Jump to content

Recommended Posts

  $username = $_POST['uid'];
  $email = $_POST['mail'];
  $password = $_POST['pwd'];
  $passwordRepeat = $_POST['pwd-repeat'];
  $date = $_POST['date2'];
  $stream = $_POST['relationship'];

		$sql1 = "INSERT INTO users (uidUsers, emailUsers, pwdUsers, relationship) VALUES (?, ?, ?, ?);";
		$sql2 = "INSERT INTO Family1 (username, application_filed, relationship) VALUES (?, ?, ?);";
		$sql3 = "INSERT INTO Family2 (username, application_filed, relationship) VALUES (?, ?, ?);";
		mysqli_query($sql1, $conn);
		mysqli_query($sql2, $conn);
		mysqli_query($sql3, $conn);
		
   $stmt = mysqli_stmt_init($conn);
		if (!mysqli_stmt_prepare($stmt, $sql2)) {
          header("Location: ../signup.php?error=sqlerror");
          exit();
        }
		        else {

          mysqli_stmt_bind_param($stmt, "sss", $username, $date, $stream);
          $result = mysqli_stmt_get_result($stmt);
		  if ($row = mysqli_fetch_assoc($result))
		  ($username==$_SESSION['uid'] and $stream =='nursing');
			mysqli_stmt_execute($stmt);
		}
		
		if (!mysqli_stmt_prepare($stmt, $sql3)) {
          header("Location: ../signup.php?error=sqlerror");
          exit();
        }
		        else {

          mysqli_stmt_bind_param($stmt, "sss", $username, $date, $stream);
          $result = mysqli_stmt_get_result($stmt);
		  if ($row = mysqli_fetch_assoc($result))
		  ($username==$_SESSION['uid'] and $stream =='doctoral');
			mysqli_stmt_execute($stmt);
		}
		
        if (!mysqli_stmt_prepare($stmt, $sql1)) {
          header("Location: ../signup.php?error=sqlerror");
          exit();
        }

 if (!mysqli_stmt_prepare($stmt, $sql1)) {
          header("Location: ../signup.php?error=sqlerror");
          exit();
        }
        else {
          $hashedPwd = password_hash($password, PASSWORD_DEFAULT);
          mysqli_stmt_bind_param($stmt, "ssss", $username, $email, $hashedPwd, $stream);
          mysqli_stmt_execute($stmt);
          header("Location: ../signup.php?signup=success");
          exit();

I was wondering if someone could point me in the right direction. I have this code. They idea I had behind it is to insert values into different tables depending on variables being passed. 

So when user fills out a form and selects $stream="nursing" I want results to go to table 'users' and 'Family1', but not 'Family2' table. and if user selects $stream='doctoral' results should go to table 'users' and  'Family2', and not go to 'Family1'

But with my query I get results go to both table and also users table. And there is no restriction to what users selects, variable $stream being passed no matter what it is.

Is this the wrong way to go here? Did I completely mess up the logic?

<?php
 $username = $_POST['uid'];
  $email = $_POST['mail'];
  $password = $_POST['pwd'];
  $passwordRepeat = $_POST['pwd-repeat'];
  $date = $_POST['date2'];
  $stream = $_POST['relationship'];

		$sql1 = "INSERT INTO users (uidUsers, emailUsers, pwdUsers, relationship) VALUES (?, ?, ?, ?);";
		$sql2 = "INSERT INTO Family1 (username, application_filed, relationship) VALUES (?, ?, ?);";
		$sql3 = "INSERT INTO Family2 (username, application_filed, relationship) VALUES (?, ?, ?);";
		mysqli_query($sql1, $conn);
		mysqli_query($sql2, $conn);
		mysqli_query($sql3, $conn);
		
   $stmt = mysqli_stmt_init($conn);
		if (!mysqli_stmt_prepare($stmt, $sql2)) {
          header("Location: ../signup.php?error=sqlerror");
          exit();
        }
		        else {

          mysqli_stmt_bind_param($stmt, "sss", $username, $date, $stream);
          $result = mysqli_stmt_get_result($stmt);
		  if ($row = mysqli_fetch_assoc($result))
		  ($username==$_SESSION['uid'] and $stream =='nursing');
			mysqli_stmt_execute($stmt);
		}
		
		if (!mysqli_stmt_prepare($stmt, $sql3)) {
          header("Location: ../signup.php?error=sqlerror");
          exit();
        }
		        else {

          mysqli_stmt_bind_param($stmt, "sss", $username, $date, $stream);
          $result = mysqli_stmt_get_result($stmt);
		  if ($row = mysqli_fetch_assoc($result))
		  ($username==$_SESSION['uid'] and $stream =='doctoral');
			mysqli_stmt_execute($stmt);
		}
		
        if (!mysqli_stmt_prepare($stmt, $sql1)) {
          header("Location: ../signup.php?error=sqlerror");
          exit();
        }

 if (!mysqli_stmt_prepare($stmt, $sql1)) {
          header("Location: ../signup.php?error=sqlerror");
          exit();
        }
        else {
          $hashedPwd = password_hash($password, PASSWORD_DEFAULT);
          mysqli_stmt_bind_param($stmt, "ssss", $username, $email, $hashedPwd, $stream);
          mysqli_stmt_execute($stmt);
          header("Location: ../signup.php?signup=success");
          exit();
?>

sorry, i added php tags to make it better readable. My queries work with parameters that I set up.

<?php
          mysqli_stmt_bind_param($stmt, "sss", $username, $date, $stream);
?>

But i dont know how to make it work with that condition before executing query. perhaps I'm not using right logic here?

<?php
($username==$_SESSION['uid'] and $stream =='nursing');
			mysqli_stmt_execute($stmt);
?>

 

ok, I get that part. I'm not sure why I was doing it I think i just thought I was preparing a statement.  I actually removed all three mysqli_query and my query still works.

But don't I bind my variables by doing this? ---> mysqli_stmt_bind_param($stmt, "sss", $username, $date, $stream);

I thought my sql queries just prepared statements with placeholders(?, ?, ?)

ok with some help i got it working and doing what i want. 

<?php
$stmt = mysqli_stmt_init($conn);
		if (!mysqli_stmt_prepare($stmt, $sql2)) {
          header("Location: ../signup.php?error=sqlerror");
          exit();
        } else if ($stream =='nursing') {
    mysqli_stmt_bind_param($stmt, "sss", $username, $date, $stream);
    mysqli_stmt_execute($stmt);
		}
?>

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.