}
if ($invalidSender) {
$error['senderError'][] = 'Invalid Character selected to transfer funds from.';
}
if ($senderCharacter->name == $recipient) {
$error['recipientError'][] = 'You cannot transfer funds to yourself.';
}
$recipientCharacter = Character::where('name', $recipient)->first();
if (!$recipientCharacter) {
$error['recipientError'][] = 'Recipient character does not exist.';
}
$senderBalance = Balance::where('character_id', $senderCharacter->id)->first();
$recipientBalance = Balance::where('character_id', $recipientCharacter->id)->first();
if (!$senderBalance) {
$error['senderError'][] = 'No balance found for sender, ensure one exists.';
}
if (!$recipientBalance) {
$error['recipientError'][] = 'Recipient does not have a balance,
they must have a balance before receiving a transaction.';
}
if (!empty($error)) {
return $this->view->render($response, 'transaction-create.php', ['senderError' => $error['senderError'], 'recipientError' => $error['recipientError'], 'amountError' => $error['amountError'], 'characters' => $characters]);
}
$transaction = new Transaction();
$transactionCompleted = $transaction->performTransaction($amount, $senderCharacter->id, $recipientCharacter->id);
if ($transactionCompleted) {
Transaction::create(['sender_character_id' => $senderCharacter->id, 'recipient_character_id' => $recipientCharacter->id, 'amount' => $amount]);
Audit::create(['category' => 'Successful Transaction', 'log_note' => 'Transaction successfully completed for the amount of ' . $amount . ' between ' . $senderCharacter->name . ' and ' . $recipientCharacter->name, 'user_id' => $user->id, 'ip_address' => $_SERVER['REMOTE_ADDR']]);
}
return $this->view->render($response, 'transaction-create.php', ['success' => 'Credits transferred successfully.', 'characters' => $characters]);
});
/*
* GET Route
*/
$app->get('/login', function ($request, $response, $args) {
return $this->view->render($response, 'login.php', []);
});
/*
* POST Route
*/
$app->post('/login', function ($request, $response, $args) {
$username = $_POST['username'] ?: '';
$password = $_POST['password'] ?: '';
$user = User::where('username', $username)->first();
// Ensure the user exists in our records.
if (is_null($user)) {
return $this->view->render($response, 'login.php', ['error' => 'Invalid Username or password.']);
}
// Ensure the passwords match to validate the user.
if (!password_verify($password, $user->password)) {
Audit::create(['category' => 'Failed login attempt', 'log_note' => 'Invalid credentials attempted for account: ' . $username, 'user_id' => $user->id, 'ip_address' => $_SERVER['REMOTE_ADDR']]);
return $this->view->render($response, 'login.php', ['error' => 'Invalid Username or password.']);
}
// TODO: Check for any currently active token, de-activate token if exists.
// Log the user in.
$token = Token::generateToken();
Token::create(['token' => $token, 'type' => 'Login Token', 'active' => 'Yes', 'user_id' => $user->id]);
$_SESSION['login_token'] = $token;
Audit::create(['category' => 'Successful Login', 'log_note' => 'User successfully logged in for account: ' . $username, 'user_id' => $user->id, 'ip_address' => $_SERVER['REMOTE_ADDR']]);
header('Location: /');
exit;
});
