From 65846a4a3e66a49bb874cf0a4e6ae65d96ae8a8d Mon Sep 17 00:00:00 2001
From: Dan Hemberger <846186+hemberger@users.noreply.github.com>
Date: Tue, 3 Dec 2024 00:00:30 -0800
Subject: [PATCH] Handle overflow in anon bank deposits (#1967)

When depositing into an anon account, the database would overflow if
the amount in the account would exceed MAX_MONEY. Now, the deposit will
be adjusted so that it doesn't exceed MAX_MONEY, and if the account is
already at MAX_MONEY, it will emit a comprehensible error.
---
 .../Player/Bank/AnonBankDetailProcessor.php    | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/src/pages/Player/Bank/AnonBankDetailProcessor.php b/src/pages/Player/Bank/AnonBankDetailProcessor.php
index 46b8c93d6..bfdd4a206 100644
--- a/src/pages/Player/Bank/AnonBankDetailProcessor.php
+++ b/src/pages/Player/Bank/AnonBankDetailProcessor.php
@@ -36,13 +36,23 @@ public function build(AbstractPlayer $player): never {
 		]);
 		$trans_id = $dbResult->record()->getInt('max_id') + 1;
 
+		// Get the amount currently in this anon bank
+		$dbResult = $db->read('SELECT amount FROM anon_bank WHERE anon_id = :anon_id AND game_id = :game_id', [
+			'anon_id' => $db->escapeNumber($account_num),
+			'game_id' => $db->escapeNumber($player->getGameID()),
+		]);
+		$anonAmount = $dbResult->record()->getInt('amount');
+
 		// Update the credit amounts for the player and the bank
 		if ($action === 'Deposit') {
 			if ($player->getCredits() < $amount) {
 				create_error('You don\'t own that much money!');
 			}
+			$amount = min($amount, MAX_MONEY - $anonAmount); // handle overflow
+			if ($amount === 0) {
+				create_error('This account has reached the maximum credit limit!');
+			}
 
-			// Does not handle overflow!
 			$player->decreaseCredits($amount);
 			$db->write('UPDATE anon_bank SET amount = amount + :amount WHERE game_id = :game_id AND anon_id = :anon_id', [
 				'amount' => $db->escapeNumber($amount),
@@ -50,11 +60,7 @@ public function build(AbstractPlayer $player): never {
 				'anon_id' => $db->escapeNumber($account_num),
 			]);
 		} else {
-			$dbResult = $db->read('SELECT * FROM anon_bank WHERE anon_id = :anon_id AND game_id = :game_id', [
-				'anon_id' => $db->escapeNumber($account_num),
-				'game_id' => $db->escapeNumber($player->getGameID()),
-			]);
-			if ($dbResult->record()->getInt('amount') < $amount) {
+			if ($anonAmount < $amount) {
 				create_error('You don\'t have that much money on your account!');
 			}