Jump to content
Larry Ullman's Book Forums

Recommended Posts

Add validations to the transfers script to prevent a negative transfer or the selection of the same account for both the “to” and “from.

 

I have honestly no idea on how to do this:

 

// if statements right here
         if ($amount > 0) {
            if ($to != $from) {
                // logic to add the balance to the account
            } else {
            <p>To and From cannot be the same
            }
        } else {
            <p>Please deposit an amount greater than zero.
        }
    } 
        //logic to add the balance to the account

 

This is all I have for adding it, but I dont know what else to do and it gives me an error when I do 0. Help please!

Share this post


Link to post
Share on other sites

That seems like you're on the right path. I'm not quite following what the problem is. You say it gives you an error when you do 0, but that seems like the correct behavior, no?

Share this post


Link to post
Share on other sites

Yeah I saw my problem a few to extra brackets this is how the code I have now looks.

 

 

<!doctype html>
<html lang="en">
<head>
    <meta charset="utf-8">
    <title>Transfer Funds</title>
</head>
<body>
<h1>Transfer Funds</h1>
<?php # Script 11.7 - transfer.php
// This page performs a transfer of funds from one account to another.
// This page uses transactions.

// Always need the database connection:
$dbc = mysqli_connect('edelucas.colutah.org', 'edelucas_user', 'Deluck11d', 'edelucas_banking') OR die('Could not connect to MySQL: ' . mysqli_connect_error() );

// Check if the form has been submitted:
if ($_SERVER['REQUEST_METHOD'] == 'POST') {

    // Minimal form validation:
    if (isset($_POST['from'], $_POST['to'], $_POST['amount']) &&
     is_numeric($_POST['from']) && is_numeric($_POST['to']) && is_numeric($_POST['amount']) ) {
// if statements right here
        $from = $_POST['from'];
         $to = $_POST['to'];
         $amount = $_POST['amount'];

        if ($amount > 0) {
            echo $amount;
            $good = 'yes';
            if ($to != $from) {
                // logic to add the balance to the account
            } else {
             echo '<p>To and From cannot be the same</p>';
                $good = 'no';
            }
        } else {
             echo '<p>Please deposit an amount greater than zero.</p>';
            $good= 'no';
        } 
        if ($good == 'yes') {
            echo '<p>The transfer was a success!</p>';
        }
        

    
        //logic to add the balance to the account
        

        
         
         // Make sure enough funds are available:
        $q = "SELECT balance FROM accounts WHERE account_id=$from";
        $r = @mysqli_query($dbc, $q);
        $row = mysqli_fetch_array($r, MYSQLI_ASSOC);
        if ($amount > $row['balance']) {
            echo '<p class="error">Insufficient funds to complete the transfer.</p>';
        } else {
            // Turn autocommit off:
            mysqli_autocommit($dbc, FALSE);

            $q = "UPDATE accounts SET balance=balance-$amount WHERE account_id=$from";
            $r = @mysqli_query($dbc, $q);
            if (mysqli_affected_rows($dbc) == 1) { // If it ran OK.

                $q = "UPDATE accounts SET balance=balance+$amount WHERE account_id=$to";
                $r = @mysqli_query($dbc, $q);
                if (mysqli_affected_rows($dbc) == 1) { // If it ran OK.

                    mysqli_commit($dbc);
                    

                } else {
                    mysqli_rollback($dbc);
                    echo '<p>The transfer could not be made due to a system error. We apologize for any inconvenience.</p>'; // Public message.
                    echo '<p>' . mysqli_error($dbc) . '<br>Query: ' . $q . '</p>'; // Debugging message.
                }

            } else {
                mysqli_rollback($dbc);
                echo '<p>The transfer could not be made due to a system error. We apologize for any inconvenience.</p>'; // Public message.
                echo '<p>' . mysqli_error($dbc) . '<br>Query: ' . $q . '</p>'; // Debugging message.
            }

        }

    }else { // Invalid submitted values.
        echo '<p class="error">Please select a valid "from" and "to" account and enter a numeric amount to transfer.</p>';
    }

} // End of submit conditional.

// Always show the form...

// Get all the accounts and balances as OPTIONs for the SELECT menus:
$q = "SELECT account_id, CONCAT(last_name, ', ', first_name) AS name, type, balance FROM accounts LEFT JOIN customers USING (customer_id) ORDER BY name";
$r = @mysqli_query($dbc, $q);
$options = '';
while ($row = mysqli_fetch_array($r, MYSQLI_ASSOC)) {
    $options .= "<option value=\"{$row['account_id']}\">{$row['name']} ({$row['type']}) \${$row['balance']}</option>\n";
}

// Create the form:
echo '<form action="transfer.php" method="post">
<p>From Account: <select name="from">' . $options . '</select></p>
<p>To Account: <select name="to">' . $options . '</select></p>
<p>Amount: <input type="number" name="amount" step="0.01" min="1"></p>
<p><input type="submit" name="submit" value="Submit"></p>
</form>';

mysqli_close($dbc);
?>
</body>
</html>

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...