Ladder

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Aravinthan
Forum Commoner
Posts: 84
Joined: Mon Jan 28, 2008 6:34 pm

Ladder

Post by Aravinthan »

Hi, I am a new to this forum, and I want to know how to make a ladder.
Let me explain,
I am making a website for a gaming clan: http://warfaringwarriors.x10hosting.com
And I tought of making a ladder. Every saturday, there is gunna be a match and the players partipating in the match will receive points.
Here is what I can do:
- THe registration page
-Create the table and display it by points:
Input page(after the registration from the HTML form has been sent):
<?php

$points= addslashes($points);
$eso = addslashes ($eso);
$email = addslashes ($email);
$country = addslashes ($country);

@ $link = mysql_pconnect ("localhost", "user", "pass");

if (!$link)
{
echo "Error: Can't connect right now. Please try again later.";
exit;
}

mysql_select_db("database");
$query = "insert into clanapp values
('".$points."', '".$eso."', '".$email."','".$country."')";

$result = mysql_query($query);
if ($result)

mail( "officers@warfaringwarriors.x10hosting.com ", "New application for the Warfaring Warriors Training Camp Tournament",
"eso: $eso","</br>","email: $email","</br>","country: $country","</br>", "From: $email" );
echo "Application inserted into database. <a href='index.php'>Go Back.</a>";

?>
Output Page:
<?php
$link = mysql_connect ("localhost", "user", "pass");
mysql_select_db ("database", $link);
$result = mysql_query("SELECT * FROM database", $link);
if (mysql_db_query("batabase", "select * from table", $link))
{
print ("");
}
else
{
print ("The query could not be executed!<BR>");
}

$link = mysql_connect ("localhost", "user", "pass");

mysql_select_db("database",$link);

$Result = mysql_query("SELECT * FROM table ORDER BY 'points'",$link);
echo "<table cellpadding='0' width='400'>";
echo "<tr bgcolor='#eeeeee'>";
echo "<th>Points</th><th>ESO Username</th><th>e-mail</th><th>country</th>";
echo "</tr>";

while ($Row = mysql_fetch_row($Result))
{
printf ("<tr><td align='center'>%s</td><td align='center'>%s</td><td align='center'>%s</td><td align='center'>%s</td></tr>",
$Row[0], $Row[1], $Row[2], $Row[3] );
}


echo "</table>";




?>
Will this work?
Here is what I need help with:
-Update the points, which I tried and failed miserably....

Thanks for your help, If you need more details please dont hesitate to ask me
Good day!

Edit: I forgot to mention, when I say Update the points which means: for exemple Player X plays 5 games and he has 100 poitns till now, and he gets 10 poitns for game 6. Well When I will update it , It shud do: 100+10... I have an idea, I think in the outpage i shud put a textbox near the names/points thing, andthere the officers can put the points he got. At the bottom there is a submit button, when they click, it sends to another page. Where there is a function thats adds up the funtion and saves the result i nthe DB. But how to do it, I can't figure it out...!!!
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: Ladder

Post by Christopher »

Two think first. You should use the mysql_escape_real() function on the values that go into the database. Likewise you should convert htmlentities() in output to the page and email.

If you have a HTML form then you can get the values in PHP from the $_POST superglobal array. Give it a try and post updated code.
(#10850)
User avatar
Ollie Saunders
DevNet Master
Posts: 3179
Joined: Tue May 24, 2005 6:01 pm
Location: UK

Re: Ladder

Post by Ollie Saunders »

Will this work?
Should do. If you have any specific problems we can help you better.
-Update the points, which I tried and failed miserably....
an update query looks a bit like this

Code: Select all

UPDATE `tableName` SET `colA` = 'valueA', `colB` = 'valueB' WHERE `id` = 45
It's good practice in MySQL to put backticks (`) round the various identifiers as I have done in the example.

Code: Select all

$points= addslashes($points);
You should target these with $_POST or $_GET for more secure code a la:

Code: Select all

$points = addslashes($_POST['points']);
and use mysql_real_escape_string() as aborint, oh so correctly, advised
Aravinthan
Forum Commoner
Posts: 84
Joined: Mon Jan 28, 2008 6:34 pm

Re: Ladder

Post by Aravinthan »

Thanks for your quick replys ,
I have a few questions, as i aint that familiar with PHP, I would like to know what and how to use:
- mysql_escape_real()
- htmlentities()
OK so I updated the form what I understood:
Form:
form name="wrwrtc" action="input.php" method="post">
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td>
ESO Username:
</td>
<td>
<input type="text" name="eso">
</td>
</tr>
<tr>
<td>
E-mail:
</td>
<td>
<input type="text" name="email">
</td>
</tr>
<tr>
<td>
Country:
</td>
<td>
<input type="text" name="country">
</td>
</tr>
<tr>
<td>
<input type="submit" name="submit" value="Submit">
<input type="reset" name="reset" value="Reset">
</td>
</tr>
</table>
</form>
Input Page:
<?php

$points = addslashes($_POST['points']);
$eso = addslashes ($_POST['eso']);
$email = addslashes ($_POST['emal']);
$country = addslashes ($_POST['county']);

@ $link = mysql_pconnect ("localhost", "username", "password");

if (!$link)
{
echo "Error: Can't connect right now. Please try again later.";
exit;
}

mysql_select_db("database");
$query = "insert into clanapp values
('".$points."', '".$eso."', '".$email."','".$country."')";

$result = mysql_query($query);
if ($result)

mail( "officers@warfaringwarriors.x10hosting.com ", "New application for Warfaring Warriors Train Camp Tournament",
"eso: $eso","</br>","email: $email","</br>","country: $country","</br>", "From: $email" );
echo "Application inserted into database. <a href='index.php'>Go Back.</a>";

?>
And ole, I know that update code, but what I cant understand is what should I put
UPDATE `tableName` SET `colA` = 'valueA', `colB` = 'valueB' WHERE `id` = 45
Where what? Points, ok but what shud I put as points, you understand..?
User avatar
Ollie Saunders
DevNet Master
Posts: 3179
Joined: Tue May 24, 2005 6:01 pm
Location: UK

Re: Ladder

Post by Ollie Saunders »

I would like to know what and how to use:
- mysql_escape_real()
In the same way you are currently using addslashes(), just change it to mysql_real_escape_string()

Use htmlentities() when you output things you have queried from the database.

Code: Select all

$data = mysql_fetch_assoc($result);
echo htmlentities($data['foo']);
And ole, I know that update code, but what I cant understand is what should I put
Imagine a table with columns named foo and bar. Foo is the primary key. In the same way that you might SELECT a particular row like this:[sql]SELECT * FROM `table` WHERE `foo` = 10[/sql]To UPDATE that same row you might do something like this:[sql]UPDATE `table` SET `bar` = 'monkey' WHERE `foo` = 10[/sql]Notice the WHERE clauses are the same as they are both addressing the same row.
Aravinthan
Forum Commoner
Posts: 84
Joined: Mon Jan 28, 2008 6:34 pm

Re: Ladder

Post by Aravinthan »

Use htmlentities() when you output things you have queried from the database.

Code: Select all

$data = mysql_fetch_assoc($result);
echo htmlentities($data['foo']);
Ok thanks I got it!
Imagine a table with columns named foo and bar. Foo is the primary key. In the same way that you might SELECT a particular row like this:[sql]SELECT * FROM `table` WHERE `foo` = 10[/sql]To UPDATE that same row you might do something like this:[sql]UPDATE `table` SET `bar` = 'monkey' WHERE `foo` = 10[/sql]Notice the WHERE clauses are the same as they are both addressing the same row.
Yh but, the thing is where 'foo' = 10, but I won't know the points he would have, That means for everyone I woud need to change the code, which would make it pretty long, isn't there an easier way?
User avatar
Ollie Saunders
DevNet Master
Posts: 3179
Joined: Tue May 24, 2005 6:01 pm
Location: UK

Re: Ladder

Post by Ollie Saunders »

Yh but, the thing is where 'foo' = 10, but I won't know the points he would have, That means for everyone I woud need to change the code, which would make it pretty long, isn't there an easier way?
In order to change something you must be able to locate it first. If you haven't allowed for that you need to change it. There's no way round it, sorry.
Post Reply