Lukas/insecure-bank
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Create an insecure bank application

Browse Source
This commit is contained in:
Lukas Fürderer
2024-06-01 15:13:50 +02:00
commit 2133574cae
40 changed files with 1370 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

106
webroot/lib/View/CashTransactionPage.php Normal file
View File

@ -0,0 +1,106 @@
<?php
declare(strict_types=1);
namespace View;
use Model\Context;
class CashTransactionPage extends BankingPage
{
protected string $title;
public string $fieldCustomer = '';
public string $fieldAmount = '';
public string $fieldText = '';
public bool $formWasSent = false;
public bool $errorCustomerNotFound = false;
public bool $errorAmountInvalid = false;
public bool $errorAmountZero = false;
public bool $errorInsufficientFunds = false;
public bool $errorTextTooLong = false;
public bool $success = false;
public ?string $successCustomer = null;
public ?int $successAmount = null;
public function __construct(protected Context $context)
{
parent::__construct($context);
switch ($context->currentPage) {
case '/deposit.php':
$this->title = 'Einzahlen';
break;
case '/withdraw.php':
$this->title = 'Auszahlen';
break;
}
if (isset($_POST['customer'], $_POST['amount'], $_POST['text'])) {
$this->formWasSent = true;
$this->fieldCustomer = (string) $_POST['customer'];
$this->fieldAmount = (string) $_POST['amount'];
$this->fieldText = (string) $_POST['text'];
}
}
public function renderErrors(): string
{
$errors = [];
if ($this->errorCustomerNotFound) {
$errors[] = '[!] Der angegebene Kunde konnte nicht gefunden werden.';
}
if ($this->errorAmountInvalid) {
$errors[] = '[!] Der eingegebene Betrag entspricht nicht dem vorgesehenen Format.';
}
if ($this->errorAmountZero) {
$errors[] = '[!] Der Betrag muss größer als 0,00 € sein.';
}
if ($this->errorInsufficientFunds) {
$errors[] = '[!] Das Konto des Kunden ist nicht ausreichend gedeckt.';
}
if ($this->errorTextTooLong) {
$errors[] = '[!] Der Buchungstext darf nicht länger als 100 Zeichen sein.';
}
return implode('<br>', $errors);
}
public function sendTitle(): void
{
echo $this->title;
}
public function sendMainContent(): void
{
$customer = htmlspecialchars($this->fieldCustomer);
$amount = htmlspecialchars($this->fieldAmount);
$text = htmlspecialchars($this->fieldText);
echo "<h1>{$this->title}</h1>";
$errors = $this->renderErrors();
if (!empty($errors)) {
echo "<p class=\"error\">{$errors}</p>";
}
if ($this->success) {
$successCustomer = htmlspecialchars($this->successCustomer);
$successAmount = MoneyFormatter::formatAmount($this->successAmount);
switch ($this->context->currentPage) {
case '/deposit.php':
echo "<p class=\"success\">Es wurden {$successAmount} auf das Konto von {$successCustomer} eingezahlt.</p>";
break;
case '/withdraw.php':
echo "<p class=\"success\">Es wurden {$successAmount} aus dem Konto von {$successCustomer} ausgezahlt.</p>";
break;
}
}
echo "<form class=\"cash-transaction\" action=\"{$this->context->currentPage}\" method=\"post\">";
echo "<label for=\"customer\">Kundenname:</label><input type=\"text\" name=\"customer\" id=\"customer\" maxlength=\"20\" value=\"{$customer}\"><br>";
echo "<label for=\"amount\">Betrag:</label><input type=\"text\" name=\"amount\" id=\"amount\" value=\"{$amount}\"><br>";
echo "<label for=\"text\">Buchungstext:</label><input type=\"text\" name=\"text\" id=\"text\" value=\"{$text}\"><br>";
echo "<input type=\"submit\" value=\"{$this->title}\">";
echo '</form>';
}
}