Row still updating even after error returns

hello, been away for a while decided to get back on some bugging issues the code below are select and for updating but when a user gets a return error data still get updated

// tagged already exist
if ($bidder = $tagged)
{
    
    $query = "SELECT tagged FROM " . $DBPrefix . "bids WHERE tagged = :tagged and auction = :auc_id";
    $params = array();
    $params[] = array(':tagged', $tagged, 'int');
    $params[] = array(':auc_id', $id, 'int');
    $db->query($query, $params);
    if ($db->numrows() > 0)
    {
    $errmsg = $ERR_0099;
    }
    
    // that user already selected that as a winner
    if ($bidder = $tagged){
    $query = "SELECT willwin FROM " . $DBPrefix . "bids WHERE bidder = :tagged and auction = :auc_id and willwin = :willwin";
$params[] = array(':tagged', $bidder, 'int');
$params[] = array(':auc_id', $id, 'int');
$params[] = array(':willwin' , $willwin, 'int');
$db->query($query, $params);
if ($db->numrows() > 0)
    {
    $errmsg = $ERR_00990;
    }
    }
    
    // update 
    if (isset($_POST['action']) && !isset($errmsg)){    
$query = "UPDATE " . $DBPrefix . "bids SET tagged = :tuser where auction = :auc_id and bidder = :tag";
$params[] = array(':tuser', $bidder_id, 'int');
$params[] = array(':auc_id', $id, 'int');
$params[] = array(':tag' , $tagged, 'int');
$db->query($query, $params);
    
    }
    }
    

please what am i doing wrong here, thanks

Here you are creating an error message when the query returns a number of rows greater than 0, I’m not sure that is what you want to be doing.

And this problably isn’t what you meant:

 if ($bidder = $tagged){

If the database is still being updated even though there is an error, that’s because you set the error message code above, but then still run the update query rather than exiting.

i changed it from

if ($db->numrows() > 0)
    {
    $errmsg = $ERR_0099;
    }
if ($db->numrows())
    {
    $errmsg = $ERR_0099;
    }

same issue

plz how do i go about that remove if ($bidder = $tagged) from the second query still inst working right i tried removing from the first same issue

i ended up using a greater than or lesser than value to show and hide the submit button if (x > y).
everyday is one loop hole or d other just when u think it done.

The point I was trying to make about this line:

if ($bidder = $tagged){

is that it will always result in the code inside the if() clause being executed, because with a single = symbol you’re assigning a value, not doing a comparison. So your code there literally reads “if setting the value of $bidder to the value of $tagged worked, then execute the stuff inside the curly braces”. What I suspect you wanted to do was:

if ($bidder == $tagged){
             ^ note the double equal sign for comparisons
2 Likes

hi thanks for the reply i tried that way but didnt work still updating, so i added a lesser than code

<p id="demo">Display the result here.</p> 
<script>
document.getElementById("demo").innerHTML = ({BALANCE} < {CURRENT_BID}) ? '<div align="center"><b>Balance not enough</b>' : '<input type="submit" name="myButton" value="{L_5199}" class="form-control btn btn-primary">';
</script>

this hides the button if the user account is low, thats part seem to b working but now found another bug, (looking forward to sue php):grinning:

am opening another thread for that issue

Actually that’s not true, now I’ve read the if() condition properly. But it will still be running those two SELECT queries unless you change both places where you were using the single = instead of double.

// tagged already exist
if ($bidder = $tagged)
{
    
    $query = "SELECT tagged FROM " . $DBPrefix . "bids WHERE tagged = :tagged and auction = :auc_id";
    $params = array();
    $params[] = array(':tagged', $tagged, 'int');
    $params[] = array(':auc_id', $id, 'int');
    $db->query($query, $params);
    if ($db->numrows() > 0)
    {
    $errmsg = $ERR_0099;
    }
    
    // select a user with the opposite team
    if ($bidder = $tagged){
    $query = "SELECT willwin FROM " . $DBPrefix . "bids WHERE bidder = :tagged and auction = :auc_id and willwin = :willwin";
$params[] = array(':tagged', $bidder, 'int');
$params[] = array(':auc_id', $id, 'int');
$params[] = array(':willwin' , $willwin, 'int');
$db->query($query, $params);
if ($db->numrows() > 0)
    {
    $errmsg = $ERR_00990;
    }
    }
    
    // update 
    if (isset($_POST['action']) && !isset($errmsg)){    
$query = "UPDATE " . $DBPrefix . "bids SET tagged = :tuser where auction = :auc_id and bidder = :tag";
$params[] = array(':tuser', $bidder_id, 'int');
$params[] = array(':auc_id', $id, 'int');
$params[] = array(':tag' , $tagged, 'int');
$db->query($query, $params);
    
    }
    }

any idea what am suppose to fix here? thanks

Yes, as I said above twice:

if ($bidder = $tagged)

This line of code (which appears twice) sets $bidder to be equal to $tagged, it does not compare their values for equality, as I explained in post #7, and your reply was “I tried that was but didn’t work”. Yet your code still is wrong.

oh i didnt altered, cause wasnt so sure if u talking about the first if ($bidder = $tagged) or the second if ($bidder = $tagged) or both cause i tried them both thats y i posted it like that

Well, both of them are wrong, unless you do actually want to assign the value rather than compare the value, and if you do want to assign it, the if() is a bit spurious. In all honesty, I didn’t notice the second one, but figured that once you’d seen the difference between the two, you’d update both of them.

I don’t actually know why you have the two if() clauses there, as they both operate on the same condition which doesn’t change. In fact, the second if $bidder==$tagged only runs inside the first one, where you’ve already established that the two are equal (once you’ve fixed the typo).

yeah remove the second if clause

// tagged already exist
if ($bidder = $tagged)
{
    
    $query = "SELECT tagged FROM " . $DBPrefix . "bids WHERE tagged = :tagged and auction = :auc_id";
    $params = array();
    $params[] = array(':tagged', $tagged, 'int');
    $params[] = array(':auc_id', $id, 'int');
    $db->query($query, $params);
    if ($db->numrows() > 0)
    {
    $errmsg = $ERR_0099;
    }
    
    // select a user with the opposite team
    
    $query = "SELECT willwin FROM " . $DBPrefix . "bids WHERE bidder = :tagged and auction = :auc_id and willwin = :willwin";
$params[] = array(':tagged', $bidder, 'int');
$params[] = array(':auc_id', $id, 'int');
$params[] = array(':willwin' , $willwin, 'int');
$db->query($query, $params);
if ($db->numrows() > 0)
    {
    $errmsg = $ERR_00990;
    }
    }
    
    // update bids
    if (isset($_POST['action']) && !isset($errmsg)){    
$query = "UPDATE " . $DBPrefix . "bids SET tagged = :tuser where auction = :auc_id and bidder = :tag";
$params[] = array(':tuser', $bidder_id, 'int');
$params[] = array(':auc_id', $id, 'int');
$params[] = array(':tag' , $tagged, 'int');
$db->query($query, $params);
    
    
    }

still get updated it returns error balance low as usual page already refreshed showing that balance is usually low but on submit its update tagged column

Still got this wrong though

if ($bidder = $tagged)

Are you sure the way you check for results in the first two queries is correct? I had a look for numrows() and see that’s mysqli which I don’t use myself, but that says it needs to be done on the result, not the database connection. Also the format of the parameters in the query seems more like PDO. But then I recall you’re using some kind of framework / templating system which might be different. If you echo the results from those two queries are they as you expect?

1 Like

I believe num_rows is also written wrong. _query and ->query really should just get removed entirely. People are using it in the most incorrect way possible.

There’s also the fact that OP looks to be mix matching PDO with mysqli_*. Named placeholders are generally only strictly for PDO use. Then there’s the failed attempt to use num_rows. OP wrote numrows. And num_rows is strictly available to mysqli_* only.

Last, but not least, there’s the multidimensional array. I don’t understand why people do this when trying to bind placeholders to a variable or value. Makes really no sense. You would have to go into that multidimensional array by doing something like $array[0]['my_variable'] just to get one of the values. So it makes no sense to do that when you could bind the variables itself to the placeholders which would be extremely easy. But I guess people want to make their lives harder by adding unnecessary stuff.

// user balance is low
    if (bccomp($balance, $Data['minimum_bid']) == -1) {
            $errmsg = $ERR_6077;
     }

    // user balance is low second warning
    if ($balance < $Data['minimum_bid'])
    {
    $errmsg = $ERR_609a;

i used that but still checking for errors, u never know

Did you mean to post this in your other topic?

yeah, i guess the updated post didnt make it

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.