-
Notifications
You must be signed in to change notification settings - Fork 0
/
balance.php
49 lines (38 loc) · 1.34 KB
/
balance.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
<?php
/*
* This script gets the user balance from the database. A file to connect to the database is included.
* $coins can be used to display the user's balance.
* To get the new balance dynamically the new balance is only displayed, if it's a xmlhttprequest to
* prevent that the balance is echoed on the site when it shouldn't.
*/
// Start the session
session_start();
// Check if the user is logged in, if not redirect him to the startpage
if(!$_SESSION['loggedin']){
header('Location: index.php');
die();
}
// Connect to the database
include('db_connect.php');
// Prepare the statement to prevent SQL injection
if ($stmt = $connect->prepare('SELECT coins FROM User WHERE user_id = ?')) {
// Replace the questionmark with the session user id
$stmt->bind_param('i', $_SESSION['user_id']);
// Execute the upper statement
$stmt->execute();
// Store the result of the query in the variable $coins
$stmt->store_result();
$stmt->bind_result($coins);
$stmt->fetch();
} else{
$connect->close();
die('Couldn\'t get balance');
}
// Get the array with all headers
$array_headers = getallheaders();
// Check if a xmlhttprequest was made
if (array_key_exists('HTTP_X_REQUESTED_WITH', $array_headers) && in_array('xmlhttprequest', $array_headers)){
// Get the new balance dynamically
echo $coins;
}
?>