[RESOLVED] small login and redirect from scratch

kralspace

Hi all,

I need to write a small (hopefully) script that will take an accountcode that the user inputs into a form field and check it against 3 columns in the database to decide what to do with the results.

I'm taking a entry level programming logic class right now and the teacher emphasizes getting everything written out in english first, then coding so I was wonder if someone could read over my draft for glaring mistakes before I try to write the actual code for it.

thanks! Kathy

//connect to my server
$host = "localhost";
$user = "myusername"'
$password = "mypassword";
$connection = mysql_connect ("$host", "$user", "$password)
or die ("Couldn't connect to server.");

$database = "hitec"; //my database

// connect to that database
$db = mysql_select_db($database, $connection)
or die ("Couldn't select database.");

I have a database with 3 columns: accountCode, ID, and Visited
The goal is to have a list of accountcodes prelisted in the db with the ID of '1' or '2'
assigned to each, and Visited with "NO" to start with.
Each number can only be claimed once, when some one inputs an
account number, I need the "Visited" column to UPDATE to "YES" so no one else will be able to login with that account number.

The user will come to the page and input their accountCode. I want to have the code check the db and return one of four options:
1.if their account code is not found, return a "sorry, try again" message.
2.if their account code is found, but the visited column has been already been updated to "YES", return a "sorry,
but someone has already activated that account code".
3. if their accountCode is found, "visited" =="NO", and ID == '1',
I need to UPDATE Visited to "YES" and redirect them to a page for conferrees with an ID of '1'
4. if their accountCode is found, "visited" =="NO", and ID =='2'
I need to UPDATE "visited" to "YES" and redirect them to a different page for conferrees with an ID of '2'.

Does this make sense? If so, is it better to use the 'if, else' or 'switch' to list the 4 options?

Weedpacket

I'd go for the if-else construction

if(account not found)
{
    ...case 1
}
else // The account is found
{
    if(the UPDATE column says "YES")
    {
        ...case 2
    }
    elseif(the UPDATE column says "NO")
    {
        ...decide what to do based on ID
    }
    // But can UPDATED be something other than "YES" or "NO"?
}

kralspace

Hi Weedpacket, I was hoping you were around 🙂

I worked on this yesterday and here's my first (and incomplete attempt)

<?php
//Connect To Database
$hostname='localhost;
$username='myname';
$password='mypassword';
$dbname='mydb';
$usertable='registration';
$yourfield = 'accountcode';

mysql_connect($hostname,$username, $password) OR DIE ('Unable to connect to database! Please try again later.');
mysql_select_db($dbname);
$userEntry = "optec12";
$query = "SELECT accountcode, idcode, visited FROM registration
WHERE accountcode = 'optec12'";
$result = mysql_query($query)
or die ("Couldn't execute query.");
$row = mysql_fetch_array($result, MYSQL_ASSOC);
extract($row);

if ($userEntry != $accountcode)//checks to see if account code is in db
{
echo "option 1 Sorry, that acountnumber is not found. $accountcode";
}

//accountcode is good, visited is YES, returns error
elseif ($userEntry == $accountcode and $visited !="NO")
{
echo "option 2: Sorry, your number is taken. $accountcode, $idcode, $visited";
}

//the accountcode is valid, visited is NO so they need to go to a page for "1" designated people.
elseif ($userEntry == $accountcode and $visited=="NO" and $idcode =="1")
{
echo "option 3: You will now be taken to page 1. $accountcode, $idcode, $visited";
// will need to UPDATE $visited from NO to Yes and redirect them to a different page based upon the idcode of "1"
}

//the accountcode is valid, visited is NO and they need to go to a page for "2" designated people
elseif ($userEntry == $accountcode and $visited=="NO" and $idcode =="2")
{
echo "option 4: Since your idcode is 2, you will now be taken to page 2. $accountcode, $idcode, $visited";
// will need to UPDATE $visited from NO to Yes and redirect them to a different page based upon the idcode of "2"
}
?>

I added the "$accountcode, $idcode, $visited" at the end of each reply so I can see which one I'm testing.

no, UPDATE doesnt need to be any particular form, just a way to tell if anyone has hit that number before.

this doesn't look very clean compared to yours, but I'm so new to this I was trying to write it so I can still understand it I guess.

thanks for any suggestions, Kathy

kralspace

Great News! For me anyway...lol.

I no longer have to include the "send to page 1 or send to page 2" code, they've decided to handle that a different way.

I'm going to work on my lunch hour and see if I can rewrite it to fit your structure..... :-), Should be a little easier now.

thanks, Kathy

kralspace

😃

here's my re-write, I'm getting an error message:
"Parse error: parse error, unexpected '{' in /usr/local/httpd/htdocs/cordonline/hitec/newtest-builder.php on line 28"

but I can't figure out if I have an extra one or am missing a{

I also found out I don't have to deal with sending people to different pages, yeah!

//Connect To Database
$hostname='localhost';
$username='myname';
$password='$mypassword';
$dbname='hitec';
$usertable='registration';
$yourfield = 'accountcode';

mysql_connect($hostname,$username, $password) OR DIE ('Unable to connect to database! Please try again later.');
mysql_select_db($dbname);
$userEntry = "optec10";
$query = "SELECT accountcode, visited FROM registration
			WHERE accountcode = 'optec10'";
$result = mysql_query($query)
		or die ("Couldn't execute query.");
$row = mysql_fetch_array($result, MYSQL_ASSOC);
extract($row);


if ($userEntry != $accountcode)//checks to see if account code is in db
	{
	echo "option 1: Sorry, that acountnumber is not found.";	
	}

//accountcode is good	
else ($userEntry == $accountcode)
{
	 	//2 means someone has already claimed that accountnumber
	 	if ($visited !="1")
	{		
		echo "option 2: Sorry, your account number is taken.";
	}

	//1 means the account number is available	
	elseif ($visited=="1")
{
echo "option 3: You are successfully registered and will now be redirected to the buffer page.";
// will need to UPDATE $visited from 1 to 2 and redirect them to a page named buffer.php	
}
}

thanks for taking the time to look at this again,
I was wondering how you got it to color code, thanks jjozsi

Kathy

djjjozsi

Lets see this structure, becouse it has no sense.

else ($userEntry == $accountcode)
{

kralspace

I was trying to write it following the example Weedpacket posted up towards the top of the thread, is that what you mean by seeing the structure?

djjjozsi

See that line in your code where these lines are:

else ($userEntry == $accountcode)
{

else (.........)

is wrong

you should use

elseif(....)

kralspace

Good morning, jjozsi

That did it, funny how 2 letters (if) can fix it.🙂 thanks

When I enter an accountcode that doesn't exist to test the first statement I get this error:

Warning: extract(): First argument should be an array in /usr/local/httpd/htdocs/cordonline/hitec/newtest-builder.php on line 18
option 1: Sorry, that acountnumber is not found.

Is it saying that my

if ($userEntry != $accountcode)//checks to see if account code is in db 
    { 
    echo "option 1: Sorry, that acountnumber is not found.";     

    }

needs a second condition to check to decide that account number is not found?

thanks, Kathy
by the way, it's around noon here, what time is it in Hungary?

djjjozsi

As i see your code isn't looks like as Weedpacket suggested.

Lets use mysql_num_rows() to count the results first,

if it is 0 then print "the code is not in"

if it is 1 then use mysql_fetch_assoc on that "ONE" row.

by the way, it's around noon here, what time is it in Hungary?

It's about 8 PM here🙂

djjjozsi

if you need better conditions, build switch case:

this is not the final code, but you can learn from it how you should think of this project 🙂

<?php

//Connect To Database
$hostname='localhost';
$username='myname';
$password='$mypassword';
$dbname='hitec';
$usertable='registration';
$yourfield = 'accountcode';

mysql_connect($hostname,$username, $password) OR die ('Unable to connect to database! Please try again later.');
mysql_select_db($dbname);

//$userEntry = $_POST["userEntry"];
$userEntry = "optec10";  // i think this is just testing...


$userEntry=mysql_real_escape_string($userEntry);

$query = "SELECT * FROM registration WHERE accountcode = '$userEntry'";
$result = mysql_query($query)
        or  die ("Couldn't execute query. error: ".mysql_error());

if(mysql_affected_rows()<1)
    {
    echo "option 1: Sorry, that acountnumber is not found.";    

    }
else
{
$row = mysql_fetch_assoc($result);
extract($row);
//accountcode is good  

     //2 means someone has already claimed that accountnumber
switch($visited)
{
	case 2: 
	    echo "option 2: Sorry, your account number is taken.";
	break;

	case 1: 

		 /* UPDATE comes here*/
		 $sites=array('1'=>'page_one.php' , '2'=>'page_2.php');

		echo "option 3: You are successfully registered and will now be redirected to the buffer page.";
		echo "redirected to the page: ".$sites[$idcode];

	break;

	default:
	 die ("option: if this happens, then report to the admin!");	

} // switch

} 

?>

kralspace

Does this look better? I noticed an email from PHPbuilder popped up while I'm typing this post so it's going to look like I ignored whatever you said in it because I can't read it until I post this ;-(

mysql_connect($hostname,$username, $password) OR DIE ('Unable to connect to database! Please try again later.');
mysql_select_db($dbname);
$userEntry = "optec11";
$query = "SELECT accountcode, visited FROM registration
			WHERE accountcode = 'optec11'";
$result = mysql_query($query)
		or die ("Couldn't execute query.");

//ask it to count the rows so if there are none, it knows there is no accountcode that matches?
$num_rows = mysql_num_rows($result);
if ($num_rows == 0)
	{
	echo "option 1: Sorry, that acountnumber is not found, please try again.";	
	} 		

elseif ($num_rows ==1)
{

$row = mysql_fetch_array($result, MYSQL_ASSOC);
extract($row);

//accountcode is good	
if ($userEntry == $accountcode)
{
	 	//2 means someone has already claimed that accountnumber
	 	if ($visited !="1")
	{		
		echo "option 2: Sorry, your number is taken. $accountcode, $visited";
	}

	//1 means the number is available	
	elseif ($visited=="1")
{
echo "option 3: You are successfully registered and will now be redirected to the buffer page. $accountcode, $visited";
// will need to UPDATE $visited from 1 to 2 and redirect them to buffer.php	
}
}	
}
?>

I've tried all three scenarios on it and it's returning the correct answer now. (wheuuu) I found some posts where you were helping someone with a registration form, so I'm going to print that out now to study and see about putting the form and action with it, so I'll probably be bugging you later.

You guys are good teachers.

djjjozsi

In your query not all the fields has selected which used in your later code (idcode)

SELECT accountcode, visited FROM registration
			WHERE accountcode

In the select this condition has no sense, becouse this two value always the same.

if ($userEntry == $accountcode)

kralspace

When finished, I hope to have a form field named $userEntry that the user will type in, then that will be submitted to the db to compare with the db column "accountname" instead of what I have now, which is declaring $userEntry to be optec11, or optec12, etc.

$userEntry = "optec11"; 
$query = "SELECT accountcode, visited FROM registration 
            WHERE accountcode = 'optec11'";

I'm using a constant right now because I have different optec's in the database with different $visited information so I can see what happens.

Do you think that will work, or am I misreading you? (old artist here, gotta use small words...lol)

thanks, Kathy

djjjozsi

schematic plan:

<?php
function form()
{
/* create here the form */

}

if(!empty($_POST["userEntry"]))
{
	/*Connect to the database*/

$userEntry = $_POST["userEntry"];
$userEntry=mysql_real_escape_string($userEntry); 

/* test comes here*/
}
else
form();

?>

kralspace

Thanks for the schematic, it lays out cleanly what I need to do.

(you would laugh if you saw me working, when you use a phrase like "num_rows = mysql_num_rows($result); " I have to pull out my books and start reading or search the manual. I have the regular PHP/mysql books, but I usually have to look it up first in the Dummie books that explain what the regular books just assume you know and then read the formal explanation)

My boss just came in and pulled me off to do something else, but I'm anxious to try some more. Talk to you later, except you'll probably be asleep..lol

thanks, Kathy

djjjozsi

i won't laugh 🙂

now i go to sack out.

hy!

kralspace

Hi jjozsi!

I've been working on this all day and it seems to be working on all options thanks to your help.

I have it changing 1 to 2 in the 'visited' db column, but I can't get the redirect to buffer.php work, I'm getting an headings error:

Warning: Cannot modify header information - headers already sent by (output started at /usr/local/httpd/htdocs/cordonline/hitec/accountcheck.php:8) in /usr/local/httpd/htdocs/cordonline/hitec/accountcheck.php on line 100

I'm pasting the entire code for the page so you can see if my htm code is inteferring somewhere.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>HI-TEC 2009 - Account Check-in</title>



<?php include("includes/template-top.php"); ?>


<div id="banner"> <img src="images/banner.jpg" alt="conference banner" width="560" height="87" /></div>

<br>		
<h2>HOTEL AND TRAVEL INFORMATION</h2>
<p>

<?php 
function form() 
{ 
/* create here the form */ 
?>
<form method='POST' action='<? print htmlspecialchars($_SERVER["PHP_SELF"]); ?>'> 
  <p>Please enter your Registration Code : 
    <input type='text' name='userEntry' id="userEntry">

<br>
<br>
<input type='hidden' name='commented' value='set'>
<input type='submit' value='Register'>
  </p>

</form> 
<?php
} 

if(!empty($_POST["userEntry"])) 
{ 
    /*Connect to the database*/
$hostname='localhost';
$username='whois';
$password='mine';
$dbname='hitec';
$usertable='registration';
$yourfield = 'accountcode';

mysql_connect($hostname,$username, $password) OR DIE ('Unable to connect to database! Please try again later.');
mysql_select_db($dbname);

$userEntry=mysql_real_escape_string($userEntry); 

$query = "SELECT * FROM registration WHERE accountcode = '$userEntry'"; 
$result = mysql_query($query) 
        or  die ("Couldn't execute query. error: ".mysql_error()); 


/* test comes here*/ 

//ask it to count the rows so if there are none, it knows there is no accountcode that matches?
$num_rows = mysql_num_rows($result);
if ($num_rows == 0)
	{
	echo "The code you entered is invalid. Please be sure you typed your code correctly or check with your ATE Center
	personnel for a different code. $userEntry";	
	} 		

elseif ($num_rows ==1)
{

$row = mysql_fetch_array($result, MYSQL_ASSOC);
extract($row);

//accountcode is good	
if ($userEntry == $accountcode)
{
	 	//2 means someone has already claimed that accountnumber WORKS!!!!!
	 	if ($visited !="1")
	{		
		echo "We already have a registration on file for this registration code.
		Please be sure you typed your code correctly or check with your ATE Center
		personnel for a different code. $accountcode, $visited";
	}

	//1 means the number is available	
	elseif ($visited=="1")
{
// Connect to Mysql, select the correct database, and run the query which updates visited from 1 to 2
	mysql_connect($hostname,$username,$password) or die(mysql_error()); 
	mysql_select_db($dbname) or die(mysql_error()); 


	//this changes the 1 to 2 in visited column WORKS!!!!!!!
	$change_visited = "UPDATE registration SET visited = '2' WHERE accountcode = '$accountcode'"; 

	//use line below to reset all visited to 1 when ready to launch site Friday
	//$change_visited = "UPDATE registration SET visited = '1'"; 

	mysql_query($change_visited) OR die("insert on error" . mysql_error() ." :".$change_visited); 
	echo "thanks";

header ("Location: www.cordonline.net/hitec/buffer.php");
}

}
}	
}//end of mine	


else 
form(); 

?>

</p>

<!-- DO NOT EDIT BELOW THIS LINE, GUYS -->
<p> 
  <?php include("includes/footer.php"); ?>
</p>

Does it have anything to do perhaps with my using the 'include' to call in my template information?

thanks, Kathy

djjjozsi

before the header functions do not print anything. (do not output)

what you should do?

ob_start/B function is a way to redirect the output to a string, then you can use it when its needed.

but, the programming technique is the better way. 🙂

if you have an error message, print the html header, form , error_messages , footer

If all OK , then save the thank You into a session variable , and do not print the others, and use the header location.
you can use the footer and header as php include files.

kralspace

Hmmmm, time to pull out the Dummies Guide again, let me try it on a copy and see what I can screw up here... ;-)

here's the url for the page if you want to take a look

http://www.cordonline.net/hitec/accountcheck.php

thanks, Kathy