Jump to content
MakeWebGames

Stock Market. Working + Secured

Haunted Dawg

By Haunted Dawg
in Free Modifications

 Share

Recommended Posts

  • Replies 71
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

rulerofzu Newbie

rulerofzu

Posted
Posted

Attached is an updated fixed version of the stocks.php and staff_stocks.php

Fixed security issue by removing PHP_SELF

Cleaned up the code slightly and changed to use the $db class as that is what the class is there for. No point in having the class if you aint gonna use it.

I tested this as far as adding stock and it being displayed and buy/selling etc. Didnt add the cron information but I did check over that code and it looks reasonable.

stocks.zip

Link to comment
Share on other sites
Dominion Newbie

Dominion

Posted
Posted

Only thing i would say is there is no point in having –

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

In staff stocks.php. The class does the “or die(mysql_error()) for you (unless its changed?).

In any case thanks for taking the time to repost, and even update it.

Link to comment
Share on other sites
rulerofzu Newbie

rulerofzu

Posted
Posted

I didnt take that much notice Dom. For any mysql_query , num_rows, fetch_assoc I did a find and replace to turn them into $db->

Wasnt going to put a lot of time into it just got it working and then noticed the PHP_SELF so removed those. But yes you are correct there is no need for or die(mysql_error());

Link to comment
Share on other sites
  • 2 months later...
ChrisRowe Newbie

ChrisRowe

Posted
Posted
Attached is an updated fixed version of the stocks.php and staff_stocks.php

Fixed security issue by removing PHP_SELF

Cleaned up the code slightly and changed to use the $db class as that is what the class is there for. No point in having the class if you aint gonna use it.

I tested this as far as adding stock and it being displayed and buy/selling etc. Didnt add the cron information but I did check over that code and it looks reasonable.

 

 

Just to let you know, your missing a ; on the end of line 114

Link to comment
Share on other sites
  • 3 weeks later...
S.Cosmin Newbie

S.Cosmin

Posted
Posted

After i installed the mod, i got a error.

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

 

On line 109 is just this.

 

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

 

How can i fix that guys? Please...

Link to comment
Share on other sites
sniko Apprentice

sniko

Posted
Posted
After i installed the mod, i got a error.

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

 

On line 109 is just this.

 

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

 

How can i fix that guys? Please...

 

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

 

Try that

Link to comment
Share on other sites
  • 3 weeks later...
morgan1122 Newbie

morgan1122

Posted
Posted (edited)

oh sorry the updated one now the error is Parse error: syntax error, unexpected '}' in /home/morgan95/public_html/stocks.php on line 115

echo 'You do not have enough money for this amount of stocks.';

return;

}

111 $stock_holds = $db->query("SELECT holdingID FROM `stock_holdings` WHERE `holdingUSER` = ".$ir['userid']." AND `holdingSTOCK` = ".$stock['stockID']);

112 if($db->num_rows($stock_holds)) {

113 $db->query("UPDATE `stock_holdings` SET `holdingQTY` = (`holdingQTY` + ".$amnt.") WHERE `holdingUSER` = ".$ir['userid']." AND `holdingSTOCK` = 114".$stock['stockID'])

115 }

116 else {

$db->query("INSERT INTO `stock_holdings` (`holdingUSER`,`holdingSTOCK`,`holdingQTY`) VALUES (".$ir['userid'].",".$stock['stockID'].",".$amnt.")");

}

Edited by morgan1122
Link to comment
Share on other sites
  • 2 weeks later...
  • 2 years later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...