Your IP : 216.73.216.26

Current Path : /home2/wtmwscom/www/member/
Upload File :
Current File : /home2/wtmwscom/www/member/fund_transfer_model.php

<?php
session_start();
include('../connection.php');
include '../function_lib.php';
$uid = $_SESSION['userid'];
if(isset($_POST['amount']) && isset($_POST['uid'])){
    $login_id = $_POST['uid'];
    $amount = $_POST['amount'];
    $wallet_type = $_POST['wallet_type'];
    //$row = mysqli_fetch_object(mysqli_query($connection, "SELECT uid, email, mobile, wallet_fund as wallet FROM user WHERE uid='$uid'"));
    $wallet_row = mysqli_fetch_object(mysqli_query($connection, "SELECT wallet, wallet_fund FROM user WHERE uid='$uid'"));

$wallet = $wallet_type=="primary_wallet" ? $wallet_row->wallet : $wallet_row->wallet_fund; 
if( $amount > $wallet){
    setMessage('Insuffcient wallet for fund transfer!', 'alert-msg error');
    redirect('./fund_transfer.php');
    die();
}
    $result = mysqli_query($connection, "SELECT uid, email, mobile, wallet_fund as wallet FROM user WHERE login_id='$login_id'");
    $to_uid_num_rows = mysqli_num_rows($result);
    if($to_uid_num_rows==1){
        $to_row = mysqli_fetch_object($result);
    }
    if($to_uid_num_rows!=1 || $to_row->uid == $uid){
        setMessage('Invalid user id.', 'alert-msg error');
        redirect('./fund_transfer.php');
        die();
    } 
//    elseif($to_row->email != $row->email || $to_row->mobile != $row->mobile){
//        setMessage('Mobile and email does not match.', 'alert-msg error');
//        redirect('./fund_transfer.php');
//        die();
//    }
//    if($amount > $row->wallet){
//        setMessage('Invalid amount.', 'alert-msg error');
//        redirect('./fund_transfer.php');
//        die();
//    }
    else{
        $to_uid = $to_row->uid;
      $sql_wallet = $wallet_type=="primary_wallet" ? "wallet = wallet" : "wallet_fund = wallet_fund"; 
        mysqli_query($connection, "UPDATE user SET $sql_wallet - '$amount' WHERE uid='".$uid."'");
        mysqli_query($connection, "UPDATE user SET wallet_fund = wallet_fund + '$amount' WHERE uid='".$to_uid."'");
        mysqli_query($connection, "INSERT INTO `fund_transfer` (`uid`, `from_uid`, `amount`, `datetime`) VALUES ('".$to_uid."','$uid','".$amount."','".date('Y-m-d H:i:s')."')");
      
        setMessage('Fund transfer successfully.', 'alert-msg success');
        redirect('./fund_transfer.php');
    }
}
else{
    redirect('./fund_transfer.php');
}
?>