function issue($commodity, $amount) { if (!is_numeric($amount) || $amount <= 0) { // Not a suitable number. error('field/invalid', 'amount'); } // Make and store the address pair: $keypair = generateKeyPair(); $publicKey = storeKeyPair($keypair); // Build the API message. It requires the tag, amount and an address. $payload = '{"tag":"' . $commodity . '","amount":' . $amount . ',"address":"' . $publicKey . '"}'; // Call the issue API: $error; $result = callRoot('commodity/issue', $payload, $error); if ($error) { // Failed. return false; } // Ok! return true; }
postedTo(); // Get the payment reference - this is simply as-is as it can be anything: $reference = escape(safe('reference', true)); // The username of who is being paid. Required as this essentially gets converted into an address: $username = safe('username', VALID_NAME); // A title for the payment. E.g. 'Shirt Order': $title = safe('title', VALID_TITLE); // The from username (optional). E.g. 'starling.shirts': $from = safe('from', VALID_NAME, null, true); // The from name (optional). E.g. 'Starling Shirts': $name = safe('name', VALID_TITLE, null, true); // The item data: $itemData = safe('items', VALID_ARRAY); // Must contain at least products: safe('products', VALID_ARRAY, $itemData); // Does the account exist here? $account = $dz->get_row('select ID from `Bank.Accounts` where Username="******"'); if (!$account) { // Nope! error('account/notfound'); } // Generate a new keypair. This is where they primarily originate from. // When a transaction is seen on the public key, we'll know it completed for this reference. $keypair = generateKeyPair(); $publicKey = storeKeyPair($keypair); // Add to table of pending incomings: $dz->query('insert into `Bank.Incomings`(`Reference`,`Key`,`Account`,`Title`,`From`,`ItemInformation`,`Name`) values("' . $reference . '",unhex("' . $publicKey . '"),' . $account['ID'] . ',"' . $title . '","' . $from . '","' . escape(json_encode($itemData), true) . '","' . $name . '")'); // An address is always available and the TX will happen instantly. // Note that if this is an address cache, delay will typically be set. // The address pool may have been exhausted (in which case we return {"status":"EMPTY","refill":a_unix_timestamp} instead) echo '{"address":{"status":"OK","value":"' . $publicKey . '"},"delay":0}';
// Email address: $email = strtolower(safe('email', VALID_EMAIL)); // Has the device already got an account assigned to it? If so, another device entry is required. // This prevents one device having access to potentially thousands of accounts (i.e. badly implemented API users). if ($verifiedAccount != 0) { // Device already has an account assigned to it. error('device/assigned'); } // Username available? $row = $dz->get_row('select Username from `Root.Usernames` where `Username`="' . $user . '"'); if ($row) { // Username used. error('username/exists'); } // Generate a keypair which is used to sign for this user: $signPair = generateKeyPair(); // Get the public key as hex: $pubSignKey = bin2hex($signPair['public']); // 'Claim' the username by calling the root API: $error; $result = callRoot('username/create', '{"username":"******","public_key":"' . $pubSignKey . '"}', $error); if ($error) { // Error claiming the username. // This mainly indicates that one or more people tried to obtain it at the same time. error('username/unclaimed'); } // Hex the private key too: $privSignKey = bin2hex($signPair['private']); // Create the account now: $dz->query('insert into `Bank.Accounts`(`Username`,`FullName`,`Registered`,`Country`,`SignKey`) values ("' . $user . '","' . $fullName . '",' . time() . ',0,unhex("' . $privSignKey . '"))'); // Get the account row ID: