conn = $db; } // Create a new transaction public function create() { $query = "INSERT INTO " . $this->table_name . " SET user_id=:user_id, type=:type, amount=:amount, description=:description, status=:status, reference=:reference"; $stmt = $this->conn->prepare($query); // Sanitize inputs $this->user_id = htmlspecialchars(strip_tags($this->user_id)); $this->type = htmlspecialchars(strip_tags($this->type)); $this->amount = htmlspecialchars(strip_tags($this->amount)); $this->description = htmlspecialchars(strip_tags($this->description)); $this->status = htmlspecialchars(strip_tags($this->status)); $this->reference = htmlspecialchars(strip_tags($this->reference)); // Bind values $stmt->bindParam(":user_id", $this->user_id); $stmt->bindParam(":type", $this->type); $stmt->bindParam(":amount", $this->amount); $stmt->bindParam(":description", $this->description); $stmt->bindParam(":status", $this->status); $stmt->bindParam(":reference", $this->reference); if($stmt->execute()) { return true; } return false; } // Get transactions by user ID public function getTransactionsByUserId($user_id, $limit = 10) { $query = "SELECT * FROM " . $this->table_name . " WHERE user_id = ? ORDER BY created_at DESC LIMIT ?"; $stmt = $this->conn->prepare($query); $stmt->bindParam(1, $user_id); $stmt->bindParam(2, $limit, PDO::PARAM_INT); $stmt->execute(); return $stmt; } // Get transactions by type public function getTransactionsByType($user_id, $type, $limit = 10) { $query = "SELECT * FROM " . $this->table_name . " WHERE user_id = ? AND type = ? ORDER BY created_at DESC LIMIT ?"; $stmt = $this->conn->prepare($query); $stmt->bindParam(1, $user_id); $stmt->bindParam(2, $type); $stmt->bindParam(3, $limit, PDO::PARAM_INT); $stmt->execute(); return $stmt; } } ?>