I want to check the Referal Model for the value and when the value matches with my input I have to pay rupees 350 else I have to pay 375 .But I am redirect to pay 350 everytime even if I have entered invalid code
I have tried this logic but it didn't worked
use App\Theme_User;
use App\Theme;
use App\activity_users;
use Illuminate\Http\Request;
use App\User;
use App\Referal;
use Illuminate\Support\Facades\Auth;
public function pay(Request $request){
$api = new \Instamojo\Instamojo(
config('services.instamojo.api_key'),
config('services.instamojo.auth_token'),
config('services.instamojo.url')
);
$referral = $request->input('refer');
$valid_referral = Referal::select('referal_code')->where('referal_code', $referral)->get();
Theme_User::where('Payment_id', '=', 'Dummy')->delete();
$sale_rel = new Theme_User;
$sale_rel->User_id = Auth::user()->id;
if($request->input('purpose') === "Gratitude Theme")
$sale_rel->Theme_id = 1;
$sale_rel->Payment_id = "Dummy"; //$response['payments'][0]['payment_id'];
$sale_rel->Address = $request->input('address');
$sale_rel->Unlock_key = \Uuid::generate()->string;
$sale_rel->referal_id = $referral;
$sale_rel->Unlocked = 0;
$sale_rel->save();
if($referral == $valid_referral){
try {
$response = $api->paymentRequestCreate(array(
"purpose" => $request->input('purpose'),
"amount" => 350,
"buyer_name" => Auth::user()->name,
"send_email" => true,
"email" => Auth::user()->email,
"redirect_url" => "http://127.0.0.1:8000/pay-success"
));
header('Location: ' . $response['longurl']);
exit();
}catch (Exception $e) {
print('Error: ' . $e->getMessage());
}
}
else{
try {
$response = $api->paymentRequestCreate(array(
"purpose" => $request->input('purpose'),
"amount" => 375,
"buyer_name" => Auth::user()->name,
"send_email" => true,
"email" => Auth::user()->email,
"redirect_url" => "http://127.0.0.1:8000/pay-success"
));
header('Location: ' . $response['longurl']);
exit();
}catch (Exception $e) {
print('Error: ' . $e->getMessage());
}
}
}
I want to pay rupees 350 when I have a valid referal code else I have to pay 375
Try it.
use App\Theme_User;
use App\Theme;
use App\activity_users;
use Illuminate\Http\Request;
use App\User;
use App\Referal;
use Illuminate\Support\Facades\Auth;
public function pay(Request $request){
$api = new \Instamojo\Instamojo(
config('services.instamojo.api_key'),
config('services.instamojo.auth_token'),
config('services.instamojo.url')
);
Theme_User::where('Payment_id', '=', 'Dummy')->delete();
$sale_rel = new Theme_User;
$sale_rel->User_id = Auth::user()->id;
if($request->input('purpose') === "Gratitude Theme")
$sale_rel->Theme_id = 1;
$sale_rel->Payment_id = "Dummy"; //$response['payments'][0]['payment_id'];
$sale_rel->Address = $request->input('address');
$sale_rel->Unlock_key = \Uuid::generate()->string;
$sale_rel->referal_id = $referral;
$sale_rel->Unlocked = 0;
$sale_rel->save();
$amount = 375;
$valid_referral = Referal::select('referal_code')->where('referal_code', $request->input('refer'))->first();
if(!empty($valid_referral)){
$amount = 350;
}
try {
$response = $api->paymentRequestCreate(array(
"purpose" => $request->input('purpose'),
"amount" => $amount,
"buyer_name" => Auth::user()->name,
"send_email" => true,
"email" => Auth::user()->email,
"redirect_url" => "http://127.0.0.1:8000/pay-success"
));
header('Location: ' . $response['longurl']);
exit();
}catch (Exception $e) {
print('Error: ' . $e->getMessage());
}
}
Use
$valid_referral = Referal::select('referal_code')->where('referal_code', $referral)->first();
Instead of
$valid_referral = Referal::select('referal_code')->where('referal_code', $referral)->get();
get() gives you a collection which you need to iterate to get values but first() gives you an object. In your case you need the object. Not the collection.
Related
I wrote this Code For Image Upload but I do not know if it is secure, or not. Is There any issue or vulnerability in this code??
if($request->hasFile('image')){
$AllowedImages = ['jpeg', 'jpg', 'png'];
$AllowedImageTypes = ['image/jpeg', 'image/png'];
$image = $request->image;
$ImageNameWithExtension = $image->getClientOriginalName();
$ImageName = pathinfo($ImageNameWithExtension, PATHINFO_FILENAME);
$ImageExtension = $image->getClientOriginalExtension();
$ImageType = $image->getMimeType();
$ImageLocalPath = $image->getPathName();
$ImageSize = $image->getSize();
$ImageError = $image->getError();
$ImageNewName = sha1(md5($ImageName)).''.sha1(time()).'.'.$ImageExtension;
if(in_array($ImageType, $AllowedImageTypes) && in_array($ImageExtension, $AllowedImages) && getimagesize($ImageLocalPath) && ($ImageError === 0) && ($ImageSize <= 2000000)){
if($ImageType == 'image/jpeg' && ( $ImageExtension == 'jpeg' || $ImageExtension == 'jpg')){
$img = imagecreatefromjpeg($ImageLocalPath);
imagejpeg( $img, $ImageNewName, 100);
}
elseif($ImageType == 'image/png' && $ImageExtension == 'png'){
$img = imagecreatefrompng($ImageLocalPath);
imagepng( $img, $ImageNewName, 9);
}
imagedestroy($img);
try
{
$StoreImage = $image->storeAs('public/Upload/', $ImageNewName);
if(!$StoreImage){
throw new customException('File Upload Failed');
}
}
catch(customException $e){
session()->flash('File_Error', $e->errorMessage());
return back();
}
}
else{
session()->flash('File_Error', 'Image Validation Error Found');
return back();
}
}
else{
return back();
}
Consider this refactor for your code, it will help make your code cleaner.
public function store(Request $request)
{
$record = Model::create( $this->validateRequest() ); // this can insert other data into your database. In the db table, initially set the image related fields to nullable
$this->storeFile($record); // this will check if the request has a file and update the image related fields accordingly, else it will remain blank as it is nullable by default
return 'all data is saved';
}
private function validateRequest(){
return request()->validate([
'type' => 'nullable',
'image'=> request()->hasFile('image') ? 'mimes:jpeg,jpg,png|max:2000' : 'nullable', // 2000 means a maximum of 2MB
'other_field_1' => 'required',
'other_field_2' => 'required',
'other_field_3' => 'required'
]);
}
private function storeFile($record){
if( request()->hasFile('image') ){
$record->update([
'type' => request()->file->extension(),
'image' => request()->file->store('uploads/files', 'public') // The file will be hashed by default. public is used as second argument so you can access the uploaded file via your public folder
]);
}
}
This is check for file in the request, validate the file and other data, upload the file into storage folder.
You can use this code, for upload image :
In Request file :
public function rules()
{
return [
'image' => 'required|mimes:jpeg,jpg,png|max:50000'
],
}
And in your controller :
public function uploadImage(YourRequestClass $request){
$image = $request->file('image');
try{
$order=new Order();
if (!file_exists('upload/' . $image)) {
$currentDate = Carbon::now()->toDateString();
$imageName = $currentDate . '-' . uniqid() . '.' . $image->getClientOriginalExtension();
if (!file_exists('upload/')) {
mkdir('upload/', 0777, true);
}
$image->move('upload/', $imageName);
$order->image = $imageName;
}
$order->save();
return back();
} catche(\Exception $e){
Log::error($e);
return back();
}
}
am trying to capture all queries and record a log of interactions, however some queries are not being captured, this specific query for example:
$this->db->update('showtec.motoristas', $motorista);
I capture the queries using the Hooks function like this:
Hooks.php:
$hook['post_controller'] = array(
'class' => 'Db_query_log',
'function' => 'log_db_queries',
'filename' => 'db_log.php',
'filepath' => 'hooks'
);
db_log.php:
<?php
class Db_query_log {
function __construct() {
}
function log_db_queries() {
$CI =& get_instance();
$CI->load->model('auditoria');
$data = array();
$queries = $CI->db->queries;
$data['id_usuario_gestor'] = $CI->auth->get_login('id_user');
foreach ($queries as $query){
if (preg_match($pattern = '/' . 'INSERT' . '/', $query)){
$queryArray = explode("`", $query);
if($queryArray[3] != 'ip'){
$data['query'] = $query;
$data['clause'] = 'insert';
break;
}
}elseif (preg_match($pattern = '/' . 'UPDATE' . '/', $query)){
$data['query'] = $query;
$data['clause'] = 'update';
break;
}elseif (preg_match($pattern = '/' . 'DELETE' . '/', $query)){
$data['query'] = $query;
$data['clause'] = 'delete';
break;
}
}
if(array_key_exists('query', $data)){
$CI->auditoria->salvarAuditoria($data);
}
}
}
I've issue with my CMS whenever I tried to Add new page with the following line of code
<?php echo form_open_multipart('admin/page/edit/'. $page->id); ?>
it gives me error
A PHP Error was encountered
Severity: Notice
Message: Undefined property: stdClass::$id
Filename: page/edit.php
Line Number: 5
my edit function is this which perform add & update functionality
public function edit($id = NULL) {
//Fetch a page or set new one
if ($id) {
$this->data['page'] = $this->page_m->get($id);
count($this->data['page']) || $this->data['errors'][] = 'Page Could not be found';
} else {
$this->data['page'] = $this->page_m->get_new();
}
$id == NULL || $this->data['page'] = $this->page_m->get($id);
//Pages for dropdown
$this->data['pages_no_parents'] = $this->page_m->get_no_parents();
//dump($this->data['pages_no_parents']);
//Setup form
$rules = $this->page_m->rules;
$this->form_validation->set_rules($rules);
//Process the form
if ($this->form_validation->run() == TRUE) {
$data = $this->page_m->array_from_post(array(
'title',
'slug',
'order',
'body',
'template',
'parent_id',
'filename'
));
/* * ***********WORKING FOR IMAGE UPLOAD AND SAVE PATH TO DATABASE*************** */
if (!empty($_FILES['filename'])) {
$fdata = $this->do_upload('filename'); /// you are passing the parameter here
$data['filename'] = base_url() . 'uploads/' . $fdata;
}
$this->page_m->save($data, $id);
// echo '<pre>' . $this->db->last_query() . '</pre>';
redirect('admin/page');
}
//Load the view
$this->data['subview'] = 'admin/page/edit';
$this->load->view('admin/_layout_main', $this->data);
}
public function do_upload($field_name) { // but not retriveing here do this
$field_name = 'filename';
$config = array(
'allowed_types' => '*',
'max_size' => '1024',
'max_width' => '1024',
'max_height' => '768',
'upload_path' => './uploads/'
);
$this->load->library('upload');
$this->upload->initialize($config);
if (!$this->upload->do_upload($field_name)) {
echo $this->upload->display_errors();
die();
$this->data['error'] = array('error' => $this->upload->display_errors());
//$this->data['subview'] = 'admin/page/edit';
//$this->load->view('admin/_layout_main', $this->data);
} else {
$fInfo = $this->upload->data();
//return $fInfo['file_path'].$fInfo['file_name'];
// $this->filename = $fInfo;
return $fInfo['file_name'];
}
}
<?php echo form_open_multipart('admin/page/edit/'. ((isset($page->id)) ? $page->id : '')); ?>
As I mentioned in my comment, if you are creating a new record (I assume:) your page object will not have an id yet, so you just have to do a quick check to make sure it exists and if not output an empty string.
I am trying to save the images in my module but the images are not saving from the form.
$uploader = new Varien_File_Uploader('image'); this code is not working I dont know why. The loop breaks on this line and the control get out of the loop from here. How can I save the images.
Here is my save function in the controller
public function saveAction()
{
if ($this->getRequest()->getPost())
{
try
{
$postData = $this->getRequest()->getPost();
//echo "<pre>";print_r($postData); exit;
$articleModel = Mage::getModel('blog/article');
$imgFilename = NULL;
if($_FILES['image']['name'] != '')
{//echo "<pre>"; echo count($_FILES['image']['name']);
foreach($_FILES['image']['name'] as $_FILES['image']['name'])
{
//print_r($_FILES['image']['name']);
try
{ echo "1";
$uploader = new Varien_File_Uploader('image'); echo "hi";
//print_r($uploader);exit;
$uploader->setAllowedExtensions(array('jpg','jpeg','gif','png','flv'));
$uploader->setAllowRenameFiles(false);
$uploader->setFilesDispersion(false);
$uploader->setAllowCreateFolders(true);
// Set media as the upload dir
$media_path = Mage::getBaseDir('media') . DS . 'blog' . DS;
$imgFilename = time() . $postData['image'];
// Upload the image
//$uploader->save($media_path, $_FILES['image']['name']);echo "4";
$uploader->save($media_path, $imgFilename);
}
catch (Exception $e)
{
Mage::log($e);
$this->_redirectError(502);
}
$data['image'] = $imgFilename;
}
}
else
{
if(isset($data['image']['delete']) && $data['image']['delete'] == 1)
$data['image'] = '';
else
unset($data['image']);
}
//echo "out"; exit;
if( $this->getRequest()->getParam('id') <= 0 )
$articleModel->setCreatedTime(
Mage::getSingleton('core/date')
->gmtDate());
$articleModel
->addData($postData)
->setUpdatedTime(
Mage::getSingleton('core/date')
->gmtDate())
->setId($this->getRequest()->getParam('id'))
->save();
$lastid = $articleModel->getId();
if($data['image'] != '')
{
foreach($data['image'] as $img)
{
$imageModel=Mage::getModel('blog/image');
$imageModel->setArticleId($lastid)->setImage($data['image'])->save();
}
}
Mage::getSingleton('adminhtml/session')
->addSuccess('successfully saved');
Mage::getSingleton('adminhtml/session')
->setarticleData(false);
$this->_redirect('*/*/');
//return;
if ($this->getRequest()->getParam('back'))
{
$this->_redirect('*/*/edit',array('id' => $articleModel->getId()));
return;
}
}
catch (Exception $e)
{
Mage::getSingleton('adminhtml/session')
->addError($e->getMessage());
Mage::getSingleton('adminhtml/session')
->setarticleData($this->getRequest()
->getPost());
$this->_redirect('*/*/edit',
array('id' => $this->getRequest()
->getParam('id')));
return;
}
}
$this->_redirect('*/*/');
}
and here is my form for the image
<?php
class Vertax_Blog_Block_Adminhtml_Article_Edit_Tab_Image extends Mage_Adminhtml_Block_Widget_Form
{
protected function _prepareForm()
{
$form = new Varien_Data_Form();
$this->setForm($form);
$fieldset = $form->addFieldset('image_form',
array('legend'=>'image'));
//$fieldset->addType('image', Mage::getConfig()->getBlockClassName('blog/adminhtml_article_helper_image'));
$fieldset->addType('image', 'Vertax_Blog_Block_Adminhtml_Article_Helper_Image');
$fieldset->addField('image', 'image', array(
'label' => 'Image',
'required' => false,
'name' => 'image[]',
'multiple' => 'multiple',
'mulitple' => true,
));
if (Mage::getSingleton('adminhtml/session')->getBlogPostData()) {
$form->setValues(Mage::getSingleton('adminhtml/session')->getBlogPostData());
Mage::getSingleton('adminhtml/session')->setBlogPostData(null);
} elseif (Mage::registry('article_data')) {
$form->setValues(Mage::registry('article_data')->getData());
}
return parent::_prepareForm();
}
}
?>
$uploader = new Mage_Core_Model_File_Uploader(
array(
'name' => $_FILES['galleryImage']['name'][$i],
'type' => $_FILES['galleryImage']['type'][$i],
'tmp_name' => $_FILES['galleryImage']['tmp_name'][$i],
'error' => $_FILES['galleryImage']['error'][$i],
'size' => $_FILES['galleryImage']['size'][$i]
));
Waseem,please try code for upload image..
$uploader = new Mage_Core_Model_File_Uploader('image');
$uploader->setAllowedExtensions(array('jpg', 'jpeg', 'gif', 'png'));
$uploader->setFilesDispersion(true);
$media_path = Mage::getBaseDir('media') . DS . 'blog' . DS;
$imgFilename = time() . $postData['image'];
// Upload the image
//$uploader->save($media_path, $_FILES['image']['name']);echo "4";
$uploader->save($media_path, $imgFilename);
there was a problem in your code while adding fieldset
$fieldset->addField('image', 'image', array(
'label' => 'Image',
'required' => false,
'name' => 'image[]',
'multiple' => 'multiple',
'mulitple' => true,
));
here you had set the name to image[] which in turn will return the array as $_FILES['image][name][], $_FILES['image][tmp_name][].
If you want to upload single file then set 'name' = 'image' or see this question
Try to use
$uploader = new Varien_File_Uploader($_FILES['image']);
instead of what you use currently.
I have created custom module in magento with image upload attribute. Image name was successfully stored in DB table. But image doesn't upload to the target folder.
I have tried with this following code. please show me "what am i doing wrong here"
$uploader = new Varien_File_Uploader('fileinputname');
$uploader->setAllowedExtensions(array('jpg','jpeg','gif','png'));
$uploader->setAllowRenameFiles(false);
$uploader->setFilesDispersion(false);
$path = Mage::getBaseDir('media') .DS. 'foo'.DS ;
$uploader->save($path, $_FILES['fileinputname']['name']);
Last week I added the file upload option for my Magento app..Here is the code. This may help to you. This is the save action for your controller.
public function saveAction() {
$filedata = array();
$uploadedFile = 'uploaded_file';
$_helper = Mage::helper('fileuploader');
if (!empty($_FILES[$uploadedFile]['name'])) {
try {
$ext = $_helper->getFileExtension($_FILES[$uploadedFile]['name']);
$fname = 'File-' . time() . $ext;
$uploader = new Varien_File_Uploader($uploadedFile);
#$uploader->setAllowedExtensions(array("txt", "csv", "htm", "html", "xml", "css", "doc", "docx", "xls", "xlsx", "rtf", "ppt", "pdf", "swf", "flv", "avi", "wmv", "mov", "wav", "mp3", "jpg", "jpeg", "gif", "png","zip"));
$uploader->setAllowRenameFiles(true);
$uploader->setFilesDispersion(false);
$path = Mage::getBaseDir('media') . DS . 'custom' . DS . 'upload' . DS;
$uploader->save($path, $fname);
$filedata[$uploadedFile] = 'custom/upload/' . $fname;
} catch (Exception $e) {
Mage::getSingleton('adminhtml/session')->addError($e->getMessage());
$this->_redirect('*/*/edit', array('id' => $this->getRequest()->getParam('id')));
return;
}
}
if ($data = $this->getRequest()->getPost()) {
$products = array();
$availProductIds = Mage::getModel('fileuploader/fileuploader')->getAllAvailProductIds();
parse_str($data['fileuploader_products'], $products);
foreach ($products as $k => $v) {
if (preg_match('/[^0-9]+/', $k) || preg_match('/[^0-9]+/', $v)) {
unset($products[$k]);
}
}
$productIds = array_intersect($availProductIds, $products);
$data['product_ids'] = implode(',', $productIds);
if (!empty($filedata[$uploadedFile])) {
$data[$uploadedFile] = $filedata[$uploadedFile];
} else {
if (isset($data[$uploadedFile]['delete']) && $data[$uploadedFile]['delete'] == 1) {
if ($data[$uploadedFile]['value'] != '')
$this->removeFile($data[$uploadedFile]['value']);
$data[$uploadedFile] = '';
}else {
unset($data[$uploadedFile]);
}
}
$model = Mage::getModel('fileuploader/fileuploader');
$model->setData($data)
->setId($this->getRequest()->getParam('id'));
try {
$model->save();
Mage::getSingleton('adminhtml/session')->addSuccess(Mage::helper('fileuploader')->__('Item was successfully saved'));
Mage::getSingleton('adminhtml/session')->setFormData(false);
if ($this->getRequest()->getParam('back')) {
$this->_redirect('*/*/edit', array('id' => $model->getId()));
return;
}
$this->_redirect('*/*/');
return;
} catch (Exception $e) {
Mage::getSingleton('adminhtml/session')->addError($e->getMessage());
Mage::getSingleton('adminhtml/session')->setFormData($data);
$this->_redirect('*/*/edit', array('id' => $this->getRequest()->getParam('id')));
return;
}
}
Mage::getSingleton('adminhtml/session')->addError(Mage::helper('fileuploader')->__('Unable to find item to save'));
$this->_redirect('*/*/');
}
Build form by add colomn function in grid.php
$this->addColumn('uploaded_file', array(
'header' => Mage::helper('fileuploader')->__('File'),
'align' => 'left',
'type' => 'file',
'escape' => true,
'sortable' => false,
'index' => 'uploaded_file',
));
And This is most important. Dont forgot to mention that your form enctype should be Multi/part in form.php file. I guess you missed it. Please check this.
protected function _prepareForm() {
$form = new Varien_Data_Form(array(
'id' => 'edit_form',
'action' => $this->getUrl('*/*/save', array('id' => $this->getRequest()->getParam('id'))),
'method' => 'post',
'enctype' => 'multipart/form-data'
)
);
Thats it..!!
Hi Elavarasan i can't seem to figure out what is wrong in what i did, or if i actually have done something. I used magento-module-creator you suggested and then added all the code above that you give under helper/data.php. Nothing happens. Appreciate your help as i am new in magento.