171 lines
6.4 KiB
PHP
171 lines
6.4 KiB
PHP
<?php
|
|
require_once __DIR__ . '/../db/config.php';
|
|
session_start();
|
|
|
|
header('Content-Type: application/json');
|
|
|
|
$db = db();
|
|
$user_id = $_SESSION['user_id'] ?? null;
|
|
|
|
if (!$user_id) {
|
|
echo json_encode(['success' => false, 'error' => 'Unauthorized']);
|
|
exit;
|
|
}
|
|
|
|
// Check frozen status
|
|
$stmt = $db->prepare("SELECT status FROM users WHERE id = ?");
|
|
$stmt->execute([$user_id]);
|
|
if ($stmt->fetchColumn() === 'frozen') {
|
|
echo json_encode(['success' => false, 'error' => 'Account frozen']);
|
|
exit;
|
|
}
|
|
|
|
$action = $_REQUEST['action'] ?? '';
|
|
|
|
if ($action === 'get_orders') {
|
|
$tab = $_GET['tab'] ?? 'spot';
|
|
$symbol = $_GET['symbol'] ?? 'BTC';
|
|
|
|
$open = [];
|
|
$settlement = [];
|
|
|
|
if ($tab === 'binary') {
|
|
$stmt = $db->prepare("SELECT * FROM binary_orders WHERE user_id = ? ORDER BY created_at DESC");
|
|
$stmt->execute([$user_id]);
|
|
$orders = $stmt->fetchAll();
|
|
foreach ($orders as $o) {
|
|
$row = [
|
|
'id' => $o['id'],
|
|
'time' => $o['created_at'],
|
|
'pair' => $o['symbol'] . '/USDT',
|
|
'type' => 'Binary',
|
|
'side' => ($o['direction'] === 'up' || $o['direction'] === 'buy') ? 'Buy Up' : 'Buy Down',
|
|
'side_type' => ($o['direction'] === 'up' || $o['direction'] === 'buy') ? 'up' : 'down',
|
|
'price' => $o['entry_price'],
|
|
'amount' => $o['amount'],
|
|
'pnl' => $o['status'] === 'won' ? ($o['amount'] * $o['profit_rate'] / 100) : ($o['status'] === 'lost' ? -$o['amount'] : 0),
|
|
'total' => $o['status'] === 'won' ? ($o['amount'] + ($o['amount'] * $o['profit_rate'] / 100)) : ($o['status'] === 'lost' ? '0.00' : '---'),
|
|
'status' => ucfirst($o['status']),
|
|
'profitRate' => $o['profit_rate']
|
|
];
|
|
if ($o['status'] === 'pending') {
|
|
$row['status'] = 'Executing';
|
|
$row['totalSeconds'] = $o['duration'];
|
|
// Calculate seconds left
|
|
$elapsed = time() - strtotime($o['created_at']);
|
|
$row['secondsLeft'] = max(0, $o['duration'] - $elapsed);
|
|
if ($row['secondsLeft'] > 0) $open[] = $row;
|
|
else $settlement[] = $row;
|
|
} else {
|
|
$settlement[] = $row;
|
|
}
|
|
}
|
|
} elseif ($tab === 'spot') {
|
|
$stmt = $db->prepare("SELECT * FROM spot_orders WHERE user_id = ? ORDER BY created_at DESC");
|
|
$stmt->execute([$user_id]);
|
|
$orders = $stmt->fetchAll();
|
|
foreach ($orders as $o) {
|
|
$row = [
|
|
'id' => $o['id'],
|
|
'time' => $o['created_at'],
|
|
'pair' => $o['symbol'] . '/USDT',
|
|
'type' => 'Spot',
|
|
'side' => ucfirst($o['side']),
|
|
'side_type' => $o['side'],
|
|
'price' => $o['price'],
|
|
'amount' => $o['amount'],
|
|
'total' => ($o['price'] * $o['amount']),
|
|
'status' => ucfirst($o['status'])
|
|
];
|
|
if ($o['status'] === 'pending') $open[] = $row;
|
|
else $settlement[] = $row;
|
|
}
|
|
} elseif ($tab === 'contract') {
|
|
$stmt = $db->prepare("SELECT * FROM contract_orders WHERE user_id = ? ORDER BY created_at DESC");
|
|
$stmt->execute([$user_id]);
|
|
$orders = $stmt->fetchAll();
|
|
foreach ($orders as $o) {
|
|
$row = [
|
|
'id' => $o['id'],
|
|
'time' => $o['created_at'],
|
|
'pair' => $o['symbol'] . '/USDT',
|
|
'type' => 'Contract',
|
|
'side' => ucfirst($o['direction']),
|
|
'side_type' => $o['direction'] === 'long' ? 'up' : 'down',
|
|
'price' => $o['entry_price'],
|
|
'amount' => $o['amount'],
|
|
'pnl' => $o['profit'],
|
|
'total' => ($o['amount'] / $o['leverage']) + $o['profit'],
|
|
'status' => ucfirst($o['status'])
|
|
];
|
|
if ($o['status'] === 'open') $open[] = $row;
|
|
else $settlement[] = $row;
|
|
}
|
|
}
|
|
|
|
echo json_encode(['success' => true, 'open' => $open, 'settlement' => $settlement]);
|
|
exit;
|
|
}
|
|
|
|
if ($action === 'recharge') {
|
|
$amount = (float)$_POST['amount'];
|
|
$symbol = $_POST['symbol'] ?? 'USDT';
|
|
$method = $_POST['method'] ?? 'Crypto';
|
|
$tx_hash = $_POST['tx_hash'] ?? '';
|
|
|
|
if ($amount <= 0) {
|
|
echo json_encode(['success' => false, 'error' => 'Invalid amount']);
|
|
exit;
|
|
}
|
|
|
|
$stmt = $db->prepare("INSERT INTO finance_requests (user_id, type, amount, symbol, payment_method, tx_hash, status) VALUES (?, 'recharge', ?, ?, ?, ?, 'pending')");
|
|
$stmt->execute([$user_id, $amount, $symbol, $method, $tx_hash]);
|
|
|
|
echo json_encode(['success' => true]);
|
|
exit;
|
|
}
|
|
|
|
if ($action === 'withdraw') {
|
|
$amount = (float)$_POST['amount'];
|
|
$symbol = $_POST['symbol'] ?? 'USDT';
|
|
$address = $_POST['address'] ?? '';
|
|
$password = $_POST['password'] ?? '';
|
|
|
|
// Validate balance
|
|
$stmt = $db->prepare("SELECT available FROM user_balances WHERE user_id = ? AND symbol = ?");
|
|
$stmt->execute([$user_id, $symbol]);
|
|
$bal = $stmt->fetchColumn();
|
|
|
|
if ($bal < $amount) {
|
|
echo json_encode(['success' => false, 'error' => 'Insufficient balance']);
|
|
exit;
|
|
}
|
|
|
|
// In a real app, validate withdrawal password here.
|
|
// For now we just proceed as requested.
|
|
|
|
$db->beginTransaction();
|
|
try {
|
|
// Deduct balance
|
|
$db->prepare("UPDATE user_balances SET available = available - ? WHERE user_id = ? AND symbol = ?")
|
|
->execute([$amount, $user_id, $symbol]);
|
|
|
|
// Record request
|
|
$stmt = $db->prepare("INSERT INTO finance_requests (user_id, type, amount, symbol, payment_details, status) VALUES (?, 'withdrawal', ?, ?, ?, 'pending')");
|
|
$stmt->execute([$user_id, $amount, $symbol, $address]);
|
|
|
|
// Add to transactions as pending
|
|
$db->prepare("INSERT INTO transactions (user_id, type, amount, symbol, status) VALUES (?, 'withdrawal', ?, ?, 'pending')")
|
|
->execute([$user_id, $amount, $symbol]);
|
|
|
|
$db->commit();
|
|
echo json_encode(['success' => true]);
|
|
} catch (Exception $e) {
|
|
$db->rollBack();
|
|
echo json_encode(['success' => false, 'error' => $e->getMessage()]);
|
|
}
|
|
exit;
|
|
}
|
|
|
|
echo json_encode(['success' => false, 'error' => 'Invalid action']);
|