|
P: n/a
|
I'm trying to redirect when testing for certain condidtions as shown
below. When the conditions are ture, it redirects, but still goes ahead and
processes the sql query. What am I doing wrong??? And then sometimes when
the conditions are correct, it doens't redirect. It appears to be very
inconsistent.
Any suggestions would be greatly appreciated.
//Check for repeat name
$result = mysql_query("SELECT * FROM survey WHERE FirstName =
'".$FirstName."' AND LastName = '".$LastName."' ");
$num_rows = mysql_num_rows($result);
if($num_rows > 0){header("location: ./oops.htm");};
//Check for repeat email
$result = mysql_query("SELECT * FROM survey WHERE EmailAddress =
'".$EmailAddress."' ");
$num_rows = mysql_num_rows($result);
if($num_rows > 0){header("location: ./oops.htm");};
//Check for existance of first name, last name, and email
if(!$FirstName){header("location: ./oops.htm");};
if(!$LastName){header("location: ./oops.htm");};
if(!$EmailAddress){header("location: ./oops.htm");};
$newrecord = ("INSERT INTO survey (FirstName) values ($'Joe')");
$result=mysql_query($newrecord);
//Redirect to thankyou
header("location: ./thanks.htm");
| |
Share this Question
|
P: n/a
|
On Fri, 08 Aug 2003 23:22:19 GMT, "Paris_Sucks" <pa*********@hotmail.com>
wrote: I'm trying to redirect when testing for certain condidtions as shown
below. When the conditions are ture, it redirects, but still goes ahead and
processes the sql query. What am I doing wrong??? And then sometimes when
the conditions are correct, it doens't redirect. It appears to be very
inconsistent.
Any suggestions would be greatly appreciated.
Deep breath...
//Check for repeat name
$result = mysql_query("SELECT * FROM survey WHERE FirstName =
'".$FirstName."' AND LastName = '".$LastName."' ");
Problem 1: Any of the these queries could fail, but you're not checking for
errors.
Never ignore the return value of mysql_query; if there's an error, it returns
false, and the reason for the error is available in mysql_error().
For debugging use something like:
$result = mysql_query($query)
or die ("Query failed:<br>$query<br>Error: " . mysql_error());
This will show you the error, which query caused it, and prevent your script
carrying on past a failed query and getting into even worse trouble with
undefined variables and resource handles (as above).
Problem 2 (possibly): Are those variables $FirstName and $LastName properly
escaped? i.e. are all single quotes turned into \' ?
$num_rows = mysql_num_rows($result);
Problem 3: All you're looking for is whether there is a row. However you're
fetching all the data from the database, then ignoring it.
If you want to count how many rows match, use COUNT(*) in the SQL, and fetch
the single row it will return, and get the number from there.
if($num_rows > 0){header("location: ./oops.htm");};
Problem 4: You send an invalid Location header here. Location headers have to
be absolute URLs according to the HTTP specification.
Problem 5: Just because you send a Location header does not mean the script
stops here. You'll carry on to the next bit, and possibly send more Location
headers. If you want to send the header then stop, use exit().
//Check for repeat email
$result = mysql_query("SELECT * FROM survey WHERE EmailAddress =
'".$EmailAddress."' ");
$num_rows = mysql_num_rows($result);
if($num_rows > 0){header("location: ./oops.htm");};
//Check for existance of first name, last name, and email
if(!$FirstName){header("location: ./oops.htm");};
if(!$LastName){header("location: ./oops.htm");};
if(!$EmailAddress){header("location: ./oops.htm");};
$newrecord = ("INSERT INTO survey (FirstName) values ($'Joe')");
Problem 6: Why the brackets around the string?
Problem 7: ($'Joe') ? Did you just mean ('Joe')? Or ('$Joe')?
$result=mysql_query($newrecord);
This will fail due Problem 7, and you'll carry on regardless due to Problem 1
despite it not having worked.
//Redirect to thankyou
header("location: ./thanks.htm");
--
Andy Hassall (an**@andyh.co.uk) icq(5747695) ( http://www.andyh.co.uk)
Space: disk usage analysis tool ( http://www.andyhsoftware.co.uk/space) | |
|
P: n/a
|
Thanks much for you reply. IT was the exit(); commands that I needed to
include.
Thanks again,
Jeff.
"Andy Hassall" <an**@andyh.co.uk> wrote in message
news:so********************************@4ax.com... On Fri, 08 Aug 2003 23:22:19 GMT, "Paris_Sucks" <pa*********@hotmail.com>
wrote:
I'm trying to redirect when testing for certain condidtions as shown
below. When the conditions are ture, it redirects, but still goes ahead
andprocesses the sql query. What am I doing wrong??? And then sometimes
whenthe conditions are correct, it doens't redirect. It appears to be very
inconsistent.
Any suggestions would be greatly appreciated.
Deep breath...
//Check for repeat name
$result = mysql_query("SELECT * FROM survey WHERE FirstName =
'".$FirstName."' AND LastName = '".$LastName."' ");
Problem 1: Any of the these queries could fail, but you're not checking
for errors.
Never ignore the return value of mysql_query; if there's an error, it
returns false, and the reason for the error is available in mysql_error().
For debugging use something like:
$result = mysql_query($query)
or die ("Query failed:<br>$query<br>Error: " . mysql_error());
This will show you the error, which query caused it, and prevent your
script carrying on past a failed query and getting into even worse trouble with
undefined variables and resource handles (as above).
Problem 2 (possibly): Are those variables $FirstName and $LastName
properly escaped? i.e. are all single quotes turned into \' ?
$num_rows = mysql_num_rows($result);
Problem 3: All you're looking for is whether there is a row. However
you're fetching all the data from the database, then ignoring it.
If you want to count how many rows match, use COUNT(*) in the SQL, and
fetch the single row it will return, and get the number from there.
if($num_rows > 0){header("location: ./oops.htm");};
Problem 4: You send an invalid Location header here. Location headers
have to be absolute URLs according to the HTTP specification.
Problem 5: Just because you send a Location header does not mean the
script stops here. You'll carry on to the next bit, and possibly send more
Location headers. If you want to send the header then stop, use exit().
//Check for repeat email
$result = mysql_query("SELECT * FROM survey WHERE EmailAddress =
'".$EmailAddress."' ");
$num_rows = mysql_num_rows($result);
if($num_rows > 0){header("location: ./oops.htm");};
//Check for existance of first name, last name, and email
if(!$FirstName){header("location: ./oops.htm");};
if(!$LastName){header("location: ./oops.htm");};
if(!$EmailAddress){header("location: ./oops.htm");};
$newrecord = ("INSERT INTO survey (FirstName) values ($'Joe')");
Problem 6: Why the brackets around the string?
Problem 7: ($'Joe') ? Did you just mean ('Joe')? Or ('$Joe')?
$result=mysql_query($newrecord);
This will fail due Problem 7, and you'll carry on regardless due to
Problem 1 despite it not having worked.
//Redirect to thankyou
header("location: ./thanks.htm");
--
Andy Hassall (an**@andyh.co.uk) icq(5747695) (http://www.andyh.co.uk)
Space: disk usage analysis tool (http://www.andyhsoftware.co.uk/space) | | This discussion thread is closed Replies have been disabled for this discussion. | |  Question stats - viewed: 5073
- replies: 2
- date asked: Jul 16 '05
|
