-
Notifications
You must be signed in to change notification settings - Fork 0
/
addiou.php
33 lines (30 loc) · 1.22 KB
/
addiou.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
<?php
session_start();
require_once("./backend/mysqli.php");
$friendname = strip_tags($_POST['friendname']);
$friendid = strip_tags($_POST['friendid']);
$username = strip_tags($_SESSION['username']);
$userid = intval($_SESSION['userid']);
$value = strip_tags($_POST['message']);
/* addiou add's a debt FROM the User, TO the Friend (User owes Friend)
* adddebt add's a debt TO the User, FROM the Friend (Friend owes User)
*/
try {
$db = new dbWrapper();
if ($friendid==0 || $friendid=="0") {
$possibleuser = $db->q("SELECT IF(`from`=?,`from_id`,IF(`to`=?,`to_id`,?)) AS possibleid FROM debts WHERE `from`=? OR `to`=? LIMIT 1","sssss",$friendname,$friendname,$friendname,$friendname,$friendname);
if (sizeof($possibleuser)>0) {
$friendid = $possibleuser[0]['possibleid'];
} else {
$friendid = $username;
}
}
$value_type = (is_numeric($value)) ? "value_money" : "value_item";
$bindstr = (is_numeric($value)) ? "dssss" : "sssss";
$db->q("INSERT INTO debts SET `$value_type`=?,`from_id`=?,`from`=?,`to_id`=?,`to`=?",$bindstr,$value,$userid,$username,$friendid,$friendname);
echo $db->handle()->insert_id;
} catch (Exception $e) {
echo "Sorry, there was an error.".$e->getMessage();
exit();
}
?>