PHP mysql_query problem

tie372

15 Years Ago

I have an RPG programmed in PHP and people do fights against each other. Once someone's health is below 0, experience and rewards are calculated, and then the appropriate entry into the database is updated. The problem is that the sql queries near the end are not executing. People's money is not increasing, nor their experience. I double checked all field names and they are correct. If someone could point something out in my sql syntax, or some other problem with declaring variables/data types that would be appreciated.

Here's the entire code, followed by snippets that are most likely to be problematic.

<?php
session_start();
include "header.html";
include "db.php";
$user=$_SESSION[user];
$sql=mysql_query("SELECT * FROM fights WHERE host='$user' OR opponent='$user'");
$row=mysql_fetch_array($sql);
if($row[host]==$user)
{
$foe=$row[opponent];
$i='host';
$u='opponent';
}
if($row[opponent]==$user)
{
$foe=$row[host];
$i='opponent';
$u='host';
}
if(mysql_num_rows($sql)=='0')
{
echo "<script>top.location=\"main.php\"</script>";
$sql=mysql_query("UPDATE accounts SET inbattle='0' WHERE username='$user' OR username='$foe'");
$sql=mysql_query("DELETE FROM fights WHERE host='$user' OR opponent='$user'");
exit();
}

$time=time();
$date=date("y/m/d H:i:s");
$sql=mysql_query("SELECT * FROM accounts WHERE username='$user'");
$arr1=mysql_fetch_array($sql);
$inextlvl=$arr1[level]+1;
$sql=mysql_query("SELECT * FROM experience WHERE level='$arr1[level]'");
$arr1exp=mysql_fetch_array($sql);
$sql=mysql_query("SELECT * FROM experience WHERE level='$inextlvl'");
$arr1exp2=mysql_fetch_array($sql);
$imaxhealth=54+($arr1[fortitude]*7)+$arr1[healthbuff];
$sql=mysql_query("SELECT * FROM accounts WHERE username='$foe'");
$arr2=mysql_fetch_array($sql);
$unextlvl=$arr2[level]+1;
$sql=mysql_query("SELECT * FROM experience WHERE level='$arr2[level]'");
$arr2exp=mysql_fetch_array($sql);
$sql=mysql_query("SELECT * FROM experience WHERE level='$unextlvl'");
$arr2exp2=mysql_fetch_array($sql);
$umaxhealth=54+($arr2[fortitude]*7)+$arr2[healthbuff];

if($arr1[health]<=0 || $arr2[health]<=0)
{

$skip=0;
if($arr1[health]<=0 && $arr2[health]<=0)
{
$itz=$arr1[tanzanite];
$utz=$arr2[tanzanite];
$iexp=$arr1[exp];
$uexp=$arr2[exp];
$ilvl=$arr1[level];
$ulvl=$arr2[level];
$ihp=0;
$uhp=0;
$igroup=$arr1[group];
$ugroup=$arr2[group];
$iskills=$arr1[skills];
$uskills=$arr2[skills];

$sql=mysql_query("INSERT INTO chat (username, message, date, color, rec, grid) VALUES ('Nobody','The fight was a draw.  You\'re all losers!','$date','$arr1[color]','$user','$arr1[location]')");
$sql=mysql_query("INSERT INTO chat (username, message, date, color, rec, grid) VALUES ('Nobody','The fight was a draw.  You\'re all losers!','$date','$arr2[color]','$foe','$arr2[location]')");
//update wins and losses
$skip=1;
$sql=mysql_query("UPDATE accounts SET lastheal='$time' WHERE username='$user' OR username='$foe'");
}

///////////////////////////////////////////////////////////////

if($arr1[health]<=0 && $arr2[health]>0 && $skip=='0')
{
//not gonna get any of this sh*t!
$iexp=$arr1[exp];
$ilvl=$arr1[level];
$ihp=0;
$igroup=$arr1[group];
$iskills=$arr1[skills];
$itzgain=floor(10/rand(10,14));
$itz=$arr1[tanzanite]+$itzgain; //might get some of that if you're lucky...


//now that the user's got his stuff, give the foe his rewards...
$uexpgain=ceil(($row[$u . damage]/$umaxhealth)*5);
$uexp=$arr2[exp]+$uexpgain;
$utzgain=round(10/rand(2.25,10));
$utz=$arr2[tanzanite]+$utzgain;
$uhp=$arr2[health];

if($uexp>=$arr2exp[expfornxtlvl])
{
$uskills=$arr2[skills]+1;
$ulvl=$arr2[level]+1;
if($arr2exp2[group]!=='$arr2[group]')
{
$ugroup=$arr2exp2[group];
$uskills=$uskills+4;
}
}
else
{
$ugroup=$arr2[group];
$ulvl=$arr2[level];
$uskills=$arr2[skills];
}

$sql=mysql_query("INSERT INTO chat (username, message, date, color, rec, grid) VALUES ('Nobody','The fight was lost.  You received 0 experience and $itzgain tanzanite.','$date','$arr1[color]','$user','$arr1[location]')");
$sql=mysql_query("INSERT INTO chat (username, message, date, color, rec, grid) VALUES ('Nobody','The fight was won.  You received $uexpgain experience and $utzgain tanzanite.','$date','$arr2[color]','$foe','$arr2[location]')");

$skip=1;
$sql=mysql_query("UPDATE accounts SET lastheal='$time' WHERE username='$user'");
}

/////////////////////////////////////////////////////////////////

if($arr2[health]<=0 && $arr1[health]>0 && $skip=='0')
{
//not gonna get any of this sh*t!
$uexp=$arr2[exp];
$ulvl=$arr2[level];
$uhp=0;
$ugroup=$arr2[group];
$uskills=$arr2[skills];
$utzgain=floor(10/rand(10,14));
$utz=$arr2[tanzanite]+$utzgain; //might get some of that if you're lucky...


//now that the foe's got his stuff, give the user his rewards...
$iexpgain=ceil(($row[$i . damage]/$imaxhealth)*5);
$iexp=$arr1[exp]+$iexpgain;
$itz=$arr1[tanzanite]+round(10/rand(2.25,10));
$ihp=$arr1[health];

if($iexp>=$arr1exp[expfornxtlvl])
{
$iskills=$arr1[skills]+1;
$ilvl=$arr1[level]+1;
if($arr1exp2[group]!=='$arr1[group]')
{
$igroup=$arr1exp2[group];
$iskills=$iskills+4;
}
}
else
{
$igroup=$arr1[group];
$ilvl=$arr1[level];
$iskills=$arr1[skills];
}

$sql=mysql_query("INSERT INTO chat (username, message, date, color, rec, grid) VALUES ('Nobody','The fight was lost.  You received 0 experience and $utzgain tanzanite.','$date','$arr2[color]','$foe','$arr2[location]')");
$sql=mysql_query("INSERT INTO chat (username, message, date, color, rec, grid) VALUES ('Nobody','The fight was won.  You received $iexpgain experience and $itzgain tanzanite.','$date','$arr1[color]','$user','$arr1[location]')");

$skip=1;
}
$sql=mysql_query("UPDATE accounts SET lastheal='$time' WHERE username='$foe'");
$sql=mysql_query("UPDATE accounts SET inbattle='0', exp='$iexp', tanzanite='$itz', level='$ilvl', health='$ihp', group='$igroup', skills='$iskills' WHERE username='$user'");
$sql=mysql_query("UPDATE accounts SET inbattle='0', exp='$uexp', tanzanite='$utz', level='$ulvl', health='$uhp', group='$ugroup', skills='$uskills' WHERE username='$foe'");
$sql=mysql_query("DELETE FROM fights WHERE host='$user' OR host='$foe'");
echo "<script>window.location=\"world.php\"</script>";
}
else
{
echo "<script>window.location=\"fight.php\"</script>";
}
?>

Here are the important part(s).

//Bad SQL query
$sql=mysql_query("UPDATE accounts SET lastheal='$time' WHERE username='$foe'");
$sql=mysql_query("UPDATE accounts SET inbattle='0', exp='$iexp', tanzanite='$itz', level='$ilvl', health='$ihp', group='$igroup', skills='$iskills' WHERE username='$user'");
$sql=mysql_query("UPDATE accounts SET inbattle='0', exp='$uexp', tanzanite='$utz', level='$ulvl', health='$uhp', group='$ugroup', skills='$uskills' WHERE username='$foe'");

Thanks in advance, this has been driving me crazy. I have also tried sticking the bad sql query in the three main code blocks (after $skip=1;), and that did not work either.

php

1 Contributor
0 Replies
52 Views

Be the first to reply

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.