User credit system

User credit system
0

#1

Hello am solomon the owner of www.gistaboutschool.com
I created a credit and point system on my forum and i want the credit to be transfer from one user to another here is the code

<?php
require('../incfiles/init.php');


$url = functions::cleaninput($_GET["url"]);

$uquery = mysql_query("SELECT * FROM users");

$userinfo = mysql_fetch_object($uquery);

$user2 = functions::cleanoutput($userinfo->username);


If($user2 == $user)
{
$user3 = "Your";
} else {
$user3 = "$user2's";
}


$sql = mysql_query("SELECT credits FROM users");
$sql = mysql_fetch_array($sql);
$sql = intval($sql['credits']);
$credits = $sql;

$sub = $_POST['sub'];
$subvalue = $_POST['subvalue'];
$user2 = $subvalue;
$user = $_SESSION['user'];
$qquery=mysql_query("SELECT * FROM users");
while($row = mysql_fetch_assoc($qquery))
{
$cname = $row["username"];
$id = $row["userid"];
}

if($sub > $credits){
	$sql = mysql_query("UPDATE users SET credits = (credits - $sub) WHERE username ='$user'");
$ssql = mysql_query("UPDATE users SET credits = (credits + $sub) WHERE username ='$user2'");

$pagetitle = "credits Has Been Transfer Successfully!";
require('../incfiles/head.php');
functions::display_error('credits Has Been Transfer Successfully!');
require('../incfiles/end.php');
}else{
$pagetitle = "InSufficient credits!";
require('../incfiles/head.php');
functions::display_error('InSufficient credits! <a href="javascript:history.go(-1)">Go back</a>');
require('../incfiles/end.php');
die();
}
?>
$sql = mysql_query("UPDATE users SET credits = (credits - $sub) WHERE username ='$user'");
$ssql = mysql_query("UPDATE users SET credits = (credits + $sub) WHERE username ='$user2'");

$pagetitle = "credits Has Been Transfer Successfully!";
require('../incfiles/head.php');
functions::display_error('credits Has Been Transfer Successfully!');
require('../incfiles/end.php');

After i check it and transfer credit and is working
But a later find out that when user did not have insufficient credit and transfer it transfer and add to the receive and add -amount of credit user did not have to his/her account pls any help
Here is my email
[email protected]


#2

I’ve edited your post for readability. When you enter a code block into the forum, remember to precede it with a line of three backticks and follow it with a line of three backticks to make easier to read. See this post to find the backtick on your keyboard. The “preformatted text” tool in the editor (</>) will also add backticks around text.