ncurran217 Posted August 27, 2013 Share Posted August 27, 2013 Well I have this login script, and there are if statements if something doesn't match up and it will set $error with a sentence of what is wrong. Then at the bottom of the code has the login form, with an if statement that says if $error is set, then echo $error. But when actually put in wrong credentials, it goes to a blank page and doesn't echo $error. If I put in the correct credentials it goes to the next page properly. Here is my code, what am I doing wrong? Thanks for the help in advance! <?php include 'includes/db_connect.php'; $self = $_SERVER['PHP_SELF']; //-----------------------------------Anti-Injection Function----------------------------------------------- function anti_injection($sql) { $sql = preg_replace("/(from|select|insert|delete|where|drop table|show tables|#|\*|--|\\\\)/","",$sql); $sql = trim($sql); $sql = strip_tags($sql); $sql = addslashes($sql); return $sql; } //---------------------------------------------------------------------------------------------------------- if(isset($_POST['user']) && $_POST['pass']){ $user = anti_injection($_POST['user']); $pass = anti_injection($_POST['pass']); $crypt_pass = md5($pass); $query1 = "SELECT username FROM Logins WHERE Username = '".$user."'"; $params1 = array(); $options1 = array( "Scrollable" => SQLSRV_CURSOR_KEYSET ); $result1 = sqlsrv_query( $connection, $query1 , $params1, $options1 ); $count1 = sqlsrv_num_rows($result1); $query2 = "SELECT password FROM Logins WHERE Username = '".$user."'"; $result2 = sqlsrv_query( $connection, $query2); while ($row2=sqlsrv_fetch_array( $result2, SQLSRV_FETCH_ASSOC)) { $sysadmin_password = $row2['password']; } if($count1 == '0') { $error = 'This account is not found in the database.'; } elseif($sysadmin_password != $crypt_pass) { $error = 'Wrong password. Try again.'; } elseif($_GET['login'] != 'login' && $count1 == '0') { $error = 'Login Error, Please login again.'; } else { session_start(); $_SESSION['valid_sysadmin'] = $user; echo "<script type='text/javascript' language='javascript'> window.location.href = 'index.php';</script>"; exit; // Dont forget to and your session // session_destroy(); // End secure content } } else { // build form echo "<title>Mail Report</title>"; echo "<form name='auth' action='$self' method='post'>\n"; echo "<table align=center width=210 border=0 cellpadding=7 cellspacing=1>\n"; echo " <tr class=right_main_text><td colspan=2 height=35 align=center valign=top><h2>Mail Report Login</h2></td></tr>\n"; echo " <tr class=right_main_text><td align=left>Username:</td><td align=right><input type='text' name='user' maxlength='30'></td></tr>\n"; echo " <tr class=right_main_text><td align=left>Password:</td><td align=right><input type='password' name='pass' maxlength='16'></td></tr>\n"; echo " <tr class=right_main_text><td align=center colspan=2><input type='submit' value='Login'> </td></tr>\n"; if (isset($error)) { echo "<tr class=right_main_text><td align=center colspan=2><font color='red'>'".$error."'</font></td></tr>\n"; } echo "</table>\n"; echo "</form>\n"; } ?> Link to comment https://forums.phpfreaks.com/topic/281611-login-script-error-messages-not-showing/ Share on other sites More sharing options...
ncurran217 Posted August 27, 2013 Author Share Posted August 27, 2013 Well I figured it out. It had to do with how the first IF then ELSE statement were setup. Link to comment https://forums.phpfreaks.com/topic/281611-login-script-error-messages-not-showing/#findComment-1447040 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.