PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Moderator: General Moderators
Pearl
Forum Newbie
Posts: 6 Joined: Sun Oct 17, 2010 6:06 am
Post
by Pearl » Mon Oct 18, 2010 10:01 am
It keeps inserting the data in lecturer and members.......even if $qry[4]=='Student....cant anyone help me??'
Code: Select all
$qry= "SELECT * FROM members";
if ($qry){
$qry = "INSERT INTO members(firstname, lastname, login, passwd,type) VALUES('$fname','$lname','$login','".md5($_POST['password'])."','$type')";
if ($qry[4]=='Student'){
$qry2="INSERT INTO student( firstname, lastnamename) VALUES('$fname','$lname')";}
else
{ $qry2 = "INSERT INTO lecturer( lecturer_fname, lecturer_lname) VALUES('$fname','$lname')";
} }
$result = @mysql_query($qry);
$result2= @mysql_query($qry2);
//Check whether the query was successful or not
if($result) {
if($result2)
header("location: register-success.php");
exit();
}else {
die("Query failed");
}
?>
Jonah Bron
DevNet Master
Posts: 2764 Joined: Thu Mar 15, 2007 6:28 pm
Location: Redding, California
Post
by Jonah Bron » Mon Oct 18, 2010 11:41 am
What you posted should work. The problem is somewhere else apparently. Try echoing the value of $qry[4] and see what it is?
Pearl
Forum Newbie
Posts: 6 Joined: Sun Oct 17, 2010 6:06 am
Post
by Pearl » Mon Oct 18, 2010 12:03 pm
I have no idea what the problem is......this is the whole php code just incase the problem is somewhere else...
Code: Select all
<?php
//Start session
session_start();
//Include database connection details
require_once('config.php');
//Array to store validation errors
$errmsg_arr = array();
//Validation error flag
$errflag = false;
//Connect to mysql server
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
die('Failed to connect to server: ' . mysql_error());
}
//Select database
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
die("Unable to select database");
}
//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
//Sanitize the POST values
$fname = clean($_POST['fname']);
$lname = clean($_POST['lname']);
$login = clean($_POST['login']);
$password = clean($_POST['password']);
$cpassword = clean($_POST['cpassword']);
$type= clean($_POST['type']);
//Input Validations
if($fname == '') {
$errmsg_arr[] = 'First name missing';
$errflag = true;
}
if($lname == '') {
$errmsg_arr[] = 'Last name missing';
$errflag = true;
}
if($login == '') {
$errmsg_arr[] = 'Login ID missing';
$errflag = true;
}
if($password == '') {
$errmsg_arr[] = 'Password missing';
$errflag = true;
}
if($cpassword == '') {
$errmsg_arr[] = 'Confirm password missing';
$errflag = true;
}
if( strcmp($password, $cpassword) != 0 ) {
$errmsg_arr[] = 'Passwords do not match';
$errflag = true;
}
if($type == '') {
$errmsg_arr[] = 'Signning in As missing';
$errflag = true;
}
//Check for duplicate login ID
if($login != '') {
$qry = "SELECT * FROM members WHERE login='$login'";
$result = mysql_query($qry);
if($result) {
if(mysql_num_rows($result) > 0) {
$errmsg_arr[] = 'Login ID already in use';
$errflag = true;
}
@mysql_free_result($result);
}
else {
die("Query failed");
}
}
//If there are input validations, redirect back to the registration form
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: register-form.php");
exit();
}
//Create INSERT query
$qry= "SELECT * FROM members";
if ($qry){
$qry = "INSERT INTO members(firstname, lastname, login, passwd,type) VALUES('$fname','$lname','$login','".md5($_POST['password'])."','$type')";
if ($qry[5]=='Students'){
$qry2="INSERT INTO student(firstname, lastname) VALUES('$fname','$lname')";}
else
{ $qry2 = "INSERT INTO lecturer( lecturer_fname, lecturer_lname) VALUES('$fname','$lname')";
} }
$result = @mysql_query($qry);
$result2= @mysql_query($qry2);
//Check whether the query was successful or not
if($result) {
if($result2)
header("location: register-success.php");
exit();
}else {
die("Query failed");
}
?>
twinedev
Forum Regular
Posts: 984 Joined: Tue Sep 28, 2010 11:41 am
Location: Columbus, Ohio
Post
by twinedev » Mon Oct 18, 2010 12:04 pm
You are assigning $qry to be an insert statement string before you are trying to use it as a array.
-Greg
Pearl
Forum Newbie
Posts: 6 Joined: Sun Oct 17, 2010 6:06 am
Post
by Pearl » Mon Oct 18, 2010 12:35 pm
I dont get it....could you explain??
twinedev
Forum Regular
Posts: 984 Joined: Tue Sep 28, 2010 11:41 am
Location: Columbus, Ohio
Post
by twinedev » Mon Oct 18, 2010 12:53 pm
Code: Select all
$qry = "INSERT INTO members ..[REMOVED].. ";
if ($qry[5]=='Students'){
You set $qry to be a string, the next line you are doing an if statement against it like it was an array.
-Greg
Pearl
Forum Newbie
Posts: 6 Joined: Sun Oct 17, 2010 6:06 am
Post
by Pearl » Mon Oct 18, 2010 1:05 pm
that still doesnt fix the problem...
the codes works...its just that it inserts the data into the same tables regardless of the condition.............
twinedev
Forum Regular
Posts: 984 Joined: Tue Sep 28, 2010 11:41 am
Location: Columbus, Ohio
Post
by twinedev » Mon Oct 18, 2010 5:53 pm
What doesn't fix the problem? I didn't offer any change to it, just pointed out that you have an if statement that checks against a a variable that is always set to the same thing the line before, thus will always return the same value.
Pearl
Forum Newbie
Posts: 6 Joined: Sun Oct 17, 2010 6:06 am
Post
by Pearl » Mon Oct 18, 2010 7:35 pm
ok.....so what do you suggest??....
twinedev
Forum Regular
Posts: 984 Joined: Tue Sep 28, 2010 11:41 am
Location: Columbus, Ohio
Post
by twinedev » Tue Oct 19, 2010 12:58 pm
Have it actually do an if statement on an item that could possibly be more than one value when you get to the if statement.