36 lines
1003 B
PHP
36 lines
1003 B
PHP
<?php
|
|
include 'koneksi.php';
|
|
session_start();
|
|
|
|
if (!isset($_SESSION['username'])) {
|
|
http_response_code(401);
|
|
echo json_encode(['error' => 'Not logged in']);
|
|
exit;
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
|
http_response_code(405);
|
|
echo json_encode(['error' => 'Method not allowed']);
|
|
exit;
|
|
}
|
|
|
|
$input = json_decode(file_get_contents('php://input'), true);
|
|
$new_balance = isset($input['balance']) ? (int)$input['balance'] : null;
|
|
|
|
if ($new_balance === null || $new_balance < 0) {
|
|
http_response_code(400);
|
|
echo json_encode(['error' => 'Invalid balance']);
|
|
exit;
|
|
}
|
|
|
|
$username = mysqli_real_escape_string($conn, $_SESSION['username']);
|
|
$query = "UPDATE users SET balance = $new_balance WHERE username = '$username'";
|
|
|
|
if (mysqli_query($conn, $query)) {
|
|
$_SESSION['balance'] = $new_balance;
|
|
echo json_encode(['success' => true, 'balance' => $new_balance]);
|
|
} else {
|
|
http_response_code(500);
|
|
echo json_encode(['error' => 'Database update failed']);
|
|
}
|
|
?>
|