PHP Header location in IF statement
Im trying to write this script to say if email is valied insert into DB and redirect, else redirect with error message only my redirect isn't work开发者_开发问答ing, im not terribly great with php and still reading up on the subject so id appreciate any advice, thanks in advance!
<?php
$userid = $usersClass->userID();
$user_email=$_POST['email_upd'];
if(!filter_var($user_email, FILTER_VALIDATE_EMAIL))
{
header('Location: http://www.mysite.co.uk/mytwitter.php?msg=invalid');
}
else
{
mysql_query(" UPDATE produgg_users SET email='$user_email' where produgg_users.id = ".$usersClass->userID()) or die(mysql_error());
header('Location: http://www.mysite.co.uk/mytwitter.php?msg=success');
}
?>
Sorry for not describing what goes wrong, what's happening is my page isnt redirecting back to the page in the header(location)
I've now enabled Error reporting and im still only seeing a white page, heres my entire page code.
<?php
error_reporting(E_ALL);
require 'config.inc.php';
?>
<?php
$userid = $usersClass->userID();
$user_email=$_POST['email_upd'];
if(!filter_var($user_email, FILTER_VALIDATE_EMAIL))
{
header('Location: http://www..co.uk/mytwitter.php?msg=invalid');
}
else
{
mysql_query(" UPDATE produgg_users SET email='$user_email' where produgg_users.id = ".$usersClass->userID()) or die(mysql_error());
header('Location: http://www..co.uk/mytwitter.php?msg=success');
}
?>
This should work, but make sure that you don't have any code before header method, when I say code I mean and output from php or HTML tags in any other file, this needs to be executed first, but also you need to make sure that code after redirect is not executed do it with exit;
header(....
exit;
Can you please post your complete script? What Senad said is true: if your script writes anything to the output buffer, any header(); won't work anymore. Based on the code you have given, nothing is written to the output buffer (unless you are getting a mysql error, which you are not telling us about, which I assume is not the case).
Also, there is no need to use and then reopen it with . Just FYI.
I managed to get it working using the following code, I've rewritten it based upon what I've read regarding SQL injections and it works fine, I'd appreciate any advice on this, thanks!
<?php
require 'config.inc.php';
$userid = $usersClass->userID();
$user_email=mysql_real_escape_string($_POST['email_upd']);
if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $user_email))
{
mysql_query(" UPDATE produgg_users SET email='$user_email' where produgg_users.id = ".$usersClass->userID()) or die(mysql_error());
echo "<meta http-equiv=\"refresh\" content=\"0;URL=/mytwitter.php?msg=email updated\">";
}
else
{
echo "<meta http-equiv=\"refresh\" content=\"0;URL=/mytwitter.php?msg=email error\">";
}
?>
精彩评论