public function getOrder() { return $this->data; } } if (isset($_POST['submit']) || isset($_GET['submit'])) { extract($_POST); extract($_GET); $auth = new Authenticate(); $isAjax = isset($isAjax) && $auth->isAjax() ? true : false; $errorRunner = new ErrorRunner(); $logger = new FullLog('Customer Add New Order'); $logger->serverData(); $checkAuth = new CheckAuth($logger); $errors = []; $isValidUser = $checkAuth->isAuth(); $isAdmin = $checkAuth->isAdmin(); $isCustomer = $checkAuth->isCustomer(); // We need admin privileges to assign a group to this. // For demo purposes, this assignment will be random, // but in a real app, this order would be pending until // someone could assign it. if ($isAdmin || $isCustomer) { $pdo = new PDOSingleton(PDOSingleton::ADMINUSER); } if (!$isAdmin && !$isCustomer) { $errors[] = "Not a privileged account. Cannot perform action."; } if ($isAdmin) { $groupID = $_SESSION['groupid']; }
public function jsonSerialize() { return $this->data; } } if (isset($_POST['submit']) || isset($_GET)) { extract($_POST); extract($_GET); $auth = new Authenticate(); $isAjax = isset($isAjax) && $auth->isAjax() ? true : false; $errorRunner = new ErrorRunner(); $logger = new FullLog('User Logging out'); $checkAuth = new CheckAuth($logger); $init = new SessionInitializers(); $errors = []; $isUser = $checkAuth->isAuth(); $csrf = !empty($csrf) ? $csrf : null; $session = isset($_SESSION) ? $_SESSION : null; $csrf || ($errors[] = "There is no token for this account. You have most likely timed out."); $isUser || ($errors[] = "You are not authenticated as an user."); $session || ($errors[] = "You do not have a session identifier."); if (!isset($_SESSION['csrf_token']) || $_SESSION['csrf_token'] !== $csrf) { $errors[] = "You do not have permission to perform that action."; } $userData = new stdClass(); $userData->session = $session; $modelObjects = new stdClass(); $modelObjects->init = $init; if (empty($errors)) { $controller = new DestroySessionCorporateController($modelObjects, $userData); $controller->destroySession();
extract($_GET); $auth = new Authenticate(); $errors = []; $isAjax = isset($isAjax) && $auth->isAjax() ? true : false; $pdo = new PDOSingleton(PDOSingleton::CORPORATEUSER); $errorRunner = new ErrorRunner(); $logger = new FullLog('Employee Initializers'); $logger->serverData(); $checkAuth = new CheckAuth($logger); $models = new stdClass(); $models->logger = $logger; $models->errorRunner = $errorRunner; $models->auth = $auth; $models->pdo = $pdo; $models->checkAuth = $checkAuth; $isAuth = $checkAuth->isAuth(); $isCorporate = $checkAuth->isCorporate(); $isGroup = $checkAuth->isGroup(); $isAuth || ($errors[] = "Not authenticated"); $isGroup || ($errors[] = "Not valid group member"); $isCorporate || ($errors[] = "Incorrect user type."); isset($_SESSION) || ($errors[] = "No customer is available."); $order = new stdClass(); $order->session = $_SESSION; $order->groupID = $_SESSION['groupid']; $session = $_SESSION; if (empty($errors)) { $controller = new EmployeeGroupsOrdersController($models, $order); $controller->getCustomerValues(); if ($isAjax) { echo json_encode($controller);