Hi, I am trying to set up so that users on my site can pay to upgrade there account. What i thought would work but does not seem to be is this: <input type="hidden" name="return" value="http://www.web.com/upgrade-account-process.php?id={$sessionid}"> Code (markup): Then in the upgradeaccount-process.php i have done: if (isset($_GET['type'])){ $sdate = date("Y-m-d"); $query = mysql_query("UPDATE `users` SET type='1', sdate='$sdate' WHERE id = '$_GET[id]'"); header("Location: members.php"); /* Redirect browser */ exit(); } PHP: But when i tried this it does not upgrade, have i done something wrong? Cheers, Adam
Hello, Check that you need to actually output PHP, not HTML: <input type="hidden" name="return" value="http://www.web.com/upgrade-account-process.php?id=<?=$sessionid;?>"> PHP: Also, your SQL can suffer from injection* so, I'd add some mysql_real_escape_string in there. Jay * Depending on your PHP configuration (i.e. magic quotes).
($_GET['type']) should be ($_GET['return']) the isset condition can't see $_GET['type'] because there is none <input type="hidden" name="return" value="http://www.web.com/upgrade-account-process.php?id={$sessionid}"> maybe sdate=".'$sdate'."
Incorrect. The MySQL Query is within double quotes, therefore variables are parsed. Also, your syntax is wrong as it would simply add $sdate, and not's it's value. Jay
<input type="hidden" name="return" value="http://www.web.com/upgrade-account-process.php?id=<? echo $sessionid;?>"> PHP: Try that, also you should try using $_POST. and a proper form.