Jump to content


Photo

Complete the process only if theres enough of sumthing


  • Please log in to reply
3 replies to this topic

#1 cryp7

cryp7
  • Members
  • PipPip
  • Member
  • 12 posts

Posted 28 March 2006 - 05:44 PM

Ok i have a work buy.php script for a sort of RPG online game, but it still allows users to buy stuff even if they dont have enough "points"

<?php
require ("db_connect.php");
if ($logged_in == 1) {
$username = $_SESSION['username'];
$query = "SELECT * FROM users WHERE username='$username'";
$results = mysql_query($query) or die(mysql_error());
if (mysql_num_rows($results) == 0) {
die("Not logged in, or your session username doesn't exist");
}
while ($row = mysql_fetch_array($results)) {
$points = $row['points'];
}
echo "<font face=\"Arial\"><center>Thank You For Purchasing From The Store<p>
The Item Has Been Added And The Cost Deducted<p>
Please Dont Forget To Come Again<p><a href=\"inventory.php\">Inventory</a></center></font>";
} else {
echo "<font face=\"Arial\"><center>Not Logged In <a href=\"login.php\">Login</a></center></font>";
}

mysql_connect("localhost", "xxxy", "xxx") or die(mysql_error());
mysql_select_db("xxx") or die(mysql_error());

$user = $_SESSION['username'];

$buyid = $_GET['name'];

$item = mysql_query("SELECT item_id, name, description, buy_price, sell_price, img_path FROM items WHERE item_id='$buyid'");
$row2=mysql_fetch_array($item);

$buyprice = $row2['buy_price'];

$subval = $points-$buyprice;

mysql_query("INSERT INTO inventory
(id, username, item_id) VALUES('', '$user', '$buyid')");

mysql_query("UPDATE users SET points = '$subval' WHERE username = '$user'");

mysql_free_result($item);
mysql_close();
?>

I was wondering what i could do to fix this and i dont actually have a clue what to do so thxs in advance

#2 Eddyon

Eddyon
  • Members
  • PipPipPip
  • Advanced Member
  • 30 posts
  • LocationEngland

Posted 28 March 2006 - 05:53 PM

Try replacing the bit at the end with this:

if ($points < $buyprice) {

echo 'You do not have enough points

} else {

$subval = $points-$buyprice;

mysql_query("INSERT INTO inventory
(id, username, item_id) VALUES('', '$user', '$buyid')");

mysql_query("UPDATE users SET points = '$subval' WHERE username = '$user'");

mysql_free_result($item);
mysql_close();

}

So that would be,

<?php
require ("db_connect.php");
if ($logged_in == 1) {
$username = $_SESSION['username'];
$query = "SELECT * FROM users WHERE username='$username'";
$results = mysql_query($query) or die(mysql_error());
if (mysql_num_rows($results) == 0) {
die("Not logged in, or your session username doesn't exist");
}
while ($row = mysql_fetch_array($results)) {
$points = $row['points'];
}
echo "<font face=\"Arial\"><center>Thank You For Purchasing From The Store<p>
The Item Has Been Added And The Cost Deducted<p>
Please Dont Forget To Come Again<p><a href=\"inventory.php\">Inventory</a></center></font>";
} else {
echo "<font face=\"Arial\"><center>Not Logged In <a href=\"login.php\">Login</a></center></font>";
}

mysql_connect("localhost", "xxxy", "xxx") or die(mysql_error());
mysql_select_db("xxx") or die(mysql_error());

$user = $_SESSION['username'];

$buyid = $_GET['name'];

$item = mysql_query("SELECT item_id, name, description, buy_price, sell_price, img_path FROM items WHERE item_id='$buyid'");
$row2=mysql_fetch_array($item);

$buyprice = $row2['buy_price'];

if ($points < $buyprice) {

echo 'You do not have enough points

} else {

$subval = $points-$buyprice;

mysql_query("INSERT INTO inventory
(id, username, item_id) VALUES('', '$user', '$buyid')");

mysql_query("UPDATE users SET points = '$subval' WHERE username = '$user'");

mysql_free_result($item);
mysql_close();

}

?>


#3 cryp7

cryp7
  • Members
  • PipPip
  • Member
  • 12 posts

Posted 28 March 2006 - 05:59 PM

cheers that worked thanks alot

but u needed to add a '; thingy somewhere i know it wasnt intentaly thxs alot again
[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]
echo 'You do not have enough points';
[/quote]

#4 Eddyon

Eddyon
  • Members
  • PipPipPip
  • Advanced Member
  • 30 posts
  • LocationEngland

Posted 28 March 2006 - 06:07 PM

Ah sorry try this:

<?php
require ("db_connect.php");
if ($logged_in == 1) {
$username = $_SESSION['username'];
$query = "SELECT * FROM users WHERE username='$username'";
$results = mysql_query($query) or die(mysql_error());
if (mysql_num_rows($results) == 0) {
die("Not logged in, or your session username doesn't exist");
}
while ($row = mysql_fetch_array($results)) {
$points = $row['points'];
}
echo "<font face=\"Arial\"><center>Thank You For Purchasing From The Store<p>
The Item Has Been Added And The Cost Deducted<p>
Please Dont Forget To Come Again<p><a href=\"inventory.php\">Inventory</a></center></font>";
} else {
echo "<font face=\"Arial\"><center>Not Logged In <a href=\"login.php\">Login</a></center></font>";
}

mysql_connect("localhost", "xxxy", "xxx") or die(mysql_error());
mysql_select_db("xxx") or die(mysql_error());

$user = $_SESSION['username'];

$buyid = $_GET['name'];

$item = mysql_query("SELECT item_id, name, description, buy_price, sell_price, img_path FROM items WHERE item_id='$buyid'");
$row2=mysql_fetch_array($item);

$buyprice = $row2['buy_price'];

if ($points < $buyprice) {

echo 'You do not have enough points';

} else {

$subval = $points-$buyprice;

mysql_query("INSERT INTO inventory
(id, username, item_id) VALUES('', '$user', '$buyid')");

mysql_query("UPDATE users SET points = '$subval' WHERE username = '$user'");

mysql_free_result($item);
mysql_close();

}

?>





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users