php loan application programming logic challenge


#1

Hi im fairly new in php, i have this code working well but i have been given further instructions and im struggling with logic. This is one of the files in my app. It is a loan application developed in php. When a client borrows less than $5500,the amount should be paid in 5 months at 15%, else any amount greater than $5500 should be paid in 12 months at 22%. When i enter an amount i expect the program to calculate this. check the code below
[php]<?php
extract($_POST);
if(isset($save))
{

if($source=="" || $amount=="" || $group=="" || $payment=="" || $due=="")
{
$err="<font color='red'>fill all the fileds first</font>";	
}
else
{

$sql=mysqli_query($conn,“select * from loan where group_id=’$group’”);
$r=mysqli_num_rows($sql);
if($r!=true)
{
mysqli_query($conn,“insert into loan values(’’,’$group’,’$source’,’$amount’,’$intereset’,’$payment_term’,’$total_paid’,’$emi_per_month’,’$payment’,’$due’)”);

$err=“Congractulations Rising Star Member grants Loan to this Member”;
}

	else
	{

$err="<font color='red'>Loan already allotted to this Member</font>";
	
	}
}

}

?>

Rising Star Ventures Loan Book

<div class="row">
	<div class="col-sm-4"></div>
	<div class="col-sm-4"><?php echo @$err;?></div>
</div>

<div class="row" style="margin-top:10px">
	<div class="col-sm-4">Select Member</div>
	<div class="col-sm-5">
	<select name="group" class="form-control" required>
		<option value="">Select Member</option>
		<?php 

$q1=mysqli_query($conn,“select * from groups”);
while($r1=mysqli_fetch_assoc($q1))
{
echo “<option value=’”.$r1[‘group_id’]."’>".$r1[‘group_name’]."";

}
?>


<div class="row" style="margin-top:10px">
	<div class="col-sm-4">Income Source</div>
	<div class="col-sm-5">
	<select name="source" class="form-control" required>
		<option value="">Select  Income Source</option>
		<option>Government</option>
		<option>Private Sector</option>
	</select>
	</div>
</div>

<script>
	function loanamount()
	{
	var original=document.getElementById("original").value;	
	var interest=document.getElementById("interest").value;	
	var year=document.getElementById("payment_term").value;	
	
	var interest1=(Number(original)*Number(interest)*Number(year))/100;
	var total=Number(original)+Number(interest1);
	
	var emi=(Number(original)*Number(interest)*Number(year))/100;
	document.getElementById("total_paid").value=total;
	document.getElementById("emi_per_month").value=emi;
	
	}
</script>

<div class="row" style="margin-top:10px">
	<div class="col-sm-4">Requested Amount(Ksh.)</div>
	<div class="col-sm-5">
	<input type="number" id="original" name="amount" class="form-control" required/></div>
</div>



<div class="row" style="margin-top:10px">
	<div class="col-sm-4">Interest Rate(30%)</div>
	<div class="col-sm-5">
	<input type="text" name="intereset" id="interest" value="30" readonly="true" class="form-control" required/></div>
</div>


<div class="row" style="margin-top:10px">
	<div class="col-sm-4">Payment period(Monthly)</div>
	<div class="col-sm-5">
	<select onchange="loanamount()" name="payment_term" id="payment_term" class="form-control" required>
		<option value="">No of months</option>
		<?php
			for($i=1;$i<=10;$i++)
			{
			echo "<option value='".$i."'>".$i."</option>";
			}
		 ?>
	</select>
	</div>
</div>
<div class="row" style="margin-top:10px">
	<div class="col-sm-4">Interest Per Month(Ksh.)</div>
	<div class="col-sm-5">
	<input type="text" id="emi_per_month" name="emi_per_month" class="form-control" readonly/></div>
</div>

<div class="row" style="margin-top:10px">
	<div class="col-sm-4">Total Payable Amount(Inclusive Interest)</div>
	<div class="col-sm-5">
	<input type="text" id="total_paid" name="total_paid" class="form-control" readonly/></div>
</div>

<div class="row" style="margin-top:10px">
	<div class="col-sm-4">Loan Approval Date</div>
	<div class="col-sm-5">
	<input type="date" name="payment" min="2016-01-01" class="form-control"  required/>

	</div>
</div>

<div class="row" style="margin-top:10px">
	<div class="col-sm-4">Payment Due Date</div>
	<div class="col-sm-5">
	<input type="date" name="due" min="2016-01-01" class="form-control" required/>

	</div>
</div>


<div class="row" style="margin-top:10px">
	<div class="col-sm-2"></div>
	<div class="col-sm-8">
[/php]

#2

First, don’t do this:
extract($_POST);

It makes debugging a fucking nightmare.

Use prepared statements. You are HIGHLY vulnerable right now.

When doing select statements, name the columns you want. You should never do SELECT * except in rare occasions.

I see no logic where you are deciding the loan term.

You also have columns that do not belong in that table.


#3

OP has already been properly addressed on another forum he cross posted on. No need to spend time on this.