<?php
if(isset($_COOKIE['id'])&&isset($_COOKIE['security'])){
$id = addslashes($_COOKIE['id']); //just in case
$sql ="SELECT * FROM `customer_information_table`
WHERE `customer_id` = '$id'" ;
require_once("./connect.php");
$result = mysqli_query($db, $sql);
if($db->error){
exit("SQL ERROR");
}
IF(mysqli_num_rows($result) === 0 ){
exit("illegal operation.<a href = './login.php'>login</a>");
}
//id is real
$array = $result->fetch_array();
$result->free();
$shell = md5($_COOKIE['id'].$array['password']."one_plus_one_is_three");
$db->close();
if($shell === $_COOKIE['security']){
echo "welcome! <br/>";
echo "{$array['user_name']} <br/>";
}
else{
exit("error.<a href = './login.php'>login</a>");
}
else{
exit("please login first.<a href = './login.php'>login</a>");
}
}
echo "welcome to the home page";
?>
Passy
0
Newbie Poster
Reverend Jim
4,780
Hi, I'm Jim, one of DaniWeb's moderators.
Moderator
Featured Poster
Look at your error message. The else on line 33 doesn't have a matching if. The if on line 25 matches with the else on line 29.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.