Disappearing usernames, anyone?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Mightywayne
Forum Contributor
Posts: 237
Joined: Sat Dec 09, 2006 6:46 am

Disappearing usernames, anyone?

Post by Mightywayne »

Hello there. I've gotten far in my PHP code but am stuck here. :O Check this out.

Now I've tried to see if it was being assigned correctly (the $username) and right under the _POST I've tested it to echo, and it works. So it makes me wonder if one piece of the following code is blanking it out. As in, setting it to " ".

Code: Select all

$username = $_POST["username"];
$verifycode = $_POST["verify"];

if (($username = "") || ($verifycode = "")) 
{
	die("Gotta fill out all the fields, silly!");
}

$verifycheck = mysql_query("SELECT confkey FROM user WHERE name = '$username'");

$verified = mysql_query("SELECT verified FROM user WHERE name = '$username'");


if ($verified == 'yes')
	die("Hmm, $username, it seems as if you're already validated. Try logging in. ");

if ($verifycheck == $verifycode)
{
	echo "User $username verified correctly, welcome to Monbre!";
	mysql_query("UPDATE user SET verified = 'yes' WHERE name = '$username'");
}
else
	die("Sorry, $username, it seems you have entered the wrong validation code... perhaps you miss-typed it?");
Even if they have the wrong validation code, it'll say "Sorry, , it seems" thus showing it is blank'd by something. Also the validation checker I'm pretty sure is wrong, and I'm also pretty sure it's wrong cuz it blanks it. ;)
User avatar
mibocote
Forum Newbie
Posts: 18
Joined: Sun Aug 20, 2006 9:51 am
Contact:

Re: Disappearing usernames, anyone?

Post by mibocote »

Mightywayne wrote: Now I've tried to see if it was being assigned correctly (the $username) and right under the _POST I've tested it to echo, and it works. So it makes me wonder if one piece of the following code is blanking it out. As in, setting it to " ".
Look closely :D. I hate making these kind of typos.

Code: Select all

if (($username = "") || ($verifycode = "")) 
{
	die("Gotta fill out all the fields, silly!");
}
Last edited by mibocote on Tue Jan 02, 2007 12:43 pm, edited 1 time in total.
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

mysql_query() does not return a recordset, you have to pass the result to mysql_fetch_assoc(), and loop if neccesary. Secondly, as is you are not escaping potentially dangerous input. At minimum, pass user supplied variables to mysql_real_escape_string().
User avatar
aaronhall
DevNet Resident
Posts: 1040
Joined: Tue Aug 13, 2002 5:10 pm
Location: Back in Phoenix, missing the microbrews
Contact:

Post by aaronhall »

= != ==
impulse()
Forum Regular
Posts: 748
Joined: Wed Aug 09, 2006 8:36 am
Location: Staffordshire, UK
Contact:

Post by impulse() »

Try something like:

Code: Select all

$i = 0; 
while ($res = mysql_fetch_array($verified)) {
  $variableName[$i] = $res['mysqlFieldName'];
  $i++;
}

for ($i = 0; $i < count($variableName); $i++) {
  if ($variableName[$i] == $verified) {
    $alreadyVerified = 1;
  }
}
That will set the variable 'alreadyVerified' to 1 if there are any results in the mySQL table. Then you can put something like:


Code: Select all

if ($alreadyVerified == 1) {
  echo "Welcome to Monbre";
}
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Assignment versus equality. I just did that the other day.

When checking equality use two equal signs, not one or you end up setting the variable to that value.

Code: Select all

<?php
$username = $_POST["username"];
$verifycode = $_POST["verify"];

// This line here actually assigns the empty string to each var, which in essence evaluates to true for each one)
if (($username = "") || ($verifycode = ""))
{
        die("Gotta fill out all the fields, silly!");
}
?>
Change your conditional to

Code: Select all

<?php
if ($username == "" || $verifycode == "")
?>
Or

Code: Select all

<?php
if ( empty($username) || empty($verifycode) )
?>
User avatar
Kieran Huggins
DevNet Master
Posts: 3635
Joined: Wed Dec 06, 2006 4:14 pm
Location: Toronto, Canada
Contact:

Post by Kieran Huggins »

aaronhall wrote:= != ==
kieran += 8O......Image;

aaronhall += 8);
Mightywayne
Forum Contributor
Posts: 237
Joined: Sat Dec 09, 2006 6:46 am

Post by Mightywayne »

Omg. xD Thanks both of you. And, I love empty()! I didn't know that function existed. I'll definitely be using that more often. You guys are great. :o
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Make sure you play around with using empty() as you can get funnier results than expected sometimes (like if the value of a var is (int) 0, it stills shows empty). But play with it. You'll see how it works.
Post Reply