chibineku Posted October 3, 2009 Share Posted October 3, 2009 I had an inefficient piece of code for resetting passwords based on a user entering either their username or their email address. The PHP script branched depending on the identifier used. I collapsed it into one which now works if the user enters their username but not if they enter their email address. Here is the salient code: $identifier = isset($_POST["username"])?"username":"email";$ident = isset($_POST["username"])?trim(mysqli_real_escape_string($mysqli,(check_chars_username($_POST["username"])))):trim(mysqli_real_escape_string($mysqli, (check_chars_email($_POST["email"])))); //create and issue the query $sql = "SELECT * FROM aromaMaster WHERE $identifier = '$ident'"; $sql_res =mysqli_query($mysqli, $sql) or die(mysqli_error($mysqli)); if(mysqli_num_rows($sql_res) == 0) { //wrong login info header("Location: password_reset_form.html/error=$ident"); exit(); } $info = mysqli_fetch_array($sql_res); $userid = $info["id"]; $username = stripslashes($info["username"]); $email = stripslashes($info["email"]); I have checked and doubled checked that the email form field is called email and it is. It's got me scratching my head. Particularly interesting is the header redirect. When I enter an email address and am redirected, the variable $ident appears empty. Link to comment Share on other sites More sharing options...
chibineku Posted October 4, 2009 Author Share Posted October 4, 2009 Hm, swapping isset() for !empty() did the trick! Link to comment Share on other sites More sharing options...
Synook Posted October 4, 2009 Share Posted October 4, 2009 As long as the form field exists in the form that is sent, the equivalent superglobal index will be set. It could still be empty, though. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.