Auto Execute query

Question

Please anyone solve my problem my code execute automatically. Here it is.

$con=mysql_connect("localhost","root","") or die('Not Connected');;
mysql_select_db("reg");

if (isset($_POST['submit'])) {

    $fname = $_POST['fname'];
    $lname = $_POST['lname'];
    $email = $_POST['email'];
    $username = $_POST['user'];
    $password = $_POST['password'];
    $cpassword = $_POST['cpassword'];

    if($fname=='' or $lname=='' or $email=='' or $username==''
        or $password=='' or $cpassword==''){

        echo "<script>alert('Please Fill Out Blank Fields')</script>";
        exit();
    }
}

$query="INSERT INTO `form`(`ID`, `fname`, `lname`, `email`, `username`, `password`, `cpassword`)
VALUES (NULL, '$fname','$lname','$email','$username','$password','$cpassword')";

if (mysql_query($query)) {

    echo "<script>alert('Registered Successfully')</script>";

}

"Here is my question: Is that when i refresh the page the last code executes automatically" Please check my code.

Thanks.

Security is **hard**. Do not re-invent the wheel. You should use an existing, proven, authentication system. — SLaks, Apr 27 '14 at 18:10
bro i dont understand when refreshing page it auto executes this "Registered Successfully" — Talha, Apr 27 '14 at 18:12
infact i put the condition when $query executes from submit button then it echo's but the thing is it executes directly dont know why :( — Talha, Apr 27 '14 at 18:13

score 0 · Answer 1 · answered Apr 27 '14 at 18:15

0

<?php
function destroy_foo() 
{
    global $foo;
    unset($foo);
}

$foo = 'bar';
destroy_foo();
echo $foo;
?>

answered Apr 27 '14 at 18:15

tylerlindell

1,545
2
17
20

John Bupit · Answer 2 · 2014-04-27T18:30:59.830

First, put the last 3 lines inside the if block. This will ensure that the query only executes if there is a POST request.

To handle the refresh problem, use the Post-Redirect-Get pattern to ensure that the data isn't reposted. If the query executes successfully, redirect to a new page, and show a success message there.

if (isset($_POST['submit'])) {

    $fname = $_POST['fname'];
    $lname = $_POST['lname'];
    $email = $_POST['email'];
    $username = $_POST['user'];
    $password = $_POST['password'];
    $cpassword = $_POST['cpassword'];

    if($fname=='' or $lname=='' or $email=='' or $username==''
        or $password=='' or $cpassword==''){

        echo "<script>alert('Please Fill Out Blank Fields')</script>";
        exit();
    }

    // Run this query only if something was POSTed.
    $query="INSERT INTO `form`(`ID`, `fname`, `lname`, `email`, `username`, `password`, `cpassword`)
    VALUES (NULL, '$fname','$lname','$email','$username','$password','$cpassword')";

    if (mysql_query($query)) {
        // Redirect to successpage.php, and print the success message there.
        header("Location: successpage.php");
        exit();
        // echo "<script>alert('Registered Successfully')</script>";
    }
}

Alternatively, if you really want to stay on the same page, you could redirect to this page itself, with some query string, and display the appropriate message upon receiving the same:

if (isset($_POST['submit'])) {
    ...

    if (mysql_query($query)) {
        // Redirect to the same page, with a query string indicating success
        header("Location: thesamepage.php?success=1");
        exit();
    }
}

// Check if registration was successful
if(isset($_GET['success'])) {
    // Display the success message.
    echo "<script>alert('Registered Successfully')</script>";
}

rafaeldefazio · Answer 3 · 2014-04-27T18:50:07.643

I think your code is kinda confuse.

Look:

/
/ connect.php
/ (pagewithform).php
/ (scripttoregister).php

connect.php

<?php

$server = "server";
$user = "user";
$pass = "pass";
$db = "db";

$connect = mysql_connect($server, $user, $pass);

if ( ! $connect ){
    echo mysql_error();
    exit;
} else{
    mysql_select_db("$db", $connect);
}

?>

Creates vars, if not $connect, show erros and exit. Else, select your db.

_

(scripttoregister).php

include('connect.php');

$fname = $_POST['fname'];
$lname = $_POST['lname'];
$email = $_POST['email'];
$username = $_POST['user'];
$password = $_POST['password'];
$cpassword = $_POST['cpassword'];

if (empty($fname) or empty($lname) or empty($email) or empty($username) or empty($password) or empty($cpassword){

    echo "<script>alert('Please Fill Out Blank Fields')</script>";
    exit();

} else{

$query= mysql_query("INSERT INTO form(fname, lname, email, username, password, cpassword) VALUES ('$fname','$lname','$email','$username','$password','$cpassword')");

echo "alert('Registered Successfully')"; 
}

?>

Like this^

You have no need to create another if to just show alert neither set NULL to id, it's auto_increment. (: now you can add any action if(something is empty){} and else{}.

_

OOOOR in case of self-page (your)

if (isset($_POST['submit'])) {

    $fname = $_POST['fname'];
    $lname = $_POST['lname'];
    $email = $_POST['email'];
    $username = $_POST['user'];
    $password = $_POST['password'];
    $cpassword = $_POST['cpassword'];

    if (empty($fname) or empty($lname) or empty($email) or empty($username) or empty($password) or empty($cpassword){

        echo "<script>alert('Please Fill Out Blank Fields')</script>";
        exit();

    } else{

     $query= mysql_query("INSERT INTO form(fname, lname, email, username, password, cpassword) VALUES ('$fname','$lname','$email','$username','$password','$cpassword')");


   // Redirect to a page, 'n print the success message there. (as said John Bupit)
    header("Location: page.php");
    exit();
    // echo "<script>alert('Registered Successfully')</script>";

   }

}

In your last solution, you're [sending a header after you echo something](http://stackoverflow.com/q/8028957/1492578). — John Bupit, Apr 27 '14 at 18:42

Auto Execute query

3 Answers3