-1

I'm new at coding and I'm trying to learn PHP and other languages all by my self. But I'm having an issue in my code, the code that I wrote to change values on a database isn't working at all. Do you guys have any idea?

if(spin($color)){ 
    $wonlast = true;
    $moneypot +=  $current_bet;
    $result_text .= "Winner!<br/>";
    mysqli_query($con, "UPDATE store_players SET `credits` = $moneypot WHERE `id` = 1");
  }else{
    $result_text.= "Loser<br/>";
    $wonlast = false;
    $moneypot -=  $current_bet;
    mysqli_query($con, "UPDATE store_players SET `credits` = $moneypot WHERE `id` = 1");
  }
EsTaNG
  • 1

2 Answers2

0

You're trying to learn programming on your own? Fine, I'll bite. First rule of programming, handle your output correctly. Never, ever think a query will magically always works. It returns a value for a reason.

if(spin($color)){ 
  $wonlast = true;
  $moneypot +=  $current_bet;
  $result_text .= "Winner!<br/>";
}else{
  $result_text.= "Loser<br/>";
  $wonlast = false;
  $moneypot -=  $current_bet;
}

if(($result = mysqli_query($con, "UPDATE store_players SET `credits` = $moneypot WHERE `id` = 1") !== null){
  echo 'success';
} else {
  die(mysqli_error($con));
}

And before you blindly copy paste, you have an error in your syntax, its:

"UPDATE store_players SET `credits` = '$moneypot' WHERE `id` = 1"
Xorifelse
  • 7,878
  • 1
  • 27
  • 38
  • Tank you for warning me of what is going on and now I'm going to search to fix the issue. – EsTaNG Feb 19 '17 at 01:47
  • And this does not account to query's only. Any function can return a value, it does so for a reason. Always check it unless you're really, really certain. – Xorifelse Feb 19 '17 at 01:49
  • 1
    if $moneypot is numeric then you do not need quotes. It would be better to call settype to make sure that $moneypot is an int or float if there is any chance it could not be. – Theo Feb 19 '17 at 01:51
  • 1
    mysqli_query will return false if the query fails, so you just need to check this, and you should do using === or !== – Theo Feb 19 '17 at 01:52
  • @TheoTonge You are correct, but in all fairness it should be a habit to quote values. Don't expect MySQL to quote it for you, other database drivers don't. – Xorifelse Feb 19 '17 at 01:56
  • @Xorifelse I think its actually bad practice for numeric types, it prevents mysql from using indexes properly and when setting floats you can run into problems. See http://stackoverflow.com/questions/6781976/mysql-quote-numbers-or-not – Theo Feb 19 '17 at 01:59
  • @TheoTonge After the "double" check, `mysqli_query()` returns either false or a value, so `!==` or `===` is obsolete. While I'm not sure about floats, PDO either handles them as a string, boolean or integer. So a float is considered a string and thus a quoted value. – Xorifelse Feb 19 '17 at 02:01
0

You need to use single quotes in proper place:

$myConnection= mysqli_connect("$db_host","$db_username","$db_pass") or die ("could not connect to mysql"); 

mysqli_select_db($myConnection, "xxx") or die ("no database");
$sql = "UPDATE store_players SET credits = '$moneypot' WHERE id = 1";

mysqli_query($myConnection, $sql)
Roman
  • 19,236
  • 15
  • 93
  • 97