March 17th, 2014, 06:14 AM
if() statment fails
Hi. In this short piece of code the if statement should set session to true. but it seems to fail. I tried tim() as well but this does not work.
$_SESSION["Supper User"] = "False";
$user = ValidateKey($_SESSION["Name"] , $_SESSION["PWD1"] , $_SESSION["PWD2"]); // User
echo "$user - " . $_SESSION["Name"] . "<br>";
// result = 625aee459a20e92268a8cef6f06b7e2a - Desmond
$user = trim($user);
$_SESSION["Name"] = trim($_SESSION["Name"]);
if($user == "625aee459a20e92268a8cef6f06b7e2a" && $_SESSION["Name"] == "Desmond")
$_SESSION["Supper User"] == "True";
echo $_SESSION["Supper User"]; // returns False
March 17th, 2014, 07:41 AM
1) Please enclose your code in [ PHP ] tags. See the sticky at the top of this forum that says READ THIS BEFORE POSTING.
2) Echo the values of the if stament variables to make sure they contain what you expect.
There are 10 kinds of people in the world. Those that understand binary and those that don't.
March 17th, 2014, 09:11 AM
I did echo the values as shown in my code with the comment markers //
I found the problem myself. $_SESSION["Supper User"] == "True";
$_SESSION["Supper User"] = "True";
March 17th, 2014, 11:11 AM
Use actual boolean values TRUE and FALSE (no quotes) rather than the strings. You can get unexpected behavior when using the strings, especially as a new user.
Super User permissions should be fetched from the database and set during the password checking process, not done separately with hard-coded values. Also, "super" has 1 P.
HEY! YOU! Read the New User Guide and Forum Rules
"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin
"The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002
Think we're being rude? Maybe you asked a bad question
or you're a Help Vampire.
Trying to argue intelligently? Please read this.
March 17th, 2014, 12:22 PM
And why on earth do you store the plaintext password in the session? That's pretty much the worst thing you can possibly do.
March 19th, 2014, 05:21 AM
can't believe no one pointed out that you use `===` to check `boolean` values, not `==` or `=`