Atitit 安全审计法
目录
操作日志 什么人 什么操作 ,操作时间
操作数据 修改前 ,修改后,修改时间
数据签名字段
$sql = "select * from merchan where uname ='" . $_COOKIE['loginacc'] . "'";
print_r($sql);
$rs_one_mer = ($pdo->query($sql)->fetch());
try {
$pdo->beginTransaction();
$sql = " UPDATE merchan SET available_balance = available_balance-%f,account_balance=account_balance-%f where uname='" . $_COOKIE['loginacc'] . "'";
$sql = sprintf($sql, $_GET['amt金额'], $_GET['amt金额']);
$glb['sql_up mer bls'] = $sql;
$pdo->exec($sql);
//get bls aft for safe log
$sql = "select * from merchan where uname ='" . $_COOKIE['loginacc'] . "'";
$rs_one_mer_aft = ($pdo->query($sql)->fetch());
$safeLog['bef_bls'] = $rs_one_mer['available_balance'];
$safeLog['amt金额'] = $_GET['amt金额'];
$safeLog['aft_bls'] = $rs_one_mer_aft['available_balance'];
$safelog_json = json_encode($safeLog);
//sprintf("%s love %s.", "a","b");
// use exec() because no results are returned
$sql = "INSERT INTO tisye提现表 (org开户机构, acc账户, name名字,amt金额,uname,stat状态,safe_log)VALUES ('%s', '%s', '%s','%s','%s','%s','%s') ";
print_r($_GET);
$sql = sprintf($sql, $_GET['org开户机构'] . "(" . $_GET['brach网点名称'] . ")", $_GET['acc'], $_GET['name'], $_GET['amt金额'], $_COOKIE['loginacc'], '申请提现', $safelog_json);
print_r($sql);
print_r($pdo);
//try{
$pdo->exec($sql);
$pdo->commit();