| Re: Hopiing for some leads as to what may be wrong in this code [message #182260 is a reply to message #182256] |
Fri, 26 July 2013 00:37   |
Norman Peelman
Messages: 126
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 07/25/2013 02:11 PM, Twayne wrote:
> On 2013-07-25 1:51 PM, Christoph Michael Becker wrote:
>> Twayne wrote:
>>
>>> $code= $_POST["code"];
>>> if($_SESSION["d"] !== $code) {
>>> echo "<br />You did not enter the correct code: Script halted, ALL
>>> data destroyed.<br /> you'll have to go back to the website and start
>>> over.<br />";
>>> die("Script HALTED, data destroyed");
>>> session_destroy();
>>> exit();
>>> }
>>
>> You may consider checking the actual values of $code and $_SESSION['d']
>> immediately before the if statement (if you don't have a debugger at
>> hand, just use a simple var_dump()).
>
> It's interesting, but I did. A rev back I had an echo for "code" and
> Session(... and it prints them just before it throws the error message.
>>
>> BTW: calling session_destroy() after die() was executed doesn't have any
>> effect. You'll want to swap both lines and remove the exit().
>>
>
> THAT is wise advice! Thanks I'll do just that; thanks for pointing it out.
>
$code= $_POST["code"];
echo "<pre>";
var_dump($_SESSION["d"]);
var_dump($code);
echo "</pre>";
if($_SESSION["d"] !== $code) {
echo "<br />You did not enter the correct code: Script halted, ALL
data destroyed.<br /> you'll have to go back to the website and start
over.<br />";
die("Script HALTED, data destroyed");
session_destroy();
exit();
You need to make sure that both variables are of the same *value* and
*type*. Another way to check would be to change !== to != (or <>). The
only way your branch gets executed is if they do not match both *value*
and *type*.
--
Norman
Registered Linux user #461062
-Have you been to www.php.net yet?-
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]