Untitled

<?php
$player_name = $_GET['name'];
$player_password = $_GET['qbt'];
$defaultAttack = "0";
$defaultLevel = "1";
$room = $_GET['room'];


$servername = "localhost";
$username = "mikeb";
$password = "ceftisunti62";
$dbname = "my_mikeb";

// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
    die("Connection failed: " . mysqli_connect_error());
}


$q = "SELECT * FROM registered_players WHERE name LIKE '" .$player_name. "' AND password LIKE '" .$player_password. "'";

$result = mysqli_query($conn,$q);
if($result->num_rows<1){
$q = "INSERT INTO registered_players ( name , password) VALUES ('". $player_name . "', '" .$player_password. "')";

    if (mysqli_query($conn,$q)) {
        echo "Player added successfully to playersList";
    } else {
        echo "Error: " . $q . "<br>" . mysqli_error($conn);
    }

    $sql = "INSERT INTO $room (name,attack,level) VALUES ('" . $player_name . "'," . $defaultAttack ."," . $defaultLevel .")";
    if (mysqli_query($conn, $sql)) {
        echo "& succesfully added to matchList";
    } else {
        echo "Error: " . $sql . "<br>" . mysqli_error($conn);
    }


}
else{
    $q = "SELECT * FROM $room WHERE name LIKE '" .$player_name. "' AND password LIKE '" .$player_password. "'";

$result = mysqli_query($conn,$q);
if($result->num_rows>0){
//fare update . else inserire
$qq = "UPDATE players SET attack = '$attack', level = '$level' WHERE name = '$name'";
if (mysqli_query($conn,$qq)) {
        echo "Player overwritten successfully";
    } else {
        echo "Error: " . $qq . "<br>" . mysqli_error($conn);
    }
  }

else{
    $sql = "INSERT INTO $room (name,attack,level) VALUES ('" . $player_name . "'," . $defaultAttack ."," . $defaultLevel .")";
    if (mysqli_query($conn, $sql)) {
        echo "Succesfully added to matchList";
    } else {
        echo "Error: " . $sql . "<br>" . mysqli_error($conn);
    }
  }
}


mysqli_close($conn);

?>