Headers not pushing on a true statement

horan1616

03-17-2010, 04:05 PM

I am setting up a basic reigstration page. I have been out of coding for alittle with now. I basically wanted to setup checks for valid data at the registration page however it just submits the query and runs any of the checks sucessfully. Any idea's?

<?php
require '/include/headerdb.php';

$username = $_POST['username'];
$email = $_POST['email'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$vcode = rand(1000000000, 9999999999);
$password = $_POST['password'];
$vpassword = $_POST['vpassword'];

if ($password != $vpassword) {
header("Location: register.php?error=1");
}
if ($username == "") {
header("Location: register.php?error=4");
}
if ($email == "") {
header("Location: register.php?error=5");
}
if ($fname == "") {
header("Location: register.php?error=6");
}
if ($lname == "") {
header("Location: register.php?error=7");
}
if ($password == "") {
header("Location: register.php?error=8");
}

$verquery = mysql_query("SELECT * FROM users");
while ($verarray = mysql_fetch_array($verquery)) {
if ($username == $verarray['username']) {
header("Location: register.php?error=2");
}
if ($email == $verarray['email']) {
header("Location: register.php?error=3");
}
}

$newquery = mysql_query("INSERT INTO users (username, password, fname, lname, vcode, email)
VALUE ('$_POST[username]','$_POST[password]','$_POST[fname]','$_POST[lname]','$vcode','$email')");

if (!$newquery) {
header("Location: register.php?error=3");
} else {
header("Location: regcomplete.php");
}

?>

Fou-Lu

03-17-2010, 04:17 PM

You're not doing anything to stop it from processing. Any call to a header() only pushes the header onto the stack; it doesn't do anything to stop the page from processing. If you want it to halt processing at that point, call an exit or die.
The above can be simplified by only providing the error code associated with it to a tracked variable, and if the tracked variable is > 0, push a header for the location and call exit.

horan1616

03-17-2010, 04:25 PM

THANK YOU!

Completely forgot about having to use die(header(***));

:thumbsup::thumbsup::thumbsup:

Fou-Lu

03-17-2010, 04:34 PM

Do not use die(header(...)). It won't actually trigger errors since its not wrong, but it doesn't make any logical sense. Die should only have an argument if its either a string or an integer indicating error codes. Header is always void. Instead, you should be running with a:

header("Location: ....");
exit(0); // 0 is the default, can be called as: exit; or exit(); as well.

Since you're script terminates successfully (which coincidentally is the same result you'd get by wrapping a header with a die).