Problem with User Additions

[KGodel]

Hey all! I am trying to design a system for our staff to add "points" to users for participating in events. I currently have the following code. The "Edit" and "Update" code works. I have tested it. What is not working is the main "add" part. A staff member should be able to type in multiple usernames separated by a semicolon ( then the correct number of points should be added. If anyone can help, let me know!

http://pastebin.com/Z2QxkkZU

Thanks again!

[kh99]

What happens when you try to add? The only thing I can see is that at the end of your update query sql you have:

Code:

username='$u[0]'";

and I believe it should just be $u.

[KGodel]

I have it working a bit, but now there is only one issue. Code below:

Basically, in the "UPDATE" portion, it works except when $upoints is 0, then the query is not executed and no confirmation message appears.

PHP Code:

<?php
// In Game Activity Points
// by DrMath
// ######################## SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE);

// #################### PRE-CACHE TEMPLATES AND DATA ######################
$phrasegroups = array('style');
$specialtemplates = array('products');

// ########################## REQUIRE BACK-END ############################
require_once('./global.php');
require_once(DIR . '/includes/adminfunctions_template.php');

$this_script = 'iga_points';

$rpm_ver = 1.0;

$rpm_mouseover_fontcolor = '#D04850';

// ######################## CHECK ADMIN PERMISSIONS #######################
if (!can_administer('canadminusers'))
{
    print_cp_no_permission();
}

print_cp_header();
echo "<div class='pagetitle'>In Game Activity System</div>";

//Possible Point Values
$pointreasons = array("Attended a Gamenight (+15)", "Attended a Contest/Torunament (+25)");

/////////////////////// front page
if ( empty($_POST['do']) ) {
    print_form_header($this_script, 'add');
    print_table_header('Add Points');
    print_label_row('Notice:', 'Select the point value based on the event.');
    print_select_row('Points', 'points', $pointreasons);
    print_label_row('Users:', 'Input the usernames of all the users you wish to give the above points to. You must separate names using a semicolon (;).');
    print_textarea_row('Users', 'users','',12,100,false,false);
    print_submit_row('Add Points');
    
    ////////////////////// edit points
    print_form_header($this_script, 'edit');
    print_table_header('Edit Points');
    print_label_row('Username:', 'Enter the username of who you want to edit the points value of.');
    print_input_row('Username', 'username');
    print_submit_row('Edit Points');
}

/////////////////////// add
if ( $_POST['do'] == 'add' ) {
   
    if ( empty($_POST['points']) OR empty($_POST['users']) ) { rpm_print_stop_back('Please be sure every required field is filled out before submitting.'); }
   
    $vbulletin->input->clean_array_gpc('p', array(
        'points'         => TYPE_UNIT,
        'users'          => TYPE_STR
        ));
    
    $apoints = $vbulletin->GPC['points'];
    if ($apoints == 0) { $addpoints = 15; }
    if ($apoints == 1) { $addpoints = 25; }
    $ausers = $db->escape_string($vbulletin->GPC['users']);
    $addusers = explode(";",$ausers);
    //$adate = date("Y-m-d");
    
    foreach ($addusers as &$u) {
        $user = trim($u);
        $sql = "UPDATE " . TABLE_PREFIX . "user SET iga_points = iga_points + $addpoints, iga_lastpointsdate = NOW() WHERE username='$user'";
        $db->query_write($sql);
    }
   
    define('CP_REDIRECT', 'iga_points.php');
    print_stop_message('iga_points_added');
}  

/////////////////////// edit
if ( $_POST['do'] == 'edit' ) {
   
    if ( !isset($_POST['username']) ) { rpm_print_stop_back('Please be sure every required field is filled out before submitting.'); }
    
   
    $vbulletin->input->clean_array_gpc('p', array(
        'username'      => TYPE_STR
        ));
    
    $edituser = $db->escape_string($vbulletin->GPC['username']);
    
    $sql = "SELECT iga_points FROM " . TABLE_PREFIX . "user WHERE username = '$edituser'";
    $result = $db->query_read_slave($sql);
    $cpoints = mysql_result($result,0);
    
    print_form_header($this_script, 'update');
    print_table_header("Update ".$edituser."'s Points");
    echo "<input type='hidden' name='username' value='$edituser'>";
    print_label_row('Note:', 'Points must be between 0 and 400.');
    print_input_row('Points', 'points', $cpoints);
    print_submit_row('Update Points');
}

/////////////////////// add
if ( $_POST['do'] == 'update' ) {
   
    if ( empty($_POST['username']) OR empty($_POST['points']) ) { rpm_print_stop_back('Please be sure every required field is filled out before submitting.'); }
   
    $vbulletin->input->clean_array_gpc('p', array(
        'username'  => TYPE_STR,
        'points'    => TYPE_UNIT
        ));
    
    $uuser = $db->escape_string($vbulletin->GPC['username']);
    $upoints = $vbulletin->GPC['points'];
    //$udate = date("Y-m-d");
    
    if ($upoints < 0 || $upoints > 400) {
        define('CP_REDIRECT', 'iga_points.php');
        print_stop_message('iga_points_val_error');
    } else {
        $sql = "UPDATE " . TABLE_PREFIX . "user SET iga_points=$upoints, iga_lastpointsdate=NOW() WHERE username = '$uuser'";
        $db->query_write($sql);
        define('CP_REDIRECT', 'iga_points.php');
        print_stop_message('iga_points_updated'); 
    }
    
}

print_cp_footer();
?>

[kh99]

You have empty($_POST['points']), but that will be true if it's 0 (see the php page for empty()). I think you want to use !isset($_POST['points']) instead.

[KGodel]

Thank you based kh99. <3 I'm still a noob at this stuff. T.T

[KGodel]

Alright, so I have added another way to add points to make it easier for my members. Here is the code:

PHP Code:

<?php
// In Game Activity Points
// by DrMath
// ######################## SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE);

// #################### PRE-CACHE TEMPLATES AND DATA ######################
$phrasegroups = array('style');
$specialtemplates = array('products');

// ########################## REQUIRE BACK-END ############################
require_once('./global.php');
require_once(DIR . '/includes/adminfunctions_template.php');

$this_script = 'iga_points';

$rpm_ver = 1.0;

$rpm_mouseover_fontcolor = '#D04850';

// ######################## CHECK ADMIN PERMISSIONS #######################
if (!can_administer('canadminusers'))
{
    print_cp_no_permission();
}

print_cp_header();
echo "<div class='pagetitle'>In Game Activity System</div>";

//Possible Point Values
$pointreasons = array("Attended a Gamenight (+15)", "Attended a Contest/Torunament (+25)");

// Get Divisions //
$sql = "SELECT gamename, ingamename, profilefield FROM " . TABLE_PREFIX . "gamelist ORDER BY gamename ASC";
$result = $db->query_read_slave($sql);
$divisions = array();
while ( $a = mysql_fetch_array($result) ) {
    $divisions[] = $a;
    $divnames[] = $a[0];
}

/////////////////////// front page
if ( empty($_POST['do']) ) {
    
    ////////////////////// add points via division
    print_form_header($this_script, 'div');
    print_table_header('Add Points via Division');
    print_label_row('Notice:', 'Select the division you are entering activity for.');
    print_select_row('Divisions', 'division', $divnames);
    print_submit_row('Select Division');
    
    ////////////////////// add points text area
    print_form_header($this_script, 'add');
    print_table_header('Add Points');
    print_label_row('Notice:', 'Select the point value based on the event.');
    print_select_row('Points', 'points', $pointreasons);
    print_label_row('Users:', 'Input the usernames of all the users you wish to give the above points to. You must separate names using a semicolon (;).');
    print_textarea_row('Users', 'users','',12,100,false,false);
    print_submit_row('Add Points');
    
    ////////////////////// edit points
    print_form_header($this_script, 'edit');
    print_table_header('Edit Points');
    print_label_row('Username:', 'Enter the username of who you want to edit the points value of.');
    print_input_row('Username', 'username');
    print_submit_row('Edit Points');
}

/////////////////////// div selected
if ( $_POST['do'] == 'div' ) {
   
    if ( !isset($_POST['division']) ) { rpm_print_stop_back('Please select a division.'); }
   
    $vbulletin->input->clean_array_gpc('p', array(
        'division'         => TYPE_UNIT
        ));
    
    // Division Name //
    $n = $vbulletin->GPC['division'];
    $divname = $divisions[$n][0];
    $divign = $divisions[$n][1];
    $divfield = $divisions[$n][2];
    $+++++eck = 1<<$n;
    
    // Get Main Members
    $mainusers = $db->query_read_slave("SELECT user.userid, user.username, userfield. " . $divfield ." FROM " . TABLE_PREFIX . "user AS user LEFT JOIN " . TABLE_PREFIX . "userfield as userfield ON (userfield.userid = user.userid) WHERE (userfield.field5='" . $divname . "') AND (user.username != '') AND (user.usergroupid NOT IN (1,3,4,7,8,20,21,23,45)) ORDER BY username");
    if (!$mainusers){ die('Invalid query: ' . mysql_error()); }
    // Set the Users Array
    $maingameusers = array();
    while ($user = mysql_fetch_array($mainusers)) {
        if ($user[2] == null) { $ign = "N/A"; } else { $ign = $user[2]; }
        $maingameusers[$user[0]] = $user[1] . "  -  " . $divign . ": " . $ign;
    }

    // Get Other Game Members
    $otherusers = $db->query_read_slave("SELECT user.userid, user.username, userfield. " . $divfield . " FROM " . TABLE_PREFIX . "user AS user LEFT JOIN " . TABLE_PREFIX . "userfield as userfield ON (userfield.userid = user.userid) WHERE (userfield.field5 != '" . $divname . "') AND (userfield.field6 & " . $+++++eck . ") AND (user.username != '') AND (user.usergroupid NOT IN (1,3,4,7,8,20,21,23,45)) ORDER BY username");
    if (!$otherusers){ die('Invalid query: ' . mysql_error()); }
    // Set the Users Aray
    $othergameusers = array();
    while ($user = mysql_fetch_array($otherusers)) {
        if ($user[2] == null) { $ign = "N/A"; } else { $ign = $user[2]; }
        $othergameusers[$user[0]] = $user[1] . "  -  " . $divign . ": " . $ign;
    }
    
    ////////////////////// select users to get points
    print_form_header($this_script, 'divadd');
    print_table_header('Add Points to ' . $divname . ' Members');
    print_label_row('Event Type:', 'Select the event type (and point value) to give.');
    print_select_row('Points', 'points', $pointreasons);
    print_label_row('Main Users:', 'Select the Main-Game users who attended the event.');
    print_select_row('Main Users', 'mainusers', $maingameusers,null,false,10,true);
    print_label_row('Other Users:', 'Select the Other-Game users who attended the event.');
    print_select_row('Other Users', 'otherusers', $othergameusers,null,false,10,true);
    print_label_row('Note:', 'Hold the control key while clicking to select multiple names.');
    print_submit_row('Add Points to Selected Users','Reset');
    
} 

/////////////////////// add
if ( $_POST['do'] == 'add' ) {
   
    if ( !isset($_POST['points']) OR empty($_POST['users']) ) { rpm_print_stop_back('Please be sure every required field is filled out before submitting.'); }
   
    $vbulletin->input->clean_array_gpc('p', array(
        'points'         => TYPE_UNIT,
        'users'          => TYPE_STR
        ));
    
    $apoints = $vbulletin->GPC['points'];
    if ($apoints == 0) { $addpoints = 15; }
    if ($apoints == 1) { $addpoints = 25; }
    $ausers = $db->escape_string($vbulletin->GPC['users']);
    $addusers = explode(";",$ausers);
    //$adate = date("Y-m-d");
    
    foreach ($addusers as &$u) {
        $user = trim($u);
        $sql = "UPDATE " . TABLE_PREFIX . "user SET iga_points = iga_points + $addpoints, iga_lastpointsdate = NOW() WHERE username='$user'";
        $db->query_write($sql);
    }
   
    define('CP_REDIRECT', 'iga_points.php');
    print_stop_message('iga_points_added');
}  

/////////////////////// add via division
if ( $_POST['do'] == 'divadd' ) {
   
    if ( !isset($_POST['points']) OR empty($_POST['mainusers']) ) { rpm_print_stop_back('Please be sure every required field is filled out before submitting.'); }
   
    $vbulletin->input->clean_array_gpc('p', array(
        'points'         => TYPE_UNIT,
        'mainusers'      => TYPE_ARRAY,
        'otherusers'     => TYPE_ARRAY
        ));
    
    $apoints = $vbulletin->GPC['points'];
    if ($apoints == 0) { $addpoints = 15; }
    if ($apoints == 1) { $addpoints = 25; }
    $addmain = $addother = array();
    $addmain = $vbulletin->GPC['mainusers'];
    $addother = $vbulletin->GPC['otherusers'];
    //$adate = date("Y-m-d");
    
    // Main Gamers
    foreach ($addmain as &$u) {
        $sql = "UPDATE " . TABLE_PREFIX . "user SET iga_points = iga_points + $addpoints, iga_lastpointsdate = NOW() WHERE userid=$u";
        $db->query_write($sql);
    }
    
    // Other Gamers
    foreach ($addother as &$u) {
        $sql = "UPDATE " . TABLE_PREFIX . "user SET iga_points = iga_points + $addpoints, iga_lastpointsdate = NOW() WHERE userid=$u";
        $db->query_write($sql);
    }
   
    define('CP_REDIRECT', 'iga_points.php');
    print_stop_message('iga_points_added');
}  

/////////////////////// edit
if ( $_POST['do'] == 'edit' ) {
   
    if ( !isset($_POST['username']) ) { rpm_print_stop_back('Please be sure every required field is filled out before submitting.'); }
    
   
    $vbulletin->input->clean_array_gpc('p', array(
        'username'      => TYPE_STR
        ));
    
    $edituser = $db->escape_string($vbulletin->GPC['username']);
    
    $sql = "SELECT iga_points FROM " . TABLE_PREFIX . "user WHERE username = '$edituser'";
    $result = $db->query_read_slave($sql);
    $cpoints = mysql_result($result,0);
    
    print_form_header($this_script, 'update');
    print_table_header("Update ".$edituser."'s Points");
    echo "<input type='hidden' name='username' value='$edituser'>";
    print_label_row('Note:', 'Points must be between 0 and 400.');
    print_input_row('Points', 'points', $cpoints);
    print_submit_row('Update Points');
}

/////////////////////// add
if ( $_POST['do'] == 'update' ) {
   
    if ( empty($_POST['username']) OR !isset($_POST['points']) ) { rpm_print_stop_back('Please be sure every required field is filled out before submitting.'); }
   
    $vbulletin->input->clean_array_gpc('p', array(
        'username'  => TYPE_STR,
        'points'    => TYPE_UNIT
        ));
    
    $uuser = $db->escape_string($vbulletin->GPC['username']);
    $upoints = $vbulletin->GPC['points'];
    
    //$udate = date("Y-m-d");
    
    if ($upoints < 0 or $upoints > 400) {
        define('CP_REDIRECT', 'iga_points.php');
        print_stop_message('iga_points_val_error');
    } else {
        $sql = "UPDATE " . TABLE_PREFIX . "user SET iga_points=$upoints, iga_lastpointsdate=NOW() WHERE username = '$uuser'";
        $db->query_write($sql);
        define('CP_REDIRECT', 'iga_points.php');
        print_stop_message('iga_points_updated'); 
    }
    
}

print_cp_footer();
?>

The issue occurs in the "add via division" section. The message appears, saying that it has added the points but the queries are not actually being executed. Any suggestions would be helpful! This is coming along nicely for me!

[ozzy47]

Not entirely sure but I believe iga_lastpointsdate = NOW should be iga_lastpointsdate = TIMENOW

[KGodel]

The NOW works. I've tested that. ^^ The newest addition was the "div" and "divadd" parts. I'm thinking there is something wonky when I attempt to pass the array of values from the multiple-selection box. All other methods of input work, so that's why I think it has to be that part of the query.

EDIT: I found the error. I needed to add square brackets to the names of the multi-select menus in order to have them pass the information as an array. Thanks for the help!

[tbworld]

The correct function is being used: NOW() is a database function and does refer to the immediate timedate stamp, "timenow()" is the PHP version.

@KGodel, I am too busy today, but I will try to take a look at it tomorrow if no one has answered your question.