1

What I am trying to do is simply display the row values. Now suppose if the field 'head_office' dont have the value 'H.O' then I want to display the values of the last row. I tried but cant find any solution. Here is my code: (I have only blocked the php part)

 <?php
 $mysql_host = 'localhost';
 $mysql_user = 'root';
 $mysql_password = '123';
 $mysql_database = 'sdbms';
 $setup_page = './myinstitute.php';
 $db = mysql_connect($mysql_host, $mysql_user, $mysql_password);
 mysql_select_db($mysql_database, $db);


 if(isset($_REQUEST['id'])){
    $id=$_REQUEST['id'];
    $sql = "SELECT * FROM institute WHERE id =$id";
    $result = mysql_query($sql, $db);
    $row = mysql_fetch_array($result);
 }
 else if(!isset($_REQUEST['id'])){
    $sql = 'SELECT * FROM institute WHERE head_office ="H.O"';
    $result = mysql_query($sql, $db);
    $row = mysql_fetch_array($result);
 }
 else{
    $sql="SELECT * FROM institute";
    $result = mysql_query($sql, $db);
    $n = mysql_num_rows($result); //counting number of rows
    if($n==0){
        header('Location: '.$setup_page);
    }
    else{
        $sql = 'SELECT * FROM institute ORDER BY id DESC LIMIT 1';
        $result = mysql_query($sql, $db);
        $row = mysql_fetch_array($result);
    }
 }

?>
Improve this question
6
  • Obligatory this is prone to SQL injection and thus very insecure. Commented Jun 2, 2014 at 17:15
  • Where is your while loop? obligatory please upgrade to the mysqli_ or PDO methods for handling the database - mysql_ functions are deprecated. Commented Jun 2, 2014 at 17:15
  • sidenote: to simplify the code you can write single mysql_query and mysql fetch at the end of the code instead of writing it in each block Commented Jun 2, 2014 at 17:16
  • 1
    How will your code ever get to after the second "else"? Either $_REQUEST['id'] is set or not, so one of those branches is executed, none of those below. Commented Jun 2, 2014 at 17:17
  • You very first IF and ESLE IF negates each other therefore the ELSE part will never ever execute. IF happy==true {} ELSE IF happy==false{} ELSE {}. Happy can either be true or false. Commented Jun 2, 2014 at 17:18

3 Answers 3

Reset to default
2 
<?php
$mysql_host = 'localhost';
$mysql_user = 'root';
$mysql_password = '123';
$mysql_database = 'sdbms';
$setup_page = './myinstitute.php';
$db = mysql_connect($mysql_host, $mysql_user, $mysql_password);
mysql_select_db($mysql_database, $db);
$row = array();


if(isset($_REQUEST['id'])) {
    $id = (int) $_REQUEST['id'];
    if(!empty($id)) {
        $sql = "SELECT * FROM institute WHERE id =$id";
        $result = mysql_query($sql, $db);
        $row = mysql_fetch_array($result);
    }
} else {
    $sql = 'SELECT * FROM institute WHERE head_office = "H.O"';
    $result = mysql_query($sql, $db);
    $row = mysql_fetch_array($result);
}

if(!isset($_REQUEST['id']) && empty($row))
    $sql = "SELECT * FROM institute";
    $result = mysql_query($sql, $db);
    $n = mysql_num_rows($result); //counting number of rows

    if($n == 0) {
        header('Location: ' . $setup_page);
    } else {
        $sql = 'SELECT * FROM institute ORDER BY id DESC LIMIT 1';
        $result = mysql_query($sql, $db);
        $row = mysql_fetch_array($result);
    }
}
?>
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

This seems to be what OP was looking for, but still doesn't address the injection vulnerability so I can't upvote as best solution.
The else if...is BAD. Replace it with an else.
I have got one more query relating to this piece of code. I would like to display a notice to the user that no 'H.O' has been set and continue to display until the user sets a H.O. How can I achieve this? what I have tried doing is adding $notice="please set a head office for your institute!"; in the last else block.
2

As $_REQUEST['id'] can only have 2 status, isset and !isset, the else statement will never be used.

Improve this answer

2 Comments

Then should I use GET?
That would be the same, the isset function will return a boolean, so you can only get a true or false value. Knowing this, your code look like this. if (something == true){ do something } else if (something == false){ do another thing } else { do something else } So, as you can see, if something is true, will enter the if, if something is false, will enter the else if. So you will never use the last else code. To deal with that you should look at the solutions given by Prava or Magicianred.
1

I don't understand very well how do you want to do, but it's illogic: the three step don't execute ever. Try it:

if(isset($_REQUEST['id'])){
    $id=$_REQUEST['id'];
    $sql = "SELECT * FROM institute WHERE id =$id";
    $result = mysql_query($sql, $db);
    $row = mysql_fetch_array($result);
}
else if(!isset($_REQUEST['id'])){
    $sql = 'SELECT * FROM institute WHERE head_office ="H.O"';
    $result = mysql_query($sql, $db);
    $row = mysql_fetch_array($result);
}
if(count($row)<=0) {
    $sql="SELECT * FROM institute";
    $result = mysql_query($sql, $db);
    $n = mysql_num_rows($result); //counting number of rows
    if($n==0){
        header('Location: '.$setup_page);
    }
    else{
        $sql = 'SELECT * FROM institute ORDER BY id DESC LIMIT 1';
        $result = mysql_query($sql, $db);
        $row = mysql_fetch_array($result);
    }
}

Enjoy your code.

Improve this answer

1 Comment

Exactly that is the thing. It doesnt execute from the third if. Is there any hint I could use to execute the conditions and also protect it from sql injection?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.