Page 1 of 1

error check/control

Posted: Sat Oct 31, 2009 8:16 pm
by nite4000
Problem : I need to have the page stop execution of the code when the info in the text box is not correct with matching the info in the database. I need it to display a msg if ifs the incorrect pin number
Its logging me out when its the incorrect code when it should not it should stay logged in and display a msg. only logout when account is deleted and code matches
Here is all my code below.

Code: Select all

if(strlen($_POST['cancel'])) {
 $pin = escape_data($_POST['pin'],$dbc); //textbox name 
 
//code to remove record from all tables
$r = mysql_query("delete from Users WHERE pin = ".$_POST['pin']."")or die (mysql_error());
$s = mysql_query("delete from Accounts WHERE userId = ".$_SESSION['id']."")or die (mysql_error());
$t = mysql_query("delete from cashout WHERE userid = ".$_SESSION['id']."")or die (mysql_error());
$u = mysql_query("delete from deposits WHERE uid = ".$_SESSION['id']."")or die (mysql_error());
$v = mysql_query("delete from investments WHERE uid = ".$_SESSION['id']."")or die (mysql_error());
$w = mysql_query("delete from referals WHERE memid = ".$_SESSION['id']."")or die (mysql_error());
$x = mysql_query("delete from transfers WHERE mem_id = ".$_SESSION['id']."")or die (mysql_error());
$DONE=TRUE;
}
 
 
Here is the html code
 
 <?php 
if($DONE==TRUE) {
?>
                          <h4 class="left_nav" style="margin-top: 1em;">Account Being Deleted..Please Wait... </h4>
              <p>You are now being logged out. Sorry to see you go</p>
              <?php
} else { 
?>
<form action="termination.php" method="post"><table width="100%">
              <tr>
                <td width="31%">Security Code : </td>
                <td width="69%"><input name="pin" type="text" id="pin" style="width: 200px;" maxlength="20"></td>
              </tr>
               <tr>
                <td colspan="2"><div align="center"><input name="cancel" type="submit" id="cancel" value="Cancel My Account" /></div></td>
              </tr>
              </table>
        </form> <?php } ?>




I hope someone can help me get this going.


Thanks

Re: error check/control

Posted: Sun Nov 01, 2009 1:05 am
by John Cartwright
If you want to detect if the pin exists prior to deleting the row(s), try a select statement for the particular pin.

Code: Select all

$r = mysql_query("SELECT COUNT(*) AS `count`  from Users WHERE pin = '". mysql_real_escape_string($_POST['pin']) ."'")or die (mysql_error());
$r_row = mysql_fetch_assoc($r);
 
if ($r_row['count'] > 0) {
   
   //delete queries
 
} else {
 
   //show error for invalid pin
 
}
However, I would consider validating the pin belongs to the user first.

Re: error check/control

Posted: Sun Nov 01, 2009 5:07 am
by nite4000
my real problem is just getting my error msg to show and keeping me on the page if its the wrong pin #. everything else is pretty much ok

Re: error check/control

Posted: Sun Nov 01, 2009 12:33 pm
by John Cartwright
When mysql triggers an error, this is a bad thing. This should never happen. Design your queries and validation so no errors are ever triggered (similiar to what I showed previously).