Jump to content

Why wont this work?

dlouis95

By dlouis95
in PHP Coding Help

 Share

Recommended Posts

dlouis95 Newbie

dlouis95

Posted
Posted

In the script provided, at if($email==$email2), it says it is false when I know it's true. I know that the cookie is the same as the email in the database, yet it sill wont work. I have even echoed the two to see myself if they were the same, and they were, yet it still is saying it's false. Anyone know whats up? Thanks! :)

 

if(isset($_COOKIE['dan']))

  {

  $email=$_COOKIE['dan'];

  $host = ...;

    $username = ...;

    $password = ...;

  $db_name = ...;

  $tbl_name = ...;

  mysql_connect("$host", "$username", "$password")or die("cannot connect");

  mysql_select_db("$db_name")or die("cannot select DB");

 

  $user=$_GET['username'];

 

  if(mysql_num_rows(mysql_query("SELECT username FROM $tbl_name WHERE username = '$user'")))

      {

      $sql="SELECT * FROM $tbl_name WHERE username='$user'";

      $result=mysql_query($sql);

      $rows=mysql_fetch_array($result);

      $email2=$rows['email']; 

        if($email == $email2)

            {

              ?><html>...</html><?

                }

            else

            {

            ...

Link to comment
Share on other sites
dlouis95 Newbie

dlouis95

Posted
  • Author
Posted

What is this supposed to do? It's only part of a conditional . . . --->  if(mysql_num_rows(mysql_query("SELECT username FROM $tbl_name WHERE username = '$user'")))

 

That's to check if a record exists. I googled a way to do this, this is what it gave me, and it works. 

Link to comment
Share on other sites
kenrbnsn Regular Member

kenrbnsn

Posted
Posted

Check the string length of each item. Maybe there's a space before/after one of the values.

 

BTW, you really shouldn't use any value gotten from the URL without sanitizing it.

 

<?php
$user=mysql_real_escape_string($_GET['username']);
?>

 

Ken

Link to comment
Share on other sites
dlouis95 Newbie

dlouis95

Posted
  • Author
Posted

Check the string length of each item. Maybe there's a space before/after one of the values.

 

BTW, you really shouldn't use any value gotten from the URL without sanitizing it.

 

<?php
$user=mysql_real_escape_string($_GET['username']);
?>

 

Ken

 

Thanks man! Turns out my problem was nothing(space before $email)! Thanks for telling me to sanitize the url value. I haven't gotten to that yet, but have done it for forum entry's.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.