Bank Problem [SOLVED]

[62896dude]

Hi there everyone!

I am currently having an issue with the bank system that I created. Whenever I try to withdraw money from it, the page goes through successfully with no obvious syntactical errors, but I never actually withdraw any money from the bank. Any ideas on why this is?

Here is my withdraw.php:

Code: Select all

<html>
<head>
<title>Withdraw</title>
</head>
<body>
<?php
include_once 'connect.php';
 session_start();
   include_once 'logo.php';
   ?>
     <link href="style.css" rel="stylesheet" type="text/css" />
<?php
if (isset($_SESSION['player']))
{
  $player=$_SESSION['player'];
}
else
{
  echo "Not Logged in <br><br> <A href='home.php'>Login</a>";
  exit;
}
$playerinfo="SELECT * from players where name='$player'";
$playerinfo2=mysql_query($playerinfo) or die("Could not get player stats!");
$playerinfo3=mysql_fetch_array($playerinfo2);
include_once 'statpanel.php';
include_once 'logo.php';
?>
<?php
echo "<br><br><br><br><br><center><i>&quotHow much would you like to take out?&quot</i>";
?>
<script language="JavaScript">
function onlyNumbers(evt)
{
	var e = event || evt; // for trans-browser compatibility
	var charCode = e.which || e.keyCode;

	if (charCode > 31 && (charCode < 48 || charCode > 57))
		return false;

	return true;

}
</script>
<br><br><form name="message" action="withdrawck.php" method="post">
Galleons: <input type="text" onkeypress="return onlyNumbers();" name="galleons" /><br>
Sickles: <input type="text" onkeypress="return onlyNumbers();" name="sickles" /><br>
Knuts: <input type="text" onkeypress="return onlyNumbers();" name="knuts" /><br><br>
<input type="submit" value="Withdraw" />
</form>
</body>
</html>

And here is my withdrawck.php (which checks the withdraw.php):

Code: Select all

<html>
<head>
<title>Withdraw</title>
</head>
<body>
<?php
include_once 'connect.php';
session_start();

include_once 'logo.php';
?>
 <link href="style.css" rel="stylesheet" type="text/css" />
<div id="login2" div align="center">


<?php
if (isset($_SESSION['player']))
{
  $player=$_SESSION['player'];
}
else
{
  echo "Not Logged in <br><br> <A href='login.php'>Login</a>";
  exit;
}
?>
</div>

<?php
$playerinfo="SELECT * from players where name='$player'";
$playerinfo2=mysql_query($playerinfo) or die("could not get player stats!");
$playerinfo3=mysql_fetch_array($playerinfo2);
$pid=$playerinfo3['id'];
include_once 'statpanel.php';
 ?>
<?php

if(isset($_POST['submit'])){
$galleons=$_POST['galleons'];
$sickles=$_POST['sickles'];
$knuts=$_POST['knuts'];
}

$moneyinfo="SELECT * from playermoney where pid='$pid'";
$moneyinfo2=mysql_query($moneyinfo) or die("Could not get playermoney stats!");
$moneyinfo3=mysql_fetch_array($moneyinfo2);
$bgalleons=$moneyinfo3['bgalleons'];
$pgalleons=$playerinfo3['galleons'];
$bsickles=$moneyinfo3['bsickles'];
$psickles=$playerinfo3['sickles'];
$bknuts=$moneyinfo3['bknuts'];
$pknuts=$playerinfo3['knuts'];

$ck_pgalleons = "SELECT galleons FROM players WHERE pid = '".$pid."'";
$ck_bgalleons = "SELECT bgalleons FROM playermoney WHERE pid = '".$pid."'";
$ck_psickles = "SELECT sickles FROM players WHERE pid = '".$pid."'";
$ck_bsickles = "SELECT bsickles FROM playermoney WHERE pid = '".$pid."'";
$ck_pknuts = "SELECT knuts FROM players WHERE pid = '".$pid."'";
$ck_bknuts = "SELECT bknuts FROM playermoney WHERE pid = '".$pid."'";

if( mysql_num_rows( mysql_query( $ck_bgalleons ) ) < $galleons ){
die("There are not enough galleons in your account. Please go back and try again.<br>
<form name=\"back\" action=\"withdraw.php\"
method=\"post\">
<input type=\"submit\" value=\"Try Again\">
</form>
");
}
elseif( mysql_num_rows( mysql_query( $ck_bsickles ) ) < $sickles ){
die("There are not enough sickles in your account. Please go back and try again.<br>
<form name=\"back\" action=\"withdraw.php\"
method=\"post\">
<input type=\"submit\" value=\"Try Again\">
</form>
");
}
if( mysql_num_rows( mysql_query( $ck_bknuts ) ) < $knuts ){
die("There are not enough knuts in your account. Please go back and try again.<br>
<form name=\"back\" action=\"withdraw.php\"
method=\"post\">
<input type=\"submit\" value=\"Try Again\">
</form>
");
}

$updatebgalleons="UPDATE playermoney SET bgalleons= '$bgalleons' - '$galleons' WHERE pid='$pid'";
  mysql_query($updatebgalleons) or die("Could not update player's galleon status");
$updatepgalleons="UPDATE players SET galleons='$pgalleons' + '$galleons' WHERE name='$player'";
  mysql_query($updatepgalleons) or die("Could not update player's galleon status");
$updatebsickles="UPDATE playermoney SET bsickles='$bsickles' - '$sickles' WHERE pid='$pid'";
  mysql_query($updatebsickles) or die("Could not update player's sickle status");
$updatepsickles="UPDATE players SET sickles='$psickles' + '$sickles' WHERE name='$player'";
  mysql_query($updatepsickles) or die("Could not update player's sickle status");
$updatebknuts="UPDATE playermoney SET bknuts='$bknuts' - '$knuts' WHERE pid='$pid'";
  mysql_query($updatebknuts) or die("Could not update player's knut status");
$updatepknuts="UPDATE players SET knuts='$pknuts' + '$knuts' WHERE name='$player'";
  mysql_query($updatepknuts) or die("Could not update player's knut status");  
echo "<br><br><br><br><br>";
echo "<center>";
echo "<a href='withdraw.php'>Withdraw more</a>";
echo "<br><br><a href='index.php'>Go back to Diagon Alley</a>";
echo "</center>";

?>
</body>
</html>

Thanks everyone!

[Xaleph]

Add this to the top:

error_reporting(E_ALL);
ini_set("display_errors", true);

[Callan S.]

Code: Select all

'$bgalleons' - '$galleons'

I'm not sure about actually doing math inside a mysql call. I've never experimented with it, but I do all my math outside of it and just feed the end result variable into my mysql call.

[Jackolantern]

It can be done, but usually isn't worth it. And it often isn't done the way that most developers think it would be (it often doesn't work like PHP math). Unless there is some crucial reason why it can't be done in the PHP code, do it there. And the reasons why it couldn't be are few and far between.

[Xaleph]

Well, it can be done easily, however you need to give it some integers, and no strings. Which is the case right now.

Anyway, this shows why DEBUGGING is important! Read the topic on error reporting and debugging. It really does help out alot if you start using that. It gives errors and hints as to where the errors should be. Kinda fixes the problem faster then posting it here, waiting for replies ( which usually never are good the first time around).

[62896dude]

Thank you everyone! Each person actually equally contributed to me finding the answer, hahaha

Xaleph - Yes, that works extremely well! I don't know why I wasn't using it before! I had to remove the if (isset['submit']) part from where I define the values entered from the form

Callan - I never even thought of doing it that way - I am definately going to do this from now on, it is much neater and guaranteed to work

Jack - I didn't think so either, and I still don't think it really makes a difference, but I realize that I personally think it is neater that way, so any possible errors can be avoided at all costs!

These weren't the only changes I made, this script went through a COMPLETE makeover, but now everything is functional, and I am very happy

Thank you so much everyone!

[Callan S.]

Very good! Edit a [Solved] onto the thread title, eh!?

[Jackolantern]

Jack - I didn't think so either, and I still don't think it really makes a difference, but I realize that I personally think it is neater that way, so any possible errors can be avoided at all costs!

You don't want to avoid errors. You want to prevent them By putting the logic into MySQL for the sole purpose of quarantining shady code, all you would be doing is making your code fail silently due to a failed query, which could cause your application to try to chug along without the data it needs to continue properly.

Instead, you want to write the PHP to ensure errors won't drop your application. This means writing checks before using any player-input values, checking the results of functions and queries before assuming they are there, etc. A good bit of programming is writing code to protect the real meat of your application from failing.

Also of importance is structured error handling, something I don't see much of in people's PHP scripts (even from the author's of prominent PHP books). Using these techniques and syntax, you can react to errors raised by the system and have a chance to fix them before the script fails. You can even create your own exceptions (A.K.A errors) that can be triggered during logic errors to better help you debug your code.

Remember, no matter how backwards it seems, errors are one of your best friends while coding

[62896dude]

Remember, no matter how backwards it seems, errors are one of your best friends while coding

So ironic, yet very true!

[Jackolantern]

Remember, no matter how backwards it seems, errors are one of your best friends while coding

So ironic, yet very true!

Imagine how horrific coding would be if computers worked like the human brain, and it tried to interpret what you wanted to do without telling you when you didn't set-up your code right, or if it would feel it knew better and would override what you are trying to do

It is awesome, when you think about it that way, that computers have no intelligence, are rigid and spit out piles of errors the second we do something wrong