Jump to content

How to stop script writing to database if user does not have enough credits

aquatradehub

By aquatradehub
in MySQL Help

 Share

Recommended Posts

aquatradehub Member

aquatradehub

Posted
Posted

Hi, I have this form which debits a user when they sell an item. This is based on a credit system. The script should ideally check the user has enough credits before posting the item, if not then it should redirect the user to purchase more credits. But instead it takes the user into a negative amount of credits and still writes the transaction and sale data to the mysql db. However when I run the script whilst the user has a negative amount, it does come up with the message saying the user does not have enough credits and redirects the user to purchase more credits.

Ideally, I need to make credits stop at 0 and not allow the script to work if this would leave the user with a negative balance.

Here is the form. Also it can be tested at www.e-quatics.com username aquaman password ozzy2004

<?php  
    include 'core/init.php'; 
    protect_page(); 
    include 'includes/overall/header.php';  
     
if (empty($_POST) === false) { 
        $required_fields = array('username', 'email', 'category', 'listing_title', 'brand', 'model', 'colour', 'quantity', 'price', 'comments', 'postage_type', 'postage_cost'); 
        foreach($_POST as $key=>$value) { 
            if (empty($value) && in_array($key, $required_fields) === true) { 
                $errors[] = 'Fields marked with an asterisk are required'; 
                break 1; 
        } 
    } 
     
    if (empty($errors) === true) { 
        if(user_exists($_POST['username']) === false) { 
        $errors[] = 'Sorry, the username \'' . $_POST['username'] . '\' does not exist. Have you registered?'; 
        } 
        if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) { 
            $errors[] = 'A valid email address is required'; 
        } 
        if(empty($category) === false) { 
        $errors[] = 'Please select a category'; 
        } 
        if(empty($listing_title) === false) { 
        $errors[] = 'Please enter a title for your listing'; 
        } 
        if(empty($brand) === false) { 
        $errors[] = 'Please enter a brand'; 
        } 
        if(empty($model) === false) { 
        $errors[] = 'Please enter a model'; 
        } 
        if(empty($colour) === false) { 
        $errors[] = 'Please enter a colour'; 
        } 
        if(empty($quantity) === false) { 
        $errors[] = 'Please enter a quantity'; 
        } 
        if(empty($price) === false) { 
        $errors[] = 'Please enter a price'; 
        } 
        if(empty($comments) === false) { 
        $errors[] = 'Please enter some information about your item'; 
        } 
        if(empty($postage_type) === false) { 
        $errors[] = 'Please enter a postage options'; 
        } 
        if(empty($postage_cost) === false) { 
        $errors[] = 'Please enter the postage cost for this item.'; 
        } 
         
    } 
$query = "SELECT SUM(amount) FROM transactions WHERE user_id = {$_SESSION['user_id']}";  

if ($result = mysql_query($query))  
{  
    $row = mysql_fetch_row($result); 
    if ($row[0] <= 0)  
    {  
        echo "You either have no remaining credits or not enough to complete this transaction. You will be redirected to purchase more."; 
        header( "Refresh:5; url=purchase.php", true, 303); 
         
      
        exit(); 
        }  
    } 
} 

if (isset($_GET['success']) && empty($_GET['success'])) { 
    echo '<h2>Thank you for submitting your listing. Your account has been debited.</h2>'; 
} else { 


if (empty($_POST) === false && empty($errors) === true) { 
    $sale_data = array( 
        'user_id' => $user_data['user_id'], 
        'username' => $_POST['username'], 
        'email' => $_POST['email'], 
        'category' => $_POST['category'], 
        'listing_title' => $_POST['listing_title'], 
        'brand' => $_POST['brand'], 
        'model' => $_POST['model'], 
        'colour' => $_POST['colour'], 
        'quantity' => $_POST['quantity'], 
        'price' => $_POST['price'], 
        'comments' => $_POST['comments'], 
        'postage_type' => $_POST['postage_type'], 
        'postage_cost' => $_POST['postage_cost'], 
        'bold' => $_POST['bold'], 
        'rotate' => $_POST['rotate'] 
         
        ); 
         
        $bold = $_POST['bold']; 
    $rotate = $_POST['rotate']; 
         
    $total = $bold + $rotate + 1; 
    $amount = -$total; 
         
    $memo = "Debit for Item"; 
         
         
    registerTransaction($user_id, $amount, $memo);     
    register_saleItem($sale_data); 
     
    header('Location: other_items.php?success'); 
    exit(); 

    } else if (empty($errors) === false) { 
    echo output_errors($errors); 
} 

?> 


<script type="text/javascript" src="jquery.js"></script> 
<form action="" id="sellForm" method="POST"> 


<input type="hidden" name="username" value="<?php echo $user_data['username']; ?>"></li> 
<input type="hidden" name="email" value="<?php echo $user_data['email']; ?>"></li> 
         
<h2>Sell your item</h2> 

<p><strong>A basic listing will cost 1 credit - extras will be added to the total cost of your listing</strong></p>  

<ul> 
<li>Category*:</br> 
<select name="category"> 
    <option value="none">--choose--</option> 
    <option value="air_pumps">Air Pumps</option> 
    <option value="air_stones">Air Stones</option> 
    <option value="aquariums">Aquariums</option> 
    <option value="cleaning">Cleaning & Maintenance</option> 
    <option value="equipment">CO2 Equipment</option> 
    <option value="coral">Coral & Live Rock</option> 
    <option value="decorations">Decorations</option> 
    <option value="feeders">Feeders</option> 
    <option value="filter_media">Filter Media & Accessories</option> 
    <option value="food">Food</option> 
    <option value="gravel">Gravel & Substrate</option> 
    <option value="health_care">Health Care</option> 
    <option value="heaters">Heaters & Chillers </option> 
    <option value="lighting">Lighting & Hoods</option> 
    <option value="meters">Meters & Controllers</option> 
    <option value="deionization">Reverse Osmosis & Deionization </option> 
    <option value="tubing">Tubing & Valves</option> 
    <option value="uv">UV Steriliser Water Pumps</option> 
    <option value="water_tests">Water Tests & Treatment</option> 
    <option value="other">Other Fish & Aquarium</option> 
</select> 
</li> 

<li>Listing Title*:</br> 
<input type="text" name="listing_title"> 
<li><strong>Would you like your listing displayed in Bold?: <input type="checkbox" name="bold" value="1"/> 1 Credit</strong> 
 </li> 
  
<li>Brand*:</br> 
<select name="brand"> 
    <option>Choose...</option> 
    <option value="AI (Aqua Illumination)">AI (Aqua Illumination)</option> 
    <option value="Algarde">Algarde</option> 
    <option value="API">API</option> 
    <option value="AquaEl">AquaEl</option> 
    <option value="AquaGro">AquaGro</option> 
    <option value="Aquamedic">Aquamedic</option> 
    <option value="Aquarian">Aquarian</option> 
    <option value="Aquarium Systems">Aquarium Systems</option> 
    <option value="Aquatlantis">Aquatlantis</option> 
    <option value="Arcadia">Arcadia</option> 
    <option value="Azoo">Azoo</option> 
    <option value="BiOrb/Reef One">BiOrb/Reef One</option> 
    <option value="Blagdon">Blagdon</option> 
    <option value="Boyu">Boyu</option> 
    <option value="Classica">Classica</option> 
    <option value="Cloverleaf">Cloverleaf</option> 
    <option value="Deltec/D-D">Deltec/D-D</option> 
    <option value="Dennerle">Dennerle</option> 
    <option value="Eheim">Eheim</option> 
    <option value="ESHa">ESHa</option> 
    <option value="Hagen/Fluval">Hagen/Fluval</option> 
    <option value="Hikari">Hikari</option> 
    <option value="Hobby">Hobby</option> 
    <option value="Hugo Kamishi">Hugo Kamishi</option> 
    <option value="Interpet">Interpet </option> 
    <option value="JMC">JMC</option> 
    <option value="Juwel">Juwel</option> 
    <option value="King British">King British</option> 
    <option value="New Era">New Era</option> 
    <option value="Nishikoi">Nishikoi</option> 
    <option value="NT Labs">NT Labs</option> 
    <option value="Oase">Oase</option> 
    <option value="Ocean Nutrition">Ocean Nutrition</option> 
    <option value="Penn Plax">Penn Plax</option> 
    <option value="Pontec">Pontec</option> 
    <option value="Red Sea">Red Sea</option> 
    <option value="Rena">Rena</option> 
    <option value="Salifert">Salifert</option> 
    <option value="Seachem">Seachem</option> 
    <option value="Seneye">Seneye</option> 
    <option value="SuperFish">SuperFish</option> 
    <option value="Tanktests">Tanktests</option> 
    <option value="Tetra">Tetra</option> 
    <option value="TMC">TMC</option> 
    <option value="Tunze">Tunze</option> 
    <option value="Two Little Fishies">Two Little Fishies</option> 
    <option value="Waterlife">Waterlife</option> 
    <option value="Wave Point">Wave Point</option> 
    <option value="other">Other</option> 

</select> 

</li> 

<li>Model*:</br> 
    <input type="text" name="model"> 
</li> 

<li>Colour*:</br> 
<select name="colour"> 
   <option value="">--choose one--</option> 
   <option value="White">White</option> 
   <option value="Grey">Grey</option> 
   <option value="Black">Black</option> 
   <option value="Blue">Blue</option> 
   <option value="Green">Green</option> 
   <option value="Orange">Orange</option> 
   <option value="Red">Red</option> 
   <option value="Multicoloured">Multicoloured</option> 
   <option value="Other">Other</option> 

   </select> 
</li> 

<li>Quantity*:</br> 
<select name="quantity"> 
   <option value="">--choose one--</option> 
   <option value="1">1</option> 
   <option value="2">2</option> 
   <option value="3">3</option> 
   <option value="4">4</option> 
   <option value="5">5</option> 
   <option value="6">6</option>    
   <option value="7">7</option>    
   <option value="8">8</option>    
   <option value="9">9</option>    
   <option value="10">10</option>    
   <option value="11">11</option>    
   <option value="12">12</option>    
   <option value="13">13</option>    
   <option value="14">14</option>    
   <option value="15">15</option>    
   <option value="16">16</option>    
   <option value="17">17</option>    
   <option value="18">18</option>    
   <option value="19">19</option>    
   <option value="20">20</option>    
   <option value="21">21</option>    
   <option value="22">22</option>    
   <option value="23">23</option>    
   <option value="24">24</option>    
   <option value="25">25</option>    
   
</select><strong> 1 Credit entitles you to sell up to 25 of the same item. </strong> 
</li> 

<li>Price*:<br> 
<input type="text" name="price"> In UK Pound Sterling 
</li> 
             
<li>Description*:</br> 
<textarea name="comments"></textarea> 
</li> 
             
<li>Postage Type*:</br> 
    <select name="postage_type"> 
        <option>Choose...</option> 
        <option>Choose...</option> 
<option disabled>Economy services</option> 
<option value="UK_CollectPlusTracked">Collect+ Economy Tracked (3 to 5 working days)</option> 
<option value="UK_HermesTracked">Hermes Tracked (3 to 5 working days)</option>     
<option value="UK_RoyalMailSecondClassStandard">Royal Mail 2nd Class (2 to 3 working days)</option>     
<option value="UK_RoyalMailSecondClassRecorded">Royal Mail 2nd Class Signed For (2 to 3 working days)</option>     
<option value="UK_RoyalMailTracked">Royal Mail Tracked 48 (2 to 3 working days)</option>     
<option value="UK_RoyalMail48">Royal Mail 48 (2 to 3 working days)</option>     
<option value="UK_OtherCourier3Days">Other Courier 3 days (3 working days)</option>     
<option value="UK_OtherCourier5Days">Other Courier 5 days (5 working days)</option>     
<option value="UK_OtherCourier">Other Courier (3 to 5 working days)</option>     
<option value="UK_SellersStandardRate">Other Courier 3-5 days (3 to 5 working days)</option> 
<option disabled>Standard services</option>     
<option value="UK_RoyalMailFirstClassStandard">Royal Mail 1st Class (1 working day)</option>     
<option value="UK_RoyalMailFirstClassRecorded">Royal Mail 1st Class Signed For (1 working day)</option>     
<option value="UK_RoyalMailNextDay">Royal Mail Tracked 24 (1 working day)</option>     
<option value="UK_RoyalMail24">Royal Mail 24 (1 working day)</option>     
<option value="UK_CollectPlusStandard">Collect+ Standard (2 working days)</option>     
<option value="UK_Parcelforce48">Parcelforce 48 (1 to 2 working days)</option>     
<option value="UK_OtherCourier48">Other 48 Hour Courier (1 to 2 working days)</option> 
<option disabled>Express services</option>     
<option value="UK_RoyalMailSpecialDeliveryNextDay">Royal Mail Special Delivery (TM) 1:00 pm (1 working day)</option>     
<option value="UK_RoyalMailSpecialDelivery9am">Royal Mail Special Delivery (TM) 9:00 am (1 working day)</option>     
<option value="UK_Parcelforce24">Parcelforce 24 (1 working day)</option>     
<option value="UK_OtherCourier24">Other 24 Hour Courier (1 working day)</option> 
<option disabled>Services from outside UK</option>     
<option value="UK_EconomyShippingFromOutside">Economy Delivery from outside UK (10 to 22 working days)</option>     
<option value="StandardDeliveryfromOutsideUKwithRoyalMail">Standard Delivery from outside UK with Royal Mail (7 to 13 working days)</option>     
<option value="UK_StandardShippingFromOutside">Standard Delivery from outside UK (4 to 10 working days)</option>     
<option value="UK_ExpeditedShippingFromOutside">Express Delivery from outside UK (1 to 3 working days)</option>     
<option value="UK_FedExIntlEconomy">FedEx International Economy (3 to 4 working days)</option>     
<option value="UK_TntIntlExp">TNT International Express (2 to 3 working days)</option>     
<option value="UK_TrackedDeliveryFromAbroad">Tracked delivery from outside UK (2 to 5 working days)</option> 
<option disabled>Collection</option> 
<option value="UK_CollectInPerson">Collection in Person </option> 
</select> 
</li> 
             
<li>Postage Cost*:</br> 
<input type="text" name="postage_cost"> 
</li> 
</ul> 
<ul> 
         
<li>Upload Photo:</br> 
    <input id="file" type="file" name="uploadPhoto"> 
</li> 

<li><input type="checkbox" name="rotate" value="10"/><strong>For 10 credits, you can have your listing displayed on our homepage on a rotation basis. </strong> 
</li> 

<li>         
<input type="submit" value="List Item"></li> 
</ul> 
</form> 
<?php } ?> 



<?php  

include 'includes/overall/footer.php'; ?>

Many Thanks

 

Paul

Link to comment
Share on other sites
Ch0cu3r Newbie

Ch0cu3r

Posted
Posted (edited)

Here you are only checking to see if the users credit balance is not zero or less

$query = "SELECT SUM(amount) FROM transactions WHERE user_id = {$_SESSION['user_id']}";  

if ($result = mysql_query($query))  
{  
    $row = mysql_fetch_row($result); 
    if ($row[0] <= 0)  
    {  
        echo "You either have no remaining credits or not enough to complete this transaction. You will be redirected to purchase more."; 
        header( "Refresh:5; url=purchase.php", true, 303); 
         
      
        exit(); 
        }  
    } 
}

You are not checking to see if the user has enough credits to perform the transaction. For example the above code could return to say the user only has 1 credit left. But the item they are purchasing costs 2 credits. Your code will complete the transaction, leaving the user in negative credits. 

 

To prevent this you need take away the total item cost from their current credit balance, and then check to see if they have enough credits remaining. Eg

if ($row[0] - $itemCost <= 0)
Edited by Ch0cu3r
Link to comment
Share on other sites
aquatradehub Member

aquatradehub

Posted
  • Author
Posted

Hi, thanks for your reply. The code now reads

$errors[] = 'Please enter the postage cost for this item.';
		}
		
	}
} else {

$amount = $_POST['amount'];

$query = "SELECT SUM(amount) FROM transactions WHERE user_id = {$_SESSION['user_id']}"; 

if ($result = mysql_query($query)) 
{ 
    $row = mysql_fetch_row($result);
    if ($row[0] - $amount <= 0)
    { 
        echo "You either have no remaining credits or not enough to complete this transaction. You will be redirected to purchase more.";
		header( "Refresh:5; url=purchase.php", true, 303);
		
     
        exit();
		} 
	}
	}

but now i get this error

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL serverarrow-10x10.png version for the right syntax to use near 'AND `amount` > 0' at line 2

 

I cant seem to get past this :(

Link to comment
Share on other sites
aquatradehub Member

aquatradehub

Posted
  • Author
Posted

Ok fixed that, the script now reads

<?php 
	include 'core/init.php';
	protect_page();
	include 'includes/overall/header.php'; 
	
if (empty($_POST) === false) {
		$required_fields = array('username', 'email', 'category', 'listing_title', 'brand', 'model', 'colour', 'quantity', 'price', 'comments', 'postage_type', 'postage_cost');
		foreach($_POST as $key=>$value) {
			if (empty($value) && in_array($key, $required_fields) === true) {
				$errors[] = 'Fields marked with an asterisk are required';
				break 1;
		}
	}
	
	if (empty($errors) === true) {
		if(user_exists($_POST['username']) === false) {
		$errors[] = 'Sorry, the username \'' . $_POST['username'] . '\' does not exist. Have you registered?';
		}
		if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) {
			$errors[] = 'A valid email address is required';
		}
		if(empty($category) === false) {
		$errors[] = 'Please select a category';
		}
		if(empty($listing_title) === false) {
		$errors[] = 'Please enter a title for your listing';
		}
		if(empty($brand) === false) {
		$errors[] = 'Please enter a brand';
		}
		if(empty($model) === false) {
		$errors[] = 'Please enter a model';
		}
		if(empty($colour) === false) {
		$errors[] = 'Please enter a colour';
		}
		if(empty($quantity) === false) {
		$errors[] = 'Please enter a quantity';
		}
		if(empty($price) === false) {
		$errors[] = 'Please enter a price';
		}
		if(empty($comments) === false) {
		$errors[] = 'Please enter some information about your item';
		}
		if(empty($postage_type) === false) {
		$errors[] = 'Please enter a postage options';
		}
		if(empty($postage_cost) === false) {
		$errors[] = 'Please enter the postage cost for this item.';
		}
		
	}
} else {

$amount = $_POST['amount'];

$query = "SELECT SUM(amount) FROM transaction WHERE user_id = {$_SESSION['user_id']}"; 

if ($result = mysql_query($query)) 
{ 
    $row = mysql_fetch_row($result);
    if ($row[0] - $amount <= 0)
    { 
        echo "You either have no remaining credits or not enough to complete this transaction. You will be redirected to purchase more.";
		header( "Refresh:5; url=purchase.php", true, 303);
		
     
        exit();
		} 
	}
	}

if (isset($_GET['success']) && empty($_GET['success'])) {
	echo '<h2>Thank you for submitting your listing. Your account has been debited.</h2>';
} else {


if (empty($_POST) === false && empty($errors) === true) {
	$sale_data = array(
		'user_id' => $user_data['user_id'],
        'username' => $_POST['username'],
        'email' => $_POST['email'],
        'category' => $_POST['category'],
        'listing_title' => $_POST['listing_title'],
        'brand' => $_POST['brand'],
        'model' => $_POST['model'],
        'colour' => $_POST['colour'],
		'quantity' => $_POST['quantity'],
		'price' => $_POST['price'],
        'comments' => $_POST['comments'],
		'postage_type' => $_POST['postage_type'],
        'postage_cost' => $_POST['postage_cost'],
        'bold' => $_POST['bold'],
        'rotate' => $_POST['rotate']
		
		);
		
		$bold = $_POST['bold'];
    $rotate = $_POST['rotate'];
        
    $total = $bold + $rotate + 1;
    $amount = -$total;
        
    $memo = "Debit for Item";
		
		
	registerTransaction($user_id, $amount, $memo);    
    register_saleItem($sale_data);
	
    header('Location: other_items.php?success');
    exit();

	} else if (empty($errors) === false) {
	echo output_errors($errors);
}

?>


<script type="text/javascript" src="jquery.js"></script>
<form action="" id="sellForm" method="POST">


<input type="hidden" name="username" value="<?php echo $user_data['username']; ?>"></li>
<input type="hidden" name="email" value="<?php echo $user_data['email']; ?>"></li>
		
<h2>Sell your item</h2>

<p><strong>A basic listing will cost 1 credit - extras will be added to the total cost of your listing</strong></p> 

<ul>
<li>Category*:</br>
<select name="category">
    <option value="none">--choose--</option>
    <option value="air_pumps">Air Pumps</option>
    <option value="air_stones">Air Stones</option>
    <option value="aquariums">Aquariums</option>
    <option value="cleaning">Cleaning & Maintenance</option>
    <option value="equipment">CO2 Equipment</option>
    <option value="coral">Coral & Live Rock</option>
    <option value="decorations">Decorations</option>
    <option value="feeders">Feeders</option>
    <option value="filter_media">Filter Media & Accessories</option>
    <option value="food">Food</option>
    <option value="gravel">Gravel & Substrate</option>
    <option value="health_care">Health Care</option>
    <option value="heaters">Heaters & Chillers </option>
    <option value="lighting">Lighting & Hoods</option>
    <option value="meters">Meters & Controllers</option>
    <option value="deionization">Reverse Osmosis & Deionization </option>
    <option value="tubing">Tubing & Valves</option>
    <option value="uv">UV Steriliser Water Pumps</option>
    <option value="water_tests">Water Tests & Treatment</option>
    <option value="other">Other Fish & Aquarium</option>
</select>
</li>

<li>Listing Title*:</br>
<input type="text" name="listing_title">
<li><strong>Would you like your listing displayed in Bold?: <input type="checkbox" name="bold" value="1"/> 1 Credit</strong>
 </li>
 
<li>Brand*:</br>
<select name="brand">
	<option>Choose...</option>
	<option value="AI (Aqua Illumination)">AI (Aqua Illumination)</option>
	<option value="Algarde">Algarde</option>
	<option value="API">API</option>
	<option value="AquaEl">AquaEl</option>
	<option value="AquaGro">AquaGro</option>
	<option value="Aquamedic">Aquamedic</option>
	<option value="Aquarian">Aquarian</option>
	<option value="Aquarium Systems">Aquarium Systems</option>
	<option value="Aquatlantis">Aquatlantis</option>
	<option value="Arcadia">Arcadia</option>
	<option value="Azoo">Azoo</option>
	<option value="BiOrb/Reef One">BiOrb/Reef One</option>
	<option value="Blagdon">Blagdon</option>
	<option value="Boyu">Boyu</option>
	<option value="Classica">Classica</option>
	<option value="Cloverleaf">Cloverleaf</option>
	<option value="Deltec/D-D">Deltec/D-D</option>
	<option value="Dennerle">Dennerle</option>
	<option value="Eheim">Eheim</option>
	<option value="ESHa">ESHa</option>
	<option value="Hagen/Fluval">Hagen/Fluval</option>
	<option value="Hikari">Hikari</option>
	<option value="Hobby">Hobby</option>
	<option value="Hugo Kamishi">Hugo Kamishi</option>
	<option value="Interpet">Interpet </option>
	<option value="JMC">JMC</option>
	<option value="Juwel">Juwel</option>
	<option value="King British">King British</option>
	<option value="New Era">New Era</option>
	<option value="Nishikoi">Nishikoi</option>
	<option value="NT Labs">NT Labs</option>
	<option value="Oase">Oase</option>
	<option value="Ocean Nutrition">Ocean Nutrition</option>
	<option value="Penn Plax">Penn Plax</option>
	<option value="Pontec">Pontec</option>
	<option value="Red Sea">Red Sea</option>
	<option value="Rena">Rena</option>
	<option value="Salifert">Salifert</option>
	<option value="Seachem">Seachem</option>
	<option value="Seneye">Seneye</option>
	<option value="SuperFish">SuperFish</option>
	<option value="Tanktests">Tanktests</option>
	<option value="Tetra">Tetra</option>
	<option value="TMC">TMC</option>
	<option value="Tunze">Tunze</option>
	<option value="Two Little Fishies">Two Little Fishies</option>
	<option value="Waterlife">Waterlife</option>
	<option value="Wave Point">Wave Point</option>
	<option value="other">Other</option>

</select>

</li>

<li>Model*:</br>
	<input type="text" name="model">
</li>

<li>Colour*:</br>
<select name="colour">
   <option value="">--choose one--</option>
   <option value="White">White</option>
   <option value="Grey">Grey</option>
   <option value="Black">Black</option>
   <option value="Blue">Blue</option>
   <option value="Green">Green</option>
   <option value="Orange">Orange</option>
   <option value="Red">Red</option>
   <option value="Multicoloured">Multicoloured</option>
   <option value="Other">Other</option>

   </select>
</li>

<li>Quantity*:</br>
<select name="quantity">
   <option value="">--choose one--</option>
   <option value="1">1</option>
   <option value="2">2</option>
   <option value="3">3</option>
   <option value="4">4</option>
   <option value="5">5</option>
   <option value="6">6</option>   
   <option value="7">7</option>   
   <option value="8">8</option>   
   <option value="9">9</option>   
   <option value="10">10</option>   
   <option value="11">11</option>   
   <option value="12">12</option>   
   <option value="13">13</option>   
   <option value="14">14</option>   
   <option value="15">15</option>   
   <option value="16">16</option>   
   <option value="17">17</option>   
   <option value="18">18</option>   
   <option value="19">19</option>   
   <option value="20">20</option>   
   <option value="21">21</option>   
   <option value="22">22</option>   
   <option value="23">23</option>   
   <option value="24">24</option>   
   <option value="25">25</option>   
  
</select><strong> 1 Credit entitles you to sell up to 25 of the same item. </strong>
</li>

<li>Price*:<br>
<input type="text" name="price"> In UK Pound Sterling
</li>
			
<li>Description*:</br>
<textarea name="comments"></textarea>
</li>
			
<li>Postage Type*:</br>
	<select name="postage_type">
		<option>Choose...</option>
		<option>Choose...</option>
<option disabled>Economy services</option>
<option value="UK_CollectPlusTracked">Collect+ Economy Tracked (3 to 5 working days)</option>
<option value="UK_HermesTracked">Hermes Tracked (3 to 5 working days)</option>	
<option value="UK_RoyalMailSecondClassStandard">Royal Mail 2nd Class (2 to 3 working days)</option>	
<option value="UK_RoyalMailSecondClassRecorded">Royal Mail 2nd Class Signed For (2 to 3 working days)</option>	
<option value="UK_RoyalMailTracked">Royal Mail Tracked 48 (2 to 3 working days)</option>	
<option value="UK_RoyalMail48">Royal Mail 48 (2 to 3 working days)</option>	
<option value="UK_OtherCourier3Days">Other Courier 3 days (3 working days)</option>	
<option value="UK_OtherCourier5Days">Other Courier 5 days (5 working days)</option>	
<option value="UK_OtherCourier">Other Courier (3 to 5 working days)</option>	
<option value="UK_SellersStandardRate">Other Courier 3-5 days (3 to 5 working days)</option>
<option disabled>Standard services</option>	
<option value="UK_RoyalMailFirstClassStandard">Royal Mail 1st Class (1 working day)</option>	
<option value="UK_RoyalMailFirstClassRecorded">Royal Mail 1st Class Signed For (1 working day)</option>	
<option value="UK_RoyalMailNextDay">Royal Mail Tracked 24 (1 working day)</option>	
<option value="UK_RoyalMail24">Royal Mail 24 (1 working day)</option>	
<option value="UK_CollectPlusStandard">Collect+ Standard (2 working days)</option>	
<option value="UK_Parcelforce48">Parcelforce 48 (1 to 2 working days)</option>	
<option value="UK_OtherCourier48">Other 48 Hour Courier (1 to 2 working days)</option>
<option disabled>Express services</option>	
<option value="UK_RoyalMailSpecialDeliveryNextDay">Royal Mail Special Delivery (TM) 1:00 pm (1 working day)</option>	
<option value="UK_RoyalMailSpecialDelivery9am">Royal Mail Special Delivery (TM) 9:00 am (1 working day)</option>	
<option value="UK_Parcelforce24">Parcelforce 24 (1 working day)</option>	
<option value="UK_OtherCourier24">Other 24 Hour Courier (1 working day)</option>
<option disabled>Services from outside UK</option>	
<option value="UK_EconomyShippingFromOutside">Economy Delivery from outside UK (10 to 22 working days)</option>	
<option value="StandardDeliveryfromOutsideUKwithRoyalMail">Standard Delivery from outside UK with Royal Mail (7 to 13 working days)</option>	
<option value="UK_StandardShippingFromOutside">Standard Delivery from outside UK (4 to 10 working days)</option>	
<option value="UK_ExpeditedShippingFromOutside">Express Delivery from outside UK (1 to 3 working days)</option>	
<option value="UK_FedExIntlEconomy">FedEx International Economy (3 to 4 working days)</option>	
<option value="UK_TntIntlExp">TNT International Express (2 to 3 working days)</option>	
<option value="UK_TrackedDeliveryFromAbroad">Tracked delivery from outside UK (2 to 5 working days)</option>
<option disabled>Collection</option>
<option value="UK_CollectInPerson">Collection in Person </option>
</select>
</li>
			
<li>Postage Cost*:</br>
<input type="text" name="postage_cost">
</li>
</ul>
<ul>
		
<li>Upload Photo:</br>
	<input id="file" type="file" name="uploadPhoto">
</li>

<li><input type="checkbox" name="rotate" value="10"/><strong>For 10 credits, you can have your listing displayed on our homepage on a rotation basis. </strong>
</li>

<li>		
<input type="submit" value="List Item"></li>
</ul>
</form>
<?php } ?>



<?php 

include 'includes/overall/footer.php'; ?>

But it still writes the transaction and the sale to the mysql db. How do I stop this from happening?

 

Thanks

 

Paul

Link to comment
Share on other sites
aquatradehub Member

aquatradehub

Posted
  • Author
Posted

No $_POST['amount']; is correct.

 

The amount is the amount of credits used. The price is what the user wants to sell their product for.

 

The amount is worked out here worked out here:

$bold = $_POST['bold'];
    $rotate = $_POST['rotate'];
        
    $total = $bold + $rotate + 1;
    $amount = -$total;
        
    $memo = "Debit for Item";
		
		
	registerTransaction($user_id, $amount, $memo);

As I said, it now works correctly, apart from it caries out the registerTransaction($user_id, $amount, $memo);

register_saleItem($sale_data); functions even if the user has run out of credits. It also still allows the user to go into a negative amount of credits :(

Link to comment
Share on other sites
aquatradehub Member

aquatradehub

Posted
  • Author
Posted

Hi, I have even tried changing it to this

if (empty($_POST) === false && empty($errors) === true) {
		
		$bold = $_POST['bold'];
    $rotate = $_POST['rotate'];
        
    $total = $bold + $rotate + 1;
    $amount = -$total;
        
    $memo = "Debit for Item";
		
		
	registerTransaction($user_id, $amount, $memo);    
    register_saleItem($sale_data);
	
    header('Location: other_items.php?success');
    exit();

	} else if (empty($errors) === false) {
	echo output_errors($errors);
}

But it still has the same effect. Why is it still registering the details, when an error and redirect are carried out if there are not enough credits?  

Link to comment
Share on other sites
aquatradehub Member

aquatradehub

Posted
  • Author
Posted

Hi, I have now changed it to the following, but it is still having the same effect. Any help really is appreciated.


<?php 
include 'core/init.php';
protect_page();
include 'includes/overall/header.php'; 

if (empty($_POST) === false) {
$required_fields = array('username', 'email', 'category', 'listing_title', 'brand', 'model', 'colour', 'quantity', 'price', 'comments', 'postage_type', 'postage_cost');
foreach($_POST as $key=>$value) {
if (empty($value) && in_array($key, $required_fields) === true) {
$errors[] = 'Fields marked with an asterisk are required';
break 1;
}
}

if (empty($errors) === true) {
if(user_exists($_POST['username']) === false) {
$errors[] = 'Sorry, the username \'' . $_POST['username'] . '\' does not exist. Have you registered?';
}
if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) {
$errors[] = 'A valid email address is required';
}
if(empty($category) === false) {
$errors[] = 'Please select a category';
}
if(empty($listing_title) === false) {
$errors[] = 'Please enter a title for your listing';
}
if(empty($brand) === false) {
$errors[] = 'Please enter a brand';
}
if(empty($model) === false) {
$errors[] = 'Please enter a model';
}
if(empty($colour) === false) {
$errors[] = 'Please enter a colour';
}
if(empty($quantity) === false) {
$errors[] = 'Please enter a quantity';
}
if(empty($price) === false) {
$errors[] = 'Please enter a price';
}
if(empty($comments) === false) {
$errors[] = 'Please enter some information about your item';
}
if(empty($postage_type) === false) {
$errors[] = 'Please enter a postage options';
}
if(empty($postage_cost) === false) {
$errors[] = 'Please enter the postage cost for this item.';
}

}

}
$amount = $_POST['amount'];

$query = "SELECT SUM(amount) FROM transaction WHERE user_id = {$_SESSION['user_id']}"; 

if ($result = mysql_query($query)) 
{ 
    $row = mysql_fetch_row($result);
    if ($row[0] - $amount <= 0)
    { 
        echo "You either have no remaining credits or not enough to complete this transaction. You will be redirected to purchase more.";
header( "Refresh:5; url=purchase.php", true, 303);

     
        exit();
} 
}


if (isset($_GET['success']) && empty($_GET['success'])) {
echo '<h2>Thank you for submitting your listing. Your account has been debited.</h2>';

$sale_data = array(
'user_id' => $user_data['user_id'],
        'username' => $_POST['username'],
        'email' => $_POST['email'],
        'category' => $_POST['category'],
        'listing_title' => $_POST['listing_title'],
        'brand' => $_POST['brand'],
        'model' => $_POST['model'],
        'colour' => $_POST['colour'],
'quantity' => $_POST['quantity'],
'price' => $_POST['price'],
        'comments' => $_POST['comments'],
'postage_type' => $_POST['postage_type'],
        'postage_cost' => $_POST['postage_cost'],
        'bold' => $_POST['bold'],
        'rotate' => $_POST['rotate']

);


$bold = $_POST['bold'];
    $rotate = $_POST['rotate'];
        
    $total = $bold + $rotate + 1;
    $amount = -$total;
        
    $memo = "Debit for Item";


registerTransaction($user_id, $amount, $memo);    
    register_saleItem($sale_data);

    header('Location: other_items.php?success');
    exit();

} else if (empty($errors) === false) {
echo output_errors($errors);
}

?>


<script type="text/javascript" src="jquery.js"></script>
<form action="" id="sellForm" method="POST">


<input type="hidden" name="username" value="<?php echo $user_data['username']; ?>"></li>
<input type="hidden" name="email" value="<?php echo $user_data['email']; ?>"></li>

<h2>Sell your item</h2>

<p><strong>A basic listing will cost 1 credit - extras will be added to the total cost of your listing</strong></p> 

<ul>
<li>Category*:</br>
<select name="category">
    <option value="none">--choose--</option>
    <option value="air_pumps">Air Pumps</option>
    <option value="air_stones">Air Stones</option>
    <option value="aquariums">Aquariums</option>
    <option value="cleaning">Cleaning & Maintenance</option>
    <option value="equipment">CO2 Equipment</option>
    <option value="coral">Coral & Live Rock</option>
    <option value="decorations">Decorations</option>
    <option value="feeders">Feeders</option>
    <option value="filter_media">Filter Media & Accessories</option>
    <option value="food">Food</option>
    <option value="gravel">Gravel & Substrate</option>
    <option value="health_care">Health Care</option>
    <option value="heaters">Heaters & Chillers </option>
    <option value="lighting">Lighting & Hoods</option>
    <option value="meters">Meters & Controllers</option>
    <option value="deionization">Reverse Osmosis & Deionization </option>
    <option value="tubing">Tubing & Valves</option>
    <option value="uv">UV Steriliser Water Pumps</option>
    <option value="water_tests">Water Tests & Treatment</option>
    <option value="other">Other Fish & Aquarium</option>
</select>
</li>

<li>Listing Title*:</br>
<input type="text" name="listing_title">
<li><strong>Would you like your listing displayed in Bold?: <input type="checkbox" name="bold" value="1"/> 1 Credit</strong>
 </li>

<li>Brand*:</br>
<select name="brand">
<option>Choose...</option>
<option value="AI (Aqua Illumination)">AI (Aqua Illumination)</option>
<option value="Algarde">Algarde</option>
<option value="API">API</option>
<option value="AquaEl">AquaEl</option>
<option value="AquaGro">AquaGro</option>
<option value="Aquamedic">Aquamedic</option>
<option value="Aquarian">Aquarian</option>
<option value="Aquarium Systems">Aquarium Systems</option>
<option value="Aquatlantis">Aquatlantis</option>
<option value="Arcadia">Arcadia</option>
<option value="Azoo">Azoo</option>
<option value="BiOrb/Reef One">BiOrb/Reef One</option>
<option value="Blagdon">Blagdon</option>
<option value="Boyu">Boyu</option>
<option value="Classica">Classica</option>
<option value="Cloverleaf">Cloverleaf</option>
<option value="Deltec/D-D">Deltec/D-D</option>
<option value="Dennerle">Dennerle</option>
<option value="Eheim">Eheim</option>
<option value="ESHa">ESHa</option>
<option value="Hagen/Fluval">Hagen/Fluval</option>
<option value="Hikari">Hikari</option>
<option value="Hobby">Hobby</option>
<option value="Hugo Kamishi">Hugo Kamishi</option>
<option value="Interpet">Interpet </option>
<option value="JMC">JMC</option>
<option value="Juwel">Juwel</option>
<option value="King British">King British</option>
<option value="New Era">New Era</option>
<option value="Nishikoi">Nishikoi</option>
<option value="NT Labs">NT Labs</option>
<option value="Oase">Oase</option>
<option value="Ocean Nutrition">Ocean Nutrition</option>
<option value="Penn Plax">Penn Plax</option>
<option value="Pontec">Pontec</option>
<option value="Red Sea">Red Sea</option>
<option value="Rena">Rena</option>
<option value="Salifert">Salifert</option>
<option value="Seachem">Seachem</option>
<option value="Seneye">Seneye</option>
<option value="SuperFish">SuperFish</option>
<option value="Tanktests">Tanktests</option>
<option value="Tetra">Tetra</option>
<option value="TMC">TMC</option>
<option value="Tunze">Tunze</option>
<option value="Two Little Fishies">Two Little Fishies</option>
<option value="Waterlife">Waterlife</option>
<option value="Wave Point">Wave Point</option>
<option value="other">Other</option>

</select>

</li>

<li>Model*:</br>
<input type="text" name="model">
</li>

<li>Colour*:</br>
<select name="colour">
   <option value="">--choose one--</option>
   <option value="White">White</option>
   <option value="Grey">Grey</option>
   <option value="Black">Black</option>
   <option value="Blue">Blue</option>
   <option value="Green">Green</option>
   <option value="Orange">Orange</option>
   <option value="Red">Red</option>
   <option value="Multicoloured">Multicoloured</option>
   <option value="Other">Other</option>

   </select>
</li>

<li>Quantity*:</br>
<select name="quantity">
   <option value="">--choose one--</option>
   <option value="1">1</option>
   <option value="2">2</option>
   <option value="3">3</option>
   <option value="4">4</option>
   <option value="5">5</option>
   <option value="6">6</option>   
   <option value="7">7</option>   
   <option value="8">8</option>   
   <option value="9">9</option>   
   <option value="10">10</option>   
   <option value="11">11</option>   
   <option value="12">12</option>   
   <option value="13">13</option>   
   <option value="14">14</option>   
   <option value="15">15</option>   
   <option value="16">16</option>   
   <option value="17">17</option>   
   <option value="18">18</option>   
   <option value="19">19</option>   
   <option value="20">20</option>   
   <option value="21">21</option>   
   <option value="22">22</option>   
   <option value="23">23</option>   
   <option value="24">24</option>   
   <option value="25">25</option>   
  
</select><strong> 1 Credit entitles you to sell up to 25 of the same item. </strong>
</li>

<li>Price*:<br>
<input type="text" name="price"> In UK Pound Sterling
</li>

<li>Description*:</br>
<textarea name="comments"></textarea>
</li>

<li>Postage Type*:</br>
<select name="postage_type">
<option>Choose...</option>
<option>Choose...</option>
<option disabled>Economy services</option>
<option value="UK_CollectPlusTracked">Collect+ Economy Tracked (3 to 5 working days)</option>
<option value="UK_HermesTracked">Hermes Tracked (3 to 5 working days)</option> 
<option value="UK_RoyalMailSecondClassStandard">Royal Mail 2nd Class (2 to 3 working days)</option> 
<option value="UK_RoyalMailSecondClassRecorded">Royal Mail 2nd Class Signed For (2 to 3 working days)</option> 
<option value="UK_RoyalMailTracked">Royal Mail Tracked 48 (2 to 3 working days)</option> 
<option value="UK_RoyalMail48">Royal Mail 48 (2 to 3 working days)</option> 
<option value="UK_OtherCourier3Days">Other Courier 3 days (3 working days)</option> 
<option value="UK_OtherCourier5Days">Other Courier 5 days (5 working days)</option> 
<option value="UK_OtherCourier">Other Courier (3 to 5 working days)</option> 
<option value="UK_SellersStandardRate">Other Courier 3-5 days (3 to 5 working days)</option>
<option disabled>Standard services</option> 
<option value="UK_RoyalMailFirstClassStandard">Royal Mail 1st Class (1 working day)</option> 
<option value="UK_RoyalMailFirstClassRecorded">Royal Mail 1st Class Signed For (1 working day)</option> 
<option value="UK_RoyalMailNextDay">Royal Mail Tracked 24 (1 working day)</option> 
<option value="UK_RoyalMail24">Royal Mail 24 (1 working day)</option> 
<option value="UK_CollectPlusStandard">Collect+ Standard (2 working days)</option> 
<option value="UK_Parcelforce48">Parcelforce 48 (1 to 2 working days)</option> 
<option value="UK_OtherCourier48">Other 48 Hour Courier (1 to 2 working days)</option>
<option disabled>Express services</option> 
<option value="UK_RoyalMailSpecialDeliveryNextDay">Royal Mail Special Delivery (TM) 1:00 pm (1 working day)</option> 
<option value="UK_RoyalMailSpecialDelivery9am">Royal Mail Special Delivery (TM) 9:00 am (1 working day)</option> 
<option value="UK_Parcelforce24">Parcelforce 24 (1 working day)</option> 
<option value="UK_OtherCourier24">Other 24 Hour Courier (1 working day)</option>
<option disabled>Services from outside UK</option> 
<option value="UK_EconomyShippingFromOutside">Economy Delivery from outside UK (10 to 22 working days)</option> 
<option value="StandardDeliveryfromOutsideUKwithRoyalMail">Standard Delivery from outside UK with Royal Mail (7 to 13 working days)</option> 
<option value="UK_StandardShippingFromOutside">Standard Delivery from outside UK (4 to 10 working days)</option> 
<option value="UK_ExpeditedShippingFromOutside">Express Delivery from outside UK (1 to 3 working days)</option> 
<option value="UK_FedExIntlEconomy">FedEx International Economy (3 to 4 working days)</option> 
<option value="UK_TntIntlExp">TNT International Express (2 to 3 working days)</option> 
<option value="UK_TrackedDeliveryFromAbroad">Tracked delivery from outside UK (2 to 5 working days)</option>
<option disabled>Collection</option>
<option value="UK_CollectInPerson">Collection in Person </option>
</select>
</li>

<li>Postage Cost*:</br>
<input type="text" name="postage_cost">
</li>
</ul>
<ul>

<li>Upload Photo:</br>
<input id="file" type="file" name="uploadPhoto">
</li>

<li><input type="checkbox" name="rotate" value="10"/><strong>For 10 credits, you can have your listing displayed on our homepage on a rotation basis. </strong>
</li>

<li> 
<input type="submit" value="List Item"></li>
</ul>
</form>
<?php } ?>



<?php 

include 'includes/overall/footer.php'; ?>
Link to comment
Share on other sites
mac_gyver Prolific Member

mac_gyver

Posted
Posted

ALL of your form processing code, the code that is using the form's $_POST data, needs to be inside a conditional statement that has checked if the form has been submitted, so that it only runs when the form has been submitted.

 

your transaction code that stores information into the database is outside of and after your form processing conditional block and inside some 'success' message logic that gets executed after you do a redirect to that page and has nothing to do with processing the form data.

 

it's also possible that your SELECT query that determines if the user has enough credits is failing with an error of some kind and is just letting the rest of your code on the page run. when a query fails and your code is dependent on the result from that query being valid, you must insure that the code using that result doesn't execute. 

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.