Commit cb35789c28568a61ef29d5376116d96e393d7894

Authored by Geoffrey PREUD'HOMME
1 parent b79afcea

api/refaire

Showing 1 changed file with 76 additions and 0 deletions   Show diff stats
api/refaire.php 0 → 100644
@@ -0,0 +1,76 @@ @@ -0,0 +1,76 @@
  1 +<?php
  2 +
  3 +require_once("commun.php");
  4 +
  5 +verifierJeton(donne("jeton"));
  6 +
  7 +if (!donne("idTransaction")) {
  8 + retour("requete_malformee");
  9 +}
  10 +
  11 +$requete = $db->prepare("SELECT type, client, UNIX_TIMESTAMP(date), montant, utilisateur, valide FROM Transactions WHERE id=?");
  12 +$requete->bind_param("s", $_POST['idTransaction']);
  13 +if (!$requete->execute()) {
  14 + retour("erreur_bdd", ["message" => $requete->error]);
  15 +}
  16 +$requete->bind_result($type, $client, $date, $montant, $utilisateur, $valide);
  17 +if (!$requete->fetch()) {
  18 + retour("transaction_inconnue");
  19 +}
  20 +$requete->close();
  21 +
  22 +if ($valide) {
  23 + retour("transaction_deja_active");
  24 +}
  25 +
  26 +if ($utilisateur != $login) {
  27 + verifierDroit(3, "transaction_autre");
  28 +}
  29 +
  30 +if (time() > $date + TRANSACTION_DUREE) {
  31 + verifierDroit(3, "transaction_expire");
  32 +}
  33 +
  34 +$requete = $db->prepare("SELECT solde FROM Clients WHERE idCarte=?");
  35 +$requete->bind_param("s", $client);
  36 +$requete->bind_result($soldeAncien);
  37 +if (!$requete->execute()) {
  38 + retour("erreur_bdd", ["message" => $requete->error]);
  39 +}
  40 +$requete->fetch();
  41 +$requete->close();
  42 +
  43 +switch ($type) {
  44 +case TRANSACTION_CREATION:
  45 +case TRANSACTION_RECHARGEMENT:
  46 + $soldeNouveau = $soldeAncien + $montant;
  47 + break;
  48 +
  49 +case TRANSACTION_PAIEMENT:
  50 +case TRANSACTION_VIDANGE:
  51 + $soldeNouveau = $soldeAncien - $montant;
  52 + break;
  53 +
  54 +default:
  55 + retour("erreur_interne");
  56 + break;
  57 +}
  58 +
  59 +$requete = $db->prepare("UPDATE Clients SET solde=? WHERE idCarte=?");
  60 +$requete->bind_param("ss", $soldeNouveau, $client);
  61 +if (!$requete->execute()) {
  62 + retour("erreur_bdd", ["message" => $requete->error]);
  63 +}
  64 +$requete->close();
  65 +
  66 +
  67 +$requete = $db->prepare("UPDATE Transactions SET valide=1 WHERE id=?");
  68 +$requete->bind_param("s", $_POST["idTransaction"]);
  69 +if (!$requete->execute()) {
  70 + retour("erreur_bdd", ["message" => $requete->error]);
  71 +}
  72 +$requete->close();
  73 +
  74 +retour("ok", ["soldeAncien" => $soldeAncien, "soldeNouveau" => $soldeNouveau]);
  75 +
  76 +?>