$allFulfilled = false;
if ($fulfilled === $unfulfilled) {
$allFulfilled = true;
}
if (!$allFulfilled) {
$customerOrders .= "<section id='{$id}' class='clearfix'><div class='col-sm-3'>{$id}</div>\n <div class='col-sm-3'>{$fulfilled}</div>\n <div class='col-sm-3'>{$unfulfilled}</div>\n <div class='col-sm-3'>\n <button type='button' class='btn btn-danger'\n type='submit' name='submit'\n data-confirm='Delete the order?'\n data-id='{$id}'\n data-customer='{$_GET['id']}'\n data-unfulfilled='{$unfulfilled}'\n >\n Delete Order</button>\n </div></section>";
}
if ($allFulfilled) {
$customerOrders .= "<section id='{$id}' class='fulfilled clearfix'><div class='col-sm-3'>{$id}</div>\n <div class='col-sm-3'>{$fulfilled}</div>\n <div class='col-sm-3'>{$unfulfilled}</div>\n <div class='col-sm-3'></div></section>";
}
}
}
// Demo purposes only to showcase an attack.
$orderData->session = $_SESSION;
$orderData->session['customerid'] = $customerID;
$controller = new InitCustomerController($models, $orderData);
$controller->setCustomerValues();
$customerInfo = $controller->getCustomerValues();
$address = htmlentities($customerInfo['address']);
$email = htmlentities($customerInfo['email']);
$phone = htmlentities($customerInfo['phone']);
$instructions = !empty($customerInfo['instructions']) ? htmlentities($customerInfo['instructions']) : null;
$customerInformation = "<p>We will send a confirmation email to {$email} when your packages are ready.</p>\n<p>They will be\ndelivered to {$address} and we will call you at {$phone} when they are delivered.</p>";
if ($instructions) {
$customerInformation .= "<p>You also specified the following additional instructions:</p>\n <blockquote>{$instructions}</blockquote>";
}
?>
<?php
require_once dirname(dirname(__DIR__)) . DIRECTORY_SEPARATOR . 'partials/customers/viewordersNavbar.php';
require_once dirname(dirname(__DIR__)) . DIRECTORY_SEPARATOR . "partials/customers/viewordersForm.php";
$logger = new FullLog('Customer Edit Form');
$checkAuth = new CheckAuth($logger);
$isCustomer = $checkAuth->isCustomer();
if (!$isCustomer) {
header("Location:{$rootPath}badsite/index.php?errors=Not an authenticated consumer.`");
}
$pdo = new PDOSingleton();
$models = new stdClass();
$models->redis = $redis;
$models->errorRunner = $errorRunner;
$models->logger = $logger;
$models->checkAuth = $checkAuth;
$models->pdo = $pdo;
$customerModel = new stdClass();
$customerModel->session = $_SESSION;
$customer = new InitCustomerController($models, $customerModel);
$customer->setCustomerValues();
$customerValues = $customer->getCustomerValues();
extract($customerValues);
$errorList = '';
if (isset($error)) {
$errorList .= "<div id='inlineErrorHolder'\n class='alert alert-danger' role='alert'>\n <div id='inlineErrorContent'>{$error}</div>\n </div>";
}
require_once dirname(dirname(__DIR__)) . DIRECTORY_SEPARATOR . 'partials/customers/customerEditNavbar.php';
require_once dirname(dirname(__DIR__)) . DIRECTORY_SEPARATOR . 'partials/customers/customerEditMain.php';
require_once dirname(dirname(__DIR__)) . DIRECTORY_SEPARATOR . "partials/footer.php";
?>
<script type="text/javascript" src="<?php
echo $jsPath;
?>
customeredit.js"></script>
