The following files exists in this folder. Click to view.
account.php113 lines UTF-8 Unix (LF) 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113
<?php
require "config.php";
if (!isset($_SESSION['user_id'])) { header("Location: login.php"); exit; }
$account_id = $_GET['id'] ?? 0;
$stmt = $db->prepare("SELECT * FROM accounts WHERE id = ? AND user_id = ?");
$stmt->execute([$account_id, $_SESSION['user_id']]);
$account = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$account) { die("Ogiltigt konto."); }
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$amount = (int)$_POST['amount'];
$desc = $_POST['description'];
$action = $_POST['action'];
if ($amount > 0) {
$change = ($action === "deposit") ? $amount : -$amount;
if ($action === "withdraw" && $account['balance'] < $amount) {
$error = "Du kan inte ta ut mer än saldot.";
} else {
$db->prepare("UPDATE accounts SET balance = balance + ? WHERE id = ?")
->execute([$change, $account_id]);
$db->prepare("INSERT INTO transactions (account_id, amount, description) VALUES (?, ?, ?)")
->execute([$account_id, $change, $desc]);
header("Location: account.php?id=$account_id");
exit;
}
}
}
$stmt = $db->prepare("SELECT * FROM transactions WHERE account_id = ? ORDER BY created_at DESC");
$stmt->execute([$account_id]);
$transactions = $stmt->fetchAll(PDO::FETCH_ASSOC);
?>
<!DOCTYPE html>
<html lang="sv">
<head>
<meta charset="UTF-8">
<title><?= htmlspecialchars($account['account_name']) ?></title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
</head>
<body class="bg-light">
<div class="container py-5">
<div class="row justify-content-center">
<div class="col-md-7">
<div class="card shadow-sm">
<div class="card-header bg-primary text-white text-center">
<h3><?= htmlspecialchars($account['account_name']) ?></h3>
</div>
<div class="card-body">
<p class="lead text-center">
Saldo:
<strong class="text-success"><?= $account['balance'] ?> kr</strong>
</p>
<?php if (!empty($error)): ?>
<div class="alert alert-danger"><?= $error ?></div>
<?php endif; ?>
<form method="post" class="mb-4">
<div class="mb-3">
<label class="form-label">Belopp</label>
<input type="number" name="amount" class="form-control" required min="1">
</div>
<div class="mb-3">
<label class="form-label">Beskrivning</label>
<input type="text" name="description" class="form-control">
</div>
<div class="d-grid gap-2">
<button name="action" value="deposit" class="btn btn-success">Sätt in</button>
<button name="action" value="withdraw" class="btn btn-warning">Ta ut</button>
</div>
</form>
<hr>
<h5>Transaktionshistorik</h5>
<ul class="list-group">
<?php foreach ($transactions as $t): ?>
<li class="list-group-item d-flex justify-content-between
<?= $t['amount'] >= 0 ? 'list-group-item-success' : 'list-group-item-danger' ?>">
<span><?= htmlspecialchars($t['description']) ?></span>
<strong><?= $t['amount'] ?> kr</strong>
</li>
<?php endforeach; ?>
</ul>
</div>
<div class="card-footer text-center">
<a href="dashboard.php" class="btn btn-outline-primary btn-sm">Tillbaka</a>
</div>
</div>
</div>
</div>
</div>
</body>
</html>