otuatail Posted September 9, 2011 Share Posted September 9, 2011 Hi I have got a database table for logging in. One user will not log in even though the data is valid $user = ValidateKey($_SESSION["Name"] , $_SESSION["PWD1"] , $_SESSION["PWD2"]); // User if($Error == 1 || $user == 0 || $user == -1) { // header('Location: index.php'); echo $Error . " , " . $user; // result is 0, caf9eba77c55ab5ae81a01c25d1987d3 exit; } All other user are OK! Strange Desmond. Quote Link to comment Share on other sites More sharing options...
Adam Posted September 9, 2011 Share Posted September 9, 2011 Can you show us all the code involved? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted September 9, 2011 Share Posted September 9, 2011 Your function is returning a string (looks like a md5 hash). You are trying to compare that string with a zero. That comparison will be TRUE (the string is converted into a number), unless the string starts with a number (that is non-zero.) Are you sure you didn't intend your function to return a true or false value instead? Quote Link to comment Share on other sites More sharing options...
otuatail Posted September 9, 2011 Author Share Posted September 9, 2011 Sorry I will show you the code that is used and explain. $user = ValidateKey($_SESSION["Name"] , $_SESSION["PWD1"] , $_SESSION["PWD2"]); // User if($Error == 1 || $user == 0 || $user == -1) { header('Location: index.php'); //echo $Error . " " . $user; exit; } This is the code that checks if the user is valid. ValidateKey() returns: 0 , -1 , md5 value which is the Users md5 key a unique field in the users table. ValidateKey() calls KeyValid() for extra checking. function ValidateKey($name , $pwd1 , $pwd2) { connectDB(1); $Pwd1 = md5($pwd1); $Pwd2 = md5($pwd2); $Ukey = KeyValid($Pwd1,1); // return KeyType ,0=Not found , -1=Key not unique $Ckey = KeyValid($Pwd2,2); // return KeyType ,0=Not found , -1=Key not unique if($Ukey == 0) { // $ErrorLevel = CheckRepository($Pwd1 , 1); return 0; exit; } if($Ckey == 0) { // $ErrorLevel = CheckRepository($Pwd2 , 2); return 0; exit; } if($Ukey == -1)// UserKey not unique { // return 0; exit; } if($Ckey == -1)// Company Key not unique { // return 0; exit; } if($Ukey == 1 && $Ckey == 1) // Everything is OK get the unique md5() { $sql = "SELECT User FROM usersX WHERE UserKey = '$Pwd1'"; $query = mysql_query ($sql) or die ("E0104"); $rs = mysql_fetch_array($query) or die ("E1104"); $ret = $rs["User"]; return $ret; exit; } return -1; // Becase I have not checked for -1 yet. } function KeyValid($val,$type) { $sql = "SELECT K_Type FROM usersX WHERE UserKey = '$val' AND K_Type = $type"; $query = mysql_query ($sql) or die ("E0105"); $total = mysql_num_rows($query); // or die ("E1105"); if($total == 0) $ret = 0; if($total > 1) $ret = -1; if($total == 1) $ret = 1; return $ret; } The possible return values for a succesfull log in are '49dd9bbf77ad7fa4de3befac6306fb52' '3758b32a4832c2ec4cd595c5552a04d2' 'caf9eba77c55ab5ae81a01c25d1987d3' 'afce84ff226407a47c9782a742ba02f7' The last two fail. They don't start with a number. Has it got anything to do with number checking against string checking? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted September 10, 2011 Share Posted September 10, 2011 Using === for the comparison operator should work. Quote Link to comment Share on other sites More sharing options...
otuatail Posted September 11, 2011 Author Share Posted September 11, 2011 Hi Thanks for this. It's fine now. I never used === before. Not sure I understand it. I suppose that we should use === by default in any if statment or is that wrong? TIA Desmond. THANKS. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.