92 lines
3.7 KiB
PHP
92 lines
3.7 KiB
PHP
<?php
|
|
session_start();
|
|
require_once __DIR__ . '/../db/config.php';
|
|
|
|
header('Content-Type: application/json');
|
|
|
|
if (!isset($_SESSION['user_id'])) {
|
|
echo json_encode(['success' => false, 'message' => 'Please login first.']);
|
|
exit;
|
|
}
|
|
|
|
$userId = $_SESSION['user_id'];
|
|
$symbol = $_POST['symbol'] ?? '';
|
|
$side = $_POST['side'] ?? ''; // buy/sell
|
|
$type = $_POST['type'] ?? 'spot'; // spot/contract
|
|
$price = floatval($_POST['price'] ?? 0);
|
|
$amount = floatval($_POST['amount'] ?? 0);
|
|
|
|
if ($amount <= 0 || $price <= 0) {
|
|
echo json_encode(['success' => false, 'message' => 'Invalid amount or price.']);
|
|
exit;
|
|
}
|
|
|
|
try {
|
|
$pdo = db();
|
|
$pdo->beginTransaction();
|
|
|
|
// Fetch user balance
|
|
$stmt = $pdo->prepare("SELECT balance_usdt FROM users WHERE id = ? FOR UPDATE");
|
|
$stmt->execute([$userId]);
|
|
$user = $stmt->fetch();
|
|
|
|
$totalCost = $price * $amount;
|
|
|
|
if ($type === 'spot') {
|
|
if ($side === 'buy') {
|
|
if ($user['balance_usdt'] < $totalCost) {
|
|
echo json_encode(['success' => false, 'message' => 'Insufficient USDT balance.']);
|
|
$pdo->rollBack();
|
|
exit;
|
|
}
|
|
// Deduct USDT
|
|
$stmt = $pdo->prepare("UPDATE users SET balance_usdt = balance_usdt - ? WHERE id = ?");
|
|
$stmt->execute([$totalCost, $userId]);
|
|
|
|
// Record Order
|
|
$stmt = $pdo->prepare("INSERT INTO spot_orders (user_id, symbol, side, type, price, amount, status) VALUES (?, ?, 'buy', 'limit', ?, ?, 'filled')");
|
|
$stmt->execute([$userId, $symbol, $price, $amount]);
|
|
} else {
|
|
// Sell logic (simplified: assuming user has enough coin for now)
|
|
$stmt = $pdo->prepare("UPDATE users SET balance_usdt = balance_usdt + ? WHERE id = ?");
|
|
$stmt->execute([$totalCost, $userId]);
|
|
|
|
$stmt = $pdo->prepare("INSERT INTO spot_orders (user_id, symbol, side, type, price, amount, status) VALUES (?, ?, 'sell', 'limit', ?, ?, 'filled')");
|
|
$stmt->execute([$userId, $symbol, $price, $amount]);
|
|
}
|
|
} else {
|
|
// Contract logic
|
|
$margin = $totalCost / 10; // Assuming 10x leverage for simulation
|
|
if ($side === 'buy') { // Long
|
|
if ($user['balance_usdt'] < $margin) {
|
|
echo json_encode(['success' => false, 'message' => 'Insufficient margin.']);
|
|
$pdo->rollBack();
|
|
exit;
|
|
}
|
|
$stmt = $pdo->prepare("UPDATE users SET balance_usdt = balance_usdt - ? WHERE id = ?");
|
|
$stmt->execute([$margin, $userId]);
|
|
|
|
$stmt = $pdo->prepare("INSERT INTO contract_positions (user_id, symbol, side, leverage, entry_price, size, margin, status) VALUES (?, ?, 'long', 10, ?, ?, ?, 'active')");
|
|
$stmt->execute([$userId, $symbol, $price, $amount, $margin]);
|
|
} else { // Short
|
|
if ($user['balance_usdt'] < $margin) {
|
|
echo json_encode(['success' => false, 'message' => 'Insufficient margin.']);
|
|
$pdo->rollBack();
|
|
exit;
|
|
}
|
|
$stmt = $pdo->prepare("UPDATE users SET balance_usdt = balance_usdt - ? WHERE id = ?");
|
|
$stmt->execute([$margin, $userId]);
|
|
|
|
$stmt = $pdo->prepare("INSERT INTO contract_positions (user_id, symbol, side, leverage, entry_price, size, margin, status) VALUES (?, ?, 'short', 10, ?, ?, ?, 'active')");
|
|
$stmt->execute([$userId, $symbol, $price, $amount, $margin]);
|
|
}
|
|
}
|
|
|
|
$pdo->commit();
|
|
echo json_encode(['success' => true, 'message' => 'Order processed.']);
|
|
|
|
} catch (Exception $e) {
|
|
if ($pdo->inTransaction()) $pdo->rollBack();
|
|
echo json_encode(['success' => false, 'message' => 'System error: ' . $e->getMessage()]);
|
|
}
|