PHP Select Value & Redirect With If Statement

Question

I'm trying to create a php scipt that checks if members are verified as they land on a page. If they are not they get redierected to login with an error message & instructions. So on the page I have this code:

<?php
    if (loggedin()) {
        $check_active = "SELECT active FROM members WHERE username == '$username'";
        $active = mysql_query($check_active);
        if ($active < 1) {
            header("Location: login.php?verify=true");
        } else {
            exit();
        }
    }
?>

It is redirecting the user back to the login page but it doing it whether they are active or not. The values for active members are 0(not verified) & 1(verified). Is htere something wrong in the script I'm using?

Thank You

Answer 1

You'll need to handle the $active result and put it into a PHP variable/array. $active as it is in your code is simply a resource (see here) Try this:

$active = mysql_query($check_active); // run query and return resource

$row = mysql_fetch_assoc($active);  // put resource data into php array   

if ($row['active'] < 1) {
    header("Location: login.php?verify=true");
} else {
    exit();
}

Answer 2

You aren't fetching the data correctly after the query.

Right after you do the the mysql_query function. Try this:

$output = mysql_fetch_assoc($active);
$active_result = $ouput['active'];

Don't know if it might work.

And add a little more security for SQL injection there. And use MySQLi instead since you aren't keen on preventing SQL injection yourself.

Answer 3

Please don't use old mysql, use mysqli_ or read topic on http://php.net/manual/en/function.mysql-query.php.

Instead, the MySQLi or PDO_MySQL extension should be used. See also MySQL: choosing an API guide and related FAQ for more information.