Page 1 of 1

IF statement problem

Posted: Wed Mar 11, 2009 3:07 pm
by tomelmore
Hi all :)

I have an IF statement that isnt working correctly (maby im just being an idiot).

Code: Select all

if(md5($password) != $userpwd)
{
   header("Location: preferences.php?msg=Current Password was incorrect ".md5($password)." - ".$userpwd.".");
   exit();
}
Both variables equal the same but it still executes the code inside the statement.

The return message is Current Password was incorrect 5f4dcc3b5aa765d61d8327deb882cf99 - 5f4dcc3b5aa765d61d8327deb882cf99.
So looking at that the both varibles definatly equal the same?

Hope someone can help me :D
Thanks Tom.

Re: IF statement problem

Posted: Wed Mar 11, 2009 3:39 pm
by omniuni
If you do not open brackets on the same line as the if statement, it is a single-line if.

Try moving your opening bracket one line up:

Code: Select all

if(md5($password) != $userpwd){
header("Location: preferences.php?msg=Current Password was incorrect ".md5($password)." - ".$userpwd.".");
exit();
}

Re: IF statement problem

Posted: Wed Mar 11, 2009 3:44 pm
by tomelmore
Thanks omniuni, but that still hasnt solved it :(

Re: IF statement problem

Posted: Wed Mar 11, 2009 3:55 pm
by Reviresco
The only thing I can think of is that there's something else going on with one of those variables in some other part of the code that we're not seeing.

Re: IF statement problem

Posted: Wed Mar 11, 2009 5:21 pm
by VladSun
omniuni wrote:If you do not open brackets on the same line as the if statement, it is a single-line if.

Try moving your opening bracket one line up:

Code: Select all

if(md5($password) != $userpwd){
header("Location: preferences.php?msg=Current Password was incorrect ".md5($password)." - ".$userpwd.".");
exit();
}
8O 8O 8O


@tomelmore
Try

Code: Select all

if(md5($password) != $userpwd)
{
   var_dump($userpwd);
   $md5p = md5($password);
   var_dump($md5p);
   exit();
}
and see what you actually get.

Re: IF statement problem

Posted: Wed Mar 11, 2009 6:39 pm
by tomelmore
@tomelmore
Try

Code: Select all

if(md5($password) != $userpwd)
{
   var_dump($userpwd);
   $md5p = md5($password);
   var_dump($md5p);
   exit();
}
and see what you actually get.
I got:
string(33) "5f4dcc3b5aa765d61d8327deb882cf99 " string(32) "5f4dcc3b5aa765d61d8327deb882cf99"

Ok heres the rest of the code:

Code: Select all

if ($_POST['Submit']=='Save') {
          $rsPwd = mysql_query("SELECT `user_pwd` FROM `users` WHERE `user_email`='$_SESSION[user]'") or die(mysql_error());
          $mypwd = mysql_fetch_assoc($rsPwd);
          
          $userpwd = $mypwd[user_pwd];
          $name = $_POST['name'];
          $email = $_POST['email'];
          $password = $_POST['pwd'];
          $newpassword = $_POST['npwd'];
          $connewpassword = $_POST['cnpwd'];
          
          if(strlen($name) == 0) {
             header("Location: preferences.php?msg=Please enter a Name.");
             exit();    
          }
          
          if(valid_email($email) == FALSE) {
             header("Location: preferences.php?msg=Please enter a valid Email address.");
             exit();
          }
          
          if(md5($password) != $userpwd) {
             var_dump($userpwd);
             $md5p = md5($password);
             var_dump($md5p);
             exit();
           }
          
          if(strlen($newpassword) > 0) {
             if(strlen($newpassword) < 6) {
                header("Location: preferences.php?msg=Password must be at least 6 characters long.");
                exit();
             }
             
             if($newpassword != $connewpassword) {
                header("Location: preferences.php?msg=Passwords don't match.");
                exit();
             }
             
             header("Location: preferences.php?msg=New password saved.");
             exit();
          }
          
          header("Location: preferences.php?msg=Information saved.");
          exit();
       }
Probably not the best way to do it all but im learning :D

Thanks Tom.

Re: IF statement problem

Posted: Thu Mar 12, 2009 4:02 am
by VladSun
tomelmore wrote:I got:
string(33) "5f4dcc3b5aa765d61d8327deb882cf99 " string(32) "5f4dcc3b5aa765d61d8327deb882cf99"
So, you see - they are different - there is an additional white space in $userpwd string.
I suppose you add it in you account create query together with the md5 value. Let's see this query/code.