Kryllster Posted August 14, 2008 Share Posted August 14, 2008 <?php session_start(); $_SESSION['uname'] == $uname; $uname = $_SESSION['uname']; // Define Form Variables $take_gold = 0 + $_POST['take_gold']; $take_diamond = 0 + $_POST['take_diamond']; $take_rubie = 0 + $_POST['take_rubie']; // Connect and Select data from database include ('includes/config.php'); $sql="SELECT * FROM $tbl_name WHERE uname='$uname'"; $result=mysql_query($sql); // Put info into array while($row=mysql_fetch_assoc($result)) { // Assign Variable to array element after the array is created. $bank = $row['bank']; $dbalance = $row['dbalance']; $rbalance = $row['rbalance']; // Test the money if($take_gold > $bank){ echo "Your not Allowed to do that!! STOP Hit your browser back button please."; } if($take_diamond > $dbalance){ echo "Your not Allowed to do that!! STOP Hit your browser back button please."; } if($take_rubie > $rbalance){ echo "Your not Allowed to do that!! STOP Hit your browser back button please."; } else{ $sql="UPDATE $tbl_name SET bank = bank - $take_gold , onhand = onhand + $take_gold , dbalance = dbalance - $take_diamond , diamond = diamond + $take_diamond , rbalance = rbalance - $take_rubie , rubie = rubie + $take_rubie WHERE uname='$uname'"; mysql_query($sql) or die (mysql_error()."<p>$sql</p>"); echo "<META HTTP-EQUIV=\"Refresh\"CONTENT=\"0; URL=mainview.php?diamond=account\">"; } } ?> I am using Smarty template engine as well I have wracked my brains and been to the php.net site and countless others?? What gives?? Need some help here. Players who play this game can take out millions and more leave a negative balance I want to prevent this?? Is there a way to do it that Im not getting?? Thanks in Advance, Kryll ??? Quote Link to comment https://forums.phpfreaks.com/topic/119592-what-is-wrong-with-this-code/ Share on other sites More sharing options...
genericnumber1 Posted August 14, 2008 Share Posted August 14, 2008 <?php session_start(); $uname = $_SESSION['uname']; // Define Form Variables $take_gold = $_POST['take_gold']; $take_diamond = $_POST['take_diamond']; $take_rubie = $_POST['take_rubie']; // Connect and Select data from database include ('includes/config.php'); $sql="SELECT * FROM $tbl_name WHERE uname='$uname'"; $result=mysql_query($sql); // Put info into array while($row=mysql_fetch_assoc($result)) { // Assign Variable to array element after the array is created. $bank = $row['bank']; $dbalance = $row['dbalance']; $rbalance = $row['rbalance']; // Test the money if($take_gold > $bank){ echo "Your not Allowed to do that!! STOP Hit your browser back button please."; } elseif($take_diamond > $dbalance){ echo "Your not Allowed to do that!! STOP Hit your browser back button please."; } elseif($take_rubie > $rbalance){ echo "Your not Allowed to do that!! STOP Hit your browser back button please."; } else{ $sql="UPDATE $tbl_name SET bank = bank - $take_gold , onhand = onhand + $take_gold , dbalance = dbalance - $take_diamond , diamond = diamond + $take_diamond , rbalance = rbalance - $take_rubie , rubie = rubie + $take_rubie WHERE uname='$uname'"; mysql_query($sql) or die (mysql_error()."<p>$sql</p>"); echo "<META HTTP-EQUIV=\"Refresh\"CONTENT=\"0; URL=mainview.php?diamond=account\">"; } } ?> I went ahead and removed some superfluous lines of code because... well... they weren't doing anything. The reason it was not working correctly is because you forgot the else in elseif. Quote Link to comment https://forums.phpfreaks.com/topic/119592-what-is-wrong-with-this-code/#findComment-616140 Share on other sites More sharing options...
Kryllster Posted August 14, 2008 Author Share Posted August 14, 2008 Thanks for the reply I am checking out here in a moment and the extra code I thought needed to be removed as well just wasn't sure if it would hurt or not thanks for cleaning for me too. Quote Link to comment https://forums.phpfreaks.com/topic/119592-what-is-wrong-with-this-code/#findComment-616144 Share on other sites More sharing options...
Kryllster Posted August 14, 2008 Author Share Posted August 14, 2008 Ok just copied and pasted logged on it worked good when I tried to take more out than was in there then I tried to take like 60 or so and this is what I got as an error code. You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' diamond = diamond + , rbalance = rbalance - , rub' at line 4 UPDATE diamond SET bank = bank - 6000 , onhand = onhand + 6000 , dbalance = dbalance - , diamond = diamond + , rbalance = rbalance - , rubie = rubie + WHERE uname='Kryll' Now im flustered stilll lol but I will learn what is wrong I hope. Quote Link to comment https://forums.phpfreaks.com/topic/119592-what-is-wrong-with-this-code/#findComment-616146 Share on other sites More sharing options...
genericnumber1 Posted August 14, 2008 Share Posted August 14, 2008 For some reason from that error it looks like the variables aren't making it through to the query (other than $take_gold)... offhand I can't see why this is happening.. let me keep looking Quote Link to comment https://forums.phpfreaks.com/topic/119592-what-is-wrong-with-this-code/#findComment-616147 Share on other sites More sharing options...
genericnumber1 Posted August 14, 2008 Share Posted August 14, 2008 <?php session_start(); $uname = $_SESSION['uname']; // Define Form Variables $take_gold = 0 + $_POST['take_gold']; $take_diamond = 0 + $_POST['take_diamond']; $take_rubie = 0 + $_POST['take_rubie']; // Connect and Select data from database include ('includes/config.php'); $sql="SELECT * FROM $tbl_name WHERE uname='$uname'"; $result=mysql_query($sql); // Put info into array while($row=mysql_fetch_assoc($result)) { // Assign Variable to array element after the array is created. $bank = $row['bank']; $dbalance = $row['dbalance']; $rbalance = $row['rbalance']; // Test the money if($take_gold > $bank || $take_diamond > $dbalance || $take_rubie > $rbalance){ echo "Your not Allowed to do that!! STOP Hit your browser back button please."; } else{ $sql="UPDATE $tbl_name SET bank = bank - $take_gold , onhand = onhand + $take_gold , dbalance = dbalance - $take_diamond , diamond = diamond + $take_diamond , rbalance = rbalance - $take_rubie , rubie = rubie + $take_rubie WHERE uname='$uname'"; mysql_query($sql) or die (mysql_error()."<p>$sql</p>"); echo "<META HTTP-EQUIV=\"Refresh\"CONTENT=\"0; URL=mainview.php?diamond=account\">"; } } ?> I went ahead and remove more excess code.... but I don't think the problem is with this code, can you make sure that your form is submitting take_diamond and take_rubie? Also, you might look into protecting this script against sql injection and doing some checks to make sure the users submitted numeric input (or any input at all). edit: nevermind, I removed the 0 + $num from the inputs before, but apparently you used that to allow the users to input nothing at all. You still should make sure it's numeric before adding it to 0. Quote Link to comment https://forums.phpfreaks.com/topic/119592-what-is-wrong-with-this-code/#findComment-616151 Share on other sites More sharing options...
Kryllster Posted August 14, 2008 Author Share Posted August 14, 2008 <?php session_start(); $uname = $_SESSION['uname']; // Define Form Variables $take_gold = 0 + $_POST['take_gold']; $take_diamond = 0 + $_POST['take_diamond']; $take_rubie = 0 + $_POST['take_rubie']; // Connect and Select data from database include ('includes/config.php'); $sql="SELECT * FROM $tbl_name WHERE uname='$uname'"; $result=mysql_query($sql); // Put info into array while($row=mysql_fetch_assoc($result)) { // Assign Variable to array element after the array is created. $bank = $row['bank']; $dbalance = $row['dbalance']; $rbalance = $row['rbalance']; // Test the money if($take_gold > $bank){ echo "Your not Allowed to do that!! STOP Hit your browser back button please."; } elseif($take_diamond > $dbalance){ echo "Your not Allowed to do that!! STOP Hit your browser back button please."; } elseif($take_rubie > $rbalance){ echo "Your not Allowed to do that!! STOP Hit your browser back button please."; } else{ $sql="UPDATE $tbl_name SET bank = bank - $take_gold , onhand = onhand + $take_gold , dbalance = dbalance - $take_diamond , diamond = diamond + $take_diamond , rbalance = rbalance - $take_rubie , rubie = rubie + $take_rubie WHERE uname='$uname'"; mysql_query($sql) or die (mysql_error()."<p>$sql</p>"); echo "<META HTTP-EQUIV=\"Refresh\"CONTENT=\"0; URL=mainview.php?diamond=account\">"; } } ?> I have executed this code around 10 times on all 3 of the withdrawals with high and low numbers and it worked great? I see the code u wrote I am going to give it a try? I just still dont know what Im doing really but I go so fast in my head I cant slow down I think thats some of my problem. Quote Link to comment https://forums.phpfreaks.com/topic/119592-what-is-wrong-with-this-code/#findComment-616154 Share on other sites More sharing options...
Kryllster Posted August 14, 2008 Author Share Posted August 14, 2008 Your code works too? Can you tell me about some of the if statement like what kind of pipes are this and anything for pointers?? I am trying to write out stuff but I had been copying and pasting alot. Anyways thanks, Quote Link to comment https://forums.phpfreaks.com/topic/119592-what-is-wrong-with-this-code/#findComment-616158 Share on other sites More sharing options...
genericnumber1 Posted August 14, 2008 Share Posted August 14, 2008 the pipes || together are logical ORs. you can read about logical operators here... http://us3.php.net/language.operators.logical Quote Link to comment https://forums.phpfreaks.com/topic/119592-what-is-wrong-with-this-code/#findComment-616162 Share on other sites More sharing options...
Kryllster Posted August 14, 2008 Author Share Posted August 14, 2008 Oky doke thanks alot for ur help do I put topic solved or what? Kryll Quote Link to comment https://forums.phpfreaks.com/topic/119592-what-is-wrong-with-this-code/#findComment-616163 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.