Another update
This commit is contained in:
ry1015
@@ -47,3 +47,14 @@ F8L Exception -- 15 Functions:
|
|||||||
|
|
||||||
15. Daily Transactions Tally (Admin)
|
15. Daily Transactions Tally (Admin)
|
||||||
show the sum of all deposits and withdraws for one day
|
show the sum of all deposits and withdraws for one day
|
||||||
|
|
||||||
|
STORED PROCEDURE
|
||||||
|
DROP PROCEDURE IF EXISTS getLowBalance;
|
||||||
|
DELIMITER //
|
||||||
|
CREATE PROCEDURE getLowBalance()
|
||||||
|
BEGIN
|
||||||
|
SELECT username, acctype, balance
|
||||||
|
FROM account
|
||||||
|
where balance <= 200;
|
||||||
|
END //
|
||||||
|
DELIMITER;
|
||||||
|
|||||||
@@ -30,7 +30,7 @@ if (isset($_POST['Submit'])){
|
|||||||
$password = validateInput($_POST['pass'],"Password");
|
$password = validateInput($_POST['pass'],"Password");
|
||||||
//Check if there is an error on userName and/or password.
|
//Check if there is an error on userName and/or password.
|
||||||
if ($errorMessage == ""){
|
if ($errorMessage == ""){
|
||||||
$result = queryMySQL("SELECT username,password FROM Users WHERE username='$userName' AND password='$password'");
|
$result = queryMysql("SELECT username,password FROM Users WHERE username='$userName' AND password='$password'");
|
||||||
$num = $result->num_rows;
|
$num = $result->num_rows;
|
||||||
|
|
||||||
if ($result->num_rows == 0)
|
if ($result->num_rows == 0)
|
||||||
|
|||||||
@@ -34,6 +34,7 @@ if (isset($_POST['view'])){
|
|||||||
|
|
||||||
if ($_POST['view'] == 'lowBalance'){
|
if ($_POST['view'] == 'lowBalance'){
|
||||||
echo <<<_END
|
echo <<<_END
|
||||||
|
<h2 class='tabletitle'>LOW BALANCE</h2>
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
<th>Username</th>
|
<th>Username</th>
|
||||||
@@ -43,9 +44,26 @@ if (isset($_POST['view'])){
|
|||||||
_END;
|
_END;
|
||||||
viewLowBalance();
|
viewLowBalance();
|
||||||
} elseif ($_POST['view'] == 'increaseLimit'){
|
} elseif ($_POST['view'] == 'increaseLimit'){
|
||||||
echo "increase limit!";
|
echo <<<_END
|
||||||
|
<h2 class='tabletitle'>INCREASE CREDIT CARD LIMIT</h2>
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<th>Username</th>
|
||||||
|
<th>Max Limit</th>
|
||||||
|
<th>Checking Balance</th>
|
||||||
|
</tr>
|
||||||
|
_END;
|
||||||
|
increaseLimit();
|
||||||
} elseif ($_POST['view'] == 'offerCredit'){
|
} elseif ($_POST['view'] == 'offerCredit'){
|
||||||
echo "offer a credit card!";
|
echo <<<_END
|
||||||
|
<h2 class='tabletitle'>OFFER CREDIT CARD</h2>
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<th>Username</th>
|
||||||
|
<th>Balance</th>
|
||||||
|
</tr>
|
||||||
|
_END;
|
||||||
|
offerCredit();
|
||||||
}
|
}
|
||||||
echo <<<_END
|
echo <<<_END
|
||||||
</table>
|
</table>
|
||||||
@@ -59,4 +77,8 @@ function viewLowBalance(){
|
|||||||
function increaseLimit(){
|
function increaseLimit(){
|
||||||
increaseCCLimit();
|
increaseCCLimit();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function offerCredit(){
|
||||||
|
offerCC();
|
||||||
|
}
|
||||||
?>
|
?>
|
||||||
|
|||||||
@@ -2,11 +2,32 @@
|
|||||||
include 'functions.php';
|
include 'functions.php';
|
||||||
|
|
||||||
function lowBalance(){
|
function lowBalance(){
|
||||||
$result = queryMysql("SELECT username, acctype, balance from account WHERE balance <= 200");
|
//$result = queryMysql("SELECT username, acctype, balance from account WHERE balance <= 200");
|
||||||
|
$result = queryMysql("Call getLowBalance");
|
||||||
$num = $result->num_rows;
|
$num = $result->num_rows;
|
||||||
for ($j = 0; $j < $num; $j++){
|
for ($j = 0; $j < $num; $j++){
|
||||||
$row = $result->fetch_array(MYSQLI_ASSOC);
|
$row = $result->fetch_array(MYSQLI_ASSOC);
|
||||||
echo "<tr><td>" . $row['username'] . "</td><td>" . $row['acctype'] . "</td><td>$" . $row['balance'] . "</td></tr>";
|
echo "<tr><td>" . $row['username'] . "</td><td>" . $row['acctype'] . "</td><td>$ " . number_format($row['balance'], 2, '.', ',') . "</td></tr>";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function offerCC(){
|
||||||
|
$result = queryMysql("SELECT username, balance from account WHERE balance > 10000");
|
||||||
|
$num = $result->num_rows;
|
||||||
|
for ($j = 0; $j < $num; $j++){
|
||||||
|
$row = $result->fetch_array(MYSQLI_ASSOC);
|
||||||
|
echo "<tr><td>" . $row['username'] . "</td><td>$ " . number_format($row['balance'], 2, '.', ',') . "</td></tr>";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function increaseCCLimit(){
|
||||||
|
$result = queryMysql("SELECT account.username, account.balance, creditcard.maxlimit from account,creditcard WHERE (account.acctype = 'checking' and "
|
||||||
|
. "account.balance > 2 * creditcard.maxlimit and account.username = creditcard.username)");
|
||||||
|
$num = $result->num_rows;
|
||||||
|
for ($j = 0; $j < $num; $j++){
|
||||||
|
$row = $result->fetch_array(MYSQLI_ASSOC);
|
||||||
|
echo "<tr><td>" . $row['username'] . "</td><td>$ " . number_format($row['maxlimit'], 2, '.', ',') .
|
||||||
|
"</td><td>$ " . number_format($row['balance']) . "</td></tr>";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
@@ -1,11 +1,13 @@
|
|||||||
<?php
|
<?php
|
||||||
|
include 'functions.php';
|
||||||
$db_host="localhost"; // Host name
|
$db_host="localhost"; // Host name
|
||||||
$db_username="f8lexception"; // Mysql username
|
$db_username="f8lexception"; // Mysql username
|
||||||
$db_password="Kim157"; // Mysql password
|
$db_password="Kim157"; // Mysql password
|
||||||
$db_name="f8lexception"; // Database name
|
$db_name="f8lexception"; // Database name
|
||||||
|
|
||||||
// Connect to server and select database.
|
// Connect to server and select database.
|
||||||
$db_connect = mysql_connect("$db_host", "$db_username", "$db_password")or die("cannot connect");
|
$connection = new mysqli($db_host, $db_username, $db_password, $db_name);
|
||||||
|
if ($connection->connect_error) die ($connection->connect_error);
|
||||||
|
//$db_connect = mysql_connect("$db_host", "$db_username", "$db_password")or die("cannot connect");
|
||||||
//mysql_select_db("$db_name")or die("cannot select DB");
|
//mysql_select_db("$db_name")or die("cannot select DB");
|
||||||
?>
|
?>
|
||||||
@@ -1,34 +1,36 @@
|
|||||||
<?php
|
<?php
|
||||||
|
include 'functions.php';
|
||||||
// checks user name and pw provided on login page against registered users in account table
|
// checks user name and pw provided on login page against registered users in account table
|
||||||
// increments global $errorCount if login not approved.
|
// increments global $errorCount if login not approved.
|
||||||
function validateLogin ($myusername,$mypassword) {
|
function validateLogin ($myusername,$mypassword) {
|
||||||
global $errorCount;
|
global $errorCount;
|
||||||
global $errorMessage;
|
global $errorMessage;
|
||||||
include 'includes/inc_dbConnect.php';
|
global $connection;
|
||||||
mysql_select_db("$db_name")or die("cannot select DB");
|
//mysql_select_db("$db_name")or die("cannot select DB");
|
||||||
|
|
||||||
// To protect MySQL injection (more detail about MySQL injection)
|
// To protect MySQL injection (more detail about MySQL injection)
|
||||||
$myusername = stripslashes($myusername);
|
$myusername = stripslashes($myusername);
|
||||||
$mypassword = stripslashes($mypassword);
|
$mypassword = stripslashes($mypassword);
|
||||||
$myusername = mysql_real_escape_string($myusername);
|
$myusername = $connection->real_escape_string($myusername);
|
||||||
$mypassword = mysql_real_escape_string($mypassword);
|
$mypassword = $connection->real_escape_string($mypassword);
|
||||||
|
|
||||||
// check login and password for validity
|
// check login and password for validity
|
||||||
$sql = "SELECT * FROM user WHERE username='$myusername' and password='$mypassword'";
|
$sql = "SELECT * FROM users WHERE username='$myusername' and password='$mypassword'";
|
||||||
$result = mysql_query($sql);
|
$result = queryMysql($sql);
|
||||||
|
|
||||||
// If result matched $myusername and $mypassword, table row must be 1 row
|
// If result matched $myusername and $mypassword, table row must be 1 row
|
||||||
$count = mysql_num_rows($result);
|
$count = $result->num_rows;
|
||||||
if($count == 1){
|
if($count == 1){
|
||||||
// record login to login_history table
|
// record login to login_history table
|
||||||
$sql2 = "INSERT INTO login_history (login) VALUES ('$myusername')";
|
//$sql2 = "INSERT INTO login_history (login) VALUES ('$myusername')";
|
||||||
$result = mysql_query($sql2);
|
//$result = queryMysql($sql2);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$errorCount++;
|
$errorCount++;
|
||||||
$errorMessage .= "Wrong User Name or Password.<br />\n";
|
$errorMessage .= "Wrong User Name or Password.<br />\n";
|
||||||
}
|
}
|
||||||
mysql_close($db_connect);
|
$result->close();
|
||||||
|
//mysql_close($db_connect);
|
||||||
return $myusername;
|
return $myusername;
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
@@ -13,9 +13,27 @@
|
|||||||
<hr />
|
<hr />
|
||||||
<h1>My Accounts</h1>
|
<h1>My Accounts</h1>
|
||||||
<?php
|
<?php
|
||||||
|
include 'functions.php';
|
||||||
function showAccounts($userName) {
|
function showAccounts($userName) {
|
||||||
include 'includes/inc_dbConnect.php';
|
|
||||||
// Select database.
|
// Select database.
|
||||||
|
$result = queryMysql("SELECT * from account WHERE username='$userName'");
|
||||||
|
if ($result->num_rows == 0){
|
||||||
|
echo "<p>You have no accounts open.</p>";
|
||||||
|
} else {
|
||||||
|
echo "<table width='50%' border='1'>";
|
||||||
|
echo "<tr>
|
||||||
|
<th>Account Type</th>
|
||||||
|
<th>Account Number</th>
|
||||||
|
<th>Balance</th>
|
||||||
|
</tr>";
|
||||||
|
$num = $result->num_rows;
|
||||||
|
for ($j = 0; $j < $num; $j++){
|
||||||
|
$row = $result->fetch_array(MYSQLI_ASSOC);
|
||||||
|
echo "<tr><td>" . $row['username'] . "</td><td>" . $row['acctype'] . "</td><td>$ " . number_format($row['balance'], 2, '.', ',') . "</td></tr>";
|
||||||
|
}
|
||||||
|
$result->close();
|
||||||
|
}
|
||||||
|
/*
|
||||||
if ($db_connect === FALSE)
|
if ($db_connect === FALSE)
|
||||||
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
|
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
|
||||||
|
|
||||||
@@ -23,9 +41,11 @@ function showAccounts($userName) {
|
|||||||
if (!@mysql_select_db($db_name, $db_connect))
|
if (!@mysql_select_db($db_name, $db_connect))
|
||||||
echo "<p>Connection error. Please try again later.</p>";
|
echo "<p>Connection error. Please try again later.</p>";
|
||||||
else {
|
else {
|
||||||
|
*
|
||||||
|
*
|
||||||
$SQLstring = "SELECT * from account
|
$SQLstring = "SELECT * from account
|
||||||
WHERE username='$userName'";
|
WHERE username='$userName'";
|
||||||
|
*
|
||||||
$QueryResult = @mysql_query($SQLstring, $db_connect);
|
$QueryResult = @mysql_query($SQLstring, $db_connect);
|
||||||
if (mysql_num_rows($QueryResult) == 0)
|
if (mysql_num_rows($QueryResult) == 0)
|
||||||
echo "<p>You have no accounts open.</p>";
|
echo "<p>You have no accounts open.</p>";
|
||||||
@@ -36,6 +56,9 @@ function showAccounts($userName) {
|
|||||||
<th>Account Number</th>
|
<th>Account Number</th>
|
||||||
<th>Balance</th>
|
<th>Balance</th>
|
||||||
</tr>";
|
</tr>";
|
||||||
|
*
|
||||||
|
*
|
||||||
|
|
||||||
while (($Row = mysql_fetch_assoc($QueryResult)) !== FALSE)
|
while (($Row = mysql_fetch_assoc($QueryResult)) !== FALSE)
|
||||||
{
|
{
|
||||||
echo "<td>{$Row['accounttype']}</td>";
|
echo "<td>{$Row['accounttype']}</td>";
|
||||||
@@ -47,7 +70,9 @@ function showAccounts($userName) {
|
|||||||
}
|
}
|
||||||
mysql_close($db_connect);
|
mysql_close($db_connect);
|
||||||
}
|
}
|
||||||
return ($retval);
|
*
|
||||||
|
*/
|
||||||
|
//return ($retval);
|
||||||
}
|
}
|
||||||
|
|
||||||
$userName = "";
|
$userName = "";
|
||||||
|
|||||||
@@ -14,8 +14,14 @@ img {
|
|||||||
}
|
}
|
||||||
|
|
||||||
table {
|
table {
|
||||||
width: 100%;
|
width: 90%;
|
||||||
|
margin-left: auto;
|
||||||
|
margin-right: auto;
|
||||||
}
|
}
|
||||||
table, th, td{
|
table, th, td{
|
||||||
border: 1px solid black;
|
border: 1px solid black;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.tabletitle{
|
||||||
|
text-align: center;
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user