joeyajames/cs157AOnlineBanking
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

See Description

Browse Source 
ONLY MISSING are the following:
VIEW STATEMENT
NEW LOAN
MAKE LOAN PAYMENT
This commit is contained in:
ry1015
2014-11-21 14:12:55 -08:00
parent ff341372b9
commit 1b35fdfb8a
18 changed files with 212 additions and 156 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -1 +1,2 @@
/nbproject/private/
/f8l_exception/nbproject/private/

1
f8l_exception/admin.php
View File

@@ -1,5 +1,4 @@
<?php
include 'functions.php';
include 'includes/inc_header.php';
include 'includes/inc_validateInput.php';
include 'includes/inc_validateLogin.php';

3
f8l_exception/admin_home.php
View File

@@ -50,7 +50,8 @@ _END;
<tr>
<th>Username</th>
<th>Max Limit</th>
<th>Checking Balance</th>
<th>Balance</th>
<th>Account Type</th>
</tr>
_END;
increaseLimit();

14
f8l_exception/change_password.php
View File

@@ -21,9 +21,17 @@ include 'includes/inc_validateLogin.php';
function changePassword($userName,$oldPassword,$newPassword) {
global $errorCount;
include 'includes/inc_dbConnect.php';
global $connection;
//include 'includes/inc_dbConnect.php';
// Select database.
if ($connection->connect_error)
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
else {
$result = queryMysql("UPDATE users SET password='$newPassword' WHERE username='$userName'");
}
/*
if ($db_connect === FALSE)
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
@@ -37,6 +45,8 @@ function changePassword($userName,$oldPassword,$newPassword) {
mysql_close($db_connect);
}
return ($retval);
*
*/
}
function displayForm($userName) {
@@ -92,7 +102,7 @@ else {
// change password in db
changePassword($userName,$oldPassword,$newPassword);
echo "<p>\nPassword has been changed!.</p><br /><br />\n";
include 'includes/inc_text_menu.php';
//include 'includes/inc_text_menu.php';
}
?>

26
f8l_exception/deposit.php
View File

@@ -19,9 +19,31 @@ include 'includes/inc_validateLogin.php';
function deposit($userName,$accountId,$amount) {
global $errorCount;
global $errorMessage;
include 'includes/inc_dbConnect.php';
global $connection;
//include 'includes/inc_dbConnect.php';
// Select database.
if ($connection->connect_error)
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
else {
// verify the account belongs to the user
$query = "SELECT * FROM account WHERE username='$userName' and accID='$accountId'";
$result = queryMysql($query);
$count = $result->num_rows;
// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1){
// record login to login_history table
$sql2 = "UPDATE account SET balance=balance+'$amount' WHERE username='$userName' and accID='$accountId'";
$result = queryMysql($sql2);
$errorMessage .= "<p>Deposit completed.</p>";
}
else {
$errorCount++;
$errorMessage .= "Invalid user name/account number.<br />";
}
}
/*
if ($db_connect === FALSE) {
$errorMessage .= "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
$errorCount++;
@@ -51,6 +73,8 @@ function deposit($userName,$accountId,$amount) {
}
mysql_close($db_connect);
}
*
*/
}
function displayForm() {

7
f8l_exception/includes/inc_adminFunctions.php
View File

@@ -21,13 +21,16 @@ function offerCC(){
}
function increaseCCLimit(){
$result = queryMysql("SELECT account.username, account.balance, creditcard.maxlimit from account,creditcard WHERE (account.acctype = 'checking' and "
//$result = queryMysql("SELECT account.username, account.balance, creditcard.maxlimit, account.acctype from account,creditcard WHERE (account.acctype = 'checking' and "
// . "account.balance > 2 * creditcard.maxlimit and account.username = creditcard.username)");
$result = queryMysql("SELECT account.username, account.balance, creditcard.maxlimit, account.acctype from account,creditcard WHERE ("
. "account.balance > 2 * creditcard.maxlimit and account.username = creditcard.username)");
$num = $result->num_rows;
for ($j = 0; $j < $num; $j++){
$row = $result->fetch_array(MYSQLI_ASSOC);
echo "<tr><td>" . $row['username'] . "</td><td>$ " . number_format($row['maxlimit'], 2, '.', ',') .
"</td><td>$ " . number_format($row['balance']) . "</td></tr>";
"</td><td>$ " . number_format($row['balance'], 2, '.', ',') . "</td><td>" . $row['acctype'] . "</td></tr>";
}
}
?>

12
f8l_exception/includes/inc_getNumberOfAccounts.php
View File

@@ -1,18 +1,18 @@
<?php
include 'functions.php';
// get the number of checking and savings accounts for a user (max is 2)
// increments global $errorCount if errors encountered.
function getNumberOfAccounts ($userName) {
global $errorCount;
global $errorMessage;
include f8l_exception/includes/inc_dbConnect.php;
mysql_select_db("$db_name")or die("cannot select DB");
//mysql_select_db("$db_name")or die("cannot select DB");
// get number of accounts
$sql = "SELECT * FROM account WHERE username='$userName' and accounttype='Checking' or 'Savings'";
$result = mysql_query($sql);
$count = mysql_num_rows($result);
$sql = "SELECT * FROM account WHERE username='$userName' and (acctype='Checking' or acctype='Savings')";
$result = queryMysql($sql);
$count = $result->num_rows;
mysql_close($db_connect);
//mysql_close($db_connect);
return $count;
}

2
f8l_exception/includes/inc_header.php
View File

@@ -10,7 +10,7 @@ if (isset($_SESSION['login'])){
} else {
$loggedin = FALSE;
}
$loggedin = FALSE;
//$loggedin = FALSE;
if ($loggedin){
include 'includes/inc_loggedin_text_menu.php';
} else {

35
f8l_exception/includes/inc_validateUserName.php
View File

@@ -16,32 +16,21 @@ function validateUserName($data, $fieldName)
}
else {
include 'includes/inc_dbConnect.php';
// Select database.
if ($db_connect === FALSE)
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
// Select database.
$result = queryMysql("SELECT * FROM users WHERE username = '$data'");
$num = $result->num_rows;
else {
if (!@mysql_select_db($db_name, $db_connect))
echo "<p>Connection error. Please try again later.</p>";
else {
$SQLstring = "SELECT * FROM user WHERE username = '$data'";
if ($num > 0){
$errorMessage .= "Please select a different User Name.<br />\n";
$errorCount++;
$retval = "";
} else {
$retval = trim($data);
$retval = stripslashes($retval);
}
$QueryResult = @mysql_query($SQLstring, $db_connect);
if (mysql_num_rows($QueryResult) > 0) {
//echo "Please select a different User Name.<br />\n";
$errorMessage .= "Please select a different User Name.<br />\n";
$errorCount++;
$retval = "";
}
else {
$retval = trim($data);
$retval = stripslashes($retval);
}
}
mysql_close($db_connect);
}
$result->close();
}
return ($retval);
}

2
f8l_exception/login.php
View File

@@ -1,5 +1,3 @@
<?php
//session_start(); ?>
<!-- F8L Exception Online Bank | Login -->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"

3
f8l_exception/logout.php
View File

@@ -1,3 +1,6 @@
<?php
include 'includes/inc_header.php';
?>
<!-- PVault | Logout -->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"

20
f8l_exception/nbproject/project.properties Normal file
View File

@@ -0,0 +1,20 @@
auxiliary.org-netbeans-modules-css-prep.less_2e_compiler_2e_options=
auxiliary.org-netbeans-modules-css-prep.less_2e_enabled=false
auxiliary.org-netbeans-modules-css-prep.less_2e_mappings=/less:/css
auxiliary.org-netbeans-modules-css-prep.sass_2e_compiler_2e_options=
auxiliary.org-netbeans-modules-css-prep.sass_2e_enabled=false
auxiliary.org-netbeans-modules-css-prep.sass_2e_mappings=/scss:/css
auxiliary.org-netbeans-modules-javascript2-requirejs.enabled=true
auxiliary.org-netbeans-modules-web-clientproject-api.js_2e_libs_2e_folder=phpmyadmin/js
browser.reload.on.save=true
code.analysis.excludes=
ignore.path=
include.path=\
${php.global.include.path}
php.version=PHP_54
source.encoding=UTF-8
src.dir=.
tags.asp=false
tags.short=false
testing.providers=
web.root=.

9
f8l_exception/nbproject/project.xml Normal file
View File

@@ -0,0 +1,9 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://www.netbeans.org/ns/project/1">
<type>org.netbeans.modules.php.project</type>
<configuration>
<data xmlns="http://www.netbeans.org/ns/php-project/1">
<name>f8l_exception</name>
</data>
</configuration>
</project>

15
f8l_exception/new_account.php
View File

@@ -19,10 +19,17 @@ include 'includes/inc_getNumberOfAccounts.php';
function openNewAccount($userName,$balance,$accountType) {
global $errorCount;
global $errorMessage;
include 'includes/inc_dbConnect.php';
//echo "Opening a new account with UserName:".$userName." Balance:".$balance." Account Type:".$accountType;
global $connection;
// Select database.
if ($connection->connect_error)
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
else {
$SQLstring = "INSERT INTO account (username,balance,acctype)
VALUES ('$userName','$balance','$accountType')";
$result = queryMysql($SQLstring);
}
/*
if ($db_connect === FALSE)
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
@@ -32,7 +39,7 @@ function openNewAccount($userName,$balance,$accountType) {
else {
//$today = date("Ymd");
//echo "sending insert query now.<br />";
$SQLstring = "INSERT INTO account (username,balance,accounttype)
$SQLstring = "INSERT INTO account (username,balance,acctype)
VALUES ('$userName','$balance','$accountType')";
$QueryResult = @mysql_query($SQLstring, $db_connect);
@@ -40,6 +47,8 @@ function openNewAccount($userName,$balance,$accountType) {
mysql_close($db_connect);
}
return ($retval);
*
*/
}
function displayForm() {

24
f8l_exception/new_customer.php
View File

@@ -15,6 +15,7 @@
<hr />
<h1>Register a New Customer</h1>
<?php
include 'includes/inc_validatePassword.php';
include 'includes/inc_validateUserName.php';
include 'includes/inc_validateEmail.php';
@@ -22,25 +23,11 @@ include 'includes/inc_validateEmail.php';
function createNewCustomer($userName,$pw,$email) {
global $errorCount;
global $errorMessage;
include 'includes/inc_dbConnect.php';
// Select database.
if ($db_connect === FALSE)
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
else {
if (!@mysql_select_db($db_name, $db_connect))
echo "<p>Connection error. Please try again later.</p>";
else {
$SQLstring = "INSERT INTO
user (username,password,email)
VALUES ('$userName','$pw','$email')";
$QueryResult = @mysql_query($SQLstring, $db_connect);
}
mysql_close($db_connect);
}
return ($retval);
$result = queryMysql("INSERT INTO
users (username,password,email)
VALUES ('$userName','$pw','$email')");
}
function displayForm($userName,$email) {
@@ -103,8 +90,9 @@ else {
$message = "You have successfully registered as a new customer for F8L Exception Online Bank. We hope you will enjoy our service and our lack of fees!\n\nThe F8L Exception Online Bank";
// message lines should not exceed 70 characters (PHP rule), so wrap it
$message = wordwrap($message, 70);
// send mail
mail($email,$subject,$message,"From: $from\n");
//mail($email,$subject,$message,"From: $from\n");
echo "<p>You have been set up as a new customer. Welcome to F8L Exception Online Bank!.</p><br /><br />\n";
}

53
f8l_exception/transfer.php
View File

@@ -19,39 +19,32 @@ include 'includes/inc_validateLogin.php';
function transfer($userName,$fromAccountId,$toAccountId,$amount) {
global $errorCount;
global $errorMessage;
include 'includes/inc_dbConnect.php';
global $connection;
// Select database.
if ($db_connect === FALSE) {
$errorMessage .= "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
$errorCount++;
}
else {
if (!@mysql_select_db($db_name, $db_connect)) {
$errorMessage .= "<p>Connection error. Please try again later.</p>";
$errorCount++;
}
else {
// verify the account belongs to the user
$sql = "SELECT * FROM account WHERE username='$userName' and accountid='$fromAccountId'";
$result = mysql_query($sql);
if ($connection->connect_error){
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
$errorCount++;
} else {
// verify the account belongs to the user
$query = "SELECT * FROM account WHERE username='$userName' and accID='$fromAccountId'";
$result = queryMysql($query);
// If result matched $myusername and $accountId, table rows must be 1 row
$count = mysql_num_rows($result);
if($count == 1){
// record transfer to both accounts
$sql2 = "UPDATE account SET balance=balance-'$amount' WHERE username='$userName' and accountid='$fromAccountId'";
$result = mysql_query($sql2);
$sql3 = "UPDATE account SET balance=balance+'$amount' WHERE accountid='$toAccountId'";
$result = mysql_query($sql3);
$errorMessage .= "<p>Transfer completed.</p>";
}
else {
$errorCount++;
$errorMessage .= "Invalid user name/account number.<br />";
}
}
mysql_close($db_connect);
// If result matched $myusername and $accountId, table rows must be 1 row
$count = $result->num_rows;
if($count == 1){
// record transfer to both accounts
$sql2 = "UPDATE account SET balance=balance-'$amount' WHERE username='$userName' and accID='$fromAccountId'";
$result = queryMysql($sql2);
$sql3 = "UPDATE account SET balance=balance+'$amount' WHERE accID='$toAccountId'";
$result = queryMysql($sql3);
$errorMessage .= "<p>Transfer completed.</p>";
}
else {
$errorCount++;
$errorMessage .= "Invalid user name/account number.<br />";
}
}
}

98
f8l_exception/view_statement.php
View File

@@ -13,62 +13,58 @@
<hr />
<h1>View Statement -- Under construction</h1>
<?php
include 'functions.php';
function displayTable() {
global $Login;
echo "User Name: " . $Login;
include 'includes/inc_dbConnect.php';
global $connection;
if ($db_connect === FALSE)
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
// Select database.
if ($connection->connect_error){
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
$errorCount++;
} else {
$TableName = "document";
$SQLstring = "SELECT * FROM $TableName WHERE login = '$Login' and active = 1";
$QueryResult = queryMysql($SQLstring);
else {
if (!@mysql_select_db($db_name, $db_connect))
echo "<p>No data found.</p>";
else {
$TableName = "document";
$SQLstring = "SELECT * FROM $TableName WHERE login = '$Login' and active = 1";
$QueryResult = @mysql_query($SQLstring, $db_connect);
if (mysql_num_rows($QueryResult) == 0)
echo "<p>No data found .</p>";
else
{
echo "<table width='100%' border='1'>";
echo "<tr>
<th>Title</th>
<th>Tags</th>
<th>Revised Date</th>
<th>Note1</th>
<th>Edit</th>
<th>Remove</th>
</tr>";
while (($Row = mysql_fetch_assoc($QueryResult)) !== FALSE)
{
echo "<td><a href='view_document.php?id={$Row['id']}'>{$Row['title']}</a></td>";
echo "<td>{$Row['tags']}</td>";
echo "<td>{$Row['revisedDate']}</td>";
echo "<td>{$Row['note1']}</td>";
?>
<td>
<form method="POST" action="edit_document.php">
<input type="hidden" name="id" value="<?php echo $Row['id']; ?>">
<input type="hidden" name="status" value=0>
<input type="submit" name="edit" value="Edit" />
</form>
</td>
<td>
<form method="POST" action="change_document_status.php">
<input type="hidden" name="id" value="<?php echo $Row['id']; ?>">
<input type="hidden" name="status" value=0>
<input type="submit" name="remove" value="Remove" />
</form>
</td></tr><?php
}
echo "</table><br /><br />";
}
mysql_free_result($QueryResult);
}
if ($QueryResult->num_rows == 0)
echo "<p>No data found .</p>";
else
{
echo "<table width='100%' border='1'>";
echo "<tr>
<th>Title</th>
<th>Tags</th>
<th>Revised Date</th>
<th>Note1</th>
<th>Edit</th>
<th>Remove</th>
</tr>";
while ($Row = $QueryResult->fetch_array(MYSQLI_ASSOC) !== FALSE)
{
echo "<td><a href='view_document.php?id={$Row['id']}'>{$Row['title']}</a></td>";
echo "<td>{$Row['tags']}</td>";
echo "<td>{$Row['revisedDate']}</td>";
echo "<td>{$Row['note1']}</td>";
?>
<td>
<form method="POST" action="edit_document.php">
<input type="hidden" name="id" value="<?php echo $Row['id']; ?>">
<input type="hidden" name="status" value=0>
<input type="submit" name="edit" value="Edit" />
</form>
</td>
<td>
<form method="POST" action="change_document_status.php">
<input type="hidden" name="id" value="<?php echo $Row['id']; ?>">
<input type="hidden" name="status" value=0>
<input type="submit" name="remove" value="Remove" />
</form>
</td></tr><?php
}
echo "</table><br /><br />";
}
}
}
$Login = "";

29
f8l_exception/withdraw.php
View File

@@ -19,14 +19,26 @@ include 'includes/inc_validateLogin.php';
function Withdraw($userName,$accountId,$amount) {
global $errorCount;
global $errorMessage;
include 'includes/inc_dbConnect.php';
global $connection;
// Select database.
if ($db_connect === FALSE) {
$errorMessage .= "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
$errorCount++;
}
else {
if ($connection->connect_error){
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
$errorCount++;
} else {
// verify the account belongs to the user
$query = "SELECT * FROM account WHERE username='$userName' and accID='$accountId'";
$result = queryMysql($query);
$count = $result->num_rows;
if ($count == 1){
$sql2 = "UPDATE account SET balance=balance-'$amount' WHERE username='$userName' and accID='$accountId'";
$result = queryMysql($sql2);
$errorMessage .= "<p>Withdraw completed.</p>";
} else {
$errorCount++;
$errorMessage .= "Invalid user name/account number.<br />";
}
/*
if (!@mysql_select_db($db_name, $db_connect)) {
$errorMessage .= "<p>Connection error. Please try again later.</p>";
$errorCount++;
@@ -49,7 +61,8 @@ function Withdraw($userName,$accountId,$amount) {
$errorMessage .= "Invalid user name/account number.<br />";
}
}
mysql_close($db_connect);
*
*/
}
}