First of all, don't concatenate text directly to a SQL statement. This leaves you open to
SQL injection - Wikipedia[
^]. Instead, use parameters, see
PHP MySQL Prepared Statements[
^]
What comes to the actual question, I'd do the calculation in the query instead of fetching all the data and looping in the program. You didn't post the exact table structure but the calculation in the query could look something like
SELECT SUM(:interest * payment.amount) AS Total
FROM payment
WHERE payment.application_id = :application_id
AND payment.account = :accno
AND payment.status = 'Verified!'
Note that bind variables have been used in both
SELECT
and
WHERE
clauses. For more examples about SUM, see
MySQL SUM - Calculating The Sum of Values[
^]
As a side note, using a piece of text to define the status is an error prone approach. Instead I would recommend using for example numeric, controlled, and enumerated values to indicate a status. For example 1 is open, 2 is cancelled, 3 is verified or which ever options you may have