Cory94bailly Posted March 15, 2009 Share Posted March 15, 2009 //$auth = 5 - wrong username //$auth = 6 - incorrect pass $query2 = db_query("SELECT memberName FROM {$db_prefix}members WHERE memberName='$user'", __FILE__, __LINE__); $query3 = db_query("SELECT passwd FROM {$db_prefix}members WHERE memberName='$user' AND passwd='$encryptedpass'", __FILE__, __LINE__); if(mysql_num_rows($query2) !==1) {$auth = "5";} if(mysql_num_rows($query3) !==1) {$auth = "6";} case "5": die("Login failed: That Username Does Not Exist"); break; case "6": die("Login failed: Incorrect Password"); break; default: die("UNKNOWN ERROR"); When I enter the wrong password, it gives me the correct error of 'wrong pass' but if I type in a username that doesn't exist, it gives me the default 'unknown' error.. Any help? Quote Link to comment https://forums.phpfreaks.com/topic/149484-help-with-error-checking/ Share on other sites More sharing options...
Cory94bailly Posted March 15, 2009 Author Share Posted March 15, 2009 <BUMP> (I hate posting at night..) Quote Link to comment https://forums.phpfreaks.com/topic/149484-help-with-error-checking/#findComment-785215 Share on other sites More sharing options...
Renlok Posted March 15, 2009 Share Posted March 15, 2009 you should have if(mysql_num_rows($query2) !==1) {$auth = "5";} elseif(mysql_num_rows($query3) !==1) {$auth = "6";} otherwise $auth = 5 will always be overwritten Quote Link to comment https://forums.phpfreaks.com/topic/149484-help-with-error-checking/#findComment-785234 Share on other sites More sharing options...
Cory94bailly Posted March 15, 2009 Author Share Posted March 15, 2009 you should have if(mysql_num_rows($query2) !==1) {$auth = "5";} elseif(mysql_num_rows($query3) !==1) {$auth = "6";} otherwise $auth = 5 will always be overwritten I still get "Unknown Error" if I enter a random username but if I enter the wrong pass, it shows me "Wrong password" Quote Link to comment https://forums.phpfreaks.com/topic/149484-help-with-error-checking/#findComment-785240 Share on other sites More sharing options...
premiso Posted March 15, 2009 Share Posted March 15, 2009 Post your full code. Quote Link to comment https://forums.phpfreaks.com/topic/149484-help-with-error-checking/#findComment-785242 Share on other sites More sharing options...
Cory94bailly Posted March 15, 2009 Author Share Posted March 15, 2009 Post your full code. Honestly, the code all looks good.. It's confusing..! <?php //$auth = 1 - not activated //$auth = 2 - admin //$auth = 3 - the right group(s) //$auth = 4 - not a customer //$auth = 5 - wrong username //$auth = 6 - incorrect pass if(empty($_POST['submit'])) { // They haven't submitted data ?> <style type="text/css"> body { font-family: Tahoma; font-size: 12px; } </style> <body> <form action="download.php" method="POST"> <table><tr><td><b>Username: </b></td><td><input type="text" name="username" /></td></tr> <tr><td><b>Password: </b></td><td><input type="password" name="password" /></td></tr> <tr><td colspan="2" align="center"><input type="submit" name="submit" value="Download!" /></table> </form> <?php } else { header('Content-type: text/plain'); include('SSI.php'); $passwd=mysql_real_escape_string($_POST['password']); $user=mysql_real_escape_string($_POST['username']); $encryptedpass=sha1(strtolower($user) . $passwd); $query = db_query("SELECT ID_GROUP,is_activated,additionalGroups FROM {$db_prefix}members where memberName='$user'", __FILE__, __LINE__); $query2 = db_query("SELECT memberName FROM {$db_prefix}members WHERE memberName='$user'", __FILE__, __LINE__); $query3 = db_query("SELECT passwd FROM {$db_prefix}members WHERE memberName='$user' AND passwd='$encryptedpass'", __FILE__, __LINE__); while($myarray = mysql_fetch_assoc($query)) { if (ssi_checkPassword($user, $passwd, true)==1) { //Are they Activated? if ($myarray[is_activated]!=='1') {$auth = "1";} //Are they an admin? if ($myarray[iD_GROUP]=='1') {$auth = "2";} elseif ((in_array("1", explode(",", $myarray[additionalGroups])))) {$auth = "2";} //They are in the right group(s)! elseif ($myarray[iD_GROUP]=='25') {$auth = "3";} elseif ((in_array("25", explode(",", $myarray[additionalGroups])))) {$auth = "3";} else {$auth = "4";} } if(mysql_num_rows($query2) !==1) {$auth = "5";} elseif(mysql_num_rows($query3) !==1) {$auth = "6";} } switch($auth) { case "1": die("Login failed: Your Account Is Not Activated"); break; case "2": header("Content-Type: application/zip"); header('Content-Disposition: attachment; filename="*************.zip"'); readfile('*************.zip'); die(); break; case "3": header("Content-Type: application/zip"); header('Content-Disposition: attachment; filename="*************.zip"'); readfile('*************.zip'); die(); break; break; case "4": die("Login failed: You Are Not A Customer"); break; case "5": die("Login failed: That Username Does Not Exist"); break; case "6": die("Login failed: Incorrect Password"); break; default: die("UNKNOWN ERROR"); } } ?> </body> Btw, it is hooking into a SMF DB and the SMF SSI. (Sorry for taking so long, we are fixing something in the house and the power goes on and off randomly.) Quote Link to comment https://forums.phpfreaks.com/topic/149484-help-with-error-checking/#findComment-785285 Share on other sites More sharing options...
Cory94bailly Posted March 15, 2009 Author Share Posted March 15, 2009 I'm sorry but I just want this to be finished before I publish it.. Quote Link to comment https://forums.phpfreaks.com/topic/149484-help-with-error-checking/#findComment-785357 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.