Gecko [ 37julay.space ]

Name	Size	Permission	Date
.htaccess	237 B	-r-xr-xr-x	2025-09-01 07:26
active_deactive.php	1.5 KB	-rw-r--r--	2024-10-25 15:16
balance_add.php	2.14 KB	-rw-r--r--	2024-10-26 06:06
change_bonus.php	1.34 KB	-rw-r--r--	2024-10-25 15:30
change_password.php	1.83 KB	-rw-r--r--	2024-10-26 17:30
change_password_admin.php	1.12 KB	-rw-r--r--	2024-10-26 17:41
createLink.txt	25 B	-rw-r--r--	2024-10-26 17:09
delete_user.php	1.86 KB	-rw-r--r--	2024-10-25 15:16
error_log	34 MB	-rw-r--r--	2025-08-29 06:53
fetch_balance.php	650 B	-rw-r--r--	2024-10-25 15:16
generate_token.php	1.12 KB	-rw-r--r--	2024-11-06 08:08
insert_price.php	1.2 KB	-rw-r--r--	2024-11-17 06:17
login.php	1.42 KB	-rw-r--r--	2024-12-04 08:10
udpate_token.php	1.14 KB	-rw-r--r--	2024-10-25 15:16
update_admin_user.php	656 B	-rw-r--r--	2024-11-14 09:26

Rename

<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
if (isset($_POST["submit"])) {
    include_once("../includes/configuration.php");
    
    // Sanitize the inputs
    $id = mysqli_real_escape_string($conn, $_POST["id"]);
    $balance = mysqli_real_escape_string($conn, $_POST["balance"]);

// Ensure $balance is a numeric value
    $balance = floatval($balance); // or use intval($balance) if it's an integer

// Step 1: Retrieve the current balance
    $sql = "SELECT email, balance FROM users WHERE id = ?";
    $stmt = $conn->prepare($sql);
    $stmt->bind_param("i", $id); // "i" indicates an integer parameter
    $stmt->execute();
    $result = $stmt->get_result();

if ($result->num_rows > 0) {
        $row = $result->fetch_assoc();
        $currentBalance = $row['balance'];
        $email = $row['email'];

// Step 2: Add the new balance to the current balance
        $newBalance = $currentBalance + $balance;

// Step 3: Update the balance in the database
        $update_sql = "UPDATE users SET balance = ? WHERE id = ?";
        $update_stmt = $conn->prepare($update_sql);
        $update_stmt->bind_param("di", $newBalance, $id); // "di" indicates double and integer params

if ($update_stmt->execute()) {
            // Step 4: Log the balance change in add_remove_balance table
            $action = ($balance >= 0) ? "add" : "remove";
            $log_sql = "INSERT INTO add_remove_balance (user, amount, action, update_at) VALUES (?, ?, ?, NOW())";
            $log_stmt = $conn->prepare($log_sql);
            $log_stmt->bind_param("sds", $email, $balance, $action); // "sds" indicates string, double, string params
            $log_stmt->execute();
            $log_stmt->close();

header("location: ../user_list.php?msg=success&text=" . $balance . " tk Balance added successfully for " . $email);
            exit();
        } else {
            header("location: ../user_list.php?msg=error&text=Error found when adding balance");
            exit();
        }

$update_stmt->close();
    } else {
        header("location: ../index.php");
        exit();
    }
}
?>