$betadd = $user_data['bets'] + 1;
$username = $user_data['username'];
$userid = $user_data['user_id'];
$value = $_POST['wager'];
$setcoins = $user_data['coins'] - $value;
mysql_query("INSERT INTO `multiplayer` (value, player1) VALUES ($value, $username)");
I had it inserting into the table at one point, but now it doesn't work, Value is an INT (11) and player1 is a VARCHAR(32). But it doesn't insert into the columns, can anyone help?
I would suggest you to encapsulate your variables and to debug your query by doing
mysql_query("INSERT INTO `multiplayer` (value, player1) VALUES ('$value', '$username')") or die(mysql_error());
Then I would like to remember you that mysql_ functions are deprecated so i would advise you to switch to mysqli or PDO and indeed you are at risk of sql injection, have a look here How can I prevent SQL injection in PHP?. You should use prepared statment to avoid any risk
change your
mysql_query("INSERT INTO `multiplayer` (value, player1) VALUES ($value, $username)");
to this
mysql_query("INSERT INTO `multiplayer` (value, player1) VALUES ('{$value}', '{$username)}'");
you need to add quotes to your values when you add it to db.. also I would suggest you look into PDO or mysqli .. mysql_query is deprecated and is not safe..
Dins
