74 lines
2.6 KiB
PHP
74 lines
2.6 KiB
PHP
<?php
|
|
require_once __DIR__ . '/../db/config.php';
|
|
session_start();
|
|
|
|
header('Content-Type: application/json');
|
|
|
|
$db = db();
|
|
$user_id = $_SESSION['user_id'] ?? null;
|
|
|
|
if (!$user_id) {
|
|
echo json_encode(['success' => false, 'error' => 'Unauthorized']);
|
|
exit;
|
|
}
|
|
|
|
$symbol = $_POST['symbol'] ?? 'BTC';
|
|
$side = $_POST['side'] ?? 'buy';
|
|
$price = (float)($_POST['price'] ?? 0);
|
|
$amount = (float)($_POST['amount'] ?? 0);
|
|
$type = $_POST['type'] ?? 'limit';
|
|
|
|
if ($amount <= 0) {
|
|
echo json_encode(['success' => false, 'error' => 'Invalid amount']);
|
|
exit;
|
|
}
|
|
|
|
$db->beginTransaction();
|
|
try {
|
|
// Check balance
|
|
$total_cost = ($side === 'buy') ? ($price * $amount) : $amount;
|
|
$pay_symbol = ($side === 'buy') ? 'USDT' : $symbol;
|
|
|
|
$stmt = $db->prepare("SELECT available FROM user_balances WHERE user_id = ? AND symbol = ?");
|
|
$stmt->execute([$user_id, $pay_symbol]);
|
|
$bal = $stmt->fetchColumn() ?: 0;
|
|
|
|
if ($bal < $total_cost) {
|
|
throw new Exception("Insufficient balance");
|
|
}
|
|
|
|
// Deduct balance
|
|
$db->prepare("UPDATE user_balances SET available = available - ? WHERE user_id = ? AND symbol = ?")
|
|
->execute([$total_cost, $user_id, $pay_symbol]);
|
|
|
|
// Insert order (auto-fill for spot if price matches)
|
|
// For this simple implementation, we mark as filled immediately
|
|
$stmt = $db->prepare("INSERT INTO spot_orders (user_id, symbol, side, price, amount, filled, status) VALUES (?, ?, ?, ?, ?, ?, 'filled')");
|
|
$stmt->execute([$user_id, $symbol, $side, $price, $amount, $amount]);
|
|
|
|
// Add target balance
|
|
$target_symbol = ($side === 'buy') ? $symbol : 'USDT';
|
|
$target_amount = ($side === 'buy') ? $amount : ($price * $amount);
|
|
|
|
// Check if target balance exists, if not create
|
|
$stmt = $db->prepare("SELECT id FROM user_balances WHERE user_id = ? AND symbol = ?");
|
|
$stmt->execute([$user_id, $target_symbol]);
|
|
if (!$stmt->fetch()) {
|
|
$db->prepare("INSERT INTO user_balances (user_id, symbol, available) VALUES (?, ?, 0)")
|
|
->execute([$user_id, $target_symbol]);
|
|
}
|
|
|
|
$db->prepare("UPDATE user_balances SET available = available + ? WHERE user_id = ? AND symbol = ?")
|
|
->execute([$target_amount, $user_id, $target_symbol]);
|
|
|
|
// Record transaction
|
|
$db->prepare("INSERT INTO transactions (user_id, type, amount, symbol, status) VALUES (?, ?, ?, ?, 'completed')")
|
|
->execute([$user_id, 'spot_trade', $total_cost, $pay_symbol]);
|
|
|
|
$db->commit();
|
|
echo json_encode(['success' => true]);
|
|
} catch (Exception $e) {
|
|
$db->rollBack();
|
|
echo json_encode(['success' => false, 'error' => $e->getMessage()]);
|
|
}
|