From 1b35fdfb8aa65b8a89b080f88417fb7c1addadad Mon Sep 17 00:00:00 2001 From: ry1015 Date: Fri, 21 Nov 2014 14:12:55 -0800 Subject: [PATCH] See Description ONLY MISSING are the following: VIEW STATEMENT NEW LOAN MAKE LOAN PAYMENT --- .gitignore | 3 +- f8l_exception/admin.php | 1 - f8l_exception/admin_home.php | 3 +- f8l_exception/change_password.php | 14 ++- f8l_exception/deposit.php | 26 ++++- f8l_exception/includes/inc_adminFunctions.php | 7 +- .../includes/inc_getNumberOfAccounts.php | 12 +-- f8l_exception/includes/inc_header.php | 2 +- .../includes/inc_validateUserName.php | 39 +++---- f8l_exception/login.php | 2 - f8l_exception/logout.php | 3 + f8l_exception/nbproject/project.properties | 20 ++++ f8l_exception/nbproject/project.xml | 9 ++ f8l_exception/new_account.php | 17 ++- f8l_exception/new_customer.php | 24 ++--- f8l_exception/transfer.php | 55 +++++----- f8l_exception/view_statement.php | 102 +++++++++--------- f8l_exception/withdraw.php | 29 +++-- 18 files changed, 212 insertions(+), 156 deletions(-) create mode 100644 f8l_exception/nbproject/project.properties create mode 100644 f8l_exception/nbproject/project.xml diff --git a/.gitignore b/.gitignore index 14bc68c..f5ea2bb 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ -/nbproject/private/ \ No newline at end of file +/nbproject/private/ +/f8l_exception/nbproject/private/ \ No newline at end of file diff --git a/f8l_exception/admin.php b/f8l_exception/admin.php index 13b8672..27b8c0a 100644 --- a/f8l_exception/admin.php +++ b/f8l_exception/admin.php @@ -1,5 +1,4 @@ Username Max Limit - Checking Balance + Balance + Account Type _END; increaseLimit(); diff --git a/f8l_exception/change_password.php b/f8l_exception/change_password.php index 3d15bde..36db1f8 100644 --- a/f8l_exception/change_password.php +++ b/f8l_exception/change_password.php @@ -21,9 +21,17 @@ include 'includes/inc_validateLogin.php'; function changePassword($userName,$oldPassword,$newPassword) { global $errorCount; - include 'includes/inc_dbConnect.php'; + global $connection; + + //include 'includes/inc_dbConnect.php'; // Select database. + if ($connection->connect_error) + echo "

Unable to connect to the database server.

" . "

Error code " . mysql_errno() . ": " . mysql_error() . "

"; + else { + $result = queryMysql("UPDATE users SET password='$newPassword' WHERE username='$userName'"); + } + /* if ($db_connect === FALSE) echo "

Unable to connect to the database server.

" . "

Error code " . mysql_errno() . ": " . mysql_error() . "

"; @@ -37,6 +45,8 @@ function changePassword($userName,$oldPassword,$newPassword) { mysql_close($db_connect); } return ($retval); + * + */ } function displayForm($userName) { @@ -92,7 +102,7 @@ else { // change password in db changePassword($userName,$oldPassword,$newPassword); echo "

\nPassword has been changed!.



\n"; - include 'includes/inc_text_menu.php'; + //include 'includes/inc_text_menu.php'; } ?> diff --git a/f8l_exception/deposit.php b/f8l_exception/deposit.php index 1594d6f..d2d161f 100644 --- a/f8l_exception/deposit.php +++ b/f8l_exception/deposit.php @@ -19,9 +19,31 @@ include 'includes/inc_validateLogin.php'; function deposit($userName,$accountId,$amount) { global $errorCount; global $errorMessage; - include 'includes/inc_dbConnect.php'; + global $connection; + //include 'includes/inc_dbConnect.php'; // Select database. + if ($connection->connect_error) + echo "

Unable to connect to the database server.

" . "

Error code " . mysql_errno() . ": " . mysql_error() . "

"; + else { + // verify the account belongs to the user + $query = "SELECT * FROM account WHERE username='$userName' and accID='$accountId'"; + $result = queryMysql($query); + $count = $result->num_rows; + + // If result matched $myusername and $mypassword, table row must be 1 row + if($count == 1){ + // record login to login_history table + $sql2 = "UPDATE account SET balance=balance+'$amount' WHERE username='$userName' and accID='$accountId'"; + $result = queryMysql($sql2); + $errorMessage .= "

Deposit completed.

"; + } + else { + $errorCount++; + $errorMessage .= "Invalid user name/account number.
"; + } + } + /* if ($db_connect === FALSE) { $errorMessage .= "

Unable to connect to the database server.

" . "

Error code " . mysql_errno() . ": " . mysql_error() . "

"; $errorCount++; @@ -51,6 +73,8 @@ function deposit($userName,$accountId,$amount) { } mysql_close($db_connect); } + * + */ } function displayForm() { diff --git a/f8l_exception/includes/inc_adminFunctions.php b/f8l_exception/includes/inc_adminFunctions.php index 045b5ad..707f1fb 100644 --- a/f8l_exception/includes/inc_adminFunctions.php +++ b/f8l_exception/includes/inc_adminFunctions.php @@ -21,13 +21,16 @@ function offerCC(){ } function increaseCCLimit(){ - $result = queryMysql("SELECT account.username, account.balance, creditcard.maxlimit from account,creditcard WHERE (account.acctype = 'checking' and " + //$result = queryMysql("SELECT account.username, account.balance, creditcard.maxlimit, account.acctype from account,creditcard WHERE (account.acctype = 'checking' and " + // . "account.balance > 2 * creditcard.maxlimit and account.username = creditcard.username)"); + $result = queryMysql("SELECT account.username, account.balance, creditcard.maxlimit, account.acctype from account,creditcard WHERE (" . "account.balance > 2 * creditcard.maxlimit and account.username = creditcard.username)"); + $num = $result->num_rows; for ($j = 0; $j < $num; $j++){ $row = $result->fetch_array(MYSQLI_ASSOC); echo "" . $row['username'] . "$ " . number_format($row['maxlimit'], 2, '.', ',') . - "$ " . number_format($row['balance']) . ""; + "$ " . number_format($row['balance'], 2, '.', ',') . "" . $row['acctype'] . ""; } } ?> \ No newline at end of file diff --git a/f8l_exception/includes/inc_getNumberOfAccounts.php b/f8l_exception/includes/inc_getNumberOfAccounts.php index b5fb213..12d2112 100644 --- a/f8l_exception/includes/inc_getNumberOfAccounts.php +++ b/f8l_exception/includes/inc_getNumberOfAccounts.php @@ -1,18 +1,18 @@ num_rows; - mysql_close($db_connect); + //mysql_close($db_connect); return $count; } diff --git a/f8l_exception/includes/inc_header.php b/f8l_exception/includes/inc_header.php index 81d628c..ccee37d 100644 --- a/f8l_exception/includes/inc_header.php +++ b/f8l_exception/includes/inc_header.php @@ -10,7 +10,7 @@ if (isset($_SESSION['login'])){ } else { $loggedin = FALSE; } -$loggedin = FALSE; +//$loggedin = FALSE; if ($loggedin){ include 'includes/inc_loggedin_text_menu.php'; } else { diff --git a/f8l_exception/includes/inc_validateUserName.php b/f8l_exception/includes/inc_validateUserName.php index 23dbfdd..ad685b4 100644 --- a/f8l_exception/includes/inc_validateUserName.php +++ b/f8l_exception/includes/inc_validateUserName.php @@ -16,32 +16,21 @@ function validateUserName($data, $fieldName) } else { - include 'includes/inc_dbConnect.php'; - // Select database. - if ($db_connect === FALSE) - echo "

Unable to connect to the database server.

" . "

Error code " . mysql_errno() . ": " . mysql_error() . "

"; - - else { - if (!@mysql_select_db($db_name, $db_connect)) - echo "

Connection error. Please try again later.

"; - else { - $SQLstring = "SELECT * FROM user WHERE username = '$data'"; - - $QueryResult = @mysql_query($SQLstring, $db_connect); - if (mysql_num_rows($QueryResult) > 0) { - //echo "Please select a different User Name.
\n"; - $errorMessage .= "Please select a different User Name.
\n"; - $errorCount++; - $retval = ""; - } - else { - $retval = trim($data); - $retval = stripslashes($retval); - } - } - mysql_close($db_connect); - } + // Select database. + $result = queryMysql("SELECT * FROM users WHERE username = '$data'"); + $num = $result->num_rows; + + if ($num > 0){ + $errorMessage .= "Please select a different User Name.
\n"; + $errorCount++; + $retval = ""; + } else { + $retval = trim($data); + $retval = stripslashes($retval); + } + + $result->close(); } return ($retval); } diff --git a/f8l_exception/login.php b/f8l_exception/login.php index 17ac8f7..5670b5e 100644 --- a/f8l_exception/login.php +++ b/f8l_exception/login.php @@ -1,5 +1,3 @@ - + + org.netbeans.modules.php.project + + + f8l_exception + + + diff --git a/f8l_exception/new_account.php b/f8l_exception/new_account.php index bc25819..077c581 100644 --- a/f8l_exception/new_account.php +++ b/f8l_exception/new_account.php @@ -19,10 +19,17 @@ include 'includes/inc_getNumberOfAccounts.php'; function openNewAccount($userName,$balance,$accountType) { global $errorCount; global $errorMessage; - include 'includes/inc_dbConnect.php'; - //echo "Opening a new account with UserName:".$userName." Balance:".$balance." Account Type:".$accountType; - + global $connection; + // Select database. + if ($connection->connect_error) + echo "

Unable to connect to the database server.

" . "

Error code " . mysql_errno() . ": " . mysql_error() . "

"; + else { + $SQLstring = "INSERT INTO account (username,balance,acctype) + VALUES ('$userName','$balance','$accountType')"; + $result = queryMysql($SQLstring); + } + /* if ($db_connect === FALSE) echo "

Unable to connect to the database server.

" . "

Error code " . mysql_errno() . ": " . mysql_error() . "

"; @@ -32,7 +39,7 @@ function openNewAccount($userName,$balance,$accountType) { else { //$today = date("Ymd"); //echo "sending insert query now.
"; - $SQLstring = "INSERT INTO account (username,balance,accounttype) + $SQLstring = "INSERT INTO account (username,balance,acctype) VALUES ('$userName','$balance','$accountType')"; $QueryResult = @mysql_query($SQLstring, $db_connect); @@ -40,6 +47,8 @@ function openNewAccount($userName,$balance,$accountType) { mysql_close($db_connect); } return ($retval); + * + */ } function displayForm() { diff --git a/f8l_exception/new_customer.php b/f8l_exception/new_customer.php index a72f73e..5b2cc2c 100644 --- a/f8l_exception/new_customer.php +++ b/f8l_exception/new_customer.php @@ -15,6 +15,7 @@

Register a New Customer

Unable to connect to the database server.

" . "

Error code " . mysql_errno() . ": " . mysql_error() . "

"; - - else { - if (!@mysql_select_db($db_name, $db_connect)) - echo "

Connection error. Please try again later.

"; - else { - $SQLstring = "INSERT INTO - user (username,password,email) - VALUES ('$userName','$pw','$email')"; - - $QueryResult = @mysql_query($SQLstring, $db_connect); - } - mysql_close($db_connect); - } - return ($retval); + $result = queryMysql("INSERT INTO + users (username,password,email) + VALUES ('$userName','$pw','$email')"); } function displayForm($userName,$email) { @@ -103,8 +90,9 @@ else { $message = "You have successfully registered as a new customer for F8L Exception Online Bank. We hope you will enjoy our service and our lack of fees!\n\nThe F8L Exception Online Bank"; // message lines should not exceed 70 characters (PHP rule), so wrap it $message = wordwrap($message, 70); + // send mail - mail($email,$subject,$message,"From: $from\n"); + //mail($email,$subject,$message,"From: $from\n"); echo "

You have been set up as a new customer. Welcome to F8L Exception Online Bank!.



\n"; } diff --git a/f8l_exception/transfer.php b/f8l_exception/transfer.php index 31145d4..2aedc48 100644 --- a/f8l_exception/transfer.php +++ b/f8l_exception/transfer.php @@ -19,39 +19,32 @@ include 'includes/inc_validateLogin.php'; function transfer($userName,$fromAccountId,$toAccountId,$amount) { global $errorCount; global $errorMessage; - include 'includes/inc_dbConnect.php'; - + global $connection; + // Select database. - if ($db_connect === FALSE) { - $errorMessage .= "

Unable to connect to the database server.

" . "

Error code " . mysql_errno() . ": " . mysql_error() . "

"; - $errorCount++; - } - else { - if (!@mysql_select_db($db_name, $db_connect)) { - $errorMessage .= "

Connection error. Please try again later.

"; - $errorCount++; - } - else { - // verify the account belongs to the user - $sql = "SELECT * FROM account WHERE username='$userName' and accountid='$fromAccountId'"; - $result = mysql_query($sql); + if ($connection->connect_error){ + echo "

Unable to connect to the database server.

" . "

Error code " . mysql_errno() . ": " . mysql_error() . "

"; + $errorCount++; + } else { + // verify the account belongs to the user + $query = "SELECT * FROM account WHERE username='$userName' and accID='$fromAccountId'"; + $result = queryMysql($query); - // If result matched $myusername and $accountId, table rows must be 1 row - $count = mysql_num_rows($result); - if($count == 1){ - // record transfer to both accounts - $sql2 = "UPDATE account SET balance=balance-'$amount' WHERE username='$userName' and accountid='$fromAccountId'"; - $result = mysql_query($sql2); - $sql3 = "UPDATE account SET balance=balance+'$amount' WHERE accountid='$toAccountId'"; - $result = mysql_query($sql3); - $errorMessage .= "

Transfer completed.

"; - } - else { - $errorCount++; - $errorMessage .= "Invalid user name/account number.
"; - } - } - mysql_close($db_connect); + // If result matched $myusername and $accountId, table rows must be 1 row + $count = $result->num_rows; + + if($count == 1){ + // record transfer to both accounts + $sql2 = "UPDATE account SET balance=balance-'$amount' WHERE username='$userName' and accID='$fromAccountId'"; + $result = queryMysql($sql2); + $sql3 = "UPDATE account SET balance=balance+'$amount' WHERE accID='$toAccountId'"; + $result = queryMysql($sql3); + $errorMessage .= "

Transfer completed.

"; + } + else { + $errorCount++; + $errorMessage .= "Invalid user name/account number.
"; + } } } diff --git a/f8l_exception/view_statement.php b/f8l_exception/view_statement.php index 3187db7..5bd7a74 100644 --- a/f8l_exception/view_statement.php +++ b/f8l_exception/view_statement.php @@ -13,62 +13,58 @@

View Statement -- Under construction

Unable to connect to the database server.

" . "

Error code " . mysql_errno() . ": " . mysql_error() . "

"; - - else { - if (!@mysql_select_db($db_name, $db_connect)) - echo "

No data found.

"; - else { - - $TableName = "document"; - $SQLstring = "SELECT * FROM $TableName WHERE login = '$Login' and active = 1"; - - $QueryResult = @mysql_query($SQLstring, $db_connect); - if (mysql_num_rows($QueryResult) == 0) - echo "

No data found .

"; - else - { - echo ""; - echo " - - - - - - - "; - while (($Row = mysql_fetch_assoc($QueryResult)) !== FALSE) - { - echo ""; - echo ""; - echo ""; - echo ""; - ?> - -

"; - } - mysql_free_result($QueryResult); - } + global $connection; + + // Select database. + if ($connection->connect_error){ + echo "

Unable to connect to the database server.

" . "

Error code " . mysql_errno() . ": " . mysql_error() . "

"; + $errorCount++; + } else { + $TableName = "document"; + $SQLstring = "SELECT * FROM $TableName WHERE login = '$Login' and active = 1"; + $QueryResult = queryMysql($SQLstring); + + if ($QueryResult->num_rows == 0) + echo "

No data found .

"; + else + { + echo "
TitleTagsRevised DateNote1EditRemove
{$Row['title']}{$Row['tags']}{$Row['revisedDate']}{$Row['note1']} -
- - - -
- 		-
- - - -
-
"; + echo " + + + + + + + "; + while ($Row = $QueryResult->fetch_array(MYSQLI_ASSOC) !== FALSE) + { + echo ""; + echo ""; + echo ""; + echo ""; + ?> + +

"; + } } } $Login = ""; diff --git a/f8l_exception/withdraw.php b/f8l_exception/withdraw.php index f790e82..ee062eb 100644 --- a/f8l_exception/withdraw.php +++ b/f8l_exception/withdraw.php @@ -19,14 +19,26 @@ include 'includes/inc_validateLogin.php'; function Withdraw($userName,$accountId,$amount) { global $errorCount; global $errorMessage; - include 'includes/inc_dbConnect.php'; - + global $connection; // Select database. - if ($db_connect === FALSE) { - $errorMessage .= "

Unable to connect to the database server.

" . "

Error code " . mysql_errno() . ": " . mysql_error() . "

"; - $errorCount++; - } - else { + if ($connection->connect_error){ + echo "

Unable to connect to the database server.

" . "

Error code " . mysql_errno() . ": " . mysql_error() . "

"; + $errorCount++; + } else { + // verify the account belongs to the user + $query = "SELECT * FROM account WHERE username='$userName' and accID='$accountId'"; + $result = queryMysql($query); + $count = $result->num_rows; + + if ($count == 1){ + $sql2 = "UPDATE account SET balance=balance-'$amount' WHERE username='$userName' and accID='$accountId'"; + $result = queryMysql($sql2); + $errorMessage .= "

Withdraw completed.

"; + } else { + $errorCount++; + $errorMessage .= "Invalid user name/account number.
"; + } + /* if (!@mysql_select_db($db_name, $db_connect)) { $errorMessage .= "

Connection error. Please try again later.

"; $errorCount++; @@ -49,7 +61,8 @@ function Withdraw($userName,$accountId,$amount) { $errorMessage .= "Invalid user name/account number.
"; } } - mysql_close($db_connect); + * + */ } }
TitleTagsRevised DateNote1EditRemove
{$Row['title']}{$Row['tags']}{$Row['revisedDate']}{$Row['note1']} +
+ + + +
+ 		+
+ + + +
+