IF, ELSE and pains in the backside!

zingbats

I am sorry to be posting sooooo much on this forum. PLease note that I ask MSN contacts AND search the PHP manual before coming to these forums.

None of the PHP experts I speak to can work this out though...

<?php 
// start the session 
session_start();
header("Cache-control: private"); //IE 6 Fix  

// Get the clan from the form 
   $clan = $_POST['clan']; 

// Create a new Session Value 
   session_register('clan'); 

// Register the input with the value 
   $_SESSION['clan'] = $clan; 

// Display the sssion information: 
?>

<?php
    /* Connecting, selecting database */
    $link = mysql_connect("localhost", "zingbats", "my pwl")
        or die("Could not connect");
    mysql_select_db("tycooneden_com") or die("Could not select database");

$query = "SELECT * FROM clan_members WHERE username = '$form_username' AND password = md5('$form_password') AND clan = '$form_clan'";
$result = mysql_query($query) or die("Query failed");
$login_check = mysql_num_rows($query); 
$foo=mysql_fetch_array($result);

/* Start the clan defining */

$username=$foo['username'];
$clan=$foo['clan'];
$user_level=$foo['user_level'];
$user_password=$foo['user_password'];

mysql_close($link);
?>
<?
if($login_check > 0){ 
    while($row = mysql_fetch_array($query)){ 
    foreach( $row AS $key => $val ){ 
        $$key = stripslashes( $val );
?>

<? 
if ($form_clan = '$clan' && $user_level = 'admin') { 
include ("main.php"); 
} else { 
print "sorry, they don't match"; 
} 
?>
<?
} else {
print "The user details don't match";
}
?>

nightowl

would you mind telling us what goes wrong and where ?

zingbats

Of course... I am sorry

Parse error: parse error, unexpected T_ELSE in path/login.php on line 53

jpmoriarty

you need new contacts my friend...

first mistake: if test should have == in them, not = (line 46)

and you spot your second problem when you indent correctly. Your last bit actually reads:

<?
if($login_check > 0)
{ 
    while($row = mysql_fetch_array($query))
	{ 
    	foreach( $row AS $key => $val )
		{ 
        	$$key = stripslashes( $val );

		if ($form_clan = '$clan' && $user_level = 'admin')
		{ 
			include ("main.php"); 
		}
		else
		{ 
			print "sorry, they don't match"; 
		}
	}
	else
	{
		print "The user details don't match";
	}
?>

so you're else is actually being attached to the foreach (hence why it's getting confused), and you still have another two { to close before you can end it...

I'd strongly suggest using the above method of indentation rather than adding your { to the end of code lines. Make it much clearer that way i find...

zingbats

Thanks. Yes, I do need to get some new contacts!

zingbats

<?
if($login_check > 0)
{ 
    while($row = mysql_fetch_array($query))
    { 
        foreach( $row AS $key => $val )
        { 
            $$key = stripslashes( $val );

        if ($form_clan = '$clan' && $user_level = 'admin')
        { 
            include ("main.php"); 
        }
        else
        { 
            print "sorry, they don't match"; 
        }
    }
    else
    {
        print "The user details don't match";
    }
?>

It doesn't work. I don't think it was supposed to as you were just re writing my script.

jpmoriarty

no i was showing you where your errors are - you'll need to edit your code to put the correct }'s in.

I also didnt change the = in the if's either.

Thought i'd leave you something to do!

zingbats

gee, thanks 😐

zingbats

I have changed it to:

<?php 
// start the session 
session_start();
header("Cache-control: private"); //IE 6 Fix  

// Get the clan from the form 
   $clan = $_POST['clan']; 

// Create a new Session Value 
   session_register('clan'); 

// Register the input with the value 
   $_SESSION['clan'] = $clan; 

// Display the sssion information: 
?>

<?php
    /* Connecting, selecting database */
    $link = mysql_connect("localhost", "zingbats", "my pwl")
        or die("Could not connect");
    mysql_select_db("tycooneden_com") or die("Could not select database");

$query = "SELECT * FROM clan_members WHERE username = '$form_username' AND password = md5('$form_password') AND clan = '$form_clan'";
$result = mysql_query($query) or die("Query failed");
$login_check = mysql_num_rows($query); 
$foo=mysql_fetch_array($result);

/* Start the clan defining */

$username=$foo['username'];
$clan=$foo['clan'];
$user_level=$foo['user_level'];
$user_password=$foo['user_password'];

mysql_close($link);
?>
<?
if($login_check > 0){ 
    while($row = mysql_fetch_array($query)){ 
    foreach( $row AS $key => $val ){ 
        $$key = stripslashes( $val );

}
}

?>
<? 
if ($form_clan == '$clan' && $user_level == 'admin') { 
include ("main.php"); 
} else { 
print "sorry, they don't match"; 
} 
?>
<?
} else {
print "The user details don't match";
}
?>

I now get the error:

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /path/login.php on line 26
The user details don't match

stolzyboy

this----

$login_check = mysql_num_rows($query);

should be----

$login_check = mysql_num_rows($result);

and this----

while($row = mysql_fetch_array($query)){

should be----

while($row = mysql_fetch_array($result)){

zingbats

Cheers mate. I figured it out just before you posted.

stolzyboy

was that the problem, i have read your other posts about this same sort of problem and am wondering what really the prob was

zingbats

It seems that the problem wasn't sorted... I just can't work out what is going wrong with these ifs. Below is the updated version of the code.

<?php 
// start the session 
session_start();
header("Cache-control: private"); //IE 6 Fix  

// Get the clan from the form 
   $clan = $_POST['clan']; 

// Create a new Session Value 
   session_register('clan'); 

// Register the input with the value 
   $_SESSION['clan'] = $clan; 

// Display the sssion information: 
?>

<?php
    $md5_pwl = md5('$form_password');
    /* Connecting, selecting database */
    $link = mysql_connect("localhost", "zingbats", "my pwl")
        or die("Could not connect");
    mysql_select_db("tycooneden_com") or die("Could not select database");

$query = "SELECT * FROM clan_members WHERE username = '$form_username' AND password = '$md5_pwl' AND clan = '$form_clan'";
$result = mysql_query($query) or die("Query failed");
$foo=mysql_fetch_array($result);

/* Start the clan defining */

$username=$foo['username'];
$clan=$foo['clan'];
$user_level=$foo['user_level'];
$user_password=$foo['user_password'];

$sql = mysql_query("SELECT * FROM phpbb_users WHERE username='$form_username' AND user_password='$md5_pwl'") or die("went wrong $md5_pwl"); 
$login_check = mysql_num_rows($sql); 

mysql_close($link);
?>
<?
if($login_check > 0){ 
    while($row = mysql_fetch_array($sql)){ 
    foreach( $row AS $key => $val ){ 
        $$key = stripslashes( $val );

}
}

?>
<? 
if ($form_clan == '$clan' && $user_level == 'admin') { 
include ("main.php"); 
} else { 
print "sorry, they don't match"; 
} 
?>
<?
} else {
print "The user details don't match, or, you have selected the wrong clan";
}
?>

I want the second if to be shown if the first if returns true. I have tried loads of trial and error methods but this is the only one that doesn't give any actual errors. The only thing it does is prints "The user details don't match, or, you have selected the wrong clan" even if the login details are correct.

Again, my friends don't know exactly what is going on here.

jpmoriarty

well you're not getting any results from the query then. Let's try echoing out the SQL instead of running it (just to see that it's looking okay) and then try pasting it direct into MySQL to see what it tells you.

My guess is you're forgetting something or there's something wrong with the query structure.

zingbats

Right.... Interesting results. I have just cleared my original post because I realised that the md5('form_password') had to have " in it instead.

This now causes the script to print "sorry, they don't match"but only when the details were correct, when the details are INCORRECT, it said The user details don't match, or, you have selected the wrong clan

As normal, there is always a hitch in the script though. If the wrong clan is selected it still prints ""sorry, they don't match""

The script is shown below again

<?php 
// start the session 
session_start();
header("Cache-control: private"); //IE 6 Fix  

// Get the clan from the form 
   $clan = $_POST['clan']; 

// Create a new Session Value 
   session_register('clan'); 

// Register the input with the value 
   $_SESSION['clan'] = $clan; 

// Display the sssion information: 
?>

<?php
    $md5_pwl = md5("$form_password");
    /* Connecting, selecting database */
    $link = mysql_connect("localhost", "zingbats", "my pwl")
        or die("Could not connect");
    mysql_select_db("tycooneden_com") or die("Could not select database");

$query = "SELECT * FROM clan_members WHERE username = '$form_username' AND password = '$md5_pwl' AND clan = '$form_clan'";
$result = mysql_query($query) or die("Query failed");
$foo=mysql_fetch_array($result);

/* Start the clan defining */

$username=$foo['username'];
$clan=$foo['clan'];
$user_level=$foo['user_level'];
$user_password=$foo['user_password'];

$sql = mysql_query("SELECT * FROM phpbb_users WHERE username='$form_username' AND user_password='$md5_pwl'") or die("went wrong"); 
$login_check = mysql_num_rows($sql); 

mysql_close($link);
?>
<?
if($login_check > 0){ 
    while($row = mysql_fetch_array($sql)){ 
    foreach( $row AS $key => $val ){ 
        $$key = stripslashes( $val );

}
}

?>
<? 
if ($form_clan == '$clan' && $user_level == 'admin') { 
include ("main.php"); 
} else { 
print "sorry, they don't match"; 
} 
?>
<?
} else {
print "The user details don't match, or, you have selected the wrong clan";
}
?>

Hope this helps your quest!

Weedpacket

I don't think that's the code you're actually using - it's still missing a } I think somewhere around the last foreach(). (More precisely, an extra { seems to have got in there.)

Around there you also have the line

$form_clan == '$clan'

You know, if $clan (or any other variable, for that matter) is already a string, then quoting it is pretty much a waste of time. In fact, any time a string is expected "$var" is identical to $var and the quotes just slow PHP down and make bugs more likely.

zingbats

Could you tell me the line number please?

Weedpacket

Not off-hand - dunno if the line numbers in your posted code correspond to line numbers in the file; doesn't your editor let you do a search for '$clan' ?

zingbats

Yes. It does let me search!!! I just wondered if you could be more specific with what is actually going wrong. Saying a } around somewhere isn't very helpful.

Weedpacket

I was just saying that the code you're posting isn't the code you're running - if the code you're posting was the code you're running (and you weren't leaving anything out), then you'd be getting a parse error. You're not getting a parse error because of the missing }. Since you're not getting a parse error ... well.

(Where it would go is at the end, to finish off the if($long_check>0) branch.)