<?phpif (!$_SERVER['HTTP_REFERER']) { header('Location: ../index.php');

1. <?php
2. if (!$_SERVER['HTTP_REFERER']) {
3.   header('Location: ../index.php');
4.   die();
5. }
6.  
7. include_once $_SERVER['DOCUMENT_ROOT'].'/bank/includes/database_inc.php';
8.  
9. class User extends Database {
10.   private $login;
11.   private $password;
12.   private $userId;
13.  
14.   public function checkUser($login, $password) {
15.     $this->login    = $login;
16.     $this->password = $password;
17.     try {
18.       $query = $this->pdo->prepare('SELECT * FROM users WHERE login = :login');
19.       $query->bindValue(':login', $this->login, PDO::PARAM_STR);
20.       $query->execute();
21.  
22.       $checkUser = $query->fetch();
23.  
24.       $_SESSION['userName']     = $checkUser['name'];
25.       $_SESSION['userSurname']  = $checkUser['surname'];
26.       $_SESSION['userId']       = $checkUser['id_user'];
27.       $passwordHashed           = $checkUser['password'];
28.       $checkPassword            = password_verify($password, $passwordHashed);
29.  
30.       sleep(1.5);
31.       if ($checkPassword) {
32.         $_SESSION['loggedIn'] = true;
33.         header('Location: paneluser/accounts.php');
34.       } else {
35.         $_SESSION['loggedIn'] = false;
36.         $_SESSION['loginFailed'] = "Nieprawidłowy login lub hasło";
37.         header('Location: index.php');
38.       }
39.  
40.     } catch (PDOException $e) {
41.       echo $e->getMessage();
42.     }
43.   }
44.  
45.   public function getAccounts($userId) {
46.     $this->userId = $userId;
47.     try {
48.       $query = $this->pdo->prepare('SELECT * FROM accounts WHERE id_user = :userId');
49.       $query->bindValue(':userId', $this->userId, PDO::PARAM_INT);
50.       $query->execute();
51.  
52.       $accountsAmount = $query->rowCount();
53.  
54.       $accInfo = $query->fetchAll();
55.  
56.       if ($accountsAmount > 0) {
57.         function convertAccountNumber($accountNumber) {
58.  
59.           $entryNumber = $accountNumber[0] . $accountNumber[1];
60.           $restNumber  = null;
61.  
62.           for ($i = 2; $i < 26; $i++) {
63.             $restNumber = $restNumber . $accountNumber[$i];
64.           }
65.  
66.           return $entryNumber . ' ' . chunk_split($restNumber, 4 , ' ');
67.         }
68.  
69.         function convertAccountType($accountType) {
70.           switch($accountType) {
71.             case 'standard':
72.               $accountType = 'Konto standard';
73.               break;
74.             case 'standard-plus':
75.               $accountType = "Konto standard plus";
76.               break;
77.             case 'for-young':
78.               $accountType = "Konto dla młodych";
79.               break;
80.             case 'company':
81.               $accountType = "Konto firmowe";
82.               break;
83.           }
84.           return $accountType;
85.         }
86.  
87.         $accounts = [];
88.         foreach ($accInfo as $row) {
89.           $accountNumber = $row['account_number'];
90.           $accountType   = $row['account_type'];
91.  
92.           $accounts[] = [
93.            'accountNumber'         => convertAccountNumber($accountNumber),
94.            'accountType'           => convertAccountType($accountType),
95.            'accountBalance'        => number_format($row['balance'], 2, ',', ' '),
96.            'accountAvailableFunds' => number_format($row['available_funds'], 2, ',', ' ')
97.          ];
98.         }
99.         echo json_encode($accounts);
100.  
101.       } else {
102.         echo $accountsAmount;
103.       }
104.  
105.     } catch (PDOException $e) {
106.       echo $e->getMessage();
107.     }
108.   }
109. }
110.  
111. ?>