I have some question ... example: a user will buy something for his USD

Check his USD Balance Deduct the USD from his account Make an Order -> order queue user gets his item and the other one gets his USD

Lets say, the users makes 5 requests in the same second (very fast). So it is possible (and happen) that 5 requests are running. He has only money to buy only from 1 request. Now the requests are so fast, that the script checks his balance, but is not so fast, that it deduct the money from his account. So the requests will pass two times! How to solve it?

I use LOCK in mysql before I start the process:

IS_FREE_LOCK - check is there a lock for this user if not -> 2. GET_LOCK - sets the lock make the order / transaction RELEASE_LOCK - releases the lock

But this does not really work. Is there another way?

function lock($id) { mysql_query("SELECT GET_LOCK('$id', 60) AS 'GetLock'"); } function is_free($id) { $query = mysql_query("SELECT IS_FREE_LOCK('$id') AS 'free'"); $row = mysql_fetch_assoc($query); if($row['free']) { return true; } else { return false; } } function release_lock($id) { mysql_query("SELECT RELEASE_LOCK('$id')"); } function account_balance($id) { $stmt = $db->prepare("SELECT USD FROM bitcoin_user_n WHERE id = ?"); $stmt->execute(array($id)); $row = $stmt->fetch(PDO::FETCH_ASSOC); return $row['USD']; } if(is_free(get_user_id())) { lock(get_user_id()); if(account_balance(get_user_id()) < str2num($_POST['amount'])) { echo "error, not enough money"; } else { $stmt = $db->prepare("UPDATE user SET USD = USD - ? WHERE id = ?"); $stmt->execute(array(str2num($_POST['amount']), get_user_id())); $stmt = $db->prepare("INSERT INTO offer (user_id, type, price, amount) VALUES (?, ?, ?, ?)"); $stmt->execute(array(get_user_id(), 2, str2num($_POST['amount']), 0)); }

Update Tested the transaction function with SELECT ... FOR UPDATE