Jump to content
  • Advertisement
Sign in to follow this  
bigfooot

[web] another php problem, sry guys (solved)

This topic is 4621 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

okay guys, ive got another problem. im making a text-based mmorpg and i have a page where users can buy 'fans' for a certain amount of money. here is the script for the form: <? session_start(); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>buy fans</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> </head> <body> <form action="fanscheck2.php" method="post" name="" id=""> fans u want<input name="fansamount" type="text" id="fansamount"></td> <input type="submit" name="Submit" value="Submit"></td> </form> </body> </html> And here is the script to update the data in my database: <?php include 'db.php'; session_start(); echo $_SESSION['userid']; if (isset($_SESSION['userid'])) { $userid=$_SESSION['userid']; $userstatsall="SELECT * from userstats where userid='$userid'"; $userstatsall2=mysql_query($userstatsall) or die("Could not get user stats"); $userstatsall3=mysql_fetch_array($userstatsall2); if(isset($_POST['submit'])) { $fanswanted=$_POST['fansamount']; $fanswanted=strip_tags($fanswanted); $total=$fanswanted*100; if($fanswanted<0) { print "You cannot buy negative fans.."; } else if($userstatsall3['money']<$total) { print "You do not have enough money to buy that many fans."; } else if($userstatsall3['money']>=$total) { $getfans="UPDATE userstats SET money=money-'$total', fans=fans+'$fanswanted', WHERE userid='$userstatsall3[userid]'"; mysql_query($getfans) or die("Could not buy fans"); print "You bought $fanswanted fans. ."; } else { print "there was an error"; } } } else { print "Sorry, not logged in."; } print "test" ?> I get no error messages, but nothing comes up execpt for the user id, which i put to see if it worked and the "test". The data does not get updated in the database. Can anyone see what is wrong? thanks for your help. ps: Part of the script is copied from www.chipmunk-scripts.com's "Kill Monster" open-source game. [Edited by - bigfooot on October 22, 2005 9:56:50 PM]

Share this post


Link to post
Share on other sites
Advertisement
1. Put your source inside source or code tags on gamedev.net
2. Do not call variables things like $userstatsall2 and $userstatsall3
3. Error reporting. Always put

error_reporting(E_ALL);


Everywhere, otherwise important errors won't get reported.

Examine the server's error log files to see the error, if display_errors is off (which it should be in a production environment, but you may have it turned on on your dev server)

Ideally, write an error handler which crashes out loudly and in a verbose manner for any error happening at all (even a E_NOTICE). That's what I do.

4. I'm not sure that die() does what you think it does. Don't use die. Instead use user_error (which will of course invoke your loud and fatal error handler)

5. Always cast things that should be an int into an int, otherwise you might get problems with SQL injection vulnerabilities, for example:


$fanswanted = (int) $_POST['fansamount'];


Cheers

Mark

Share this post


Link to post
Share on other sites
I think you stubmled on an evil IE bug.

If you have a form with only one input and one submit, and you submit teh form by pressing the return key (instead of clicking on the button) then IE will NOT send the key/value pair attached to the button. In your case, it will only send fansamount=something to the server. It will not send submit=Submit. Hence, your script will not update the database (it responds to the submit).

You can easily check it yourself. Change the "post" on your form to "get" and look at the URL.

A fix: add an <input type="hidden" name="submit" value="1" /> to the forms that only have one input.

Share this post


Link to post
Share on other sites
Thanks a lot Sander, that worked..

Now i get the "could not buy fans", but ill try to figure out what is going wrong before asking for help.

thanks also to Markr for your suggestions

Share this post


Link to post
Share on other sites
hi,

I think your problem is, that you have no valid DB Connection
Param in your mysql_query() function...

you have to write:

mysql_query( $hDB, $sSQL ) or die("YOUR ERROR");


Hope this helps,

Marc

PS:

And i think, you don't havt to put $fanswanted in your SQL String in '',
(if it is an int field)

Share this post


Link to post
Share on other sites
thank you marcjulian ,

What do the $hDB, $sSQL variables mean/do/execute?? Did you use it to represent a variable from my script for example $getfans? Or is it used for something else?

alex

Share this post


Link to post
Share on other sites
the db.php looks like this:

<? 
/* Database Information - Required!! */
/* -- Configure the Variables Below --*/
$dbhost = 'localhost';
$dbusername = 'MYUSERNAME';
$dbpasswd = 'MYPASSWORD';
$database_name = 'MYDATABASENAME';

/* Database Stuff, do not modify below this line */

$connection = mysql_pconnect("$dbhost","$dbusername","$dbpasswd")
or die ("Couldn't connect to server.");

$db = mysql_select_db("$database_name", $connection)
or die("Couldn't select database.");
?>

Share this post


Link to post
Share on other sites
I don't see the text "could not buy fans" anywhere in your code... so I have no idea why that is showing up.

On another note (and I hope you don't take this the wrong way), your code is pretty ugly. Now, I myself am the king of ugly code, so i can sympathize.... but if you really want to publish this game at some point in time, I'd highly suggest working on making your code as modular as possible.

Share this post


Link to post
Share on other sites
Quote:
Original post by Cygnus_X
I don't see the text "could not buy fans" anywhere in your code... so I have no idea why that is showing up.

On another note (and I hope you don't take this the wrong way), your code is pretty ugly. Now, I myself am the king of ugly code, so i can sympathize.... but if you really want to publish this game at some point in time, I'd highly suggest working on making your code as modular as possible.


The text "could not buy fans" comes from here:



{
$getfans="UPDATE userstats SET money=money-'$total', fans=fans+'$fanswanted', WHERE userid='$userstatsall3[userid]'";
mysql_query($getfans) or die("Could not buy fans");
print "You bought $fanswanted fans. .";
}



Lol, i know my code is ugly, im still a noob. Do you know of any tutorials/articles to making more modular code?

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

Participate in the game development conversation and more when you create an account on GameDev.net!

Sign me up!