Jump to content

Recommended Posts

:wtf:

 

I started using dreamweaver to do part of this and now i've made and epic hash up

it's for a game of killer- to log a kill you select a player and his killer from the database which is one table with the unique email as a primary key

when someone is killed the score has to be calculated and then the dead person's target (also email) has to be reassigned to the killer (hence the select query in the middle of the update)

 

it's not making it through and i was wondering if someone could help me

http://www.arts.ulster.ac.uk/IMAK/admin

 

<?php require_once('../Connections/IMAK.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}





if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "kill") && ($email != $target)) {


//explode killer
$target = $_POST['players'];
$weapon = $_POST['weapon'];
$killer = $_POST['killer'];
$piece = explode(" ", $killer);
$piece[0] = $email;
$piece[1] = $year;


//score = year+weapon+tweet*evidence
$youtube = "youtube";
$proof = strpos($_POST['evidence'], $youtube);
if($proof === true){
$kill_score = ($year + $weapon + $tweet)*2;
}else{
$kill_score = ($year + $weapon + $tweet);
}

mysql_select_db($database_IMAK, $IMAK);
  $query_players2 = "SELECT current_target FROM IMAK_player WHERE email = $target";
  $players2 = mysql_query($query_players2, $IMAK) or die(mysql_error());
  $row_players2 = mysql_fetch_assoc($players2);
  $totalRows_players2 = mysql_num_rows($players2);

  $updateSQL = sprintf("UPDATE IMAK_player SET killer=%s, evidence=%s, weapon=%s, tweet=%s, current_target=%s, kill_score=%s WHERE email=%s",
                       GetSQLValueString($email, "text"),
                       GetSQLValueString($_POST['evidence'], "text"),
                       GetSQLValueString($weapon, "text"),
                       GetSQLValueString(isset($_POST['tweet']) ? "true" : "", "defined","1","0"),
                       GetSQLValueString($row_players2['current_target'], "text"),
                       GetSQLValueString($kill_score, "text"),
				   GetSQLValueString($target, "text"));


  
  mysql_select_db($database_IMAK, $IMAK);
  $Result1 = mysql_query($updateSQL, $IMAK) or die(mysql_error());

  $updateGoTo = "yeo.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
    $updateGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $updateGoTo));
}

//populate player list
mysql_select_db($database_IMAK, $IMAK);
$query_players = "SELECT * FROM IMAK_player WHERE active = 1";
$players = mysql_query($query_players, $IMAK) or die(mysql_error());
$row_players = mysql_fetch_assoc($players);
$totalRows_players = mysql_num_rows($players);

?>

Link to comment
https://forums.phpfreaks.com/topic/245755-biting-off-more-than-i-can-chew/
Share on other sites

If I am right in what you are saying it sounds like your database isn't allowing you to save details into it using a custom primary key, your database may not be setup properly.

 

Also you shouldn't realy use email addresses as a primary key, thats personal information.

All those email addresses are viewable in your websites html source, use an autoincrement value in your databse for a PK.

 

I think you have more than one problem going on here.

yeah the email variable has to be made from another variable as all the info is in a drop down list of players email and what year they're in. the problem is that because it's a drop down list all the calculations have to happen after the submit button is clicked? at least i think so.

 

as for the database- how might that be set up incorrectly? I have email as the primary key etc.

 

i have a strpos but i'm gonna have to use a stristr so thanks for flagging that

//score = year+weapon+tweet*evidence
$youtube = "youtube";

if (stristr($_POST['evidence'], $youtube) === TRUE){
$kill_score = ($year + $weapon + $tweet)*2;
}else{
$kill_score = ($year + $weapon + $tweet);
}

 

is this more correct or should i still use ==?

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@email.ulster.ac.uk 3' at line 1

 

i wasn't getting anything- it was just dying and now i have this one above which isn't really pointing at anything

Hi guys

 

I figured out the error- it was because I hadn't used quotes so it wasn't pulling in the email- i rectified that.

Got this now- and it's going to yeo.php but not updating the database at all- i've also attached the form under the code- stumped

 

<?php require_once('../Connections/IMAK.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}




if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "kill")) {


//explode killer
$target = $_POST['players'];
$weapon = $_POST['weapon'];
$killer = $_POST['killer'];
$piece = explode(" ", $killer);
$piece[0] = $email;
$piece[1] = $year;



//score = year+weapon+tweet*evidence
$youtube = "youtube";

if (stristr($_POST['evidence'], $youtube) == TRUE){
$kill_score = ($year + $weapon + $tweet)*2;
}else{
$kill_score = ($year + $weapon + $tweet);
}


mysql_select_db($database_IMAK, $IMAK);
  $query_players2 = "SELECT current_target FROM IMAK_player WHERE email = '$target'";
  $players2 = mysql_query($query_players2, $IMAK) or die(mysql_error());
  $row_players2 = mysql_fetch_assoc($players2);
  $totalRows_players2 = mysql_num_rows($players2);

$row_players2['current_target'] = $current_target;

  $updateSQL = sprintf("UPDATE IMAK_player SET killer=%s, evidence=%s, weapon=%s, tweet=%s, current_target=%s, kill_score=%s WHERE email=%s",
                       GetSQLValueString($email, "text"),
                       GetSQLValueString($_POST['evidence'], "text"),
                       GetSQLValueString($weapon, "text"),
                       GetSQLValueString(isset($_POST['tweet']) ? "true" : "", "defined","1","0"),
                       GetSQLValueString($current_target, "text"),
                       GetSQLValueString($kill_score, "text"),
				   GetSQLValueString($target, "text"));


  
  mysql_select_db($database_IMAK, $IMAK);
  $Result1 = mysql_query($updateSQL, $IMAK) or die(mysql_error());

  $updateGoTo = "yeo.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
    $updateGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $updateGoTo));
}

//populate player list
mysql_select_db($database_IMAK, $IMAK);
$query_players = "SELECT * FROM IMAK_player WHERE active = 1";
$players = mysql_query($query_players, $IMAK) or die(mysql_error());
$row_players = mysql_fetch_assoc($players);
$totalRows_players = mysql_num_rows($players);


?>

 

here's the form

 

     <form action="<?php echo $editFormAction; ?>" method="POST" name="kill">
      <li>
      <select name="players" title="select player">
        <?php
do {  
?>
        <option value="<?php echo $row_players['email']?> <?php echo $row_players['year']; ?>"><?php echo $row_players['name']?> <?php echo $row_players['surname']?> (<?php echo $row_players['year']; ?>)</option>
        <?php
} while ($row_players = mysql_fetch_assoc($players));
  $rows = mysql_num_rows($players);
  if($rows > 0) {
      mysql_data_seek($players, 0);
  $row_players = mysql_fetch_assoc($players);
  }
?>
      </select>
      <img src="../images/murdah.png" alt="has assassinated" width="100" height="49" border="0" align="middle" />
<select name="killer" title="select killer">
  <?php
do {  
?>
  <option value="<?php echo $row_players['email']?>"><?php echo $row_players['name']?> <?php echo $row_players['surname']?> (<?php echo $row_players['year']; ?>)</option>
        <?php
} while ($row_players = mysql_fetch_assoc($players));
  $rows = mysql_num_rows($players);
  if($rows > 0) {
      mysql_data_seek($players, 0);
  $row_players = mysql_fetch_assoc($players);
  }
?>
    </select></li>
      
      <li> <input name="evidence" type="text" size="30" /></li>
     
      
      
      <li>	<img src="../images/weapons/gun.png" alt="gun" width="70" height="47" align="middle" />
            <input name="weapon" type="radio" value="1"  checked/>
            <img src="../images/weapons/dagger.png" alt="dagger" width="50" height="47" align="middle" />
        	<input name="weapon" type="radio" value="2"  />
      		<img src="../images/weapons/poison.png" alt="poison" width="50" height="47" align="middle" />
      		<input name="weapon" type="radio" value="3"  />
            <img src="../images/weapons/garotte.png" alt="garotte" width="50" height="47" align="middle" />
            <input name="weapon" type="radio" value="4"  />
      </li>
      <li>
            <img src="../images/twitter.png" alt="twitter" width="50" height="50" align="middle" />

      <input name="tweet" type="checkbox" value="1" />
      
      </li>
      <li><input name="submit" type="submit" value="KILL" />
      </li>
      <input type="hidden" name="MM_update" value="kill" />
      <input type="hidden" name="<?php echo $row_players['year']; ?>" value="kill" />
      </form>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.