corruptcity || skalman Posted November 4, 2009 Posted November 4, 2009 hi ive got an error with the smarketlog query its somethink to do with the timestamp? but as ive never used timestamps before. IF someone could be so kind to either tell me what im missing or how todo that would be most appreciate it <?php include "globals.php"; $_GET['statid'] = abs((int) $_GET['statid']); $_GET['price'] = abs((int) $_GET['price']); $statid = abs((int) $_GET['statid']); $stat = mysql_real_escape_string ($_GET['stat']); $amount = abs((int) $_GET['amount']); $price = mysql_real_escape_string (abs ((int) $_GET['price'])); if($_GET['price']) { $q=$db->query("SELECT * FROM implants WHERE statid={$_GET['statid']} AND userid=$userid"); if($db->num_rows($q) > 0) { print "Invalid Statid"; } else { $r=$db->fetch_row($q); $db->query("INSERT INTO implant_market (marketid, statid, userid, stat, amount, price) Values ('','{$_GET['statid']}','{$userid}','{$_GET['stattype']}','{$_GET['amount']}','{$_GET['price']}')"); $db->query("DELETE FROM implants WHERE statid='{$_GET['statid']}' and userid='{$userid}'"); $db->query("INSERT INTO smarketlogs (smlid, statid, userid, stat, amount, price, time) VALUES('','{$_GET['statid']}','{$userid}'{$_GET['stattype']}','{$_GET['amount']}', '{$_GET['price']}',unix_timestamp())"); print "Stat added to market."; } } else { $q=$db->query("SELECT * FROM implants WHERE statid={$_GET['statid']} AND userid={$userid}"); if($db->num_rows($q) > 0) { print "Invalid statid ID"; } else { $r=$db->fetch_row($q); print "Adding an item to the Stat market... <form action='statadd.php' method='get'> <input type='hidden' name='ID' value='{$_GET['statid']}' /> Price: <input type='text' name='price' value='0' /> <input type='submit' value='Add' /></form>"; } } $h->endpage(); ?> Quote
seanybob Posted November 4, 2009 Posted November 4, 2009 RE: need some help with this Post the error. However, my best guess is that you got some error with all the extra single quotes you have in there. In a mysql query, you don't have to put numbers in single quotes. I fixed those for you, let me know if it works. <?php include "globals.php"; $_GET['statid'] = abs((int) $_GET['statid']); $_GET['price'] = abs((int) $_GET['price']); $statid = abs((int) $_GET['statid']); $stat = mysql_real_escape_string ($_GET['stat']); $amount = abs((int) $_GET['amount']); $price = mysql_real_escape_string (abs ((int) $_GET['price'])); if($_GET['price']) { $q=$db->query("SELECT * FROM implants WHERE statid={$_GET['statid']} AND userid=$userid"); if($db->num_rows($q) > 0) { print "Invalid Statid"; } else { $r=$db->fetch_row($q); $db->query("INSERT INTO implant_market (marketid, statid, userid, stat, amount, price) Values ('',{$_GET['statid']},$userid,'{$_GET['stattype']}',{$_GET['amount']},{$_GET['price']})"); $db->query("DELETE FROM implants WHERE statid={$_GET['statid']} and userid=$userid"); $db->query("INSERT INTO smarketlogs (smlid, statid, userid, stat, amount, price, time) VALUES('',{$_GET['statid']},$userid,'{$_GET['stattype']}',{$_GET['amount']}, {$_GET['price']},unix_timestamp())"); print "Stat added to market."; } } else { $q=$db->query("SELECT * FROM implants WHERE statid={$_GET['statid']} AND userid=$userid"); if($db->num_rows($q) > 0) { print "Invalid statid ID"; } else { $r=$db->fetch_row($q); print "Adding an item to the Stat market... <form action='statadd.php' method='get'> <input type='hidden' name='ID' value='{$_GET['statid']}' /> Price: <input type='text' name='price' value='0' /> <input type='submit' value='Add' /></form>"; } } $h->endpage(); ?> Quote
corruptcity || skalman Posted November 4, 2009 Author Posted November 4, 2009 when i use my copy of the code i get this error QUERY ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100',unix_timestamp())' at line 1 Query was INSERT INTO smarketlogs (smlid, statid, userid, stat, amount, price, time) VALUES('','0','3'','', '100',unix_timestamp()) but when i tried your QUERY ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '100)' at line 2 Query was INSERT INTO implant_market (marketid, statid, userid, stat, amount, price) Values ('',0,3,'',,100) Quote
seanybob Posted November 4, 2009 Posted November 4, 2009 RE: RE: need some help with this I added this line: if(!$_GET['price']){$_GET['price']=1;} It looks like $_GET['price'] was empty. <?php include "globals.php"; $_GET['statid'] = abs((int) $_GET['statid']); $_GET['price'] = abs((int) $_GET['price']); $statid = abs((int) $_GET['statid']); $stat = mysql_real_escape_string ($_GET['stat']); $amount = abs((int) $_GET['amount']); $price = mysql_real_escape_string (abs ((int) $_GET['price'])); if($_GET['price']) { $q=$db->query("SELECT * FROM implants WHERE statid={$_GET['statid']} AND userid=$userid"); if($db->num_rows($q) > 0) { print "Invalid Statid"; } else { if(!$_GET['price']){$_GET['price']=1;} $r=$db->fetch_row($q); $db->query("INSERT INTO implant_market (marketid, statid, userid, stat, amount, price) Values ('',{$_GET['statid']},$userid,'{$_GET['stattype']}',{$_GET['amount']},{$_GET['price']})"); $db->query("DELETE FROM implants WHERE statid={$_GET['statid']} and userid=$userid"); $db->query("INSERT INTO smarketlogs (smlid, statid, userid, stat, amount, price, time) VALUES('',{$_GET['statid']},$userid,'{$_GET['stattype']}',{$_GET['amount']}, {$_GET['price']},unix_timestamp())"); print "Stat added to market."; } } else { $q=$db->query("SELECT * FROM implants WHERE statid={$_GET['statid']} AND userid=$userid"); if($db->num_rows($q) > 0) { print "Invalid statid ID"; } else { $r=$db->fetch_row($q); print "Adding an item to the Stat market... <form action='statadd.php' method='get'> <input type='hidden' name='ID' value='{$_GET['statid']}' /> Price: <input type='text' name='price' value='0' /> <input type='submit' value='Add' /></form>"; } } $h->endpage(); ?> Quote
fbiss Posted November 4, 2009 Posted November 4, 2009 $_GET['amount'] is empty, there is nothing in the form to set amount also, you have this line $amount = abs((int) $_GET['amount']); And you dont even use $amount in the queries. Either change the query or replace that line with $_GET['amount'] = abs((int) $_GET['amount']); Quote
corruptcity || skalman Posted November 9, 2009 Author Posted November 9, 2009 ok ive sorted thos problems out but no im getting to different problems prob no 1: when the query is run for adding the implant to market the price always says 0 in myadmin no 2:its stopped asking me to enter a price to sell it for $cost was used just to make sure it wasnt the $_GET['price'] buggering up this is the new code <?php include "globals.php"; $_GET['statid'] = abs((int) $_GET['statid']); $_GET['price'] = abs((int) $_GET['price']); $_GET['amount'] = abs((float) $_GET['amount']); $_GET['stat_type'] = abs((int) $_GET['stat_type']); $cost = abs((int) $_GET['price']); if($_GET['statid']) { $implants=$db->query("SELECT * FROM implants WHERE statid='{$_GET['statid']}' and userid=$userid"); if($db->num_rows($implants)==0) { print "Invalid stat ID line 13 "; } else { $s=$db->fetch_row($implants); $db->query("INSERT INTO implant_market (marketid, statid, userid, stat_type, amount, price) VALUES ('','{$s['statid']}',$userid, '{$_GET['stat_type']}', '{$_GET['amount']}', '$cost')"); $db->query("DELETE FROM implants WHERE statid='{$_GET['statid']}' and userid=$userid"); $db->query("INSERT INTO smarketlogs (smlid, statid, userid, stat_type, amount, price, time) VALUES('','{$_GET['statid']}',$userid,'{$_GET['stat_type']}','{$_GET['amount']}', '$cost',unix_timestamp())"); print "Stat added to market."; } } else { $implant=$db->query("SELECT * FROM implants WHERE statid='{$_GET['statid']}' and userid=$userid"); if($db->num_rows($implant)==0) { print "Invalid Stat ID line 33"; } else { $s=$db->fetch_row($implant); print "Adding an item to the item market... <form action='statadd.php?type=$type&amount=$amount&stat_type=$stat_type&statid={$s['statid']}'' method='get'> <input type='hidden' name='ID' value='{$_GET['statid']}' /> Price: <input type='text' name='price' value='100' /> <input type='submit' value='Add' /></form>"; } } $h->endpage(); ?> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.