IF condition with database

1

Personal I'm doing a money transfer system via php with database, I have an option showing all users of the database and a text field to insert a value, as I do so that the user can not get select it yourself and raise your money

Field code:

$result_usuario = "SELECT usuario FROM 'usuarios'";
$mostra_dados = mysqli_query($conn, $result_usuario);
while($rows_cursos = mysqli_fetch_assoc($mostra_dados)){
<option name="id" value="<?php echo $rows_cursos['id'];?>"><?php echo $rows_cursos['usuario'];?></option>

Code to update and verify:

if ($id['id'] == $rows1['id']){
    $_SESSION['id'] = $id;
    echo "<br><div class='alert alert-success'>Impossivel enviar dinheiro para voce mesmo ESPERTALHÂO</div>";
} elseif ($dinheiro > $rows['dinheiro']){
    $_SESSION['dinheiro'] = $dinheiro;
    echo "<br><div class='alert alert-success'> Sem Dinheiro Suficiente seu saldo de dinheiro em carteira é de ". $rows2['dinheiro'] ." Reais </div>";
} else {
    $recebe_dados1 = "UPDATE usuarios SET dinheiro = dinheiro -'$dinheiro' WHERE id = '".$_SESSION['usuarioId'] ."'"; 
    $recebe_dados2 = "UPDATE usuarios SET dinheiro = dinheiro +'$dinheiro' WHERE id = '".$rows1['id'] ."'"; 
    $recebe_dados4 = "UPDATE usuarios SET total = dinheiro + depositado WHERE id = '". $_SESSION['usuarioId'] ."'";
    echo "<script>window.location='?pagina=logado';alert('Você fez uma transferencia de $dinheiro Reais.');</script>";
    
asked by anonymous 30.07.2018 / 22:09

1 answer

3

Your code has an inconsistency. Maybe more ... But I will quote one that is very clear to me.

In this select you only select the user field and then you want to try to use the id. So this will not work. The right thing would be like this:

"SELECT id,usuario FROM 'usuarios'"

For you to select all users except what is logged in, you can do this directly in the database:

$result_usuario = "SELECT id,usuario FROM 'usuarios' WHERE NOT id = ".$_SESSION['id'];

This way the smart guy will not be able to select himself.

Of course, at the time of the transfer it is good to see if he has not managed to launch his own id. This if would do something like this:

if ($_SESSION['id'] != $_POST['id'] && $dinheiro >= $_POST['dinheiro']){
    // transferindo...
    // update...
}
    
30.07.2018 / 22:21