can anyone please tell me why when the results are equal then it echo's out the response, but when the results are false then it shows a blank page. I am sure i have gone wrong somewhere.
if(isset($_GET['EX1']) && $_GET['EX2'] != ""){
$Email = $_GET['EX1'];
$Password = $_GET['EX2'];
$userDetails = DB::table('applicants')
->where('Email', '=', $Email)
->where('Password','=', $Password)
->get();
if($Email = $userDetails[0]->Email && $Password = $userDetails[0]->Password){
echo 'Both are the same ';
}else{
echo 'Not the same';
}
}
if($Email = $userDetails[0]->Email && $Password = $userDetails[0]->Password){
should be
if($Email == $userDetails[0]->Email && $Password == $userDetails[0]->Password){
You're using assignment = instead of comparison == which will always return true
This would work!
public function myfunction(Request $request) {
if(!empty($request->EX1) && !empty($request->EX2)){
$Email = $request->EX1;
$Password = $request->EX2;
$userDetails = DB::table('applicants')
->where('Email', '=', $Email)
->where('Password','=', $Password)
->get();
if($Email == $userDetails[0]->Email && $Password == $userDetails[0]->Password){
return 'Both are the same ';
}else{
return 'Not the same';
}
} else {
return 'error';
}
}
Btw, you need to change if(.... = ....) to if(.... == ....). = is for assigning values and == is for comparing values.
Hope this works!
Related
I am working on password validations. All other validations are working fine. I have to add initials validation on password. Password should not contain full name or username and first/last character of username and full name. I am trying to get it with strpos function but it's not working.This is my code i had tried with 2 ways but not working.
<?php
$name = "katlina john smith";
$uname = "testinguser";
$password = "john";
$password = "kjs#123"; // first initials of name
$password = "testing#ps"; //These password format should not be accepted
if (strpos($password,$name) !== false || strpos($password,$uname) !== false) {
echo 'Username found in the password';
}
//2nd way
if (preg_match("#(($uname)|($name))#", $password))
{
echo 'Username found in the password';
}
Here is the complete answer
$name = "katlina john smith";
$uname = "testinguser";
$password = "john";
if ( (strpos($name,$password) !== false ) || ( strpos($uname,$password ) !==
false ) ) {
echo 'password not valid';
}
Use this:
$name = "katlina john smith";
$username = "testinguser";
$password = "katlina#test123";
For PHP 7:
if (strpos(strtolower($password), strtolower($username)) === false || passContainsName($name, $password)) {
echo 'password not valid in PHP 7'.PHP_EOL;
}
function passContainsName($name, $password){
foreach (explode(" ", $name) as $toCheck) {
if (strpos(strtolower($password), strtolower($toCheck)) === false) {
return true;
}
}
return false;
}
For PHP 8:
if (str_contains(strtolower($password), strtolower($username)) || passContainsName($name,$password)) {
echo 'password not valid';
}
function passContainsName($name, $password){
foreach (explode(" ", $name) as $toCheck) {
if (str_contains(strtolower($password), strtolower($toCheck))) {
return true;
}
}
return false;
}
fiddle [here] with php 7 and 8 examples1
if (isset($_POST['register'])) {
$email = $_POST['email'];
$username = $_POST['username'];
$pass = $_POST['password'];
$rep_pass = $_POST['rep-password'];
$firstname = $_POST['firstname'];
$surname = $_POST['surename'];
$phonenr = $_POST['phone-nr'];
$place = $_POST['place'];
}
if ($email != "" && $username != "" && $pass != "" && $rep_pass != "" && $firstname != "" && $surname != "" && $phonenr != "" && $place != "") {
}
Is there a shorter way to do the same as what I'm doing in the condition of the second if statement?
$required = ['email', 'username', 'password', ...];
foreach($required as $field)
if(empty($_POST[$field]))
throw new EpicFailureException("Mandatory field '$field' is empty");
You could use a preset accepted postvars thing.
You can add custom error messages during validation and such, and my code auto instantiates your variables. Only thing is I don't account for the dashes, but you could consider removing those from your form name's.
$accepted = array('register','email','username','password','rep-password','firstname','surename','phone-nr','place');
$_POST = array('register'=>'blah','email'=>'blah','username'=>'blah','password'=>'blah','rep-password'=>'blah','firstname'=>'blah','surename'=>'blah','phone-nr'=>'blah','place'=>'blah');
$proper = true;
$erroron = "";
foreach($accepted as $val) {
if(isset($_POST[$val])) {
trim($_POST[$val]);
if(!empty($_POST[$val])) {
$$val = $_POST[$val];
}
else {
$proper=false;
$erroron = "Error occured on $val which is empty";
break;
}
}
else {
$proper = false;
$erroron = "Error occured on $val which is not defined";
break;
}
}
if($proper) {
echo "email = $email, you might want to consider removing dashes from form names to auto instantiate those variables";
}
else {
echo "Not everything was done properly. The error message is: $erroron";
}
You can put your values into an array and then use the built in function array_filter().
If you don't provide a callback function to array_filter() it will only remove the false or empty value of your array.
Then count the value before and after the modification if they are != a value is missing.
if (isset($_POST['register'])) {
$user['email'] = $_POST['email'];
$user['username'] = $_POST['username'];
$user['pass'] = $_POST['password'];
$user['rep_pass'] = $_POST['rep-password'];
$user['firstname'] = $_POST['firstname'];
$user['surname'] = $_POST['surename'];
$user['phonenr'] = $_POST['phone-nr'];
$user['place'] = $_POST['place'];
}
$nbArg = count($user);
if($nbArg != count(array_filter($user))) {
echo "One Value is missing"
}
Sorry for asking silly question here. Problem is I didn't get the error message. I mean if email or password is incorrect I want to print this line :
'{"status":"false","message":"Login incorrect. Try again"}';
I've tried this code.
else if($email != $dbemail || $password != $dbpassword) { return '{"status":"false","message":"Login incorrect. Try again"}'; }
But didn't get else message.
if ($checkDevice != 0 ) {
$email = $get['email'];
$password = $get['password'];
$stmt = $con->prepare("SELECT * FROM users WHERE email = ? AND password = ? ");
$con->errorInfo();
$stmt->bindParam('1', $email, PDO::PARAM_STR);
$stmt->bindParam('2', $password, PDO::PARAM_STR);
$stmt->execute();
$num_rows = $stmt->rowCount();
// print_r($get);
if($num_rows != 0 )
{
while ($row = $stmt->fetch(PDO::FETCH_ASSOC))
{
$dbemail = $row['email'];
$dbpassword = $row['password'];
}
if($email == $dbemail && $password == $dbpassword)
{
return '{"status":"true","message":"Success. Login details correct."}';
}
else
{
return '{"status":"false","message":"Login incorrect. Try again"}';
}
}
}
PHP Code:
$dom = new DOMDocument;
$headtitle = "Register";
$errors = array();
if(isset($_POST['register'])){
$username = preg_replace('/[^A-Za-z]/', '', $_POST['username']);
$name = $_POST['name'];
$lastname = $_POST['lastname'];
$email = $_POST['email'];
$password = $_POST['password'];
$c_password = $_POST['c_password'];
$birthday = $_POST['birthday'];
$country = $_POST['country'];
$gender = $_POST['gender'];
$age = $_POST['age'];
$level = $_POST['level'];
$date = $_POST['date'];
if(file_exists('users/' . $username . '.xml')){
$errors[] = ' Username already exists';
}
if($username == ''){
$errors[] = ' Username is missing. Try again.';
}
if($name == ''){
$errors[] = ' Name is missing. Try again.';
}
if($lastname == ''){
$errors[] = ' Lastname is missing. Try again.';
}
if($country == ''){
$errors[] = ' Country is missing. Try again.';
}
if($gender == ''){
$errors[] = ' Gender is missing. Try again.';
}
if($age == ''){
$errors[] = ' Age is missing. Try again.';
}
if($email == ''){
$errors[] = ' Email is missing. Try again.';
}
if($password == '' || $c_password == ''){
$errors[] = ' Passwords are missing. Try again.';
}
if($password != $c_password){
$errors[] = ' Passwords do not match';
}
if(count($errors) == 0){
$xml = new SimpleXMLElement('<user></user>');
$xml->addChild('name', ($name));
$xml->addChild('lastname', ($lastname));
$xml->addChild('password', md5($password));
$xml->addChild('birthday', $birthday);
$xml->addChild('country', $country);
$xml->addChild('gender', $gender);
$xml->addChild('age', $age);
$xml->addChild('email', $email);
$xml->addChild('level', $level);
$xml->addChild('date', $date);
$xml->asXML('users/' . $username . '.xml');
header('Location: index.php');
die;
}
}
Javascript Code:
function vaildate() {
if (document.getElementById('username').value.length <= 4) {
document.getElementById('errors').innerHTML = "Username must me more than 4 words <br />";
return false;
}
return true;
}
Now my problem is, that when I click submit button (that contains name="login" and onclick="vaildate();") he excute only php errors and ignores javascript errors (assuming that id="username" has less than 4 words).
My question is how can I make Javascript & PHP errors work? not only PHP and the system ignores Javascript.
Thank you all..
EDIT:
Also i got this code to echo PHP errors
if(count($errors) > 0){
echo '<font color="red"><ul>';
foreach($errors as $e){
echo '<li>' . $e . '</li>';
}
echo '</ul></font>';
}
Try this:
onclick="return vaildate();"
You need to return the validate function (return the true or false), not just call it.
Your Javascript and PHP you are showing looks fine. What we don't have is the actual markup of the login page. My suspicion is that your markup is not consistent with the code you have in your Javascript.
If you could also try and explain more specifically what you mean by
My question is how can I make Javascript & PHP errors work? not only PHP and the system ignores Javascript.
Have you used a Javascript debugger to see if part your Javascript (maybe elsewhere on the page) is erroring?
I basically took in 3 pieces of data from a form, and before processing them, I just wanted to make sure that all fields were filled in. So the focus of this is the second to last IF statement, checking if the different variables are empty. It seems to only be working for the first variable and I can't figure out how to make it apply to all of them.
<?php
include ("account.php") ;
include ("connect.php") ;
$isdone = FALSE;
$un = $_REQUEST [ "un"] ;
$pw = $_REQUEST [ "pw"] ;
$data = mysql_query("SELECT * FROM `auth` WHERE username = '$un'") or die(mysql_error());
$info = mysql_fetch_array($data);
$info['username'];
$password = $info['pw'];
session_start();
if(trim($un) != '' && trim($pw) != '' && $password == $pw)
{
$_SESSION['uze']=$un;
include "problem.html";
}
elseif( !isset($_POST['submit1']) && $isdone == FALSE)
{
echo "wrong password";
}
$selected = $_REQUEST [ "type"] ;
if($selected == 'afs')
{
$typeinc = 'afs';
}
else if($selected == 'db')
{
$typeinc = 'database';
}
else if($selected == 'cs')
{
$typeinc = 'computer systems';
}
else if($selected == 'pw')
{
$typeinc = 'password';
}
else if($selected == 'hw')
{
$typeinc = 'hardware';
}
else if($selected == 'other')
{
$typeinc = 'other';
}
$text = $_REQUEST ["inc"];
$selected2 = $_REQUEST ["yesno"];
if($selected2 == 'yes')
{
$email = 'yes';
}
else
{
$email = 'no';
}
if(isset($_POST['submit1']))
{
if(empty($typeinc) || empty($text) || empty($email))
{
print( 'You have not filled in all fields, click to sign in and re-enter' );
}
}
else{
mysql_query("INSERT INTO `swp5_proj`. `inci` (`type`, `date`, `time`, `reporter`, `desc`) VALUES ('$typeinc', CURDATE(), CURTIME(), '".$_SESSION['uze']."', '$text');") or die(mysql_error());
mysql_query("DELETE FROM inci WHERE type = ' '");
$isdone = TRUE;
}
if(isset($_POST['submit1']) && $isdone == TRUE)
{
echo "session over";
}
?>
Make sure you clean your REQUEST variables before you put them in a MySQL query.
if((trim($un) !== '') && (trim($pw) !== '') && ($password == $pw))
You're setting $email to yes or no in the line just above.
In your if statement you are using the shortcut OR operator.... As soon as a single statement evaluates to true, the entire statement evaluates to true and there is no need to continue processing further.