}
}
}
// If success, ask SQL server for all the information:
if (true == $access) {
$sql_query = "SELECT * FROM tbPracticeAccounts WHERE AcctID='" . $_SESSION['user']['ActivePortfolio']['ID'] . "'";
$result = mysqli_query($connection, $sql_query);
while ($row = mysqli_fetch_array($result)) {
// Load data...
$_SESSION['user']['ActivePortfolio']['Shared'] = $row['Shared'];
$_SESSION['user']['ActivePortfolio']['Balance_USD'] = $row['Balance_USD'] / $DIV_BY_AMOUNT;
$_SESSION['user']['ActivePortfolio']['Balance_BTC'] = $row['Balance_BTC'] / $DIV_BY_AMOUNT;
$_SESSION['user']['ActivePortfolio']['Settings'] = $row['Settings'];
$_SESSION['user']['ActivePortfolio']['History'] = $row['History'];
$_SESSION['user']['ActivePortfolio']['ValueIncrease'] = $row['ValueIncrease'];
$_SESSION['user']['ActivePortfolio']['Pending'] = $row['Pending'];
$_SESSION['user']['ActivePortfolio']['Value'] = $_SESSION['user']['ActivePortfolio']['Balance_USD'] + $_SESSION['user']['ActivePortfolio']['Balance_BTC'] * getCurrentBTCPrice();
foreach ($_SESSION['user']['ActivePortfolio'] as $index => $value) {
$_SESSION['user']['PracticeAcct'][$_SESSION['user']['ActivePortfolio']['ID']][$index] = $value;
}
}
} else {
$bErrMessage += "Could not access SQL - user does not have permission for this account!";
}
// TODO: Via SQL, get portfolio balance information.
// Also: Do this via AJAX!!
if ("" == $bErrMessage) {
header("Location: " . $_POST['Return_URL']);
} else {
echo "Error List:<br />\n{$bErrMessage}";
}
}
// Well, the user now has been deducted the amount, so you'd better update the portfolio too!
if ($bContinue) {
// Connect to the SQL server
$connection = mysqli_connect($LOCALHOST, $USER, $SQL_PASSWORD, $DEFAULT_DB);
// Via SQL, get the portfolio current balance in BTC.
$sql_query = "SELECT Balance_USD, Balance_BTC FROM tbPracticeAccounts WHERE AcctID='{$practiceAccountID}'";
$balanceUSD = 0;
$balanceBTC = 0;
$value = 0;
if ($result = mysqli_query($connection, $sql_query)) {
$row = mysqli_fetch_array($result);
$balanceUSD = $row['Balance_USD'] / $DIV_BY_AMOUNT;
$balanceBTC = $row['Balance_BTC'] / $DIV_BY_AMOUNT;
$balanceBTC += $btcToAdd;
$value = $balanceUSD + $balanceBTC * getCurrentBTCPrice();
// Finally, update SQL with added practice BTC.
$sql_query = "UPDATE tbPracticeAccounts SET Balance_BTC='" . $balanceBTC * $DIV_BY_AMOUNT . "', ValueIncrease='{$value}' WHERE AcctID={$practiceAccountID}";
if ($result = mysqli_query($connection, $sql_query)) {
// Update session variables...
$_SESSION['user']['PracticeAcct'][$practiceAccountID]['Balance_BTC'] = $balanceBTC;
$_SESSION['user']['PracticeAcct'][$practiceAccountID]['ValueIncrease'] = $value;
$_SESSION['user']['PracticeAcct'][$practiceAccountID]['Value'] = $value;
} else {
$bContinue = false;
$errMessage .= "Error updating practice account {$practiceAccountID} to new balance {$balanceBTC} and value {$value}<br />\n";
$errMessage .= "Faulty query: {$sql_query}<br />\n";
$errMessage .= mysqli_error($connection) . "<br />\n";
}
} else {
$bContinue = false;
include $_SERVER['DOCUMENT_ROOT'] . "/HEADER.php";
?>
</div>
<div id="nav">
<?php
include $_SERVER['DOCUMENT_ROOT'] . "/NAVBAR.php";
?>
</div>
<div id="main">
<h2>BitWizard.com - Your Personal Bitcoin Investment Wizard</h2>
<h3>Running as <?php
echo `whoami`;
?>
</h3><br />
<h3>Current Bitcoin Price: <?php
echo getCurrentBTCPrice();
?>
</h3><br />
<p>Image of Site in Use HERE</p>
<p>The BitWizard is here to help you with all of your bitcoin investing needs,
including:</p>
<ol>
<li>Bitcoin Price Charts and Analysis Tools</li>
<li>Investment Strategy Descriptions</li>
<li>Practice Investing Environment</li>
<li>Investment Strategy Wizard (tools, calculators, suggestions, etc.)</li>
</ol>
</div>
<div id="sidebar">
<?php
include $_SERVER['DOCUMENT_ROOT'] . "/SIDEBAR.php";
$_SESSION['user']['ActivePortfolio']['Pending'] = $updatedPendingTrades;
$_SESSION['user']['PracticeAcct'][$_SESSION['user']['ActivePortfolio']['ID']]['Pending'] = $updatedPendingTrades;
} else {
$errMessage .= "SQL Connection Error in Updating Account<br />\n";
$bContinue = false;
}
} else {
$errMessage .= "SQL Connection Error in Selecting Account<br />\n";
$bContinue = false;
}
}
} else {
if ("redeem" == $_POST['action']) {
$key = escape_string($_POST['portfolioID']);
// Compare current USD value to old value:
$_SESSION['user']['PracticeAcct'][$key]['Value'] = $_SESSION['user']['PracticeAcct'][$key]['Balance_USD'] + $_SESSION['user']['PracticeAcct'][$key]['Balance_BTC'] * getCurrentBTCPrice();
$currentValue = $_SESSION['user']['PracticeAcct'][$key]['Value'];
$oldValue = $_SESSION['user']['PracticeAcct'][$key]['ValueIncrease'];
$percentDelta = ($currentValue - $oldValue) / $oldValue * 100;
echo "Active Portfolio Data:<br />\n";
foreach ($_SESSION['user']['PracticeAcct'][$key] as $tkey => $data) {
echo "{$tkey}: {$data}<br />\n";
}
echo "Data so far gathered:<br />\nOld Value: {$oldValue}<br />\nCurrent Value: {$currentValue}<br />\nPercent Delta: {$percentDelta}%<br />\n";
// Now, what to do? If the percentage is zero or negative, set to zero and exit.
if (0 >= $percentDelta) {
$btcGive = 0;
} else {
$btcGive = 0;
// If the account is shared, they get more benefits.
if ("y" == $_SESSION['user']['PracticeAcct'][$key]['Shared']) {
// 3) Sanatize input and update SQL (remove balance, create portfolio, link to account)
if (!is_numeric($_SESSION['user']['Balance_NT']) || !is_numeric($_SESSION['user']['Balance'])) {
$errMessage .= "Somehow you broke it?\n";
} else {
$connection = mysqli_connect($LOCALHOST, $USER, $SQL_PASSWORD, $DEFAULT_DB);
if (mysqli_connect_errno()) {
$errMessage .= "SQL Connection Error: " . mysqli_connect_error();
} else {
$sql_query = "INSERT INTO tbPracticeAccounts (Shared, Balance_USD, Balance_BTC, ValueIncrease) ";
$sql_query .= "VALUES (";
if (isset($_GET['shared'])) {
$sql_query .= "'y'";
} else {
$sql_query .= "'n'";
}
$sql_query .= ", 0, " . round(($_GET['pBTC'] + $PRACTICE_INCLUDED_BTC) * $DIV_BY_AMOUNT, 2) . ", " . round(($_GET['pBTC'] + $PRACTICE_INCLUDED_BTC) * getCurrentBTCPrice(), 4) . ")";
if (!mysqli_query($connection, $sql_query)) {
$errMessage .= "Record Creation Fail: {$sql_query} failed because: " . mysqli_error($connection) . "\n";
}
$newID = mysqli_insert_id($connection);
if (0 == $newID) {
$errMessage .= "Record still somehow doesn't exist - if you see this message, PANIC.\n";
} else {
$sql_query = "UPDATE tbPracticeAccounts SET AcctID='{$newID}' WHERE PID='{$newID}'";
if (!mysqli_query($connection, $sql_query)) {
$errMessage .= "Record Update Fail: " . mysqli_error($connection) . "\n";
}
$userPracticeAcctIdList = "";
foreach ($_SESSION['user']['PracticeAcctIdList'] as $practiceAcctId) {
$userPracticeAcctIdList .= $practiceAcctId . ",";
}
