On my website, "Username" must be unique - even though its not the PK. (I just assumed SitePoint would follow the same logic and thus not need to prepend a number.)
Originally Posted by Mandes
Well, two things...
Your script seems ok on the surface, not sure why you'd want to log details of everyone that wasnt logged in.... depends what youre doing with it in results.php . Youre better off just shoving people back to a login page if they aint got the credentials, unless youve a good reason not to, ie like they shouldnt have found this script in the first place and your trying to find and plug a hole in your code.
1.) That is my standard code to handle Errors. I figured logging everything that happens is a good way for me to know where problems are occurring. (I still need to learn how to do this for Fatal Errors, but for Logical Errors I think this will be helpful.)
2.) On most Errors, I route people to "results.php" and have code like this...
So I believe that addresses your suggestions above, right?
// Not Logged In.
// Set Redirect Path.
$_SESSION['returnToPage'] = '/account/change_email.php';
echo '<h1>Not Logged In</h1>';
echo '<p>You must be logged in to change your e-mail. (2127)</p>';
echo '<a class="button" href="' . BASE_URL . '/account/log_in.php">Log In</a>';