Anyone up for debugging some PHP?

Baal

Baal

Tank
Joined
Sep 22, 2003
Messages
4,357
Reaction score
1
I'm trying to have a web page display an option based on the user that is logged in.

Here is the login script:

Code: 
if($_POST['submit']) {
$sql = "SELECT * FROM logins WHERE username = '" . $_POST['username'] . "' AND password = '" . $_POST['password'] . "';";
	
	$result = mysql_query($sql);
	$numrows = mysql_num_rows($result);
		
	if($numrows == 1) {
	
	
		$row = mysql_fetch_assoc($result);
		session_register("USERNAME");
		session_register("USERID");
		
		$_SESSION['USERNAME'] = $row['username'];
		$_SESSION['USERID'] = $row['id'];
		$_SESSION['USER'] = $row['username'];

Now, I want to be able to do an IF statement that will check for a specific user name, and then echo a link to display in the header, as seen below:

Code: 
if(isset($_SESSION['USER']) == "garry") {
	echo "[[url='truncate.php']clear database[/url]]";

In otherwords, my "admin" user is garry, and if that user should login, I want him to have the ability to truncate the tables in the database for this web page. Instead, with the above IF statement, it displays that command for everyone that logs into my site.

Why is it doing this? :(
 
Change your code to:
Code: 
if($_SESSION['USER'] === "garry") {
	echo "[[url='truncate.php']clear database[/url]]";

Use the triple-equals sign because you are doing string comparison.

edit:

Also why do you store both user and username in the session, when they are both identical? You also have registered username but not user.
 
hmm, it's still not working.

Now it's just not displaying my echo at all, regardless of the user, so it's not meeting the requirements of the IF.

Is there someway I can display the value of a variable at runtime so I can debug this crap?
 
Alright, after some sketchy debugging, apparently the variable is boolean and it's either true/false, not an actual string.

How can I fix this :|
 
Baal said:
hmm, it's still not working.

Now it's just not displaying my echo at all, regardless of the user, so it's not meeting the requirements of the IF.

Is there someway I can display the value of a variable at runtime so I can debug this crap?
Click to expand...

Try putting this right before the if statement. Tell me what it says.

Code: 
echo 'xxxx'.$_SESSION['USER'].'yyyy';
 
I'm trying this now:

Code: 
if(isset($_SESSION['USER']) === "garry") {
	echo "[[url='truncate.php']clear database[/url]]";
}

and

Code: 
$_SESSION['USER'] = $_POST['username'];

But it doesn't work. When I use your echo command, it displays xxxxgarryyyyy - so I don't understand why it won't work now. If you could double check my syntax for me in the first IF statement, because I'm a noob, that would be awesome. I'll be back in 25 minutes :)

The second IF statement is wrapped inside an IF statement that guarantees the user has authenticated, but it just grabs the username from the submit form username field and places it in a variable, which it does do. I just can't verify what that variable equals properly in my first IF statement so it will display my button for me.

Thanks!
 
It's good that the debugging printout shows xxxxgarryyyyy.

You need to make the IF statement:

Code: 
if($_SESSION['USER'] === "garry") {
	echo "[[url='truncate.php']clear database[/url]]";
}

isset() always returns a true or a false, it can never be equal to "garry". I hope this works!
 
hahaha yes! It worked!

See, I had no idea what isset() did at all. Thanks so much!

I'm going to look like a php god in class tomorrow. I've definitely gone past the scope of what we're doing right now.

Thanks again
 
Baal said:
hahaha yes! It worked!

See, I had no idea what isset() did at all. Thanks so much!

I'm going to look like a php god in class tomorrow. I've definitely gone past the scope of what we're doing right now.

Thanks again
Click to expand...

No problem, good work!

The best way to debug PHP is to use lots of echo statements to show the state of a variable. I like wrapping characters around it (like x's and y's) so it shows you whether it's set or not (if it's not set, it would just appear as xxxxyyyy).
 
yea, that's so good. If I had of known that I could have taken that a lot further, but the isset() would have still probably screwed me in the end.
 
You must log in or register to reply here.
Back
Top