Login

~~Mustachio~~ · (This post was last modified: 10-27-2011, 06:39 PM by Pyro.)

I am only giving the currency script, as I assume that you know how to use databases.

Currency Getter

Code:
<?php

include('conn.php');

session_start();

$sql=mysql_query("SELECT * FROM users WHERE username = '$_SESSION[username]'");

$row=mysql_fetch_array($sql);

echo "You have <b>" . $row['money'] . "</b> cash!";

?>

Shop system

Code:
<?php

include('conn.php');

session_start();

$sql=mysql_query("SELECT * FROM users WHERE username = '$_SESSION[username]'");

$row=mysql_fetch_array($sql);

if(isset($_POST['submit'])){

if($row['money'] >= $_POST['price']){

mysql_query("UPDATE users SET money = money-$_POST['price'] WHERE username = '$_SESSION[username]'");

}

else{

echo "You lack sufficient funds";

}

?>

noob007 · 10-27-2011, 07:02 PM

SANITIZE YOUR QUERIES PLOX

~~Mustachio~~ · 10-27-2011, 07:09 PM

(10-27-2011, 07:02 PM)noob007 Wrote: SANITIZE YOUR QUERIES PLOX

NO U
I REFUSE TO USE RESULT AS IT MAKES TEH SCRIPT LONGER WHICH TAKES UP MOAR SPACE

***Jacob__mybb_import1*** · 10-27-2011, 08:36 PM

~~Mustachio~~ · 10-27-2011, 08:53 PM

There is no need to sanitize this code, which uses no inputs.

noob007 · 10-27-2011, 11:51 PM

Session variables are basically cookies, which can be modified by the client.

Login
Username:
Password:	Lost Password?
	Remember me