Member Avatar for KingGold171

Hello fellow PHP trained monkeys :D

I am trying to find a way to have a basic CMS management system but to be dynmic on one PHP page only, the most part works for the first time of selecting the username, and then from either add or minus buton.

The error occurs when submitting as it only parses the amount and type, and not the selected username, or current loged in admi session username.

Any ideas how to keep data parsing though the multiple if(isset) ?

~KG171~

<body>
<?php
include('../SQLconfig.php');

$query = "SELECT * FROM players ;";
$result = mysql_query($query);

echo "<table border = ' 0 '>
<tr>
<th>XO Credit Mangement</th>
</tr >";

while($row = mysql_fetch_array($result))
{
echo "<tr>";
$url = "XOCredits.php?username=" . $row['username'];
    echo "<td><a href=" . $url . ">"
    . $row['id'] 
    . " - " 
    . $row['rank'] 
    . " - " 
    . $row['username'] 
    . " - " 
    . $row['credits']
    . "</a></td>";

echo "</tr>";
}
echo "</table>";

?>
<?php
if(isset($_GET['username']))
{
$username = $_GET['username'];
$beforeCredits = $row['credits'];
echo $username . "<a href='XOCredits.php?add'><button>Add Credits</button></a>" . "<a href='XOCredits.php?minus'><button>Minus Credits</button></a>";
}
?>

<?php
if(isset($_GET['add']))
{
$username =  $_POST['username'] ;
echo "<u>" . $username . "</u>" ;
echo "
<form action='XOCredits.php?ac' method='post'>
<input type='text' name='username' value='$username'/>
<p>Add Credits Amount:</p>
<input type='text' name='amount' />
<br />
<input type='submit' name='submit' value='Submit' />
</form>
";
}
?>
<?php
if(isset($_GET['minus']))
{
$username =  $_POST['username'] ;
echo "<u>" . $username . "</u>" ;
echo "
<form action='XOCredits.php?mc' method='post'>   
<p>Take Away Credits Amount:</p>
<input type='text' name='amount' />
<input type='hidden' name='username' value='$username'/>
<br />
<input type='submit' name='submit' value='Submit' />
</form>
";
}
?>
<?php
if(isset($_GET['ac']))
{
$type = "add";
$amount = $_POST['amount'];
$afterCredits = $beforeCredits + $amount ;

$sentFrom = $_SESSION['u_name'];
$sentTo = $_GET['username'];

$query = "INSERT INTO creditlog (from,to,amount,type)
VALUES ('$sentFrom','$sentTo','$afterCredits','$type');";

mysql_query($query) or die (mysql_error());

echo $query;

$credits    = $afterCredits;
$query2 = ("UPDATE players SET credits='$credits' WHERE username='$username'
;")or die(mysql_error());   

mysql_query($query2);

echo $query2;
}
?>

<?php
if(isset($_GET['mc']))
{
$type = "minus";
$amount = $_POST['amount'];
$afterCredits = $beforeCredits - $amount ;

$sentFrom = $_SESSION['u_name'];
$sentTo = $_GET['username'];

$query = "INSERT INTO creditlog (from,to,amount,type)
VALUES ('$sentFrom','$sentTo','$afterCredits','$type');";

mysql_query($query) or die (mysql_error());

echo $query;

$credits    = $afterCredits;
$query2 = ("UPDATE players SET credits='$credits' WHERE username='$username'
;")or die(mysql_error());   

mysql_query($query2);

echo $query2;
}
?>


<br /><a href="index.php"><button>Home</button></a>
</body>
  • 3 Contributors
  • 11 Replies
  • 319 Views
  • 5 Hours Discussion Span
  • Latest Post Latest Post by diafol
Member Avatar for Unimportant

First you want to start a session.
session_start();

Member Avatar for diafol

I'd suggest some separation of the code and the html too. This may look fine to you now, but 2 months down the line, when something doesn't quite work, you'll be scratching your head. If you can put most of the functionality into functions and call those where required it may help.

Keeping a live login requires keeping session data alive from page to page (EVERY page) with, as Unimportant states, a session_start()

Member Avatar for KingGold171

Okay, thank you unimportant and diafol,

the sentFrom is working.

Just the matter of gettig the sentTo to be set as the username selected

  • select username
  • add | minus credits
  • amount (username is lost here onwards)
  • submit
  • do add credits | do minus credits
  • do update player credits field

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''from','to','amount','type'') VALUES ('admin','','10','add')' at line 1

Code updated;

<body>
<?php session_start();

$curUser = $_SESSION['u_name'];

include('../SQLconfig.php');

$query = "SELECT * FROM players ;";
$result = mysql_query($query);

echo "<table border = ' 0 '>";
echo "<tr>";
echo "<p>" . $curUser . "</p>";
echo "<th>XO Credit Mangement</th>";
echo "</tr >";

while($row = mysql_fetch_array($result))
{
echo "<tr>";
$url = "XOCredits.php?username=" . $row['username'];
    echo "<td><a href=" . $url . ">"
    . $row['id'] 
    . " - " 
    . $row['rank'] 
    . " - " 
    . $row['username'] 
    . " - " 
    . $row['credits']
    . "</a></td>";

echo "</tr>";
}
echo "</table>";



if(isset($_GET['username']))
{
$username = $_GET['username'];
$beforeCredits = $row['credits'];
echo $username . "<a href='XOCredits.php?add'><button>Add Credits</button></a>" . "<a href='XOCredits.php?minus'><button>Minus Credits</button></a>";
}



if(isset($_GET['add']))
{
$username =  $_POST['username'] ;
echo "<u>" . $username . "</u>" ;
echo "
<form action='XOCredits.php?ac' method='post'>
<p>Add Credits Amount:</p>
<input type='text' name='amount' />
<br />
<input type='submit' name='submit' value='Submit' />
</form>
";
}



if(isset($_GET['minus']))
{
$username =  $_POST['username'] ;
echo "<u>" . $username . "</u>" ;
echo "
<form action='XOCredits.php?mc' method='post'>   
<p>Take Away Credits Amount:</p>
<input type='text' name='amount' />
<br />
<input type='submit' name='submit' value='Submit' />
</form>
";
}



if(isset($_GET['ac']))
{
$type = "add";
$amount = $_POST['amount'];
$afterCredits = $beforeCredits + $amount ;

$sentFrom = $curUser ;

$sentTo = $_GET['username'];

$query = "INSERT INTO creditlog ('from','to','amount','type'')
VALUES ('$sentFrom','$sentTo','$afterCredits','$type');";

mysql_query($query) or die (mysql_error());

echo $query;

$credits    = $afterCredits;
$query2 = ("UPDATE players SET credits='$credits' WHERE username='$username'
;")or die(mysql_error());   

mysql_query($query2);

echo $query2;
}

if(isset($_GET['mc']))
{
$type = "minus";
$amount = $_POST['amount'];
$afterCredits = $beforeCredits - $amount ;

$sentFrom = $_SESSION['u_name'];
$sentTo = $_GET['username'];

$query = "INSERT INTO creditlog ('from','to','amount','type'')
VALUES ('$sentFrom','$sentTo','$afterCredits','$type');";

mysql_query($query) or die (mysql_error());

echo $query;

$credits    = $afterCredits;
$query2 = ("UPDATE players SET credits='$credits' WHERE username='$username'
;")or die(mysql_error());   

mysql_query($query2);

echo $query2;
}
?>


<br /><a href="index.php"><button>Home</button></a>
</body>
Edited by KingGold171 because: Code updated in orignal post
Member Avatar for diafol

You have an add and a minus form. Why not just have one and enter e.g. 500 or -500?

<?php
    session_start();

    require 'includes/functions.php'; //file containing your functions with DB connection

    if(!isset($_SESSION['admin']))header("Location: index.php"); exit;
    if(!isset($_SESSION['user_id']))header("Location: userlist.php"); exit;
    $user_id = $_SESSION['user_id'];
    list($credit, $username) = getUserDetails($user_id); //this is a function to get user details from the DB
?>

<h3>Change Credit for <?php echo $username;?></h3>
<form action="..." method="post">
    <!-- use the hidden id below to check against the session user id -->
    <input type="hidden" name="user_id" value="<?php echo $user_id;?>" />
    <input type="text" name="credits" value="<?php echo $credits;?>" disabled="disabled" />
    <input type="num" name="modify" min="-500" max="500" value="0" />
    <input type="submit" name="send" value="Modify Credit" />
</form>

Just a suggestion. Loads of ways to do this. You could also have quick add/minus buttons with values either linked via js to the 'modify' number box or as direct submission (php or ajax) to change DB vals and update form.

I'm assuming you have a list of players on a page (with links) [userlist.php], which have something like this:

<a href="modifycredit.php?id=<?php echo $user_id;?>"><?php echo $username;?></a>
Edited by diafol
Member Avatar for KingGold171

Hmmm, Your way would reduce the amount of code lines need to recieve same result and improve performance , but would then require some more scripts to detect if the input amount contains the -<num>

if (amount contains - )
{
$afterCredits = $beforeCredits - <num>;
$type = "minus";
}
else
{
$afterCredits = $beforeCredits + <num>;
$type = "add";
}
Member Avatar for diafol

Why should it? It's the same SQL table right? As long as it's an integer:

UPDATE usercredits SET credits = credits + $modify WHERE user_id = $id

$modif can be -123 or 389 - doesn't matter, should update correctly.

Member Avatar for KingGold171

Diafol, would you like to see the working example of the current code, which partly does what i want to it to, hopefully after seeing i yo can help get it working with currnt design setup.

(I'll PM the details if you wsh to see it)

Updated Scripts:
http://pastebin.com/qyBefFTk

Member Avatar for Unimportant

$query = "INSERT INTO creditlog ('from','to','amount','type'') VALUES ('$sentFrom','$sentTo','$afterCredits','$type');";

'type'' should be 'type'

Member Avatar for KingGold171

'type'' should be 'type'

Fixed,

$query = "INSERT INTO creditlog (from,to,amount,type)
VALUES ('$sentFrom','$sentTo','$afterCredits','$type');";

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'from,to,amount,type) VALUES ('admin','','10','add')' at line 1

Member Avatar for Unimportant

This is only a hypothesis, perhaps '' is not a valid input.

Member Avatar for diafol

from and to are reserved words, so you have to backtick them:

$query = "INSERT INTO creditlog (`from`,`to`,`amount`,`type`) VALUES ('$sentFrom','$sentTo','$afterCredits','$type');";
Edited by diafol
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.