76 lines
3.0 KiB
PHP
76 lines
3.0 KiB
PHP
<?php
|
|
require_once 'db/config.php';
|
|
require_once 'includes/currency_helper.php';
|
|
session_start();
|
|
|
|
if (!isset($_SESSION['user_id'])) {
|
|
header("Location: login.php");
|
|
exit;
|
|
}
|
|
|
|
$user_id = $_SESSION['user_id'];
|
|
$pdo = db();
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['amount'])) {
|
|
$amount = (float)$_POST['amount'];
|
|
$order_type = $_POST['order_type'] ?? 'deposit'; // 'deposit' or 'withdrawal'
|
|
$type = $_POST['type'] ?? 'fiat'; // 'fiat' or 'usdt'
|
|
$currency = $_POST['currency'] ?? 'USDT';
|
|
$network = $_POST['network'] ?? '';
|
|
|
|
$fiat_rates = get_fiat_rates();
|
|
$rate = $fiat_rates[$currency] ?? 1.0;
|
|
|
|
if ($order_type === 'deposit') {
|
|
$usdt_amount = ($rate > 0) ? ($amount / $rate) : $amount;
|
|
} else {
|
|
// Withdrawal: amount is already in USDT (usually)
|
|
$usdt_amount = $amount;
|
|
|
|
// For withdrawal, we check balance first
|
|
$stmt = $pdo->prepare("SELECT balance FROM users WHERE id = ?");
|
|
$stmt->execute([$user_id]);
|
|
$balance = (float)$stmt->fetchColumn();
|
|
|
|
if ($balance < $usdt_amount) {
|
|
die("余额不足");
|
|
}
|
|
|
|
// Deduct balance immediately for withdrawal
|
|
$stmt = $pdo->prepare("UPDATE users SET balance = balance - ? WHERE id = ?");
|
|
$stmt->execute([$usdt_amount, $user_id]);
|
|
}
|
|
|
|
$expires_at = date('Y-m-d H:i:s', strtotime('+30 minutes'));
|
|
|
|
$pdo->beginTransaction();
|
|
try {
|
|
// Create order with status 'matching'
|
|
$stmt = $pdo->prepare("INSERT INTO fiat_orders (user_id, order_type, amount, usdt_amount, exchange_rate, currency, status, expires_at, created_at) VALUES (?, ?, ?, ?, ?, ?, 'matching', ?, CURRENT_TIMESTAMP)");
|
|
$stmt->execute([$user_id, $order_type, $amount, $usdt_amount, $rate, $currency, $expires_at]);
|
|
$order_id = $pdo->lastInsertId();
|
|
|
|
// Log to transactions table
|
|
$desc = ($order_type === 'deposit') ? "充值申请 #$order_id ($amount $currency)" : "提现申请 #$order_id ($amount $currency)";
|
|
$stmt = $pdo->prepare("INSERT INTO transactions (user_id, type, amount, currency, status, description) VALUES (?, ?, ?, 'USDT', 'pending', ?)");
|
|
$stmt->execute([$user_id, $order_type, ($order_type === 'deposit' ? $usdt_amount : -$usdt_amount), $desc]);
|
|
|
|
// Notification message for admin/chat
|
|
$type_text = ($order_type === 'deposit') ? "充值" : "提现";
|
|
$method_info = ($type === 'usdt') ? "USDT ($network)" : "法币 ($currency)";
|
|
$msg = "📢 用户发起 $type_text 请求\n金额: $amount $currency\n订单号: #$order_id\n方式: $method_info";
|
|
|
|
$stmt = $pdo->prepare("INSERT INTO messages (user_id, sender, message) VALUES (?, 'user', ?)");
|
|
$stmt->execute([$user_id, $msg]);
|
|
|
|
$pdo->commit();
|
|
header("Location: chat.php");
|
|
exit;
|
|
} catch (Exception $e) {
|
|
$pdo->rollBack();
|
|
die("Error: " . $e->getMessage());
|
|
}
|
|
} else {
|
|
header("Location: index.php");
|
|
exit;
|
|
} |