Issue with $userinfo['username']

SFDonovan

I am trying to protect a page using the following method.

$nukeusername = $userinfo['username']; 

//echo "$nukeusername"; 


$sql = "SELECT * FROM ".$prefix."_milpacs_members WHERE nukeusername='$nukeusername'"; 
   $result = $db->sql_query($sql); 
   if(!isset($nukeusername)) {
	    if ($db->sql_numrows($result) > 0) {  	   

       session_start(); 
       $_SESSION['loggedin1'] = 1;       

       Header("Location: modules.php?name=MILPACS&file=viewdrill"); 
		}
    } else {         

       session_start(); 
       $_SESSION['loggedin1'] = 0;       

       Header("Location: modules.php?name=MILPACS&file=accessdenied"); 
    } 
	die();

As you can see I capture the username from this

$nukeusername = $userinfo['username'];

I have a field in my table called nukerusername and compare if I have a match between $nukeusername and nukeusername.

$sql = "SELECT * FROM ".$prefix."_milpacs_members WHERE nukeusername='$nukeusername'";

I query the results and test if I have a return value and also testing if the $nukeusername was set. (They must be logged on before they can see viewdrill.)

$result = $db->sql_query($sql); 
   if(!isset($nukeusername)) {
	    if ($db->sql_numrows($result) > 0) {  	   

       session_start(); 
       $_SESSION['loggedin1'] = 1;       

       Header("Location: modules.php?name=MILPACS&file=viewdrill"); 
		}

If I don't have a match or they were not logged on I send them here:

} else {         

       session_start(); 
       $_SESSION['loggedin1'] = 0;       

       Header("Location: modules.php?name=MILPACS&file=accessdenied"); 
    }

My problem is if I am logged on but have no corresponding value in the table in the milpacs_members so that there is no match for nukeusername='$nukeusername'
I am not sent to accessdenied but just get a blank screen.

I don't know why I get the blank screen and have scratched my head for days.

Any help is appreciated.

Again here is the code in full. This is a page from a PHPNuke module I wrote.

<?php 

if (!defined('MODULE_FILE')) { 
    die ("You can't access this file directly..."); 
} 

require_once("mainfile.php"); 
$module_name = basename(dirname(__FILE__)); 
get_lang($module_name); 
global $prefix, $db; 

$nukeusername = $userinfo['username']; 

//echo "$nukeusername"; 


$sql = "SELECT * FROM ".$prefix."_milpacs_members WHERE nukeusername='$nukeusername'"; 
   $result = $db->sql_query($sql); 
   if(!isset($nukeusername)) {
	    if ($db->sql_numrows($result) > 0) {  	   

       session_start(); 
       $_SESSION['loggedin1'] = 1;       

       Header("Location: modules.php?name=MILPACS&file=viewdrill"); 
		}
    } else {         

       session_start(); 
       $_SESSION['loggedin1'] = 0;       

       Header("Location: modules.php?name=MILPACS&file=accessdenied"); 
    } 
	die(); 
?>

bogu

It is because your $nukeusername var is not set and your script die ...