lee2010 Posted February 21, 2011 Share Posted February 21, 2011 hi all, i have written a seating plan page for my website which allows users to click on a seat and that seat is then allocated to there username, however theres nothing stopping a user changing the URL to a seat thats been taken and "taking" that seat from someone else. heres my code for my reserve_seat.php <?PHP session_start(); /* get user id */ $user_id = $_SESSION['username']; /* get the seat number */ $seat_id = $_GET['seat']; /* connect to data base */ require ('./secure/connect.php'); /* create query */ $query = "UPDATE seats_table set taken = FALSE, user_id = '0' WHERE user_id = '$user_id'"; $query2 = "UPDATE seats_table set taken = TRUE, user_id = '$user_id' WHERE id = '$seat_id'"; /* $query3 = "UPDATE users set signed_up = '3' WHERE username = '$user_id'"; */ /* execute the query */ $result = mysql_query($query); $result2 = mysql_query($query2); /* $result3 = mysql_query($query3); */ /* advise user their seat has been reserved */ include 'seating.php'; ?> so if a user reserves seat 28 the url is http://localhost/reserve_seat.php?seat=26, but theres nothing stopping another user typing this url and "stealing" this seat i need some kind of IF statement before the sql queries that checks to see if the seats "taken" column is 1 or 0 bearing in mind there is 49 seats but im lost at how to write it. any help would be great Lee Link to comment https://forums.phpfreaks.com/topic/228404-seating-overwrite/ Share on other sites More sharing options...
denno020 Posted February 22, 2011 Share Posted February 22, 2011 <?PHP session_start(); /* get user id */ $user_id = $_SESSION['username']; /* get the seat number */ $seat_id = $_GET['seat']; //NEW CODE STARTS HERE $sqlCommand = "SELECT taken FROM seats_table WHERE seat_id = $seat_id"; $query = mysql_query($sqlCommand, $myConnection) or die (mysql_error()); while($row = mysql_fetch_array($query)){ $taken = $row["taken"]; } mysql_free_result($query); //Check if seat is taken if($taken == 1){ echo "That seat is taken, please go back and select another"; exit(); //will stop processing the rest of the script, so nothing else will be shown. } //NEW CODE ENDS HERE /* connect to data base */ require ('./secure/connect.php'); /* create query */ $query = "UPDATE seats_table set taken = FALSE, user_id = '0' WHERE user_id = '$user_id'"; $query2 = "UPDATE seats_table set taken = TRUE, user_id = '$user_id' WHERE id = '$seat_id'"; /* $query3 = "UPDATE users set signed_up = '3' WHERE username = '$user_id'"; */ /* execute the query */ $result = mysql_query($query); $result2 = mysql_query($query2); /* $result3 = mysql_query($query3); */ /* advise user their seat has been reserved */ include 'seating.php'; ?> That's something I've just whipped up for you. You can see where I've added code. I haven't tested it, so there might be some silly errors in there, but nothing that you won't be able to figure out . Hopefully that helps. Denno Link to comment https://forums.phpfreaks.com/topic/228404-seating-overwrite/#findComment-1178044 Share on other sites More sharing options...
Psycho Posted February 22, 2011 Share Posted February 22, 2011 So, a user can only have one seat? That would seem to be the case based upon your code. Oh well, denno020 has the right idea, but I think the below would be more efficient. Plus that code will not work as written sice it is trying to run queries before connecting to the DB. I also added code to prevent sql injection <?php session_start(); /* connect to data base */ require ('./secure/connect.php'); /* get user id */ $user_id = mysql_real_escape_string(trim($_SESSION['username'])); /* get the seat number */ $seat_id = mysql_real_escape_string(trim($_GET['seat'])); //Check if seat is already taken $query = "SELECT taken FROM seats_table WHERE seat_id = $seat_id AND taken = TRUE"; $result = mysql_query($query, $myConnection) or die (mysql_error()); //Check if seat is taken if(mysql_num_rows($result)>0) { echo "That seat is taken, please go back and select another"; exit(); //Could also do a header to redirect to appropritate page } /* create query */ $query = "UPDATE seats_table set taken = FALSE, user_id = '0' WHERE user_id = '$user_id'"; $result = mysql_query($query) or die (mysql_error()); $query = "UPDATE seats_table set taken = TRUE, user_id = '$user_id' WHERE id = '$seat_id'"; $result = mysql_query($query) or die (mysql_error()); /* $query3 = "UPDATE users set signed_up = '3' WHERE username = '$user_id'"; */ /* $result3 = mysql_query($query3); */ /* advise user their seat has been reserved */ include 'seating.php'; ?> Link to comment https://forums.phpfreaks.com/topic/228404-seating-overwrite/#findComment-1178052 Share on other sites More sharing options...
denno020 Posted February 22, 2011 Share Posted February 22, 2011 So, a user can only have one seat? That would seem to be the case based upon your code. Oh well, denno020 has the right idea, but I think the below would be more efficient. Plus that code will not work as written sice it is trying to run queries before connecting to the DB. I also added code to prevent sql injection <?php session_start(); /* connect to data base */ require ('./secure/connect.php'); /* get user id */ $user_id = mysql_real_escape_string(trim($_SESSION['username'])); /* get the seat number */ $seat_id = mysql_real_escape_string(trim($_GET['seat'])); //Check if seat is already taken $query = "SELECT taken FROM seats_table WHERE seat_id = $seat_id AND taken = TRUE"; $result = mysql_query($query, $myConnection) or die (mysql_error()); //Check if seat is taken if(mysql_num_rows($result)>0) { echo "That seat is taken, please go back and select another"; exit(); //Could also do a header to redirect to appropritate page } /* create query */ $query = "UPDATE seats_table set taken = FALSE, user_id = '0' WHERE user_id = '$user_id'"; $result = mysql_query($query) or die (mysql_error()); $query = "UPDATE seats_table set taken = TRUE, user_id = '$user_id' WHERE id = '$seat_id'"; $result = mysql_query($query) or die (mysql_error()); /* $query3 = "UPDATE users set signed_up = '3' WHERE username = '$user_id'"; */ /* $result3 = mysql_query($query3); */ /* advise user their seat has been reserved */ include 'seating.php'; ?> That's a pretty good point about running queries before being connected to the database, oops. Thanks for the sql injection fix up too. Link to comment https://forums.phpfreaks.com/topic/228404-seating-overwrite/#findComment-1178056 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.