Ejemplos de getAccountByUserId en PHP

Ejemplo n.º 1

Archivo: user.php Proyecto: efdalustaoglu/secure-coding

function createTans($id)
{
    $return = returnValue();
    // get user's account number
    $accountId = getAccountByUserId($id)->ID;
    // generate 100 tans
    for ($i = 0; $i < 100; $i++) {
        $tanUnique = false;
        while (!$tanUnique) {
            $tan = generateTan();
            // check if tan is unique
            if (checkTanUniqueness($tan)) {
                // save tan if it is unique
                if (insertTan($tan, $accountId)) {
                    $tanUnique = true;
                } else {
                    $return->value = false;
                    $return->msg = "Error inserting tans to DB";
                    return $return;
                }
            }
        }
    }
    // send email to user with tans
    if (!sendTanEmail($id, $accountId)) {
        $return->value = false;
        $return->msg = "Error sending tan email";
        return $return;
    }
    $return->value = true;
    $return->msg = "Tan creation process successful";
    return $return;
}

Ejemplo n.º 2

Archivo: view_transactions.php Proyecto: efdalustaoglu/secure-coding

require_once "../app/user.php";
require_once "../app/transaction.php";
startSession(true);
getDBCredentials(getAuthUser()->usertype);
clearCSRFToken();
//generatePDF(8);
$showDownload = "";
// if the logged in user is not an employee
if (getAuthUser()->usertype === 'C') {
    $accountId = getAccountByUserId(getAuthUser()->userid)->ID;
    $transactions = getTransactionsByAccountId($accountId);
    $showDownload = "?download=1";
} else {
    //4.8.1
    if (isset($_GET['id']) && is_numeric((int) $_GET['id']) && (int) $_GET['id'] > 0) {
        $accountId = getAccountByUserId((int) $_GET['id'])->ID;
        $transactions = getTransactionsByAccountId($accountId);
        $showDownload = "?id=" . $_GET['id'] . "&download=1";
    } else {
        $transactions = getTransactions();
    }
}
if (isset($_GET['download'])) {
    $download = $_GET['download'];
    $pdf = generatePDF($accountId);
}
$users = getUsers();
// include header
$pageTitle = "View Transactions";
include "header.php";
?>

Ejemplo n.º 3

Archivo: view_transaction.php Proyecto: efdalustaoglu/secure-coding

    if (is_numeric($id)) {
        $transaction = getSingleTransaction($id);
    }
}
// include header
$pageTitle = "View Transaction";
include "header.php";
?>

<?php 
if (isset($transaction) && $transaction) {
    ?>

<?php 
    //Ensure user is authorized to see transaction 4.4.3
    $account = getAccountByUserId(getAuthUser()->userid)->ID;
    if (getAuthUser()->usertype != 'E' && $transaction->SENDER_ACCOUNT != $account && $transaction->RECIPIENT_ACCOUNT != $account) {
        die("Unauthorized access");
    }
    ?>

<h3>View Transaction</h3>
<form class="pure-form pure-form-aligned" method="post" action="<?php 
    $_SERVER['PHP_SELF'];
    ?>
">
  <input type="hidden" name="transactiontoken" id="transactiontoken" value="<?php 
    echo $_SESSION['transactiontoken'];
    ?>
" />
  <fieldset>