public static function execute(ApplicationAbstract $application)
{
$data = HTML::sanitize(basename($_GET['code']));
if (!Services::exists($data) || Services::get($data, 'uninstallable') !== true) {
OSCOM::redirect(OSCOM::getLink());
}
}
public static function execute(ApplicationAbstract $application)
{
$OSCOM_Shipping = Registry::get('Shipping');
$OSCOM_ShoppingCart = Registry::get('ShoppingCart');
if (!empty($_POST['comments'])) {
$_SESSION['comments'] = HTML::sanitize($_POST['comments']);
}
if ($OSCOM_Shipping->hasQuotes()) {
if (isset($_POST['shipping_mod_sel']) && strpos($_POST['shipping_mod_sel'], '_')) {
list($module, $method) = explode('_', $_POST['shipping_mod_sel']);
if (Registry::exists('Shipping_' . $module) && Registry::get('Shipping_' . $module)->isEnabled()) {
$quote = $OSCOM_Shipping->getQuote($_POST['shipping_mod_sel']);
if (isset($quote['error'])) {
$OSCOM_ShoppingCart->resetShippingMethod();
} else {
$OSCOM_ShoppingCart->setShippingMethod($quote);
OSCOM::redirect(OSCOM::getLink(null, null, null, 'SSL'));
}
} else {
$OSCOM_ShoppingCart->resetShippingMethod();
}
}
} else {
$OSCOM_ShoppingCart->resetShippingMethod();
OSCOM::redirect(OSCOM::getLink(null, null, null, 'SSL'));
}
}
public function __construct()
{
$this->initialize();
if (isset($_GET['action']) && !empty($_GET['action'])) {
$action = HTML::sanitize(basename($_GET['action']));
if (class_exists('osCommerce\\OM\\Core\\Site\\' . OSCOM::getSite() . '\\Application\\' . OSCOM::getSiteApplication() . '\\Action\\' . $action)) {
call_user_func(array('osCommerce\\OM\\Core\\Site\\' . OSCOM::getSite() . '\\Application\\' . OSCOM::getSiteApplication() . '\\Action\\' . $action, 'execute'), $this);
}
}
}
public static function execute(ApplicationAbstract $application)
{
$data = HTML::sanitize(basename($_GET['code']));
if (PaymentModules::install($data)) {
OSCOM::redirect(OSCOM::getLink(null, null, 'Save&code=' . $_GET['code']));
} else {
Registry::get('MessageStack')->add(null, OSCOM::getDef('ms_error_action_not_performed'), 'error');
OSCOM::redirect(OSCOM::getLink());
}
}
public static function execute(ApplicationAbstract $application)
{
$data = HTML::sanitize(basename($_GET['code']));
if (Services::uninstall($data)) {
Registry::get('MessageStack')->add(null, OSCOM::getDef('ms_success_action_performed'), 'success');
} else {
Registry::get('MessageStack')->add(null, OSCOM::getDef('ms_error_action_not_performed'), 'error');
}
OSCOM::redirect(OSCOM::getLink());
}
protected function initialize()
{
$OSCOM_ShoppingCart = Registry::get('ShoppingCart');
$OSCOM_Customer = Registry::get('Customer');
$OSCOM_Language = Registry::get('Language');
$OSCOM_Service = Registry::get('Service');
$OSCOM_Breadcrumb = Registry::get('Breadcrumb');
$OSCOM_MessageStack = Registry::get('MessageStack');
// redirect to shopping cart if shopping cart is empty
if (!$OSCOM_ShoppingCart->hasContents()) {
OSCOM::redirect(OSCOM::getLink(null, 'Cart'));
}
// check for e-mail address
if (!$OSCOM_Customer->hasEmailAddress()) {
if (isset($_POST['email']) && strlen(trim($_POST['email'])) >= ACCOUNT_EMAIL_ADDRESS) {
if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
$OSCOM_Customer->setEmailAddress(trim($_POST['email']));
} else {
$OSCOM_MessageStack->add('Cart', OSCOM::getDef('field_customer_email_address_check_error'));
OSCOM::redirect(OSCOM::getLink(null, 'Cart'));
}
} else {
$OSCOM_MessageStack->add('Cart', sprintf(OSCOM::getDef('field_customer_email_address_error'), ACCOUNT_EMAIL_ADDRESS));
OSCOM::redirect(OSCOM::getLink(null, 'Cart'));
}
}
// check product type perform_order conditions
foreach ($OSCOM_ShoppingCart->getProducts() as $product) {
$OSCOM_Product = new Product($product['id']);
$OSCOM_Product->isTypeActionAllowed('PerformOrder');
}
$OSCOM_Language->load('checkout');
$OSCOM_Language->load('order');
$this->_page_title = OSCOM::getDef('confirmation_heading');
if ($OSCOM_Service->isStarted('Breadcrumb')) {
$OSCOM_Breadcrumb->add(OSCOM::getDef('breadcrumb_checkout_confirmation'), OSCOM::getLink(null, 'Checkout', null, 'SSL'));
}
if (isset($_POST['comments']) && isset($_SESSION['comments']) && empty($_POST['comments'])) {
unset($_SESSION['comments']);
} elseif (!empty($_POST['comments'])) {
$_SESSION['comments'] = HTML::sanitize($_POST['comments']);
}
if (DISPLAY_CONDITIONS_ON_CHECKOUT == '1') {
if (!isset($_POST['conditions']) || $_POST['conditions'] != '1') {
$OSCOM_MessageStack->add('Checkout', OSCOM::getDef('error_conditions_not_accepted'), 'error');
}
}
if (Registry::exists('Payment') === false) {
Registry::set('Payment', new Payment());
}
if ($OSCOM_ShoppingCart->hasBillingMethod()) {
$OSCOM_Payment = Registry::get('Payment');
$OSCOM_Payment->load($OSCOM_ShoppingCart->getBillingMethod('id'));
}
}
public static function execute(ApplicationAbstract $application)
{
if (isset($_GET['module']) && !empty($_GET['module'])) {
$module = HTML::sanitize($_GET['module']);
if (class_exists('osCommerce\\OM\\Core\\Site\\Shop\\Module\\Payment\\' . $module)) {
$module = 'osCommerce\\OM\\Core\\Site\\Shop\\Module\\Payment\\' . $module;
$module = new $module();
$module->callback();
}
}
exit;
}
public static function execute(ApplicationAbstract $application)
{
if (!empty($_GET['shortcut'])) {
$application = HTML::sanitize($_GET['shortcut']);
if (OSCOM::siteApplicationExists($application)) {
if (Dashboard::deleteShortcut($_SESSION[OSCOM::getSite()]['id'], $application)) {
$_SESSION[OSCOM::getSite()]['access'] = Access::getUserLevels($_SESSION[OSCOM::getSite()]['id']);
Registry::get('MessageStack')->add('header', OSCOM::getDef('ms_success_shortcut_removed'), 'success');
OSCOM::redirect(OSCOM::getLink(null, $application));
}
}
}
OSCOM::redirect(OSCOM::getLink());
}
public static function execute(ApplicationAbstract $application)
{
$OSCOM_MessageStack = Registry::get('MessageStack');
$name = HTML::sanitize($_POST['name']);
$email_address = HTML::sanitize($_POST['email']);
$enquiry = HTML::sanitize($_POST['enquiry']);
if (filter_var($email_address, FILTER_VALIDATE_EMAIL)) {
$email = new Mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $name, $email_address, OSCOM::getDef('contact_email_subject'));
$email->setBodyPlain($enquiry);
$email->send();
OSCOM::redirect(OSCOM::getLink(null, null, 'Contact&Success'));
} else {
$OSCOM_MessageStack->add('Contact', OSCOM::getDef('field_customer_email_address_check_error'));
}
}
public static function initialize()
{
header('Cache-Control: no-cache, must-revalidate');
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header('Content-Type: application/json; charset=utf-8');
if (empty($_GET)) {
echo json_encode(array('rpcStatus' => self::STATUS_NO_MODULE));
exit;
}
$site = HTML::sanitize(basename(key(array_slice($_GET, 1, 1, true))));
$application = HTML::sanitize(basename(key(array_slice($_GET, 2, 1, true))));
if (!OSCOM::siteExists($site)) {
echo json_encode(array('rpcStatus' => self::STATUS_CLASS_NONEXISTENT));
exit;
}
OSCOM::setSite($site);
if (!OSCOM::siteApplicationExists($application)) {
echo json_encode(array('rpcStatus' => self::STATUS_CLASS_NONEXISTENT));
exit;
}
OSCOM::setSiteApplication($application);
call_user_func(array('osCommerce\\OM\\Core\\Site\\' . $site . '\\Controller', 'initialize'));
if (!call_user_func(array('osCommerce\\OM\\Core\\Site\\' . $site . '\\Controller', 'hasAccess'), $application)) {
echo json_encode(array('rpcStatus' => self::STATUS_NO_ACCESS));
exit;
}
if (count($_GET) < 3) {
echo json_encode(array('rpcStatus' => self::STATUS_NO_ACTION));
exit;
}
$rpc_called = false;
$rpc = array('RPC');
for ($i = 3, $n = count($_GET); $i < $n; $i++) {
$subrpc = HTML::sanitize(basename(key(array_slice($_GET, $i, 1, true))));
if (self::siteApplicationRPCExists(implode('\\', $rpc) . '\\' . $subrpc)) {
call_user_func(array('osCommerce\\OM\\Core\\Site\\' . OSCOM::getSite() . '\\Application\\' . OSCOM::getSiteApplication() . '\\' . implode('\\', $rpc) . '\\' . $subrpc, 'execute'));
$rpc[] = $subrpc;
$rpc_called = true;
} else {
break;
}
}
if ($rpc_called === false) {
echo json_encode(array('rpcStatus' => self::STATUS_NO_ACTION));
exit;
}
exit;
}
public static function execute(ApplicationAbstract $application)
{
$data = HTML::sanitize(basename($_GET['code']));
if (Services::install($data)) {
$class = 'osCommerce\\OM\\Core\\Site\\Admin\\Module\\Service\\' . $data;
$OSCOM_SM = new $class();
if ($OSCOM_SM->hasKeys()) {
OSCOM::redirect(OSCOM::getLink(null, null, 'Save&code=' . $data));
} else {
Registry::get('MessageStack')->add(null, OSCOM::getDef('ms_success_action_performed'), 'success');
OSCOM::redirect(OSCOM::getLink());
}
} else {
Registry::get('MessageStack')->add(null, OSCOM::getDef('ms_error_action_not_performed'), 'error');
OSCOM::redirect(OSCOM::getLink());
}
}
public static function execute(ApplicationAbstract $application)
{
$OSCOM_Customer = Registry::get('Customer');
$OSCOM_NavigationHistory = Registry::get('NavigationHistory');
$OSCOM_MessageStack = Registry::get('MessageStack');
$OSCOM_Service = Registry::get('Service');
$OSCOM_Breadcrumb = Registry::get('Breadcrumb');
if (ALLOW_GUEST_TO_TELL_A_FRIEND == '-1' && $OSCOM_Customer->isLoggedOn() === false) {
$OSCOM_NavigationHistory->setSnapshot();
OSCOM::redirect(OSCOM::getLink(null, 'Account', 'LogIn', 'SSL'));
}
$requested_product = null;
$product_check = false;
if (count($_GET) > 3) {
$requested_product = basename(key(array_slice($_GET, 3, 1, true)));
if ($requested_product == 'Write') {
unset($requested_product);
if (count($_GET) > 4) {
$requested_product = basename(key(array_slice($_GET, 4, 1, true)));
}
}
}
if (isset($requested_product)) {
if (Product::checkEntry($requested_product)) {
$product_check = true;
}
}
if ($product_check === false) {
$application->setPageContent('not_found.php');
return false;
}
Registry::set('Product', new Product($requested_product));
$OSCOM_Product = Registry::get('Product');
if (empty($_POST['from_name'])) {
$OSCOM_MessageStack->add('TellAFriend', OSCOM::getDef('error_tell_a_friend_customers_name_empty'));
}
if (!filter_var($_POST['from_email_address'] . FILTER_VALIDATE_EMAIL)) {
$OSCOM_MessageStack->add('TellAFriend', OSCOM::getDef('error_tell_a_friend_invalid_customers_email_address'));
}
if (empty($_POST['to_name'])) {
$OSCOM_MessageStack->add('TellAFriend', OSCOM::getDef('error_tell_a_friend_friends_name_empty'));
}
if (!filter_var($_POST['to_email_address'], FILTER_VALIDATE_EMAIL)) {
$OSCOM_MessageStack->add('TellAFriend', OSCOM::getDef('error_tell_a_friend_invalid_friends_email_address'));
}
if ($OSCOM_MessageStack->size('TellAFriend') < 1) {
$email_subject = sprintf(OSCOM::getDef('email_tell_a_friend_subject'), HTML::sanitize($_POST['from_name']), STORE_NAME);
$email_body = sprintf(OSCOM::getDef('email_tell_a_friend_intro'), HTML::sanitize($_POST['to_name']), HTML::sanitize($_POST['from_name']), $OSCOM_Product->getTitle(), STORE_NAME) . "\n\n";
if (!empty($_POST['message'])) {
$email_body .= HTML::sanitize($_POST['message']) . "\n\n";
}
$email_body .= sprintf(OSCOM::getDef('email_tell_a_friend_link'), OSCOM::getLink(null, null, $OSCOM_Product->getKeyword(), 'NONSSL', false)) . "\n\n" . sprintf(OSCOM::getDef('email_tell_a_friend_signature'), STORE_NAME . "\n" . HTTP_SERVER . DIR_WS_CATALOG . "\n");
$pEmail = new Mail(HTML::sanitize($_POST['to_name']), HTML::sanitize($_POST['to_email_address']), HTML::sanitize($_POST['from_name']), HTML::sanitize($_POST['from_email_address']), $email_subject);
$pEmail->setBodyPlain($email_body);
$pEmail->send();
$OSCOM_MessageStack->add('header', sprintf(OSCOM::getDef('success_tell_a_friend_email_sent'), $OSCOM_Product->getTitle(), HTML::outputProtected($_POST['to_name'])), 'success');
OSCOM::redirect(OSCOM::getLink(null, null, $OSCOM_Product->getKeyword()));
}
$application->setPageTitle($OSCOM_Product->getTitle());
$application->setPageContent('tell_a_friend.php');
}
public static function setSiteApplication($application = null)
{
if (isset($application)) {
if (!static::siteApplicationExists($application)) {
trigger_error('Application \'' . $application . '\' does not exist for Site \'' . static::getSite() . '\', using default \'' . static::getDefaultSiteApplication() . '\'', E_USER_ERROR);
$application = null;
}
} else {
if (!empty($_GET)) {
$requested_application = HTML::sanitize(basename(key(array_slice($_GET, 0, 1, true))));
if ($requested_application == static::getSite()) {
$requested_application = HTML::sanitize(basename(key(array_slice($_GET, 1, 1, true))));
}
if (!empty($requested_application) && static::siteApplicationExists($requested_application)) {
$application = $requested_application;
}
}
}
if (empty($application)) {
$application = static::getDefaultSiteApplication();
}
static::$_application = $application;
}
public static function initialize() {
header('Content-Type: application/json; charset=utf-8');
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
try {
if ( empty($_GET) ) {
throw new \Exception(self::STATUS_NO_MODULE);
} elseif ( count($_GET) < 3 ) {
throw new \Exception(self::STATUS_NO_ACTION);
}
$site = HTML::sanitize(basename(key(array_slice($_GET, 1, 1, true))));
$application = HTML::sanitize(basename(key(array_slice($_GET, 2, 1, true))));
if ( !OSCOM::siteExists($site) ) {
throw new \Exception(self::STATUS_CLASS_NONEXISTENT);
}
OSCOM::setSite($site);
if ( !OSCOM::siteApplicationExists($application) ) {
throw new \Exception(self::STATUS_CLASS_NONEXISTENT);
}
OSCOM::setSiteApplication($application);
ob_start( function($buffer) {
foreach ( headers_list() as $h ) {
if ( stripos($h, 'Location:') !== false ) {
header_remove('Location');
\osCommerce\OM\Core\HttpRequest::setResponseCode(403);
$buffer = json_encode(array('rpcStatus' => constant('osCommerce\\OM\\Core\\Site\\RPC\\Controller::STATUS_REDIRECT_DETECTED')));
break;
}
}
return $buffer;
});
call_user_func(array('osCommerce\\OM\\Core\\Site\\' . $site . '\\Controller', 'initialize'));
ob_end_flush();
if ( !call_user_func(array('osCommerce\\OM\\Core\\Site\\' . $site . '\\Controller', 'hasAccess'), $application)) {
throw new \Exception(self::STATUS_NO_ACCESS);
}
$rpc_called = false;
$rpc = array('RPC');
for ( $i = 3, $n = count($_GET); $i < $n; $i++ ) {
$subrpc = HTML::sanitize(basename(key(array_slice($_GET, $i, 1, true))));
if ( self::siteApplicationRPCExists(implode('\\', $rpc) . '\\' . $subrpc) ) {
call_user_func(array('osCommerce\\OM\\Core\\Site\\' . OSCOM::getSite() . '\\Application\\' . OSCOM::getSiteApplication() . '\\' . implode('\\', $rpc) . '\\' . $subrpc, 'execute'));
$rpc[] = $subrpc;
$rpc_called = true;
} else {
break;
}
}
if ( $rpc_called === false ) {
throw new \Exception(self::STATUS_NO_ACTION);
}
} catch ( \Exception $e ) {
HttpRequest::setResponseCode(403);
echo json_encode(array('rpcStatus' => $e->getMessage()));
}
exit;
}
public function testSanitize()
{
$this->assertEquals('test _test_', HTML::sanitize(' test <test> '));
}
