Skip to content
Advertisement

second condition not being met when condition is called [closed]

The below is the basics of my activation code, the user is sent a link when registering to activate. when they click the link it activates and functions as it should, if the token in the link does not match any in the database it should redirect with error message, this is the hangup it don’t redirect or even show the error message it just stays on a blank page.

I am really not sure what I missed I even tried a else if what am i missing

   if (($_SERVER['REQUEST_METHOD'] === "GET") && isset($_GET['hash_token'])) {

        $db = DB_CONNECT();
        $stmt = $db->prepare("SELECT id, email, confirm_code FROM users WHERE confirm_code = ?");
        $stmt->bind_param('s', $_GET['hash_token']);
        $stmt->execute();
        $result = $stmt->get_result();
        $stmt->close();


        while ($row = mysqli_fetch_assoc($result)) {

            $email = $row['email'];
            $confirm_code = $row['confirm_code'];

            if ($confirm_code !== null && $confirm_code === $_GET['hash_token']) {

                $is_activated = 1;
                $set_confirm_code = null;

                $stmt2 = $db->prepare("UPDATE users SET is_activated = ?, confirm_code = ?  WHERE confirm_code = ?");
                $stmt2->bind_param('sss', $is_activated, $set_confirm_code, $confirm_code);
                $stmt2->execute();
                $stmt2->close();

                set_message("Your account has been activated please login.", SUCCESS);
                redirect_to_url("/");


            } else {
            

                set_message("Unable to activate with provided data.", WARNING);
                redirect_to_url("/");


            }
        }
    }

Advertisement

Answer

When $stmt return null results while block won’t be executed. Try this

<?php

if (($_SERVER['REQUEST_METHOD'] === "GET") && isset($_GET['hash_token'])) {

    $db = DB_CONNECT();
    $stmt = $db->prepare("SELECT id, email, confirm_code FROM users WHERE confirm_code = ?");
    $stmt->bind_param('s', $_GET['hash_token']);
    $stmt->execute();
    $result = $stmt->get_result();
    $stmt->close();

    if (mysqli_num_rows($result) > 0 ) {
        while ($row = mysqli_fetch_assoc($result)) {
    
            $email = $row['email'];
            $confirm_code = $row['confirm_code'];
    
            if ($confirm_code !== null && $confirm_code === $_GET['hash_token']) {
    
                $is_activated = 1;
                $set_confirm_code = null;
    
                $stmt2 = $db->prepare("UPDATE users SET is_activated = ?, confirm_code = ?  WHERE confirm_code = ?");
                $stmt2->bind_param('sss', $is_activated, $set_confirm_code, $confirm_code);
                $stmt2->execute();
                $stmt2->close();
    
                set_message("Your account has been activated please login.", SUCCESS);
                redirect_to_url("/");
    
    
            } else {
            
    
                set_message("Unable to activate with provided data.", WARNING);
                redirect_to_url("/");
    
    
            }
        }
    } else {
        set_message("Unable to activate with provided data.", WARNING);
        redirect_to_url("/");
    }
}

User contributions licensed under: CC BY-SA
5 People found this is helpful
Advertisement