[SOLVED] if statement not responding..please help!

[mcerveni]

here's an example of the site: www.rimdev.sgspoint.com/agentcenter 

 

breakdown of code and what it's supposed to do:

[*] Check user to see if he/she exists in another database

[*] if the user exists, check in current database if the user exists in 'users' table

[*] if they do not exist in the 'users' table, then show the 'create account' button

[*] if they do exist in the 'users' table, then go to the else statement and login user

 

there is one record in the 'users' table, and when you put it the username which is: CA123456 

password is: test

 

it just says 'try again'

when it really should log in the user.

 

any help appreciated! i've been on this for hours lol...please help.

 

 

<?php


$ca = $_GET['ca'];
$pass = $_GET['pass'];
$position = "FLA";

$caNum = strtoupper($ca);


  $handle = mysql_connect($host,$user,$pwd);
mysql_select_db($stats, $handle);
mysql_query("USE $stats",$handle);

$sql = "SELECT * FROM employee WHERE EmpID = '$caNum' && Position = '$position'";
$row = mysql_fetch_assoc(mysql_query($sql));


if($row['EmpID'] == $caNum && $row['Position'] == $position) {

session_start();
$_SESSION['user'] = $row['AgentName']; //user has a session because i took out the values of first and last name when you log in in the login function.
$user = $_SESSION['user'];

       
  $handle2 = mysql_connect($host,$user,$pwd);
mysql_select_db($agentcenter_database, $handle2);
mysql_query("USE $agentcenter_database",$handle2);

$sql2 = "SELECT * FROM users WHERE empID = '$caNum'";
$row2 = mysql_fetch_assoc(mysql_query($sql2));


  if ($row2['empID'] != $caNum) {
 
echo '<input type="submit" value="Create Account" class="loginBtn"  onclick="createAccount();"> '; 

  }
 
 
  else {
 
 
    $handle3 = mysql_connect($host,$user,$pwd);
mysql_select_db($agentcenter_database, $handle3);
mysql_query("USE $agentcenter_database",$handle3);


$query3 = "SELECT * FROM users WHERE empID = '$caNum'";
$row3 = mysql_fetch_assoc(mysql_query($query3));



if($row3['password'] == $pass) {

  $_SESSION['agent_logged_in'] = TRUE;


$picture = $row3['picture'];


echo '<center> <img src="images/badge_pics/'.$picture.'" style="border:1px solid black"> </center>';


echo '<span style="font-size:18px"><b>'. $user .'</b> </span>';
echo '<br><span style="font-size:18px"><b> <i> RIM  </i> </b> </span>';


echo '<br> <b> <a href="index.php"> Continue  </b> </a>';
 
  }
 
 
  else {
      echo " <br> <br> <span style='font-size:17px'> <img src='images/invalid.JPG'> <center><a href='index.php'> Try Again </a> </center> </span>  ";

  }
 
  }
 
 


}

else {


echo " <br> <br> <span style='font-size:17px'> <img src='images/invalid.JPG'> <center><a href='index.php'> Try Again </a> </center> </span>  ";

}         

               

?>

[RussellReal]

in the database when adding to it.. do you hash your passwords? that could be the reason.. because thats the only check that goes to else tht isn't correct

[mcerveni]

nope, it's not hashed...

it's : password varchar(20)

 

if you put in a different username like CA705556 , it should show the 'create account' button because that username is not in the 'users' table yet

 

[Philip]

Where does $stats come from? Also, why are you selecting the database & then querying a use database, thats kinda redundant.

[RussellReal]

Where does $stats come from? Also, why are you selecting the database & then querying a use database, thats kinda redundant.

 

yeah lol he uses 3 different connections, and I think 2 of them use the same tables he shoudl just make ONE connection @ the top and change the database accordingly

[mcerveni]

i have a include functions.php page and in there it has:

 

$host = "localhost";

$user = "root";

$pwd = "password";

 

$queue_center_database = "queue_center";

$agentcenter_database = "agentcenter";

$stats = "stats";

 

 

in this login page i'm only changing between the stats database and agentcenter database.

each of those have different tables, so no, i'm not using the same table in those databases.

 

 

 

[redarrow]

Sorry mate there just being sarky, what there all saying is use a join and one database connection....

[RussellReal]

Sorry mate there just being sarky, what there all saying is use a join and one database connection....

 

yeah

 

also I really do not see why this isn't working like 30 mins ago I broke it up in my notepad++ and everything looks fine.. its definately something wrong with the password from the row and the password supplied..

 

change:

if($row3['password'] == $pass) {

 

to:

echo $row3['password']." ~~ ".$pass;

if($row3['password'] == $pass) {

 

and see if they match up

[redarrow]

if your form input's are not named how does it work your form?

 

CA Number <input type="text" id="ca" size=30" maxlength="8">  <br>

Password  <input type="password" id="pass" size="30" maxlength="15">

 

id= << this is for the css and not a form element is it ?

 

where name="pass" and name="ca"

[mcerveni]

when i do that...it doesn't print out the password because it skips all the way to "please try again"

 

[mcerveni]

what? lol..no no..

 

<input type="text" id="ca"> is definitley correct.  the id is pulled by my ajax code i have.

but yes, id is for css as well as javascript functions.

 

var ca = encodeURI(document.getElementById('ca').value);

 

that's why there's an id in the input.

[RussellReal]

when i do that...it doesn't print out the password because it skips all the way to "please try again"

 

it shouldn't because try again is in the else for the if I told you to put the echo above of

[Philip]

Where does $stats come from?

 

You're not selecting  a database would be my guess. Both $stats and $agentcenter_database are undefined in that script. If you place

echo mysql_error();

after the queries and run it, an error should pop up.

[mcerveni]

when i put that after the query, it says "Table 'stats.users' doesn't exist"

[mcerveni]

Alright, so i'm getting lost in my own code lol i can't understand why it doesn't work..and i really need this done by tonight...

 

i got it working a bit..it gets stuck when it sees the correct username and password, it tries to log in, but says:

Table 'agentcenter.employee_compo' doesn't exist

 

username: CA705572

pass: test

 

Someonone please help me figure out my code regarding connecting to 2 different databases. and how to do it properly.

 

code below:

 

<?php include('header.php');

$ca = $_GET['ca'];
$pass = $_GET['pass'];
$position = "FLA";

$caNum = strtoupper($ca);

   
     $handle = mysql_connect($host,$user,$pwd);
mysql_select_db($stats, $handle);
mysql_query("USE $stats",$handle);

$query = "SELECT * FROM users WHERE empID = '$caNum' && password = '$pass' ";
$result = mysql_query($query) or die(mysql_error());
$row= mysql_fetch_array($result);

if($row['empID'] == $caNum && $row['password'] == $pass && $row['activated'] == "yes") {

$empID = $row['empID'];

$_SESSION['agent_logged_in'] = TRUE;



$handle2 = mysql_connect($host,$user,$pwd);
mysql_select_db($stats, $handle2);
mysql_query("USE $stats",$handle2);


$sql1 = "SELECT * FROM employee_compo WHERE EmpID = '$empID'";
$result1 = mysql_query($sql1) or die(mysql_error());
$row1= mysql_fetch_array($result1);

$agentName = $row1['AgentName'];

$_SESSION['agentName'] = $agentName;
$_SESSION['empID'] = $empID;


$picture = $row['picture'];


echo '<center> <img src="images/badge_pics/'.$picture.'" style="border:1px solid black"> </center>';


echo '<span style="font-size:18px"><b>'. $agentName .'</b> </span>';
echo '<br><span style="font-size:18px"><b> <i> RIM  </i> </b> </span>';


echo '<br> <b> <a href="index.php"> Continue  </b> </a>';

}


else {

$query3 = "SELECT * FROM users WHERE empID = '$caNum'";
$result3 = mysql_query($query3) or die(mysql_error());
$row3= mysql_fetch_array($result3);

if ($row3['empID'] != $caNum) {


echo '<input type="submit" value="Create Account" class="loginBtn"  onclick="createAccount();"> '; 
           
              
  }
  
  else {

    echo " <br> <br> <span style='font-size:17px'> <img src='images/invalid.JPG'> <center><a href='index.php'> Try Again </a> </center> </span>  ";

   
}

  
  }




?>

[mcerveni]

updated code below:

 

<?php include('header.php');

$ca = $_GET['ca'];
$pass = $_GET['pass'];
$position = "FLA";

$caNum = strtoupper($ca);

   

$query = "SELECT * FROM users WHERE empID = '$caNum' && password = '$pass' ";
$result = mysql_query($query) or die(mysql_error());
$row= mysql_fetch_array($result);

if($row['empID'] == $caNum && $row['password'] == $pass && $row['activated'] == "yes") {

$empID = $row['empID'];

$_SESSION['agent_logged_in'] = TRUE;



$handle2 = mysql_connect($host,$user,$pwd);
mysql_select_db($stats, $handle2);
mysql_query("USE $stats",$handle2);


$sql1 = "SELECT * FROM employee_compo WHERE EmpID = '$empID'";
$result1 = mysql_query($sql1) or die(mysql_error());
$row1= mysql_fetch_array($result1);

$agentName = $row1['AgentName'];

$_SESSION['agentName'] = $agentName;
$_SESSION['empID'] = $empID;


$picture = $row['picture'];


echo '<center> <img src="images/badge_pics/'.$picture.'" style="border:1px solid black"> </center>';


echo '<span style="font-size:18px"><b>'. $agentName .'</b> </span>';
echo '<br><span style="font-size:18px"><b> <i> RIM  </i> </b> </span>';


echo '<br> <b> <a href="index.php"> Continue  </b> </a>';

}


else {

  $handle3 = mysql_connect($host,$user,$pwd);
mysql_query("USE $agentcenter_database",$handle3);


$query3 = "SELECT * FROM users WHERE empID = '$caNum'";
$result3 = mysql_query($query3) or die(mysql_error());
$row3= mysql_fetch_array($result3);

if ($row3['empID'] != $caNum) {


echo '<input type="submit" value="Create Account" class="loginBtn"  onclick="createAccount();"> '; 
           
              
  }
  
  else {

    echo " <br> <br> <span style='font-size:17px'> <img src='images/invalid.JPG'> <center><a href='index.php'> Try Again </a> </center> </span>  ";

   
}

  
  }




?>