joeyajames/cs157AOnlineBanking
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Another update

Browse Source
This commit is contained in:
ry1015
2014-11-16 23:34:19 -08:00
parent b510dedaba
commit ff341372b9
8 changed files with 111 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
f8l_exception/Fifteen Functions.txt
View File

@@ -46,4 +46,15 @@ F8L Exception -- 15 Functions:
14. Increase Credit Card Limit (Admin) 14. Increase Credit Card Limit (Admin)
15. Daily Transactions Tally (Admin) 15. Daily Transactions Tally (Admin)
show the sum of all deposits and withdraws for one day show the sum of all deposits and withdraws for one day
STORED PROCEDURE
DROP PROCEDURE IF EXISTS getLowBalance;
DELIMITER //
CREATE PROCEDURE getLowBalance()
BEGIN
SELECT username, acctype, balance
FROM account
where balance <= 200;
END //
DELIMITER;

2
f8l_exception/admin.php
View File

@@ -30,7 +30,7 @@ if (isset($_POST['Submit'])){
$password = validateInput($_POST['pass'],"Password"); $password = validateInput($_POST['pass'],"Password");
//Check if there is an error on userName and/or password. //Check if there is an error on userName and/or password.
if ($errorMessage == ""){ if ($errorMessage == ""){
$result = queryMySQL("SELECT username,password FROM Users WHERE username='$userName' AND password='$password'"); $result = queryMysql("SELECT username,password FROM Users WHERE username='$userName' AND password='$password'");
$num = $result->num_rows; $num = $result->num_rows;
if ($result->num_rows == 0) if ($result->num_rows == 0)

26
f8l_exception/admin_home.php
View File

@@ -34,6 +34,7 @@ if (isset($_POST['view'])){
if ($_POST['view'] == 'lowBalance'){ if ($_POST['view'] == 'lowBalance'){
echo <<<_END echo <<<_END
<h2 class='tabletitle'>LOW BALANCE</h2>
<table> <table>
<tr> <tr>
<th>Username</th> <th>Username</th>
@@ -43,9 +44,26 @@ if (isset($_POST['view'])){
_END; _END;
viewLowBalance(); viewLowBalance();
} elseif ($_POST['view'] == 'increaseLimit'){ } elseif ($_POST['view'] == 'increaseLimit'){
echo "increase limit!"; echo <<<_END
<h2 class='tabletitle'>INCREASE CREDIT CARD LIMIT</h2>
<table>
<tr>
<th>Username</th>
<th>Max Limit</th>
<th>Checking Balance</th>
</tr>
_END;
increaseLimit();
} elseif ($_POST['view'] == 'offerCredit'){ } elseif ($_POST['view'] == 'offerCredit'){
echo "offer a credit card!"; echo <<<_END
<h2 class='tabletitle'>OFFER CREDIT CARD</h2>
<table>
<tr>
<th>Username</th>
<th>Balance</th>
</tr>
_END;
offerCredit();
} }
echo <<<_END echo <<<_END
</table> </table>
@@ -59,4 +77,8 @@ function viewLowBalance(){
function increaseLimit(){ function increaseLimit(){
increaseCCLimit(); increaseCCLimit();
} }
function offerCredit(){
offerCC();
}
?> ?>

25
f8l_exception/includes/inc_adminFunctions.php
View File

@@ -2,11 +2,32 @@
include 'functions.php'; include 'functions.php';
function lowBalance(){ function lowBalance(){
$result = queryMysql("SELECT username, acctype, balance from account WHERE balance <= 200"); //$result = queryMysql("SELECT username, acctype, balance from account WHERE balance <= 200");
$result = queryMysql("Call getLowBalance");
$num = $result->num_rows; $num = $result->num_rows;
for ($j = 0; $j < $num; $j++){ for ($j = 0; $j < $num; $j++){
$row = $result->fetch_array(MYSQLI_ASSOC); $row = $result->fetch_array(MYSQLI_ASSOC);
echo "<tr><td>" . $row['username'] . "</td><td>" . $row['acctype'] . "</td><td>$" . $row['balance'] . "</td></tr>"; echo "<tr><td>" . $row['username'] . "</td><td>" . $row['acctype'] . "</td><td>$ " . number_format($row['balance'], 2, '.', ',') . "</td></tr>";
}
}
function offerCC(){
$result = queryMysql("SELECT username, balance from account WHERE balance > 10000");
$num = $result->num_rows;
for ($j = 0; $j < $num; $j++){
$row = $result->fetch_array(MYSQLI_ASSOC);
echo "<tr><td>" . $row['username'] . "</td><td>$ " . number_format($row['balance'], 2, '.', ',') . "</td></tr>";
}
}
function increaseCCLimit(){
$result = queryMysql("SELECT account.username, account.balance, creditcard.maxlimit from account,creditcard WHERE (account.acctype = 'checking' and "
. "account.balance > 2 * creditcard.maxlimit and account.username = creditcard.username)");
$num = $result->num_rows;
for ($j = 0; $j < $num; $j++){
$row = $result->fetch_array(MYSQLI_ASSOC);
echo "<tr><td>" . $row['username'] . "</td><td>$ " . number_format($row['maxlimit'], 2, '.', ',') .
"</td><td>$ " . number_format($row['balance']) . "</td></tr>";
} }
} }
?> ?>

6
f8l_exception/includes/inc_dbConnect.php
View File

@@ -1,11 +1,13 @@
<?php <?php
include 'functions.php';
$db_host="localhost"; // Host name $db_host="localhost"; // Host name
$db_username="f8lexception"; // Mysql username $db_username="f8lexception"; // Mysql username
$db_password="Kim157"; // Mysql password $db_password="Kim157"; // Mysql password
$db_name="f8lexception"; // Database name $db_name="f8lexception"; // Database name
// Connect to server and select database. // Connect to server and select database.
$db_connect = mysql_connect("$db_host", "$db_username", "$db_password")or die("cannot connect"); $connection = new mysqli($db_host, $db_username, $db_password, $db_name);
if ($connection->connect_error) die ($connection->connect_error);
//$db_connect = mysql_connect("$db_host", "$db_username", "$db_password")or die("cannot connect");
//mysql_select_db("$db_name")or die("cannot select DB"); //mysql_select_db("$db_name")or die("cannot select DB");
?> ?>

22
f8l_exception/includes/inc_validateLogin.php
View File

@@ -1,34 +1,36 @@
<?php <?php
include 'functions.php';
// checks user name and pw provided on login page against registered users in account table // checks user name and pw provided on login page against registered users in account table
// increments global $errorCount if login not approved. // increments global $errorCount if login not approved.
function validateLogin ($myusername,$mypassword) { function validateLogin ($myusername,$mypassword) {
global $errorCount; global $errorCount;
global $errorMessage; global $errorMessage;
include 'includes/inc_dbConnect.php'; global $connection;
mysql_select_db("$db_name")or die("cannot select DB"); //mysql_select_db("$db_name")or die("cannot select DB");
// To protect MySQL injection (more detail about MySQL injection) // To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername); $myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword); $mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername); $myusername = $connection->real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword); $mypassword = $connection->real_escape_string($mypassword);
// check login and password for validity // check login and password for validity
$sql = "SELECT * FROM user WHERE username='$myusername' and password='$mypassword'"; $sql = "SELECT * FROM users WHERE username='$myusername' and password='$mypassword'";
$result = mysql_query($sql); $result = queryMysql($sql);
// If result matched $myusername and $mypassword, table row must be 1 row // If result matched $myusername and $mypassword, table row must be 1 row
$count = mysql_num_rows($result); $count = $result->num_rows;
if($count == 1){ if($count == 1){
// record login to login_history table // record login to login_history table
$sql2 = "INSERT INTO login_history (login) VALUES ('$myusername')"; //$sql2 = "INSERT INTO login_history (login) VALUES ('$myusername')";
$result = mysql_query($sql2); //$result = queryMysql($sql2);
} }
else { else {
$errorCount++; $errorCount++;
$errorMessage .= "Wrong User Name or Password.<br />\n"; $errorMessage .= "Wrong User Name or Password.<br />\n";
} }
mysql_close($db_connect); $result->close();
//mysql_close($db_connect);
return $myusername; return $myusername;
} }
?> ?>

31
f8l_exception/my_accounts.php
View File

@@ -13,9 +13,27 @@
<hr /> <hr />
<h1>My Accounts</h1> <h1>My Accounts</h1>
<?php <?php
include 'functions.php';
function showAccounts($userName) { function showAccounts($userName) {
include 'includes/inc_dbConnect.php';
// Select database. // Select database.
$result = queryMysql("SELECT * from account WHERE username='$userName'");
if ($result->num_rows == 0){
echo "<p>You have no accounts open.</p>";
} else {
echo "<table width='50%' border='1'>";
echo "<tr>
<th>Account Type</th>
<th>Account Number</th>
<th>Balance</th>
</tr>";
$num = $result->num_rows;
for ($j = 0; $j < $num; $j++){
$row = $result->fetch_array(MYSQLI_ASSOC);
echo "<tr><td>" . $row['username'] . "</td><td>" . $row['acctype'] . "</td><td>$ " . number_format($row['balance'], 2, '.', ',') . "</td></tr>";
}
$result->close();
}
/*
if ($db_connect === FALSE) if ($db_connect === FALSE)
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>"; echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
@@ -23,9 +41,11 @@ function showAccounts($userName) {
if (!@mysql_select_db($db_name, $db_connect)) if (!@mysql_select_db($db_name, $db_connect))
echo "<p>Connection error. Please try again later.</p>"; echo "<p>Connection error. Please try again later.</p>";
else { else {
*
*
$SQLstring = "SELECT * from account $SQLstring = "SELECT * from account
WHERE username='$userName'"; WHERE username='$userName'";
*
$QueryResult = @mysql_query($SQLstring, $db_connect); $QueryResult = @mysql_query($SQLstring, $db_connect);
if (mysql_num_rows($QueryResult) == 0) if (mysql_num_rows($QueryResult) == 0)
echo "<p>You have no accounts open.</p>"; echo "<p>You have no accounts open.</p>";
@@ -36,6 +56,9 @@ function showAccounts($userName) {
<th>Account Number</th> <th>Account Number</th>
<th>Balance</th> <th>Balance</th>
</tr>"; </tr>";
*
*
while (($Row = mysql_fetch_assoc($QueryResult)) !== FALSE) while (($Row = mysql_fetch_assoc($QueryResult)) !== FALSE)
{ {
echo "<td>{$Row['accounttype']}</td>"; echo "<td>{$Row['accounttype']}</td>";
@@ -47,7 +70,9 @@ function showAccounts($userName) {
} }
mysql_close($db_connect); mysql_close($db_connect);
} }
return ($retval); *
*/
//return ($retval);
} }
$userName = ""; $userName = "";

8
f8l_exception/styles.css
View File

@@ -14,8 +14,14 @@ img {
} }
table { table {
width: 100%; width: 90%;
margin-left: auto;
margin-right: auto;
} }
table, th, td{ table, th, td{
border: 1px solid black; border: 1px solid black;
}
.tabletitle{
text-align: center;
} }