specimen

Refactor the code below to improve the security and implement best-practices in terms of Magento coding approaches. Also, please create a module that contains the rewritten controller and (at least) system.xml to specify appropriate default values.

public function postAction() {            
//avoid notices warnings
!isset($_POST['livechat_license_number']) ? $livechat_license_number = '' : $livechat_license_number =   $_POST['livechat_license_number'];
!isset($_POST['livechat_groups']) ? $livechat_groups = '0' : $livechat_groups = $_POST['livechat_groups']; 
!isset($_POST['livechat_params']) ? $livechat_params = '' : $livechat_params = $_POST['livechat_params'];
$config_table = Mage::getSingleton('core/resource')->getTableName('core_config_data');

$read = Mage::getSingleton('core/resource')->getConnection('core_read');
$query = 'SELECT * FROM ' . $config_table;
$query .= ' WHERE scope="default" AND scope_id=0 AND path="livechat/general/license"';
$results = $read->fetchAll($query);

$write = Mage::getSingleton('core/resource')->getConnection('core_write');

//check for existing configurations
if ($row = array_pop($results)) {
       $license_id = $row['config_id'];
      
       $query = 'UPDATE ' . $config_table;
       $query .= ' SET value="' . $livechat_license_number . '"';
       $query .= ' WHERE config_id=' . $license_id;
       $write->query($query);
     
       $query = 'UPDATE ' . $config_table;
       $query .= ' SET value="' . $livechat_groups . '"';
       $query .= ' WHERE config_id=' . ++$license_id;
       $write->query($query);
      
       $query = 'UPDATE ' . $config_table;
       $query .= ' SET value="' . $livechat_params . '"';
       $query .= ' WHERE config_id=' . ++$license_id;
       $write->query($query);
} else {
       $query = 'INSERT INTO ' . $config_table;
       $query .= ' (scope, scope_id, path, value)';
       $query .= ' VALUES ("default", 0, "livechat/general/license", "' . $livechat_license_number . '"),';
       $query .= ' ("default", 0, "livechat/advanced/group", "0"),';
       $query .= ' ("default", 0, "livechat/advanced/params", "")';
       $write->query($query);
}

// Refresh the config.
Mage::getConfig()->cleanCache();
Mage::getConfig()->reinit();

$this->_redirect('*/*/index'); 
}

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
app		app
dev		dev
errors		errors
includes		includes
js		js
lib		lib
media		media
shell		shell
skin		skin
var		var
.gitignore		.gitignore
.htaccess		.htaccess
.htaccess.sample		.htaccess.sample
README.md		README.md
api.php		api.php
cron.php		cron.php
cron.sh		cron.sh
favicon.ico		favicon.ico
get.php		get.php
index.php		index.php
index.php.sample		index.php.sample
install.php		install.php
mage		mage
php.ini.sample		php.ini.sample

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

specimen

About

Releases

Packages

Languages

jonpday/specimen

Folders and files

Latest commit

History

Repository files navigation

specimen

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages