Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
A simple currency system
#1
I am only giving the currency script, as I assume that you know how to use databases.

Currency Getter
Code:
<?php
include('conn.php');
session_start();
$sql=mysql_query("SELECT * FROM users WHERE username = '$_SESSION[username]'");
$row=mysql_fetch_array($sql);
echo "You have <b>" . $row['money'] . "</b> cash!";
?>

Shop system
Code:
<?php
include('conn.php');
session_start();
$sql=mysql_query("SELECT * FROM users WHERE username = '$_SESSION[username]'");
$row=mysql_fetch_array($sql);
if(isset($_POST['submit'])){
if($row['money'] >= $_POST['price']){
mysql_query("UPDATE users SET money = money-$_POST['price'] WHERE username = '$_SESSION[username]'");
}
else{
echo "You lack sufficient funds";
}
?>
Reply
#2
SANITIZE YOUR QUERIES PLOX
Reply
#3
(10-27-2011, 07:02 PM)noob007 Wrote: SANITIZE YOUR QUERIES PLOX

NO U
I REFUSE TO USE RESULT AS IT MAKES TEH SCRIPT LONGER WHICH TAKES UP MOAR SPACE
Reply
#4
[Image: exploits_of_a_mom.png]
Reply
#5
There is no need to sanitize this code, which uses no inputs.
Reply
#6
Session variables are basically cookies, which can be modified by the client.
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)