another poor attempt at my own script

this is part of a larger script which i am piecing together, its a control panel for hosting accounts. the login system is complete, data is stored in mysql DB all in 1 table called "users". what im having trouble with is the page that will show their billing status. days left on current subscription, and how much they will owe when the subscription is up. i have done all the necessary math, and completed some of the actual code that figures out what a certain users info is based on the data that i manually enter into the table.. heres the code (the piece that is quoted out is the part where math is involved, as well as determining some variables that come from the DB based on what USER is logged in)

Code:

<?php
include('config.php');

$dstart = mysql_fetch_field('select dstart from users');
$subscription = mysql_fetch_field('select subscription from users');
$dplan = mysql_fetch_field('select dplan from users');/*
$dend = ($dstart + 365($subscription)); 
$plana = "19.99";
$planb = "29.99";
$planc = "39.99";
$days_left = ($dend - $dstart);

$plan = if $dplan==1 { 

$total = ($subscription * $plan);*/


/* display results */
echo "You have ";
echo $days_left;
echo "days left until your next payment is due.<br>";
echo "You will owe the following amount: ";
echo $total;
echo ". Thank you!";

?>

the way its written, it will not display errors just blank results because it cant even determine what user is logged in first of all :S

Aren't you missing something on your select statements? Shouldn't it be something like this:
$dstart = mysql_fetch_field('select dstart from users WHERE USER = $CURUSR');

yes but i am lost and stuck now

ok i have made some progress. it now sucessfully connects to the DB and obtains the proper values. but still some errors, and ive lost and confused myself on how to show how many days are left in the subscription.. be sure to note the /* */ areas, as those are the parts that for some reason do not work, except in the middle which i have no idea how to write for $plan

Code:

<link rel=stylesheet href=style.css>
<?php

//Start Billing Module
ob_start();

//Prepare for Execution of Module
require('config.php');
ini_set('display_errors', 1);

//Security check to be sure a valid user is logged into the CP
/*
if ($logged[username]) 
{ 
*/

//Define Variables, Load DB values, & Do some math :D
$data = mysql_query("SELECT * from users where username = '$logged[username]'"); 
$data = mysql_fetch_array($data); 
$dstart = $data['dstart'];
$subscription = $data['subscription'];
$dplan = $data['dplan'];
$days_in_subscription = 365 * $subscription;
$dend = $days_in_subscription + $dstart ;
$days_left = $dend - $dstart;

/*
$plan = if $dplan==1 
$total = ($subscription * $plan);
$plana = "19.99";
$planb = "29.99";
$planc = "39.99";
*/

// Display the results of above functions and values.

echo "You have ";
echo $days_left;
echo " days left until your next payment is due.<br>";
echo "You will owe the following amount: ";
echo $total;
echo ". Thank you!";

// In case of session errors, or a person not logged in, display this

/*
}
else 
{ 
echo "<center>Sorry but for some reason your session has expired. Please log out and then back in, and try again.<br>";
echo "You also may not be logged in, and tried to access this page directly. <br>
echo "This attempt has been logged as well as the time, date, and your IP.</center>";
}
*/
?>

[Join us @ facebook]

the /* */ areas, as those are the parts that for some reason do not work,

These are comments man, that's why they don't work. Get them out of /* */ and they'll work

nonono i commented them out so u could see the part i need help with, heres how far i am now almost done just need help with $plan:

Code:

<link rel=stylesheet href=style.css>
<?php

//Start Billing Module
ob_start();

//Prepare for Execution of Module
require('config.php');
ini_set('display_errors', 1);

//Security check to be sure a valid user is logged into the CP

if ($logged[username]) 
{ 


//Define Variables, Load DB values, & Do some math :D
$data = mysql_query("SELECT * from users where username = '$logged[username]'"); 
$data = mysql_fetch_array($data); 
$dstart = $data['dstart'];
$subscription = $data['subscription'];
$dplan = $data['dplan'];
$days_in_subscription = 365 * $subscription;
$dz = date('z');
$dz2 = $dz + 1;
$days_left = $days_in_subscription - $dz2;

/*
$plan = if $dplan==1 
(
then value of plan == plana
}
if $dplan==2
} 
value of plan == planb
}
else
{
value of plan == planc
}
*/
$total = ($subscription * $plan);
$plana = "19.99";
$planb = "29.99";
$planc = "39.99";


// Display the results of above functions and values.
echo "You have ";
echo $days_left;
echo " days left until your next payment is due.<br>";
echo "You will owe the following amount: ";
echo $total;
echo ". Thank you!";

// In case of session errors, or a person not logged in, display this


}
else 
{ 
echo "<center>Sorry but for some reason your session has expired. Please log out and then back in, and try again.<br>";
echo "You also may not be logged in, and tried to access this page directly. <br>
echo "This attempt has been logged as well as the time, date, and your IP.</center>";
}

?>

dont worry about it Nik, ive finaly wrote my own script all my own with no help just by taking time.. and reading crap on php.net and reading other scripts.. here is finished code that will show the user logged in to the CP their billing status.

Code:

<link rel=stylesheet href=style.css>
<?php
//Omega CP: Billing Status
//Author: Justin Love of J Love Web Design
//URL: http://www.justinlove.net
//Copyright 2006

//Start Billing Module & Allow use of cookies in CP
ob_start();

//Prepare for Execution of Module
require('config.php');
include('omega.php');

//Security check to be sure a valid user is logged into the CP (Note A: Only needed if billing.php is called outside frame)

if ($logged[username]) 
{ 


//Define Variables, Load DB values, & Do some math :D
$data = mysql_query("SELECT * from users where username = '$logged[username]'"); 
$data = mysql_fetch_array($data); 
$dstart = $data['dstart'];
$subscription = $data['subscription'];
$dplan = $data['dplan'];
$days_in_subscription = 365 * $subscription;
$dz = date('z');
$dz2 = $dz + 1;
$days_left = $days_in_subscription - $dz2;
$plana = 19.99;
$planb = 29.99;
$planc = 39.99;
$paypal_1 = ("<center><form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\">
<input type=\"image\" class=\"img\" src=\"images/paypal.jpg\" border=\"0\" name=\"submit\" alt=\"Make payments with PayPal - it's fast, free and secure!\">
<input type=\"hidden\" name=\"add\" value=1>
<input type=\"hidden\" name=\"cmd\" value=\"_cart\">
<input type=\"hidden\" name=\"business\" value=$paypal>
<input type=\"hidden\" name=\"item_name\" value=\"Starter Plan Yearly Subscription\">
<input type=\"hidden\" name=\"item_number\" value=\"1\">
<input type=\"hidden\" name=\"amount\" value=\"19.99\">
<input type=\"hidden\" name=\"no_note\" value=\"1\">
<input type=\"hidden\" name=\"currency_code\" value=\"USD\">
<input type=\"hidden\" name=\"bn\" value=\"PP-ShopCartBF\">
</form></center><p>");
$paypal_2 = ("<center><form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\">
<input type=\"image\" class=\"img\" src=\"images/paypal.jpg\" border=\"0\" name=\"submit\" alt=\"Make payments with PayPal - it's fast, free and secure!\">
<input type=\"hidden\" name=\"add\" value=1>
<input type=\"hidden\" name=\"cmd\" value=\"_cart\">
<input type=\"hidden\" name=\"business\" value=$paypal>
<input type=\"hidden\" name=\"item_name\" value=\"Silver Plan Yearly Subscription\">
<input type=\"hidden\" name=\"item_number\" value=\"2\">
<input type=\"hidden\" name=\"amount\" value=\"29.99\">
<input type=\"hidden\" name=\"no_note\" value=\"1\">
<input type=\"hidden\" name=\"currency_code\" value=\"USD\">
<input type=\"hidden\" name=\"bn\" value=\"PP-ShopCartBF\">
</form></center><p>");
$paypal_3 = ("<center><form target=\"paypal\" action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\">
<input type=\"image\" class=\"img\" src=\"images/paypal.jpg\" border=\"0\" name=\"submit\" alt=\"Make payments with PayPal - it's fast, free and secure!\">
<input type=\"hidden\" name=\"add\" value=1>
<input type=\"hidden\" name=\"cmd\" value=\"_cart\">
<input type=\"hidden\" name=\"business\" value=$paypal>
<input type=\"hidden\" name=\"item_name\" value=\"Extra Plan Yearly Subscription\">
<input type=\"hidden\" name=\"item_number\" value=\"3\">
<input type=\"hidden\" name=\"amount\" value=\"39.99\">
<input type=\"hidden\" name=\"no_note\" value=1>
<input type=\"hidden\" name=\"currency_code\" value=\"USD\">
<input type=\"hidden\" name=\"bn\" value=\"PP-ShopCartBF\">
</form></center><p>");


// Do some complicated stuff

if ($dplan == 1)
{
$plan = $plana;
$plantype = "Starter Plan";
$button = $paypal_1;
}
elseif ($dplan == 2)
{
$plan = $planb;
$plantype = "Silver Plan";
$button = $paypal_2;
}
else
{
$plan = $planc;
$plantype = "Extra Plan";
$button = $paypal_3;
}

//do a little math
$total = ($subscription * $plan);

// Display the results of above functions and values.
echo "<div align=\"center\">
<table border=\"0\" cellpadding=\"0\" style=\"border-collapse: collapse\" width=\"500\" id=\"table1\">
<tr>
<td colspan=\"2\">
<p align=\"center\">$button</td>
</tr>
<tr>
<td width=\"50%\" bgcolor=\"#000080\"><b>Plan:</b></td>
<td width=\"50%\" bgcolor=\"#000080\">$plantype</td>
</tr>
<tr>
<td width=\"50%\"><b>Subscription Length:</b></td>
<td width=\"50%\">$subscription years</td>
</tr>
<tr>
<td width=\"50%\" bgcolor=\"#000080\"><b>Yearly Payment:</b></td>
<td width=\"50%\" bgcolor=\"#000080\">$$plan USD</td>
</tr>
<tr>
<td width=\"50%\"><b>Days Left Until Next Payment</b></td>
<td width=\"50%\">$days_left</td>
</tr>
<tr>
<td width=\"50%\" bgcolor=\"#000080\"><b>Total Owed:</b></td>
<td width=\"50%\" bgcolor=\"#000080\">$$total USD</td>
</tr>
</table>
</div>";

// In case of session errors, or a person not logged in, display this (refer to note A)

}
else 
{ 
echo "<center>Sorry but for some reason your session has expired. Please log out and then back in, and try again.<br>";
echo "You also may not be logged in, and tried to access this page directly. <br>";
echo "This attempt has been logged as well as the time, date, and your IP.</center>";
echo "<center>";
include('login.php');
echo "</center>";
}
echo "<br><br><br><center>Billing Module Version: $billver </center>";
?>

[Join us @ facebook]

Seems that you are learning meth0d. I am glad for you

You only have to change one thing. This line :

Code:

<?php
$data = mysql_query("SELECT * from users where username = '$logged[username]'"); 

will be more secure if you change it to :

Code:

<?php
$data = mysql_query("SELECT * from users where username = '".addslashes( $logged[username] )."'"); 

thx man

[Guest]

[38.657]

Googlebot, Yahoo crawler, Msnbot, Baidu Spider