Page 1 of 1

[solved] returns false?

Posted: Fri Aug 17, 2007 12:09 pm
by m2babaey
Hi
my login is not working after a coded the hasbalance function and made some changes.
Could you please check if one of the 3 functions is always returning false?
thanks

Code: Select all

<?
function hasbalance($username){
  $sql="SELECT lastpaid, newbalance FROM jf_users WHERE username='$username' ";
   $resultp=mysql_query($sql);
   $rp=mysql_fetch_array($resultp);
   $lastp=$rp['lastpaid'];
   $newb=$rp['newbalance'];
   $now=date("Y-m-d H:i:s");
   $lastp=strtotime($lastp);
   $now=strtotime($now);
   $seconds=$now-$lastp;
   $months=$seconds/60/60/24/30;
   $ii=1;
   $feesql="SELECT * FROM payment WHERE id='$ii' ";
   $rfee=mysql_query($feesql) or die(mysql_error()) ;
   $rrow=mysql_fetch_array($rfee);
   $mfee=$rrow['mfee'];
   $s_have=$mfee*$months;
   if ($s_have < $newb) { return true; }
   else{
   echo "Sorry, you don't have enough balance to access the site features.";
   }
}?>

Code: Select all

<?
function isloggedin(){
	$u=mysql_real_escape_string($_COOKIE['jfuser']);
	$p=mysql_real_escape_string($_COOKIE['jfp']);
	
	$l=mysql_fetch_array(mysql_query("select username,password from jf_users where lcase(username)='".strtolower($u)."' and banned='0'"));
	if(strtolower($l['username'])==strtolower($u) and md5($l['password'])==$p){
	if (hasbalance($u)) 	{
    return true;
	   }
	   else echo "Sorry, you don't have enough balance to access the site features.";
  }else{
		return false;
	}
}?>

Code: Select all

<?
function isvaliduser($u,$p){

	$l=mysql_fetch_array(mysql_query("select username,password from jf_users where lcase(username)='".strtolower($u)."' and password='".$p."' and banned='0'"));
	if(strtolower($l['username'])==strtolower($u) and $l['password']==$p && $p!="" && $u!=""){
	if (hasbalance($u)) 	{
    return true;
	   }
	  	else return false;
  }else{
		return false;
	}
}?>

Re: returns false?

Posted: Fri Aug 17, 2007 12:16 pm
by superdezign
m2babaey wrote:my login is not working after a coded the hasbalance function and made some changes.
Could you please check if one of the 3 functions is always returning false?
... Why can't you?

Posted: Fri Aug 17, 2007 12:21 pm
by miro_igov
This is bad

Code: Select all

if (hasbalance($u))     {
    return true;
}
else return false;
because hasbalance always returns true.

Posted: Fri Aug 17, 2007 1:35 pm
by m2babaey
Why can't you?
because this code:

Code: Select all

<?php
include "includes/conn.php";
include "includes/functions.php";
if(isset($_GET['action']) and $_GET['action']=="myaccount" and isLoggedIn()){
	include "includes/header.php";
	include "templates/myaccounttemplate.php";
	include "includes/footer.php";
}
else if(isset($_GET['action']) and $_GET['action']=="myaccount" ){
echo "not logged in";
}
?>
outputs: not logged in

Posted: Fri Aug 17, 2007 1:40 pm
by miro_igov
isLoggedIn() is different than isloggedin(). But you should not be so lazy.

Posted: Fri Aug 17, 2007 2:32 pm
by superdezign
m2babaey wrote:
Why can't you?
because this code:

Code: Select all

<?php
include "includes/conn.php";
include "includes/functions.php";
if(isset($_GET['action']) and $_GET['action']=="myaccount" and isLoggedIn()){
	include "includes/header.php";
	include "templates/myaccounttemplate.php";
	include "includes/footer.php";
}
else if(isset($_GET['action']) and $_GET['action']=="myaccount" ){
echo "not logged in";
}
?>
outputs: not logged in
That doesn't make sense. If we'd be able to debug it, then you would too.

Posted: Fri Aug 17, 2007 3:43 pm
by thewebdrivers
use this

Code: Select all

<?php
include "includes/conn.php";
include "includes/functions.php";
if(isset($_GET['action']) and $_GET['action']=="myaccount" and isLoggedIn()){
        include "includes/header.php";
        include "templates/myaccounttemplate.php";
        include "includes/footer.php";
}
else {
echo "not logged in";
}
?>

Posted: Fri Aug 17, 2007 11:17 pm
by m2babaey
thanks
this url:
http://www.netfreelancer.com/acc.php?action=myaccount
( you can click it to view)
says:
not logged in
even when i have logged in :?

Posted: Sat Aug 18, 2007 7:15 am
by m2babaey
solved
the problem was an extra md5