c4n10 Posted February 16, 2013 Share Posted February 16, 2013 (edited) Hello all, I am working with a page that has 3 forms, each with their own submit button and a field called "curr_type" where each form has it's own unique value. Upon submit, depending on the form's submitted "curr_type" value it should be running one of three different functions on the page, "bitcoin_withdraw", "litecoin_withdraw" or "rucoin_withdraw". All three forms submit the correct amount and address but for some reason all three forms are causing the "bitcoin_withdraw" function to run and I am getting very frustrated with it. Any help is greatly appreciated, here is the code: <?php require 'util.php'; if (isset($_POST['amount']) && isset($_POST['curr_type'])) { if(isset($_POST['csrf_token'])) { if($_SESSION['csrf_token'] != $_POST['csrf_token']) { throw new Error("csrf","csrf token mismatch!"); } } else { throw new Error("csrf","csrf token missing"); } } function bitcoin_withdraw($uid, $amount, $curr_type) { $addy = post('address'); $bitcoin = connect_bitcoin(); $validaddy = $bitcoin->validateaddress($addy); if (!$validaddy['isvalid']) throw new Problem('Bitcoin says no', 'That address you supplied was invalid.'); syslog(LOG_NOTICE, "address=$addy"); endlog(); $query = " INSERT INTO requests (req_type, uid, amount, curr_type) VALUES ('WITHDR', '$uid', '$amount', '$curr_type'); "; do_query($query); $reqid = mysql_insert_id(); $query = " INSERT INTO bitcoin_requests (reqid, addy) VALUES ('$reqid', '$addy'); "; do_query($query); } function litecoin_withdraw($uid, $amount, $curr_type) { $addy = post('address'); $litecoin = connect_litecoin(); $validaddy = $litecoin->validateaddress($addy); if (!$validaddy['isvalid']) throw new Problem('Litecoin says no', 'That address you supplied was invalid.'); syslog(LOG_NOTICE, "address=$addy"); endlog(); $query = " INSERT INTO requests (req_type, uid, amount, curr_type) VALUES ('WITHDR', '$uid', '$amount', '$curr_type'); "; do_query($query); $reqid = mysql_insert_id(); $query = " INSERT INTO litecoin_requests (reqid, addy) VALUES ('$reqid', '$addy'); "; do_query($query); } function rucoin_withdraw($uid, $amount, $curr_type) { $addy = post('address'); $rucoin = connect_rucoin(); $validaddy = $rucoin->validateaddress($addy); if (!$validaddy['isvalid']) throw new Problem('RuCoin says no', 'That address you supplied was invalid.'); syslog(LOG_NOTICE, "address=$addy"); endlog(); $query = " INSERT INTO requests (req_type, uid, amount, curr_type) VALUES ('WITHDR', '$uid', '$amount', '$curr_type'); "; do_query($query); $reqid = mysql_insert_id(); $query = " INSERT INTO rucoin_requests (reqid, addy) VALUES ('$reqid', '$addy'); "; do_query($query); } function save_details($uid, $amount, $curr_type) { beginlog(); syslog(LOG_NOTICE, "Withdrawing $amount $curr_type:"); if ($curr_type = 'BTC') { bitcoin_withdraw($uid, $amount, $curr_type); return true; } elseif ($curr_type = 'LTC') { litecoin_withdraw($uid, $amount, $curr_type); return true; } elseif ($curr_type = 'RUC') { rucoin_withdraw($uid, $amount, $curr_type); return true; } else { throw Error('Invalid currency', 'You cannot withdraw a currency that does not exist.'); } # should never happen! return false; } function truncate_num($num) { return substr($num, 0, -6) . '000000'; } if (isset($_POST['amount']) && isset($_POST['curr_type'])) { do_query("LOCK TABLES orderbook WRITE, purses WRITE, transactions WRITE, requests WRITE, bitcoin_requests WRITE, rucoin_requests WRITE, litecoin_requests WRITE"); $uid = user_id(); $amount_disp = post('amount'); $curr_type = post('curr_type'); $amount = /*numstr_to_internal*/($amount_disp); $amount = /*truncate_num*/($amount); curr_supported_check($curr_type); order_worthwhile_check($amount, $amount_disp); enough_money_check($amount, $curr_type); if (!save_details($uid, $amount, $curr_type)) throw Error('We had to admit it sometime...', 'Stop trading on this site. Contact the admin FAST.'); # actually take the money now deduct_funds($amount, $curr_type); # request is submitted to the queue for the cron job to actually execute do_query("UNLOCK TABLES"); echo "<div class='content_box'>\n"; echo "<h3>Withdraw $curr_type</h3>\n"; echo "<p>Your request to withdraw $amount_disp $curr_type has been submitted. Visit your <a href='?page=profile'>profile</a> to check on the status of your request.</p>\n"; echo "</div>\n"; } else { ?> <div class='content_box'> <h3>Withdraw BTC</h3> <p>Enter an amount below to withdraw.</p> <p> <form action='' class='indent_form' method='post'> <label for='input_amount'>Amount</label> <input type='text' id='input_amount' name='amount' /> <label for='input_address'>Address</label> <input type='text' id='input_address' name='address' /> <input type='hidden' name='csrf_token' value="<?php echo $_SESSION['csrf_token']; ?>" /> <input type='hidden' name='curr_type' value='BTC' /> <input type='submit' value='Submit' /> </form> </p> </div> <div class='content_box'> <h3>Withdraw LTC</h3> <p>Enter an amount below to withdraw.</p> <p> <form action='' class='indent_form' method='post'> <label for='input_amount'>Amount</label> <input type='text' id='input_amount' name='amount' /> <label for='input_address'>Address</label> <input type='text' id='input_address' name='address' /> <input type='hidden' name='csrf_token' value="<?php echo $_SESSION['csrf_token']; ?>" /> <input type='hidden' name='curr_type' value='LTC' /> <input type='submit' value='Submit' /> </form> </p> </div> <div class='content_box'> <h3>Withdraw RUC</h3> <p>Enter an amount below to withdraw.</p> <p> <form action='' class='indent_form' method='post'> <label for='input_amount'>Amount</label> <input type='text' id='input_amount' name='amount' /> <label for='input_address'>Address</label> <input type='text' id='input_address' name='address' /> <input type='hidden' name='csrf_token' value="<?php echo $_SESSION['csrf_token']; ?>" /> <input type='hidden' name='curr_type' value='RUC' /> <input type='submit' value='Submit' /> </form> </p> </div> <?php } ?> Edited February 16, 2013 by c4n10 Quote Link to comment https://forums.phpfreaks.com/topic/274559-help-needed/ Share on other sites More sharing options...
denno020 Posted February 17, 2013 Share Posted February 17, 2013 (edited) When you're checking the value of $curr_type, you're actually assigning a new value. You need to put double equals. function save_details($uid, $amount, $curr_type) { beginlog(); syslog(LOG_NOTICE, "Withdrawing $amount $curr_type:"); if ($curr_type == 'BTC') { bitcoin_withdraw($uid, $amount, $curr_type); return true; } elseif ($curr_type == 'LTC') { litecoin_withdraw($uid, $amount, $curr_type); return true; } elseif ($curr_type == 'RUC') { rucoin_withdraw($uid, $amount, $curr_type); return true; } else { throw Error('Invalid currency', 'You cannot withdraw a currency that does not exist.'); } # should never happen! return false; } You could also use triple equals to make sure it's exactly the same Edited February 17, 2013 by denno020 Quote Link to comment https://forums.phpfreaks.com/topic/274559-help-needed/#findComment-1412857 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.