Code flow bug

Anon

The test project I am working on is finished and I have been testing it for bugs. I found a strange bug and I was curious if anyone could tell me why it is happening. I have some code to update values of a database with a 1 or 0. The code also detects if the database is null as well. If it is not null it will redirect. I have a message set up in case the user hits the submit button without answering the question they get a warning to please answer the question. If they hit the submission button once the message pops up. However if they hit it again without answering the question the database is being updated with a zero and then the null checking code is redirecting because it is detecting the zero. I was curious why the code is doing this. Here it is.

// checks to see if database in empty. If yes continue, if not go to question already answered page.

$query = mysql_query("SELECT questionone FROM test WHERE id = $session[id] and
questionone is not null");
if (mysql_num_rows($query) > 0)
{
header("Location: question already answered .SID );
}
$message="";
$numone=1;
$numtwo=0;
date("Y-m-d H:i:s");
$testdate=date("Y-m-d H:i:s");

//This inserts usernames and then updates the database

if (isset( $actionflag ) && $actionflag=="q1" )
{
mysql_query("INSERT INTO test ( id, username, password, testdate )
VALUES ( '$session[id]', '$session[username]', '$session[password]', '$testdate' )");
if (($calcE == "answerE") && ($calcB =="") && ($calcC =="")
&& ($calcD =="") && ($calcA ==""))
{
mysql_query("UPDATE test set questionone = $numone WHERE id = $session[id]");
}
else

{
mysql_query("UPDATE test set questionone = $numtwo WHERE id = $session[id]");
}
if (($calcA =="") && ($calcB =="") && ($calcC =="") && ($calcD =="") && ($calcE =="")) {
$message .="You forgot to answer the question!";
}
if ( $message == "" )
{
header("Location: nextquestion SID );
}

//message somewhere in the page

<?php
if ( $submit = "Submit_Answer" )
{
print "<b>$message</B><p>";
}
?>

I not worried about it too much because if they want to play around and keep hitting the submit button they should get the question wrong. However there could be a slight chance someone might hit it twice.

Thanks.

Anon

Hi,

Header("Location: .....") causes the browser to send another http-request for the specified location so it should be an URL and not an error message. You should then match your if (mysql_num_..... with an else. It is possible your browser ignores the location-header since it is malformed and therefore continues execution into you INSERT. In your last if, you also forgot an '='.

Johan