But then how do i use that field? if i don't know what the unique id is when it goes on for use how do i actually know that they are useing that value?

Would i be able to just set it up so that the radio button send the id field then when the page is submited i just find out the cost then?

    If only one product can be selected at a time then you don't even need the hidden form field. Just make the value of the radio button the 'id' and then use that to query the database for the cost once the form is submitted. That would be more secure anyway since form values, even hidden and disable ones, can be easily manipulated.

      anakadote;10966710 wrote:

      If only one product can be selected at a time then you don't even need the hidden form field. Just make the value of the radio button the 'id' and then use that to query the database for the cost once the form is submitted. That would be more secure anyway since form values, even hidden and disable ones, can be easily manipulated.

      How would i do this? i tried but am not sure how to do it since i am useing 2 tables 1 for all teh locations and on for the usernames.

        You already know the user from $_SESSION['username'], don't you?

        In the form:

        <?php
           while($row = mysql_fetch_array($data)){
        ?>
            <tr align="left" bgcolor="<?php echo $bgcolor; ?>">
                <td align="center"><?php echo $row['access_level']; ?></td>
                <td>
                   <input type="radio" name="destination" value="<?php echo $row['id']; ?>">
                   <?php echo $row['name']; ?>
                </td>
                <td><?php echo $row['stores']; ?></td>
                <td><?php echo $row['cost']; ?></td>
            </tr>
        
        <?php
           }
        ?>

        And then when processing the form:

        if(isset($_POST['submit'])){
           if(!empty($_POST['destination'])){
              $destination_id = (int) $_POST['destination'];
              $username = $_SESSION['username'];
              //etc.
           } else {
              // etc.
           }
        }

        And another thing, assuming each user only has one row in the "user" table, you don't need, nor should you use, a loop to access their information. Do this instead:

        $result = mysql_query("SELECT * FROM `user` WHERE `username`='$username' LIMIT 1");
        if($result){
           $user_info = mysql_fetch_array($result);
           $available_cash = $user_info['cash'];
        } else {
           // Error
        }

          Thanks for your help this far.

          I have changed my submition code to look like this:

          <?php
          if(isset($_POST['submit'])){ 
          	$destination_id=$_POST['destination'];
          //$data2 = mysql_query("SELECT * FROM user WHERE username='$user'"); 
          $user_sql = mysql_query("SELECT * FROM 'user' WHERE 'username'='$username' LIMIT 1"); 
          $location_sql = mysql_query("SELECT * FROM 'location' WHERE 'id'='$destination_id' LIMIT 1"); 
          
          	if($user_sql){ 
          	   $user_info = mysql_fetch_array($user_sql); 
          	   $available_cash = $user_info['cash']; 
          	} 
          	else { 
          		// Error 
          			echo "NO SQL statement from \$user_sql.";
          	}
          	if($location_sql){ 
          	   $location_info = mysql_fetch_array($location_sql); 
          	   $cost = $location_info['cost']; 
          	} 
          	else { 
          	   // Error 
          			echo "NO SQL statement from \$location_sql.";
          
          	}
          
             if(!empty($_POST['destination'])){ 
                $destination_id = (int) $_POST['destination']; 
                $username = $_SESSION['username']; 
                //etc. 
          
                  if ($new_cash<0)//if the data is less then 0 (negitive number) 
                  { 
                      echo "Hmm... it seems to be that you will not have enough money to travel to <b>$new_location</b><br>"; 
                      echo "You need <b>$$ammount_needed</b> more before you can travel to <b>$new_location</b>"; 
          
                  } 
                  else 
                  { 
                      echo "You have moved from <b>$cur_location</b> to <b>$new_location</b>.<br>"; 
                      echo "The trip cost you <b>$$cost</b> you now have <b>$$new_cash</b>."; 
                      mysql_query("UPDATE user SET location='$new_location', cash='$new_cash' WHERE username='$username'"); 
          
                  } 
            }
          
          } else { 
            // etc. 
            echo "form not yet submited";
             } 
          
          
          // now we insert it into the database 
          //    if (isset($_POST['submit'])) { // if page has been submitted to itself start checking it 
          ?>
          

          But i am getting the first two else statement executed meaning that there is a problem but since i did not write the initial code(you did) and am outta my comfort zone i am requesting your help. I think that i must have somthing wrong in the two select statements but i am not sure what.

          P.S. like i mentioned earlier i need to get some information about the user fromt he user table and som information from the location table.

            You can always use mysql_error() to troubleshoot your queries, but in this case I can already see that you're wrapping your table names and columns with single quotes (') instead of back ticks (`). You use single quotes for the values you're setting.

              ok so i changed that but now i keep getting this as my output:

              you have moved from to Gorry.

              This happends no matter what i click on

              here is what my code looks like so far:

              <?php 
              if(isset($_POST['submit'])){ //if the form has been submited
              $destination_id=$_POST['destination'];
              
              //$user_sql is the sql statement for retrieving the account information from the table user
              $user_sql = mysql_query("SELECT * FROM `user` WHERE `username`='$user' LIMIT 1");
              
              //$location_sql is the sql statement for retrieving the location information from the table location
              $location_sql = mysql_query("SELECT * FROM `location` WHERE `id`='$destination_id'"); 
              
              if($user_sql)
              { 
              	$user_info = mysql_fetch_array($user_sql); 
              	$available_cash = $user_info['cash'];
              	$cur_cash=$user_info['cash'];//Current cash 
              	$cur_location=$user_info['cur_location'];//Current location 
              }//end of if ($user_sql)
              else 
              { 
              	// Error 
              	echo "NO SQL statement from \$user_sql.";
              }//end of else ($user_sql)
              
              if($location_sql){ 
              	$location_info  = mysql_fetch_array($location_sql); 
              	$new_location   = $location_info['name'];//destination
              	$cost           = $location_info['cost']; //Cost to travel to the destination 
              	$new_cash       = $cur_cash-$cost;//current cash minus cost of travel 
              	$ammount_needed = abs($new_cash);//Absolute value of $new_cash 
                  if ($new_cash<0) 
                  { 
                      $my_cash=$cur_cash; 
                  }//end of if ($new_cash<0) 
                  else 
                  { 
                      $my_cash=$new_cash; 
                  }//end of else ($new_cash<0) 
              	}//end of if ($location_sql)
              else { 
                 // Error 
              		echo "NO SQL statement from \$location_sql.";
              
              }//end of else ($location_sql)
                 if(!empty($_POST['destination'])){ 
              //		$destination_id = (int) $_POST['destination']; 
              
              	//etc. 
              		if ($new_cash<0)//if the ammount of money the player will have is less then 0 (negitive number) 
              		{ 
              			echo "Hmm... it seems to be that you will not have enough money to travel to <b>$new_location</b><br>"; 
              			echo "You need <b>$$my_cash</b> more before you can travel to <b>$new_location</b>"; 
              
              		}//end if ($new_cash<0)
              		else //if the ammount of money the player will have is more then 0 (positive number)
              		{ 
              			echo "You have moved from <b>$cur_location</b> to <b>$new_location</b>.<br>"; 
              			echo "The trip cost you <b>$$cost</b> you now have <b>$$new_cash</b>."; 
              			mysql_query("UPDATE user SET location='$new_location', cash='$new_cash' WHERE username='$username'"); 
              
              		}//end else ($new_cash<0)
              }//end if (!empty($_POST['destination']))
              
              }//end of if (isset($_POST['submit']))
              else { 
              	// etc. 
              	echo "form not yet submited";
              }//end of else (isset($_POST['submit'])) 
              
              ?> 
              

              I can't figure out where my problem is.
              you can go to the site if you want and check it out but somewhere along the line the codde is not working.
              P.S. how can i make it so that the ammount of cash is shown at the top without annother select statement?

                add mysql_error() to the end of your queries and let me know what you get:

                $user_sql = mysql_query("SELECT * FROM `user` WHERE `username`='$user' LIMIT 1") or die(mysql_error()); 

                And this: "you have moved from to Gorry." What's that? Is that coming from your database?

                  Oh, I see where that line is coming from. So it looks like the $location_sql query is working but not the $user_sql query. Let me know what sql errors you get if any.

                    when i change:

                    $user_sql = mysql_query("SELECT * FROM `user` WHERE `username`='$user' LIMIT 1");

                    to:

                    $user_sql = mysql_query("SELECT * FROM `user` WHERE `username`='$user' LIMIT 1") or die(mysql_error()); 

                    the output is still the same.

                    And this: "you have moved from to Gorry." What's that? Is that coming from your database?

                    That is like the output so when you click on go there now and the form is submited it will tell you where you were and now where you are. so it should say somthing like:

                    You have moved from The Town of Worwood to Gorry.

                      Looks like you're not defining $user anywhere.

                        ok i did some exparimenting and found that my error is in this piece of code:

                        <?php 
                        
                        //$data is a variable that selects the information from both the location and user tables 
                        $data = mysql_query("SELECT * FROM location left join user on user.access_level >= location.required_level WHERE user.username='$_SESSION[username]'"); 
                        echo "<h1>Select where you would like to travel to</h1>"; 
                        echo "<table style='color:white' BORDER=1 CELLPADDING=3 CELLSPACING=1 RULES=ROWS FRAME=box>"; 
                        echo "<tr bgcolor=#000000><td colspan=4>Your Current Balance is: <b>$$my_cash</b></td></tr>"; 
                        echo "<tr bgcolor=#990033><th>Level Required</th><th>Location</th><th>Stores</th><th>Cost</th></tr>"; 
                        echo "<form method=\"post\" action='$PHP_SELF'>"; 
                        ?>
                        <!--####################################################################################################################################################--> 
                        
                        <?php 
                        //This creates a loop which will repeat itself until there are no more rows to select from the database. 
                        //We getting the field names and storing them in the $row variable. 
                        //This makes it easier to echo each field. 
                        
                           while($row = mysql_fetch_array($data)){ 
                        ?> 
                        	<tr align="left" bgcolor="<?php echo $bgcolor; ?>"> 
                        		<td align="center"><?php echo $row['required_level']; ?></td> 
                        		<td> 
                        		   <input type="radio" name="destination" value="<?php echo $row['id']; ?>"> 
                        		   <?php echo $row['id']; ?>
                        		   <?php echo $row['name']; ?> 
                        		</td> 
                        		<td><?php echo $row['stores']; ?></td> 
                        		<td><?php echo $row['cost']; ?></td> 
                        	</tr> 
                        
                        <?php 
                           } 
                        ?> 
                        <!--####################################################################################################################################################--> 
                        
                        
                        
                        <tr bgcolor=#990033> 
                        	<td colspan=4><input type="SUBMIT" name='submit' value="Go there now!" onclick="window.location.href='travel.php'"></td> 
                        </tr> 
                        
                        </form> 
                        </table>
                        

                        i found out that all of the row id's were comming out 2 by adding this line of code after the radio buttion:

                        <?php echo $row['id']; ?>

                        i actually think the problem is here but i am not sure how to fix this.

                        $data = mysql_query("SELECT * FROM location left join user on user.access_level >= location.required_level WHERE user.username='$_SESSION[username]'"); 
                        

                          Again, use mysql_error() at the end of your query. I would try changing your query to this:

                          $data = mysql_query("SELECT * FROM `user` LEFT JOIN `location` ON `user`.`access_level` >= `location`.`required_level` WHERE `user`.`username`='$_SESSION[username]'") or die(mysql_error());

                          Remove the or die(mysql_error()) once you get it working.

                            ok so now i have almost everything working right but now my question is can i make it so that when you click on the text it will select the radio button? I looked for it on google but couldn't find it beceause i don't know what it is called.

                              You want the label tag:

                              <input type="radio" name="someName" id="someID" value="something" /> <label for="someID">Something</label>

                                what should i do so someone doesn't just accedentally reload a the page and then pay for somthing 2x?

                                  Personally I would use a [man]session[/man] and set some flag once the page was initially loaded. After they submit, you invert (or in some way alter) that flag/value and then process the data. That way, if they refresh (i.e. re-submit the same form from cache), your script would then see that the flag/value had already been altered (since they didn't re-visit the form and thus reset the flag/value) and abort processing the duplicate data.

                                    that now figured out my insert statement isn't working. Here it is:

                                    $insert = "INSERT INTO movement (from_location, to_location, date, user) 
                                    VALUES ($cur_location,$new_location,$user,NOW())";
                                    $movement_insert = mysql_query($insert);
                                    

                                      you need to quote strings for the insert, and date and user are transposed

                                        what do you mean? would you be able to give me an example?