db->quote($ctx->db->auth->get_user_id());
$from=$ctx->db->quote(bank_name($from));
$to=$ctx->db->quote(bank_name($to));
$amount=$ctx->db->quote($amount);
$comment=$ctx->db->quote(trim($comment));
$sql="INSERT INTO `${bank_table}` (`${bank_table}_time`, `${bank_table}_from`, `${bank_table}_to`, `${bank_table}_amount`, `${bank_table}_author`, `${bank_table}_comment`) VALUES (now(), $from, $to, $amount, $author, $comment);";
$ctx->db->safe_query($sql);
}
function bank_get_accounts($ctx, $all=false) {
global $bank_table;
$fetch = $ctx->db->safe_query_fetch("SELECT DISTINCT ${bank_table}_to FROM ${bank_table} ORDER BY ${bank_table}_to;");
foreach($fetch as $account) if($all || $account[$bank_table.'_to'][0]!='_') $accounts[]=$account[$bank_table.'_to'];
return $accounts;
}
function bank_get_last_to($ctx, $account) {
global $bank_table;
$account=$ctx->db->quote(bank_name($account));
$fetch = $ctx->db->safe_query_fetch("SELECT ${bank_table}_to FROM ${bank_table} WHERE ${bank_table}_from=$account ORDER BY ${bank_table}_time DESC LIMIT 1;");
return $fetch[0][$bank_table.'_to'];
}
function bank_add_account($ctx, $name) {
bank_transaction($ctx, $name, $name, "Created account \"$name\"");
}
function bank_get_total($ctx, $account, $string=false) {
global $bank_table;
$account_sql=$ctx->db->quote($account);
$result = $ctx->db->safe_query_fetch("SELECT SUM(${bank_table}_amount) FROM `${bank_table}` WHERE `${bank_table}_to`=$account_sql;");
$deposits = $result[0]["SUM(${bank_table}_amount)"];
$result = $ctx->db->safe_query_fetch("SELECT SUM(${bank_table}_amount) FROM `${bank_table}` WHERE `${bank_table}_from`=$account_sql;");
$withdrawals = $result[0]["SUM(${bank_table}_amount)"];
if($string) return "$deposits-$withdrawals";
return $deposits-$withdrawals;
}
function bank_rename_account($ctx, $old, $new) {
global $bank_table;
if(in_array($new, bank_get_accounts($ctx, true))) return false;
$old=$ctx->db->quote($old);
$new=$ctx->db->quote($new);
return $ctx->db->safe_query(
"START TRANSACTION;".
"UPDATE ${bank_table} SET `${bank_table}_to`=$new WHERE `${bank_table}_to`=$old;".
"UPDATE ${bank_table} SET `${bank_table}_from`=$new WHERE `${bank_table}_from`=$old;".
"COMMIT;"
);
}
function bank_get_overview($ctx,$prefix='') {
global $bank_table;
$accounts = bank_get_accounts($ctx);
foreach($accounts as $acc) {
$total=bank_get_total($ctx, $acc);
$overview['table'][]=array("${prefix}account"=>$acc,"${prefix}total"=>$total);
$overview['array'][$acc]=$total;
}
return $overview;
}
if(isset($bank_json_only) && $bank_json_only) {
$overview=bank_get_overview($this);
die(json_encode(array(
'overview'=>$overview['array']
)));
}
if(isset($_POST['create_account'])) {
bank_add_account($this, $_POST['account_name']);
$this->post_redirect_get("$URL_INTERNAL/admin","Účet byl vytvořen");
}
if(isset($_POST['rename_account'])) {
if(bank_rename_account($this, $_POST['account_old'], $_POST['account_new'])) {
$this->post_redirect_get("$URL_INTERNAL/admin","Účet byl upraven");
} else {
$this->post_redirect_get("$URL_INTERNAL/admin","Takový účet již existuje!", false);
}
}
if(isset($_POST['transaction'])) {
if(!is_numeric($_POST['amount']) || $_POST['amount'] < 0) $this->post_redirect_get("$URL_INTERNAL?account=".$_POST['account_from'],"Lze převádět jen kladné částky", true);
$comment=trim($_POST['comment']);
if(strlen($comment)<4) $this->post_redirect_get("$URL_INTERNAL?account=".$_POST['account_from'],"Komentář musí mít alespoň 4 znaky!",true);
bank_transaction($this, $_POST['account_from'], $_POST['account_to'], $_POST['comment'], $_POST['amount']);
$this->post_redirect_get("$URL_INTERNAL?account=".$_POST['account_from'],"Transakce byla provedena");
}
//bank_add_account($this, 'material');
echo("Banka - ");
echo("Správa účtů - ");
echo("Účty:
");
$accounts = bank_get_accounts($this, $SUBPATH[0]=='admin');
$lastaccount=false;
foreach($accounts as $account) {
if($lastaccount && $lastaccount[0]!=$account[0] && !preg_match('/[a-zA-Z0-9]/', $lastaccount[0])) echo('
');
echo("$account, ");
$lastaccount=$account;
}
switch($SUBPATH[0]) {
default:
if(!isset($_GET['account'])) {
echo("