$author=$ctx->db->quote($ctx->db->auth->get_user_id());
$from=$ctx->db->quote(bank_name($from));
$to=$ctx->db->quote(bank_name($to));
+ $amount=$ctx->db->quote($amount);
$comment=trim($comment);
if(strlen($comment)<4) die("Komentář musí mít alespoň 4 znaky!");
$this->post_redirect_get("$URL_INTERNAL","Účet byl vytvořen");
}
if(isset($_POST['transaction'])) {
+ if(!is_numeric($_POST['amount']) || $_POST['amount'] < 0) $this->post_redirect_get("$URL_INTERNAL","Lze převádět jen kladné částky", true);
bank_transaction($this, $_POST['account_from'], $_POST['account_to'], $_POST['comment'], $_POST['amount']);
$this->post_redirect_get("$URL_INTERNAL","Transakce byla provedena"); //TODO redirect na account_from
}
echo("$deposits-$withdrawals $bank_currency");
$result = $this->db->safe_query_fetch("SELECT * FROM `bank` WHERE `bank_to`=$account_sql OR `bank_from`=$account_sql ORDER BY bank_time DESC;");
}
+ $this->html->table_hide_columns($result, 'bank');
echo $this->html->render_item_table($result);