diff --git a/api/client/payer.php b/api/client/payer.php
new file mode 100644
index 0000000..ed0cf8f
--- /dev/null
+++ b/api/client/payer.php
@@ -0,0 +1,60 @@
+<?php
+
+require_once("../commun.php");
+
+verifierDroit(2);
+
+if (!(donne("idCarte") && (donne("montant") XOR donne("quantite")))) {
+    retour("requete_malformee");
+}
+
+if (!clientExiste(donne("idCarte"))) {
+    retour("client_inconnu");
+}
+
+if (donne("quantite")) {
+    $quantite = intval($_POST["quantite"]);
+    $requete = $db->prepare("SELECT prix FROM Prix");
+    $requete->bind_result($prixItem);
+    if (!$requete->execute()) {
+        retour("erreur_bdd", ["message" => $requete->error]);
+    }
+    $requete->fetch();
+    $requete->close();
+
+    $montant = $prixItem * $quantite;
+} else {
+    $montant = floatval($_POST["montant"]);
+}
+
+if ($montant <= 0) {
+    retour("paiement_negatif");
+}
+
+$requete = $db->prepare("SELECT solde, decouvert FROM Clients WHERE idCarte=?");
+$requete->bind_param("s", $_POST["idCarte"]);
+$requete->bind_result($soldeAncien, $decouvert);
+if (!$requete->execute()) {
+    retour("erreur_bdd", ["message" => $requete->error]);
+}
+$requete->fetch();
+$requete->close();
+
+$soldeNouveau = $soldeAncien - $montant;
+
+if ($soldeNouveau < 0 && !$decouvert) {
+    retour("solde_insuffisant", ["solde" => $soldeAncien, "manque" => abs($soldeNouveau)]);
+}
+
+$requete = $db->prepare("UPDATE Clients SET solde=? WHERE idCarte=?");
+$requete->bind_param("ss", $soldeNouveau, $_POST["idCarte"]);
+if (!$requete->execute()) {
+    retour("erreur_bdd", ["message" => $requete->error]);
+}
+$requete->close();
+$id = transaction(TRANSACTION_PAIEMENT, $_POST["idCarte"], $montant);
+
+
+retour("ok", ["id" => $id, "soldeAncien" => $soldeAncien, "soldeNouveau" => $soldeNouveau]);
+
+?>
diff --git a/api/client/recharger.php b/api/client/recharger.php
index d93888b..799dd49 100644
--- a/api/client/recharger.php
+++ b/api/client/recharger.php
@@ -14,9 +14,13 @@ if (!clientExiste(donne("idCarte"))) {
 
 $montant = floatval($_POST["montant"]);
 
+if ($montant <= 0) {
+    retour("rechargement_negatif");
+}
+
 $requete = $db->prepare("SELECT solde FROM Clients WHERE idCarte=?");
 $requete->bind_param("s", $_POST["idCarte"]);
-$requete->bind_results($soldeAncien);
+$requete->bind_result($soldeAncien);
 if (!$requete->execute()) {
     retour("erreur_bdd", ["message" => $requete->error]);
 }
@@ -34,6 +38,6 @@ $requete->close();
 $id = transaction(TRANSACTION_RECHARGEMENT, $_POST["idCarte"], $montant);
 
 
-retour("ok", ["id" => $id, "montantAncien" => $montantAncien, "montantNouveau" => $montantNouveau]);
+retour("ok", ["id" => $id, "soldeAncien" => $soldeAncien, "soldeNouveau" => $soldeNouveau]);
 
 ?>
--
libgit2 0.21.2