joeyajames/cs157AOnlineBanking
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

See Description

Browse Source 
ONLY MISSING are the following:
VIEW STATEMENT
NEW LOAN
MAKE LOAN PAYMENT
This commit is contained in:
ry1015
2014-11-21 14:12:55 -08:00
parent ff341372b9
commit 1b35fdfb8a
18 changed files with 212 additions and 156 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@@ -1 +1,2 @@
/nbproject/private/ /nbproject/private/
/f8l_exception/nbproject/private/

1
f8l_exception/admin.php
View File

@@ -1,5 +1,4 @@
<?php <?php
include 'functions.php';
include 'includes/inc_header.php'; include 'includes/inc_header.php';
include 'includes/inc_validateInput.php'; include 'includes/inc_validateInput.php';
include 'includes/inc_validateLogin.php'; include 'includes/inc_validateLogin.php';

3
f8l_exception/admin_home.php
View File

@@ -50,7 +50,8 @@ _END;
<tr> <tr>
<th>Username</th> <th>Username</th>
<th>Max Limit</th> <th>Max Limit</th>
<th>Checking Balance</th> <th>Balance</th>
<th>Account Type</th>
</tr> </tr>
_END; _END;
increaseLimit(); increaseLimit();

14
f8l_exception/change_password.php
View File

@@ -21,9 +21,17 @@ include 'includes/inc_validateLogin.php';
function changePassword($userName,$oldPassword,$newPassword) { function changePassword($userName,$oldPassword,$newPassword) {
global $errorCount; global $errorCount;
include 'includes/inc_dbConnect.php'; global $connection;
//include 'includes/inc_dbConnect.php';
// Select database. // Select database.
if ($connection->connect_error)
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
else {
$result = queryMysql("UPDATE users SET password='$newPassword' WHERE username='$userName'");
}
/*
if ($db_connect === FALSE) if ($db_connect === FALSE)
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>"; echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
@@ -37,6 +45,8 @@ function changePassword($userName,$oldPassword,$newPassword) {
mysql_close($db_connect); mysql_close($db_connect);
} }
return ($retval); return ($retval);
*
*/
} }
function displayForm($userName) { function displayForm($userName) {
@@ -92,7 +102,7 @@ else {
// change password in db // change password in db
changePassword($userName,$oldPassword,$newPassword); changePassword($userName,$oldPassword,$newPassword);
echo "<p>\nPassword has been changed!.</p><br /><br />\n"; echo "<p>\nPassword has been changed!.</p><br /><br />\n";
include 'includes/inc_text_menu.php'; //include 'includes/inc_text_menu.php';
} }
?> ?>

26
f8l_exception/deposit.php
View File

@@ -19,9 +19,31 @@ include 'includes/inc_validateLogin.php';
function deposit($userName,$accountId,$amount) { function deposit($userName,$accountId,$amount) {
global $errorCount; global $errorCount;
global $errorMessage; global $errorMessage;
include 'includes/inc_dbConnect.php'; global $connection;
//include 'includes/inc_dbConnect.php';
// Select database. // Select database.
if ($connection->connect_error)
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
else {
// verify the account belongs to the user
$query = "SELECT * FROM account WHERE username='$userName' and accID='$accountId'";
$result = queryMysql($query);
$count = $result->num_rows;
// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1){
// record login to login_history table
$sql2 = "UPDATE account SET balance=balance+'$amount' WHERE username='$userName' and accID='$accountId'";
$result = queryMysql($sql2);
$errorMessage .= "<p>Deposit completed.</p>";
}
else {
$errorCount++;
$errorMessage .= "Invalid user name/account number.<br />";
}
}
/*
if ($db_connect === FALSE) { if ($db_connect === FALSE) {
$errorMessage .= "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>"; $errorMessage .= "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
$errorCount++; $errorCount++;
@@ -51,6 +73,8 @@ function deposit($userName,$accountId,$amount) {
} }
mysql_close($db_connect); mysql_close($db_connect);
} }
*
*/
} }
function displayForm() { function displayForm() {

7
f8l_exception/includes/inc_adminFunctions.php
View File

@@ -21,13 +21,16 @@ function offerCC(){
} }
function increaseCCLimit(){ function increaseCCLimit(){
$result = queryMysql("SELECT account.username, account.balance, creditcard.maxlimit from account,creditcard WHERE (account.acctype = 'checking' and " //$result = queryMysql("SELECT account.username, account.balance, creditcard.maxlimit, account.acctype from account,creditcard WHERE (account.acctype = 'checking' and "
// . "account.balance > 2 * creditcard.maxlimit and account.username = creditcard.username)");
$result = queryMysql("SELECT account.username, account.balance, creditcard.maxlimit, account.acctype from account,creditcard WHERE ("
. "account.balance > 2 * creditcard.maxlimit and account.username = creditcard.username)"); . "account.balance > 2 * creditcard.maxlimit and account.username = creditcard.username)");
$num = $result->num_rows; $num = $result->num_rows;
for ($j = 0; $j < $num; $j++){ for ($j = 0; $j < $num; $j++){
$row = $result->fetch_array(MYSQLI_ASSOC); $row = $result->fetch_array(MYSQLI_ASSOC);
echo "<tr><td>" . $row['username'] . "</td><td>$ " . number_format($row['maxlimit'], 2, '.', ',') . echo "<tr><td>" . $row['username'] . "</td><td>$ " . number_format($row['maxlimit'], 2, '.', ',') .
"</td><td>$ " . number_format($row['balance']) . "</td></tr>"; "</td><td>$ " . number_format($row['balance'], 2, '.', ',') . "</td><td>" . $row['acctype'] . "</td></tr>";
} }
} }
?> ?>

12
f8l_exception/includes/inc_getNumberOfAccounts.php
View File

@@ -1,18 +1,18 @@
<?php <?php
include 'functions.php';
// get the number of checking and savings accounts for a user (max is 2) // get the number of checking and savings accounts for a user (max is 2)
// increments global $errorCount if errors encountered. // increments global $errorCount if errors encountered.
function getNumberOfAccounts ($userName) { function getNumberOfAccounts ($userName) {
global $errorCount; global $errorCount;
global $errorMessage; global $errorMessage;
include f8l_exception/includes/inc_dbConnect.php; //mysql_select_db("$db_name")or die("cannot select DB");
mysql_select_db("$db_name")or die("cannot select DB");
// get number of accounts // get number of accounts
$sql = "SELECT * FROM account WHERE username='$userName' and accounttype='Checking' or 'Savings'"; $sql = "SELECT * FROM account WHERE username='$userName' and (acctype='Checking' or acctype='Savings')";
$result = mysql_query($sql); $result = queryMysql($sql);
$count = mysql_num_rows($result); $count = $result->num_rows;
mysql_close($db_connect); //mysql_close($db_connect);
return $count; return $count;
} }

2
f8l_exception/includes/inc_header.php
View File

@@ -10,7 +10,7 @@ if (isset($_SESSION['login'])){
} else { } else {
$loggedin = FALSE; $loggedin = FALSE;
} }
$loggedin = FALSE; //$loggedin = FALSE;
if ($loggedin){ if ($loggedin){
include 'includes/inc_loggedin_text_menu.php'; include 'includes/inc_loggedin_text_menu.php';
} else { } else {

39
f8l_exception/includes/inc_validateUserName.php
View File

@@ -16,32 +16,21 @@ function validateUserName($data, $fieldName)
} }
else { else {
include 'includes/inc_dbConnect.php';
// Select database. // Select database.
if ($db_connect === FALSE) $result = queryMysql("SELECT * FROM users WHERE username = '$data'");
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>"; $num = $result->num_rows;
else { if ($num > 0){
if (!@mysql_select_db($db_name, $db_connect)) $errorMessage .= "Please select a different User Name.<br />\n";
echo "<p>Connection error. Please try again later.</p>"; $errorCount++;
else { $retval = "";
$SQLstring = "SELECT * FROM user WHERE username = '$data'"; } else {
$retval = trim($data);
$QueryResult = @mysql_query($SQLstring, $db_connect); $retval = stripslashes($retval);
if (mysql_num_rows($QueryResult) > 0) { }
//echo "Please select a different User Name.<br />\n";
$errorMessage .= "Please select a different User Name.<br />\n"; $result->close();
$errorCount++;
$retval = "";
}
else {
$retval = trim($data);
$retval = stripslashes($retval);
}
}
mysql_close($db_connect);
}
} }
return ($retval); return ($retval);
} }

2
f8l_exception/login.php
View File

@@ -1,5 +1,3 @@
<?php
//session_start(); ?>
<!-- F8L Exception Online Bank | Login --> <!-- F8L Exception Online Bank | Login -->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"

3
f8l_exception/logout.php
View File

@@ -1,3 +1,6 @@
<?php
include 'includes/inc_header.php';
?>
<!-- PVault | Logout --> <!-- PVault | Logout -->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"

20
f8l_exception/nbproject/project.properties Normal file
View File

@@ -0,0 +1,20 @@
auxiliary.org-netbeans-modules-css-prep.less_2e_compiler_2e_options=
auxiliary.org-netbeans-modules-css-prep.less_2e_enabled=false
auxiliary.org-netbeans-modules-css-prep.less_2e_mappings=/less:/css
auxiliary.org-netbeans-modules-css-prep.sass_2e_compiler_2e_options=
auxiliary.org-netbeans-modules-css-prep.sass_2e_enabled=false
auxiliary.org-netbeans-modules-css-prep.sass_2e_mappings=/scss:/css
auxiliary.org-netbeans-modules-javascript2-requirejs.enabled=true
auxiliary.org-netbeans-modules-web-clientproject-api.js_2e_libs_2e_folder=phpmyadmin/js
browser.reload.on.save=true
code.analysis.excludes=
ignore.path=
include.path=\
${php.global.include.path}
php.version=PHP_54
source.encoding=UTF-8
src.dir=.
tags.asp=false
tags.short=false
testing.providers=
web.root=.

9
f8l_exception/nbproject/project.xml Normal file
View File

@@ -0,0 +1,9 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://www.netbeans.org/ns/project/1">
<type>org.netbeans.modules.php.project</type>
<configuration>
<data xmlns="http://www.netbeans.org/ns/php-project/1">
<name>f8l_exception</name>
</data>
</configuration>
</project>

17
f8l_exception/new_account.php
View File

@@ -19,10 +19,17 @@ include 'includes/inc_getNumberOfAccounts.php';
function openNewAccount($userName,$balance,$accountType) { function openNewAccount($userName,$balance,$accountType) {
global $errorCount; global $errorCount;
global $errorMessage; global $errorMessage;
include 'includes/inc_dbConnect.php'; global $connection;
//echo "Opening a new account with UserName:".$userName." Balance:".$balance." Account Type:".$accountType;
// Select database. // Select database.
if ($connection->connect_error)
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
else {
$SQLstring = "INSERT INTO account (username,balance,acctype)
VALUES ('$userName','$balance','$accountType')";
$result = queryMysql($SQLstring);
}
/*
if ($db_connect === FALSE) if ($db_connect === FALSE)
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>"; echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
@@ -32,7 +39,7 @@ function openNewAccount($userName,$balance,$accountType) {
else { else {
//$today = date("Ymd"); //$today = date("Ymd");
//echo "sending insert query now.<br />"; //echo "sending insert query now.<br />";
$SQLstring = "INSERT INTO account (username,balance,accounttype) $SQLstring = "INSERT INTO account (username,balance,acctype)
VALUES ('$userName','$balance','$accountType')"; VALUES ('$userName','$balance','$accountType')";
$QueryResult = @mysql_query($SQLstring, $db_connect); $QueryResult = @mysql_query($SQLstring, $db_connect);
@@ -40,6 +47,8 @@ function openNewAccount($userName,$balance,$accountType) {
mysql_close($db_connect); mysql_close($db_connect);
} }
return ($retval); return ($retval);
*
*/
} }
function displayForm() { function displayForm() {

24
f8l_exception/new_customer.php
View File

@@ -15,6 +15,7 @@
<hr /> <hr />
<h1>Register a New Customer</h1> <h1>Register a New Customer</h1>
<?php <?php
include 'includes/inc_validatePassword.php'; include 'includes/inc_validatePassword.php';
include 'includes/inc_validateUserName.php'; include 'includes/inc_validateUserName.php';
include 'includes/inc_validateEmail.php'; include 'includes/inc_validateEmail.php';
@@ -22,25 +23,11 @@ include 'includes/inc_validateEmail.php';
function createNewCustomer($userName,$pw,$email) { function createNewCustomer($userName,$pw,$email) {
global $errorCount; global $errorCount;
global $errorMessage; global $errorMessage;
include 'includes/inc_dbConnect.php';
// Select database. // Select database.
if ($db_connect === FALSE) $result = queryMysql("INSERT INTO
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>"; users (username,password,email)
VALUES ('$userName','$pw','$email')");
else {
if (!@mysql_select_db($db_name, $db_connect))
echo "<p>Connection error. Please try again later.</p>";
else {
$SQLstring = "INSERT INTO
user (username,password,email)
VALUES ('$userName','$pw','$email')";
$QueryResult = @mysql_query($SQLstring, $db_connect);
}
mysql_close($db_connect);
}
return ($retval);
} }
function displayForm($userName,$email) { function displayForm($userName,$email) {
@@ -103,8 +90,9 @@ else {
$message = "You have successfully registered as a new customer for F8L Exception Online Bank. We hope you will enjoy our service and our lack of fees!\n\nThe F8L Exception Online Bank"; $message = "You have successfully registered as a new customer for F8L Exception Online Bank. We hope you will enjoy our service and our lack of fees!\n\nThe F8L Exception Online Bank";
// message lines should not exceed 70 characters (PHP rule), so wrap it // message lines should not exceed 70 characters (PHP rule), so wrap it
$message = wordwrap($message, 70); $message = wordwrap($message, 70);
// send mail // send mail
mail($email,$subject,$message,"From: $from\n"); //mail($email,$subject,$message,"From: $from\n");
echo "<p>You have been set up as a new customer. Welcome to F8L Exception Online Bank!.</p><br /><br />\n"; echo "<p>You have been set up as a new customer. Welcome to F8L Exception Online Bank!.</p><br /><br />\n";
} }

55
f8l_exception/transfer.php
View File

@@ -19,39 +19,32 @@ include 'includes/inc_validateLogin.php';
function transfer($userName,$fromAccountId,$toAccountId,$amount) { function transfer($userName,$fromAccountId,$toAccountId,$amount) {
global $errorCount; global $errorCount;
global $errorMessage; global $errorMessage;
include 'includes/inc_dbConnect.php'; global $connection;
// Select database. // Select database.
if ($db_connect === FALSE) { if ($connection->connect_error){
$errorMessage .= "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>"; echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
$errorCount++; $errorCount++;
} } else {
else { // verify the account belongs to the user
if (!@mysql_select_db($db_name, $db_connect)) { $query = "SELECT * FROM account WHERE username='$userName' and accID='$fromAccountId'";
$errorMessage .= "<p>Connection error. Please try again later.</p>"; $result = queryMysql($query);
$errorCount++;
}
else {
// verify the account belongs to the user
$sql = "SELECT * FROM account WHERE username='$userName' and accountid='$fromAccountId'";
$result = mysql_query($sql);
// If result matched $myusername and $accountId, table rows must be 1 row // If result matched $myusername and $accountId, table rows must be 1 row
$count = mysql_num_rows($result); $count = $result->num_rows;
if($count == 1){
// record transfer to both accounts if($count == 1){
$sql2 = "UPDATE account SET balance=balance-'$amount' WHERE username='$userName' and accountid='$fromAccountId'"; // record transfer to both accounts
$result = mysql_query($sql2); $sql2 = "UPDATE account SET balance=balance-'$amount' WHERE username='$userName' and accID='$fromAccountId'";
$sql3 = "UPDATE account SET balance=balance+'$amount' WHERE accountid='$toAccountId'"; $result = queryMysql($sql2);
$result = mysql_query($sql3); $sql3 = "UPDATE account SET balance=balance+'$amount' WHERE accID='$toAccountId'";
$errorMessage .= "<p>Transfer completed.</p>"; $result = queryMysql($sql3);
} $errorMessage .= "<p>Transfer completed.</p>";
else { }
$errorCount++; else {
$errorMessage .= "Invalid user name/account number.<br />"; $errorCount++;
} $errorMessage .= "Invalid user name/account number.<br />";
} }
mysql_close($db_connect);
} }
} }

102
f8l_exception/view_statement.php
View File

@@ -13,62 +13,58 @@
<hr /> <hr />
<h1>View Statement -- Under construction</h1> <h1>View Statement -- Under construction</h1>
<?php <?php
include 'functions.php';
function displayTable() { function displayTable() {
global $Login; global $Login;
echo "User Name: " . $Login; echo "User Name: " . $Login;
include 'includes/inc_dbConnect.php'; global $connection;
if ($db_connect === FALSE) // Select database.
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>"; if ($connection->connect_error){
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
else { $errorCount++;
if (!@mysql_select_db($db_name, $db_connect)) } else {
echo "<p>No data found.</p>"; $TableName = "document";
else { $SQLstring = "SELECT * FROM $TableName WHERE login = '$Login' and active = 1";
$QueryResult = queryMysql($SQLstring);
$TableName = "document";
$SQLstring = "SELECT * FROM $TableName WHERE login = '$Login' and active = 1"; if ($QueryResult->num_rows == 0)
echo "<p>No data found .</p>";
$QueryResult = @mysql_query($SQLstring, $db_connect); else
if (mysql_num_rows($QueryResult) == 0) {
echo "<p>No data found .</p>"; echo "<table width='100%' border='1'>";
else echo "<tr>
{ <th>Title</th>
echo "<table width='100%' border='1'>"; <th>Tags</th>
echo "<tr> <th>Revised Date</th>
<th>Title</th> <th>Note1</th>
<th>Tags</th> <th>Edit</th>
<th>Revised Date</th> <th>Remove</th>
<th>Note1</th> </tr>";
<th>Edit</th> while ($Row = $QueryResult->fetch_array(MYSQLI_ASSOC) !== FALSE)
<th>Remove</th> {
</tr>"; echo "<td><a href='view_document.php?id={$Row['id']}'>{$Row['title']}</a></td>";
while (($Row = mysql_fetch_assoc($QueryResult)) !== FALSE) echo "<td>{$Row['tags']}</td>";
{ echo "<td>{$Row['revisedDate']}</td>";
echo "<td><a href='view_document.php?id={$Row['id']}'>{$Row['title']}</a></td>"; echo "<td>{$Row['note1']}</td>";
echo "<td>{$Row['tags']}</td>"; ?>
echo "<td>{$Row['revisedDate']}</td>"; <td>
echo "<td>{$Row['note1']}</td>"; <form method="POST" action="edit_document.php">
?> <input type="hidden" name="id" value="<?php echo $Row['id']; ?>">
<td> <input type="hidden" name="status" value=0>
<form method="POST" action="edit_document.php"> <input type="submit" name="edit" value="Edit" />
<input type="hidden" name="id" value="<?php echo $Row['id']; ?>"> </form>
<input type="hidden" name="status" value=0> </td>
<input type="submit" name="edit" value="Edit" /> <td>
</form> <form method="POST" action="change_document_status.php">
</td> <input type="hidden" name="id" value="<?php echo $Row['id']; ?>">
<td> <input type="hidden" name="status" value=0>
<form method="POST" action="change_document_status.php"> <input type="submit" name="remove" value="Remove" />
<input type="hidden" name="id" value="<?php echo $Row['id']; ?>"> </form>
<input type="hidden" name="status" value=0> </td></tr><?php
<input type="submit" name="remove" value="Remove" /> }
</form> echo "</table><br /><br />";
</td></tr><?php }
}
echo "</table><br /><br />";
}
mysql_free_result($QueryResult);
}
} }
} }
$Login = ""; $Login = "";

29
f8l_exception/withdraw.php
View File

@@ -19,14 +19,26 @@ include 'includes/inc_validateLogin.php';
function Withdraw($userName,$accountId,$amount) { function Withdraw($userName,$accountId,$amount) {
global $errorCount; global $errorCount;
global $errorMessage; global $errorMessage;
include 'includes/inc_dbConnect.php'; global $connection;
// Select database. // Select database.
if ($db_connect === FALSE) { if ($connection->connect_error){
$errorMessage .= "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>"; echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
$errorCount++; $errorCount++;
} } else {
else { // verify the account belongs to the user
$query = "SELECT * FROM account WHERE username='$userName' and accID='$accountId'";
$result = queryMysql($query);
$count = $result->num_rows;
if ($count == 1){
$sql2 = "UPDATE account SET balance=balance-'$amount' WHERE username='$userName' and accID='$accountId'";
$result = queryMysql($sql2);
$errorMessage .= "<p>Withdraw completed.</p>";
} else {
$errorCount++;
$errorMessage .= "Invalid user name/account number.<br />";
}
/*
if (!@mysql_select_db($db_name, $db_connect)) { if (!@mysql_select_db($db_name, $db_connect)) {
$errorMessage .= "<p>Connection error. Please try again later.</p>"; $errorMessage .= "<p>Connection error. Please try again later.</p>";
$errorCount++; $errorCount++;
@@ -49,7 +61,8 @@ function Withdraw($userName,$accountId,$amount) {
$errorMessage .= "Invalid user name/account number.<br />"; $errorMessage .= "Invalid user name/account number.<br />";
} }
} }
mysql_close($db_connect); *
*/
} }
} }