Search code examples
phpvalidationif-statementblocklogin-script

If else block in PHP

I don't know where I am going wrong in else if logic... I want to validate this signup script in 3 steps:

1st: check if any field is empty, in which case include errorreg.php and register.php.

2nd: If email already exists include register.php.

3rd: If all goes well insert data to the database.

<?php
    $address =$_POST["add"];
    $password =$_POST["pw"];
    $firstname =$_POST["fname"];
    $lastname =$_POST["lname"];
    $email =$_POST["email"];
    $contact =$_POST["cno"];


    $con=mysql_connect("localhost","root","");
    mysql_select_db("bookstore");
    $q2=mysql_query("select * from customer where email='$email'");
    $b=mysql_fetch_row($q2);
    $em=$b[0];

   if($password != $_POST['pwr'] || !$_POST['email'] || !$_POST["cno"] || !$_POST["fname"] || !$_POST["lname"] || !$_POST["add"])
    {
        include 'errorreg.php';
        include 'register.php';
    }

    else if($em==$email)
    {
        echo 'email already present try another';
        include 'register.php';
    }
    else
    {
        $con=mysql_connect("localhost","root","");
        mysql_select_db("bookstore");
        $q1=mysql_query("insert into customer values('$email','$password','$firstname','$lastname','$address',$contact)");

        echo 'query completed';
        $q2=mysql_query("select * from customer where email='$email'");
        $a=mysql_fetch_row($q2);
        print "<table border =2px solid red> <tr><th>id </th></tr>";
        print "<td>$a[0]</td>";

        print "</table>";
        include 'sucessreg.php';
        echo " <a href='newhome.php'>goto homepage</a>";
    }

?>
Solution

  • There's a lot to correct here, but to your specific concern, that the "loop" doesn't go on to the second and third "steps", that's because you're thinking about this wrong. In an if/else if/else code block, only one of the blocks is executed at a time, the others are not. For instance, if a user submitted a number, we could tell them it was even or odd with the following:

    if($_GET['number'] % 2 == 0){
  echo "That's even!";
} else {
  echo "That's odd!";
}

    You are attempting to do one check, then another, then a third. In this case, you want to nest your conditionals (if statements) rather than have them come one after another, like so:

    if(/* first, basic sanity check*/) {
  if(/* second, more complex check */) {
    if(/* final check */) {
      // Database update
    } else {
      // Failed final check
    }
  } else {
    // Failed second check
  }
} else {
  // Failed basic check
}

    Some other comments on your code:

    1. Pay attention to formatting - laying out your code in consistent and visually clear patterns will help make it easier to see when you make a mistake.
    2. Use isset($_POST['variable']) before using $_POST['variable'], otherwise you'll get errors. One idea is to use lines like: $address = isset($_POST['address']) ? $_POST["add"] : ''; - if you don't know that notation, it lets you set $address to either the value from the $_POST array or '' if it's not set.
    3. Use the variables you created, like $email and $contact, rather than re-calling the $_POST variables - they're clearer, shorter variable names.
    4. Use the better MySQLi library, rather than the MySQL library.
    5. Create one connection ($con = ...) to your database at the beginning of your script, and don't create a second one later on, like you do here.
    6. Explicitly specify which connection your queries are running against - you say $q2=mysql_query("SELECT ...") but you should also pass the connection you've constructed, $q2=mysql_query("SELECT ...",$con).