if (!$balanceRequest) {
        return $this->view->render($response, 'admin-balance-request-review.php', ['error' => 'Invalid Balance ID, please ensure you have the correct URL.']);
    }
    return $this->view->render($response, 'admin-balance-request-review.php', ['balance_request' => $balanceRequest]);
})->add(new AuthMiddleware())->add(new AuthAdminMiddleware());
/*
 * POST Route.
 */
$app->post('/admin/balance-request/{id}', function ($request, $response, $args) {
    $token = Token::where('token', $_SESSION['login_token'])->first();
    $user = User::where('id', $token->user_id)->first();
    $requestID = $args['id'];
    if (!is_numeric($requestID) || !$requestID > 0) {
        return $this->view->render($response, 'admin-balance-request-review.php', ['error' => 'Unknown Request ID, ensure you have the correct URL.']);
    }
    $balanceRequest = BalanceRequest::where('BalanceRequest.id', $requestID)->join('Character', 'Character.id', '=', 'BalanceRequest.character_id')->select('BalanceRequest.*', 'Character.name')->first();
    if (!$balanceRequest) {
        return $this->view->render($response, 'admin-balance-request-review.php', ['error' => 'Invalid Balance ID, please ensure you have the correct URL.']);
    }
    $accepted = $_POST['accepted'] == 'accepted' ? 'Accepted' : 'Rejected';
    $reasoning = $_POST['decision_reasoning'];
    if (empty($reasoning)) {
        return $this->view->render($response, 'admin-balance-request-review.php', ['error' => 'Reasoning cannot be blank when submitting a review.']);
    }
    $character = Character::where('user_id', $balanceRequest->character_id)->first();
    $balanceRequest->update(['status' => $accepted, 'decision_reasoning' => $reasoning, 'completed' => 'Yes']);
    if ($balanceRequest->status === 'Accepted') {
        $balance = Balance::Create(['amount' => $balanceRequest->amount, 'character_id' => $balanceRequest->character_id]);
        Audit::Create(['category' => 'Balance Review Accepted', 'user_id' => $user->id, 'log_note' => 'Balance review accepted for character ' . $character->name, 'ip_address' => $_SERVER['REMOTE_ADDR']]);
    }
    return $this->view->render($response, 'admin-balance-request-review.php', ['balance_request' => $balanceRequest]);
<?php

use GalacticBank\Models\Token;
use GalacticBank\Models\User;
use GalacticBank\Models\BalanceRequest;
use GalacticBank\Classes\AuthMiddleware;
use GalacticBank\Classes\AuthAdminMiddleware;
$app->get('/admin/balance-requests', function ($request, $response, $args) {
    $token = Token::where('token', $_SESSION['login_token'])->first();
    $user = User::where('id', $token->user_id)->first();
    if ($user->permission_level != 'Administrator') {
        header('Location: /');
        exit;
    }
    // Pull out all balance requests.
    $pendingRequests = BalanceRequest::where('status', 'Pending')->join('Character', 'Character.id', '=', 'BalanceRequest.character_id')->select('Character.name', 'BalanceRequest.*')->orderBy('BalanceRequest.created_at', 'desc')->get();
    $completedRequests = BalanceRequest::where('completed', 'Yes')->join('Character', 'Character.id', '=', 'BalanceRequest.character_id')->select('Character.name', 'BalanceRequest.*')->orderBy('BalanceRequest.created_at', 'desc')->get();
    $this->view->render($response, 'admin-balance-requests.php', ['pending_requests' => $pendingRequests, 'completed_requests' => $completedRequests]);
})->add(new AuthMiddleware())->add(new AuthAdminMiddleware());
    $name = $args['name'];
    if (empty($name)) {
        header('Location: /character');
        exit;
    }
    $name = str_replace('-', ' ', $name);
    $name = urldecode($name);
    $character = Character::where('name', $name)->first();
    $value = isset($_POST['balance_request']) ? $_POST['balance_request'] : '';
    $reasoning = isset($_POST['reason']) ? $_POST['reason'] : '';
    if (!is_numeric($value) || empty($value)) {
        $error['value'] = 'Value needs to be numeric.';
    }
    if (empty($reasoning)) {
        $error['reasoning'] = 'You need to specify a reason for the requested amount.';
    }
    if (!empty($error)) {
        return $this->view->render($response, 'balance-apply.php', ['error' => $error, 'character' => $character]);
    }
    // TODO: Fix this logic so rejected applications can pass through.
    $balanceRequest = BalanceRequest::where('character_id', $character->id)->orderBy('created_at', 'desc')->first();
    if (!$balanceRequest || $balanceRequest->status == 'Rejected') {
        $balanceRequest = BalanceRequest::create(['character_id' => $character->id, 'amount' => $value, 'reason' => $reasoning, 'status' => 'Pending', 'complete' => 'No']);
    }
    if ($balanceRequest) {
        header('Location: /character/' . $args['name']);
        exit;
    }
    $error['balance_creation'] = 'There was a problem with your requests, if the problem persists please contact the Administrator.';
    return $this->view->render($response, 'balance-apply.php', ['error' => $error, 'character' => $character]);
})->add(new AuthMiddleware());
<?php

use GalacticBank\Classes\AuthMiddleware;
use GalacticBank\Models\Token;
use GalacticBank\Models\Character;
use GalacticBank\Models\BalanceRequest;
use GalacticBank\Models\User;
$app->get('/balance/view-application/{name}', function ($request, $response, $args) {
    $token = Token::where('token', $_SESSION['login_token'])->first();
    $user = User::where('id', $token->user_id)->first();
    $name = $args['name'];
    if (empty($name)) {
        header('Location: /character');
        exit;
    }
    $name = str_replace('-', ' ', $name);
    $name = urldecode($name);
    $character = Character::where('name', $name)->first();
    if ($character->user_id !== $user->id) {
        header('Location: /character');
        exit;
    }
    $balanceRequest = BalanceRequest::where('character_id', $character->id)->orderBy('created_at', 'asc')->first();
    $this->view->render($response, 'balance-pending-view.php', ['character' => $character, 'balance_request' => $balanceRequest]);
})->add(new AuthMiddleware());