This works with 1 entry in the datbase but not 2 entries :-(

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
experience
Forum Newbie
Posts: 2
Joined: Tue Jan 18, 2011 3:29 pm

This works with 1 entry in the datbase but not 2 entries :-(

Post by experience »

Have to admit, i can code in VB.net but not PHP :oops:

The following code connects to the MySQL database and if the email address is in the database and they have paid it will redirect them to the software to download.
However if the user has brought a 2nd copy of the software, 2 entries are present in the MySQL database on separate entries.
When this happens the script directs them to the incorrect email address part meaning they havn't paid or arnt in the database - however they have paid twice

How can i amend it so that aslong as they are in the database and paid they are redirected, even if their email address is present again in a seperate entry?

Code: Select all

<?php
$host="xxxxxxxxxx.com"; // Host name
$username="xxxxxx"; // Mysql username
$password="xxxxxx"; // Mysql password
$db_name="xxxxxx"; // Database name
$tbl_name="orders"; // Table name


// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$CustomerEmail=$_POST['CustomerEmail'];
$IsPaid="-1";
$Product="My Software";

// To protect MySQL injection (more detail about MySQL injection)
$CustomerEmail = stripslashes($CustomerEmail);
$IsPaid = stripslashes($IsPaid);
$Product = stripslashes($Product);
$CustomerEmail = mysql_real_escape_string($CustomerEmail);
$IsPaid = mysql_real_escape_string($IsPaid);
$Product = mysql_real_escape_string($Product);

$sql="SELECT * FROM $tbl_name WHERE CustomerEmail='$CustomerEmail' and IsPaid='$IsPaid' and Product='$Product'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $CustomerEmail, table row must be 1 row

if($count==1){
// Register $CustomerEmail, $IsPaid and redirect to file "login_success.php"
session_register("CustomerEmail");
session_register("IsPaid");
session_register("Product");
header("location:login_success.php");
}
else {
echo "Incorrect Email Address - Please press the back button and check that you have entered your registered email correctly";
}
?>


danwguy
Forum Contributor
Posts: 256
Joined: Wed Nov 17, 2010 1:09 pm
Location: San Diego, CA

Re: This works with 1 entry in the datbase but not 2 entries

Post by danwguy »

only thing I can think of is where you are saying... if($count==1){
try using if($count >= "1"){ you might not need the quotes, I usually put them in though, but you should try both ways. That way it's saying if there is one or more then do this instead of only if there is 1 do this.
experience
Forum Newbie
Posts: 2
Joined: Tue Jan 18, 2011 3:29 pm

Re: This works with 1 entry in the datbase but not 2 entries

Post by experience »

Superb - that worked perfectly!

Many Thanks
Post Reply