SalientAnimal Posted January 29, 2014 Share Posted January 29, 2014 Hi All, Just a very simple bit of help. Where in my script would I place the redirect header? <?php include_once '../includes/db_connect.php'; include_once '../includes/functions.php'; sec_session_start(); if (login_check($mysqli) == true) { $logged = 'in'; } $error_msg = ""; $username = $_SESSION['username']; $email = $_SESSION['email']; $id = $_SESSION['user_id']; // create string of queries separated by ; //var_dump(login_check($mysqli)); //var_dump($_SESSION); exit; //var_dump($_POST);exit; $query = "UPDATE members SET level = '$_POST[level]' WHERE id = $id;"; $query .= "INSERT INTO members_info ( id , fname , known_as , lname , gender , race , start_date , department , msisdn , dob , details , emergency_contact , emergency_msisdn ) VALUES ( '$_POST[user_id]' , '$_POST[fname]' , '$_POST[known_as]' , '$_POST[lname]' , '$_POST[gender]' , '$_POST[race]' , '$_POST[start_date]' , '$_POST[department]' , '$_POST[msisdn]' , '$_POST[dob]' , '$_POST[details]' , '$_POST[emergency_contact]' , '$_POST[emergency_msisdn]' );"; // execute query - $result is false if the first query failed $result = mysqli_multi_query($mysqli, $query); if ($result) { do { // grab the result of the next query if (($result = mysqli_store_result($mysqli)) === false && mysqli_error($mysqli) != '') { echo "Query failed: " . mysqli_error($mysqli); } } while (mysqli_more_results($mysqli) && mysqli_next_result($mysqli)); // while there are more results } else {javascript:void(0) echo "First query failed..." . mysqli_error($mysqli); } header('Location: ../success.php'); exit; $mysqli->close(); Quote Link to comment Share on other sites More sharing options...
Solution Mace Posted January 29, 2014 Solution Share Posted January 29, 2014 (edited) Try this. Just check if the query failed. If not, then redirect. Also, dont put your $_POST values unprotected in your INSERT query. Use something like mysql_real_escape_string() on all your $_POST values <?php include_once '../includes/db_connect.php'; include_once '../includes/functions.php'; sec_session_start(); if (login_check($mysqli) == true) { $logged = 'in'; } $error_msg = ""; $username = $_SESSION['username']; $email = $_SESSION['email']; $id = $_SESSION['user_id']; // create string of queries separated by ; //var_dump(login_check($mysqli)); //var_dump($_SESSION); exit; //var_dump($_POST);exit; $query = "UPDATE members SET level = '$_POST[level]' WHERE id = $id;"; $query .= "INSERT INTO members_info ( id , fname , known_as , lname , gender , race , start_date , department , msisdn , dob , details , emergency_contact , emergency_msisdn ) VALUES ( '".mysql_real_escape_string($_POST['user_id'])."' , '".mysql_real_escape_string($_POST['fname'])."' , '".mysql_real_escape_string($_POST['known_as'])."' , '$_POST[lname]' , '$_POST[gender]' , '$_POST[race]' , '$_POST[start_date]' , '$_POST[department]' , '$_POST[msisdn]' , '$_POST[dob]' , '$_POST[details]' , '$_POST[emergency_contact]' , '$_POST[emergency_msisdn]' );"; // execute query - $result is false if the first query failed $result = mysqli_multi_query($mysqli, $query); $failed = false; if ($result) { do { // grab the result of the next query if (($result = mysqli_store_result($mysqli)) === false && mysqli_error($mysqli) != '') { echo "Query failed: " . mysqli_error($mysqli); $failed = true; } } while (mysqli_more_results($mysqli) && mysqli_next_result($mysqli)); // while there are more results } else { echo "First query failed..." . mysqli_error($mysqli); $failed = true; } $mysqli->close(); if($failed == false) { header('Location: ../success.php'); exit; } Edited January 29, 2014 by Mace Quote Link to comment Share on other sites More sharing options...
SalientAnimal Posted January 29, 2014 Author Share Posted January 29, 2014 (edited) I have a second query as well that is similar to this one. But I keep getting an error on it. The Update query works, but the insert does not. <?php // confirm that the 'id' variable has been set if (isset($_GET['id']) && is_numeric($_GET['id'])) { // get the 'id' variable from the URL $id = $_GET['id']; // UPDATE THE RECORD IN THE WALIN DATABASAE TABLE // $query = "UPDATE usr_walkin SET query_status = 'Deleted' WHERE id = $id LIMIT 1;"; $query .= "INSERT INTO usr_premier ( '$_SESSION[username]' , (SELECT id , username , fname , lname , msisdn , email , query1 , creation_time , query_status FROM usr_walkin WHERE id = $id LIMIT 1) );"; // execute query - $result is false if the first query failed $result = mysqli_multi_query($mysqli, $query); $failed = false; if ($result) { do { // grab the result of the next query if (($result = mysqli_store_result($mysqli)) === false && mysqli_error($mysqli) != '') { echo "Query failed: " . mysqli_error($mysqli); } } while (mysqli_more_results($mysqli) && mysqli_next_result($mysqli)); // while there are more results } else { echo "First query failed..." . mysqli_error($mysqli); $failed = true; } $mysqli->close(); } if($failed == false) { header('Location: premier_view.php'); exit; } } ?> Variations I have tried include: <!doctype html> <meta http-equiv="X-UA-Compatible" content="IE=Edge"> <!-- INCLUDING REQUIRED AUTHENTICATION FILES, DATABASE CONNECTIONS, FUNCTIONS. --> <?php include_once '../includes/db_connect.php'; include_once '../includes/functions.php'; include_once '../includes/session_management.php'; include_once '../includes/formatting.php'; $username = $_SESSION['username']; ?> <!-- Copyright 2014 TechDesignLab CRM TRACKING UTILITY --> <!-- HEADER CONTENT OF PAGE - THIS CONTAINS ALL SCRIPT, CSS, AND META TAG RELATED INFORMATION FOR THE WEBPAGE --> <head> <title> - Auxilium</title> <link rel="shortcut icon" href="favicon.ico?v=2"/> <meta name="description" content="Tracker Login Page" /> <meta name="keywords" content="login, register, login page, techdesignlab, tech design lab, computer, components, hardware, software, peripherals" /> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> </head> <?php // confirm that the 'id' variable has been set if (isset($_GET['id']) && is_numeric($_GET['id'])) { // get the 'id' variable from the URL $id = $_GET['id']; // UPDATE THE RECORD IN THE WALIN DATABASAE TABLE // $query = "UPDATE usr_walkin SET query_status = 'Deleted' WHERE id = $id LIMIT 1;"; $query .= "INSERT INTO usr_premier ( username , username2 , fname , lname , msisdn , email , query1 , creation_time , query_status ) VALUES ( '$_SESSION[username]' , (SELECT id , username , fname , lname , msisdn , email , query1 , creation_time , query_status FROM usr_walkin WHERE id = $id LIMIT 1) );"; // execute query - $result is false if the first query failed $result = mysqli_multi_query($mysqli, $query); $failed = false; if ($result) { do { // grab the result of the next query if (($result = mysqli_store_result($mysqli)) === false && mysqli_error($mysqli) != '') { echo "Query failed: " . mysqli_error($mysqli); } } while (mysqli_more_results($mysqli) && mysqli_next_result($mysqli)); // while there are more results } else { echo "First query failed..." . mysqli_error($mysqli); $failed = true; } $mysqli->close(); if($failed == false) { header('Location: premier_view.php'); exit; } } } The error I get only the last variation of the query is: Warning: Cannot modify header information - headers already sent by (output started at process\walkin_delete.php:42) in process\walkin_delete.php on line 111 I have also tried removing just the header / redirect but still the same happens with the update working, but not the insert. Edited January 29, 2014 by SalientAnimal Quote Link to comment Share on other sites More sharing options...
Mace Posted January 29, 2014 Share Posted January 29, 2014 This is because you already outputted html at the top of your file. First build all your php code, and then output your html. Not the other way around. After outputting html/echo/any other output, you cant do header(Location) anymore. Quote Link to comment Share on other sites More sharing options...
Mace Posted January 29, 2014 Share Posted January 29, 2014 However, you could still redirect with javascript: if($failed == false) { ?> <script> window.location="premier_view.php"; </script> <?php exit; } Quote Link to comment Share on other sites More sharing options...
SalientAnimal Posted January 29, 2014 Author Share Posted January 29, 2014 Ok that fixed my redirect header error, however, the insert query still isn't inserting, the update works. var_dump($_POST) returns - array(0) { }, and var_dump($_SESSION) returns all the expected session information. Quote Link to comment Share on other sites More sharing options...
Mace Posted January 29, 2014 Share Posted January 29, 2014 remove the column "id" in your inner select. This conflicts the columns you want to est. Quote Link to comment Share on other sites More sharing options...
SalientAnimal Posted January 29, 2014 Author Share Posted January 29, 2014 (edited) 'id' is a column that I need to populate though from the table I'm selecting from. The table I'm inserting into has a id column which is auto incremented. The table I am selecting from also has an auto incremented 'id' that I need to populate into my destination table as a identifier. Edited January 29, 2014 by SalientAnimal Quote Link to comment Share on other sites More sharing options...
SalientAnimal Posted January 29, 2014 Author Share Posted January 29, 2014 Should also have mentioned, the destination table the id field I'm selecting from the select is called id2. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.