Solved

if username and passord blank

Posted on 2004-09-13
3
249 Views
Last Modified: 2006-11-17
why is my error if blank, there is no error message?
when username passworkd is blank it still goes to
the second page(menu)
when it's suppose to show the message on the top of the first page.
<?
   //error_reporting
   error_reporting (E_ALL & ~E_NOTICE);

  //session
#  session_start();
#  $session ->put('username', $username);
#  $session ->put('pwd', $pwd);
#  $session ->put('save', $save);
#  $session ->put('go', $go);

  //cookies
  //  setcookie("accessedBefore", "yes",);

  //declare varibles
  $username= $_GET['username'];
  $pwd= $_GET['pwd'];
  $save = $_GET['save'];
  $go= $_GET['go'];

  // validations (error message)
  if($error == 1)
  {
    print('<p>');
      print('<font color="#0000ff">');
      print("<center>re-submit username again</center>");
      print('</font>');
      print('</p>');
  }      
?>
<html>
<head>
<title>log in </title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<form name="f" action="menu.php" method="get" >
<table>
      <tr>
          <td bgcolor="#0066CC"> <div align="center"><font color="#FFFFFF"><strong>log
           in to members vault</strong></font> </div>
            </td>
        </tr>
      <tr>
          <td>
             username:  <input type="text" name="username" value="username">
          </td>
     </tr>
      <tr>
          <td>
              password:  <input type="password" name="pwd" value="pwd">
          </td>
     </tr>
     <tr>
        <td>
            save me: <input type="checkbox" name="save" value="save">
         </td>
     </tr>
     <tr>
         <td bgcolor="#0066CC"> <div align="left"><input type="submit" name="submit" value="go"></div>
             </td>
       </tr>
</table>
</form>
</body>
</html>
*************************************************************
page 2 menu.php

************************************************************
<?
  //sessions
# session_start();
 
#  $session->PUT('username', $username);
#  $session->PUT('pwd', $pwd);
#  $session->PUT('save', $save);
#  $session->PUT('go', $go);

  //cookie
 // setcookie("accessedBefore", "yes",);

  //error reporting
  error_reporting (E_ALL & ~E_NOTICE);

 //receiving the varibles from page one.
  $username= $_GET['username'];
  $pwd= $_GET['pwd'];
  $save = $_GET['save'];
  $go= $_GET['go'];
 
  //PHP CODES START
  $validate = true;
 
  if (($username == " ") ||
     ($pwd == ' ') ||
     ($save == ' ') ||
     ($go == ' '))
    {
      //execute if true
        $validate == false;
      $error == 1;
    }
 
#  if(empty($username))
#  {
#   print "You did not enter a user name.";
#  }

 //if login form has been submitted
  if($_GET['go'])
  {
   //send cookie
   setcookie ('yes', $_GET['username']);
   $cookie = TRUE; //cookie has been sent
   print "<p>cookie is LIVE</p>";
  }
   else
   {
     $cookie = FALSE; //cookie has not been sent
     print "<p>sorry, no cookie for you</p>";
   }
   
   if ($validate)
     {
?>
<html>
<head>
<title>menu</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<?
   if ($username == "test" || $pwd == "test" )
   {
     print "<font Welcome to the vault";
   }
?>  
    Members vault:
<br>
    <a href="http://www.codygraham.com/hwg/phpweek5/assonecoach.php">COACH</a>
<BR>
        <a href="http://www.codygraham.com/hwg/phpweek5/assoneswing.php">SWING</a>
<BR>
        <a href="http://www.codygraham.com/hwg/phpweek5/assonemind.php">MIND</a>
</body>
</html>
<?
   }
     else
       {
         require ('./login.php');
       }
?>

*************************************************************
0
Comment
Question by:imaw
3 Comments
 
LVL 36

Expert Comment

by:Zyloch
ID: 12051194
What is $errors? You can't use error_reporting for this, you have to do it the old fashioned way, i.e.

$error=array();
if (!isset($_GET['username'])||empty($_GET['username']) {
   $error[]="Empty Username!";
   $validate=false;
}
0
 
LVL 4

Accepted Solution

by:
Skonen earned 500 total points
ID: 12051694
In your posted PHP you used:

//execute if true
$validate == false;
$error == 1;

See anything wrong with that? == is a comparison operator, you need to use an assignment operator, such as a single equal sign instead:

//Execute if true
$validate = false;
$error = 1;

0
 
LVL 3

Expert Comment

by:Statick001
ID: 12054982
that is the problem, $error == 1 is only comparing, you need a single equal ($error = 1) to achieve what you want

also - your check for a blank username

 if (($username == " ") ||
     ($pwd == ' ') ||
     ($save == ' ') ||
     ($go == ' '))
 
there is a single space in between the quotes. so this will only work if someone enters a single space for the username. to check for an empty string use

if ($username == "")

also you use double quotes for $username and single quotes for the other 3 strings. its best to stick to one method or the other, to keep code neat and readable
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to count occurrences of each item in an array.

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now