php - Checking if a certain field in the database is empty then redirecting -

what i'm trying when form submitted. checks if firstname field in database matching username empty or not. if empty user should redirected somewhere , if not empty, user redirected somewhere else. here code below not work unfortunately.

<?php include_once 'db_connect.php'; include_once 'functions.php';  $user = $_session['username'];  sec_session_start(); // our custom secure way of starting php session.  if (isset($_post['email'], $_post['p'])) {     $email = $_post['email'];     $password = $_post['p']; // hashed password.      if (login($email, $password, $mysqli) == true) {         $server = "localhost";         $user = "";         $pass = "";         $db = "";         $mysqli  = new mysqli($server, $user, $pass, $db) or mysqli_error($mysqli);         $firstname = $mysqli->query("select firstname members username = '$user'")->fetch_object()->firstname;         if(empty($firstname)) {             // login success              header('location: ../updateinfo.php');         } else {             header('location: ../services.php');         }     } else {         // login failed          header('location: ../index.php?error=1');     } } else {     // correct post variables not sent page.      echo 'invalid request'; } 

any idea went wrong?

your query never find because set:

$user = ""; 

right before execute query.

"select firstname members username = '$user'" 

as barman mentioned, result of using same $user variable $_session['username'] , database username.

change 1 of them else.

you trying session variable before start session. must start session first.

// switch order of these two. $user = $_session['username'];  sec_session_start(); // our custom secure way of starting php session.