admin/38451-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
38451-vm/admin/finance.php
Flatlogic Bot b573ba93a2 Autosave: 20260218-050956
2026-02-18 05:09:56 +00:00

232 lines
9.5 KiB
PHP
Raw Blame History

<?php
require_once __DIR__ . '/layout.php';
$db = db();
// Helper to check permissions
if (!hasPermission('audit_finance')) {
echo "权限不足";
exit;
}
// Handle Approval
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) {
$id = (int)$_POST['request_id'];
$stmt = $db->prepare("SELECT r.* FROM finance_requests r JOIN users u ON r.user_id = u.id WHERE r.id = ? " . ($admin['is_agent'] ? "AND u.agent_id = ?" : ""));
$params = [$id];
if ($admin['is_agent']) $params[] = $admin['id'];
$stmt->execute($params);
$req = $stmt->fetch();
if (!$req || $req['status'] !== 'pending') {
header("Location: finance.php?error=invalid");
exit;
}
if ($_POST['action'] === 'approve') {
$db->beginTransaction();
try {
// Update status
$db->prepare("UPDATE finance_requests SET status = 'approved' WHERE id = ?")->execute([$id]);
// If recharge, add to balance
if ($req['type'] === 'recharge') {
$stmt = $db->prepare("SELECT * FROM user_balances WHERE user_id = ? AND symbol = ?");
$stmt->execute([$req['user_id'], $req['symbol']]);
$bal = $stmt->fetch();
if ($bal) {
$db->prepare("UPDATE user_balances SET available = available + ? WHERE id = ?")
->execute([$req['amount'], $bal['id']]);
} else {
$db->prepare("INSERT INTO user_balances (user_id, symbol, available) VALUES (?, ?, ?)")
->execute([$req['user_id'], $req['symbol'], $req['amount']]);
}
// Add to transactions history
$db->prepare("INSERT INTO transactions (user_id, type, amount, symbol, status) VALUES (?, 'recharge', ?, ?, 'completed')")
->execute([$req['user_id'], $req['amount'], $req['symbol']]);
}
$db->commit();
header("Location: finance.php?msg=approved");
} catch (Exception $e) {
$db->rollBack();
header("Location: finance.php?error=" . urlencode($e->getMessage()));
}
exit;
}
if ($_POST['action'] === 'reject') {
$reason = $_POST['reason'] ?? '';
$db->beginTransaction();
try {
$db->prepare("UPDATE finance_requests SET status = 'rejected', rejection_reason = ? WHERE id = ?")
->execute([$reason, $id]);
// If withdrawal, return balance
if ($req['type'] === 'withdrawal') {
$db->prepare("UPDATE user_balances SET available = available + ? WHERE user_id = ? AND symbol = ?")
->execute([$req['amount'], $req['user_id'], $req['symbol']]);
$db->prepare("INSERT INTO transactions (user_id, type, amount, symbol, status) VALUES (?, 'withdrawal_refund', ?, ?, 'completed')")
->execute([$req['user_id'], $req['amount'], $req['symbol']]);
}
$db->commit();
header("Location: finance.php?msg=rejected");
} catch (Exception $e) {
$db->rollBack();
header("Location: finance.php?error=" . urlencode($e->getMessage()));
}
exit;
}
}
$title = '充提管理';
ob_start();
$type = $_GET['type'] ?? 'recharge';
$user_id = isset($_GET['user_id']) ? (int)$_GET['user_id'] : null;
$sql = "SELECT r.*, u.username, u.uid FROM finance_requests r JOIN users u ON r.user_id = u.id WHERE r.type = ?";
$params = [$type];
if ($admin['is_agent']) {
$sql .= " AND u.agent_id = ?";
$params[] = $admin['id'];
}
if ($user_id) {
$sql .= " AND r.user_id = ?";
$params[] = $user_id;
}
$sql .= " ORDER BY r.created_at DESC";
$stmt = $db->prepare($sql);
$stmt->execute($params);
$requests = $stmt->fetchAll();
?>
<div class="d-flex justify-content-between align-items-center mb-4">
<div class="d-flex align-items-center gap-3">
<a href="<?= $user_id ? 'users.php' : 'index.php' ?>" class="btn btn-outline-secondary btn-sm"><i class="bi bi-arrow-left"></i> 返回</a>
<h4 class="mb-0"><?= $type === 'recharge' ? '充值审核' : '提现审核' ?> <?= $user_id ? "(用户ID: $user_id)" : "" ?></h4>
</div>
<div class="btn-group">
<a href="?type=recharge" class="btn <?= $type === 'recharge' ? 'btn-primary' : 'btn-outline-primary' ?>">充值审核</a>
<a href="?type=withdrawal" class="btn <?= $type === 'withdrawal' ? 'btn-primary' : 'btn-outline-primary' ?>">提现审核</a>
</div>
</div>
<?php if (isset($_GET['msg'])): ?>
<div class="alert alert-success mb-4">操作成功!</div>
<?php endif; ?>
<?php if (isset($_GET['error'])): ?>
<div class="alert alert-danger mb-4">错误: <?= htmlspecialchars($_GET['error']) ?></div>
<?php endif; ?>
<div class="table-container">
<table class="table table-hover align-middle">
<thead>
<tr class="text-muted small">
<th>ID</th>
<th>用户信息</th>
<th>金额</th>
<th>支付信息/详情</th>
<th>时间</th>
<th>状态</th>
<th class="text-end">操作</th>
</tr>
</thead>
<tbody>
<?php foreach ($requests as $r): ?>
<tr>
<td><?= $r['id'] ?></td>
<td>
<div><?= htmlspecialchars($r['username']) ?></div>
<code class="small"><?= $r['uid'] ?></code>
</td>
<td>
<span class="fw-bold <?= $r['type'] === 'recharge' ? 'text-success' : 'text-danger' ?>">
<?= $r['type'] === 'recharge' ? '+' : '-' ?> <?= number_format($r['amount'], 2) ?> <?= $r['symbol'] ?>
</span>
</td>
<td>
<?php if ($r['type'] === 'recharge'): ?>
<div class="small">方法: <?= htmlspecialchars($r['payment_method'] ?? 'USDT') ?></div>
<div class="text-muted small">哈希/备注: <?= htmlspecialchars($r['tx_hash'] ?? '无') ?></div>
<?php else: ?>
<div class="small">提现地址: <code><?= htmlspecialchars($r['payment_details'] ?? '未知') ?></code></div>
<?php endif; ?>
<?php if ($r['rejection_reason']): ?>
<div class="text-danger small mt-1">理由: <?= htmlspecialchars($r['rejection_reason']) ?></div>
<?php endif; ?>
</td>
<td><small class="text-muted"><?= $r['created_at'] ?></small></td>
<td>
<?php if ($r['status'] === 'pending'): ?>
<span class="badge bg-warning">待处理</span>
<?php elseif ($r['status'] === 'approved'): ?>
<span class="badge bg-success">已通过</span>
<?php else: ?>
<span class="badge bg-danger">已拒绝</span>
<?php endif; ?>
</td>
<td class="text-end">
<?php if ($r['status'] === 'pending'): ?>
<div class="btn-group btn-group-sm">
<form method="POST" class="d-inline">
<input type="hidden" name="request_id" value="<?= $r['id'] ?>">
<input type="hidden" name="action" value="approve">
<button type="submit" class="btn btn-outline-success" onclick="return confirm('确定要通过吗?')">通过</button>
</form>
<button class="btn btn-outline-danger" onclick="showRejectModal(<?= $r['id'] ?>)">拒绝</button>
</div>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
<?php if (empty($requests)): ?>
<tr><td colspan="7" class="text-center p-5 text-muted">暂无记录</td></tr>
<?php endif; ?>
</tbody>
</table>
</div>
<!-- Reject Modal -->
<div class="modal fade" id="rejectModal" tabindex="-1">
<div class="modal-dialog">
<form class="modal-content" method="POST">
<input type="hidden" name="action" value="reject">
<input type="hidden" name="request_id" id="reject_request_id">
<div class="modal-header">
<h5 class="modal-title">拒绝请求</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal"></button>
</div>
<div class="modal-body">
<div class="mb-3">
<label class="form-label">拒绝理由</label>
<textarea name="reason" class="form-control" rows="3" required placeholder="请填写拒绝理由..."></textarea>
</div>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">取消</button>
<button type="submit" class="btn btn-danger">确认拒绝</button>
</div>
</form>
</div>
</div>
<script>
function showRejectModal(id) {
document.getElementById('reject_request_id').value = id;
new bootstrap.Modal(document.getElementById('rejectModal')).show();
}
</script>
<?php
$content = ob_get_clean();
renderAdminPage($content, $title);
?>
Reference in New Issue View Git Blame Copy Permalink