I'm trying to do a directory where u can add yourself by entering the code sms. After entering the correct code sms, it checks if code exist in the database, then remove entered code from DB and add data from form. Now I have a problem because I do not know how to prevent from adding data into the database, when the given code is incorrect. At the moment, it looks like this:
if ($sum != $val1+$val2) { //simple captcha
echo '<div id="message_position_capreg"><p class="error_form"><font color="red">Incorrect. Try again</font></p></div>';
}
else {
if ($_POST['code']){
$code=$_POST['code'];
global $wpdb;
$sql = $wpdb->prepare("SELECT id FROM code_sms WHERE code = %s", $cd);
$check_code = $wpdb->get_results($sql);
if ($check_code>0) {
$wpdb->delete( 'code_sms', array( 'code' => $code ) );
if ( isset( $_POST["submit_formm"] ) && $_POST["company_nip"] && $_POST["company_name"] != "" ){
$company_nip = strip_tags($_POST["company_nip"], "");
$company_name = strip_tags($_POST["company_name"], "");
$result = $wpdb->insert(
'test',
array(
'company_nip' => $company_nip, 'company_name' => $company_name)
);
if (!$result) {
echo '<div>
ERROR</div>';
}
else {
echo '<div>
Succes</div>';
}
}
}
}
}
EDIT: I editted my code, like @thephatp said, and it's now working :)
You're basically checking "if sms_code exists in database" then "remove code; insert form data."
However, you're closing your if statement prior to adding the form data. Move your } that closes your if statement as shown below. That way, if the sms_code is incorrect, you do not process the form data if statement & insert.
Also, your $check_code variable is not the number of rows, but rather a results set. This result set will only be FALSE if the query resulted in an error. See the documentation for get_result here: mysqli_stmt_get_result
Returns a resultset for successful SELECT queries, or FALSE for other DML queries or on failure. The mysqli_errno() function can be used to distinguish between the two types of failure.
You need to check the results set for the number of rows and test against that in the if statement. Code below has been updated.
if ($sum != $val1+$val2) { //simple captcha
echo '<div id="message_position_capreg"><p class="error_form"><font color="red">Incorrect. Try again</font></p></div>';
}
else {
if ($_POST['code']){
$code=$_POST['code'];
global $wpdb;
$sql = $wpdb->prepare("SELECT id FROM code_sms WHERE code = %s", $cd);
$result = $wpdb->get_results($sql);
/* Get the number of rows */
$num_of_rows = $result->num_rows;
if ($num_of_rows>0) {
$wpdb->delete( 'code_sms', array( 'code' => $code ) );
if ( isset( $_POST["submit_formm"] ) && $_POST["company_nip"] && $_POST["company_name"] != "" ){
$company_nip = strip_tags($_POST["company_nip"], "");
$company_name = strip_tags($_POST["company_name"], "");
$result = $wpdb->insert(
'test',
array(
'company_nip' => $company_nip, 'company_name' => $company_name)
);
if (!$result) {
echo '<div>
ERROR</div>';
}
else {
echo '<div>
Succes</div>';
}
}
}
You must include the code that adds data to the database inside the if condition where the sms code has been validated true - if ($check_code>0) { - just append it right after the code sms delete.
if ($sum != $val1+$val2) { //simple captcha
echo '<div id="message_position_capreg"><p class="error_form"><font color="red">Incorrect. Try again</font></p></div>';
}
else {
if ($_POST['code']){
$code=$_POST['code'];
global $wpdb;
$sql = $wpdb->prepare("SELECT id FROM code_sms WHERE code = %s", $cd);
$check_code = $wpdb->get_results($sql);
if ($check_code>0) {
$wpdb->delete( 'code_sms', array( 'code' => $code ) );
// Removed closing braces here
if ( isset( $_POST["submit_formm"] ) && $_POST["company_nip"] && $_POST["company_name"] != "" ){
$company_nip = strip_tags($_POST["company_nip"], "");
$company_name = strip_tags($_POST["company_name"], "");
$result = $wpdb->insert(
'test',
array(
'company_nip' => $company_nip, 'company_name' => $company_name)
);
if (!$result) {
echo '<div>
ERROR</div>';
}
else {
echo '<div>
Succes</div>';
}
}
}
}
} // Added closing braces here
if ($sum != $val1+$val2) { //simple captcha
echo '<div id="message_position_capreg"><p class="error_form"><font color="red">Incorrect. Try again</font></p></div>';
}
else {
if ($_POST['code']){
$code=$_POST['code'];
global $wpdb;
$sql = $wpdb->prepare("SELECT id FROM code_sms WHERE code = %s", $cd);
$check_code = $wpdb->get_results($sql);
if ($check_code>0) {
$wpdb->delete( 'code_sms', array( 'code' => $code ) );
if ( isset( $_POST["submit_formm"] ) && $_POST["company_nip"] && $_POST["company_name"] != "" ){
$company_nip = strip_tags($_POST["company_nip"], "");
$company_name = strip_tags($_POST["company_name"], "");
$result = $wpdb->insert(
'test',
array(
'company_nip' => $company_nip, 'company_name' => $company_name)
);
if (!$result) {
echo '<div>
ERROR</div>';
}
else {
echo '<div>
Succes</div>';
}
}
}
}
else
{
echo '<div>
ERROR WRONG CODE</div>';
}
}