Home/ Questions/Q 6745747
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T12:14:29+00:00

SOLVED: There is a conlict with my declaring of variables. It turns out i

  • 0

SOLVED:

There is a conlict with my declaring of variables. It turns out i declare a $password in my connect_database, but also in my account script meaning the $password is always set and therefore always skips pas the if’s to the end…and since this is work in progress it’s the same simple password as my account login…

ORIGINAL:

I have a problem with queries inside if statements in PHP. I’m doing an account update script.

I require the connection to the database at the top and then depending on the result from the POST, I do diffrent queries in some if statements.

If it runs passed all IF statements it runs a query at the end.

If it’s caught by any of the if’s, a query is made and I want the script to redirect with a message code and terminate the code with an exit.

The problem is the script will not exit after an if execution is made. It does the query but it runs all the way to the end – no redirect and exit…

I found a workaround which requires the database to be required inside the if statements and then again at the bottom instead of only at the top, but my initial idea was to just include it at the top and use the connection in the if statement and again at the bottom.

Can anyone explain why one works and the other doesn’t?
It’s not a big deal. I just don’t understand why…

Thanks a lot

This doesnt work (Require database outside of the IF statement):

    <?php
session_start();
if(!isset($_SESSION["user"])) {
    header("location: ../../../login/login_form.php");
    exit;
}

$user = mysql_real_escape_string($_POST['user']);
$password = mysql_real_escape_string($_POST['password']);
$email = mysql_real_escape_string($_POST['email']);
$id = $_SESSION['user_id'];

//Display if user and email is blank - try again---------------
if($user==NULL || $email==NULL){
    header('location: ../../../index.php?show=account&message=1');
    exit;
}

require_once('../../connect_database.php');

//Check if password is blank - meaning only updating user and email -----
if ($password==NULL){

    $query = "UPDATE user SET user='$user', email='$email' WHERE id=".$id;
    mysql_query($query) or die(mysql_error());

    header('location: ../../../index.php?show=account&message=0');
    mysql_close();
    exit;
}

//Display if password less than 8 characers----------------
if(strlen($password)<8 && $password!=NULL){
    header('location: ../../../index.php?show=account&message=2');
            mysql_close();
    exit;
}

//Run this if everything is to be changed incl. password-------

$query = "UPDATE user SET user='$user', password=md5('$password'), email='$email' WHERE id=".$id;
mysql_query($query) or die(mysql_error());

mysql_close();

header('location: ../../../index.php?show=account&message=0');

?>

This works (Require database inside of the IF statement and then again at the bottom): 

<?php
session_start();
if(!isset($_SESSION["user"])) {
    header("location: ../../../login/login_form.php");
    exit;
}

$user = mysql_real_escape_string($_POST['user']);
$password = mysql_real_escape_string($_POST['password']);
$email = mysql_real_escape_string($_POST['email']);
$id = $_SESSION['user_id'];

//Display if user and email is blank - try again---------
if($user==NULL || $email==NULL){
    header('location: ../../../index.php?show=account&message=1');
    exit;
}

//Check if password is blank - meaning only updating user and email ----
if ($password==NULL){

    require_once('../../connect_database.php');

    $query = "UPDATE user SET user='$user', email='$email' WHERE id=".$id;
    mysql_query($query) or die(mysql_error());

    header('location: ../../../index.php?show=account&message=0');
    mysql_close();
    exit;
}

//Display if password less than 8 characers------------------
if(strlen($password)<8 && $password!=NULL){
    header('location: ../../../index.php?show=account&message=2');
    exit;
}

//Run this if everything is to be changed incl. password----------
require_once('../../connect_database.php');

$query = "UPDATE user SET user='$user', password=md5('$password'), email='$email' WHERE id=".$id;
mysql_query($query) or die(mysql_error());

mysql_close();

header('location: ../../../index.php?show=account&message=0');

?>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The problem is the script will not exit after an if execution is made.

    you are wrong. exit operator is plain and simple and always work.
    How do you know the query was executed? Any debug output you’ve got?

    Thre are many issues with your code but at least make it less repetitive and moire consistent

    <?php 
session_start(); 
if(!isset($_SESSION["user"])) { 
  header("location: ../../../login/login_form.php"); 
  exit; 
} 

$user     = $_POST['user']; 
$password = $_POST['password']; 
$email    = $_POST['email']; 
$id       = $_SESSION['user_id']; 

//Display if user and email is blank - try again--------------- 
if (!$user || !$email) { 
  $message=1;
} 
//Display if password less than 8 characers---------------- 
elseif ($password && strlen($password)<8){ 
  $message=2;
} else {
  require_once('../../connect_database.php'); 
  $user  = mysql_real_escape_string($user); 
  $email = mysql_real_escape_string($email); 

  if ($password) { 
      $password = "password='".md5($password)."',";
  }
  $query = "UPDATE user SET user='$user',$password email='$email' WHERE id=".$id;
  mysql_query($query) or trigger_error(mysql_error()); 
  $message  = 0;
}
header("location: ../../../index.php?show=account&message=$message");

    Also note

    • you cannot use mysql_real_escape_string before connect
    • using relative paths (all those dots) considered bad practice, especially with location
    • 0