hi gang just wondering if you would be able to help me with this php code here. the data ‘$amount’ and ‘$pnts’ comes from a flash file which has been verified to not contain the error.
what this php code is trying to do is check total points on a table in sql and comparing with the points that the user wishes to redeem. If the total points on mySQL is sufficient enough - the points are redeemed and the redeemed points go into a ‘total points redeemed’ table.
if not then the appropriate error message is sent to the swf.
session_start();
$clientN = $_SESSION[‘client’];
$me = $_SESSION[‘name’];
$me2 = $_SESSION[‘name2’];
if (@$_SESSION[‘auth’]!=“yes”)
{
header(“Location: …/personal_account_login.php”);
exit();
}$user=“Myuser”;
$host=“localhost”;
$password=“MYpass”;
$database = “myDatabase”;
$connection = mysql_connect($host,$user,$password)
or die (“couldn’t connect to server”);
$db = mysql_select_db($database,$connection)
or die (“Couldn’t select database”);
$db = mysql_select_db($database,$connection)
or die (“Couldn’t select database”);
$query1 = “SELECT totalpnts FROM patient_totals WHERE clientNumber=’$clientN’”;
$result1 = mysql_query($query1) or die(mysql_error());
while($row1 = mysql_fetch_array($result1)){
extract($row1);
if ($pnts > $totalpnts) {
Print “_root.status=SORRY! You Do Not Have Enough Health Points to Redeem This Item - Please Choose Again!”;
}
else
{
$newtotal= $totalpnts - $pnts;
$queryx = “UPDATE patient_totals SET totalpnts=’$newtotal’ WHERE clientNumber=’$clientN’”;
$resultx = mysql_query($queryx) or die(mysql_error());
$query3 = “INSERT INTO redemption(clientNumber, firstName, lastName, product, amount, pnts)
VALUES(’$clientN’, ‘$me’, ‘$me2’, ‘$item’,’$amount’, ‘$pnts’)”;
$result3= mysql_query($query3)
or DIE(“Unable to redeem your points at this time…please try again later.”);
Print “_root.status=You have successfully redeemed $pnts Points! You will receive an email with your voucher attached within 24hrs. Thank you!”;
}
}
any help would be greatly appreciated - THANKS!
