ironman32 Posted April 13, 2009 Share Posted April 13, 2009 I've created some 'if' statements to process form data. <?php $age = $_POST['age']; $weight = $_POST['weight']; $medical = $_POST['medical']; if (empty ($_POST['age']) ){ header("Location: lose.php?msg= Please enter your age and weight"); } if (empty ($_POST['weight'])){ header("Location: lose.php?msg= Please enter your weight and age"); } if(($_POST['weight']) > 19){ header("Location: acute.php?msg= Please consult your doctor before carring out these exercises"); } if(($_POST['age']) >60){ header("Location: acute.php?msg= Please consult your doctor before carring out these exercises"); } if(($_POST['medical']) == yes){ header("Location: acute.php?msg= Please consult your doctor before carring out these exercises"); } else{ header("Location: lose_weight.php"); } ?> The idea is to redirect the user if 'weight' is over 19,their age is over 60 or if 'medical' = yes. Other wise they are redirected to a different page. The only 'if' statement that currently works is the 'medical' statement. Could somebody give me some advice on this please? Quote Link to comment Share on other sites More sharing options...
ober Posted April 13, 2009 Share Posted April 13, 2009 I'm surprised that one even works. You should have single quotes around 'yes'. Don't use empty, it is generally bad practice. Did you know that the string "0" is considered empty? Use: if($weight != '') { // whatever } And for God's sakes, clean your data! Quote Link to comment Share on other sites More sharing options...
ironman32 Posted April 13, 2009 Author Share Posted April 13, 2009 Thanks but I still need to get these 'if' statements to work if(($_POST['weight']) > 19){ header("Location: acute.php?msg= Please consult your doctor before carring out these exercises"); } if(($_POST['age']) >60){ header("Location: acute.php?msg= Please consult your doctor before carring out these exercises"); } Quote Link to comment Share on other sites More sharing options...
jackpf Posted April 13, 2009 Share Posted April 13, 2009 Your $_POST statements don't need to be encapsulated in parenthesis. Quote Link to comment Share on other sites More sharing options...
mrMarcus Posted April 13, 2009 Share Posted April 13, 2009 ^word. instead... if ($_POST['weight'] > 19){ Quote Link to comment Share on other sites More sharing options...
ironman32 Posted April 13, 2009 Author Share Posted April 13, 2009 I've changed the code to protect the data and I eliminated the parenthesis <?php $con = mysql_connect("localhost","dontwork","123qwerty123"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("db_name", $con); $age = mysql_real_escape_string($_POST['age']); $weight = mysql_real_escape_string($_POST['weight']); $medical = mysql_real_escape_string($_POST['medical']); if ($_POST['age'] == '' ){ header("Location: lose.php?msg= Please enter your age and weight"); } if ($_POST['weight'] == '' ){ header("Location: lose.php?msg= Please enter your weight and age"); } if($_POST['weight'] > 19){ header("Location: acute.php?msg= Please consult your doctor before carring out these exercises"); } if($_POST['age'] > 60){ header("Location: acute.php?msg= Please consult your doctor before carring out these exercises"); } if($_POST['medical'] == 'yes'){ header("Location: acute.php?msg= Please consult your doctor before carring out these exercises"); } else{ header("Location: lose_weight.php"); } ?> But only the last 'if' statement works. If the fields are blank the user still gets taken to lose_weight.php. I still need to get the other statements to work. Quote Link to comment Share on other sites More sharing options...
laffin Posted April 13, 2009 Share Posted April 13, 2009 The medical statement shudn be working either! ya have == yes which makes yes a constant, not a variable/string The other problem is that there is no die/exit statement after the header redirction. if u have a header redirection, u dun want to continue with the script. so place a die immediately afterwards thats why it SEEMS that medical is the only one working. Quote Link to comment Share on other sites More sharing options...
ironman32 Posted April 13, 2009 Author Share Posted April 13, 2009 I've added 'die' after each header if ($_POST['age'] == '' ){ header("Location: lose.php?msg= Please enter your age and weight"); die(); } if ($_POST['weight'] == '' ){ header("Location: lose.php?msg= Please enter your weight and age"); die(); } if($_POST['weight'] > 19){ header("Location: acute.php?msg= Please consult your doctor before carring out these exercises"); die(); } if($_POST['age'] > 60){ header("Location: acute.php?msg= Please consult your doctor before carring out these exercises"); die(); } if($_POST['medical'] = 'yes'){ header("Location: acute.php?msg= Please consult your doctor before carring out these exercises"); die(); } else{ header("Location: lose_weight.php"); die(); } ?> But I can't seem to redirect the user to lose_weight.php. Even if age < 60 , weight < 19 and medical ='no' , I still get redirected to acute.php. Quote Link to comment Share on other sites More sharing options...
mrMarcus Posted April 13, 2009 Share Posted April 13, 2009 But I can't seem to redirect the user to lose_weight.php. Even if age < 60 , weight < 19 and medical ='no' , I still get redirected to acute.php. you haven't given that condition anywhere in your code .. you only set an 'if' statement for if $_POST['age'] is greater than 60, and $_POST['weight'] is greater than 19 .. nothing for less than. this is all fine and dandy, as long as you're going to use the new variables .. otherwise, what you have below is a waste of space. $age = mysql_real_escape_string($_POST['age']); $weight = mysql_real_escape_string($_POST['weight']); $medical = mysql_real_escape_string($_POST['medical']); Quote Link to comment Share on other sites More sharing options...
mandred Posted April 14, 2009 Share Posted April 14, 2009 I also recommend trimming all $_POST variables with the trim() function, on top of the escape. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.