In my header.php
file, at line 10 I have assigned the value of $user = $_SESSION['user'];
and two lines after I have assigned the value of $userstr = " $user";
However when the $userstr
variable is called in the HTML echo statement (at line 15) in the <title>
and <div class='appname'>
, all that is shown are parenthases and not the value of $user = $_SESSION['user']
Basically in the <title>
and <div>
it is showing what looks like it would be the value of $userstr = "()"
This is happening not only on this php file but across all the pages in the project.
Why is this?
<?php //header.php
$n = "\n";
session_start();
echo "<!DOCTYPE html>$n<html>$n<head>$n<script type='text/javascript' src='OSC.js'></script><script type='text/javascript' src='ajaxrequest.js'></script>$n";
include 'functions.php';
$userstr = ' (Guest)';
if (isset($_SESSION['user'])) {
$user = $_SESSION['user'];
$loggedin = TRUE;
$userstr = " $user";
} else $loggedin = FALSE;
echo "<title>$appname$userstr</title>$n" .
"<link rel='stylesheet' href='styles.css' type='text/css' />" .
"</head>$n<body>$n<div class='appname'>$appname$userstr</div>";
if ($loggedin) {
echo "</br><ul class='menu'>" .
"<li><a href='members.php?view=$user'>Home</a></li>" .
"<li><a href='members.php'>Members</a></li>" .
"<li><a href='friends.php'>Friends</a></li>" .
"<li><a href='messages.php'>Messages</a></li>" .
"<li><a href='profile.php'>Edit Profile</a></li>" .
"<li><a href='logout.php'>Log out</a></li></ul></br>";
} else {
echo "</br><ul class='menu'>" .
"<li><a href='index.php'>Home</a></li>" .
"<li><a href='signup.php'>Sign Up</a></li>" .
"<li><a href='login.php'>Log In</a></li></ul></br>" .
"<span class='info'>⇒ You must be logged in to " .
"view this page.</span></br></br>";
}
?>
The $_SESSION['user']
is defined in a separate file login.php
at line 33 after the HTML echo statement
<?php // login.php
include_once 'header.php';
echo "<div class='main'><h3>Please enter your details to log in.</h3>";
$error = $user = $pass = "";
if (isset($_POST['user']) &&
isset($_POST['pass'])) {
$user = sanitizeString($_POST['user']);
$pass = sanitizeString($_POST['pass']);
$pretoken = md5($pass);
$token = md5($pretoken);
$query = mysql_num_rows(queryMysql("SELECT user,pass FROM members WHERE user ='$user' AND pass='$token'"));
if ($user = "" || $pass == "") {
$error = "Not all fields were entered.</br>";
} else {
if (!$query) {
echo <<<END_
<form method='post' action='login.php'>$error
<span class='fieldname'>Username</span>
<input type='text' maxlength='16' name='user'/></br>
<span class='fieldname'>Password</span>
<input type='text' maxlength='16' name='pass'/></br>
<span class='fieldname'> </span>
<input type='submit' value='Log In' />
</form></br></div></body></html>
END_;
$error = "<span class='error'>Username/Password invalid</span></br></br>";
} else {
$_SESSION['user'] = $user;
$_SESSION['pass'] = $token;
/*die("You are now logged in. Please <a href='members.php?view=$user'>" . "click here</a> to continue.</br></br>");*/
header("Location: index.php");
}
}
} elseif (isset($_SESSION['user'])) {
echo "You are already logged in.";
} else {
echo <<<END_
<form method='post' action='login.php'>$error
<span class='fieldname'>Username</span>
<input type='text' maxlength='16' name='user'/></br>
<span class='fieldname'>Password</span>
<input type='password' maxlength='16' name='pass'/></br>
<span class='fieldname'> </span>
<input type='submit' value='Log In' />
</form></br></div></body></html>
END_;
}
?>
As mentioned by Jeremy Miller <=( credit to ), this line:
if ($user = "" || $pass == "")
The first variable $user
is being addressed as an assignment operator
=
, while the second variable $pass
is addressed as a comparison operator
==
.
Both variables should be using a comparison operator.
if ($user == "" || $pass == "")
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.