Cory94bailly Posted March 15, 2009 Share Posted March 15, 2009 //$auth = 5 - wrong username //$auth = 6 - incorrect pass $query2 = db_query("SELECT memberName FROM {$db_prefix}members WHERE memberName='$user'", __FILE__, __LINE__); $query3 = db_query("SELECT passwd FROM {$db_prefix}members WHERE memberName='$user' AND passwd='$encryptedpass'", __FILE__, __LINE__); if(mysql_num_rows($query2) !==1) {$auth = "5";} if(mysql_num_rows($query3) !==1) {$auth = "6";} case "5": die("Login failed: That Username Does Not Exist"); break; case "6": die("Login failed: Incorrect Password"); break; default: die("UNKNOWN ERROR"); When I enter the wrong password, it gives me the correct error of 'wrong pass' but if I type in a username that doesn't exist, it gives me the default 'unknown' error.. Any help? Link to comment https://forums.phpfreaks.com/topic/149484-help-with-error-checking/ Share on other sites More sharing options...
Cory94bailly Posted March 15, 2009 Author Share Posted March 15, 2009 <BUMP> (I hate posting at night..) Link to comment https://forums.phpfreaks.com/topic/149484-help-with-error-checking/#findComment-785215 Share on other sites More sharing options...
Renlok Posted March 15, 2009 Share Posted March 15, 2009 you should have if(mysql_num_rows($query2) !==1) {$auth = "5";} elseif(mysql_num_rows($query3) !==1) {$auth = "6";} otherwise $auth = 5 will always be overwritten Link to comment https://forums.phpfreaks.com/topic/149484-help-with-error-checking/#findComment-785234 Share on other sites More sharing options...
Cory94bailly Posted March 15, 2009 Author Share Posted March 15, 2009 you should have if(mysql_num_rows($query2) !==1) {$auth = "5";} elseif(mysql_num_rows($query3) !==1) {$auth = "6";} otherwise $auth = 5 will always be overwritten I still get "Unknown Error" if I enter a random username but if I enter the wrong pass, it shows me "Wrong password" Link to comment https://forums.phpfreaks.com/topic/149484-help-with-error-checking/#findComment-785240 Share on other sites More sharing options...
premiso Posted March 15, 2009 Share Posted March 15, 2009 Post your full code. Link to comment https://forums.phpfreaks.com/topic/149484-help-with-error-checking/#findComment-785242 Share on other sites More sharing options...
Cory94bailly Posted March 15, 2009 Author Share Posted March 15, 2009 Post your full code. Honestly, the code all looks good.. It's confusing..! <?php //$auth = 1 - not activated //$auth = 2 - admin //$auth = 3 - the right group(s) //$auth = 4 - not a customer //$auth = 5 - wrong username //$auth = 6 - incorrect pass if(empty($_POST['submit'])) { // They haven't submitted data ?> <style type="text/css"> body { font-family: Tahoma; font-size: 12px; } </style> <body> <form action="download.php" method="POST"> <table><tr><td><b>Username: </b></td><td><input type="text" name="username" /></td></tr> <tr><td><b>Password: </b></td><td><input type="password" name="password" /></td></tr> <tr><td colspan="2" align="center"><input type="submit" name="submit" value="Download!" /></table> </form> <?php } else { header('Content-type: text/plain'); include('SSI.php'); $passwd=mysql_real_escape_string($_POST['password']); $user=mysql_real_escape_string($_POST['username']); $encryptedpass=sha1(strtolower($user) . $passwd); $query = db_query("SELECT ID_GROUP,is_activated,additionalGroups FROM {$db_prefix}members where memberName='$user'", __FILE__, __LINE__); $query2 = db_query("SELECT memberName FROM {$db_prefix}members WHERE memberName='$user'", __FILE__, __LINE__); $query3 = db_query("SELECT passwd FROM {$db_prefix}members WHERE memberName='$user' AND passwd='$encryptedpass'", __FILE__, __LINE__); while($myarray = mysql_fetch_assoc($query)) { if (ssi_checkPassword($user, $passwd, true)==1) { //Are they Activated? if ($myarray[is_activated]!=='1') {$auth = "1";} //Are they an admin? if ($myarray[iD_GROUP]=='1') {$auth = "2";} elseif ((in_array("1", explode(",", $myarray[additionalGroups])))) {$auth = "2";} //They are in the right group(s)! elseif ($myarray[iD_GROUP]=='25') {$auth = "3";} elseif ((in_array("25", explode(",", $myarray[additionalGroups])))) {$auth = "3";} else {$auth = "4";} } if(mysql_num_rows($query2) !==1) {$auth = "5";} elseif(mysql_num_rows($query3) !==1) {$auth = "6";} } switch($auth) { case "1": die("Login failed: Your Account Is Not Activated"); break; case "2": header("Content-Type: application/zip"); header('Content-Disposition: attachment; filename="*************.zip"'); readfile('*************.zip'); die(); break; case "3": header("Content-Type: application/zip"); header('Content-Disposition: attachment; filename="*************.zip"'); readfile('*************.zip'); die(); break; break; case "4": die("Login failed: You Are Not A Customer"); break; case "5": die("Login failed: That Username Does Not Exist"); break; case "6": die("Login failed: Incorrect Password"); break; default: die("UNKNOWN ERROR"); } } ?> </body> Btw, it is hooking into a SMF DB and the SMF SSI. (Sorry for taking so long, we are fixing something in the house and the power goes on and off randomly.) Link to comment https://forums.phpfreaks.com/topic/149484-help-with-error-checking/#findComment-785285 Share on other sites More sharing options...
Cory94bailly Posted March 15, 2009 Author Share Posted March 15, 2009 I'm sorry but I just want this to be finished before I publish it.. Link to comment https://forums.phpfreaks.com/topic/149484-help-with-error-checking/#findComment-785357 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.