Hi 🙂
It 'is correct the way in wich i had implemented this transaction?

try{
autocommit($conn,false);

$sql = "Select MaxOfferta from offerta where IdObj= '". $id . "'";



if(!$res=@mysqli_query($conn,$sql))
{

 throw new Exception ( "Errore durante accesso db   <br> Attenzione: fra 10 secondi sarai reindirizzato");

} 

$r=mysqli_fetch_array($res,MYSQLI_ASSOC);

if ( $r["MaxOfferta"]<$offerta ) {



 $sql = "Update  offerta set MaxOfferta='".$offerta."' ,UserOfferente='".$_SESSION["s211566username"]."' where IdObj= '". $id . "'";

if(!$res=@mysqli_query($conn,$sql)){

 throw new Exception ( "Errore durante accesso db   <br> Attenzione: fra 10 secondi sarai reindirizzato");

}else{    
 $ref = $_SERVER['HTTP_REFERER'];
 header( 'refresh: 10; url='.$ref);
 echo "Offerta accettata <br> Attenzione: fra 10 secondi sarai reindirizzato";
} 


}else{
 echo "Offerta troppo bassa,Rilancia almeno di 10 centesimi <br> Attenzione: fra 10 secondi sarai reindirizzato";
$ref = $_SERVER['HTTP_REFERER'];
header( 'refresh: 10; url='.$ref);


}

mysqli_commit($conn);
mysqli_close($conn);



}catch(Exception $e) {
mysqli_rollback($conn);
echo "Rollback della transazione ". e->getMessage();
	 $ref = $_SERVER['HTTP_REFERER'];
     header( 'refresh: 10; url='.$ref);
     mysqli_close($conn);

}

Is a very simple example of auction, i wanna guarantee that
if a read something before it write the new offer no one can read the db.

Thanks in advance.

    My first thought is that all that might be unnecessary, if you simply(?) did everything in one UPDATE query along these lines:

    $sql = "
UPDATE offerta SET
	MaxOfferta = '$offerta',
	UserOfferente = '{$_SESSION['s211455username']}
WHERE IdObj = '$id' AND MaxOfferta < $offerta
";

    Then (assuming it doesn't fail), you can use mysqli_affected_rows() to determine if the update happened (1 row affected) or not (0 rows affected, so probably someone else got a higher bid in).

      Write a Reply...