thank you very much for taking the time to update my code. I noticed where you escaped the username. I didnt even think about that.
I tried the code that you had and made some adjustments.
its as follows:
PHP Code:
<?php
$dbhost = 'mysql3.freehostia.com';
$dbuser = 'vinmar10_net';
$dbpass = 'Master';
$link = mysql_connect($dbhost, $dbuser, $dbpass) or die ('Error connecting to mysql');
$username = mysql_real_escape_string($_POST['entered_username'],$link);
$dbname = 'vinmar10_net';
mysql_select_db($dbname);
if($sql_query = mysql_query("SELECT `extcredits2` FROM `cdb_members` WHERE `username` = '$username'")) {
while($rs = mysql_fetch_array($sql_query)) {
$creditamt = $rs[0] + 1;
}
$sql_query = "UPDATE cdb_members SET extcredits2 +1000 WHERE username = '$username'";
if(mysql_query($sql_query)) {
echo "Credits Purchased Successfully";
}
else {
die("The procedure died while trying to add credits. Following is the error that was generated:\n\r".mysql_error());
}
else {
die("The procedure died while trying to retrieve information from the database. Following is the error that was generated:\n\r".mysql_error());
}
?>
I get another parse error as follows;
PHP Code:
Parse error: parse error, unexpected T_ELSE in /home/www/eternalwolf.com/board/purchase_credits/update.php on line 24
Line 24 is on the second else case that defines the error.
The thing is, when i try to debug and delete them, (both else cases)
i get a parse error for '$' on Line 21. Line 21 would be the closing php tag. "?>" As you can probably tell, im not the greatest in php. but im still learning. I just cant figure this out.
To be more specific, I'll describe what the certain fields and variables are:
extcredits2 is one of 3 different types of credits I have. Currently extcredits2 is my primary. extcredits1 is for a game currency and extcredits3 is for a referral count. (but 1 and 2 are irrelevant in this matter)
entered_username is posted from purchased_credits.html. this includes a form and an input field that requires a user to enter their username. (which is retrieved from the table, 'cdb_members' and the field, 'username' which is a string. I can also use a userid (uid) but i thought it would be more convenient for the user to use their username, instead of looking up their user id number.
you can view the files I have uploaded and view source code.
(FORM)
eternalwolf.com/board/purchase_credits/purchased_credits.html
(PHP FILE TO ACCESS MYSQL)
eternalwolf.com/board/purchase_credits/update.php
Being the novice that I am, I cant seem to find a simple fix for this.
I dont know what im doing wrong.. maybe i should go and purchase a php for dummies lol.
kind regards,
Vince