[RESOLVED] Incorrect desired results from code..

IceRegent

Hello. I am trying to create a certain response based upon a $_POST variable and a DATABASE look-up. I am getting the post over to the new script, and I am getting the database objects retrieved correctly, however, I am wanting to give an error message if the user-name exists in the database, and return to the registration script, or, validate that the user-name doesn't exist and then insert into the database, and give a validation response and return to my main script. I have created a script that is called by the registration form, and included in some dummy data and echo statements to observe the response, however, I cannot seem to get the desired results. Here is the script:

<?php
session_start();
include $_SERVER['DOCUMENT_ROOT'] . '/include/config.php';
$username = $_POST['name'];
$password = $_POST['pass'];
$bandname = $_POST['band'];
$banddesc = $_POST['desc'];
$bandgenre = $_POST['genre'];
$useremail = $_POST['email'];

$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$password = md5($password);

$query = "SELECT uname FROM users";
$result = mysql_query($query) or exit(mysql_error());
	while($row = mysql_fetch_array($result, MYSQL_ASSOC))	
		{
			echo $row['uname'] . ' - ' . $username . ' - ';			
			if($row['uname'] == $username) 
				{ 
					$_SESSION['regerror'] = 'Sorry, Username already in Database';

				$_SESSION['checkit'] = "stop";								
				break;			
			} else {
				echo 'This name isnt in the database<br>' ;
				$_SESSION['checkit'] = "proceed";
				$_SESSION['regerror'] = '';
			}
			echo 'Does it stop here?';				
		}
		if ($_SESSION['checkit'] = "proceed") {
		echo 'This is the last bracket';		
		}	
?>

Any ideas on why this doesn't work in the last part of it. Please don't critique on the top segment, as I know that it already works. It is just after the 'RESULT' statement where things don't seem to go correctly.

Thanks;
Ice

mblack0508

Please provide behavior/output along with the input used.

When you say its not behaving you're not providing much information.

Also expect some critique, but constructive.

IceRegent

1) It does not go back to the registration script. The value in $_SESSION['checkit'] never gets updated no matter what the result.

mblack0508

There was an issue in the code where you were doing a comparison and forgot an extra =, in the code I'm providing thats fixed. I also saw you basically took a dump of users and looped through each, which is really not something you should do if you're looking for a specific user, which can be resolved in the query. As for redirection, it wont automatically redirect you need to put code in there. One way to do it is using header function like below.

header("Location: registration.php");

$query = "SELECT uname FROM users WHERE uname = ?";
$dbh = new PDO("mysq:host=localhost;dbname=dbname", $user, $pass);
$stmt = $dbh->prepare($query);
$stmt->bindParam(1, $username, PDO::PARAM_STR);
$stmt->execute();
if ($row = $stmt->fetch()) { // We got a result
    echo $row['uname'] . ' - ' . $username . ' - ';             

    $_SESSION['regerror'] = 'Sorry, Username already in Database'; 

$_SESSION['checkit'] = "stop";                                 
break;             
} else { 
    echo 'This name isnt in the database<br>' ; 
    $_SESSION['checkit'] = "proceed"; 
    $_SESSION['regerror'] = ''; 
} 
echo 'Does it stop here?';                 

if ($_SESSION['checkit'] == "proceed") { 
    echo 'This is the last bracket';         

}

IceRegent

Yes thank you on the information for the redirect, but, unfortunately, it will not allow that as 'headers have already been sent' in another portion of the scripts.

mblack0508

that is because you are using echo statements, which send to the browser. If you removed them, then you should be able to use header redirect