I-AM-OBODO Posted June 28, 2012 Share Posted June 28, 2012 Good day guys. Pls I'm stuck here. I am trying to design a payment platform. It's a project for my self. Users have to register and have money in their account just like bank. Users can transfer money from their account to another account. I'm having a problem verifying the sender's balance. The script is to check the senders balance to know if he has enough money to complete the transaction, if yes continues transaction and if no, gets an error message. My problem is that even if the balance is enough. It keeps bringing out error message "not enough money to perform transactions". Pls what am I doing wrong. Ps. My code might appear amateurish though. I wouldn't mind to know the best way to achieve a better result putting security into consideration Thanks <?php $sender = $_POST['sender']; $reciever = $_POST['reciever']; $amount = $_POST['amount']; $remarks = $_POST['remarks']; if($reciever ==''){ echo "<font color=red size=3>Reciever Field Empty</font><br>"; // verify that reciever's field not empty } if($reciever == $sender){ echo "<font color=red size=3>You can't transfer to same account</font><br>"; // verify the account is not the same } if($amount ==''){ echo('<font color=red size=3>Amount Field Empty</font><br>');// verify that amount field is not empty } else{ // verify if receivers account is in database $query = "SELECT Account_No FROM reg_users WHERE Account_No='$reciever'"; $query_result = mysql_query($query) or die(mysql_error()); $count=mysql_num_rows($query_result); if($count==0){ echo "Invalid Account. Check and retry later<br>"; }else{ // verify if the sender has enough balance to perform transaction $check = "SELECT Avail_bal FROM reg_users WHERE Account_No='$sender'"; $check_result = mysql_query($check) or die(mysql_error()); if( $check_result < $amount){ echo "You don't have enough balance to complete this transaction"; // if sender dont have enough balance to make transfer }else{ // if sender has enough balance, credit reciever $update = "UPDATE reg_users SET Avail_bal = '$amount' + Avail_bal WHERE Account_No = '$reciever'"; $query_update = mysql_query($update) or die(mysql_error()); if($query_update) echo "Transfer Completed" ; else{ echo "Something went wrong"; } } } } ?> [code] Link to comment https://forums.phpfreaks.com/topic/264926-verify-error/ Share on other sites More sharing options...
Pikachu2000 Posted June 28, 2012 Share Posted June 28, 2012 mysql_query returns a result resource, not a usable value. You need to extract the values from the resource with one of the fetch functions like mysql_fetch_assoc. Link to comment https://forums.phpfreaks.com/topic/264926-verify-error/#findComment-1357664 Share on other sites More sharing options...
I-AM-OBODO Posted June 28, 2012 Author Share Posted June 28, 2012 thanks but mysql_fetch_assoc didn't get the job done, it still brought out resource error. but mysql_fetch_object did the magic pls is there a better way of getting same objective? cos I feel my code is too amateurish and security loophole thanks Link to comment https://forums.phpfreaks.com/topic/264926-verify-error/#findComment-1357834 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.