joeyajames/cs157AOnlineBanking
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Another update

Browse Source
This commit is contained in:
ry1015
2014-11-16 23:34:19 -08:00
parent b510dedaba
commit ff341372b9
8 changed files with 111 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
f8l_exception/Fifteen Functions.txt
View File

@@ -46,4 +46,15 @@ F8L Exception -- 15 Functions:
14. Increase Credit Card Limit (Admin)
15. Daily Transactions Tally (Admin)
show the sum of all deposits and withdraws for one day
show the sum of all deposits and withdraws for one day
STORED PROCEDURE
DROP PROCEDURE IF EXISTS getLowBalance;
DELIMITER //
CREATE PROCEDURE getLowBalance()
BEGIN
SELECT username, acctype, balance
FROM account
where balance <= 200;
END //
DELIMITER;

2
f8l_exception/admin.php
View File

@@ -30,7 +30,7 @@ if (isset($_POST['Submit'])){
$password = validateInput($_POST['pass'],"Password");
//Check if there is an error on userName and/or password.
if ($errorMessage == ""){
$result = queryMySQL("SELECT username,password FROM Users WHERE username='$userName' AND password='$password'");
$result = queryMysql("SELECT username,password FROM Users WHERE username='$userName' AND password='$password'");
$num = $result->num_rows;
if ($result->num_rows == 0)

26
f8l_exception/admin_home.php
View File

@@ -34,6 +34,7 @@ if (isset($_POST['view'])){
if ($_POST['view'] == 'lowBalance'){
echo <<<_END
<h2 class='tabletitle'>LOW BALANCE</h2>
<table>
<tr>
<th>Username</th>
@@ -43,9 +44,26 @@ if (isset($_POST['view'])){
_END;
viewLowBalance();
} elseif ($_POST['view'] == 'increaseLimit'){
echo "increase limit!";
echo <<<_END
<h2 class='tabletitle'>INCREASE CREDIT CARD LIMIT</h2>
<table>
<tr>
<th>Username</th>
<th>Max Limit</th>
<th>Checking Balance</th>
</tr>
_END;
increaseLimit();
} elseif ($_POST['view'] == 'offerCredit'){
echo "offer a credit card!";
echo <<<_END
<h2 class='tabletitle'>OFFER CREDIT CARD</h2>
<table>
<tr>
<th>Username</th>
<th>Balance</th>
</tr>
_END;
offerCredit();
}
echo <<<_END
</table>
@@ -59,4 +77,8 @@ function viewLowBalance(){
function increaseLimit(){
increaseCCLimit();
}
function offerCredit(){
offerCC();
}
?>

25
f8l_exception/includes/inc_adminFunctions.php
View File

@@ -2,11 +2,32 @@
include 'functions.php';
function lowBalance(){
$result = queryMysql("SELECT username, acctype, balance from account WHERE balance <= 200");
//$result = queryMysql("SELECT username, acctype, balance from account WHERE balance <= 200");
$result = queryMysql("Call getLowBalance");
$num = $result->num_rows;
for ($j = 0; $j < $num; $j++){
$row = $result->fetch_array(MYSQLI_ASSOC);
echo "<tr><td>" . $row['username'] . "</td><td>" . $row['acctype'] . "</td><td>$" . $row['balance'] . "</td></tr>";
echo "<tr><td>" . $row['username'] . "</td><td>" . $row['acctype'] . "</td><td>$ " . number_format($row['balance'], 2, '.', ',') . "</td></tr>";
}
}
function offerCC(){
$result = queryMysql("SELECT username, balance from account WHERE balance > 10000");
$num = $result->num_rows;
for ($j = 0; $j < $num; $j++){
$row = $result->fetch_array(MYSQLI_ASSOC);
echo "<tr><td>" . $row['username'] . "</td><td>$ " . number_format($row['balance'], 2, '.', ',') . "</td></tr>";
}
}
function increaseCCLimit(){
$result = queryMysql("SELECT account.username, account.balance, creditcard.maxlimit from account,creditcard WHERE (account.acctype = 'checking' and "
. "account.balance > 2 * creditcard.maxlimit and account.username = creditcard.username)");
$num = $result->num_rows;
for ($j = 0; $j < $num; $j++){
$row = $result->fetch_array(MYSQLI_ASSOC);
echo "<tr><td>" . $row['username'] . "</td><td>$ " . number_format($row['maxlimit'], 2, '.', ',') .
"</td><td>$ " . number_format($row['balance']) . "</td></tr>";
}
}
?>

6
f8l_exception/includes/inc_dbConnect.php
View File

@@ -1,11 +1,13 @@
<?php
include 'functions.php';
$db_host="localhost"; // Host name
$db_username="f8lexception"; // Mysql username
$db_password="Kim157"; // Mysql password
$db_name="f8lexception"; // Database name
// Connect to server and select database.
$db_connect = mysql_connect("$db_host", "$db_username", "$db_password")or die("cannot connect");
$connection = new mysqli($db_host, $db_username, $db_password, $db_name);
if ($connection->connect_error) die ($connection->connect_error);
//$db_connect = mysql_connect("$db_host", "$db_username", "$db_password")or die("cannot connect");
//mysql_select_db("$db_name")or die("cannot select DB");
?>

22
f8l_exception/includes/inc_validateLogin.php
View File

@@ -1,34 +1,36 @@
<?php
include 'functions.php';
// checks user name and pw provided on login page against registered users in account table
// increments global $errorCount if login not approved.
function validateLogin ($myusername,$mypassword) {
global $errorCount;
global $errorMessage;
include 'includes/inc_dbConnect.php';
mysql_select_db("$db_name")or die("cannot select DB");
global $connection;
//mysql_select_db("$db_name")or die("cannot select DB");
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$myusername = $connection->real_escape_string($myusername);
$mypassword = $connection->real_escape_string($mypassword);
// check login and password for validity
$sql = "SELECT * FROM user WHERE username='$myusername' and password='$mypassword'";
$result = mysql_query($sql);
$sql = "SELECT * FROM users WHERE username='$myusername' and password='$mypassword'";
$result = queryMysql($sql);
// If result matched $myusername and $mypassword, table row must be 1 row
$count = mysql_num_rows($result);
$count = $result->num_rows;
if($count == 1){
// record login to login_history table
$sql2 = "INSERT INTO login_history (login) VALUES ('$myusername')";
$result = mysql_query($sql2);
//$sql2 = "INSERT INTO login_history (login) VALUES ('$myusername')";
//$result = queryMysql($sql2);
}
else {
$errorCount++;
$errorMessage .= "Wrong User Name or Password.<br />\n";
}
mysql_close($db_connect);
$result->close();
//mysql_close($db_connect);
return $myusername;
}
?>

31
f8l_exception/my_accounts.php
View File

@@ -13,9 +13,27 @@
<hr />
<h1>My Accounts</h1>
<?php
include 'functions.php';
function showAccounts($userName) {
include 'includes/inc_dbConnect.php';
// Select database.
$result = queryMysql("SELECT * from account WHERE username='$userName'");
if ($result->num_rows == 0){
echo "<p>You have no accounts open.</p>";
} else {
echo "<table width='50%' border='1'>";
echo "<tr>
<th>Account Type</th>
<th>Account Number</th>
<th>Balance</th>
</tr>";
$num = $result->num_rows;
for ($j = 0; $j < $num; $j++){
$row = $result->fetch_array(MYSQLI_ASSOC);
echo "<tr><td>" . $row['username'] . "</td><td>" . $row['acctype'] . "</td><td>$ " . number_format($row['balance'], 2, '.', ',') . "</td></tr>";
}
$result->close();
}
/*
if ($db_connect === FALSE)
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
@@ -23,9 +41,11 @@ function showAccounts($userName) {
if (!@mysql_select_db($db_name, $db_connect))
echo "<p>Connection error. Please try again later.</p>";
else {
*
*
$SQLstring = "SELECT * from account
WHERE username='$userName'";
*
$QueryResult = @mysql_query($SQLstring, $db_connect);
if (mysql_num_rows($QueryResult) == 0)
echo "<p>You have no accounts open.</p>";
@@ -36,6 +56,9 @@ function showAccounts($userName) {
<th>Account Number</th>
<th>Balance</th>
</tr>";
*
*
while (($Row = mysql_fetch_assoc($QueryResult)) !== FALSE)
{
echo "<td>{$Row['accounttype']}</td>";
@@ -47,7 +70,9 @@ function showAccounts($userName) {
}
mysql_close($db_connect);
}
return ($retval);
*
*/
//return ($retval);
}
$userName = "";

8
f8l_exception/styles.css
View File

@@ -14,8 +14,14 @@ img {
}
table {
width: 100%;
width: 90%;
margin-left: auto;
margin-right: auto;
}
table, th, td{
border: 1px solid black;
}
.tabletitle{
text-align: center;
}