the code at line 37 - 56:
// *** Redirect if username exists
$MM_flag="MM_insert";
if (isset($_POST[$MM_flag])) {
$MM_dupKeyRedirect="customer_duplicate.php";
$loginUsername = $_POST['email'];
$LoginRS__query = "SELECT email FROM customers WHERE email='" . $loginUsername . "'";
mysql_select_db($database_ploughshare, $ploughshare);
$LoginRS=mysql_query($LoginRS__query, $ploughshare) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
//if there is a row in the database, the username was found - can not add the requested username
if($loginFoundUser){
$MM_qsChar = "?";
//append the username to the redirect page
if (substr_count($MM_dupKeyRedirect,"?") >=1) $MM_qsChar = "&";
$MM_dupKeyRedirect = $MM_dupKeyRedirect . $MM_qsChar ."requsername=".$loginUsername;
header ("Location: $MM_dupKeyRedirect");
exit;
}
}
comes after the insert record code that is at line 7 - 35
// WA Application Builder Insert
if (isset($_POST["Register_x"])) // Trigger
{
$WA_connection = $ploughshare;
$WA_table = "customers";
$WA_sessionName = "customers_customerid";
$WA_redirectURL = "";
$WA_keepQueryString = true;
$WA_indexField = "customerid";
$WA_fieldNamesStr = "firstname|lastname|address1|address2|city|state|zip|country|phonenum1|phonenum2|email|password";
$WA_fieldValuesStr = "".((isset($_POST["firstname"]))?$_POST["firstname"]:"") ."" . "|" . "".((isset($_POST["lastname"]))?$_POST["lastname"]:"") ."" . "|" . "".((isset($_POST["address1"]))?$_POST["address1"]:"") ."" . "|" . "".((isset($_POST["address2"]))?$_POST["address2"]:"") ."" . "|" . "".((isset($_POST["city"]))?$_POST["city"]:"") ."" . "|" . "".((isset($_POST["state"]))?$_POST["state"]:"") ."" . "|" . "".((isset($_POST["zip"]))?$_POST["zip"]:"") ."" . "|" . "".((isset($_POST["country"]))?$_POST["country"]:"") ."" . "|" . "".((isset($_POST["phonenum1"]))?$_POST["phonenum1"]:"") ."" . "|" . "".((isset($_POST["phonenum2"]))?$_POST["phonenum2"]:"") ."" . "|" . "".((isset($_POST["email"]))?$_POST["email"]:"") ."" . "|" . "".WA_SHA1Encryption(((isset($_POST["password"]))?$_POST["password"]:"")) ."";
$WA_columnTypesStr = "',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''";
$WA_fieldNames = explode("|", $WA_fieldNamesStr);
$WA_fieldValues = explode("|", $WA_fieldValuesStr);
$WA_columns = explode("|", $WA_columnTypesStr);
$WA_connectionDB = $database_ploughshare;
mysql_select_db($WA_connectionDB, $WA_connection);
if (!session_id()) session_start();
$insertParamsObj = WA_AB_generateInsertParams($WA_fieldNames, $WA_columns, $WA_fieldValues, -1);
$WA_Sql = "INSERT INTO `" . $WA_table . "` (" . $insertParamsObj->WA_tableValues . ") VALUES (" . $insertParamsObj->WA_dbValues . ")";
$MM_editCmd = mysql_query($WA_Sql, $WA_connection) or die(mysql_error());
$_SESSION[$WA_sessionName] = mysql_insert_id();
if ($WA_redirectURL != "") {
if ($WA_keepQueryString && $WA_redirectURL != "" && isset($_SERVER["QUERY_STRING"]) && $_SERVER["QUERY_STRING"] !== "" && sizeof($_POST) > 0) {
$WA_redirectURL .= ((strpos($WA_redirectURL, '?') === false)?"?":"&").$_SERVER["QUERY_STRING"];
}
header("Location: ".$WA_redirectURL);
}
}
the code order needs to be reversed so that the record is inserted after checking for the new user name.