private function get_total_amount_of($type, $date)
{
$mysqli = Connector::get_connection();
$query_result = $mysqli->query("SELECT sum(amount) FROM {$type}s WHERE date = '{$date}' AND user_id = {$_SESSION['id_user']}");
$result = $query_result->fetch_assoc();
return format_amount($result['sum(amount)']);
$mysqli->close();
}
public function get_data()
{
$mysqli = Connector::get_connection();
$res = $mysqli->query("SELECT * FROM spending_categories");
$spend_categories = array();
while ($row = $res->fetch_assoc()) {
$spend_categories[] = $row["name"];
}
$res = $mysqli->query("SELECT * FROM earning_categories");
$profit_categories = array();
while ($row = $res->fetch_assoc()) {
$profit_categories[] = $row["name"];
}
return array($spend_categories, $profit_categories);
}
public function set_data()
{
$mysqli = Connector::get_connection();
session_start();
$category = trim($_POST["category"]);
$cost = $_POST["amount"];
$category_type = $_POST["category_type"];
// Checking where year and month is numbers
if (is_numeric(trim($_POST['year'])) && is_numeric(trim($_POST['month']))) {
$date = trim($_POST['year']) . '-' . trim($_POST['month']) . '-00';
// Checking of category
if ($this->type_valid($category_type)) {
$statement = $mysqli->prepare("SELECT id FROM {$category_type}_categories WHERE name = ?");
$statement->bind_param("s", $category);
$statement->execute();
$statement->bind_result($category_id);
$statement->fetch();
// If received category cant be finded in database then null will be returned.
// Here returned value checked for null.
if (!empty($category_id)) {
if (is_numeric($cost)) {
$cost = floatval($cost);
$category_id = intval($category_id);
$mysqli = Connector::get_connection();
$statement = $mysqli->prepare("INSERT INTO {$category_type}s (category, amount, date, user_id) VALUES (?,?,?,?)");
$statement->bind_param("idsi", $category_id, $cost, $date, $_SESSION['id_user']);
$statement->execute();
} else {
echo "Error occured! 'Cost' value must be number, cost = " . $cost . "<br>";
}
} else {
echo "Error occured! Cant find category '" . $category . "'<br>";
}
} else {
echo "Error occured! Incorrect date: '" . $date . "'<br>";
}
}
$mysqli->close();
}
function restore_password()
{
$data = array();
$login = $_POST['login'];
$email = $_POST['email'];
$mysqli = Connector::get_connection();
$statement = $mysqli->prepare("SELECT id_user, mail_user FROM users WHERE login_user = ?");
$statement->bind_param('s', $login);
$statement->bind_result($selected_id, $selected_email);
$statement->execute();
$statement->fetch();
$data['trace'] = $selected_email;
if ($email == $selected_email) {
$new_password = $this->generateCode(8);
$message = "You request password recovery on the web-cite 'Finance account' for account {$login}\n\n Your new password is {$new_password}\n";
$headers = 'From: andriykonoz@gmail.com' . "\r\n" . 'Reply-To: andriykonoz@gmail.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion();
if (mail($email, "Password recovery", $message, $headers)) {
$mysqli = Connector::get_connection();
$statement = $mysqli->prepare("UPDATE users SET passwd_user=? WHERE id_user=?");
$statement->bind_param('ss', $new_password, $selected_id);
$statement->execute();
} else {
$data['errors'] = 'Cant send email. Please, contact administrator';
}
} else {
$data['errors'] = 'Incorrect email!';
}
return $data;
}
function get_graphics_json_data()
{
$mysqli = Connector::get_connection();
return json_encode(array('earnings' => $this->fetch_data('earning', $mysqli), 'spendings' => $this->fetch_data('spending', $mysqli), 'global' => $this->fetch_global_data($mysqli)));
}