View Full Version : Upside down execution of statements

06-22-2010, 01:05 AM
I have been writing php scripts for a short while and I just encountered something unusual.:confused:
The php statements in particular files, notably the conditional statements are executed upside down.
As in the statements at the bottom of the page are parsed before some in the middle of the script most especially when it comes to the 'if' statements. Some 'if' statements are skipped even when the condition is true and then the 'elseif' statements are executed.
What could be the problem?
Thanks in advance.:thumbsup:

06-22-2010, 01:13 AM
Mind posting the code your talking about? We can't do anything without it.

06-22-2010, 01:26 AM
This is the code. It is actually a script that conducts user registration by picking data posted from a form. What puzzles me is that the last statement of redirecting to 'complete.php' can get executed before anything else and therefore rendering much of the script useless.


$first = "{$_POST['first']}";
$last = "{$_POST['last']}";
$email = "{$_POST['email']}";
$phone = "{$_POST['phone']}";
$username = "{$_POST['username']}";
$password = "{$_POST['password']}";
$password2 = "{$_POST['password2']}";

// Disarm user entries

$first = stripslashes($first);
$last = stripslashes($last);
$email = stripslashes($email);
$phone = stripslashes($phone);
$username = stripslashes($username);
$password = stripslashes($password);
$password2 = stripslashes($password2);
$first = mysql_real_escape_string($first);
$last = mysql_real_escape_string($last);
$email = mysql_real_escape_string($email);
$phone = mysql_real_escape_string($phone);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$password2 = mysql_real_escape_string($password2);

// If any field is NULL

if ($first==NULL)
elseif ($last==NULL)
elseif ($email==NULL)
elseif ($phone==NULL)
elseif ($username==NULL)
elseif ($password==NULL)
elseif ($password2==NULL)

// If username then password is too short

elseif (strlen($username)<5)
elseif (strlen($password)<6)

// If passwords don't match

elseif (!$password == $password2)

// If username = password

elseif ($usernameoo == $password)

// If username already exists

$result = mysql_query("SELECT * FROM profiles");

while($row = mysql_fetch_array($result))
if ($row["username"]==$_POST['username'])

// If all is well


mysql_query ("INSERT INTO profiles (username, first, last, email, phone)
VALUES ('$username','$first','$last','$email','$phone')");

mysql_query ("INSERT INTO users (user, password)
VALUES ('$username','$encrypt_password')");




06-22-2010, 10:41 AM
That is a lot of elseif statements. elseif means that if the condition for the ifs above it do not match, it will check that statement. None of the conditions were met, so by nature, it takes you to complete.php. Based on the current track, there is no way that will suffice as a way of doing user registration.

First, formatting:
$first = $_POST['first']; is good enough for all of the strings similar to it. For the next batch, you have the string defined twice. Just do it like:
$first = mysql_real_escape_string(stripslashes($first));

If a conditional statement (ifs, elseifs, etc.) has one call below it, it does not need the brackets.

For what you want to do to check blank fields, why not just use the AND logical operator? Below, ! in front of a string means not set, or not, or no.

if (!($first && $last && $email && $phone && $username && $password && $password2))

If username already exists? Why use such a harsh query?
$result = mysql_query("SELECT * FROM profiles WHERE username=$username");

I suggest reading documentation on php.net, it is really helpful. Books can also do wonders too for people if you choose to go that route as well. Good luck!