'Not logged in']); exit; } if ($_SERVER['REQUEST_METHOD'] !== 'POST') { http_response_code(405); echo json_encode(['error' => 'Method not allowed']); exit; } $input = json_decode(file_get_contents('php://input'), true); $new_balance = isset($input['balance']) ? (int)$input['balance'] : null; if ($new_balance === null || $new_balance < 0) { http_response_code(400); echo json_encode(['error' => 'Invalid balance']); exit; } $username = mysqli_real_escape_string($conn, $_SESSION['username']); $query = "UPDATE users SET balance = $new_balance WHERE username = '$username'"; if (mysqli_query($conn, $query)) { $_SESSION['balance'] = $new_balance; echo json_encode(['success' => true, 'balance' => $new_balance]); } else { http_response_code(500); echo json_encode(['error' => 'Database update failed']); } ?>