Commit 229a7892 authored by Malcolm Blaney's avatar Malcolm Blaney

Some file type check improvements, added a confirm step in the

checkout process and keep cart mini total up to date.
parent bc57c208
......@@ -23,7 +23,7 @@ class Browser extends Base {
public function Callback() {
if (!$this->user->loggedIn) {
return array('error' => 'Permission denied.');
return ['error' => 'Permission denied.'];
}
$us_action = $_POST['action'];
......@@ -69,8 +69,7 @@ class Browser extends Base {
$name = $matches[1];
$type = $matches[2];
$src = '';
if (in_array($type, array('gif', 'jpeg', 'jpg', 'png'))) {
if (in_array(strtolower($type), ['gif', 'jpeg', 'jpg', 'png'])) {
$name .= '_thumb.'.$type;
if (file_exists($this->PublicDirectory($name))) {
$src = '<img src="'.$html_path.$name.'">';
......@@ -111,22 +110,19 @@ class Browser extends Base {
public function Install($path) {
$this->AppendScript($path, 'dobrado.browser.js', false);
$site_style = array('"",".browser","display","none"',
'"",".upload","float","right"',
'"","#upload-form","padding","20px 0px"',
'"","#upload-form","border-bottom",'.
'"2px solid #777777"',
'"",".thumbnail.highlight","background-color",'.
'"#fffeee"',
'"",".thumbnail.highlight","border",'.
'"2px solid #cccccc"',
'"",".thumbnail.highlight","padding","5px"',
'"",".thumbnail","display","inline-block"',
'"",".thumbnail","margin","5px"',
'"",".thumbnail","padding","7px"',
'"",".thumbnail","min-width","120px"',
'"",".thumbnail","vertical-align","top"',
'"",".thumbnail .remove","float","right"');
$site_style = ['"",".browser","display","none"',
'"",".upload","float","right"',
'"","#upload-form","padding","20px 0px"',
'"","#upload-form","border-bottom","2px solid #777777"',
'"",".thumbnail.highlight","background-color","#fffeee"',
'"",".thumbnail.highlight","border","2px solid #cccccc"',
'"",".thumbnail.highlight","padding","5px"',
'"",".thumbnail","display","inline-block"',
'"",".thumbnail","margin","5px"',
'"",".thumbnail","padding","7px"',
'"",".thumbnail","min-width","120px"',
'"",".thumbnail","vertical-align","top"',
'"",".thumbnail .remove","float","right"'];
$this->AddSiteStyle($site_style);
}
......@@ -164,12 +160,12 @@ class Browser extends Base {
$name = $matches[1];
$type = $matches[2];
unlink($this->PublicDirectory($us_file));
if (in_array($type, array('gif', 'jpeg', 'jpg', 'png'))) {
if (in_array(strtolower($type), ['gif', 'jpeg', 'jpg', 'png'])) {
unlink($this->PublicDirectory($name.'_thumb.'.$type));
}
return array('done' => true);
return ['done' => true];
}
return array('error' => 'Filename does not have correct format.');
return ['error' => 'Filename does not have correct format.'];
}
private function UploadFile() {
......@@ -178,39 +174,38 @@ class Browser extends Base {
$size = fgets($handle);
pclose($handle);
if (!preg_match('/^([0-9]+)/', $size, $matches)) {
return array('error' => 'Could not check upload directory');
return ['error' => 'Could not check upload directory'];
}
$size = $matches[1];
if ((int)$size > $this->user->config->MaxUpload()) {
return array('error' => 'Upload directory full.');
return ['error' => 'Upload directory full.'];
}
$max_file_size = $this->user->config->MaxFileSize();
// ['upload']['size'] is given in bytes, MaxFileSize is in megabytes.
if ($_FILES['upload']['size'] > $max_file_size * 1000000) {
return array('error' => 'Upload file is too large. (max '.
$max_file_size.'M)');
return ['error' => 'Upload file is too large. (max '.$max_file_size.'M)'];
}
// Replace spaces in the uploaded file name.
$file = preg_replace('/ /', '_', basename($_FILES['upload']['name']));
$regex = '/^([a-z0-9_-]{1,200})\.([a-z0-9]{1,10})$/i';
if (!preg_match($regex, $file, $matches)) {
return array('error' => 'Filename does not have correct format.');
return ['error' => 'Filename does not have correct format.'];
}
$path = $this->PublicDirectory($file);
if (file_exists($path)) {
return array('error' => 'A file with that name already exists.');
return ['error' => 'A file with that name already exists.'];
}
$name = $matches[1];
$type = $matches[2];
// Whitelist all file extensions.
$allowed = array('gif', 'jpeg', 'jpg', 'png', 'ogg', 'mp3',
'ogv', 'webm', 'mp4', 'pdf');
if (!in_array($type, $allowed)) {
return array('error' => 'File type not allowed.');
$allowed = ['gif', 'jpeg', 'jpg', 'png', 'ogg', 'mp3', 'ogv', 'webm',
'mp4', 'pdf'];
if (!in_array(strtolower($type), $allowed)) {
return ['error' => 'File type not allowed.'];
}
$tmp = $_FILES['upload']['tmp_name'];
if (!move_uploaded_file($tmp, $path)) {
return array('error' => 'File: '.$file.' was not uploaded.');
return ['error' => 'File: '.$file.' was not uploaded.'];
}
$name .= '_thumb.'.$type;
......@@ -218,12 +213,12 @@ class Browser extends Base {
'/'.$this->user->name.'/public/';
$src = '';
if (in_array($type, array('gif', 'jpeg', 'jpg', 'png'))) {
if (in_array(strtolower($type), ['gif', 'jpeg', 'jpg', 'png'])) {
list($old_width, $old_height) = getimagesize($path);
// Create a thumbnail, and resize if height greater than 150px or
// Create a thumbnail, and resize if height greater than 200px or
// width greater than 300px.
$new_height = $old_height;
if ($new_height > 150) $new_height = 150;
if ($new_height > 200) $new_height = 200;
$new_width = round($old_width / ($old_height / $new_height));
if ($new_width > 300) {
$new_width = 300;
......@@ -255,7 +250,7 @@ class Browser extends Base {
else {
$src = '<b>'.$type.'</b>';
}
return array('content' => $this->ImageContent($src, $html_path.$file));
return ['content' => $this->ImageContent($src, $html_path.$file)];
}
private function ImageContent($src, $image) {
......
This diff is collapsed.
......@@ -27,7 +27,7 @@
if(!this.dobrado.cart){dobrado.cart={};}
(function(){'use strict';var cart={};var settings=null;var editor=null;var itemIndex=0;var shippingIndex=0;var browserTarget="";$(function(){if(dobrado.localStorage()){if(localStorage.cart){cart=JSON.parse(localStorage.cart);cartMiniTotal();}}
if($(".cart").length===0){return;}
checkDownloads();$(".cart-item .item-add").button().click(cartAdd);$(".cart-item .item-quantity").val("0");$(".cart-item .item-quantity").spinner({min:0,spin:cartQuantity,change:cartQuantity});$("#cart-checkout").button({disabled:true}).click(checkout);$("#customer-detail-submit").button().click(customerDetail);$(".cart-item .item-name a").click(cartItem);if($(".cart-payment-message").html()!==""){$(".cart-payment-message button").button().click(paymentDone);$(".cart-payment-message").dialog({modal:true,position:{my:"top",at:"top+50",of:window},title:"Payment",width:400,height:200,close:paymentDone,create:dobrado.fixedDialog});}
checkDownloads();$(".cart-item .item-add").button().click(cartAdd);$(".cart-item .item-quantity").val("0");$(".cart-item .item-quantity").spinner({min:0,spin:cartQuantity,change:cartQuantity});$("#cart-checkout").button({disabled:true}).click(checkout);$("#cart-confirm-button").button().click(confirmPurchase);$("#cart-continue-button").button().click(function(){$("#cart-checkout-dialog").dialog("close");});$("#customer-detail-submit").button().click(customerDetail);$(".cart-item .item-name a").click(cartItem);if($(".cart-payment-message").html()!==""){$(".cart-payment-message button").button().click(paymentDone);$(".cart-payment-message").dialog({modal:true,position:{my:"top",at:"top+50",of:window},title:"Payment",width:400,height:200,close:paymentDone,create:dobrado.fixedDialog});}
$("#cart-checkout-dialog").dialog({autoOpen:false,modal:true,position:{my:"top",at:"top+50",of:window},title:"Checkout",width:500,height:500,create:dobrado.fixedDialog});$("#cart-editor").dialog({autoOpen:false,close:close,position:{my:"top",at:"top+50",of:window},title:"Cart Editor",width:760,height:500,create:dobrado.fixedDialog});$("#cart-item-dialog").dialog({autoOpen:false,position:{my:"top",at:"top+50",of:window},title:"Cart Item",width:700,height:500,create:dobrado.fixedDialog});$("#cart-edit-button").button({icons:{primary:"ui-icon-pencil"},text:false}).click(cartEditor);$("#cart-total").html(cartTotal());$.each(cart,function(name,item){var id=item.id;if(id){var cssName=id.match(/^cart-item-id-(.+)$/);if(item.selected&&cssName&&cssName.length===2){$("#"+id+" .item-add").button({label:"Remove from cart"});$("#item-quantity-"+cssName[1]).spinner("value",item.quantity);}}});});function checkDownloads(){$(".cart-download-list li").each(function(i){var file=$(this).html();setTimeout(function(){location.href="/php/download.php?file="+file;},i*10000);});}
function cartPrice(item){var price=0;var checkMinimum=false;if(item.attr("id")){price=item.val();checkMinimum=true;}
else{price=item.html();}
......@@ -43,7 +43,7 @@ else{cart[name].selected=true;$(this).button({label:"Remove from cart"});}
cart[name].price=price;}
else{cart[name]={selected:true,price:price,quantity:1,id:$(this).parents(".cart-item").attr("id")};$(this).button({label:"Remove from cart"});}
if(dobrado.localStorage()){localStorage.cart=JSON.stringify(cart);}
$("#cart-total").html(cartTotal());return false;}
$("#cart-total").html(cartTotal());cartMiniTotal();return false;}
function cartQuantity(event,ui){var item=$(this).parents(".cart-item");var name="";if(item.children(".item-name").children("a").length===0){name=item.children(".item-name").html();}
else{name=item.children(".item-name").children("a").html();}
var price=cartPrice(item.children(".item-price"));var quantity=0;if("value"in ui){quantity=ui.value;}
......@@ -53,7 +53,7 @@ else{cart[name].selected=true;}
cart[name].price=price;cart[name].quantity=quantity;}
else if(quantity!==0){cart[name]={selected:true,price:price,quantity:quantity,id:item.attr("id")};}
if(dobrado.localStorage()){localStorage.cart=JSON.stringify(cart);}
$("#cart-total").html(cartTotal());}
$("#cart-total").html(cartTotal());cartMiniTotal();}
function cartMiniTotal(){var total=0;$.each(cart,function(name,item){if(item.selected&&item.price!==0){total+=item.price*item.quantity;}});$(".cart-total .number").html("$"+total.toFixed(0));if(total>0){$(".cart-total").show();}}
function cartTotal(shipping,processing){var total=0;var quantity=0;var table='<table class="cart-total-table">';$.each(cart,function(name,item){if(item.selected&&item.price!==0){total+=item.price*item.quantity;quantity+=item.quantity;table+='<tr><td>'+name+'</td><td>'+item.quantity+'</td><td>$'+(item.price*item.quantity).toFixed(2)+'</td></tr>';}});$(".cart-total .number").html("$"+total.toFixed(0));if(shipping){total+=shipping;table+='<tr><td>Shipping Cost</td><td></td><td>$'+
shipping.toFixed(2)+'</td></tr>';}
......@@ -65,8 +65,9 @@ else{$("#cart-checkout").button("option","disabled",false);}
return table;}
function cartItem(){$.post("/php/request.php",{request:"cart",action:"item",name:$(this).html(),url:location.href,token:dobrado.token},function(response){if(dobrado.checkResponseError(response,"cart item")){return;}
var item=JSON.parse(response);$("#cart-item-dialog").html(item.content);$("#cart-item-dialog").dialog("open");});}
function checkout(){$("#cart-checkout-dialog").dialog("open");$("#cart-summary").html("You have selected the following items:<br>"+
cartTotal());$("#cart-checkout-message").html("Please enter your contact details:");$("#cart-customer-details-form").show();}
function checkout(){$("#cart-checkout-dialog").dialog("open");$("#cart-summary").show().html("You have selected the following items:<br>"
+cartTotal());$("#cart-checkout-message").html("");$("#cart-customer-details-form").hide();$("#cart-confirm-button").show();$("#cart-continue-button").show();}
function confirmPurchase(){$("#cart-summary").hide();$("#cart-confirm-button").hide();$("#cart-continue-button").hide();$("#cart-checkout-message").html("Please enter your contact details:");$("#cart-customer-details-form").show();}
function customerDetail(){if($("#customer-detail-first").val()===""){$("#cart-checkout-info").html("Please enter your first name.");return false;}
if($("#customer-detail-last").val()===""){$("#cart-checkout-info").html("Please enter your last name.");return false;}
if($("#customer-detail-email").val()===""){$("#cart-checkout-info").html("Please enter your email.");return false;}
......
......@@ -62,6 +62,10 @@ if (!this.dobrado.cart) {
spin: cartQuantity,
change: cartQuantity });
$("#cart-checkout").button({ disabled: true }).click(checkout);
$("#cart-confirm-button").button().click(confirmPurchase);
$("#cart-continue-button").button().click(function() {
$("#cart-checkout-dialog").dialog("close");
});
$("#customer-detail-submit").button().click(customerDetail);
$(".cart-item .item-name a").click(cartItem);
......@@ -205,6 +209,7 @@ if (!this.dobrado.cart) {
localStorage.cart = JSON.stringify(cart);
}
$("#cart-total").html(cartTotal());
cartMiniTotal();
return false;
}
......@@ -257,6 +262,7 @@ if (!this.dobrado.cart) {
localStorage.cart = JSON.stringify(cart);
}
$("#cart-total").html(cartTotal());
cartMiniTotal();
}
function cartMiniTotal() {
......@@ -328,8 +334,18 @@ if (!this.dobrado.cart) {
function checkout() {
$("#cart-checkout-dialog").dialog("open");
$("#cart-summary").html("You have selected the following items:<br>" +
cartTotal());
$("#cart-summary").show().html("You have selected the following items:<br>"
+ cartTotal());
$("#cart-checkout-message").html("");
$("#cart-customer-details-form").hide();
$("#cart-confirm-button").show();
$("#cart-continue-button").show();
}
function confirmPurchase() {
$("#cart-summary").hide();
$("#cart-confirm-button").hide();
$("#cart-continue-button").hide();
$("#cart-checkout-message").html("Please enter your contact details:");
$("#cart-customer-details-form").show();
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment