In the following program can someone please tell me why my script is skipping the first else clause and never printing "You have already changed your password"? Everything else is working fine but when I enter in a username and password that have already been entered into the system it skips the portiong of code designed for that case. Thanks.

<?php

$email = $_POST['email'];
$psswd = $_POST['psswd'];

$db = new SQLite3('./users.db', SQLITE3_OPEN_READWRITE);

if(!$db)
{
    echo "Could not open/access DB";
}
else
{
    $userEmail = $db->query("SELECT email FROM users WHERE email='$email'");
    $userPsswd = $db->query("SELECT password FROM users WHERE email='$email'");

    if($email == $userEmail && $psswd == $userPsswd)
    {
        echo "You have already changed your password";
    }
    else
    {
        $file = fopen("./accounts.txt", 'r+') or die("Failed to open file");


        while(!feof($file))
        {
            $line = fgets($file);
            if(strpos($line, "$email") !== false)
            {
                echo "User was a match";
            if(strpos($line, "$psswd") !== false)
            {
            header("location: /ET/password/changepassword.html");
            break;
        }
        else
        {
            echo "Invalid password";
            break;
        }
        }
        else
        {
            echo "Invalid email address";
        break;
        }
    }
    }

    fclose($file);
}
?>
Member Avatar for LastMitch

In the following program can someone please tell me why my script is skipping the first else clause and never printing "You have already changed your password"?

@lewashby

Try to used isset() function on line 20

Instead of this:

if($email == $userEmail && $psswd == $userPsswd)

Try this:

if (isset($_POST['email'], $_POST['psswd'])) {
   if($_POST['email'] && $_POST['psswd']){ 
   echo "You have already changed your password"; 
   }
   //data etc..
   }
   }

But userEmail and userPsswd or quried from a database and checked against the email and psswd form variables. How does your version know what the email and password from the database is?

I changed the code to the following but when this program runs it's still skipping this part.

//$userEmail = $db->query("SELECT email FROM users WHERE email='$email'");

//$userPsswd = $db->query("SELECT password FROM users WHERE email='$email'");

$row = $db->query("SELECT email, password FROM users WHERE email='$email'");
    $query = $row->fetchArray(SQLITE_NUM);
    $userEmail = $query[0];
    $userPsswd = $query[1];

Any ideas?

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.