aabid Posted April 19, 2011 Share Posted April 19, 2011 Hey guys, I don't know why but the following script is not working for me. Its a simple login script which check the validity of username and password and based on the uses header function to redirect the user. Please have a look at the script <?php include('dbinfo.inc'); if(empty($_POST['username']) || empty($_POST['pword'])) { header('Location: http://localhost/vits/index.php?login=error'); } else { $username = $_POST['username']; $pword = $_POST['pword']; $actype = $_POST['actype']; $connect = mysql_connect($host,$dbuser,$password) or die("Cannot connect to DB"); mysql_select_db($dbname,$connect); $sql = "select * from memberinfo where username='$username'"; $result = mysql_query($sql,$connect); $row = mysql_fetch_assoc($result); } if($row['username'] == $username && $row['pword'] == $pword && $row['actype'] == $actype) { session_start(); $_SESSION['username'] = $_POST['username']; $_SESSION['loggedin'] = TRUE; $_SESSION['actype'] = $_POST['actype']; header('Location: http://localhost/vits/index.php?login=correct'); } else { header('Location: http://localhost/vits/index.php?login=incorrect'); } ?> Now the problem is it never succeeds i.e. it never goes into the if block where the checking is being done for username and password and of course actype. No matter what I enter in login information it always throws me to this http://localhost/vits/index.php?login=incorrect' Please help as am not able to sort out this problem Quote Link to comment https://forums.phpfreaks.com/topic/234160-and-logic-not-working-correctly/ Share on other sites More sharing options...
litebearer Posted April 19, 2011 Share Posted April 19, 2011 Try echoing out your variables (including the $sql) to make certain they contain what you expect them to contain. Quote Link to comment https://forums.phpfreaks.com/topic/234160-and-logic-not-working-correctly/#findComment-1203522 Share on other sites More sharing options...
Muddy_Funster Posted April 19, 2011 Share Posted April 19, 2011 This is a little wrong... $sql = "select * from memberinfo where username='$username'"; $result = mysql_query($sql,$connect); $row = mysql_fetch_assoc($result); } if($row['username'] == $username && $row['pword'] == $pword && $row['actype'] == $actype) try something like this : $sql = "SELECT username, pword, actype FROM memberinfo WHERE username = '".$username."' AND pword = '".$pword."'"; $result = mysql_query($sql,$connect) or die ('Error :<br>'.mysql_error().'<br><br>When Running the following :<br><br>'.$sql); $row = mysql_fetch_assoc($result); } if(($row['username'] == $username) && ($row['pword'] == $pword) && ($row['actype'] == $actype)) Quote Link to comment https://forums.phpfreaks.com/topic/234160-and-logic-not-working-correctly/#findComment-1203523 Share on other sites More sharing options...
Pikachu2000 Posted April 19, 2011 Share Posted April 19, 2011 In this block of code: There's no reason for the comparison against $username. Since that's the variable you used in the query's WHERE clause, it's impossible for it not to match. Is the password hashed when it's inserted into the database to begin with? If you run the query in phpMyAdmin, and echo the value of $pword, are they identical? Is there any errant whitespace on either of them? if($row['username'] == $username && $row['pword'] == $pword && $row['actype'] == $actype) Quote Link to comment https://forums.phpfreaks.com/topic/234160-and-logic-not-working-correctly/#findComment-1203532 Share on other sites More sharing options...
aabid Posted April 19, 2011 Author Share Posted April 19, 2011 In this block of code: There's no reason for the comparison against $username. Since that's the variable you used in the query's WHERE clause, it's impossible for it not to match. Is the password hashed when it's inserted into the database to begin with? If you run the query in phpMyAdmin, and echo the value of $pword, are they identical? Is there any errant whitespace on either of them? if($row['username'] == $username && $row['pword'] == $pword && $row['actype'] == $actype) I have tried to echo out every thing, even I echoed both $_POST and $row and both seem to be containing the correct information as far as seeing from naked eye is concerned. Now I don't know if there might be any hidden spaces which are not making them equivalent to pass that if condition. Quote Link to comment https://forums.phpfreaks.com/topic/234160-and-logic-not-working-correctly/#findComment-1203546 Share on other sites More sharing options...
Pikachu2000 Posted April 19, 2011 Share Posted April 19, 2011 Then you should probably var_dump all of them to see if they actually contain the same values. Quote Link to comment https://forums.phpfreaks.com/topic/234160-and-logic-not-working-correctly/#findComment-1203552 Share on other sites More sharing options...
aabid Posted April 19, 2011 Author Share Posted April 19, 2011 Well the problem seems to be sorted out and it was just a silly mistake of capitalization, I was kinda doing like if (Lecturer == lecturer) then do this Its obvious it won't go into the if block because of the capitalization of first word, But anyways the problem seems to be gone now thanks for the support Quote Link to comment https://forums.phpfreaks.com/topic/234160-and-logic-not-working-correctly/#findComment-1203557 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.