Now row isn't submitted to the DB when if statement is asked

Question

I've made a register user script and it works. When I add an if statement to see if the user was added so I can send them a confirmation email it stops working. So the first three lines add the user to the database but after that (The code in the comments) makes it no longer work.

$confirm_code = rand();
$sql = "INSERT INTO users (firstname, lastname, username, password, email, confirm_code) VALUES ('$firstname','$lastname','$username','$encrypted_password','$email', '$confirm_code')";
$new_user = mysqli_query($conn, $sql);
/*
if ($new_user) {
    header('Location: ../accepted.php?usersucess');
    $message =
    "
    Confirm Your Email
    Click the link below to activate your account
    http://www.generationdiary.com/email_confirm.php?username=$username&code=$confirm_code
    ";

    $mail=mail($email, "Generation Diary Confirm", $message);

    if ($mail){
        header('Location: ../accepted.php');
    }else{
        header('Location: ../accepted.php?failedmail');
    }

} 
else {
    header('Location: ../accepted.php?failedusersubmit');
}
*/

I have error reporting on it just doens't give me any errors thats why im confused that its not workiing — cosmichero2025, Apr 17 '17 at 22:10
Your code is vulnerable to [**SQL injection attacks**](https://en.wikipedia.org/wiki/SQL_injection). You should use [**mysqli**](https://secure.php.net/manual/en/mysqli.prepare.php) or [**PDO**](https://secure.php.net/manual/en/pdo.prepared-statements.php) prepared statements with bound parameters as described in [**this post**](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php). — Alex Howansky, Apr 17 '17 at 22:13
*"when if statement is asked"* - Why is that and other statements commented out? — Funk Forty Niner, Apr 17 '17 at 22:21
I did that to show what code was making it not submit the row into the database also i said that in the question — cosmichero2025, Apr 17 '17 at 22:22
You sure you're not outputting before header also? Error reporting will tell you if that's the case. Seems one header is overtaking another also. You should also add `exit;` for each header. — Funk Forty Niner, Apr 17 '17 at 22:22
Remove `header('Location: ../accepted.php?usersucess');` it's interfering with `header('Location: ../accepted.php');` — Funk Forty Niner, Apr 17 '17 at 22:25
I removed it and thats not the problem it not evening using the if in the if statment its going to else for some reason — cosmichero2025, Apr 17 '17 at 22:26
check for errors on the query then. Do `if ($new_user) {...} else { echo "Error: " . mysqli_error($conn); }` along with what I already stated. This is either errors on the query, and/or a mix of that and the headers logic. — Funk Forty Niner, Apr 17 '17 at 22:29
So it didn't' like that i duplicate email entries XD I never made an error handling for duplicate emails though only usernames is there some type of built in php thing where you can't have the same email input in a column? — cosmichero2025, Apr 17 '17 at 22:33
@cosmichero2025 the answer's simple, yet there's another answer given, they'll have to either come up with it or you can invite me to post an answer of my own. — Funk Forty Niner, Apr 17 '17 at 22:40
Ya he was telling me to do error handling to in the statement man I wish there was a way of tipping another person some of your points that you think helped a lot to the answer even if they didn't post the main answer. — cosmichero2025, Apr 17 '17 at 22:43
@cosmichero2025 Error reporting is php, error checking on the query is a different animal here, to which I was the one who pointed you in a straighter and more narrow direction; just saying. — Funk Forty Niner, Apr 17 '17 at 22:47

score 1 · Accepted Answer · answered Apr 17 '17 at 22:17

1

You are setting the header location twice in the block for the first condition, and nothing will execute after the first one.

answered Apr 17 '17 at 22:17

Thank you for that answer I did overlook that however the I am still having a problem before i execute any of that code it goes the else statement which redirects me to the failedusersubmit page – cosmichero2025 Apr 17 '17 at 22:20
That means that $new_user is false. Where are you assigning $conn? – Apr 17 '17 at 22:23
I don't understand why new_user would be false it all works on all of my pages it just doesn't work when i add this if statement – cosmichero2025 Apr 17 '17 at 22:25
It also wouldn't evaluate if it was null, 0, or an empty string. Can you post the code where you are assigning the variable? – Apr 17 '17 at 22:26
the new_user variable? – cosmichero2025 Apr 17 '17 at 22:28
the $conn variable – Apr 17 '17 at 22:28
So it didn't' like that i duplicate email entries XD I never made an error handling for duplicate emails though only usernames is there some type of built in php thing where you can't have the same email input in a column? – cosmichero2025 Apr 17 '17 at 22:33
Where are you assigning the value to the `$email` variable? – Apr 17 '17 at 22:39
The email variable gets assigned by a form all i did with that variable was check to see if its empty but it is working now when used a different email so i guess ill add error handling for that one so it'll come up with an error that that email has already been used – cosmichero2025 Apr 17 '17 at 22:41
@cosmichero2025 I feel you accepted this answer for a wrong reason. It only fixed the first part; it didn't cover the part about the duplicate email issue that you said in comments, after I told you to check for errors on the query. – Funk Forty Niner Apr 17 '17 at 22:46
@Fred -ii- I also addressed the same thing in this comment chain. – Apr 17 '17 at 22:50
well if you make an answer thing ill give to you i gotta give to someone – cosmichero2025 Apr 17 '17 at 22:50
The first time I get an accepted answer and Fred is trying to take it away :( – Apr 17 '17 at 22:53
1

Listen everyone I can give everyone answers ANSWERS FOR ALL! And are you new to the site but not new to programming? – cosmichero2025 Apr 17 '17 at 22:54

Now row isn't submitted to the DB when if statement is asked

1 Answers1