PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Moderator: General Moderators
tomelmore
Forum Newbie
Posts: 3 Joined: Wed Mar 11, 2009 3:03 pm
Post
by tomelmore » Wed Mar 11, 2009 3:07 pm
Hi all
I have an IF statement that isnt working correctly (maby im just being an idiot).
Code: Select all
if(md5($password) != $userpwd)
{
header("Location: preferences.php?msg=Current Password was incorrect ".md5($password)." - ".$userpwd.".");
exit();
}
Both variables equal the same but it still executes the code inside the statement.
The return message is Current Password was incorrect 5f4dcc3b5aa765d61d8327deb882cf99 - 5f4dcc3b5aa765d61d8327deb882cf99.
So looking at that the both varibles definatly equal the same?
Hope someone can help me
Thanks Tom.
omniuni
Forum Regular
Posts: 738 Joined: Tue Jul 15, 2008 10:50 pm
Location: Carolina, USA
Post
by omniuni » Wed Mar 11, 2009 3:39 pm
If you do not open brackets on the same line as the if statement, it is a single-line if.
Try moving your opening bracket one line up:
Code: Select all
if(md5($password) != $userpwd){
header("Location: preferences.php?msg=Current Password was incorrect ".md5($password)." - ".$userpwd.".");
exit();
}
tomelmore
Forum Newbie
Posts: 3 Joined: Wed Mar 11, 2009 3:03 pm
Post
by tomelmore » Wed Mar 11, 2009 3:44 pm
Thanks omniuni, but that still hasnt solved it
Reviresco
Forum Contributor
Posts: 172 Joined: Tue Feb 19, 2008 4:18 pm
Location: Milwaukee
Post
by Reviresco » Wed Mar 11, 2009 3:55 pm
The only thing I can think of is that there's something else going on with one of those variables in some other part of the code that we're not seeing.
VladSun
DevNet Master
Posts: 4313 Joined: Wed Jun 27, 2007 9:44 am
Location: Sofia, Bulgaria
Post
by VladSun » Wed Mar 11, 2009 5:21 pm
omniuni wrote: If you do not open brackets on the same line as the if statement, it is a single-line if.
Try moving your opening bracket one line up:
Code: Select all
if(md5($password) != $userpwd){
header("Location: preferences.php?msg=Current Password was incorrect ".md5($password)." - ".$userpwd.".");
exit();
}
@tomelmore
Try
Code: Select all
if(md5($password) != $userpwd)
{
var_dump($userpwd);
$md5p = md5($password);
var_dump($md5p);
exit();
}
and see what you actually get.
There are 10 types of people in this world, those who understand binary and those who don't
tomelmore
Forum Newbie
Posts: 3 Joined: Wed Mar 11, 2009 3:03 pm
Post
by tomelmore » Wed Mar 11, 2009 6:39 pm
@tomelmore
Try
Code: Select all
if(md5($password) != $userpwd)
{
var_dump($userpwd);
$md5p = md5($password);
var_dump($md5p);
exit();
}
and see what you actually get.
I got:
string(33) "5f4dcc3b5aa765d61d8327deb882cf99 " string(32) "5f4dcc3b5aa765d61d8327deb882cf99"
Ok heres the rest of the code:
Code: Select all
if ($_POST['Submit']=='Save') {
$rsPwd = mysql_query("SELECT `user_pwd` FROM `users` WHERE `user_email`='$_SESSION[user]'") or die(mysql_error());
$mypwd = mysql_fetch_assoc($rsPwd);
$userpwd = $mypwd[user_pwd];
$name = $_POST['name'];
$email = $_POST['email'];
$password = $_POST['pwd'];
$newpassword = $_POST['npwd'];
$connewpassword = $_POST['cnpwd'];
if(strlen($name) == 0) {
header("Location: preferences.php?msg=Please enter a Name.");
exit();
}
if(valid_email($email) == FALSE) {
header("Location: preferences.php?msg=Please enter a valid Email address.");
exit();
}
if(md5($password) != $userpwd) {
var_dump($userpwd);
$md5p = md5($password);
var_dump($md5p);
exit();
}
if(strlen($newpassword) > 0) {
if(strlen($newpassword) < 6) {
header("Location: preferences.php?msg=Password must be at least 6 characters long.");
exit();
}
if($newpassword != $connewpassword) {
header("Location: preferences.php?msg=Passwords don't match.");
exit();
}
header("Location: preferences.php?msg=New password saved.");
exit();
}
header("Location: preferences.php?msg=Information saved.");
exit();
}
Probably not the best way to do it all but im learning
Thanks Tom.
VladSun
DevNet Master
Posts: 4313 Joined: Wed Jun 27, 2007 9:44 am
Location: Sofia, Bulgaria
Post
by VladSun » Thu Mar 12, 2009 4:02 am
tomelmore wrote: I got:
string(33) "5f4dcc3b5aa765d61d8327deb882cf99 " string(32) "5f4dcc3b5aa765d61d8327deb882cf99"
So, you see - they are different - there is an additional white space in $userpwd string.
I suppose you add it in you account create query together with the md5 value. Let's see this query/code.
There are 10 types of people in this world, those who understand binary and those who don't