public static function execute(ApplicationAbstract $application)
 {
     $data = HTML::sanitize(basename($_GET['code']));
     if (!Services::exists($data) || Services::get($data, 'uninstallable') !== true) {
         OSCOM::redirect(OSCOM::getLink());
     }
 }
示例#2
0
 public static function execute(ApplicationAbstract $application)
 {
     $OSCOM_Shipping = Registry::get('Shipping');
     $OSCOM_ShoppingCart = Registry::get('ShoppingCart');
     if (!empty($_POST['comments'])) {
         $_SESSION['comments'] = HTML::sanitize($_POST['comments']);
     }
     if ($OSCOM_Shipping->hasQuotes()) {
         if (isset($_POST['shipping_mod_sel']) && strpos($_POST['shipping_mod_sel'], '_')) {
             list($module, $method) = explode('_', $_POST['shipping_mod_sel']);
             if (Registry::exists('Shipping_' . $module) && Registry::get('Shipping_' . $module)->isEnabled()) {
                 $quote = $OSCOM_Shipping->getQuote($_POST['shipping_mod_sel']);
                 if (isset($quote['error'])) {
                     $OSCOM_ShoppingCart->resetShippingMethod();
                 } else {
                     $OSCOM_ShoppingCart->setShippingMethod($quote);
                     OSCOM::redirect(OSCOM::getLink(null, null, null, 'SSL'));
                 }
             } else {
                 $OSCOM_ShoppingCart->resetShippingMethod();
             }
         }
     } else {
         $OSCOM_ShoppingCart->resetShippingMethod();
         OSCOM::redirect(OSCOM::getLink(null, null, null, 'SSL'));
     }
 }
 public function __construct()
 {
     $this->initialize();
     if (isset($_GET['action']) && !empty($_GET['action'])) {
         $action = HTML::sanitize(basename($_GET['action']));
         if (class_exists('osCommerce\\OM\\Core\\Site\\' . OSCOM::getSite() . '\\Application\\' . OSCOM::getSiteApplication() . '\\Action\\' . $action)) {
             call_user_func(array('osCommerce\\OM\\Core\\Site\\' . OSCOM::getSite() . '\\Application\\' . OSCOM::getSiteApplication() . '\\Action\\' . $action, 'execute'), $this);
         }
     }
 }
示例#4
0
 public static function execute(ApplicationAbstract $application)
 {
     $data = HTML::sanitize(basename($_GET['code']));
     if (PaymentModules::install($data)) {
         OSCOM::redirect(OSCOM::getLink(null, null, 'Save&code=' . $_GET['code']));
     } else {
         Registry::get('MessageStack')->add(null, OSCOM::getDef('ms_error_action_not_performed'), 'error');
         OSCOM::redirect(OSCOM::getLink());
     }
 }
示例#5
0
 public static function execute(ApplicationAbstract $application)
 {
     $data = HTML::sanitize(basename($_GET['code']));
     if (Services::uninstall($data)) {
         Registry::get('MessageStack')->add(null, OSCOM::getDef('ms_success_action_performed'), 'success');
     } else {
         Registry::get('MessageStack')->add(null, OSCOM::getDef('ms_error_action_not_performed'), 'error');
     }
     OSCOM::redirect(OSCOM::getLink());
 }
 protected function initialize()
 {
     $OSCOM_ShoppingCart = Registry::get('ShoppingCart');
     $OSCOM_Customer = Registry::get('Customer');
     $OSCOM_Language = Registry::get('Language');
     $OSCOM_Service = Registry::get('Service');
     $OSCOM_Breadcrumb = Registry::get('Breadcrumb');
     $OSCOM_MessageStack = Registry::get('MessageStack');
     // redirect to shopping cart if shopping cart is empty
     if (!$OSCOM_ShoppingCart->hasContents()) {
         OSCOM::redirect(OSCOM::getLink(null, 'Cart'));
     }
     // check for e-mail address
     if (!$OSCOM_Customer->hasEmailAddress()) {
         if (isset($_POST['email']) && strlen(trim($_POST['email'])) >= ACCOUNT_EMAIL_ADDRESS) {
             if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
                 $OSCOM_Customer->setEmailAddress(trim($_POST['email']));
             } else {
                 $OSCOM_MessageStack->add('Cart', OSCOM::getDef('field_customer_email_address_check_error'));
                 OSCOM::redirect(OSCOM::getLink(null, 'Cart'));
             }
         } else {
             $OSCOM_MessageStack->add('Cart', sprintf(OSCOM::getDef('field_customer_email_address_error'), ACCOUNT_EMAIL_ADDRESS));
             OSCOM::redirect(OSCOM::getLink(null, 'Cart'));
         }
     }
     // check product type perform_order conditions
     foreach ($OSCOM_ShoppingCart->getProducts() as $product) {
         $OSCOM_Product = new Product($product['id']);
         $OSCOM_Product->isTypeActionAllowed('PerformOrder');
     }
     $OSCOM_Language->load('checkout');
     $OSCOM_Language->load('order');
     $this->_page_title = OSCOM::getDef('confirmation_heading');
     if ($OSCOM_Service->isStarted('Breadcrumb')) {
         $OSCOM_Breadcrumb->add(OSCOM::getDef('breadcrumb_checkout_confirmation'), OSCOM::getLink(null, 'Checkout', null, 'SSL'));
     }
     if (isset($_POST['comments']) && isset($_SESSION['comments']) && empty($_POST['comments'])) {
         unset($_SESSION['comments']);
     } elseif (!empty($_POST['comments'])) {
         $_SESSION['comments'] = HTML::sanitize($_POST['comments']);
     }
     if (DISPLAY_CONDITIONS_ON_CHECKOUT == '1') {
         if (!isset($_POST['conditions']) || $_POST['conditions'] != '1') {
             $OSCOM_MessageStack->add('Checkout', OSCOM::getDef('error_conditions_not_accepted'), 'error');
         }
     }
     if (Registry::exists('Payment') === false) {
         Registry::set('Payment', new Payment());
     }
     if ($OSCOM_ShoppingCart->hasBillingMethod()) {
         $OSCOM_Payment = Registry::get('Payment');
         $OSCOM_Payment->load($OSCOM_ShoppingCart->getBillingMethod('id'));
     }
 }
示例#7
0
 public static function execute(ApplicationAbstract $application)
 {
     if (isset($_GET['module']) && !empty($_GET['module'])) {
         $module = HTML::sanitize($_GET['module']);
         if (class_exists('osCommerce\\OM\\Core\\Site\\Shop\\Module\\Payment\\' . $module)) {
             $module = 'osCommerce\\OM\\Core\\Site\\Shop\\Module\\Payment\\' . $module;
             $module = new $module();
             $module->callback();
         }
     }
     exit;
 }
 public static function execute(ApplicationAbstract $application)
 {
     if (!empty($_GET['shortcut'])) {
         $application = HTML::sanitize($_GET['shortcut']);
         if (OSCOM::siteApplicationExists($application)) {
             if (Dashboard::deleteShortcut($_SESSION[OSCOM::getSite()]['id'], $application)) {
                 $_SESSION[OSCOM::getSite()]['access'] = Access::getUserLevels($_SESSION[OSCOM::getSite()]['id']);
                 Registry::get('MessageStack')->add('header', OSCOM::getDef('ms_success_shortcut_removed'), 'success');
                 OSCOM::redirect(OSCOM::getLink(null, $application));
             }
         }
     }
     OSCOM::redirect(OSCOM::getLink());
 }
示例#9
0
 public static function execute(ApplicationAbstract $application)
 {
     $OSCOM_MessageStack = Registry::get('MessageStack');
     $name = HTML::sanitize($_POST['name']);
     $email_address = HTML::sanitize($_POST['email']);
     $enquiry = HTML::sanitize($_POST['enquiry']);
     if (filter_var($email_address, FILTER_VALIDATE_EMAIL)) {
         $email = new Mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $name, $email_address, OSCOM::getDef('contact_email_subject'));
         $email->setBodyPlain($enquiry);
         $email->send();
         OSCOM::redirect(OSCOM::getLink(null, null, 'Contact&Success'));
     } else {
         $OSCOM_MessageStack->add('Contact', OSCOM::getDef('field_customer_email_address_check_error'));
     }
 }
示例#10
0
 public static function initialize()
 {
     header('Cache-Control: no-cache, must-revalidate');
     header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
     header('Content-Type: application/json; charset=utf-8');
     if (empty($_GET)) {
         echo json_encode(array('rpcStatus' => self::STATUS_NO_MODULE));
         exit;
     }
     $site = HTML::sanitize(basename(key(array_slice($_GET, 1, 1, true))));
     $application = HTML::sanitize(basename(key(array_slice($_GET, 2, 1, true))));
     if (!OSCOM::siteExists($site)) {
         echo json_encode(array('rpcStatus' => self::STATUS_CLASS_NONEXISTENT));
         exit;
     }
     OSCOM::setSite($site);
     if (!OSCOM::siteApplicationExists($application)) {
         echo json_encode(array('rpcStatus' => self::STATUS_CLASS_NONEXISTENT));
         exit;
     }
     OSCOM::setSiteApplication($application);
     call_user_func(array('osCommerce\\OM\\Core\\Site\\' . $site . '\\Controller', 'initialize'));
     if (!call_user_func(array('osCommerce\\OM\\Core\\Site\\' . $site . '\\Controller', 'hasAccess'), $application)) {
         echo json_encode(array('rpcStatus' => self::STATUS_NO_ACCESS));
         exit;
     }
     if (count($_GET) < 3) {
         echo json_encode(array('rpcStatus' => self::STATUS_NO_ACTION));
         exit;
     }
     $rpc_called = false;
     $rpc = array('RPC');
     for ($i = 3, $n = count($_GET); $i < $n; $i++) {
         $subrpc = HTML::sanitize(basename(key(array_slice($_GET, $i, 1, true))));
         if (self::siteApplicationRPCExists(implode('\\', $rpc) . '\\' . $subrpc)) {
             call_user_func(array('osCommerce\\OM\\Core\\Site\\' . OSCOM::getSite() . '\\Application\\' . OSCOM::getSiteApplication() . '\\' . implode('\\', $rpc) . '\\' . $subrpc, 'execute'));
             $rpc[] = $subrpc;
             $rpc_called = true;
         } else {
             break;
         }
     }
     if ($rpc_called === false) {
         echo json_encode(array('rpcStatus' => self::STATUS_NO_ACTION));
         exit;
     }
     exit;
 }
示例#11
0
 public static function execute(ApplicationAbstract $application)
 {
     $data = HTML::sanitize(basename($_GET['code']));
     if (Services::install($data)) {
         $class = 'osCommerce\\OM\\Core\\Site\\Admin\\Module\\Service\\' . $data;
         $OSCOM_SM = new $class();
         if ($OSCOM_SM->hasKeys()) {
             OSCOM::redirect(OSCOM::getLink(null, null, 'Save&code=' . $data));
         } else {
             Registry::get('MessageStack')->add(null, OSCOM::getDef('ms_success_action_performed'), 'success');
             OSCOM::redirect(OSCOM::getLink());
         }
     } else {
         Registry::get('MessageStack')->add(null, OSCOM::getDef('ms_error_action_not_performed'), 'error');
         OSCOM::redirect(OSCOM::getLink());
     }
 }
示例#12
0
 public static function execute(ApplicationAbstract $application)
 {
     $OSCOM_Customer = Registry::get('Customer');
     $OSCOM_NavigationHistory = Registry::get('NavigationHistory');
     $OSCOM_MessageStack = Registry::get('MessageStack');
     $OSCOM_Service = Registry::get('Service');
     $OSCOM_Breadcrumb = Registry::get('Breadcrumb');
     if (ALLOW_GUEST_TO_TELL_A_FRIEND == '-1' && $OSCOM_Customer->isLoggedOn() === false) {
         $OSCOM_NavigationHistory->setSnapshot();
         OSCOM::redirect(OSCOM::getLink(null, 'Account', 'LogIn', 'SSL'));
     }
     $requested_product = null;
     $product_check = false;
     if (count($_GET) > 3) {
         $requested_product = basename(key(array_slice($_GET, 3, 1, true)));
         if ($requested_product == 'Write') {
             unset($requested_product);
             if (count($_GET) > 4) {
                 $requested_product = basename(key(array_slice($_GET, 4, 1, true)));
             }
         }
     }
     if (isset($requested_product)) {
         if (Product::checkEntry($requested_product)) {
             $product_check = true;
         }
     }
     if ($product_check === false) {
         $application->setPageContent('not_found.php');
         return false;
     }
     Registry::set('Product', new Product($requested_product));
     $OSCOM_Product = Registry::get('Product');
     if (empty($_POST['from_name'])) {
         $OSCOM_MessageStack->add('TellAFriend', OSCOM::getDef('error_tell_a_friend_customers_name_empty'));
     }
     if (!filter_var($_POST['from_email_address'] . FILTER_VALIDATE_EMAIL)) {
         $OSCOM_MessageStack->add('TellAFriend', OSCOM::getDef('error_tell_a_friend_invalid_customers_email_address'));
     }
     if (empty($_POST['to_name'])) {
         $OSCOM_MessageStack->add('TellAFriend', OSCOM::getDef('error_tell_a_friend_friends_name_empty'));
     }
     if (!filter_var($_POST['to_email_address'], FILTER_VALIDATE_EMAIL)) {
         $OSCOM_MessageStack->add('TellAFriend', OSCOM::getDef('error_tell_a_friend_invalid_friends_email_address'));
     }
     if ($OSCOM_MessageStack->size('TellAFriend') < 1) {
         $email_subject = sprintf(OSCOM::getDef('email_tell_a_friend_subject'), HTML::sanitize($_POST['from_name']), STORE_NAME);
         $email_body = sprintf(OSCOM::getDef('email_tell_a_friend_intro'), HTML::sanitize($_POST['to_name']), HTML::sanitize($_POST['from_name']), $OSCOM_Product->getTitle(), STORE_NAME) . "\n\n";
         if (!empty($_POST['message'])) {
             $email_body .= HTML::sanitize($_POST['message']) . "\n\n";
         }
         $email_body .= sprintf(OSCOM::getDef('email_tell_a_friend_link'), OSCOM::getLink(null, null, $OSCOM_Product->getKeyword(), 'NONSSL', false)) . "\n\n" . sprintf(OSCOM::getDef('email_tell_a_friend_signature'), STORE_NAME . "\n" . HTTP_SERVER . DIR_WS_CATALOG . "\n");
         $pEmail = new Mail(HTML::sanitize($_POST['to_name']), HTML::sanitize($_POST['to_email_address']), HTML::sanitize($_POST['from_name']), HTML::sanitize($_POST['from_email_address']), $email_subject);
         $pEmail->setBodyPlain($email_body);
         $pEmail->send();
         $OSCOM_MessageStack->add('header', sprintf(OSCOM::getDef('success_tell_a_friend_email_sent'), $OSCOM_Product->getTitle(), HTML::outputProtected($_POST['to_name'])), 'success');
         OSCOM::redirect(OSCOM::getLink(null, null, $OSCOM_Product->getKeyword()));
     }
     $application->setPageTitle($OSCOM_Product->getTitle());
     $application->setPageContent('tell_a_friend.php');
 }
示例#13
0
 public static function setSiteApplication($application = null)
 {
     if (isset($application)) {
         if (!static::siteApplicationExists($application)) {
             trigger_error('Application \'' . $application . '\' does not exist for Site \'' . static::getSite() . '\', using default \'' . static::getDefaultSiteApplication() . '\'', E_USER_ERROR);
             $application = null;
         }
     } else {
         if (!empty($_GET)) {
             $requested_application = HTML::sanitize(basename(key(array_slice($_GET, 0, 1, true))));
             if ($requested_application == static::getSite()) {
                 $requested_application = HTML::sanitize(basename(key(array_slice($_GET, 1, 1, true))));
             }
             if (!empty($requested_application) && static::siteApplicationExists($requested_application)) {
                 $application = $requested_application;
             }
         }
     }
     if (empty($application)) {
         $application = static::getDefaultSiteApplication();
     }
     static::$_application = $application;
 }
示例#14
0
    public static function initialize() {
      header('Content-Type: application/json; charset=utf-8');
      header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
      header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
      header('Cache-Control: no-store, no-cache, must-revalidate');
      header('Cache-Control: post-check=0, pre-check=0', false);
      header('Pragma: no-cache');

      try {
        if ( empty($_GET) ) {
          throw new \Exception(self::STATUS_NO_MODULE);
        } elseif ( count($_GET) < 3 ) {
          throw new \Exception(self::STATUS_NO_ACTION);
        }

        $site = HTML::sanitize(basename(key(array_slice($_GET, 1, 1, true))));
        $application = HTML::sanitize(basename(key(array_slice($_GET, 2, 1,  true))));

        if ( !OSCOM::siteExists($site) ) {
          throw new \Exception(self::STATUS_CLASS_NONEXISTENT);
        }

        OSCOM::setSite($site);

        if ( !OSCOM::siteApplicationExists($application) ) {
          throw new \Exception(self::STATUS_CLASS_NONEXISTENT);
        }

        OSCOM::setSiteApplication($application);

        ob_start( function($buffer) {
          foreach ( headers_list() as $h ) {
            if ( stripos($h, 'Location:') !== false ) {
              header_remove('Location');

              \osCommerce\OM\Core\HttpRequest::setResponseCode(403);

              $buffer = json_encode(array('rpcStatus' => constant('osCommerce\\OM\\Core\\Site\\RPC\\Controller::STATUS_REDIRECT_DETECTED')));

              break;
            }
          }

          return $buffer;
        });

        call_user_func(array('osCommerce\\OM\\Core\\Site\\' . $site . '\\Controller', 'initialize'));

        ob_end_flush();

        if ( !call_user_func(array('osCommerce\\OM\\Core\\Site\\' . $site . '\\Controller', 'hasAccess'), $application)) {
          throw new \Exception(self::STATUS_NO_ACCESS);
        }

        $rpc_called = false;

        $rpc = array('RPC');

        for ( $i = 3, $n = count($_GET); $i < $n; $i++ ) {
          $subrpc = HTML::sanitize(basename(key(array_slice($_GET, $i, 1, true))));

          if ( self::siteApplicationRPCExists(implode('\\', $rpc) . '\\' . $subrpc) ) {
            call_user_func(array('osCommerce\\OM\\Core\\Site\\' . OSCOM::getSite() . '\\Application\\' . OSCOM::getSiteApplication() . '\\' . implode('\\', $rpc) . '\\' . $subrpc, 'execute'));

            $rpc[] = $subrpc;

            $rpc_called = true;
          } else {
            break;
          }
        }

        if ( $rpc_called === false ) {
          throw new \Exception(self::STATUS_NO_ACTION);
        }
      } catch ( \Exception $e ) {
        HttpRequest::setResponseCode(403);

        echo json_encode(array('rpcStatus' => $e->getMessage()));
      }

      exit;
    }
示例#15
0
 public function testSanitize()
 {
     $this->assertEquals('test _test_', HTML::sanitize(' test      <test> '));
 }