Hi Mates, I do apologize for asking this question but I am wondering if you can help me.. the warning message won't work at admin.php form when email and username already taken the url http://localhost/mysite/admin.php?page=add_admins the switch page function contents(){ $page_request = @$_GET['page']; switch($page_request){ case 'add_admins' : add_admins(); break; default : homepage(); break; } } PHP: admin.php file look like: <?php //admin.php file function add_admins(){ global $db_conn,$prefix,$fullname,$admin_name,$password,$email,$admin_taken_err,$email_taken_err; ?> <font class=title>Add Admin</font> <form method="POST" enctype="multipart/form-data" action="do_admin.php"> <table border="0"> <tr> <td>Fullname</td> <td> <input type="text" name="fullname" value="<?php echo $fullname;?>" size="20"></td> </tr> <tr> <td>Username</td> <td> <input type="text" name="admin_name" value="<?php echo $admin_name;?>" size="20"> <?php echo $admin_taken_err;?></td> </tr> <tr> <td>Password</td> <td> <input type="password" name="password" value="<?php echo $password;?>" size="20"></td> </tr> <tr> <td>Email</td> <td> <input type="text" name="email" value="<?php echo $email;?>" size="20"> <?php echo $email_taken_err;?></td> </tr> <tr> <td> </td> <td> <input name="do_add_admins" type="submit" id="do_add_admins" value="Save"> <!--input type="hidden" name="page" value="do_add_admins"> <input type="submit" value="Add" name="B1"--></p> </td> </tr> </table> </form> <?php } // some code.. ?> PHP: do_admin.php file look like // do_admin.php file if ($_POST['do_add_admins'] == 'Save') { global $db,$prefix,$fullname,$admin_name,$password,$email,$admin_taken_err,$email_taken_err; if ((!$fullname) or (!$admin_name) or (!$email) or (!$password)){ echo "Error: All Feilds are required! <a href=\"javascript:history.go(-1)\">Go Back</a> ]"; exit(); } //--nothing empty? everything is okay? lets do the register. $email_check = $db->sql_numrows($db->sql_query("SELECT email FROM ".$prefix."admin WHERE email='$email'")); $admin_check = $db->sql_numrows($db->sql_query("SELECT admin_name FROM ".$prefix."admin WHERE admin_name='$admin_name'")); if(($email_check > 0) || ($admin_check > 0)){ //define error message for usage in multi plces. $exist_msg= "<font class=\"error\">"._ALREADY_TAKEN."</font>"; if($email_check > 0){ $email_taken_err = $exist_msg; unset($email); } if($admin_check > 0){ $admin_taken_err = $exist_msg; unset($admin_name); } //if the username or email already been taken load the form and print errors. // add_admins(); header("Location: admin.php?page=add_admins"); exit(); } $password = md5($password); $sql = mysql_query("INSERT INTO ".$prefix."admin (fullname,admin_name,password,email,regdate) VALUES ('$fullname','$admin_name','$password','$email',NOW())") or die ("Error Adding Mod: ". mysql_error()); msg_redirect(""._ADDED_SUCCESS."","admin.php?page=view_admins","2"); } PHP: any help would be appreciate and great thanks
You use msg_redirect if its a success but not for failure - there you just do a normal redirect so any message gets lost. There's quite a few gotchas in the code (not related to this problem). For instance you could combine those 2 queries into one. Do you do a safety check or addslashes on $email and $admin_name before you send them to your database? what if the $admin_name was "O'Brien" - your sql would break. function contents(){ $page_request = @$_GET['page']; switch($page_request){ case 'add_admins' : add_admins(); break; default : homepage(); break; } } PHP: might be better as function contents(){ $page_request = (isset($_GET['page']))?$_GET['page']:''; switch($page_request){ case 'add_admins' : add_admins(); break; default : homepage(); break; } } PHP:
Thank sarahk for your nice suggestion, i really appreciated. but my problem not done, any else idea? Regards,
where you have header("Location: admin.php?page=add_admins"); exit; PHP: might work better as msg_redirect(""._ALREADY_TAKEN."","admin.php?page=view_admins","2"); exit; PHP: I don't know your CMS but as a rule of thumb you should always exit after a redirect.