1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $_PROFILE;
require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/functions.inc";
$app = $GLOBALS["ColdHazeApp"] = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/app.json"), true);
if (!$isLoggedIn) header("Location: /-/login") and die();
header("Content-Type: application/json");
$request_raw = file_get_contents('php://input');
$json_object = $data = json_decode($request_raw, true);
$systemID = $_PROFILE["login"] === "cloudburst" ? "ynmuc" : "gdapd";
$fronters = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/" . ($_PROFILE["login"] === "cloudburst" ? "ynmuc" : "gdapd") . "/fronters.json"), true)["members"];
if (count($fronters) > 0) {
$myId = $fronters[0]["id"];
} else {
$myId = "zdtsg";
}
$accounts = array_map(function ($i) {
$name = substr($i, 0, -5);
$data = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/money/" . $i), true);
$data["_name"] = $name;
return $data;
}, array_values(array_filter(scandir($_SERVER['DOCUMENT_ROOT'] . "/includes/data/money"), function ($i) { return !str_starts_with($i, "."); })));
$rate = (float)trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/exchange.txt"));
$obj = [
"success" => false,
"error" => null
];
if ($_SERVER["REQUEST_METHOD"] !== "POST") {
$obj["success"] = false;
$obj["error"] = "INVALID_METHOD";
die(json_encode($obj, JSON_PRETTY_PRINT));
}
if (!isset($data["amount"]) || !isset($data["id"]) || !isset($data["description"])) {
$obj["success"] = false;
$obj["error"] = "MISSING_OPERAND";
die(json_encode($obj, JSON_PRETTY_PRINT));
}
$account = array_values(array_filter($accounts, function ($i) use ($data) { return $i["_name"] === $data["id"]; }))[0] ?? null;
if (!isset($account)) {
$obj["success"] = false;
$obj["error"] = "ACCOUNT_NOT_FOUND";
die(json_encode($obj, JSON_PRETTY_PRINT));
}
if (!(isset($data["amount"]) && is_numeric($data["amount"]) && (float)$data["amount"] < 9999 && (float)$data["amount"] > -9999)) {
$obj["success"] = false;
$obj["error"] = "INVALID_AMOUNT";
die(json_encode($obj, JSON_PRETTY_PRINT));
}
if (!isset($data["description"])) $data["description"] = "";
if (strlen($data["description"]) > 150) {
$obj["success"] = false;
$obj["error"] = "DESCRIPTION_TOO_LONG";
die(json_encode($obj, JSON_PRETTY_PRINT));
}
if ($data["amount"] === 0) {
$obj["success"] = false;
$obj["error"] = "AMOUNT_IS_ZERO";
die(json_encode($obj, JSON_PRETTY_PRINT));
}
$ntfy = $GLOBALS["ColdHazeApp"]["ntfy"];
file_get_contents('https://' . $ntfy["server"] . '/' . $ntfy["topic"], false, stream_context_create([
'http' => [
'method' => 'POST',
'header' =>
"Content-Type: text/plain\r\n" .
"Title: " . formatPonypush((getMember($myId)["display_name"] ?? getMember($myId)["name"]) . " created a transaction to " . $account["name"] . " (" . ucfirst($account["owner"]) . ")") . "\r\n" .
"Tags: bits\r\n" .
"Authorization: Basic " . base64_encode($ntfy["user"] . ":" . $ntfy["password"]),
'content' => formatPonypush(($account["currency"] === "gbp" ? "£" : "€") . abs((float)$data["amount"]) . " were " . ((float)$data["amount"] >= 0 ? "added" : "removed") . " just now" . (trim($data["description"]) !== "" ? ": " . $_GET["description"] : ""))
]
]));
array_unshift($account["transactions"], [
"author" => $myId,
"description" => $data["description"],
"amount" => (float)$data["amount"],
"date" => date('c')
]);
$name = $account["_name"];
unset($account["_name"]);
file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/money/" . $name . ".json", json_encode($account, JSON_PRETTY_PRINT));
$obj["success"] = true;
die(json_encode($obj, JSON_PRETTY_PRINT));
|
