Jump to content

Logging In Users W/ Different Auth Levels


davidmsilver
 Share

Recommended Posts

I have built my site around dreamweaver, but have now run into a problem. I have just started playing with the idea of using different auth levels to allow different users access to certain pages on my site.Within my SQL database I have a authlevel table consisting of 3 possible levels (guest, user, admin)I am using the Dreamweaver "Log in user" to log in users based on username, pass, and auth level and "Restrict access to page" set to allow user levels 'user' and 'admin'.The problem, however, occurs when trying to log in. No matter what auth level I try I am redirected to my page where users should be redirected if they are not allowed to enter that page.I have included below my code from my login page and the page where all authorized users (user and admin) should be directed upon entering the restricted area.Login Page

<?php require_once('../Connections/hondovfd.php'); ?><?phpif (!function_exists("GetSQLValueString")) {function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") {  if (PHP_VERSION < 6) {    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;  }  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);  switch ($theType) {    case "text":      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";      break;        case "long":    case "int":      $theValue = ($theValue != "") ? intval($theValue) : "NULL";      break;    case "double":      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";      break;    case "date":      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";      break;    case "defined":      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;      break;  }  return $theValue;}}?><?php// *** Validate request to login to this site.if (!isset($_SESSION)) {  session_start();}$loginFormAction = $_SERVER['PHP_SELF'];if (isset($_GET['accesscheck'])) {  $_SESSION['PrevUrl'] = $_GET['accesscheck'];}if (isset($_POST['username'])) {  $loginUsername=$_POST['username'];  $password=$_POST['password'];  $MM_fldUserAuthorization = "authlevel";  $MM_redirectLoginSuccess = "/membersonly/membersonly.php";  $MM_redirectLoginFailed = "/membersonly/loginfailed.php";  $MM_redirecttoReferrer = true;  mysql_select_db($database_hondovfd, $hondovfd);  	  $LoginRS__query=sprintf("SELECT username, password, authlevel FROM login WHERE username=%s AND password=%s",  GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));      $LoginRS = mysql_query($LoginRS__query, $hondovfd) or die(mysql_error());  $loginFoundUser = mysql_num_rows($LoginRS);  if ($loginFoundUser) {        $loginStrGroup  = mysql_result($LoginRS,0,'authlevel');        //declare two session variables and assign them    $_SESSION['MM_Username'] = $loginUsername;    $_SESSION['MM_UserGroup'] = $loginStrGroup;	          if (isset($_SESSION['PrevUrl']) && true) {      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	    }    header("Location: " . $MM_redirectLoginSuccess );  }  else {    header("Location: ". $MM_redirectLoginFailed );  }}?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/phptemplate.dwt" codeOutsideHTMLIsLocked="false" --><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><!-- InstanceBeginEditable name="Title" --><title>Log In</title><!-- InstanceEndEditable --><meta name="description" content="Hondo Fire and Rescue serves the Arroyo Hondo and Canada Village areas of Santa Fe County, NM." /><meta name="keywords" content="hondo, hondo fire, hondo vfd, hondo fire department, santa fe county fire department, santa fe county, volunteer fire department, hondo volunteer fire department" /><link href="../stylesheet.css" type="text/css" rel="stylesheet" /><!--[if IE]><style type="text/css"> #mainContent, #sidebar1 { zoom: 1;}</style><![endif]--><script src="../SpryAssets/SpryMenuBar.js" type="text/javascript"></script><link href="../SpryAssets/SpryMenuBarVertical.css" rel="stylesheet" type="text/css" /></head><body class="thrColLiqHdr"><div id="container"> <div id="header"></div>  <div id="sidebar1">  <h3>Navigation : </h3>  <ul id="MenuBar1" class="MenuBarVertical">  <li><a href="/index.php">Home</a></li><li><a href="/support.php">Support Hondo</a></li>  <li><a class="MenuBarItemSubmenu" href="#">Information Menu</a>    <ul>      <li><a href="/people.php">Our People</a></li>      <li><a href="http://www.google.com/maps/ms?ie=UTF8&hl=en&msa=0&msid=101620713606637979698.00045b6ead4ab4ea70b78&z=11" target="_blank">Response Area</a></li>      <li><a href="/medical.php">Medical</a></li>      <li><a href="/apparatus.php">Apparatus</a></li>      <li><a href="/training.php">Training</a></li>      <li><a href="/volunteer.php">Volunteer</a></li>      <li><a href="/statistics.php">Statistics</a></li>      <li><a href="/patchtrading.php">Patch Trading</a></li>    </ul>  </li>  <li><a href="/album.php">Photo Gallery</a></li>  <li><a href="/calendar.php">Calendar</a></li>  <li><a href="/news.php">Blog/News</a></li>  <li><a href="/links.php">Links</a></li>  <li><a href="/contact.php">Contact Us</a></li></ul><br /><form action="https://www.paypal.com/cgi-bin/webscr" method="post">  <span class="lefttext"><input type="hidden" name="cmd" value="_s-xclick"><input type="hidden" name="hosted_button_id" value="8567201"><input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!" /><img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1"></img></input></input>  </span></form><span class="lefttext"><br /></span><center>  <span class="lefttext"><a href="http://www.facebook.com/pages/Santa-Fe-NM/Hondo-Volunteer-Fire-Department/74284233488" target="_blank" class="lefttext">Hondo VFD on Facebook</a></span></center>   <!-- end #sidebar1 --></div>  <div id="sidebar2">      <p><a href="/membersonly/login.php">Log In</a> | <a href="/membersonly/logout.php">Log Out</a></p>    <p>Call Statistics for <?php$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/month.txt";$fh = fopen($myFile, 'r');$theData = fread($fh, filesize($myFile));fclose($fh);echo $theData;?> as of <?php$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/date.txt";$fh = fopen($myFile, 'r');$theData = fread($fh, filesize($myFile));fclose($fh);echo $theData;?></p>  <table width="90%" border="0" cellspacing="0" cellpadding="0">  <tr>    <td width="60%">EMS Calls</td>    <td width="40%"><?php$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/emscalls.txt";$fh = fopen($myFile, 'r');$theData = fread($fh, filesize($myFile));fclose($fh);echo $theData;?></td>  </tr>  <tr>    <td>Fire Calls</td>    <td><?php$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/firecalls.txt";$fh = fopen($myFile, 'r');$theData = fread($fh, filesize($myFile));fclose($fh);echo $theData;?></td>  </tr></table>    <hr />    <div id="cse" style="width:100%;">Loading</div><script src="http://www.google.com/jsapi" type="text/javascript"></script><script type="text/javascript">  google.load('search', '1');  google.setOnLoadCallback(function(){    new google.search.CustomSearchControl().draw('cse');  }, true);</script>	<!-- End Google Search Element -->  </div>  <!-- end #sidebar2 -->  <div id="mainContent">  <div class="top"></div><div class="wrap"><!-- InstanceBeginEditable name="Main Content" --><table width="100%" border="0" cellspacing="0" cellpadding="0">  <tr>    <td height="47" class="h2">Members Only Login</td>  </tr>  <tr>    <td><form ACTION="<?php echo $loginFormAction; ?>" id="login" name="login" method="POST">    <table width="40%" border="0" cellspacing="0" cellpadding="0">  <tr>    <td width="31%">Username:</td>    <td width="69%"><input name="username" type="text" /></td>  </tr>  <tr>    <td>Password</td>    <td><input name="password" type="password" /></td>  </tr></table><input name="Submit" type="submit" />    </form></td>  </tr></table>  <!-- InstanceEndEditable --></div><div class="bottom"></div></div>  	<!-- This clearing element should immediately follow the #mainContent div in order to force the #container div to contain all child floats --> <br class="clearfloat" />  <div id="footer">    <p align="center">© Copyright 2009 Hondo Volunteer Fire Department | <a href="mailto:info@hondovfd.org">Contact Us</a><a href="http://www.legalhelpers.com/chapter-13-bankruptcy/chapter13.html"></a><br />Hosting provided by <a href="http://studiox.com/" target="_blank">Studio X</a></p>  <!-- end #footer --></div><!-- end #container --></div><script type="text/javascript"><!--var MenuBar1 = new Spry.Widget.MenuBar("MenuBar1", {imgRight:"../SpryAssets/SpryMenuBarRightHover.gif"});//--></script><?php include_once("/var/home/hondovfd/hondovfd.org/www/analyticstracking.php"); ?> </body><!-- InstanceEnd --></html>

Page inside the members only area

<?phpif (!isset($_SESSION)) {  session_start();}$MM_authorizedUsers = "user,admin";$MM_donotCheckaccess = "false";// *** Restrict Access To Page: Grant or deny access to this pagefunction isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {   // For security, start by assuming the visitor is NOT authorized.   $isValid = False;   // When a visitor has logged into this site, the Session variable MM_Username set equal to their username.   // Therefore, we know that a user is NOT logged in if that Session variable is blank.   if (!empty($UserName)) {     // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.     // Parse the strings into arrays.     $arrUsers = Explode(",", $strUsers);     $arrGroups = Explode(",", $strGroups);     if (in_array($UserName, $arrUsers)) {       $isValid = true;     }     // Or, you may restrict access to only certain users based on their username.     if (in_array($UserGroup, $arrGroups)) {       $isValid = true;     }     if (($strUsers == "") && false) {       $isValid = true;     }   }   return $isValid; }$MM_restrictGoTo = "/membersonly/loginfailed.php";if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {     $MM_qsChar = "?";  $MM_referrer = $_SERVER['PHP_SELF'];  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";  if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)   $MM_referrer .= "?" . $QUERY_STRING;  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);  header("Location: ". $MM_restrictGoTo);   exit;}?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/phptemplate.dwt" codeOutsideHTMLIsLocked="false" --><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><!-- InstanceBeginEditable name="Title" --><title>Members Only Area</title><!-- InstanceEndEditable --><meta name="description" content="Hondo Fire and Rescue serves the Arroyo Hondo and Canada Village areas of Santa Fe County, NM." /><meta name="keywords" content="hondo, hondo fire, hondo vfd, hondo fire department, santa fe county fire department, santa fe county, volunteer fire department, hondo volunteer fire department" /><link href="../stylesheet.css" type="text/css" rel="stylesheet" /><!--[if IE]><style type="text/css"> #mainContent, #sidebar1 { zoom: 1;}</style><![endif]--><script src="../SpryAssets/SpryMenuBar.js" type="text/javascript"></script><link href="../SpryAssets/SpryMenuBarVertical.css" rel="stylesheet" type="text/css" /></head><body class="thrColLiqHdr"><div id="container"> <div id="header"></div>  <div id="sidebar1">  <h3>Navigation : </h3>  <ul id="MenuBar1" class="MenuBarVertical">  <li><a href="/index.php">Home</a></li><li><a href="/support.php">Support Hondo</a></li>  <li><a class="MenuBarItemSubmenu" href="#">Information Menu</a>    <ul>      <li><a href="/people.php">Our People</a></li>      <li><a href="http://www.google.com/maps/ms?ie=UTF8&hl=en&msa=0&msid=101620713606637979698.00045b6ead4ab4ea70b78&z=11" target="_blank">Response Area</a></li>      <li><a href="/medical.php">Medical</a></li>      <li><a href="/apparatus.php">Apparatus</a></li>      <li><a href="/training.php">Training</a></li>      <li><a href="/volunteer.php">Volunteer</a></li>      <li><a href="/statistics.php">Statistics</a></li>      <li><a href="/patchtrading.php">Patch Trading</a></li>    </ul>  </li>  <li><a href="/album.php">Photo Gallery</a></li>  <li><a href="/calendar.php">Calendar</a></li>  <li><a href="/news.php">Blog/News</a></li>  <li><a href="/links.php">Links</a></li>  <li><a href="/contact.php">Contact Us</a></li></ul><br /><form action="https://www.paypal.com/cgi-bin/webscr" method="post">  <span class="lefttext"><input type="hidden" name="cmd" value="_s-xclick"><input type="hidden" name="hosted_button_id" value="8567201"><input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!" /><img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1"></img></input></input>  </span></form><span class="lefttext"><br /></span><center>  <span class="lefttext"><a href="http://www.facebook.com/pages/Santa-Fe-NM/Hondo-Volunteer-Fire-Department/74284233488" target="_blank" class="lefttext">Hondo VFD on Facebook</a></span></center>   <!-- end #sidebar1 --></div>  <div id="sidebar2">      <p><a href="/membersonly/login.php">Log In</a> | <a href="/membersonly/logout.php">Log Out</a></p>    <p>Call Statistics for <?php$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/month.txt";$fh = fopen($myFile, 'r');$theData = fread($fh, filesize($myFile));fclose($fh);echo $theData;?> as of <?php$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/date.txt";$fh = fopen($myFile, 'r');$theData = fread($fh, filesize($myFile));fclose($fh);echo $theData;?></p>  <table width="90%" border="0" cellspacing="0" cellpadding="0">  <tr>    <td width="60%">EMS Calls</td>    <td width="40%"><?php$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/emscalls.txt";$fh = fopen($myFile, 'r');$theData = fread($fh, filesize($myFile));fclose($fh);echo $theData;?></td>  </tr>  <tr>    <td>Fire Calls</td>    <td><?php$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/firecalls.txt";$fh = fopen($myFile, 'r');$theData = fread($fh, filesize($myFile));fclose($fh);echo $theData;?></td>  </tr></table>    <hr />    <div id="cse" style="width:100%;">Loading</div><script src="http://www.google.com/jsapi" type="text/javascript"></script><script type="text/javascript">  google.load('search', '1');  google.setOnLoadCallback(function(){    new google.search.CustomSearchControl().draw('cse');  }, true);</script>	<!-- End Google Search Element -->  </div>  <!-- end #sidebar2 -->  <div id="mainContent">  <div class="top"></div><div class="wrap"><!-- InstanceBeginEditable name="Main Content" -->    <table width="100%" border="0" cellspacing="0" cellpadding="0">  <tr>    <td height="47" class="h2">Members Only Area</td>  </tr>  <tr>    <td><p><a href="/membersonly/documents.php">Useful Documents</a></p>      <p><a href="/membersonly/IncidentCount01_08.pdf">Current Call Statistics</a> as of 9/3/09</p>      </td>  </tr></table>  <script type="text/javascript"><!--var MenuBar1 = new Spry.Widget.MenuBar("MenuBar1", {imgRight:"../SpryAssets/SpryMenuBarRightHover.gif"});//--></script><!-- InstanceEndEditable --></div><div class="bottom"></div></div>  	<!-- This clearing element should immediately follow the #mainContent div in order to force the #container div to contain all child floats --> <br class="clearfloat" />  <div id="footer">    <p align="center">© Copyright 2009 Hondo Volunteer Fire Department | <a href="mailto:info@hondovfd.org">Contact Us</a><a href="http://www.legalhelpers.com/chapter-13-bankruptcy/chapter13.html"></a><br />Hosting provided by <a href="http://studiox.com/" target="_blank">Studio X</a></p>  <!-- end #footer --></div><!-- end #container --></div><script type="text/javascript"><!--var MenuBar1 = new Spry.Widget.MenuBar("MenuBar1", {imgRight:"../SpryAssets/SpryMenuBarRightHover.gif"});//--></script><?php include_once("/var/home/hondovfd/hondovfd.org/www/analyticstracking.php"); ?> </body><!-- InstanceEnd --></html>

It almost seems to me as though these scripts are not actually pulling the auth levels from my mysql database...

Edited by davidmsilver
Link to comment
Share on other sites

It looks like the Dreamweaver script which logs a user in checks for the authorization level in the same table as the user, not another table:SELECT username, password, authlevel FROM login WHERE username=%s AND password=%sSo you need the authlevel field to contain the correct values for that user.

Link to comment
Share on other sites

It looks like the Dreamweaver script which logs a user in checks for the authorization level in the same table as the user, not another table:SELECT username, password, authlevel FROM login WHERE username=%s AND password=%sSo you need the authlevel field to contain the correct values for that user.
I think I understand what you're saying. But, my usernames, passwords, and auth levels are in the same mysql table.
Link to comment
Share on other sites

On the protected page, after it starts the session have it print everything:print_r($_SESSION);That will show you what information it's using to check access. If it tries to redirect on that page the redirect will fail with an error, but at least you can see what's in the session.

Link to comment
Share on other sites

On the protected page, after it starts the session have it print everything:print_r($_SESSION);That will show you what information it's using to check access. If it tries to redirect on that page the redirect will fail with an error, but at least you can see what's in the session.
I put in the print command here:
<?phpif (!isset($_SESSION)) {  session_start();  print_r($_SESSION);}

...etcAnd resulted with this when I pressed login:Array ( [MM_Username] => user [MM_UserGroup] => user )Warning: Cannot modify header information - headers already sent by (output started at /var/home/hondovfd/hondovfd.org/www/membersonly/membersonly.php:4) in /var/home/hondovfd/hondovfd.org/www/membersonly/membersonly.php on line 43

Link to comment
Share on other sites

So this is the if statement it uses to decide whether or not to redirect:

if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {

That will be true if either $_SESSION['MM_Username'] is not set or if the call to isAuthorized is false. So we know that $_SESSION['MM_Username'] and $_SESSION['MM_UserGroup'] are both set to "user", according to the text that was printed. So the first part of the if statement just checks if $_SESSION['MM_Username'] is set, which it is. Then it calls the isAuthorized function like this:isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])So, according to the definition for isAuthorized, here:function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { Those variables are set as follows:$strUsers = ""$strGroups = "user,admin"$UserName = "user"$UserGroup = "user"The first part of isAuthorized has this if statement:if (!empty($UserName)) { Which checks if $UserName is not empty, which it's not (it's set to "user"). Then, it runs this part:

	$arrUsers = Explode(",", $strUsers); 	$arrGroups = Explode(",", $strGroups); 	if (in_array($UserName, $arrUsers)) { 	  $isValid = true; 	} 	// Or, you may restrict access to only certain users based on their username. 	if (in_array($UserGroup, $arrGroups)) { 	  $isValid = true; 	}

So $arrUsers gets set to an array with 0 elements ($strUsers was empty). So the first if statement fails, since "user" is not in an array with nothing in it. It sets $arrGroups to an array containing "user" and "admin", then checks if the $UserGroup string is in that array. Since $UserGroup is set to "user", and "user" also appears in the array, then that should be true and it should set $isValid to true.This part of the function doesn't do anything, you can remove it:

	if (($strUsers == "") && false) { 	  $isValid = true; 	}

That will never be true.So, if isAuthorized is returning false then you should add some code in there to print out everything it uses. Print the variables that it gets passed, and then the arrays that it creates. e.g.:

function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {   // For security, start by assuming the visitor is NOT authorized.   $isValid = False;   echo 'strUsers: ' . $strUsers . '<br>';  echo 'strGroups: ' . $strGroups . '<br>';  echo 'UserName: ' . $UserName . '<br>';  echo 'UserGroup: ' . $UserGroup . '<br>';  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username.   // Therefore, we know that a user is NOT logged in if that Session variable is blank.   if (!empty($UserName)) { 	echo 'UserName is not empty<br>';	// Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 	// Parse the strings into arrays. 	$arrUsers = Explode(",", $strUsers); 	$arrGroups = Explode(",", $strGroups); 	echo 'arrUsers: ' . print_r($arrUsers, true) . '<br>';	echo 'arrGroups: ' . print_r($arrGroups, true) . '<br>';	if (in_array($UserName, $arrUsers)) { 	  $isValid = true; 	} 	// Or, you may restrict access to only certain users based on their username. 	if (in_array($UserGroup, $arrGroups)) { 	  $isValid = true; 	}   }     else  { 	echo 'UserName is empty<br>';  }  echo 'isValid: ' . ($isValid ? 'true' : 'false');  return $isValid; }

Link to comment
Share on other sites

Thanks for the help with this!Okay. I did what you stated above, this is the result I got:Array ( [MM_Username] => user [MM_UserGroup] => user ) strUsers:strGroups: user,adminUserName: userUserGroup: userUserName is not emptyarrUsers: Array ( [0] => )arrGroups: Array ( [0] => user [1] => admin )isValid: falseWarning: Cannot modify header information - headers already sent by (output started at /var/home/hondovfd/hondovfd.org/www/membersonly/membersonly.php:4) in /var/home/hondovfd/hondovfd.org/www/membersonly/membersonly.php on line 60

Edited by davidmsilver
Link to comment
Share on other sites

So it thinks that "user" is not in an array containing "user". That's a nice trick. Use var dump instead, maybe one of them has a space or something around it:var_dump($UserGroup);var_dump($arrGroups);You can just add that to the end of the function, before the return statement.

Link to comment
Share on other sites

So it thinks that "user" is not in an array containing "user". That's a nice trick. Use var dump instead, maybe one of them has a space or something around it:var_dump($UserGroup);var_dump($arrGroups);You can just add that to the end of the function, before the return statement.
I think I did that correctly. This is the result:Array ( [MM_Username] => user [MM_UserGroup] => user ) strUsers:strGroups: user,adminUserName: userUserGroup: userUserName is not emptyarrUsers: Array ( [0] => )arrGroups: Array ( [0] => user [1] => admin )isValid: falsestring(6) "user " array(2) { [0]=> string(4) "user" [1]=> string(5) "admin" }Warning: Cannot modify header information - headers already sent by (output started at /var/home/hondovfd/hondovfd.org/www/membersonly/membersonly.php:4) in /var/home/hondovfd/hondovfd.org/www/membersonly/membersonly.php on line 63If I'm reading that correctly there is a space after 'user' in isValid: falsestring(6) "user ". That would mean that there is a space after 'user' in my MySQL database that I need to get rid of, right? Edited by davidmsilver
Link to comment
Share on other sites

Yeah, I think there are actually 2. The output is missing a linebreak, formatted it would look like this:

string(6) "user " array(2) {   [0]=> string(4) "user"   [1]=> string(5) "admin" }

So that says that the string containing user has a length of 6, so there might be 2 spaces on the end of it.If the field in your database is "char" with a length of 6, a char field will always be the full length, it will pad the value with spaces if necessary. If that's what the problem is, you can use "varchar" instead of char, or else just cut off the extra spaces.

Link to comment
Share on other sites

Yeah, I think there are actually 2. The output is missing a linebreak, formatted it would look like this:
string(6) "user " array(2) {   [0]=> string(4) "user"   [1]=> string(5) "admin" }

So that says that the string containing user has a length of 6, so there might be 2 spaces on the end of it.If the field in your database is "char" with a length of 6, a char field will always be the full length, it will pad the value with spaces if necessary. If that's what the problem is, you can use "varchar" instead of char, or else just cut off the extra spaces.

Awesome, that fixed it!Thanks for all the help!
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...