By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,320 Members | 2,109 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,320 IT Pros & Developers. It's quick & easy.

checking for values in MySQL and other conditions not working???

P: n/a
I'm trying to redirect when testing for certain condidtions as shown
below. When the conditions are ture, it redirects, but still goes ahead and
processes the sql query. What am I doing wrong??? And then sometimes when
the conditions are correct, it doens't redirect. It appears to be very
inconsistent.

Any suggestions would be greatly appreciated.

//Check for repeat name
$result = mysql_query("SELECT * FROM survey WHERE FirstName =
'".$FirstName."' AND LastName = '".$LastName."' ");
$num_rows = mysql_num_rows($result);
if($num_rows > 0){header("location: ./oops.htm");};

//Check for repeat email
$result = mysql_query("SELECT * FROM survey WHERE EmailAddress =
'".$EmailAddress."' ");
$num_rows = mysql_num_rows($result);
if($num_rows > 0){header("location: ./oops.htm");};

//Check for existance of first name, last name, and email
if(!$FirstName){header("location: ./oops.htm");};
if(!$LastName){header("location: ./oops.htm");};
if(!$EmailAddress){header("location: ./oops.htm");};

$newrecord = ("INSERT INTO survey (FirstName) values ($'Joe')");
$result=mysql_query($newrecord);

//Redirect to thankyou
header("location: ./thanks.htm");
Jul 16 '05 #1
Share this Question
Share on Google+
2 Replies


P: n/a
On Fri, 08 Aug 2003 23:22:19 GMT, "Paris_Sucks" <pa*********@hotmail.com>
wrote:
I'm trying to redirect when testing for certain condidtions as shown
below. When the conditions are ture, it redirects, but still goes ahead and
processes the sql query. What am I doing wrong??? And then sometimes when
the conditions are correct, it doens't redirect. It appears to be very
inconsistent.

Any suggestions would be greatly appreciated.
Deep breath...
//Check for repeat name
$result = mysql_query("SELECT * FROM survey WHERE FirstName =
'".$FirstName."' AND LastName = '".$LastName."' ");
Problem 1: Any of the these queries could fail, but you're not checking for
errors.

Never ignore the return value of mysql_query; if there's an error, it returns
false, and the reason for the error is available in mysql_error().

For debugging use something like:

$result = mysql_query($query)
or die ("Query failed:<br>$query<br>Error: " . mysql_error());

This will show you the error, which query caused it, and prevent your script
carrying on past a failed query and getting into even worse trouble with
undefined variables and resource handles (as above).

Problem 2 (possibly): Are those variables $FirstName and $LastName properly
escaped? i.e. are all single quotes turned into \' ?
$num_rows = mysql_num_rows($result);
Problem 3: All you're looking for is whether there is a row. However you're
fetching all the data from the database, then ignoring it.

If you want to count how many rows match, use COUNT(*) in the SQL, and fetch
the single row it will return, and get the number from there.
if($num_rows > 0){header("location: ./oops.htm");};
Problem 4: You send an invalid Location header here. Location headers have to
be absolute URLs according to the HTTP specification.

Problem 5: Just because you send a Location header does not mean the script
stops here. You'll carry on to the next bit, and possibly send more Location
headers. If you want to send the header then stop, use exit().
//Check for repeat email
$result = mysql_query("SELECT * FROM survey WHERE EmailAddress =
'".$EmailAddress."' ");
$num_rows = mysql_num_rows($result);
if($num_rows > 0){header("location: ./oops.htm");};

//Check for existance of first name, last name, and email
if(!$FirstName){header("location: ./oops.htm");};
if(!$LastName){header("location: ./oops.htm");};
if(!$EmailAddress){header("location: ./oops.htm");};

$newrecord = ("INSERT INTO survey (FirstName) values ($'Joe')");
Problem 6: Why the brackets around the string?
Problem 7: ($'Joe') ? Did you just mean ('Joe')? Or ('$Joe')?
$result=mysql_query($newrecord);
This will fail due Problem 7, and you'll carry on regardless due to Problem 1
despite it not having worked.
//Redirect to thankyou
header("location: ./thanks.htm");


--
Andy Hassall (an**@andyh.co.uk) icq(5747695) (http://www.andyh.co.uk)
Space: disk usage analysis tool (http://www.andyhsoftware.co.uk/space)
Jul 16 '05 #2

P: n/a
Thanks much for you reply. IT was the exit(); commands that I needed to
include.

Thanks again,

Jeff.

"Andy Hassall" <an**@andyh.co.uk> wrote in message
news:so********************************@4ax.com...
On Fri, 08 Aug 2003 23:22:19 GMT, "Paris_Sucks" <pa*********@hotmail.com>
wrote:
I'm trying to redirect when testing for certain condidtions as shown
below. When the conditions are ture, it redirects, but still goes ahead andprocesses the sql query. What am I doing wrong??? And then sometimes whenthe conditions are correct, it doens't redirect. It appears to be very
inconsistent.

Any suggestions would be greatly appreciated.
Deep breath...
//Check for repeat name
$result = mysql_query("SELECT * FROM survey WHERE FirstName =
'".$FirstName."' AND LastName = '".$LastName."' ");


Problem 1: Any of the these queries could fail, but you're not checking

for errors.

Never ignore the return value of mysql_query; if there's an error, it returns false, and the reason for the error is available in mysql_error().

For debugging use something like:

$result = mysql_query($query)
or die ("Query failed:<br>$query<br>Error: " . mysql_error());

This will show you the error, which query caused it, and prevent your script carrying on past a failed query and getting into even worse trouble with
undefined variables and resource handles (as above).

Problem 2 (possibly): Are those variables $FirstName and $LastName properly escaped? i.e. are all single quotes turned into \' ?
$num_rows = mysql_num_rows($result);
Problem 3: All you're looking for is whether there is a row. However

you're fetching all the data from the database, then ignoring it.

If you want to count how many rows match, use COUNT(*) in the SQL, and fetch the single row it will return, and get the number from there.
if($num_rows > 0){header("location: ./oops.htm");};
Problem 4: You send an invalid Location header here. Location headers

have to be absolute URLs according to the HTTP specification.

Problem 5: Just because you send a Location header does not mean the script stops here. You'll carry on to the next bit, and possibly send more Location headers. If you want to send the header then stop, use exit().
//Check for repeat email
$result = mysql_query("SELECT * FROM survey WHERE EmailAddress =
'".$EmailAddress."' ");
$num_rows = mysql_num_rows($result);
if($num_rows > 0){header("location: ./oops.htm");};

//Check for existance of first name, last name, and email
if(!$FirstName){header("location: ./oops.htm");};
if(!$LastName){header("location: ./oops.htm");};
if(!$EmailAddress){header("location: ./oops.htm");};

$newrecord = ("INSERT INTO survey (FirstName) values ($'Joe')");
Problem 6: Why the brackets around the string?
Problem 7: ($'Joe') ? Did you just mean ('Joe')? Or ('$Joe')?
$result=mysql_query($newrecord);


This will fail due Problem 7, and you'll carry on regardless due to

Problem 1 despite it not having worked.
//Redirect to thankyou
header("location: ./thanks.htm");


--
Andy Hassall (an**@andyh.co.uk) icq(5747695) (http://www.andyh.co.uk)
Space: disk usage analysis tool (http://www.andyhsoftware.co.uk/space)

Jul 16 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.