Fix code review issues
- Remove unnecessary mysqli_real_escape_string calls on prepared statement params - Add validation for strtotime to handle invalid dates gracefully Co-authored-by: iaretechnician <2749183+iaretechnician@users.noreply.github.com>
This commit is contained in:
parent
4397e67ccb
commit
a16dfcd15f
2 changed files with 18 additions and 6 deletions
|
|
@ -303,7 +303,11 @@ function exec_ogp_module()
|
||||||
}
|
}
|
||||||
else{
|
else{
|
||||||
//this is a renewel, start from end of previous order
|
//this is a renewel, start from end of previous order
|
||||||
$end_date = strtotime('+'.$order['qty'].' day',strtotime($order['end_date']));
|
$current_end = strtotime($order['end_date']);
|
||||||
|
if ($current_end === false) {
|
||||||
|
$current_end = time(); // fallback to now if date is invalid
|
||||||
|
}
|
||||||
|
$end_date = strtotime('+'.$order['qty'].' day', $current_end);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
@ -316,7 +320,11 @@ function exec_ogp_module()
|
||||||
}
|
}
|
||||||
else{
|
else{
|
||||||
//this is a renewel, start from end of previous order
|
//this is a renewel, start from end of previous order
|
||||||
$end_date = strtotime('+'.$order['qty'].' month',strtotime($order['end_date']));
|
$current_end = strtotime($order['end_date']);
|
||||||
|
if ($current_end === false) {
|
||||||
|
$current_end = time(); // fallback to now if date is invalid
|
||||||
|
}
|
||||||
|
$end_date = strtotime('+'.$order['qty'].' month', $current_end);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
elseif ($order['invoice_duration'] == "year")
|
elseif ($order['invoice_duration'] == "year")
|
||||||
|
|
@ -327,7 +335,11 @@ function exec_ogp_module()
|
||||||
}
|
}
|
||||||
else{
|
else{
|
||||||
//this is a renewel, start from end of previous order
|
//this is a renewel, start from end of previous order
|
||||||
$end_date = strtotime('+'.$order['qty'].' year',strtotime($order['end_date']));
|
$current_end = strtotime($order['end_date']);
|
||||||
|
if ($current_end === false) {
|
||||||
|
$current_end = time(); // fallback to now if date is invalid
|
||||||
|
}
|
||||||
|
$end_date = strtotime('+'.$order['qty'].' year', $current_end);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -128,11 +128,11 @@ if ($service_stmt) {
|
||||||
// Create invoice for renewal
|
// Create invoice for renewal
|
||||||
$qty = 1;
|
$qty = 1;
|
||||||
$price_formatted = number_format($price_val, 2, '.', '');
|
$price_formatted = number_format($price_val, 2, '.', '');
|
||||||
$home_name = mysqli_real_escape_string($db, $order['home_name'] ?? 'Server Renewal');
|
$home_name = $order['home_name'] ?? 'Server Renewal';
|
||||||
$ip = intval($order['ip'] ?? 0);
|
$ip = intval($order['ip'] ?? 0);
|
||||||
$max_players = intval($order['max_players'] ?? 0);
|
$max_players = intval($order['max_players'] ?? 0);
|
||||||
$rcon_pw = mysqli_real_escape_string($db, $order['remote_control_password'] ?? '');
|
$rcon_pw = $order['remote_control_password'] ?? '';
|
||||||
$ftp_pw = mysqli_real_escape_string($db, $order['ftp_password'] ?? '');
|
$ftp_pw = $order['ftp_password'] ?? '';
|
||||||
$description = "Renewal: " . $service_name . " - " . $home_name . " (" . $duration . ")";
|
$description = "Renewal: " . $service_name . " - " . $home_name . " (" . $duration . ")";
|
||||||
$now = date('Y-m-d H:i:s');
|
$now = date('Y-m-d H:i:s');
|
||||||
$due_date = date('Y-m-d H:i:s', strtotime('+7 days')); // Due in 7 days
|
$due_date = date('Y-m-d H:i:s', strtotime('+7 days')); // Due in 7 days
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue