joeyajames/cs157AOnlineBanking
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Another update

Browse Source
This commit is contained in:
ry1015
2014-11-16 23:34:19 -08:00
parent b510dedaba
commit ff341372b9
8 changed files with 111 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
f8l_exception/Fifteen Functions.txt
View File

@@ -47,3 +47,14 @@ F8L Exception -- 15 Functions:
15. Daily Transactions Tally (Admin)
show the sum of all deposits and withdraws for one day
STORED PROCEDURE
DROP PROCEDURE IF EXISTS getLowBalance;
DELIMITER //
CREATE PROCEDURE getLowBalance()
BEGIN
SELECT username, acctype, balance
FROM account
where balance <= 200;
END //
DELIMITER;

2
f8l_exception/admin.php
View File

@@ -30,7 +30,7 @@ if (isset($_POST['Submit'])){
$password = validateInput($_POST['pass'],"Password");
//Check if there is an error on userName and/or password.
if ($errorMessage == ""){
$result = queryMySQL("SELECT username,password FROM Users WHERE username='$userName' AND password='$password'");
$result = queryMysql("SELECT username,password FROM Users WHERE username='$userName' AND password='$password'");
$num = $result->num_rows;
if ($result->num_rows == 0)

26
f8l_exception/admin_home.php
View File

@@ -34,6 +34,7 @@ if (isset($_POST['view'])){
if ($_POST['view'] == 'lowBalance'){
echo <<<_END
<h2 class='tabletitle'>LOW BALANCE</h2>
<table>
<tr>
<th>Username</th>
@@ -43,9 +44,26 @@ if (isset($_POST['view'])){
_END;
viewLowBalance();
} elseif ($_POST['view'] == 'increaseLimit'){
echo "increase limit!";
echo <<<_END
<h2 class='tabletitle'>INCREASE CREDIT CARD LIMIT</h2>
<table>
<tr>
<th>Username</th>
<th>Max Limit</th>
<th>Checking Balance</th>
</tr>
_END;
increaseLimit();
} elseif ($_POST['view'] == 'offerCredit'){
echo "offer a credit card!";
echo <<<_END
<h2 class='tabletitle'>OFFER CREDIT CARD</h2>
<table>
<tr>
<th>Username</th>
<th>Balance</th>
</tr>
_END;
offerCredit();
}
echo <<<_END
</table>
@@ -59,4 +77,8 @@ function viewLowBalance(){
function increaseLimit(){
increaseCCLimit();
}
function offerCredit(){
offerCC();
}
?>

25
f8l_exception/includes/inc_adminFunctions.php
View File

@@ -2,11 +2,32 @@
include 'functions.php';
function lowBalance(){
$result = queryMysql("SELECT username, acctype, balance from account WHERE balance <= 200");
//$result = queryMysql("SELECT username, acctype, balance from account WHERE balance <= 200");
$result = queryMysql("Call getLowBalance");
$num = $result->num_rows;
for ($j = 0; $j < $num; $j++){
$row = $result->fetch_array(MYSQLI_ASSOC);
echo "<tr><td>" . $row['username'] . "</td><td>" . $row['acctype'] . "</td><td>$" . $row['balance'] . "</td></tr>";
echo "<tr><td>" . $row['username'] . "</td><td>" . $row['acctype'] . "</td><td>$ " . number_format($row['balance'], 2, '.', ',') . "</td></tr>";
}
}
function offerCC(){
$result = queryMysql("SELECT username, balance from account WHERE balance > 10000");
$num = $result->num_rows;
for ($j = 0; $j < $num; $j++){
$row = $result->fetch_array(MYSQLI_ASSOC);
echo "<tr><td>" . $row['username'] . "</td><td>$ " . number_format($row['balance'], 2, '.', ',') . "</td></tr>";
}
}
function increaseCCLimit(){
$result = queryMysql("SELECT account.username, account.balance, creditcard.maxlimit from account,creditcard WHERE (account.acctype = 'checking' and "
. "account.balance > 2 * creditcard.maxlimit and account.username = creditcard.username)");
$num = $result->num_rows;
for ($j = 0; $j < $num; $j++){
$row = $result->fetch_array(MYSQLI_ASSOC);
echo "<tr><td>" . $row['username'] . "</td><td>$ " . number_format($row['maxlimit'], 2, '.', ',') .
"</td><td>$ " . number_format($row['balance']) . "</td></tr>";
}
}
?>

6
f8l_exception/includes/inc_dbConnect.php
View File

@@ -1,11 +1,13 @@
<?php
include 'functions.php';
$db_host="localhost"; // Host name
$db_username="f8lexception"; // Mysql username
$db_password="Kim157"; // Mysql password
$db_name="f8lexception"; // Database name
// Connect to server and select database.
$db_connect = mysql_connect("$db_host", "$db_username", "$db_password")or die("cannot connect");
$connection = new mysqli($db_host, $db_username, $db_password, $db_name);
if ($connection->connect_error) die ($connection->connect_error);
//$db_connect = mysql_connect("$db_host", "$db_username", "$db_password")or die("cannot connect");
//mysql_select_db("$db_name")or die("cannot select DB");
?>

22
f8l_exception/includes/inc_validateLogin.php
View File

@@ -1,34 +1,36 @@
<?php
include 'functions.php';
// checks user name and pw provided on login page against registered users in account table
// increments global $errorCount if login not approved.
function validateLogin ($myusername,$mypassword) {
global $errorCount;
global $errorMessage;
include 'includes/inc_dbConnect.php';
mysql_select_db("$db_name")or die("cannot select DB");
global $connection;
//mysql_select_db("$db_name")or die("cannot select DB");
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$myusername = $connection->real_escape_string($myusername);
$mypassword = $connection->real_escape_string($mypassword);
// check login and password for validity
$sql = "SELECT * FROM user WHERE username='$myusername' and password='$mypassword'";
$result = mysql_query($sql);
$sql = "SELECT * FROM users WHERE username='$myusername' and password='$mypassword'";
$result = queryMysql($sql);
// If result matched $myusername and $mypassword, table row must be 1 row
$count = mysql_num_rows($result);
$count = $result->num_rows;
if($count == 1){
// record login to login_history table
$sql2 = "INSERT INTO login_history (login) VALUES ('$myusername')";
$result = mysql_query($sql2);
//$sql2 = "INSERT INTO login_history (login) VALUES ('$myusername')";
//$result = queryMysql($sql2);
}
else {
$errorCount++;
$errorMessage .= "Wrong User Name or Password.<br />\n";
}
mysql_close($db_connect);
$result->close();
//mysql_close($db_connect);
return $myusername;
}
?>

31
f8l_exception/my_accounts.php
View File

@@ -13,9 +13,27 @@
<hr />
<h1>My Accounts</h1>
<?php
include 'functions.php';
function showAccounts($userName) {
include 'includes/inc_dbConnect.php';
// Select database.
$result = queryMysql("SELECT * from account WHERE username='$userName'");
if ($result->num_rows == 0){
echo "<p>You have no accounts open.</p>";
} else {
echo "<table width='50%' border='1'>";
echo "<tr>
<th>Account Type</th>
<th>Account Number</th>
<th>Balance</th>
</tr>";
$num = $result->num_rows;
for ($j = 0; $j < $num; $j++){
$row = $result->fetch_array(MYSQLI_ASSOC);
echo "<tr><td>" . $row['username'] . "</td><td>" . $row['acctype'] . "</td><td>$ " . number_format($row['balance'], 2, '.', ',') . "</td></tr>";
}
$result->close();
}
/*
if ($db_connect === FALSE)
echo "<p>Unable to connect to the database server.</p>" . "<p>Error code " . mysql_errno() . ": " . mysql_error() . "</p>";
@@ -23,9 +41,11 @@ function showAccounts($userName) {
if (!@mysql_select_db($db_name, $db_connect))
echo "<p>Connection error. Please try again later.</p>";
else {
*
*
$SQLstring = "SELECT * from account
WHERE username='$userName'";
*
$QueryResult = @mysql_query($SQLstring, $db_connect);
if (mysql_num_rows($QueryResult) == 0)
echo "<p>You have no accounts open.</p>";
@@ -36,6 +56,9 @@ function showAccounts($userName) {
<th>Account Number</th>
<th>Balance</th>
</tr>";
*
*
while (($Row = mysql_fetch_assoc($QueryResult)) !== FALSE)
{
echo "<td>{$Row['accounttype']}</td>";
@@ -47,7 +70,9 @@ function showAccounts($userName) {
}
mysql_close($db_connect);
}
return ($retval);
*
*/
//return ($retval);
}
$userName = "";

8
f8l_exception/styles.css
View File

@@ -14,8 +14,14 @@ img {
}
table {
width: 100%;
width: 90%;
margin-left: auto;
margin-right: auto;
}
table, th, td{
border: 1px solid black;
}
.tabletitle{
text-align: center;
}