Jump to content

Recommended Posts

Hi I have got a database table for logging in. One user will not log in even though the data is valid

 


$user = ValidateKey($_SESSION["Name"] , $_SESSION["PWD1"] , $_SESSION["PWD2"]); // User
if($Error == 1 || $user == 0 || $user == -1)
{
  // header('Location: index.php');
echo $Error . " , " . $user; // result is 0,  caf9eba77c55ab5ae81a01c25d1987d3
  exit;
}

 

All other user are OK!

 

Strange

 

Desmond.

 

Link to comment
https://forums.phpfreaks.com/topic/246777-unable-to-log-in-witha-certain-user/
Share on other sites

Your function is returning a string (looks like a md5 hash). You are trying to compare that string with a zero. That comparison will be TRUE (the string is converted into a number), unless the string starts with a number (that is non-zero.)

 

Are you sure you didn't intend your function to return a true or false value instead?

Sorry I will show you the code that is used and explain.

$user = ValidateKey($_SESSION["Name"] , $_SESSION["PWD1"] , $_SESSION["PWD2"]); // User
if($Error == 1 || $user == 0 || $user == -1)
{
  header('Location: index.php');
//echo $Error . " " . $user;
  exit;
}

 

This is the code that checks if the user is valid.

ValidateKey() returns: 0 , -1 ,  md5 value which is the Users md5 key a unique field in the users table.

ValidateKey() calls KeyValid() for extra checking.

 

function ValidateKey($name , $pwd1 , $pwd2)
{
  connectDB(1);
  $Pwd1 = md5($pwd1);
  $Pwd2 = md5($pwd2);

$Ukey = KeyValid($Pwd1,1); // return KeyType ,0=Not found , -1=Key not unique
$Ckey = KeyValid($Pwd2,2); // return KeyType ,0=Not found , -1=Key not unique

if($Ukey == 0)
{
   // $ErrorLevel = CheckRepository($Pwd1 , 1);
	 return 0;
	 exit;
}
if($Ckey == 0)
{
   // $ErrorLevel = CheckRepository($Pwd2 , 2);
	 return 0;
	 exit;
}
if($Ukey == -1)// UserKey not unique
{
   // 
	 return 0;
	 exit;
}
if($Ckey == -1)// Company Key not unique
{
   // 
	 return 0;
	 exit;
}

if($Ukey == 1 && $Ckey == 1) // Everything is OK get the unique md5()
{
	$sql = "SELECT User FROM usersX WHERE UserKey = '$Pwd1'";
	$query = mysql_query ($sql) or die ("E0104");
	$rs = mysql_fetch_array($query) or die ("E1104");
	$ret = $rs["User"];
	return $ret;
	exit;
}

return -1; // Becase I have not checked for -1 yet.
}

function KeyValid($val,$type)
{
   $sql = "SELECT K_Type FROM usersX WHERE UserKey = '$val' AND K_Type = $type";
 $query = mysql_query ($sql) or die ("E0105");
 $total = mysql_num_rows($query); // or die ("E1105");
 if($total == 0)
     $ret = 0;
   if($total > 1)
     $ret = -1;
   if($total == 1)
     $ret = 1;
   return $ret;
}

 

The possible return values for a succesfull log in are

'49dd9bbf77ad7fa4de3befac6306fb52'

'3758b32a4832c2ec4cd595c5552a04d2'

 

'caf9eba77c55ab5ae81a01c25d1987d3'

'afce84ff226407a47c9782a742ba02f7'

 

The last two fail. They don't start with a number. Has it got anything to do with number checking against string checking?

 

 

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.