false, 'error' => 'Unauthorized']); exit; } $user_id = $_SESSION['user_id']; $pdo = db(); // Check for active orders (including 'paid' which means waiting for admin approval) $stmt = $pdo->prepare("SELECT id, order_type, status, bank_account_info FROM fiat_orders WHERE user_id = ? AND status IN ('matching', 'matched', 'paid') ORDER BY id DESC LIMIT 1"); $stmt->execute([$user_id]); $order = $stmt->fetch(); if ($order) { echo json_encode(['success' => true, 'order' => $order]); } else { echo json_encode(['success' => true, 'order' => null]); }