-
Notifications
You must be signed in to change notification settings - Fork 0
/
money_transfer.php
79 lines (66 loc) · 2.56 KB
/
money_transfer.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
<!DOCTYPE html>
<html lang="ko">
<head>
<meta charset="utf-8">
<title>Money Transfer</title>
</head>
<body>
<?php
//DB CONNECT
session_start();
$receiverAccount = preg_replace('/[^A-Za-z0-9% ]/', '', $receiverAccount);
$money = preg_replace('/[^A-Za-z0-9% ]/', '', $money);
$senderAccount = preg_replace('/[^A-Za-z0-9% ]/', '', $senderAccount);
$senderBalance = preg_replace('/[^A-Za-z0-9% ]/', '', $senderBalance);
$userID = preg_replace('/[^A-Za-z0-9% ]/', '', $userID);
$receiverAccount =$_POST['receiver_account'];
$money = (int)$_POST['money'];
$senderAccount= $_SESSION['accountNumber'];
$senderBalance= $_SESSION['balance'];
$userID = $_SESSION["userID"];
if($senderBalance<$money){
echo "<script>alert('Lack of money')</script>";
echo "<script>location.replace('index.php');</script>";
exit;
}
// $q = "SELECT * FROM ACCOUNT WHERE account_number ='$receiver' ";
// $result = $mysqli->query($q);
// $row = $result->fetch_array(MYSQLI_ASSOC);
// $receiver_balance=(int) $row['balance'];
$cmd = "./moneyTransfer $userID $senderAccount $receiverAccount $money";
//echo "<script>alert('$cmd')</script>";
exec($cmd, $retArr, $retVal);
// $newsendermoney=$sender_balance-$money;
// $newreceivermoney=$receiver_balance+$money;
/*
print_r($receiver); print_r(gettype($receiver));
print_r($money);print_r(gettype($money));
print_r($sender);print_r(gettype($sender));
print_r($sender_balance);print_r(gettype($sender_balance));
print_r($receiver_balance);print_r(gettype($receiver_balance));
print_r($newsendermoney);print_r(gettype($newsendermoney));
print_r($newreceivermoney);print_r(gettype($newreceivermoney));
*/
if ($retVal == 1) {
// $minus_q="UPDATE ACCOUNT SET balance='$newsendermoney' WHERE account_number='$sender'";
// $plus_q="UPDATE ACCOUNT SET balance='$newreceivermoney' WHERE account_number='$receiver'";
// $minusresult=$mysqli->query($minus_q);
// $plusresult=$mysqli->query($plus_q);
echo "<script>alert('Money sending finish')</script>";
echo "<script>location.replace('index.php');</script>";
exit;
}
//결과가 존재하지 않으면 로그인 실패
else if($retVal == 0){
echo "<script>alert('Invalid transfer')</script>";
echo "<script>location.replace('index.php');</script>";
exit;
}
else{
echo "<script>alert('ERROR')</script>";
echo "<script>location.replace('index.php');</script>";
exit;
}
?>
</body>
</html>