BlockquoteHi, This little program checks to see if the contract is valid. I have a database field “expiry”
(int 3) from which 1 is subtracted when run. As long as the expiry is above 0 I want to redirect to
“sysnav.html”, otherwise I want to redirect to “expiredpage.html”. I need help w/the redirects.
<?php
$link = mysqli_connect("localhost", "root", "", "prerentdb");
// Check connection
if($link === false){ die("ERROR: Could not connect. " . mysqli_connect_error()); }
$id='id';
echo "<center>";echo date('m/d/y');echo "<br />";
// Attempt select query execution
$result = mysqli_query($link,"SELECT * FROM numbers");
$row= mysqli_fetch_array($result);
$id='id';
$expiry='expiry';
if ($_POST["expiry"] === $_POST["confirm_password"]) {
$sql = "UPDATE numbers SET expiry = $expiry-1 where id=$id ";
if(mysqli_query($link, $sql)){ echo "expiry was updated successfully."; }
else { echo "ERROR: Could not able to execute $sql. " . mysqli_error($link); }
if ($expiry == 0) // go to expiredpage.html
{
header("location:expiredpage.html");
}
else // go to sysnav.html
{
header("location:sysnav.html");
}
// Close connection
mysqli_close($link);
?>
Blockquotethe result:
even though expiry is 300, I get this:
Your contract has expired.
Contact the webmaster here
What is your thinking here? You set a variable called $expiry to contain the string “expiry”, and then you try to update your database row to the value of that string minus 1? Why is the id hard-coded to the string "id", and if that’s correct, why have it as a variable, why not just type it directly into the query?
You select all columns from the numbers table, and then just fetch the first row that comes out of the query. Without an ORDER BY clause, you have no way of knowing which row will be returned, unless there is only one row in the table. You don’t seem to do anything with the return from that query. But when you come to update the numbers table, you only update a single row based on whatever the id is set to.
You also need to read up on Prepared Statements rather than just concatenating strings into your queries like that, unless they really are strings that are always the same value, in which case just put them in the query, no need to complicate matters.
Don’t you get a parse error, or is this not the complete code? I count more { than } in that code.
But I admit I can’t see why it’s opening your expired page as $expiry does not equal 0.
@ckguitarz: Please format quotes from earlier posts to make it easier for others to follow.
To reply with a quote, highlight the text you want to quote and a pop-up will appear saying “Quote”. Click it and that text will be copied to a new post. To reply to multiple posts in the same thread, repeat the process again until you get all your quotes.
I can’t say. You are defining $expiry to contain the string “expiry” - if that’s what you want, then it’s OK. I suspect it should be a number, though, because the next thing you do with it is attempt to subtract one from it, which won’t work well.
Your new code doesn’t execute the UPDATE query, is that correct?
If all you are doing is subtracting one from the expiry column, there is no need to read it in first, you can just do that in a single query. If there’s only one row in the table, then it’s even simpler. All you need is:
$sql = "UPDATE numbers SET expiry=expiry-1";
then execute that query. It will update every row in the table and subtract one from the value in the expiry column.