('Location: /login');
                 exit;
             }
             $user = compact('user');
             $error = false;
             foreach ($user as $value) {
                 if ($sanitize['login'] != $value->username) {
                     $_SESSION['error']['login'] = '******'est pas valide';
                     $error = true;
                 }
                 if (!password_verify($sanitize['password'], $value->password)) {
                     $_SESSION['error']['password'] = '******'est pas valide';
                     $error = true;
                 }
             }
             if ($error) {
                 header('Location: /login');
                 exit;
             }
             $_SESSION['users']['username'] = $_POST['login'];
             $_SESSION['users']['password'] = $_POST['password'];
             header('Location: /dashboard');
             exit;
         }
     }
 }
Пример #4
0
/**
 * @post update
 */
function update_post_controller($id)
{
    __is_guest();
    if (!empty($_POST)) {
        if (checked_token($_POST['_token'])) {
            __session_start();
            $_SESSION['old'] = [];
            $_SESSION['errors'] = [];
            $rules = ['title' => FILTER_SANITIZE_STRING, 'content' => FILTER_SANITIZE_STRING, 'status' => ['filter' => FILTER_CALLBACK, 'options' => function ($s) {
                if (in_array($s, ['published', 'unpublished'])) {
                    return $s;
                } else {
                    return 'unpublished';
                }
            }], 'published_at' => ['filter' => FILTER_CALLBACK, 'options' => function ($checkbox) {
                if ($checkbox == 'yes') {
                    return new DateTime('now');
                }
            }]];
            $sanitize = filter_input_array(INPUT_POST, $rules);
            $id = (int) $id;
            // test if errors
            if (empty($_POST['title'])) {
                $_SESSION['errors']['title'] = 'title is required';
            }
            if (!empty($_SESSION['errors'])) {
                $_SESSION['old'] = $sanitize;
                redirect('post/create');
                // exit
            }
            if (!empty($_FILES['file']) && is_uploaded_file($_FILES['file']['tmp_name'])) {
                try {
                    $dateFile = upload($_FILES['file']);
                    beginTransaction();
                    update_post_model($id, $sanitize);
                    create_media_model(['filename' => $dateFile['filename'], 'post_id' => $id, 'size' => $dateFile['size']]);
                    commit();
                    setFlashMessage("success stored");
                    redirect('dashboard');
                } catch (Exception $e) {
                    if ($e instanceof RuntimeException) {
                        $_SESSION['old'] = $sanitize;
                        $_SESSION['errors']['upload'] = $e->getMessage();
                        redirect('post/create');
                    }
                    rollback();
                    $_SESSION['old'] = $sanitize;
                    $_SESSION['errors']['file'] = $e->getMessage();
                    redirect('post/create');
                }
            } else {
                try {
                    beginTransaction();
                    update_post_model($id, $sanitize);
                    $media_id = (int) $_POST['m_id'];
                    if (!empty($_POST['m_id']) && !empty($_POST['delete_filename'])) {
                        $media = find_model($media_id, 'medias');
                        $m = $media->fetch();
                        destroy_model($media_id, 'medias');
                    }
                    commit();
                    if (!empty($m)) {
                        unlink(getEnv('UPLOAD_DIRECTORY') . '/' . htmlentities($m['m_filename']));
                    }
                    setFlashMessage(trans('success_updated_post', $sanitize['title']));
                    redirect('dashboard');
                } catch (Exception $e) {
                    rollback();
                    $_SESSION['old'] = $sanitize;
                    $_SESSION['errors']['file'] = $e->getMessage();
                    redirect('post/create');
                }
                throw new RuntimeException('418');
            }
        }
    }
}