I basically took in 3 pieces of data from a form, and before processing them, I just wanted to make sure that all fields were filled in. So the focus of this is the second to last IF statement, checking if the different variables are empty. It seems to only be working for the first variable and I can't figure out how to make it apply to all of them.
<?php
include ("account.php") ;
include ("connect.php") ;
$isdone = FALSE;
$un = $_REQUEST [ "un"] ;
$pw = $_REQUEST [ "pw"] ;
$data = mysql_query("SELECT * FROM `auth` WHERE username = '$un'") or die(mysql_error());
$info = mysql_fetch_array($data);
$info['username'];
$password = $info['pw'];
session_start();
if(trim($un) != '' && trim($pw) != '' && $password == $pw)
{
$_SESSION['uze']=$un;
include "problem.html";
}
elseif( !isset($_POST['submit1']) && $isdone == FALSE)
{
echo "wrong password";
}
$selected = $_REQUEST [ "type"] ;
if($selected == 'afs')
{
$typeinc = 'afs';
}
else if($selected == 'db')
{
$typeinc = 'database';
}
else if($selected == 'cs')
{
$typeinc = 'computer systems';
}
else if($selected == 'pw')
{
$typeinc = 'password';
}
else if($selected == 'hw')
{
$typeinc = 'hardware';
}
else if($selected == 'other')
{
$typeinc = 'other';
}
$text = $_REQUEST ["inc"];
$selected2 = $_REQUEST ["yesno"];
if($selected2 == 'yes')
{
$email = 'yes';
}
else
{
$email = 'no';
}
if(isset($_POST['submit1']))
{
if(empty($typeinc) || empty($text) || empty($email))
{
print( '<a href="http://web.njit.edu/~swp5/assignment/auth.html">You have not filled in all fields, click to sign in and re-enter</a>' );
}
}
else{
mysql_query("INSERT INTO `swp5_proj`. `inci` (`type`, `date`, `time`, `reporter`, `desc`) VALUES ('$typeinc', CURDATE(), CURTIME(), '".$_SESSION['uze']."', '$text');") or die(mysql_error());
mysql_query("DELETE FROM inci WHERE type = ' '");
$isdone = TRUE;
}
if(isset($_POST['submit1']) && $isdone == TRUE)
{
echo "session over";
}
?>
Make sure you clean your REQUEST variables before you put them in a MySQL query.