ok i not 100% on these especially user input. ok hre is what i have-
PHP Code:
<?
(!defined('')) ? die : '';
session_start();
(!isset($_SESSION['user_id'])) ? redirect('index.php?mode=login') : '';
$set = (isset($HTTP_GET_VARS['set'])) ? $HTTP_GET_VARS['set'] : '';
$target_userid = (isset($HTTP_GET_VARS['uid'])) ? intval($HTTP_GET_VARS['uid']) : redirect('index.php?mode=members');
$user_id=$_SESSION['user_id'];
$uresult = mysql_query("SELECT * FROM users
WHERE user_id=$user_id");
$user=mysql_fetch_assoc($uresult);
$target = mysql_query("SELECT * FROM users
WHERE user_id = '".$target_userid."'");
$target = mysql_fetch_assoc($target);
if ($target_userid == $_SESSION['user_id'])
{
echo 'You cannot attack yourself';
timed_redirect('index.php?mode=attack&set=no', 2);
die;
}
echo 'Maximum ammount: <b>15</b>
<form action="index.php?mode=attack&uid='.$target_userid.'" method="POST">
Turns: <input type="text" name="turns" size="10" />
<input type="submit" value="Attack" />';
$attack_turns = (isset($HTTP_POST_VARS['turns'])) ? intval($HTTP_POST_VARS['turns']) : '';
if ($user['user_turns'] >= $attack_turns)
{
if ($attack_turns > 0 && $attack_turns <= 15)
{
if ($user['user_attack_rating'] > $target['user_defence_rating'])
{
$spoils = round(((4.3 * $target['user_gold']) * $user_turns));
echo'!!! '.$user['user_turns'].'<br>';
echo'!!'.$attack_turns.'<br>';
echo '!!'.$user_turn.'<br>';
$user_result = mysql_query("UPDATE users
SET user_gold = '".$user_gold+$spoils."',user_turns='".$user_turns-$attack_turns."'
WHERE user_id = '".$_SESSION['user_id']."'");
$target_result = mysql_query("UPDATE users
SET user_gold = '".$target_gold-$spoils."'
WHERE user_id = '".$target_userid."'");
//the aboe user_result and target_result, they not working. not sure if i have set up variables correctly.
$victory = true;
$outcome = 'Victory';
echo "Your troops demolish $target' s army, victory is yours" ;
echo '<br>You have gained:<br><b>'.$spoils.' Gold</b><br><b></b>';
} else {
$victory = false;
$outcome = 'Defeat';
echo '!! '.$target.' s army beats back your army in a humiliating defeat!' ;
$user_resultd = mysql_query("UPDATE users
SET user_turns='".$user_turn-$attack_turns."'
WHERE user_id = '".$_SESSION['user_id']."'");
}
$result = mysql_query("INSERT INTO `attack_log` VALUES ('".$_SESSION['username']."', '".$target['username']."', '".$user['user_attack_rating']."', '".$target['user_def_rating']."', '".$outcome."', '".$spoils."')");
if ($result)
{
echo 'Attack Log Updated!';
if($user_result)
{
echo'user Stats updated';
timed_redirect('index.php?mode=main', 10);
} else {
echo'user stat update failed';
timed_redirect('index.php?mode=main', 10);
}
if($user_resultd)
{
echo'user Stats updated';
timed_redirect('index.php?mode=main', 10);
} else {
echo'user stat update failed';
timed_redirect('index.php?mode=main', 10);
}
if($target_result)
{
echo'target Stats updated';
timed_redirect('index.php?mode=main', 10);
} else {
echo'target stat update failed';
timed_redirect('index.php?mode=main', 10);
}
}
}
}else{
echo 'You do not have enough turns';
timed_redirect('index.php?mode=attack', 3);
}
?>
i am supposedly getting in $attack_turns from the user. this isdone at the top, is this being done correctly??
You will also see $auser_result and $targe_result, those do not work. what am i doing wrong in them.
Here is a better example of my not being sure on this at all-
PHP Code:
<?
session_start();
(!defined('')) ? die : '';
(!isset($_SESSION['user_id'])) ? redirect('index.php?mode=login') : '';
$set = (isset($HTTP_GET_VARS['set'])) ? $HTTP_GET_VARS['set'] : '';
$aresult = mysql_query("SELECT * FROM armoury
WHERE weapon_type='attack");
$dresult = mysql_query("SELECT * FROM armoury
WHERE weapon_type ='defence");
$result=mysql_query("SELECT * FROM armoury
ORDER BY weapon_type ASC");
echo '<table width="95%" cellpadding="0" cellspacing="0" border="0">
<tr>
<td align="center"><b>Weapon</b></td>
<td align="center"><b>Type</b></td>
<td align="center"><b>Cost</b></td>
<td align="center"><b>Strength</b></td>
</tr>';
while ($armoury = mysql_fetch_array($result))
{
echo '<tr>
<td align="center">'.$armoury['weapon_name'].'</td>
<td align="center">'.$armoury['weapon_type'].'</td>
<td align="center">'.$armoury['weapon_cost'].'</td>
<td align="center">'.$armoury['weapon_strength'].'</td>
<td align="center"> <input type="text" name="quantity" size="4" /></td>
</tr>';
}
$aquantity = (isset($HTTP_POST_VARS['aquantity'])) ? intval($HTTP_POST_VARS['aquantity']) : '';
$dquantity = (isset($HTTP_POST_VARS['dquantity'])) ? intval($HTTP_POST_VARS['dquantity']) : '';
$user = mysql_query("SELECT * FROM users
WHERE user_id = '".$_SESSION['user_id']."'");
$user = mysql_fetch_assoc($user);
If( $aquantity > 0)
{
$cost=($armoury['weapon_cost']*$armoury['aquantity']);
if ($user['user_gold'] >= $cost)
{
$apurchase = mysql_query("INSERT INTO `user_armoury` VALUES ('".$user_id."','".$user_armoury['weapon_name']."','".$user_armoury['weapon_type']."','".$user_armoury['weapon_strength']."','".$user_armoury['weapon_cost']."' '')");
if ($apurchase)
{
$user_attack= mysql_query("UPDATE users
SET user_attack_rating ='".$user_attack_rating+$weapon_strength*$aquantity*$user_army_size."'
WHERE user_id = '".$_SESSION['user_id']."'");
if ($user_attack)
{
echo'attack updated';
}else{
echo'attack failed';
}
$user_gold_update= mysql_query(" UPDATE users
SET user_gold='".$user_gold-$cost."'
WHERE user_id='".$_SESSION['user_id']."'");
if($user_gold_update)
{
echo'gold updated';
}else{
echo'gold failed';
}
echo 'Purchase Successful!';
timed_redirect('index.php?mode=armoury', 5);
}else {
echo 'purchase failed';
}
}else{
echo'not enough gold';
}
}
If( $dquantity > 0)
{
$cost=($armoury['weapon_cost']*$armoury['dquantity']);
if ($user['user_gold'] >= $cost)
{
$dpurchase = mysql_query("INSERT INTO `user_armoury` VALUES ('".$user_id."','".$user_armoury['weapon_name']."','".$user_armoury['weapon_type']."','".$user_armoury['weapon_strength']."','".$user_armoury['weapon_cost']."' '')");
if ($dpurchase)
{
$user_defence= mysql_query("UPDATE users
SET user_defence_rating ='".$user_defence_rating+$weapon_strength*$dquantity*$user_army_size."';
WHERE user_id = '".$_SESSION['user_id']."'");
if ($user_defence)
{
echo'defence updated';
}else{
echo'defence failed';
}
$user_gold_update= mysql_query( "UPDATE users SET user_gold='".$user_gold-$cost."'
WHERE user_id='".$_SESSION['user_id']."'");
if($user_gold_update)
{
echo'gold updated';
}else{
echo'gold failed';
}
echo 'Purchase Successful!';
timed_redirect('index.php?mode=armoury', 5);
}else {
echo 'purchase failed';
}
}else{
echo'not enough gold';
}
}
?>
What happens here is i take details of weaponary frm a table, the user is to then input the quantity of weapon he wants to buy. i aint getting the quantity in correctly. then i must have a button "buy" or smething to perform the calculations, using the quantities entered and updating tables based on those quantities.
I totally lost. You guys have been a massive help t me, you have no idea how much i owe you, these 2 things and i should be able to fly solo lol.
Before you post, read our: 
