PHP Strlen not working ... :(

Question

cuonic

13 Years Ago

Hi,

I'm having a little problem with a password Reset Script I've made

The script sends you a reset hash to your email to confirm that you requested the password reset. This resethash is just a random string with letters and numbers that is 15 chars long

Problem is, when I verify if it is 15 chars long, the script is telling me it isn't

// ...

$hash = $_GET['hash'];
    
if(strlen($hash) == 0) { $msg[] = "Hash Field is empty !"; }
elseif(strlen($hash) !== 15) { $msg[] = "Hash is invalid !"; }
    
if(count($msg) == 0)
{
     // ....
}

Here is a test URL with a valid Reset Hash

http://virtualtrader.cuonic.tk/resetpass.php?hash=APraKgfg0l0QqwC

What is wrong ? Thanks in advance ;)

php

3 Contributors
7 Replies
330 Views
12 Hours Discussion Span
Latest Post 13 Years Ago Latest Post by almostbob

iamthwee

13 Years Ago

Isn't not equal

!=

as opposed to

!==

iamthwee

13 Years Ago

From the above snippet how do you know it is failing on the >15 as opposed to the <15

Both output the same message?

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

cuonic · Answer 1 · 2011-05-28T21:00:26+00:00

Tried

And failed... Still get Hash Is Invalid D:

I get the same when I do

<?php

if($_GET)
{
	include("includes/mysql.php");
	
	$hash = $_GET['hash'];
	
	if(strlen($hash) == 0) { $msg[] = "Hash Field is empty !"; }
	elseif(strlen($hash) > 15) { $msg[] = "Hash is invalid !"; } // This is where it fails D:
	elseif(strlen($hash) < 15) { $msg[] = "Hash is invalid !"; }
	
	echo strlen($hash); // This shows 15
	
	if(count($msg) == 0)
	{
		// ....
	}

?>

cuonic · Answer 2 · 2011-05-28T21:18:16+00:00

Ok problem is no longer there, it is now a MySQL Problem :

<?php
		$hash = mysql_real_escape_string($hash);
		$query = mysql_query("SELECT username, email FROM user_db WHERE resethash='$resethash'");
		if(mysql_num_rows($query) == 0) { $msg[] = "Hash is incorrect !"; }
?>

It just echos "Hash is incorrect" even though it is valid and correctly inserted into database

iamthwee · Answer 3 · 2011-05-28T21:23:12+00:00

is $resethash a variable or the actual string name?

cuonic · Answer 4 · 2011-05-28T22:06:29+00:00

Wow i can't believe I didn't spot that... I put $resethash instead of $hash

I hate myself x)

Thanks for your help anyway

almostbob 866 Retired: passive income ROCKS · Answer 5 · 2011-05-29T02:39:45+00:00

dont hate yourself, plenty of others will do it for you. :)