Bläddra i källkod

Use separate required.php for online store

master
Skylar Ittner 1 år sedan
förälder
incheckning
78187b5224
5 ändrade filer med 173 tillägg och 12 borttagningar
  1. 1
    1
      public/action.php
  2. 2
    1
      public/index.php
  3. 3
    1
      public/lib/item.php
  4. 40
    9
      public/parts/cart.php
  5. 127
    0
      public/required.php

+ 1
- 1
public/action.php Visa fil

@@ -6,7 +6,7 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/

require_once __DIR__ . "/../required.php";
require_once __DIR__ . "/required.php";
require_once __DIR__ . "/lib/item.php";

switch ($VARS['action']) {

+ 2
- 1
public/index.php Visa fil

@@ -6,7 +6,7 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/

require_once __DIR__ . "/../required.php";
require_once __DIR__ . "/required.php";

define("NICKELBOX", true);

@@ -16,6 +16,7 @@ $config = $database->select("config", ['key', 'value']);
$settings = [
"sitename" => "Shop",
"theme" => "default",
"tax" => 8.5,
];
foreach ($config as $c) {
$settings[$c['key']] = $c['value'];

+ 3
- 1
public/lib/item.php Visa fil

@@ -6,7 +6,7 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/

require_once __DIR__ . "/../../required.php";
require_once __DIR__ . "/../required.php";

class Item {

@@ -115,6 +115,7 @@ END;
$catid = $item->getCategoryId();
$catname = $item->getCategoryName();
$price = $item->getPrice();
$linetotal = number_format($price * $qty, 2);
$html = <<<END
<div class="list-group-item d-flex flex-wrap">
<div>
@@ -132,6 +133,7 @@ END;
<input type="hidden" name="item" value="$id" />
<input type="hidden" name="action" value="updatecart" />
</form>
<div class="text-right"><b>$$linetotal</b></div>
</div>
</div>
END;

+ 40
- 9
public/parts/cart.php Visa fil

@@ -1,5 +1,4 @@
<?php

/*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
@@ -16,6 +15,20 @@ if (!empty($_SESSION['cart'])) {
$cart = $_SESSION['cart'];
}

$total = 0.0;
$tax = 0.0;
$listhtml = "";
if (count($cart) > 0) {
foreach ($cart as $i => $qty) {
$item = new Item($i);
$listhtml .= RenderItem::cart($item, $qty);
$total += ($item->getPrice() * $qty);
}
} else {
$listhtml = "<p>The cart is empty.</p>";
}

$tax = $total * ($settings['tax'] / 100.0);
?>

<div class="container mt-4">
@@ -23,15 +36,33 @@ if (!empty($_SESSION['cart'])) {

<div class="list-group list-group-flush">
<?php
if (count($cart) > 0) {
foreach ($cart as $i => $qty) {
echo RenderItem::cart(new Item($i), $qty);
echo $listhtml;
?>
</div>

<div class="d-flex mt-3 justify-content-between">
<div class="ml-auto text-right">
<?php
if ($tax > 0.0) {
?>
<h5 class="mr-3">
Subtotal: <?php
echo "$" . number_format($total, 2);
?>
</h5>
<h5 class="mr-3">
Tax: <?php
echo "$" . number_format($tax, 2);
?>
</h5>
<?php
}
} else {
?>
<p>The cart is empty.</p>
<?php
}
?>
<h4 class="mr-3">
Total: <?php
echo "$" . number_format($total + $tax, 2);
?>
</h4>
</div>
</div>
</div>

+ 127
- 0
public/required.php Visa fil

@@ -0,0 +1,127 @@
<?php

/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */

/**
* This file contains global settings and utility functions.
*/
ob_start(); // allow sending headers after content
// Settings file
require __DIR__ . '/../settings.php';

// Unicode, solves almost all stupid encoding problems
header('Content-Type: text/html; charset=utf-8');

// Strip PHP version
header('X-Powered-By: PHP');

// Security
header('X-Content-Type-Options: nosniff');
header('X-XSS-Protection: 1; mode=block');
header('X-Frame-Options: "DENY"');
header('Referrer-Policy: "no-referrer, strict-origin-when-cross-origin"');
$SECURE_NONCE = base64_encode(random_bytes(8));

$session_length = 60 * 60 * 24 * 2; // 2 days
ini_set('session.gc_maxlifetime', $session_length);
session_set_cookie_params($session_length, "/", null, false, false);

session_start(); // stick some cookies in it
// renew session cookie
setcookie(session_name(), session_id(), time() + $session_length, "/", false, false);

header("Content-Security-Policy: "
. "default-src 'self';"
. "object-src 'none'; "
. "img-src * data:; "
. "media-src 'self'; "
. "frame-src 'self'; "
. "font-src 'self'; "
. "connect-src *; "
. "style-src 'self' 'nonce-$SECURE_NONCE' $captcha_server; "
. "script-src 'self' 'nonce-$SECURE_NONCE' $captcha_server");

//
// Composer
require __DIR__ . '/../vendor/autoload.php';

/**
* Kill off the running process and spit out an error message
* @param string $error error message
*/
function sendError($error) {
global $SECURE_NONCE;
die("<!DOCTYPE html>"
. "<meta charset=\"UTF-8\">"
. "<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">"
. "<title>Error</title>"
. "<style nonce=\"" . $SECURE_NONCE . "\">"
. "h1 {color: red; font-family: sans-serif; font-size: 20px; margin-bottom: 0px;} "
. "h2 {font-family: sans-serif; font-size: 16px;} "
. "p {font-family: monospace; font-size: 14px; width: 100%; wrap-style: break-word;} "
. "i {font-size: 12px;}"
. "</style>"
. "<h1>A fatal application error has occurred.</h1>"
. "<i>(This isn't your fault.)</i>"
. "<h2>Details:</h2>"
. "<p>" . htmlspecialchars($error) . "</p>");
}

date_default_timezone_set(TIMEZONE);

// Database settings
// Also inits database and stuff
use Medoo\Medoo;

$database;
$binstack;
try {
$database = new Medoo([
'database_type' => DB_TYPE,
'database_name' => DB_NAME,
'server' => DB_SERVER,
'username' => DB_USER,
'password' => DB_PASS,
'charset' => DB_CHARSET
]);
$binstack = new Medoo([
'database_type' => BINSTACK_DB_TYPE,
'database_name' => BINSTACK_DB_NAME,
'server' => BINSTACK_DB_SERVER,
'username' => BINSTACK_DB_USER,
'password' => BINSTACK_DB_PASS,
'charset' => BINSTACK_DB_CHARSET
]);
} catch (Exception $ex) {
//header('HTTP/1.1 500 Internal Server Error');
sendError("Database error. Try again later. $ex");
}


if (!DEBUG) {
error_reporting(0);
} else {
error_reporting(E_ALL);
ini_set('display_errors', 'On');
}


$VARS;
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$VARS = $_POST;
define("GET", false);
} else {
$VARS = $_GET;
define("GET", true);
}

/**
* Checks if a string or whatever is empty.
* @param $str The thingy to check
* @return boolean True if it's empty or whatever.
*/
function is_empty($str) {
return (is_null($str) || !isset($str) || $str == '');
}

Laddar…
Avbryt
Spara