function print_user_panel($page) { echo "<h1>Welcome " . $_SESSION['name'] . "! Your last login was " . get_last_login($_SESSION['username']) . "</h1>\n <h2>Welcome to the User Panel</h2>\n Account Number: " . htmlspecialchars(get_accountNum($_SESSION['username'])) . "<br>\n Balance: " . htmlspecialchars(get_balance(get_accountNum($_SESSION['username']))) . "\n <br>\n <ul>\n <li><a href=\"/user/panel.php?page=transfer_money\">Transfer Money</a></li>\n <li><a href=\"/user/panel.php?page=transaction_history\">Transaction History</a></li>\n <li><a href=\"/user/panel.php?page=schedule_transfer\">Schedule Transfer</a></li>\n <li><a href=\"/user/panel.php?page=check_transfer_schedule\">Check Transfer Schedule</a></li>\n <li><a href=\"/user/panel.php?page=change_pin\">Change PIN</a></li>\n </ul>"; get_content($page); }
// if me, check to see if the dest account is a valid account if (!($stmt = $mysqli->prepare("SELECT accountNum FROM accounts where accountNum = ?"))) { echo "acct check Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } // bind new account num param if (!$stmt->bind_param("i", $dst_account_num)) { echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if (!$stmt->execute()) { echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } // bind the results of the query to each field // if $dst_routing_num === $my_routing_num $stmt->bind_result($dst_acct); // if the account number is invalid in the local database, die $result = $stmt->store_result(); if ($stmt->num_rows() !== 1) { echo "Unable to validate account number."; die; } // subtract the amount from the current balance, and set the new account balance $new_src_bal = get_balance(get_accountNum($_SESSION['username'])) - $amount; update_balance(get_accountNum($_SESSION['username']), $new_src_bal); // add new amount to dest balance $new_dst_bal = get_balance($dst_account_num) + $amount; update_balance($dst_account_num, $new_dst_bal); // write transaction log to the DB log_transaction("12345", get_accountNum($_SESSION['username']), $dst_routing_num, 3988282199, $amount); echo "Done processing transaction."; // if different bank, ask fed if account num is valid }