fix money value going in minus - php

I have made a game in php in which people can upgrade their things the money would be deducted from their account. But when the money value becomes low, it goes in minus and the things are upgraded. Here is the code:
<?php
session_start();
include_once 'dbconnect.php';
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "dbtest";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if(!isset($_SESSION['user']))
{
header("Location: index.php");
}
?>
</html>
<head>
<body bgcolor="black">
<?php echo "<font color=\"#49fb35\" size=\"5\">Update Firewall Software $300</font><br>"; ?>
<font color="#49fb35" size="5">Upgrade Firewall.exe for $300</font>
</head>
</html>
How to stop the upgrade if the money value is low?

You can use PHP to verify that the value is more than 0, by using:
$query1 = "SELECT * from users WHERE user_id=".$_SESSION['user'];
$result = mysql_query($query1);
while($row = mysql_fetch_array($result)) {
// Get money from column
$money = $row['money'];
}
if($money >= 300) {
$query = "UPDATE users SET firewall = firewall + 1, money = money - 300 WHERE user_id=".$_SESSION['user'];
$update = mysqli_query($conn,$query);
} else {
// Prints error
echo 'Money is not enough to upgrade';
}
I'm not sure what variable name you are using, you can change accordingly, hope this helps!

Related

Retrieving value from database and checking it with PHP [duplicate]

This question already has answers here:
Single result from database using mysqli
(6 answers)
Closed 5 months ago.
I am trying to retrieve some value from a column in the database.
The idea is to retrieve the IP of the person, then check their country, after that check the database if the country is blacklisted or not. There seems to be something wrong in the code, may you please give an advise?
This is the code:
<?php
//Get IP and country name
$ip=$_SERVER['REMOTE_ADDR'];
$details = json_decode(file_get_contents("https://get.geojs.io/v1/ip/country/$ip.json"));
$country=$details->name;
$servername = "localhost";
$username = "My_Username";
$password = "My_password";
$dbname = "Database_name";
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT country_name FROM uni_country";
$result = $conn->query($sql);
if (strpos($result, $country) == true) {
echo $country ." " . "is banned";
} else {
echo "Your country is not banned";
}
$conn->close();
?>
When I run it, it shows "Your country is not banned" - when it should actually say that my country is banned (I added a country to the database to test this).
The issue seems to be with reading the data from the database.
If I do echo $country; --> It actually shows my country, so it is retrieving it correctly (from geojs.io). But the code is not pulling the data from the database and verifying it.
Update:
If I do echo $result; the page returns Error 500.
Update
tried this new code, now it's saying that the country is not in the database, although it is actually there.
<?php
$ip=$_SERVER['REMOTE_ADDR'];
$details = json_decode(file_get_contents("https://get.geojs.io/v1/ip/country/$ip.json"));
$country=$details->name;
$conn = mysqli_connect("localhost", "database", "password", "username");
$query = mysqli_query("SELECT * FROM `uni_country` WHERE country_name = '$country'");
if(mysqli_num_rows($query)>0) {
echo "Country Is in the database";
}
else {
echo "Country is not in the database";
}
?>
After trying for hours, this is the correct code:
<?php
$ip=$_SERVER['REMOTE_ADDR'];
$details = json_decode(file_get_contents("https://get.geojs.io/v1/ip/country/$ip.json"));
$country=$details->name;
// Create connection
$servername = "localhost";
$username = "MyUsername";
$password = "MyPassword";
$database = "MyDatabase";
$conn = new mysqli($servername, $username, $password, $database);
$sql = "SELECT * FROM uni_country WHERE country_name ='$country'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
echo "You country is currently banned.";
}
} else {
echo "Your country is not banned!";
}
?>

Select data from a row in database

I am making a profile page in which I want the user's email to be displayed. I thought this would be quite a simple code that could be achieved using the select function from the database. However, this only works for one string and I cannot seem to figure out why.
This is my original code
session_start();
$_SESSION["user"] = $username;
$_SESSION["pass"] = $password;
$_SESSION["email"] = $email;
$connection = mysqli_connect ("localhost", "root", "", "picshare");
if ($connection ->connect_error) {
die("Connection failed: " . $connection->connect_error);
}else{
$query = mysqli_query($connection, "SELECT email FROM login WHERE username='".$_SESSION["user"]."'");
$field = mysqli_fetch_assoc($query);
if (!$query)
{
die('Error: ' . mysqli_error($con));
}if(mysqli_num_rows($query) > 0){
$field = mysqli_fetch_assoc($query);
}else{
echo "error";
$conn->close();
}}
When I try and echo $field, nothing was echoed
<p class ="right uc"><?php echo($field['email']);?></p>
I retried the code, but instead of using a session, I made a variable
$host = "localhost";
$dbusername = "root";
$dbpassword = "";
$dbname = "picshare";
$user = 'Eniola Olaogun';
$conn = new mysqli ($host, $dbusername, $dbpassword, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}else{
$query = mysqli_query($conn, "SELECT email FROM login WHERE username='".$user."'");
$field = mysqli_fetch_assoc($query);
if (!$query)
{
die('Error: ' . mysqli_error($con));
}if(mysqli_num_rows($query) > 0){
$field = mysqli_fetch_assoc($query);
echo($field['email']);
}else{
echo "error";
$conn->close();
This code displayed the email, and so I proceeded to change the $user variable to another name and the original problem occurred where nothing was echoed.
I went back to the original code and I logged in as Eniola Olaogun and the email was echoed, but as soon as I changed the person I logged in as, no email was echoed.
I am not sure why I am experiencing this problem and some help would be greatly appreciated
$host = "localhost";
$dbusername = "root";
$dbpassword = "";
$dbname = "picshare";
$user = 'Eniola Olaogun';
$conn = new mysqli ($host, $dbusername, $dbpassword, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
else {
$sql = "SELECT email FROM login WHERE username= {$user}";
$result = $conn->query($sql);
if($result->num_rows > 0) {
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
echo($row['email']);
}
else {
echo "error";
$conn->close();
error connecting to mysql database through crazy domains
It sounds like it is a permission issue based on the user you're logging in as.
Test it with a 'root' user password that has global access and then troubleshoot and isolate it from there. I'm betting you will find it then.
Pretty much impossible for me to test this remotely since I don't have your DB schema and user accounts to validate with.

Load MySQL Data into Corresponding PHP Variables

I got this work for me, but I'm sure there's a better way to get this done. But, I've searched many hours without finding the exact answer to what I'm looking to do. Basically getting the variable usrID from the URL, I need to search MySQL for the corresponding information to this user. Later I want to use the different fields on my page (better website) to personalize the experience.
<?php
$servername = "localhost";
$username = "authorized-user";
$password = "secret";
$dbname = "agentDB";
$usrID = "001";
$conn = mysqli_connect($servername, $username, $password, $dbname);
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$sql = "SELECT * FROM agentInfo WHERE usrID = '$usrID'";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0) {
while($row = mysqli_fetch_assoc($result)) {
$Lname = $row["Lname"];
$Fname = $row["Fname"];
$tl = $row["tl"];
}
}
mysqli_close($conn);
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Load MySQL Data into Corresponding PHP Variables</title>
</head>
<body>
here is the body<br>
My name is: <?php echo $Fname; ?> <?php echo $Lname; ?><?php echo $tl; ?>
</body>
</html>
You could create a variable to store a full name and then "tl" on it like this:
$user_info = $Lname . ", " . $Fname . ": " . $tl;
Then:
<?php echo $user_info; ?>
Wherever you need that information.
If you want to minimize the amount of variables being assigned you could wrap it in a function and return the desired data field:
function fetchUserData(userData) {
$conn = mysqli_connect($servername, $username, $password, $dbname);
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$sql = "SELECT * FROM agentInfo WHERE usrID = '$usrID'";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0) {
while($row = mysqli_fetch_assoc($result)) {
$userData = $row[userData];
}
}
return $userData;
}
mysqli_close($conn);
You can the get the specified data like this:
<?php echo fetchUserData("Fname"); ?>

Postback script issues

Ive been really struggling to see the issue with my postback script,
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
//$adscendIp = "xx.xx.xx.xx"; // ip for adsc
//if($_SERVER['REMOTE_ADDR'] != $adscendIp)
//{
//die("Access Denied!");
//}
$campid = $_GET['campid']; // ID number of the campaign credited
$sid = $_GET['sid']; // The SubID that was passed in the campaign link
$rate = $_GET['rate']; // Commission earned (Will be negative if status is revoked)
$status = $_GET['status']; // Status of the lead. 1 for payable, 2 for revoked
$name = $_GET['name']; // Name of the campaign
$ip = $_GET['ip']; // IP address of the user
$cur = $_GET['cur'];
$sb1 = $_GET['sb1'];
if($status == "1")
{
mysqli_query($conn,"UPDATE users SET balance = '.$cur.' WHERE steamid = '.$sd1.'");
}
else
{
die("Revoked Lead!");
}
?>
Ive tried going to the link and putting the correct variables in the url and it seems to work, but when i try it on the offerwall its failing, is there anything you can see wrong with the script.
your all variable i.e campid, sid etc coming from any html form?
then in that form set method post. & then in php code get all parameters with $_POST...
$campid = $_POST['campid'];
$sid = $_POST['sid'];
$rate = $_POST['rate'];

Convert DEC value into hexadecimal in a table column

Actually I guess the question is duplicate, but I didn't understand whats the WRONG with my SQL code. My error is
Notice: Undefined index: CI in
C:\wamp\www\LOCATIONVIEWER\exampleDB.php on line 30.
I need to convert all decimal value of column into hexadecimal value. Help me to do it... :)
Here is my code:
<html>
<head>
<title>test</title>
</head>
<body>
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "locationviewer";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
//CI is a column name of the table
$sql = "SELECT CONV(CI,10,16) FROM locationdata";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "CI: " . $row["CI"]."<br>";
}
} else {
echo "0 results";
}
$conn->close();
?>
</body>
</html>
You should change following code:
$sql = "SELECT CONV(CI,10,16) FROM locationdata";
To
$sql = "SELECT CONV(CI,10,16) AS `CI` FROM locationdata";
this issue happened because php can not see CI index and current index is somthing like CONV(CI,10,16)

Categories