if (!$balanceRequest) {
return $this->view->render($response, 'admin-balance-request-review.php', ['error' => 'Invalid Balance ID, please ensure you have the correct URL.']);
}
return $this->view->render($response, 'admin-balance-request-review.php', ['balance_request' => $balanceRequest]);
})->add(new AuthMiddleware())->add(new AuthAdminMiddleware());
/*
* POST Route.
*/
$app->post('/admin/balance-request/{id}', function ($request, $response, $args) {
$token = Token::where('token', $_SESSION['login_token'])->first();
$user = User::where('id', $token->user_id)->first();
$requestID = $args['id'];
if (!is_numeric($requestID) || !$requestID > 0) {
return $this->view->render($response, 'admin-balance-request-review.php', ['error' => 'Unknown Request ID, ensure you have the correct URL.']);
}
$balanceRequest = BalanceRequest::where('BalanceRequest.id', $requestID)->join('Character', 'Character.id', '=', 'BalanceRequest.character_id')->select('BalanceRequest.*', 'Character.name')->first();
if (!$balanceRequest) {
return $this->view->render($response, 'admin-balance-request-review.php', ['error' => 'Invalid Balance ID, please ensure you have the correct URL.']);
}
$accepted = $_POST['accepted'] == 'accepted' ? 'Accepted' : 'Rejected';
$reasoning = $_POST['decision_reasoning'];
if (empty($reasoning)) {
return $this->view->render($response, 'admin-balance-request-review.php', ['error' => 'Reasoning cannot be blank when submitting a review.']);
}
$character = Character::where('user_id', $balanceRequest->character_id)->first();
$balanceRequest->update(['status' => $accepted, 'decision_reasoning' => $reasoning, 'completed' => 'Yes']);
if ($balanceRequest->status === 'Accepted') {
$balance = Balance::Create(['amount' => $balanceRequest->amount, 'character_id' => $balanceRequest->character_id]);
Audit::Create(['category' => 'Balance Review Accepted', 'user_id' => $user->id, 'log_note' => 'Balance review accepted for character ' . $character->name, 'ip_address' => $_SERVER['REMOTE_ADDR']]);
}
return $this->view->render($response, 'admin-balance-request-review.php', ['balance_request' => $balanceRequest]);
<?php
use GalacticBank\Models\Token;
use GalacticBank\Models\User;
use GalacticBank\Models\BalanceRequest;
use GalacticBank\Classes\AuthMiddleware;
use GalacticBank\Classes\AuthAdminMiddleware;
$app->get('/admin/balance-requests', function ($request, $response, $args) {
$token = Token::where('token', $_SESSION['login_token'])->first();
$user = User::where('id', $token->user_id)->first();
if ($user->permission_level != 'Administrator') {
header('Location: /');
exit;
}
// Pull out all balance requests.
$pendingRequests = BalanceRequest::where('status', 'Pending')->join('Character', 'Character.id', '=', 'BalanceRequest.character_id')->select('Character.name', 'BalanceRequest.*')->orderBy('BalanceRequest.created_at', 'desc')->get();
$completedRequests = BalanceRequest::where('completed', 'Yes')->join('Character', 'Character.id', '=', 'BalanceRequest.character_id')->select('Character.name', 'BalanceRequest.*')->orderBy('BalanceRequest.created_at', 'desc')->get();
$this->view->render($response, 'admin-balance-requests.php', ['pending_requests' => $pendingRequests, 'completed_requests' => $completedRequests]);
})->add(new AuthMiddleware())->add(new AuthAdminMiddleware());
$name = $args['name'];
if (empty($name)) {
header('Location: /character');
exit;
}
$name = str_replace('-', ' ', $name);
$name = urldecode($name);
$character = Character::where('name', $name)->first();
$value = isset($_POST['balance_request']) ? $_POST['balance_request'] : '';
$reasoning = isset($_POST['reason']) ? $_POST['reason'] : '';
if (!is_numeric($value) || empty($value)) {
$error['value'] = 'Value needs to be numeric.';
}
if (empty($reasoning)) {
$error['reasoning'] = 'You need to specify a reason for the requested amount.';
}
if (!empty($error)) {
return $this->view->render($response, 'balance-apply.php', ['error' => $error, 'character' => $character]);
}
// TODO: Fix this logic so rejected applications can pass through.
$balanceRequest = BalanceRequest::where('character_id', $character->id)->orderBy('created_at', 'desc')->first();
if (!$balanceRequest || $balanceRequest->status == 'Rejected') {
$balanceRequest = BalanceRequest::create(['character_id' => $character->id, 'amount' => $value, 'reason' => $reasoning, 'status' => 'Pending', 'complete' => 'No']);
}
if ($balanceRequest) {
header('Location: /character/' . $args['name']);
exit;
}
$error['balance_creation'] = 'There was a problem with your requests, if the problem persists please contact the Administrator.';
return $this->view->render($response, 'balance-apply.php', ['error' => $error, 'character' => $character]);
})->add(new AuthMiddleware());
<?php
use GalacticBank\Classes\AuthMiddleware;
use GalacticBank\Models\Token;
use GalacticBank\Models\Character;
use GalacticBank\Models\BalanceRequest;
use GalacticBank\Models\User;
$app->get('/balance/view-application/{name}', function ($request, $response, $args) {
$token = Token::where('token', $_SESSION['login_token'])->first();
$user = User::where('id', $token->user_id)->first();
$name = $args['name'];
if (empty($name)) {
header('Location: /character');
exit;
}
$name = str_replace('-', ' ', $name);
$name = urldecode($name);
$character = Character::where('name', $name)->first();
if ($character->user_id !== $user->id) {
header('Location: /character');
exit;
}
$balanceRequest = BalanceRequest::where('character_id', $character->id)->orderBy('created_at', 'asc')->first();
$this->view->render($response, 'balance-pending-view.php', ['character' => $character, 'balance_request' => $balanceRequest]);
})->add(new AuthMiddleware());