Beispiel #1
0
        $shares = $_POST["shares"];
        if (preg_match("/^\\d+\$/", $shares) == false) {
            apologize("You must enter a whole number!");
        } elseif ($shares <= 0) {
            apologize("Enter a number greater than zero!");
        }
        $symbol = strtoupper($_POST["symbol"]);
        $id = $_SESSION["id"];
        $action = "BUY";
        // get a quote for the requested share
        $quote = lookup($symbol);
        if (!$quote) {
            apologize("Symbol not found!");
        }
        // users are unique so select the first row [0]
        $user = cs50::query("SELECT * FROM users WHERE id = ?", $id)[0];
        $value = $shares * $quote["price"];
        $cash_available = $user["cash"];
        if ($value > $cash_available) {
            apologize("You don't have enough cash!");
        }
        // add purchase to user's portfolio
        cs50::query("INSERT INTO portfolios (user_id, symbol, shares) VALUES (?, ?, ?)\n            ON DUPLICATE KEY UPDATE shares = shares + ?", $id, $symbol, $shares, $shares);
        // set user's cash to reflect purchase
        cs50::query("UPDATE users SET cash = cash - ? WHERE id = ?", $value, $id);
        // add purchase information into history
        cs50::query("INSERT INTO history (date, action, user_id, symbol, shares, price) \n            VALUES (NOW(), ?, ?, ?, ?, ?)", $action, $id, $symbol, $shares, $quote["price"]);
        // redirect user back to their porfolio
        redirect("/");
    }
}
Beispiel #2
0
<?php

// configuration
require "../includes/config.php";
// ID of currently logged in user
$id = $_SESSION["id"];
// store account info to pass to render
// query returns an array or user arrays, users are unique so we only need index[0]
$user = cs50::query("SELECT * FROM users WHERE id = {$id}")[0];
// stores data to pass to render
$folio = [];
// query database for shares owned by current user
$rows = cs50::query("SELECT * FROM portfolios WHERE user_id = {$id}");
foreach ($rows as $row) {
    $stock = lookup($row["symbol"]);
    if ($stock !== false) {
        $folio[] = ["symbol" => $stock["symbol"], "name" => $stock["name"], "shares" => $row["shares"], "price" => $stock["price"]];
    }
}
// sort the portfolios alphabetically using the first index in the array(symbol)
uasort($folio, 'cmp_ascending');
render("portfolio.php", ["title" => "Portfolio", "folio" => $folio, "user" => $user]);
Beispiel #3
0
require "../includes/config.php";
// get the user's current password for validation
$id = $_SESSION["id"];
$hash = cs50::query("SELECT hash FROM users WHERE id = ?", $id)[0]["hash"];
if ($_SERVER["REQUEST_METHOD"] == "GET") {
    render("password_change_form.php", ["title" => "Password Change"]);
} else {
    if ($_SERVER["REQUEST_METHOD"] == "POST") {
        // validate form input
        if (empty($_POST["password"])) {
            apologize("You must enter your current password!");
        } else {
            if (!password_verify($_POST["password"], $hash)) {
                apologize("Your password is incorrect!");
            } else {
                if (empty($_POST["new_password"])) {
                    apologize("You must provide a new password!");
                } else {
                    if (!($_POST["new_password"] == $_POST["confirmation"])) {
                        apologize("Your passwords do not match!");
                    } else {
                        // update the current user's password hash
                        cs50::query("UPDATE users SET hash = ? WHERE id = ?", password_hash($_POST["new_password"], PASSWORD_DEFAULT), $id);
                        success("Your password has been changed!");
                    }
                }
            }
        }
    }
}
Beispiel #4
0
<?php

require "../includes/config.php";
$id = $_SESSION["id"];
$rows = cs50::query("SELECT * FROM history WHERE user_id = ?", $id);
$history = [];
foreach ($rows as $row) {
    /**
     * make datetime more human friendly
     * from http://stackoverflow.com/questions/136782/convert-from-mysql-datetime-to-another-format-with-php
     */
    $date = strtotime($row["date"]);
    $date_formatted = date("m/d/y g:i A", $date);
    if ($row) {
        $history[] = ["date" => $date_formatted, "action" => $row["action"], "symbol" => $row["symbol"], "shares" => $row["shares"], "price" => $row["price"], "total" => $row["shares"] * $row["price"]];
    }
}
uasort($history, "cmp_descending");
render("history.php", ["title" => "History", "history" => $history]);