0

In the following program can someone please tell me why my script is skipping the first else clause and never printing "You have already changed your password"? Everything else is working fine but when I enter in a username and password that have already been entered into the system it skips the portiong of code designed for that case. Thanks.

<?php

$email = $_POST['email'];
$psswd = $_POST['psswd'];

$db = new SQLite3('./users.db', SQLITE3_OPEN_READWRITE);

if(!$db)
{
    echo "Could not open/access DB";
}
else
{
    $userEmail = $db->query("SELECT email FROM users WHERE email='$email'");
    $userPsswd = $db->query("SELECT password FROM users WHERE email='$email'");

    if($email == $userEmail && $psswd == $userPsswd)
    {
        echo "You have already changed your password";
    }
    else
    {
        $file = fopen("./accounts.txt", 'r+') or die("Failed to open file");


        while(!feof($file))
        {
            $line = fgets($file);
            if(strpos($line, "$email") !== false)
            {
                echo "User was a match";
            if(strpos($line, "$psswd") !== false)
            {
            header("location: /ET/password/changepassword.html");
            break;
        }
        else
        {
            echo "Invalid password";
            break;
        }
        }
        else
        {
            echo "Invalid email address";
        break;
        }
    }
    }

    fclose($file);
}
?>
3
Contributors
4
Replies
23
Views
4 Years
Discussion Span
Last Post by lewashby
0

In the following program can someone please tell me why my script is skipping the first else clause and never printing "You have already changed your password"?

@lewashby

Try to used isset() function on line 20

Instead of this:

if($email == $userEmail && $psswd == $userPsswd)

Try this:

if (isset($_POST['email'], $_POST['psswd'])) {
   if($_POST['email'] && $_POST['psswd']){ 
   echo "You have already changed your password"; 
   }
   //data etc..
   }
   }
0

But userEmail and userPsswd or quried from a database and checked against the email and psswd form variables. How does your version know what the email and password from the database is?

0

I changed the code to the following but when this program runs it's still skipping this part.

//$userEmail = $db->query("SELECT email FROM users WHERE email='$email'");

//$userPsswd = $db->query("SELECT password FROM users WHERE email='$email'");

$row = $db->query("SELECT email, password FROM users WHERE email='$email'");
    $query = $row->fetchArray(SQLITE_NUM);
    $userEmail = $query[0];
    $userPsswd = $query[1];

Any ideas?

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.