<?php define('BANK_APP', TRUE); if ($_SERVER["HTTPS"] != "on") { header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]); exit; } require_once "../app/user.php"; require_once "../app/transaction.php"; startSession(true); getDBCredentials(getAuthUser()->usertype); clearCSRFToken(); //generatePDF(8); $showDownload = ""; // if the logged in user is not an employee if (getAuthUser()->usertype === 'C') { $accountId = getAccountByUserId(getAuthUser()->userid)->ID; $transactions = getTransactionsByAccountId($accountId); $showDownload = "?download=1"; } else { //4.8.1 if (isset($_GET['id']) && is_numeric((int) $_GET['id']) && (int) $_GET['id'] > 0) { $accountId = getAccountByUserId((int) $_GET['id'])->ID; $transactions = getTransactionsByAccountId($accountId); $showDownload = "?id=" . $_GET['id'] . "&download=1"; } else { $transactions = getTransactions(); } } if (isset($_GET['download'])) { $download = $_GET['download'];
function approveRegistration($id, $approver, $decision, $balance) { privilegedUserAction(); $return = returnValue(); getDBCredentials(getAuthUser()->usertype); if ($decision && (!is_numeric($balance) || $balance < 1)) { $return->value = false; $return->msg = "Balance should be a positive number."; return $return; } //Ensure that users are approved only once 4.6.3 $user = getSingleUser($id); if ($user->APPROVED_BY != NULL) { $return->value = false; $return->msg = "Invalid action"; return $return; } $update = updateUserRegistration($id, $approver, $decision); if (!$update) { $return->value = false; $return->msg = "DB update operation failed"; return $return; } if (!$decision) { $return->value = true; $return->msg = "User registration denied successfully"; return $return; } // create user's account number $accountNumber = generateAccountNumber($id, $balance); if (!$accountNumber) { $return->value = false; $return->msg = "Error updating user account number"; return $return; } // send email to user with 100 tans $tans = createTans($id); if (!$tans->value) { $return->value = false; $return->msg = $tans->msg; return $return; } $return->value = true; $return->msg = "User approval successful"; return $return; }