0

Hello, folks.


I do have another issue here, haha.


My Cancel script is not working, is not returning the tickets back to the database after I cancel them.

I got completely wrong here, some help would be really appreciated.

<?php
session_start();
$tickets = ['tickets'];
//$tickets = $_SESSION['tickets'];
//$id      = $_SESSION['showingID'];

$conn = mysql_connect("localhost", "root", "") or die("cannot connect"); 
mysql_select_db("DamnTheseTickets") or die (mysql_error());

$sql    = "SELECT * from mybookings where username ='$_SESSION[gatekeeper'";
$sql    = "DELETE from mybookings where username = '$_SESSION[gatekeeper]'";
$result = mysql_query ($sql) or die(mysql_error()); 

if($result == FALSE) 
{
    die(mysql_error()); // TO DO: better error handling
	mysql_query("COMMIT");
}
else
{
echo "Your booking has been deleted";
$sql = "UPDATE filmshowings SET maxtickets = maxtickets + $tickets WHERE showingID = $id";
}

?>

Edited by SQLpower: n/a

3
Contributors
9
Replies
10
Views
5 Years
Discussion Span
Last Post by Biiim
0

your lines ten and eleven are wrong. you again have typos. you have some single quotes and brackets missing.

In addition, you have nothing happening between these two lines. In that case, line 10 is useless. insert an (echo $sql) statement after these two lines and see what you are asking your database to process. you'll see your mistake.

Edited by bibiki: n/a

0
"SELECT * from mybookings where username ='$_SESSION[gatekeeper]'"

I am aware of that, anyway, I am having problems getting my head around it. I am deleting everything and I just wanna delete a specific booking. I believe I have to use the Primary Key ID when I am deleting?

0

you still have your select statement wrong.

put echo $sql in your file and you will see what this statement looks like when you send it to your db. then, ask yourself is that what you want to send to the db. you'll see what the problem is here.

1

the problem is the update sql isnt even ran

{
echo "Your booking has been deleted";
$sql = "UPDATE filmshowings SET maxtickets = maxtickets + $tickets WHERE showingID = $id";
-->mysql_query($sql);
}
<?php
session_start();
$tickets = ['tickets'];//??? should be $_SESSION['tickets'] ?

//$tickets = $_SESSION['tickets'];
//$id      = $_SESSION['showingID'];
 
$conn = mysql_connect("localhost", "root", "") or die("cannot connect"); 
mysql_select_db("DamnTheseTickets") or die (mysql_error());
 
$sql    = "SELECT * from mybookings where username ='$_SESSION[gatekeeper]'";//missing ]

$sql    = "DELETE from mybookings where username = '$_SESSION[gatekeeper]'";//this overwrites the previous $sql
$result = mysql_query ($sql) or die(mysql_error()); //this deletes all bookings matching $_SESSION[gatekeeper]
 
if($result == FALSE){
    die(mysql_error()); // TO DO: better error handling
	mysql_query("COMMIT");//this isnt ran, die() ends the script
}else{
	echo "Your booking has been deleted";
	$sql = "UPDATE filmshowings SET maxtickets = maxtickets + $tickets WHERE showingID = $id";
	//this sql isn't run is why it's not updating
}
 
?>

The way i would run a delete page is to specify what you want to delete in POST or GET vars making it certain you have the right thing, $_SESSION can get updated by having another tab open making someone delete or edit something else that they were viewing. May seem minor now but leave it and it'll grow and become harder to fix later on

The only things you should rely for in the session is the ID of the user who is on your site and certain site wide vars that will remain the same where ever they go on the site, such as font-size increase/decrease, link display colour users preferences sort of thing.

somepage.php

<a href='cancelBooking.php?id=<?php echo $bookingID;?>'>Cancel Booking</a>

delete.php

<?php
session_start();

$bookingid = $_GET['id'];
if(ctype_digit($bookingid)){
	$conn = mysql_connect("localhost", "root", "") or die("cannot connect"); 
	mysql_select_db("DamnTheseTickets") or die (mysql_error());
	//assuming $_SESSION['gatekeeper'] is the unique id of a user/customer
	$sql1 = "SELECT * from mybookings WHERE username = '{$_SESSION['gatekeeper']}' AND `bookingid` = {$bookingid}";
	$res1 = mysql_query($sql1);
	if($res1 !== false){
		$bookinginfo = mysql_fetch_assoc($res1);
		$sql2 = "DELETE FROM mybookings WHERE username = '{$_SESSION['gatekeeper']}' AND `bookingid` = {$bookingid}";
		$res2 = mysql_query($sql2);
		if(!$res2){
			die('Delete failed: '.mysql_error()); // TO DO: better error handling
		}else{
			//echo "Your booking has been deleted";
			$sql3 = "UPDATE filmshowings SET maxtickets = maxtickets + {$bookinginfo['numtickets']} WHERE showingID = {$bookinginfo['showingID']}";
			$res3 = mysql_query($sql3);
			if(!$res3){
				//failed to update available tickets
				//mail alert tickets didnt update
			}else{
				//all good
				header('Location: overviewpage.php');
			}
		}
	}else{
		die('error selecting booking'.mysql_error());
	}
}else{
	echo 'invalid id';
}
?>

This makes it certain you are deleting the right booking and he can only delete bookings he has made

Personally the third query isn't ideal either, the available tickets should be worked out on the fly based on the current bookings in the table, that method is liable for max tickets going out of sync with what is actually available. It "shouldnt" go out of sync but its best to always pull from the live data of what is true than set a field to increase/decrease on what it believes it has just done to the actual data

0

Thank you for your explanation but I still have some friggin' errors and the only thing I am recieving is "invalid id"...

So here is mybookings.php

<?php
session_start(0);
error_reporting (E_ALL ^ E_NOTICE);
?>
<html>
<head>
<title>Search Results!</title>
<h1>Search Results</h1>
<link rel='stylesheet' type='text/css' href='css2.css' />
</head>
<body>
<?php



$conn = mysql_connect("localhost", "root", "") or die("cannot connect"); 
mysql_select_db("DamnTheseTickets") or die (mysql_error());


$sql    = "select * from mybookings where username = '$_SESSION[gatekeeper]'";
$result = mysql_query ($sql) or die(mysql_error()); 

if($result === FALSE) 
{
    die(mysql_error()); // TO DO: better error handling
}
 while($row = mysql_fetch_array( $result)) 
 {
 echo "<p>";
 echo "Username   of the user: $row[username]     	 </br> ";
 echo "ID         of the film: $row[id]   	 	 </br> ";
echo "ID         of the film: $row[showingID]   	 </br> ";
 echo "Tickets    of the film: $row[tickets]   	 	 </br> ";
 echo "<a href='cancel.php?id= $row[id]'>Cancel Booking</a>";


 echo "</p>";
 
//$_SESSION['tickets'] = $_POST["tickets"];
//$_SESSION['showingID'] = $_POST['showingID'];
} 
mysql_close($conn);

?>
</body>
</html>

here is the cancel.php which you've done, but i tried to change it according to my db

<?php
session_start();

$bookingid = $_GET['id'];
if(ctype_digit($bookingid))
{
	$conn = mysql_connect("localhost", "yvrachev", "Eer3num6") or die("cannot connect"); 
	mysql_select_db("yvrachev") or die (mysql_error());
	
	//$_SESSION['gatekeeper'] is the unique name of a user/customer

	$sql1 = "SELECT * from mybookings WHERE username = '$_SESSION[gatekeeper]' AND `bookingid` = {$bookingid}";
	$res1 = mysql_query($sql1);
	if($res1 !== false)
	{
		$bookinginfo = mysql_fetch_assoc($res1);
		$sql2 = "DELETE FROM mybookings WHERE username = '$_SESSION[gatekeeper]' AND `bookingid` = {$bookingid}";
		$res2 = mysql_query($sql2);
		if(!$res2)
		{
			die('Delete failed: '.mysql_error()); // TO DO: better error handling
		}
		else{
			//echo "Your booking has been deleted";
			$sql3 = "UPDATE filmshowings SET maxtickets = maxtickets + {$bookinginfo['tickets']} WHERE id = {$bookinginfo['showingID']}";
			$res3 = mysql_query($sql3);
			if(!$res3)
			{
				//failed to update available tickets
				//mail alert tickets didnt update
			}
			else
			{
				//all good
				header('Location: mainpage.php');
			}
		}
	}else
	{
		die('error selecting booking'.mysql_error());
	}
}else{
	echo 'invalid id';
}
?>

My database:

CREATE TABLE mybookings
(
id int NOT NULL AUTO_INCREMENT,
username varchar(255) NOT NULL,
showingID varchar(255 NOT NULL,
tickets varchar(255) NOT NULL
PRIMARY KEY (id)
)

Edited by SQLpower: n/a

1

theres a space after the equals sign
echo "<a href='cancel.php?id= $row[id]'>Cancel Booking</a>";

which would explain
if(ctype_digit($bookingid)){
//...
}else{
echo 'invalid id';
}

0

Actually it does, but I am getting a different error now ^^

Edited by SQLpower: n/a

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.