<?php require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $_PROFILE; require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/functions.inc"; $app = $GLOBALS["ColdHazeApp"] = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/app.json"), true); if (!$isLoggedIn) header("Location: /-/login") and die(); header("Content-Type: application/json"); $request_raw = file_get_contents('php://input'); $json_object = $data = json_decode($request_raw, true); $systemID = $_PROFILE["login"] === "cloudburst" ? "ynmuc" : "gdapd"; $fronters = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/" . ($_PROFILE["login"] === "cloudburst" ? "ynmuc" : "gdapd") . "/fronters.json"), true)["members"]; if (count($fronters) > 0) { $myId = $fronters[0]["id"]; } else { $myId = "zdtsg"; } $accounts = array_map(function ($i) { $name = substr($i, 0, -5); $data = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/money/" . $i), true); $data["_name"] = $name; return $data; }, array_values(array_filter(scandir($_SERVER['DOCUMENT_ROOT'] . "/includes/data/money"), function ($i) { return !str_starts_with($i, "."); }))); $rate = (float)trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/exchange.txt")); $obj = [ "success" => false, "error" => null ]; if ($_SERVER["REQUEST_METHOD"] !== "POST") { $obj["success"] = false; $obj["error"] = "INVALID_METHOD"; die(json_encode($obj, JSON_PRETTY_PRINT)); } if (!isset($data["amount"]) || !isset($data["id"]) || !isset($data["description"])) { $obj["success"] = false; $obj["error"] = "MISSING_OPERAND"; die(json_encode($obj, JSON_PRETTY_PRINT)); } $account = array_values(array_filter($accounts, function ($i) use ($data) { return $i["_name"] === $data["id"]; }))[0] ?? null; if (!isset($account)) { $obj["success"] = false; $obj["error"] = "ACCOUNT_NOT_FOUND"; die(json_encode($obj, JSON_PRETTY_PRINT)); } if (!(isset($data["amount"]) && is_numeric($data["amount"]) && (float)$data["amount"] < 9999 && (float)$data["amount"] > -9999)) { $obj["success"] = false; $obj["error"] = "INVALID_AMOUNT"; die(json_encode($obj, JSON_PRETTY_PRINT)); } if (!isset($data["description"])) $data["description"] = ""; if (strlen($data["description"]) > 150) { $obj["success"] = false; $obj["error"] = "DESCRIPTION_TOO_LONG"; die(json_encode($obj, JSON_PRETTY_PRINT)); } if ($data["amount"] === 0) { $obj["success"] = false; $obj["error"] = "AMOUNT_IS_ZERO"; die(json_encode($obj, JSON_PRETTY_PRINT)); } $ntfy = $GLOBALS["ColdHazeApp"]["ntfy"]; file_get_contents('https://' . $ntfy["server"] . '/' . $ntfy["topic"], false, stream_context_create([ 'http' => [ 'method' => 'POST', 'header' => "Content-Type: text/plain\r\n" . "Title: " . formatPonypush((getMember($myId)["display_name"] ?? getMember($myId)["name"]) . " created a transaction to " . $account["name"] . " (" . ucfirst($account["owner"]) . ")") . "\r\n" . "Tags: bits\r\n" . "Authorization: Basic " . base64_encode($ntfy["user"] . ":" . $ntfy["password"]), 'content' => formatPonypush(($account["currency"] === "gbp" ? "£" : "€") . abs((float)$data["amount"]) . " were " . ((float)$data["amount"] >= 0 ? "added" : "removed") . " just now" . (trim($data["description"]) !== "" ? ": " . $data["description"] : "")) ] ])); array_unshift($account["transactions"], [ "author" => $myId, "description" => $data["description"], "amount" => (float)$data["amount"], "date" => date('c') ]); $name = $account["_name"]; unset($account["_name"]); file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/money/" . $name . ".json", json_encode($account, JSON_PRETTY_PRINT)); $obj["success"] = true; die(json_encode($obj, JSON_PRETTY_PRINT));