FUNCTIONs
unknown
php
a year ago
46 kB
4
Indexable
<?php
// Import necessary PHPMailer classes
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
include 'db.inc.php';
// Require PHPMailer classes using __DIR__
require __DIR__ . '/PHPMailer/src/Exception.php';
require __DIR__ . '/PHPMailer/src/PHPMailer.php';
/**
* Formats a given date time in the format 'M j, Y - g:i A'.
*
* @param string $dateTime The input date time string.
* @return string Formatted date time string.
*/
function formatDateTime($dateTime) {
// Extract and format the date part
$date = date('M j, Y', strtotime($dateTime));
// Extract and format the time part
$time = date('g:i A', strtotime($dateTime));
// Combine the formatted date and time
return $date . ' - ' . $time;
}
/**
* Redirects to home.php with an error message.
*
* @param string $errorMessage Error message to display.
*
* @return void
*/
function redirectWithError($pageName, $errorMessage) {
header('Location: '.$pageName.'?type=error&message=' . urlencode($errorMessage));
exit();
}
/**
* Redirects to home.php with a success message.
*
* @param string $successMessage Success message to display.
*
* @return void
*/
function redirectWithSuccess($pageName, $successMessage) {
header('Location: '.$pageName.'?type=success&message=' . urlencode($successMessage));
exit();
}
/**
* Generate a random email verification token.
*
* @return string|bool - Returns the generated token if successful, or false if an error occurs.
*/
function generateEmailVerificationToken() {
// You can adjust the length of the token as needed
$tokenLength = 32;
try {
// Generate a random binary string and convert it to hexadecimal
$token = bin2hex(random_bytes($tokenLength));
return $token;
} catch (Exception $e) {
// Handle the exception, log the error, or return an error response.
return false;
}
}
/**
* Generate a random referral ID with a specified length.
*
* @param int $length - Optional. The length of the referral ID. Default is 10 characters.
*
* @return string - Returns the generated referral ID.
*/
function generateReferralID($length = 10) {
// Characters that can be used in the ID
$characters = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
// Calculate the number of characters in the character set
$numChars = strlen($characters);
// Generate a random binary string
$randomBytes = random_bytes($length);
$referralID = '';
// Loop through each character
for ($i = 0; $i < $length; $i++) {
// Convert the binary value to an index in the character set
$index = ord($randomBytes[$i]) % $numChars;
// Append the corresponding character to the ID
$referralID .= $characters[$index];
}
return $referralID;
}
/**
* Send an email using PHPMailer.
*
* @param string $toEmail - The recipient's email address.
* @param string $subject - The subject of the email.
* @param string $message - The content of the email.
* @param string $fromEmail - The sender's email address.
* @param string $fromName - The sender's name.
* @param string|null $replyToEmail - Optional. The email address to set as the reply-to address.
*
* @return bool - Returns true if the email is sent successfully, false otherwise.
*/
function sendEmail($toEmail, $subject, $message, $fromEmail, $fromName, $replyToEmail = null) {
try {
// Create a new PHPMailer instance
$mail = new PHPMailer(true);
// Recipients
$mail->setFrom($fromEmail, $fromName);
$mail->addAddress($toEmail);
if ($replyToEmail) {
$mail->addReplyTo($replyToEmail);
}
$mail->addCC($fromEmail);
$mail->addBCC($fromEmail);
// Content
$mail->isHTML(true);
$mail->Subject = $subject;
$mail->Body = $message;
// Send the email
if ($mail->send()) {
return true; // Email sent successfully
} else {
// Log the error
error_log("Email could not be sent. Error: " . $mail->ErrorInfo, 3, 'error_log.php');
return false;
}
} catch (Exception $e) {
// Handle exceptions (e.g., log errors)
error_log("Email exception: " . $e->getMessage(), 3, 'error_log.php');
return false;
}
}
/**
* Validate and sanitize a name to ensure it contains only allowed characters.
*
* @param string $name - The name to be validated and sanitized.
*
* @return string|bool - Returns the sanitized name if valid, or false if the name contains invalid characters.
*/
function validateAndSanitizeName($name) {
// Define a regular expression pattern to allow names from all languages
$pattern = '/^[\p{L}\s\'-]+$/u';
// Check if the name matches the pattern
if (preg_match($pattern, $name)) {
// Sanitize the name using mysqli_real_escape_string
$sanitizedName = mysqli_real_escape_string($GLOBALS['dbconn'], $name);
return $sanitizedName;
} else {
// Name contains invalid characters
return false;
}
}
/**
* Retrieve user data based on the provided email address.
*
* @param string $email - The email address to search for in the database.
*
* @return mixed|null - Returns an associative array of user data if found, or null if not found.
*/
function selectUserByEmail($email) {
try {
// Variable to store the user data
$userRow = null;
// Use prepared statements to prevent SQL injection
$stmt = mysqli_prepare($GLOBALS['dbconn'], "SELECT * FROM `clients_tbl` WHERE u_email = ?");
mysqli_stmt_bind_param($stmt, "s", $email);
mysqli_stmt_execute($stmt);
// Get the result
$result = mysqli_stmt_get_result($stmt);
// Check if a single matching record is found
if ($result && mysqli_num_rows($result) === 1) {
// Fetch the user data into an associative array
$userRow = mysqli_fetch_array($result);
}
// Clean up resources by closing the statement
mysqli_stmt_close($stmt);
return $userRow;
} catch (Exception $e) {
// Handle exceptions (e.g., log errors)
error_log("Select User By Email exception: " . $e->getMessage(), 3, 'error_log.php');
return null;
}
}
/**
* Check if an email address already exists in the database.
*
* @param string $email - The email address to be checked.
*
* @return bool - Returns true if the email exists, false if it doesn't, or if an error occurs.
*/
function checkEmailExists($email) {
try {
// Prepare the SQL statement to select a user by email
$stmt = mysqli_prepare($GLOBALS['dbconn'], 'SELECT * FROM clients_tbl WHERE u_email = ');
// Check if the statement is prepared successfully
if ($stmt) {
// Bind the email parameter
mysqli_stmt_bind_param($stmt, 's', $email);
// Execute the statement
mysqli_stmt_execute($stmt);
// Store the result
mysqli_stmt_store_result($stmt);
// Check the number of rows returned
if (mysqli_stmt_num_rows($stmt) === 1) {
// Close the statement and return true if the email exists
mysqli_stmt_close($stmt);
return true;
} else {
// Close the statement and return false if the email doesn't exist
mysqli_stmt_close($stmt);
return false;
}
} else {
// Return false if an error occurs during statement preparation
return false;
}
} catch (Exception $e) {
// Handle exceptions (e.g., log errors)
error_log("Check Email Exists exception: " . $e->getMessage(), 3, 'error_log.php');
return false;
}
}
/**
* Validate an email address using the filter_var function.
*
* @param string $email - The email address to be validated.
*
* @return bool - Returns true if the email is valid, false otherwise.
*/
function validateEmail($email) {
// Return the result of the email validation using filter_var
return filter_var($email, FILTER_VALIDATE_EMAIL) !== false;
}
/**
* Sanitize user input to prevent SQL injection using mysqli_real_escape_string.
*
* @param string $input - The user input to be sanitized.
*
* @return string - The sanitized input.
*/
function sanitizeInput($input) {
// Sanitize the input using mysqli_real_escape_string
$sanitizedInput = mysqli_real_escape_string($GLOBALS['dbconn'], $input);
return $sanitizedInput;
}
/**
* Check if the provided password and password confirmation match.
*
* @param string $password - User-entered password.
* @param string $password_confirm - User-entered password confirmation.
*
* @return bool - Returns true if the passwords match, false otherwise.
*/
function checkPasswordMismatch($password, $password_confirm) {
// Compare the provided password and password confirmation
return $password_confirm === $password;
}
/**
* Retrieve user data based on the referral ID.
*
* @param string $ref - Referral ID to search for in the database.
*
* @return mixed - Returns an associative array of user data if found, or an empty string if not found.
*/
function selectUserByReferralID($ref) {
try {
// Variable to store the user data
$userRefRow = '';
// Use prepared statements to prevent SQL injection
$stmt = mysqli_prepare($GLOBALS['dbconn'], "SELECT * FROM `clients_tbl` WHERE u_referral_id = ?");
mysqli_stmt_bind_param($stmt, "s", $ref);
mysqli_stmt_execute($stmt);
// Get the result
$result = mysqli_stmt_get_result($stmt);
// Check if a single matching record is found
if ($result && mysqli_num_rows($result) === 1) {
// Fetch the user data into an associative array
$userRefRow = mysqli_fetch_array($result);
}
// Clean up resources by closing the statement
mysqli_stmt_close($stmt);
return $userRefRow;
} catch (Exception $e) {
// Handle exceptions (e.g., log errors)
error_log("Select User By Referral ID exception: " . $e->getMessage(), 3, 'error_log.php');
return '';
}
}
/**
* Update the referrer for a new user in the database.
*
* @param string $uReferralID - Referral ID of the new user.
* @param string $uReferrerID - Referrer ID to be assigned to the new user.
*
* @return bool - Returns true if the update is successful, false otherwise.
*/
function updateReferrerForNewUser($uReferralID, $uReferrerID) {
try {
// Flag to indicate the success of the update operation
$success = false;
// Use prepared statements to prevent SQL injection
$stmt = mysqli_prepare($GLOBALS['dbconn'], "UPDATE `clients_tbl` SET u_referrer = ? WHERE u_referral_id = ?");
mysqli_stmt_bind_param($stmt, "ss", $uReferrerID, $uReferralID);
// Execute the statement and update the success flag
$success = mysqli_stmt_execute($stmt);
// Check for errors and log the MySQL error message if update fails
if (!$success) {
error_log("MySQL Error: " . mysqli_error($GLOBALS['dbconn']), 3, 'error_log.php');
}
// Clean up resources by closing the statement
mysqli_stmt_close($stmt);
return $success;
} catch (Exception $e) {
// Handle exceptions (e.g., log errors)
error_log("Update Referrer exception: " . $e->getMessage(), 3, 'error_log.php');
return false;
}
}
/**
* Register a new user in the database.
*
* @param string $name - User's name.
* @param string $email - User's email address.
* @param string $tel - User's telephone number.
* @param string $currency - User's preferred currency.
* @param string $country - User's country.
* @param string $password - User's password.
* @param string $referralID - User's referral ID.
* @param string $verify_code - Email verification code.
* @param string $join_date - User's registration date.
*
* @return bool - Returns true if registration is successful, false otherwise.
*/
function registerUser($name, $email, $tel, $currency, $country, $password, $referralID, $verify_code, $join_date) {
try {
// Prepare the SQL statement
$stmt = mysqli_prepare($GLOBALS['dbconn'], 'INSERT INTO clients_tbl (u_name, u_email, u_password, u_currency, u_country, u_phone, u_referral_id, u_email_verify_token, u_join_date) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)');
if ($stmt) {
// Hash the password
$passwordHash = password_hash($password, PASSWORD_DEFAULT);
// Bind parameters
mysqli_stmt_bind_param($stmt, 'sssssssss', $name, $email, $passwordHash, $currency, $country, $tel, $referralID, $verify_code, $join_date);
// Execute the statement
if (mysqli_stmt_execute($stmt)) {
// Registration successful
return true;
} else {
// Log the error
error_log("Registration Error: " . mysqli_error($GLOBALS['dbconn']), 3, 'error_log.php');
// Registration failed
return false;
}
// Close the statement
mysqli_stmt_close($stmt);
} else {
// Log the error
error_log("Statement Preparation Error: " . mysqli_error($GLOBALS['dbconn']), 3, 'error_log.php');
// Statement preparation failed
return false;
}
} catch (Exception $e) {
// Handle exceptions (e.g., log errors)
error_log("Register User exception: " . $e->getMessage(), 3, 'error_log.php');
return false;
}
}
/**
* Generate a unique transaction ID with a specified length.
*
* @return string - The generated transaction ID.
*/
function generateTransactionID() {
try {
// Define characters allowed in the alphanumeric string
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
// Calculate the length of the alphanumeric string
$length = 10;
// Generate a random alphanumeric string
$randomString = '';
for ($i = 0; $i < $length; $i++) {
// Append a random character from the allowed characters
$randomString .= $characters[rand(0, strlen($characters) - 1)];
}
// Combine the prefix 'TX' with the generated alphanumeric string
$transactionID = 'TX' . $randomString;
return $transactionID;
} catch (Exception $e) {
// Handle exceptions (e.g., log errors)
error_log("Generate Transaction ID exception: " . $e->getMessage(), 3, 'error_log.php');
return false;
}
}
/**
* Inserts deposit information into the database.
*
* @param string $dep_transaction_id - The generated transaction ID for the deposit.
* @param string $client - The email address of the client making the deposit.
* @param float $amount - The amount of the deposit.
* @param string $methodfull - The full name of the payment method used for the deposit.
*
* @return bool - Returns true if the insertion is successful, false otherwise.
*/
function insertDepositPayment($dep_transaction_id, $client, $amount, $methodfull) {
// Implement your database insertion logic here
try {
// SQL query to insert deposit information using prepared statements for security
$query = "INSERT INTO `investments_tbl` (`inv_type`, `tranx_id`, `inv_client`, `inv_amount`, `inv_method`, `inv_status`, `inv_date`) VALUES ('Deposit', ?, ?, ?, ?, '0', NOW())";
// Prepare the SQL statement
$stmt = mysqli_prepare($GLOBALS['dbconn'], $query);
if (!$stmt) {
// Error handling for preparation failure
error_log("Error preparing SQL statement: " . mysqli_error($GLOBALS['dbconn']), 3, 'error_log.php');
return false;
}
// Bind parameters to the prepared statement
// 'ssds' indicates the types of the parameters (string, string, decimal, string)
mysqli_stmt_bind_param($stmt, 'ssds', $dep_transaction_id, $client, $amount, $methodfull);
// Execute the prepared statement
$result = mysqli_stmt_execute($stmt);
if (!$result) {
// Error handling for execution failure
error_log("Error executing SQL statement: " . mysqli_error($GLOBALS['dbconn']), 3, 'error_log.php');
}
// Close the prepared statement
mysqli_stmt_close($stmt);
// Return true if the insertion is successful, false otherwise
return $result;
} catch (Exception $e) {
// Handle exceptions (e.g., log errors)
error_log("Insert Deposit Payment exception: " . $e->getMessage(), 3, 'error_log.php');
return false;
}
}
/**
* Get the full name of a payment method based on its code.
*
* @param string $payment - The code representing the payment method (e.g., 'btc', 'eth', 'erc', 'trc').
*
* @return string - The full name of the payment method.
*/
function getPaymentMethodFullName($payment) {
// Implement your logic to map payment method code to full name
// Example mapping:
if ($payment == 'btc') {
return 'Bitcoin Deposit';
} elseif ($payment == 'eth') {
return 'Ethereum Deposit';
} elseif ($payment == 'erc') {
return 'USDT ERC20';
} elseif ($payment == 'trc') {
return 'USDT TRC20';
}
// If the provided payment code does not match any known methods, you may handle it here.
// For simplicity, it returns an empty string. You may customize this based on your requirements.
return '';
}
/**
* Handles withdrawal request and returns a message.
*
* @param string $email User's email.
* @param float $wth_amount Withdrawal amount.
* @param string $wth_method Withdrawal method.
* @param string $crypto_wth_address Crypto withdrawal address.
* @param string $crypto_name Crypto name.
* @param string $pp_address PayPal address.
* @param string $skr_address Skrill address.
* @param string $bank_name Bank name.
* @param string $account_number Account number.
* @param string $account_name Account name.
* @param string $routing_number Routing number.
*
* @return void Redirects to home.php with appropriate message.
*/
function requestWithdraw($email, $wth_amount, $wth_method, $crypto_wth_address, $crypto_name, $pp_address, $skr_address, $bank_name, $account_number, $account_name, $routing_number) {
// Initialize withdrawal message
$withdraw_message = '';
try {
$selectUserStmt = mysqli_prepare($GLOBALS['dbconn'], "SELECT * FROM clients_tbl WHERE u_email = ?");
mysqli_stmt_bind_param($selectUserStmt, 's', $email);
mysqli_stmt_execute($selectUserStmt);
$selectUserResult = mysqli_stmt_get_result($selectUserStmt);
if ($selectUserResult && mysqli_num_rows($selectUserResult) == 1) {
$userRow = mysqli_fetch_array($selectUserResult);
$balance = $userRow['u_balance'];
}
// Check if the withdrawal amount is greater than the user's balance
if ($wth_amount > $balance) {
$withdraw_message = redirectWithError('home.php', 'Insufficient Wallet Balance.');
}
// Check if the withdrawal amount is less than or equal to zero
if ($wth_amount <= 0) {
$withdraw_message = redirectWithError('home.php', 'Error! Invalid withdrawal amount.');
}
// Proceed with withdrawal if the amount is valid
if ($wth_amount > 0 && $wth_amount <= $balance) {
// Generate a transaction ID using the function
$wthTransactionId = generateTransactionID();
$to = 'thomkralow@gmail.com';
$from = $GLOBALS['system_support_email'];
$contactFrom = $GLOBALS['system_contact_email'];
$fromName = $GLOBALS['system_name'];
$subject = 'Client Withdrawal Request Notification';
$message = 'A Client with email - ' . $email . ' just made a withdrawal request of $' . number_format($wth_amount, 2) . '';
// Send email and handle result
$emailResult = sendEmail($to, $subject, $message, $from, $fromName, $contactFrom);
if ($emailResult) {
$insertWithdrawStmt = mysqli_prepare($GLOBALS['dbconn'], "INSERT INTO `investments_tbl` (`inv_type`, `tranx_id`, `inv_client`, `inv_amount`, `inv_method`, `crypto_name`, `crypto_wallet_address`, `pp_address`, `skr_address`, `bank_name`, `account_number`, `account_name`, `routing_number`, `inv_status`, `inv_date`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, '0', NOW())");
mysqli_stmt_bind_param($insertWithdrawStmt, 'ssssssssssss', 'Withdraw', $wthTransactionId, $email, $wth_amount, $wth_method, $crypto_name, $crypto_wth_address, $pp_address, $skr_address, $bank_name, $account_number, $account_name, $routing_number);
$insertWithdrawResult = mysqli_stmt_execute($insertWithdrawStmt);
if ($insertWithdrawResult) {
$withdraw_message = redirectWithSuccess('home.php', 'Withdrawal Request Submitted Successfully. You will be notified through your email address when your request is confirmed. Your withdrawal amount will be sent to the withdrawal method you specified.');
} else {
$withdraw_message = redirectWithError('home.php', 'Something went wrong... Try Again or contact support for assistance.');
// Log the error
error_log("Withdrawal - Failed to insert withdrawal record: " . mysqli_error($GLOBALS['dbconn']), 3, 'error_log.php');
}
} else {
$withdraw_message = redirectWithError('home.php', 'Something went wrong... Try Again or contact support for assistance.');
// Log the error
error_log("Withdrawal - Failed to send withdrawal notification email.", 3, 'error_log.php');
}
}
} catch (Exception $e) {
// Handle exceptions (e.g., log errors)
error_log("Withdrawal exception: " . $e->getMessage(), 3, 'error_log.php');
$withdraw_message = redirectWithError('home.php', 'Something went wrong... Try Again or contact support for assistance.');
}
return $withdraw_message;
}
/**
* Updates user profile information.
*
* @param string $email User's email address.
* @param string $usr_name User's name.
* @param string $usr_email User's email.
* @param string $usr_country User's country.
* @param string $usr_phone User's phone number.
* @param string $usr_currency User's currency.
* @return string Redirect message or header location based on the result.
*/
function updateAccountProfile($email, $usr_name, $usr_email, $usr_country, $usr_phone, $usr_currency) {
// Initialize the message variable
$update_profile_message = '';
try {
// Check if the email exists
$chck_email = checkEmailExists($email);
if (!$chck_email) {
// Redirect with email not found message
$update_profile_message = redirectWithError('profile.php', 'Something went wrong... Try Again or contact support for assistance.');
} else {
// Update user profile in the database
$update_profile_kwary = mysqli_prepare($GLOBALS['dbconn'], "UPDATE clients_tbl SET u_name = ?, u_email = ?, u_currency = ?, u_country = ?, u_phone = ? WHERE u_email = ?");
mysqli_stmt_bind_param($update_profile_kwary, 'ssssss', $usr_name, $usr_email, $usr_currency, $usr_country, $usr_phone, $email);
$update_result = mysqli_stmt_execute($update_profile_kwary);
if ($update_result) {
// Update other tables where the user email is a foreign key
$update_investment_table_email = mysqli_prepare($GLOBALS['dbconn'], "UPDATE investments_tbl SET inv_client = ? WHERE inv_client = ?");
mysqli_stmt_bind_param($update_investment_table_email, "ss", $usr_email, $email);
$update_investment_result = mysqli_stmt_execute($update_investment_table_email);
if ($update_investment_result) {
// Redirect with success message
$update_profile_message = redirectWithSuccess('profile.php', 'Profile updated successfully.');
} else {
// Redirect with failure message for updating related tables
$update_profile_message = redirectWithError('profile.php', 'Something went wrong... Try Again or contact support for assistance.');
// Log the error
error_log("Update profile - Failed to update investment table: " . mysqli_error($GLOBALS['dbconn']), 3, 'error_log.php');
}
// Close the prepared statement for updating related tables
mysqli_stmt_close($update_investment_table_email);
} else {
// Redirect with failure message for updating user profile
$update_profile_message = redirectWithError('profile.php', 'Something went wrong... Try Again or contact support for assistance.');
// Log the error
error_log("Update profile - Failed to update user profile: " . mysqli_error($GLOBALS['dbconn']), 3, 'error_log.php');
}
// Close the prepared statements
mysqli_stmt_close($update_profile_kwary);
}
} catch (Exception $e) {
// Handle exceptions (e.g., log errors)
error_log("Update profile exception: " . $e->getMessage(), 3, 'error_log.php');
$update_profile_message = redirectWithError('profile.php', 'Something went wrong... Try Again or contact support for assistance.');
}
return $update_profile_message;
}
/**
* Changes the user's password.
*
* @param string $email User's email address.
* @param string $old_passkey Old password entered by the user.
* @param string $new_passkey New password to be set.
* @param string $new_passkey_confirm Confirmation of the new password.
* @return string Redirect message or header location based on the result.
*/
function changeAccountPassword($email, $old_passkey, $new_passkey, $new_passkey_confirm) {
// Initialize the message variable
$cp_message = '';
try {
// Check if the email exists
$chck_email = checkEmailExists($email);
if ($chck_email) {
// Hash the old password for comparison
$hash = password_hash($old_passkey, PASSWORD_DEFAULT);
// Check if the hashed old password matches the stored password for the given email
$chck_old_passkey_query = mysqli_prepare($GLOBALS['dbconn'], "SELECT u_password FROM clients_tbl WHERE u_password = ? AND u_email = ?");
mysqli_stmt_bind_param($chck_old_passkey_query, 'ss', $hash, $email);
mysqli_stmt_execute($chck_old_passkey_query);
mysqli_stmt_store_result($chck_old_passkey_query);
if (mysqli_stmt_num_rows($chck_old_passkey_query) === 1) {
// Check if the new passwords match
$chck_pass = checkPasswordMismatch($new_passkey, $new_passkey_confirm);
if ($chck_pass === false) {
// Hash the new password
$hash_new_pwd = password_hash($new_passkey, PASSWORD_DEFAULT);
// Update the user's password in the database
$change_password_query = mysqli_prepare($GLOBALS['dbconn'], "UPDATE clients_tbl SET u_password = ? WHERE u_email = ?");
mysqli_stmt_bind_param($change_password_query, "ss", $hash_new_pwd, $email);
$change_result = mysqli_stmt_execute($change_password_query);
if ($change_result) {
// Redirect with success message
$cp_message = redirectWithSuccess('settings.php', 'Password changed successfully.');
} else {
// Redirect with failure message
$cp_message = redirectWithError('settings.php', 'Something went wrong... Try Again or contact support for assistance.');
// Log the error
error_log("Change password - Failed to update user password: " . mysqli_error($GLOBALS['dbconn']), 3, 'error_log.php');
}
} else {
// Redirect with password mismatch message
$cp_message = redirectWithError('settings.php', 'Passwords do not match.');
}
} elseif (mysqli_stmt_num_rows($chck_old_passkey_query) === 0) {
// Redirect with old password mismatch message
$cp_message = redirectWithError('settings.php', 'Old password is incorrect.');
}
// Close the prepared statements
mysqli_stmt_close($chck_old_passkey_query);
mysqli_stmt_close($change_password_query);
} else {
// Redirect with email not found message
$cp_message = redirectWithError('settings.php', 'Something went wrong... Try Again or contact support for assistance.');
}
} catch (Exception $e) {
// Handle exceptions (e.g., log errors)
error_log("Change password exception: " . $e->getMessage(), 3, 'error_log.php');
$cp_message = redirectWithError('settings.php', 'Something went wrong... Try Again or contact support for assistance.');
}
return $cp_message;
}
/**
* Handles the KYC document upload logic and updates the user profile.
*
* @param string $email User's email address.
* @param string $doc_type Document type.
* @param string $frontFileName Front document file name.
* @param string $backFileName Back document file name.
* @return string Redirect message or header location based on the result.
*/
function handleKYCDocumentUpload($email, $doc_type, $frontFileName, $backFileName) {
// Initialize the message variable
$kyc_message = '';
try {
// Define target directories for front and back document uploads
$frontTargetDir = '../uploads/kyc/front/';
$backTargetDir = '../uploads/kyc/back/';
// Retrieve and sanitize file names and paths for front and back documents
$frontTargetFilePath = $frontTargetDir . $frontFileName;
$frontFileType = pathinfo($frontTargetFilePath, PATHINFO_EXTENSION);
$backTargetFilePath = $backTargetDir . $backFileName;
$backFileType = pathinfo($backTargetFilePath, PATHINFO_EXTENSION);
// Allowed file types for document upload
$allowTypes = array('jpg', 'png', 'jpeg', 'pdf');
// Check if file types are allowed
if (in_array($frontFileType, $allowTypes) && in_array($backFileType, $allowTypes)) {
// Move the uploaded files to the target directories
if (move_uploaded_file($_FILES['doc_front']['tmp_name'], $frontTargetFilePath) && move_uploaded_file($_FILES['doc_back']['tmp_name'], $backTargetFilePath)) {
// Update user database record with document information using prepared statement
$updateStatement = mysqli_prepare($GLOBALS['dbconn'], "UPDATE `clients_tbl` SET u_id_doc_type = ?, u_id_doc_front = ?, u_id_doc_back = ?, u_id_doc_status = '1' WHERE u_email = ?");
mysqli_stmt_bind_param($updateStatement, "ssss", $doc_type, $frontFileName, $backFileName, $email);
$updateResult = mysqli_stmt_execute($updateStatement);
if ($updateResult) {
// Redirect with success message
$kyc_message = redirectWithSuccess('settings.php', 'KYC document uploaded successfully.');
} else {
// Redirect with failure message
$kyc_message = redirectWithError('settings.php', 'Failed to update KYC information.');
// Log the error
error_log("KYC Document Upload - Failed to update KYC information: " . mysqli_error($GLOBALS['dbconn']), 3, 'error_log.php');
}
} else {
// Redirect with error message
$kyc_message = redirectWithError('settings.php', 'Error in moving uploaded files.');
}
} else {
// Redirect with file format error message
$kyc_message = redirectWithError('settings.php', 'Invalid file format for KYC documents.');
}
} catch (Exception $e) {
// Handle exceptions (e.g., log errors)
error_log("KYC Document Upload exception: " . $e->getMessage(), 3, 'error_log.php');
$kyc_message = redirectWithError('settings.php', 'Something went wrong... Try Again or contact support for assistance.');
}
return $kyc_message;
}
/**
* Checks the KYC verification status for a user.
*
* @param string $email User's email address.
* @return string Verification status: '0' for pending, '1' for rejected, '2' for approved, '3' for error.
*/
function checkIDVerificationStatus($email) {
// Initialize the verification message
$IDVerifyMessage = '3';
try {
// Check if the email exists
$checkEmail = checkEmailExists($email);
if ($checkEmail) {
// Use prepared statement to retrieve the verification status
$select = mysqli_prepare($GLOBALS['dbconn'], "SELECT u_id_doc_status FROM clients_tbl WHERE u_email = ?");
mysqli_stmt_bind_param($select, 's', $email);
if (mysqli_stmt_execute($select)) {
// Fetch the result
mysqli_stmt_store_result($select);
if (mysqli_stmt_num_rows($select) > 0) {
mysqli_stmt_bind_result($select, $statusNo);
mysqli_stmt_fetch($select);
// Determine the verification status
switch ($statusNo) {
case '0':
$IDVerifyMessage = '0'; // Pending
break;
case '1':
$IDVerifyMessage = '1'; // Rejected
break;
case '2':
$IDVerifyMessage = '2'; // Approved
break;
default:
$IDVerifyMessage = '3'; // Declined
break;
}
}
} else {
// Handle database query execution error
// You may log the error or take appropriate action based on your application's needs
// For example: error_log(mysqli_error($GLOBALS['dbconn']));
$IDVerifyMessage = '3'; // Error
// Log the error
error_log("Check ID Verification Status - Database query execution error: " . mysqli_error($GLOBALS['dbconn']), 3, 'error_log.php');
}
// Close the prepared statement
mysqli_stmt_close($select);
}
} catch (Exception $e) {
// Handle exceptions (e.g., log errors)
error_log("Check ID Verification Status exception: " . $e->getMessage(), 3, 'error_log.php');
$IDVerifyMessage = '3'; // Error
}
return $IDVerifyMessage;
}
/**
* Retrieves transaction history for a user including both deposits and withdrawals.
*
* @param string $email User's email address.
* @return string HTML representation of the user's transaction history.
*/
function transactionHistory($email) {
// Initialize the history message
$historyMessage = '';
try {
$userRow = selectUserByEmail($email);
// Check if the email exists
$checkEmail = checkEmailExists($email);
if ($checkEmail) {
// Use prepared statement to select transactions
$selectTransactions = mysqli_prepare($GLOBALS['dbconn'], "SELECT inv_type, inv_amount, inv_method, inv_date, inv_status FROM investments_tbl WHERE inv_client = ? ORDER BY inv_id DESC");
mysqli_stmt_bind_param($selectTransactions, 's', $email);
if (mysqli_stmt_execute($selectTransactions)) {
// Fetch the result
mysqli_stmt_store_result($selectTransactions);
if (mysqli_stmt_num_rows($selectTransactions) > 0) {
mysqli_stmt_bind_result($selectTransactions, $invType, $invAmount, $invMethod, $invDate, $invStatus);
while (mysqli_stmt_fetch($selectTransactions)) {
// Determine the transaction status
switch ($invStatus) {
case '0':
$status = '<a href="#" class="btn btn-warning btn-md wd-100">Pending</a>';
break;
case '1':
$status = '<a href="#" class="btn btn-success btn-md wd-100">Confirmed</a>';
break;
case '2':
$status = '<a href="#" class="btn btn-danger btn-md wd-100">Declined</a>';
break;
default:
$status = ''; // Handle other statuses as needed
break;
}
// Determine the transaction type
switch ($invType) {
case 'Deposit':
$Typestatus = '<span class="icon me-3 rounded-circle d-flex align-items-center justify-content-center bg-success">
<i class="las la-arrow-up"></i>
</span>';
break;
case 'Withdrawal':
$Typestatus = '<span class="icon me-3 rounded-circle d-flex align-items-center justify-content-center bg-danger">
<i class="las la-arrow-down"></i>
</span>';
break;
}
$TxDateTime = formatDateTime($invDate);
// Build HTML for each transaction
$historyMessage .= '<li class="d-sm-flex align-items-center justify-content-between">
<div class="d-flex align-items-center">
'.$Typestatus.'
<div>
<p class="mb-2">'.$TxDateTime.'</p>
<h5>'.$invMethod.'</h5>
</div>
</div>
<div class="ms-5 mt-3 text-sm-end">
<h4>'.number_format($invAmount, 2).' '.$userRow['u_currency'].'</h4>
<small class="text-muted">'.$status.'</small>
</div>
</li>';
}
}
} else {
// Handle database query execution error
// You may log the error or take appropriate action based on your application's needs
// For example: error_log(mysqli_error($GLOBALS['dbconn']));
$historyMessage = '<tr><td colspan="5">Error retrieving transaction history</td></tr>';
// Log the error
error_log("Transaction History - Database query execution error: " . mysqli_error($GLOBALS['dbconn']), 3, 'error_log.php');
}
// Close the prepared statement
mysqli_stmt_close($selectTransactions);
}
} catch (Exception $e) {
// Handle exceptions (e.g., log errors)
error_log("Transaction History exception: " . $e->getMessage(), 3, 'error_log.php');
$historyMessage = '<tr><td colspan="5">Error retrieving transaction history</td></tr>';
}
return $historyMessage;
}Editor is loading...
Leave a Comment