I tried to search through the website but couldn't find a suitable answer for my problem or maybe I'm doing it the wrong way, but I'm making actually a Stock Exchange system for my final year project and I came through this problem. First of all, I'm passing a variable through this:
<a href='#' id='<?php echo "". $row['id'] . ""?>' class="sell">
To the jquery:
$(function(){
$(".sell").click(function(){
var element = $(this);
var userid = element.attr("id");
var info = 'id=' + userid;
if (confirm("Do you really want to sell?")){
$.ajax({
url: 'sellstock.php',
type: 'POST',
data: info,
success: function(){
alert('Sold, Please refresh to see your balance');
}
});
$(this).parent().parent().fadeOut(300, function({
$(this).remove();
});
};
return false;
});
});
And the jquery calls the sellstock.php
<?php
include('session_user.php');
$stock_id = $_POST['id'];
$sql_getinfo = "SELECT *
FROM transaction_user
WHERE id='$stock_id'";
$row_info = mysqli_fetch_array($sql_getinfo, MYSQLI_ASSOC);
$company_id = $row_info['company_id'];
$company_shares = $row_info['number_of_shares_bought'];
$company_price = $row_info['Price'];
$company_total = $row_info['Price_Value'];
$updatedbalance = $balance + $company_total;
$sql_stockinfo = "SELECT Shares_for_sale
FROM company_listed
WHERE id='$company_id'";
$row_stock = mysqli_fetch_array($sql_stockinfo, MYSQLI_ASSOC);
$shares = $row_stock['Shares_for_sale'];
$updatedshares = $company_shares + $shares;
$updatebalance = "UPDATE balance SET current_balance = '$updatedbalance' where username ='$login_session'";
$resultbalance = mysqli_query($db , $updatebalance);
$updateshare = "UPDATE company_listed SET Shares_for_sale = '$updatedshares' where id= '$stock_id'";
$resultshare = mysqli_query($db, $updateshare);
$sqldelete = "DELETE FROM transaction_user WHERE id='$stock_id'";
$result = mysqli_query($db, $sqldelete);
header("location: Dashboardd.php");
?>
What I want to do is deleting the stock(from the given id), but before that, it should update the balance of the user and update the shares_for_sale of the company.
$sqldelete = "DELETE FROM transaction_user WHERE id='$stock_id'"; $result = mysqli_query($db, $sqldelete);
The $sqldelete line is actually deleting the transaction, but I cant get any updates for the company and user balance. The update queries are working since when I hardcoded them, it was working but the issue is that with the $stock_id, its not working for the $sql_getinfo and since this is not working the $sql_stockinfo will not work and the $updateshare too.
The $login_session and $balance are called from session_user.php and working fine.
Solved
$sql_getinfo = "SELECT *
FROM transaction_user
WHERE id='$stock_id'";
$result = mysqli_query($db, $sql_getinfo); $row_info = mysqli_fetch_array($);
Its good practice to check the variable before using it in query
if(isset($_POST['id']))
{
$stock_id = $_POST['id'];
}
else {
//Show error message or redirect to the homepage. whatever you prefer
}
No need to add extra quotes
<a href='#' id ='<?php echo $row['id']; ?>' class="sell">
Use the quotes carefully around the variables in queries
$sql_getinfo = "SELECT *
FROM transaction_user
WHERE id= ".$stock_id;
$sql_stockinfo = "SELECT Shares_for_sale
FROM company_listed
WHERE id= ".$company_id;
$updatebalance = "UPDATE balance SET current_balance = ".$updatedbalance." where username = '".$login_session."'";
$updateshare = "UPDATE company_listed SET Shares_for_sale = ".$updatedshares." where id= ".$stock_id;
$sqldelete = "DELETE FROM transaction_user WHERE id= ".$stock_id;