0

I have code like this at my PHP code:

    <?php
    require('../../server.php');
    $role = strtoupper($_POST['role']);
    $pool = strtoupper($_POST['pool']);
    $psh = strtoupper($_POST['comp']);

    if($role = "POOL")
    {
        $query2 = "INSERT INTO m_login (email, password, role, company_id)
                            VALUES ('$email', '$pass', '$role', '$pool')";
    }
    else
    {
        $query2 = "INSERT INTO m_login (email, password, role, company_id)
                            VALUES ('$email', '$pass', '$role', '$psh')";
    }

    if (mysql_query($query2))
    {
        $whatdo = strtoupper("add user ").$id;
        include_once('../../serverlog.php');
        $querys = "INSERT INTO m_log (user_id, description, waktu) VALUES ('$user', '$whatdo', '$input')";
        if(mysql_query($querys))
        {
          echo'<script>alert("Penambahan data berhasil!");</script>
          <meta http-equiv="refresh" content="0; url=index.php" />';
        }
        else
        {
          echo mysql_error();
        }
    }
    else
    {
        echo'<script>alert("Failed!");</script> <br/>'.mysql_error().'<meta http-equiv="refresh" content="10; url=index.php" />';
    }
?>

my question is, am I wrong to create condition for query2? because when I ran the program, my data always get POOL result for the role, although I have select Admin or Supervisor, it always return POOL

I'm using for choosing the role at registration form. So when I choose option admin, it return pool, when I choose spv, it return pool.

Anyone can give me solution?

Sorry for my bad English

Improve this question
4
  • 1
    if($role = "POOL") should be if($role == "POOL") Commented Nov 9, 2012 at 3:59
  • sorry not read it.. I get it. Thanks.. :D Commented Nov 9, 2012 at 4:14
  • @CrossVander your code is open for sql injunction Commented Nov 9, 2012 at 5:04
  • Well, I will try to fix that.. I will learn it before (because I don't understand about that) Thanks for advice.. Commented Nov 12, 2012 at 7:45

3 Answers 3

Reset to default
4

This is wrong, it should be

if($role == "POOL") {
  /*Code goes here*/
}

because = will assign value POOL to your variable $role, so use == to compare, or === to compare similar data types

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

3

= is assignment. == is comparison. Put if($role == "POOL") and it should work fine.

Improve this answer

Comments

2

you care assigning the value in if($role = "POOL") use instead == should be if($role == "POOL")

= is the assignment operator, == equality operator.

  1. = is the assignment operator. b = 1 will set the variable b equal to the value 1.

  2. == is the equality operator. it returns true if the left side is equal to the right side, and returns false if they are not equal

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.