<?php use GalacticBank\Classes\AuthMiddleware; use GalacticBank\Models\User; use GalacticBank\Models\Token; use GalacticBank\Models\Character; use GalacticBank\Models\BalanceRequest; $app->get('/character', function ($request, $response, $args) { $token = Token::where('token', $_SESSION['login_token'])->first(); $user = User::where('id', $token->user_id)->first(); $characters = Character::where('user_id', $user->id)->get(); return $this->view->render($response, 'character.php', ['characters' => $characters]); })->add(new AuthMiddleware());
return $this->view->render($response, 'admin-balance-request-review.php', ['error' => 'Invalid Balance ID, please ensure you have the correct URL.']); } return $this->view->render($response, 'admin-balance-request-review.php', ['balance_request' => $balanceRequest]); })->add(new AuthMiddleware())->add(new AuthAdminMiddleware()); /* * POST Route. */ $app->post('/admin/balance-request/{id}', function ($request, $response, $args) { $token = Token::where('token', $_SESSION['login_token'])->first(); $user = User::where('id', $token->user_id)->first(); $requestID = $args['id']; if (!is_numeric($requestID) || !$requestID > 0) { return $this->view->render($response, 'admin-balance-request-review.php', ['error' => 'Unknown Request ID, ensure you have the correct URL.']); } $balanceRequest = BalanceRequest::where('BalanceRequest.id', $requestID)->join('Character', 'Character.id', '=', 'BalanceRequest.character_id')->select('BalanceRequest.*', 'Character.name')->first(); if (!$balanceRequest) { return $this->view->render($response, 'admin-balance-request-review.php', ['error' => 'Invalid Balance ID, please ensure you have the correct URL.']); } $accepted = $_POST['accepted'] == 'accepted' ? 'Accepted' : 'Rejected'; $reasoning = $_POST['decision_reasoning']; if (empty($reasoning)) { return $this->view->render($response, 'admin-balance-request-review.php', ['error' => 'Reasoning cannot be blank when submitting a review.']); } $character = Character::where('user_id', $balanceRequest->character_id)->first(); $balanceRequest->update(['status' => $accepted, 'decision_reasoning' => $reasoning, 'completed' => 'Yes']); if ($balanceRequest->status === 'Accepted') { $balance = Balance::Create(['amount' => $balanceRequest->amount, 'character_id' => $balanceRequest->character_id]); Audit::Create(['category' => 'Balance Review Accepted', 'user_id' => $user->id, 'log_note' => 'Balance review accepted for character ' . $character->name, 'ip_address' => $_SERVER['REMOTE_ADDR']]); } return $this->view->render($response, 'admin-balance-request-review.php', ['balance_request' => $balanceRequest]); })->add(new AuthMiddleware())->add(new AuthAdminMiddleware());
<?php use GalacticBank\Models\User; use GalacticBank\Models\Token; use GalacticBank\Models\Character; use GalacticBank\Classes\AuthMiddleware; /** * GET Request */ $app->get('/character/create', function ($request, $response, $args) { $token = Token::where('token', $_SESSION['login_token'])->first(); $user = User::where('id', $token->user_id)->first(); return $this->view->render($response, 'create.php', []); })->add(new AuthMiddleware()); /* * POST Request */ $app->post('/character/create', function ($request, $response, $args) { $name = isset($_POST['name']) ? $_POST['name'] : ''; //TODO: Validation on name, no special chars, Unique, etc. $faction = isset($_POST['faction']) ? $_POST['faction'] : ''; $allowedFactions = ['Jedi', 'Sith', 'Other']; if (!in_array($faction, $allowedFactions)) { return $this->view->render($response, 'create.php', ['error' => 'Invalid Faction selected.']); } $token = Token::where('token', $_SESSION['login_token'])->first(); $user = User::where('id', $token->user_id)->first(); $character = Character::create(['name' => $name, 'faction' => $faction, 'user_id' => $user->id]); return $this->view->render($response, 'create.php', ['success' => 'Character successfully created.']); })->add(new AuthMiddleware());
} })->add(new AuthMiddleware()); /* * POST Route. */ $app->post('/balance/apply/{name}', function ($request, $response, $args) { $token = Token::where('token', $_SESSION['login_token'])->first(); $user = User::where('id', $token->user_id)->first(); $name = $args['name']; if (empty($name)) { header('Location: /character'); exit; } $name = str_replace('-', ' ', $name); $name = urldecode($name); $character = Character::where('name', $name)->first(); $value = isset($_POST['balance_request']) ? $_POST['balance_request'] : ''; $reasoning = isset($_POST['reason']) ? $_POST['reason'] : ''; if (!is_numeric($value) || empty($value)) { $error['value'] = 'Value needs to be numeric.'; } if (empty($reasoning)) { $error['reasoning'] = 'You need to specify a reason for the requested amount.'; } if (!empty($error)) { return $this->view->render($response, 'balance-apply.php', ['error' => $error, 'character' => $character]); } // TODO: Fix this logic so rejected applications can pass through. $balanceRequest = BalanceRequest::where('character_id', $character->id)->orderBy('created_at', 'desc')->first(); if (!$balanceRequest || $balanceRequest->status == 'Rejected') { $balanceRequest = BalanceRequest::create(['character_id' => $character->id, 'amount' => $value, 'reason' => $reasoning, 'status' => 'Pending', 'complete' => 'No']);
if ($character->balance < $amount) { $error['amountError'][] = 'You do not have enough funds to transfer that amount.'; } } } $senderCharacter = Character::where('id', $sender)->first(); if (!$senderCharacter) { $invalidSender = true; } if ($invalidSender) { $error['senderError'][] = 'Invalid Character selected to transfer funds from.'; } if ($senderCharacter->name == $recipient) { $error['recipientError'][] = 'You cannot transfer funds to yourself.'; } $recipientCharacter = Character::where('name', $recipient)->first(); if (!$recipientCharacter) { $error['recipientError'][] = 'Recipient character does not exist.'; } $senderBalance = Balance::where('character_id', $senderCharacter->id)->first(); $recipientBalance = Balance::where('character_id', $recipientCharacter->id)->first(); if (!$senderBalance) { $error['senderError'][] = 'No balance found for sender, ensure one exists.'; } if (!$recipientBalance) { $error['recipientError'][] = 'Recipient does not have a balance, they must have a balance before receiving a transaction.'; } if (!empty($error)) { return $this->view->render($response, 'transaction-create.php', ['senderError' => $error['senderError'], 'recipientError' => $error['recipientError'], 'amountError' => $error['amountError'], 'characters' => $characters]); }
<?php use GalacticBank\Classes\AuthMiddleware; use GalacticBank\Models\Token; use GalacticBank\Models\User; use GalacticBank\Models\Character; use GalacticBank\Models\Transaction; use GalacticBank\Models\Balance; $app->get('/transaction/list/{id}', function ($request, $response, $args) { $token = Token::where('token', $_SESSION['login_token'])->first(); $user = User::where('id', $token->user_id)->first(); $character_id = $args['id']; $character = Character::where('id', $character_id)->first(); $sentTransactions = Transaction::where('sender_character_id', $character->id)->join('Character', 'Character.id', '=', 'Transaction.sender_character_id')->join('Character AS recipientCharacter', 'recipientCharacter.id', '=', 'Transaction.recipient_character_id')->select('Character.name AS senderName', 'recipientCharacter.name AS recipientName', 'Transaction.*')->get(); $receivedTransactions = Transaction::where('recipient_character_id', $character->id)->join('Character', 'Character.id', '=', 'Transaction.sender_character_id')->join('Character AS recipientCharacter', 'recipientCharacter.id', '=', 'Transaction.recipient_character_id')->select('Character.name AS senderName', 'recipientCharacter.name AS recipientName', 'Transaction.*')->get(); $balance = Balance::where('character_id', $character->id)->first(); return $this->view->render($response, 'transactions-previous.php', ['character' => $character, 'sent_transactions' => $sentTransactions, 'received_transactions' => $receivedTransactions, 'balance' => $balance]); })->add(new AuthMiddleware());