...

View Full Version : If active = 'X' then error to user



mmarif4u
02-05-2007, 06:05 AM
Hi guys Hope every body is fine...

i have a litttle problem...

Code:



else:

$dbcnx = dbConnect('db');



$required_fields = array( 'icnumber','acccode','username', 'email', 'hp');
foreach ($required_fields as $field) {

if (!isset($_POST[$field]) || empty($_POST[$field])) {
error("One or more required fields were left blank. \\n Please fill them in and try again.");
} else {
$cleaned_for_sql[$field] = mysql_real_escape_string($_POST[$field]);
}
}
$sql = "SELECT COUNT(*) FROM loguser WHERE username = '" . $cleaned_for_sql['username'] . "'";
$sql_result = mysql_query($sql);
if (mysql_result($sql_result, 0) > 0) {
error("This username is already in use.\\n Please choose another.");
}

$sql = "SELECT icnumber,acccode,active FROM accdtl WHERE icnumber = '" . $cleaned_for_sql['icnumber'] . "' AND
acccode = '" . $cleaned_for_sql['acccode'] . "' AND active = 'X'";
$sql_result = mysql_query($sql);
if (mysql_result($sql_result,0,0) > 0) {
error("This access code is used.\\n Please contact for another.");
}

$email = $cleaned_for_sql['email'];
$password = rand(0000,999999);
$ic = "X";

$sql = "UPDATE `loguser` SET ";
$sql .= "`password` = ('" . $password . "'), ";
$sql .= "`email` = ('" . $email . "'), ";
$sql .= "`hp` = '" . $cleaned_for_sql['hp'] . "', ";
$sql .= "`icactive` = '" . $ic . "', ";
$sql .= "`username` = '" . $cleaned_for_sql['username'] . "' ";
$sql .= "WHERE `icnumber` = '" . $cleaned_for_sql['icnumber'] . "' ";
$sql .= "AND `acccode` = '" . $cleaned_for_sql['acccode'] . "' ";
$sql_result = mysql_query($sql) or error("Error executing query [$sql]: " . mysql_error());

//if (mysql_affected_rows($dbcnx) == 0) {
// error("Your IC number and Access Code do not match to database data. \\n Please try again.");
//}

$sql1 = "UPDATE `accdtl` SET ";
$sql1 .= "`active` = '" . $ic . "' ";
$sql1 .= "WHERE `icnumber` = '" . $cleaned_for_sql['icnumber'] . "' ";
$sql1 .= "AND `acccode` = '" . $cleaned_for_sql['acccode'] . "' ";
$sql_result = mysql_query($sql1) or error("Error executing query [$sql1]: " . mysql_error());

if (mysql_affected_rows($dbcnx) == 0) {
error("Your IC number and Access Code do not match to database data. \\n Please try again.");
}

if (trim($email)=='' || !eregi("^[a-z0-9_]+\.[a-z0-9_]+@[a-z0-9\-]+\.+[a-z0-9\-\.]+$",$email))

If we look the code above its fine and working but one error it has that
is here in the code:



$sql = "SELECT icnumber,acccode,active FROM accdtl WHERE icnumber = '" . $cleaned_for_sql['icnumber'] . "' AND
acccode = '" . $cleaned_for_sql['acccode'] . "' AND active = 'X'";
$sql_result = mysql_query($sql);
if (mysql_result($sql_result,0,0) > 0) {
error("This access code is used.\\n Please contact for another.");
}

here i want that the sql query check the active field if is 'X' then error
to user but if not then proced to next step(means query or script).
How to perform a check on this query..


if (mysql_result($sql_result,0,0) > 0)

specailly here...

Many thanks in advance..

raf
02-05-2007, 12:07 PM
you should not use a function that reads from the resultset, before checking if indeed a resultset is returned + that it is not empty.

frankly, i don't understand why you just don't run a "SELECT COUNT(*) ..." like in your check just above the one that is causing the problem. You're not using any value from that select so no point in selecting columns...


$sql = "SELECT COUNT(*) FROM accdtl WHERE icnumber = '" . $cleaned_for_sql['icnumber'] . "' AND
acccode = '" . $cleaned_for_sql['acccode'] . "' AND active = 'X'";
$sql_result = mysql_query($sql) or die('Queryproblem getting count from accdtl:<br />'. $sql . '<br />Error:'. mysql_error());
if (mysql_result($sql_result,0) > 0) {
error("This access code is used.\\n Please contact for another.");
}

should work just fine, provided that error() contains some code to exit the scriptexecution.

mmarif4u
02-06-2007, 03:33 AM
Thanks raf for ur reply,
i change the code and now its working fine.

Thanks again for ur help...



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum