jweb/ac1/src/api/withdraw.php

<?php
session_start();
header('Content-Type: application/json');

if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) {
    echo json_encode(['success' => false, 'message' => 'Not logged in']);
    exit;
}

// Get JSON input
$input = json_decode(file_get_contents('php://input'), true);

if (!isset($input['amount']) || !isset($input['method'])) {
    echo json_encode(['success' => false, 'message' => 'Invalid input']);
    exit;
}

// Include database connection
require_once '../../db.php';
require_once '../classes/User.php';
require_once '../classes/Transaction.php';

$database = new Database();
$db = $database->getConnection();
$user = new User($db);
$transaction = new Transaction($db);

if ($user->getUserByUsername($_SESSION['username'])) {
    // Process withdrawal
    $amount = floatval($input['amount']);
    $method = $input['method'];
    
    // Check if user has enough balance
    if ($user->balance >= $amount) {
        // Deduct amount from balance and add to withdrawals
        $user->updateBalance(-$amount);
        $user->updateWithdrawals($amount);
        
        // Create transaction record
        $transaction->user_id = $user->id;
        $transaction->type = 'withdrawal';
        $transaction->amount = $amount;
        $transaction->description = "Withdrawal via $method";
        $transaction->status = 'pending'; // Withdrawals might need approval
        
        if ($transaction->create()) {
            echo json_encode(['success' => true, 'message' => 'Withdrawal request submitted']);
        } else {
            echo json_encode(['success' => false, 'message' => 'Failed to record transaction']);
        }
    } else {
        echo json_encode(['success' => false, 'message' => 'Insufficient balance']);
    }
} else {
    echo json_encode(['success' => false, 'message' => 'User not found']);
}
?>