<?php
$memberchecker=mysql_query("SELECT id, password, customer_num FROM logins WHERE email = '$email'" );
//email is unique and not null
if (!$memberchecker) {
//handle error
} else { if (mysql_num_rows($memberchecker) >= 1) { while ($row = mysql_fetch_array($memberchecker)) {$this_login_password=$row[password];
if ($this_login_password==$password) {
//$password is a form variable (yes register_globals is on...*sigh*)
$this_customer_num=$row[customer_num];
$companycheck=mysql_query("SELECT priority, cash_price FROM customers WHERE customer_num='$this_customer_num'"); //customer_num is primary key, so unique and not null
if (!$companycheck) {//handle error
} else { if (mysql_num_rows($companycheck) == 1) { while ($cow = mysql_fetch_array($companycheck)) { $id=$row[id];
$priority=$cow[priority];
$cp=$cow[cash_price];
$sn=date(Sz).$this_customer_num.time();
?>Before anyone yells at me, no I did not write this code. I first thought there might be a problem with the array keys not being quoted, but if that were the case, and an empty string were assigned to $this_customer_num, then I should not be able to pass the second query, since there are no empty string customer_num entries (all of them are at least 9 characters in length).
I have been unable to reproduce an instance where $sn is missing the $this_customer_num variable, and I'm stuck in a kind of political situation where I can only make recommendations, and not change the code myself.
Suggestions on where to start looking? Thanks in advance.
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
