-
Notifications
You must be signed in to change notification settings - Fork 0
/
Process_credit.php
67 lines (57 loc) · 2.19 KB
/
Process_credit.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
<?php
$connect = mysqli_connect("localhost", "root", "", "dreambucks");
// declarsmoa variables con los datos provenientes de login A utilizando el metodo post
$NAME =$_POST["name"];
$PASSWORD =$_POST["password"];
$TOTAL =$_POST["quantity"];
// limpiamos codigo para evitar inyecciones
$passwordHash = password_hash($PASSWORD, PASSWORD_BCRYPT);
$consult = "SELECT * FROM users WHERE name_U='$NAME'";
$result = mysqli_query($connect, $consult);
while ($row = mysqli_fetch_row($result)){
?>
<?php
$id_U = $row[0]; //guardamos su id en una variable
$balance = $row[10];
?><br><br>
<?php
}
//obtenemos fecha actual
$DATE = date('Y-m-d');
// el saldo actual mas el nuevo
$NewBalance = $balance + $TOTAL;
// verificamos que el nombre del usuario existe al igual que su contraseña
$consult_U = "SELECT name_U
FROM users
WHERE name_U= '$NAME' and password_U='$PASSWORD'";
$consult_U = mysqli_query($connect, $consult_U);
$consult_U = mysqli_fetch_array($consult_U);
if($consult_U){
// insertamos en la base de datos la informacion, los espacios en blanco son datos que aun no se tienen
$sql = "INSERT INTO movements (date, id_U2, total, type)VALUES ('$DATE', '$id_U','$TOTAL', 'recharge')";
$sql2 = "UPDATE users
SET balance = '$NewBalance'
WHERE id_U = '$id_U'";
}else {
echo "<script>
alert('error');
window.location = 'Credit_Recharge.php';
</script>";
}
if(mysqli_query($connect,$sql)){
header("location: CreationRechargeConfirm.php");
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($connect);
}
if(mysqli_query($connect,$sql2)){
header("location: CreationRechargeConfirm.php");
} else {
echo "Error: " . $sql2 . "<br>" . mysqli_error($connect);
} {
echo "<script>
alert('usuario inexistente');
window.location = 'Credit_Recharge.php';
</script>";
}
mysqli_close($connect);
?>