Page 1 of 1

Check that user details are correct

Posted: Sun Jun 17, 2007 4:34 pm
by oo7ml
I have a cancel membership section which is only available to users who are logged in.

In order to cancel your membership, users must fill in the form which consists of their username and password.

This then checks the username and password that they entered in the form against the session variables username and password (username and password of the person logged in). It seems to work fine if the username and password are the exact same but if they are different it doesn't work

e.g i've set up two accounts using the details below

username: peter password: peter works fine
username: john password: simon doesn't work

So i have:

PHP Code:

Code: Select all

$username    = $_POST['username']; // gets username from the form
$password    = $_POST['password']; // gets username from the form
$susername    = $_SESSION['my_array'][0]; // username of person logged in
$spassword  = $_SESSION['my_array'][10]; // password of person logged in
Here is the code i have:

PHP Code:

Code: Select all

if ($username == $susername & $password == $spassword)    

{
Can anyone see why this is not working

Posted: Sun Jun 17, 2007 4:51 pm
by Benjamin
Should be..

Code: Select all

if ($username == $susername && $password == $spassword)   

{
Logical Operators

Posted: Sun Jun 17, 2007 5:03 pm
by oo7ml
No i have tried that also, and it still only works if the username and password are the exact same

Posted: Sun Jun 17, 2007 5:12 pm
by oo7ml
Sorry, i got it working. The script is case sensitive because of the code:

Code: Select all

$username    = $_POST['username']; // gets username from the form
$password    = $_POST['password']; // gets username from the form
$susername    = $_SESSION['my_array'][0]; // username of person logged in
$spassword  = $_SESSION['my_array'][10]; // password of person logged in

Code: Select all

if ($username == $susername & $password == $spassword)   

{
However the log in page or any other part of the site is not case sensitive. The only reason it is case sensitive here is because, it checks the username and password from the form, against the username and password of the user logged in (through a session variable). So they have to be exact for that matter, ie - case sensitive. does anyone know another way i could design this section, thanks