chriscloyd Posted April 12, 2007 Share Posted April 12, 2007 when you do a return on a function return false or return true what happens if its false does it go back to the old page for example i wanna check if a user name already exist <?php $name = $_POST['username']; function check_username($username) { $check_username = mysql_query("SELECT * FROM users WHERE username = '$username'"); if ($check_username) { $user = mysql_num_rows($check_username); if ($user > 0) { return false; } else { return true; } } } ?> how would i check that say if it returns false i want it to go to a differnet page Quote Link to comment Share on other sites More sharing options...
suzzane2020 Posted April 12, 2007 Share Posted April 12, 2007 instead of using a return u cud use a header to direct to the page required if($user>0) { header("location:filename"); } Quote Link to comment Share on other sites More sharing options...
monkey_05_06 Posted April 12, 2007 Share Posted April 12, 2007 When a function returns it simply means that the function stops executing and the script returns to wherever the function was called from. In your example, you've defined the function, but you're never actually calling it. I assume that this is the action script for an HTML form you're using? The solution is, as suzzane said, to use header to redirect...but you should probably also look into how functions work. You don't seem to completely understand the concept. Quote Link to comment Share on other sites More sharing options...
chriscloyd Posted April 12, 2007 Author Share Posted April 12, 2007 no i do lol now when i do this <?php $name = $_POST['username']; function check_username($username) { $check_username = mysql_query("SELECT * FROM users WHERE username = '$username'"); if ($check_username) { $user = mysql_num_rows($check_username); if ($user > 0) { return false; } else { return true; } } } //check username do i do this if (check_username($name)) { //mycode here } else { //header and code here } ?> Quote Link to comment Share on other sites More sharing options...
Guest prozente Posted April 12, 2007 Share Posted April 12, 2007 You are passing unchecked user data to mysql. You will want to escape any input from the user otherwise you will have SQL injection on your hand. And if you don't add any protection and you don't have magic quotes on then the user could enter fakename' or '1'='1 and it will allow them to login. You need to run the username through mysql_escape_string before you insert it into the query. You could also shorten your if statement by doing the below //check username do i do this if (!check_username($name)) { //header and code here exit(); } //mycode here I hope you are using sessions or cookies on the page you are redirecting the user to if they login correctly. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.