mirror of
https://github.com/myronblair/tomtomgames
synced 2026-06-30 17:51:08 -05:00
Initial commit
This commit is contained in:
+148
@@ -0,0 +1,148 @@
|
||||
<?php
|
||||
ob_start();
|
||||
require_once __DIR__ . '/../../includes/auth.php';
|
||||
ob_end_clean();
|
||||
|
||||
header('Content-Type: application/json');
|
||||
|
||||
if (!isLoggedIn()) { echo json_encode(['success'=>false,'error'=>'Not authenticated']); exit; }
|
||||
|
||||
$userId = (int)$_SESSION['user_id'];
|
||||
$method = $_SERVER['REQUEST_METHOD'];
|
||||
|
||||
// ══════════════════════════════════════════════════════════
|
||||
// GET — player's own requests (list, delete, update, lock)
|
||||
// ══════════════════════════════════════════════════════════
|
||||
if ($method === 'GET') {
|
||||
$action = $_GET['action'] ?? 'list';
|
||||
|
||||
if ($action === 'list') {
|
||||
$stmt = db()->prepare("
|
||||
SELECT cr.*,
|
||||
COALESCE(p.name, cr.platform_id) AS platform_name
|
||||
FROM cashout_requests cr
|
||||
LEFT JOIN platforms p ON cr.platform_id = p.slug
|
||||
WHERE cr.user_id = ?
|
||||
ORDER BY cr.created_at DESC
|
||||
LIMIT 50
|
||||
");
|
||||
$stmt->execute([$userId]);
|
||||
echo json_encode(['success'=>true, 'requests'=>$stmt->fetchAll()]);
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($action === 'delete') {
|
||||
$id = (int)($_GET['id'] ?? 0);
|
||||
$chk = db()->prepare("SELECT id,tokens FROM cashout_requests WHERE id=? AND user_id=? AND status='pending'");
|
||||
$chk->execute([$id, $userId]);
|
||||
$row = $chk->fetch();
|
||||
if (!$row) { echo json_encode(['success'=>false,'error'=>'Request not found or already locked']); exit; }
|
||||
db()->prepare("UPDATE users SET tokens=tokens+? WHERE id=?")->execute([$row['tokens'], $userId]);
|
||||
db()->prepare("DELETE FROM cashout_requests WHERE id=?")->execute([$id]);
|
||||
$nb = db()->prepare("SELECT tokens FROM users WHERE id=?");
|
||||
$nb->execute([$userId]);
|
||||
echo json_encode(['success'=>true,'new_balance'=>(float)$nb->fetchColumn()]);
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($action === 'update') {
|
||||
$id = (int)($_GET['id'] ?? 0);
|
||||
$tokens = (float)($_GET['tokens'] ?? 0);
|
||||
$alias = substr(trim($_GET['alias'] ?? ''), 0, 100);
|
||||
$chk = db()->prepare("SELECT id,tokens AS old_tokens FROM cashout_requests WHERE id=? AND user_id=? AND status='pending'");
|
||||
$chk->execute([$id, $userId]);
|
||||
$row = $chk->fetch();
|
||||
if (!$row) { echo json_encode(['success'=>false,'error'=>'Request not found or already locked']); exit; }
|
||||
if ($tokens < 1) { echo json_encode(['success'=>false,'error'=>'Minimum 1 token']); exit; }
|
||||
$diff = $tokens - $row['old_tokens'];
|
||||
if ($diff > 0) {
|
||||
$balChk = db()->prepare("SELECT tokens FROM users WHERE id=?");
|
||||
$balChk->execute([$userId]);
|
||||
if ($diff > (float)$balChk->fetchColumn()) { echo json_encode(['success'=>false,'error'=>'Insufficient balance']); exit; }
|
||||
}
|
||||
db()->beginTransaction();
|
||||
db()->prepare("UPDATE users SET tokens=tokens-? WHERE id=?")->execute([$diff, $userId]);
|
||||
db()->prepare("UPDATE cashout_requests SET tokens=?,alias=? WHERE id=?")->execute([$tokens, $alias, $id]);
|
||||
db()->commit();
|
||||
echo json_encode(['success'=>true]);
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($action === 'lock') {
|
||||
$id = (int)($_GET['id'] ?? 0);
|
||||
$chk = db()->prepare("SELECT id FROM cashout_requests WHERE id=? AND user_id=? AND status='pending'");
|
||||
$chk->execute([$id, $userId]);
|
||||
if (!$chk->fetch()) { echo json_encode(['success'=>false,'error'=>'Request not found']); exit; }
|
||||
try {
|
||||
db()->exec("ALTER TABLE cashout_requests MODIFY COLUMN status ENUM('pending','locked','sent','approved','rejected','deleted') DEFAULT 'pending'");
|
||||
} catch (Exception $e) {}
|
||||
db()->prepare("UPDATE cashout_requests SET status='locked' WHERE id=?")->execute([$id]);
|
||||
echo json_encode(['success'=>true]);
|
||||
exit;
|
||||
}
|
||||
|
||||
echo json_encode(['success'=>false,'error'=>'Unknown action']);
|
||||
exit;
|
||||
}
|
||||
|
||||
// ══════════════════════════════════════════════════════════
|
||||
// POST — submit new cashout request
|
||||
// ══════════════════════════════════════════════════════════
|
||||
if ($method !== 'POST') { echo json_encode(['success'=>false,'error'=>'Method not allowed']); exit; }
|
||||
|
||||
$data = json_decode(file_get_contents('php://input'), true);
|
||||
$platformId = trim($data['platform_id'] ?? '');
|
||||
$alias = trim($data['alias'] ?? '');
|
||||
$tokens = (float)($data['tokens'] ?? 0);
|
||||
$payoutMethodId = (int)($data['payout_method_id'] ?? 0);
|
||||
$payoutMethodType = trim($data['payout_method_type'] ?? '');
|
||||
$payoutHandle = trim($data['payout_handle'] ?? '');
|
||||
|
||||
// Validate platform
|
||||
$platStmt = db()->prepare("SELECT slug FROM platforms WHERE slug=? AND is_active=1 LIMIT 1");
|
||||
$platStmt->execute([$platformId]);
|
||||
if (!$platStmt->fetch()) {
|
||||
$platforms = json_decode(PLATFORMS, true);
|
||||
if (empty(array_filter($platforms, fn($p) => $p['id'] === $platformId))) {
|
||||
echo json_encode(['success'=>false,'error'=>'Invalid platform.']); exit;
|
||||
}
|
||||
}
|
||||
|
||||
if (empty($alias)) { echo json_encode(['success'=>false,'error'=>'Platform alias required.']); exit; }
|
||||
if ($tokens < 1) { echo json_encode(['success'=>false,'error'=>'Minimum cashout is 1 token.']); exit; }
|
||||
|
||||
// Validate payout method
|
||||
if ($payoutMethodId) {
|
||||
$chk = db()->prepare("SELECT method_type,account_handle FROM payout_methods WHERE id=? AND user_id=?");
|
||||
$chk->execute([$payoutMethodId, $userId]);
|
||||
if ($pm = $chk->fetch()) {
|
||||
$payoutMethodType = $pm['method_type'];
|
||||
$payoutHandle = $pm['account_handle'];
|
||||
}
|
||||
}
|
||||
|
||||
// Check balance
|
||||
$balStmt = db()->prepare("SELECT tokens FROM users WHERE id=?");
|
||||
$balStmt->execute([$userId]);
|
||||
$balance = (float)$balStmt->fetchColumn();
|
||||
if ($tokens > $balance) { echo json_encode(['success'=>false,'error'=>'Insufficient token balance.']); exit; }
|
||||
|
||||
// Deduct & create
|
||||
db()->beginTransaction();
|
||||
try {
|
||||
db()->prepare("UPDATE users SET tokens=tokens-? WHERE id=?")->execute([$tokens, $userId]);
|
||||
db()->prepare("INSERT INTO cashout_requests (user_id,platform_id,alias,tokens,payout_method_type,payout_handle) VALUES (?,?,?,?,?,?)")
|
||||
->execute([$userId, $platformId, $alias, $tokens, $payoutMethodType, $payoutHandle]);
|
||||
db()->commit();
|
||||
} catch (Exception $e) {
|
||||
db()->rollBack();
|
||||
echo json_encode(['success'=>false,'error'=>'Request failed. Try again.']); exit;
|
||||
}
|
||||
|
||||
$newBalStmt = db()->prepare("SELECT tokens FROM users WHERE id=?");
|
||||
$newBalStmt->execute([$userId]);
|
||||
$nb = (float)$newBalStmt->fetchColumn();
|
||||
|
||||
try { logActivity('cashout_request', $userId, null, 'cashout', 0, "Cashout: {$tokens} tokens via {$payoutMethodType}"); } catch(Exception $e){}
|
||||
|
||||
echo json_encode(['success'=>true, 'new_balance'=>$nb]);
|
||||
Reference in New Issue
Block a user