deduct from one, add to another

system · October 7, 2014, 8:34pm

I need to deduct an amount from one user and add it to another. A friend wrote this php for me. This code is ignoring the deduction but exicuting the addition even though both lines are technically identical. Thanks for any help you can give.

<?php # incoming url has 3 vars: av1key, amount, av2key # database has 2 fields: avkey, endtime # fault is in the first $sql="INSERT INTO lines (line 23) #Make SQL Connection $con = mysql_connect("host", "user", "password"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("database", $con); # does giver have enough time to give receiver? $data = mysql_query("SELECT * FROM db_table WHERE avkey LIKE'%$_GET[av1key]%'"); while($result = mysql_fetch_array($data)) { $totaltime = $result['endtime'] - time(); #grabs avkey endtime - current unixtime } if ($totaltime >= $_GET[amount]) # is their time greater or equal to amount { # subtract amount from av1key endtime $sql="INSERT INTO db_table (avkey,endtime) VALUES('$_GET[av1key]','$_GET[amount]') ON DUPLICATE KEY UPDATE endtime = endtime - '$_GET[amount]'"; # add amount to av2key endtime $sql="INSERT INTO db_table (avkey,endtime) VALUES('$_GET[av2key]','$_GET[amount]') ON DUPLICATE KEY UPDATE endtime = endtime + '$_GET[amount]'"; # get updated time, send back data for avkey $data = mysql_query("SELECT * FROM db_table WHERE avkey LIKE'%$_GET[av1key]%'"); while($result = mysql_fetch_array($data)) { $newtime = $result['endtime'] - time(); #grabs avkey endtime - current unixtime } $newdecades = floor($newtime / 315360000); $newseconds = $newtime - ($newdecades * 315360000); echo $_GET[av1key] . "," . $newdecades . "," . ($newseconds + time()); } else { echo "You don't have enough time remaining to make transfer."; } # Close SQL Connection if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } mysql_close($con) ?>

benanamen · October 7, 2014, 10:15pm

Two things.

You are using deprecated Mysql code. You need to be using PDO or Mysqli.
For this type of operation you should be using Mysql Transactions

astonecipher · October 7, 2014, 10:23pm

I’m guessing this is something you need done for you as opposed to you need help fixing this?

There are several holes in your friends script. Do you know what type of engine your data tables are using?

oushkul · October 8, 2014, 3:45pm

Do you think you could help with this code? You can e-mail me directly i think now.

astonecipher · October 8, 2014, 3:58pm

I'm guessing this is something you need done for you as opposed to you need help fixing this?

I do believe that his donate button would help…

On a side note, why is it that people think that all coding forums are code writing services? I know I worked long and hard to get where I am and had a lot of learning curves to overcome to learn what I know now. And then come people that think we sit around waiting for a project to jump on to without any statement of what is your time worth.

GarethRoberts · October 8, 2014, 4:03pm

I hope my question doesnt fall under that category

oushkul · October 8, 2014, 4:14pm

@ astonecipher:

I’m under the impression a donate button is for exactly that. To show appreciation for help. Not to pay upfront for code that hasn’t even been agreed upon.
I am also aware of the value of expertise. Although I am not expert in php, I have expertise in other areas and I find your suggestion that I don’t know the value of the expertise of others is unhelpful at the least. I am glad that i didn’t choose to contact you first. Thank you for the time you’ve spent commenting on my post.

astonecipher · October 8, 2014, 4:26pm

The question was NOT directed specifically at you. It was a general commentary that I chose to place in that post based on what I have seen on multiple forums. Think of it as a rant, because that is exactly what it was, you just happen to fit the person that has that type of post.

You asked for help with code, you did not say that you wanted to hire someone to fix it. Or is it that what is discussed is not understood and you know now that you require a professional to correct it? Am I interpreting the post incorrectly?

benanamen · October 8, 2014, 4:31pm

Your code requires a complete re-write so it is outside the scope of helping you fix it. I am available for hire if need be. The “Donate” on the button is really just a title Paypal uses. It is really just an easy way for you to transfer money to us, whether it be an actual donation or payment for services.

For help, I have provided a free download in my signature of a working PDO bump start database to wean people off old mysql.