[HELP] Coins Page

09/21/2012 20:52 KillHumans#1

If user come from:

Quote:

[Only registered and activated users can see links. Click Here To Register...]

Page add:
$sql = mysql_query("UPDATE account.account SET coins = coins + 50 WHERE id='".$_SESSION['user_id']."'")

Coins in database.

If user comes from another page, page give error:
Error, you don't pay for that.

I need that in php.

Someone can help me?

Thank you.

09/21/2012 21:19 fortiZ1337#2

I don't like php, so I dont want to answer to the mainquestion,..
nevertheless I'll say.... be careful with that query.

Injection inc!

[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]

Maybe this could help you.

09/21/2012 21:24 KillHumans#3

First i need the code, after my teacher protect the file! :)

Thank you for your reply.

09/22/2012 21:00 MrSm!th#4

#moved

09/26/2012 20:26 RecK#5

You have to check the site from wich your user is came from.
This site you can get with the JavaScript "refferer". It exist a mothod in php like this but i can released only in javascript.

Code:

<script type="text/javascript">
var lastpage = document.referrer;
<script type="text/javascript">

Afterwards you have to check "was the last page like yours?"
You have to take "if and else" to check this.

PHP Code:


			
<script type="text/javascript">

var lastpage = document.referrer;



if (lastpage == "yourSiteAsAString") {

<?php

mysql_query("UPDATE account.account SET `coins` = `coins` + 50 WHERE `id`='".mysql_real_escape_string($_SESSION['user_id'])."'") or die (mysql_error());

?>

var result = "you earned coins";

}

else {

var result = "access denied";

}

<script type="text/javascript">

With document.refferer you'll get the last page in most of the cases.
But sometimes you get an empty string.

09/27/2012 13:29 マルコ#6

Quote:
Originally Posted by RecK
You have to check the site from wich your user is came from.
This site you can get with the JavaScript "refferer". It exist a mothod in php like this but i can released only in javascript.
Code:
<script type="text/javascript">
var lastpage = document.referrer;
<script type="text/javascript">
Afterwards you have to check "was the last page like yours?"
You have to take "if and else" to check this.

PHP Code:

<script type="text/javascript"> var lastpage = document.referrer; if (lastpage == "yourSiteAsAString") { <?php mysql_query("UPDATE account.account SET `coins` = `coins` + 50 WHERE `id`='".mysql_real_escape_string($_SESSION['user_id'])."'") or die (mysql_error()); ?> var result = "you earned coins"; } else { var result = "access denied"; } <script type="text/javascript">

With document.refferer you'll get the last page in most of the cases.
But sometimes you get an empty string.

Are you serious???
You mix server side and client side scripting here! With your script, this query will be executed no matter what page the user came from!
What you have to do is this whole thing in PHP!

PHP Code:


			
if($_SERVER['HTTP_REFERER'] == "yoursiteasstring")

{

  mysql_query("UPDATE account.account SET `coins` = `coins` + 50 WHERE `id`='".mysql_real_escape_string($_SESSION['user_id'])."'") or die (mysql_error()); 

  echo 'U got coins!';

}

else

  echo 'Y U NO come from my fav site?';

Don't forget to initialize the mysql connection with mysql_connect()!