zero_ZX Posted June 23, 2009 Share Posted June 23, 2009 Hi all, so i want to use whmcs and smf to make a post-to-host forum, however this is not standard for any of the two scripts, so i tried to find a way, and got to "credits". This is just a small script, which transfer credits from smf to whmcs. However as i'm new to php i'm not sure this is correct. Please tell me I've only coded the first small part which ckecks if the id and password matches, and then if it doesn't the script should die. <p>Transfer resaults:</p> <?php //connect to base1 server $con = mysql_connect("localhost","MYSQL USER","MYSQL PASS"); if (!$con) { die('Could not connect: ' . mysql_error()); } //select the smf database mysql_select_db("MYSQL DB", $con); // Let's validate all the fields //validating credit password $query = "SELECT member_id FROM smf_themes WHERE member_id = '{$_POST['memberid']}' and credits = '{$_POST['creditpass']}'"; //or die(mysql_error()); $result = mysql_query($query,$con); if(mysql_num_rows($result) != 1); //if member id and creditpass didn't match do: { echo "An error occoured: <br /> Your member id and/or creditpassword didn't math. Please try again"; die(); } //Let's see if the user tries to cheat by inserting other stuff into the transfer amount other than positive numbers. //Let's see if the user tries to cheat by transfering more credits than he got //Make sure whmcs email exists //DONE!! Start the transfer! ?> [code] Quote Link to comment Share on other sites More sharing options...
AviNahum Posted June 23, 2009 Share Posted June 23, 2009 try this code: <p>Transfer resaults:</p> <?php //connect to base1 server $con = mysql_connect("localhost","MYSQL USER","MYSQL PASS"); if (!$con) { die('Could not connect: ' . mysql_error()); } //select the smf database mysql_select_db("MYSQL DB", $con); // Let's validate all the fields //validating credit password $select = "SELECT member_id FROM smf_themes WHERE member_id = '{$_POST['memberid']}' and credits = '{$_POST['creditpass']}'"; $result = mysql_query($select, $con); $row = mysql_fetch_array($result); if(mysql_num_rows($result) != 1); //if member id and creditpass didn't match do: { echo "An error occoured: <br /> Your member id and/or creditpassword didn't math. Please try again"; die(); } //Let's see if the user tries to cheat by inserting other stuff into the transfer amount other than positive numbers. //Let's see if the user tries to cheat by transfering more credits than he got //Make sure whmcs email exists //DONE!! Start the transfer! ?> [code] Quote Link to comment Share on other sites More sharing options...
zero_ZX Posted June 23, 2009 Author Share Posted June 23, 2009 Thanks a lot for pointing the mistakes out I'm still unsure about if(mysql_num_rows($result) != 1); //if member id and creditpass didn't match do: Is this right? Quote Link to comment Share on other sites More sharing options...
AviNahum Posted June 23, 2009 Share Posted June 23, 2009 its fine... Quote Link to comment Share on other sites More sharing options...
zero_ZX Posted June 23, 2009 Author Share Posted June 23, 2009 Thanks a lot So, i coded the next part: //Let's see if the user tries to cheat by transferring more credits than he got. //Get users total points $select = "SELECT points FROM smf_members WHERE id_member = '{$_POST['memberid']}' and credits = '{$_POST['creditpass']}'"; $result = mysql_query($select, $con); $row = mysql_fetch_array($result); if ("'{$_POST['creditsamount']}' > (mysql_num_rows($result)") { echo "An error occoured: <br /> Are you trying to cheat? You do not have enough points to do this!"; die(); } But as told, i'm still not sure.. I want to read how much points/credits the user actually got, then if the number they enter in the form is bigger than that, it will die. Mostly of it is just copy paste from the previous step. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.