diff options
Diffstat (limited to 'pages/api/money/create.php')
| -rw-r--r-- | pages/api/money/create.php | 99 |
1 files changed, 99 insertions, 0 deletions
diff --git a/pages/api/money/create.php b/pages/api/money/create.php new file mode 100644 index 0000000..ff06a37 --- /dev/null +++ b/pages/api/money/create.php @@ -0,0 +1,99 @@ +<?php + +require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $_PROFILE; +require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/functions.inc"; +$app = $GLOBALS["ColdHazeApp"] = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/app.json"), true); +if (!$isLoggedIn) header("Location: /-/login") and die(); +header("Content-Type: application/json"); + +$request_raw = file_get_contents('php://input'); +$json_object = $data = json_decode($request_raw, true); + +$systemID = $_PROFILE["login"] === "cloudburst" ? "ynmuc" : "gdapd"; +$fronters = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/" . ($_PROFILE["login"] === "cloudburst" ? "ynmuc" : "gdapd") . "/fronters.json"), true)["members"]; + +if (count($fronters) > 0) { + $myId = $fronters[0]["id"]; +} else { + $myId = "zdtsg"; +} + +$accounts = array_map(function ($i) { + $name = substr($i, 0, -5); + $data = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/money/" . $i), true); + $data["_name"] = $name; + return $data; +}, array_values(array_filter(scandir($_SERVER['DOCUMENT_ROOT'] . "/includes/data/money"), function ($i) { return !str_starts_with($i, "."); }))); +$rate = (float)trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/exchange.txt")); + +$obj = [ + "success" => false, + "error" => null +]; + +if ($_SERVER["REQUEST_METHOD"] !== "POST") { + $obj["success"] = false; + $obj["error"] = "INVALID_METHOD"; + die(json_encode($obj, JSON_PRETTY_PRINT)); +} + +if (!isset($data["amount"]) || !isset($data["id"]) || !isset($data["description"])) { + $obj["success"] = false; + $obj["error"] = "MISSING_OPERAND"; + die(json_encode($obj, JSON_PRETTY_PRINT)); +} + +$account = array_values(array_filter($accounts, function ($i) use ($data) { return $i["_name"] === $data["id"]; }))[0] ?? null; + +if (!isset($account)) { + $obj["success"] = false; + $obj["error"] = "ACCOUNT_NOT_FOUND"; + die(json_encode($obj, JSON_PRETTY_PRINT)); +} + +if (!(isset($data["amount"]) && is_numeric($data["amount"]) && (float)$data["amount"] < 9999 && (float)$data["amount"] > -9999)) { + $obj["success"] = false; + $obj["error"] = "INVALID_AMOUNT"; + die(json_encode($obj, JSON_PRETTY_PRINT)); +} +if (!isset($data["description"])) $data["description"] = ""; + +if (strlen($data["description"]) > 150) { + $obj["success"] = false; + $obj["error"] = "DESCRIPTION_TOO_LONG"; + die(json_encode($obj, JSON_PRETTY_PRINT)); +} + +if ($data["amount"] === 0) { + $obj["success"] = false; + $obj["error"] = "AMOUNT_IS_ZERO"; + die(json_encode($obj, JSON_PRETTY_PRINT)); +} + +$ntfy = $GLOBALS["ColdHazeApp"]["ntfy"]; +file_get_contents('https://' . $ntfy["server"] . '/' . $ntfy["topic"], false, stream_context_create([ + 'http' => [ + 'method' => 'POST', + 'header' => + "Content-Type: text/plain\r\n" . + "Title: " . formatPonypush((getMember($myId)["display_name"] ?? getMember($myId)["name"]) . " created a transaction to " . $account["name"] . " (" . ucfirst($account["owner"]) . ")") . "\r\n" . + "Tags: bits\r\n" . + "Authorization: Basic " . base64_encode($ntfy["user"] . ":" . $ntfy["password"]), + 'content' => formatPonypush(($account["currency"] === "gbp" ? "£" : "€") . abs((float)$_GET["amount"]) . " were " . ((float)$_GET["amount"] >= 0 ? "added" : "removed") . " just now" . (trim($_GET["description"]) !== "" ? ": " . $_GET["description"] : "")) + ] +])); + +array_unshift($account["transactions"], [ + "author" => $myId, + "description" => $_GET["description"], + "amount" => (float)$_GET["amount"], + "date" => date('c') +]); + +$name = $account["_name"]; +unset($account["_name"]); + +file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/money/" . $name . ".json", json_encode($account, JSON_PRETTY_PRINT)); + +$obj["success"] = true; +die(json_encode($obj, JSON_PRETTY_PRINT));
\ No newline at end of file |