<?php $page = 'cards'; $title = 'Add card'; $desc = ''; require '../header.php'; if (!isset($user)) { fURL::redirect('/login.php?forward=/members/cards.php'); } if (isset($_POST['submit'])) { try { fRequest::validateCSRFToken($_POST['token']); $card = new Card(); $card->setUserId($user->getId()); $card->setAddedDate(time()); $card->setUid($_POST['uid']); $card->store(); fURL::redirect('/members/cards.php'); exit; } catch (fValidationException $e) { echo "<p>" . $e->printMessage() . "</p>"; } catch (fSQLException $e) { echo "<p>An unexpected error occurred, please try again later</p>"; trigger_error($e); } } ?> <h2>Add card</h2> <form method="POST"> <input type="hidden" name="token" value="<?php
if (isset($_POST['submit'])) { try { fRequest::validateCSRFToken($_POST['token']); $validator = new fValidation(); $validator->addRequiredFields('uid'); $validator->addRegexRule('uid', '#^[0-9a-fA-F]+$#', 'Not in hex format'); $validator->validate(); $uid = strtoupper($_POST['uid']); if ($uid == '21222324') { /* New Visa cards return this, presumably for privacy */ throw new fValidationException('Non-unique UID. This card cannot be added to the system.'); } $card = new Card(); $card->setUserId($user->getId()); $card->setAddedDate(time()); $card->setUid($uid); $card->store(); fURL::redirect('/members/cards.php'); exit; } catch (fValidationException $e) { echo "<p>" . $e->printMessage() . "</p>"; } catch (fSQLException $e) { echo "<p>An unexpected error occurred, please try again later</p>"; trigger_error($e); } } ?> <h2>Add card</h2> <form method="POST"> <input type="hidden" name="token" value="<?php