diff --git a/api/actions/getprofile.php b/api/actions/getprofile.php index 3e8f420..0e28ad8 100644 --- a/api/actions/getprofile.php +++ b/api/actions/getprofile.php @@ -10,10 +10,14 @@ if (empty($VARS["id"])) { $profile = $database->get("accounts", ["[>]authkeys" => ["accountid"]], ["publicid", "name", "username", "type", "verified", "bio"], ["key" => $VARS["key"]]); } else { if (!$database->has("accounts", ["publicid" => $VARS["id"]])) { - sendJsonResp($Strings->get("Could not find a matching account.", false), "ERROR"); + if (!$database->has("merchant_transactions", ["txcode" => $VARS["id"]])) { + sendJsonResp($Strings->get("Could not find a matching account.", false), "ERROR"); + } else { + $profile = $database->get("accounts", ["[>]merchant_transactions" => ["accountid" => "merchantid"]], ["publicid", "name", "username", "type", "verified", "bio"], ["txcode" => $VARS["id"]]); + } + } else { + $profile = $database->get("accounts", ["publicid", "name", "username", "type", "verified", "bio"], ["publicid" => $VARS["id"]]); } - - $profile = $database->get("accounts", ["publicid", "name", "username", "type", "verified", "bio"], ["publicid" => $VARS["id"]]); } // Make sure the name field always has something useful diff --git a/api/actions/gettxcode.php b/api/actions/gettxcode.php new file mode 100644 index 0000000..f971f4e --- /dev/null +++ b/api/actions/gettxcode.php @@ -0,0 +1,27 @@ +get("accounts", ["[>]authkeys" => ["accountid"]], "accounts.accountid", ["key" => $VARS["key"]]); + +$amount = $VARS["amount"] * 1.0; + +if ($amount <= 0 || $amount > 999.99) { + sendJsonResp($Strings->get("Amount must be more than zero and less than 999.99.", false), "ERROR"); +} + +do { + $txcode = substr(hash("sha256", random_bytes(100)), 0, 20); +} while ($database->has("merchant_transactions", ["txcode" => $txcode])); + +$database->insert("merchant_transactions", ["txcode" => $txcode, "amount" => $amount, "merchantid" => $accountid]); + +exitWithJson([ + "status" => "OK", + "txcode" => $txcode, + "amount" => $amount +]); \ No newline at end of file diff --git a/api/actions/gettxstatus.php b/api/actions/gettxstatus.php new file mode 100644 index 0000000..73bc7fd --- /dev/null +++ b/api/actions/gettxstatus.php @@ -0,0 +1,22 @@ +get("accounts", ["[>]authkeys" => ["accountid"]], "accounts.accountid", ["key" => $VARS["key"]]); + +if (!$database->has("merchant_transactions", ["AND" => ["txcode" => $VARS["txcode"], "merchantid" => $accountid]])) { + sendJsonResp($Strings->get("Transaction does not exist.", false), "ERROR"); +} + +$transaction = $database->get("merchant_transactions", ["amount", "complete", "txcode"], ["txcode" => $VARS["txcode"]]); + +exitWithJson([ + "status" => "OK", + "txcode" => $transaction["txcode"], + "amount" => $transaction["amount"], + "complete" => $transaction["complete"] == true +]); \ No newline at end of file diff --git a/api/actions/send.php b/api/actions/send.php index bc48ef9..b2ad21e 100644 --- a/api/actions/send.php +++ b/api/actions/send.php @@ -8,14 +8,24 @@ $sender = $database->get("accounts", ["[>]authkeys" => "accountid"], ["accounts.accountid", "balance", "type"], ["authkeys.key" => $VARS["key"]]); +$amount = $VARS["amount"] * 1.0; + if (!$database->has("accounts", ["publicid" => $VARS["to"]])) { - sendJsonResp($Strings->get("Could not find the receiving account.", false), "ERROR"); + if (!$database->has("merchant_transactions", ["txcode" => $VARS["to"]])) { + sendJsonResp($Strings->get("Could not find the receiving account.", false), "ERROR"); + } else { + $receiver = $database->get("accounts", ["[>]merchant_transactions" => ["accountid" => "merchantid"]], ["accounts.accountid", "accounts.balance", "accounts.type", "merchant_transactions.amount", "merchant_transactions.complete"], ["txcode" => $VARS["to"]]); + if ($receiver["complete"] == true) { + sendJsonResp($Strings->get("The transaction has already been completed.", false), "ERROR"); + } + if ($amount != $receiver["amount"]) { + sendJsonResp($Strings->get("You must send the exact amount shown ($receiver[amount]).", false), "ERROR"); + } + } +} else { + $receiver = $database->get("accounts", ["accountid", "balance", "type"], ["publicid" => $VARS["to"]]); } -$receiver = $database->get("accounts", ["accountid", "balance", "type"], ["publicid" => $VARS["to"]]); - -$amount = $VARS["amount"] * 1.0; - if ($amount > $sender["balance"]) { sendJsonResp($Strings->get("Insufficient funds.", false), "ERROR"); } @@ -34,6 +44,11 @@ if (($sender["type"] == 1 && $receiver["type"] == 2) || ($sender["type"] == 2 && "toid" => $receiver["accountid"], "datetime" => date("Y-m-d H:i:s") ]); + + if ($receiver["type"] == 3) { + $database->update("merchant_transactions", ["complete" => true], ["txcode" => $VARS["to"]]); + } + $success = true; }); diff --git a/api/apisettings.php b/api/apisettings.php index 34cde83..cc0b0d4 100644 --- a/api/apisettings.php +++ b/api/apisettings.php @@ -110,4 +110,18 @@ $APIS = [ "token" => "string" ] ], + "gettxcode" => [ + "load" => "gettxcode.php", + "vars" => [ + "key" => $keyregex, + "amount" => "/[0-9]{1,4}(\.[0-9]{2})?/" + ] + ], + "gettxstatus" => [ + "load" => "gettxstatus.php", + "vars" => [ + "key" => $keyregex, + "txcode" => "/[0-9a-z]+/" + ] + ], ]; diff --git a/database.mwb b/database.mwb index d48e909..f0fe880 100644 Binary files a/database.mwb and b/database.mwb differ