Page 1 of 1
IF statement problem
Posted: Wed Mar 11, 2009 3:07 pm
by tomelmore
Hi all
I have an IF statement that isnt working correctly (maby im just being an idiot).
Code: Select all
if(md5($password) != $userpwd)
{
header("Location: preferences.php?msg=Current Password was incorrect ".md5($password)." - ".$userpwd.".");
exit();
}
Both variables equal the same but it still executes the code inside the statement.
The return message is Current Password was incorrect 5f4dcc3b5aa765d61d8327deb882cf99 - 5f4dcc3b5aa765d61d8327deb882cf99.
So looking at that the both varibles definatly equal the same?
Hope someone can help me
Thanks Tom.
Re: IF statement problem
Posted: Wed Mar 11, 2009 3:39 pm
by omniuni
If you do not open brackets on the same line as the if statement, it is a single-line if.
Try moving your opening bracket one line up:
Code: Select all
if(md5($password) != $userpwd){
header("Location: preferences.php?msg=Current Password was incorrect ".md5($password)." - ".$userpwd.".");
exit();
}
Re: IF statement problem
Posted: Wed Mar 11, 2009 3:44 pm
by tomelmore
Thanks omniuni, but that still hasnt solved it

Re: IF statement problem
Posted: Wed Mar 11, 2009 3:55 pm
by Reviresco
The only thing I can think of is that there's something else going on with one of those variables in some other part of the code that we're not seeing.
Re: IF statement problem
Posted: Wed Mar 11, 2009 5:21 pm
by VladSun
omniuni wrote:If you do not open brackets on the same line as the if statement, it is a single-line if.
Try moving your opening bracket one line up:
Code: Select all
if(md5($password) != $userpwd){
header("Location: preferences.php?msg=Current Password was incorrect ".md5($password)." - ".$userpwd.".");
exit();
}
@tomelmore
Try
Code: Select all
if(md5($password) != $userpwd)
{
var_dump($userpwd);
$md5p = md5($password);
var_dump($md5p);
exit();
}
and see what you actually get.
Re: IF statement problem
Posted: Wed Mar 11, 2009 6:39 pm
by tomelmore
@tomelmore
Try
Code: Select all
if(md5($password) != $userpwd)
{
var_dump($userpwd);
$md5p = md5($password);
var_dump($md5p);
exit();
}
and see what you actually get.
I got:
string(33) "5f4dcc3b5aa765d61d8327deb882cf99 " string(32) "5f4dcc3b5aa765d61d8327deb882cf99"
Ok heres the rest of the code:
Code: Select all
if ($_POST['Submit']=='Save') {
$rsPwd = mysql_query("SELECT `user_pwd` FROM `users` WHERE `user_email`='$_SESSION[user]'") or die(mysql_error());
$mypwd = mysql_fetch_assoc($rsPwd);
$userpwd = $mypwd[user_pwd];
$name = $_POST['name'];
$email = $_POST['email'];
$password = $_POST['pwd'];
$newpassword = $_POST['npwd'];
$connewpassword = $_POST['cnpwd'];
if(strlen($name) == 0) {
header("Location: preferences.php?msg=Please enter a Name.");
exit();
}
if(valid_email($email) == FALSE) {
header("Location: preferences.php?msg=Please enter a valid Email address.");
exit();
}
if(md5($password) != $userpwd) {
var_dump($userpwd);
$md5p = md5($password);
var_dump($md5p);
exit();
}
if(strlen($newpassword) > 0) {
if(strlen($newpassword) < 6) {
header("Location: preferences.php?msg=Password must be at least 6 characters long.");
exit();
}
if($newpassword != $connewpassword) {
header("Location: preferences.php?msg=Passwords don't match.");
exit();
}
header("Location: preferences.php?msg=New password saved.");
exit();
}
header("Location: preferences.php?msg=Information saved.");
exit();
}
Probably not the best way to do it all but im learning
Thanks Tom.
Re: IF statement problem
Posted: Thu Mar 12, 2009 4:02 am
by VladSun
tomelmore wrote:I got:
string(33) "5f4dcc3b5aa765d61d8327deb882cf99 " string(32) "5f4dcc3b5aa765d61d8327deb882cf99"
So, you see - they are different - there is an additional white space in $userpwd string.
I suppose you add it in you account create query together with the md5 value. Let's see this query/code.