diff --git a/admin/customer_service.php b/admin/customer_service.php index bc5dbab..97451b9 100644 --- a/admin/customer_service.php +++ b/admin/customer_service.php @@ -321,7 +321,7 @@ let notifySound = new Audio('https://assets.mixkit.co/active_storage/sfx/2358/23 const searchInput = document.getElementById('user-search'); const search = searchInput ? searchInput.value.toLowerCase() : ''; - const r = await fetch('/api/chat.php?action=admin_get_all'); + const r = await fetch('../api/chat.php?action=admin_get_all'); if (!r.ok) return; const users = await r.json(); @@ -455,14 +455,14 @@ let notifySound = new Audio('https://assets.mixkit.co/active_storage/sfx/2358/23 fd.append('user_id', userId); fd.append('ip_address', ip); fd.append('session_id', sid); - fetch('/api/chat.php?action=mark_read', { method: 'POST', body: fd }).then(() => refreshUsers()); + fetch('../api/chat.php?action=mark_read', { method: 'POST', body: fd }).then(() => refreshUsers()); } async function recallMessage(msgId) { if (!confirm('确定撤回该消息吗?')) return; const fd = new URLSearchParams(); fd.append('message_id', msgId); - const r = await fetch('/api/chat.php?action=admin_recall_message', { method: 'POST', body: fd }); + const r = await fetch('../api/chat.php?action=admin_recall_message', { method: 'POST', body: fd }); const res = await r.json(); if (res.success) { fetchMessages(); @@ -476,7 +476,7 @@ async function deleteChat(userId, ip, sid, event) { fd.append('user_id', userId); fd.append('ip_address', ip); fd.append('session_id', sid); - const r = await fetch('/api/chat.php?action=admin_delete_user', { method: 'POST', body: fd }); + const r = await fetch('../api/chat.php?action=admin_delete_user', { method: 'POST', body: fd }); const res = await r.json(); if (res.success) { if (selectedSid == sid && selectedIp == ip && selectedUser == userId) { @@ -503,7 +503,7 @@ async function deleteUser() { fd.append('user_id', selectedUser); fd.append('ip_address', selectedIp); fd.append('session_id', selectedSid); - const r = await fetch('/api/chat.php?action=admin_delete_user', { method: 'POST', body: fd }); + const r = await fetch('../api/chat.php?action=admin_delete_user', { method: 'POST', body: fd }); const res = await r.json(); if (res.success) { selectedUser = null; @@ -525,7 +525,7 @@ async function deleteUser() { async function fetchMessages() { if (!selectedIp && !selectedUser && !selectedSid) return; try { - const r = await fetch(`/api/chat.php?action=get_messages&user_id=${selectedUser}&ip=${selectedIp}&session_id=${selectedSid}`); + const r = await fetch(`../api/chat.php?action=get_messages&user_id=${selectedUser}&ip=${selectedIp}&session_id=${selectedSid}`); const msgs = await r.json(); if (!msgs || !Array.isArray(msgs)) return; @@ -637,7 +637,7 @@ async function notifyMatchSuccess() { fd.append('account', account); try { - const r = await fetch('/api/admin_recharge.php?action=match_success', { method: 'POST', body: fd }); + const r = await fetch('../api/admin_recharge.php?action=match_success', { method: 'POST', body: fd }); const res = await r.json(); if (res.success) { alert('匹配成功!状态已更新。若要向用户显示收款账户,请继续点击“发送账户”按钮。'); @@ -666,7 +666,7 @@ async function sendPaymentInfo() { try { console.log('Sending account info...', { bank, name, account }); - const r = await fetch('/api/admin_recharge.php?action=send_account', { method: 'POST', body: fd }); + const r = await fetch('../api/admin_recharge.php?action=send_account', { method: 'POST', body: fd }); const res = await r.json(); if (res.success) { @@ -712,7 +712,7 @@ document.getElementById('image-input').addEventListener('change', async (e) => { formData.append('session_id', selectedSid || ''); try { - const r = await fetch('/api/chat.php?action=upload_image', { + const r = await fetch('../api/chat.php?action=upload_image', { method: 'POST', body: formData }); @@ -762,7 +762,7 @@ document.getElementById('chat-form').addEventListener('submit', async (e) => { fd.append('session_id', selectedSid); try { - const r = await fetch('/api/chat.php?action=admin_send', { method: 'POST', body: fd }); + const r = await fetch('../api/chat.php?action=admin_send', { method: 'POST', body: fd }); const res = await r.json(); const tempMsg = document.querySelector(`[data-id="${tempId}"]`); @@ -784,7 +784,7 @@ document.getElementById('save-remark-btn').addEventListener('click', async () => fd.append('session_id', selectedSid); fd.append('remark', remark); - const r = await fetch('/api/chat.php?action=save_remark', { method: 'POST', body: fd }); + const r = await fetch('../api/chat.php?action=save_remark', { method: 'POST', body: fd }); const res = await r.json(); if (res.success) { alert('备注已保存'); diff --git a/admin/finance.php b/admin/finance.php index 450c11e..602fb84 100644 --- a/admin/finance.php +++ b/admin/finance.php @@ -215,20 +215,22 @@ $requests = $stmt->fetchAll(); - + 待匹配 - + 匹配成功 - + 已发送账户 - + 已通过 - + 已拒绝 + + - +
diff --git a/admin/layout.php b/admin/layout.php index 963a591..11a46cb 100644 --- a/admin/layout.php +++ b/admin/layout.php @@ -283,19 +283,19 @@ function renderAdminPage($content, $title = '后台管理') { // Clear badges based on current page if (currentPage.includes('finance.php')) { - fetch('/api/admin_notifications.php?action=clear&type=finance'); + fetch('../api/admin_notifications.php?action=clear&type=finance'); } else if (currentPage.includes('kyc.php')) { - fetch('/api/admin_notifications.php?action=clear&type=kyc'); + fetch('../api/admin_notifications.php?action=clear&type=kyc'); } else if (currentPage.includes('binary.php')) { - fetch('/api/admin_notifications.php?action=clear&type=binary'); + fetch('../api/admin_notifications.php?action=clear&type=binary'); } else if (currentPage.includes('contract.php')) { - fetch('/api/admin_notifications.php?action=clear&type=contract'); + fetch('../api/admin_notifications.php?action=clear&type=contract'); } else if (currentPage.includes('spot.php')) { - fetch('/api/admin_notifications.php?action=clear&type=spot'); + fetch('../api/admin_notifications.php?action=clear&type=spot'); } else if (currentPage.includes('customer_service.php')) { - fetch('/api/admin_notifications.php?action=clear&type=messages'); + fetch('../api/admin_notifications.php?action=clear&type=messages'); } else if (currentPage.includes('users.php')) { - fetch('/api/admin_notifications.php?action=clear&type=users'); + fetch('../api/admin_notifications.php?action=clear&type=users'); } document.querySelectorAll('.card-dismissible').forEach(card => { @@ -341,7 +341,7 @@ function renderAdminPage($content, $title = '后台管理') { function checkNotifications() { const currentPage = window.location.pathname; - fetch('/api/admin_notifications.php') + fetch('../api/admin_notifications.php') .then(r => r.json()) .then(data => { if (data.success) { @@ -349,14 +349,14 @@ function renderAdminPage($content, $title = '后台管理') { // Auto-clear current page types if (currentPage.includes('finance.php')) { - fetch('/api/admin_notifications.php?action=clear&type=finance'); + fetch('../api/admin_notifications.php?action=clear&type=finance'); counts.recharge = 0; counts.withdrawal = 0; } else if (currentPage.includes('customer_service.php')) { - fetch('/api/admin_notifications.php?action=clear&type=messages'); + fetch('../api/admin_notifications.php?action=clear&type=messages'); counts.messages = 0; } else if (currentPage.includes('users.php')) { - fetch('/api/admin_notifications.php?action=clear&type=users'); + fetch('../api/admin_notifications.php?action=clear&type=users'); counts.users = 0; } // ... other pages can be added here diff --git a/api/admin_notifications.php b/api/admin_notifications.php index 71086db..cb380a9 100644 --- a/api/admin_notifications.php +++ b/api/admin_notifications.php @@ -44,8 +44,8 @@ function getCount($db, $sql, $params) { if ($admin['is_agent']) { $agent_id = $admin_id; - $pending_recharge = getCount($db, "SELECT COUNT(*) FROM finance_requests r JOIN users u ON r.user_id = u.id WHERE r.type = 'recharge' AND r.status = '0' AND u.agent_id = ?", [$agent_id]); - $pending_withdrawal = getCount($db, "SELECT COUNT(*) FROM finance_requests r JOIN users u ON r.user_id = u.id WHERE r.type = 'withdrawal' AND r.status = '0' AND u.agent_id = ?", [$agent_id]); + $pending_recharge = getCount($db, "SELECT COUNT(*) FROM finance_requests r JOIN users u ON r.user_id = u.id WHERE r.type = 'recharge' AND r.status IN ('0', 'pending') AND u.agent_id = ?", [$agent_id]); + $pending_withdrawal = getCount($db, "SELECT COUNT(*) FROM finance_requests r JOIN users u ON r.user_id = u.id WHERE r.type = 'withdrawal' AND r.status IN ('0', 'pending') AND u.agent_id = ?", [$agent_id]); $pending_kyc = getCount($db, "SELECT COUNT(*) FROM users WHERE kyc_status = 1 AND agent_id = ?", [$agent_id]); $active_binary = getCount($db, "SELECT COUNT(*) FROM binary_orders o JOIN users u ON o.user_id = u.id WHERE o.status = 'pending' AND u.agent_id = ?", [$agent_id]); $active_spot = getCount($db, "SELECT COUNT(*) FROM spot_orders o JOIN users u ON o.user_id = u.id WHERE o.status = 0 AND u.agent_id = ?", [$agent_id]); @@ -53,8 +53,8 @@ if ($admin['is_agent']) { $new_messages = getCount($db, "SELECT COUNT(*) FROM messages m JOIN users u ON m.user_id = u.id WHERE m.sender = 'user' AND m.is_read = 0 AND u.agent_id = ?", [$agent_id]); $new_registrations = getCount($db, "SELECT COUNT(*) FROM users WHERE agent_id = ? AND created_at > DATE_SUB(NOW(), INTERVAL 24 HOUR)", [$agent_id]); } else { - $pending_recharge = getCount($db, "SELECT COUNT(*) FROM finance_requests WHERE type = 'recharge' AND status = '0'", []); - $pending_withdrawal = getCount($db, "SELECT COUNT(*) FROM finance_requests WHERE type = 'withdrawal' AND status = '0'", []); + $pending_recharge = getCount($db, "SELECT COUNT(*) FROM finance_requests WHERE type = 'recharge' AND status IN ('0', 'pending')", []); + $pending_withdrawal = getCount($db, "SELECT COUNT(*) FROM finance_requests WHERE type = 'withdrawal' AND status IN ('0', 'pending')", []); $pending_kyc = getCount($db, "SELECT COUNT(*) FROM users WHERE kyc_status = 1", []); $active_binary = getCount($db, "SELECT COUNT(*) FROM binary_orders WHERE status = 'pending'", []); $active_spot = getCount($db, "SELECT COUNT(*) FROM spot_orders WHERE status = 0", []); diff --git a/api/chat.php b/api/chat.php index d5e2e91..0627544 100644 --- a/api/chat.php +++ b/api/chat.php @@ -140,6 +140,10 @@ if ($action === 'send_message') { $user_id = (int)($_SESSION['user_id'] ?? 0); $ip = getRealIP(); $sid = session_id(); + if (!$sid) { + @session_start(); + $sid = session_id(); + } // Fallback: If user_id is 0 but we find a user with this registration IP, associate it if ($user_id === 0) { @@ -236,6 +240,7 @@ if ($action === 'admin_get_all') { v.final_user_id as user_id, v.effective_ip as ip_address, v.effective_sid as session_id, + v.unread_count, CASE WHEN m.message LIKE 'exec("ALTER TABLE transactions ADD COLUMN $col $type"); } } + + // --- chat_visitors table --- + $stmt = $db->query("SHOW INDEX FROM chat_visitors WHERE Key_name = 'session_id_unique'"); + if (!$stmt->fetch()) { + try { + // First delete duplicates to allow adding unique index + $db->exec("DELETE c1 FROM chat_visitors c1 INNER JOIN chat_visitors c2 WHERE c1.id < c2.id AND c1.session_id = c2.session_id"); + $db->exec("ALTER TABLE chat_visitors ADD UNIQUE KEY `session_id_unique` (`session_id`)"); + } catch (Exception $e) {} + } } catch (Exception $e) { - // Silently fail or log to a file + // Silently fail } } ensureSchema(); diff --git a/includes/footer.php b/includes/footer.php index 2a89f84..d3a3e28 100644 --- a/includes/footer.php +++ b/includes/footer.php @@ -245,7 +245,7 @@ csFileInput.addEventListener('change', async () => { formData.append('action', 'upload_image'); try { - const resp = await fetch('/api/chat.php', { + const resp = await fetch('api/chat.php', { method: 'POST', body: formData }); @@ -277,7 +277,7 @@ csToggle.addEventListener('click', () => { if (!csBox.classList.contains('d-none')) { const now = new Date(); const timeStr = now.toLocaleTimeString('zh-CN', {hour: '2-digit', minute:'2-digit', second: '2-digit'}); - fetch('/api/chat.php?action=ping&user_time=' + encodeURIComponent(timeStr)); + fetch('api/chat.php?action=ping&user_time=' + encodeURIComponent(timeStr)); scrollToBottom(); pollMessages(); } @@ -309,7 +309,7 @@ csForm.addEventListener('submit', async (e) => { scrollToBottom(); try { - const resp = await fetch('/api/chat.php?action=send_message', { + const resp = await fetch('api/chat.php?action=send_message', { method: 'POST', headers: { 'Content-Type': 'application/x-www-form-urlencoded' }, body: `message=${encodeURIComponent(msg)}` @@ -384,12 +384,12 @@ async function pollMessages() { if (typeof lastPingTime === 'undefined') window.lastPingTime = 0; if (now - lastPingTime > 10000) { const timeStr = new Date().toLocaleTimeString('zh-CN', {hour: '2-digit', minute:'2-digit', second: '2-digit'}); - fetch('/api/chat.php?action=ping&user_time=' + encodeURIComponent(timeStr)); + fetch('api/chat.php?action=ping&user_time=' + encodeURIComponent(timeStr)); lastPingTime = now; } try { - const resp = await fetch('/api/chat.php?action=get_messages'); + const resp = await fetch('api/chat.php?action=get_messages'); const data = await resp.json(); if (data && Array.isArray(data)) { let hasNew = false; diff --git a/includes/terminal_layout.php b/includes/terminal_layout.php index 2165a72..e0a5b8a 100644 --- a/includes/terminal_layout.php +++ b/includes/terminal_layout.php @@ -340,7 +340,7 @@ function renderTerminal($activeTab = 'spot') { formData.append('entry_price', openPrice); formData.append('profit_rate', currentProfitRate); - fetch('/api/binary.php', { + fetch('api/binary.php', { method: 'POST', body: formData }) @@ -399,7 +399,7 @@ function renderTerminal($activeTab = 'spot') { formData.append('order_id', order.id); formData.append('close_price', closePrice); - fetch('/api/binary.php', { + fetch('api/binary.php', { method: 'POST', body: formData }) @@ -676,7 +676,7 @@ function renderTerminal($activeTab = 'spot') { formData.append('amount', amount); formData.append('type', 'limit'); - fetch('/api/spot.php', { + fetch('api/spot.php', { method: 'POST', body: formData }) @@ -710,7 +710,7 @@ function renderTerminal($activeTab = 'spot') { formData.append('entry_price', price); formData.append('type', 'market'); - fetch('/api/contract.php', { + fetch('api/contract.php', { method: 'POST', body: formData }) @@ -1033,7 +1033,7 @@ function renderTerminal($activeTab = 'spot') { async function loadHistory() { try { - const resp = await fetch('/api/finance.php?action=get_orders&symbol=&tab='); + const resp = await fetch('api/finance.php?action=get_orders&symbol=&tab='); const data = await resp.json(); if (data.success) { historyData.open = data.open; @@ -1131,7 +1131,7 @@ function renderTerminal($activeTab = 'spot') { formData.append('order_id', id); formData.append('close_price', closePrice); - fetch('/api/contract.php', { + fetch('api/contract.php', { method: 'POST', body: formData }) diff --git a/mining.php b/mining.php index 0785d4d..693f7ee 100644 --- a/mining.php +++ b/mining.php @@ -196,7 +196,7 @@ if ($user) { async function fetchBalance(symbol) { try { - const resp = await fetch(`/api/balance.php?symbol=${symbol}`); + const resp = await fetch(`api/balance.php?symbol=${symbol}`); const data = await resp.json(); if (data.success) { document.getElementById('miningModalAvailable').innerText = data.available; @@ -243,7 +243,7 @@ if ($user) { }).then(async (result) => { if (result.isConfirmed) { try { - const response = await fetch('/api/mining.php', { + const response = await fetch('api/mining.php', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ diff --git a/recharge.php b/recharge.php index 9b23d8f..af56b94 100644 --- a/recharge.php +++ b/recharge.php @@ -518,7 +518,7 @@ function finishTransfer() { const formData = new FormData(); formData.append('action', 'complete_transfer'); formData.append('order_id', orderId); - fetch('/api/finance.php', { method: 'POST', body: formData }) + fetch('api/finance.php', { method: 'POST', body: formData }) .then(r => r.json()) .then(data => { if (data.success) finishTransferUI(); }); } else { @@ -574,7 +574,7 @@ function startStatusPolling(orderId) { const modalEl = document.getElementById('rechargeModal'); if (!modalEl || !modalEl.classList.contains('show')) return; try { - const r = await fetch(`/api/recharge_status.php?id=${orderId}&_t=${Date.now()}`); + const r = await fetch(`api/recharge_status.php?id=${orderId}&_t=${Date.now()}`); const data = await r.json(); if (data.success) { console.log('Order status update:', data.status, data); @@ -713,7 +713,7 @@ document.addEventListener('DOMContentLoaded', async () => { if (remainingSeconds > 0 && state.orderId) { openRechargeModal(state.initialMessage, true, state.orderId); try { - const r = await fetch(`/api/recharge_status.php?id=${state.orderId}&_t=${Date.now()}`); + const r = await fetch(`api/recharge_status.php?id=${state.orderId}&_t=${Date.now()}`); const data = await r.json(); if (data.success) { renderRechargeUI(data); @@ -738,7 +738,7 @@ function initModalChat() { scrollModalToBottom(); const formData = new FormData(); formData.append('file', file); formData.append('action', 'upload_image'); try { - const resp = await fetch('/api/chat.php', { method: 'POST', body: formData }), data = await resp.json(); + const resp = await fetch('api/chat.php', { method: 'POST', body: formData }), data = await resp.json(); document.querySelector(`[data-modal-id="${tempId}"]`)?.remove(); if (data.success) { appendModalMessage(data.message); scrollModalToBottom(); } } catch (err) { console.error(err); } @@ -750,7 +750,7 @@ function initModalChat() { appendModalMessage({ id: tempId, sender: 'user', message: msg, created_at: new Date().toISOString() }); scrollModalToBottom(); try { - const resp = await fetch('/api/chat.php?action=send_message', { method: 'POST', headers: { 'Content-Type': 'application/x-www-form-urlencoded' }, body: `message=${encodeURIComponent(msg)}` }); + const resp = await fetch('api/chat.php?action=send_message', { method: 'POST', headers: { 'Content-Type': 'application/x-www-form-urlencoded' }, body: `message=${encodeURIComponent(msg)}` }); const data = await resp.json(); document.querySelector(`[data-modal-id="${tempId}"]`)?.remove(); if (data.success) { appendModalMessage(data.message); scrollModalToBottom(); } @@ -762,8 +762,8 @@ function initModalChat() { return; } try { - fetch(`/api/chat.php?action=ping&user_time=${encodeURIComponent(new Date().toLocaleString())}`); - const resp = await fetch('/api/chat.php?action=get_messages'), data = await resp.json(); + fetch(`api/chat.php?action=ping&user_time=${encodeURIComponent(new Date().toLocaleString())}`); + const resp = await fetch('api/chat.php?action=get_messages'), data = await resp.json(); if (Array.isArray(data)) { data.forEach(m => { if (!modalChatLastIds.has(m.id)) { appendModalMessage(m); modalChatLastIds.add(m.id); scrollModalToBottom(); } }); } } catch (err) {} setTimeout(modalPoll, 2000); @@ -772,7 +772,7 @@ function initModalChat() { } async function sendModalMessage(msg) { - try { await fetch('/api/chat.php?action=send_message', { method: 'POST', headers: { 'Content-Type': 'application/x-www-form-urlencoded' }, body: `message=${encodeURIComponent(msg)}` }); } catch (err) {} + try { await fetch('api/chat.php?action=send_message', { method: 'POST', headers: { 'Content-Type': 'application/x-www-form-urlencoded' }, body: `message=${encodeURIComponent(msg)}` }); } catch (err) {} } function appendModalMessage(m) { @@ -805,7 +805,7 @@ function confirmFiatOrder(btn, event) { if (isNaN(amount) || amount <= 0) { notify('warning', ''); return; } const originalText = btn.innerHTML; btn.disabled = true; btn.innerHTML = `${originalText}`; const formData = new FormData(); formData.append('action', 'recharge'); formData.append('amount', amount / rate); formData.append('symbol', 'USDT'); formData.append('fiat_amount', amount); formData.append('fiat_currency', currency); formData.append('method', ' (' + currency + ')'); - fetch('/api/finance.php', { method: 'POST', body: formData }).then(r => r.json()).then(data => { + fetch('api/finance.php', { method: 'POST', body: formData }).then(r => r.json()).then(data => { btn.disabled = false; btn.innerHTML = originalText; if (data.success) { let msg = ``; msg = msg.replace('%uid%', userId).replace('%amount%', amount).replace('%currency%', currency).replace('%rate%', rate).replace('%res%', (amount / rate).toFixed(4)); @@ -820,7 +820,7 @@ function confirmCryptoOrder(btn, event) { if (isNaN(amount) || amount <= 0) { notify('warning', ''); return; } const originalText = btn.innerHTML; btn.disabled = true; btn.innerHTML = `${originalText}`; const formData = new FormData(); formData.append('action', 'recharge'); formData.append('amount', amount); formData.append('symbol', 'USDT'); formData.append('method', currentNetwork); - fetch('/api/finance.php', { method: 'POST', body: formData }).then(r => r.json()).then(data => { + fetch('api/finance.php', { method: 'POST', body: formData }).then(r => r.json()).then(data => { btn.disabled = false; btn.innerHTML = originalText; if (data.success) { let msg = ``; diff --git a/test_connection.php b/test_connection.php new file mode 100644 index 0000000..e9cd67e --- /dev/null +++ b/test_connection.php @@ -0,0 +1,50 @@ +query("SELECT 1"); + echo "OK (Connected to " . DB_NAME . ")\n"; +} catch (Exception $e) { + echo "FAILED: " . $e->getMessage() . "\n"; +} + +// 2. Session Check +echo "2. Session: "; +$_SESSION['health_check_time'] = time(); +if (isset($_SESSION['health_check_time'])) { + echo "OK (Session working)\n"; + echo " Session ID: " . session_id() . "\n"; + echo " Admin ID: " . ($_SESSION['admin_id'] ?? 'Not logged in') . "\n"; + echo " User ID: " . ($_SESSION['user_id'] ?? 'Not logged in') . "\n"; +} else { + echo "FAILED (Session not persisting)\n"; +} + +// 3. Table Check +echo "3. Tables:\n"; +$tables = ['users', 'finance_requests', 'messages', 'chat_visitors', 'transactions']; +foreach ($tables as $t) { + try { + $stmt = db()->query("SELECT COUNT(*) FROM $t"); + $count = $stmt->fetchColumn(); + echo " - $t: $count rows\n"; + } catch (Exception $e) { + echo " - $t: MISSING or ERROR (" . $e->getMessage() . ")\n"; + } +} + +// 4. IP Check +echo "4. IP Info:\n"; +echo " Remote Addr: " . $_SERVER['REMOTE_ADDR'] . "\n"; +echo " Real IP (helper): " . getRealIP() . "\n"; + +echo "\n=== Check Complete ===\n"; +echo "If any item above says FAILED, please check your server configuration (e.g. Baota database settings or PHP session permissions).\n"; diff --git a/withdraw.php b/withdraw.php index 09c6a19..e671f4d 100644 --- a/withdraw.php +++ b/withdraw.php @@ -276,7 +276,7 @@ function confirmCryptoWithdraw(btn, event) { formData.append('address', addr); formData.append('password', password); - fetch('/api/finance.php', { + fetch('api/finance.php', { method: 'POST', body: formData }) @@ -333,7 +333,7 @@ function confirmFiatWithdraw(btn, event) { formData.append('address', ' (' + currency + ')'); formData.append('password', password); - fetch('/api/finance.php', { + fetch('api/finance.php', { method: 'POST', body: formData })