Jump to content

problem with my code


edgarasm

Recommended Posts

Hi i am new to this forum and to the whole php ,wanted a hand at this code error :

 

PHP Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\Inetpub\hello\tugapay.com\httpdocs\account\methods.php on line 37

 

I have been looking everywhere but nothing has pointed me to the right direction 

 

Please if someone could help me would be appreciated 

 

thanks

 

My code is below 

 

<?php 
 
// If user submits login form
if(isset($_POST['login_submit'])){
 
$results = mysql_query("SELECT `login_email` FROM `users` A WHERE `email` = 'login_email' AND `pass` = 'login_password'");
 
if(empty($_POST['login_email']) || empty($_POST['login_password'])){
 
$loginMessage = "<div style=\"padding-bottom: 15px;\">
<a href=\"#\" class=\"notification error\">Please fill in all the fields below.</a>
 </div>";
 
} elseif(mysql_num_rows($results) > 0){
 
$row = mysql_fetch_array($results);
 
$_SESSION[‘users’] = $row['id'];
 
header("Location: /account/dashboard.php");
 
} else {
 
$loginMessage = "<div style=\"padding-bottom: 15px;\">
<a href=\"#\" class=\"notification error\">The information you entered was incorrect.</a>
 </div>";
 
}
 
}
 
 
// If user submits login form
if(isset($_POST['transfer_submit'])){
 
$results = mysql_query("SELECT `id`, CONCAT(`first_name`, ' ',`lastname`) AS `name`, `balance` FROM `accounts` A WHERE `login_email` = '". $_POST['transfer_email'] ."'");
$row = mysql_fetch_array($results);
 
 
if(empty($_POST['transfer_email']) || empty($_POST['transfer_amount']) || empty($_POST['transfer_description'])){
 
$transferMessage = "<div style=\"padding-bottom: 15px;\">
<a href=\"#\" class=\"notification error\">Please fill in all the fields below.</a>
 </div>";
 
} elseif(empty($row)) {
 
 
$transferMessage = "<div style=\"padding-bottom: 15px;\">
<a href=\"#\" class=\"notification error\">Email address not found.</a>
 </div>";
 
} elseif($row['id'] == $_SESSION['account_id']){
 
$transferMessage = "<div style=\"padding-bottom: 15px;\">
<a href=\"#\" class=\"notification error\">You cannot send money to yourself.</a>
 </div>";
 
} elseif($_POST['transfer_amount'] > $account['balance']){
 
$transferMessage = "<div style=\"padding-bottom: 15px;\">
<a href=\"#\" class=\"notification error\">You have insufficient funds.</a>
 </div>";
 
} else {
 
mysql_query("INSERT INTO transactions (account_id, from_id, amount, description, date, status) VALUES ('". $row['id'] ."', '". $_SESSION['account_id'] ."', '". $_POST['transfer_amount'] ."', '". $_POST['transfer_description'] ."', CURRENT_TIMESTAMP, '1')") OR die(mysql_error());
 
$balance = $account['balance'] - $_POST['transfer_amount'];
mysql_query("UPDATE accounts SET balance = '". $balance ."' WHERE id = '". $_SESSION['account_id'] ."'");
 
 
 
$balance = $row['balance'] + $_POST['transfer_amount'];
mysql_query("UPDATE accounts SET balance = '". $balance ."' WHERE id = '". $row['id'] ."'");
 
 
$transferMessage = "<div style=\"padding-bottom: 15px;\">
<a href=\"#\" class=\"notification success\">You have successfully sent <strong>£". number_format($_POST['transfer_amount'], 2) ."</strong> to <strong>". $row['name'] ."</strong></a>
 </div>";
 
unset($_POST);
 
}
 
 
}
 
?>
Link to comment
Share on other sites

Your logic is revered on line 37. You are running the query before you have validated the $_POST values. 

 

Also before getting the results from the query you should first make sure mysql_query didn't return false (in case of an error) and that it did return any rows using mysql_num_rows(). Code for performing the transfer

if(isset($_POST['transfer_submit']))
{
    // validate first
    if(empty($_POST['transfer_email']) || empty($_POST['transfer_amount']) || empty($_POST['transfer_description']))
    {
        $transferMessage = "<div style=\"padding-bottom: 15px;\">
        <a href=\"#\" class=\"notification error\">Please fill in all the fields below.</a>
        </div>";
    }
    else
    {
        $login_email          = msyql_real_escape_string($_POST['transfer_email']);
        $transfer_amount      = intval($_POST['transfer_amount']);
        $transfer_description = msyql_real_escape_string($_POST['transfer_description']);

        $results = mysql_query("SELECT `id`, CONCAT(`first_name`, ' ',`lastname`) AS `name`, `balance` FROM `accounts` A WHERE `login_email` = '$login_email'");
        
        // check query executed
        if($results)
        {
            // check it returned any results
            if(mysql_num_rows($results))
            {
                // get result
                $row = mysql_fetch_assoc($results);

                if($row['id'] == $_SESSION['account_id'])
                {
                    $transferMessage = "<div style=\"padding-bottom: 15px;\">
                    <a href=\"#\" class=\"notification error\">You cannot send money to yourself.</a>
                    </div>";
                } 
                elseif($transfer_amount > $account['balance'])
                {
                    $transferMessage = "<div style=\"padding-bottom: 15px;\">
                    <a href=\"#\" class=\"notification error\">You have insufficient funds.</a>
                    </div>";
                }
                else
                {
                    mysql_query("INSERT INTO transactions (account_id, from_id, amount, description, date, status) VALUES ('". $row['id'] ."', '". $_SESSION['account_id'] ."', '". $transfer_amount ."', '". $transfer_description ."', CURRENT_TIMESTAMP, '1')") OR die(mysql_error());
                     
                    $balance = $account['balance'] - $transfer_amount;
                    mysql_query("UPDATE accounts SET balance = '". $balance ."' WHERE id = '". $_SESSION['account_id'] ."'");
                     

                    $balance = $row['balance'] + $transfer_amount;
                    mysql_query("UPDATE accounts SET balance = '". $balance ."' WHERE id = '". $row['id'] ."'");
                     
                     
                    $transferMessage = "<div style=\"padding-bottom: 15px;\">
                    <a href=\"#\" class=\"notification success\">You have successfully sent <strong>£". number_format($transfer_amount, 2) ."</strong> to <strong>". $row['name'] ."</strong></a>
                     </div>";
                }
            }
            else
            {
                $transferMessage = "<div style=\"padding-bottom: 15px;\">
                <a href=\"#\" class=\"notification error\">Email address not found.</a>
                </div>";
            }
        }
        else
        {
            echo 'Database error cannot run transaction';
        }
    }
}

For the user login your code should be like

if(isset($_POST['login_submit']))
{ 
    // validate first
    if(empty($_POST['login_email']) || empty($_POST['login_password']))
    {
        $loginMessage = "<div style=\"padding-bottom: 15px;\">
        <a href=\"#\" class=\"notification error\">Please fill in all the fields below.</a>
        </div>";
    }
    else
    {
        // sanitize the user input
        $login_email    = mysql_real_escape_string($_POST['login_email']);

        // encrypt user password (the stored password should also be encrypted too
        $login_password = md5($_POST['login_password']);

        $results = mysql_query("SELECT `login_email`, `id` FROM `users` A WHERE `email` = '$login_email' AND `pass` = '$login_password'");
        if(mysql_num_rows($results) > 0)
        {
            $row = mysql_fetch_assoc($results);
             
            $_SESSION['users'] = $row['id'];
             
            header("Location: /account/dashboard.php");
         
        }
        else 
        {
            $loginMessage = "<div style=\"padding-bottom: 15px;\">
            <a href=\"#\" class=\"notification error\">The information you entered was incorrect.</a>
             </div>";
        }
    } 
}
Edited by Ch0cu3r
Link to comment
Share on other sites

Find   msyql_real_escape_string    and replace it with      mysql_real_escape_string

I spelt that function wrong.

 

 

i think what it is that my login and transfer submit stuff in in the same methods.php

You can separate them into separate files if you want. However as the code is they wont interfere each other. If the login form is submitted then the login code will run. If the transfer form is submitted then the transfer code will run.

Edited by Ch0cu3r
Link to comment
Share on other sites

Ok another question,lets say i got a transactions page ,i want to make money received balance with + sign green colour and money sent as minus symbol in red colour ,also i want every balance to be shown after each transaction.at the moment my page is showing just my current balance .Any help ?

Code below for my dashboard page

<?php include '../header.php'; ?>

	<div id="title">
		<div class="inner">
			<ol class="breadcrumb">
			</ol>
			<h1>My Account - Dashboard</h1>
		</div>
	</div>

	<div id="content" class="right-sidebar">
		<div class="inner">
			<div id="main" role="main">
				
				<div class="container">
					<table class="table" style="width: 50%">
						<tr>
							<th>Account Name</th> 
							<td><?php echo $account['first_name'] . " " . $account['last_name']; ?></td>
						</tr>
						<tr>
							<th>Balance</th> 
							<td>£ <?php echo number_format($account['balance'], 2); ?></td>
							
						</tr>
						<tr>
							<th>Account Type</th> 
							<td>Verified</td>
							
						</tr>
						
					</table>
				</div>
				
				<div class="space"></div>
				
				<?php 
				
				$results = mysql_query("SELECT 
											T.`date`, 
											CONCAT(A.first_name, ' ', A.`last_name`) AS `from`, 
											CONCAT(AA.first_name, ' ', AA.`last_name`) AS `to`, 
											T.`amount`, 
											T.`from_id`, 
											T.`account_id` 
										FROM `transactions` T 
										JOIN `users` A ON (T.`from_id` = A.`id`) 
										JOIN `users` AA ON (T.`account_id` = AA.`id`) 
										
										WHERE 
											(T.`account_id` = '" . $_SESSION['account_id'] . "' || T.`from_id` = '" . $_SESSION['account_id'] . "') 
											
										ORDER BY T.`id` 
										
										DESC LIMIT 5") OR die(mysql_error());
				
				?>
				
				<div class="container">
					<h2>Recent Transactions</h2>
					<table class="table">
						<tr>
							<th>Type</th>
							<th>Date</th>
							<th>Name</th>
							<th>Amount</th>
							<th>Balance</th>
						</tr>
						<?php if(mysql_num_rows($results) == 0){ ?>
							<tr>
								<td colspan="4">No recent transactions</td>
							</tr>
						
						<?php } else { ?>
							
							<?php while($row = mysql_fetch_array($results)){ ?>
							<tr>
								<td><?php echo ($row['from_id'] == $_SESSION['account_id'] ? "Sent" : "Received"); ?></td>
								<td><?php echo $row['date']; ?></td>
								<td><?php echo ($row['from_id'] == $_SESSION['account_id'] ? $row['to'] : $row['from']); ?></td>
								<td>£ <?php echo $row['amount']; ?></td>
								<td>£ <?php echo number_format($account['balance'], 2); ?></td>
							</tr>
							<?php } ?>
							
						<?php } ?>
					</table>
					<?php if(mysql_num_rows($results) > 5){ ?>
					<div style="margin-top: 10px;"><a href="/account/transactions.php">My Transactions</a></div>
					<?php } ?>
				</div>
				
				<div class="space"></div>
			</div>
			<ul class="sidebar" role="complementary">
				<li>
					<h2>Navigation</h2>
					<ul class="link-list">
						<li><a href="/account/dashboard.php">Dashboard</a></li>
						<li><a href="/account/transfer.php">Transfer Money</a></li>
						<li><a href="/account/transactions.php">Transactions</a></li>
						<li><a href="/account/withdrawal.php">Withdraw Funds</a></li>
						<li><a href="/account/upload.php">Upload Funds</a></li>
						<li><a href="/account/details.php">Change My details</a></li>
					</ul>
				</li>
			</ul>
		</div>
	</div>
<?php include '../footer.php'; ?>

This is my transactions page

<?php include '../header.php'; ?>

	<div id="title">
		<div class="inner">
			<ol class="breadcrumb">
				<li><a href="index.php">Home</a></li>
				<li>My Account - Transactions</li>
			</ol>
			<h1>My Account - Transactions</h1>
		</div>
	</div>

	<div id="content" class="right-sidebar">
		<div class="inner">
			<div id="main" role="main">
				
				<?php 
				
				$results = mysql_query("SELECT T.`date`, CONCAT(A.first_name, ' ', A.`last_name`) AS `from`, CONCAT(AA.first_name, ' ', AA.`last_name`) AS `to`, T.`amount`, T.`from_id`, T.`account_id` FROM `transactions` T JOIN `users` A ON (T.`from_id` = A.`id`) JOIN `users` AA ON (T.`account_id` = AA.`id`) WHERE (T.`account_id` = '" . $_SESSION['account_id'] . "' || T.`from_id` = '" . $_SESSION['account_id'] . "') ORDER BY T.`id` DESC") OR die(mysql_error());
				
				?>
				
				<div class="container">
					<h2>Transactions</h2>
					<table class="table">
						<tr>
							<th>Type</th>
							<th>Date</th>
							<th>Name</th>
							<th>Amount</th>
						</tr>
						<?php if(mysql_num_rows($results) == 0){ ?>
							<tr>
								<td colspan="4">No transactions</td>
							</tr>
						
						<?php } else { ?>
							
							<?php while($row = mysql_fetch_array($results)){ ?>
							<tr>
								<td><?php echo ($row['from_id'] == $_SESSION['account_id'] ? "Sent" : "Received"); ?></td>
								<td><?php echo $row['date']; ?></td>
								<td><?php echo ($row['from_id'] == $_SESSION['account_id'] ? $row['to'] : $row['from']); ?></td>
								<td>£ <?php echo $row['amount']; ?></td>
							</tr>
							<?php } ?>
							
						<?php } ?>
					</table>
				</div>
				
				<div class="space"></div>
			</div>
			<ul class="sidebar" role="complementary">
				<li>
					<h2>Navigation</h2>
					<ul class="link-list">
						<li><a href="/account/dashboard.php">Dashboard</a></li>
						<li><a href="/account/transfer.php">Transfer Money</a></li>
						<li><a href="/account/transactions.php">Transactions</a></li>
						<li><a href="">Withdraw Funds</a></li>
						<li><a href="">Upload Funds</a></li>
						<li><a href="">Change My details</a></li>
					</ul>
				</li>
			</ul>
		</div>
	</div>
<?php include '../footer.php'; ?>

Thanks in advance

Link to comment
Share on other sites

try changing

 

      <td>£ <?php echo $row['amount']; ?></td>

 

to

<?php
$amount = $row['amount'];

if($row['from_id'] == $_SESSION['account_id']) {
    $amount = '<span style="color: red"> -' . $amount . '</span>';   //sent 
} else {
    $amount = '<span style="color: green"> +' . $amount . '</span>'; // received
}
?>
<td>£ <?php echo $amount ?></td>
Link to comment
Share on other sites

would you know how to hide a login form after the user has logged in on the index page ? also what my index page does ,when i enter the details in the fields it takes me to the next login page where i have to enter the details again :/ 

 

im going to paste my code 

<?php include 'header.php'; ?>
<link rel=”apple-touch-icon” href="http://www.tugapay.com/webicon.png"
<link rel="shortcut icon" href="favicon.ico" type="image/x-icon"/>
<link rel="apple-touch-startup-image" href="/startup.png">
<meta name="apple-mobile-web-app-capable" content="yes" />

	<div id="content">
		<div class="container inner">

			<form action="/account/index.php" method="POST" enctype="multipart/form-data">
			<form action="loginprocess.php" method="POST">
			<form action="/account/register.php" method="POST" enctype="multipart/form-data">	
				<div class="one_third">
					<label>Email Address: </label>
					<input type="text" id="login_email" name="login_email" spellcheck="false">	
				</div>
				
				<div class="one_third">
					<label>Password: </label>
					<input type="password" id="login_password" name="login_password" spellcheck="false">	
				</div>
				
				<div class="one_third" style="padding-top: 0px;">
					<td><a href="../account/loginprocess.php"<input type="submit" id="login_submit" name="login_submit" style="background: light_blue;" class="button" value="Login to Account">Login to Accounts</a></td>
				</div>
				
				<div class="one_third" style="padding-top: 0px;">
				<td><a href="/account/register.php" id="login_submit" name="login_submit" input type="submit"   style="background: light_blue;" class="button" value="Register">Register</a></td>
				</div>
								
			</form>
		
		</div>
	</div>

	<div id="slider" class="flexslider">
		<ul class="slides">
			<li>
				<img src="/assets/images/blog/pic.jpg" alt="">
				<div class="inner">
					<h2 class="flex-caption" style="bottom: 60px;">Want to send money Quick & Easy?</h2>
					<h3 class="flex-caption" style="bottom: 20px;">Join Us today to see how its done</h3>
				</div>
			</li>
		</ul>
		<script type="text/javascript">
		/* <![CDATA[ */
			$(window).load(function(){
				$('.flexslider').flexslider({
					//smoothHeight: true,
					controlNav: false,
					animation: "slide",
					start: function(slider){
						$('body').removeClass('loading');
					}	
				});
			});
		/* ]]> */
		</script>
	</div>
	<div id="content">
		<div class="container inner">
			<div class="one_third">
				<i class="icon-time large left"></i>
				<div class="column">
					<h2>Easy & Secure</h2>
					<p>Our Payment System is User friendly and Most Secure to ensure your identity and money is secure .</p>
					<a href="#" class="button large">Read More</a>
					
				</div>
			</div>
			<div class="one_third">
				<i class="icon-magic large left"></i>
				<div class="column">
					<h2>Fast</h2>
					<p>Sending and Receiving money is fast and almost instant and covered almost everywhere around the globe.</p>
					<a href="#" class="button large">Read More</a>
				</div>
			</div>
			<div class="one_third">
				<i class="icon-bar-chart large left"></i>
				<div class="column">
					<h2>Grow Your Business</h2>
					<p>With Our Payment Solution you can make your business income increase rapidly using our tools .</p>
					<a href="#" class="button large">Read More</a>
				</div>
			</div>
		</div>
		<div class="separated">
			<div class="inner">
		
				<div class="container">
					<div class="highlight">
						<h2>Solutions that you need</h2>
						<p>With <strong>TugaPay</strong> Your business will only grow and your profits will only maximize very rapidly and make your business a success . Other payment solutions can be difficult to understand and register for, but our payment solutions are one of the best out there. </p>
						<p>So why not try it Today?</p>
					</div>
				</div>
			</div>
		</div>
	</div>
<?php include 'footer.php'; ?>

Thanks for your help 

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.