Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 9 of 9
  1. #1
    New to the CF scene
    Join Date
    Apr 2008
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    if statement problems

    I got this working fine, but i wish to get rid of the die statement and make the entire thing one statement (if you know what i mean)

    PHP Code:
    if ($_POST['kill_button']){
        
    if(!
    stripslashes($_POST['kill_username']) || !stripslashes($_POST['message'])){
            print 
    "Please enter a username and message."
            die;
        }

    elseif (!
    stripslashes($_POST['subject'])){
    $subject "No Subject Title."
    }
    if(
    $username_check "1"){
            echo 
    "No such user!";
            unset(
    $reg_username);
        }}

    if (
    strip_tags($_POST['kill_username'])){
    mysql_query("INSERT INTO `inbox` ( `id` , `to` , `from` , `message` , `subject` , `date` , `read` , `saved` , `event_id` )
    VALUES (
    '', '$kill_username', '$username', '$message', '$subject', '$date', '0', '0', '0'
    )"
    );
    mysql_query("UPDATE `user_info` SET `messages` = `messages`+1 WHERE username='$username'");
    ///
    echo "Message sent to $kill_username!";

    I want it generally to be somthing along these lines, but cant seem to get it working

    PHP Code:
    <?php
    if ($_POST['kill_button']) {
           
        if(!
    stripslashes($_POST['kill_username']) || !stripslashes($_POST['message'])) {
            print 
    "Please enter a username and message.";
        } elseif (!
    stripslashes($_POST['subject'])) {
            
    $subject "No Subject Title.";
        } elseif(
    $username_check "1") {
               print 
    "No such user!";
            unset(
    $reg_username);
        }
     
    } else {
     
        
    mysql_query("INSERT INTO `inbox` 
        (`id` ,`to` ,`from` ,`message` ,`subject` ,`date` ,`read`, `saved` ,`event_id` ) VALUES (
        '', '$kill_username', '$username', '$message', '$subject', '$date', '0', '0', '0')"
    );
        
        
    mysql_query("UPDATE `user_info` SET `messages` = `messages`+1 WHERE username='$username'");
        
        echo 
    "Message sent to $kill_username!";

    }
    ?>

  • #2
    Supreme Master coder! abduraooft's Avatar
    Join Date
    Mar 2007
    Location
    N/A
    Posts
    14,853
    Thanks
    160
    Thanked 2,223 Times in 2,210 Posts
    Blog Entries
    1
    Always use die() with all mysql_query stataments at the end like
    Code:
    mysql_query("UPDATE `user_info` SET `messages` = `messages`+1 WHERE username='$username'") or die(mysql_error());
    The Dream is not what you see in sleep; Dream is the thing which doesn't let you sleep. --(Dr. APJ. Abdul Kalam)

  • #3
    Senior Coder NancyJ's Avatar
    Join Date
    Feb 2005
    Location
    Bradford, UK
    Posts
    3,174
    Thanks
    19
    Thanked 66 Times in 65 Posts
    Quote Originally Posted by abduraooft View Post
    Always use die() with all mysql_query stataments at the end like
    Code:
    mysql_query("UPDATE `user_info` SET `messages` = `messages`+1 WHERE username='$username'") or die(mysql_error());
    If you want your users to see a really unfriendly error message in the event that something goes wrong. Of course, well written code should go wrong.

    The easiest way to get around all your various conditions would be to set a flag.

    eg.

    PHP Code:
    if ($_POST['kill_button']){
        
    $doquery=true;
    if(!
    stripslashes($_POST['kill_username']) || !stripslashes($_POST['message'])){
            print 
    "Please enter a username and message."
            
    $doquery false;
        }

    if (!
    stripslashes($_POST['subject'])){
    $subject "No Subject Title."
    }
    if(
    $username_check "1"){
            echo 
    "No such user!";
            unset(
    $reg_username);
             
    $doquery=false;

        }

    if (
    strip_tags($_POST['kill_username']) && $doquery){
    mysql_query("INSERT INTO `inbox` ( `id` , `to` , `from` , `message` , `subject` , `date` , `read` , `saved` , `event_id` )
    VALUES (
    '', '$kill_username', '$username', '$message', '$subject', '$date', '0', '0', '0'
    )"
    );
    mysql_query("UPDATE `user_info` SET `messages` = `messages`+1 WHERE username='$username'");
    ///
    echo "Message sent to $kill_username!";

    The whole thing could of course be better written and are you working with register globals on? You're performing your stripslashes on $_POST but using named variables in your query without assigning the post value to the variable.
    Last edited by NancyJ; 04-16-2008 at 12:32 PM.

  • #4
    New to the CF scene
    Join Date
    Apr 2008
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I can show the whold script if it helps, it is messy and unfinished.

    Code:
    <?
    session_start();
    include_once "includes/db_connect.php";
    $username=$_SESSION['username'];
    $fetch=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'"));
    $fromper=$_GET['fromper'];
    $goody = mysql_query("SELECT `message`, `date`, `from` FROM `inbox` WHERE `id`='$rep'");
    
    while($success = mysql_fetch_row($goody)){
    	$ini = $success[0];
    $dateon = $success[1];
    $fromper = $success[2];
    }
    
    $kill_username=strip_tags($_POST['kill_username']);
    $message=strip_tags($_POST['message']);
    $subject = strip_tags($_POST['subject']);
    $date = gmdate('Y-m-d h:i:s');
    $username_check = mysql_num_rows(mysql_query("SELECT username FROM users WHERE username='$kill_username'"));
    	
    if ($_POST['kill_button']){ 
         
    if(!stripslashes($_POST['kill_username']) || !stripslashes($_POST['message'])){ 
            print "Please enter a username and message.";  
            die; 
        } 
    
    elseif (!stripslashes($_POST['subject'])){ 
    $subject = "No Subject Title.";  
    } 
    if($username_check < "1"){ 
            echo "No such user!"; 
            unset($reg_username); 
        }} 
    
    if (strip_tags($_POST['kill_username'])){ 
    mysql_query("INSERT INTO `inbox` ( `id` , `to` , `from` , `message` , `subject` , `date` , `read` , `saved` , `event_id` ) 
    VALUES ( 
    '', '$kill_username', '$username', '$message', '$subject', '$date', '0', '0', '0' 
    )"); 
    mysql_query("UPDATE `user_info` SET `messages` = `messages`+1 WHERE username='$username'"); 
    /// 
    echo "Message sent to $kill_username!"; 
    }  
    
    
    ?>
    
    
    
    <link href="includes/in.css" rel="stylesheet" type="text/css">
    
    
      </form>
      <table width="76&#37;" border="0" align="center" cellpadding="0" cellspacing="3">
        <tr>
          <td>
    <div align="center">
      <center>
    <table border="o" cellpadding="0" cellspacing="0" class=tablearea style="border-collapse: collapse">
    <form name="form1" method="post" action="">
    
              <tr>
                <td colspan="2" class="TableHeading"><center>
    
                  Compose Message 
                </center></td>
              </tr>
              <tr>
                <td class="TableArea">Username:</td>
                <td class="TableArea">
                <input name="kill_username" type="text" class="input" id="kill_username3" value='<?php echo $fromper; ?>' size="20"></td>
              </tr>
              <tr>
                <td class="TableArea">Subject Title:</td>
                <td class="TableArea">
                <input name="subject" type="text" class="input" id="subject" size="50"></td>
              </tr>
              <tr>
                <td valign="top" class="TableArea">Message:</td>
                <td class="TableArea"><textarea name="message"  cols="50" rows="10" type="text" id="message"><?php 
    if($_GET['id']) {
    $id = $_GET['id'];
    $reply = mysql_query("SELECT * FROM inbox WHERE id = '$id'");
    $fetch_reply = mysql_fetch_object($reply);
    echo "On $fetch_reply->date  $fromper  said:
    $fetch_reply->message"; } ?></textarea></td>
              </tr>
               <tr>
                <td colspan="2" class="TableArea"><div align="right">
                  <input name="kill_button" type="submit" class="submit" id="kill_button3" value="Submit">
                </div></td>
                </tr>
            </table>
      </center></form>
    </div>
          </td>
        </tr>
    
    <SCRIPT>
    <!--
    function input(Item) {
    document.getElementById('send_id').value = Item;
    }
    
    //-->
        </SCRIPT>
    </table>

  • #5
    New to the CF scene
    Join Date
    Apr 2008
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Here is an option that I think will work for you.

    PHP Code:
    <?php 
    if ($_POST['kill_button']) { 
            
        if(!
    stripslashes($_POST['kill_username']) || !stripslashes($_POST['message'])) { 
            
    $errors[] = "Please enter a username and message."
        } elseif (!
    stripslashes($_POST['subject'])) { 
            
    $errors[] = "No Subject Title."
        } elseif(
    $username_check "1") { 
               
    $errrors[] "No such user!"
        } 
    }

    if (
    is_array($errors)){
       foreach(
    $errors as $value)
            echo 
    "$value <br />";
    } else { 
      
        
    mysql_query("INSERT INTO `inbox`  
        (`id` ,`to` ,`from` ,`message` ,`subject` ,`date` ,`read`, `saved` ,`event_id` ) VALUES ( 
        '', '$kill_username', '$username', '$message', '$subject', '$date', '0', '0', '0')"
    ); 
         
        
    mysql_query("UPDATE `user_info` SET `messages` = `messages`+1 WHERE username='$username'"); 
         
        echo 
    "Message sent to $kill_username!"


    ?>

  • #6
    Senior Coder
    Join Date
    Jan 2007
    Posts
    1,648
    Thanks
    1
    Thanked 58 Times in 54 Posts
    This solution (creative statis') is indeed a cleaner/abstract than NancyJ's suggestion (although both work).

    But you can improve even more on this, as you are ignoring any warnings.

    PHP Code:
    <?php 
    $errors 
    = array();

    if (
    $_POST['kill_button']) { 
            
        if(!
    stripslashes($_POST['kill_username']) || !stripslashes($_POST['message'])) { 
            
    $errors[] = "Please enter a username and message."
        } elseif (!
    stripslashes($_POST['subject'])) { 
            
    $errors[] = "No Subject Title."
        } elseif(
    $username_check "1") { 
               
    $errrors[] "No such user!"
        } 
    }

    if (
    count($errors) > 0){
       foreach(
    $errors as $value)
            echo 
    "$value <br />";
    } else { 
      
        
    mysql_query("INSERT INTO `inbox`  
        (`id` ,`to` ,`from` ,`message` ,`subject` ,`date` ,`read`, `saved` ,`event_id` ) VALUES ( 
        '', '$kill_username', '$username', '$message', '$subject', '$date', '0', '0', '0')"
    ); 
         
        
    mysql_query("UPDATE `user_info` SET `messages` = `messages`+1 WHERE username='$username'"); 
         
        echo 
    "Message sent to $kill_username!"


    ?>
    Notice the first line added, and the if condition that has changed.

  • #7
    New to the CF scene
    Join Date
    Apr 2008
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    That'll work too...
    not needed though.

    EDIT :

    I noticed in the
    PHP Code:
    } elseif($username_check "1") {  
               
    $errrors[] "No such user!";  
        } 
    $errors[] is spelled wrong.

  • #8
    New to the CF scene
    Join Date
    Apr 2008
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thanks for the help guys. But it doesn't seem to work.

  • #9
    Senior Coder
    Join Date
    Jan 2007
    Posts
    1,648
    Thanks
    1
    Thanked 58 Times in 54 Posts
    That'll work too...
    not needed though.
    Not needed? I prefer my server logs to be empty, rather than constantly filling up.

    Thanks for the help guys. But it doesn't seem to work.
    You know, they sell a little blue pill for... Oh, you mean the code we gave you to learn from? You shouldn't just copy and paste it, but if you did, you will have to actually let us know what isn't working (and of course any error messages, etc.). Otherwise we will have to make assumptions.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •