This repository has been archived by the owner on Apr 17, 2018. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
purchase_confirm.php
88 lines (73 loc) · 2.6 KB
/
purchase_confirm.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
<?php
$title = 'Purchase Confirmation: Federal Bank';
$curnav = 'Purchase';
require './includes/config.php';
require './includes/session.php';
require './includes/header.php';
if ( !isset($_GET['item']) || !isset($products[$_GET['item']]) || $products[$_GET['item']]['enabled'] == false ) {
header('Location: /purchase.php');
}
$notice = '';
if (
isset($_POST['srcAcc']) &&
isset($_POST['pin']) && is_numeric($_POST['pin'])
) {
$req = api_request('/transfer', [
'session' => $curuser->getSessionKey(),
'src' => $_POST['srcAcc'],
'dst' => WHITE_TEAM_ACCOUNT,
'amount' => $products[$_GET['item']]['cost'],
'pin' => $_POST['pin']
]);
$notice = '<div class="alert '.($req['code'] == 200 ? 'alert-success' : 'alert-danger').'">'.$req['message'].'</div>';
if ( $req['code'] == 200 ) {
$notice .= '<div class="alert alert-info">'.$products[$_GET['item']]['on_purchase'].'</div>';
if ( isset($products[$_GET['item']]['slack_message']) ) {
$message = sprintf($products[$_GET['item']]['slack_message'], $curuser->username);
send_slack($message);
}
}
}
$item = $products[$_GET['item']];
$accounts = api_request('/accounts', ['session' => $curuser->getSessionKey()]);
if ( $accounts['code'] != 200 ) die('Fatal Error: Contact White Team and get James');
?>
<div class="container">
<h2>Purchase Confirmation - <?=$item['name']?></h2>
<?=$notice?>
<form class="form-horizontal" method="post">
<div class="form-group">
<label for="srcAcc" class="col-sm-2 control-label">Source Account</label>
<div class="col-sm-10">
<select class="form-control" name="srcAcc">
<?php foreach ( $accounts['accounts'] AS $account ): ?>
<option value="<?=$account['id']?>">
#<?=$account['id']?> - BALANCE: <?=money_format('%.2n', $account['balance'])?>
</option>
<?php endforeach; ?>
</select>
</div>
</div>
<div class="form-group">
<label for="amount" class="col-sm-2 control-label">Amount</label>
<div class="col-sm-10">
<div class="input-group">
<div class="input-group-addon">$</div>
<input type="text" class="form-control" id="amount" name="amount" value="<?=$item['cost']?>" readonly="readonly">
</div>
</div>
</div>
<div class="form-group">
<label for="pin" class="col-sm-2 control-label">PIN</label>
<div class="col-sm-10">
<input type="text" class="form-control" id="pin" name="pin" placeholder="PIN">
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" class="btn btn-default">Send Money!</button>
</div>
</div>
</form>
</div>
<?php require './includes/footer.php'; ?>