Jump to content

Complete the process only if theres enough of sumthing


cryp7

Recommended Posts

Ok i have a work buy.php script for a sort of RPG online game, but it still allows users to buy stuff even if they dont have enough "points"

[code]
<?php
require ("db_connect.php");
if ($logged_in == 1) {
$username = $_SESSION['username'];
$query = "SELECT * FROM users WHERE username='$username'";
$results = mysql_query($query) or die(mysql_error());
if (mysql_num_rows($results) == 0) {
die("Not logged in, or your session username doesn't exist");
}
while ($row = mysql_fetch_array($results)) {
$points = $row['points'];
}
echo "<font face=\"Arial\"><center>Thank You For Purchasing From The Store<p>
The Item Has Been Added And The Cost Deducted<p>
Please Dont Forget To Come Again<p><a href=\"inventory.php\">Inventory</a></center></font>";
} else {
echo "<font face=\"Arial\"><center>Not Logged In <a href=\"login.php\">Login</a></center></font>";
}

mysql_connect("localhost", "xxxy", "xxx") or die(mysql_error());
mysql_select_db("xxx") or die(mysql_error());

$user = $_SESSION['username'];

$buyid = $_GET['name'];

$item = mysql_query("SELECT item_id, name, description, buy_price, sell_price, img_path FROM items WHERE item_id='$buyid'");
$row2=mysql_fetch_array($item);

$buyprice = $row2['buy_price'];

$subval = $points-$buyprice;

mysql_query("INSERT INTO inventory
(id, username, item_id) VALUES('', '$user', '$buyid')");

mysql_query("UPDATE users SET points = '$subval' WHERE username = '$user'");

mysql_free_result($item);
mysql_close();
?>
[/code]

I was wondering what i could do to fix this and i dont actually have a clue what to do so thxs in advance
Link to comment
Share on other sites

Try replacing the bit at the end with this:

[code]if ($points < $buyprice) {

echo 'You do not have enough points

} else {

$subval = $points-$buyprice;

mysql_query("INSERT INTO inventory
(id, username, item_id) VALUES('', '$user', '$buyid')");

mysql_query("UPDATE users SET points = '$subval' WHERE username = '$user'");

mysql_free_result($item);
mysql_close();

}[/code]

So that would be,

[code]<?php
require ("db_connect.php");
if ($logged_in == 1) {
$username = $_SESSION['username'];
$query = "SELECT * FROM users WHERE username='$username'";
$results = mysql_query($query) or die(mysql_error());
if (mysql_num_rows($results) == 0) {
die("Not logged in, or your session username doesn't exist");
}
while ($row = mysql_fetch_array($results)) {
$points = $row['points'];
}
echo "<font face=\"Arial\"><center>Thank You For Purchasing From The Store<p>
The Item Has Been Added And The Cost Deducted<p>
Please Dont Forget To Come Again<p><a href=\"inventory.php\">Inventory</a></center></font>";
} else {
echo "<font face=\"Arial\"><center>Not Logged In <a href=\"login.php\">Login</a></center></font>";
}

mysql_connect("localhost", "xxxy", "xxx") or die(mysql_error());
mysql_select_db("xxx") or die(mysql_error());

$user = $_SESSION['username'];

$buyid = $_GET['name'];

$item = mysql_query("SELECT item_id, name, description, buy_price, sell_price, img_path FROM items WHERE item_id='$buyid'");
$row2=mysql_fetch_array($item);

$buyprice = $row2['buy_price'];

if ($points < $buyprice) {

echo 'You do not have enough points

} else {

$subval = $points-$buyprice;

mysql_query("INSERT INTO inventory
(id, username, item_id) VALUES('', '$user', '$buyid')");

mysql_query("UPDATE users SET points = '$subval' WHERE username = '$user'");

mysql_free_result($item);
mysql_close();

}

?>[/code]
Link to comment
Share on other sites

cheers that worked thanks alot

but u needed to add a '; thingy somewhere i know it wasnt intentaly thxs alot again
[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]
echo 'You do not have enough points';
[/quote]
Link to comment
Share on other sites

Ah sorry try this:

[code]<?php
require ("db_connect.php");
if ($logged_in == 1) {
$username = $_SESSION['username'];
$query = "SELECT * FROM users WHERE username='$username'";
$results = mysql_query($query) or die(mysql_error());
if (mysql_num_rows($results) == 0) {
die("Not logged in, or your session username doesn't exist");
}
while ($row = mysql_fetch_array($results)) {
$points = $row['points'];
}
echo "<font face=\"Arial\"><center>Thank You For Purchasing From The Store<p>
The Item Has Been Added And The Cost Deducted<p>
Please Dont Forget To Come Again<p><a href=\"inventory.php\">Inventory</a></center></font>";
} else {
echo "<font face=\"Arial\"><center>Not Logged In <a href=\"login.php\">Login</a></center></font>";
}

mysql_connect("localhost", "xxxy", "xxx") or die(mysql_error());
mysql_select_db("xxx") or die(mysql_error());

$user = $_SESSION['username'];

$buyid = $_GET['name'];

$item = mysql_query("SELECT item_id, name, description, buy_price, sell_price, img_path FROM items WHERE item_id='$buyid'");
$row2=mysql_fetch_array($item);

$buyprice = $row2['buy_price'];

if ($points < $buyprice) {

echo 'You do not have enough points';

} else {

$subval = $points-$buyprice;

mysql_query("INSERT INTO inventory
(id, username, item_id) VALUES('', '$user', '$buyid')");

mysql_query("UPDATE users SET points = '$subval' WHERE username = '$user'");

mysql_free_result($item);
mysql_close();

}

?>[/code]
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.