Problem with if statements variable

mark103

Hi guys,

I need your help, I have got a problem with the if statement. When I insert the functions in the url like this:

http://www.mysite.com/myscript.php?user=test&pass=test

It's all working fine, but when I don't insert the pass function in the url, I will get this on my php page:

PASSWORD are missing

Here's the code:

<?php
session_start();
    define('DB_HOST', 'localhost');
    define('DB_USER', 'mydbusername');
    define('DB_PASSWORD', 'mydbpass');
    define('DB_DATABASE', 'mydbname');

$errmsg_arr = array();
$errflag = false;

$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
  die('Failed to connect to server: ' . mysql_error());
    }

$db = mysql_select_db(DB_DATABASE);
if(!$db) {

die("Unable to select database");
    }

   function clean($var){

return mysql_real_escape_string(strip_tags($var));
    }
    $image = clean($_GET['image']);
    $strings = clean($_GET['strings']);
    $username = clean($_GET['user']);
    $pass = clean($_GET['pass']);


if($username == '' && $pass) {
  $errmsg_arr[] = 'username are missing';
  $errflag = true;
     }elseif($username && $pass =='') {
  $errmsg_arr[] = 'PASSWORD are missing';
  $errflag = true;
    }
    if($username == '' && $pass == '') {
  $errmsg_arr[] = 'username or password missing';
  $errflag = true;
    }

if($errflag) {
  $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
  echo implode('<br />',$errmsg_arr);
   }
   else {


$insert = array();
if(isset($_GET['image'])) {
    $insert[] = 'image = \'' . clean($_GET['image']) . '\'';
}
if(isset($_GET['strings'])) {
    $insert[] = 'strings = \'' . clean($_GET['strings']) . '\'';
}
if(isset($_GET['user'])) {
    $insert[] = 'user = \'' . clean($_GET['user']) .'\'';
}
if(isset($_GET['pass'])) {
    $insert[] = 'pass = \'' . clean($_GET['pass']) . '\'';
}



if (count($insert)>0) {
   $names = implode(',',$insert);

$required_fields = array('image', 'strings', 'user');

if($image && $strings && $username) {
  echo "working 1";
} elseif($username && $pass) {
  echo "working 2";
  }
 }
}
?>

I don't know what's wrong. Do anyone know how to fix this?

Any advice would be much appreciated.

Thanks in advance.

cretaceous

it's doing what it's coded to do...

this part tests if $pass is empty:

}elseif($username && $pass =='') {
  $errmsg_arr[] = 'PASSWORD are missing';
  $errflag = true;
    }

and if empty it shows your error message

Your logic could be simplified but it is working as coded.. not sure what you want it to do really

bradgrafelman

Fix what? Nothing seems to be wrong to me... when the password is missing, you get an error about the password missing.