0

I have been having some problem getting the header() to initialize with this code. It seems that the if statement doesn't work with query variables?

In init.php the function $user_data is defined. $url is the $_GET code in the url-bar of the browser (in this case a 6 digit random code). The variables seem to work, since I tried to output them already. The problem seems to be the if statement though. I do not get an error message. The header() just does not initiate, even though I am not logged in and the url is set to public === 0 in MySQL. Where am I going wrong?

include 'core/init.php';
include 'includes/head.php';
$url = $_SERVER['QUERY_STRING'];
$url = sanitize($url);

$public_arr = mysql_query("SELECT `public` FROM `uploads` WHERE `url` = '$url' AND `active` = 1") or die(mysql_error());
$public_arr = mysql_fetch_assoc($public_arr);
$public = $public_arr['public'];

$owner_arr = mysql_query("SELECT `owner` FROM `uploads` WHERE `url` = '$url' AND `active` = 1") or die(mysql_error());
$owner_arr = mysql_fetch_assoc($owner_arr);
$owner = $owner_arr['owner'];

global $user_data;
if ($public === 0 AND $owner !== $user_data['username'] || logged_in() === false) {
    header('Location: mainpage.php');
    exit();
}

$name_arr = mysql_query("SELECT `name` FROM `uploads` WHERE `url` = '$url' AND `active` = 1") or die(mysql_error());
$name_arr = mysql_fetch_assoc($name_arr);
$name = $name_arr['name'];
Improve this question
5
  • 2
    php.net/manual/en/function.error-reporting.php - if the header doesn't work, then if ($public === 0 AND $owner !== $user_data['username'] || logged_in() === false) failed you, and/or you're outputting before header. Commented Feb 16, 2016 at 16:41
  • Try if ($public === 0 AND ($owner !== $user_data['username'] || logged_in() === false)) { or if (($public === 0 AND $owner !== $user_data['username']) || logged_in() === false) {, depending on what you're after. You should clarify in the code, to avoid issues, on how you want the || parameter to behave. Can you also edit your question to clarify what values $public and $owner have? Also, use die('this works'); to check this clause is being caught. (sorry for the long comment!). Commented Feb 16, 2016 at 16:48
  • @Egg Thank you two for your answers. Dummy me used === to compare '0' with 0. I fixed it and it works perfectly fine. Have a great day :) Commented Feb 16, 2016 at 16:55
  • 1
    Please stop using mysql_* functions. These extensions have been removed in PHP 7. Learn about prepared statements for PDO and MySQLi and consider using PDO, it's really pretty easy. Commented Feb 16, 2016 at 17:05
  • @EthanBilly You're welcome, I'll repost as an answer for you to accept to help any others coming here. Commented Feb 16, 2016 at 17:27

2 Answers 2

Reset to default
1

Assuming the variable values are as you say they are, try checking these vlaues are equal to and not identical, some times the types can vary (integers like 0 may be strings like "0").

if ($public == 0 AND $owner != $user_data['username'] || logged_in() === false) {
    header('Location: mainpage.php');
    exit();
}

As @jay-blanchard says, you should be using MySQLi functions instead of mysql_* for many reasons - the main that they're not supported as standard in PHP any more!

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0 
if ($public === 0 AND $owner !== $user_data['username'] || logged_in() === false)

should be

if (($public === 0 && $owner !== $user_data['username']) || logged_in() === false)
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.