<?php
include('header.php');
foreach($_POST as $key => $value) {
	$protectie[$key] = filter($value);
}if(isset($_POST['submit']) && $_POST['type'] == "facebook") {
$num1 = mysql_query("SELECT * FROM `facebook` WHERE `facebook`='{$protectie['url']}'");
$num = mysql_num_rows($num1);
if($num > 0){
$mesaj = "<div class=\"msg\"><div class=\"error\">Facebook Pages has been added before!</div></div>";
}else{
mysql_query("INSERT INTO `facebook` (user, facebook, title, points, cpc) VALUES('{$data->id}', '{$protectie['url']}', '{$protectie['title']}', '{$protectie['points']}', '{$protectie['cpc']}') ");
mysql_query("UPDATE `users` SET `coins`=`coins`-'{$_POST['coins']}' WHERE `id`='{$data->id}'");
$mesaj = "<div class=\"msg\"><div class=\"success\">Facebook Pages added successfuly!</div></div>";
}}?>
<div class="block medium right">
			<div class="top"><?if(isset($data->login)) {?>		
					<h1>Add Facebook Pages</h1> 
            </div>
			<div class="content"><? echo $mesaj; ?>
<form method="post">
<fieldset>
	<p>
		<label>Sites</label><br/>
	    <label class="radio"><input type="radio" name="type" value="facebook" checked="checked" />Facebook Pages</label>
	</p>
        <p>
		<label>Link</label> <small class="above">Link</small><br/>
		<input class="text big" type="text" value="http://" name="url" />
	</p>
	<p>
		<label>Title</label> <small class="above">Title</small><br/>
		<input class="text big" type="text" value="" name="title" maxlength="30" />
	</p>
	<p>
		<label>Credit</label>
		<input type="text" class="text big" name="points" value="10">
	</p>
	<p>
		<label>Coins</label>
		<input type="text" class="text big" name="coins" value="10">
	</p>
	<p>
		<label>CPC</label> <br/>
        <select class="styled" name="cpc">
		    <option value="1">1 Coin</option>
			<option value="2">2 Coin</option>
			<option value="3">3 Coin</option>
			<option value="4">4 Coin</option>
			<option value="5">5 Coin</option>
		</select>
	</p>
    <p>
		<input type="submit" class="button gray small" value="Tambah" name="submit" />
	</p>
</fieldset>
</form>
<?}else{?><script>document.location.href='index.php'</script><?}?>	
</div>
</div>		
<?include('footer.php');?>

How to combine line 11 and 12 = line 36 and 40? Thanks in advance.

Can you please add a textual explanation of what you mean with combining them ?

Can you please add a textual explanation of what you mean with combining them ?

1. How to combine between line 11 and 12 to become 1 line mysql_query?
2. How to combine between line 36 and 40 to become 1 line input?

Screenshot: http://3.bp.blogspot.com/-4aspm3-H8_8/Ts_yy3HurEI/AAAAAAAABAg/B0kezNxhDPY/s1600/0.png

*Line 11 and line 36 is for add coins to object(facebook pages). Line 12 and line 40 is for reduce coins from user coins. So, without line 12 and line 40 the object will get coins without reduce user coins. Without line 11 and line 36 user will reduce coin without add coins to the object.

So, to prevent users from cheating I want to combine all the code in above.

OR

For example, when I write on the first input, then the second input will automatically be filled as I wrote in the first input, how to do that?

*First input is line 36, second input is line 40.

If you don't want users to be able to change a value, don't give it to them in a form. Even a hidden input field can be hacked. If filling out the form will always award the user 10 points and 10 coins, for example, then do that in the php or sql code and avoid the form altogether.

Member Avatar for diafol

Agree with madcoder. Don't include any important data like that in a form. Forms can also be spoofed and sent from a user's own machine with altered data and fields. NEVER trust data from a form.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.