CODEWITHSUNDEEP
php
John
John

Reputation: 27

PHP else Statement

The first part of this code works fine, I just can't seem to get the else statment working for when if ($row[password] == $password_hash) is false. I'm sure I only have a small error somewhere but just can't seem to find it.

list ($sessionname) = checkuser();
if (isset($_POST['save'])){

connect();

$currentpass = sha1($_POST['password']);
$newpass = sha1($_POST['password1']);

$sql = "SELECT password FROM members WHERE username = '$sessionname'";
    $result=mysql_query($sql);
    $row = mysql_fetch_array($result);

        if ($row['password'] == $currentpass)

    $query = mysql_query("UPDATE members SET password = '$newpass' WHERE username = '$_SESSION[username]'");
            $updated = "Your password has been updated";
               print_r($row);
        }else{
    $a = "Passwords do not match";
    return $b;
        }
}

Upvotes: 1

Views: 181

Answers (3)

Herbert
Herbert

Reputation: 5778

You're missing an opening curly brace after the if statement.

if ($row['password'] == $currentpass) {
    $query = mysql_query("UPDATE members SET password = '$newpass' WHERE username = '$_SESSION[username]'");
    $updated = "Your password has been updated";
    print_r($row);
}else{
    $a = "Passwords do not match";
    return $b;
}

Notice the { after if ($row['password'] == $currentpass)

Without the brace (and no error reporting) it's skipping the query and showing the string “Your password has been updated”. That’s why the password doesn’t change in the database and why nothing else seems to work.

By the way:

ini_set('display_errors',1); 
error_reporting(E_ALL);

will turn on error reporting

Upvotes: 2

Rok Kralj
Rok Kralj

Reputation: 48755

Make sure MySQL is returning a result set, by using print_r($row); to debug code.

if ($row['password'] == $password_hash){

Hint: You should use quotes around string keys. If you leave out the quotes, PHP thinks it's a constant.

Read: "why is $foo[bar] wrong".

Upvotes: 2

altschuler
altschuler

Reputation: 3922

Your question is not very clear. What happens when you run the code? Did you try checking what both $password_hash and $row[password] are just before the conditional?

I'm pretty sure the problem does not lie in the missing quotes, I just tested it and it works fine, but they should be there anyway.

Upvotes: 1

Related Questions