joeyajames/cs157AOnlineBanking
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Deposit, Withdraw, Transfer functions working

Browse Source 
Deposit, Withdraw, Transfer functions working
This commit is contained in:
joeyajames
2014-11-12 21:41:11 -08:00
parent 97e797786e
commit 9d397ef301
5 changed files with 251 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

85
f8l_exception/deposit.php
View File

@@ -9,7 +9,7 @@ session_start(); ?>
<title>F8L Exception Online Bank | Deposit</title> <title>F8L Exception Online Bank | Deposit</title>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" /> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<?php include 'includes/inc_header.php'; ?> <?php include 'includes/inc_header.php'; ?>
<h1>Deposit -- under construction</h1><hr /> <h1>Deposit</h1><hr />
</head> </head>
<body> <body>
@@ -17,6 +17,43 @@ session_start(); ?>
include 'includes/inc_validateInput.php'; include 'includes/inc_validateInput.php';
include 'includes/inc_validateLogin.php'; include 'includes/inc_validateLogin.php';
function deposit($userName,$accountId,$amount) {
global $errorCount;
global $errorMessage;
include 'includes/inc_dbConnect.php';
// Select database.
if ($db_connect === FALSE) {
$errorMessage .= "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
$errorCount++;
}
else {
if (!@mysql_select_db($db_name, $db_connect)) {
$errorMessage .= "<p>Connection error. Please try again later.</p>";
$errorCount++;
}
else {
// verify the account belongs to the user
$sql = "SELECT * FROM account WHERE username='$userName' and accountid='$accountId'";
$result = mysql_query($sql);
// If result matched $myusername and $mypassword, table row must be 1 row
$count = mysql_num_rows($result);
if($count == 1){
// record login to login_history table
$sql2 = "UPDATE account SET balance=balance+'$amount' WHERE username='$userName' and accountid='$accountId'";
$result = mysql_query($sql2);
$errorMessage .= "<p>Deposit completed.</p>";
}
else {
$errorCount++;
$errorMessage .= "Invalid user name/account number.<br />";
}
}
mysql_close($db_connect);
}
}
function displayForm() { function displayForm() {
?> ?>
<h3>Enter account number and deposit amount.</h3> <h3>Enter account number and deposit amount.</h3>
@@ -26,44 +63,48 @@ function displayForm() {
<form method="POST" action="deposit.php"> <form method="POST" action="deposit.php">
<p>Account Number: <input type="text" name="accountNumber" /></p> <p>Account Number: <input type="text" name="accountNumber" /></p>
<p>Deposit Amount: <input type="amount" name="amount" /></p> <p>Deposit Amount: <input type="amount" name="amount" /></p>
<p><input type="submit" value="Submit" /></p> <p><input type="submit" name="Submit" value="Submit" /></p>
</form> </form>
<br /><br /> <br /><br />
<?php <?php
include 'includes/inc_text_menu.php';
} }
$ShowForm = TRUE; $showForm = TRUE;
$errorCount = 0; $errorCount = 0;
$errorMessage = ""; $errorMessage = "";
$Login = ""; $accountNumber = 0;
$Password = ""; $amount = 0;
$userName = "";
$userName = $_SESSION['login'];
echo "User Name: ".$userName."<br />";
// if submit button is clicked, get login and pw and validate login // if submit button is clicked, get accountNumber and amount
if (isset($_POST['Login'])) { if (isset($_POST['Submit'])) {
$Login = validateInput($_POST['Login'],"User Name"); $accountNumber = validateInput($_POST['accountNumber'],"Account Number");
$Password = validateInput($_POST['Password'],"Password"); $amount = validateInput($_POST['amount'],"Deposit Amount");
if ($errorCount == 0) // validateLogin is slow, so only do that if no errors yet
$Login = validateLogin($Login,$Password);
if ($errorCount == 0) if ($errorCount == 0)
$ShowForm = FALSE; $showForm = FALSE;
else
$showForm = TRUE;
} }
if ($errorCount > 0) { // errors logged if ($showForm == TRUE) {
displayForm(); if ($errorCount > 0) // if there were errors
} $errorMessage .= "<p>Please re-enter the form information below.</p>\n";
displayForm ();
}
else { else {
if ($ShowForm == TRUE) { if ($showForm == TRUE) {
displayForm(); // new page load displayForm(); // new page load
} }
else { // login approved else { // make deposit
$_SESSION['login'] = $Login; deposit($userName,$accountNumber,$amount);
//header("location:my_documents.php"); echo $errorMessage."<br />";
?><script language="JavaScript">window.location = "my_documents.php";</script><?php
exit();
} }
} }
include 'includes/inc_text_menu.php';
?> ?>
</body> </body>

1
f8l_exception/includes/inc_getNumberOfAccounts.php
View File

@@ -15,6 +15,5 @@ function getNumberOfAccounts ($userName) {
mysql_close($db_connect); mysql_close($db_connect);
return $count; return $count;
//test
} }
?> ?>

1
f8l_exception/includes/inc_text_menu.php
View File

@@ -9,6 +9,7 @@
<a href="http://www.joe-james.net/f8l_exception/my_accounts.php">My Accounts</a> | <a href="http://www.joe-james.net/f8l_exception/my_accounts.php">My Accounts</a> |
<a href="http://www.joe-james.net/f8l_exception/deposit.php">Deposit</a> | <a href="http://www.joe-james.net/f8l_exception/deposit.php">Deposit</a> |
<a href="http://www.joe-james.net/f8l_exception/withdraw.php">Withdraw</a> | <a href="http://www.joe-james.net/f8l_exception/withdraw.php">Withdraw</a> |
<a href="http://www.joe-james.net/f8l_exception/transfer.php">Transfer</a> |
<a href="http://www.joe-james.net/f8l_exception/view_statement.php">View Statement</a> <a href="http://www.joe-james.net/f8l_exception/view_statement.php">View Statement</a>
<br /> <br />
<a href="http://www.joe-james.net/f8l_exception/new_loan.php">New Loan</a> | <a href="http://www.joe-james.net/f8l_exception/new_loan.php">New Loan</a> |

120
f8l_exception/transfer.php Normal file
View File

@@ -0,0 +1,120 @@
<?php
session_start(); ?>
<!-- F8L Exception Online Bank | Transfer -->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>F8L Exception Online Bank | Transfer</title>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<?php include 'includes/inc_header.php'; ?>
<h1>Transfer</h1><hr />
</head>
<body>
<?php
include 'includes/inc_validateInput.php';
include 'includes/inc_validateLogin.php';
function transfer($userName,$fromAccountId,$toAccountId,$amount) {
global $errorCount;
global $errorMessage;
include 'includes/inc_dbConnect.php';
// Select database.
if ($db_connect === FALSE) {
$errorMessage .= "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
$errorCount++;
}
else {
if (!@mysql_select_db($db_name, $db_connect)) {
$errorMessage .= "<p>Connection error. Please try again later.</p>";
$errorCount++;
}
else {
// verify the account belongs to the user
$sql = "SELECT * FROM account WHERE username='$userName' and accountid='$fromAccountId'";
$result = mysql_query($sql);
// If result matched $myusername and $accountId, table rows must be 1 row
$count = mysql_num_rows($result);
if($count == 1){
// record transfer to both accounts
$sql2 = "UPDATE account SET balance=balance-'$amount' WHERE username='$userName' and accountid='$fromAccountId'";
$result = mysql_query($sql2);
$sql3 = "UPDATE account SET balance=balance+'$amount' WHERE accountid='$toAccountId'";
$result = mysql_query($sql3);
$errorMessage .= "<p>Transfer completed.</p>";
}
else {
$errorCount++;
$errorMessage .= "Invalid user name/account number.<br />";
}
}
mysql_close($db_connect);
}
}
function displayForm() {
?>
<h3>Enter from account number, to account number and transfer amount.</h3>
<?php
global $errorMessage;
echo $errorMessage ?>
<form method="POST" action="transfer.php">
<p>From Account Number: <input type="text" name="fromAccountNumber" /></p>
<p>To Account Number: <input type="text" name="toAccountNumber" /></p>
<p>Transfer Amount: <input type="amount" name="amount" /></p>
<p><input type="submit" name="Submit" value="Submit" /></p>
</form>
<br /><br />
<?php
}
$showForm = TRUE;
$errorCount = 0;
$errorMessage = "";
$fromAccountNumber = 0;
$toAccountNumber = 0;
$amount = 0;
$userName = "";
$userName = $_SESSION['login'];
echo "User Name: ".$userName."<br />";
// if submit button is clicked, get accountNumber and amount
if (isset($_POST['Submit'])) {
$fromAccountNumber = validateInput($_POST['fromAccountNumber'],"From Account Number");
$toAccountNumber = validateInput($_POST['toAccountNumber'],"To Account Number");
$amount = validateInput($_POST['amount'],"Transfer Amount");
if ($amount <= 0) {
$errorMessage .= "Invalid amount.<br />";
$errorCount++;
}
if ($errorCount == 0)
$showForm = FALSE;
else
$showForm = TRUE;
}
if ($showForm == TRUE) {
if ($errorCount > 0) // if there were errors
$errorMessage .= "<p>Please re-enter the form information below.</p>\n";
displayForm ();
}
else {
if ($showForm == TRUE) {
displayForm(); // new page load
}
else { // make transfer
transfer($userName,$fromAccountNumber,$toAccountNumber,$amount);
echo $errorMessage."<br />";
}
}
include 'includes/inc_text_menu.php';
?>
</body>
</html>

93
f8l_exception/withdraw.php
View File

@@ -9,7 +9,7 @@ session_start(); ?>
<title>F8L Exception Online Bank | Withdraw</title> <title>F8L Exception Online Bank | Withdraw</title>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" /> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<?php include 'includes/inc_header.php'; ?> <?php include 'includes/inc_header.php'; ?>
<h1>Withdraw -- Under construction</h1><hr /> <h1>Withdraw</h1><hr />
</head> </head>
<body> <body>
@@ -17,53 +17,94 @@ session_start(); ?>
include 'includes/inc_validateInput.php'; include 'includes/inc_validateInput.php';
include 'includes/inc_validateLogin.php'; include 'includes/inc_validateLogin.php';
function Withdraw($userName,$accountId,$amount) {
global $errorCount;
global $errorMessage;
include 'includes/inc_dbConnect.php';
// Select database.
if ($db_connect === FALSE) {
$errorMessage .= "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
$errorCount++;
}
else {
if (!@mysql_select_db($db_name, $db_connect)) {
$errorMessage .= "<p>Connection error. Please try again later.</p>";
$errorCount++;
}
else {
// verify the account belongs to the user
$sql = "SELECT * FROM account WHERE username='$userName' and accountid='$accountId'";
$result = mysql_query($sql);
// If result matched $myusername and $mypassword, table row must be 1 row
$count = mysql_num_rows($result);
if($count == 1){
// record login to login_history table
$sql2 = "UPDATE account SET balance=balance-'$amount' WHERE username='$userName' and accountid='$accountId'";
$result = mysql_query($sql2);
$errorMessage .= "<p>Withdraw completed.</p>";
}
else {
$errorCount++;
$errorMessage .= "Invalid user name/account number.<br />";
}
}
mysql_close($db_connect);
}
}
function displayForm() { function displayForm() {
?> ?>
<h3>Enter your User Name and Password.</h3> <h3>Enter account number and withdraw amount.</h3>
<?php <?php
global $errorMessage; global $errorMessage;
echo $errorMessage ?> echo $errorMessage ?>
<form method="POST" action="login.php"> <form method="POST" action="withdraw.php">
<p>User Name <input type="text" name="Login" /></p> <p>Account Number: <input type="text" name="accountNumber" /></p>
<p>Password <input type="password" name="Password" /></p> <p>Withdraw Amount: <input type="amount" name="amount" /></p>
<p><input type="submit" value="Log in" /></p> <p><input type="submit" name="Submit" value="Submit" /></p>
</form> </form>
<br /><br /> <br /><br />
<?php <?php
include 'includes/inc_text_menu.php';
} }
$ShowForm = TRUE; $showForm = TRUE;
$errorCount = 0; $errorCount = 0;
$errorMessage = ""; $errorMessage = "";
$Login = ""; $accountNumber = 0;
$Password = ""; $amount = 0;
$userName = "";
$userName = $_SESSION['login'];
echo "User Name: ".$userName."<br />";
// if submit button is clicked, get login and pw and validate login // if submit button is clicked, get accountNumber and amount
if (isset($_POST['Login'])) { if (isset($_POST['Submit'])) {
$Login = validateInput($_POST['Login'],"User Name"); $accountNumber = validateInput($_POST['accountNumber'],"Account Number");
$Password = validateInput($_POST['Password'],"Password"); $amount = validateInput($_POST['amount'],"Withdraw Amount");
if ($errorCount == 0) // validateLogin is slow, so only do that if no errors yet
$Login = validateLogin($Login,$Password);
if ($errorCount == 0) if ($errorCount == 0)
$ShowForm = FALSE; $showForm = FALSE;
else
$showForm = TRUE;
} }
if ($errorCount > 0) { // errors logged if ($showForm == TRUE) {
displayForm(); if ($errorCount > 0) // if there were errors
} $errorMessage .= "<p>Please re-enter the form information below.</p>\n";
displayForm ();
}
else { else {
if ($ShowForm == TRUE) { if ($showForm == TRUE) {
displayForm(); // new page load displayForm(); // new page load
} }
else { // login approved else { // make withdraw
$_SESSION['login'] = $Login; withdraw($userName,$accountNumber,$amount);
//header("location:my_documents.php"); echo $errorMessage."<br />";
?><script language="JavaScript">window.location = "my_documents.php";</script><?php
exit();
} }
} }
include 'includes/inc_text_menu.php';
?> ?>
</body> </body>