[RESOLVED] Problem = Headache..!

cory94bailly

For the last 2 days, I have had the WEIRDEST problem that I can imagine..

I can already tell that it is probably something small/stupid...

<?php
//$auth = 1 - not activated
//$auth = 2 - admin
//$auth = 3 - the right group(s)
//$auth = 4 - not a customer
//$auth = 5 - wrong username
//$auth = 6 - incorrect pass
if(empty($_POST['submit'])) {
// They haven't submitted data
?>



<style type="text/css">



body { font-family: Tahoma; font-size: 12px; }



</style>



<body>



<form action="download.php" method="POST">





<table><tr><td><b>Username: </b></td><td><input type="text" name="username" /></td></tr>





<tr><td><b>Password: </b></td><td><input type="password" name="password" /></td></tr>





<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Download!" /></table>



</form>



<?php
} else {
 header('Content-type: text/plain');
 include('SSI.php'); 

 $passwd=mysql_real_escape_string($_POST['password']);
 $user=mysql_real_escape_string($_POST['username']);
 $encryptedpass=sha1(strtolower($user) . $passwd);

 $query = db_query("SELECT ID_GROUP,is_activated,additionalGroups FROM {$db_prefix}members where memberName='$user'", __FILE__, __LINE__);
 $query2 = db_query("SELECT memberName FROM {$db_prefix}members WHERE memberName='$user'", __FILE__, __LINE__);
 $query3 = db_query("SELECT passwd FROM {$db_prefix}members WHERE memberName='$user' AND passwd='$encryptedpass'", __FILE__, __LINE__);

 while($myarray = mysql_fetch_assoc($query))
 {

 if (ssi_checkPassword($user, $passwd, true)==1) {

 //Are they Activated?
 if ($myarray[is_activated]!=='1') {$auth = "1";}


 //Are they an admin?
 if ($myarray[ID_GROUP]=='1') {$auth = "2";}
 elseif ((in_array("1", explode(",", $myarray[additionalGroups])))) {$auth = "2";}
 //They are in the right group(s)!
 elseif ($myarray[ID_GROUP]=='25') {$auth = "3";}
 elseif ((in_array("25", explode(",", $myarray[additionalGroups])))) {$auth = "3";}
 else {$auth = "4";}
 }
 if(mysql_num_rows($query2) !==1) {$auth = "5";}
 elseif(mysql_num_rows($query3) !==1) {$auth = "6";}
}

switch($auth) {
case "1":
die("Login failed: Your Account Is Not Activated");
break;
case "2":
header("Content-Type: application/zip");
header('Content-Disposition: attachment; filename="*************.zip"');
readfile('*************.zip');
die();
break;
case "3":
header("Content-Type: application/zip");
header('Content-Disposition: attachment; filename="*************.zip"');
readfile('*************.zip');
die();
break;
break;
case "4":
die("Login failed: You Are Not A Customer");
break;
case "5":
die("Login failed: That Username Does Not Exist");
break;
case "6":
die("Login failed: Incorrect Password");
break;
default:
die("UNKNOWN ERROR");
}
}
?>
</body>

If I put in the wrong pass, somebody that is not a customer, etc.. It all works fine but the "Incorrect username" is NOT working..

Any help will be thanked 😉

NogDog

If the user name is invalid, then no rows will be returned by any of the three (?!) queries. Therefore you would never enter the while() loop, and thus you would never set any of the $auth values. You could move those checks outside of the while() loop, and I think you'd then gt the desired result.

However, it seems to me you could streamline it by doing one query that gets all the columns of interest, check to see if a row was returned (valid user), then do the password check, activated check, etc. based on the values returned by that one query.

cory94bailly

NogDog;10907295 wrote:
If the user name is invalid, then no rows will be returned by any of the three (?!) queries. Therefore you would never enter the while() loop, and thus you would never set any of the $auth values. You could move those checks outside of the while() loop, and I think you'd then gt the desired result.

However, it seems to me you could streamline it by doing one query that gets all the columns of interest, check to see if a row was returned (valid user), then do the password check, activated check, etc. based on the values returned by that one query.

Wow! I knew it was something really simple..

Thanks a bunch!

(I really don't understand why it matters if it's inside or outside of the while loop so if you get time, please explain 😉)

NogDog

If no rows are returned by the query, the mysql_fetch_assoc() will return false instead of an array of values. Therefore the while condition (the expression in the parentheses) will fail and nothing will be executed within the ensuring block of code.

cory94bailly

NogDog;10907304 wrote:
If no rows are returned by the query, the mysql_fetch_assoc() will return false instead of an array of values. Therefore the while condition (the expression in the parentheses) will fail and nothing will be executed within the ensuring block of code.

Ohh! Thanks again 😛

I'll mark it resolved..