PHP - Updating Account Balance

hello  I am  a  chemical teacher  in the middle school
I hope  Balancing Chemical Equations  via  PHP
 I google  some thing
perhaps  the  CML( http://en.wikipedia.org/wiki/Chemical_Markup_Language)  may  give me  a hand.
and  this one  the http://shinkirou.org/blog/2010/11/balancing-chemical-equations-with-linear-algebra/  tells  me  using the Linear Algebra is  a  good way
how can I   Balancing Chemical Equations  via  PHP( by  CML )?
is their a  demo  ?
thank you   very much~!

I am using a php web video script which allows Users to purchase videos successfully. The purchases are made from the amount available in the Users’ “wallet” (the User can also earn compensation, which gets added to his “balance”.). When there’s not enough available in the “wallet” for the purchase, the script checks and displays a message “not enough money”. I’d like help adding the ability where the script first checks the “wallet” amount, and if empty will then check the “balance” amount, and use a required amount from the balance, and if both are empty, then the “not enough money” appears. Here’s the portion of the code that I believe needs the modification:

// get cost video
    $db->where('name', 'video_play_price');
    $db_cost = $db->getOne('config');
    $video_cost = (float)$db_cost->value;

    $count_video = count($id_array);
    $user_id = $user->id;
    $wallet = (float)str_replace(',', '', $user->wallet);


	$amout = 0;
	foreach ($id_array as $id) {
            $video_id = (int)PT_Secure($id);

            // get video data
            $video = $db->where('id', $id)->getOne(T_VIDEOS);
			$amout += $video->video_play_price?$video->video_play_price:$video_cost;
	}

//   $amout = $video_cost * $count_video;

    $charge = ( $video_cost *0.50 );



    if ($wallet >= $amout) {

        //$new_wallet = (string)($wallet - $amout);
        $wallet = (string)($wallet - $amout);

        $db->startTransaction();

        $inserted_records = 0;
        foreach ($id_array as $id) {
            $video_id = (int)PT_Secure($id);


		// $uploader_amount = $video_cost - $charge; //100 - 20% = 80

            // get video data
            $video = $db->where('id', $id)->getOne(T_VIDEOS);



			$video_cost_new = $video->video_play_price?$video->video_play_price:$video_cost;

			$uploader_amount = ( $video_cost_new *0.50 );
            // add data to paid table
            $insert_buy = $db->insert('u_paid_videos', [
                'id_user' => $user_id,
                'id_video' => $video_id,
                'session_key' => $_SESSION['session_key'],
                'video_play_price' => (string)$video_cost,
                'video_title' => $video->title,
                'user_id_uploaded' => $video->user_id,
            ]);

            if ($insert_buy) { $inserted_records++; }
            //add wallet users' video
        $userwallet = $db->where('id', $video->user_id)->getOne(T_USERS);


        //$videouserwallet = $userwallet->balance+$video_cost;
        $videouserwallet = $userwallet->balance+$uploader_amount;
        $db->where('id', $video->user_id);
        $update_balance = $db->update(T_USERS, [
          // 'wallet' => $videouserwallet,
            'balance' => number_format($videouserwallet, 1, '.', ''),
        ]);
        }


        $db->where('id', $user_id);
        //$update_wallet = $db->update(T_USERS, [
        $update_wallet = $db->update(T_USERS, [
            'wallet' => $wallet,
        ]);


        if (($inserted_records == $count_video) && $update_wallet) {
            $db->commit();

            echo json_encode([
                'status' => 200
            ]);
            exit();
        } else {
            $db->rollback();

            echo json_encode([
                'status' => 400,
                'error' => 'Buy process error'
            ]);
            exit();
        }

    } else {

        echo json_encode([
            'status' => 400,
            'error_num' => 1,
            'error' => 'Not enough money'
        ]);
        exit();

    }

} else {

    echo json_encode([
        'status' => 400,
        'error' => 'Bad Request, Invalid or missing parameter'
    ]);
    exit();

 

Does anybody have links or scripst on a script where the user has an account with money which decreases as one purchases items.

Regards

Hello,   I designed (not coded) a finance application for windows phone 8.1 and one of the features that would be ideal is to copy your login steps in order to access your bank account automatically. Yes this does not sound safe or sane. How do I convince app users to use it?    Anyway, I want this access. My rationale is that, the login information would be stored locally and if my phone was hacked then what's the loss in my login steps being hacked... they would probably be encrypted anyway but...    The goal is to be able to open up a clone browser (eg. within the app) and then every step that you take, enter url, login credentials, security questions, pages accessed... the clone browser remembers and then later on as part of the app's function, it would automatically update your balances. I mean I suppose you could come up with the formulas, cash advance fees, interest rates, etc... but at the same time this doesn't seem to be a fixed thing... eg. hard to keep track and get the exact cent amount... or maybe I'm just bad at math   Some things in mind bitmapping, key strokes, string search, number search...    Anyway scripting came to mind, not sure if php or python but    Any thoughts? 

I am trying to create a registration form where users put their name, email and password only.   but i want to write an auto generated account number into database table for each user e.g; XY1234567 where XY should not change 1234567 auto generated random number and no duplicates (in numbers only).   example...   XY1234567 XY2345678 XY2233455   i found code

$num_of_ids = 10000; //Number of "ids" to generate.
$i = 0; //Loop counter.
$n = 0; //"id" number piece.
$l = "AAA"; //"id" letter piece.

while ($i <= $num_of_ids) { 
    $id = $l . sprintf("%04d", $n); //Create "id". Sprintf pads the number to make it 4 digits.
    echo $id . "<br>"; //Print out the id.

    if ($n == 9999) { //Once the number reaches 9999, increase the letter by one and reset number to 0.
        $n = 0;
        $l++;
    }

    $i++; $n++; //Letters can be incremented the same as numbers. Adding 1 to "AAA" prints out "AAB".
}

but its not working as i want. Any help please?
Edited by 684425, 27 December 2014 - 12:58 PM.

The below script WILL list one account successfully, but how come this script doesn't list more than one  account when <b>listAccounts()</b> is called?

EXAMPLE OF accounts.txt FILE:
Code: [Select]
username:blah
user526:pass
justinlh:justin


                 function listAccounts()
                {
                    //load all the accounts
                    $accounts = loadAccounts();
                    
                    //display each account in the drop-down box
                    foreach($accounts as $account)
                    {
                       $account_split = explode(':', $account);
                        
                       echo '<option value="'. $account .'">'.$account_split[0].'</option>';
                    }
                }
                
                function loadAccounts()
                {
                    /*  EXAMPLE OF ACCOUNTS.TXT
                     *  http://pastebin.com/zAPH0a4J
                     */
                    
                    $handle = fopen('accounts.txt', 'r');
                    $accounts = fread($handle, filesize('accounts.txt'));
                    fclose($handle);
                    
                    return explode('\n', $accounts);
                }

Does anyone know of a json or php method of authenticating a youtube user without using zend?

Code: [Select]
<?php
$id = NULL;
$username = 'myYouTubeAccount'; 
$url = 'http://gdata.youtube.com/feeds/api/users/%s/uploads?orderby=updated&max-results=8';
$xml = simplexml_load_file(sprintf($url, $username));

foreach ($xml->entry as $entry) :

    $kids = $entry->children('http://search.yahoo.com/mrss/');
    $attributes = $kids->group->content[0]->attributes();
    $flv = $attributes['url'];
    $attributes = $kids->group->player->attributes();
    $link = $attributes['url']; 

    $querystring = parse_url($link,PHP_URL_QUERY);
    parse_str($querystring, $id_temp);
    $id = $id_temp['v'];
?>

<a href="<?=$link?>"> <img src="http://i4.ytimg.com/vi/<?=$id?>/default.jpg"  /> </a>

<?php endforeach; ?>

I really swear that the host I use is like screwing with me hard. Like literally will have something working one night, wake up the next day to my error log full and nothing working anymore. Or, like in this case, have the code working fine, perfectly in fact, to all of the sudden bring up all these errors and shit without changing anything I just can't figure it out.

Point being, I am working on this portal, and on the account page, you can update your info. Which for one field...

$result = queryMysql("SELECT * FROM accounts WHERE user='$user'");
   $row = $result->fetch_assoc();
$set_comp  = $row['company'];

// Check if 'Company' value is set
   if (isset($_POST['company']))
   {
      $company = sanitizeString($_POST['company']);

      if ($_POST['company'] != $set_comp)
      {
         queryMysql("UPDATE accounts SET company='$company' WHERE user='$user'");
      }
         elseif ($set_company == "")
	     {
	        queryMysql("INSERT INTO accounts (company) VALUES('$company') WHERE user='$user'");
		 }
		 elseif (empty($_POST['company']))
		 {
			$company = "";
		 }
            else 
		    {
			   $company = stripslashes($row['company']);
		    }

   }   

And the form...

Quote

<form method='post' action='account.php' enctype='multipart/form-data'>
Company:</th><td><input type='company' size='50' maxlength='40' name='company' value='$company'>
<input type='submit' value='Save Info'>
</form>

 

Now before it inexplicably stopped working, what it was doing and meant to do was display a form, that either had the information that was set, or displayed nothing because nothing was entered, and you could either put something there or change what was already there. Now it keeps telling me:

[22-Oct-2018 06:29:37 UTC] PHP Notice:  Undefined variable: company in /home/iqy0804tq6fq/public_html/portal/account.php on line 262

Also, sanitizeString and queryMysql are my own created functions, they work fine. I tried removing the elseif (empty($_POST['company'])), and just left the last else in, didn't work. It just displays empty columns now. Now also, when I try to update, it feeds me all these errors now my SQL syntax is wrong its LIKE HOW DID THIS CHANGE IN 10 SECONDS!!? I didn't DO anything for my syntax to be any different than when it worked perfectly! It's insanity.

Hi!  Trying to have it send a link to a user's email upon registration, and set it so they can't login until they click the link from their email.  Here's the register script:
<?php
   
include('config.php');
include('dateindex.php');

if($loggedin == '1')
die("You can't register another account while you're logged in.");

if(isset($_POST['submit']))
{

$callname = mysql_real_escape_string($_POST['callname']);
$uname = mysql_real_escape_string($_POST['username']);  
$password = mysql_real_escape_string($_POST['password']);  
$email = mysql_real_escape_string($_POST['email']);  

if((!isset($_POST['username'])) || (!isset($_POST['callname'])) || (!isset($_POST['email'])) || (!isset($_POST['pass'])) || ($uname == '') || ($_POST['pass'] == ''))
die("Please fill out the form completely. <br><br>
<a href=register.php>Continue</a>");

$check = @mysql_query("SELECT id FROM users WHERE username = '$uname'");
$check = @mysql_num_rows($check);

if($check > 0)
die("Sorry, that username has already been taken. Please try again.
<br><br>
<a href=register.php>Continue</a>");

function validateEmailAddress($email) {
return filter_var($email, FILTER_VALIDATE_EMAIL) && preg_match('/@.+\./', $email);
}
if(validateEmailAddress($email) !=1) {
echo "That email address does not exist.<br /><br /><a href=register.php>Continue</a>";
exit();
}

$pass = md5($_POST['pass']);

$date = date("m/d/y");

$a =md5(uniqid(rand(), true));

$newPlayer = @mysql_query("INSERT INTO users (username, password, callname, email, registered, active) VALUES ('$uname', '$pass', '$callname', '$email', '$date', '$a')") or die("Error: ".mysql_error());

if (mysql_affected_rows() == 1) {
$body = "Thank you for registering.  To activate account click this link";

$body .= "http://localhost/testing/mbactivate.php?x=" . mysql_insert_id() . "$y=$a";

mail($_POST['email'], 'Registration Confirmed', $body, 'From:mirrorcat@airpost.net');


echo '<br />You have been registered! A confirmation email has been sent.';

exit();
}
}
else
{

echo '<form action=register.php method=post>
Callname: <input type=text name=callname><br>
Username: <input type=text name=username><br>
Email: <input type=text name=email><br>
Password: <input type=password name=pass><br>
<input type=submit name=submit value=Submit>
</form>';

}

?>



login/index:
<?php

include('config.php');

echo '<center><a href=index.php>Main</a> | <a href=myprofile.php>Profile</a> | <a href=inbox.php>Inbox</a> | <a href=page1.php>To-Do List</a> | <a href=logout.php>Logout</a></center>';

print date('g:i a - l, F jS');

echo '<br /><br />';

?>

<?php

if($loggedin == '0')
{
if(isset($_POST['submit']))
{

// Make sure all forms were filled out.

if((!isset($_POST['username'])) || 
(!isset($_POST['pass'])) 
|| ($_POST['username'] == '') || ($_POST['pass'] == ''))
die("Please fill out the form completely. <br><br>
<a href=index.php>Continue</a>");

// Get user's record from database
$player = @mysql_query("SELECT id, username, password, callname, email, registered, lastlogin FROM users WHERE username = '".$_POST['username']."'");
$player = @mysql_fetch_assoc($player);
mysql_real_escape_string($username);
mysql_real_escape_string($password);

if($player['id'] == false)
die("Sorry, that user is not in our database.<br><br>
<a href=index.php>Back</a>");
else if($player['password'] != md5($_POST['pass']))
die("Wrong password!<br><br>
<a href=index.php>Back</a>");

$_SESSION['id'] = $player['id'];
$_SESSION['username'] = $player['username'];
$_SESSION['password'] = $player['password'];
$_SESSION['callname'] = $player['callname'];
$_SESSION['email'] = $player['email'];

$date = date("m/d/y");

$update = @mysql_query("UPDATE users SET lastlogin = '$date' WHERE id = '".$_SESSION['id']."'");

echo 'You are now logged in!';

}
else
{
echo 'You are not logged in. <br><br>
<form action=index.php method=post>
Username: <input type=text name=username><br>
Password: <input type=password name=pass><br>
<input type=submit name=submit value=Submit>
</form>
Would you like to <a href=register.php>register?</a>';
}
}

else
{
echo 'You are logged in! 
Welcome, '.$_SESSION['callname'].'!';

}

?>

<br /><br />

<b>Activate Account</b><br />

<?php

 

// Validate $_GET['x'] and $_GET['y'].

 

if (isset($_GET['x'])) {

 

$x = (int) $_GET['x'];

 

} else {

 

$x = 0;

 

}

 

if (isset($_GET['y'])) {

 

$y = $_GET['y'];

 

} else {

 

$y = 0;

 

}

 

// If $x and $y aren't correct, redirect the user.

 

if ( ($x > 0) && (strlen($y) == 32)) {

 

$query = "UPDATE users SET active=NULL WHERE (id=$x AND active='" . $y . "') LIMIT 1";

 

$result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error());

 

 

 

// Print a customized message.

 

if (mysql_affected_rows() == 1) {

 

echo "<br><br><h3>Your account is now active. You may now log in.</h3>";

 

} else {

 

echo '<br><br><p><font color="red" size="+1">Your account could not be activated. Please re-check the link or contact the system administrator.</font></p>';

 

}

 

// mysql_close();

 

} else { // Redirect.

 

// Start defining the URL.

 

$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);

 

// Check for a trailing slash.

 

if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {

 

$url = substr ($url, 0, -1); // Chop off the slash.

}

 

// Add the page.

$url .= '/index.php';

 

ob_end_clean(); // Delete the buffer.

 

exit(); 
 

} // End of main IF-ELSE.

?>

My problem is it isn't sending the code to the email specified, even though the random letters that should be sent to the email are stored in the database.  And when I test the url anyway, (x=1&y=activationcode) it returns it as false, that the code doesn't exist even though I can clearly see it in my database!  Can anyone spot any errors?

Hello everyone, here is my problem.

I am working for someone that would like users to be able to create a Trial Account on their website. This trial account is to be used for 24 hours, once the 24 hours is completed they can no longer login/use that account.

Everything about the Trial Account is completed, other then the account timer.

I am at a loss on how to get this part done.

I was thinking that I would use the MySQL commands, GETDATE() and DATEADD(), to get the date and time that the account was created and using the DATEADD() command I would add 24 hours to the GETDATE() value. Then if the user logs into at a date past the DATEADD() value the Users Account type is switched to 3(This means that the account has been disabled) and then is directed to the Logout page, which then redirects him back to the homepage.

After this point, the user can no longer login due to the code preventing any user with an account type of 3 to login.

The problem is that I am unaware how to incorporate the GETDATE() and DATEADD() functions into my PHP code.

Would anyone be able to explain how I can get this done, or suggest a better method of inputting a starting time and ending time for the account?

Thank You for any/all help.

Hi guys,   It's been a while that I have actively contributed to phpfreaks. I had some time consuming matters unfortunately. If it would be possible I would like to have my old account restored or reactivated. The name probably sounds familiar The restore password form doesn't seem to work (as in I receive no mails). My emailaddress hasn't changed. Thanks in advanced!   Cssfreakie   <--- the old one
Edited by cssfreakie2, 13 January 2015 - 01:35 PM.

This code logs the user in with the correct user_email, user_pwd, and active=1.
A '0' is inserted into the active column of the users table during registration.
I need help checking if active=0 then flash_warning('User account not activated').

login_user.php
Code: [Select]
<?php
 include(MODEL_PATH.'user.php');

 switch ($route['view']){

 case "login_user":
if(login($params['user']['user_email'], $params['user']['user_pwd']))
{
flash_notice('You are logged in!');
redirect_to('');
}
else
{
flash_warning('Username or password is invalid!');
$route['view'] = 'login';
}
 break;
}user.php
Code: [Select]
<?php
 session_start();

 function login($username, $password)
 {
db_connect_posts();

$query = sprintf("SELECT * FROM users
WHERE 
user_email = '%s' AND
user_pwd = '%s' AND 
active = '1'"
, mysql_real_escape_string($username),
md5($password)
);

$result = mysql_query($query);

$number_of_posts = mysql_num_rows($result);

if($number_of_posts == 0)
{
return false;
}

$row = mysql_fetch_array($result);

$_SESSION['user'] = $row;

return true;
 }
?>Login form
Code: [Select]
<form action="<?php echo '/'.APP_ROOT.'/'; ?>sessions/login_user" method="post">
 <fieldset>
  <legend>Login</legend>
  <div>
    <label>E-mail</label>
    <input name="user[user_email]" size="40" type="text" />
  </div>
 
  <div>
    <label>Password</label>
    <input name="user[user_pwd]" size="40" type="password" />
  </div>
  <input type="submit" value="Login" />
 </fieldset>
</form>

Hello, I am having a problem with this code. I know it's messy, but it works.

The Problem is that you can register a username more then once, It detects there is already a username of that in the database, but it still inserts it, and then there would be two of the same username.

My Code:
<?php
    if($_SERVER['REQUEST_METHOD'] == 'POST') {
  if($_POST['username'] == "" || $_POST['password1'] == "" || $_POST['password2'] == "" || $_POST['email'] == "" || $_POST['rights'] == "" ||  $_POST['ipaddress'] == "")
  {
    echo '<p class="info" id="warning"><span class="info_inner">You left one or more fields blank.</span></p>';
  }
  else
  {
    $rr = mysql_query('SELECT * FROM users WHERE username=\'' . realEscape($_POST['username']) . '\'') ;
    if(mysql_num_rows($rr) > 0)
    {
    echo '<p class="info" id="error"><span class="info_inner">ERROR: The username is already in use!</span></p>';
    }
    $rrr = mysql_query('SELECT * FROM users WHERE email=\'' . realEscape($_POST['email1']) . '\'') ;
    if(mysql_num_rows($rrr) > 0)
    {
    echo '<p class="info" id="error"><span class="info_inner">ERROR: The email is already in use!</span></p>';
    } else {
      if($_POST['password1'] == $_POST['password2'])
      {
        if(preg_match('/[A-Za-z0-9-\s]{3,13}/i', $_POST['username'], $matches) && strlen($matches[0]) === strlen($_POST['username']))
        {
          if(preg_match('/[a-z0-9]{3,13}/i', $_POST['password1'], $matches) && strlen($matches[0]) === strlen($_POST['password1']))
          {
            if(is_numeric($_POST['rights'])) {
              mysql_query("INSERT INTO users (username, password, rights, ipaddress, email, date) VALUES ('". realEscape($_POST['username']) ."', '". encrypt($_POST['password1']) ."', '". realEscape($_POST['rights']) ."', '". realEscape($_POST['ipaddress']) ."', '". realEscape($_POST['email']) ."', NOW())");
              echo '
              <p class="info" id="info"><span class="info_inner">The account has been created.</p>';
            } else {
              echo '<p class="info" id="error"><span class="info_inner">ERROR: Undefined</span>';
            }
          }
          else
          {
            echo '<p class="info" id="error"><span class="info_inner">ERROR: Invalid password. Your password can only contain Numbers and Letters, and be 3-12 characters in length.</span></p>';
          }
        }
        else
        {
          echo '<p class="info" id="error"><span class="info_inner">ERROR: Invalid username. Your password can only contain Numbers and Letters, and be 3-12 characters in length.</span></p>';
        }
      }
      else
      {
        echo '<p class="info" id="error"><span class="info_inner">ERROR: Passwords do not match.</span></p>';
      }
    }
  }
  }
?>

Hi I am currently making a site where users can upload second hand books for sale, I have everything working as i wish apart from i am having trouble creating a account page where users can review the books they have posted.

so far i use the following code to bring view a the data associated with an uploaded book based on its id

Code: [Select]
  public static function getById( $id ) {
    $conn = new PDO( DB_DSN, DB_USERNAME, DB_PASSWORD );
    $sql = "SELECT * FROM books WHERE id = :id";
    $st = $conn->prepare( $sql );
    $st->bindValue( ":id", $id, PDO::PARAM_INT );
    $st->execute();
    $row = $st->fetch();
    $conn = null;
    if ( $row ) return new Book( $row );
  }

I think i can use a similar function for my user account however, each book entered by a user has their member id attached to it, which is gained from there id in the members table which in turn is stored in $_SESSION['id']. My question is, is there a way to rework the code above to have something like select * where member_id = $_SESSION['id']. I have tried a few things and get stuck manly due to the fact i dont know what to replace the current :id with.

Thanks in advance, i hope i explained it well enough for you lot to understand.

Ian