Solved

Code not working

Posted on 2006-07-21
13
209 Views
Last Modified: 2006-11-18
Hi All

Any ideas on this one please this part of the code is never evaluating

($_POST['txt_username']=="" && $_POST['txt_password']=="")

all it is checking is if text boxes contain nothing
but dont understand why this part is never executed when both are not containing anything and the txt boxe names are correct


FULL CODE
if ($_POST['btn_login'])
{
      mysql_connect($dbhost, $dbuser, $dbpass);
      mysql_select_db($dbname);
      $sql = "SELECT * FROM downloads WHERE username = '".$_POST['txt_username']."' AND password = '".md5($_POST['txt_password'])."'";
      $result = mysql_query($sql)or die (mysql_error());
      $row=mysql_fetch_array($result);
      
      if (mysql_num_rows($result)>0)
      {
                  $_SESSION['user']="true";
                  $_SESSION['username']=$row['realname'];
                  header('location: main.php');
      }
            elseif ($_POST['txt_username']=="" && $_POST['txt_password']=="")
            {      
                  $username_password_error="true";
            }
            elseif ($_POST['txt_username']=="")
            {      
                  $username_error="true";
            }
            elseif ($_POST['txt_password']=="")
            {      
                  $password_error="true";
            }
            else
            {
                  $username_password_notfound="true";
            }

}
Thanks in advance
0
Comment
Question by:avo42
  • 5
  • 4
  • 2
  • +2
13 Comments
 

Author Comment

by:avo42
ID: 17154857
Forgot to mention this part works fine

          elseif ($_POST['txt_username']=="")
          {    
               $username_error="true";
          }
          elseif ($_POST['txt_password']=="")
          {    
               $password_error="true";
          }
0
 
LVL 9

Expert Comment

by:Rob_Jeffrey
ID: 17155042
I can't see why it doesn't work - looks like it should.
When you are testing the output, $username_password_error is spelled correctly?
(Probably a dumb question but I keep finding these in my code)
0
 
LVL 27

Expert Comment

by:yodercm
ID: 17155095
Since you are using && (AND), you would need BOTH conditions to be true to succeed, whereas in the part that you say works, only one of them would need to be true.  Have you checked with both conditions true at the same time?

0
 
LVL 2

Assisted Solution

by:tansofun
tansofun earned 150 total points
ID: 17155145
I am unsure as well, but try

elseif (($_POST['txt_username']=="") && ($_POST['txt_password']==""))
or

elseif ((strlen($_POST['txt_username'])==0) && (strlen($_POST['txt_password'])==0))

Also, wouldn't you want to move these checks before the DB call?
0
 

Author Comment

by:avo42
ID: 17155636
Hi Thanks


no still the same with the above codes replaced

but another straing thing if i do the opposite !="" then it will work then if i  do add something in both the txt boxes the code performs as its written not as i would like but as expected but sill will not work with ==""

please have a look and test i you would like to

http://downloads.teamconsole.eu/login.php

All help appriciated
0
 
LVL 9

Expert Comment

by:Rob_Jeffrey
ID: 17155659
Could you post the entire code (if not too large) minus any back end login info.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:avo42
ID: 17155724
Thanks All code - db info

if (isset($_POST['btn_login']))
{
      mysql_connect($dbhost, $dbuser, $dbpass);
      mysql_select_db($dbname);
      $sql = "SELECT * FROM downloads WHERE username = '".$_POST['txt_username']."' AND password = '".md5($_POST['txt_password'])."'";
      $result = mysql_query($sql)or die (mysql_error());
      $row=mysql_fetch_array($result);
      
      if (mysql_num_rows($result)>0)
      {
                  $_SESSION['user']="true";
                  $_SESSION['username']=$row['realname'];
                  header('location: main.php');
      }
            elseif ($_POST['txt_username']=="" && $_POST['txt_password']=="")
            {      
                  $username_password_error="true";
            }
            elseif ($_POST['txt_username']=="")
            {      
                  $username_error="true";
            }
            elseif ($_POST['txt_password']=="")
            {      
                  $password_error="true";
            }
            else
            {
                  $username_password_notfound="true";
            }

}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Downloads Login</title>
<style type="text/css">
<!--
@import url("style.css");

-->
</style>
</head>
<body>
<form id="form1" name="form1" method="post" action="">
<?
if (isset($_POST['btn_login']) || !isset($_POST['btn_forgot_password_x']) || !isset($_POST['btn_forgot_password_y']))
{
?>
<table border="0" align="center" cellpadding="0" cellspacing="0">
  <tr>
    <th scope="col"><img src="images/top_left.gif" width="10" height="25" /></th>
    <th width='275' align='center' valign='middle' background='/images/top.gif' class='white_12_Tahoma'>Please Enter Login Details </th>
    <th scope="col"><img src="images/top_right.gif" width="15" height="25" /></th>
  </tr>
  <tr>
    <td><img src="images/left.gif" width="10" height="170" /></td>
    <td><table border="0" align="center" cellpadding="2" cellspacing="2">
      <tr>
        <th colspan="2" align="left" valign="top" scope="col">&nbsp;</th>
      </tr>
      <tr>
        <th align="left" valign="top">Username:</th>
        <td align="left" valign="top"><input name="txt_username" type="text" id="txt_username" value="<?=$_POST['txt_username']?>"/></td>
      </tr>
      <tr>
        <th align="left" valign="top">Password:</th>
        <td align="left" valign="top"><input name="txt_password" type="password" id="txt_password"/></td>
      </tr>
      <tr>
        <td align="center" valign="middle">&nbsp;</td>
        <td align="center" valign="middle"><span class="style1">
          <input name="btn_login" type="submit" class="style7" id="btn_login" value="Submit" />
        </span></td>
      </tr>
      <tr>
        <td colspan="2" align="left" valign="top">
<input type="image" src="images/magnify_glass.jpg" name="btn_forgot_password" id="btn_forgot_password" value="Submit" />
<span class="style7">Forgotten Password</span></td>
      </tr>
     
    </table></td>
    <td><img src="images/right.gif" width="15" height="170" /></td>
  </tr>
  <tr>
    <td><img src="images/bottom_left.gif" width="10" height="15" /></td>
    <td><img src="images/bottom.gif" width="275" height="15" /></td>
    <td><img src="images/bottom_right.gif" width="15" height="15" /></td>
  </tr>
</table>
<? } ?>
<br/>
<?
//if (isset($_POST['btn_forgot_password']))
if (isset($_POST['btn_forgot_password_x']) && isset($_POST['btn_forgot_password_y']))
{?>
<table border="0" align="center" cellpadding="0" cellspacing="0">
  <tr>
    <th scope="col"><img src="images/top_left.gif" width="10" height="25" /></th>
        <th width='350' align='center' valign='middle' background='/images/top.gif' class='white_12_Tahoma'>Please Enter E-Mail Details </th>
    <th scope="col"><img src="images/top_right.gif" width="15" height="25" /></th>
  </tr>
  <tr>
    <td><img src="images/left.gif" width="10" height="170" /></td>
    <td><table border="0" align="center" cellpadding="2" cellspacing="2">
      <tr>
        <th colspan="2" align="left" valign="top" scope="col">&nbsp;</th>
      </tr>
      <tr>
        <th align="left" valign="top">E-Mail Address:</th>
        <td align="left" valign="top"><input name="txt_email" type="text" id="txt_email" /></td>
      </tr>
      <tr>
        <th align="left" valign="top">Confirm E-Mail Address:</th>
        <td align="left" valign="top"><input name="txt_confirm_email" type="text" id="txt_confirm_email" /></td>
      </tr>
      <tr>
        <td align="center" valign="middle"><input name="btn_cancel" type="image" src="images/magnify_glass.jpg" class="style6" id="btn_cancel" value="Reset" border="border" />
            <span class="style7">Cancel </span></td>
        <td align="center" valign="top" class="style1"><input name="btn_forgot" type="submit" class="style7" id="btn_forgot" value="Submit" /></td>
      </tr>
    </table></td>
    <td><img src="images/right.gif" width="15" height="170" /></td>
  </tr>
  <tr>
    <td><img src="images/bottom_left.gif" width="10" height="15" /></td>
    <td><img src="images/bottom.gif" width="350" height="15" /></td>
    <td><img src="images/bottom_right.gif" width="15" height="15" /></td>
  </tr>
</table>
<? } ?>
<br />
<?
if ($email_request=="true")
{
?>
        <table width="400" border="0" align="center" cellpadding="0" cellspacing="0">
        <tr>
          <th scope="col"><img src="images/top_left.gif" width="10" height="25" /></th>
        <th width='400' align='center' valign='middle' background='/images/top.gif' class='white_12_Tahoma'>Please Check Your E-Mail</th>
          <th scope="col"><img src="images/top_right.gif" width="15" height="25" /></th>
        </tr>
        <tr>
          <td><img src="images/left.gif" width="10" height="50" /></td>
          <td><table width="400" border="0" align="center" cellpadding="0" cellspacing="0">
            <tr>
              <th scope="col"><span class="style5">Thankyou your username and password will be e-mail to your given address.</span></th>
            </tr>
           
          </table></td>
          <td><img src="images/right.gif" width="15" height="50" /></td>
        </tr>
        <tr>
          <td><img src="images/bottom_left.gif" width="10" height="15" /></td>
          <td><img src="images/bottom.gif" width="400" height="15" /></td>
          <td><img src="images/bottom_right.gif" width="15" height="15" /></td>
        </tr>
      </table>
        <? } ?>
      <br />
 <?
if ($no_email_found==="true")
{
?>
        <table width="400" border="0" align="center" cellpadding="0" cellspacing="0">
        <tr>
          <th scope="col"><img src="images/top_left.gif" width="10" height="25" /></th>
        <th width='400' align='center' valign='middle' background='/images/top.gif' class='white_12_Tahoma'>ERROR!!</th>
          <th scope="col"><img src="images/top_right.gif" width="15" height="25" /></th>
        </tr>
        <tr>
          <td><img src="images/left.gif" width="10" height="30" /></td>
          <td><table width="400" border="0" align="center" cellpadding="0" cellspacing="0">
            <tr>
              <th scope="col"><span class="style3">No matching e-mail address Found.</span></th>
            </tr>
           
          </table></td>
          <td><img src="images/right.gif" width="15" height="30" /></td>
        </tr>
        <tr>
          <td><img src="images/bottom_left.gif" width="10" height="15" /></td>
          <td><img src="images/bottom.gif" width="400" height="15" /></td>
          <td><img src="images/bottom_right.gif" width="15" height="15" /></td>
        </tr>
      </table>
        <? } ?>
      <br />
<?
if ($username_password_notfound==="true")
{
?>
        <table width="400" border="0" align="center" cellpadding="0" cellspacing="0">
        <tr>
          <th scope="col"><img src="images/top_left.gif" width="10" height="25" /></th>
<th width='400' align='center' valign='middle' background='/images/top.gif' class='white_12_Tahoma'>ERROR!!</th>
          <th scope="col"><img src="images/top_right.gif" width="15" height="25" /></th>
        </tr>
        <tr>
          <td><img src="images/left.gif" width="10" height="30" /></td>
          <td><table width="400" border="0" align="center" cellpadding="0" cellspacing="0">
            <tr>
              <th scope="col"><span class="style3">No Username or Password Found Please Check. </span></th>
            </tr>
           
          </table></td>
          <td><img src="images/right.gif" width="15" height="30" /></td>
        </tr>
        <tr>
          <td><img src="images/bottom_left.gif" width="10" height="15" /></td>
          <td><img src="images/bottom.gif" width="400" height="15" /></td>
          <td><img src="images/bottom_right.gif" width="15" height="15" /></td>
        </tr>
      </table>
        <?
}

if ($username_error==="true")
{
?>
      <table width="400" border="0" align="center" cellpadding="0" cellspacing="0">
        <tr>
          <th scope="col"><img src="images/top_left.gif" width="10" height="25" /></th>
          <th width='400' align='center' valign='middle' background='/images/top.gif' class='white_12_Tahoma'>ERROR!!</th>
          <th scope="col"><img src="images/top_right.gif" width="15" height="25" /></th>
        </tr>
        <tr>
          <td><img src="images/left.gif" width="10" height="30" /></td>
          <td><table width="400" border="0" align="center" cellpadding="0" cellspacing="0">
              <tr>
                <th scope="col"><span class="style3">Please Check Username Field. </span></th>
              </tr>
          </table></td>
          <td><img src="images/right.gif" width="15" height="30" /></td>
        </tr>
        <tr>
          <td><img src="images/bottom_left.gif" width="10" height="15" /></td>
          <td><img src="images/bottom.gif" width="400" height="15" /></td>
          <td><img src="images/bottom_right.gif" width="15" height="15" /></td>
        </tr>
      </table>
<? }
if ($password_error==="true")
{
?>
      <table width="400" border="0" align="center" cellpadding="0" cellspacing="0">
        <tr>
          <th scope="col"><img src="images/top_left.gif" width="10" height="25" /></th>
          <th width='400' align='center' valign='middle' background='/images/top.gif' class='white_12_Tahoma'>ERROR!!</th>
          <th scope="col"><img src="images/top_right.gif" width="15" height="25" /></th>
        </tr>
        <tr>
          <td><img src="images/left.gif" width="10" height="30" /></td>
          <td><table width="400" border="0" align="center" cellpadding="0" cellspacing="0">
              <tr>
                <th scope="col"><span class="style3">Please Check Password Field. </span></th>
              </tr>
          </table></td>
          <td><img src="images/right.gif" width="15" height="30" /></td>
        </tr>
        <tr>
          <td><img src="images/bottom_left.gif" width="10" height="15" /></td>
          <td><img src="images/bottom.gif" width="400" height="15" /></td>
          <td><img src="images/bottom_right.gif" width="15" height="15" /></td>
        </tr>
      </table>
<? }  
if ($username_password_error==="true")
{
?>
      <table width="400" border="0" align="center" cellpadding="0" cellspacing="0">
        <tr>
          <th scope="col"><img src="images/top_left.gif" width="10" height="25" /></th>
          <th width='400' align='center' valign='middle' background='/images/top.gif' class='white_12_Tahoma'>ERROR!!</th>
          <th scope="col"><img src="images/top_right.gif" width="15" height="25" /></th>
        </tr>
        <tr>
          <td><img src="images/left.gif" width="10" height="30" /></td>
          <td><table width="400" border="0" align="center" cellpadding="0" cellspacing="0">
              <tr>
                <th scope="col"><span class="style3">Please Check Username And Password Fields. </span></th>
              </tr>
          </table></td>
          <td><img src="images/right.gif" width="15" height="30" /></td>
        </tr>
        <tr>
          <td><img src="images/bottom_left.gif" width="10" height="15" /></td>
          <td><img src="images/bottom.gif" width="400" height="15" /></td>
          <td><img src="images/bottom_right.gif" width="15" height="15" /></td>
        </tr>
      </table>
<? } ?>
</form>
</body>
</html>
0
 
LVL 10

Expert Comment

by:Khanh Doan
ID: 17155880
($_POST['txt_username']=="" || $_POST['txt_password']=="")


It will return error if username OR password is empty.

Goodluck
Bonmat86.
0
 

Author Comment

by:avo42
ID: 17155938
Hi THanks

it should i agree but for some reason it will not return the error

duno why
0
 
LVL 10

Assisted Solution

by:Khanh Doan
Khanh Doan earned 150 total points
ID: 17155995
How come it won't return error ?
So in the form

<script language="javascript">
function check()
{
    username = document.getElementById('username').value;
    password = document.getElementById("password').value;
    if (username == '')
    {
        alert ("Please enter username");
        return false
    }
    if (password == '')
    {
        alert ("Please enter password");
        return false
    }
}
</script>
<form name="submit" .... onSubmit="return check()">
user : <input type="text" id="username">
pass : <input type="password" id="password">
<input type="submit">
</form>

Bonmat86.
0
 
LVL 9

Accepted Solution

by:
Rob_Jeffrey earned 200 total points
ID: 17155996
Try this (using tansofun's suggestion)

<?php if (isset($_POST['btn_login']))
{
      if ($_POST['txt_username']=="" && $_POST['txt_password']=="") {    
            $username_password_error="true";
      } elseif ($_POST['txt_username']=="") {    
            $username_error="true";
      } elseif ($_POST['txt_password']=="") {    
            $password_error="true";
      } else {
          mysql_connect($dbhost, $dbuser, $dbpass);
            mysql_select_db($dbname);
            $sql = "SELECT * FROM downloads WHERE username = '".$_POST['txt_username']."' AND password = '".md5($_POST['txt_password'])."'";
            $result = mysql_query($sql)or die (mysql_error());
            $row=mysql_fetch_array($result);
            
            if (mysql_num_rows($result)>0){
                  $_SESSION['user']="true";
                  $_SESSION['username']=$row['realname'];
                  header('location: main.php');
            } else {
                  $username_password_notfound="true";
        }
      }
}
?>
0
 
LVL 9

Expert Comment

by:Rob_Jeffrey
ID: 17156119
This line should be changed:

<input name="txt_username" type="text" id="txt_username" value="<?=$_POST['txt_username']?>"/>

to

<input name="txt_username" type="text" id="txt_username" <?php if ($_POST['txt_username']<>"") { echo 'value="' . $_POST['txt_username'] . '"'; ?> />

The first time through you are placing a null value in the field setting the Post data.
0
 

Author Comment

by:avo42
ID: 17157295
Hi thanks all for your help

it must have been because the db was called before the checks were made

appriciated
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to count occurrences of each item in an array.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now