Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    New to the CF scene
    Join Date
    Apr 2011
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Question Can't even get an IF statement to work - please help!

    Hi all,

    I'm pretty new to php, but I was making a login script for my website, the script worked beautifully but it was enclosed in an IF statement to stop the username/password wrong message appearing the first time the page was loaded. This login worked fine again but i disabled the IF statement for testing - only it still logs in!
    I've pasted my code below but it has me stumped as to why this code block runs at all?

    Please help!
    Code:
     
    <?php
     if ($_POST["Username1"] != $_POST["Username1"]){
    // To protect MySQL injection
    $myusername = $_POST["Username1"];
    $mypassword = $_POST["Password1"];
    $myusername = stripslashes($myusername);
    $mypassword = stripslashes($mypassword);
    $myusername = mysql_real_escape_string($myusername);
    $mypassword = mysql_real_escape_string($mypassword);
    $sql="SELECT PID FROM login WHERE username='$myusername' and password='$mypassword'";
    $pid=mysql_query($sql);
    
    // Mysql_num_row is counting table row
    $count=mysql_num_rows($pid);
    // If result matched $myusername and $mypassword, table row must be 1 row
    
    if($count==1){
    // Register $myusername, $mypassword and redirect to file "login_success.php"
    $_SESSION['UID']=$myusername;
    $_SESSION['PID']=$pid;
    echo '<script language="Javascript">';
    echo 'window.location="main.php"';
    echo '</script>';
    }
    else {
    echo "Wrong Username or Password";
    }
    }
    ?>
    the working code before was identical, but the top line read
    Code:
     
    if ($_POST["Username1"] != null){
    Finally, i tried to make a redirect that moved the user back to the login page if they had not logged in.
    Code:
     
    <?php if ($_SESSION['UID'] == "") {
    echo '<script language="Javascript">';
    echo 'window.location="login.php"';
    echo '</script>';
    }
    ?>
    only it redirects back regardless? (i've also tried == null.. and "dog" to check the if - and it still runs! (there is no "dog" user)

    I figure it must be my syntax, but i'm really stumped - the actual authentication if works - any help anyone can give would be immensely appreciated.
    Last edited by davidklk; 04-11-2011 at 09:08 AM.

  • #2
    New Coder
    Join Date
    Nov 2010
    Location
    United Kingdom
    Posts
    31
    Thanks
    0
    Thanked 9 Times in 8 Posts
    well what you have changed, != null means that it's not empty
    Code:
    if ($_POST["Username1"] != null){
    and now you've got if posted username is not the same as posted username do this... IT WILL NEVER WORK xD it's like if 1 is not the same as 1 do this...
    Code:
    $_POST["Username1"] != $_POST["Username1"]
    try this... :
    PHP Code:
    <?php
     
    if (isset($_POST["Username1"]) && !empty($_POST["Username1"]))
    {
    // To protect MySQL injection
    $myusername mysql_real_escape_strin($_POST["Username1"]);
    $mypassword mysql_real_escape_string($_POST["Password1"]);
    $sql="SELECT PID FROM login WHERE username='$myusername' and password='$mypassword'";
    $pid=mysql_query($sql);

    // Mysql_num_row is counting table row
    $count=mysql_num_rows($pid);
    // If result matched $myusername and $mypassword, table row must be 1 row

    if($count>0)
    {
    // Register $myusername, $mypassword and redirect to file "login_success.php"
    $_SESSION['UID']=$myusername;
    $_SESSION['PID']=$pid;

    $goback getenv('HTTP_REFERER');
    header("location:$goback");
    }
    else
    {
    echo 
    "Wrong Username or Password";
    }
    }
    ?>


  •  

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •