Executing trouble

[dotkpay]

I have been writing php scripts for a short while and I just encountered something unusual. The php statements in particular files, notably the conditional statements are executed upside down.

As in the statements at the bottom of the page are parsed before some in the middle of the script most especially when it comes to the 'if' statements. Some 'if' statements are skipped even when the condition is true and then the 'elseif' statements are executed.

What could be the problem?

 

This code is displayed below. It is actually a script that conducts user registration by picking data posted from a form.

The script requires "connect.php" to establish connectivity to mysql.

What puzzles me is that the last statement of redirecting to 'complete.php' can get executed before anything else and therefore rendering much of the script useless.

 

Thanks in advance.

 

<?php
require("connect.php");


$first = "{$_POST['first']}";
$last = "{$_POST['last']}";
$email = "{$_POST['email']}";
$phone = "{$_POST['phone']}";
$username = "{$_POST['username']}";
$password = "{$_POST['password']}";
$password2 = "{$_POST['password2']}";

// Disarm user entries

$first = stripslashes($first);
$last = stripslashes($last);
$email = stripslashes($email);
$phone = stripslashes($phone);
$username = stripslashes($username);
$password = stripslashes($password);
$password2 = stripslashes($password2);
$first = mysql_real_escape_string($first);
$last = mysql_real_escape_string($last);
$email = mysql_real_escape_string($email);
$phone = mysql_real_escape_string($phone);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$password2 = mysql_real_escape_string($password2);


// If any field is NULL

if ($first==NULL)
{
header("location:first.php");
}
elseif ($last==NULL)
{
header("location:last.php");
}
elseif ($email==NULL)
{
header("location:email.php");
}
elseif ($phone==NULL)
{
header("location:phone.php");
}
elseif ($username==NULL)
{
header("location:username.php");
}
elseif ($password==NULL)
{
header("location:nopassword.php");
}
elseif ($password2==NULL)
{
header("location:nopassword2.php");
}


// If username then password is too short

elseif (strlen($username)<5)
{
header("location:shortusername.php");
}
elseif (strlen($password)<6)
{
header("location:shortpassword.php");
}


// If passwords don't match

elseif (!$password == $password2)
{
header("location:passwords.php");
}


// If username = password

elseif ($username == $password)
{
header("location:same.php");
}


// If username already exists


$result = mysql_query("SELECT * FROM profiles");

while($row = mysql_fetch_array($result))
{
    if ($row["username"]==$_POST['username'])
{
    header("location:usernameexists.php");
}
}


// If all is well

$encrypt_password=md5($password);


mysql_query ("INSERT INTO profiles (username, first, last, email, phone)
     VALUES ('$username','$first','$last','$email','$phone')");

mysql_query ("INSERT INTO users (user, password)
     VALUES ('$username','$encrypt_password')");


mysql_close($connect);

header("location:complete.php");

?>

[Pikachu2000]

There's nothing to stop it from redirecting to complete.php first; it isn't in a conditional of any sort. No offense intended, but that script, in my opinion, is horrible. It requires *thirteen* external scripts to accomplish something that is normally done with 1 or 2.

[PFMaBiSmAd]

You already have a thread for this same problem, where one of the forum's Gurus answered with the most likely cause and the fix for the problem.

[dotkpay]

Thanks  salathe, and everyone who contributed.