Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // Separate the logic from the HTML, in general you shouldn't have code which modifes the database in the same
- // file as an HTML page
- // Your database connection info - this will probably be defined somewhere else in you app, not in this file
- const DB_HOST = 'localhost';
- const DB_NAME = '*';
- const DB_USER = '*';
- const DB_PASS = '*';
- // if you don't know what this does, you probably want utf8mb4. For a very old version of MySQL, you want utf8
- const DB_CHARSET = 'utf8mb4';
- // While developing, turn error reporting up to max and make PHP display the error messages
- ini_set('display_errors', '1');
- error_reporting(-1);
- // First validate the request before doing anything else
- // only allow POST requests
- if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
- header('HTTP/1.1 405 Method Not Allowed');
- exit;
- }
- // Check that all the required form fields are defined
- +if (!isset($_POST['user_id'], $_POST['winst'], $_POST['verlies'])) {
- header('HTTP/1.1 400 Bad Request');
- exit;
- }
- try {
- // connect to the database - again this will probably be done somewhere else in your app
- $dsn = sprintf('mysql:host=%s;dbname=%s;charset=%s', DB_HOST, DB_NAME, DB_CHARSET);
- $db = new PDO($dsn, DB_USER, DB_PASS);
- $db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); // turn off emulated prepares
- $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // have PDO throw exceptions when something goes wrong
- // Prepare the query
- $stmt = $db->prepare("
- UPDATE info
- SET resultaten = resultaten + (:winst - :verlies)
- WHERE id = :user_id
- ");
- // all of these values are expected to be integers, so cast them. Anything
- // that's not a valid integer will probably end up being zero.
- $stmt->execute([
- 'user_id' => (int)$_POST['user_id'],
- 'winst' => (int)$_POST['winst'],
- 'verlies' => (int)$_POST['verlies'],
- ]);
- } catch (PDOException $e) {
- // When something goes wrong, log the error and tell the client
- error_log((string)$e);
- header('HTTP/1.1 500 Internal Server Error');
- exit;
- }
- // If we get here everything worked, so redirect to the results page
- header('HTTP/1.1 303 See Other');
- header('Location: http://fluffyme.xyz/code/workspace/CoinInfo/info.php');
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement