0

I have a script to manage user login and when the username is in-putted into the field and the password is in-putted into it's field and they match to the db you log in if not you get an error returned parsed by the login form. however when you input an invalid value into the username (a username that doesn't exist) the code doesn't continue so how do I fix that??

<?php

require("bootstrap.php");

$con=mysql_connect(DB_HOST,DB_USER_SEC,DB_PASS_SEC) or die("Failed to connect to MySQL: " . mysql_error());

$db=mysql_select_db(DB_NAME_SEC,$con) or die("Failed to connect to MySQL: " . mysql_error());

$query = mysql_query("SELECT * FROM username WHERE userName = '$_POST[username]'") or die(mysql_error());

if(!empty($_POST['username']))
{
    if(!empty($_POST['password']))
    {
        $row = mysql_fetch_array($query) or die(mysql_error());
        if(!empty($row['userName']))
        {
            if(!empty($row['userPass']))
            {
                if($_POST['password'] === $row['userPass'])
                {
                    session_start();
                    $_SESSION['logged']       = true;
                    $_SESSION['userName']     = $row['userName'];
                    $_SESSION['fname']        = $row['fname'];
                    $_SESSION['mname']        = $row['mname'];
                    $_SESSION['lname']        = $row['lname'];
                    $_SESSION['primnum']      = $row['primnum'];
                    $_SESSION['secnum']       = $row['secnum'];
                    $_SESSION['department']   = $row['department'];
                    $_SESSION['clearance']    = $row['clearance'];
                    $_SESSION['theme']        = $row['theme'];
                    $_SESSION['animations']   = $row['animations'];
                    $_SESSION['gtag']         = $row['gtag'];

                    header("Location: /workspace/index");
                }
                else
                {
                    session_start();

                    $_SESSION['logged']       = false;
                    $_SESSION['err']          = "0x001";

                    header("Location: /login");
                }
            }
            else
            { 
                session_start();

                $_SESSION['logged']       = false;
                $_SESSION['err']          = "0x005";

                header("Location: /login");
            }
        }
        else
        { 
            session_start();

            $_SESSION['logged']       = false;
            $_SESSION['err']          = "0x002";

            header("Location: /login");
        }
    }
    else
    {
        session_start();

        $_SESSION['logged']       = false;
        $_SESSION['err']          = "0x003";

        header("Location: /login");
    }
}
else
{
    session_start();

    $_SESSION['logged']       = false;
    $_SESSION['err']          = "0x004";

    header("Location: /login");
}

?>

and yes I know about MySqli and PDO so PLEASE DO NOT Bring that Up.

Improve this question
7
  • past this code in your php to see errors error_reporting(E_ALL); ini_set('display_errors',1); Commented Jul 1, 2015 at 5:26
  • 1
    Why you write session_start(); in every else condition. Why not you write session_start(); at the top of your page once. Commented Jul 1, 2015 at 5:26
  • my code was to be cleaned up later just need to fix the problem I code in segments this is the ugly rough draft Commented Jul 1, 2015 at 5:29
  • If you know about mysqli and PDO why aren't you using them? The mysql API will be removed in the next release of PHP. What then? Commented Jul 1, 2015 at 5:30
  • @HoboSapiens i will be converting my code when i have finished writing it (i'm not skilled enough with the new syntax) and just wanted to get the framework down that's all still mastering the new way of doing things Commented Jul 1, 2015 at 5:31

1 Answer 1

Reset to default
1

this line make the code stop

$row = mysql_fetch_array($query) or die(mysql_error());

basically mysql_fetch_array($query) return false if there is no row to fetch. so it will fall to die statement

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.