Browse Source

Use separate required.php for online store

master
Skylar Ittner 1 year ago
parent
commit
78187b5224
5 changed files with 173 additions and 12 deletions
  1. 1
    1
      public/action.php
  2. 2
    1
      public/index.php
  3. 3
    1
      public/lib/item.php
  4. 40
    9
      public/parts/cart.php
  5. 127
    0
      public/required.php

+ 1
- 1
public/action.php View File

@@ -6,7 +6,7 @@
6 6
  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
7 7
  */
8 8
 
9
-require_once __DIR__ . "/../required.php";
9
+require_once __DIR__ . "/required.php";
10 10
 require_once __DIR__ . "/lib/item.php";
11 11
 
12 12
 switch ($VARS['action']) {

+ 2
- 1
public/index.php View File

@@ -6,7 +6,7 @@
6 6
  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
7 7
  */
8 8
 
9
-require_once __DIR__ . "/../required.php";
9
+require_once __DIR__ . "/required.php";
10 10
 
11 11
 define("NICKELBOX", true);
12 12
 
@@ -16,6 +16,7 @@ $config = $database->select("config", ['key', 'value']);
16 16
 $settings = [
17 17
     "sitename" => "Shop",
18 18
     "theme" => "default",
19
+    "tax" => 8.5,
19 20
 ];
20 21
 foreach ($config as $c) {
21 22
     $settings[$c['key']] = $c['value'];

+ 3
- 1
public/lib/item.php View File

@@ -6,7 +6,7 @@
6 6
  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
7 7
  */
8 8
 
9
-require_once __DIR__ . "/../../required.php";
9
+require_once __DIR__ . "/../required.php";
10 10
 
11 11
 class Item {
12 12
 
@@ -115,6 +115,7 @@ END;
115 115
         $catid = $item->getCategoryId();
116 116
         $catname = $item->getCategoryName();
117 117
         $price = $item->getPrice();
118
+        $linetotal = number_format($price * $qty, 2);
118 119
         $html = <<<END
119 120
 <div class="list-group-item d-flex flex-wrap">
120 121
     <div>
@@ -132,6 +133,7 @@ END;
132 133
             <input type="hidden" name="item" value="$id" />
133 134
             <input type="hidden" name="action" value="updatecart" />
134 135
         </form>
136
+        <div class="text-right"><b>$$linetotal</b></div>
135 137
     </div>
136 138
 </div>
137 139
 END;

+ 40
- 9
public/parts/cart.php View File

@@ -1,5 +1,4 @@
1 1
 <?php
2
-
3 2
 /*
4 3
  * This Source Code Form is subject to the terms of the Mozilla Public
5 4
  * License, v. 2.0. If a copy of the MPL was not distributed with this
@@ -16,6 +15,20 @@ if (!empty($_SESSION['cart'])) {
16 15
     $cart = $_SESSION['cart'];
17 16
 }
18 17
 
18
+$total = 0.0;
19
+$tax = 0.0;
20
+$listhtml = "";
21
+if (count($cart) > 0) {
22
+    foreach ($cart as $i => $qty) {
23
+        $item = new Item($i);
24
+        $listhtml .= RenderItem::cart($item, $qty);
25
+        $total += ($item->getPrice() * $qty);
26
+    }
27
+} else {
28
+    $listhtml = "<p>The cart is empty.</p>";
29
+}
30
+
31
+$tax = $total * ($settings['tax'] / 100.0);
19 32
 ?>
20 33
 
21 34
 <div class="container mt-4">
@@ -23,15 +36,33 @@ if (!empty($_SESSION['cart'])) {
23 36
 
24 37
     <div class="list-group list-group-flush">
25 38
         <?php
26
-        if (count($cart) > 0) {
27
-            foreach ($cart as $i => $qty) {
28
-                echo RenderItem::cart(new Item($i), $qty);
39
+        echo $listhtml;
40
+        ?>
41
+    </div>
42
+
43
+    <div class="d-flex mt-3 justify-content-between">
44
+        <div class="ml-auto text-right">
45
+            <?php
46
+            if ($tax > 0.0) {
47
+                ?>
48
+                <h5 class="mr-3">
49
+                    Subtotal: <?php
50
+                    echo "$" . number_format($total, 2);
51
+                    ?>
52
+                </h5>
53
+                <h5 class="mr-3">
54
+                    Tax: <?php
55
+                    echo "$" . number_format($tax, 2);
56
+                    ?>
57
+                </h5>
58
+                <?php
29 59
             }
30
-        } else {
31 60
             ?>
32
-            <p>The cart is empty.</p>
33
-            <?php
34
-        }
35
-        ?>
61
+            <h4 class="mr-3">
62
+                Total: <?php
63
+                echo "$" . number_format($total + $tax, 2);
64
+                ?>
65
+            </h4>
66
+        </div>
36 67
     </div>
37 68
 </div>

+ 127
- 0
public/required.php View File

@@ -0,0 +1,127 @@
1
+<?php
2
+
3
+/* This Source Code Form is subject to the terms of the Mozilla Public
4
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
5
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
+
7
+/**
8
+ * This file contains global settings and utility functions.
9
+ */
10
+ob_start(); // allow sending headers after content
11
+// Settings file
12
+require __DIR__ . '/../settings.php';
13
+
14
+// Unicode, solves almost all stupid encoding problems
15
+header('Content-Type: text/html; charset=utf-8');
16
+
17
+// Strip PHP version
18
+header('X-Powered-By: PHP');
19
+
20
+// Security
21
+header('X-Content-Type-Options: nosniff');
22
+header('X-XSS-Protection: 1; mode=block');
23
+header('X-Frame-Options: "DENY"');
24
+header('Referrer-Policy: "no-referrer, strict-origin-when-cross-origin"');
25
+$SECURE_NONCE = base64_encode(random_bytes(8));
26
+
27
+$session_length = 60 * 60 * 24 * 2; // 2 days
28
+ini_set('session.gc_maxlifetime', $session_length);
29
+session_set_cookie_params($session_length, "/", null, false, false);
30
+
31
+session_start(); // stick some cookies in it
32
+// renew session cookie
33
+setcookie(session_name(), session_id(), time() + $session_length, "/", false, false);
34
+
35
+header("Content-Security-Policy: "
36
+        . "default-src 'self';"
37
+        . "object-src 'none'; "
38
+        . "img-src * data:; "
39
+        . "media-src 'self'; "
40
+        . "frame-src 'self'; "
41
+        . "font-src 'self'; "
42
+        . "connect-src *; "
43
+        . "style-src 'self' 'nonce-$SECURE_NONCE' $captcha_server; "
44
+        . "script-src 'self' 'nonce-$SECURE_NONCE' $captcha_server");
45
+
46
+//
47
+// Composer
48
+require __DIR__ . '/../vendor/autoload.php';
49
+
50
+/**
51
+ * Kill off the running process and spit out an error message
52
+ * @param string $error error message
53
+ */
54
+function sendError($error) {
55
+    global $SECURE_NONCE;
56
+    die("<!DOCTYPE html>"
57
+            . "<meta charset=\"UTF-8\">"
58
+            . "<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">"
59
+            . "<title>Error</title>"
60
+            . "<style nonce=\"" . $SECURE_NONCE . "\">"
61
+            . "h1 {color: red; font-family: sans-serif; font-size: 20px; margin-bottom: 0px;} "
62
+            . "h2 {font-family: sans-serif; font-size: 16px;} "
63
+            . "p {font-family: monospace; font-size: 14px; width: 100%; wrap-style: break-word;} "
64
+            . "i {font-size: 12px;}"
65
+            . "</style>"
66
+            . "<h1>A fatal application error has occurred.</h1>"
67
+            . "<i>(This isn't your fault.)</i>"
68
+            . "<h2>Details:</h2>"
69
+            . "<p>" . htmlspecialchars($error) . "</p>");
70
+}
71
+
72
+date_default_timezone_set(TIMEZONE);
73
+
74
+// Database settings
75
+// Also inits database and stuff
76
+use Medoo\Medoo;
77
+
78
+$database;
79
+$binstack;
80
+try {
81
+    $database = new Medoo([
82
+        'database_type' => DB_TYPE,
83
+        'database_name' => DB_NAME,
84
+        'server' => DB_SERVER,
85
+        'username' => DB_USER,
86
+        'password' => DB_PASS,
87
+        'charset' => DB_CHARSET
88
+    ]);
89
+    $binstack = new Medoo([
90
+        'database_type' => BINSTACK_DB_TYPE,
91
+        'database_name' => BINSTACK_DB_NAME,
92
+        'server' => BINSTACK_DB_SERVER,
93
+        'username' => BINSTACK_DB_USER,
94
+        'password' => BINSTACK_DB_PASS,
95
+        'charset' => BINSTACK_DB_CHARSET
96
+    ]);
97
+} catch (Exception $ex) {
98
+    //header('HTTP/1.1 500 Internal Server Error');
99
+    sendError("Database error.  Try again later.  $ex");
100
+}
101
+
102
+
103
+if (!DEBUG) {
104
+    error_reporting(0);
105
+} else {
106
+    error_reporting(E_ALL);
107
+    ini_set('display_errors', 'On');
108
+}
109
+
110
+
111
+$VARS;
112
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
113
+    $VARS = $_POST;
114
+    define("GET", false);
115
+} else {
116
+    $VARS = $_GET;
117
+    define("GET", true);
118
+}
119
+
120
+/**
121
+ * Checks if a string or whatever is empty.
122
+ * @param $str The thingy to check
123
+ * @return boolean True if it's empty or whatever.
124
+ */
125
+function is_empty($str) {
126
+    return (is_null($str) || !isset($str) || $str == '');
127
+}

Loading…
Cancel
Save