...

View Full Version : Subtract From and Update mysql database field via php



ayodeleayobami
12-19-2010, 08:05 PM
Hello Peeps,
I am trying to do the following
1. receive input via a form
2. From the submitted variables, check the email in the database table and then pick the number field i want to subtract from
3. subtract the value from the submitted form from the value in the amount field in the database (I want to verify that the submitted value is less than the value in the database field)
4. Update the database with the value of the subtraction...
5. redirect to another page

I have written a script but i'm not sure if it will work.. I need experienced php programmers to please take a look and modify if necessary.. Thank you for your time and kind consideration..
The script is below


<?

$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name=""; // Database name


//Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect to server");
mysql_select_db("$db_name")or die("cannot select DB");

// value sent from form
$Email=$_POST['Email'];
$AmtTransferred=$_POST['AmtTransferred']

// table name
$tbl_name=client;

// retrieve password from table where e-mail = $Email(mark@markydoe.com)
$sql="SELECT account_balance FROM $tbl_name WHERE email='$Email'";
$result=mysql_query($sql);
$val=(int)$_POST['AmtTransferred']
mysql_query("UPDATE client SET account_balance = '$result - $val'
WHERE email='$Email'");

header("Location: Processingpage1.htm");








?>

Fumigator
12-20-2010, 05:16 PM
Make sure you prevent SQL Injections by escaping the data you use in your queries. Use mysql_real_escape_string() for this.

Also you must always check your queries (EVERY SINGLE QUERY EVERY SINGLE TIME) for errors after you call mysql_query(). Something simple like this will do the trick:



$query = "SELECT * FROM mytable";
$result = mysql_query($query);
if (!$result) {
die ("Query Error! Query: $query<br>Error:".mysql_error());
}


And you are missing a step in your SELECT logic. You need to call mysql_query() and then FETCH data out of that query, and then use that data in your UPDATE query. Right now you are trying to use variable $result in your UPDATE query and $result is nothing but a pointer to a resource. You haven't fetched any data yet. Look up mysql_fetch_array() on php.net for more information.

ayodeleayobami
12-22-2010, 02:04 AM
Thank you...
Took your advice and tried this version of the script first

<?

$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name=""; // Database name


//Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect to server");
mysql_select_db("$db_name")or die("cannot select DB");

// value sent from form
$AccName=$_POST['AccName'];
$BrwAccNo=$_POST['BrwAccNo'];
$Email=$_POST['Email'];
$AmtTransferred=$_POST['AmtTransferred']
$BAName=$_POST['BAName'];
$BName=$_POST['BName'];
$RName=$_POST['RName'];
$Swt=$_POST['Swt'];
$BccNumber=$_POST['BccNumber'];
$BLocation=$_POST['BLocation'];

// table name
$tbl_name=client;

// retrieve password from table where e-mail = $Email(mark@phpeasystep.com)
$sql="SELECT account_balance FROM $tbl_name WHERE email='$Email'";
$query=mysql_query($sql);
$result=mysql_fetch_row($query);
$val=$_POST['AmtTransferred'];
$new_val=$result-$val;
mysql_query("UPDATE client SET account_balance = '$new_val' WHERE email='$Email'");

header("Location: Processingpage1.htm");

?>

When i execute this, nothing happens.. No errors and no subtraction either!! Can you please modify this and make it work so i can test?
Thank you in advance

Fumigator
12-22-2010, 03:05 PM
Oh there's something happening, you just can't see it because you aren't checking for errors as I suggested you do.

The reaper
12-22-2010, 06:21 PM
You could put:


die ("Query Error! Query: <br>Error:".mysql_error());


at the end of the update query....as Fumigator suggested.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum