56 lines
1.8 KiB
PHP
56 lines
1.8 KiB
PHP
<?php
|
|
session_start();
|
|
include "koneksi.php";
|
|
|
|
header('Content-Type: application/json');
|
|
|
|
if (!isset($_SESSION['user_id'])) {
|
|
echo json_encode(['success' => false, 'message' => 'Not logged in']);
|
|
exit;
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|
$user_id = $_SESSION['user_id'];
|
|
$amount = intval($_POST['amount']);
|
|
$bank_method = $_POST['bank_method'] ?? 'unknown';
|
|
|
|
// Validasi
|
|
if ($amount <= 0 || $amount > 1000000) {
|
|
echo json_encode(['success' => false, 'message' => 'Invalid amount']);
|
|
exit;
|
|
}
|
|
|
|
// Update balance di database
|
|
$sql = "UPDATE users SET balance = balance + ? WHERE id = ?";
|
|
$stmt = mysqli_prepare($conn, $sql);
|
|
mysqli_stmt_bind_param($stmt, "ii", $amount, $user_id);
|
|
|
|
if (mysqli_stmt_execute($stmt)) {
|
|
// Get new balance
|
|
$sql2 = "SELECT balance FROM users WHERE id = ?";
|
|
$stmt2 = mysqli_prepare($conn, $sql2);
|
|
mysqli_stmt_bind_param($stmt2, "i", $user_id);
|
|
mysqli_stmt_execute($stmt2);
|
|
$result = mysqli_stmt_get_result($stmt2);
|
|
$user = mysqli_fetch_assoc($result);
|
|
|
|
// Update session
|
|
$_SESSION['balance'] = $user['balance'];
|
|
|
|
// Log transaction
|
|
$log_sql = "INSERT INTO transactions (user_id, type, amount, description)
|
|
VALUES (?, 'topup', ?, 'Top up via $bank_method')";
|
|
$log_stmt = mysqli_prepare($conn, $log_sql);
|
|
mysqli_stmt_bind_param($log_stmt, "ii", $user_id, $amount);
|
|
mysqli_stmt_execute($log_stmt);
|
|
|
|
echo json_encode([
|
|
'success' => true,
|
|
'new_balance' => $user['balance'],
|
|
'message' => 'Top up successful'
|
|
]);
|
|
} else {
|
|
echo json_encode(['success' => false, 'message' => 'Database error']);
|
|
}
|
|
}
|
|
?>
|