db->quote($ctx->db->auth->get_user_id()); $from=$ctx->db->quote(bank_name($from)); $to=$ctx->db->quote(bank_name($to)); $amount=$ctx->db->quote($amount); $comment=$ctx->db->quote(trim($comment)); $sql="INSERT INTO `bank` (`bank_time`, `bank_from`, `bank_to`, `bank_amount`, `bank_author`, `bank_comment`) VALUES (now(), $from, $to, $amount, $author, $comment);"; $ctx->db->safe_query($sql); } function bank_get_accounts($ctx, $all=false) { $fetch = $ctx->db->safe_query_fetch('SELECT DISTINCT bank_to FROM bank ORDER BY bank_to;'); foreach($fetch as $account) if($all || $account['bank_to'][0]!='_') $accounts[]=$account['bank_to']; return $accounts; } function bank_add_account($ctx, $name) { bank_transaction($ctx, $name, $name, "Created account \"$name\""); } function bank_get_total($ctx, $account, $string=false) { $account_sql=$ctx->db->quote($account); $result = $ctx->db->safe_query_fetch("SELECT SUM(bank_amount) FROM `bank` WHERE `bank_to`=$account_sql;"); $deposits = $result[0]['SUM(bank_amount)']; $result = $ctx->db->safe_query_fetch("SELECT SUM(bank_amount) FROM `bank` WHERE `bank_from`=$account_sql;"); $withdrawals = $result[0]['SUM(bank_amount)']; if($string) return "$deposits-$withdrawals"; return $deposits-$withdrawals; } function bank_rename_account($ctx, $old, $new) { if(in_array($new, bank_get_accounts($ctx, true))) return false; $old=$ctx->db->quote($old); $new=$ctx->db->quote($new); return $ctx->db->safe_query( "START TRANSACTION;". "UPDATE bank SET `bank_to`=$new WHERE `bank_to`=$old;". "UPDATE bank SET `bank_from`=$new WHERE `bank_from`=$old;". "COMMIT;" ); } function bank_get_overview($ctx) { $accounts = bank_get_accounts($ctx); foreach($accounts as $acc) $overview[]=array("bank_account"=>$acc,"bank_total"=>bank_get_total($ctx, $acc)); return $overview; } if(isset($_POST['create_account'])) { bank_add_account($this, $_POST['account_name']); $this->post_redirect_get("$URL_INTERNAL","Účet byl vytvořen"); } if(isset($_POST['rename_account'])) { if(bank_rename_account($this, $_POST['account_old'], $_POST['account_new'])) { $this->post_redirect_get("$URL_INTERNAL","Účet byl upraven"); } else { $this->post_redirect_get("$URL_INTERNAL","Takový účet již existuje!", false); } } if(isset($_POST['transaction'])) { if(!is_numeric($_POST['amount']) || $_POST['amount'] < 0) $this->post_redirect_get("$URL_INTERNAL?account=".$_POST['account_from'],"Lze převádět jen kladné částky", true); $comment=trim($_POST['comment']); if(strlen($comment)<4) $this->post_redirect_get("$URL_INTERNAL?account=".$_POST['account_from'],"Komentář musí mít alespoň 4 znaky!",true); bank_transaction($this, $_POST['account_from'], $_POST['account_to'], $_POST['comment'], $_POST['amount']); $this->post_redirect_get("$URL_INTERNAL?account=".$_POST['account_from'],"Transakce byla provedena"); } //bank_add_account($this, 'material'); echo("Banka - "); echo("Správa účtů - "); echo("Účty: "); $accounts = bank_get_accounts($this, $SUBPATH[0]=='admin'); foreach($accounts as $account) echo("$account, "); switch($SUBPATH[0]) { default: if(!isset($_GET['account'])) { echo("