Lodius2000 Posted January 31, 2009 Share Posted January 31, 2009 ok i am trying to set up a system, that uses either a regular password or a temporary password, but will only use the temp password once a quick note, I use peardb so my queries look a bit weird in their punctuation, but i've commented it pretty well here is the pertinent parts of my db table CREATE TABLE IF NOT EXISTS `users` ( `id` bigint(20) NOT NULL, `username` varchar(14) NOT NULL, `password` varchar(128) NOT NULL, `temp_password` varchar(128) default NULL, `temp_usage` int(11) NOT NULL, `active` int(1) NOT NULL, ) and here is the page code <?php if($_POST['_submit_check']){ if($form_errors = validate_form()){ show_form($form_errors); } else { process_form(); } } else { show_form(); } function show_form($errors = '') { //print out an <ul> of the $errors array // contains html form with $_POST['password'] value in it } function validate_form(){//contains error checking global $db, $salt; /********************************/ /*this is where I need help with logic */ /********************************/ //determine whether user is valid and is changing temp_password or password $username = trim($_POST['username']); $password = trim($_POST['password']); $hash = hash("sha512",$password.$salt); $a = $db->query("SELECT id FROM users WHERE username = ? AND password = ? AND active = 1", array($username, $hash));//you should be able to guess where these array vars go in the query if ($a->numrows() == 1 ){//$a->numrows() works EXACTLY like mysql_numrows $password_field = "password"; } else { $b = $db->query("SELECT id FROM users WHERE username = ? AND temp_password = ? AND active = 1 AND temp_usage = 0", array($username, $hash)); if ($b->numrows() == 1 ){ $password_field = "temp_password"; } else { $errors[] = "Please enter a valid username and password"; } } }//end validate_form function process_form(){ global $db, $password_field; $username = trim($_POST['username']); $password = trim($_POST['password']); $hash = hash("sha512",$password.$salt); if ($password_field == "temp_password"){ $db->query("UPDATE users SET temp_usage = 1 WHERE username = ? and temp_password = ?", array($username, $hash));// temp_usage = 1 disallows using the temp password again $_SESSION['username'] = $username; header('Location: changepw.php'); } else { $_SESSION['username'] = $username; if (isset($password_field)){ print $password_field; } else { print "password_field not set"; } } }//end process_form ?> so this script upon login using the temp_password prints out "password_field not set", so somewhere up there in validate_form I made a boo boo but I cant spot it help...thanks Link to comment https://forums.phpfreaks.com/topic/143206-solved-if-logic-help-on-my-login-script/ Share on other sites More sharing options...
Lodius2000 Posted January 31, 2009 Author Share Posted January 31, 2009 changing my thought process on this one... the code i posted is no longer relevant solved Link to comment https://forums.phpfreaks.com/topic/143206-solved-if-logic-help-on-my-login-script/#findComment-751088 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.