} if ($invalidSender) { $error['senderError'][] = 'Invalid Character selected to transfer funds from.'; } if ($senderCharacter->name == $recipient) { $error['recipientError'][] = 'You cannot transfer funds to yourself.'; } $recipientCharacter = Character::where('name', $recipient)->first(); if (!$recipientCharacter) { $error['recipientError'][] = 'Recipient character does not exist.'; } $senderBalance = Balance::where('character_id', $senderCharacter->id)->first(); $recipientBalance = Balance::where('character_id', $recipientCharacter->id)->first(); if (!$senderBalance) { $error['senderError'][] = 'No balance found for sender, ensure one exists.'; } if (!$recipientBalance) { $error['recipientError'][] = 'Recipient does not have a balance, they must have a balance before receiving a transaction.'; } if (!empty($error)) { return $this->view->render($response, 'transaction-create.php', ['senderError' => $error['senderError'], 'recipientError' => $error['recipientError'], 'amountError' => $error['amountError'], 'characters' => $characters]); } $transaction = new Transaction(); $transactionCompleted = $transaction->performTransaction($amount, $senderCharacter->id, $recipientCharacter->id); if ($transactionCompleted) { Transaction::create(['sender_character_id' => $senderCharacter->id, 'recipient_character_id' => $recipientCharacter->id, 'amount' => $amount]); Audit::create(['category' => 'Successful Transaction', 'log_note' => 'Transaction successfully completed for the amount of ' . $amount . ' between ' . $senderCharacter->name . ' and ' . $recipientCharacter->name, 'user_id' => $user->id, 'ip_address' => $_SERVER['REMOTE_ADDR']]); } return $this->view->render($response, 'transaction-create.php', ['success' => 'Credits transferred successfully.', 'characters' => $characters]); });
/* * GET Route */ $app->get('/login', function ($request, $response, $args) { return $this->view->render($response, 'login.php', []); }); /* * POST Route */ $app->post('/login', function ($request, $response, $args) { $username = $_POST['username'] ?: ''; $password = $_POST['password'] ?: ''; $user = User::where('username', $username)->first(); // Ensure the user exists in our records. if (is_null($user)) { return $this->view->render($response, 'login.php', ['error' => 'Invalid Username or password.']); } // Ensure the passwords match to validate the user. if (!password_verify($password, $user->password)) { Audit::create(['category' => 'Failed login attempt', 'log_note' => 'Invalid credentials attempted for account: ' . $username, 'user_id' => $user->id, 'ip_address' => $_SERVER['REMOTE_ADDR']]); return $this->view->render($response, 'login.php', ['error' => 'Invalid Username or password.']); } // TODO: Check for any currently active token, de-activate token if exists. // Log the user in. $token = Token::generateToken(); Token::create(['token' => $token, 'type' => 'Login Token', 'active' => 'Yes', 'user_id' => $user->id]); $_SESSION['login_token'] = $token; Audit::create(['category' => 'Successful Login', 'log_note' => 'User successfully logged in for account: ' . $username, 'user_id' => $user->id, 'ip_address' => $_SERVER['REMOTE_ADDR']]); header('Location: /'); exit; });