function addTransaction($userId, $amount, $project_title, $project_id, $authorId) { global $db_con; $balance = getBalance($userId); $balance = intval($balance) - intval($amount); $amountToSave = 0 - $amount; $description = 'payment for ' . $project_title; $insertPayment = "INSERT INTO `payments` SET\n `transaction_id` = 'inner-transaction',\n `type` = 'payment',\n `description` = '" . $description . "',\n\t\t\t `amount` = " . $amountToSave . ",\n\t\t\t `user_id` = " . $userId . ",\n\t\t\t `balance` = " . $balance . ",\n\t\t\t `project_id` = " . $project_id . ",\n\t\t\t `created_by` = " . $userId; $db_con->query($insertPayment); updateBalance($userId, $balance); $balance = getBalance($authorId); $balance = intval($balance) + intval($amount); $amountToSave = $amount; $description = 'royalty for ' . $project_title; $insertRoyalty = "INSERT INTO `payments` SET\n `transaction_id` = 'inner-transaction',\n `type` = 'royalty',\n `description` = '" . $description . "',\n\t\t\t `amount` = " . $amountToSave . ",\n\t\t\t `user_id` = " . $authorId . ",\n\t\t\t `balance` = " . $balance . ",\n\t\t\t `project_id` = " . $project_id . ",\n\t\t\t `created_by` = " . $userId; $db_con->query($insertRoyalty); updateBalance($authorId, $balance); }
function displayCart() { global $host, $user, $pw, $db; $mysqli = new mysqli($host, $user, $pw, $db); if ($mysqli->connect_errno) { echo 'Failed to connect to MySQLi: (' . $mysqli->connect_errno . ') ' . $mysqli->connect_error; } $cartname = $_SESSION['username']; $finder = $mysqli->prepare("SELECT * FROM carts WHERE user=?"); if (!$finder) { echo 'Prepare failed'; } $finder->bind_param('s', $cartname); $finder->execute(); $getsoaps = $finder->get_result(); while ($soaps = $getsoaps->fetch_assoc()) { $numOrange = $soaps['orange']; $numSwirl = $soaps['swirl']; $numAnt = $soaps['antique']; $numCh = $soaps['church']; $numButt = $soaps['butterfly']; } $sumOrange = $numOrange * 4.99; $sumSwirl = $numSwirl * 4.99; $sumAnt = $numAnt * 5.99; $sumCh = $numCh * 5.99; $sumButt = $numButt * 4.99; $soapTotal = $sumOrange + $sumSwirl + $sumAnt + $sumCh + $sumButt; // don't echo out a soap if the user hasn't purchased one if ($sumOrange != 0) { echo '<tr><td>Orange Cream</td>'; echo '<td><center>' . $numOrange . '</center></td>'; echo '<td>$4.99</td>'; // delete button $rowId = 'orange'; echo '<td><form action="delete.php" method="POST">'; echo '<input type="hidden" name="id" value="' . $rowId . '">'; echo '<center><input type="submit" value="Remove"></center></form>'; } if ($sumSwirl != 0) { echo '<tr><td>Swirl</td>'; echo '<td><center>' . $numSwirl . '</center></td>'; echo '<td>$4.99</td>'; $rowId = 'swirl'; echo '<td><form action="delete.php" method="POST">'; echo '<input type="hidden" name="id" value="' . $rowId . '">'; echo '<center><input type="submit" value="Remove"></center></form>'; } if ($sumAnt != 0) { echo '<tr><td>Antique</td>'; echo '<td><center>' . $numAnt . '</center></td>'; echo '<td>$5.99</td>'; $rowId = 'antique'; echo '<td><form action="delete.php" method="POST">'; echo '<input type="hidden" name="id" value="' . $rowId . '">'; echo '<center><input type="submit" value="Remove"></center></form>'; } if ($sumCh != 0) { echo '<tr><td>Red Church</td>'; echo '<td><center>' . $numCh . '</center></td>'; echo '<td>$5.99</td>'; $rowId = 'church'; echo '<td><form action="delete.php" method="POST">'; echo '<input type="hidden" name="id" value="' . $rowId . '">'; echo '<center><input type="submit" value="Remove"></center></form>'; } if ($sumButt != 0) { echo '<tr><td>Butterfly</td>'; echo '<td><center>' . $numButt . '</center></td>'; echo '<td>$4.99</td>'; $rowId = 'butterfly'; echo '<td><form action="delete.php" method="POST">'; echo '<input type="hidden" name="id" value="' . $rowId . '">'; echo '<center><input type="submit" value="Remove"></center></form>'; } echo '<tr><td></td><td><b>Total: </b></td><td><span id="total">$' . $soapTotal . '</span></td>'; // don't forget to update the user's balance in the user database updateBalance($soapTotal); }
function approveTransaction($id, $approver, $decision) { //Provisioning 4.4.3 privilegedUserAction(); $return = returnValue(); $transaction = selectTransaction($id); if (!$transaction) { $return->value = false; $return->msg = "Invalid transaction id"; return $return; } //Ensure that only pending transactions are updated 4.6.3 if ($transaction->STATUS != 'P') { $return->value = false; $return->msg = "Invalid action"; return $return; } $user = selectUser($approver); if (!$user || $user->USER_TYPE !== "E") { $return->value = false; $return->msg = "Invalid approver"; return $return; } $senderAccount = selectAccountById($transaction->SENDER_ACCOUNT); if ($senderAccount->BALANCE < $transaction->AMOUNT) { $return->value = false; $return->msg = "Insufficient funds"; return $return; } $approve = updateTransactionApproval($id, $approver, $decision); if (!$approve) { $return->value = false; $return->msg = "Transaction update failed"; return $return; } if ($decision === 'D') { $return->value = true; $return->msg = "Transaction successfully denied"; return $return; } $balance = updateBalance($transaction->SENDER_ACCOUNT, $transaction->RECIPIENT_ACCOUNT, $transaction->AMOUNT); if (!$balance) { $return->value = false; $return->msg = "Error updating balance"; return $return; } $return->value = true; $return->msg = "Transaction successfully approved"; return $return; }