this login validation not working so nicely.
ok, i know the code is probably a laugh. I've taken bits and pieces I've learnt over the last 2 days and tried to make something of this. I have a login whereby they can log in with a cellphone number or an email address.
this code below, what i want it to do is basically provide the correct feedback, so if i use the correct email but the password is wrong it tells me the password is wrong specifically rather than just saying login failed.
currently, the validation works, however if I log in correctly the first time, all good, BUT if I put the wrong password the first time, it tells me incorrect password, if i then correct the password and login again it still tells me incorrect password.
advice please.
this code below, what i want it to do is basically provide the correct feedback, so if i use the correct email but the password is wrong it tells me the password is wrong specifically rather than just saying login failed.
currently, the validation works, however if I log in correctly the first time, all good, BUT if I put the wrong password the first time, it tells me incorrect password, if i then correct the password and login again it still tells me incorrect password.
advice please.
<?php
session_start();
include 'config.php';
include 'opendb.php';
//This function will find and checks if your data is correct
function login(){
//Collect your info from login form
$loginType = $_REQUEST['loginType'];
$cellnumber = $_REQUEST['cellphone'];
$email = $_REQUEST['email'];
$password = $_REQUEST['userPassword'];
if ($loginType == "email") {
$result = mysql_query("SELECT * FROM persons WHERE email='$email' AND password='$password'");
} else {
$result = mysql_query("SELECT * FROM persons WHERE cellphone ='$cellnumber' AND password='$password'");
}
$row = mysql_fetch_array($result);
if ($row == null) {
if ($loginType == "email") {
$result2 = mysql_query("SELECT * FROM persons WHERE email='$email'");
$row2 = mysql_fetch_array($result2);
if ($row2 == null) {
echo '<?xml version="1.0"?>';
echo '<dataxml>';
echo '<row type="error">';
echo "<errorMsg>Email not found on system.</errorMsg>";
echo "</row>";
echo '</dataxml>';
die();
} else {
echo '<?xml version="1.0"?>';
echo '<dataxml>';
echo '<row type="error">';
echo "<errorMsg>Incorrect Password.</errorMsg>";
echo "</row>";
echo '</dataxml>';
die();
}
} else if($loginType == "cellphone") {
$result2 = mysql_query("SELECT * FROM persons WHERE cellphone='$cellnumber'");
$row2 = mysql_fetch_array($result2);
if ($row2 == null) {
echo '<?xml version="1.0"?>';
echo '<dataxml>';
echo '<row type="error">';
echo "<errorMsg>Can't find cell phone number on system.</errorMsg>";
echo "</row>";
echo '</dataxml>';
die();
} else {
echo '<?xml version="1.0"?>';
echo '<dataxml>';
echo '<row type="error">';
echo "<errorMsg>Incorrect Password.</errorMsg>";
echo "</row>";
echo '</dataxml>';
die();
}
}
} else {
$username = $row['firstName'];
$id = $row['personID'];
echo '<?xml version="1.0"?>';
echo '<dataxml>';
echo '<row type="success">';
echo "<firstname>".$row['firstName']."</firstname>";
echo "<userID>".$row['personID']."</userID>";
echo "</row>";
echo '</dataxml>';
}
}
login();
?>
ASKER
Hi yauhing.
thanks for that but it still does the same thing.
i log in with wrong password, says incorrect password.
i fix the password and login again - still says incorrect password.
thanks for that but it still does the same thing.
i log in with wrong password, says incorrect password.
i fix the password and login again - still says incorrect password.
I test code in my server without problem, please provide more details or links if any.
ASKER
unfortunately this is currently sitting on my test server, but i've copied and pasted your code as is.
did you test it with the wrong password, and immediately the correct password.
the form is in flash. so the browser doesn't get a refresh.
if i refresh the browser it's fine. otherwise not.
did you test it with the wrong password, and immediately the correct password.
the form is in flash. so the browser doesn't get a refresh.
if i refresh the browser it's fine. otherwise not.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
oh that's interesting.
i've implemented the output that as above
if the first time i enter bob2 as password, then bob it outputs
password = bob2 bob so it's not clearing the first value.
hmmm.
i've implemented the output that as above
if the first time i enter bob2 as password, then bob it outputs
password = bob2 bob so it's not clearing the first value.
hmmm.
ASKER
okay i've checked on the flash side, definately not caching previous entries, and then i've tried with the other field values, it's only the password that is doing this. any ideas.
ASKER
okay i figured it out. mighty wierd,
but when the password is wrong, it's still in the textfield, but the carat has just changed so you can't see it.
but when doing an echo on load of the php and before calling the php on the flash side it doesnt' pick it up.
i'm done a work around for now as I don't want to spend too much time further on this as it's just a knock up prototype. I'm catching the error on flash side and emptying the textfield explicitly.
but when the password is wrong, it's still in the textfield, but the carat has just changed so you can't see it.
but when doing an echo on load of the php and before calling the php on the flash side it doesnt' pick it up.
i'm done a work around for now as I don't want to spend too much time further on this as it's just a knock up prototype. I'm catching the error on flash side and emptying the textfield explicitly.
ASKER
thanks.
Open in new window