im busy with a school project and i made a function that checks if a password is valid. For some reason it returns "0". I have no clue why. Is there anyone who could help me out here?
I also made functions to check Mail and Username, those work fine.
Thanks in advance for your help!
function checkPassword($pass){
if (strlen($pass) < 6) {
return "Your password must contain more than 6 characters";
}
else {
if (preg_match('~[0-9]~', $pass)){
if (preg_match('/^[\p{L}\p{N}_-]+$/u', $pass)) {
return true;
}
else {
return "Your password contains illegal characters";
}
}
else {
return "Your password must contain at leas one number";
}
}
}
$val3 = checkPassword($_POST['password']);
if ($val3 !== true) {
$_SESSION["wrongreg"] = $val3; // $val3 = 0, for some reason.
header('Location: register.php');
}
As IncredibleHat said, it can't return 0. However, you actually do not show where you print the $_SESSION["wrongreg"] data. You instead redirect with header(). The only explanation to why you could say it tells you the respons is 0, is that something happens on the "register.php" page, which you haven't showed here yet.
One thing you might be doing on that page is: strval(intval($_SESSION["wrongreg"]));
That would give us 0 (but it is a strange thing to do). More probable is that there is some entirely different code on the register.php page, that gets in the way, making the script print something entirely different than the return string from that password function.
Related
I'm currently using codeIgniter 3. I created a registration page with username, password, password confirmation and email. For compare the two string, I used strcmp() function. Now, the problem is when I put something like
password = "moon";
confirmation_password = "moon";
It work without any problems. Logically you'll tell me :)
Otherwise, when I put something like
password = "moon";
confirmation_password = "something else";
Now it still work with show me the appropriate error message. Logically again you'll tell me. Except that another error message pop:
Unable to access an error message corresponding to your field name Password confirmation.(check_information)
I don't understand how this error message could pop only when the confirmation_password variable doesn't match with password variable.
Here's my code
function index()
{
$this->form_validation->set_rules('confirmation_password', 'Password confirmation', 'trim|required|callback_check_information');
}
function check_information($confirmation_password)
{
$password = $this->input->post('password');
if (strcmp($password, $confirmation_password))
{
echo 'password and confirmation password doesn\'t match';
return FALSE;
}
}
Does anyone can tell if is there something wrong in my code ?
I voluntarily show you a part of my code for avoid to make my post too long.
Thanks
You have to return with boolean in both cases, and not echo the message, set it:
function check_information($confirmation_password)
{
$password = $this->input->post('password');
if (strcmp($password, $confirmation_password))
{
$this->form_validation->set_message('check_information', 'password and confirmation password doesn\'t match');
return FALSE;
}
else {
return TRUE;
}
}
There is a simple solution, try this:
$this->form_validation->set_rules('confirmation_password', 'Password Confirmation', 'required|matches[password]');
I am currently writing a page of a website, and I have a function that renders a new webpage to tell the user that they made an error if the date they have selected is in the past. The function looks like this:
if($interval < 0){
handle_error($dbval_date_error2);
}
If the user did put in a valid date, then the date is stored in a database and a new webpage is displayed which shows the new data entry.
The problem I have is that the handle_error function appears not to work usually. It functions exactly as it should if I also include some kind of print statement:
if($interval < 0){
handle_error($dbval_date_error2);
echo "here";
}
But if I just have the error function on its own, the function call just gets completely ignored and the entry gets stored in the database.
The error function looks like this:
function handle_error($error)
{
$_SESSION['error'] = $error;
header('location:../register/register.php');
}
The problem lies in how you're constructing your header; there needs to be a space between the colon and the path, Location needs to be uppercase, and you need to call exit(); after you set the header.
function handle_error($error)
{
$_SESSION['error'] = $error;
header('Location: ../register/register.php');
exit();
}
Just add an exit() after your header():
function handle_error($error)
{
$_SESSION['error'] = $error;
header('location:../register/register.php');
exit();
}
And it should work
is there any any other command we can use as an alternative to exit(); in php.
Because it breaks my html code at the end of the page if the condition is not met and when script has to exit.
Or if anyone has any other idea to resolve this issue???
Thanks
Update:
html code...
<?php
if username is not in correct format
echo "Please check your username";
exit();
if Username and Password didn't match
echo "Wrong Username or Password.";
exit();
if some other condition not met
echo "Condition not met";
exit();
?>
html code continues...
Now the problem is if any of the condition is not met and the script has to exit, the html code below it, which is a whole webpage, does not display...
And please...I am not a computer geek, had a problem so asked it, but why people vote down the question??? don't understand....
You should probably wrap your code into an if statement:
<?php
if($code == 'ok'){
echo 'ok';
} else {
echo 'not ok';
}
?>
your script doesn't have to exit(), you can add statements where you want and how you want.
As the name suggests, the PHP exit() statement will cause your PHP script to exit, right there and then, and not do anything else. If you want it to carry on processing the rest of the code, just don't use exit().
Looking at your code, what you seem to be aiming for is displaying errors to the user, and then (I would guess) re-showing the form they filled in incorrectly.
Rather than just echoing the errors as soon as you discover them, why not store them into a variable, which can then be displayed at an appropriate point in the HTML? Even the most basic of scripts can benefit from a bit of basic code structure.
As an example (and I stress this is not the One True Pattern for this kind of thing), you could arrange your file something like this:
if ( /* form has been submitted */ )
{
$errors = validate_form();
if ( count($errors) > 0 )
{
display_form($errors);
}
else
{
display_success_message();
}
}
else
{
display_form();
}
function validate_form()
{
$errors = array();
// Series of if conditions, each adding a message to $errors if appropriate
return $errors;
}
function display_form($errors=array())
{
// HTML <ul> list displaying the contents of $errors, if any
// HTML for form
}
function display_success_message()
{
// HTML thanking user for a successful form submission
}
Whenever verifyUser is returned true then the if statement should execute but for some reason instead of going to the header location, the page just refreshes and that's all that happens. I've checked to be sure that the input information is correct and it is and when the information is incorrect the else statement executes perfectly fine. If anyone has any ideas as to why this is happening, please let me know. Thank you.
Here is the segment where the header() statement is made:
function validateUser($name, $pass)
{
$check = verifyUser($name, md5($pass));
if($check)
{
$_SESSION['status'] = 'authorized';
header('location: index.php');
} else{
echo'Please enter a correct username and password <br />';
echo "<a href='http://localhost/cms/admin/login.php'>Try Again?</a>";
exit;
}
}
Here is the verifyUser function just in case anyone needs it.
function verifyUser($name, $pass)
{
// Escape strings
$username = mysql_real_escape_string($name);
$password = mysql_real_escape_string($pass);
$result = mysql_query("select * from users where username='$username' and password='$password' limit 1");
if (mysql_num_rows($result)>0)
{
return true;
} else{
return false;
}
}
The most common reason that header() doesn't work is because something else has been output first. header() can only be called before anything else has sent output to the browser.
If this is the case, PHP will throw an error when header() is called. If you're not displaying errors on the page, you can check your error logs to see if this is happening.
You should also call die() or exit() immediately after (or a soon as possible after) the header() call, to prevent anything else from happening after the redirect header. It's unlikely but possible that something later in the program could also cause the redirect to fail even where the initial header() call succeeded.
Try using "url" instead of "location":
header("refresh:1;url=index.php");
You can put this line in your project at very first line (actually before sending any output), otherwise header function never will work after sending any output (e.g. html code or echo print etc);
ob_start();
Or, check that are headers already sent before sending new headers;
if(!headers_send()){
header("header params...");
} else {
echo "<script>window.location.href="index.php"</script>";
}
check to make sure that $_SESSION['status'] = 'authorized'; is defined
In mysql query use quotes on variable names as follows:
mysql_query("select * from users where username="'".$username."'" and password="'".$password."'" limit 1");
Why is the construction brittle? I tried "!empty ( get_original_passhash() )" as a condition, but it ignites the error that you cannot use the return value.
if ( get_original_passhash () != '' )
{
set_login_session ( get_original_passhash() );
}else
print("Please, log in.");
I would be inclined to assign the variable before you test it, and probably also clean up your formatting a little too:
$original_hash = get_original_passhash();
if ($original_hash != ""){
set_login_session(get_original_passhash());
} else {
print("Please Log In");
}
You should also ensure that get_original_passhash() is returning the right type of variable - interger, string, boolean, etc.
Edit:
function get_original_passhash(){
$dbconn = pg_connect("host=localhost port=5432 dbname=heoa user=heoa password=123");
if(!empty($passhash_session)){
return $passhash_session;
} else {
return $passhash_post;
}
}
What is this code supposed to do? It connects to a database, and then tests a variable that just appears out of nowhere? Your code isn't working because, from the example's you've provided us, nothing is even being set. Is this the full source code for this function?
You may want to split up your logic:
if (is_logged_in()) {
set_login_session(get_original_passhash());
} else {
print("Please Log In");
}
Since, in the conditional, you don't want the pass hash. You want to know if they're logged in or not.