147 lines
6.2 KiB
PHP
147 lines
6.2 KiB
PHP
<?php
|
|
// initiate_deal.php
|
|
session_start();
|
|
require_once 'db/config.php';
|
|
|
|
// Hardcoded user ID for demonstration
|
|
$current_user_id = 2; // Assuming a different user is buying
|
|
|
|
$ad = null;
|
|
$error = '';
|
|
$message = '';
|
|
|
|
if (!isset($_GET['ad_id']) || !is_numeric($_GET['ad_id'])) {
|
|
header("Location: user_ads.php");
|
|
exit;
|
|
}
|
|
|
|
$ad_id = (int)$_GET['ad_id'];
|
|
|
|
try {
|
|
$pdo = db();
|
|
$stmt = $pdo->prepare(
|
|
"SELECT a.*, u.nickname AS seller_nickname, u.rating AS seller_rating
|
|
FROM ads a
|
|
JOIN users u ON a.user_id = u.id
|
|
WHERE a.id = :ad_id AND a.status = 'ACTIVE'"
|
|
);
|
|
$stmt->bindParam(':ad_id', $ad_id, PDO::PARAM_INT);
|
|
$stmt->execute();
|
|
$ad = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
|
|
if (!$ad) {
|
|
$error = "Ad not found or is no longer active.";
|
|
}
|
|
} catch (PDOException $e) {
|
|
$error = "Database error: " . $e->getMessage();
|
|
}
|
|
|
|
// Handle form submission
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST' && $ad) {
|
|
$amount_crypto = $_POST['amount_crypto'] ?? 0;
|
|
$amount_fiat = 0;
|
|
|
|
// Basic validation
|
|
if (!is_numeric($amount_crypto) || $amount_crypto <= 0) {
|
|
$error = "Please enter a valid amount.";
|
|
} else {
|
|
$amount_fiat = $amount_crypto * $ad['fixed_price'];
|
|
if ($amount_fiat < $ad['min_amount'] || $amount_fiat > $ad['max_amount']) {
|
|
$error = "The amount is not within the ad's limits.";
|
|
} elseif ($amount_crypto > $ad['available_amount']) {
|
|
$error = "The requested amount exceeds the available amount in the ad.";
|
|
} else {
|
|
// All good, create the order
|
|
try {
|
|
$buyer_id = $current_user_id;
|
|
$seller_id = $ad['user_id'];
|
|
$status = 'AWAITING_PAYMENT'; // Or PENDING_CONFIRMATION depending on flow
|
|
|
|
$pdo->beginTransaction();
|
|
|
|
// Create the order
|
|
$order_stmt = $pdo->prepare(
|
|
"INSERT INTO orders (ad_id, buyer_id, seller_id, amount_crypto, amount_fiat, status)
|
|
VALUES (:ad_id, :buyer_id, :seller_id, :amount_crypto, :amount_fiat, :status)"
|
|
);
|
|
$order_stmt->execute([
|
|
':ad_id' => $ad_id,
|
|
':buyer_id' => $buyer_id,
|
|
':seller_id' => $seller_id,
|
|
':amount_crypto' => $amount_crypto,
|
|
':amount_fiat' => $amount_fiat,
|
|
':status' => $status
|
|
]);
|
|
|
|
// Reduce available amount in the ad
|
|
$ad_update_stmt = $pdo->prepare("UPDATE ads SET available_amount = available_amount - :amount_crypto WHERE id = :ad_id");
|
|
$ad_update_stmt->execute([':amount_crypto' => $amount_crypto, ':ad_id' => $ad_id]);
|
|
|
|
$pdo->commit();
|
|
|
|
// Redirect to deals page
|
|
header("Location: my_deals.php");
|
|
exit;
|
|
|
|
} catch (PDOException $e) {
|
|
$pdo->rollBack();
|
|
$error = "Failed to create the deal. Error: " . $e->getMessage();
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title>Initiate Deal</title>
|
|
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
|
|
<link href="https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css" rel="stylesheet">
|
|
</head>
|
|
<body>
|
|
<nav class="navbar navbar-expand-lg navbar-dark bg-dark">
|
|
<div class="container">
|
|
<a class="navbar-brand" href="index.php">P2P Platform</a>
|
|
</div>
|
|
</nav>
|
|
|
|
<div class="container mt-5">
|
|
<div class="row">
|
|
<div class="col-md-8 offset-md-2">
|
|
<?php if ($error): ?>
|
|
<div class="alert alert-danger"><?php echo htmlspecialchars($error); ?></div>
|
|
<a href="user_ads.php" class="btn btn-secondary">Back to Ads</a>
|
|
<?php elseif ($ad): ?>
|
|
<div class="card">
|
|
<div class="card-header">
|
|
<h3><?php echo $ad['ad_type'] === 'SELL' ? 'Buy' : 'Sell'; ?> <?php echo htmlspecialchars($ad['currency']); ?> from <?php echo htmlspecialchars($ad['seller_nickname']); ?></h3>
|
|
</div>
|
|
<div class="card-body">
|
|
<!-- Ad Details -->
|
|
<p><strong>Price:</strong> <?php echo number_format($ad['fixed_price'], 2); ?> <?php echo htmlspecialchars($ad['payment_currency']); ?> per <?php echo htmlspecialchars($ad['currency']); ?></p>
|
|
<p><strong>Limits:</strong> <?php echo number_format($ad['min_amount'], 2); ?> - <?php echo number_format($ad['max_amount'], 2); ?> <?php echo htmlspecialchars($ad['payment_currency']); ?></p>
|
|
<p><strong>Available:</strong> <?php echo rtrim(rtrim(number_format($ad['available_amount'], 8), '0'), '.'); ?> <?php echo htmlspecialchars($ad['currency']); ?></p>
|
|
<p><strong>Payment Method:</strong> <?php echo htmlspecialchars($ad['bank_name']); ?></p>
|
|
<hr>
|
|
|
|
<!-- Deal Form -->
|
|
<form method="POST" action="initiate_deal.php?ad_id=<?php echo $ad_id; ?>">
|
|
<div class="mb-3">
|
|
<label for="amount_crypto" class="form-label">How much <?php echo htmlspecialchars($ad['currency']); ?> do you want to <?php echo $ad['ad_type'] === 'SELL' ? 'buy' : 'sell'; ?>?</label>
|
|
<input type="number" step="0.00000001" class="form-control" id="amount_crypto" name="amount_crypto" required>
|
|
</div>
|
|
<button type="submit" class="btn btn-success">Start Deal</button>
|
|
<a href="user_ads.php" class="btn btn-secondary">Cancel</a>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
<?php endif; ?>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html>
|