Change:
PHP Code:
if($isloggedin == 'yes') {
$user = $_GET["user"];
$user = preg_replace("/[^a-zA-Z0-9\\040.]/", "", $user);
$user = secure($user);
$gm = $_GET["gm"];
$gm = secure($gm);
$query = "SELECT * FROM ".$prefix."users WHERE username = '$loggedinname'";
$result = @mysql_query($query);
//Loop out code
$i=0;
while ($i < 1) {
$money=@mysql_result($result,$i,"money");
$i++;
}
$query = "SELECT * FROM ".$prefix."users WHERE username = '$user'";
$result = @mysql_query($query);
//Loop out code
$i=0;
while ($i < 1) {
$money2=@mysql_result($result,$i,"money");
$i++;
}
$cashs = $cash - $gm;
$cashs2 = $cash2 + $gm;
if($gm !> $cash){
$query = 'UPDATE `'.$dbname.'`.`'.$prefix.'users` SET `money` = \''.$cashs.'\' WHERE `'.$prefix.'users`.`username` = '.$loggedinname.';';
mysql_query($query);
$query = 'UPDATE `'.$dbname.'`.`'.$prefix.'users` SET `money` = \''.$cashs2.'\' WHERE `'.$prefix.'users`.`username` = '.$user.';';
mysql_query($query);
$article_content = "[Put a nice message of it's success]";
}
To:
PHP Code:
if($isloggedin == 'yes') {
$user = $_GET["user"];
$user = preg_replace("/[^a-zA-Z0-9\\040.]/", "", $user);
$user = secure($user);
$gm = $_GET["gm"];
$gm = secure($gm);
$query = "SELECT * FROM ".$prefix."users WHERE username = '$loggedinname'";
$result = @mysql_query($query);
//Loop out code
$i=0;
while ($i < 1) {
$money=@mysql_result($result,$i,"money");
$i++;
}
$query = "SELECT * FROM ".$prefix."users WHERE username = '$user'";
$result = @mysql_query($query);
//Loop out code
$i=0;
while ($i < 1) {
$money2=@mysql_result($result,$i,"money");
$i++;
}
$cashs = $cash - $gm;
$cashs2 = $cash2 + $gm;
if($gm <= $cash){
$query = 'UPDATE `'.$dbname.'`.`'.$prefix.'users` SET `money` = \''.$cashs.'\' WHERE `'.$prefix.'users`.`username` = '.$loggedinname.';';
mysql_query($query);
$query = 'UPDATE `'.$dbname.'`.`'.$prefix.'users` SET `money` = \''.$cashs2.'\' WHERE `'.$prefix.'users`.`username` = '.$user.';';
mysql_query($query);
$article_content = "[Put a nice message of it's success]";
}
}