0

I was wondering if i can have someone look over my statements to see where i might be screwing up. I've tested what information is being posted by echoing it and everything seems to be going through correctly, but I can't get it to physically create the appropriate records. I also do not get any errors and it goes back to the header location like the form did post.

//First we make sure there are enough licenses left to add the user
$limit = "select * from organization_seats WHERE orgid=$orgid";
$orglimit = mysql_query($limit);
$licenses = $orglimit['limit'];

$count = "select count(*) from organization_users WHERE organizationid=$orgid";

if ((!$licenses < $count)) {

     echo 'You have reached the number of maximum licenses for your Organization.';

 } else {

//If we have licenses left, proceed to add new user
//Populate the user table
$sql = "insert into user (firstname, lastname, title, address1, address2, country, city, state, zip, phone, mobile, birthday, username, email, password) values ('$fname','$lname','$title','$address1','$address2','$country', '$city', '$state', '$zip', '$phone', '$mobile', '$bday', '$username', '$email', '$password')";

$exec = mysql_query($sql);

//Add the user to the organization
$userid = mysql_insert_id(); //call the last ID entered into the user table first

$sql2 = "insert into organization_users(organizationid, userid, active) values ('$orgid', '$userid', $)";
$exec = mysql_query($sql2); 

//recall the userid
$sql3 = "select * from user where username = $username";
$exec = mysql_query($sql3);
$newuserid = $newuserselect['id'];  

 //Add the user to the department
$sql4 = "insert into organization_dep_users(orgid, depid, userid) values ('$orgid', '$department', '$newuserid')";
$exec = mysql_query($sql4);

if ($exec === TRUE) {

    header( 'Location: index.php' ) ;

} else {
    echo mysql_error();
 }
}

btw, i do have mysql_real_escape_string attached to all my variables.

Ansipants
  • 35
  • 7
  • [Please, don't use `mysql_*` functions](http://stackoverflow.com/q/12859942/1190388) in new code. They are no longer maintained and are [officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). See the red box? Learn about prepared statements instead, and use [tag:PDO] or [tag:MySQLi]. – hjpotter92 Apr 11 '13 at 03:59
  • 1
    which part is messing up? – Jhonathan H. Apr 11 '13 at 04:00
  • You should check `mysql_error()` after each call. If an earlier call fails you wont hear about it. Also the results of `$sql3` is never used. – Jim Apr 11 '13 at 04:04
  • well, that definitely threw a lot of errors when i changed it lol, let me see what i can correct and take it from there. – Ansipants Apr 11 '13 at 04:05
  • @Ansipants : Your code has so many errors – Ranjith Apr 11 '13 at 04:14

2 Answers2

0

1) $sql2 has an error - you are passing $ instead of an actual variable.

2) After $sql3 you are assigning $newuserid from a non-existent resource. I assume you are missing $newuserselect = mysql_fetch_assoc($exec); just before it.

3) You really need to add error checking on your queries. If the first query fails the second query will be run with an erroneous $userid, or maybe FALSE if no previous query created an id. Other problems can arise later in your code without error checking too.

4) As suggested above it is advisable to transition to pdo or mysqli.

5) Just noticed - your first select query is also trying to misuse the resource - you should be doing

$orglimit = mysql_query($limit);
$orgrow = mysql_fetch_assoc($orglimit);
$licenses = $orgrow['limit'];

6) And.... your $count won't work, you assign the query string to $count but never actually execute the query to get the number. So when you do if ((!$licenses < $count)) you are actually comparing a number to a string, not a number to a number.

Ken Herbert
  • 5,205
  • 5
  • 28
  • 37
  • Thank you so much for the second set of eyes. I've adjusted everything per your recommendation, but it give me the error that there aren't enough licenses when the total users are 48 and the licenses limit is 50. – Ansipants Apr 11 '13 at 04:30
  • Try `if ($licenses > $count)` and if that doesn't work try `if ($licenses > (int)$count)` – Ken Herbert Apr 11 '13 at 04:36
0

Not sure what problem are you exactly facing .. but if you have copied the code correctly then I found one faulty statement 

insert into organization_users(organizationid, userid, active) values ('$orgid', '$userid', $)

what is $...?

second..

 $limit = "select * from organization_seats WHERE orgid=$orgid";
 $orglimit = mysql_query($limit);
 $licenses = $orglimit['limit'];

should be 

$limit = "select * from organization_seats WHERE orgid=$orgid";
$resource = mysql_query($limit);
$orglimit  = mysql_fetch_assoc($resource);
$licenses = $orglimit['limit'];

mysql_query always returns a resorce not array..

same with $sql3

Try changing these and you should be fine

SUGGESTION : please start using mysqli_* or PDO

alwaysLearn
  • 6,882
  • 7
  • 39
  • 67
  • I've corrected all the errors, changed to mysqli on the queries, added error handling. and so the only issue I am having now is that is is saying the verifying licenses. I've tried both of winterblood's recommendations but still no go. – Ansipants Apr 11 '13 at 04:46